Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Virus
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

RE: What should be protected with anti-virus software?

from [Evan Mann] Network Security [Permanent Link]
Subject: RE: What should be protected with anti-virus software?
Date: Mon, 6 Feb 2006 10:06:08 -0500 
Your ops manager needs a head check.  If they are computers, they have
files that can be infected, simple as that.  

A/V should be on every system in your environment IMO.  Exclude the
on-access scanner from scanning folders that hold stuff like your mail
stores, databases, IIS metabase, etc., and let the rest of the system be
protected.  Use the on-access scanner, any port blocking and
scriptblocking the software you use may offer, etc.

It's common sense, I don't think a document is required.  Does the
operations manage have ANY IT experience? My guess is no.



-----Original Message-----
From: Erdahl, Larry E [mailto:Larry.Erdahl@allina.com] 
Sent: Thursday, February 02, 2006 8:06 AM
To: focus-virus@securityfocus.com
Subject: What should be protected with anti-virus software?

Long time reader, but  first time poster, so please be gentle ;-). 

I am in the middle of a risk assessment of our current anti-virus
practice and need a little help.

I am finding servers without any anti-virus software installed and
others that are only configured as on-access detection. I am not sure if
the reasoning for not having anti-virus installed or only running
on-access holds water or is sufficient for today's needs.

The operations manager believes that not all servers need anti-virus
software. He believes his application servers are safe because they
don't receive e-mails and they don't have files that would become
infected. He also feels his Novell file and print servers are
sufficiently protect by using on-access detection only.

Can anyone give me a "best business practice" recommendation or point me
to documentation on what should be protected with anti-virus software
and why?

Any help will be greatly appreciated!

Thanks....

Larry

 
 


This message contains information that may be confidential and
privileged.  Unless you are the addressee (or authorized to receive for
the addressee), you may not use, copy or disclose to anyone the message
or any information contained in the message.  If you have received the
message in error, please advise the sender by reply e-mail and delete
the message.
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  RE: What should be protected with anti-virus software?, Loesch, Jason (STP)
Next by Date:  RE: What should be protected with anti-virus software?, Butler, Theodore
Previous by Thread:  RE: What should be protected with anti-virus software?, Loesch, Jason (STP)
Next by Thread:  RE: What should be protected with anti-virus software?, Butler, Theodore
Indexes:  [Date] [Thread] [Top] [All Lists]