Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: New MyDoom or Netsky variant?
From: Niek Baakman <niekbaakman () home nl>
Date: Tue, 20 Jul 2004 18:51:28 +0200

Bart.Lansing () kohls com wrote:

Niek,

Symantec only updates HOME users though Live Update once or so a week unless there is something critical (and of course you can go to them and obtain new sigs more frequently, just that you have to go do it). This has nothing at all to do with the speed or frequency of updates for enterprise users. We routinely see mulitple updates in a day, in some "firefights" we have seen them back to back as close as 15 minutes to each other. As far as not using Symantec on a mail server, we certainly do, in

Perhaps their enterprise anti-virus suite.
Their corporate version, and home user version certainly does not
(haven't had the time to test corp. 9.0)

Symantec choses to ignore the less important viruses, and releases
a big update 2-3 times per week. Even not so wild spread viruses are a real danger.
Machines get infected with malware/backdoors, in turn get abused as spam zombies.
Of course one would argue only home users should fall victim to having their
machines abused by spammers, as corporate desktops are/should be protected
by decent firewalls.

But this lacks updating of the fastest growing market (broadband users)
is affecting others (have to deal with spam/virus).

So what do home and corporate (again haven't seen 9.0 yet) symantec users have to do ?
Manually retrieve symantec updates with scripts/task scheduler.
Most don't, and viruses have a 1 day window of opportunity.

tandem with Trend. Let me ask you Niek, just what is it you use to protect the thousands of desktops you are responsible for?

Mail security: qmail with sophos/clamav as Exchange front end
Desktop: Sophos

Regards,

Niek Baakman

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]