Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Focus-Virus
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: How to - Scan a Windows machine for virus from a Linux machine

from [Nick FitzGerald] Network Security [Permanent Link]
Subject: Re: How to - Scan a Windows machine for virus from a Linux machine
Date: Wed, 15 Nov 2006 04:56:05 +1300 
Ivan Aleman wrote:


Each Windows machine have their AV (BitDefender) running and up to
date and Ad-Ware scheduled to run twice a week. Still I would like to
offer more protection by running an AV remotely from a dedicated
machine.


Instead of wasting your time on trying to work out how to apply such 
after-the-fact band-aids via the network, spend some time learning how 
to properly configure and secure the machines themselves so the 
machines' users are not running with unnecessarily elevated privileges 
and cannot run any and every arbitrary executable they happen across.

If more folk actually tried doing this we would have systems with much 
better designed and implemented _from the ground up_ software.  If a 
s/w vendor tells you its "too hard" to write their crappy app properly 
so it works without (near-)admin privileges, hear that for what it 
really is -- "we are a bunch of lazy slobs who rather just take your 
money, and anyway, most of our other customers are too stupid to ask 
for that so why should we even consider 'doing the right thing' for 
you".  Sadly, _in the Windows market in articular_, this attitude to 
proper security considerations _from a product's initial design stage_ 
has been the (almost exclusively practised) norm to the point that most 
Windows system admins and users just accept that it is an intractible 
problem.

In fact, it's so deeply rooted (and in no small part directly because 
of MS' own historically ambivalent attitude to such issues) that MS has 
"solved" (hah!) many of the associated problems in Vista by 
virtualizing chunks of critical system resources so that vast gobs of 
the existing exceptionally crappily written crud that passes for 
"mission critical software" will actually work in its own little 
"sandbox" despite "least privilege" being the guiding light for the 
underlying OS default security configuration.


Regards,

Nick FitzGerald


----------------------------------------------------------------------------
ALERT: "How a Hacker Launches a SQL Injection Attack!" - White Paper
It's as simple as placing additional SQL commands into a Web Form input box 
giving hackers complete access to all your backend systems!

https://download.spidynamics.com/1/ad/sql.asp?Campaign_ID=70160000000CZWl
----------------------------------------------------------------------------
[More messages with this same subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  How to - Scan a Windows machine for virus from a Linux machine, Ivan Aleman
Next by Date:  RE: How to - Scan a Windows machine for virus from a Linux machine, Quark IT - Hilton Travis
Previous by Thread:  How to - Scan a Windows machine for virus from a Linux machine, Ivan Aleman
Next by Thread:  RE: How to - Scan a Windows machine for virus from a Linux machine, Quark IT - Hilton Travis
Indexes:  [Date] [Thread] [Top] [All Lists]