Re: No AV? Shock, horror!

[<Toralv_Dirro () McAfee com>]

All logs from a central AV-management console listing what has been detected by the OnAccess scanner on the 
workstations would qualify as that source of data (after sorting out the things that actually infect a machine from the 
things AV is expected to detect nowadays in addition). Without AV most entries in that log would have resulted in an 
infected machine...


cheers,
Toralv


> -----Original Message-----
> From: funsec-bounces () linuxbox org
> [mailto:funsec-bounces () linuxbox org] On Behalf Of Dan Kaminsky
> Sent: Monday, September 28, 2009 7:56 PM
> To: Blanchard_Michael () emc com
> Cc: funsec () linuxbox org; rMslade () shaw ca
> Subject: Re: [funsec] No AV? Shock, horror!
>
> Non-rhetorical question:
>
> Is there a source of data showing 10,000 machines with AV are
> less likely to be infected than 10,000 machines without?
>
>
> On Mon, Sep 28, 2009 at 7:38 PM,  <Blanchard_Michael () emc com> wrote:
> > There are plenty of AV products for *nix platforms.  It's
> not that there is a *huge* amount of viruses for those
> platforms, it's that those platforms are often accessed by
> Windows platforms and the merchant should want to provide a
> clean file to a customer...
> >  Mike B
> >
> >
> > Michael P. Blanchard
> > Senior Security Engineer, CISSP, GCIH, CCSA-NGX, MCSE Office of
> > Information Security & Risk Management EMC ² Corporation
> 4400 Computer
> > Dr.
> > Westboro, MA 01580
> >
> >
> > -----Original Message-----
> > From: funsec-bounces () linuxbox org
> [mailto:funsec-bounces () linuxbox org]
> > On Behalf Of Drsolly
> > Sent: Friday, September 25, 2009 5:13 PM
> > To: Rob, grandpa of Ryan, Trevor, Devon & Hannah
> > Cc: funsec () linuxbox org
> > Subject: Re: [funsec] No AV? Shock, horror!
> >
> > Maybe some merchants don't use Windows?
> >
> > On Fri, 25 Sep 2009, Rob, grandpa of Ryan, Trevor, Devon &
> Hannah wrote:
> > > PCI survey finds some merchants don't use antivirus software
> > >
> > > http://www.networkworld.com/news/2009/092309-pci-survey-finds-some-
> > > merchants.html?hpg1=bn
> > >
> > > (But absolutely no surprise whatsoever ...)
> > >
> > > ======================  (quote inserted randomly by
> Pegasus Mailer)
> > > rslade () vcn bc ca     slade () victoria tc ca
> > > rslade () computercrime org
> > >              Living well is the best revenge.
> > >                       George Herbert, 16th century English
> clergyman
> > > http://victoria.tc.ca/techrev/rms.htm
> > > http://blog.isc2.org/isc2_blog/slade/index.html
> > > http://twitter.com/rslade
> > > http://blogs.securiteam.com/index.php/archives/author/p1/
> > > http://twitter.com/NoticeBored
> > > _______________________________________________
> > > Fun and Misc security discussion for OT posts.
> > > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> > > Note: funsec is a public and open mailing list.
> >
> > _______________________________________________
> > Fun and Misc security discussion for OT posts.
> > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> > Note: funsec is a public and open mailing list.
> >
> >
> > _______________________________________________
> > Fun and Misc security discussion for OT posts.
> > https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> > Note: funsec is a public and open mailing list.
>
> _______________________________________________
> Fun and Misc security discussion for OT posts.
> https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
> Note: funsec is a public and open mailing list.

Firmensitz:     Muenchen
Amtsgericht:     AG Muenchen
Handelsregister:   HRB 144340
Geschaeftsfuehrer: Emmet Russell, Keith Krzeminski, Douglas Rice
Bankverbindung:   ABN-Amro Bank N.V. Konto 671 211 9006
UST-ID:   DE168122444

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.