Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Virus
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: What should be protected with anti-virus software?

from [Loesch, Jason (STP)] Network Security [Permanent Link]
Subject: RE: What should be protected with anti-virus software?
Date: Mon, 6 Feb 2006 11:35:37 -0600 
This was my original response, which I sent only to Larry originally.
Sorry about that everyone...

--------Original response below-------

First post myself, so I hopefully will be doing so properly.

Larry,

I would be inclined to ask your operations manager if anyone ever
accesses the files and/or saves files to these servers, and if they
might just have an in the wild virus that could infect the servers they
access (quite likely in today's day and age). If there is any potential
at all for this, then I would suggest the current antivirus / security
practices at your firm are at best lackluster.

You might look into a few places on the net regarding this such as:
Symantec (http://www.symantec.com/avcenter/whitepapers.html)
CERT (http://www.cert.org/) - CERT coordination center Zone Labs
Security Response Center
(http://www.zonelabs.com/store/content/company/securityResponseCenter/)

Those are a few of the better suggestions I could come up with off the
cuff.

Good luck to you,

Jason Loesch
Mfg Eng - Tachy Elec MRB
Guidant Corporation
4100 Hamline Ave. N.
Arden Hills, MN., 55112, Henn.
Tel 651.582.5779   Fax 651.582.2945
Pager: 612.534.0440
Jason.Loesch@Guidant.com
www.guidant.com

-----End of original message---------


Thanks, 

Jason Loesch
Senior Eletronics Technician
Mfg Eng - Tachy Elec MRB 
Guidant Corporation 
4100 Hamline Ave. N. 
Arden Hills, MN., 55112, Henn. 
Tel 651.582.5779   Fax 651.582.7921 
Pager: 612.534.0440 
Jason.Loesch@Guidant.com 
www.guidant.com 

-----Original Message-----
From: Mark P. Larios [mailto:mark.larios@calumetlubricants.com] 
Sent: Monday, February 06, 2006 9:11 AM
To: Erdahl, Larry E; focus-virus@securityfocus.com
Subject: RE: What should be protected with anti-virus software?

Has the operations manager ever heard of an old friend called nimda
perhaps?
There are a vew nasty viruses which spread across networks via open
ports.
Does he keep his servers patched and up to date on service packs?
Having an AV on a server is usually considered a good practice.

Mark 

-----Original Message-----
From: Erdahl, Larry E [mailto:Larry.Erdahl@allina.com] 
Sent: Thursday, February 02, 2006 8:06 AM
To: focus-virus@securityfocus.com
Subject: What should be protected with anti-virus software?

Long time reader, but  first time poster, so please be gentle ;-). 

I am in the middle of a risk assessment of our current anti-virus
practice and need a little help.

I am finding servers without any anti-virus software installed and
others that are only configured as on-access detection. I am not sure if
the reasoning for not having anti-virus installed or only running
on-access holds water or is sufficient for today's needs.

The operations manager believes that not all servers need anti-virus
software. He believes his application servers are safe because they
don't receive e-mails and they don't have files that would become
infected. He also feels his Novell file and print servers are
sufficiently protect by using on-access detection only.

Can anyone give me a "best business practice" recommendation or point me
to documentation on what should be protected with anti-virus software
and why?

Any help will be greatly appreciated!

Thanks....

Larry

 
 


This message contains information that may be confidential and
privileged.  Unless you are the addressee (or authorized to receive for
the addressee), you may not use, copy or disclose to anyone the message
or any information contained in the message.  If you have received the
message in error, please advise the sender by reply e-mail and delete
the message.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: What should be protected with anti-virus software?, Mike
Next by Date:  RE: What should be protected with anti-virus software?, Evan Mann
Previous by Thread:  RE: What should be protected with anti-virus software?, Mike
Next by Thread:  RE: What should be protected with anti-virus software?, Evan Mann
Indexes:  [Date] [Thread] [Top] [All Lists]