[AccessD] AV Software on Servers [was Redemption DLL ]

Drew Wutka DWUTKA at marlow.com
Sat Nov 22 19:24:06 CST 2003 

Yes, ScanMail will scan the files within a zip file.  You can even set how
deep you want it to scan (for zips within zips).  I think we are set to 5
levels.  We have never blocked .zip files, and I certainly don't plan on
starting.  We do block any extension that can be run off the bat, such as
.exe, .com, .bat, etc.  Those are blocked simply as a buffer, since brand
new viruses aren't caught until Trend updates their patterns (which they do
pretty fast).  Once a virus is in the pattern though, it will strip it out
of zip files.

Drew

-----Original Message-----
From: John Bartow [mailto:john at winhaven.net]
Sent: Saturday, November 22, 2003 10:03 AM
To: Access Developers discussion and problem solving
Subject: RE: [AccessD] AV Software on Servers [was Redemption DLL ]


That's a shame.

I would think that security and productivity should have at least equal
priority in the work place :o)

For true security to ever happen the email security people are going to have
to start identifying what's in a zip file rather than the fact that its a
zip file. Most AV scanners can already scan zip contents so I would think
that if a message came through with a zip attachment that the zip
attachment's contents could be scanned for problems rather than just
assuming that its a problem because its a zip. Even if they pulled the email
aside and processed it out of stream rather than doing it directly and
clogging up the system it would be preferable to just deleting it!

Hey Drew can Trend Micro's system do that?

Of course if they scan the zip - then .mdbs can't be considered dangerous
either. FMS has a free virus scanner for .mdbs I wonder if its worthwhile?
If one could write a script to scan .mdbs with FMS AV scanner it could
eliminating the whole annoying process of not allowing .mdb attachments. (Of
course I always zip my mdbs because they usually compress about 80% so I'm
back to the first argument...   now I'm just babbling...
:o)

What say we get some big company to put a bounty out on the heads of virus
writers?
;o)



> -----Original Message-----
> From: accessd-bounces at databaseadvisors.com
> [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of Martin Reid
> Sent: Saturday, November 22, 2003 8:23 AM
> To: Access Developers discussion and problem solving
> Subject: Re: [AccessD] AV Software on Servers [was Redemption DLL ]
>
>
> Thats just how we do it in work. PITA but gets us past the email people.
>
> Martin
>
>
> > Oh, yes, there always have to have some people that overdo everything,
> > beside scanning .mdb how about not allowing .zip extensions in email?!
> Then
> > of course you have people who resort to changing the file extension on
> your
> > zipped files to .txt and instructing the person on other end to
> change it
> > back. That's good covenient security.
> >
> > > -----Original Message-----
> > > From: accessd-bounces at databaseadvisors.com
> > > [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of
> MartyConnelly
> > > Sent: Friday, November 21, 2003 1:39 AM
> > > To: Access Developers discussion and problem solving
> > > Subject: Re: [AccessD] AV Software on Servers [was Redemption DLL ]
> > >
> > >
> > > Depends on what file extensions are scanned on a network
> server. I keep
> > > a special stick to poke network guys who insist on scanning
> ldb and mdb
> > > file types among others. Scanning a 300MB file on-access can bring
> > > things to a grinding halt.
> > >
> > > Stuart McLachlan wrote:
> > >
> > > >On 20 Nov 2003 at 20:40, John W. Colby wrote:
> > > >
> > > >
> > > >
> > > >>Stuart,
> > > >>
> > > >>I personally don't say it has no place in the world.  The
> unfortunate
> > > >>reality is that there are millions of machines out there used
> > > by individuals
> > > >>in their homes (or small office) who are too ignorant to run
> > > virus checkers.
> > > >>THESE users should indeed install the service patch so that
> > > they only screw
> > > >>up their own machines when the virus hits them.  It simply has
> > > no place in a
> > > >>business where they should be running AV software.
> > > >>
> > > >>
> > > >>
> > > >
> > > >Which brings us on to another question, prompted recently by a
> > > >client.
> > > >
> > > >What is your option on running anti-virus software on network
> > > >servers?
> > > >(Assuming that you do run on-access scanning software on the
> > > >workstations)
> > > >
> > > >Note:
> > > >X-posted to <dba-tech at databaseadvisors.com>
> > > >All follow ups to that list only. Please!
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > >
> > > --
> > > Marty Connelly
> > > Victoria, B.C.
> > > Canada
> > >
> > >
> > >
> > > _______________________________________________
> > > AccessD mailing list
> > > AccessD at databaseadvisors.com
> > > http://databaseadvisors.com/mailman/listinfo/accessd
> > > Website: http://www.databaseadvisors.com
> > >
> > >
> >
> >
> > _______________________________________________
> > AccessD mailing list
> > AccessD at databaseadvisors.com
> > http://databaseadvisors.com/mailman/listinfo/accessd
> > Website: http://www.databaseadvisors.com
> >
> > _______________________________________________
> > AccessD mailing list
> > AccessD at databaseadvisors.com
> > http://databaseadvisors.com/mailman/listinfo/accessd
> > Website: http://www.databaseadvisors.com
> >
>
> _______________________________________________
> AccessD mailing list
> AccessD at databaseadvisors.com
> http://databaseadvisors.com/mailman/listinfo/accessd
> Website: http://www.databaseadvisors.com
>
>


_______________________________________________
AccessD mailing list
AccessD at databaseadvisors.com
http://databaseadvisors.com/mailman/listinfo/accessd
Website: http://www.databaseadvisors.com

More information about the AccessD mailing list