Full Disclosure mailing list archives
Re: Anti virus installations on Windows servers
From: Adam Chesnutt <icetre () thearistocrats org>
Date: Wed, 29 Apr 2009 12:49:37 -0700
T Biehn wrote:
VK What do you suggest to use on a server that must accept uploads of binaries from users? Should these binaries be scanned by an anti-virus? Can we trust that end users have competent Anti-Virus? We aren't worried about the server being susceptible to viruses, we're concerned about the users who could fall anywhere in proficiency range. This scenario is equally applicable across any OS. Because of the relative infancy of non-windows-based anti-virus software would it be advisable to host a windows virtual machine that shares a 'virtual disk' that is monitored by a robust a/v software to use to host the binaries? Which antivirus software would you recommend?
I think he's trying to say, that if the system is designed well enough, the users shouldn't be able to do any lasting damage to the system. This is because the users are segregated from the system functions. Many OSes are like this; for example Unix and Linux, even MacOS. The reason Windows requires antivirus, is because it's exceedingly easy for a userland program to damage the system without the troublesome bother of having to escalate privs. Seeing as the user is already more or less Admin anyways (even if they're not there's still lots of damage you can do) So the point still is: If the system is well designed, you don't need it in the first place. You've fixed the design problem that allowed the damage, rather than worrying about what the damage is or who caused it. Yes you should call the cops if there's a robber in your home, but it you didn't fix the window they broke the first time they came in, the police aren't going to be real understanding to your plight the second time. Windows in general is a big broken window; allowing access to the entire systems resources. There's a big neon sign and valet parking next to this window. It's been this way for years and MS (and worse yet, users) have done nothing to fix it. Yes that's correct, I'm also blaming the users. How many vista upgrade stories did you hear about the priv escalation notification and users whining about it. How many turned it off. That's right, pretty much everyone except Me-maw and Pe-pop. So the point, albeit snarky, is very valid. Honestly choosing a better operating system is a more efficient solution than the cat and mouse game that is antivirus. Adam _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Anti virus installations on Windows servers, (continued)
- Re: Anti virus installations on Windows servers don bailey (Apr 29)
- Re: Anti virus installations on Windows servers Valdis . Kletnieks (Apr 29)
- Re: Anti virus installations on Windows servers don bailey (Apr 29)
- Re: Anti virus installations on Windows servers Kurt Buff (Apr 29)
- Re: Anti virus installations on Windows servers T Biehn (Apr 29)
- Re: Anti virus installations on Windows servers Valdis . Kletnieks (Apr 29)
- Re: Anti virus installations on Windows servers T Biehn (Apr 30)
- Re: Anti virus installations on Windows servers Valdis . Kletnieks (Apr 30)