[Dshield] vunerability windows

Chuck Lewis clewis at iquest.net
Fri Feb 6 17:00:55 GMT 2004


I agree with what you say, but that last paragraph, will true, gets harder.
These more recent virus offerings have gotten very good at masking
themselves to normal users. If these users are used to getting emails from
workers or friends that contain attachments, when a virus reads ones address
list and fires these off, it is, unfortunately, more challenging for these
users. That is, as had been stated, this stuff needs to be trapped at the
email server and never even get to our users :-)



-----Original Message-----
From: list-bounces at dshield.org [mailto:list-bounces at dshield.org] On Behalf
Of Erwin Van de Velde
Sent: Friday, February 06, 2004 11:22 AM
To: General DShield Discussion List
Subject: Re: [Dshield] vunerability windows


On Friday 06 February 2004 13:25, Andy Streule wrote:

> I was wondering what peoples ideas were on how to mimise the windows.
> The other day I wondered why anti-virus vendors arent getting into mail
> clients. Or microsoft needs to be getting into antivirus a lot faster. It
> would seem logical to me that for the home user market, the time has come
> for anti-virus software to be integrated with mail clients and for some
> mechanism to exist to quarantine attachments for say 12 hours, to ensure
> updates are most likely avaliable for any new virus.

I can't tell for other AV software, but NAV integrates with outlook express 
sufficiently for me: it checks in and outgoing e-mail.
Quarantine doesn't seem that good to me, as I don't always want to wait for
new and exciting mail attachments :-)
For instance, if I'm working in a team on a project, and we want to mail 
eachother files (word documents for instance, or programs or ...)
If I allways have to wait 12 hours, it would decrease my performance 
dramatically :-)

> Also auto-update should be on by default and sufficiently hidden so the
> average n00b cant turn it off. ;-)
I fully agree with this.

Further, the only way to contain viruses more rapidly is, in my opinion, an 
upgrade of the users, rather than of the software. It still amazes me that
many people keep opening suspicious attachments. 
But then.... there is no easy way to program brains - yet ;-)

Erwin Van de Velde
Student of University of Antwerp

list mailing list
list at dshield.org
To change your subscription options (or unsubscribe), see:

More information about the list mailing list