I agree. 95% of viruses today are targetted to Outlook. But I already seen viruses that
attack databases (the most notable I've noticed was one for MS SQL Server). So
prevention
are not so bad - use condom in servers ;-) and avoid world wide letal virii.
Servers running NT/Win2K are not so easy to protect. Tiny to mediun networks don't
have a
DMZ (demilitarized zone) infra-structure to protected against both Internet and
Intranet.
At performance side I agree with you 100%. I never ever use file access based anti
virus in
database servers. They make database unstable (not only SapDB, but MS SQL and others I
maintain, like Interbase and PostgreSQL). Even the use of ClamAV in Linux with DAKUZO
module
is alfa/beta and is not recommended to production servers. I'm testing this in Samba
servers.
I use schedule tests to midnight, and worked fine to me (you could be surprised that
mails
root receive sometime contains virus - thanks these virus don't run on 'mutt').
If your database server is on a workgroup server, then is really probable you have
some kind
of file sharing (I use samba in several servers here in same machine I run SapDB), so
I need
to protect files in this sharings. I just share this information (about my experience
with
AV products with SapDB) because not all in the world have too much money to expens
buying
more that one server (belive me, in Brazil we have thousands little networks with <10
workstations, and 1 server). If we need to buy a new machine, will be for workstation
use,
not to serve files... A SapDB server stay with 0,05% processing time - why not use
this as
samba server?
I've never seen any report about virus atacking SapDB servers, but I don't like the
idea to
prevent, avoiding some medicine...
My R$ 0,07 cents, to make Eur 0.02 ;-)
Edson Richter
----- Original Message -----
From: D�hr, Markus ICC-H
To: 'Edson Carlos Ericksson Richter' ; [EMAIL PROTECTED]
Sent: Thursday, February 19, 2004 9:18 AM
Subject: RE: SADB crashes with Trend ServerProtect Antivirus Software
[...]
> They said "our antivirus is not intended to run in database
> servers" (may be this politics is not applyable anymore).
[...]
It's a matter of choice but
- 95 % of virii/worms spread through mail (Outlook|Outlook Express)
on the _frontend_, not backend-/database systems
- the other 4,99 % can be avoided through denying acces to
the RPC ports (13(5|7|9)) from internal hosts but those who have to
- We don't run frontend applications on servers (not even SAPGUI since
there were cases where SAPGUI DLLs interfer with application server binaries; it
MAY
work but in error situation you're somewhat lost)
I really see no need to install an AV product on such a system, what do want to
protect
against? And believe me, it indeed does slowing down systems.
For Linux the most AV products are based on file access too but they don't hook up
something between the I/O-layer so here you'd probably be safe.
Just my EUR 0.02
SIEGENIA-AUBI KG
Informationswesen
i.A.
Markus D�hr
SAP-CC/BC, SAPDB-DBA
Tel.: +49 6503 917-152
Fax: +49 6503 917-7152
E-Mail: [EMAIL PROTECTED]
Internet: http://www.siegenia-aubi.com
--
MaxDB Discussion Mailing List
For list archives: http://lists.mysql.com/maxdb
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.591 / Virus Database: 374 - Release Date: 17/2/2004
--
MaxDB Discussion Mailing List
For list archives: http://lists.mysql.com/maxdb
To unsubscribe: http://lists.mysql.com/[EMAIL PROTECTED]
