Hi,
Blindly saying "move to Linux, its more secure" is simply not a sensible answer
for a number of really obvious reasons. Stating two of those, first if he has
LOB applications that need Windows Server then you will be stopping his
business from working, and second if he is clueless about Windows, can you
imagine how much more difficulty he'll have in a Linux environment?
A default Linux install is about as secure as a default Windows Server 2003
install - that is, neither are anywhere near secure. You have to do a
reasonable amount of work to secure BOTH of them - and include *BSD in that
too. We support Linux, BSD and Windows systems here and, honestly, there's not
much different between securing them all, and definitely not that much
difference in the time needed to secure them and then keep them secure.
If he has a Windows machine OR a Linux machine he must do regular backups.
Data protection by backup is not dependant on the OS running on the server.
This is a misdirected statement in a really major way that you have made here.
Also, not only should he not run unnecessary software on a Windows box, but
that applies equally to a Linux (or BSD) box - all unnecessary software does is
to increase the attack surface.
Also, his anti-virus - Bit Defender - is OBVIOUSLY not doing the job. If it is
removing viruses, then WHY did it let them into his system in the first place?
The whole idea of an AV program is to stop viruses and other malware such as
worms and Trojans from infecting your system in the first place. If it can't
do that, then it is obviously time for another package (or a sysadmin who has a
clue about configuring it).
We use NOD32 here because for us and our clients, it has simply not missed a
virus in the 5+ years that we have been using it. It has also been used to
detect viruses that have been missed by McAfee, Trend, Symantec, AVG, Avast,
Bit Defender, CA AntiVirus and more on client machines - and we have converted
every single one of them to NOD32 on the spot.
The OP obviously is not clued up to security. Your comments to him wouldn't
help in the slightest. He needs a decent firewall, a better AV program, to
ensure that all OS and application patches are made to his server and
especially to his client PCs, and he needs to get someone in with a clue to
show him how and why to do things properly. He also needs to flatten and
rebuild most of his network, apparently, as an infected machine cannot be
trusted. And when he does this, he needs to isolate the infected machines from
the clean ones and never, ever have the two networks meet each other.
Oh, and by the way, your English is more than acceptable for a non
English-as-a-first-language speaker. It is a lot better than the English I've
encountered from many a native English speaker!
--
Regards,
Hilton Travis Phone: +61 (0)7 3344 3889
(Brisbane, Australia) Phone: +61 (0)419 792 394
Manager, Quark IT http://www.quarkit.com.au
Quark AudioVisual http://www.quarkav.net
http://www.threatcode.com/ <-- its now time to shame poor coders
into writing code that is acceptable for use on today's networks
War doesn't determine who is right. War determines who is left.
This document and any attachments are for the intended recipient
only. It may contain confidential, privileged or copyright
material which must not be disclosed or distributed.
Quark Group Pty. Ltd.
T/A Quark Automation, Quark AudioVisual, Quark IT
-----Original Message-----
From: brain5ide [mailto:brain5ide@gmail.com]
Sent: Friday, 20 October 2006 12:16 AM
Hi,
excuse me, but could you tell me what was wrong in my last post
to this thread. Yeah, I'm a newbie, and I'm just interested in
this thread. That was the way I would do it. Could you link me
to a site or something else, that would help solving this or
similar problem the other way?
Thanks in advance
On 10/19/06, Quark IT - Hilton Travis <Hilton@quarkit.com.au> wrote:
Hi Laz,
He should really apologize for his poor grasp of security, not
his English!
--
Regards,
Hilton Travis Phone: +61 (0)7 3344 3889
(Brisbane, Australia) Phone: +61 (0)419 792 394
Manager, Quark IT http://www.quarkit.com.au
Quark AudioVisual http://www.quarkav.net
War doesn't determine who is right. War determines who is left.
-----Original Message-----
From: listbounce@securityfocus.com
On Behalf Of brain5ide
Sent: Wednesday, 18 October 2006 4:31 AM
Hi,
you didn't provide a lot information about your server. But
as I understand from what you have written, it's a Windows
server. You could improve security, not to a hundred per
cent of course, by just installing a *nix (yeah, yeah, i'm
a *nix freak). However, if you still want to have a windows
machine you MUST do regular backups, don't run any unknown
software. And also, have an antivirus, like you said - a
bitdefender. That's all you can do. There's no way to
actually prevent the attacks, but you can just drop them by
having you system as new as it can be.
Sorry for my poor english.
On 10/14/06, boonting <boontinglim@gmail.com> wrote:
Thanks for your information, Whoever reply my post and send
email to me.
However, i still don't know what wrong, i checked my server
bit-defender report. Almost everyday got virus attacked my
server. However, luckly bit-defender able to disinfect and
delete the viruses.
Any idea how to protect my server? Anyhow, really thanks
for all the information provided.
--
View this message in context: http://www.nabble.com/Virus-
tf2429074.html#a6806622
Sent from the Security - Virus mailing list archive at
Nabble.com.
-----------------------------------------------------------------
ALERT: "How a Hacker Launches a SQL Injection Attack!" - White
Paper
It's as simple as placing additional SQL commands into a Web Form
input box giving hackers complete access to all your backend
systems!
https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000CZWL
-----------------------------------------------------------------
