Well virus protection and firewalling are must have protection to preserve PC computers for all operating systems. At my outside job, that taking quite all my time !, we are working on computer security.
For guideline I can now say that : - One anti-virus tools is a must have on a single computer environnement (please read below about task list that are periodically done on a computer). - At least two different anti-virus are must have in any multiples computers environnement. And I want to talk specifically off one Anti-Virus : SOPHOS. (http://www.sophos.com/ and http://www.sophos.com/products/sav/) It's not a product with a nice look and fell but is it very performant : - About 22 kind of platforms supported (where it can be executed) - Knows 100160 differents viruses (at date : 2005-Feb-07) - It's filter technology is one of the quicker of the antivirus market, so applications aren't hanging because of antivirus activity. - It's an UK Company - Sophos got 3 research lab around the world in order to work 24h and 7 days a week. In front of this there is some concerns : - This antivirus software is reserve for professionnal or special OEM and costs per server (with 10 clients PC's included) for â300+ - Don't check internally in applications with plug-in (For emails products and so on). There is too another and free for personnal use antivirus that include a lot of good thinks that is AVAST 4 (http://www.avast.com) ( It includes firewall, plugin for email client, and act as a normal antivirus too, etc... ) It's a very good products for no costs instead of registration (I don't know about emails but you can use a one-time email to receive The registration key ;-) . Tools needs to be protected against Internet : ---------------------------------------------- - Firewall that can be used in two ways : - Simple IP flow filtering : Just open TCP or UDP flow that are really need for DMZ (formelly for mails servers, web serveurs, VPN Servers). - Using PROXY services for all client applications that have to be used over Internet (Instant messaging, Web explorer, Voice on IP, etc... ( Firewall technologies can be replace by a high secure Operating Systems installations as I done it at home where I got a secured installation of Windows 2000 - But this is a huge work of installations (from 5 to 15 days) and can be attack in case of security hole) - Patch management : Yes, that one the most important thing to do in security matter for both Windows and Unix Systems ! I don't want to make any comments on the reasons that justify patch management but security hole are always possible in any operating systems. For Windows PC you can use Microsoft Windows Update Server (or Software Updates Server) in order to centralise updates in order to deploy them in your LAN or private WAN. - AntiSpam : I'm using email server at a specialist of hosting (http://www.ovh.com) where there is an anti-spam and anti-virus solution on server side. - Anti Spyware : Here is some tools like AdAware or Spybot (it's very recommended to use theses tools are there is often problems on downloaded programs. ( Microsoft has selling out a beta version of his new anti-spyware programs made after a new company acquisition. ) - Using a secure Web Browser : Since SP2, Internet Explorer is a bit more secure but not efficiently as MyIE2 (which encapsulate IE but with an effective protection) May Firefox will be very efficient in that case but it's a very yound product and it still have to enforce security as 3 holes has been discovered recently. - Using a proxy server (for multiple PC) with flow proxy filter that stop some unwanted stuffs. - Test before use : Download and install programs is not recommanded if you want your PC works perfectly : You may test and validate the software you use in order to check integrety and compatibility before use it in production environment. This is now easily possible with emulation and virtual machines !!! ( I have to test bochs x86, but I already done some work with both Virtual PC and VMWare Workstation ) ( as well as Microsoft Virtual Server 2005 and VMWare GSX and ESX Servers ). For more information you can check out for bochs : http://bochs.sourceforge.net/ Well, there is no perfect security solutions, and getting a full security environment is simply to not be wired to the internet as well as to not getting WIFI ! But using methods to secure part by part an Information System is not only using tools but human brain too. It now time to say that getting an high security environment wired to Internet is very very difficult. Major people that are connected to Internet got viruses and malware on their machines. Spending time to correct them costs plenty of time. Since 2 years now, we traverse a period that are dramatic regarding security. Editors made security corrections but often too late. And security cannot by a compromise. Jimmy. -----Message d'origine----- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] De la part de P Witte Envoyà : dimanche 13 fÃvrier 2005 19:12 à : [EMAIL PROTECTED] Objet : [ql-users] Virus [OT] _______________________________________________ QL-Users Mailing List http://www.q-v-d.demon.co.uk/smsqe.htm
