> On Fri, 16 Jan 2004, Wes Noonan wrote: > > > This is not quite correct. Nachia and Blaster, as well as Code Red and > its > > variants are all detectable and preventable with virus protection. > > All of those are Windows viruses, no?
Sure, but the statement, mistakenly made, was that virus protection does nothing to protect against worms. I felt that it was worth pointing out that your apparent anti-MS religion caused you to make an incorrect statement (actually, it caused you to make a lot of incorrect statements, but folks have already pointed that out). Perhaps you should spend a little bit of time learning how to harden a windows system before you go advising folks what they should be doing. > > While > > they may not stop the worm on the network, they can and do stop systems > from > > becoming infected and propagating the worm. > > So does mounting /tmp noexec, and it doesn't involve shelling out money > to AV vendors. Mounting /tmp noexec also protects against future threats, > not just ones that happen to be in the AV database. > > (I know that someone recently released code to do a "user-space" exec, > so mounting /tmp noexec is not 100% foolproof, but it's pretty good > protection.) Well then, IMO you might want to invest in virus protection. I'm curious, why is your solution which is not 100% foolproof "pretty good protection", but installing virus protection which is not 100% foolproof is a sham? Really, it seems to me that a number of the "anti-virus scan" positions (and indeed most of the anti-microsoft, ant-personal firewall, etc positions) seem to have little substance beyond "I don't want to spend money". Wes Noonan [EMAIL PROTECTED] http://www.wjnconsulting.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html