locked
Conflicker: protection against viruses? RRS feed

  • General discussion

  • I have never been a supporter of the hype associated with antivirus software.

    I still support the idea that the best deference is still the human brain.

    (Besides, If I wanted my PC to boot and run slower I would not have bothered to buy a faster one)

         Conflicker isn't new but is news to me.

    I just read the big splash on CNN's web page this morning.

     Sales of Symantec should be way up.

    Sometimes I wonder, who starts these worms, Apple or Symantec? (LOL)

    Is your  vulnerability  not increased by allowing automatically configured back doors through the firewall?

    I am running a third party firewall manually configured to only allow approved applications and the static IP addresses of PC's on my network.  I  have disabled all services which had ports open.
    That means, I do not have access to Windows updates.
    Oh well,
    I have never had any security breaches. (yet)

    Thanks Rob

    • Edited by Shwarob Wednesday, April 1, 2009 12:56 PM comma
    Wednesday, April 1, 2009 12:46 PM

All replies

  • I agree for the most part. 

    Personally I have not run file-based antivirus software on my computer for years, but I do not recommend this for the average user. 

    Also, in business environments blocking all inbound traffic with the firewall isn’t always possible.   Conficker for example leverages the file and print sharing (SMB 445) which needs to be open in many networks for any meaningful network use.  Having antivirus deployed to workstations helps deal with outbreaks and infections in a centrally managed way.

     


    Mike Crowley A+, Network+, Security+, MCT, MCSE, MCTS, MCITP: Enterprise Administrator / Messaging Administrator
    Do you still have Exchange 2000?  Looking to upgrade to Exchange 2010?  Read how.

    Thursday, September 3, 2009 3:56 AM
  • You don't have any security breaches that you know of :)

    If your not running AV, how do you know unless the malware is fairly misbehaved?

    Blocking ports at the firewall will do nothing if someone gets an email attachment that has a worm that can spread unhindered on your network, or someone connects up an infected laptop, or someone browses a web site that has itself been infected and is serving up malware.

     

    Patches can be deployed via WSUS without allowing machines access to the internet or to windowsupdate.

     

    It’s prudent to protect the machines on all fronts, and keep abreast of the current threats that are out there (not just threats that are well over 6 months old)

     

    Thursday, September 3, 2009 11:39 PM
  • Really cant argue with that.  But you should also take it as a compliment.  5 years ago viruses were a much bigger mess than they are now.  Operating systems (windows) and apps are more hardened now.  Devs have a more security-focused mindset too.

    Threats emerge, sure, but I think the virus of yesterday isnt the one of tomorrow.

    And of course, part of the sense (false or otherwise) of confidence is knowing email, is scanned first.

    :)

    Mike Crowley A+, Network+, Security+, MCT, MCSE, MCTS, MCITP: Enterprise Administrator / Messaging Administrator
    Do you still have Exchange 2000?  Looking to upgrade to Exchange 2010?  Read how.

    Friday, September 4, 2009 2:38 AM