[AccessD] AV Software on Servers [was Redemption DLL ]

Andy Lacey andy at minstersystems.co.uk
Sun Nov 23 04:24:46 CST 2003 

Please take this thread to dba-Tech too.

Andy Lacey
http://www.minstersystems.co.uk 

> -----Original Message-----
> From: accessd-bounces at databaseadvisors.com 
> [mailto:accessd-bounces at databaseadvisors.com] On Behalf Of Drew Wutka
> Sent: 23 November 2003 02:39
> To: 'Access Developers discussion and problem solving'
> Subject: RE: [AccessD] AV Software on Servers [was Redemption DLL ]
> 
> 
> I love everything we use from Trend, with the exception of 
> eManager, which is a spam blocking 'add-in' for ScanMail.  
> Don't get me wrong, it works, as well as most of the stuff 
> I've seen out there, but that's the problem.  It's not stellar! <grin>
> 
> Drew
> 
> -----Original Message-----
> From: John Bartow [mailto:john at winhaven.net]
> Sent: Saturday, November 22, 2003 8:32 PM
> To: Access Developers discussion and problem solving
> Subject: RE: [AccessD] AV Software on Servers [was Redemption DLL ]
> 
> 
> Drew,
> Thanks for the info, sounds like a rock solid server app.
> 
> jb
> 
> > -----Original Message-----
> > From: accessd-bounces at databaseadvisors.com
> > [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of Drew Wutka
> > Sent: Saturday, November 22, 2003 7:24 PM
> > To: 'Access Developers discussion and problem solving'
> > Subject: RE: [AccessD] AV Software on Servers [was Redemption DLL ]
> >
> >
> > Yes, ScanMail will scan the files within a zip file.  You 
> can even set 
> > how deep you want it to scan (for zips within zips).  I 
> think we are 
> > set to 5 levels.  We have never blocked .zip files, and I certainly 
> > don't plan on starting.  We do block any extension that can 
> be run off 
> > the bat, such as .exe, .com, .bat, etc.  Those are blocked 
> simply as a 
> > buffer, since brand new viruses aren't caught until Trend updates 
> > their patterns (which they do pretty fast).  Once a virus is in the 
> > pattern though, it will strip it out of zip files.
> >
> > Drew
> >
> > -----Original Message-----
> > From: John Bartow [mailto:john at winhaven.net]
> > Sent: Saturday, November 22, 2003 10:03 AM
> > To: Access Developers discussion and problem solving
> > Subject: RE: [AccessD] AV Software on Servers [was Redemption DLL ]
> >
> >
> > That's a shame.
> >
> > I would think that security and productivity should have at least 
> > equal priority in the work place :o)
> >
> > For true security to ever happen the email security people 
> are going 
> > to have to start identifying what's in a zip file rather 
> than the fact 
> > that its a zip file. Most AV scanners can already scan zip 
> contents so 
> > I would think that if a message came through with a zip attachment 
> > that the zip attachment's contents could be scanned for problems 
> > rather than just assuming that its a problem because its a 
> zip. Even 
> > if they pulled the email
> > aside and processed it out of stream rather than doing it 
> directly and
> > clogging up the system it would be preferable to just deleting it!
> >
> > Hey Drew can Trend Micro's system do that?
> >
> > Of course if they scan the zip - then .mdbs can't be considered 
> > dangerous either. FMS has a free virus scanner for .mdbs I 
> wonder if 
> > its worthwhile? If one could write a script to scan .mdbs 
> with FMS AV 
> > scanner it could eliminating the whole annoying process of not 
> > allowing .mdb attachments. (Of course I always zip my mdbs because 
> > they usually compress about 80% so I'm
> > back to the first argument...   now I'm just babbling...
> > :o)
> >
> > What say we get some big company to put a bounty out on the 
> heads of 
> > virus writers?
> > ;o)
> >
> >
> >
> > > -----Original Message-----
> > > From: accessd-bounces at databaseadvisors.com
> > > [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of Martin 
> > > Reid
> > > Sent: Saturday, November 22, 2003 8:23 AM
> > > To: Access Developers discussion and problem solving
> > > Subject: Re: [AccessD] AV Software on Servers [was 
> Redemption DLL ]
> > >
> > >
> > > Thats just how we do it in work. PITA but gets us past the email 
> > > people.
> > >
> > > Martin
> > >
> > >
> > > > Oh, yes, there always have to have some people that overdo 
> > > > everything, beside scanning .mdb how about not allowing .zip 
> > > > extensions in email?!
> > > Then
> > > > of course you have people who resort to changing the file 
> > > > extension on
> > > your
> > > > zipped files to .txt and instructing the person on other end to
> > > change it
> > > > back. That's good covenient security.
> > > >
> > > > > -----Original Message-----
> > > > > From: accessd-bounces at databaseadvisors.com
> > > > > [mailto:accessd-bounces at databaseadvisors.com]On Behalf Of
> > > MartyConnelly
> > > > > Sent: Friday, November 21, 2003 1:39 AM
> > > > > To: Access Developers discussion and problem solving
> > > > > Subject: Re: [AccessD] AV Software on Servers [was Redemption 
> > > > > DLL ]
> > > > >
> > > > >
> > > > > Depends on what file extensions are scanned on a network
> > > server. I keep
> > > > > a special stick to poke network guys who insist on scanning
> > > ldb and mdb
> > > > > file types among others. Scanning a 300MB file on-access can 
> > > > > bring things to a grinding halt.
> > > > >
> > > > > Stuart McLachlan wrote:
> > > > >
> > > > > >On 20 Nov 2003 at 20:40, John W. Colby wrote:
> > > > > >
> > > > > >
> > > > > >
> > > > > >>Stuart,
> > > > > >>
> > > > > >>I personally don't say it has no place in the world.  The
> > > unfortunate
> > > > > >>reality is that there are millions of machines out 
> there used
> > > > > by individuals
> > > > > >>in their homes (or small office) who are too ignorant to run
> > > > > virus checkers.
> > > > > >>THESE users should indeed install the service patch so that
> > > > > they only screw
> > > > > >>up their own machines when the virus hits them.  It 
> simply has
> > > > > no place in a
> > > > > >>business where they should be running AV software.
> > > > > >>
> > > > > >>
> > > > > >>
> > > > > >
> > > > > >Which brings us on to another question, prompted 
> recently by a 
> > > > > >client.
> > > > > >
> > > > > >What is your option on running anti-virus software 
> on network 
> > > > > >servers? (Assuming that you do run on-access 
> scanning software 
> > > > > >on the
> > > > > >workstations)
> > > > > >
> > > > > >Note:
> > > > > >X-posted to <dba-tech at databaseadvisors.com>
> > > > > >All follow ups to that list only. Please!
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > > --
> > > > > Marty Connelly
> > > > > Victoria, B.C.
> > > > > Canada
> > > > >
> > > > >
> > > > >
> > > > > _______________________________________________
> > > > > AccessD mailing list
> > > > > AccessD at databaseadvisors.com 
> > > > > http://databaseadvisors.com/mailman/listinfo/accessd
> > > > > Website: http://www.databaseadvisors.com
> > > > >
> > > > >
> > > >
> > > >
> > > > _______________________________________________
> > > > AccessD mailing list
> > > > AccessD at databaseadvisors.com 
> > > > http://databaseadvisors.com/mailman/listinfo/accessd
> > > > Website: http://www.databaseadvisors.com
> > > >
> > > > _______________________________________________
> > > > AccessD mailing list
> > > > AccessD at databaseadvisors.com 
> > > > http://databaseadvisors.com/mailman/listinfo/accessd
> > > > Website: http://www.databaseadvisors.com
> > > >
> > >
> > > _______________________________________________
> > > AccessD mailing list
> > > AccessD at databaseadvisors.com 
> > > http://databaseadvisors.com/mailman/listinfo/accessd
> > > Website: http://www.databaseadvisors.com
> > >
> > >
> >
> >
> > _______________________________________________
> > AccessD mailing list
> > AccessD at databaseadvisors.com 
> > http://databaseadvisors.com/mailman/listinfo/accessd
> > Website: http://www.databaseadvisors.com 
> > _______________________________________________
> > AccessD mailing list
> > AccessD at databaseadvisors.com 
> > http://databaseadvisors.com/mailman/listinfo/accessd
> > Website: http://www.databaseadvisors.com
> >
> >
> 
> 
> _______________________________________________
> AccessD mailing list
> AccessD at databaseadvisors.com 
> http://databaseadvisors.com/mailman/listinfo/a> ccessd
> Website: 
> http://www.databaseadvisors.com 
> _______________________________________________
> AccessD mailing list
> AccessD at databaseadvisors.com 
> http://databaseadvisors.com/mailman/listinfo/a> ccessd
> Website: 
> http://www.databaseadvisors.com
> 
>

More information about the AccessD mailing list