Try like 200. We're a software development company and just about every developer writes web code.
------------------------------------------------------ Roger D. Seielstad - MCSE Sr. Systems Administrator Inovis - Formerly Harbinger and Extricity Atlanta, GA > -----Original Message----- > From: Granatella Adam J [mailto:Adam.Granatella@;Sentry.com] > Sent: Friday, November 15, 2002 12:07 PM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] AD and Network Core Services & Anti-Virus > > > You had a client machine with IIS on it??? > > -----Original Message----- > From: Roger Seielstad [mailto:roger.seielstad@;inovis.com] > Sent: Friday, November 15, 2002 8:36 AM > To: '[EMAIL PROTECTED]' > Subject: RE: [ActiveDir] AD and Network Core Services & Anti-Virus > > > Its not arrogance. Its intelligence. > > I can better manage 100 servers than 1000 client machines for > antivirus > protection. It also doesn't matter if I lose 10 client > machines, as long as > I don't lose any servers. I lose servers a lot more than 10 people are > sitting on their thumbs. > > My former company's network did get hit with Code Red. From a > client machine > - none of the production servers were hit. With 60% or more > users carrying > laptops, being 100% up to date on client side patches and AV is nearly > impossible, so you focus on what can be reliably controlled and take > calculated risks with the others. > > ------------------------------------------------------ > Roger D. Seielstad - MCSE > Sr. Systems Administrator > Inovis - Formerly Harbinger and Extricity > Atlanta, GA > > > > -----Original Message----- > > From: Granatella Adam J [mailto:Adam.Granatella@;Sentry.com] > > Sent: Friday, November 15, 2002 9:15 AM > > To: '[EMAIL PROTECTED]' > > Subject: RE: [ActiveDir] AD and Network Core Services & Anti-Virus > > > > > > That wasn't the point. The point was that if there was a > > virus like Code > > Red that was able to infect without a client opening a file > > or downloading > > something, there will be another virus like that again. It > > doesn't matter > > what patches are out for the Code Red vulnerability now. > > Something like it > > will come along and that will be that. Arrogance does not a > > good policy > > make! > > > > Adam > > > > -----Original Message----- > > From: Robert Moir [mailto:rim@;LutonSFC.ac.uk] > > Sent: Friday, November 15, 2002 8:04 AM > > To: [EMAIL PROTECTED] > > Subject: RE: [ActiveDir] AD and Network Core Services & Anti-Virus > > > > > > Given that the patches that stopped the flaws code red relied > > on were about > > a year old when code red was released, its quite possible > that even a > > vaguely competent admin wouldn't see it on their servers. > > > > Robert Moir MSMVP > > IT Systems Engineer > > Luton Sixth Form College > > Ciderspace: An online 3D virtual reality environment for > > tramps. Ciderspace > > Cafe: A park Bench. > > > > > -----Original Message----- > > > From: Granatella Adam J [mailto:Adam.Granatella@;Sentry.com] > > > Sent: 15 November 2002 13:30 > > > To: '[EMAIL PROTECTED]' > > > Subject: RE: [ActiveDir] AD and Network Core Services & Anti-Virus > > > > > > > > > Two words: Code Red. > > > > > > -----Original Message----- > > > From: Roger Seielstad [mailto:roger.seielstad@;inovis.com] > > > Sent: Friday, November 15, 2002 7:13 AM > > > To: '[EMAIL PROTECTED]' > > > Subject: RE: [ActiveDir] AD and Network Core Services & Anti-Virus > > > > > > > > > Every virus attack I've seen enters at the client machine level - > > > regardless of how it enters the network, it infects a client > > > machine. Its rare to have every client machine 100% up to > date on AV > > > signatures, etc, and because of that, they're always > going to be the > > > entry point. > > > > > > With that in mind, you need to take steps to protect > every server, > > > regardless of function. To do otherwise is, in this day and age, > > > irresponsible. > > > > > > ------------------------------------------------------ > > > Roger D. Seielstad - MCSE > > > Sr. Systems Administrator > > > Inovis - Formerly Harbinger and Extricity > > > Atlanta, GA > > > > > > > > > > -----Original Message----- > > > > From: Luis Aguilera [mailto:laguilera@;basesix.com] > > > > Sent: Thursday, November 14, 2002 5:52 PM > > > > To: [EMAIL PROTECTED] > > > > Subject: RE: [ActiveDir] AD and Network Core Services & > Anti-Virus > > > > > > > > > > > > The important thing is to keep in mind were your > > vulnerabilities to > > > > viruses lie. > > > > > > > > Most viruses, IME, come through either documents and/or > emails. So > > > > setting up a good system that protects your file servers > > and email > > > > servers from malicious code will go a long way in > protecting your > > > > network. You also want to think of implementing a system > > > that protects > > > > the end users, particularly something featuring the > > > "pushing" of virus > > > > definitions from a central location (that an admin > manages) rather > > > > than leave the onus of updating the virus defs to > > end users. > > > > > > > > Also, please correct me if I'm wrong, but I've yet to see a > > > virus that > > > > directly targets AD, DHCP, DNS or other DNS servers. Does > > > any know of > > > > any? > > > > > > > > Luis Aguilera > > > > IT Manager > > > > BaseSix > > > > > > > > -----Original Message----- > > > > From: Tim HInes [mailto:nupe009@;carolina.rr.com] > > > > Sent: Thursday, November 14, 2002 4:26 PM > > > > To: [EMAIL PROTECTED] > > > > Subject: Re: [ActiveDir] AD and Network Core Services & > > > Anti-Virus > > > > > > > > > > > > Although antivirus programs can cause problems I would > > > advise that > > > > you run it on your servers. The disasters that a virus > can cause > > > > outweigh the problems that a virus scanner may cause. It > > > may save you > > > > from having to rebuild your boxes. > > > > > > > > > > > > Tim Hines, MCSA, MCSE (2000 & NT4) > > > > MVP - Active Directory > > > > > > > > > > > > > > > > > > > > > > > > ----- Original Message ----- > > > > From: Myrick, Todd (NIH/CIT) > > <mailto:myrickt@;mail.nih.gov> > > > > To: > > > > '[EMAIL PROTECTED]' > > > > Sent: Thursday, November 14, 2002 3:53 PM > > > > Subject: [ActiveDir] AD and Network Core > > > > Services & Anti-Virus > > > > > > > > > > > > I have a quick question, Our operating > > > > procedures for Core Network Service (AD DCs, WINS, DDNS, CA, > > > > Exchange (Antigen), DHCP) servers has been not to run with > > > > Anti-Virus protection on them. We feel that the potential for > > > > scanner code to conflict with the network service is > higher if we > > > > do, and since we don't execute man applications from the server > > > > unless they are scanned we don't feel we are at > > > much risk. > > > > > > > > What I would like to know is, what does > > > > everyone on this list feel an is a good strategy when > it comes to > > > > these types of services and anti-virus product? > > > > > > > > Thanks in Advance, > > > > Todd > > > > > > > > > > > List info : http://www.activedir.org/mail_list.htm > > > List FAQ : http://www.activedir.org/list_faq.htm > > > List archive: > > > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > > > > > > > > > > This e-mail is confidential. If you > > > are not the intended recipient, you must not disclose or use > > > the information contained in it. If you have received this > > > mail in error, please tell us immediately by return e-mail > > > and delete the document. > > > List info : http://www.activedir.org/mail_list.htm > > > List FAQ : http://www.activedir.org/list_faq.htm > > > List archive: > > > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > > > List info : http://www.activedir.org/mail_list.htm > > List FAQ : http://www.activedir.org/list_faq.htm > > List archive: > > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > > > > > > This e-mail is confidential. If you > > are not the intended recipient, you must > > not disclose or use the information contained in it. If you > > have received this > > mail in error, please tell us immediately by return e-mail > > and delete the > > document. > > List info : http://www.activedir.org/mail_list.htm > > List FAQ : http://www.activedir.org/list_faq.htm > > List archive: > > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > > > > This e-mail is confidential. If you > are not the intended recipient, you must > not disclose or use the information contained in it. If you > have received this > mail in error, please tell us immediately by return e-mail > and delete the > document. > List info : http://www.activedir.org/mail_list.htm > List FAQ : http://www.activedir.org/list_faq.htm > List archive: > http://www.mail-archive.com/activedir%> 40mail.activedir.org/ > List info : http://www.activedir.org/mail_list.htm List FAQ : http://www.activedir.org/list_faq.htm List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
