RE: Whitelisting
But, if we ever get to a world where whitelisting is the predominant means of execution control, the bad guys will, out of necessity, be relegated to exploiting flaws in applications through data files. I don't understand how you can have an exploit in a data file resulting in anything else but code execution. Data itself is harmless; it's the executables that cause harm. There will always be code executed, in some form or another (unless I'm misunderstanding your point). Alex From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Monday, April 16, 2012 12:25 AM To: NT System Admin Issues Subject: RE: Whitelisting Possibly...even probably. But, if we ever get to a world where whitelisting is the predominant means of execution control, the bad guys will, out of necessity, be relegated to exploiting flaws in applications through data files. A scanner that looks for signatures of exploits in files will be a useful tool. Assuming of course, all applications aren't secure. Sent from my Windows Phone _ From: Andrew S. Baker Sent: 4/15/2012 1:08 PM To: NT System Admin Issues Subject: Re: Whitelisting You can't. :) ASB http://XeeMe.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market. On Sat, Apr 14, 2012 at 1:24 PM, Rankin, James R kz2...@googlemail.com wrote: How do you blacklist all possible bad data files? --Original Message-- From: Crawford, Scott To: NT System Admin Issues ReplyTo: NT System Admin Issues Subject: RE: Whitelisting Sent: 14 Apr 2012 18:02 A combination is needed. Whitelisting for traditional executable code and blacklisting for data files that exploit vulnerable white listed applications. -Original Message- From: Alex Eckelberry [mailto:a...@eckelberry.com] Sent: Saturday, April 14, 2012 10:10 AM To: NT System Admin Issues Subject: Whitelisting I'm curious, what's the general feeling about about whitelisting? As a former AV guy, I tend to prefer blacklisting, but I'm seeing signs things might be changing. Thoughts? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Whitelisting
a) exploits in existing applications (Acrobat Reader, Adobe Flash, Java runtime, Internet Explorer) b) social engineering attacks, where the user is convinced to run/install some malware that they shouldn't. Despite code signing, users are still doing this. How will whitelisting help the above type of user? If it's an exploit, it's going to launch code. The code won't run in a whitelisting environment unless it's approved by the admin. This would also apply to social engineering. If your company has a whitelisting solution in place, code that is not approved won’t run. So the user can download the stupid game they love, but in the end, they won't be able to run it. A good whitelisting application has a massive repository of good files, and the ability to train the system by the admin, not the end-user. Alex -Original Message- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Monday, April 16, 2012 12:51 AM To: NT System Admin Issues Subject: RE: Whitelisting For the SOHO end user, the vast bulk of infections are either: a) exploits in existing applications (Acrobat Reader, Adobe Flash, Java runtime, Internet Explorer) b) social engineering attacks, where the user is convinced to run/install some malware that they shouldn't. Despite code signing, users are still doing this. How will whitelisting help the above type of user? I can't see how it does - they will always have the ability to override whatever recommendation the AV (or protection application) provides. For corporate users, does whitelisting help significantly? I'm not sure that large organisations have the necessary processes in place to implement whitelisting. Whitelisting will slow application development/deployment even more, and will just result in more applications like Access and Excel that provide a semi-IDE to the end user that allows them to develop their own code/functionality. And resulting opportunities for code exploit. Cheers Ken -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Monday, 16 April 2012 12:42 PM To: NT System Admin Issues Subject: Re: Whitelisting Um, really - you can't do it. Signatures (blacklists) for data files are a folly - worse than trying to blacklist executables. Your point is taken that if application/executable whitelisting is good that malware will become nothing more than bad data files, but that then becomes a problem of fixing the applications. Sanitizing inpyu And, fixing applications and their buffer overflows, heap overflows, integer under/overflows, etc., is a far smaller problem space than trying to blacklist data files. I'll take that problem vs. trying to allow folks to execute any random binary that catches their eye. None of it is easy, but whitelisting apps will be exponentially easier than blacklisting data. Kurt On Sun, Apr 15, 2012 at 21:24, Crawford, Scott crawfo...@evangel.edu wrote: Possibly...even probably. But, if we ever get to a world where whitelisting is the predominant means of execution control, the bad guys will, out of necessity, be relegated to exploiting flaws in applications through data files. A scanner that looks for signatures of exploits in files will be a useful tool. Assuming of course, all applications aren't secure. Sent from my Windows Phone From: Andrew S. Baker Sent: 4/15/2012 1:08 PM To: NT System Admin Issues Subject: Re: Whitelisting You can't. :) ASB http://XeeMe.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market… On Sat, Apr 14, 2012 at 1:24 PM, Rankin, James R kz2...@googlemail.com wrote: How do you blacklist all possible bad data files? --Original Message-- From: Crawford, Scott To: NT System Admin Issues ReplyTo: NT System Admin Issues Subject: RE: Whitelisting Sent: 14 Apr 2012 18:02 A combination is needed. Whitelisting for traditional executable code and blacklisting for data files that exploit vulnerable white listed applications. -Original Message- From: Alex Eckelberry [mailto:a...@eckelberry.com] Sent: Saturday, April 14, 2012 10:10 AM To: NT System Admin Issues Subject: Whitelisting I'm curious, what's the general feeling about about whitelisting? As a former AV guy, I tend to prefer blacklisting, but I'm seeing signs things might be changing. Thoughts? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana
RE: Whitelisting
A BHO is a DLL, in other words, a PE file. As is an OCX. These would be/should be covered by a competent whitelisting solution. AFAIK, Javascript can't do much malicious in and of itself except crash your browser or do other weird stuff. Where it is malicious is when it can execute Windows code locally (or Mac code, if running on a Mac machine). -Original Message- From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Monday, April 16, 2012 7:47 AM To: NT System Admin Issues Subject: RE: Whitelisting One of the things I see mentioned below is the malicious browser based attacks ( BHO's, Malicious JavaScript, etc etc) and that is one area of weakness I see in the whitelisting solution. Other than that I agree it’s the right way to go. Being on the other side of Blacklisting, HIPS etc etc, it is a diminishing return over time when you have to write rule after rule to allow software to do things that aren't good coding practices, or worse, just to get the software to run. The other thing I would feel might be a weakness in the whitelisting solution, is if I allow a piece of software to run, and that software runs as a service and that service is remotely exploitable, than I can usurp the computer or any computer running that software, because I have exploited a trusted process. Again how can the whitelisting solution protect you from what you already have trusted if its flawed. Again layers of defense is still a valid argument here.. Z Edward Ziots CISSP, Security +, Network + Security Engineer Lifespan Organization ezi...@lifespan.org -Original Message- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Monday, April 16, 2012 2:24 AM To: NT System Admin Issues Subject: RE: Whitelisting To drive the point home - If I had to choose between whitelisting applications and blacklisting data, I'd choose whitelisting applications, every time. Why would you have to make a choice? They are not mutually exclusive options. To drive the point home - those words do not mean what I think you believe they mean. Whitelisting helps those who help themselves (corporately or individually). Think of it as evolution in action. Those people generally don't run into problems in the first place. Digital signatures, signed kernel mode code etc. can be used to verify that software you are running is mostly legitimate. The tools already exist for whitelisting applications running on your home computer - even Windows includes Software Restriction Policies, Applocker etc, but I doubt you've implemented it - it's simply too much hassle to create a digital signature of each and every single executable you want to allow, and then restrict each and every .dll or resource file that the .exe is allowed to load into its process space, and then also ensure that every application doesn't provide some shared memory space or other way for code to end up inside the permitted process. Cheers Ken -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Monday, 16 April 2012 2:14 PM To: NT System Admin Issues Subject: Re: Whitelisting On Sun, Apr 15, 2012 at 22:31, Ken Schaefer k...@adopenstatic.com wrote: -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Subject: Re: Whitelisting On Sun, Apr 15, 2012 at 21:50, Ken Schaefer k...@adopenstatic.com wrote: For the SOHO end user, the vast bulk of infections are either: a) exploits in existing applications (Acrobat Reader, Adobe Flash, Java runtime, Internet Explorer) b) social engineering attacks, where the user is convinced to run/install some malware that they shouldn't. Despite code signing, users are still doing this. How will whitelisting help the above type of user? I can't see how it does - they will always have the ability to override whatever recommendation the AV (or protection application) provides. Simple - they won't have to worry about file.doc.exe (or VBS|JS|JAR|DLL|etc) embedded in their emails, or the random executables from the various web sites either are deliberately set up, or have been subverted, to issue malware. Those are actually the larger threat, AFAICT. So, it doesn't help with any exploits of existing apps, browser plug ins etc. And if Joe User goes to AcmeSoftwareCompany.com and is persuaded that BritnesSpearsNaked.exe is actually a legitimate file, and then tells his WhiteListing application that it should be added to the white list, then it'll still run. And Joe User will still be screwed. And if Joe User gets CheckOutDancingPigs.vbs in his email, and is persuaded that it's from his good Nigerian Prince friend Joanne User, and runs it, and tells his WhiteListing application that is should be added to the white list, then it'll still run fine. We already have UAC, and AV, and Smart Screen, and Integrity Level warnings, that warn users that the application might be something bad. Yet users still allow
Whitelisting
I'm curious, what's the general feeling about about whitelisting? As a former AV guy, I tend to prefer blacklisting, but I'm seeing signs things might be changing. Thoughts? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: OT: Position in Pennsylvania
If you want a response to this post, simply add that you're paying $12-$25 per hour and require the creation of sales and marketing materials as well as sales of maintenance agreements (in addition to representation at Chamber of Commerce meetings) The last post was fun to watch. Alex Eckelberry www.eckelberry.com (c) 727 – 644 – 8830 Sent from my iPhone (Please excuse the occasional typos) On Feb 8, 2012, at 1:59 PM, Christopher Bodnar christopher_bod...@glic.com wrote: If anyone is looking, we have an open position for a Windows Sys Admin with strong emphasis on SCCM. Position would be located in Bethlehem, PA. If anyone is interested contact me offline for more info. Thanks, Christopher Bodnar Technical Support III, Distributed Systems Service Delivery - Intel Services Tel 610-807-6459 3900 Burgess Place, Bethlehem, PA 18017 christopher_bod...@glic.com mime-attachment.jpg The Guardian Life Insurance Company of America www.guardianlife.com - This message, and any attachments to it, may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient, you are notified that any use, dissemination, distribution, copying, or communication of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately by return e-mail and delete the message and any attachments. Thank you. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Patch management software...
If you want cheap/free try ninite and wsus combined. Otherwise gfi languard is very inexpensive. Shavlik is is very good but might not fit your budget. Lumension is also decent but it is not cheap. Alex Eckelberry www.eckelberry.com (c) 727 – 644 – 8830 Sent from my iPhone (Please excuse the occasional typos) On Jan 30, 2012, at 5:38 PM, David Lum david@nwea.org wrote: I use both Shavlik and WSUS. Both places that I have managed to get Shavlik netChk Protect (%dayjob% and one %nightjob%) going I have found it useful to maintain WSUS for Windows-specific items. WSUS is very low maintenance, handling Java, Adobe, etc takes additional work. Not sure if it’s the tool or the operator (me) not being proficient with NetChk Protect (err, VMWare vCenter Protect Essentials now that VMWare bought Shavlik) to be able to do away with WSUS, but there ya go. Shavlik is not c dirt cheap, but it is effective. Dave From: ntsysadmin [mailto:ntsysad...@rccs.org] Sent: Monday, January 30, 2012 1:59 PM To: NT System Admin Issues Subject: Patch management software... I’m looking for affordable patch management software for several of my small business clients. Workstation numbers range from 4-80 PCs running XP, Vista, Windows7 and a few Macs. It’s okay if I can’t find anything to work with the Macs. I like the Secunia product but I didn’t see an offering for users with very small number of workstations. What are people using? Are there any free options out there that are worthwhile? Thanks, Mike ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: Patch management software...
If it includes adobe and flash patching that is a sweet deal. Apart from windows those are the two programs that need vigilant patching. Alex Eckelberry www.eckelberry.com (c) 727 – 644 – 8830 Sent from my iPhone (Please excuse the occasional typos) On Jan 30, 2012, at 11:26 PM, Marc Maiffret mmaiff...@eeye.com wrote: Check out the free version of our Retina CS Community Edition. It is good up to 128 systems for free. Includes full vulnerability management and patching including patching for some third party apps. http://www.eeye.com/products/retina/community http://go.eeye.com/LP=68 -Marc Signed, Marc Maiffret Founder/CTO eEye Digital Security WEB: http://www.eEye.com BLOG: http://blog.eeye.com TWITTER: http://twitter.com/marcmaiffret From: ntsysadmin [mailto:ntsysad...@rccs.org] Sent: Monday, January 30, 2012 1:59 PM To: NT System Admin Issues Subject: Patch management software... I’m looking for affordable patch management software for several of my small business clients. Workstation numbers range from 4-80 PCs running XP, Vista, Windows7 and a few Macs. It’s okay if I can’t find anything to work with the Macs. I like the Secunia product but I didn’t see an offering for users with very small number of workstations. What are people using? Are there any free options out there that are worthwhile? Thanks, Mike ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: PC that can't Google
Did you check the PC's DNS settings? Alex Eckelberry www.eckelberry.com http://www.eckelberry.com/ c 727 644 8830 Skype: alexeckelberry From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Thursday, January 12, 2012 3:56 PM To: NT System Admin Issues Subject: Re: PC that can't Google Some [possibly] easy no-touch cleanup: Reset Hosts File: MicrosoftFixit50267.msi Reset Internet Explorer Settings: MicrosoftFixit50195.msi Reset TCP/IP: MicrosoftFixit50199.msi Reset Winsock: MicrosoftFixit50203.msi Run them quietly ala: msiexec /i msi file /quiet /passive /norestart Restart afterward. -- Espi On Thu, Jan 12, 2012 at 6:52 AM, Bob Hartung bhart...@wiscoind.com wrote: One of our VPs brought in his company-supplied home PC (Dell Optiplex WinXP Pro SP3). Said it was slow and something had changed his home page and he couldn't change it back. He also said he couldn't access Google. His home page had been taken over by My Web Search. I checked the Vipre quarantine and parts of My Web Search had been removed so I could uninstall it. I ran a Vipre deep scan and installed the latest version of Malwarebytes and ran its deep scan as well. It detected a number of registry My Web Search entries. Everything seemed to be running smoothly and much quicker after the scanning and deleting. My Web Search was gone but the Google problem persists. Using either Firefox or IE, you can access any website with out problem accept Google.com. At the command prompt, you can ping or tracert any website and it will resolve the name to it's IP address, accept Google.com. Google.com just times out with the error that the host name could not be found. I've checked there is no lmhost file. I've also ran ipconfig The PC is attached to our work network and through DHCP has picked up our standard DNS server to use. Everyone else can get to Google.com. What else could be interfering on just the Google.com name? -- Bob Hartung Dir of I.T. Wisco Industries, Inc. 736 Janesville St. Oregon, WI 53575 Tel: (608) 835-3106 x215 tel:%28608%29%20835-3106%20x215 Fax: (608) 835-7399 tel:%28608%29%20835-7399 e-mail: bhartung(at)wiscoind.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Happy Friday
ftp://ftp.ncsa.uiuc.edu/Mosaic/ ftp://ftp.ncsa.uiuc.edu/Mosaic/ Alex Eckelberry www.eckelberry.com http://www.eckelberry.com/ c 727 644 8830 Skype: alexeckelberry From: Greg Olson [mailto:gol...@markettools.com] Sent: Friday, November 04, 2011 6:51 PM To: NT System Admin Issues Subject: RE: Happy Friday It used to be available from this Gopher server here: http://quux.org:70/ From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] Sent: Friday, November 04, 2011 12:30 PM To: NT System Admin Issues Subject: Re: Happy Friday I'm ashamed to admit it, but despite being a University of Illinois grad, I no longer seem to be able to find NCSA Mosaic... Steve Ens stevey...@gmail.com 11/04/2011 02:22 PM Please respond to NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com To NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Press this button if the To is a fax number. Enter in the fax number like 123-456-7890. cc Subject Re: Happy Friday How about Netscape? On Fri, Nov 4, 2011 at 1:20 PM, richardmccl...@aspca.org wrote: How about Safari? BTW, the do a barrel roll does not do anything in Lynx. Bill Humphries mailto:nt...@hedgedigger.com nt...@hedgedigger.com 11/04/2011 01:10 PM Please respond to NT System Admin Issues mailto:ntsysadmin@lyris.sunbelt-software.com ntsysadmin@lyris.sunbelt-software.com To NT System Admin Issues mailto:ntsysadmin@lyris.sunbelt-software.com ntsysadmin@lyris.sunbelt-software.com Press this button if the To is a fax number. Enter in the fax number like 123-456-7890. cc Subject Re: Happy Friday Right now, I seem to have IE, firefox and chrome open on my PC. I'm such a browser slut. Bill David Lum wrote: LOL. I have never even downloaded Chrome, what does it give me that I'm missing with IE? -Original Message- From: Tigran K [ mailto:tigr...@gmail.com mailto:tigr...@gmail.com] Sent: Friday, November 04, 2011 10:00 AM To: NT System Admin Issues Subject: Re: Happy Friday I just assumed everybody is using Chrome. I mean why wouldn't they? On Fri, Nov 4, 2011 at 9:50 AM, Michael B. Smith mailto:mich...@smithcons.com mich...@smithcons.com wrote: If you want the funny - use Chrome. Regards, Michael B. Smith Consultant and Exchange MVP http://theessentialexchange.com/ http://TheEssentialExchange.com -Original Message- From: Tigran K [ mailto:tigr...@gmail.com mailto:tigr...@gmail.com] Sent: Friday, November 04, 2011 12:34 PM To: NT System Admin Issues Subject: Happy Friday https://www.google.com/?q=Z+or+R+twice https://www.google.com/?q=Z+or+R+twice --T ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ http://lyris.sunbelt-software.com/read/my_forums/ or send an email to mailto:listmana...@lyris.sunbeltsoftware.com listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ http://lyris.sunbelt-software.com/read/my_forums/ or send an email to mailto:listmana...@lyris.sunbeltsoftware.com listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ http://lyris.sunbelt-software.com/read/my_forums/ or send an email to mailto:listmana...@lyris.sunbeltsoftware.com listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ http://lyris.sunbelt-software.com/read/my_forums/ or send an email to mailto:listmana...@lyris.sunbeltsoftware.com listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ http
RE: GOOD or Mobile Iron??? MDM
Couple of things about Athena: - Very good technology. In fact, you'll find that most of the MDM players actually license the Athena SDK. - Limited console options. You're going to need to use Configman. Alex Eckelberry www.eckelberry.com http://www.eckelberry.com/ c 727 644 8830 Skype: alexeckelberry From: Rod Trent [mailto:rodtr...@myitforum.com] Sent: Thursday, October 27, 2011 5:02 PM To: NT System Admin Issues Subject: RE: GOOD or Mobile Iron??? MDM Yes.it does. Speaking with them a while back, they indicated that working with iOS is actually much easier than the other platforms. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, October 27, 2011 4:51 PM To: NT System Admin Issues Subject: Re: GOOD or Mobile Iron??? MDM Thanks, athena says it support Remote Control Support (does it include IOS devices like ipad)?? On Thu, Oct 27, 2011 at 4:45 PM, Rod Trent rodtr...@myitforum.com wrote: Check out Athena. http://www.odysseysoftware.com/MDMPRODUCTS/AthenaforMobileDeviceManagement.a spx From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Thursday, October 27, 2011 4:15 PM To: NT System Admin Issues Subject: GOOD or Mobile Iron??? MDM How many people are using MDMs. Do people like GOOD sandbox model, or Mobile Iron? What your experince, with mobile platform accessing corporate data? (IOS, WinMO, Android, or RIM) -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: A more generalized comparison of AV products
Yes, a rather odd summary... there are issues with this review. -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Wednesday, October 12, 2011 8:27 PM To: NT System Admin Issues Subject: A more generalized comparison of AV products More about system load than efficacy, and VIPRE comes out fairly well, though the conclusion is not what you might expect: http://www.tomshardware.com/reviews/antivirus-performance-benchmark,3045.html Kurt ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin DISCLAIMER The information contained in this electronic mail may be confidential or legally privileged. It is for the intended recipient(s) only. Should you receive this message in error, please notify the sender by replying to this mail. Please do not read, copy, forward or store this message unless you are an intended recipient of it - unauthorized use of contents is strictly prohibited. Unless expressly stated, opinions in this message are those of the individual sender and not of GFI. While all care has been taken, GFI is not responsible for the integrity or the contents of this electronic mail and any attachments included within. (GFI2011) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Android Handset Makers - Adding Value or Vulnerabilities?
Windows Phone is a central part of Microsoft's future strategy around a seamless, blurred endpoint, encompassing any internet-connected device. Just look at Windows 8. This is the OS platform for phones, desktops, tablets, TVs, whatever. With Blackberry dying a slow and somewhat comical death, Android being incapable of being used in a true corporate environment (it's ridiculously insecure) and iPhone being a non-enterprise product (you want every user to have to login with an iTunes account??), Microsoft has a real chance here. I am betting on Windows Phone as a dark horse. It has a real shot of capturing the enterprise, replacing Blackberry. If they can make it free and cheap for the masses (cost, high level of functionality and wide availability being major drivers behind Android's success), it gets really interesting. Alex From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Wednesday, October 12, 2011 7:17 AM To: NT System Admin Issues Subject: Re: Android Handset Makers - Adding Value or Vulnerabilities? Excellent points, Marc While I'm still in wait-n-see mode with WP7[1], I am reasonably confident that Microsoft will continue to forge ahead because they recognize the importance of mobile to their overall, long-term success. The consumerization of IT is not a fad, despite how annoying that concept may be to some of us... ASB http://XeeMe.com/AndrewBaker Harnessing the Advantages of Technology for the SMB market... [1] Hey, when did this stop being WordPerfect 7? :) On Wed, Oct 12, 2011 at 3:10 AM, Marc Maiffret mmaiff...@eeye.commailto:mmaiff...@eeye.com wrote: I couldn't agree more. I love the other posters comments (sorry memory isn't working) about WP7 looking to be a good blend of the good of Android and iPhone for the two different reasons stated previously. You are right about iOS that it definitely just performs better than Android. I think WP7 is on par from a general does it just work well but way a head from a UI/experience perspective. The Nokia releases should be in November, so not to long now. I had a Samsung Focus WP7 device and absolutely loved it but went back to my Android device as the lack of multi-tasking and commonly used applications was something I could not live without. Now that Mango is basically out I am just waiting for Nokia and others to launch their Mango based phones and I have a feeling I will be switching back. Both because I really do with WP7 is the best of both worlds as it relates to Android and iPhone and also because as someone whom stills like to write code (as a hobby, smarter guys at eEye write the code these days!) there is absolutely no comparison to the joy of developing in C# in Visual Studio vs. something like Objective C in X Code or Android Eclipse plugins etc... While talking about this space in none security terms (although I think WP7 will stand strong on security, it has a solid foundation in WinCE) I know MS has made many mistakes in the mobile market but at the end of the day 3 things matter: 1. Do they have a good product? Yes, WP7 is absolutely solid (especially now with Mango) and just a completely different UI experience that is absolutely stunning when leveraged by the right applications 2. Do they have a channel and manufacturing partners to leverage to get the product to market? Yes, Microsoft absolutely crushes in this area and has a lot of leverage not to mention cash to throw at companies like Nokia to go all in on WP7. 3. Do they have a large enough developer community? Yes, this is another area that Microsoft is king. And in fact they are doing a lot of things to make transitioning their legion of C# Windows OS developers over to WP7 in an easy way. I won't even get into Windows 8 and all the dynamics that brings to their WP7 market, but it is not anything to laugh at. 4. Wild Card - I think Microsoft is in the market for a long haul. The reality is that they CANNOT lose the mobile space as the game has changed to not just be consumers driving business choices anymore but more so consumer mobile devices in the future driving businesses. This is already happening even now with the latest OSX and Windows 8 releases where they are creating AppStores and all of the other things learned from the mobile world. The reality is that YOUR users want their desktop computing experience to be a lot more like what they get on their iPad and indeed it will be increasingly more difficult in the future to be a successful desktop OS manufacture if you are not a strong player in the mobile space. Alright, too much coffee and I need to get to sleep for tomorrows eEye vulnerability expert form which if you have not checked out is me and the research guys basically nerding out about the latest MS patches, whats happening in security and also going to discuss some recent Android (ha!) vulnerabilities that illustrate how manufactures are really screwing things up for Google.
RE: AV and malware protection?
It's worth noting that MalwareBytes is not an antivirus product. It is, however, an excellent protecter/cleaner against modern Trojans and rogue antivirus products. From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, October 07, 2011 1:20 PM To: NT System Admin Issues Subject: Re: AV and malware protection? I would trust Malwarebytes over a traditional a product. I wouldnt trust MSE what-so-ever. I've seen web-based drive by exploits absolutely destroy it. If I was going to couple with an AV product, I'd use Kaspersky primarily, with ESET as a secondary choice. -- Espi On Fri, Oct 7, 2011 at 6:34 AM, John Hornbuckle john.hornbuc...@taylor.k12.fl.usmailto:john.hornbuc...@taylor.k12.fl.us wrote: I just use Microsoft Security Essentials. Seems to work well enough for me. Or am I naïve? John Hornbuckle, MSMIS, PMP MIS Department Taylor County School District www.taylor.k12.fl.ushttp://www.taylor.k12.fl.us -Original Message- From: Eric Brouwer [mailto:ithelp.e...@gmail.commailto:ithelp.e...@gmail.com] Sent: Friday, October 07, 2011 9:31 AM To: NT System Admin Issues Subject: AV and malware protection? If you had to secure your own personal computer at home (Windows 7), what AV, firewall, malware protection would you install? Thanks! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin DISCLAIMER The information contained in this electronic mail may be confidential or legally privileged. It is for the intended recipient(s) only. Should you receive this message in error, please notify the sender by replying to this mail. Please do not read, copy, forward or store this message unless you are an intended recipient of it - unauthorized use of contents is strictly prohibited. Unless expressly stated, opinions in this message are those of the individual sender and not of GFI. While all care has been taken, GFI is not responsible for the integrity or the contents of this electronic mail and any attachments included within. (GFI2011) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: AV and malware protection?
Hmmm Take a look at the Wildlist, which is the list of currently verified viruses. There's still a lot of nasty stuff out there. http://www.wildlist.org/WildList/201108.txt We see plenty of viruses out there, and relying on a product like Malwarebytes as your only line of defense is a serious mistake, IMHO. It's an excellent product (remember we partner with them and are very close to them, so this is not a slight in the least on their technology) but you really, really need an AV product as a complement. Alex -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Sunday, October 09, 2011 1:27 PM To: NT System Admin Issue Subject: Re: AV and malware protection? On Sun, Oct 9, 2011 at 12:23 PM, Alex Eckelberry alex.eckelbe...@gfi.com wrote: It's worth noting that MalwareBytes is not an antivirus product. It is, however, an excellent protecter/cleaner against modern Trojans and rogue antivirus products. And the difference between these two things is...? Viruses are largely obsolete anyway. Between ubiquitous network connectivity and autorun, nobody needs to bother. Today's injection vectors are exploitable vulnerabilities in networked software and social engineering. An attacker crafting malware to piggy-back on benign executables exchanged via sneakernet is like worrying about how to attach a team of horses to your car. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin DISCLAIMER The information contained in this electronic mail may be confidential or legally privileged. It is for the intended recipient(s) only. Should you receive this message in error, please notify the sender by replying to this mail. Please do not read, copy, forward or store this message unless you are an intended recipient of it - unauthorized use of contents is strictly prohibited. Unless expressly stated, opinions in this message are those of the individual sender and not of GFI. While all care has been taken, GFI is not responsible for the integrity or the contents of this electronic mail and any attachments included within. (GFI2011) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: FYI: Vipre crushing bandwidth
Yes, we had a bad definition file go out and this affected some customers as a full new definition file had to be downloaded. It was fixed within several hours. I sincerely apologize for the hassle this may have caused! Alex Alex Eckelberry General Manager, Security Business Unit GFI Software, Inc. (formerly Sunbelt Software) 33 N. Garden Avenue, Clearwater, FL 33755 p: 919-297-1347 f: 727-562-5199 e: al...@gfi.commailto:al...@gfi.com MSN: alex...@hotmail.commailto:alex...@hotmail.com Skype: alexeckelberry oovoo: alexeck w: www.sunbeltsoftware.comhttp://www.sunbeltsoftware.com/ b: www.sunbeltblog.comhttp://www.sunbeltblog.com/ From: Mike Sullivan [mailto:neog...@gmail.com] Sent: Wednesday, September 21, 2011 11:24 AM To: NT System Admin Issues Subject: Re: FYI: Vipre crushing bandwidth I caught it early on yesterday and only had about 30 nodes affected. I was able to delete the bad definition from the server and stop the server from checking for new ones until they had the issue fixed. I thought they would test the definitions before they are released so they don't have problems like this. On Wed, Sep 21, 2011 at 6:25 AM, Cameron cameron.orl...@gmail.commailto:cameron.orl...@gmail.com wrote: FYI, Apparently a bad definition file was put out last night and is causing all clients to do a full update. Lovely way to start a morning. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- Thank you, Mike Sullivan ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin DISCLAIMER The information contained in this electronic mail may be confidential or legally privileged. It is for the intended recipient(s) only. Should you receive this message in error, please notify the sender by replying to this mail. Please do not read, copy, forward or store this message unless you are an intended recipient of it - unauthorized use of contents is strictly prohibited. Unless expressly stated, opinions in this message are those of the individual sender and not of GFI. While all care has been taken, GFI is not responsible for the integrity or the contents of this electronic mail and any attachments included within. (GFI2011) ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
Re: * Dramatic Overhaul of Windows GUI: Video
Alex Eckelberry Cell: 727-644-8830 Sent from my BlackBerry -Original Message- From: Mike Gill lis...@canbyfoursquare.com To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Thu Jun 02 20:13:25 2011 Subject: RE: * Dramatic Overhaul of Windows GUI: Video Hmm, looks familiar: http://www.mosaicbytribune.com/ Not at sophisticated as what’s in that video, but it sure looks inspired by. -- Mike Gill From: Stu Sjouwerman [mailto:s...@sunbelt-software.com] Sent: Thursday, June 02, 2011 12:45 PM To: NT System Admin Issues Subject: * Dramatic Overhaul of Windows GUI: Video * Dramatic Overhaul of Windows GUI: Video At a press event in Taipei this week, Redmond showed the next version of Windows, unveiling a dramatically overhauled tiles-based interface that they hope will be competitive in the tablet world. Microsoft marketing people must have gotten their fingers in this pie, because it's called a reimagining of Windows. Win8 will run on all types of devices from small, touch-sensitive smart phone screens to traditional large-screen PCs, and Win8 can be used with or without a keyboard and mouse. Basically, the screen looks just like the new Windows smart phone screen. The application comes quickly to life as Windows fades to the background, said Michael Angiulo, Windows Planning VP. The tiles on the start screen are live -- they represent your people, your applications, your contacts, the information you care the most about, he said. You can group them, arrange them and name them as you like, so that first start screen experience is really personal. Win 8 still also provides the normal Windows desktop and backward compatibility with existing Windows apps. Microsoft President Steve Sinofsky stated: Windows 8 is example of coloring outside the lines. We have an approach that is different, but builds on the value of an OS that sells 400 million or so units a year. Laptops, slates, desktops can all run one operating system. I will be reporting about this a lot more in the future. Stay tuned. Here's how it looks! 4:34 Youtube video: http://www.youtube.com/watch?v=p92QfWOw88I http://www.youtube.com/watch?v=p92QfWOw88I Warm regards, Stu ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: * My New Book Is Out: CYBERHEIST
Ahhh, I just finally installed Calibre. This is an awesome program, and I'll see if it makes things better. Thanks for the tip -Original Message- From: Bob Fronk [mailto:b...@btrfronk.com] Sent: Friday, April 29, 2011 10:36 PM To: NT System Admin Issues Subject: RE: * My New Book Is Out: CYBERHEIST Convert the PDF to .mobi with Caliber first. Then transfer to your Kindle with the u...@free.kindle.com address. BF -Original Message- From: Alex Eckelberry [mailto:al...@sunbelt-software.com] Sent: Friday, April 29, 2011 10:09 PM To: NT System Admin Issues Subject: RE: * My New Book Is Out: CYBERHEIST I have had little luck being able to read PDF material, at least on my smaller Kindle (perhaps the DX is better). Maybe there is a secret, but I haven't found it. It apparently converts each page to a graphic. -Original Message- From: Gary Cordell [mailto:ga...@ers.tcoe.org] Sent: Friday, April 29, 2011 4:48 PM To: NT System Admin Issues Subject: RE: * My New Book Is Out: CYBERHEIST I have a Kindle, and it works very nicely for reading books. The screen is spooky though--looks like print on a page, not a computer screen. I understand that you can ( I haven't tried it yet, so take it as hearsay for now) email a pdf to a special Kindle address and the gnomes will translate it into Kindle format and return it to your Kindle. And that Kindle should read aloud any kindle format book to you. I will have to try this out this weekend... In my copious spare time of which I have none... Gary -Original Message- From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Friday, April 29, 2011 1:38 PM To: NT System Admin Issues Subject: *SPAM*RE: * My New Book Is Out: CYBERHEIST Tack on a smiley there :) -Original Message- From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Friday, April 29, 2011 3:36 PM To: NT System Admin Issues Subject: *SPAM*RE: * My New Book Is Out: CYBERHEIST And a free audio book would be even better -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Friday, April 29, 2011 3:28 PM To: NT System Admin Issues Subject: *SPAM*Re: * My New Book Is Out: CYBERHEIST Agreed! An audiobook would be great! Roger Wright ___ I'm out of bed and dressed... what more do you want? On Fri, Apr 29, 2011 at 3:16 PM, N Parr npar...@mortonind.com wrote: You going to read it to us Stu? I don't have time to read, listen to everything in the car on way to work and back. Eddard what are you thinking, you don't give Dire Wolves to children! -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, April 29, 2011 12:40 PM To: NT System Admin Issues Subject: Re: * My New Book Is Out: CYBERHEIST Thank you Stu. This is a great service. On Fri, Apr 29, 2011 at 09:21, Stu Sjouwerman s...@sunbelt-software.com wrote: * My New Book Is Out: CYBERHEIST Hi All, I'm very excited to announce my new book: CYBERHEIST. (Keep on reading for the special NTSYSADMIN subscriber offer at the end of this item): Why I wrote it? To increase executive level awareness that the bad guys have moved from simple identity theft to full fledged robbery of corporate bank accounts (non-profits are targets too), using phishing and social engineering. Most business owners, C-level executives and people in HR functions simply do not know this yet, but cyberheists are happening right now as we speak. Organized cyber crime has developed into a very well funded, sophisticated and technically skilled operation, and their results are very damaging. Unfortunately, management still has a false sense of security. With the rapid proliferation of social media and mobile computing, -people- are the new perimeter! The threat is there, and getting worse. Just have a look at this Google map overlaid with cases, and that is only the tip of the iceberg, there are hundreds more unreported cyberheist cases: http://www.knowbe4.com/resources/cyberheist-map/ So, do you need some ammo to get more budget for your IT security? You need state-of the art endpoint protection, and I strongly recommend VIPRE for that, combined with end-user security awareness training. Please either forward this link to management and tell them to buy a copy. Or better yet, if you really want to make sure they get the message, get a copy yourself and give it to them. It's enlightening, and written for both IT and non-IT people. Everything is explained in normal terms to make sure we don't put anyone to sleep. Please do me a favor and tell all your friends? Thanks so much in advance! Oh, and check out the reviews written by your peers. (Thanks for your kind words, you know who you are!) Here is the paperback Version http://www.amazon.com/Cyberheist-financial-American-businesses-meltdo w n/ dp/098348/ This is the Kindle Version: http
RE: * My New Book Is Out: CYBERHEIST
I have had little luck being able to read PDF material, at least on my smaller Kindle (perhaps the DX is better). Maybe there is a secret, but I haven't found it. It apparently converts each page to a graphic. -Original Message- From: Gary Cordell [mailto:ga...@ers.tcoe.org] Sent: Friday, April 29, 2011 4:48 PM To: NT System Admin Issues Subject: RE: * My New Book Is Out: CYBERHEIST I have a Kindle, and it works very nicely for reading books. The screen is spooky though--looks like print on a page, not a computer screen. I understand that you can ( I haven't tried it yet, so take it as hearsay for now) email a pdf to a special Kindle address and the gnomes will translate it into Kindle format and return it to your Kindle. And that Kindle should read aloud any kindle format book to you. I will have to try this out this weekend... In my copious spare time of which I have none... Gary -Original Message- From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Friday, April 29, 2011 1:38 PM To: NT System Admin Issues Subject: *SPAM*RE: * My New Book Is Out: CYBERHEIST Tack on a smiley there :) -Original Message- From: Crawford, Scott [mailto:crawfo...@evangel.edu] Sent: Friday, April 29, 2011 3:36 PM To: NT System Admin Issues Subject: *SPAM*RE: * My New Book Is Out: CYBERHEIST And a free audio book would be even better -Original Message- From: Roger Wright [mailto:rhw...@gmail.com] Sent: Friday, April 29, 2011 3:28 PM To: NT System Admin Issues Subject: *SPAM*Re: * My New Book Is Out: CYBERHEIST Agreed! An audiobook would be great! Roger Wright ___ I'm out of bed and dressed... what more do you want? On Fri, Apr 29, 2011 at 3:16 PM, N Parr npar...@mortonind.com wrote: You going to read it to us Stu? I don't have time to read, listen to everything in the car on way to work and back. Eddard what are you thinking, you don't give Dire Wolves to children! -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, April 29, 2011 12:40 PM To: NT System Admin Issues Subject: Re: * My New Book Is Out: CYBERHEIST Thank you Stu. This is a great service. On Fri, Apr 29, 2011 at 09:21, Stu Sjouwerman s...@sunbelt-software.com wrote: * My New Book Is Out: CYBERHEIST Hi All, I'm very excited to announce my new book: CYBERHEIST. (Keep on reading for the special NTSYSADMIN subscriber offer at the end of this item): Why I wrote it? To increase executive level awareness that the bad guys have moved from simple identity theft to full fledged robbery of corporate bank accounts (non-profits are targets too), using phishing and social engineering. Most business owners, C-level executives and people in HR functions simply do not know this yet, but cyberheists are happening right now as we speak. Organized cyber crime has developed into a very well funded, sophisticated and technically skilled operation, and their results are very damaging. Unfortunately, management still has a false sense of security. With the rapid proliferation of social media and mobile computing, -people- are the new perimeter! The threat is there, and getting worse. Just have a look at this Google map overlaid with cases, and that is only the tip of the iceberg, there are hundreds more unreported cyberheist cases: http://www.knowbe4.com/resources/cyberheist-map/ So, do you need some ammo to get more budget for your IT security? You need state-of the art endpoint protection, and I strongly recommend VIPRE for that, combined with end-user security awareness training. Please either forward this link to management and tell them to buy a copy. Or better yet, if you really want to make sure they get the message, get a copy yourself and give it to them. It's enlightening, and written for both IT and non-IT people. Everything is explained in normal terms to make sure we don't put anyone to sleep. Please do me a favor and tell all your friends? Thanks so much in advance! Oh, and check out the reviews written by your peers. (Thanks for your kind words, you know who you are!) Here is the paperback Version http://www.amazon.com/Cyberheist-financial-American-businesses-meltdo w n/ dp/098348/ This is the Kindle Version: http://www.amazon.com/Cyberheist-financial-American-businesses-ebook/ dp/B004XDE20O/ BUT...I have saved the best for last! Subscribers of NTSYSADMIN are eligible for a free copy of the e-book in PDF format. This is not just one chapter as a teaser. This is the whole darn book! Yes, you have to register, and you will receive CyberheistNews twice a month, but this is a complete no-brainer. GET IT NOW. This offer goes away very soon: http://www.knowbe4.com/free-cyberheist-ebook/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage
RE: Laptop confusion
This is out of left field, but as someone who has owned probably every laptop known to mankind, I will say that I recently bought a Toshiba and was very, very impressed. Outstanding build quality and a bunch of very useful built-in tools. Price is certainly very competitive against the major brands. Fwiw. Alex From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Tuesday, April 19, 2011 12:02 PM To: NT System Admin Issues Subject: Re: Laptop confusion Thanks for the responses. I'd be fine with the Latitude across fleet, too, but currently the quotes are several hundred more per unit than the Lenovo T, which Dell tell me is the competing Lenovo line. Ken you have a good point about the standardization. Not that it would last long since both Dell and Lenovo seem to change docking station models with each full moon... We have so many docking stations around here that fit...nothing. CPU doesn't matter too much for quote purposes. Jonathan Link jonathan.l...@gmail.commailto:jonathan.l...@gmail.com 4/19/2011 11:45 AM I generally concur, with one exception. I would recommend staying away from Vostro's entirely. My experience with them is that they do not hold up over a three year lifespan to the same degree Latitudes do. If you do decide to mix Vostros in, I would definitely take Ken's advice and budget for early replacement. On Tue, Apr 19, 2011 at 11:42 AM, Ken Schaefer k...@adopenstatic.commailto:k...@adopenstatic.com wrote: Does the CPU really matter? Are your users really CPU bound? Surely warranty support etc. are the determining factors? Over a 3 year lifecycle, if you have to wait a few hours extra for a fix per incident, then the loss of business revenue surely outweighs a few extra dollars upfront, or 1% CPU power. I would go Latitude across the fleet, so at least you have standardised peripheral, modular bay devices, docking stations etc. If you remote users come onsite, they can use the stuff you have in your offices. Plus Latitude has a longer projected lifecycle for peripheral, docking stations etc than Vostro. If you are really concerned about CAPEX, then go Vostro across the fleet and budget (worst case) to replace a year earlier. From: Tom Miller [mailto:tmil...@hnncsb.orgmailto:tmil...@hnncsb.org] Sent: Tuesday, 19 April 2011 11:38 PM To: NT System Admin Issues Subject: Laptop confusion Hi Folks, We are purchasing a number of laptops are part of a project here. Most of these laptops will be replacing current desktops. Some will be for our nomadic users who work in schools, hospitals, and so on. Up to now we've purchased ThinkPad laptops, but I'm looking around. We've been satisfied with our Dell desktops, so I'm looking at Dell laptops. My Dell rep suggested a Latitude with docking station for my staff with desks, and a Vostro for the remote users. Remote users access our systems via XenApp, so I don't need anything powerful on their end. I'm having a bit of trouble comparing these to the Lenovo units, though. I think the Vostro would be about the same as a SL510 series or around that. The Latitude would be like a T series Lenovo. I can match memory and screen size and most features, but processor core isn't always a direct match. Suggestions? Really for us, best price wins, but I want to compare apples to apples, as it were. Anyone compare these two brands? Am I off on the models here? Thanks, Tom ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~
RE: Laptop confusion
Agreed, fair points. Back in the 90s they were at the top of their game, but these days, their b2b strategy is questionable. Certainly for personal use I would consider one. From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Tuesday, April 19, 2011 12:39 PM To: NT System Admin Issues Subject: RE: Laptop confusion Toshiba doesn't work in an enterprise environment. Build quality varies depending on the series (Tecra, Satellite etc). Warranty service varies between countries (RTB, Onsite etc). A lot of the utilities that they bundle in can't be deployed using automated methods, because they require manual intervention. Also, the actual order of installing all the utilities is a PITA. And most of the utilities are just an overhead on the machine - the functionality is already built into Windows. Worked on many accounts that have Toshibas as the platform, plus owned a lot of Toshiba tablet PCs (in the day, they were the only serious TabletPC vendor) From: Alex Eckelberry [mailto:al...@sunbelt-software.com] Sent: Wednesday, 20 April 2011 12:29 AM To: NT System Admin Issues Subject: RE: Laptop confusion This is out of left field, but as someone who has owned probably every laptop known to mankind, I will say that I recently bought a Toshiba and was very, very impressed. Outstanding build quality and a bunch of very useful built-in tools. Price is certainly very competitive against the major brands. Fwiw. Alex From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Tuesday, April 19, 2011 12:02 PM To: NT System Admin Issues Subject: Re: Laptop confusion Thanks for the responses. I'd be fine with the Latitude across fleet, too, but currently the quotes are several hundred more per unit than the Lenovo T, which Dell tell me is the competing Lenovo line. Ken you have a good point about the standardization. Not that it would last long since both Dell and Lenovo seem to change docking station models with each full moon... We have so many docking stations around here that fit...nothing. CPU doesn't matter too much for quote purposes. Jonathan Link jonathan.l...@gmail.commailto:jonathan.l...@gmail.com 4/19/2011 11:45 AM I generally concur, with one exception. I would recommend staying away from Vostro's entirely. My experience with them is that they do not hold up over a three year lifespan to the same degree Latitudes do. If you do decide to mix Vostros in, I would definitely take Ken's advice and budget for early replacement. On Tue, Apr 19, 2011 at 11:42 AM, Ken Schaefer k...@adopenstatic.commailto:k...@adopenstatic.com wrote: Does the CPU really matter? Are your users really CPU bound? Surely warranty support etc. are the determining factors? Over a 3 year lifecycle, if you have to wait a few hours extra for a fix per incident, then the loss of business revenue surely outweighs a few extra dollars upfront, or 1% CPU power. I would go Latitude across the fleet, so at least you have standardised peripheral, modular bay devices, docking stations etc. If you remote users come onsite, they can use the stuff you have in your offices. Plus Latitude has a longer projected lifecycle for peripheral, docking stations etc than Vostro. If you are really concerned about CAPEX, then go Vostro across the fleet and budget (worst case) to replace a year earlier. From: Tom Miller [mailto:tmil...@hnncsb.orgmailto:tmil...@hnncsb.org] Sent: Tuesday, 19 April 2011 11:38 PM To: NT System Admin Issues Subject: Laptop confusion Hi Folks, We are purchasing a number of laptops are part of a project here. Most of these laptops will be replacing current desktops. Some will be for our nomadic users who work in schools, hospitals, and so on. Up to now we've purchased ThinkPad laptops, but I'm looking around. We've been satisfied with our Dell desktops, so I'm looking at Dell laptops. My Dell rep suggested a Latitude with docking station for my staff with desks, and a Vostro for the remote users. Remote users access our systems via XenApp, so I don't need anything powerful on their end. I'm having a bit of trouble comparing these to the Lenovo units, though. I think the Vostro would be about the same as a SL510 series or around that. The Latitude would be like a T series Lenovo. I can match memory and screen size and most features, but processor core isn't always a direct match. Suggestions? Really for us, best price wins, but I want to compare apples to apples, as it were. Anyone compare these two brands? Am I off on the models here? Thanks, Tom ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http
RE: OT: WiFi Repeater recommendations
We installed a microwave link between buildings in Florida, it's worked swimmingly well (no pun intended). I would highly recommend looking at that option. And yes, it is very humid and wet down here, as you might imagine. Alex From: Jon Harris [mailto:jk.har...@gmail.com] Sent: Friday, April 01, 2011 6:10 PM To: NT System Admin Issues Subject: Re: OT: WiFi Repeater recommendations LinkSys/Cisco used to have directional antennas as an option which might get you close. I would guess other vendors have the same. Another option would be using a microwave link. Cost is much higher but bandwidth with one of these is also much higher. Down side is high humidity or obstructions cause major problems with any linkage. Since you are in AZ you should be relativity safe from the humidity issue. Roof top to roof top mounts with fiber up and down would most likely take care of most obstructions. Jon Harris On Fri, Apr 1, 2011 at 6:01 PM, Angus Scott-Fleming angu...@geoapps.commailto:angu...@geoapps.com wrote: OT, but it's Friday. I need to set up a Wireless Repeater, or set up a wireless bridge to another building with a WiFi hotspot in the second building. The buildings are about 100 yards apart, and there are some desert trees between them. Recommendations for gear welcome. TIA Angus ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Samsung keylogger with Vipre mention
I wrote a response this morning: http://sunbeltblog.blogspot.com/2011/03/samsung-laptops-do-not-have-keylogger.html Alex From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Thursday, March 31, 2011 9:20 AM To: NT System Admin Issues Subject: RE: Samsung keylogger with Vipre mention I find fault with both. :) I agree with you. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Jonathan Link [mailto:jonathan.l...@gmail.com] Sent: Thursday, March 31, 2011 9:18 AM To: NT System Admin Issues Subject: Re: Samsung keylogger with Vipre mention Oh, I agree, but you seem to be finding fault with the tool. I find fault witht he professional using the tool. It seems to me, that many of us forget to test for repeatability, and fewer know how to do to that properly. My opinion of a security research trying to make a name for himself, and there's no doubt that's what this episode was all about, should have enough intellectual rigor to attack the problem from all angles before publishing findings. If I'm a client of NetSec Consulting (firm he founded), and I catch wind of this, I won't be a client for very long. On Thu, Mar 31, 2011 at 9:08 AM, Michael B. Smith mich...@smithcons.commailto:mich...@smithcons.com wrote: The challenge/issue here is that every AV has false positives. Most of them, however, don't get written up and /.'ed. The original author should've tested with multiple engines. And, as Vipre starts to play with the big boys, they are going to get big-boy levels of attention... Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: Jonathan Link [mailto:jonathan.l...@gmail.commailto:jonathan.l...@gmail.com] Sent: Thursday, March 31, 2011 9:04 AM To: NT System Admin Issues Subject: Re: Samsung keylogger with Vipre mention Has someone had a career changing event? On Thu, Mar 31, 2011 at 9:01 AM, Michael B. Smith mich...@smithcons.commailto:mich...@smithcons.com wrote: And it's easily possible to reproduce with Vipre... It's a false alarm. http://www.theregister.co.uk/2011/03/31/samsung_keylogger_rumour_debunked/ Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: Ken Schaefer [mailto:k...@adopenstatic.commailto:k...@adopenstatic.com] Sent: Thursday, March 31, 2011 7:44 AM To: NT System Admin Issues Subject: RE: Samsung keylogger with Vipre mention Samsung denies, according to their blog: http://www.samsungtomorrow.com/1071 Cheers Ken From: Andrew S. Baker [mailto:asbz...@gmail.commailto:asbz...@gmail.com] Sent: Thursday, 31 March 2011 7:10 PM To: NT System Admin Issues Subject: Re: Samsung keylogger with Vipre mention Nothing substantiated as yet, however. ASB (Professional Biohttp://about.me/Andrew.S.Baker/bio) Technology Services that Maximize Business Results... On Thu, Mar 31, 2011 at 7:01 AM, chipsh...@comcast.netmailto:chipsh...@comcast.net wrote: Interesting: http://news.cnet.com/8301-27080_3-20048896-245.html ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource
RE: Samsung keylogger with Vipre mention
I agree. We've pulled it. From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] Sent: Thursday, March 31, 2011 12:01 PM To: NT System Admin Issues Subject: RE: Samsung keylogger with Vipre mention HIJACK!!! OTOH, GFI might want to reconsider the advertizing sticker on the front cover of Windows IT Pro. It's taste is rather questionable and really doesn't belong on the front cover. Shauna Hensala she...@msn.commailto:she...@msn.com 03/31/2011 10:49 AM Please respond to NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com To NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Press this button if the To is a fax number. Enter in the fax number like 123-456-7890. cc Subject RE: Samsung keylogger with Vipre mention GFI/Vipre displays a higher level of integrity than the researcher - IMHO. Shauna Hensala From: al...@sunbelt-software.com To: ntsysadmin@lyris.sunbelt-software.com Date: Thu, 31 Mar 2011 11:35:33 -0400 Subject: RE: Samsung keylogger with Vipre mention I wrote a response this morning: http://sunbeltblog.blogspot.com/2011/03/samsung-laptops-do-not-have-keylogger.html Alex From: Michael B. Smith [mailto:mich...@smithcons.com]mailto:[mailto:mich...@smithcons.com] Sent: Thursday, March 31, 2011 9:20 AM To: NT System Admin Issues Subject: RE: Samsung keylogger with Vipre mention I find fault with both. :) I agree with you. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: Jonathan Link [mailto:jonathan.l...@gmail.com]mailto:[mailto:jonathan.l...@gmail.com] Sent: Thursday, March 31, 2011 9:18 AM To: NT System Admin Issues Subject: Re: Samsung keylogger with Vipre mention Oh, I agree, but you seem to be finding fault with the tool. I find fault witht he professional using the tool. It seems to me, that many of us forget to test for repeatability, and fewer know how to do to that properly. My opinion of a security research trying to make a name for himself, and there's no doubt that's what this episode was all about, should have enough intellectual rigor to attack the problem from all angles before publishing findings. If I'm a client of NetSec Consulting (firm he founded), and I catch wind of this, I won't be a client for very long. On Thu, Mar 31, 2011 at 9:08 AM, Michael B. Smith mich...@smithcons.commailto:mich...@smithcons.com wrote: The challenge/issue here is that every AV has false positives. Most of them, however, don't get written up and /.'ed. The original author should've tested with multiple engines. And, as Vipre starts to play with the big boys, they are going to get big-boy levels of attention... Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: Jonathan Link [mailto:jonathan.l...@gmail.commailto:jonathan.l...@gmail.com] Sent: Thursday, March 31, 2011 9:04 AM To: NT System Admin Issues Subject: Re: Samsung keylogger with Vipre mention Has someone had a career changing event? On Thu, Mar 31, 2011 at 9:01 AM, Michael B. Smith mich...@smithcons.commailto:mich...@smithcons.com wrote: And it's easily possible to reproduce with Vipre... It's a false alarm. http://www.theregister.co.uk/2011/03/31/samsung_keylogger_rumour_debunked/ Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.comhttp://theessentialexchange.com/ From: Ken Schaefer [mailto:k...@adopenstatic.commailto:k...@adopenstatic.com] Sent: Thursday, March 31, 2011 7:44 AM To: NT System Admin Issues Subject: RE: Samsung keylogger with Vipre mention Samsung denies, according to their blog: http://www.samsungtomorrow.com/1071 Cheers Ken From: Andrew S. Baker [mailto:asbz...@gmail.commailto:asbz...@gmail.com] Sent: Thursday, 31 March 2011 7:10 PM To: NT System Admin Issues Subject: Re: Samsung keylogger with Vipre mention Nothing substantiated as yet, however. ASB (Professional Biohttp://about.me/Andrew.S.Baker/bio) Technology Services that Maximize Business Results... On Thu, Mar 31, 2011 at 7:01 AM, chipsh...@comcast.netmailto:chipsh...@comcast.net wrote: Interesting: http://news.cnet.com/8301-27080_3-20048896-245.html ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to
RE: Anyone recommendations for Cloud server hosting?
we use peak10 and like it. From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Wednesday, March 30, 2011 12:11 PM To: NT System Admin Issues Subject: Re: Anyone recommendations for Cloud server hosting? RackSpace is very good in this space. What will you be doing?Microsoft or Amazon will work well here, too, for most needs. ASB (Professional Biohttp://about.me/Andrew.S.Baker/bio) Technology Services that Maximize Business Results... On Wed, Mar 30, 2011 at 9:13 AM, Chris Blair chris_bl...@identisys.commailto:chris_bl...@identisys.com wrote: We need to move our cloud server hosting to a new company. We need to run a Windows 2008 R2 server, with SQL express, 1gb ram, and 10gb disk space. I have looked at a few, Server Intellect, Rack Space, and Amazon S2. Any real work experiences? Any other recommendations? Thanks, Chris Blair ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Clearwater, Florida usability testing
Not sure of The Breeze, but we do have the Tampa Breeze, an all-star Lingerie League team… http://www.lflus.com/tampabreeze/ Alex From: Richard Stovall [mailto:rich...@gmail.com] Sent: Tuesday, March 29, 2011 12:10 PM To: NT System Admin Issues Subject: Re: Clearwater, Florida usability testing Throw in airfare, hotel and a rental car and I'm there! I hear there's a nice place called The Breeze down there somewhere that would be good for a post-testing libation. On Tue, Mar 29, 2011 at 11:42 AM, Alex Eckelberry al...@sunbelt-software.commailto:al...@sunbelt-software.com wrote: Anyone in the Tampa Bay area want to come down to our offices for one hour to be in a product usability test? This is a one-way mirror type of test. Free copy of VIPRE and a Target gift card (I know, it’s not much, but you get the joy of knowing you’re helping humanity). Contact Bula Barua (bu...@sunbeltsoftware.commailto:bu...@sunbeltsoftware.com) if interested. Thanks! Alex Alex Eckelberry General Manager, Security Business Unit GFI Software, Inc. (formerly Sunbelt Software) 33 N. Garden Avenue, Clearwater, FL 33755 p: 919-297-1347tel:919-297-1347 f: 727-562-5199tel:727-562-5199 e: al...@gfi.commailto:al...@gfi.com MSN: alex...@hotmail.commailto:alex...@hotmail.com Skype: alexeckelberry oovoo: alexeck w: www.sunbeltsoftware.comhttp://www.sunbeltsoftware.com/ b: www.sunbeltblog.comhttp://www.sunbeltblog.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Antivirus Vendor Replacement
We had many talks with Gartner. All I can say is that they didn't seem to understand that we don't want to add 1,000 endless features to make the feature checkbox game. We will continue to impress upon them that we never want to be like anyone else. Gartner does not actually use the products they evaluate. They watch a Powerpoint presentation by the vendor. When I went out to design VIPRE with our team, our philosophy was less is better - in other words, we wanted to design a Porsche, vs. an SUV. In talking to admins, we found that the biggest headache was performance. Well, the reality is, you add all kinds of cute toys to your Porsche, it's going to turn into a pig. I'm going to be parsimonious with whatever features we add to VIPRE. Gartner dinged us because we didn't have things like a Wifi mode (whatever that is) and USB device protection. True, we don't. Personally, I feel that a lot of what they wanted from the product would be better found elsewhere (much of it for free through GPO) or through dedicated point products. Nevertheless, we will continue adding pieces of functionality as it make sense, but I am far more in favor of continuing to refine what we have. I get much more concerned about the quality of malware detection, the usability of the console, intrusiveness of agents, and many other things that are part-and-parcel to what an admin has to deal with, rather than adding additional features. Believe me, it's enough just to make sure you have the basics right... But yes, we could do a better job getting more reviews and more analysts covering us, and now that GFI owns us, this is starting to happen (because money really helps). Alex From: Weatherford, Chad [mailto:cweatherf...@scvl.com] Sent: Friday, March 11, 2011 2:01 PM To: NT System Admin Issues Subject: RE: Antivirus Vendor Replacement The only issue I have with Vipre are the ratings I have seen on Gartner and such...I take that all with a grain of salt but we still have to consider what is said. Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc. | *:812.867.8314 | 7: 812.471.9866 | *: cweatherf...@scvl.commailto:cweatherf...@scvl.com From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Friday, March 11, 2011 10:15 To: NT System Admin Issues Subject: RE: Antivirus Vendor Replacement Good luck on the catches all of the bugs part, regardless of vendor. Vipre has the smallest footprint of Trend, McAfee, Eset, and a couple of others that have been tested here in the last couple of months. From: Weatherford, Chad [mailto:cweatherf...@scvl.com] Sent: Friday, March 11, 2011 10:00 AM To: NT System Admin Issues Subject: Antivirus Vendor Replacement We are looking to replace our current AV (McCrappy Total Protection for Endpoint) with something that is more light weight AND catches all of the bugs. I was pretty excited about Trend and LANDesk's Kaspersky engine...until either testing or listening to SE's describe the product. I would appreciate any and all feedback on the AV vendor you use and if you recommend them. Chad Weatherford | Network/Security Administrator | Shoe Carnival, Inc. | *:812.867.8314 | 7: 812.471.9866 | *: cweatherf...@scvl.commailto:cweatherf...@scvl.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Antivirus Vendor Replacement
All I can say is that we're good friends, and we have a partnership with them that's largely a web page: http://vipre.malwarebytes.org But nothing more concrete. From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Friday, March 11, 2011 3:22 PM To: NT System Admin Issues Subject: Re: Antivirus Vendor Replacement Speaking of Vipre: Is Sunbelt fully partnered with Malwarebytes yet? Does Vipre have or spec'd to have full MB functionality? -- ME2 On Fri, Mar 11, 2011 at 12:10 PM, Tom Miller tmil...@hnncsb.orgmailto:tmil...@hnncsb.org wrote: Vipre here. However our weekly deep scans are almost as bad as when we had Symmantec. My PC is running the weekly deep now and it's slow, even at low priority. I'm slowly enabling wake on lan for all of our PCs, so they can be powered on before staff arrive, then Vipre can do it's thing. Rod Trent rodtr...@myitforum.commailto:rodtr...@myitforum.com 3/11/2011 2:36 PM Agreed. But, Gartner plays to the CIOs and CTOs who are the ones that actually listen to them. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.commailto:mailvor...@gmail.com] Sent: Friday, March 11, 2011 13:07 To: NT System Admin Issues Subject: Re: Antivirus Vendor Replacement On Fri, Mar 11, 2011 at 2:01 PM, Weatherford, Chad cweatherf...@scvl.commailto:cweatherf...@scvl.com wrote: The only issue I have with Vipre are the ratings I have seen on Gartner and such...I take that all with a grain of salt but we still have to consider what is said. I dunno about the and such, but for Garter, that just means Sunbelt didn't pay them to participate in the study or whatever. Garter's a corporate mouthpiece and always has been. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: web content filtering in the SMB
I’m biased, but: http://www.gfi.com/internet-monitoring-software From: James Hill [mailto:james.h...@superamart.com.au] Sent: Tuesday, February 01, 2011 4:57 PM To: NT System Admin Issues Subject: RE: web content filtering in the SMB I’m a big fan of WebMarshal. Out of the box settings are good and it’s highly configurable and very easy to use. You can plug in a bunch of different AV/Malware scanners. http://www.m86security.com/products/web_security/webmarshal.asp Give the free trial a go. From: Richard Stovall [mailto:rich...@gmail.com] Sent: Wednesday, 2 February 2011 7:53 AM To: NT System Admin Issues Subject: Re: web content filtering in the SMB What model SonicWall do you have? You will also get malware protection on the SonicWall if you purchase a bundle that has content filtering and gateway AV protection. Have you had a look at www.firewalls.comhttp://www.firewalls.com (http://www.firewalls.com/sonicwall/sonicwall-firewall/sonicwall-nsa-series/sonicwall-nsa-240) An NSA 240 bundle with all the UTM/CFS/IPS addons included only runs $1,391 for a year, and subscription renewals look to start at $582 for 1 year. We have a couple of these in a failover pair and they work fine. The CFS stuff isn't very granular, and the concept of allowing users to manually override filtering for a short period of time isn't something that SonicWall seems to have considered, but we worked around the limitations successfully. On Tue, Feb 1, 2011 at 4:26 PM, Bill Humphries nt...@hedgedigger.commailto:nt...@hedgedigger.com wrote: Hey guys, I was just quoting renewals for a sonicwall firewall for a client. They use the built-in, licenseable content filtering built into the firewall. It looks like SW raised the price and it is bumping $1,000 for this feature for a 25 person office. Do you think that money could be spent elsewhere with another filtering product to get better ROI? Really, they just think they need to have this in place to block employees from the seedy places. I would like a solution that helps avoid malware and I don't think the SW content filtering does a thing to help avoid malware. Do you have any other suggestions that are in the same ballpark and are low maintenance/administration time? Thanks. bill ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: DNS latency
Nsbench? http://www.dslreports.com/faq/15890 From: Matthew Bullock [mailto:mbull...@root9.com] Sent: Sunday, January 30, 2011 1:10 PM To: NT System Admin Issues Subject: RE: DNS latency You can try using dig +trace, never used it on a windows box but this might help you out: http://unroutable.blogspot.com/2009/02/how-to-install-dig-for-windows.html -matt From: Stephen Wimberly [mailto:riverside...@gmail.com] Sent: Saturday, January 29, 2011 3:57 PM To: NT System Admin Issues Subject: DNS latency I have an Active Directory domain, which means I have my own DNS environment. For any name resolution that is not in my domain, my DNS server must pass the request up to our ISP for resolution. Is there a way to measure how long the added delay might be to gain a reply? In other words how much faster would it be if I were pointing directly at the ISP DNS servers, not my own that forward? Thanks In Advance! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Intel developing security 'game-changer'
Well, since the vast majority of infections occur because of social engineering, I don't think it will mean much at all. An analogy might be DEP, which did make some difference - that was something at the kernel. But not a huge difference. I would put this in the same pot. At the end of the day, your users will still demand downloading their favorite crapware, surf porn, and fill out lottery sites online, while giving all of these places their credit card numbers. Alex From: David Lum [mailto:david@nwea.org] Sent: Wednesday, January 26, 2011 1:37 PM To: NT System Admin Issues Subject: Intel developing security 'game-changer' What say you, Alex, et all. http://www.computerworld.com/s/article/9206366/Intel_developing_security_game_changer_?taxonomyId=85 Hype? David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 503.548.5229 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Freeware PDF creator?
Just don't take them on a plane. -Original Message- From: Terry Dickson [mailto:te...@treasurer.state.ks.us] Sent: Thursday, January 20, 2011 9:23 AM To: NT System Admin Issues Subject: RE: Freeware PDF creator? You might try etoner.com I think I saw it there. -Original Message- From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Thursday, January 20, 2011 8:11 AM To: NT System Admin Issues Subject: Re: Freeware PDF creator? wow, a 2si ? Didn't know they made those prior to a IIIsi. hopefully you've kept a few empty cartridges in case you find someone that can refill them and replace the drum ? On Thu, Jan 20, 2011 at 12:27 AM, Don Ely don@gmail.com wrote: Some things never cease to amaze me... For those upset about offering your help only to be told to pound sand, I offer you this... Ignore his requests... In order to keep this on topic, I have a request of the group... Does anyone know where I can buy some toner for my HP LaserJet 2si printer? -- Forwarded message -- From: John Aldrich jaldr...@blueridgecarpet.com Date: Wed, Nov 10, 2010 at 9:59 AM Subject: Freeware PDF creator? To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Is there a freeware app that can create PDFs, similar to the way one does with Adobe Acrobat, but with fewer bugs? :-) I like SumatraPDF that someone suggested on this list awhile back, and I got to wondering if there were something similar for creating PDF documents. Of course, I know OpenOffice can do it, but I'd rather not install a complete office suite just to create a PDF. :-) Thanks! ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY NOTICE: This e-mail and any attachments are confidential. If you are not the intended recipient, you do not have permission to disclose, copy, distribute, or open any attachments. If you have received this e-mail in error, please notify us immediately by returning it to the sender and delete this copy from your system. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: free PDF printer
CutePDF and BullZip PDF. I find Bullzip PDF just outstanding. -Original Message- From: Orland, Kathleen [mailto:korl...@rogers.com] Sent: Tuesday, January 18, 2011 3:03 PM To: NT System Admin Issues Subject: RE: free PDF printer +1 for Primo. Have used it on a variety of O/S from W2K to Windows 7. -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: 18 January 2011 14:22 To: NT System Admin Issues Subject: free PDF printer What do you guys like for creating PDFs? ISTR that someone recommended PrimoPDF. Is that still a good one or is there something better? It appears one of my users is having problems with incompatibility between her Outlook (2000) and Adobe Acrobat. WHY it's just now showing up is a mystery to me, but it is Anyway, if ya'll could let me know what you think is the best FREE PDF maker, I'd appreciate it. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: AppAssure Replay4
I will say that one of our guys took a good look at it a couple of years ago and came back very, very impressed. It's a very slick product. From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Sunday, January 16, 2011 7:30 PM To: NT System Admin Issues Subject: Re: AppAssure Replay4 I evaluated it about 2 years back and it looked promising at the time. Need to check it out again. ASB (My Bio via About.Mehttp://about.me/Andrew.S.Baker/bio) Exploiting Technology for Business Advantage... On Fri, Jan 14, 2011 at 10:58 PM, greg.swe...@actsconsulting.netmailto:greg.swe...@actsconsulting.net wrote: We have replaced all backup software we use at all locations with AppAssure, it just works. We were on it before they standardized event logs and some other tweaks, but we have used it to do backups of servers, exchange, sql, sharepoint to flat files, to standby VM's and they just come up easily. Easy configs, easy restores... It just works. Replication is done by installing the core on another server at a remote location and pushing to the repository that the core their controls. You can then push it to a VM, physical box.. Its slick.. My guys have worked directly with the techs there and its great. Datto Backup also uses AppAssure on their appliances and while I have not used Datto, I have heard good things from them as well. Greg Sweers CEO ACTS360.comhttp://www.acts360.com/ P.O. Box 1193 Brandon, FL 33509 813-657-0849 Office 813-758-6850 Cell 813-341-1270 Fax From: Gene Giannamore [mailto:gene.giannam...@abideinternational.commailto:gene.giannam...@abideinternational.com] Sent: Friday, January 14, 2011 4:58 PM To: NT System Admin Issues Subject: AppAssure Replay4 Does anyone use it? Anyone know how it compares to its competitors, for price, features, and usability? It would be for a small business, single server, W2K3, files, and sql express 2005 (130MB data). We are also interested in failover to a local older server (does not have to be automatic, just simple and/or easy), and storing an image of the server offsite. Thanks, Gene Giannamore Abide International Inc. Technical Support 561 1st Street West Sonoma,Ca.95476 (707) 935-1577Office (707) 935-9387Fax (707) 766-4185Cell gene.giannam...@abideinternational.commailto:gene.giannam...@abideinternational.com www.abideinternational.comhttp://www.abideinternational.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: videos from hulu
This is tangential, but if you ever do need to record something from your PC (audio or video) and you can't (such as in the case of capturing a streaming vid), there is only one tool I've found capable - Total Recorder. http://www.totalrecorder.com/ This is actually an amazingly well made tool that catches just about anything. I've used many times, and it's been a lifesaver. As regards Hulu, there are plenty of tools that can capture the video. Might want to check out Grabtoolz: http://www.grabtoolz.com/products.html But there are plenty of others. Another tip on Hulu - if you're overseas, you can't view it. But you can with HMA - absolutely the best VPN/proxy solution I've ever found: http://hidemyass.com/vpn/ Alex Alex Eckelberry VP and General Manager, Security Business Unit GFI Software, Inc. (formerly Sunbelt Software) 33 N. Garden Avenue, Clearwater, FL 33755 p: 919-297-1347 f: 727-562-5199 e: al...@gfi.commailto:al...@gfi.com MSN: alex...@hotmail.commailto:alex...@hotmail.com Skype: alexeckelberry oovoo: alexeck w: www.sunbeltsoftware.comhttp://www.sunbeltsoftware.com/ b: www.sunbeltblog.comhttp://www.sunbeltblog.com/ From: Doug Hampshire [mailto:dhampsh...@gmail.com] Sent: Friday, December 31, 2010 12:37 AM To: NT System Admin Issues Subject: Re: videos from hulu Seriously? Why not just point a video camera at the monitor? On Thu, Dec 30, 2010 at 12:23 PM, David Mazzaccaro david.mazzacc...@hudsonmobility.commailto:david.mazzacc...@hudsonmobility.com wrote: You may have to get creative (microphone placed in front of speakers perhaps), but it can! -Original Message- From: Maglinger, Paul [mailto:pmaglin...@scvl.commailto:pmaglin...@scvl.com] Sent: Thursday, December 30, 2010 12:20 PM To: NT System Admin Issues Subject: RE: videos from hulu Snagit won't pick up the audio, will it? -Original Message- From: David Mazzaccaro [mailto:david.mazzacc...@hudsonmobility.commailto:david.mazzacc...@hudsonmobility.com] Sent: Thursday, December 30, 2010 11:04 AM To: NT System Admin Issues Subject: RE: videos from hulu You can try the program SnagIt I've had reasonably good success with it. http://www.techsmith.com/snagit/ -Original Message- From: Michael B. Smith [mailto:mich...@smithcons.commailto:mich...@smithcons.com] Sent: Thursday, December 30, 2010 11:30 AM To: NT System Admin Issues Subject: videos from hulu So, there are some videos on hulu (Good Eats holiday recipes, actually, like http://www.hulu.com/watch/179670/good-eats-ultimate-mashed-potatoes) I'd like to get digitally and save. Any easy/reasonable way to do that? Thanks. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin . ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin . ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Small/Mid Firewall?
For a nice free SME firewall, I might look at Smoothwall express http://www.smoothwall.org/ Alex From: Ben Schorr [mailto:b...@rolandschorr.com] Sent: Friday, December 31, 2010 12:42 PM To: NT System Admin Issues Subject: RE: Small/Mid Firewall? Well I think part of the frustration is that appears that to create a simple port forward that sends all incoming traffic on a specific port to an internal server (for example) requires 17 different policies and interfaces and zones. I'm exaggerating a bit, yes, but the Juniper seems very powerful and ridiculously complex. We're not trying to do anything fancy and it's taken more than 2 days to get it even half working and that's with more than an hour of a Juniper support engineer remoting into it and working on it themselves. The old SnapGear 580s (before McAfee bought SnapGear at least) could be set up for this in 15 minutes or so. Even a newbie could figure out how to set up a basic port forward fairly quickly. I suspect we'll like the Juniper...once we get a thousand pages or so deeper into the documentation and figure out how to actually make the damned thing do anything useful. We have one IPSEC tunnel created with it (created by the Juniper engineer). The dashboard on the Home Screen says it's Inactive/Unused but the VPN monitor lists it as Active. Ummmo.k. This morning my day started with a phone call from one of the local users telling me they can't even get on the web. Good grief. Ben M. Schorr Chief Executive Officer __ Roland Schorr Tower www.rolandschorr.comhttp://www.rolandschorr.com/ b...@rolandschorr.commailto:b...@rolandschorr.com From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Friday, December 31, 2010 5:20 AM To: NT System Admin Issues Subject: RE: Small/Mid Firewall? I agree with Andrew ... I've been configuring the Juniper 'screens for years now, including the 5GT and SSG 5 that replaced it. Granted, the Juniper is very different from a Cisco PIX/ASA firewall, and different from Checkpoint. I wonder if extensive knowledge of some other brand of firewall is what is causing your minions problems with the Juniper. Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' From: Ben Schorr [mailto:b...@rolandschorr.com]mailto:[mailto:b...@rolandschorr.com] Sent: Friday, December 31, 2010 1:16 AM To: NT System Admin Issues Subject: RE: Small/Mid Firewall? Well, to be fair *I* haven't looked at it yet myself. It's been in the hands of two of my junior people; at least one of whom is generally very capable and has deployed several other firewall/routers of other vendors in the past. But he's spent the better part of all day trying to get the Juniper working and finally has resorted to having Juniper tech support remote in and try to get it working. Apparently even the Juniper support person has spent quite a bit of time wrestling with it to only mixed results. It gives me some pause that even a Juniper support engineer would struggle with getting this unit configured. But I've still got 2200 more pages of the manual to read so... Ben M. Schorr Chief Executive Officer __ Roland Schorr Tower www.rolandschorr.comhttp://www.rolandschorr.com/ b...@rolandschorr.commailto:b...@rolandschorr.com From: Andrew S. Baker [mailto:asbz...@gmail.com]mailto:[mailto:asbz...@gmail.com] Sent: Thursday, December 30, 2010 8:15 PM To: NT System Admin Issues Subject: Re: Small/Mid Firewall? Really? IPSec VPNs are one of the easiest things to configure on those devices. In fairness, however, I've been using Netscreen devices since Feb 2000, so that might simply be familiarity talking. The VPN wizard is very straightforward ASB (My XeeSM Profile)http://XeeSM.com/AndrewBaker Exploiting Technology for Business Advantage... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: ESET anti virus- admin console
We just surveyed 1400 system administrators on all antivirus products. This includes ESET users. Happy to share off-list if you like. There are specific comments about console, management, deployment, detection, etc., pros and cons of all AV products, including ours. Just email me off-list. Alex From: Sam Cayze [mailto:sca...@gmail.com] Sent: Tuesday, December 14, 2010 3:57 PM To: NT System Admin Issues Subject: RE: ESET anti virus- admin console What he said. Exactly. The Console doesn't bother me because you will never have to use it :) From: Garcia-Moran, Carlos [mailto:cgarciamo...@spragueenergy.com] Sent: Tuesday, December 14, 2010 2:44 PM To: NT System Admin Issues Subject: RE: ESET anti virus- admin console I have been using it for the past 3 years, with 500+ seats, Haven't had any major issues outside of a bad Def once which caused CPU issues with some XP machines. The latest client is pretty decent resource wise across W7 and XP machines, I have the Remote piece on my laptop as the other admins and the Server is a very small footprint resource Virtual machine have had zero issues on that part. Config wise it's a slight steep learning curve to get all the features working the right way but once you do it's pretty much set it and forget it, the CFG is an XML base file which is easy to replicate and you can push different versions to your clients. Overall I've been pretty happy since we migrated off Symantec. From: John Leto [mailto:jo...@colonialsavings.com] Sent: Tuesday, December 14, 2010 3:11 PM To: NT System Admin Issues Subject: ESET anti virus- admin console I would like opinions regarding anyone out there using ESET anti virus and in particular the ESET admin console. How would you rate the products as far as ease of use and administration, effectiveness in catching viruses and malware, system resource usage, etc. Thanks John Leto Network Engineer Colonial Savings, F.A. 817-877-9578 jo...@colonialsavings.commailto:jo...@colonialsavings.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin _ This e-mail, including attachments, contains information that is confidential and may be protected by attorney/client or other privileges. This e-mail, including attachments, constitutes non-public information intended to be conveyed only to the designated recipient(s). If you are not an intended recipient, you are hereby notified that any unauthorized use, dissemination, distribution or reproduction of this e-mail, including attachments, is strictly prohibited and may be unlawful. If you have received this e-mail in error, please notify me by e-mail reply and delete the original message and any attachments from your system. _ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: vipre: SVCHOST.EXE virus.
VIPRE has full coverage of Conficker, including all the new variants. If there is a detection issue, it's generally a configuration thing. From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Biernes, Nobyembre 19, 2010 4:40 AM To: NT System Admin Issues Subject: Re: vipre: SVCHOST.EXE virus. So any ideas? is COnficker2 not being stoped by vipre? On Thu, Nov 18, 2010 at 3:33 PM, RS rich...@gmail.commailto:rich...@gmail.com wrote: Oof! (TM -sc) On Thu, Nov 18, 2010 at 3:22 PM, richardmccl...@aspca.orgmailto:richardmccl...@aspca.org wrote: Personally, I'd prefer using AntiVirus 2010 over McAfee. When you get things under control, could you please share with us what it was which tipped you off, what it was doing, etc? I think many of us are curious now. -- Richard D. McClary Systems Administrator, Information Technology Group ASPCA(r) 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.orgmailto:richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.orghttp://www.aspca.org/ The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals(r) (ASPCA(r)) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. justino garcia jgarciaitl...@gmail.commailto:jgarciaitl...@gmail.com wrote on 11/18/2010 02:09:44 PM: Vipre did not detect it, or clean it. Anti-virus definitions were up to date, active scanner was running as well, so I'm a bit concerned the active scanner didn't pick it up. The virus was still loading in his run command in the registry so I had to uninstall Vipre and put my own copy of McAfee on his machine to get rid of the virus. Any ideas?? -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software. com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: System Defragmenter malware
It is highly polymorphic and quite nasty. If you find it and VIPRE doesn't detect it, please let us know asap. Alex -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Friday, October 29, 2010 12:04 PM To: NT System Admin Issues Subject: System Defragmenter malware I just had to go clean one of my systems, because the user was infected with System Defragmenter and it wasn't letting anything run, claiming the hard drive had bad sectors. I managed to get rid of it, but I thought I'd warn you guys. it got in even with Vipre Enterprise being up-to-date and a deep scan last night. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Vipre and deployment
http://www.sunbeltsoftware.com/Business/Agent-Uninstallers/ From: Holstrom, Don [mailto:dholst...@nbm.org] Sent: Friday, October 29, 2010 12:41 PM To: NT System Admin Issues Subject: RE: Vipre and deployment We still use Symantec on all our workstations. Would love to move over to Vipre. We have about a hundred workstations. Would I still have to go to all the workstations to change from Symantec to Vipre or is there now a way to do this from the server? From: Joseph L. Casale [mailto:jcas...@activenetwerx.com] Sent: Friday, October 29, 2010 11:56 AM To: NT System Admin Issues Subject: RE: Vipre and deployment Yea, if I do it with the Console, I need to enable file and print services on the wkst etc... If I use a GPO, I don't. From: Eric Wittersheim [mailto:eric.wittersh...@gmail.com] Sent: Friday, October 29, 2010 9:55 AM To: NT System Admin Issues Subject: Re: Vipre and deployment You can deploy Vipre as an MSI from the console. I suppose that you can push the MSI with GP if you like. On Fri, Oct 29, 2010 at 10:46 AM, Joseph L. Casale jcas...@activenetwerx.commailto:jcas...@activenetwerx.com wrote: For you guys with experience using Vipre (I presume it's come a long way by now...) I am curious about a couple things. I gave up on Avira, my first point of support was the var in Canada who proved beyond a shadow of a doubt to be useless. Sophos required far too much reconfiguration of the wkst's and didn't offer their agent as an MSI so I could roll it out myself. Awaiting info from Kasperksy... Can the agents for Vipre be provided by MSI's so I don't have to change anything on the wkst's except maybe a port rule between it and the mgmt host after I push it via GP's? Thanks! jlc ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: [maybe spam] AV (again)
Dear Lord. A Sunbelt/GFI salesperson who won't contact you? That's something I need to look into. Alex From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Wednesday, October 27, 2010 11:12 AM To: NT System Admin Issues Subject: RE: [maybe spam] AV (again) Patience, Grasshopper. From: Larry Rappaport [mailto:r...@lmr.com] Sent: Wednesday, October 27, 2010 10:05 AM To: NT System Admin Issues Subject: [maybe spam] AV (again) I know this has been brought up numerous times, but... I have a very small network. Windows Server 2003 4 workstations running Windows XP Pro sp3, Windows Business Pro (x86), and Windows 7 Ulimate on a Lenovo X301 laptop. The server is connected to the internet through a Sonicwall TZ-170 hardware firewall to a SDSL modem. I have used AVG Network edition on all machines to protect the machines. Recently we had one workstation (Windows XP Pro sp3) get infected with the SmithFraud trojan and it's been an incredible hassle to get rid of it. We want to switch our AV stuff, since AVG never caught it and still cannot get rid of it. After a bit of research, it looks like Vipre is the one to go with, but after several attempts, I can't even get in touch with them. Their sales line remains unanswered and cannot even receive messages. It doesn't sound like they want to do business. I need some advice - what would you folks recommend? Thanks. -- Larry ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: ESET vs VIPRE
We have been doing private tests with AV-Comparatives for some time now. They have a bit of an odd setup (understatement) and it does take some work. I do hope to have a public test in the coming months. They also have a rather odd testing schedule. Alex From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Tuesday, October 19, 2010 1:14 PM To: NT System Admin Issues Subject: Re: ESET vs VIPRE Stu, Why is Vipre still not a part of the AV-Comparitives tests? -- ME2 On Tue, Oct 19, 2010 at 9:52 AM, Stu Sjouwerman s...@sunbelt-software.commailto:s...@sunbelt-software.com wrote: * Tests Show Consumer Antivirus Programs Falling Behind VIPRE however shines, comes out fifth, and beats out MSE, Panda, Norton, Kaspersky and ESET. NSS Labs tested 11 consumer security suites and found that the products are less effective than a year ago as far as blocking the download and execution of malicious software programs. The company also tested if those programs detected and blocked malicious Web sites. In its tests, the company used new malicious Web sites within minutes of discovery in addition to brand-new malware, which it contends is indicative of the conditions that users would find while browsing the Internet. ComputerWorld has the story: http://www.computerworld.com/s/article/9191718/Tests_show_consumer_antivirus_programs_falling_behind? From: Stefan Jafs [mailto:stefan.j...@gmail.commailto:stefan.j...@gmail.com] Sent: Tuesday, October 19, 2010 10:28 AM To: NT System Admin Issues Subject: ESET vs VIPRE Ok, my 300 seats of ESET is up for renewal, I'm finally starting to think that VIPRE is enterprise ready, is anyone using it in similar size environment and do you guys think it's up to the job? -- Stefan Jafs ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: ESET vs VIPRE
All good feedback... I sent this along to the devs. From: David Mazzaccaro [mailto:david.mazzacc...@hudsonmobility.com] Sent: Tuesday, October 19, 2010 2:15 PM To: NT System Admin Issues Subject: RE: ESET vs VIPRE YUP A few machines had issues with the recent agent upgrade. I had to manually remove and reinstall VIPRE on 3 or 4. An annoyance but relatively minor. YUP I'm irritated that the installation of remote update servers want to install SQL Server Express even though they don't need a database to hand out definition updates. YUP Overall, though, I'm satisfied with the level of protection, and also with the ease of deployment and management. I'll add that a few definition updates wrecked havoc: The notorious switch to 5000 version defs, the July '09 false positives on laptops, the 5486 definition file renaming cluster #?^ And just the overall massive size of the definition updates. If you have remote offices, you'll likely want to set up remote update servers. The documentation on this is poor, but not awful. For example, remote update servers require port 1434 to be open... but if you search the knowledgebase on sunbeltsoftware.com for 1434... you get nothing. On Tue, Oct 19, 2010 at 1:28 PM, Chris Blair chris_bl...@identisys.commailto:chris_bl...@identisys.com wrote: What are the minor annoyances you run into. I am in the middle of an eval, and so far, so good. Thanks, Chris From: Roger Wright [mailto:rhw...@gmail.commailto:rhw...@gmail.com] Sent: Tuesday, October 19, 2010 10:27 AM To: NT System Admin Issues Subject: Re: ESET vs VIPRE We have 250 VIPRE clients in 7 locations. There are occasional minor annoyances with VIPRE but it runs well and provides the best active protection available. We're up for renewal in a couple months and I'm not looking to switch to another product. Roger Wright ___ Life isn't like a box of chocolates. It's more like a jar of jalapenos: what you do today might burn your butt tomorrow. On Tue, Oct 19, 2010 at 10:28 AM, Stefan Jafs stefan.j...@gmail.commailto:stefan.j...@gmail.com wrote: Ok, my 300 seats of ESET is up for renewal, I'm finally starting to think that VIPRE is enterprise ready, is anyone using it in similar size environment and do you guys think it's up to the job? -- Stefan Jafs ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin . ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: ESET vs VIPRE
David, Support has gone to a web form. The problem with the email address is that a lot gets dropped and mis-managed due to the volume of emails. Putting it on a web form is a bit of a PITA for some, but it really does improve the response times and tracking of a ticket. The form is here: http://www.sunbeltsoftware.com/SupportForm/ (I am working on making it more streamlined.) From: David Florea [mailto:blazer...@gmail.com] Sent: Tuesday, October 19, 2010 1:51 PM To: NT System Admin Issues Subject: RE: ESET vs VIPRE Alex - the last couple of questions I've emailed to support weren't even answered - is the supp...@sunbelt address not valid anymore, and what is the correct addy? Thanks! From: Alex Eckelberry [mailto:al...@sunbelt-software.com] Sent: Tuesday, October 19, 2010 10:34 AM To: NT System Admin Issues Subject: RE: ESET vs VIPRE We have been doing private tests with AV-Comparatives for some time now. They have a bit of an odd setup (understatement) and it does take some work. I do hope to have a public test in the coming months. They also have a rather odd testing schedule. Alex From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Tuesday, October 19, 2010 1:14 PM To: NT System Admin Issues Subject: Re: ESET vs VIPRE Stu, Why is Vipre still not a part of the AV-Comparitives tests? -- ME2 On Tue, Oct 19, 2010 at 9:52 AM, Stu Sjouwerman s...@sunbelt-software.commailto:s...@sunbelt-software.com wrote: * Tests Show Consumer Antivirus Programs Falling Behind VIPRE however shines, comes out fifth, and beats out MSE, Panda, Norton, Kaspersky and ESET. NSS Labs tested 11 consumer security suites and found that the products are less effective than a year ago as far as blocking the download and execution of malicious software programs. The company also tested if those programs detected and blocked malicious Web sites. In its tests, the company used new malicious Web sites within minutes of discovery in addition to brand-new malware, which it contends is indicative of the conditions that users would find while browsing the Internet. ComputerWorld has the story: http://www.computerworld.com/s/article/9191718/Tests_show_consumer_antivirus_programs_falling_behind? From: Stefan Jafs [mailto:stefan.j...@gmail.commailto:stefan.j...@gmail.com] Sent: Tuesday, October 19, 2010 10:28 AM To: NT System Admin Issues Subject: ESET vs VIPRE Ok, my 300 seats of ESET is up for renewal, I'm finally starting to think that VIPRE is enterprise ready, is anyone using it in similar size environment and do you guys think it's up to the job? -- Stefan Jafs ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: ESET vs VIPRE
Alex, when is the Ninja Blade replacement expected to be released? Right, you had to ask me the one question I was hoping someone wouldn't ask ;-) It's scheduled for beta in a few weeks. I can ping you when it's ready if you like. Alex From: Sean Martin [mailto:seanmarti...@gmail.com] Sent: Tuesday, October 19, 2010 3:01 PM To: NT System Admin Issues Subject: Re: ESET vs VIPRE While we're having this Sunbelt QA: Alex, when is the Ninja Blade replacement expected to be released? - Sean On Tue, Oct 19, 2010 at 10:31 AM, Alex Eckelberry al...@sunbelt-software.commailto:al...@sunbelt-software.com wrote: David, Support has gone to a web form. The problem with the email address is that a lot gets dropped and mis-managed due to the volume of emails. Putting it on a web form is a bit of a PITA for some, but it really does improve the response times and tracking of a ticket. The form is here: http://www.sunbeltsoftware.com/SupportForm/ (I am working on making it more streamlined.) From: David Florea [mailto:blazer...@gmail.commailto:blazer...@gmail.com] Sent: Tuesday, October 19, 2010 1:51 PM To: NT System Admin Issues Subject: RE: ESET vs VIPRE Alex - the last couple of questions I've emailed to support weren't even answered - is the supp...@sunbelt address not valid anymore, and what is the correct addy? Thanks! From: Alex Eckelberry [mailto:al...@sunbelt-software.commailto:al...@sunbelt-software.com] Sent: Tuesday, October 19, 2010 10:34 AM To: NT System Admin Issues Subject: RE: ESET vs VIPRE We have been doing private tests with AV-Comparatives for some time now. They have a bit of an odd setup (understatement) and it does take some work. I do hope to have a public test in the coming months. They also have a rather odd testing schedule. Alex From: Micheal Espinola Jr [mailto:michealespin...@gmail.commailto:michealespin...@gmail.com] Sent: Tuesday, October 19, 2010 1:14 PM To: NT System Admin Issues Subject: Re: ESET vs VIPRE Stu, Why is Vipre still not a part of the AV-Comparitives tests? -- ME2 On Tue, Oct 19, 2010 at 9:52 AM, Stu Sjouwerman s...@sunbelt-software.commailto:s...@sunbelt-software.com wrote: * Tests Show Consumer Antivirus Programs Falling Behind VIPRE however shines, comes out fifth, and beats out MSE, Panda, Norton, Kaspersky and ESET. NSS Labs tested 11 consumer security suites and found that the products are less effective than a year ago as far as blocking the download and execution of malicious software programs. The company also tested if those programs detected and blocked malicious Web sites. In its tests, the company used new malicious Web sites within minutes of discovery in addition to brand-new malware, which it contends is indicative of the conditions that users would find while browsing the Internet. ComputerWorld has the story: http://www.computerworld.com/s/article/9191718/Tests_show_consumer_antivirus_programs_falling_behind? From: Stefan Jafs [mailto:stefan.j...@gmail.commailto:stefan.j...@gmail.com] Sent: Tuesday, October 19, 2010 10:28 AM To: NT System Admin Issues Subject: ESET vs VIPRE Ok, my 300 seats of ESET is up for renewal, I'm finally starting to think that VIPRE is enterprise ready, is anyone using it in similar size environment and do you guys think it's up to the job? -- Stefan Jafs ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage
RE: z-bot scanner?
http://live.sunbeltsoftware.com/ Scans for Zbot and anything else. (Yes, it is a bit large but we're working on that.) From: Roger Wright [mailto:rhw...@gmail.com] Sent: Thursday, September 30, 2010 5:12 PM To: NT System Admin Issues Subject: Re: z-bot scanner? Perhaps: http://www.emco.is/products/network-malware-cleaner/features.php Roger Wright ___ When it's GOOD there ain't nothin' like it, and when it's BAD there ain't nothin' like it! On Thu, Sep 30, 2010 at 3:42 PM, Jim Holmgren jholmg...@xlhealth.commailto:jholmg...@xlhealth.com wrote: Does anyone know of a zbot (or Zeus if you prefer) network scanning utility? I know eEye used to put together free scanning tools for conficker and some others. Our current Symantec install is not detecting it at all, and our Sophos infrastructure is not finished yet. SIGH Jim Jim Holmgren Manager of Server Engineering XLHealth Corporation The Warehouse at Camden Yards 351 West Camden Street, Suite 100 Baltimore, MD 21201 410.625.2200 (main) 443.524.8573 (direct) 443-506.2400 (cell) www.xlhealth.comhttp://www.xlhealth.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin CONFIDENTIALITY NOTICE: This email, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and/or protected health information. Under the Federal Law (HIPAA), the intended recipient is obligated to keep this information secure and confidential. Any disclosure to third parties without authorization from the member of as permitted by law is prohibited and punishable under Federal Law. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. NOTA DE CONFIDENCIALIDAD: Este mensaje incluyendo cualquier anejo es para uso exclusivo del (los) destinatario (s) y puede incluir información confidencial y/o información de salud protegida. La Ley Federal (HIPAA) establece que el destinatario está obligado a mantener la información confidencial y sequra. HIPAA prohíbe y castiga cualquier divulgación a terceras personas sin autorización del afiliado o permitido por ley. Si usted no es el destinatario, redirija esta mensaje al remitente, y destruye cualquier copia existente del mensaje original. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Remote Control PC Software
+1 for Teamviewer From: Pete Howard [mailto:pchow...@yahoo.com] Sent: Tuesday, September 28, 2010 10:58 AM To: NT System Admin Issues Subject: Re: Remote Control PC Software TeamViewer is one of the few viewers that actually work with 3d games remotely. Saw some demos of Teradacis PCoIP and Citrix HDX which looked great for hardcore remoting. From: Tony Patton apco...@gmail.commailto:apco...@gmail.com To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.commailto:ntsysadmin@lyris.sunbelt-software.com Sent: Tue, September 28, 2010 9:45:52 AM Subject: Re: Remote Control PC Software TeamViewer? Free for personal use. T typed slowly on HTC Desire On 28 Sep 2010 14:41, Cameron cameron.orl...@gmail.commailto:cameron.orl...@gmail.com wrote: Good morning all! I recall a while back that there was a discussion about remote control software (free ones) and there was one that I tried and liked (for accessing my sisters PC across the internet) and now I can't remember what the heck it was called. I've checked ShowMyPC and LogMeIn but neither of those are the one I'm thinking of. Apparently I need more coffee! TIA Cameron ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Web Monitoring Appliance or service
I'm duty bound to mention this... http://www.gfi.com/internet-monitoring-software Alex Alex Eckelberry General Manager, Security GFI Software, Inc. 33 N. Garden Avenue, Clearwater, FL 33755 p: 919-297-1347 f: 727-562-5199 e: al...@gfi.commailto:al...@gfi.com MSN: alex...@hotmail.commailto:alex...@hotmail.com Skype: alexeckelberry oovoo: alexeck w: www.sunbeltsoftware.comhttp://www.sunbeltsoftware.com/ b: www.sunbeltblog.comhttp://www.sunbeltblog.com/ From: James Rankin [mailto:kz2...@googlemail.com] Sent: Friday, September 24, 2010 2:41 AM To: NT System Admin Issues Subject: Re: Web Monitoring Appliance or service We got a WebSense hardware appliance hoping it would be easier to configure than the WebSense software. It is, but not by a great deal - just the networking seems to be simplified a bit. It also doesn't support XenApp 6 yet, which we were a bit miffed about (the tech we spoke to assured us it would - looks like he meant XenApp 5). The reporting, filtering and customisation is all very good though, pretty much identical to the WebSense software. The UI is a bit annoying at times (especially when hunting for AD users and groups) but otherwise works very well. On 23 September 2010 19:00, Stefan Jafs stefan.j...@gmail.commailto:stefan.j...@gmail.com wrote: I'm currently using an older iPrism appliance for my 250 users, comes in very handy, however it's coming up for renewal and it's quit price, $12k for 36 months (with an additional promo 18 months free). Before I do the renewal, I would like to know what you guys are using and to see if I should switch: Barracuda etc. -- Stefan Jafs ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Spam appliances/services
http://www.gfi.com/hosted-email-security Excellent continuity feature in this product - truly remarkable. Antispam and Antivirus are also quite good. Alex From: Tom Miller [mailto:tmil...@hnncsb.org] Sent: Thursday, September 23, 2010 10:45 AM To: NT System Admin Issues Subject: Spam appliances/services Folks, I'm in the market to replace my current spam filter. Google Message Security looks pretty good as a service, although it's pricing for us. I've heard good things about Barracuda SPAM and Virus filter, as well as M+ from Messaging Architects. Sorry Sunbelt, we don't run Exchange so your product is out. Anyone have any comments on those products and have any to add? I would for the most part like something to be configured and not to have to constantly tweak it. Also users need to be able to see what's blocked and unblock a message if they want. Thanks, Tom Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Spam appliances/services
We need to fix that page... we're actually not shipping that product. We are coming out with an appliance in December. From: Jeff Steward [mailto:jstew...@gmail.com] Sent: Thursday, September 23, 2010 10:59 AM To: NT System Admin Issues Subject: Re: Spam appliances/services In fairness to the list sponsor, the do have an appliance that doesn't require you to run Exchange: http://www.sunbeltsoftware.com/Business/Ninja-Blade/ -Jeff Steward On Thu, Sep 23, 2010 at 10:44 AM, Tom Miller tmil...@hnncsb.orgmailto:tmil...@hnncsb.org wrote: Folks, I'm in the market to replace my current spam filter. Google Message Security looks pretty good as a service, although it's pricing for us. I've heard good things about Barracuda SPAM and Virus filter, as well as M+ from Messaging Architects. Sorry Sunbelt, we don't run Exchange so your product is out. Anyone have any comments on those products and have any to add? I would for the most part like something to be configured and not to have to constantly tweak it. Also users need to be able to see what's blocked and unblock a message if they want. Thanks, Tom Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: clearcloud
We'll check into all this. Thanks for the feedback. From: Richard Stovall [mailto:rich...@gmail.com] Sent: Friday, September 17, 2010 1:28 PM To: NT System Admin Issues Subject: Re: clearcloud You could try setting up forwarders to your previous public DNS servers for the RBLs in question. I know that when you start to use the Barracuda RBL you have to register the IPs from which you'll be hitting the service. (http://www.barracudacentral.org/account/register) Maybe that's the issue you're seeing. I use OpenDNS and they've apparently already done the work with Barracuda since I never had any issues. On Fri, Sep 17, 2010 at 1:04 PM, S Powell powe...@gmail.commailto:powe...@gmail.com wrote: i'll look at that... in the mean time w2k8 DNS server, I have it in there server, DNS, Forwarders, I have the clearcloud DNS in there, but it won't resolve the dns server FQDN. the others I use, OpenDNS and our ISPs resolve fine... odd that Google.com Learn it. Live it. Love it. On Fri, Sep 17, 2010 at 09:54, Roger Wright rhw...@gmail.commailto:rhw...@gmail.com wrote: Can you create a static DNS entry pointing to your RBL? Roger Wright ___ When it's GOOD there ain't nothin' like it, and when it's BAD there ain't nothin' like it! On Fri, Sep 17, 2010 at 12:37 PM, S Powell powe...@gmail.commailto:powe...@gmail.com wrote: so in testing the clearcloud DNS, we seem to have issues with our RBL not working. our RBL works fine with our ISPs DNS or even google's, or OpenDNS... but when I tried the clearcloud, no joy thoughts? has anyone else seen this? Google.com Learn it. Live it. Love it. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: #*$% Security Tools Malware
I have asked and they said they would put that up. -Original Message- From: Angus Scott-Fleming [mailto:angu...@geoapps.com] Sent: Thursday, September 16, 2010 1:54 AM To: NT System Admin Issues Subject: Re: #*$% Security Tools Malware On 15 Sep 2010 at 14:45, Alex Eckelberry wrote: In my discussions with Malwarebytes, they have indicated that they are ok with the use of Malwarebytes in a commercial environment for a one-time use to clean an infected system -- at least as it regards the website vipre.malwarebytes.org. Having that made explicit on the vipre.malwarebytes.org page would be a Good Thing. -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: #*$% Security Tools Malware
OpenDNS is a Cadillac Escalade, ClearCloud DNS is a Porsche. Ok, that's the hyperbole. But it's apt. I like OpenDNS. I have used the service, and we are very good friends with the principals over there. But OpenDNS is a very sophisticated system that includes content filtering. ClearCloud is just focused on malware sites. OpenDNS does not block malware sites, instead requiring an additional fee: https://www.opendns.com/start/ Users of both products who have been testing it indicate that they prefer ClearCloud because: - It is very simple - just enter the IP number and go. Unlike OpenDNS, we don't care where you IP originated from (for configuration management), so we don't have to worry about updating dynamic DNS, etc. - It's quite a bit faster. OpenDNS does a lot of incredible things, but these come at a performance cost. OpenDNS is a company setup to make money on DNS. We aren't. For us, the DNS portion of ClearCloud is only one part of the equation. ClearCloud is actually the DNS infrastructure which will provide a major part of our future cloud-services model. So it pops off the work we're already doing. That's not to say we won't try and figure out a way to make some money off of it at some point (maybe by charging business a small fee for it at some point in the future), but it's not our primary focus. But simply: If you're not worried about content filtering (which has its limitations anyway in DNS, since you can only block a domain, not a full URL), then ClearCloud is better. If you want content filtering, use OpenDNS. Alex From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Thursday, September 16, 2010 8:24 AM To: NT System Admin Issues Subject: Re: #*$% Security Tools Malware OpenDNS provides similar benefits... ASB (My XeeSM Profile)http://XeeSM.com/AndrewBaker Exploiting Technology for Business Advantage... On Thu, Sep 16, 2010 at 6:27 AM, John Hornbuckle john.hornbuc...@taylor.k12.fl.usmailto:john.hornbuc...@taylor.k12.fl.us wrote: Trying it now. Love the concept-let's see if it helps. :) From: Alex Eckelberry [mailto:al...@sunbelt-software.commailto:al...@sunbelt-software.com] Sent: Wednesday, September 15, 2010 12:58 PM To: NT System Admin Issues Subject: RE: #*$% Security Tools Malware Btw, we update the malware URLs of these rogues right into ClearCloud. Feel free to and the ClearCloud DNS server as a replacement to your existing DNS: http://clearclouddns.com/ It's still beta, but I think you'll find it works quite well. And it's free. Alex From: Alex Eckelberry [mailto:al...@sunbelt-software.commailto:al...@sunbelt-software.com] Sent: Wednesday, September 15, 2010 12:55 PM To: NT System Admin Issues Subject: RE: #*$% Security Tools Malware http://vipre.malwarebytes.org/ Free. And the combination really works. From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.usmailto:john.hornbuc...@taylor.k12.fl.us] Sent: Wednesday, September 15, 2010 12:20 PM To: NT System Admin Issues Subject: #*$% Security Tools Malware The Security Tools malware is about to drive me insane. My users keep managing to infect themselves with it, and we're having trouble stopping it. They don't run with admin rights, so there's no real damage done to their systems and we can clean it up in about two minutes. But the time adds up, and I'm tired of my technicians having to waste time on it. Our antimalware software is Microsoft's Forefront Client Security, and it's having a tough time catching this. Every time I get infected, I send the EXE to Microsoft and they update their definitions-but the EXE's used by the malware apparently change rapidly, and seem to constantly be a step ahead of FCS's definitions. I can think of a couple of options that I know would stop it, like blocking all EXE's at our web filter or using group policy to limit the running of EXE's-but this would also prevent users from doing things like installing safe plug-ins from websites, so it's not a first resort. Suggestions? John Hornbuckle MIS Department Taylor County School District www.taylor.k12.fl.ushttp://www.taylor.k12.fl.us ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: #*$% Security Tools Malware
Yes. We have talked with them. I think they are sourcing their malware lists from some other source. Fwiw, our malware lists are used by a lot of vendors. Bluecoat networks, Cisco Ironport, Nominum are all customers of our ThreatTrack malicious data feeds. Alex From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Thursday, September 16, 2010 9:38 AM To: NT System Admin Issues Subject: Re: #*$% Security Tools Malware Hey, Alex Have you thought about working with the OpenDNS folks to provide enhanced website security for their service? This would be a benefit to Sunbelt/GFI customers who are already using OpenDNS. ASB (My XeeSM Profile)http://XeeSM.com/AndrewBaker Exploiting Technology for Business Advantage... On Wed, Sep 15, 2010 at 1:31 PM, Alex Eckelberry al...@sunbelt-software.commailto:al...@sunbelt-software.com wrote: www.Clearclouddns.comhttp://www.Clearclouddns.com From: Jeff Frantz [mailto:jfra...@itstechnologies.commailto:jfra...@itstechnologies.com] Sent: Wednesday, September 15, 2010 1:11 PM To: NT System Admin Issues Subject: RE: #*$% Security Tools Malware John, I have not tried it yet but Trend Micro has a free browser add-on which is supposed protect the browser from infiltrations. It may be worth a try on one or two PCs where the users are malware magnets. http://free.antivirus.com/web-protection-add-on/ -Jeff From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.usmailto:john.hornbuc...@taylor.k12.fl.us] Sent: Wednesday, September 15, 2010 12:20 PM To: NT System Admin Issues Subject: #*$% Security Tools Malware The Security Tools malware is about to drive me insane. My users keep managing to infect themselves with it, and we're having trouble stopping it. They don't run with admin rights, so there's no real damage done to their systems and we can clean it up in about two minutes. But the time adds up, and I'm tired of my technicians having to waste time on it. Our antimalware software is Microsoft's Forefront Client Security, and it's having a tough time catching this. Every time I get infected, I send the EXE to Microsoft and they update their definitions-but the EXE's used by the malware apparently change rapidly, and seem to constantly be a step ahead of FCS's definitions. I can think of a couple of options that I know would stop it, like blocking all EXE's at our web filter or using group policy to limit the running of EXE's-but this would also prevent users from doing things like installing safe plug-ins from websites, so it's not a first resort. Suggestions? John Hornbuckle MIS Department Taylor County School District www.taylor.k12.fl.ushttp://www.taylor.k12.fl.us ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: #*$% Security Tools Malware
This is really weird. The printer driver must be using DNS, but that still makes no sense. We'll go and buy this printer and do some testing. What is the model? (just answer me directly off-list). Alex From: MMF [mailto:mmfree...@ameritech.net] Sent: Thursday, September 16, 2010 12:06 PM To: NT System Admin Issues Subject: RE: #*$% Security Tools Malware OK, I installed Clearcloud DNS on my laptop at home, and it blocked my ability to print to my wireless printers. So, I reversed those DNS settings and I could print again. So, I then setup Clearcloud DNS on my Netgear router and again it blocked printing to my wireless printers. Reversed those DNS settings, and I could print again. What's going on? Murray From: Alex Eckelberry [mailto:al...@sunbelt-software.com] Sent: Thursday, September 16, 2010 10:24 AM To: NT System Admin Issues Subject: RE: #*$% Security Tools Malware Yes. We have talked with them. I think they are sourcing their malware lists from some other source. Fwiw, our malware lists are used by a lot of vendors. Bluecoat networks, Cisco Ironport, Nominum are all customers of our ThreatTrack malicious data feeds. Alex From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Thursday, September 16, 2010 9:38 AM To: NT System Admin Issues Subject: Re: #*$% Security Tools Malware Hey, Alex Have you thought about working with the OpenDNS folks to provide enhanced website security for their service? This would be a benefit to Sunbelt/GFI customers who are already using OpenDNS. ASB (My XeeSM Profile)http://XeeSM.com/AndrewBaker Exploiting Technology for Business Advantage... On Wed, Sep 15, 2010 at 1:31 PM, Alex Eckelberry al...@sunbelt-software.commailto:al...@sunbelt-software.com wrote: www.Clearclouddns.comhttp://www.Clearclouddns.com From: Jeff Frantz [mailto:jfra...@itstechnologies.commailto:jfra...@itstechnologies.com] Sent: Wednesday, September 15, 2010 1:11 PM To: NT System Admin Issues Subject: RE: #*$% Security Tools Malware John, I have not tried it yet but Trend Micro has a free browser add-on which is supposed protect the browser from infiltrations. It may be worth a try on one or two PCs where the users are malware magnets. http://free.antivirus.com/web-protection-add-on/ -Jeff From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.usmailto:john.hornbuc...@taylor.k12.fl.us] Sent: Wednesday, September 15, 2010 12:20 PM To: NT System Admin Issues Subject: #*$% Security Tools Malware The Security Tools malware is about to drive me insane. My users keep managing to infect themselves with it, and we're having trouble stopping it. They don't run with admin rights, so there's no real damage done to their systems and we can clean it up in about two minutes. But the time adds up, and I'm tired of my technicians having to waste time on it. Our antimalware software is Microsoft's Forefront Client Security, and it's having a tough time catching this. Every time I get infected, I send the EXE to Microsoft and they update their definitions-but the EXE's used by the malware apparently change rapidly, and seem to constantly be a step ahead of FCS's definitions. I can think of a couple of options that I know would stop it, like blocking all EXE's at our web filter or using group policy to limit the running of EXE's-but this would also prevent users from doing things like installing safe plug-ins from websites, so it's not a first resort. Suggestions? John Hornbuckle MIS Department Taylor County School District www.taylor.k12.fl.ushttp://www.taylor.k12.fl.us ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe
RE: #*$% Security Tools Malware
http://vipre.malwarebytes.org/ Free. And the combination really works. From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] Sent: Wednesday, September 15, 2010 12:20 PM To: NT System Admin Issues Subject: #*$% Security Tools Malware The Security Tools malware is about to drive me insane. My users keep managing to infect themselves with it, and we're having trouble stopping it. They don't run with admin rights, so there's no real damage done to their systems and we can clean it up in about two minutes. But the time adds up, and I'm tired of my technicians having to waste time on it. Our antimalware software is Microsoft's Forefront Client Security, and it's having a tough time catching this. Every time I get infected, I send the EXE to Microsoft and they update their definitions-but the EXE's used by the malware apparently change rapidly, and seem to constantly be a step ahead of FCS's definitions. I can think of a couple of options that I know would stop it, like blocking all EXE's at our web filter or using group policy to limit the running of EXE's-but this would also prevent users from doing things like installing safe plug-ins from websites, so it's not a first resort. Suggestions? John Hornbuckle MIS Department Taylor County School District www.taylor.k12.fl.us ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: #*$% Security Tools Malware
Btw, we update the malware URLs of these rogues right into ClearCloud. Feel free to and the ClearCloud DNS server as a replacement to your existing DNS: http://clearclouddns.com/ It's still beta, but I think you'll find it works quite well. And it's free. Alex From: Alex Eckelberry [mailto:al...@sunbelt-software.com] Sent: Wednesday, September 15, 2010 12:55 PM To: NT System Admin Issues Subject: RE: #*$% Security Tools Malware http://vipre.malwarebytes.org/ Free. And the combination really works. From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] Sent: Wednesday, September 15, 2010 12:20 PM To: NT System Admin Issues Subject: #*$% Security Tools Malware The Security Tools malware is about to drive me insane. My users keep managing to infect themselves with it, and we're having trouble stopping it. They don't run with admin rights, so there's no real damage done to their systems and we can clean it up in about two minutes. But the time adds up, and I'm tired of my technicians having to waste time on it. Our antimalware software is Microsoft's Forefront Client Security, and it's having a tough time catching this. Every time I get infected, I send the EXE to Microsoft and they update their definitions-but the EXE's used by the malware apparently change rapidly, and seem to constantly be a step ahead of FCS's definitions. I can think of a couple of options that I know would stop it, like blocking all EXE's at our web filter or using group policy to limit the running of EXE's-but this would also prevent users from doing things like installing safe plug-ins from websites, so it's not a first resort. Suggestions? John Hornbuckle MIS Department Taylor County School District www.taylor.k12.fl.us ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: #*$% Security Tools Malware
www.Clearclouddns.com From: Jeff Frantz [mailto:jfra...@itstechnologies.com] Sent: Wednesday, September 15, 2010 1:11 PM To: NT System Admin Issues Subject: RE: #*$% Security Tools Malware John, I have not tried it yet but Trend Micro has a free browser add-on which is supposed protect the browser from infiltrations. It may be worth a try on one or two PCs where the users are malware magnets. http://free.antivirus.com/web-protection-add-on/ -Jeff From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] Sent: Wednesday, September 15, 2010 12:20 PM To: NT System Admin Issues Subject: #*$% Security Tools Malware The Security Tools malware is about to drive me insane. My users keep managing to infect themselves with it, and we're having trouble stopping it. They don't run with admin rights, so there's no real damage done to their systems and we can clean it up in about two minutes. But the time adds up, and I'm tired of my technicians having to waste time on it. Our antimalware software is Microsoft's Forefront Client Security, and it's having a tough time catching this. Every time I get infected, I send the EXE to Microsoft and they update their definitions-but the EXE's used by the malware apparently change rapidly, and seem to constantly be a step ahead of FCS's definitions. I can think of a couple of options that I know would stop it, like blocking all EXE's at our web filter or using group policy to limit the running of EXE's-but this would also prevent users from doing things like installing safe plug-ins from websites, so it's not a first resort. Suggestions? John Hornbuckle MIS Department Taylor County School District www.taylor.k12.fl.us ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: #*$% Security Tools Malware
Not right now... it's focused just on malware sites. From: Roger Wright [mailto:rhw...@gmail.com] Sent: Wednesday, September 15, 2010 1:35 PM To: NT System Admin Issues Subject: Re: #*$% Security Tools Malware Any plans to include content filtering in ClearCloud? Roger Wright ___ When it's GOOD there ain't nothin' like it, and when it's BAD there ain't nothin' like it! On Wed, Sep 15, 2010 at 1:31 PM, Alex Eckelberry al...@sunbelt-software.commailto:al...@sunbelt-software.com wrote: www.Clearclouddns.comhttp://www.Clearclouddns.com From: Jeff Frantz [mailto:jfra...@itstechnologies.commailto:jfra...@itstechnologies.com] Sent: Wednesday, September 15, 2010 1:11 PM To: NT System Admin Issues Subject: RE: #*$% Security Tools Malware John, I have not tried it yet but Trend Micro has a free browser add-on which is supposed protect the browser from infiltrations. It may be worth a try on one or two PCs where the users are malware magnets. http://free.antivirus.com/web-protection-add-on/ -Jeff From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.usmailto:john.hornbuc...@taylor.k12.fl.us] Sent: Wednesday, September 15, 2010 12:20 PM To: NT System Admin Issues Subject: #*$% Security Tools Malware The Security Tools malware is about to drive me insane. My users keep managing to infect themselves with it, and we're having trouble stopping it. They don't run with admin rights, so there's no real damage done to their systems and we can clean it up in about two minutes. But the time adds up, and I'm tired of my technicians having to waste time on it. Our antimalware software is Microsoft's Forefront Client Security, and it's having a tough time catching this. Every time I get infected, I send the EXE to Microsoft and they update their definitions-but the EXE's used by the malware apparently change rapidly, and seem to constantly be a step ahead of FCS's definitions. I can think of a couple of options that I know would stop it, like blocking all EXE's at our web filter or using group policy to limit the running of EXE's-but this would also prevent users from doing things like installing safe plug-ins from websites, so it's not a first resort. Suggestions? John Hornbuckle MIS Department Taylor County School District www.taylor.k12.fl.ushttp://www.taylor.k12.fl.us ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: #*$% Security Tools Malware
They are on anycast nodes -Original Message- From: Paul Hutchings [mailto:paul.hutchi...@mira.co.uk] Sent: Wednesday, September 15, 2010 1:52 PM To: NT System Admin Issues Subject: RE: #*$% Security Tools Malware Woah don't do that. You want your AD DNS so that clients point to your domain controllers/AD DNS servers and your DNS servers either use Sunbelt as forwarders, or root hints. Alex, ignoring the IP addresses are those boxes on anycast or something? -Original Message- From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: 15 September 2010 18:49 To: NT System Admin Issues Subject: RE: #*$% Security Tools Malware Cool... Can I add that as an alternative to my ISP's DNS in my Active Directory, or should I just push that out through DHCP? From: Alex Eckelberry [mailto:al...@sunbelt-software.com] Sent: Wednesday, September 15, 2010 12:58 PM To: NT System Admin Issues Subject: RE: #*$% Security Tools Malware Btw, we update the malware URLs of these rogues right into ClearCloud. Feel free to and the ClearCloud DNS server as a replacement to your existing DNS: http://clearclouddns.com/ It's still beta, but I think you'll find it works quite well. And it's free. Alex From: Alex Eckelberry [mailto:al...@sunbelt-software.com] Sent: Wednesday, September 15, 2010 12:55 PM To: NT System Admin Issues Subject: RE: #*$% Security Tools Malware http://vipre.malwarebytes.org/ Free. And the combination really works. From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] Sent: Wednesday, September 15, 2010 12:20 PM To: NT System Admin Issues Subject: #*$% Security Tools Malware The Security Tools malware is about to drive me insane. My users keep managing to infect themselves with it, and we're having trouble stopping it. They don't run with admin rights, so there's no real damage done to their systems and we can clean it up in about two minutes. But the time adds up, and I'm tired of my technicians having to waste time on it. Our antimalware software is Microsoft's Forefront Client Security, and it's having a tough time catching this. Every time I get infected, I send the EXE to Microsoft and they update their definitions-but the EXE's used by the malware apparently change rapidly, and seem to constantly be a step ahead of FCS's definitions. I can think of a couple of options that I know would stop it, like blocking all EXE's at our web filter or using group policy to limit the running of EXE's-but this would also prevent users from doing things like installing safe plug-ins from websites, so it's not a first resort. Suggestions? John Hornbuckle MIS Department Taylor County School District www.taylor.k12.fl.us ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin -- MIRA Ltd Watling Street, Nuneaton, Warwickshire, CV10 0TU, England Registered in England and Wales No. 402570 VAT Registration GB 114 5409 96 The contents of this e-mail are confidential and are solely for the use of the intended recipient. If you receive this e-mail in error, please delete it and notify us either by e-mail, telephone or fax. You should not copy, forward or otherwise disclose the content of the e-mail as this is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com
RE: #*$% Security Tools Malware
Correct From: Richard Stovall [mailto:rich...@gmail.com] Sent: Wednesday, September 15, 2010 1:53 PM To: NT System Admin Issues Subject: Re: #*$% Security Tools Malware If you have a Windows AD domain, your DHCP scopes should point your clients to your INTERNAL DNS servers. Use your ISP's or ClearCloud as forwarders. On Wed, Sep 15, 2010 at 1:48 PM, John Aldrich jaldr...@blueridgecarpet.commailto:jaldr...@blueridgecarpet.com wrote: Cool... Can I add that as an alternative to my ISP's DNS in my Active Directory, or should I just push that out through DHCP? From: Alex Eckelberry [mailto:al...@sunbelt-software.commailto:al...@sunbelt-software.com] Sent: Wednesday, September 15, 2010 12:58 PM To: NT System Admin Issues Subject: RE: #*$% Security Tools Malware Btw, we update the malware URLs of these rogues right into ClearCloud. Feel free to and the ClearCloud DNS server as a replacement to your existing DNS: http://clearclouddns.com/ It's still beta, but I think you'll find it works quite well. And it's free. Alex From: Alex Eckelberry [mailto:al...@sunbelt-software.commailto:al...@sunbelt-software.com] Sent: Wednesday, September 15, 2010 12:55 PM To: NT System Admin Issues Subject: RE: #*$% Security Tools Malware http://vipre.malwarebytes.org/ Free. And the combination really works. From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.usmailto:john.hornbuc...@taylor.k12.fl.us] Sent: Wednesday, September 15, 2010 12:20 PM To: NT System Admin Issues Subject: #*$% Security Tools Malware The Security Tools malware is about to drive me insane. My users keep managing to infect themselves with it, and we're having trouble stopping it. They don't run with admin rights, so there's no real damage done to their systems and we can clean it up in about two minutes. But the time adds up, and I'm tired of my technicians having to waste time on it. Our antimalware software is Microsoft's Forefront Client Security, and it's having a tough time catching this. Every time I get infected, I send the EXE to Microsoft and they update their definitions-but the EXE's used by the malware apparently change rapidly, and seem to constantly be a step ahead of FCS's definitions. I can think of a couple of options that I know would stop it, like blocking all EXE's at our web filter or using group policy to limit the running of EXE's-but this would also prevent users from doing things like installing safe plug-ins from websites, so it's not a first resort. Suggestions? John Hornbuckle MIS Department Taylor County School District www.taylor.k12.fl.ushttp://www.taylor.k12.fl.us ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body
RE: #*$% Security Tools Malware
In my discussions with Malwarebytes, they have indicated that they are ok with the use of Malwarebytes in a commercial environment for a one-time use to clean an infected system -- at least as it regards the website vipre.malwarebytes.org. However, you're correct, the Malwarebytes business model is to have a free version and charge for corporate/business customers. It should ultimately be purchased. Alex -Original Message- From: Angus Scott-Fleming [mailto:angu...@geoapps.com] Sent: Wednesday, September 15, 2010 2:10 PM To: NT System Admin Issues Subject: Re: #*$% Security Tools Malware On 15 Sep 2010 at 12:55, Alex Eckelberry wrote: http://vipre.malwarebytes.org/ Free. And the combination really works. Just remember, only the VIPRE part of that page is free. On that page, quite prominently, is this: (Malwarebytes' Anti-Malware is free for non-commercial use)! -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: #*$% Security Tools Malware
I've pinged them on yours and Vicky's questions. -Original Message- From: David Lum [mailto:david@nwea.org] Sent: Wednesday, September 15, 2010 4:28 PM To: NT System Admin Issues Subject: RE: #*$% Security Tools Malware I have tried twice to contact Malwarebytes via their corporate pricing link and twice have got nothing back... Dave -Original Message- From: Alex Eckelberry [mailto:al...@sunbelt-software.com] Sent: Wednesday, September 15, 2010 11:46 AM To: NT System Admin Issues Subject: RE: #*$% Security Tools Malware In my discussions with Malwarebytes, they have indicated that they are ok with the use of Malwarebytes in a commercial environment for a one-time use to clean an infected system -- at least as it regards the website vipre.malwarebytes.org. However, you're correct, the Malwarebytes business model is to have a free version and charge for corporate/business customers. It should ultimately be purchased. Alex -Original Message- From: Angus Scott-Fleming [mailto:angu...@geoapps.com] Sent: Wednesday, September 15, 2010 2:10 PM To: NT System Admin Issues Subject: Re: #*$% Security Tools Malware On 15 Sep 2010 at 12:55, Alex Eckelberry wrote: http://vipre.malwarebytes.org/ Free. And the combination really works. Just remember, only the VIPRE part of that page is free. On that page, quite prominently, is this: (Malwarebytes' Anti-Malware is free for non-commercial use)! -- Angus Scott-Fleming GeoApps, Tucson, Arizona 1-520-290-5038 Security Blog: http://geoapps.com/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: iPad / LogMeIn
Fwiw, look at TeamViewer for the iPad... From: David Lum [mailto:david@nwea.org] Sent: Thursday, September 02, 2010 5:50 PM To: NT System Admin Issues Subject: iPad / LogMeIn Anyone here using LogMeIn from an iPad? I've been resisting trendy tech (smartphones and Apple anything) for a long time, but this just might put it over the top for me David Lum // SYSTEMS ENGINEER NORTHWEST EVALUATION ASSOCIATION (Desk) 971.222.1025 // (Cell) 503.267.9764 ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.commailto:listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to listmana...@lyris.sunbeltsoftware.com with the body: unsubscribe ntsysadmin
RE: Intel to buy McAfee for $7.68 billion
As you can see, I stayed away from making any comments... but I did make some comments to PC Mag here: http://www.pcmag.com/article2/0,2817,2368056,00.asp More likely is the fact that the MBAs drove a good part of this decision: http://money.cnn.com/2010/08/19/technology/intel_mcafee_deal/ Value for Intel shareholders. Intel has $17.8 billion cash on hand, which is just sitting there, earning very little for the company's shareholders. So what to do with that cash? Intel could buy a company that it thinks will generate income for its investors. Ken Hackel, president of CreditTrends.com and author of Security Valuation and Risk Analysis, estimated that Intel's total cost of capital on the McAfee purchase would be about 4%, but the cash return on its invested capital would probably be around 8%.Software in general is a much higher-margin business than hardware, and McAfee is no exception, with a gross margin near 75%. Intel's is around 55%. Other than that, it doesn't make a huge amount of sense. Intel has had a weak track record buying software companies, and many are scratching their heads. Alex From: Andy Shook [mailto:andy.sh...@peak10.com] Sent: Thursday, August 19, 2010 9:21 AM To: NT System Admin Issues Subject: RE: Intel to buy McAfee for $7.68 billion Mr. Alex E., If you're lurking, I'd love to hear\read what you think Shook From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Thursday, August 19, 2010 9:17 AM To: NT System Admin Issues Subject: Re: Intel to buy McAfee for $7.68 billion Yow!!! Now that is a huge surprise. I'm not sure what to be more scared about: -- That Intel feels it needs integrated security solutions -- That it feels that McCrappy was the best organization to purchase to get that capability -- That we might have integrated McCrappy on our systems whether we like it or not in a few months/years -- That AMD or other chipmakers might do something similar to avoid being left behind. ASB (My XeeSM Profile)http://XeeSM.com/AndrewBaker Exploiting Technology for Business Advantage... Signature powered by WiseStamphttp://www.wisestamp.com/email-install On Thu, Aug 19, 2010 at 9:02 AM, Simon Butler si...@sembee.co.ukmailto:si...@sembee.co.uk wrote: Here is a surprise... http://news.cnet.com/8301-1001_3-20014082-92.html?tag=nl.e498 Simon. -- Simon Butler MVP: Exchange, MCSE Sembee Ltd. e: si...@sembee.co.ukmailto:si...@sembee.co.uk w: http://www.sembee.co.uk/ w: http://www.amset.info/ w: http://blog.sembee.co.uk/ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Sophos vs. Vipre Enterprise (now that we have tested both)
Thanks Jeff, and I'm glad I made it as a Level 5 ;-) Alex From: Jeff S. Gottlieb [mailto:jeff.s.gottl...@gmail.com] Sent: Tuesday, August 17, 2010 11:38 AM To: NT System Admin Issues Cc: Jason Chronowitz; 'NT System Admin Issues' Subject: RE: Sophos vs. Vipre Enterprise (now that we have tested both) BS'D Comments below... From: Alex Eckelberry [mailto:al...@sunbelt-software.com] Sent: Saturday, August 14, 2010 6:51 AM To: NT System Admin Issues Cc: Jason Chronowitz Subject: RE: Sophos vs. Vipre Enterprise (now that we have tested both) Jeff -- thanks for this. This will sound odd, but I like having VIPRE compared to Sophos, as opposed to many others. It's a very decent product and a product we look at as being in the same class as VIPRE. With regard to your points: Exclusions -- the next major release of VIPRE (Q4) will have best-practices templates, which will pre-define roles for various types of systems. This will dramatically help in pre-defining exclusions for servers. Updates -- We actually turned on hourly updates a few months ago, and found users didn't like it. I think a lot of that had to do with the updating scheme inside the product, which spiked CPU usage when applying the update. The next minor update to VIPRE has code written in it to allow going back to hourly updates. 24/7 support -- Got it. We are working on improving weekend support, and I expect you'll find things getting quite a bit better. Your general comments about support are also perfectly reasonable and we will continue to improve. Reboots -- New code is being written to separate non-boot required functions from boot-required functions, which will enable us to only require a reboot in certain occasions. Our developers have been beaten into submission on this subject, and they are now terrified of releasing update which requires a reboot ;-) Sophos actually does require reboots, but they schedule it around major upgrades, and they push all the reboot-required functions into one release (I believe they have a policy of only doing reboots once a year). Might be the case...and a schedule that we can live with. However, not doing a reboot around a deployment --- I would like some more information on this. Was this on Vista/Windows 7 machines? Or on XP machines? On XP and below, it is technically impossible not to require a reboot, based on the driver model (there are some exceptions to this, but it's a long technical discussion). Empirically yes, NO reboots are required for the agent deployment of XP and Server 2003 only... http://www.sophos.com/support/knowledgebase/article/11006.html Once again, thanks for the frank evaluation, and I can assure you this email has plenty of readers inside the organization. BTW Good to Great, by Jim Collins is a excellent read. The answers to what makes a good company great are in this book. IMHO Sunbelt Software is experiencing Level 5 Leadership. Sorry, off-topic, and I don't mean to patronize, just my frank observation!! Continued success... http://www.bizsum.com/articles/art_good-to-great.php Alex Alex Eckelberry, CEO Sunbelt Software 33 N. Garden Avenue, Clearwater, FL 33755 p: 727-562-0101 x220 e: a...@sunbeltsoftware.commailto:a...@sunbeltsoftware.com MSN: alex...@hotmail.commailto:alex...@hotmail.com w: www.sunbeltsoftware.comfile:///C:\Documents%20and%20Settings\exec3\Application%20Data\Microsoft\Signatures\www.sunbeltsoftware.com b: www.sunbeltblog.comfile:///C:\Documents%20and%20Settings\exec3\Application%20Data\Microsoft\Signatures\www.sunbeltblog.com From: Jeff S. Gottlieb [mailto:jeff.s.gottl...@gmail.com] Sent: Wednesday, August 11, 2010 4:56 PM To: NT System Admin Issues Subject: Sophos vs. Vipre Enterprise (now that we have tested both) We are in an SMB environment of roughly 60 servers and 1000 hosts, including Server 2003, 2008, SBS2003, SBS2008, XP Pro SP3, Windows 7, and Vista workstations. Sophos Endpoint Security along with PureMessaging, and Vipre Enterprise Premium along with Vipre Email Security are being put to the test head-to-head. We are staunch fans of Sunbelt Software. Our experiences with Vipre Email Security (much improved over Ninja) has been great over the years. For over 10-years we have placed our trust in Trend Micro, something that has deteriorated slowly over the past 24-months. In any event, we are hoping that our published comparisons will meet objectivity, and help to give reassurance to future Vipre users regardless of the decisions we ultimately made. The Sunbelt 'NT System Admin Issues' forum has been a great help, dating back to April, more specifically... 4/01/2010 Subject: Enterprise Anti-Virus, rz...@qwest.netmailto:rz...@qwest.net 4/21/2010 Subject: Sophos vs. Vipre Enterprise, jholmg...@xlhealth.commailto:jholmg...@xlhealth.com 5/06/2010 Subject: NOD32 Antivirus, jda...@asmail.ucdavis.edumailto:jda...@asmail.ucdavis.edu 5/09
RE: The 2010 Anti-Virus league (Vipre not included) why, and is this test any good?
I have contacted AV Test to find out why we weren't on the test. It turns out we need to pay for testing for their monthly test (we are paying for a subset of that). We should now be in the next test. This whole testing thing... don't get me going. It has been incredibly frustrating. But if it means anything to anybody, AV-Test and VB 100 are probably the best testing organizations out there, so what they say is worth reading. Alex From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Friday, August 20, 2010 10:50 AM To: NT System Admin Issues Subject: The 2010 Anti-Virus league (Vipre not included) why, and is this test any good? Anyone seen this test http://www.ghacks.net/2010/08/20/the-2010-anti-virus-league-tables-are-out/ , how come vipre did not make top ten. -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Sophos vs. Vipre Enterprise (now that we have tested both)
Jeff -- thanks for this. This will sound odd, but I like having VIPRE compared to Sophos, as opposed to many others. It's a very decent product and a product we look at as being in the same class as VIPRE. With regard to your points: Exclusions -- the next major release of VIPRE (Q4) will have best-practices templates, which will pre-define roles for various types of systems. This will dramatically help in pre-defining exclusions for servers. Updates -- We actually turned on hourly updates a few months ago, and found users didn't like it. I think a lot of that had to do with the updating scheme inside the product, which spiked CPU usage when applying the update. The next minor update to VIPRE has code written in it to allow going back to hourly updates. 24/7 support -- Got it. We are working on improving weekend support, and I expect you'll find things getting quite a bit better. Your general comments about support are also perfectly reasonable and we will continue to improve. Reboots -- New code is being written to separate non-boot required functions from boot-required functions, which will enable us to only require a reboot in certain occasions. Our developers have been beaten into submission on this subject, and they are now terrified of releasing update which requires a reboot ;-) Sophos actually does require reboots, but they schedule it around major upgrades, and they push all the reboot-required functions into one release (I believe they have a policy of only doing reboots once a year). However, not doing a reboot around a deployment --- I would like some more information on this. Was this on Vista/Windows 7 machines? Or on XP machines? On XP and below, it is technically impossible not to require a reboot, based on the driver model (there are some exceptions to this, but it's a long technical discussion). Once again, thanks for the frank evaluation, and I can assure you this email has plenty of readers inside the organization. Alex Alex Eckelberry, CEO Sunbelt Software 33 N. Garden Avenue, Clearwater, FL 33755 p: 727-562-0101 x220 e: a...@sunbeltsoftware.com MSN: alex...@hotmail.commailto:alex...@hotmail.com w: www.sunbeltsoftware.comfile:///C:/Documents%20and%20Settings/exec3/Application%20Data/Microsoft/Signatures/www.sunbeltsoftware.com b: www.sunbeltblog.comfile:///C:/Documents%20and%20Settings/exec3/Application%20Data/Microsoft/Signatures/www.sunbeltblog.com From: Jeff S. Gottlieb [mailto:jeff.s.gottl...@gmail.com] Sent: Wednesday, August 11, 2010 4:56 PM To: NT System Admin Issues Subject: Sophos vs. Vipre Enterprise (now that we have tested both) We are in an SMB environment of roughly 60 servers and 1000 hosts, including Server 2003, 2008, SBS2003, SBS2008, XP Pro SP3, Windows 7, and Vista workstations. Sophos Endpoint Security along with PureMessaging, and Vipre Enterprise Premium along with Vipre Email Security are being put to the test head-to-head. We are staunch fans of Sunbelt Software. Our experiences with Vipre Email Security (much improved over Ninja) has been great over the years. For over 10-years we have placed our trust in Trend Micro, something that has deteriorated slowly over the past 24-months. In any event, we are hoping that our published comparisons will meet objectivity, and help to give reassurance to future Vipre users regardless of the decisions we ultimately made. The Sunbelt 'NT System Admin Issues' forum has been a great help, dating back to April, more specifically... 4/01/2010 Subject: Enterprise Anti-Virus, rz...@qwest.netmailto:rz...@qwest.net 4/21/2010 Subject: Sophos vs. Vipre Enterprise, jholmg...@xlhealth.commailto:jholmg...@xlhealth.com 5/06/2010 Subject: NOD32 Antivirus, jda...@asmail.ucdavis.edumailto:jda...@asmail.ucdavis.edu 5/09/2010 Subject: Life just keeps getting better, kurt.b...@gmail.commailto:kurt.b...@gmail.com 7/29/2010 Subject: Vipre effectiveness false positives, c.house...@gmail.commailto:c.house...@gmail.com 1) Installation / Deployment Server installs both went smooth. In deployment Sophos had few if any issues. Viper deployment to server required countless exclusions (painfully so)... in fact when our server crashed, we were told that a few exclusions were missing (Agh!). Viper deployment to host on two systems came with MANY surprises. The Vipre agent loaded a NDIS IM element in the TCPIP stack, causing CISCO (IPSec) clients to connect... oddly not allowing us to remote TS, Dameware, and other remote applications. SonicWall VPN clients remained unaffected. Vipre even caused slowness, freezing during printing, multi-tasking, and issues with Adobe Acrobat. Some of these issues we just gave up on attempting to resolve and disabled the firewall entirely. When a MSP firm cannot remote access...this is serious!! We couldn't get support soon enough... and unfortunately cases remain open 4-5 days after the fact
RE: Vipre false positives?
This is actually a really good idea. From: Angus Scott-Fleming [mailto:an...@geoapps.com] Sent: Thursday, July 29, 2010 9:43 PM To: NT System Admin Issues Cc: Alex Eckelberry Subject: Re: Vipre false positives? On 26 Jul 2010 at 9:08, Jeff Cain wrote: These should have been addressed in def version 6636. If not please let us know right away. IMHO VIPRE needs a Rescan Quarantined Files option -- an auto-recover from FP feature. The Rescan should allow us to select, from the console, an agent or set of agents, and allow us to tell each agent to rescan its quarantined items using the current set of defs, which presumably has corrected the FP. There should be an option to unquarantine -- to restore -- anything that scans clean, with an option to email the report to the administrator either way. There should be an option to time-limit the items being rescanned so we only scan a given date range, this would allow us to limit the scanning to the last day or week of quarantined items. We should be able to schedule the rescan, too, so the scan happens when it won't interfere with work. This would allow us to recover easily from an episode of False Positives that erroneously quarantines files on multiple systems (as long as those systems are still bootable and the VSE Agent is running there). It is tolerable if you have a few machines with FPs. I can't imagine cleaning up an FP episode on hundreds of machines. We all understand that all AV products either suffer from FPs or infections that get by. I'd rather have the FPs, but having a Rescan Quarantine would really set VIPRE apart from other AV products. I don't know of any other product which offers this. Discussion welcome. Angus ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Vipre effectiveness false positives
I track the detection statistics daily of VIPRE against 30+ competitors against hundreds of thousands of real malware in the wild. The detection stats on VirusTotal do not reflect reality. We will reach out to them to find out what exactly is going on with their zoo. I am happy to share data with anyone off-list, just ping me directly. Alex Eckelberry CEO, Sunbelt Software Part of GFI Software Family From: Ralph Smith [mailto:m...@gatewayindustries.org] Sent: Thursday, July 29, 2010 2:20 PM To: NT System Admin Issues Subject: RE: Vipre effectiveness false positives I've had VIPRE for a couple of years now, and was fortunately not hit hard with the false positive problems others have had. With about 180 Win XP machines, I've had only a half dozen infections in that time - all but one of the rogue AV kind, so I have been feeling pretty good. However, the chart that was linked to is a bit worrying - the only popular business class AV solution that scored worse was CA (my former solution), and most of the others - McAfee, ESET, Kaspersky, Sophos to name a few - show significantly better results. It would be interesting to hear a comment from Sunbelt - a little reassurance needed here. :-) From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Thursday, July 29, 2010 1:48 PM To: NT System Admin Issues Subject: Re: Vipre effectiveness false positives I don't know what you have now, but I can tell you from experience at various client sites over the last year or so, none of the following was without issues : Trend, McAfee, Symantec SAV SEP On Thu, Jul 29, 2010 at 11:37 AM, Carl Houseman c.house...@gmail.commailto:c.house...@gmail.com wrote: For all of you staunch Vipre supporters, I'm just wondering, are you still so staunch given the various false positives over the past year? It seems like I remember reading here about one every quarter or so, and I can confirm at least 3 since (from online records and messages I didn't delete) since June 2009. And how many of you have had to deal with infections despite having an up-to-date Vipre? Issue I'm debating is a switch from another product to Vipre, and even though the price is very good, I'm looking at the Virusbtn RAP quadrant (http://www.virusbtn.com/vb100/rap-index.xml) with a very poor showing for Sunbelt. Including the false positives and cost of switching, it doesn't add up to a good choice. At least if the protection was much better, then the occasional false positive might be justified. Is there any 3rd party comparison or statistic that gives Vipre a better than average result? I'm not looking for endorsements or praise for their tech support - heard that all before. But if you've had Vipre on 10 seats or more and have kept track of live infections after a year or longer, and effort to avoid or recover from false positives, that would be great to know. Please include total number of seats in any report. Carl Confidentiality Notice: ** This communication, including any attachments, may contain confidential information and is intended only for the individual or entity to whom it is addressed. Any review, dissemination, or copying of this communication by an yone other than the intended recipient is strictly prohibited. If you are no t the intended recipient, please contact the sender by reply email, delete a nd destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Vipre false positives?
Fwiw, there is a very serious zero day .lnk exploit going around. http://www.computerworld.com/s/article/9179339/Windows_shortcut_attack_code_goes_public Apparently our heuristics were a little too aggressive... Alex From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Monday, July 26, 2010 10:09 AM To: NT System Admin Issues Subject: RE: Vipre false positives? I got notifications for .lnk files that are harmless. :( I'm not particularly worried about it, but I think Vipre is a little *too* cautious on .lnk files. [cid:343474514@26072010-07C0][cid:343474...@26072010-07c7] From: Eric Wittersheim [mailto:eric.wittersh...@gmail.com] Sent: Monday, July 26, 2010 9:01 AM To: NT System Admin Issues Subject: Re: Vipre false positives? Same here On Mon, Jul 26, 2010 at 7:43 AM, Richard Stovall rich...@gmail.commailto:rich...@gmail.com wrote: You are not alone... On Mon, Jul 26, 2010 at 8:40 AM, Tom Miller tmil...@hnncsb.orgmailto:tmil...@hnncsb.org wrote: Anyone having issue with Vipre false positives on their Windows 2008 servers? Last weekend, Friday night's scan reported a virus on each of my 2008 servers. The Sunbelt team investigated and it was a false positive. Same thing this weekend, and again a false positive. I have a third I'm working on with support now that looks like another false positive. I am wondering if this is Vipre or possibly my policy configuration for my servers? I run deep scan several times a week on those systems in any case. The first thing I do not want to see in my Inbox on Saturday and Sunday morning is pages of Vipre notifications. I have not seen false positives on our XP/Win 7 machines or 2003 Servers. This is getting really old. Nothing special about these servers. Some are DCs, others member servers, others just for apps or storage. Most don't have anything other than the Windows 2008 NOS installed. Tom Miller Engineer, Information Technology Hampton-Newport News Community Services Board 757-788-0528 Confidentiality Notice: This e-mail message, including attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure, or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~inline: image001.jpginline: image002.jpg
RE: Letter from Sunbelt CEO: GFI Acquires Sunbelt Software - Domain does not exist
...@googlemail.com wrote: I feel a little disappointed too, butat least they weren't acquired by Symantec :-) On 13 July 2010 13:13, Andy Shook andy.sh...@peak10.com wrote: Well, well, well. While I freely acknowledge there is more going on here than I will ever know. I can't help but feel let down. Alex\Sunbelt...why? You have such a good thing going, why change? Sunbelt is an industry leader as far as support and product reliability. Why does this feel like I just got kicked in the chest? Andy Shook Senior Sales Engineer | Peak 10, Inc. 8910 Lenox Pointe Drive, Suite B, Charlotte, NC 28273 office: (704) 264-1078 fax: (704) 264-1075 mobile: (803) 517-2168 email: andy.sh...@peak10.com www.peak10.com -Original Message- From: Webster [mailto:webs...@carlwebster.com] Sent: Tuesday, July 13, 2010 7:26 AM To: NT System Admin Issues Subject: FW: Letter from Sunbelt CEO: GFI Acquires Sunbelt Software Today, it was announced that Sunbelt Software has been acquired by GFI Software. The new combined entity will provide a wide range of security and infrastructure software solutions, both on-premise and in the cloud. View the press release here: http://www.sunbeltsoftware.com/Press/Releases/?id=362 This Wednesday, July 14th, GFI's CEO, Walter Scott and I will be holding a webinar to discuss the transaction, which we invite you to attend. The details of the webinar are as follows: CEO webinar for Partners: GFI's new acquisition Date: Wednesday, July 14, 2010 Time: 11:30am Eastern Time Register here to attend https://www1.gotomeeting.com/register/294875025 First, let me say that we're thrilled to be part of the GFI team. Throughout our discussions and interactions with GFI, we have been continually impressed with their dedication to quality, customer service and superior performance throughout the company. Both companies are similar in their attitudes and practices with regard to customer service, product quality, strategic vision, organizational styles and culture. On the technology side, the acquisition allows us to expand into several areas, which we believe are essential for us to grow as a company and continue to provide leading-edge technologies to our partners. These areas include vulnerability assessment, patch management, data leakage prevention, hosted/cloud-based technologies, and MSP solutions. No specific plans have been made yet in terms of product integration strategies, but we are working with the GFI team to identify areas where their technologies would complement our offerings. In addition to the technology side, GFI provides additional resources in terms of capital, management expertise, systems and new markets that will continue to propel our products and our teams to the highest level of achievement possible. For the time being, both companies are hard at work, integrating the various sales, marketing, finance, and technology teams. Our goal is to make the combination of the companies as seamless as possible to you, and we will continue to provide you with updates and information as we work to combine the organizations. For now, nothing changes in how you do business with Sunbelt. We appreciate your trust in us as a partner and will continue to work hard to keep your loyalty and support. Please don't hesitate to reach out to your Sunbelt representative or me personally if you have any questions or comments. Kind regards, Alex Eckelberry CEO ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ -- On two occasions...I have been asked, 'Pray, Mr Babbage, if you put into the machine wrong figures, will the right answers come out?' I am not able rightly to apprehend the kind of confusion of ideas that could provoke such a question. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ Any medical information contained in this electronic message is CONFIDENTIAL and privileged. It is unlawful for unauthorized persons to view, copy, disclose, or disseminate CONFIDENTIAL information. This electronic message may contain information that is confidential and/or legally privileged. It is intended only for the use of the individual(s) and/or entity named as recipients in the message. If you are not an intended recipient of this message, please notify the sender immediately and delete this material from your computer. Do not deliver, distribute or copy this message, and do not disclose its contents or take any action in reliance on the information that it contains
RE: Australian Internet Filtering Position
This is why I highly recommend hidemyass.com For a small monthly fee, you can do pretty much whatever the hell you want. For example, friends of mine in the UK use it to watch US TV shows on Hulu (which blocks overseas IPs). Technology will always beat idiocy like this... Alex From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Thursday, July 08, 2010 8:57 AM To: NT System Admin Issues Subject: Re: Australian Internet Filtering Position For too many reasons to mention in this post, the government (any government) is hardly the best entity for actively filtering the Internet for any subset of people outside of employees. If, for some reason which defies explanation, the government MUST be involved, then the system in question must be optional, and there can be no penalty for circumvention, or record of usage/non-usage. -ASB: http://XeeSM.com/AndrewBaker On Thu, Jul 8, 2010 at 8:12 AM, Erik Goldoff egold...@gmail.commailto:egold...@gmail.com wrote: my personal opinion is that it is unjust censorship, even if initially implemented as a security for the masses type reason. Ask the Chinese how they feel about their internet access being filtered/controlled . On Wed, Jul 7, 2010 at 11:54 PM, Ryan Halloway ryan.hallo...@gmail.commailto:ryan.hallo...@gmail.com wrote: List, With sites like this appearing everywhere: http://www.dontfilterme.comhttp://www.dontfilterme.com/ and http://nocleanfeed.com/ Just trying to get a general opinion with what everyone thinks of the filtering situation in Australia. Whether you believe its a good thing or a bad thing or you don't really care. I'm writing a letter to an Australian MP (Member of Parliament) and I want to get some actual opinions of what other systems administrators think of the internet filter, even if they are not in Australia. Not only at a technical aspect but at an opinion aspect as well. Either reply on list or pm me. I just want to get a general idea. Thanks, Ryan. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Antivirus Product comparisons, Vipre not included ?
Yeah, we'll find out what's going on here and get into the next report. From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Monday, June 28, 2010 9:20 AM To: NT System Admin Issues Subject: Re: Antivirus Product comparisons, Vipre not included ? Someone will have to suggest to NSS that they include it in their next update. And let's hope that their methodology is made *somewhat* transparent going forward. (Not so much that vendors can simply game the system, but enough that controversy over the effectiveness and relevance of the tests is minimized.) -ASB: http://XeeSM.com/AndrewBaker On Mon, Jun 28, 2010 at 8:52 AM, Erik Goldoff egold...@gmail.commailto:egold...@gmail.com wrote: http://www.readwriteweb.com/enterprise/2010/06/antivirus-product-testing-changing.php Wonder how Vipre fairs with this crowd Erik Goldoff IT Consultant Systems, Networks, Security ' Security is an ongoing process, not a one time event ! ' ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Patch Management - again
WSUS. What do you do about non-Windows patching? Alex -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Thursday, June 10, 2010 11:30 AM To: NT System Admin Issues Subject: Re: Patch Management - again On Thu, Jun 10, 2010 at 11:17 AM, Joseph Heaton jhea...@dfg.ca.gov wrote: What are you guys using for automating patch management for your servers? WSUS. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: vipre perium defualt ad blocked by vipre changed
Yes. The HTML pages are in the VIPRE install directory. BlockedAdPage.htm And BlockedWebPage.htm -Original Message- From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Saturday, June 05, 2010 1:27 PM To: NT System Admin Issues Subject: vipre perium defualt ad blocked by vipre changed Can the defualt (page) or (message) ad blocked by vipre be changed? To something like Get to work and says some lie about All internet traffic is monitored and repeated attempts to access this site will be sent to your supervsior. When blocking facebook? Thanks -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: What the heck?
The exe below is malware (I suppose everyone figured that out). From: David McSpadden [mailto:dav...@imcu.com] Sent: Tuesday, June 01, 2010 1:34 PM To: NT System Admin Issues Subject: What the heck? Ok so my users are getting this right now. I have blocked the ip with Ironport and sent the email saying not to open it but to delete it. Anyone else getting this crap today? If you already received this information before and action has been taken, then please ignore. This important information about a security vulnerability requires your immediate attention! All systems detected using Adobe products have been sent out this e-mail and are all requested to update their systems urgently. Kindly follow the instructions in the e-mail as forwarded below. Failure to comply will result in all financial and non financial loss to be a liability of the receiver. Please treat this e-mail as a matter of urgency. No further follow up warning will be sent. **This e-mail is a computer generated e-mail from ad...@imcu.com and does not require a reply** --- On Fri, 5/28/10, Richard Barnett rbarn...@adobe.com wrote: --- From: Richard Barnett rbarn...@adobe.com To: Administrator ad...@imcu.com Subject: Adobe Security Update Date: Friday, May 28, 2010, 11:24 AM Broadcast message: Adobe has issued a directive which states that all systems running their software should be patched for the latest security glitch. The CVE-2010-0193 Denial of Service Vulnerability has recently been discovered on several systems running the previously released version of the software, which has been further documented on security sites such as http://www.securityfocus.com/bid/39524 It is strongly advised that all systems running the Adobe software is updated with the latest security patch to avoid further situations hampering the security and integrity of the system. Failure to follow the directive would mean that any loss which occurs due to the negligence will be a liability of the company and not Adobe. The link to update the system with the latest patch and instructions are provided below: Download the instructions here: http://190.144.101.204/adobe/update.pdf (requires Adobe Acrobat Reader). To update your system, download the installation file here: http://190.144.101.204/adobe/adbp932b.exe (adbp932b.exe). (Read first the instructions before updating the system) Your urgent attention is most appreciated, Richard Barnett Adobe Risk Management 345 Park Avenue San Jose, CA 95110-2704 Tel: 408-587-3932 rbarn...@adobe.com --- Disclaimer: This e-mail message and information contained in or attached to this message is privileged, confidential, and protected from disclosure and is intended only for the person or entity to which it is addressed. Any review, re-transmission, dissemination, printing or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: What the heck?
Actually the PDF doesn't appear malicious. But I haven't had the labs look at it yet. From: Erik Goldoff [mailto:egold...@gmail.com] Sent: Tuesday, June 01, 2010 2:42 PM To: NT System Admin Issues Subject: Re: What the heck? I was figuring both the EXE *and* the PDF were grin On Tue, Jun 1, 2010 at 2:33 PM, Alex Eckelberry al...@sunbelt-software.commailto:al...@sunbelt-software.com wrote: The exe below is malware (I suppose everyone figured that out). From: David McSpadden [mailto:dav...@imcu.commailto:dav...@imcu.com] Sent: Tuesday, June 01, 2010 1:34 PM To: NT System Admin Issues Subject: What the heck? Ok so my users are getting this right now. I have blocked the ip with Ironport and sent the email saying not to open it but to delete it. Anyone else getting this crap today? If you already received this information before and action has been taken, then please ignore. This important information about a security vulnerability requires your immediate attention! All systems detected using Adobe products have been sent out this e-mail and are all requested to update their systems urgently. Kindly follow the instructions in the e-mail as forwarded below. Failure to comply will result in all financial and non financial loss to be a liability of the receiver. Please treat this e-mail as a matter of urgency. No further follow up warning will be sent. **This e-mail is a computer generated e-mail from ad...@imcu.commailto:ad...@imcu.com and does not require a reply** --- On Fri, 5/28/10, Richard Barnett rbarn...@adobe.commailto:rbarn...@adobe.com wrote: --- From: Richard Barnett rbarn...@adobe.commailto:rbarn...@adobe.com To: Administrator ad...@imcu.commailto:ad...@imcu.com Subject: Adobe Security Update Date: Friday, May 28, 2010, 11:24 AM Broadcast message: Adobe has issued a directive which states that all systems running their software should be patched for the latest security glitch. The CVE-2010-0193 Denial of Service Vulnerability has recently been discovered on several systems running the previously released version of the software, which has been further documented on security sites such as http://www.securityfocus.com/bid/39524 It is strongly advised that all systems running the Adobe software is updated with the latest security patch to avoid further situations hampering the security and integrity of the system. Failure to follow the directive would mean that any loss which occurs due to the negligence will be a liability of the company and not Adobe. The link to update the system with the latest patch and instructions are provided below: Download the instructions here: http://190.144.101.204/adobe/update.pdf (requires Adobe Acrobat Reader). To update your system, download the installation file here: http://190.144.101.204/adobe/adbp932b.exe (adbp932b.exe). (Read first the instructions before updating the system) Your urgent attention is most appreciated, Richard Barnett Adobe Risk Management 345 Park Avenue San Jose, CA 95110-2704 Tel: 408-587-3932 rbarn...@adobe.commailto:rbarn...@adobe.com --- Disclaimer: This e-mail message and information contained in or attached to this message is privileged, confidential, and protected from disclosure and is intended only for the person or entity to which it is addressed. Any review, re-transmission, dissemination, printing or other use of, or taking of any action in reliance upon this information by persons or entities other than the intended recipient is prohibited. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: laptop encryption
Not the answer you're looking for, but what about a different thought? Don't keep anything of value on a laptop. Only run laptops client/server (VPN or TS or whatever). Alex From: Jeff Brown [mailto:2jbr...@gmail.com] Sent: Thursday, May 27, 2010 10:58 AM To: NT System Admin Issues Subject: laptop encryption There was a post last week about HIPAA compliance and a small part of that discussion there were a couple of encryption programs mentioned. I have bitlocker running on the OS's that happen to come with it, and need something for those that don't. Might consider OS upgrade if the encryption piece is too costly. anyone using something they LOVE? any chance there is a program that will report encryption status back to a management station? tiafah. Jeff ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Holy PAC-MAN Batman!
http://sunbeltblog.blogspot.com/2010/05/virus-is-attacking-my-computer.html From: Richard Stovall [mailto:rich...@gmail.com] Sent: Friday, May 21, 2010 11:00 AM To: NT System Admin Issues Subject: Holy PAC-MAN Batman! Is anyone else getting a playable PAC-MAN on the Google home page? ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Friday Meet the developers at Sunbelt
Next time… this is a “first-pass”. But I really like that idea of streaming ☺ From: Daniel Rodriguez [mailto:drod...@gmail.com] Sent: Thursday, May 20, 2010 12:07 PM To: NT System Admin Issues Subject: Re: Friday Meet the developers at Sunbelt Would be nice if this was streamed or on Webex... On May 18, 2010 5:56 PM, Joseph Heaton jhea...@dfg.ca.govmailto:jhea...@dfg.ca.gov wrote: Donuts?? I would expect some ribeye's out on the grill ;) Steve Ens stevey...@gmail.commailto:stevey...@gmail.com 5/18/2010 2:40 PM Who is bringing the donuts? On Tue, May 18, 2010 at 4:39 PM, John Cook john.c...@pfsf.orgmailto:john.c...@pfsf.org wrote: ... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Friday Meet the developers at Sunbelt
No oil but we did have the smell of burning oil a week and a half ago. That's about it for drama. -Original Message- From: Joseph Heaton [mailto:jhea...@dfg.ca.gov] Sent: Wednesday, May 19, 2010 1:44 PM To: NT System Admin Issues Subject: RE: Friday Meet the developers at Sunbelt You guys getting any oil yet, Stu? Stu Sjouwerman s...@sunbelt-software.com 5/19/2010 10:34 AM Oh, that's the Sunbelt Concrete Shoes Crew - (the gulf is 5 minutes away) Warm regards, Stu Sjouwerman Co-Founder, Publisher, Sunbelt Media P: +1-727-562-0101 ext 218 F: +1-727-562-5199 s...@sunbelt-software.com From: Micheal Espinola Jr [mailto:michealespin...@gmail.com] Sent: Tuesday, May 18, 2010 7:53 PM To: NT System Admin Issues Subject: Re: Friday Meet the developers at Sunbelt Who's disposing of the bodies? -- ME2 On Tue, May 18, 2010 at 4:40 PM, Kurt Buff kurt.b...@gmail.commailto:kurt.b...@gmail.com wrote: Who's paying the airfare? On Tue, May 18, 2010 at 14:36, Alex Eckelberry al...@sunbelt-software.commailto:al...@sunbelt-software.com wrote: Hat tip for Greg Sweers for organizing this, we are inviting a small group of admins to come to the Sunbelt offices in Clearwater, Florida to meet all Friday afternoon with the VIPRE Enterprise development team. The purpose will be to provide feedback and direction to our development team in making the next versions of VIPRE. We have a small group, but I'm opening it up to any others that might want to come. This will be a very direct, personal meeting with the dev team. If anyone on the list would like to come to the meeting, please contact me directly. Alex ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ... ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
Friday Meet the developers at Sunbelt
Hat tip for Greg Sweers for organizing this, we are inviting a small group of admins to come to the Sunbelt offices in Clearwater, Florida to meet all Friday afternoon with the VIPRE Enterprise development team. The purpose will be to provide feedback and direction to our development team in making the next versions of VIPRE. We have a small group, but I'm opening it up to any others that might want to come. This will be a very direct, personal meeting with the dev team. If anyone on the list would like to come to the meeting, please contact me directly. Alex ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Friday Meet the developers at Sunbelt
1 pm on Friday From: John Cook [mailto:john.c...@pfsf.org] Sent: Tuesday, May 18, 2010 5:39 PM To: NT System Admin Issues Subject: Re: Friday Meet the developers at Sunbelt What time will we be starting exactly? John W. Cook Systems Administrator Partnership for Strong Families From: Alex Eckelberry al...@sunbelt-software.com To: NT System Admin Issues ntsysadmin@lyris.sunbelt-software.com Sent: Tue May 18 17:36:36 2010 Subject: Friday Meet the developers at Sunbelt Hat tip for Greg Sweers for organizing this, we are inviting a small group of admins to come to the Sunbelt offices in Clearwater, Florida to meet all Friday afternoon with the VIPRE Enterprise development team. The purpose will be to provide feedback and direction to our development team in making the next versions of VIPRE. We have a small group, but I'm opening it up to any others that might want to come. This will be a very direct, personal meeting with the dev team. If anyone on the list would like to come to the meeting, please contact me directly. Alex CONFIDENTIALITY STATEMENT: The information transmitted, or contained or attached to or with this Notice is intended only for the person or entity to which it is addressed and may contain Protected Health Information (PHI), confidential and/or privileged material. Any review, transmission, dissemination, or other use of, and taking any action in reliance upon this information by persons or entities other than the intended recipient without the express written consent of the sender are prohibited. This information may be protected by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and other Federal and Florida laws. Improper or unauthorized use or disclosure of this information could result in civil and/or criminal penalties. Consider the environment. Please don't print this e-mail unless you really need to. This email and any attached files are confidential and intended solely for the intended recipient(s). If you are not the named recipient you should not read, distribute, copy or alter this email. Any views or opinions expressed in this email are those of the author and do not represent those of the company. Warning: Although precautions have been taken to make sure no viruses are present in this email, the company cannot accept responsibility for any loss or damage that arise from the use of this email or attachments. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Bootable Vipre Rescue
Or try rebooting into Safe Mode with Command Prompt and run VIPRE Rescue off the USB. The newer infections often are impossible to boot in normal Safe Mode, but with Command Prompt it's sometimes doable. Alex From: richardmccl...@aspca.org [mailto:richardmccl...@aspca.org] Sent: Monday, May 17, 2010 9:10 AM To: NT System Admin Issues Subject: Re: Bootable Vipre Rescue Not what you are wanting to read, but currently the way to remedy this (especially on a laptop) is: 1. Physically remove the suspected drive 2. Attach it externally to a recently scanned system 3. Use your rescue tools (VIPRERESCUE, MalwareBytes, etc) on the external Good luck! -- Richard D. McClary Systems Administrator, Information Technology Group ASPCA(r) 1717 S. Philo Rd, Ste 36 Urbana, IL 61802 richardmccl...@aspca.org P: 217-337-9761 C: 217-417-1182 F: 217-337-9761 www.aspca.orghttp://www.aspca.org/ The information contained in this e-mail, and any attachments hereto, is from The American Society for the Prevention of Cruelty to Animals(r) (ASPCA(r)) and is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution, copying or use of the contents of this e-mail, and any attachments hereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify me by reply email and permanently delete the original and any copy of this e-mail and any printout thereof. John Aldrich jaldr...@blueridgecarpet.com wrote on 05/17/2010 08:01:47 AM: I know there was talk here awhile back about a bootable Vipre Rescue. Has that ever come to fruition? I've got a laptop our CEO brought into me to clean and it's not wanting to respond to a CTL+ALT+DEL at the desktop, and the hard drive is thrashing! L He seems to think it's badly infested, and wants me to clean it. [image removed] [image removed] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Possible false-positive for Vipre
This is fixed. I'll make sure the forum gets updated. From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Monday, May 17, 2010 10:42 AM To: NT System Admin Issues Subject: RE: Possible false-positive for Vipre Already posted in the Enterprise False Positives forum here: http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=219threadid=4727enterthread=y [cid:image001.jpg@01CAF5C2.3C89E110][cid:image002@01caf5c2.3c89e110] From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] Sent: Monday, May 17, 2010 10:24 AM To: NT System Admin Issues Subject: RE: Possible false-positive for Vipre For a much faster response... post it here: http://supportforums.sunbeltsoftware.com/categories.aspx?catid=27entercat=y From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Monday, May 17, 2010 10:21 AM To: NT System Admin Issues Subject: Possible false-positive for Vipre An app that is supposed to keep your flash drives clean is called flash disinfector and Vipre Enterprise is alerting on it as containing a Trojan. Anyone got any clue whether this is a valid alert? [cid:image001.jpg@01CAF5C2.3C89E110][cid:image002@01caf5c2.3c89e110] . ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~inline: image001.jpginline: image002.jpg
RE: Possible false-positive for Vipre
Yeah, if a program uses a packer that's known to be used by malicious authors, etc.,these get flagged by many antivirus companies. From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Monday, May 17, 2010 1:52 PM To: NT System Admin Issues Subject: RE: Possible false-positive for Vipre Thanks. I wasn't sure (since it's showing up in some places on VirusTotal) if it's a real Trojan or a false positive. :) [cid:image001.jpg@01CAF5C9.98B52380][cid:image002@01caf5c9.98b52380] From: Alex Eckelberry [mailto:al...@sunbelt-software.com] Sent: Monday, May 17, 2010 1:10 PM To: NT System Admin Issues Subject: RE: Possible false-positive for Vipre This is fixed. I'll make sure the forum gets updated. From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Monday, May 17, 2010 10:42 AM To: NT System Admin Issues Subject: RE: Possible false-positive for Vipre Already posted in the Enterprise False Positives forum here: http://supportforums.sunbeltsoftware.com/messageview.aspx?catid=219threadid=4727enterthread=y [cid:image001.jpg@01CAF5C9.98B52380][cid:image002@01caf5c9.98b52380] From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] Sent: Monday, May 17, 2010 10:24 AM To: NT System Admin Issues Subject: RE: Possible false-positive for Vipre For a much faster response... post it here: http://supportforums.sunbeltsoftware.com/categories.aspx?catid=27entercat=y From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Monday, May 17, 2010 10:21 AM To: NT System Admin Issues Subject: Possible false-positive for Vipre An app that is supposed to keep your flash drives clean is called flash disinfector and Vipre Enterprise is alerting on it as containing a Trojan. Anyone got any clue whether this is a valid alert? [cid:image001.jpg@01CAF5C9.98B52380][cid:image002@01caf5c9.98b52380] . ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~inline: image001.jpginline: image002.jpg
RE: Bootable Vipre Rescue
Ok, we get it... ;-) -Original Message- From: Peter van Houten [mailto:peter...@gmail.com] Sent: Monday, May 17, 2010 5:23 PM To: NT System Admin Issues Subject: Re: Bootable Vipre Rescue In preparation for my possible meeting with Pan Virut (Virut Pan anyone?) tomorrow, I prepared a bootable USB flash drive with the following recipe. I used Winternals ERD Commander (as I also run the built-in functionality extensively) but I'm sure most other WinPE implementations will work. 1) Download and install WinToFlash: http://wintoflash.com/home/en 2) Download the latest Vipre Rescue [1] http://live.sunbeltsoftware.com 3) Unpack the Vipre Rescue executable to a temp directory using WinRar, etc. 4) Unpack the ISO / CD / DVD containing your WinPE system to another temp directory (I use ImgBurn and WinRar) 5) Copy the directory in (3) somewhere into the directory in (4). I place all my extra executables into Programs as I intensely dislike the Windows use of a space in names. 6) Copy sbredrv.sys (the Vipre anti-rootkit engine) from (3) to the Windows drivers directory in (4). Nominally, this is %windir%\system32\drivers in that filesystem. 7) Copy sbbd.exe (the Vipre boot delete utility [sounds horrendous!]) from (3) to the Windows executables directory in (4). Nominally, this is %windir%\system32 in that filesystem. 8) Run WinToFlash and choose Transfer Windows XP/2003 setup to USB drive under Advanced mode and choose (4) as the source and the root of the USB flash drive as the destination. 9) 10 mins later you should have a bootable USB flash drive schtick. 10) Boot from the above flash drive and open a shell from whence you can run VIPRERescueScanner.exe (or renamed to simply vipre.exe to save typing) with your choice of switches. I run the .exe directly as ERD Commander doesn't like .bat files and I haven't bothered to find out why. 10) Batch / script the whole caboodle above so you don't have to wade through it again (especially since you'll want to update Vipre Rescue regularly). [1] Many thanks to Sunbelt for a great tool [2] [2] Not meant to be funny... -- Peter van Houten On the 17 May, 2010 15:01, John Aldrich wrote the following: I know there was talk here awhile back about a “bootable” Vipre Rescue. Has that ever come to fruition? I’ve got a laptop our CEO brought into me to clean and it’s not wanting to respond to a CTL+ALT+DEL at the desktop, and the hard drive is thrashing! L He seems to think it’s badly infested, and wants me to clean it. John-AldrichTile-Tools ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: How does one test the Vipre premium enterprise firewall and web filter? Safe way.
(answered off-list) From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Tuesday, May 11, 2010 7:21 PM To: NT System Admin Issues Subject: How does one test the Vipre premium enterprise firewall and web filter? Safe way. How does one test the vipre permium enteprise firewall and web fliter? Safe way. ??? Thanks -- Justin IT-TECH ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Computers becoming unresponsive accross entire network.
Fwiw, we are implementing such a system (basically, by creating an additional layer between the engine and the detection, so if a detection starts to spin, it will get stopped). We have been testing it and the results look quite promising (it will take some time to get into the engine, though, as it's not trivial). If you're curious, I wrote a little technical bulletin on what happened Friday here: http://forums.sunbeltsoftware.com/messageview.aspx?catid=27threadid=4653enterthread=y Alex -Original Message- From: Ken Schaefer [mailto:k...@adopenstatic.com] Sent: Monday, May 10, 2010 9:58 PM To: NT System Admin Issues Subject: RE: Computers becoming unresponsive accross entire network. Who knows, but if the machine is pre-empting the AV scanner, then that's how the issue that Kurt highlighted yesterday starts to creep in. Your malicious code gets to do something in between the various bits of code that the AV scanner is running. So, I agree with Ben. For a regular disk-scan, a cap might be good (or lower scheduling priority). For on-access scanning, I think you want to the AV scanner to run at high priority and avoid being pre-empted if possible. Cheers Ken -Original Message- From: Charlie Kaiser [mailto:charl...@golden-eagle.org] Sent: Tuesday, 11 May 2010 12:07 AM To: NT System Admin Issues Subject: RE: Computers becoming unresponsive accross entire network. But doesn't that beg the question; should an AV app EVER require 75% of a machines resources for ANYTHING? *** Charlie Kaiser charl...@golden-eagle.org Kingman, AZ *** -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Monday, May 10, 2010 9:02 AM To: NT System Admin Issues Subject: Re: Computers becoming unresponsive accross entire network. On Sun, May 9, 2010 at 6:03 PM, Andrew S. Baker asbz...@gmail.com wrote: Or something that ensures that no more than 75% of remaining CPU will ever be consumed by the AV app and its processes... For a general system scan, that sounds like a good idea. But for on-access scans (real time, auto protect, whatever you call it), I think you'd want the system to run it as fast as possible. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: sunbelt IRC channel/Server
We don't use IRC alas. From: John Hornbuckle [mailto:john.hornbuc...@taylor.k12.fl.us] Sent: Tuesday, May 11, 2010 6:17 AM To: NT System Admin Issues Subject: RE: sunbelt IRC channel/Server IRC? I feel like I just stepped out of a time machine and back into the 20th century! ;-) John Hornbuckle MIS Department Taylor County School District www.taylor.k12.fl.ushttp://www.taylor.k12.fl.us From: justino garcia [mailto:jgarciaitl...@gmail.com] Sent: Monday, May 10, 2010 11:08 PM To: NT System Admin Issues Subject: OT: sunbelt IRC channel/Server OT sunbelt IRC channel/Server ??? -- Justin IT-TECH NOTICE: Florida has a broad public records law. Most written communications to or from this entity are public records that will be disclosed to the public and the media upon request. E-mail communications may be subject to public disclosure. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Life just keeps getting better....
But Mr. Zoits is right, AV is pointless. It is a signature race and you wll lose that race sooner or later no question about it. Behaviour based HIPS is the only thing that will win this fight. CSA's was the best there ever was at doing this. Virtually bullet proof if implemented correctly, but alas it is gone now. Trends new one is looking pretty good. I respectfully disagree. What antivirus companies still rely on signatures? I see detection rates daily, and while an AV engine is not nearly the thing it was in the past, it is still a very, very important part of the security strategy. Just wait until your next Conficker infection... Alex -Original Message- From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Tuesday, May 11, 2010 10:57 AM To: NT System Admin Issues Subject: RE: Life just keeps getting better Just to amplify 6.0 is also discontinued. This last release a few weeks ago 6.0.2 is the last. It supports 64 bit and windows 7. Server up to 2008 but not R2. No other future operating systems will be supported. They will not say if any future service packs will be supported but if they break CSA you will be on your own, imho. VERY sore subject with me. :) But Mr. Zoits is right, AV is pointless. It is a signature race and you wll lose that race sooner or later no question about it. Behaviour based HIPS is the only thing that will win this fight. CSA's was the best there ever was at doing this. Virtually bullet proof if implemented correctly, but alas it is gone now. Trends new one is looking pretty good. -Original Message- From: Ziots, Edward [mailto:ezi...@lifespan.org] Sent: Tuesday, May 11, 2010 10:50 AM To: NT System Admin Issues Subject: RE: Life just keeps getting better Too bad Cisco royally screwed up CSA 6.0 and is discontinuing V5.. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Computers becoming unresponsive accross entire network.
Looks like a transient issue. Are you still finding this to be the case? From: David Mazzaccaro [mailto:david.mazzacc...@hudsonhhc.com] Sent: Monday, May 10, 2010 9:25 AM To: NT System Admin Issues Subject: RE: Computers becoming unresponsive accross entire network. Anyone else getting this when they try to goto Sunbelt's Message of the Day (May 7th) from within Vipre? The web site you are accessing has experienced an unexpected error. Please contact the website administrator. The following information is meant for the website developer for debugging purposes. Error Occurred While Processing Request Error Executing Database Query. [Macromedia][SQLServer JDBC Driver][SQLServer]Invalid object name 'munchkin_links'. The error occurred in D:\inetpub\wwwroot\app_2008_vars.cfm: line 281 Called from D:\inetpub\wwwroot\app_2008_vars.cfm: line 1 Called from D:\inetpub\wwwroot\Application.cfm: line 21 Called from D:\inetpub\wwwroot\app_2008_vars.cfm: line 281 Called from D:\inetpub\wwwroot\app_2008_vars.cfm: line 1 Called from D:\inetpub\wwwroot\Application.cfm: line 21 279 : /cfquery 280 : !--- Marketo: Munchkin code + links --- 281 : cfquery datasource='sunbelt' name='master_munchkin_links' cachedwithin='#master_cache_timespan#' 282 : select * from munchkin_links where active = 1 283 : /cfquery SQLSTATE 42S02 SQL select * from munchkin_links where active = 1 VENDORERRORCODE 208 DATASOURCE sunbelt Resources: Check the ColdFusion documentationhttp://www.macromedia.com/go/proddoc_getdoc to verify that you are using the correct syntax. Search the Knowledge Basehttp://www.macromedia.com/support/coldfusion/ to find a solution to your problem. Browser Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.2; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.04506.648; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729) Remote Address XXX.XXX.XXX.XXX Referrer http://www.sunbeltsoftware.com/MOTD/401/?license=XXXversion=3.1.3121.0 Date/Time 10-May-10 09:25 AM From: Andrew S. Baker [mailto:asbz...@gmail.com] Sent: Sunday, May 09, 2010 6:03 PM To: NT System Admin Issues Subject: Re: Computers becoming unresponsive accross entire network. Or something that ensures that no more than 75% of remaining CPU will ever be consumed by the AV app and its processes... -ASB: http://XeeSM.com/AndrewBaker On Sun, May 9, 2010 at 5:39 PM, Ben Scott mailvor...@gmail.commailto:mailvor...@gmail.com wrote: On Fri, May 7, 2010 at 1:40 PM, Alex Eckelberry al...@sunbelt-software.commailto:al...@sunbelt-software.com wrote: And yes, we do test each definition that go out. The problem with this one was that the loop condition kicks in on a file of a certain size that is not in our test bed. Would it be feasible to build some kind of governor into the scan-engine, such that if a scan on a single file takes more than a given amount of CPU time, the scan is assumed to have gone haywire, and will be throttled or killed? With suitable administrator alerts, of course. -- Ben . ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Computers becoming unresponsive accross entire network.
It's not a bad idea and we'll look into it. -Original Message- From: Ben Scott [mailto:mailvor...@gmail.com] Sent: Sunday, May 09, 2010 5:39 PM To: NT System Admin Issues Subject: Re: Computers becoming unresponsive accross entire network. On Fri, May 7, 2010 at 1:40 PM, Alex Eckelberry al...@sunbelt-software.com wrote: And yes, we do test each definition that go out. The problem with this one was that the loop condition kicks in on a file of a certain size that is not in our test bed. Would it be feasible to build some kind of governor into the scan-engine, such that if a scan on a single file takes more than a given amount of CPU time, the scan is assumed to have gone haywire, and will be throttled or killed? With suitable administrator alerts, of course. -- Ben ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Computers becoming unresponsive accross entire network.
Just to clarify for everyone, what happened was the following: Customers running a scan with definition versions 6272, 6273 or 6274 would often experience extremely high CPU usage when running a scan. This became apparent when agents started running scans, in most cases at 1 AM EDT (the default time). If an agent didn't run a scan, nothing happened. The issue started with definition 6272, released yesterday evening. The issue was caused by a virus detection (Virus.VBS.Redlof.f) that caused a loop condition when hitting a file of a certain type and size. This problem was fixed in definitions version 6275, which was released at 10:30 am EDT this morning. As the KB below explains, getting out of this loop state required killing the service, or shutting down VIPRE. http://support.sunbeltsoftware.com/Default.aspx?answerid=2015 Yes, it sucks. The only positive thing I can look at is that a number of systems kicked in internally that were not there in the past and we were able to fix the problem in a few minutes and release defs once our engineers diagnosed the problem. And yes, we do test each definition that go out. The problem with this one was that the loop condition kicks in on a file of a certain size that is not in our test bed. We are expanding our test-bed and seeing what else we can do to mitigate this type of thing from happening again. Alex Alex Eckelberry, CEO Sunbelt Software 33 N. Garden Avenue, Clearwater, FL 33755 p: 727-562-0101 x220 e: a...@sunbeltsoftware.com MSN: alex...@hotmail.com w: www.sunbeltsoftware.com b: www.sunbeltblog.com -Original Message- From: Greg Olson [mailto:gol...@markettools.com] Sent: Friday, May 07, 2010 1:05 PM To: NT System Admin Issues Subject: RE: Computers becoming unresponsive accross entire network. No Vipre. :) -Original Message- From: HELP_PC [mailto:g...@enter.it] Sent: Friday, May 07, 2010 10:04 AM To: NT System Admin Issues Subject: R: Computers becoming unresponsive accross entire network. With SEP ? GuidoElia HELPPC -Messaggio originale- Da: Greg Olson [mailto:gol...@markettools.com] Inviato: venerdì 7 maggio 2010 18.57 A: NT System Admin Issues Oggetto: RE: Computers becoming unresponsive accross entire network. Lucky you are sir. I've got entire offices down, servers offline, and all kinds of joy. Updating them is becoming a goto each and try to run a manual update. Which is only working sometimes. Machines are so horked up that we're rebooting into safe mode, and updating from there. -Greg -Original Message- From: HELP_PC [mailto:g...@enter.it] Sent: Friday, May 07, 2010 9:33 AM To: NT System Admin Issues Subject: R: Computers becoming unresponsive accross entire network. I feel good with my poor Symantec Endpoint Protection ! GuidoElia HELPPC -Messaggio originale- Da: Carl Houseman [mailto:c.house...@gmail.com] Inviato: venerdì 7 maggio 2010 17.31 A: NT System Admin Issues Oggetto: RE: Computers becoming unresponsive accross entire network. Already discussed in another thread, update your Vipre defs. Is anyone keeping track of the number of bad defs out of Sunbelt for this year alone? Carl -Original Message- From: Luke [mailto:tesla...@gmail.com] Sent: Friday, May 07, 2010 10:57 AM To: NT System Admin Issues Subject: Computers becoming unresponsive accross entire network. The Network Administrator and I have been working on this all morning. Since about 7:00AM random machines on the Local Network have been slipping into and out of a random state of unresponsiveness (Freezing). The symptoms are pretty serious - I have seen it take up to 5 minutes to bring an already open window from the background to the foreground on client machines - and there are servers that are so unresponsive that I am not even able to log into them (enter Username and Password and nothing happens for the next 30min.). We have had to cold boot one server 3 times in the past hour! This problem is not specific to any user, profile, machine, OS, network switch, etc. - at least from what we have been able to Identify. So far it has affected Windows 7, XP and Server 2003. However, this issue is not affecting everyone on the network. My Colleague sitting right next to me has been having all kinds of trouble with his PC and I have not. We have found that cold booting the affected machines does help a little or at least for a while, but more often than not the machine will just return to its unresponsive state after a few minutes. On the machines that I have that are accessible I am attempting scan with Vipre. We are seriously starting to suspect that Vipre is doing something (in the background that we cant see) that is actually causing all this. We completely removed Vipre from one PC that was having trouble and it seemed to fix the problem. The PC has been running fine since. Any thoughts? ~ Finally, powerful endpoint security
RE: Sunbelt forums down?
Our server looks to be in need of an upgrade... that will happen this weekend. From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Friday, May 07, 2010 10:35 AM To: NT System Admin Issues Subject: Sunbelt forums down? I'm trying to get into the forums to post a question, but it's not loading up. Anyone else having problems? I tried downforeveryoneorjustme.com but I'm not sure I got the correct URL. [cid:image001.jpg@01CAEDED.8BE23410][cid:image002@01caeded.8be23410] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~inline: image001.jpginline: image002.jpg
RE: [OT] RE: Sunbelt forums down?
Hey, I put my head up, I expect some bullets. And if they're funny bullets, all the better. I do appreciate humor, even on a day like today ;-) From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Friday, May 07, 2010 2:47 PM To: NT System Admin Issues Subject: RE: [OT] RE: Sunbelt forums down? I wasn't bashing them, I was just trying to inject some humor into an unpleasant situation. I think Michael is right, you're just jealous 'cause you didn't think of it first. :) From: Andy Shook [mailto:andy.sh...@peak10.com] Sent: Friday, May 07, 2010 1:30 PM To: NT System Admin Issues Subject: RE: [OT] RE: Sunbelt forums down? Naw, I'll never bash the Clearwater crew. Alex would un-friend me on Facebook and I would be devastated. Shook From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Friday, May 07, 2010 2:26 PM To: NT System Admin Issues Subject: [OT] RE: Sunbelt forums down? You just wish you'd thought of it first. :) Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: Andy Shook [mailto:andy.sh...@peak10.com] Sent: Friday, May 07, 2010 2:24 PM To: NT System Admin Issues Subject: RE: Sunbelt forums down? That wasn't nice, brother. Shook From: Kim Longenbaugh [mailto:k...@colonialsavings.com] Sent: Friday, May 07, 2010 2:22 PM To: NT System Admin Issues Subject: RE: Sunbelt forums down? Nah, it was just running a scan with definition versions 6272, 6273 or 6274 :) From: Alex Eckelberry [mailto:al...@sunbelt-software.com] Sent: Friday, May 07, 2010 1:00 PM To: NT System Admin Issues Subject: RE: Sunbelt forums down? Our server looks to be in need of an upgrade... that will happen this weekend. From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Friday, May 07, 2010 10:35 AM To: NT System Admin Issues Subject: Sunbelt forums down? I'm trying to get into the forums to post a question, but it's not loading up. Anyone else having problems? I tried downforeveryoneorjustme.com but I'm not sure I got the correct URL. [cid:image001.jpg@01CAEDF4.DCB25BC0][cid:image002@01caedf4.dcb25bc0] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~inline: image001.jpginline: image002.jpg
RE: Virpe does NOT reboot client machines
That option is designed for remotely restarting a system post an upgrade/update to the product. That's an explanation. As to why it's not doing it, I'm curious, can you try a remote shutdown command and see if that does it? It is perhaps a credentialing issue. From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Friday, May 07, 2010 2:34 PM To: NT System Admin Issues Subject: RE: Virpe does NOT reboot client machines Well, that may very well work, but why does Vipre offer the option to remotely restart a computer if it's not really doing to do it? I'll give that a shot next time, fwiw, but I'd like to know the answer to my question. :) [cid:image001.jpg@01CAEDF5.347F5150][cid:image002@01caedf5.347f5150] From: Michael B. Smith [mailto:mich...@smithcons.com] Sent: Friday, May 07, 2010 2:19 PM To: NT System Admin Issues Subject: RE: Virpe does NOT reboot client machines Shutdown -r -f -t 0 -m \\computernamefile:///\\computername Seems to work pretty well, IME. Regards, Michael B. Smith Consultant and Exchange MVP http://TheEssentialExchange.com From: John Aldrich [mailto:jaldr...@blueridgecarpet.com] Sent: Friday, May 07, 2010 2:10 PM To: NT System Admin Issues Subject: Virpe does NOT reboot client machines Why does Vipre offer to let you reboot client machines if it's not really doing to do it? I've told several machines to automatically reboot and they have not done so. I have ended up either going to the machine in question and manually rebooting it or logging into the machine from remote and telling it to reboot that way. [cid:image001.jpg@01CAEDF5.347F5150][cid:image002@01caedf5.347f5150] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~inline: image001.jpginline: image002.jpg
RE: Computers becoming unresponsive accross entire network.
All AV vendors have problems. Just Google (vendor) false positive or (vendor) update problem. It's just reality. When you have to build up to 20 new versions of your product daily, things go wrong. The problems with AV updates industry-wide started with the massive increase in malware about 5 years ago. Before that, FPs and update issues were a relatively rare event. But now all AV vendors are in a constant battle to keep up with the fire-hose of malware, and stuff goes wrong. The best that an AV vendor can do is to implement as many safety checks, redundancies, internal air-bags and testing that they can given the short amount of time to react to a new threat. The tough part is balancing quality against the need to protect the customer from threats. Our head of RD, Mark Patton, confesses to having nightmares about this stuff and obsesses over what we can do. We have implemented kill switches in the definition process (which we actually used this morning after we figured out what the problem was); we've implemented airbags that won't let VIPRE delete a Windows system file; we've implemented more rigorous code reviews and regression tests on new detections, and so on. We are also working on some interesting new technology, such as self-healing functionality inside of VIPRE that will self-heal a system in case a critical file is removed. Personally, I think the next frontier in the AV industry, now that vendors have mostly started figuring out how to deal with the volume of threats, is to figure out how to never do harm. It's actually a lot harder than it might sound. Alex From: Jon Harris [mailto:jk.har...@gmail.com] Sent: Friday, May 07, 2010 3:32 PM To: NT System Admin Issues Subject: Re: Computers becoming unresponsive accross entire network. PLEASE no!!! Not that the office is rolling out upgrades on Trend and I don't need another night of headaches. Jon On Fri, May 7, 2010 at 11:47 AM, David W. McSpadden dav...@imcu.commailto:dav...@imcu.com wrote: Ok. That is two bad defs in two weeks? 1 Vipre 1 McAfee? Next is Trend? -Original Message- From: Luke [mailto:tesla...@gmail.commailto:tesla...@gmail.com] Sent: Friday, May 07, 2010 11:45 AM To: NT System Admin Issues Subject: RE: Computers becoming unresponsive accross entire network. Turned out to be a bad Deff. Bad def = 6274. ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Sunbelt, McAfee, Symantec - now Clam
Not sure about that. What happens when the whitelisting vendor screws up a dat file, and you can't run any of your programs at all because they are not allowed? The problem is compounded by the fact that there are far more legitimate files released daily than there are malicious files, so whitelisting applications need to update even more than blacklisting apps. Alex -Original Message- From: Kurt Buff [mailto:kurt.b...@gmail.com] Sent: Friday, May 07, 2010 6:26 PM To: NT System Admin Issues Subject: Re: Sunbelt, McAfee, Symantec - now Clam It's called Appliation Whitelisting, methinks. On Fri, May 7, 2010 at 11:59, Andrew S. Baker asbz...@gmail.com wrote: First off, the ClamAV issue was somewhat mitigated by them telling everyone to be off of v96 for a few weeks. :) But, the reality of this situation is that signature-based host-level protection is getting to the point where the human error factor is too high. (I feel a blog entry coming up soon) In order to attack the threats that are out there, signatures need to be updated frequently, and increasing the frequency places greater burden on the QA process, and increases the risk of a self-inflicted DoS. What this signifies is that we need to start demanding a different approach to host-based protection *as the norm*, because there is now as great a chance that your system can be made ineffective from an AV update as from an actual piece of malware. AV in its current form really has to die, as there is no way for the good guys to keep up with the bad guys, leaving us vulnerable to even more foolishness from creative bad guys. -ASB: http://XeeSM.com/AndrewBaker On Fri, May 7, 2010 at 1:27 PM, Kurt Buff kurt.b...@gmail.com wrote: - Original Message Subject: [Clamav-announce] problem with daily.cvd 10938 Date: Fri, 7 May 2010 13:06:56 +0200 From: Luca Gibelli l...@clamav.net Reply-To: nore...@clamav.net To: ClamAV Announce clamav-annou...@lists.clamav.net Dear ClamAV users, about 15 mins ago we released daily.cvd 10938. This update apparently caused a segmentation fault in all ClamAV versions older than 0.96 on 32 bit systems. We just released daily.cvd 10939 which removes the faulty signature and we have taken measures to ensure that this problem won't happen again. We recommend using a monitor tool like clamdwatch or clamdmon to automatically restart clamd whenever it dies. If you are already using a similar solution, your clamd will be restarted automatically as soon as freshclam downloads the daily.cvd 10939 update. We apologise for the inconvenience. Regards, - -- Luca Gibelli (luca _at_ clamav.net) ClamAV, a GPL anti-virus toolkit [Tel] +39 0187 1851862 [Fax] +39 0187 1852252 [IM] nervous/jabber.linux.it PGP key id 5EFC5582 @ any key-server || http://www.clamav.net/gpg/luca.gpg ___ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~
RE: Sunbelt, McAfee, Symantec - now Clam
These are all forms of signatures, most particularly the hash. I suppose it's a question of nomenclature. Alex -Original Message- From: Phil Brutsche [mailto:p...@optimumdata.com] Sent: Friday, May 07, 2010 7:20 PM To: NT System Admin Issues Subject: Re: Sunbelt, McAfee, Symantec - now Clam Application whitelisting doesn't necessarily use signatures. Microsoft's AppLocker and it's predecessor, Software Restriction Policies, can whitelist based on: * folder paths * file name * file hashes * executables signed by with a software publisher's X.509 code-signing certificate Alex Eckelberry wrote: Not sure about that. What happens when the whitelisting vendor screws up a dat file, and you can't run any of your programs at all because they are not allowed? The problem is compounded by the fact that there are far more legitimate files released daily than there are malicious files, so whitelisting applications need to update even more than blacklisting apps. -- Phil Brutsche p...@optimumdata.com ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/ ~