lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
From: b.griffin at cqu.edu.au (Brad Griffin)
Subject: (no subject)

 
Hi folks

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Maarten
Sent: Friday, August 13, 2004 12:21 AM
To: full-disclosure@...sys.com
Subject: Re: [Full-Disclosure] (no subject)

snip
> (IM, corporate IT systems, etc) -- they are networkologically isolated

> for a reason, remember.  Also, even if they do have access to such
resources ("clean"
> and "dirty" networks that are never allowed to mix by careful network 
> planning and lack of removable media in the workstations on the
"clean"
> network but located inside the "dirty" lab, say) they often do not 
> _want_ to break their own concentration.

>I'd suggest they're not so isolated as you claim.  For one thing, how
do you suppose they get to hear new strains are found ?  Or receive
samples ?

Did you take the term 'isolated' to mean locked away with no human or
other contact? ...strange...
 
 *virii*
grrrr 



>No.  It may not matter IF you only use one single brand of AV software.
But that is NOT how it works in the real world.  Companies tend to
deploy 
>multiple AV solutions on different layers so as to decrease the
likelihood of some virus slipping through.  And maybe even more
importantly, "Google
> research" is done all the time, which doesn't work well if a strain
goes by many different names.


I am yet to come across a 'large' company or enterprise that uses
separate brand av applications for desktop and server solutions. It
makes economic and logistic sense to use one vendor for your av solution
that is deployed at different levels (or layers if you prefer that
terminology). About the only people I've seen use different antivirus
products in one environment are home users or small businesses that
misinterpret 'layers of defence' in an anti-virus context to mean
'different brands of defence'. Considering that many major av co's
products are cross platform nowadays, I doubt many companies will
continue using separate brand products in a mixed OS environment for
much longer either.

I can't understand how the Google research is a problem with naming
conventions. Google for a virus name and multiple hits come up, mostly
for descriptions on a/v sites that also carry the alias names in most
cases.  
 

My take is that so long as anti-virus developers are managing to keep
their reactive model of virus detection and removal almost up to speed
with the release of new malware, I don't really care if they name the
next virus George or Mildred, so long as their software will identify
and remove it from a system.


Cheers (and with respect),
B

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ