Why do you need IM in the store? If it is not essential to your services, delete it.
Unfortunately, I can't delete the IM. Actually, they are paying us everytime they use this and they love it.
Well, I know you probably don't want to go into too much detail, so, is the situation one that tracking software may help? In other words, are these infractions occurring within the store, or remotely?
Basically, what I want to do is to keep anyone from accessing my computer remotely, like what this crazy man doing in my computers. Beside the securities and settings I mentioned above, what else should I do to prevent this from happening again. I'm not always in the store, my wife is running it, and she's really mad because our custsmers are going somewhere else because of this.
A more powerful firewall like ZoneAlarm might be an easy first step.
There are all sorts of precautions that you could take to prevent this depending on your setup. Make sure none of the PCs are running with Administrator permissions to start with. You might just want to do a clean install of windows on all the machines and set up some security guidelines.
Are you using wireless networking? Some IM passwords and email passwords are sent "in the clear" (meaning plain text that can be seen easily).
I hate to say it, but it was probably someone that uses your computers messing with you. Came in, hit the browser, clickety click, download and install something nasty. You need to virus scan, check spyware, look in your system for odd things installed in your auto-start, browser start page, etc.
I tried norton's internet security but makes the computer so slow. I'll try zone alarm.
amznVibe, I'm not using wireless.
bill, Only me have access with administration.
Thank you all!
It sounds like a keylogger someone installed. Like incrediBILL said, its probably someone in the store that uses the pcs.
Format all computers and install windows again on all computers. Buy a modem / Router with firewall support (Draytek 2600 for example), it is much better then a software firewall. To prevent viruses on your computer use McAfee and not Norton.
Make a mirror drive of every computer. If you do not trust a certain computer just format the drive and get the original configuration back using the mirror you made earlier.
Keyloggers log everything that computer users type and it can even log program names people use and many other things. Then the program can automatically send reports by email or upload to an ftp on a schedule. Abuser can also personally come and get the reports.
Back Door Application (aka Trojan Horse)
Back door software allows abuser to "login" to your computer remotely and monitor all activity. Abuser can see the screen, see the programs running and even control the computer remotely. Sometimes those programs come with built in keyloggers as well.
What You Need
First of all, install a firewall. Block all incoming connections to your network. Block most outgoing ports as well. Watch out though, if your users rely on AIM, then it might block the file transfers. There are ways around it though. Maybe you shouldn't allow file transfer anyways - just to be safe.
Install an antivirus (Dr. Web) and spyware programs (Ad-aware, Spybot) on each computer. Make it so that your users cannot turn the software off. Update it regularly. Or even better - set it to self update every day.
Look into a program called Deep Freeze. You can control what user can and cannot do on your computers. Even things like installing, opening certain applications, changing settings, etc... You can disallow all that. If they only require AIM - you can set DF to only allow running that program and nothing else.
Look into ghost imaging. Ghost imaging will revert all the changes that were made to the OS every time it's restarted. You can create one configuration with the programs, settings, updates and everything you would need on a running computer. Create an image out of it and use that image for the rest of your computers. If something went wrong, all you need is a restart. But I beleive you need one central computer (server) to store the image.
Thanks to all of you!
I'll review this again when I visit the store next week.
I run several computers for the public to use (unsupervised) and the best solution I have found is to use Symantec's GoBack, which takes the computer back to how I installed it after every reboot. I have had these computers running for many months without problems this way.
Ahhh, GoBack that's an excellent idea! You can present a consistent experience to everyone that uses the computer. You can also have a mixed computer environment running since GoBack is unique to each machine.
When I was travelling around Europe, I found the country-wide internet cafes would re-image the computer after I logged off. But I imagined all the computers for each cafe were the same, so all they need was one image file.
For a small shop, GoBack would make the most sense. Just make sure you do the entire installation. ;)
|I run several computers for the public to use (unsupervised) and the best solution I have found is to use Symantec's GoBack, which takes the computer back to how I installed it after every reboot. I have had these computers running for many months without problems this way. |
I will definitely try this. Thanks