Re: Antivirus on intranet network
From: Steven Meyer (meysteven_at_gmail.com)
Date: 11/27/05
- Previous message: Daniel Cid: "Version 0.5 of the OSSEC HIDS is available for download."
- In reply to: Mark Brunner: "RE: Antivirus on intranet network"
- Next in thread: Mark Brunner: "RE: Antivirus on intranet network"
- Reply: Mark Brunner: "RE: Antivirus on intranet network"
- Reply: andy: "Re: Antivirus on intranet network"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 27 Nov 2005 09:36:44 +0100 To: mark_brunner@hotmail.com
Maybe wasn't my question clear enough, All the security problems
related to people trying to ad a laptop to the network or trying to
connect to the Internet from the work computers have been resolved.
As I tried to explain in my first e-mail, The point is how to update
an anti virus with out allowing him to connect to the Internet, and
witch anti virus would be able to do this ( threw diskette for
example).
2005/11/26, Mark Brunner <mark_brunner@hotmail.com>:
> If your data has value, protect it appropriately. (I don't work for
> Symantec anymore, but I still buy their products)
>
> Personally, I run A/V on ALL my PC's, regardless of their internet
> connectivity. If I am going to go to the extreme of creating an isolated
> network, then I am going to make use of defense in depth and use multiple
> vendor's A/V solutions there. The Internet is one attack vector into an
> organization, however it is not the only one. Before we had the Internet
> (yes, there was a time...) we still had virii. They propagated via floppy &
> CD-ROM (called SneakerNet), downloaded files, and email.
>
> If you have ONE laptop on the "isolated" network, you have just multiplied
> the likelihood of catching and spreading malware.
> If you have ONE modem on any PC on the "isolated" network, you may have a
> connection to the Internet.
> If you move data from the shared network to the "isolated" network, then you
> may as well have just connected to the shared network.
>
> I know of several businesses that have been brought to their knees recently
> for SEVERAL DAYS as a result of the Sober.X worm. These are organizations
> that have invested in A/V products, but have misconfigured them, not
> administered them properly, or have poorly followed procedures. The threat
> is real, the vulnerability is evolving, and the risk is constantly rising.
>
> Cheers!
> Mark
>
> -----Original Message-----
> From: Steven Meyer [mailto:meysteven@gmail.com]
> Sent: Friday, November 25, 2005 6:07 AM
> To: security-basics@securityfocus.com
> Subject: Antivirus on intranet network
>
>
> hello,
> I have a "Working" network who is totally disconnected (physically)
> from the Internet.
> people do the "search" on the "Internet " computers and then go on the
> "work" computers for analyse and the store the data.
> The Question is: I would need a anti virus on the "work" computers and
> I should be able to update the virus database daily without connecting
> any computer to the Internet.
> Which anti virus should I use and How could I do the update.
> Thanks for any help.
> Steven Meyer
>
>
- Previous message: Daniel Cid: "Version 0.5 of the OSSEC HIDS is available for download."
- In reply to: Mark Brunner: "RE: Antivirus on intranet network"
- Next in thread: Mark Brunner: "RE: Antivirus on intranet network"
- Reply: Mark Brunner: "RE: Antivirus on intranet network"
- Reply: andy: "Re: Antivirus on intranet network"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
