There is a problem with doscan using excessive CPU
They have released 10.0.1.1000 which seems to have fixed it.
On 10/4/05, Derek Harris <[EMAIL PROTECTED]> wrote:
Yes: it works OK (nothing has gotten through), except that it uses
EXCESSIVE system resources. I've downgraded many machines back to v9.
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] ] On Behalf Of Ahmed Al Awah
Sent: Tuesday, October 04, 2005 11:35 AM
To: '[email protected]'
Subject: RE: [ActiveDir] Anti-virus protection in domain enviroment
Since we're on topic..is anyone using Symantec AntiVirus 10 corp edition
for A/V protection in a domain environment?
-----Original Message-----
From: Susan Bradley, CPA aka Ebitz - SBS Rocks [MVP]
[mailto:[EMAIL PROTECTED]]
Sent: October 4, 2005 11:07 AM
To: [email protected]
Subject: Re: [ActiveDir] Anti-virus protection in domain enviroment
My 1 cent.
I should go back to lurking...but... when choosing your a/v solution
there's something to check on... some of the a/v vendors have
historically needed admin rights to update or have had vulnerabilities
themselves.
Might be something to investigate and consider when chosing an a/v
...especially on a DC.
In my own historical issues with Trend, the OfficeProtect dat file
upgrade to XP sp2 wasn't properly 'vetted" and flatlined my workstations
and last I heard cost Trend $8 mil in lost sales. They've also had a
security vulnerability patched somewhat recently.
Epo's had their issues as well....
http://xforce.iss.net/xforce/xfdb/21839
ISS X-Force Database: epolicy-msde-obtain-password(12787): ePolicy
Orchestrator could allow an attacker to obtain MSDE SA password:
http://xforce.iss.net/xforce/xfdb/12787
ISS X-Force Database: epolicy-execute-commands(14166): ePolicy
Orchestrator command execution: http://xforce.iss.net/xforce/xfdb/14166
Al Garrett wrote:
> My 2 cents...
> EpO has worked outstanding for us.
> Does inventory reports, finds "rogues", demonstrates to pointy-haired
> bosses how many infections are avoided and how dangerous it is "out
> there."
> Combined with CommTouch Anti-Spam solution.
>
> -----Original Message-----
> *From:* [EMAIL PROTECTED]
[mailto: [EMAIL PROTECTED]]
> *Sent:* Tuesday, October 04, 2005 8:36 AM
> *To:* [email protected]
> *Subject:* RE: [ActiveDir] Anti-virus protection in domain
> enviroment
>
> Just to add a little to what Phil says:
>
> When I last used ePO I found that possibly the most useful feature
> was the reporting aspect. This allows you (amongst others) to
> assess which viruses were found in the environment and therefore
> what action if any needs to be taken to prevent further infection.
>
> Most organisations don't have any idea how many infections they
> suffer from or how regularly the infections occur. A tool such as
> ePO can help in this area quite significantly. [it's also a handy
> management tool which helps justify the ongoing AV costs :) ]
>
> neil
>
>
> *___________________________*
> *Neil Ruston*
> Global Technology Infrastructure
> Nomura International plc
>
>
>
------------------------------------------------------------------------
> *From:* [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]] *On Behalf Of *Phil
Renouf
> *Sent:* 04 October 2005 16:10
> *To:* [email protected]
> *Subject:* Re: [ActiveDir] Anti-virus protection in domain
> enviroment
>
> Take a look at this article, it should give you the information
> you need to configure Antivirus on your DC's:
>
> http://support.microsoft.com/default.aspx/kb/822158
>
> I don't have any experience running NOD32 on anything :)
>
> As for clients, most environments I have been in use a product
> similar to McAfee's EPO to centrally manage all the AV agents on
> the desktop to make sure they are configured to the corporate
> standard and that they have up to date scan engines and DAT files.
>
> Phil
>
>
> On 10/4/05, *Boris Demirov* <[EMAIL PROTECTED]
> <mailto:[EMAIL PROTECTED]>> wrote:
>
> Hello everybody,
> I got some questions about the anti-virus protection of a
> domain controller
> and the domain environment:
>
> In my opinion the best AV program for the moment is NOD32 - I
> am using it
> successfully on many workstations, but I am not quite sure how
> it will act on
> a DC. What kind of protection do you use on your DCs and have
> somebody got a
> closer look on the NOD32 installed on a DC?
> And something else to ask: what kind of AV protect your
> workstations in
> domain, do you use a single copy of a normal AV or some
> enterprise edition?
>
> All advises on the topic of antivirus protection in domain
> controller and the
> stations in the domain are welcome.
> List info : http://www.activedir.org/List.aspx
> List FAQ : http://www.activedir.org/ListFAQ.aspx
> <http://www.activedir.org/ListFAQ.aspx>
> List archive:
> http://www.mail-archive.com/activedir%40mail.activedir.org/
>
>
> PLEASE READ: The information contained in this email is
> confidential and
> intended for the named recipient(s) only. If you are not an
intended
> recipient of this email please notify the sender immediately and
> delete your
> copy from your system. You must not copy, distribute or take any
> further
> action in reliance on it. Email is not a secure method of
> communication and
> Nomura International plc ('NIplc') will not, to the extent
> permitted by law,
> accept responsibility or liability for (a) the accuracy or
> completeness of,
> or (b) the presence of any virus, worm or similar malicious or
> disabling
> code in, this message or any attachment(s) to it. If verification
> of this
> email is sought then please request a hard copy. Unless otherwise
> stated
> this email: (1) is not, and should not be treated or relied upon
as,
> investment research; (2) contains views or opinions that are
> solely those of
> the author and do not necessarily represent those of NIplc; (3) is
> intended
> for informational purposes only and is not a recommendation,
> solicitation or
> offer to buy or sell securities or related financial instruments.
> NIplc
> does not provide investment services to private customers.
> Authorised and
> regulated by the Financial Services Authority. Registered in
England
> no. 1550505 VAT No. 447 2492 35. Registered Office: 1 St
> Martin's-le-Grand,
> London, EC1A 4NP. A member of the Nomura group of companies.
>
--
Letting your vendors set your risk analysis these days?
http://www.threatcode.com
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive:
http://www.mail-archive.com/activedir%40mail.activedir.org/
List info : http://www.activedir.org/List.aspx
List FAQ : http://www.activedir.org/ListFAQ.aspx
List archive: http://www.mail-archive.com/activedir%40mail.activedir.org/
