Focus on Virus
RE: What should be protected with anti-virus software? Feb 06 2006 05:35PM
Loesch, Jason (STP) (Jason Loesch guidant com)
This was my original response, which I sent only to Larry originally.
Sorry about that everyone...

--------Original response below-------

First post myself, so I hopefully will be doing so properly.

Larry,

I would be inclined to ask your operations manager if anyone ever
accesses the files and/or saves files to these servers, and if they
might just have an in the wild virus that could infect the servers they
access (quite likely in today's day and age). If there is any potential
at all for this, then I would suggest the current antivirus / security
practices at your firm are at best lackluster.

You might look into a few places on the net regarding this such as:
Symantec (http://www.symantec.com/avcenter/whitepapers.html)
CERT (http://www.cert.org/) - CERT coordination center Zone Labs
Security Response Center
(http://www.zonelabs.com/store/content/company/securityResponseCenter/)

Those are a few of the better suggestions I could come up with off the
cuff.

Good luck to you,

Jason Loesch
Mfg Eng - Tachy Elec MRB
Guidant Corporation
4100 Hamline Ave. N.
Arden Hills, MN., 55112, Henn.
Tel 651.582.5779 Fax 651.582.2945
Pager: 612.534.0440
Jason.Loesch (at) Guidant (dot) com [email concealed]
www.guidant.com

-----End of original message---------

Thanks,

Jason Loesch
Senior Eletronics Technician
Mfg Eng - Tachy Elec MRB
Guidant Corporation
4100 Hamline Ave. N.
Arden Hills, MN., 55112, Henn.
Tel 651.582.5779 Fax 651.582.7921
Pager: 612.534.0440
Jason.Loesch (at) Guidant (dot) com [email concealed]
www.guidant.com

-----Original Message-----
From: Mark P. Larios [mailto:mark.larios (at) calumetlubricants (dot) com [email concealed]]
Sent: Monday, February 06, 2006 9:11 AM
To: Erdahl, Larry E; focus-virus (at) securityfocus (dot) com [email concealed]
Subject: RE: What should be protected with anti-virus software?

Has the operations manager ever heard of an old friend called nimda
perhaps?
There are a vew nasty viruses which spread across networks via open
ports.
Does he keep his servers patched and up to date on service packs?
Having an AV on a server is usually considered a good practice.

Mark

-----Original Message-----
From: Erdahl, Larry E [mailto:Larry.Erdahl (at) allina (dot) com [email concealed]]
Sent: Thursday, February 02, 2006 8:06 AM
To: focus-virus (at) securityfocus (dot) com [email concealed]
Subject: What should be protected with anti-virus software?

Long time reader, but first time poster, so please be gentle ;-).

I am in the middle of a risk assessment of our current anti-virus
practice and need a little help.

I am finding servers without any anti-virus software installed and
others that are only configured as on-access detection. I am not sure if
the reasoning for not having anti-virus installed or only running
on-access holds water or is sufficient for today's needs.

The operations manager believes that not all servers need anti-virus
software. He believes his application servers are safe because they
don't receive e-mails and they don't have files that would become
infected. He also feels his Novell file and print servers are
sufficiently protect by using on-access detection only.

Can anyone give me a "best business practice" recommendation or point me
to documentation on what should be protected with anti-virus software
and why?

Any help will be greatly appreciated!

Thanks....

Larry

This message contains information that may be confidential and
privileged. Unless you are the addressee (or authorized to receive for
the addressee), you may not use, copy or disclose to anyone the message
or any information contained in the message. If you have received the
message in error, please advise the sender by reply e-mail and delete
the message.

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus