[unisog] AV for MACS
hermit921 at yahoo.com
Mon Dec 6 20:16:14 GMT 2004
Not much here that is useful:
I, too, would like to know what they considered an attack. Most of the
attacks I see don't indicate prior knowledge of the OS they are attacking.
At 11:05 AM 12/6/2004, Russell Fulton wrote:
>On Mon, 2004-12-06 at 10:20 -0700, Jim Dillon wrote:
> > Platform Total attacks Attacks/day Attacks/hour
> > XP SP1 139,024 8,177 341
> > OS X 138,647 8,155 339
> > Win SBS 25,222 1,400 61
> > XP SP2 1,386 82 3.4
> > XP w/ZoneAlarm 848 50 2.1
> > Linspire 795 46 1.9
>I would be interested in seeing more details of this exercise. Do you
>have a url for the full write up Jim?
>The table on its own raises more questions than it answers: such as were
>the attacks actually relevant to the platform? and even more basic -
>what constitutes an attack.
>I suspect that the key thing here is the amount of firewalling the
>respective systems had, or to look at it another way, were 135-139 + 445
>In my books malicious code designed for windows but sent to a UNIX
>system is not an attack.
>All that said, our official policy is that all Mac run SAV. With the
>current version on Mac OSX people seem very happy but there are issues
>with OS9, to the point where some departments decided that it was more
>trouble that it was worth.
>With the increasing popularity of Linux on the desktop in the 'real
>world' I am now wondering when (not if) we will see a significant threat
>to Linux systems from automated malware. Remember that Linux users are
>just as vulnerable to social engineering issues as windows and macs
>users, particularly as they become less sophisticated. Perhaps I should
>rephrase that ;) --- as the linux user population includes a greater
>proportion of of less sophisticated users.
>Russell Fulton, Information Security Officer, The University of Auckland
>unisog mailing list
>unisog at lists.sans.org
More information about the unisog