Security Basics mailing list archives
RE: Antivirus- A Corrective Control?
From: Curtis 4syth <curtis () 4syth net>
Date: Thu, 11 Aug 2011 11:01:17 -0500
I don't think that's exactly the case. AV systems can prevent SOME things before it "knows about it" via Signature Update or whatever. The biggest is Heuristic Scanning; it's looking for uncommon instructions, encryption loops that shouldn't be there, things like that. They then follow rules or set weights (like MX records) to the Application. If a rule is triggered, or the weight gets to high, the AV gets flagged. This can easily prevent new malware, or a mutation of a current piece of code. Curtis -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of gold flake Sent: Thursday, August 11, 2011 2:47 AM To: Sandeep Cheema Cc: security-basics () securityfocus com Subject: Re: Antivirus- A Corrective Control?
My 0.02$ Preventive. Corrective would be if the machine has been compromised and the next task is to clean it. But that's not how AV behaves ideally. An infected machine can never be cleaned fully but can be prevented completely from getting infected. If you got an AV in place, it should not get infected at all ( as per vandor's claims atleast
I do not think so. An AV can only play catch-up with the known threats and not prevent something it does not know about. ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- RE: Antivirus- A Corrective Control?, (continued)
- RE: Antivirus- A Corrective Control? Omar Salvador Alcalá Ruiz (Aug 10)
- RE: Antivirus- A Corrective Control? Mikesch, David A (Aug 10)
- RE: Antivirus- A Corrective Control? David Gillett (Aug 10)
- Re: Antivirus- A Corrective Control? Sandeep Cheema (Aug 10)
- Re: Antivirus- A Corrective Control? Todd Haverkos (Aug 10)
- Re: Antivirus- A Corrective Control? Femi Mogaji (Aug 10)
- Re: Antivirus- A Corrective Control? Jay Scalf (Aug 10)
- RE: Antivirus- A Corrective Control? Ong Chin Ching (Aug 11)
- RE: Antivirus- A Corrective Control? Mikhail A. Utin (Aug 11)
- Re: Antivirus- A Corrective Control? Todd Haverkos (Aug 10)
- Re: Antivirus- A Corrective Control? gold flake (Aug 11)
- RE: Antivirus- A Corrective Control? Curtis 4syth (Aug 11)
- Re: Antivirus- A Corrective Control? RobOEM (Aug 11)
- Re: Antivirus- A Corrective Control? John Morrison (Aug 11)
- RE: Antivirus- A Corrective Control? Omar Salvador Alcalá Ruiz (Aug 10)