Re: [Full-disclosure] Av, spyware, ddl trojan assesment

From: Neil Carpenter (
Date: 09/22/05

  • Next message: Marco Mella: "Re: [Full-disclosure] Microsoft IE 5.2.3 for Mac OSX crash"
    Date: Thu, 22 Sep 2005 08:13:01 -0400

    (Moved inapplicable mailing lists to BCC:)

    Sherwyn Williams wrote:

    > Hey list, I know this is not a how to protect your pc list. But I
    > would like to know what are some good AV, spyware, adware, and
    > software firewalls to use. I have to come up with a plan for a few of
    > my clients who are always being infected.
    (Opinions are my own and do not reflect those of my employer, my
    friends, family, or anybody who knows me.)

    Anti-virus software and anti-spyware/adware software are reactive
    solutions...they don't help you unless you're already vulnerable. A
    software firewall is more of a security blanket than it is real
    protection. If you really want to help your customers, help them setup
    a comprehensive security patch management and auditing solution. When
    people get infected with malware, it's very rarely some ex0t1c 0-day
    ''s because they are months (even years) out of date on
    security fixes.

    After you've got that resolved and you've cleaned out your customer's
    current issues (you _do_ follow the best practice of formatting any
    machine that is compromised, right?), then you can worry about charging
    them for an a-v solution, an anti-spyware solution, more firewalls, etc,

    And, you're right, these lists aren't meant for this sort of thing. In
    the future, you should consider doing more research before sending out
    e-mail looking for (the wrong people) to do your research for you.

    And what kind of consultant uses a hotmail address professionally, anyway?


    Full-Disclosure - We believe in it.
    Hosted and sponsored by Secunia -

  • Next message: Marco Mella: "Re: [Full-disclosure] Microsoft IE 5.2.3 for Mac OSX crash"