Full Disclosure mailing list archives
RE: Antivirus
From: "Randal, Phil" <prandal () herefordshire gov uk>
Date: Thu, 11 Aug 2005 10:49:01 +0100
Given the speed at which viruses can spread, daily (or more frequent) pattern updates are a must. As the virus attack vector is still mainly via email, you need to rigorously scan all incoming emails at the perimeter (and block all executables via email). We use MailScanner (www.mailscanner.info) on a Linux box with ClamAV (www.clamav.net), Bitdefender (www.bitdefender.com), and McAfee's uvscan to scan all emails. Both ClamAV and Bitdefender update their patterns when needed and not to some arbitrary schedule. We check for pattern updates hourly. The advantage of blocking at the perimeter is that when your server or desktop antivirus starts screaming, you know that the infection has come via user action or infected PCs being connected to your internal network. Cheers, Phil ---- Phil Randal Network Engineer Herefordshire Council Hereford, UK
-----Original Message----- From: full-disclosure-bounces () lists grok org uk [mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Larry Seltzer Sent: 10 August 2005 18:08 To: full-disclosure () lists grok org uk Subject: RE: [Full-disclosure] AntivirusBitDefender. ... not as expensive as Symantec. Faster updates..That's another point worth making generally: everyone updates faster than Symantec. Symantec sends out normal updates once a week and an attack has to be nuclear war for them to go "out of cycle." _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- RE: Antivirus, (continued)
- RE: Antivirus Pedro Hugo (Aug 10)
- RE: Antivirus Jason Bethune (Aug 10)
- RE: Antivirus Larry Seltzer (Aug 10)
- RE: Antivirus Jason Bethune (Aug 10)
- RE: Antivirus Larry Seltzer (Aug 10)
- RE: Antivirus Evan Waite (Aug 10)
- RE: Antivirus Jason Bethune (Aug 10)
- Fw: Antivirus SACAR1 (Aug 10)
- RE: Antivirus Jason Bethune (Aug 10)
- RE: Antivirus Jason Bethune (Aug 10)
- RE: Antivirus Aditya Deshmukh (Aug 11)
- RE: Antivirus Randal, Phil (Aug 11)