Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Anti-Virus on web facing servers??

From: Todd.Bailey () Protective Com
Date: Fri, 9 Jul 2004 14:12:23 -0500




Yes it should have AV.  There is not a server out there that does not need
AV.  Overall there is very little overhead anymore on newer hardware that
will cause problems.  Plus FTP files can have viruses in them.  It should
run in both real time and a weekly scan.  You can moderate the time as to
avoid impacting the system.  It also allows  you another layer of
protection in the event that the system does not get patched immediately.
The question is why would you not put AV on a server today.



                                                                           
             "Dan Tesch"                                                   
             <dan.tesch@comcas                                             
             t.net>                                                     To 
                                       "Security Basics"                   
             07/09/2004 09:32          <security-basics@lists.securityfocu 
             AM                        s.com>                              
                                                                        cc 
                                                                           
             Please respond to                                     Subject 
                "Dan Tesch"            Anti-Virus on web facing servers??  
             <dan.tesch@comcas                                             
                  t.net>                                                   
                                                                           
                                                                           
                                                                           
                                                                           




Hello, I just started with a company that has three
web facing W2K servers running IIS & SQL.

My question; they are patched and behind a firewall
but have no Anti-Virus running - can I get some feedback
on whether these boxes should be running AV??

They are on a network at a COLO just by themselves
ie: no desktops but get FTP uploads regularly for
content.

Thanks

---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off
any course! All of our class sizes are guaranteed to be 10 students or less
to facilitate one-on-one interaction with one of our expert instructors.
Attend a course taught by an expert instructor with years of in-the-field
pen testing experience in our state of the art hacking lab. Master the
skills
of an Ethical Hacker to better assess the security of your organization.
Visit us at:
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------



-----------------------------------------
Confidentiality Notice: This e-mail communication and any attachments may contain confidential and privileged 
information for the use of the designated recipients named above. If you are not the intended recipient, you are hereby 
notified that you have received this communication in error and that any review, disclosure, dissemination, 
distribution or copying of it or its contents is prohibited. If you have received this communication in error, please 
notify me immediately by replying to this message and deleting it from your computer. Thank you.


---------------------------------------------------------------------------
Ethical Hacking at the InfoSec Institute. Mention this ad and get $545 off 
any course! All of our class sizes are guaranteed to be 10 students or less 
to facilitate one-on-one interaction with one of our expert instructors. 
Attend a course taught by an expert instructor with years of in-the-field 
pen testing experience in our state of the art hacking lab. Master the skills 
of an Ethical Hacker to better assess the security of your organization. 
Visit us at: 
http://www.infosecinstitute.com/courses/ethical_hacking_training.html
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: