mailing list archives
Re: Anti virus installations on Windows servers
From: Adam Chesnutt <icetre () thearistocrats org>
Date: Wed, 29 Apr 2009 12:49:37 -0700
T Biehn wrote:
What do you suggest to use on a server that must accept uploads of
binaries from users?
Should these binaries be scanned by an anti-virus? Can we trust that
end users have competent Anti-Virus?
We aren't worried about the server being susceptible to viruses, we're
concerned about the users who could fall anywhere in proficiency
range. This scenario is equally applicable across any OS.
Because of the relative infancy of non-windows-based anti-virus
software would it be advisable to host a windows virtual machine that
shares a 'virtual disk' that is monitored by a robust a/v software to
use to host the binaries? Which antivirus software would you
I think he's trying to say, that if the system is designed well enough,
the users shouldn't be able to do any lasting damage to the system.
This is because the users are segregated from the system functions.
Many OSes are like this; for example Unix and Linux, even MacOS.
The reason Windows requires antivirus, is because it's exceedingly easy
for a userland program to damage the system without the troublesome
bother of having to escalate privs. Seeing as the user is already more
or less Admin anyways (even if they're not there's still lots of damage
you can do)
So the point still is: If the system is well designed, you don't need it
in the first place. You've fixed the design problem that allowed the
damage, rather than worrying about what the damage is or who caused it.
Yes you should call the cops if there's a robber in your home, but it
you didn't fix the window they broke the first time they came in, the
police aren't going to be real understanding to your plight the second
Windows in general is a big broken window; allowing access to the entire
systems resources. There's a big neon sign and valet parking next to
this window. It's been this way for years and MS (and worse yet, users)
have done nothing to fix it.
Yes that's correct, I'm also blaming the users. How many vista upgrade
stories did you hear about the priv escalation notification and users
whining about it. How many turned it off. That's right, pretty much
everyone except Me-maw and Pe-pop.
So the point, albeit snarky, is very valid. Honestly choosing a better
operating system is a more efficient solution than the cat and mouse
game that is antivirus.
Full-Disclosure - We believe in it.
Hosted and sponsored by Secunia - http://secunia.com/
Re: Anti virus installations on Windows servers Julien Maladrie (Apr 29)
Re: Anti virus installations on Windows servers M.B.Jr. (Apr 29)
Re: Anti virus installations on Windows servers Adam Chesnutt (Apr 30)
- Re: Anti virus installations on Windows servers, (continued)