>What are the prevention and containment techniques in best practices, once a
virus
>is on rampage? Apart from AV software on the systems and regular backups, what
other
>precuations should one take to stop viruses?
One of the most interesting aspect of viruses lately (and the most relevent
to firewalls) is the e-mail virus/trojan/worm.
Basically, lots of the new virus-like things are being delivered via e-mail
lately. This may be missed by various antivirus packages, and it's a
lot easier to get nailed before the antivurs guys get the new defs out.
I've seen a number of people post procmail and the like scripts to catch
things like Melissa. So, if you've got a sufficiently fleixble mail gateway,
you can set it to block most of these new threats. This is even if you're
the first one of the block to get hit, as long as you realize what's going on,
and can identify some particular thing in the e-mail to key off of.
Ryan
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
