RE: Important info on Sobig.F
- From: "John Tolmachoff \(Lists\)" <johnlist@xxxxxxxxxxxxxxxxxxx>
- To: "'[ISAserver.org Discussion List]'" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 26 Aug 2003 10:17:49 -0700
FWIW, many of us have pounded on F-Prot about virus def delays over time. It
seems there responses have improved, except for the recent problem with
MSBlaster.
You are right though, since all these AV programs are created by humans,
perfections is lacking.
John Tolmachoff MCSE CSSA
Engineer/Consultant
eServices For You
www.eservicesforyou.com
> -----Original Message-----
> From: William Robertson [mailto:robertson.william@xxxxxxxxxxxxxx]
> Sent: Monday, August 25, 2003 10:19 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Important info on Sobig.F
>
> http://www.ISAserver.org
>
>
> Hi John
>
> Thanks for your input. It's always good to hear other viewpoints on this
> obviously crucial topic.
>
> Although I understand all the points you mention, I do know that FSecure
has
> given me an immense number of headaches ever since CIH and Nimda came out.
> Suffice it to say that we had Nimda on site for about 2 weeks before we
were
> able to kill it (with an illegal copy of some other software...)
>
> I think all this points out is that everybody has their own opinion of an
AV
> product based on their good/bad experiences in the past. I am beginning to
> think that it is almost impossible to get the "perfect" product and that
one
> just has to keep hoping for the best.
>
> Anyway, thanks again for your input.
>
> Cheers
> William R.
>
>
> -----Original Message-----
> From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
> Sent: 25 August 2003 17:21 PM
> To: [ISAserver.org Discussion List]
> Subject: [isalist] RE: Important info on Sobig.F
>
> http://www.ISAserver.org
>
>
> Point 1: New Dell computers come with a free McAfee AV software. Last
week,
> a clients new Dell got infected with Sobig. Ran the McAfee On-Line scanner
> that was installed on the clients computer, and it came up clean. Ran the
> Symantec On line scan, and it found Sobig.
>
> Point 2: In an ISP type environment, for use to scan all incoming and
> outgoing messages on an e-mail server, CA best price for best customer was
> $2.50 per mail box per year. Completely out of this world. What this means
> is they have their focus markets and give a rats a** about everything
else.
>
> Point 3: The Trend AV Gateway product for Exchange (I do not remember the
> name right now) by default installation ALLOWS open relay. This was set up
> by a former support company for a client using all default settings on an
> Exchange server. That server became an open relay. It took be 3 days to
find
> the problem, after going through every configuration on Exchange. It was
the
> Trend gateway product. Yes, it can be configured to not allow open relay,
> but you had to find it and configure it.
>
> Point 4: I have been using Symantec Corp edition on all LAN computers and
> clients without any problems in 2 1/2 years.
>
> Point 5: I use F-Prot for scanning all incoming and outgoing messages on
my
> e-mail server. Yes, F-Prot is sometimes slow on updating definitions. Yes,
> there support is slow. What is good is the price and speed of the scanning
> engine. The scanning software for messaging I use allows multiple AV
> scanning engines, and I will be adding a second later this year when I
have
> time. Probably either Gristoft or another one.
>
> Point 6: McAfee Enterprise 7.0 did not pick up Sobig for 3 days, and then
> required a manual update of the def file.
>
> Point 7: Most major AV scanners are priced out of the range for use in
> scanning messages on a mail server in an ISP environment. (Sophos, Trend,
> Symantec, McAfee.)
>
> John Tolmachoff MCSE CSSA
> Engineer/Consultant
> eServices For You
> www.eservicesforyou.com
>
> > -----Original Message-----
> > From: William Robertson [mailto:robertson.william@xxxxxxxxxxxxxx]
> > Sent: Monday, August 25, 2003 3:11 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Important info on Sobig.F
> >
> > http://www.ISAserver.org
> >
> >
> > Hi John
> >
> > Without wanting to do any form of product-bashing, I would be very
> > interested in understanding your viewpoint on products such as F-Secure,
> > eTrust/McAfee etc. If you have the time to jot a few technical points
down
> > on why you prefer a specific product I would be most interested.
> >
> > Thanks
> > William R.
> >
> >
> > -----Original Message-----
> > From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
> > Sent: 23 August 2003 02:41 AM
> > To: [ISAserver.org Discussion List]
> > Subject: [isalist] RE: Important info on Sobig.F
> >
> > http://www.ISAserver.org
> >
> >
> > I do not like any AV product from CA/McAfee.
> >
> > John Tolmachoff MCSE CSSA
> > Engineer/Consultant
> > eServices For You
> > www.eservicesforyou.com
> >
> >
> > > -----Original Message-----
> > > From: armando nila [mailto:armando420@xxxxxxxx]
> > > Sent: Friday, August 22, 2003 5:28 PM
> > > To: [ISAserver.org Discussion List]
> > > Subject: [isalist] RE: Important info on Sobig.F
> > >
> > > http://www.ISAserver.org
> > >
> > >
> > > What does that mean?
> > >
> > >
> ________________________________________________________________
> > > The best thing to hit the internet in years - Juno SpeedBand!
> > > Surf the web up to FIVE TIMES FASTER!
> > > Only $14.95/ month - visit www.juno.com to sign up today!
> > >
> > > ------------------------------------------------------
> > > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > > ------------------------------------------------------
> > > Other Internet Software Marketing Sites:
> > > Leading Network Software Directory: http://www.serverfiles.com
> > > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > > Windows Security Resource Site: http://www.windowsecurity.com/
> > > Network Security Library: http://www.secinf.net/
> > > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > > ------------------------------------------------------
> > > You are currently subscribed to this ISAserver.org Discussion List as:
> > > johnlist@xxxxxxxxxxxxxxxxxxx
> > > To unsubscribe send a blank email to
> $subst('Email.Unsub')
> >
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> > robertson.william@xxxxxxxxxxxxxx
> > To unsubscribe send a blank email to
$subst('Email.Unsub')
> >
> > ---------------------------------------------------------------------
> > Everything in this e-mail and attachments relating to the official
> > business of Columbus Stainless is proprietary to the company. It is
> > confidential, legally privileged and protected by law. Columbus
> > Stainless does not own and endorse any other content. Views and
> > opinions are those of the sender unless clearly stated as being that
> > of Columbus Stainless. The person addressed in the e-mail is the sole
> > authorised recipient. Please notify the sender immediately if it has
> > unintentionally reached you and do not read, disclose or use the
> > content in any way. Whilst all reasonable steps are taken to ensure
> > the accuracy and integrity of information and data transmitted
> > electronically and to preserve the confidentiality thereof, no
> > liability or responsibility whatsoever is accepted if information or
> > data is,for whatever reason, corrupted or does not reach its intended
> > destination.
> > ---------------------------------------------------------------------
> >
> > ------------------------------------------------------
> > List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> > ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> > ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> > ------------------------------------------------------
> > Other Internet Software Marketing Sites:
> > Leading Network Software Directory: http://www.serverfiles.com
> > No.1 Exchange Server Resource Site: http://www.msexchange.org
> > Windows Security Resource Site: http://www.windowsecurity.com/
> > Network Security Library: http://www.secinf.net/
> > Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> > ------------------------------------------------------
> > You are currently subscribed to this ISAserver.org Discussion List as:
> > johnlist@xxxxxxxxxxxxxxxxxxx
> > To unsubscribe send a blank email to
$subst('Email.Unsub')
>
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> robertson.william@xxxxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
>
> ---------------------------------------------------------------------
> Everything in this e-mail and attachments relating to the official
> business of Columbus Stainless is proprietary to the company. It is
> confidential, legally privileged and protected by law. Columbus
> Stainless does not own and endorse any other content. Views and
> opinions are those of the sender unless clearly stated as being that
> of Columbus Stainless. The person addressed in the e-mail is the sole
> authorised recipient. Please notify the sender immediately if it has
> unintentionally reached you and do not read, disclose or use the
> content in any way. Whilst all reasonable steps are taken to ensure
> the accuracy and integrity of information and data transmitted
> electronically and to preserve the confidentiality thereof, no
> liability or responsibility whatsoever is accepted if information or
> data is,for whatever reason, corrupted or does not reach its intended
> destination.
> ---------------------------------------------------------------------
>
> ------------------------------------------------------
> List Archives: http://www.webelists.com/cgi/lyris.pl?enter=3Disalist
> ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
> ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=3DFAQ
> ------------------------------------------------------
> Other Internet Software Marketing Sites:
> Leading Network Software Directory: http://www.serverfiles.com
> No.1 Exchange Server Resource Site: http://www.msexchange.org
> Windows Security Resource Site: http://www.windowsecurity.com/
> Network Security Library: http://www.secinf.net/
> Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
> ------------------------------------------------------
> You are currently subscribed to this ISAserver.org Discussion List as:
> johnlist@xxxxxxxxxxxxxxxxxxx
> To unsubscribe send a blank email to $subst('Email.Unsub')
Other related posts:
