• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Uptick in Viruses?

R

Richard K

#1
Has anyone noticed a major uptick in viruses affecting XP Pro clients on
SBS2003 networks over the past few months? I'm talking the "you have been
infected with a virus and we are going to scan... click here to purchase our
product" type of viruses. I have been using MalwareBytes to clean them but
even MB is missing a few unless the database is REALLY up to date.

I have given a lot more latitude to clients in letting them have local admin
priv. and I am very good at keeping clients up to date in software patches
and AV (trend WFBS) but am rethinking the local admin rights. The only
thing that puts a hole in that theory is I have another associate who is
major league locked down with non-local admin rights, updates, AV etc. in
addition to a very good appliance firewall from Barracuda. His XP Pro
clients are still getting hit. Labor to fix these issues is starting to get
bad.

thoughts?
 

My Computer

S

Susan Bradley

#2
Richard K wrote:

> Has anyone noticed a major uptick in viruses affecting XP Pro clients on
> SBS2003 networks over the past few months? I'm talking the "you have
> been infected with a virus and we are going to scan... click here to
> purchase our product" type of viruses. I have been using MalwareBytes
> to clean them but even MB is missing a few unless the database is REALLY
> up to date.
>
> I have given a lot more latitude to clients in letting them have local
> admin priv. and I am very good at keeping clients up to date in software
> patches and AV (trend WFBS) but am rethinking the local admin rights.
> The only thing that puts a hole in that theory is I have another
> associate who is major league locked down with non-local admin rights,
> updates, AV etc. in addition to a very good appliance firewall from
> Barracuda. His XP Pro clients are still getting hit. Labor to fix
> these issues is starting to get bad.
>
> thoughts?
>
>
yup.
It's malicious banner ads in google hits.

Block the banner ads from the rotation.

Start killing off XP.
 

My Computer

G

Gregg Hill

#3
Behind a well-configured WatchGuard firewall, those pages are no threat. The
fake page comes up (or at least parts of it), but no executable files (DLL,
EXE, SYS, etc) can reach the computer, so they end up being just a scary
annoyance.

For clients without a WatchGuard in place, I have seen them get by AV
software. One day it will get by Norton/Symantec, another day it gets by
WFBS, yet another day, it gets by a different vendor. Completely innocent
searches can get one into trouble. My wife searched Google for "tuxedo
cheesecake recipe" and got one of those pages. She stopped and told me, then
I had my way with it through the WatchGuard, and it stopped everything that
tried to get through it.

I have my WG set very tight, only trusting Microsoft, Trend Micro, and a
couple others for access to executables. For others that are blocked but
needed, I have a temporary-use bypass username and password that allows the
download, but AV scans it as it comes in. For a user to get infected, they'd
have to ignore the screaming red warnings in my custom deny message from the
WG that the file might be infected, they'd have to know the bypass username
and password, the download would have to get by the WG's AV scan (using
AVG), and get by the different vendor's AV on the desktop. In my testing,
that is nearly impossible (never failed yet!). I test with an unpatched Win
2000 VPC with no antivirus, and with an unprotected XP VPC.

Gregg Hill

--
Gregg's pet peeves:

First of all, what does a peeve look like, and why would anyone want one as
a pet?

Peeve #1: Apostrophes: when in doubt, leave them out! You will be correct
more often than not.

Its = Belonging to it. For example, "Look at the sky. Its color is blue."
It's = It is. For example, "It's hot today."
It's = It has. For example, "It's been nice talking to you."
Its' = completely incorrect usage. Stop it!


Peeve #2: Your vs. You're
"Your" means belonging to you, as in, "It's your truck."
"You're" means "You are." Example, you're probably about ready to throttle
me for this peeve!

"Richard K" <rkokoski@newsgroup> wrote in message
news:OvjkyYBvKHA.3408@newsgroup

> Has anyone noticed a major uptick in viruses affecting XP Pro clients on
> SBS2003 networks over the past few months? I'm talking the "you have been
> infected with a virus and we are going to scan... click here to purchase
> our product" type of viruses. I have been using MalwareBytes to clean
> them but even MB is missing a few unless the database is REALLY up to
> date.
>
> I have given a lot more latitude to clients in letting them have local
> admin priv. and I am very good at keeping clients up to date in software
> patches and AV (trend WFBS) but am rethinking the local admin rights. The
> only thing that puts a hole in that theory is I have another associate who
> is major league locked down with non-local admin rights, updates, AV etc.
> in addition to a very good appliance firewall from Barracuda. His XP Pro
> clients are still getting hit. Labor to fix these issues is starting to
> get bad.
>
> thoughts?
>
>
 

My Computer

L

Leythos

#4
In article <OvjkyYBvKHA.3408@newsgroup>,
rkokoski@newsgroup says...

> Has anyone noticed a major uptick in viruses affecting XP Pro clients on
> SBS2003 networks over the past few months? I'm talking the "you have been
> infected with a virus and we are going to scan... click here to purchase our
> product" type of viruses. I have been using MalwareBytes to clean them but
> even MB is missing a few unless the database is REALLY up to date.
>
>
On unmanaged networks where they don't restrict web access, where they
don't filter email contents, where they run as local admins, seen more
of it than 6 months ago. On managed networks, open web to ONLY business
approved sites, email filtered to remove any possibly malicious file,
not any sign of it.

Cost of removing malware exceeds the cost of preventing access to it in
every case, but the customers don't want to "limit" creativity or
freedom :-)

--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.
Trust yourself.
spam999free@newsgroup (remove 999 for proper email address)
 

My Computer

R

Richard K

#5
How do you block the banner ads?

"Susan Bradley" <sbradcpa@newsgroup> wrote in message
news:uKuAFoBvKHA.800@newsgroup

> Richard K wrote:

>> Has anyone noticed a major uptick in viruses affecting XP Pro clients on
>> SBS2003 networks over the past few months? I'm talking the "you have
>> been infected with a virus and we are going to scan... click here to
>> purchase our product" type of viruses. I have been using MalwareBytes to
>> clean them but even MB is missing a few unless the database is REALLY up
>> to date.
>>
>> I have given a lot more latitude to clients in letting them have local
>> admin priv. and I am very good at keeping clients up to date in software
>> patches and AV (trend WFBS) but am rethinking the local admin rights.
>> The only thing that puts a hole in that theory is I have another
>> associate who is major league locked down with non-local admin rights,
>> updates, AV etc. in addition to a very good appliance firewall from
>> Barracuda. His XP Pro clients are still getting hit. Labor to fix these
>> issues is starting to get bad.
>>
>> thoughts?
>>
>>
> yup.
> It's malicious banner ads in google hits.
>
> Block the banner ads from the rotation.
>
> Start killing off XP.
 

My Computer

R

Richard K

#6
SBS2003 with XP Pro clients running WFBS. I can take away the local admin
rights (but for some users that can be a real pain if they use apps looking
for more access like QB). I cannot control where users surf the net but I'm
pretty sure they are getting these via web surfing.

"Leythos" <spam999free@newsgroup> wrote in message
news:MPG.25faae1c76afed6298a177@newsgroup

> In article <OvjkyYBvKHA.3408@newsgroup>,
> rkokoski@newsgroup says...

>> Has anyone noticed a major uptick in viruses affecting XP Pro clients on
>> SBS2003 networks over the past few months? I'm talking the "you have
>> been
>> infected with a virus and we are going to scan... click here to purchase
>> our
>> product" type of viruses. I have been using MalwareBytes to clean them
>> but
>> even MB is missing a few unless the database is REALLY up to date.
>>
>>
>
> On unmanaged networks where they don't restrict web access, where they
> don't filter email contents, where they run as local admins, seen more
> of it than 6 months ago. On managed networks, open web to ONLY business
> approved sites, email filtered to remove any possibly malicious file,
> not any sign of it.
>
> Cost of removing malware exceeds the cost of preventing access to it in
> every case, but the customers don't want to "limit" creativity or
> freedom :-)
>
> --
> You can't trust your best friends, your five senses, only the little
> voice inside you that most civilians don't even hear -- Listen to that.
> Trust yourself.
> spam999free@newsgroup (remove 999 for proper email address)
 

My Computer

S

SteveB

#7
Implementing OpenDNS would be a help in controlling the web surfing.

"Richard K" <rkokoski@newsgroup> wrote in message
news:%23efyeBGvKHA.2436@newsgroup

> SBS2003 with XP Pro clients running WFBS. I can take away the local admin
> rights (but for some users that can be a real pain if they use apps
> looking for more access like QB). I cannot control where users surf the
> net but I'm pretty sure they are getting these via web surfing.
>
> "Leythos" <spam999free@newsgroup> wrote in message
> news:MPG.25faae1c76afed6298a177@newsgroup

>> In article <OvjkyYBvKHA.3408@newsgroup>,
>> rkokoski@newsgroup says...

>>> Has anyone noticed a major uptick in viruses affecting XP Pro clients on
>>> SBS2003 networks over the past few months? I'm talking the "you have
>>> been
>>> infected with a virus and we are going to scan... click here to purchase
>>> our
>>> product" type of viruses. I have been using MalwareBytes to clean them
>>> but
>>> even MB is missing a few unless the database is REALLY up to date.
>>>
>>>
>>
>> On unmanaged networks where they don't restrict web access, where they
>> don't filter email contents, where they run as local admins, seen more
>> of it than 6 months ago. On managed networks, open web to ONLY business
>> approved sites, email filtered to remove any possibly malicious file,
>> not any sign of it.
>>
>> Cost of removing malware exceeds the cost of preventing access to it in
>> every case, but the customers don't want to "limit" creativity or
>> freedom :-)
>>
>> --
>> You can't trust your best friends, your five senses, only the little
>> voice inside you that most civilians don't even hear -- Listen to that.
>> Trust yourself.
>> spam999free@newsgroup (remove 999 for proper email address)
>
 

My Computer

D

Dave Nickason [SBS MVP]

#8
Block the ads with OpenDNS.

One additional comment: from personal experience, Power User in XP is as
bad as full admin rights when it comes to these risks. I had a local power
user get infected with something (not this Antivirus 2010 or whatever) just
by visiting a page from a google search. I agree with Susan - start getting
rid of XP - but until you can do that, run everyone as standard user, not
power user.

And yes, I'm seeing an increase in the frequency.

"Richard K" <rkokoski@newsgroup> wrote in message
news:uQ2qKAGvKHA.5008@newsgroup

> How do you block the banner ads?
>
> "Susan Bradley" <sbradcpa@newsgroup> wrote in message
> news:uKuAFoBvKHA.800@newsgroup

>> Richard K wrote:

>>> Has anyone noticed a major uptick in viruses affecting XP Pro clients on
>>> SBS2003 networks over the past few months? I'm talking the "you have
>>> been infected with a virus and we are going to scan... click here to
>>> purchase our product" type of viruses. I have been using MalwareBytes
>>> to clean them but even MB is missing a few unless the database is REALLY
>>> up to date.
>>>
>>> I have given a lot more latitude to clients in letting them have local
>>> admin priv. and I am very good at keeping clients up to date in software
>>> patches and AV (trend WFBS) but am rethinking the local admin rights.
>>> The only thing that puts a hole in that theory is I have another
>>> associate who is major league locked down with non-local admin rights,
>>> updates, AV etc. in addition to a very good appliance firewall from
>>> Barracuda. His XP Pro clients are still getting hit. Labor to fix
>>> these issues is starting to get bad.
>>>
>>> thoughts?
>>>
>>>
>> yup.
>> It's malicious banner ads in google hits.
>>
>> Block the banner ads from the rotation.
>>
>> Start killing off XP.
>
 

My Computer

R

Richard K

#9
I wish I could reject all local admin rights but there are some pieces of
software that will not run without local admin and some (like QB) that
require extensive customization so they can work if the user does not
provide local admin. As far as getting rid of XP..... easier said then done
with budgets and time with a lot of these businesses.

"Dave Nickason [SBS MVP]" <gwdibble@newsgroup> wrote in message
news:ecl1deIvKHA.3860@newsgroup

> Block the ads with OpenDNS.
>
> One additional comment: from personal experience, Power User in XP is as
> bad as full admin rights when it comes to these risks. I had a local
> power user get infected with something (not this Antivirus 2010 or
> whatever) just by visiting a page from a google search. I agree with
> Susan - start getting rid of XP - but until you can do that, run everyone
> as standard user, not power user.
>
> And yes, I'm seeing an increase in the frequency.
>
> "Richard K" <rkokoski@newsgroup> wrote in message
> news:uQ2qKAGvKHA.5008@newsgroup

>> How do you block the banner ads?
>>
>> "Susan Bradley" <sbradcpa@newsgroup> wrote in message
>> news:uKuAFoBvKHA.800@newsgroup

>>> Richard K wrote:
>>>> Has anyone noticed a major uptick in viruses affecting XP Pro clients
>>>> on SBS2003 networks over the past few months? I'm talking the "you
>>>> have been infected with a virus and we are going to scan... click here
>>>> to purchase our product" type of viruses. I have been using
>>>> MalwareBytes to clean them but even MB is missing a few unless the
>>>> database is REALLY up to date.
>>>>
>>>> I have given a lot more latitude to clients in letting them have local
>>>> admin priv. and I am very good at keeping clients up to date in
>>>> software patches and AV (trend WFBS) but am rethinking the local admin
>>>> rights. The only thing that puts a hole in that theory is I have
>>>> another associate who is major league locked down with non-local admin
>>>> rights, updates, AV etc. in addition to a very good appliance firewall
>>>> from Barracuda. His XP Pro clients are still getting hit. Labor to
>>>> fix these issues is starting to get bad.
>>>>
>>>> thoughts?
>>>>
>>>>
>>> yup.
>>> It's malicious banner ads in google hits.
>>>
>>> Block the banner ads from the rotation.
>>>
>>> Start killing off XP.
>>
 

My Computer

L

Leythos

#10
In article <uQ2qKAGvKHA.5008@newsgroup>,
rkokoski@newsgroup says...

> How do you block the banner ads?
>
Banner ads normally come from a site other than the one you're visiting,
so, if you have a firewall (or OpenDNS or a good host file), you won't
see them.

--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.
Trust yourself.
spam999free@newsgroup (remove 999 for proper email address)
 

My Computer

L

Leythos

#11
In article <#efyeBGvKHA.2436@newsgroup>,
rkokoski@newsgroup says...

> SBS2003 with XP Pro clients running WFBS. I can take away the local admin
> rights (but for some users that can be a real pain if they use apps looking
> for more access like QB). I cannot control where users surf the net but I'm
> pretty sure they are getting these via web surfing.
>
QB doesn't need local admin if you get a 2009/2010 version.

Why can't you control where they surf? Even the free OpenDNS would help
if you implement destination filtering.

Remember, Internet access at work is not a right, it's a tool.

--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.
Trust yourself.
spam999free@newsgroup (remove 999 for proper email address)
 

My Computer

S

SteveM

#12
Richard K wrote:

> Has anyone noticed a major uptick in viruses affecting XP Pro clients
> on SBS2003 networks over the past few months? I'm talking the "you
> have been infected with a virus and we are going to scan... click
> here to purchase our product" type of viruses. I have been using
> MalwareBytes to clean them but even MB is missing a few unless the
> database is REALLY up to date.
>
> I have given a lot more latitude to clients in letting them have
> local admin priv. and I am very good at keeping clients up to date in
> software patches and AV (trend WFBS) but am rethinking the local
> admin rights. The only thing that puts a hole in that theory is I
> have another associate who is major league locked down with non-local
> admin rights, updates, AV etc. in addition to a very good appliance
> firewall from Barracuda. His XP Pro clients are still getting hit.
> Labor to fix these issues is starting to get bad.
>
> thoughts?
It's not just SBS 2003 networks, it's a general problem at the moment.
While there is a lot that can be done to resist these rogue
anti-virus/spyware offerings, a lot of them are getting through.While
banner ads and other traditional attack vectors are being used, most
(80% according to one report) of these kind of infections currently
enter through Adobe Reader. If you don't keep up with Adobe Reader
updates in a timely factor, or you blick PDF files altogether, you run
a much higher risk of being infected. The rogue products are
technically very sophisticated in the way that they exploit
vulnerabilities, in the way they operate once installed, and the way
they resist removal. Don't be fooled by assuming you can achieve the
nirvana of 100% security - you are kidding yourselves and your clients
if you do. Also do not assume that you can only be infected if you are
running with admin privileges - limited accounts are getting hit much
more regularly now (but in this case removal is easier), through use of
account profile folders and HKCU registry hacks, all of which get past
Windows' standard defenses with ease.

'Social engineering' is a big part of the problem, to which, like it or
not, user education is a required part of the response.
 

My Computer

A

Andrew M. Saucci, Jr.

#13
One way I keep tabs on how successful the bad guys are is via my
spam folder (courtesy of Trend Micro WFBS). I keep the last two weeks'
worth of spam and automatically delete the rest with Outlook's
auto-archiving feature. In the fall, it surged to 18,000 for a while and
then around the end of December and through January fell to the 3,000 to
4.000 range. It's been climbing all week and today it's over 21,000.

Internet whitelisting with strict e-mail attachment blocking is the
only way to go, whether clients are ready for it or not. No one has
suggested to me a better way. Everything else is full of holes. While
removing administrator privileges is essential, it is already not
sufficient; the bad guys are adapting.

"Richard K" <rkokoski@newsgroup> wrote in message
news:OvjkyYBvKHA.3408@newsgroup

> Has anyone noticed a major uptick in viruses affecting XP Pro clients on
> SBS2003 networks over the past few months? I'm talking the "you have been
> infected with a virus and we are going to scan... click here to purchase
> our product" type of viruses. I have been using MalwareBytes to clean
> them but even MB is missing a few unless the database is REALLY up to
> date.
>
> I have given a lot more latitude to clients in letting them have local
> admin priv. and I am very good at keeping clients up to date in software
> patches and AV (trend WFBS) but am rethinking the local admin rights. The
> only thing that puts a hole in that theory is I have another associate who
> is major league locked down with non-local admin rights, updates, AV etc.
> in addition to a very good appliance firewall from Barracuda. His XP Pro
> clients are still getting hit. Labor to fix these issues is starting to
> get bad.
>
> thoughts?
>
>
 

My Computer

R

Richard K

#14
Trying to tell your clients that they MUST upgrade their software is an
exercise in futility for may small businesses. I even have 1 person, and
accounting firm, that NEEDS version of QB going back to 2002 because their
clients won't upgrade. And this is coming from their accounting firm with
recommendations! For small business, especially the owner of the business,
they don't want someone telling them what they can and cannot surf to on the
net. That's not reality. I could even try pushing some of them to add in
much higher end firewall equipment, but then again for a small business an
added $1,000-$2,000 can be a big hit.

I do need to look at OpenDNS some more. There may be some value to that.

"Leythos" <spam999free@newsgroup> wrote in message
news:MPG.25fc1e8f60a051cb98a17b@newsgroup

> In article <#efyeBGvKHA.2436@newsgroup>,
> rkokoski@newsgroup says...

>> SBS2003 with XP Pro clients running WFBS. I can take away the local
>> admin
>> rights (but for some users that can be a real pain if they use apps
>> looking
>> for more access like QB). I cannot control where users surf the net but
>> I'm
>> pretty sure they are getting these via web surfing.
>>
>
> QB doesn't need local admin if you get a 2009/2010 version.
>
> Why can't you control where they surf? Even the free OpenDNS would help
> if you implement destination filtering.
>
> Remember, Internet access at work is not a right, it's a tool.
>
> --
> You can't trust your best friends, your five senses, only the little
> voice inside you that most civilians don't even hear -- Listen to that.
> Trust yourself.
> spam999free@newsgroup (remove 999 for proper email address)
 

My Computer

G

Gregg Hill

#15
You obviously have not spoken to my younger brother! He thinks that God
invented computers and the Internet, and he has "the right" to surf the web
for non-business use. It was an interesting and frustrating conversation.

Some users' mentalities are amazing. Of course, we don't care if that's how
they feel, unless they are a major honcho.

Gregg Hill

--
Gregg's pet peeves:

First of all, what does a peeve look like, and why would anyone want one as
a pet?

Peeve #1: Apostrophes: when in doubt, leave them out! You will be correct
more often than not.

Its = Belonging to it. For example, "Look at the sky. Its color is blue."
It's = It is. For example, "It's hot today."
It's = It has. For example, "It's been nice talking to you."
Its' = completely incorrect usage. Stop it!


Peeve #2: Your vs. You're
"Your" means belonging to you, as in, "It's your truck."
"You're" means "You are." Example, you're probably about ready to throttle
me for this peeve!

"Leythos" <spam999free@newsgroup> wrote in message
news:MPG.25fc1e8f60a051cb98a17b@newsgroup

> In article <#efyeBGvKHA.2436@newsgroup>,
> rkokoski@newsgroup says...

>> SBS2003 with XP Pro clients running WFBS. I can take away the local
>> admin
>> rights (but for some users that can be a real pain if they use apps
>> looking
>> for more access like QB). I cannot control where users surf the net but
>> I'm
>> pretty sure they are getting these via web surfing.
>>
>
> QB doesn't need local admin if you get a 2009/2010 version.
>
> Why can't you control where they surf? Even the free OpenDNS would help
> if you implement destination filtering.
>
> Remember, Internet access at work is not a right, it's a tool.
>
> --
> You can't trust your best friends, your five senses, only the little
> voice inside you that most civilians don't even hear -- Listen to that.
> Trust yourself.
> spam999free@newsgroup (remove 999 for proper email address)
 

My Computer

G

Gregg Hill

#16
So you measure the amount of spam that you accept, but drop into the WFBS
spam folder in Outlook? Wouldn't a better approach be not to let in the spam
in the first place, thereby easing the load on Exchange?

Behind a well-configured WatchGuard firewall, those pages are no threat. The
fake page comes up (or at least parts of it), but no executable files (DLL,
EXE, SYS, etc) can reach the computer, so they end up being just a scary
annoyance.

It is a never-ending battle with these scumbags, but a good firewall goes a
LONG way to protecting the network from external threats.

Gregg Hill

--
Gregg's pet peeves:

First of all, what does a peeve look like, and why would anyone want one as
a pet?

Peeve #1: Apostrophes: when in doubt, leave them out! You will be correct
more often than not.

Its = Belonging to it. For example, "Look at the sky. Its color is blue."
It's = It is. For example, "It's hot today."
It's = It has. For example, "It's been nice talking to you."
Its' = completely incorrect usage. Stop it!


Peeve #2: Your vs. You're
"Your" means belonging to you, as in, "It's your truck."
"You're" means "You are." Example, you're probably about ready to throttle
me for this peeve!

"Andrew M. Saucci, Jr." <spam-only@newsgroup> wrote in message
news:us0x1LVvKHA.5008@newsgroup

> One way I keep tabs on how successful the bad guys are is via my
> spam folder (courtesy of Trend Micro WFBS). I keep the last two weeks'
> worth of spam and automatically delete the rest with Outlook's
> auto-archiving feature. In the fall, it surged to 18,000 for a while and
> then around the end of December and through January fell to the 3,000 to
> 4.000 range. It's been climbing all week and today it's over 21,000.
>
> Internet whitelisting with strict e-mail attachment blocking is the
> only way to go, whether clients are ready for it or not. No one has
> suggested to me a better way. Everything else is full of holes. While
> removing administrator privileges is essential, it is already not
> sufficient; the bad guys are adapting.
>
> "Richard K" <rkokoski@newsgroup> wrote in message
> news:OvjkyYBvKHA.3408@newsgroup

>> Has anyone noticed a major uptick in viruses affecting XP Pro clients on
>> SBS2003 networks over the past few months? I'm talking the "you have
>> been infected with a virus and we are going to scan... click here to
>> purchase our product" type of viruses. I have been using MalwareBytes to
>> clean them but even MB is missing a few unless the database is REALLY up
>> to date.
>>
>> I have given a lot more latitude to clients in letting them have local
>> admin priv. and I am very good at keeping clients up to date in software
>> patches and AV (trend WFBS) but am rethinking the local admin rights.
>> The only thing that puts a hole in that theory is I have another
>> associate who is major league locked down with non-local admin rights,
>> updates, AV etc. in addition to a very good appliance firewall from
>> Barracuda. His XP Pro clients are still getting hit. Labor to fix these
>> issues is starting to get bad.
>>
>> thoughts?
>>
>>
>
>
 

My Computer

L

Leythos

#17
In article <uf9TFeVvKHA.3408@newsgroup>,
rkokoski@newsgroup says...

> Trying to tell your clients that they MUST upgrade their software is an
> exercise in futility for may small businesses. I even have 1 person, and
> accounting firm, that NEEDS version of QB going back to 2002 because their
> clients won't upgrade. And this is coming from their accounting firm with
> recommendations!
Been there, we have a number of clients (accounting firms) that have
customers that still run QB2003, but we limit the install of that
version to a single machine, and it will run without the user being a
local admin...

> For small business, especially the owner of the business,
> they don't want someone telling them what they can and cannot surf to on the
> net. That's not reality.
It is when they've been compromised in the past. We had one company, a
new client, they had been fighting malware for several years. They
called us because the old IT company could not keep them reasonably
secure - the problem was the OLD IT Company thought the same way that
you do - that it's not reality to limit surfing.

We installed a loaner firewall, installed content filtering, web
blocking, etc... We asked them for 1 week to get things adjusted, the
first day was the worst for them, having to deal with blocked sites that
the business needed, we had someone onsite to create the exception...
The second day it was just a couple sites being blocked, the rest of the
week we did changes remotely. (in reality we could have done it all
remotely, but we put someone onsite to make them feel more comfortable).

We/the owner, had to listen to multiple complaints about not being able
to get their Internet Radio, people could not check email, but they have
their own company email server, etc... Productivity dropped in some
people during that first week - but, once it was clear they would not be
getting to FaceBook, Myspace, their personal email, their personal
banking site... Productivity increased about 20% overall, and we've not
had a single compromised computer in more than a year of working with
them.

> I could even try pushing some of them to add in
> much higher end firewall equipment, but then again for a small business an
> added $1,000-$2,000 can be a big hit.
If you look at what I wrote above, having seen this same thing in 2
person companies, 5 - 15 person companies, 350+ person organizations,
etc... it's always the same. People at companies have forgot that they
are there to work and make the business profitable/productive, that the
business doesn't OWE them anything except a pay check, and that screwing
around (even at lunch) is a serious cost/risk for almost every business.

Firewall cost $1500, yearly maintenance renewal $500 (after initial
warranty/licensing period), initial setup $1500 (or less depending on
customers needs).... First months firewall adjustment costs associated
with this change, not including the previous numbers, $500 or less
(depending on the size of the client. Additional costs needed, included
in the standard 1 hour a month system/patch checks and updates.

> I do need to look at OpenDNS some more. There may be some value to that.
So, $3,500 initial investment to install a proper firewall to gain
productivity, not spending time paying to have workstations
rebuilt/cleaned, not having worker lost time while their computer is
being rebuilt....

That initial investment of $3,500 can be paid for if they don't have to
pay you to remove malware in just 11 visits, not to mention that it's
paid for sooner if you can put a number on the increase in productivity.

One other thing - with the firewall you can create different filter
rules for blocking based on internal IP addresses/ranges - so, a manager
might get MORE access than the receptionist, if you configure it that
way.


--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.
Trust yourself.
spam999free@newsgroup (remove 999 for proper email address)
 

My Computer

G

Gregg Hill

#18
Leythos,

Well-stated comments!

I had one guy years ago (when I sold SonicWALL) argue with me that he could
not afford it. I then handed him a printout of what he had spent having me
clean systems during the time I had been recommending the firewall, and it
was $700 more than the firewall would have cost him.

I recently sold an X550e to a 25-user business, and they had the same minor
complaints for a week or so, then figured out that they had to work instead
of play. Gee, what a concept!

Gregg Hill

--
Gregg's pet peeves:

First of all, what does a peeve look like, and why would anyone want one as
a pet?

Peeve #1: Apostrophes: when in doubt, leave them out! You will be correct
more often than not.

Its = Belonging to it. For example, "Look at the sky. Its color is blue."
It's = It is. For example, "It's hot today."
It's = It has. For example, "It's been nice talking to you."
Its' = completely incorrect usage. Stop it!


Peeve #2: Your vs. You're
"Your" means belonging to you, as in, "It's your truck."
"You're" means "You are." Example, you're probably about ready to throttle
me for this peeve!

"Leythos" <spam999free@newsgroup> wrote in message
news:MPG.25fc73e867fdb0f98a180@newsgroup

> In article <uf9TFeVvKHA.3408@newsgroup>,
> rkokoski@newsgroup says...

>> Trying to tell your clients that they MUST upgrade their software is an
>> exercise in futility for may small businesses. I even have 1 person, and
>> accounting firm, that NEEDS version of QB going back to 2002 because
>> their
>> clients won't upgrade. And this is coming from their accounting firm
>> with
>> recommendations!
>
> Been there, we have a number of clients (accounting firms) that have
> customers that still run QB2003, but we limit the install of that
> version to a single machine, and it will run without the user being a
> local admin...
>

>> For small business, especially the owner of the business,
>> they don't want someone telling them what they can and cannot surf to on
>> the
>> net. That's not reality.
>
> It is when they've been compromised in the past. We had one company, a
> new client, they had been fighting malware for several years. They
> called us because the old IT company could not keep them reasonably
> secure - the problem was the OLD IT Company thought the same way that
> you do - that it's not reality to limit surfing.
>
> We installed a loaner firewall, installed content filtering, web
> blocking, etc... We asked them for 1 week to get things adjusted, the
> first day was the worst for them, having to deal with blocked sites that
> the business needed, we had someone onsite to create the exception...
> The second day it was just a couple sites being blocked, the rest of the
> week we did changes remotely. (in reality we could have done it all
> remotely, but we put someone onsite to make them feel more comfortable).
>
> We/the owner, had to listen to multiple complaints about not being able
> to get their Internet Radio, people could not check email, but they have
> their own company email server, etc... Productivity dropped in some
> people during that first week - but, once it was clear they would not be
> getting to FaceBook, Myspace, their personal email, their personal
> banking site... Productivity increased about 20% overall, and we've not
> had a single compromised computer in more than a year of working with
> them.
>

>> I could even try pushing some of them to add in
>> much higher end firewall equipment, but then again for a small business
>> an
>> added $1,000-$2,000 can be a big hit.
>
> If you look at what I wrote above, having seen this same thing in 2
> person companies, 5 - 15 person companies, 350+ person organizations,
> etc... it's always the same. People at companies have forgot that they
> are there to work and make the business profitable/productive, that the
> business doesn't OWE them anything except a pay check, and that screwing
> around (even at lunch) is a serious cost/risk for almost every business.
>
> Firewall cost $1500, yearly maintenance renewal $500 (after initial
> warranty/licensing period), initial setup $1500 (or less depending on
> customers needs).... First months firewall adjustment costs associated
> with this change, not including the previous numbers, $500 or less
> (depending on the size of the client. Additional costs needed, included
> in the standard 1 hour a month system/patch checks and updates.
>

>> I do need to look at OpenDNS some more. There may be some value to that.
>
> So, $3,500 initial investment to install a proper firewall to gain
> productivity, not spending time paying to have workstations
> rebuilt/cleaned, not having worker lost time while their computer is
> being rebuilt....
>
> That initial investment of $3,500 can be paid for if they don't have to
> pay you to remove malware in just 11 visits, not to mention that it's
> paid for sooner if you can put a number on the increase in productivity.
>
> One other thing - with the firewall you can create different filter
> rules for blocking based on internal IP addresses/ranges - so, a manager
> might get MORE access than the receptionist, if you configure it that
> way.
>
>
> --
> You can't trust your best friends, your five senses, only the little
> voice inside you that most civilians don't even hear -- Listen to that.
> Trust yourself.
> spam999free@newsgroup (remove 999 for proper email address)
 

My Computer

L

Leythos

#19
In article <OAethQWvKHA.1964@newsgroup>, "Gregg Hill" says...

>
> Leythos,
>
> Well-stated comments!
>
> I had one guy years ago (when I sold SonicWALL) argue with me that he could
> not afford it. I then handed him a printout of what he had spent having me
> clean systems during the time I had been recommending the firewall, and it
> was $700 more than the firewall would have cost him.
>
> I recently sold an X550e to a 25-user business, and they had the same minor
> complaints for a week or so, then figured out that they had to work instead
> of play. Gee, what a concept!
>
> Gregg Hill
Greg, please consider making your sig 4-5 lines following good usenet
standards.

--
You can't trust your best friends, your five senses, only the little
voice inside you that most civilians don't even hear -- Listen to that.
Trust yourself.
spam999free@newsgroup (remove 999 for proper email address)
 

My Computer

G

Gregg Hill

#20
How's this one?

Gregg Hill



"Leythos" <spam999free@newsgroup> wrote in message
news:MPG.25fc80d781947bbd98a182@newsgroup

> In article <OAethQWvKHA.1964@newsgroup>, "Gregg Hill" says...

>>
>> Leythos,
>>
>> Well-stated comments!
>>
>> I had one guy years ago (when I sold SonicWALL) argue with me that he
>> could
>> not afford it. I then handed him a printout of what he had spent having
>> me
>> clean systems during the time I had been recommending the firewall, and
>> it
>> was $700 more than the firewall would have cost him.
>>
>> I recently sold an X550e to a 25-user business, and they had the same
>> minor
>> complaints for a week or so, then figured out that they had to work
>> instead
>> of play. Gee, what a concept!
>>
>> Gregg Hill
>
> Greg, please consider making your sig 4-5 lines following good usenet
> standards.
>
> --
> You can't trust your best friends, your five senses, only the little
> voice inside you that most civilians don't even hear -- Listen to that.
> Trust yourself.
> spam999free@newsgroup (remove 999 for proper email address)
 

My Computer

Users Who Are Viewing This Thread (Users: 1, Guests: 0)