That wasn't the point. The point was that if there was a virus like Code Red that was able to infect without a client opening a file or downloading something, there will be another virus like that again. It doesn't matter what patches are out for the Code Red vulnerability now. Something like it will come along and that will be that. Arrogance does not a good policy make!
Adam -----Original Message----- From: Robert Moir [mailto:rim@;LutonSFC.ac.uk] Sent: Friday, November 15, 2002 8:04 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] AD and Network Core Services & Anti-Virus Given that the patches that stopped the flaws code red relied on were about a year old when code red was released, its quite possible that even a vaguely competent admin wouldn't see it on their servers. Robert Moir MSMVP IT Systems Engineer Luton Sixth Form College Ciderspace: An online 3D virtual reality environment for tramps. Ciderspace Cafe: A park Bench. > -----Original Message----- > From: Granatella Adam J [mailto:Adam.Granatella@;Sentry.com] > Sent: 15 November 2002 13:30 > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] AD and Network Core Services & Anti-Virus > > > Two words: Code Red. > > -----Original Message----- > From: Roger Seielstad [mailto:roger.seielstad@;inovis.com] > Sent: Friday, November 15, 2002 7:13 AM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] AD and Network Core Services & Anti-Virus > > > Every virus attack I've seen enters at the client machine > level - regardless of how it enters the network, it infects a > client machine. Its rare to have every client machine 100% up > to date on AV signatures, etc, and because of that, they're > always going to be the entry point. > > With that in mind, you need to take steps to protect every > server, regardless of function. To do otherwise is, in this > day and age, irresponsible. > > ------------------------------------------------------ > Roger D. Seielstad - MCSE > Sr. Systems Administrator > Inovis - Formerly Harbinger and Extricity > Atlanta, GA > > > > -----Original Message----- > > From: Luis Aguilera [mailto:laguilera@;basesix.com] > > Sent: Thursday, November 14, 2002 5:52 PM > > To: [EMAIL PROTECTED] > > Subject: RE: [ActiveDir] AD and Network Core Services & Anti-Virus > > > > > > The important thing is to keep in mind were your vulnerabilities to > > viruses lie. > > > > Most viruses, IME, come through either documents and/or emails. So > > setting up a good system that protects your file servers and email > > servers from malicious code will go a long way in protecting your > > network. You also want to think of implementing a system > that protects > > the end users, particularly something featuring the > "pushing" of virus > > definitions from a central location (that an admin manages) > > rather than leave the onus of updating the virus defs to end users. > > > > Also, please correct me if I'm wrong, but I've yet to see a > virus that > > directly targets AD, DHCP, DNS or other DNS servers. Does > any know of > > any? > > > > Luis Aguilera > > IT Manager > > BaseSix > > > > -----Original Message----- > > From: Tim HInes [mailto:nupe009@;carolina.rr.com] > > Sent: Thursday, November 14, 2002 4:26 PM > > To: [EMAIL PROTECTED] > > Subject: Re: [ActiveDir] AD and Network Core Services & > Anti-Virus > > > > > > Although antivirus programs can cause problems I would > advise that > > you run it on your servers. The disasters that a virus can cause > > outweigh the problems that a virus scanner may cause. It > may save you > > from having to rebuild your boxes. > > > > > > Tim Hines, MCSA, MCSE (2000 & NT4) > > MVP - Active Directory > > > > > > > > > > > > ----- Original Message ----- > > From: Myrick, Todd (NIH/CIT) <mailto:myrickt@;mail.nih.gov> > > To: > > '[EMAIL PROTECTED]' > > Sent: Thursday, November 14, 2002 3:53 PM > > Subject: [ActiveDir] AD and Network Core > > Services & Anti-Virus > > > > > > I have a quick question, Our operating > > procedures for Core Network Service (AD DCs, WINS, DDNS, CA, > > Exchange (Antigen), DHCP) servers has been not to run with > > Anti-Virus protection on them. We feel that the potential for > > scanner code to conflict with the network service is higher if we > > do, and since we don't execute man applications from the server > > unless they are scanned we don't feel we are at > much risk. > > > > What I would like to know is, what does > > everyone on this list feel an is a good strategy when it comes to > > these types of services and anti-virus product? > > > > Thanks in Advance, > > Todd > > > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > > This e-mail is confidential. If you > are not the intended recipient, you must not disclose or use > the information contained in it. If you have received this > mail in error, please tell us immediately by return e-mail > and delete the document. > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/ This e-mail is confidential. If you are not the intended recipient, you must not disclose or use the information contained in it. If you have received this mail in error, please tell us immediately by return e-mail and delete the document. List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
