True - but the one time we had issues with that it started on a client machine. Servers were correctly locked down and were not publicly accessible.
------------------------------------------------------ Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA > -----Original Message----- > From: Granatella Adam J [mailto:Adam.Granatella@;Sentry.com] > Sent: Friday, November 15, 2002 8:30 AM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] AD and Network Core Services & Anti-Virus > > > Two words: Code Red. > > -----Original Message----- > From: Roger Seielstad [mailto:roger.seielstad@;inovis.com] > Sent: Friday, November 15, 2002 7:13 AM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] AD and Network Core Services & Anti-Virus > > > Every virus attack I've seen enters at the client machine > level - regardless > of how it enters the network, it infects a client machine. > Its rare to have > every client machine 100% up to date on AV signatures, etc, > and because of > that, they're always going to be the entry point. > > With that in mind, you need to take steps to protect every server, > regardless of function. To do otherwise is, in this day and age, > irresponsible. > > ------------------------------------------------------ > Roger D. Seielstad - MCSE > Sr. Systems Administrator > Inovis - Formerly Harbinger and Extricity > Atlanta, GA > > > > -----Original Message----- > > From: Luis Aguilera [mailto:laguilera@;basesix.com] > > Sent: Thursday, November 14, 2002 5:52 PM > > To: [EMAIL PROTECTED] > > Subject: RE: [ActiveDir] AD and Network Core Services & Anti-Virus > > > > > > The important thing is to keep in mind were your > > vulnerabilities to viruses lie. > > > > Most viruses, IME, come through either documents and/or > > emails. So setting up a good system that protects your file > > servers and email servers from malicious code will go a long > > way in protecting your network. You also want to think of > > implementing a system that protects the end users, > > particularly something featuring the "pushing" of virus > > definitions from a central location (that an admin manages) > > rather than leave the onus of updating the virus defs to end users. > > > > Also, please correct me if I'm wrong, but I've yet to see a > > virus that directly targets AD, DHCP, DNS or other DNS > > servers. Does any know of any? > > > > Luis Aguilera > > IT Manager > > BaseSix > > > > -----Original Message----- > > From: Tim HInes [mailto:nupe009@;carolina.rr.com] > > Sent: Thursday, November 14, 2002 4:26 PM > > To: [EMAIL PROTECTED] > > Subject: Re: [ActiveDir] AD and Network Core Services & > > Anti-Virus > > > > > > Although antivirus programs can cause problems I would > > advise that you run it on your servers. The disasters that a > > virus can cause outweigh the problems that a virus scanner > > may cause. It may save you from having to rebuild your boxes. > > > > > > Tim Hines, MCSA, MCSE (2000 & NT4) > > MVP - Active Directory > > > > > > > > > > > > ----- Original Message ----- > > From: Myrick, Todd (NIH/CIT) > > <mailto:myrickt@;mail.nih.gov> > > To: > > '[EMAIL PROTECTED]' > > Sent: Thursday, November 14, 2002 3:53 PM > > Subject: [ActiveDir] AD and Network Core > > Services & Anti-Virus > > > > > > I have a quick question, Our operating > > procedures for Core Network Service (AD DCs, WINS, DDNS, CA, > > Exchange (Antigen), DHCP) servers has been not to run with > > Anti-Virus protection on them. We feel that the potential for > > scanner code to conflict with the network service is higher > > if we do, and since we don't execute man applications from > > the server unless they are scanned we don't feel we are at > much risk. > > > > What I would like to know is, what does > > everyone on this list feel an is a good strategy when it > > comes to these types of services and anti-virus product? > > > > Thanks in Advance, > > Todd > > > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > > This e-mail is confidential. If you > are not the intended recipient, you must > not disclose or use the information contained in it. If you > have received this > mail in error, please tell us immediately by return e-mail > and delete the > document. > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
