Home page logo

basics logo Security Basics mailing list archives

Re: Symantec Corporate AntiVirus 8.0 - thoughts
From: bsec <bsec () cotse net>
Date: Fri, 8 Nov 2002 12:01:40 -0500 (EST)

For servers in the DMZ you might want to have them refer to an internal
server to obtain their updates.  This can be done by opening UDP ports
1027, 1029, and 38293.  In the system console, you can configure it so
that these servers automatically obtain the updates on a regular basis,
thus eliminating your script.

Of course there's always a security risk when opening up ports; however,
it seems to me that there's less of a risk with opening a few ports to
allow machines in the DMZ to be updated by machines in your internal
network rather than allowing machines in the DMZ to be updated by machines
outside of your control.

Good luck,

<ktyler () nautilus-ins com> 11/07/02 10:01AM >>>

I have also rolled out Symantec AV Corporate Edition. My only problem is
rolling out clients to the DMZ. Im not sure what ports to open for the
updates, and if ports are opened what security risks are involved.

The other issue is the virus definition are only downloaded once a week
(Wednesday), i fixed this by writing a simple script to download and
extract the definition file and put it in scheduler to run every morning.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]