<<<
Chronological Index
>>> <<<
Thread Index
>>>
RE: Re[2]: [ga] Reliability of the Internet - the silent battle - part 2
|> From: William X Walsh [mailto:william@wxsoft.info]
|> Sent: Wednesday, November 07, 2001 3:02 AM
|>
|> Wednesday, Wednesday, November 07, 2001, 3:04:31 AM, Roeland
|> Meyer wrote:
|> > My filters had already renamed it to the DAT type, which
|> is a non-executable
|> > type under windows, and I manually deleted the attachment
|> from the message.
|> > Apparently, that was unsuccessful. If Norton detected it
|> then either NAV is
|> > using external message data or I indeed failed to remove
|> the attachment.
|>
|> It must have used the external data, my copy that come from the list
|> did not have the attachment.
Thanks William. This indicates a problem with NAV. It's not the first time
that NAV has shown false-positives. Only binary scans of the actual
attachment is valid. Basing detection on external data isn't. I'm glad to
hear that my kill methods worked though, as I said, I wont be doing that
again soon. I am saddened to hear that Norton Anti-Virus, any edition, may
not be adequate.
It does prove another point, however, that there is no magic bullet for
these things. MHSC servers withstood Code Red and Nimda attacks, for two
solid weeks, that were sufficiently severe to use 80% of our WAN bandwidth,
24x7x2. It was a PITA, but I let it run because the servers seemed to be
holding up well. Good architecture and systems policies are the only real
answer and that takes a knowlegable hand at the tiller. A "magic" program,
by itself, isn't going to save your servers. They have flaws too.
Now that I've left everyone with that comforting thought, g'night all.
--
This message was passed to you via the ga-full@dnso.org list.
Send mail to majordomo@dnso.org to unsubscribe
("unsubscribe ga-full" in the body of the message).
Archives at http://www.dnso.org/archives.html
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|