Checkpoint's firewall, and Trusted Information Systems' Gauntlet likely did the job:
http://groups-beta.google.com/group/muc.lists.firewalls/browse_thread/thread/398284916e5f4019/fe79931c4d44d1e3?q=gauntlet+virus+scan +1997&rnum=1#fe79931c4d44d1e3 short url: http://tinyurl.com/exaoo That's a July 28, 1997 posting, so may not be quite early enough, but gives the drift on what people were thinking. A 1996 posting about TIS being acquired by McAfee and folded into Network Associates, http://groups-beta.google.com/group/list.cypherpunks/browse_thread/thread/ab2df364e580c485/c4676e032bbf2ea5?q=gauntlet+virus+scan+19 96&rnum=11#c4676e032bbf2ea5 short url: http://tinyurl.com/8ay5g quoting: "With the completion of this transaction, Network Associates will be the largest security software company in the industry. Network Associates, which was formed late last year by the merger of McAfee Associates and Network General, is now positioned to offer a complete suite of security technology. Their product line includes enterprise encryption, authentication, intrusion detection, anti-virus and firewall protection. Network Associates plans to combine all of these technologies and market them as a suite of security programs, similar to the way Microsoft Corp., has bundled collections of personnel computer software." ------- This 1996 posting of the "virus FAQ" is interesting and shows this to be about the turning point in thinking that virus scanning at the inbound firewall might/might not be a good idea: http://groups-beta.google.com/group/alt.comp.virus/browse_thread/thread/e7efc26077b126be/95603592d2f04a49?q=firewall+virus+scan+1995 &rnum=4&hl=en#95603592d2f04a49 short url: http://tinyurl.com/77flm Quoting: What about firewalls? --------------------- What indeed? There is scope for more discussion here, but firewalls don't generally screen computer viruses, and, arguably, never will very effectively. Reassembling a packet stream to scan for search strings on the fly introduces unacceptable overheads. See comp.security, or, if you don't mind your mail by the ton, the firewalls mailing-lists. MIMESweeper, by Integralis, has been described as 'a sort of firewall for viruses', which it isn't, by most useful definitions of the term firewall. It's a Windows package which, I think, shunts incoming material for inspection offline, which may be a viable approach. In general, make sure your mail attachments, WWW downloads etc. can't be automatically executed and use a good scanner. Books: Firewalls and Internet Security (Cheswick, Bellovin) - Addison-Wesley Building Internet Firewalls (Chapman, Zwicky) - O'Reilly _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang