Educause Security Discussion mailing list archives
Re: A Real-Time malware antivirus console
From: Curt Wilson <curtw () SIU EDU>
Date: Wed, 17 Jun 2009 18:13:43 -0500
Valdis Kletnieks wrote:
On Wed, 17 Jun 2009 16:20:54 CDT, Curt Wilson said:I've gotten into the philosophy of treating anti-virus as a detection and notification system that a box needs a more in-depth analysis. In a large organization, this rapidly scales into a huge resource issue though."Nuke it from orbit. It's the only way to be sure." Somewhat snarky, but it's the only realistic way to avoid the "huge resource issue" if you're relying on reactive security schemes rather than proactive ones, in combination with wide-open von Neumann system designs where injected data becomes executable code all too easily. Having said that, no, I don't have a ready-for-Joe-Sixpack alternative.
Not only injected data becoming code but injected trickery turns into injected code when a PEBCAK issue is utilized in the fault injection process. Nuking from orbit leaves important questions unanswered though. I suppose in some cases that's perfectly acceptable. Relying on reactive security schemes?! Never! All of us in .edu-land are ALWAYS able to get the staff and other resources to implement proactive security schemes, right? :> -- Curt Wilson SIUC IT Security Officer & Security Engineer
Current thread:
- A Real-Time malware antivirus console reflect ocean (Jun 17)
- <Possible follow-ups>
- Re: A Real-Time malware antivirus console Stanclift, Michael (Jun 17)
- Re: A Real-Time malware antivirus console Robert Clifford (Jun 17)
- Re: A Real-Time malware antivirus console Basgen, Brian (Jun 17)
- Re: A Real-Time malware antivirus console Curt Wilson (Jun 17)
- Re: A Real-Time malware antivirus console Valdis Kletnieks (Jun 17)
- Re: A Real-Time malware antivirus console Curt Wilson (Jun 17)
- Re: A Real-Time malware antivirus console Eric Case (Jun 17)
- Re: A Real-Time malware antivirus console reflect ocean (Jun 17)
- Re: A Real-Time malware antivirus console Gary Flynn (Jun 18)
- Re: A Real-Time malware antivirus console King, Ronald A. (Jun 18)
- Re: A Real-Time malware antivirus console Stanclift, Michael (Jun 18)