[sdnog] Network Full with malicious activities

Khadiga Elhassan okhadiga76 at gmail.com
Thu Nov 22 18:57:26 SAST 2018 

Thank you all for yr quick response. Your valued tips helped me a lot.

On Thu, Nov 22, 2018 at 3:58 PM Philip Paeps <philip at trouble.is> wrote:

> On 2018-11-22 16:53:10 (+0100), Khadiga Elhassan wrote:
> > Hi all ,what is the most proper way of dealing with a network full of
> > malicious activities .
> > From where to start
>
> If possible, put all hosts on the affected network in quarantine: no
> egress traffic other than DNS, NTP and HTTP/HTTPS until proven healthy.
>
> > and does free anti-viruses help?
>
> It is increasingly difficult to distinguish anti-virus software from
> malware.
>
> There is something to be said for filtering inbound email for viruses,
> but it's unlikely that you are anyone's only source of email.  If you're
> going to bother scanning email, please remember to also scan outbound
> email.  ClamAV can do this.
>
> Relying on anti-virus software alone is not going to be very effective
> though.  A much better strategy is education.  Monitor your network for
> malware and educate users on keeping their software patched.
>
> At a university, it may be useful to add a class on elementary computer
> security to the list of things you force new students to sit through.
>
> Depending on the number of students you have coming in every year, it
> may also be possible to refuse them connectivity until they can prove
> their device is healthy.  It won't actually stop anyone from connecting
> their devices (that's not how students work) but it could create some
> useful social pressure (that is how students work).
>
> Philip
>
> --
> Philip Paeps
> Senior Reality Engineer
> Ministry of Information
> _______________________________________________
> sdnog mailing list
> sdnog at sdnog.sd
> https://lists.sdnog.sd/mailman/listinfo/sdnog
>


-- 
Khadiga Omer
Network & Computer Engineer
University of Khartoum
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sdnog.sd/pipermail/sdnog/attachments/20181122/61d90b55/attachment.html>

More information about the sdnog mailing list