A public area to discuss Scala and other multimedia topics.

Show: RSS | ALL Discussions | Zero Reply Posts

Technorati Tags: digital signage

THIS SCALA FORUM HAS BEEN ARCHIVED. IT WILL NO LONGER ACCEPT NEW POSTS AFTER APRIL 22, 2009. REPLIES TO EXISTING POSTS WILL BE ACCEPTED THROUGH APRIL 27, 2009. THE NEW FORUM CAN BE FOUND HERE.

|

Exit

Remain calm. Here are the preventative measures against viruses on players from here on out...

Posted: Wednesday, 10 Sep 2003 10:58 PM -- by John Schilling

john schilling (1) The RPC-DCOM patch, (the MSblaster worm exploit), has nothing to do with Win2K SP4. (e.g. a Win2K SP4 box is as affected as a SP3 or whatever system) The RPC bug needs the RPC patch.

(2) Based on initial testing--SP4 appears to be fine--with the exception that it resets our recommended states for the Alerter, AutoUpdate, and Messenger Services--we advice that they be disabled. [...and any other OS service that a system does not need to function in its assigned role!]

(3) In our testing of Player systems. No shipping Commercial AntiVirus product has survived long term. Most of them will turn a PC system that can play IC200/IC3 scripts with lots of MPEG-2 video for 1000 hours without a reboot into a system that fails in under 80 hours. [e.g. Symatec/ McAfee/CA--they are fine if you schedule nightly reboots]

(4) Proper firewall & system configuration is important. If your systems had been configured appropiately--check out sites like CERT.ORG and THEELDERGEEK.COM--such as are the Pre-Configured Player systems that various of oour VAR's sell--always recommended for installations without PC-literate technical staffs--then even though a PC may have a vunerablity to a given exploit--the exploit may not actually be able to do anything. [e.g. MSblaster infects our pre-config PC's in its 1st phase--but then hangs and dies as it attempts to reproduce. [in our default config we disable Administrative shares-- "\\machine\C$" and the TFTP TCP service port--two common reproduction routes that viruses use] TCP port filtering is inportant--if you don't need a given TCP port--do not allow communication to happen on that port! Turn off un-needed OS services. Establish strong ACL's in both the file system and the Registry Keys--learn how to script XCACLS.EXE so you can reproduce you work from system to system]

(5) Document evenything that you do. If you don't write it down--you didn't do it. [...and in 2 weeks you will not be able to reproduce it]

Best of luck--and remember: There is no such thing as luck excepting that which you make yourself! [Configure, Script, Tie down everything, Ghost your Hard Disk Drives!]

Regards,

--John Schilling, Scala, Inc.

Exit

Download discussion as .txt file

The Scala Website requires that JavaScript (Active Scripting) be enabled.

Please go to Tools, Internet Options under the Menus. Select the Security Tab, then Custom Level button. Then click the Enable button under Scripting / Active Scripting. Hit OK, then OK again to exit requestors. You will know it's working when you see a "More" link in the links beneath the Tabs.

You can still use the website without changing this setting, but certain features will be disabled.

Š1993-2008 Scala. Scala, InfoChannel and the Exclamation Point Logo are registered trademarks of Scala, Inc.