Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


Forgot your password?
Close
typodupeerror
×
Security

A Central Repository for Virus Information? 26

Posted by Cliff from the forewarned-is-forearmed dept.
four12 asks: "I've been doing more work lately with network security and tightening things up. My new employer has been pretty lax over the years with such things and has come to the realization that their luck has to be wearing thin. I have noticed an dissonance of information between the various virus information sites. McAfee will have a 'prolific' worm listed, but Symantec and Trend say nothing about it and vice versa. It makes me wonder first of all, is my anti-virus system catching things as fast as the other systems? Is there a place that I can go that digests the latest threats and information down in to a nice, clean webpage? I already have too many listserv subscriptions and don't want to wade through a dozen webpages trying to correlate what is out there."
This discussion has been archived. No new comments can be posted.

A Central Repository for Virus Information? More

A Central Repository for Virus Information?

Comments Filter:

  • CERT (Score:5, Informative)

    by setzman ( 541053 ) <stzman@stzmanple ... inus threevowels> on Tuesday July 29, 2003 @02:36PM (#6562321) Journal
    They seem to have a lot of the current advisories and stuff here [cert.org].

  • An inflection point for Outlook? (Score:5, Interesting)

    by gruntvald ( 22203 ) on Tuesday July 29, 2003 @02:55PM (#6562602) Homepage Journal
    It seems to me that we are getting close to the inflection point for Outlook, where it's benefits are too adversely affected by it's security record. Following bugtraq, we are now at the point where even plaintext messages can trigger javascript. Absurd.

  • Don't Rely Exclusivly on Anti-Virus! (Score:4, Informative)

    by zulux ( 112259 ) on Tuesday July 29, 2003 @03:00PM (#6562666) Homepage Journal
    The antivirus vendors can only release their updated file - AFTER the virus has started to spread, the receive a copy and patch and test. This could take *DAYS*.

    Some people think that a properly created worm/virus could spread over the entire available host populations in under 15 min from release.

    More Info Worhal Virus [berkeley.edu]

    Add atachement mangeling, removal, and remove vunerable email client for example; Outlook with with it's own exploits and it's embeded HTML (Explorer) with it's own list of exploits are unacceptable for a networked computing environment.

    • I have used this strategy in my work environment. Things like scr, bat, exe, vbs, pif etc are all blocked without even bothering to scan them. If they pass the first level of checks they are then scanned using Sophos anti-virus before being delivered to the user. All the users that are on PC's have Outlook 2000 or XP and have the dangerous attachment blocking enabled and access emails in the restricted zone meaning no scripting will be ran. Each PC is then also installed with Sophos anti-virus. The mails

  • Windows Update (Score:3, Insightful)

    by crow ( 16139 ) on Tuesday July 29, 2003 @03:03PM (#6562698) Homepage Journal
    Almost all the virus problems are Windows-based, and a large majority of the problems occur after Microsoft has released patches. Hence, any comprehensive security plan should include some method of insuring that all critical security updates are applied throughout the company.

    Beyond that, it's a race between Microsoft patching bugs and the anti-virus companies detecting the exploits.
    • The only reason this is, is because the mass majority of computer morons that are on the internet are using Windows. More software has been developed for windows, and the possibility for infection is better. Linux and other os's are not as popular, and usually have more advanced users using the systems. I personally haven't seen many viruses developed for linux, or advisories for them. There are quite a few exploits listed, but none have really been taken advantage of. The reason one write a virus is t
  • anti-virus system catching things as fast as the other systems?

    If you're getting into the security ballgame you may wind up looking at various sources as a matter of fact. Going with the multi-layered defense, I routinely go to two anti virus sites, one RAT/Trojan site, and a hoax site [www.vmyths.com]. We also block any executable at the gateway, that cuts the majority of your problem there [none of our users need those kinds of files].

  • I mean, thats where i get all my viri from.

  • US Dept of Energy website (Score:4, Informative)

    by Kiaser Zohsay ( 20134 ) on Tuesday July 29, 2003 @04:13PM (#6563607)
    http://www.ciac.org/ciac/

    Pretty comprehensive across platforms, OSs, viruses, hoaxes, buffer overflows...

    Best of all, they're not trying to sell you something.

  • IntelliShield (Score:2, Informative)

    by ModernCelt ( 129965 )
    Is there a place that I can go that digests the latest threats and information down in to a nice, clean webpage?

    TruSecure [trusecure.com] IntelliShield [trusecure.com] is one such service, but it is not free. It pulls together information about a vulnerability from various vendors, mailing lists, and such, and puts it all under one issue. It also has alerts and a shared task list for managing your organization's response to a vulnerability. The alerts can be useful given the fast-spreading nature of recent worms. The task list is less u

  • Ethically ironic isn't it: (Score:3, Insightful)

    by eyepeepackets ( 33477 ) on Tuesday July 29, 2003 @07:14PM (#6565575)
    Ethically ironic isn't it:

    - MS's poorly designed and implemented product is the primary cause we have a virus problem (80,000 + viruses at last count);

    - first thing I see when I log onto /. are banner ads for MS product!

    Doh, I forgot: Raking in cash is better than taking the high ground and considering one'
    s actions and behavior in the context of ethical social behavior.

    Guess ./ forgot too, eh?

  • Try Messagelabs [messagelabs.com] or similar for pretty much 100% effective e-mail virus filtering. They use the top four anti-virus solutions to catch everything that's known about, followed by heuristic analysis to catch anything suspicious that's not been seen before.

    They recommend using a conventional anti-virus solution to catch the 2% of viruses coming into your establishment on portable media, but they'll keep your mail pretty damn clean.

    I don't work for them (my partner used to work for part of the same outfit),

    • Too right

      A friend of mine used Messagelabs during his last job in the UK and he reckons that they are the best thing out there. Over eighteen months he had ZERO virus hits on a sixty-user site and this was during the Code Red / Nimda boom times.

      Speak to Messagelabs

      Ed Almos
  • Buy a product such as Sybari Antigen, which uses four different companies engines. That way, you should catch most stuff...

    When I went to speak to Sophos at a show, they actually took me to Sybari's stand :)

Slashdot Top Deals

An authority is a person who can tell you more about something than you really care to know.

Close