mailing list archives
Re: Email virus protection
From: "Karsten W. Rohrbach" <karsten () rohrbach de>
Date: Wed, 20 Aug 2003 23:16:29 +0200
Jack Bates(jbates () brightok net)@2003.08.20 15:49:01 +0000:
That's what the net admin was telling me when I mentioned one of his
branch bank offices had Sobig-F. Apparently they all run A/V and I think
he said his mail server does as well. Unfortunately, they still allow
The problem is the false sense of security while using anti-virus
products. For having a working signature, somebody has to be hit first
and submit the virus to the AV vendor. This requires a certain time,
which leads - in case of the latest womr occurences which appear to be
pretty aggressive - to a certain amount of infections that happen before
there are signatures available. And then, the update still has to be
downloaded to the AV scanning software which extends the time window
being unprotected against a certain worm or virus variant.
So, the virus and worm authors are always one step ahead. This is by
design of the AV concept.
Better put the wasted cash and time into the design of better systems,
which brings the software developers this critical one step in the lead.
Due to what obscure reason does a mail user agent have to execute
interpreted code and do unasked things to mail attachments, nowadays?
Those who do not understand Unix are condemned to reinvent it, poorly.
webmonster.de -- InterNetWorkTogether -- built on the open source platform
http://www.webmonster.de/ - ftp://ftp.webmonster.de/ - http://www.rohrbach.de/
GnuPG: 0xDEC948A6 D/E BF11 83E8 84A1 F996 68B4 A113 B393 6BF4 DEC9 48A6
Please do not remove my address from To: and Cc: fields in mailing lists. 10x
Re: Email virus protection Karsten W. Rohrbach (Aug 20)
Re: Email virus protection JC Dill (Aug 20)