Re: A Real-Time malware antivirus console

[Curt Wilson <curtw () SIU EDU>]

Valdis Kletnieks wrote:
> On Wed, 17 Jun 2009 16:20:54 CDT, Curt Wilson said:
>
> > I've gotten into the philosophy of treating anti-virus as a detection
> > and notification system that a box needs a more in-depth analysis. In a
> > large organization, this rapidly scales into a huge resource issue though.
>
> "Nuke it from orbit. It's the only way to be sure."
>
> Somewhat snarky, but it's the only realistic way to avoid the "huge resource
> issue" if you're relying on reactive security schemes rather than proactive
> ones, in combination with wide-open von Neumann system designs where injected
> data becomes executable code all too easily.
>
> Having said that, no, I don't have a ready-for-Joe-Sixpack alternative.

Not only injected data becoming code but injected trickery turns into
injected code when a PEBCAK issue is utilized in the fault injection
process.

Nuking from orbit leaves important questions unanswered though. I
suppose in some cases that's perfectly acceptable.

Relying on reactive security schemes?! Never! All of us in .edu-land are
ALWAYS able to get the staff and other resources to implement proactive
security schemes, right? :>


--
Curt Wilson
SIUC IT Security Officer & Security Engineer