Re: [Full-Disclosure] Antivirus Software Solutions?

From: Paul Szabo (psz_at_maths.usyd.edu.au)
Date: 11/28/03

  • Next message: Bugtraq Security Systems: "[Full-Disclosure] Multiple Remote Issues in Applied Watch IDS Suite" 
    To: webmaster@q-cat.com
Date: Fri, 28 Nov 2003 12:20:12 +1100 (EST)

    Nick Price <webmaster@q-cat.com> wrote:

    > I'm looking for two pieces of Antivirus software. The first I would like
    > to filter viruses at the NAT/Gateway itself. The platform should be
    > either Linux, BSD, Solaris, or NT. I'm also looking for Antivirus
    > software to use on each of our workstations. We've been using Norton,
    > but I'd like to know what the "experts" here suggest.

    Do not use "traditional" AV at all (as that would never protect you from
    the latest virus). Rather, set up your email gateway to "defang" all
    suspicious emails (e.g. containing EXE or SCR or PIF, or ZIP, attachments);
    it is a matter to debate whether to reject (bounce), drop, or somehow
    encode such things so as to render harmless. - Probably you will want your
    email gateway to run UNIX/Linux, so you can set this up.

    Once your email gateway is "safe", any AV on desktops becomes much less
    important, but you may still want some "traditional" AV on your desktops;
    any reasonably well supported product should do.

    For some more blurb/details please see

      http://www.maths.usyd.edu.au:8000/u/psz/pc/virus.html

    Cheers,

    Paul Szabo - psz@maths.usyd.edu.au http://www.maths.usyd.edu.au:8000/u/psz/
    School of Mathematics and Statistics University of Sydney 2006 Australia

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Bugtraq Security Systems: "[Full-Disclosure] Multiple Remote Issues in Applied Watch IDS Suite"
    • Quantcast