Focus on Virus
How to - Scan a Windows machine for virus from a Linux machine Nov 13 2006 07:20PM
Ivan Aleman (bonovoxmofo gmail com) (1 replies)
Re: How to - Scan a Windows machine for virus from a Linux machine Nov 14 2006 03:56PM
Nick FitzGerald (nick virus-l demon co uk)
Ivan Aleman wrote:

> Each Windows machine have their AV (BitDefender) running and up to
> date and Ad-Ware scheduled to run twice a week. Still I would like to
> offer more protection by running an AV remotely from a dedicated
> machine.

Instead of wasting your time on trying to work out how to apply such
after-the-fact band-aids via the network, spend some time learning how
to properly configure and secure the machines themselves so the
machines' users are not running with unnecessarily elevated privileges
and cannot run any and every arbitrary executable they happen across.

If more folk actually tried doing this we would have systems with much
better designed and implemented _from the ground up_ software. If a
s/w vendor tells you its "too hard" to write their crappy app properly
so it works without (near-)admin privileges, hear that for what it
really is -- "we are a bunch of lazy slobs who rather just take your
money, and anyway, most of our other customers are too stupid to ask
for that so why should we even consider 'doing the right thing' for
you". Sadly, _in the Windows market in articular_, this attitude to
proper security considerations _from a product's initial design stage_
has been the (almost exclusively practised) norm to the point that most
Windows system admins and users just accept that it is an intractible

In fact, it's so deeply rooted (and in no small part directly because
of MS' own historically ambivalent attitude to such issues) that MS has
"solved" (hah!) many of the associated problems in Vista by
virtualizing chunks of critical system resources so that vast gobs of
the existing exceptionally crappily written crud that passes for
"mission critical software" will actually work in its own little
"sandbox" despite "least privilege" being the guiding light for the
underlying OS default security configuration.


Nick FitzGerald

ALERT: "How a Hacker Launches a SQL Injection Attack!" - White Paper
It's as simple as placing additional SQL commands into a Web Form input box giving hackers complete access to all your backend systems!

[ reply ]


Privacy Statement
Copyright 2010, SecurityFocus