RE: [Full-disclosure] Antivirus
> stopped opening any attachments they get that they don't know who they are > form and so on. As we all know the end user is the z factor in the whole > situation of choosing a good security product. Norton is pretty good enough but I have installed clamav on winxp machines It has a outlook plugin that keeps the malware Both of them working together is pretty good begin 666 smime.p7s M,( &"2J&2(;W#0$'`J" ,( "`0$Q"S )[EMAIL PROTECTED]@,"&@4`,( &"2J&2(;W#0$' M`0``H(()?3""`P4P@@)NH ,"`0("`P]$"# [EMAIL PROTECTED]&]PT!`00%`#!B,0LP M"08#500&$P):03$E,",&`U4$"A,<5&AA=W1E($-O;G-U;'1I;F<@*%!T>2D@ M3'1D+C$L,"H&`U4$`Q,C5&AA=W1E(%!E,1\P'08# M500#$Q94:&%W=&[EMAIL PROTECTED])E96UA:[EMAIL PROTECTED],3LP.08)*H9(AO<-`0D!%BQA M9&ET>6$N9&5S:&UU:VA ;VYL:6YE+F=A=&5W87DNW$3 M#Y[VQE1?27[6O))6O0TQLW<>.T@"MP_U8N/"P@'?3-Q4J_GR0P_=0B-%7T%] M/_*118FW>[EMAIL PROTECTED],1J*ZPO1$$IU5'0C]8<::RUXQP#U>TTOXC,;U" M0.[%) ]V#K2#6AY.E&P[2_W9XX=QE<<@]*K%%\;R6?<"W&ZX2A]ZU%K",% MBXMM!V2R'^.5P!5 A+R&K^$(G9?,MQBX5#NX"_6)%PTY-C Q M,#$P,# P,#!:%PTR,#$R,S$R,S4Y-3E:,('1,0LP"08#500&$P):03$5,!,& M`U4$"!,,5V5S=&5R;B!#87!E,1(P$ 8#500'$PE#87!E(%1O=VXQ&C [EMAIL PROTECTED] M! H3$51H87=T92!#;VYS=6QT:6YG,[EMAIL PROTECTED])@8#500+$Q]#97)T:69I8V%T:6]N M(%-EE'V Q1MNIRD;"$7GTM#8][$M^%)74H=#I"+&,GGY5[2^]^&8<=ANJC MW;G.EF0:PA1N1*Q\YH_H30]Q'T XI@"CAWCV^92&7JWJP%YVZ]D4HUUN>GP, MI4M5?P89*7^>FB;5:KLX) AJF,>QVJ.8D?UYV^5:Q!RY`@,!``&C$S 1, \& M`U4=$P$!_P0%, ,!`?\P#08)*H9(AO<[EMAIL PROTECTED]:E9V(J MI/!-$6#0;[EMAIL PROTECTED]&&L)KM2-5P(SS#[J$J6BA]B0B.,%P_TNF2<%ZQ'*=^=F%[2 M;&!Q7**LW'GCYVX`1Q^U#2CH`IWDFOT3]*;9?+'XW%\C)@F1@'/0%!O>0ZF# M)?+FG"\5ROZFJXH'=8L,W5&$:^3XT[EMAIL PROTECTED]'1D+C$L,"H& M`U4$`Q,C5&AA=W1E(%!E_0( "9->GIKN?9='%*E2% [EMAIL PROTECTED]>VT3QA!$ >9!ER8+?[`@,!``&[EMAIL PROTECTED]@[EMAIL PROTECTED]'_! @[EMAIL PROTECTED] M_P([EMAIL PROTECTED]'1\$/# Z,[EMAIL PROTECTED] TAC)H='1P.B\O8W)L+G1H87=T92YC;VTO M5&AA=W1E4&5R,!PQ&C [EMAIL PROTECTED] ,3$5!R:79A=&5,86)E;#(M,3,X, T&"2J& M2(;W#0$!!04``X&!`$B,T5"[EMAIL PROTECTED] VC9JQG#W^OK+["%Z%#EI2=?TPAN/@V M'ZHMGS8OP/0<4""3<#S]K>%A8L/9.AE^A+&9&P#%&@N"=)XE4)1BQ]LG<5[EMAIL PROTECTED]'1D+C$L,"H&`U4$`Q,C5&AA=W1E M(%!EI&>[EMAIL PROTECTED]&]PT!"1 "`3%6,%0$'0`0)[2-,QL]D$2B MH:MOUG3"[P$`@ $`,# P+H$L861I='EA+F1E 8)*P8!! &" M-Q $,6LP:3!B,0LP"08#500&$P):03$E,",&`U4$"A,<5&AA=W1E($-O;G-U M;'1I;F<@*%!T>[EMAIL PROTECTED]'1D+C$L,"H&`U4$`Q,C5&AA=W1E(%!EHN*$;N0],[EMAIL PROTECTED]>6LR M^X68\8UB+/SX!'ZOH!,@/PF'TS >(.A!3R^7\H 2).>$#>%X*&5,4!,%0W"D M!R['Z'_61Q-FV:K_VJ1T>AG[/26ZYR_9=J*(\7C8T):I08*3L.;4CT.QPG_^ MT,L)--1+C6@'$1?R;+.4;5'68:[EMAIL PROTECTED];+OI'Z*.#72PA;=LN18/-\2%*+_3H0+ 6(8M6-ZO+?A]$1C@&S2O9>0`` ` end Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com) ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Antivirus
Given the speed at which viruses can spread, daily (or more frequent) pattern updates are a must. As the virus attack vector is still mainly via email, you need to rigorously scan all incoming emails at the perimeter (and block all executables via email). We use MailScanner (www.mailscanner.info) on a Linux box with ClamAV (www.clamav.net), Bitdefender (www.bitdefender.com), and McAfee's uvscan to scan all emails. Both ClamAV and Bitdefender update their patterns when needed and not to some arbitrary schedule. We check for pattern updates hourly. The advantage of blocking at the perimeter is that when your server or desktop antivirus starts screaming, you know that the infection has come via user action or infected PCs being connected to your internal network. Cheers, Phil Phil Randal Network Engineer Herefordshire Council Hereford, UK > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf > Of Larry Seltzer > Sent: 10 August 2005 18:08 > To: full-disclosure@lists.grok.org.uk > Subject: RE: [Full-disclosure] Antivirus > > >>BitDefender. ... not as expensive as Symantec. Faster updates.. > > That's another point worth making generally: everyone updates > faster than Symantec. Symantec sends out normal updates once > a week and an attack has to be nuclear war for them to go > "out of cycle." > > > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Antivirus
Title: Antivirus Under My experience i just can say: Norton : Is exellent! for handle phisical clusters into a hard disc ; Like antivirus NO WAY. Bitdefender: Was exellent when was in hands of kaspersky labs the russian company, very good on time vaxunation now is delayed one week or more to provide good protection and disinfection tools. NOW the best results for me: Using Windows: www.pandasoftware.com (titanium, platinium, Bussiness secure and true prevent) Using Linux: The classic islandic www.f-prot.com Sergio L.C. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason BethuneSent: Wednesday, August 10, 2005 12:21 PMTo: full-disclosure@lists.grok.org.ukSubject: [Full-disclosure] Antivirus I know this is not really the place to ask this question but I need some professional advice and well you guys know a lot. I need to get rid of our current Antivirus solution in the small 20+ user network we have running on SBS 2003. Currently running NAV 7.6 Corporate Edition. Any opinions on the new version of Norton 10.0? Should I look at Trend Micro? Both seem to priced about the same for Canadian customers. I hope this is not too way off topic but I dont post here very often. If you can give me some advice that would be greatly appreciated. Jason ___Full-Disclosure - We believe in it.Charter: http://lists.grok.org.uk/full-disclosure-charter.htmlHosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Antivirus
Title: Message I second BitDefender. Updates are fast and never have noticed it eating up cpu. Regards,Sean MilheimiDREUS Corporation -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chuck FullertonSent: Wednesday, August 10, 2005 12:42 PMTo: 'Jason Bethune'; full-disclosure@lists.grok.org.ukSubject: RE: [Full-disclosure] Antivirus One word. BitDefender. more words... New version coming out next week! not as expensive as Symantec. Faster updates.. www.bitdefender.us From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason BethuneSent: Wednesday, August 10, 2005 12:21 PMTo: full-disclosure@lists.grok.org.ukSubject: [Full-disclosure] Antivirus I know this is not really the place to ask this question but I need some professional advice and well you guys know a lot. I need to get rid of our current Antivirus solution in the small 20+ user network we have running on SBS 2003. Currently running NAV 7.6 Corporate Edition. Any opinions on the new version of Norton 10.0? Should I look at Trend Micro? Both seem to priced about the same for Canadian customers. I hope this is not too way off topic but I don’t post here very often. If you can give me some advice that would be greatly appreciated. Jason ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Antivirus
Thanks Axel ( love guns and roses by the way; im sure you haven't heard that one before). I have been searching around the net for some user reviews on those that you have mentioned. I am about a week into this research. It is starting to come to a head in the past couple days as RTVSCAN.exe is causing more and more computer slow downs. Not good when a batch is trying to be posted in out financial system. In the end I need a reliable product that has central management with lockout features to the user. Malware detection is tied for #1 for the product I end up choosing. My users have at least stopped opening any attachments they get that they don't know who they are form and so on. As we all know the end user is the z factor in the whole situation of choosing a good security product. Jason Bethune IT Specialist Town of Kentville 354 Main Street Kentville, NS B4N 1K6 www.town.kentville.ns.ca -Original Message- From: Axel Pettinger [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 10, 2005 3:45 PM To: Jason Bethune Subject: Re: [Full-disclosure] Antivirus Hi Jason, With such a small user network you should definitely have a look at the products of other anti virus vendors - not just Symantec's. In our company we used NAV CE (later SAV CE) several years till 2004, but I was never happy with it. It's bloated and its malware detection capabilities are not very good. Just as an example, do you know runtime compressors (like UPX)? Malware is very often packed with such compressors to make the file smaller and the file contents less readable. Many runtime compressors exist, but only a few av companies make sure that the format of these runtime compressors is known to their av scan engine so that the scanner is able to detect malicious code inside of these packed executables. The results are funny identifications of one and the same malware (compressed, unpacked, repackaged with another runtime compressor). Symantec's av scanner doesn't know the format of many runtime compressors and as a result it usually fails to detect known packed malware when it is unpacked or repackaged with another compressor. My favorite av scanners are those from Kaspersky (www.kaspersky.com) and McAfee because in my experience both have simply the best malware detection capabilities. Kaspersky's av scanner is also very easy to update, has small definitions, - if you want - hourly updates and knows the most runtime compressor and archive formats of all av scanners. You should definitely have a closer look at McAfee's and Kaspersky's av products. As I said before they are very good in malware detection, but in regard to performance, stability and general handling of these products it's up to you to find out whether they're suited for your environment. Regards, Axel Pettinger > Jason Bethune wrote: > > I know this is not really the place to ask this question but I need > some professional advice and well you guys know a lot. I need to get > rid of our current Antivirus solution in the small 20+ user network we > have running on SBS 2003. Currently running NAV 7.6 Corporate Edition. > Any opinions on the new version of Norton 10.0? Should I look at Trend > Micro? Both seem to priced about the same for Canadian customers. I > hope this is not too way off topic but I don't post here very often. > If you can give me some advice that would be greatly appreciated. > > Jason > > --- > ___ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Antivirus
Hey Steve, I have read the support article on doscan.exe causing high cpu problems. I curious to know if that would cause a problem in my environment where we have no dos based applications. Is the doscan.exe installed by default? We run basically 4 servers SBS 2003, Windows Server 2000, Windows Server Web and Windows Server 2000 for GIS Applications. All of my clients are XP Pro with full updates using SUS. Thanks for the heads up on the SAV CE 10.0 roll out you did...im still trying to figure out the best route for our small government office to take on this. Jason Bethune IT Specialist Town of Kentville 354 Main Street Kentville, NS B4N 1K6 www.town.kentville.ns.ca -Original Message- From: Steve Kirk [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 10, 2005 3:07 PM To: Jason Bethune Subject: Re: [Full-disclosure] Antivirus Hi Jason, This last spring I was put in the position of deploying SAV CEv10.0 for my company - about 150 clients/servers. Almost immediately it started causing problems. I work for a video game developer for Playstation2 games, and (sadly) a lot of the tools for PS2 are DOS-based (they're not Win32 apps). First off there's an "issue" with 10.0 where doscan.exe causes high CPU usage - dragging the machine to a halt. SAV does a "quick scan" (and I use the term loosely) on boot. We've put in a regkey fix to remove the boot scan. They added "tamper protection" with a lot of our tools seem to trigger. We've had to disable that. And generally has been responsbile for a LOT of performance problems. We're using high-end x86 dual-Xeon workstations, too - so it's not like we're under-powered. Needless to say I'm currently doing a hefty performance analysis of other anti-virus solutions so I can find something "nicer" towards our environment. HTH, Steve Jason Bethune wrote: >I only use Terminal Services in admin mode for my servers from home. I know >my current NAV doesn't like TS at all. I am a bit sick of Norton (Symantec) >and how much resources it take sup on the computers which the client is >installed. > >Jason Bethune > >IT Specialist >Town of Kentville >354 Main Street >Kentville, NS >B4N 1K6 > >www.town.kentville.ns.ca > >-Original Message- >From: Steve Friedl [mailto:[EMAIL PROTECTED] >Sent: Wednesday, August 10, 2005 1:23 PM >To: Jason Bethune >Subject: Re: [Full-disclosure] Antivirus > >On Wed, Aug 10, 2005 at 01:20:31PM -0300, Jason Bethune wrote: > > >>I know this is not really the place to ask this question but I need some >>professional advice and well you guys know a lot. I need to get rid of our >>current Antivirus solution in the small 20+ user network we have running >> >> >on > > >>SBS 2003. Currently running NAV 7.6 Corporate Edition. Any opinions on the >>new version of Norton 10.0? Should I look at Trend Micro? Both seem to >>priced about the same for Canadian customers. I hope this is not too way >> >> >off > > >>topic but I don't post here very often. If you can give me some advice >> >> >that > > >>would be greatly appreciated. >> >> > >One tidbit: if you use RAdmin (remote administration software), Symantec >10. corporate sees it as a threat, and there's not any really good way >to centrally deal with this. It's been a terrible mess. > >Steve > > > ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Antivirus
>>BitDefender. ... not as expensive as Symantec. Faster updates.. That's another point worth making generally: everyone updates faster than Symantec. Symantec sends out normal updates once a week and an attack has to be nuclear war for them to go "out of cycle." ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Antivirus
Title: Antivirus Trend Micro has a problem, pattern files. I have seen many virus not being detected from TrendMicro solutions. For desktops I only have used OfficeScan. Works well, doesn't seem to waste too much resources. Something I didn't like too from TrendMicro, was fixes and hotfixes. It's a bit of a mess, with some available in a few of their websites, and others not. From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason BethuneSent: quarta-feira, 10 de Agosto de 2005 17:21To: full-disclosure@lists.grok.org.ukSubject: [Full-disclosure] Antivirus I know this is not really the place to ask this question but I need some professional advice and well you guys know a lot. I need to get rid of our current Antivirus solution in the small 20+ user network we have running on SBS 2003. Currently running NAV 7.6 Corporate Edition. Any opinions on the new version of Norton 10.0? Should I look at Trend Micro? Both seem to priced about the same for Canadian customers. I hope this is not too way off topic but I don’t post here very often. If you can give me some advice that would be greatly appreciated. Jason ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Antivirus
Title: Antivirus One word. BitDefender. more words... New version coming out next week! not as expensive as Symantec. Faster updates.. www.bitdefender.us From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason BethuneSent: Wednesday, August 10, 2005 12:21 PMTo: full-disclosure@lists.grok.org.ukSubject: [Full-disclosure] Antivirus I know this is not really the place to ask this question but I need some professional advice and well you guys know a lot. I need to get rid of our current Antivirus solution in the small 20+ user network we have running on SBS 2003. Currently running NAV 7.6 Corporate Edition. Any opinions on the new version of Norton 10.0? Should I look at Trend Micro? Both seem to priced about the same for Canadian customers. I hope this is not too way off topic but I don’t post here very often. If you can give me some advice that would be greatly appreciated. Jason ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Antivirus
Do you find the client side of it runs well? My RTVSCAN.exe on a lot of machines in the office are starting to eat up 100% CPU. This is another reason I need to upgrade. Jason Bethune IT Specialist Town of Kentville 354 Main Street Kentville, NS B4N 1K6 www.town.kentville.ns.ca -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Evan Waite Sent: Wednesday, August 10, 2005 1:34 PM To: full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] Antivirus Actually NAV Corp (aka SAV) works fine in Application and Admin mode for Terminal services. We've just completed an upgrade and so far everything is working fine. I would however recommend you only use 10.0.1.1000 (current) or higher (the first build of 10.0 was a little flaky) -E -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Bethune Sent: Wednesday, August 10, 2005 10:29 AM To: 'Steve Friedl' Cc: full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] Antivirus I only use Terminal Services in admin mode for my servers from home. I know my current NAV doesn't like TS at all. I am a bit sick of Norton (Symantec) and how much resources it take sup on the computers which the client is installed. Jason Bethune IT Specialist Town of Kentville 354 Main Street Kentville, NS B4N 1K6 www.town.kentville.ns.ca -Original Message- From: Steve Friedl [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 10, 2005 1:23 PM To: Jason Bethune Subject: Re: [Full-disclosure] Antivirus On Wed, Aug 10, 2005 at 01:20:31PM -0300, Jason Bethune wrote: > I know this is not really the place to ask this question but I need some > professional advice and well you guys know a lot. I need to get rid of our > current Antivirus solution in the small 20+ user network we have running on > SBS 2003. Currently running NAV 7.6 Corporate Edition. Any opinions on the > new version of Norton 10.0? Should I look at Trend Micro? Both seem to > priced about the same for Canadian customers. I hope this is not too way off > topic but I don't post here very often. If you can give me some advice that > would be greatly appreciated. One tidbit: if you use RAdmin (remote administration software), Symantec 10. corporate sees it as a threat, and there's not any really good way to centrally deal with this. It's been a terrible mess. Steve -- Stephen J Friedl | Security Consultant | UNIX Wizard | +1 714 544-6561 www.unixwiz.net | Tustin, Calif. USA | Microsoft MVP | [EMAIL PROTECTED] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Antivirus
Yes I meant to say my current corporate edition runs fine on my servers for the most part, other than the yellow exclamation point in the VPtray in the systray. I am mostly worried about how well these AV's perform on systems. Need central administration for the program and the ability to lockout users from performing any tasks related to the AV program. Jason Bethune IT Specialist Town of Kentville 354 Main Street Kentville, NS B4N 1K6 www.town.kentville.ns.ca -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Larry Seltzer Sent: Wednesday, August 10, 2005 1:33 PM To: full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] Antivirus NAV and Symantec Corporate Edition aren't the same thing, although I don't know for a fact that Corporate runs fine on a Terminal Server. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.ziffdavis.com/seltzer Contributing Editor, PC Magazine [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Bethune Sent: Wednesday, August 10, 2005 12:29 PM To: 'Steve Friedl' Cc: full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] Antivirus I only use Terminal Services in admin mode for my servers from home. I know my current NAV doesn't like TS at all. I am a bit sick of Norton (Symantec) and how much resources it take sup on the computers which the client is installed. Jason Bethune IT Specialist Town of Kentville 354 Main Street Kentville, NS B4N 1K6 www.town.kentville.ns.ca -Original Message- From: Steve Friedl [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 10, 2005 1:23 PM To: Jason Bethune Subject: Re: [Full-disclosure] Antivirus On Wed, Aug 10, 2005 at 01:20:31PM -0300, Jason Bethune wrote: > I know this is not really the place to ask this question but I need > some professional advice and well you guys know a lot. I need to get > rid of our current Antivirus solution in the small 20+ user network we > have running on > SBS 2003. Currently running NAV 7.6 Corporate Edition. Any opinions on > the new version of Norton 10.0? Should I look at Trend Micro? Both > seem to priced about the same for Canadian customers. I hope this is > not too way off > topic but I don't post here very often. If you can give me some advice that > would be greatly appreciated. One tidbit: if you use RAdmin (remote administration software), Symantec 10. corporate sees it as a threat, and there's not any really good way to centrally deal with this. It's been a terrible mess. Steve -- Stephen J Friedl | Security Consultant | UNIX Wizard | +1 714 544-6561 www.unixwiz.net | Tustin, Calif. USA | Microsoft MVP | [EMAIL PROTECTED] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Antivirus
Actually NAV Corp (aka SAV) works fine in Application and Admin mode for Terminal services. We've just completed an upgrade and so far everything is working fine. I would however recommend you only use 10.0.1.1000 (current) or higher (the first build of 10.0 was a little flaky) -E -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Bethune Sent: Wednesday, August 10, 2005 10:29 AM To: 'Steve Friedl' Cc: full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] Antivirus I only use Terminal Services in admin mode for my servers from home. I know my current NAV doesn't like TS at all. I am a bit sick of Norton (Symantec) and how much resources it take sup on the computers which the client is installed. Jason Bethune IT Specialist Town of Kentville 354 Main Street Kentville, NS B4N 1K6 www.town.kentville.ns.ca -Original Message- From: Steve Friedl [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 10, 2005 1:23 PM To: Jason Bethune Subject: Re: [Full-disclosure] Antivirus On Wed, Aug 10, 2005 at 01:20:31PM -0300, Jason Bethune wrote: > I know this is not really the place to ask this question but I need some > professional advice and well you guys know a lot. I need to get rid of our > current Antivirus solution in the small 20+ user network we have running on > SBS 2003. Currently running NAV 7.6 Corporate Edition. Any opinions on the > new version of Norton 10.0? Should I look at Trend Micro? Both seem to > priced about the same for Canadian customers. I hope this is not too way off > topic but I don't post here very often. If you can give me some advice that > would be greatly appreciated. One tidbit: if you use RAdmin (remote administration software), Symantec 10. corporate sees it as a threat, and there's not any really good way to centrally deal with this. It's been a terrible mess. Steve -- Stephen J Friedl | Security Consultant | UNIX Wizard | +1 714 544-6561 www.unixwiz.net | Tustin, Calif. USA | Microsoft MVP | [EMAIL PROTECTED] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Antivirus
NAV and Symantec Corporate Edition aren't the same thing, although I don't know for a fact that Corporate runs fine on a Terminal Server. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.ziffdavis.com/seltzer Contributing Editor, PC Magazine [EMAIL PROTECTED] -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jason Bethune Sent: Wednesday, August 10, 2005 12:29 PM To: 'Steve Friedl' Cc: full-disclosure@lists.grok.org.uk Subject: RE: [Full-disclosure] Antivirus I only use Terminal Services in admin mode for my servers from home. I know my current NAV doesn't like TS at all. I am a bit sick of Norton (Symantec) and how much resources it take sup on the computers which the client is installed. Jason Bethune IT Specialist Town of Kentville 354 Main Street Kentville, NS B4N 1K6 www.town.kentville.ns.ca -Original Message- From: Steve Friedl [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 10, 2005 1:23 PM To: Jason Bethune Subject: Re: [Full-disclosure] Antivirus On Wed, Aug 10, 2005 at 01:20:31PM -0300, Jason Bethune wrote: > I know this is not really the place to ask this question but I need > some professional advice and well you guys know a lot. I need to get > rid of our current Antivirus solution in the small 20+ user network we > have running on > SBS 2003. Currently running NAV 7.6 Corporate Edition. Any opinions on > the new version of Norton 10.0? Should I look at Trend Micro? Both > seem to priced about the same for Canadian customers. I hope this is > not too way off > topic but I don't post here very often. If you can give me some advice that > would be greatly appreciated. One tidbit: if you use RAdmin (remote administration software), Symantec 10. corporate sees it as a threat, and there's not any really good way to centrally deal with this. It's been a terrible mess. Steve -- Stephen J Friedl | Security Consultant | UNIX Wizard | +1 714 544-6561 www.unixwiz.net | Tustin, Calif. USA | Microsoft MVP | [EMAIL PROTECTED] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] Antivirus
I only use Terminal Services in admin mode for my servers from home. I know my current NAV doesn't like TS at all. I am a bit sick of Norton (Symantec) and how much resources it take sup on the computers which the client is installed. Jason Bethune IT Specialist Town of Kentville 354 Main Street Kentville, NS B4N 1K6 www.town.kentville.ns.ca -Original Message- From: Steve Friedl [mailto:[EMAIL PROTECTED] Sent: Wednesday, August 10, 2005 1:23 PM To: Jason Bethune Subject: Re: [Full-disclosure] Antivirus On Wed, Aug 10, 2005 at 01:20:31PM -0300, Jason Bethune wrote: > I know this is not really the place to ask this question but I need some > professional advice and well you guys know a lot. I need to get rid of our > current Antivirus solution in the small 20+ user network we have running on > SBS 2003. Currently running NAV 7.6 Corporate Edition. Any opinions on the > new version of Norton 10.0? Should I look at Trend Micro? Both seem to > priced about the same for Canadian customers. I hope this is not too way off > topic but I don't post here very often. If you can give me some advice that > would be greatly appreciated. One tidbit: if you use RAdmin (remote administration software), Symantec 10. corporate sees it as a threat, and there's not any really good way to centrally deal with this. It's been a terrible mess. Steve -- Stephen J Friedl | Security Consultant | UNIX Wizard | +1 714 544-6561 www.unixwiz.net | Tustin, Calif. USA | Microsoft MVP | [EMAIL PROTECTED] ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/