Full Disclosure mailing list archives
Re: Anti virus installations on Windows servers
From: Pavel Kankovsky <peak () argo troja mff cuni cz>
Date: Sun, 3 May 2009 01:41:08 +0200 (CEST)
On Fri, 1 May 2009, T Biehn wrote:
The example provides an easy to concoct scenario where perhaps anti-virus software might be employed to great benefit where the actual OS's security would be a moot point.
Very unlikely. If your OS has got more holes than a piece of Emmentaler malicious code might exploit one of them to circumvent or disable detection even before your antivirus gets a chance to scan it. You lose. Game over.
It's interesting to see that so many on this list have become so hypnotized that they would go so far to say that A/V is useless and the only possible protection is switching to some other OS.
Let me check: Can antivirus prevent an arbitrary piece of malware from causing harm? No--it is impossible even in theory (see Rice's theorem). Can OS with a strict MAC policy prevent an arbitrary piece of malware from causing harm? Yes--it is not easy but it is certainly possible.
It is equally obvious to point to an example when, yes, an A/V (however deployed) would provide a worthwhile added value to the user experience, this point is sufficient for winning the debate.
Primo: "A worthwhile added value" might be very far from "optimal". Secundo: Does "however deployed" includes "defunct"? Tertio: User experience?! -- Pavel Kankovsky aka Peak / Jeremiah 9:21 \ "For death is come up into our MS Windows(tm)..." \ 21th century edition / _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Anti virus installations on Windows servers Pavel Kankovsky (May 01)
- Re: Anti virus installations on Windows servers T Biehn (May 01)
- Re: Anti virus installations on Windows servers Pavel Kankovsky (May 02)
- Re: Full-disclosure Anti virus installations on Windows servers mbs (May 04)
- Re: Full-disclosure Anti virus installations on Windows servers T Biehn (May 04)
- Re: Anti virus installations on Windows servers T Biehn (May 01)