[unisog] AV for MACS

Russell Fulton r.fulton at auckland.ac.nz
Mon Dec 6 19:05:20 GMT 2004

On Mon, 2004-12-06 at 10:20 -0700, Jim Dillon wrote:

> Platform    Total attacks     Attacks/day     Attacks/hour
> XP SP1      139,024           8,177           341
> OS X        138,647      	8,155           339
> Win SBS      25,222           1,400            61
> XP SP2        1,386              82             3.4
> XP w/ZoneAlarm  848              50             2.1
> Linspire        795              46             1.9

I would be interested in seeing more details of this exercise.  Do you
have a url for the full write up Jim?

The table on its own raises more questions than it answers: such as were
the attacks actually relevant to the platform? and even more basic -
what constitutes an attack.

I suspect that the key thing here is the amount of firewalling the
respective systems had, or to look at it another way, were 135-139 + 445

In my books malicious code designed for windows but sent to a UNIX
system is not an attack.

All that said, our official policy is that all Mac run SAV.  With the
current version on Mac OSX people seem very happy but there are issues
with OS9, to the point where some departments decided that it was more
trouble that it was worth.

With the increasing popularity of Linux on the desktop in the 'real
world' I am now wondering when (not if) we will see a significant threat
to Linux systems from automated malware.  Remember that Linux users are
just as vulnerable to social engineering issues as windows  and macs
users, particularly as they become less sophisticated.  Perhaps I should
rephrase that ;)  --- as the linux user population includes a greater
proportion of of less sophisticated users.

Cheers, Russell

Russell Fulton, Information Security Officer, The University of Auckland
New Zealand

More information about the unisog mailing list