Re: [Full-Disclosure] New MyDoom or Netsky variant?

[Niek Baakman <niekbaakman@xxxxxxx>]

Bart.Lansing@xxxxxxxxx wrote:

> Niek,
>
>  Symantec only updates HOME users though Live Update once or so a week 
> unless there is something critical (and of course you can go to them and 
> obtain new sigs more frequently, just that you have to go do it). 
>
> This has nothing at all to do with the speed or frequency of updates for 
> enterprise users.  We routinely see mulitple updates in a day, in some 
> "firefights" we have seen them back to back as close as 15 minutes to each 
> other.  As far as not using Symantec on a mail server, we certainly do, in 

Perhaps their enterprise anti-virus suite.
Their corporate version, and home user version certainly does not
(haven't had the time to test corp. 9.0)

Symantec choses to ignore the less important viruses, and releases
a big update 2-3 times per week. Even not so wild spread viruses are a real 
danger.
Machines get infected with malware/backdoors, in turn get abused as spam 
zombies.
Of course one would argue only home users should fall victim to having their
machines abused by spammers, as corporate desktops are/should be protected
by decent firewalls.

But this lacks updating of the fastest growing market (broadband users)
is affecting others (have to deal with spam/virus).

So what do home and corporate (again haven't seen 9.0 yet) symantec users have 
to do ?
Manually retrieve symantec updates with scripts/task scheduler.
Most don't, and viruses have a 1 day window of opportunity.

> tandem with Trend.  Let me ask you Niek, just what is it you use to 
> protect the thousands of desktops you are responsible for?

Mail security: qmail with sophos/clamav as Exchange front end
Desktop: Sophos

Regards,

Niek Baakman

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html