Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

should you run combofix on an sbs 2011 server


  • Please log in to reply
3 replies to this topic

#1 solutionrs

solutionrs

  • Members
  • 4 posts
  • OFFLINE
  •  
  • Local time:04:09 AM

Posted 24 May 2015 - 06:45 AM

This server has no protection and is the main server (hosting exchange, active directory, dhs, etc) and I am concerned about security but not sure if running combofix on a sbs 2011 server is a good idea


Edited by Queen-Evie, 24 May 2015 - 07:22 AM.
moved from Windows Server to the appropriate forum


BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,470 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:09 AM

Posted 24 May 2015 - 09:11 AM

ComboFix was not designed to run on Servers. Most Servers are seen in business/corporate environments. The developer of ComboFix did not intend for his tool to be used in a business/corporate environment. Per the disclaimer...it was intended for non-commercial purposes only. The unique configuration of systems on a network vary from company to company and running ComboFix can cause unpredictable results.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 Wand3r3r

Wand3r3r

  • Members
  • 2,027 posts
  • OFFLINE
  •  
  • Local time:01:09 AM

Posted 26 May 2015 - 11:36 AM

There is also the issue that running such software is reactive not proactive.  Ideally this server would be behind a sonicwall firewall appliance with spam and antivirus subscriptions.  Alternatively you can get good software based firewall/antivirus software but I always consider it best to stop the bad guys in the front yard than in my living room. We actually do both so if the front line is compromised we still have the back line.



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,470 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:04:09 AM

Posted 26 May 2015 - 01:59 PM

Yes...Combofix is intended by its creator to do two things: 1) automatically remove known infections and 2) provide a detailed system report similar to DDS that a trained expert can use to further investigate and remove malicious files and registry entries.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users