An excellent article appeared today in Computerworld "Four steps to battling botnets ... and one more that may be more than you can manage". It covers interviews with different security experts and their recommendations on how to avoid having your enterprise become infected with malware and hence bots.
The article makes four recommendations:
1. "Pare down the virus factor" - Use anti-virus software and scan your system once a day
2. "Listen to the drumbeats" -
* watch help lines for increased calls relating to poor system performance
* watch outbound activity for suspicious traffic
* watch to see if your IP address becomes part of a blacklist
3. "Scan the horizon" -
* Scan outgoing email for spam
* Use intrusion detection systems for detecting malware activity
4. "Get port authority" - block all internet ports except those few you need to run your enterprise
Finally, the article ends with a recommendation:
"Step infinity: Get smarter users" - ""We have to educate users that just as with safe driving practices there is something called safe computing practices," adds Turner, "and we have to think of Internet safety the same way we think of driving safety.""
Read the article. It's full of excellent advice to avoid loss of enterprise identity, authentication and valuable information from successful malware and bot attacks.