Full Disclosure mailing list archives
RE: (no subject)
From: "Brad Griffin" <b.griffin () cqu edu au>
Date: Fri, 13 Aug 2004 13:00:34 +1000
Hi folks -----Original Message----- From: full-disclosure-admin () lists netsys com [mailto:full-disclosure-admin () lists netsys com] On Behalf Of Maarten Sent: Friday, August 13, 2004 12:21 AM To: full-disclosure () netsys com Subject: Re: [Full-disclosure] (no subject) snip
(IM, corporate IT systems, etc) -- they are networkologically isolated
for a reason, remember. Also, even if they do have access to such
resources ("clean"
and "dirty" networks that are never allowed to mix by careful network planning and lack of removable media in the workstations on the
"clean"
network but located inside the "dirty" lab, say) they often do not _want_ to break their own concentration.
I'd suggest they're not so isolated as you claim. For one thing, how
do you suppose they get to hear new strains are found ? Or receive samples ? Did you take the term 'isolated' to mean locked away with no human or other contact? ...strange... *virii* grrrr
No. It may not matter IF you only use one single brand of AV software.
But that is NOT how it works in the real world. Companies tend to deploy
multiple AV solutions on different layers so as to decrease the
likelihood of some virus slipping through. And maybe even more importantly, "Google
research" is done all the time, which doesn't work well if a strain
goes by many different names. I am yet to come across a 'large' company or enterprise that uses separate brand av applications for desktop and server solutions. It makes economic and logistic sense to use one vendor for your av solution that is deployed at different levels (or layers if you prefer that terminology). About the only people I've seen use different antivirus products in one environment are home users or small businesses that misinterpret 'layers of defence' in an anti-virus context to mean 'different brands of defence'. Considering that many major av co's products are cross platform nowadays, I doubt many companies will continue using separate brand products in a mixed OS environment for much longer either. I can't understand how the Google research is a problem with naming conventions. Google for a virus name and multiple hits come up, mostly for descriptions on a/v sites that also carry the alias names in most cases. My take is that so long as anti-virus developers are managing to keep their reactive model of virus detection and removal almost up to speed with the release of new malware, I don't really care if they name the next virus George or Mildred, so long as their software will identify and remove it from a system. Cheers (and with respect), B _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: New virus, (continued)
- Re: New virus Alan J. Wylie (Aug 09)
- RE: (no subject) Corey Hart (Aug 09)
- (no subject) Dufresne (Aug 09)
- RE: (no subject) Seamus Hartmann (Aug 09)
- RE: (no subject) Stephen Agar (Aug 09)
- RE: (no subject) Todd Towles (Aug 09)
- RE: (no subject) Michael Poulin - Home Office (Aug 09)
- Re: (no subject) tcleary2 (Aug 10)
- Re: (no subject) Marek Isalski (Aug 10)
- (no subject) phoenix (Aug 11)
- RE: (no subject) Brad Griffin (Aug 12)
- Re: (no subject) Maarten (Aug 13)
- Re: (no subject) Kyle Maxwell (Aug 13)
- RE: (no subject) Nick FitzGerald (Aug 14)
- Re: (no subject) Maarten (Aug 13)
- RE: (no subject) Todd Towles (Aug 13)
- Re: (no subject) Barry Fitzgerald (Aug 13)
- RE: (no subject) Todd Towles (Aug 13)
- RE: (no subject) Todd Towles (Aug 13)
- Re: Virus naming conventions, or lack of them Etaoin Shrdlu (Aug 13)
- Re: (no subject) Barry Fitzgerald (Aug 13)