Firewall Rules
Ok here is a simple tip. All machines need to have a firewall installed and configured. Chatty windows boxes will try to infect every box on your network and if they can't infect you they end up doing a denial of service. Close all ports inbound and outbound by default. This may sound like paranoia, but if microsoft made this the default then created templates for what the machine is. This would limit the spread of viruses and spyware. I have started using Shorewall more and more on Linux machines. It simplifies Iptables quite a bit. Some of the Admins don't like it and are resistant to change. I will see how it works out.
Ok here is a simple tip. All machines need to have a firewall installed and configured. Chatty windows boxes will try to infect every box on your network and if they can't infect you they end up doing a denial of service. Close all ports inbound and outbound by default. This may sound like paranoia, but if microsoft made this the default then created templates for what the machine is. This would limit the spread of viruses and spyware. I have started using Shorewall more and more on Linux machines. It simplifies Iptables quite a bit. Some of the Admins don't like it and are resistant to change. I will see how it works out.