Anit-Virus help for all of us??????
ryan at viaccess.net
Tue Nov 25 17:21:20 UTC 2003
Having sat up until the wee hours of the AM last night cleaning up virus
traffic on one of my private nets (an inhouse private net at that) i was
giving this some thought. It seems that as with all things, knowledge is
power. While all of the machines on the floor where the net op's team
lives where fine (mostly windows), the entire call center was infected
(entirely windows). When i went downstairs and spoke with them i was
suprised (ok not really) to find that none of them knew how to run windows
update or had ever heard of the xp firewall feature. They are in the
process of being jailed behind thier own nat with heavy ACL's. It's
something of a difficult spot. Modern society does not hand out cars to
every Tom that can afford one. They make you pass a test and obtain a
license first. Why? Because if you don't know what your doing and
understand some basic safety procedures, you are a danger to other people.
But any Joe with $400 can get on the internet and cause havok. Now
understand me here, I'm not trying to start a "we should license internet
users" war here. That would be silly. The trick here lies in this: the
gvmt (im speaking of US roadways here) has something to the effect of a
monopoly on roads. Don't want to get thier lisence? Don't drive on thier
roads.. The internet doesn't have that simplicity. So the question is: how
to convince "the users" that there are things they really should know and
practice in the interest of everyone's safety? Unfortunatly like everyone
else, I don't have the answer. Just another way of looking at it. I have
learned however that trying to fix a behavioral problem with technology
generally doesn't work. Untill "the users" in general get a little smarter
about thier new toy, things won't get much better.
That said someone made an interesting comment pertaining to whom it was
that was selling the vulnerable machines. While not particularly usefull
for much, it might be amusing to get some nice granular data on infected
hosts brandnames. Be entertaining to see who's default config is the least
Anyway. Just a thought i had been muddling with hehe. Sorry to clutter the
list with it. If anyone wants to chat about it drop me a line off list.
> Er... two or three obvious reasons - there might be more.
> # Users not updating their virus / firewall definitions, not paying for
> new definitions after their year of free definitions is done.
> # Users leaving open windows shares, clicking on random windows
> attachments etc
> # Viruses keeping one step ahead of antivirus vendors
Like the ski resort of girls looking for husbands and husbands looking
for girls, the situation is not as symmetrical as it might seem.
More information about the NANOG