Problem solve Get help with specific problems with your technologies, process and projects.

How to keep Windows systems protected from malware

Protect your Windows system from malware with all your might with these six steps by Tony Bradley.

Protecting Windows systems from malware is a cat-and-mouse game. The virus authors find an attack vector and exploit it until the security administrators and antivirus companies devise an effective defense. But when the door gets shut on that attack, the virus authors don't just quit and go home. They look for the open window to find a new vulnerability to exploit.

Even more devious (or creative depending on your point of view) malware authors will try to attack through the door, the window and coming down the chimney all at the same time. If one attack vector is good, then two are better and the malware has a much better chance to propagate. When malware uses two attack vector at the same time, you have a bi-modal or bipartite attack. When it uses three or more simultaneous attack vectors, it is a multipartite attack.

Some threats attack computer systems in multiple ways simultaneously. In the case of the Nimda worm, the threat propagated as an e-mail attachment, exploited vulnerabilities in Web browsers, spread to Web servers through a Microsoft Internet Information Server (IIS) weakness and moved through open network shares while modifying various local system files on infected machines.

How should you protect your systems from these multi-faceted threats? Your antivirus software may be guarding the door so to speak, but you also have to protect other methods of entry into your systems. While your strategy will depend on what the attack vectors are, you should employ some basic, common sense steps to protect systems regardless of the type of threat.

Aside from the obvious steps to implement antivirus software and establish a process that ensures AV software is updated frequently, there are various other steps you can take. Below is a list of key steps to proactively defend against bi-modal or multipartite attacks.

Table of Contents
1. Block e-mail file attachments
2. Restrict outbound SMTP traffic
3. Manage patch deployment
4. Use IPsec to protect critical servers
5. Lock down user access and privileges
6. Training, training and more training


About the author: Tony Bradley is a consultant and writer with a focus on network security, antivirus and incident response. He is the About.com Guide for Internet / Network Security, providing a broad range of information security tips, advice, reviews and information. Tony also contributes frequently to other industry publications. For a complete list of his freelance contributions you can visit Essential Computer Security.


More information from SearchWindowsSecurity.com

  • Tip: Combat security threats with user education
  • Checklist: Make sure you design Group Policy with security in mind
  • School: Take a lesson at Hardening Windows School


  • This was last published in June 2005

    Dig Deeper on Network intrusion detection and prevention and malware removal

    PRO+

    Content

    Find more PRO+ content and other member only offers, here.

    Start the conversation

    Send me notifications when other members comment.

    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

    Please create a username to comment.

    -ADS BY GOOGLE

    SearchVirtualDesktop

    SearchWindowsServer

    SearchExchange

    Close