lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Thu Aug 11 10:50:06 2005 From: prandal at herefordshire.gov.uk (Randal, Phil) Subject: Antivirus Given the speed at which viruses can spread, daily (or more frequent) pattern updates are a must. As the virus attack vector is still mainly via email, you need to rigorously scan all incoming emails at the perimeter (and block all executables via email). We use MailScanner (www.mailscanner.info) on a Linux box with ClamAV (www.clamav.net), Bitdefender (www.bitdefender.com), and McAfee's uvscan to scan all emails. Both ClamAV and Bitdefender update their patterns when needed and not to some arbitrary schedule. We check for pattern updates hourly. The advantage of blocking at the perimeter is that when your server or desktop antivirus starts screaming, you know that the infection has come via user action or infected PCs being connected to your internal network. Cheers, Phil ---- Phil Randal Network Engineer Herefordshire Council Hereford, UK > -----Original Message----- > From: full-disclosure-bounces@...ts.grok.org.uk > [mailto:full-disclosure-bounces@...ts.grok.org.uk] On Behalf > Of Larry Seltzer > Sent: 10 August 2005 18:08 > To: full-disclosure@...ts.grok.org.uk > Subject: RE: [Full-disclosure] Antivirus > > >>BitDefender. ... not as expensive as Symantec. Faster updates.. > > That's another point worth making generally: everyone updates > faster than Symantec. Symantec sends out normal updates once > a week and an attack has to be nuclear war for them to go > "out of cycle." > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
Powered by blists - more mailing lists