Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

RE: Why NOT to disable Real Time Antivirus on Servers

From: "Depp, Dennis M." <deppdm () ornl gov>
Date: Thu, 03 Nov 2005 13:46:55 -0500
Suppose a virus gets in before your virus definitions have been updated.
How will you protect your servers, or clean them?

Denny 

-----Original Message-----
From: Thierry Zoller [mailto:Thierry () sniff-em com] 
Sent: Wednesday, November 02, 2005 4:22 PM
To: george.peek () gmx net
Cc: security-basics () securityfocus com
Subject: Re: Why NOT to disable Real Time Antivirus on Servers


gpgn> He argues that since all of the workstations have the antivirus
gpgn> enabled, then there is no way for the virus to get in.

You should not rely on the user to have is AV solution enabled
everytime. Then there are bugs, crashes in the AV soft, rogue
workstations etc. Better have 2 lines of defencse than 1 here imho.

gpgn> Mine argument that a virus can still get in through other
gpgn> means. I need examples and case studies to refer to.
Previous By Date Next
Previous By Thread Next

Current thread: