Corporate Anti-Virus strategies
dsr at tao.merseine.nu
dsr at tao.merseine.nu
Fri Aug 15 09:18:53 EDT 2003
On Thu, Aug 14, 2003 at 09:00:36PM -0400, Duane Morin wrote:
> So I trip my way into this magazine article assignment on corporate
> antivirus strategies. Anybody got any recommendations where I could do
> some research? In particular it would be great to find some IT management
> types that wouldn't mind being quoted. I'm coming out of financial
> services where nobody talks about anything without half a dozen PR people
> and lawyers present. :(
Ask on antispam lists and MTA lists (sendmail, qmail, postfix, exim).
Mail admins hang out there.
The award for simplest effective strategy has to go to Russell Nelson,
www.crynwr.com, for noting that all the non-macro viruses for MS
products are executables... and writing a filter which stops MIME
attachments that have the MS exe header. It won't stop the current spate
of worms, but it certainly works against mail viruses.
In corporations where policy allows, only designated server networks are
allowed to respond to requests (send syn-ack packets). Random desktop
machines are all on networks where these are filtered out. This helps
contain infections.
-dsr-
--
Network engineer / pre-sales engineer available in the Boston area.
http://tao.merseine.nu/~dsr
More information about the Discuss
mailing list