Ask Your Question

Revision history [back]

click to hide/show revision 1
initial version

To ban any access to/from a remote IP using a firewall is relatively easy, but usually of little help as the source addresses of the attacks, or destination addresses to which the data collected in our network are sent, are usually just proxies unaware of acting as such - in another words, other malware victims used to hide the actual source/destination from you, and replaced easily once used.

Most anti-virus software can remove known malware, but sometimes a clean installation of the device may be the only remedy available at the time (when the malware is a new one). If you observe a clearly malicious traffic (like your machine sending tons of spam e-mails) and your anti-virus finds nothing, the malware may be yet unnoticed by anti-virus companies, so your anti-virus manufacturer may be happy to get a note from you and ask you for further cooperation.

So the best you can do is to keep security devices and operating systems up to date, back up data regularly, and use anti-virus software. Contemporary network security systems can work with traffic profiling and ban "unusual" traffic, but whether it is a usable model for you depends on your particular situation.