One of your best defenses in such a scenario is prevention. Specifically, having the right tools deployed in your environment. A bevy of system-wide security measures and tools can go a long way toward protecting your users (and your entire network) from browser-related mishaps.
If a malicious Web site attempts to alter the links in your "Favorites" menu or hijacks your browser homepage or installs software and adds icons to your desktop, these changes may occur, but they will be written only to the temporary storage area. Once you stop the Sandboxie session, all of those changes are wiped out. Sandboxie also intercepts attempts to alter files or Registry settings so that programs cannot have an effect outside of the Sandboxie session.
Aside from protecting users from infection and compromise while they visit potentially malicious Web sites, Sandboxie can also help preserve privacy and protect personal information that can be used to infiltrate your network. Information that would normally be cached by the browser, and details such as the URL history data, will all be erased when the Sandboxie session ends.
Another free tool is McAfee SiteAdvisor. SiteAdvisor is a free security plug-in available for the Internet Explorer and Firefox Web browser applications. It identifies sites known to be related to spyware, viruses, browser-based attacks, phishing attacks and more. SiteAdvisor compares sites against McAfee's database of known threats and previously identified risky sites and displays an icon on the browser toolbar labeling the site with one of three identifiers: Safe, Caution or Warning.
SiteAdvisor also integrates with popular search engines such as Yahoo and Google and displays rating icons next to the links returned in a search. Your users can view more details on sites that are identified as a risk such as information about spam generated from the site and malicious downloads. SiteAdvisor can be a great tool for users who might not otherwise recognize questionable sites.
By deploying free tools like these to the users in your environment, you can help them help themselves to surf the Web more safely and proactively prevent many of the malware and spyware issues that might otherwise take up precious IT resources to resolve.
For another safe Web browser tool, check out Brien Posey's piece, Controlling Web surfing with Content Advisor.
About the author: Tony Bradley is a consultant and writer with a focus on network security, antivirus and incident response. He is the About.com Guide for Internet / Network Security, providing a broad range of security tips, advice, reviews and information. Tony is co-author of Hacker's Challenge 3 and the author of the recently released "Essential Computer Security". He contributes frequently to other industry publications. For a complete list of his freelance contributions, visit S3KUR3.com.
This was first published in October 2006