Re: Hardware firewall with A/V and malware protection, recommendation request
From: Leythos (void_at_nowhere.lan)
Date: Wed, 13 Jul 2005 15:22:56 GMT
In article <firstname.lastname@example.org>,
> thanks for responding. Those family members we've been able to
> convince have switched to Firefox, and either Thunderbird or Eudora for
> mail. Several are using NAT routers, two are even using older model
> Sonicwalls that we got cheap/used. Unfortunately that wasn't enough;
> one of them got their machine trashed this weekend by using IE to get
> windows updates, visiting 'just one site' before starting the process,
> and got infected; they were about 1 month behind on critical updates.
> I visited the site that nailed them using Mozilla on an OpenVMS
> workstation behind one of the new Sonicwalls with AV and IPS, and the
> firewall detected and blocked the vulnerabilities; kind of screwed up
> the web page display but if I'd been on a wintel peecee without the
> IPS/AV on the firewall it would have been up to whatever AV/malware
> software was on the peecee to stop it. That failed on the relative's
> system, perhaps because the exploit was too new for their AV software
> to detect (and that could happen with the firewall too since it relies
> on the vendor to update the detection info). More layers is better.
What AV product, specifically, were they running. I found the Symantec
Corp Ed 7.6 and above block almost every HTTP exploit since they
They don't need a definition if you enable (and they are by default) the
real-time scanning and also the normal background checks.
There is also a clear document on using IE in secure mode that will
eliminate the problems with most cracked sites, but it also breaks most
good sites unless you add the site to your trusted zone - which I reset
to medium when doing that method.
-- -- email@example.com remove 999 in order to email me