* Michael T Babcock <[EMAIL PROTECTED]> writes:
> From: "Robin S. Socha" <[EMAIL PROTECTED]>
Michael,
I thought you were making sense when you suggested ending this thread in
PM. Unfortunately, I was wrong. So here goes...
> Deal with the question at hand, please.
,----
| A+14 [Slider ]:=Anti Virus
| +20 [Robin S. Socha ]:= <- anomy for procmail
| A+41 [Slider ]:=
| +20 [Robin S. Socha ]: <-
|http://www.qmail.org/top.html#microsoft
|[...]
| +59 <Noel Mistula >:=
| A+86 [Brett Randall ]:=
| +128 [Robin S. Socha ]:=
| A+14 [Adam McKenna ]:=
| A+29 [Paul Schinder ]:=
| +55 [Robin S. Socha ]:=
| +32 [Michael T. Babcock ]: <- you are here
`----
I presume you can see where you missed the point, Michael?
>> I've said it once and I'll say it again: anti-virus software is
>> snake oil. Under certain circumstances, it will buy you exactly
>> nothing. Had I sent you ILOVEYOU the moment I got it, you would have
>> been fucked. Real bad. Maybe your filter would have caught it, but
>> who knows?
> No, its not snake-oil. Its just not perfect.
It is inherently snake-oilish. I would call my colleague in London an
experienced NT admin with a lot of common sense. He went "we've now got
4 virus scanners running, so we're safe". So I went "On your backup
mailserver, too? Cause some nasty buddy just DOS'ed your primary one."
So he went "AAAHHHHRRRGGGG!!!1".
The problem is not the quality of the scanners, the frequency of your
updates, the speed with which updates are released or whatever. The
problem is the quality of MS Software. Windows is a disaster waiting
to happen. Brett advocated using an insecure OS with closed source
protection mechanisms to secure a production environment running an
operating system that is as secure as a bullet proof vest made of
NT-CDs.
Since the system cannot be secured, the threat must be eliminated. Either
by changing the OS or by nuking all attachments that are potentially
dangerous.
> The anti-virus software companies, by necessity, need to analyse a
> virus before they can add the signature to their software. That
> usually requires that the virus be "in the wild" for some period of
> time first.
Right. And you do remember how fast ILOVEYOU spread, don't you?
> However, I've had client machines come in with dozens of viruses --
> usually some combination of Stoned or Monkey with a few other oldies.
> These are all caught by modern anti virus software and thus it _should_
> be installed on machines. McAfee VirusScan for workstations is only
> $15 (cost).
You're working around the problem. Ever wondered how come there are
no[1] viruses for Un*x?
> I don't classify that as snake-oil
You're as entitled to your personal opinion as everybody else. Too
bad it's beside the point since the OP wasn't interested in fixing
an infected system but preventing from viruses (or other dangerous
content) from entering his system. reply-to set accordingly.
Footnotes:
[1] Yes, there are three. But they don't exist.
--
Robin S. Socha <http://socha.net/>
