Re: Av, spyware, ddl trojan assesment

[Neil Carpenter <primate () mindspring com>]

(Moved inapplicable mailing lists to BCC:)

Sherwyn Williams wrote:

> Hey list, I know this is not a how to protect your pc list. But I 
> would like to know what are some good AV, spyware, adware, and 
> software firewalls to use. I have to come up with a plan for a few of 
> my clients who are always being infected.
(Opinions are my own and do not reflect those of my employer, my 
friends, family, or anybody who knows me.)

Anti-virus software and anti-spyware/adware software are reactive 
solutions...they don't help you unless you're already vulnerable.  A 
software firewall is more of a security blanket than it is real 
protection.  If you really want to help your customers, help them setup 
a comprehensive security patch management and auditing solution.  When 
people get infected with malware, it's very rarely some ex0t1c 0-day 
'sploit...it's because they are months (even years) out of date on 
security fixes.

After you've got that resolved and you've cleaned out your customer's 
current issues (you _do_ follow the best practice of formatting any 
machine that is compromised, right?), then you can worry about charging 
them for an a-v solution, an anti-spyware solution, more firewalls, etc, 
etc. 

And, you're right, these lists aren't meant for this sort of thing.  In 
the future, you should consider doing more research before sending out 
e-mail looking for (the wrong people) to do your research for you. 

And what kind of consultant uses a hotmail address professionally, anyway?

N.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/