Re: Re: January 15 is Personal Firewall Day, help the cause

["David F. Skoll" <dfs () roaringpenguin com>]

On Fri, 16 Jan 2004, Exibar wrote:

>   correct, but I'm not talking about ONLY catching e-mail viruses, that's
> not the only reason you install A/V software on your desktop.

Are you aware of any A/V desktop software for Linux?  I'm not.  So even
if I wanted to run A/V on our desktops, I couldn't.

> Worms are more dangerous than e-mail viruses in my eyes, especially
> if you're blocking all executables from coming in through your mail
> gateway.  Without A/V software you're susseptable to these worms
> running rampant on your machine and network.

A/V software will do exactly nothing to protect against worms that
exploit buffer overflows in running services.

We run our Web site, mail server, etc. on a colocated server that's
completely isolated (in fact, connected to a different ISP) from our
internal LAN, and our internal machines do not run any services
accessible to others.  If our colocated server is compromised, it will
be very upsetting, but not fatal.

>    Without A/V you'll also have the problem of people clicking on links and
> inadvertantly downloading a backdoor or a rootkit.

I don't let my employees run as root, so the danger is quite small, as long
as we keep our boxes up-to-date.

Regards,

David.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html