That is the comment about file signatures.
The idea here is a very good one. This is what the Cisco CSA product does (white-lists) and it is a very good product - albeit quite expensive. Regards, Michael B. Smith, MCITP:SA,EMA/MCSE/Exchange MVP My blog: http://TheEssentialExchange.com/blogs/michael Link with me at: http://www.linkedin.com/in/theessentialexchange From: Jonathan Link [mailto:[EMAIL PROTECTED] Sent: Wednesday, September 17, 2008 10:33 AM To: NT System Admin Issues Subject: Re: Interesting read on Symantec's latest effort >From the FA this statement makes me nervous: "NIS 09 knows which files are safe and only scans unknown files, reducing scan times to minutes and machine load to almost nothing." What prevents malware from depositing a known bad file in for a file that NIS 09 assumes is safe? I know real time protection should discover when an action is being taken to prevent access to operating system files, but what about other files that are important and used for daily business but have been compromised? On Wed, Sep 17, 2008 at 10:21 AM, Tim Evans <[EMAIL PROTECTED]> wrote: http://www.stuff.co.nz/4668507a28.html Quote: "But is it still protecting us properly? Symantec assures me it is, and even better than ever." OK, I'm a believer :-) At least it sounds like they have finally understood their fatal flaw and are making attempts to fix it. .Tim ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
