Re: Anti-Virus software best practice

From: Karl Levinson [x y] mvp (levinson_k_at_despammed.com)
Date: 08/28/03 

Date: Thu, 28 Aug 2003 09:13:16 -0400

It's up to you. A year or more ago I would have said there's no need.
However, servers without antivirus can potentially be hit by RPC worms
[think Blaster], worms that spread via NetBIOS windows network file shares,
IIS worms if running IIS services, etc. even if protected by a firewall or
only visible to the internal network. Antivirus also can help detect or
prevent hackers from installing some hacker tools on vulnerable [e.g.
internet-facing] servers. I would definitely consider antivirus on
externally visible web servers, unless performance is impacted.

If you do install antivirus, you do want to consider excluding certain files
or folders from being scanned, such as folders containing your SQL database
files, or any folder containing large frequently accessed files, or any
folder that is used to generate lots of temporary files in a short period of
time by some custom application or SQL job.

Running both IIS and SQL is generally not recommended, both for SQL / IIS
performance and also for security reasons, depending on your need for
security and how much cost is a factor compared to security.

"TM" <Thomas_McFarlane@Yahoo.Com> wrote in message
news:#AjpORWbDHA.1816@TK2MSFTNGP09.phx.gbl...
> Security Experts,
>
> 1. I have a server setup as application server. It hosts SQL Server. There
> is no write privilege granted to anybody other than Admin group.
> 2. I have another server setup as IIS-4 applicaqtion server. It hosts Web
> sites (static only) and SQL/Server.
>
> Should anti-virus software such as Norton AV be installed on these servers
?
> My opinion is "not" because 1) they are application servers, not
> file-servers 2) AV software interferes too much with the system and can
drag
> down performance and sometime cause server hang!
>
> Thanks for your opinion.
>
> Thomas
>
>

Relevant Pages

  • RE: Should webservers, eg. IIS 6 have anti--virus installed on them?
    ... Getting people to protect their servers ... It is a very simple and indisputable fact that antivirus played a major ... protection on it no matter what its role is. ... SQL Spida infected systems with blank 'sa' passwords. ...
    (Focus-Microsoft)
  • RE: Should webservers, eg. IIS 6 have anti--virus installed on them?
    ... SQL Spida infected systems with blank 'sa' passwords. ... had proper administration been conducted in ... Why did these hit your servers in the first place? ... > servers with at LEAST antivirus protection. ...
    (Focus-Microsoft)
  • Re: Anti-Virus software
    ... The servers run Oracle databases on them and sit ... Microsoft has purchased Romanian technology for help: ... # Microsoft Buys Into Antivirus Technology ...
    (comp.unix.solaris)
  • Re: We are being blocked from various mail servers because of trojan
    ... Even if one machine on your network was infected, it has had plenty of time on that machine to scrape various domain credentials so your entire domain is potentially compromised. ... The money saved on passing over AV is lost in time/wages rebuilding the network. ... antivirus, so when Trend Micro expired last June he told me to just ... now i don't have any antivirus solution on the 2 servers (main ...
    (microsoft.public.windows.server.sbs)
  • Re: We are being blocked from various mail servers because of trojan
    ... In the past the owner didn't want to spend the money for network ... antivirus, so when Trend Micro expired last June he told me to just ... now i don't have any antivirus solution on the 2 servers (main ...
    (microsoft.public.windows.server.sbs)