Did you ever sheep dip your malware? ...

Way back when I had more hair, smaller children and less of a middle aged spread - I used to be a network manager running a Novell based system for a specialist firm of consultants in South Kensington. Last time I checked they no longer exist - from what I know, they were eventually consumed by a larger conglomerate.

Anyway - that isn't the interesting bit.

An exchange on Social Media - helped me recall a policy I imposed after an interesting experience with one of our consultants bringing in word macro based malware. Back when this was beginning to become an issue and affecting computers mainly via floppy disc transfer.

I implemented a sheep dip policy - I set up a machine that was disconnected from the network. I would update by hand the malware definitions monthly (how romantic to think that this was the frequency necessary). Then all staff would (have to) put any floppies brought in from clients and consultants and scan them. As many travelled and worked with our clients in interesting scenarios. The same applied - the policy was the same for Secretarial as well as the Managing Director (tho one ended up scanning their discs on the rare occasion they used a computer - this was the mid-90's).

Next to the computer - which was in sight of my desk was a short guide to using the software and how to switch on the heuristics. It became a useful tool to get to know the staff - always be helpful.

In this day/age we often hear of spear phishing when USB drives are used as a targeted form of social engineering. Maybe a sheep dip or a variant isn't such a bad idea. Or of course you can stop all external media from being attached to your machines.




Comments

Popular posts from this blog

Simulation vs emulation vs virtualisation ....

You can't free a fish from water ...

Slow are the wheels that maketh the #Linux NAL ...