[unisog] Dropping executables - who does it?

Brian Eckman eckman at umn.edu
Fri Feb 6 23:11:40 GMT 2004


Valdis.Kletnieks at vt.edu wrote:
> And putting an  A/V tool that detects Windows virus makes my *AIX* box
> safer how, exactly?
> 
> To be fair, a number of people seem to have missed this one - several
> people have recommended Sophos as well.  The point is that saying "you
> must have an A/V installed to connect to the net" is a *stupid* and
> *wasteful* requirement if your platform doesn't *have* a virus problem.
> 
> It's kind of like saying "because cats can get feline leukemia, and
> cats can be vaccinated against it, and it makes sense to require that
> you can't bring your cat to XYZ without proof of immunization because
> other cats will be there too, your dog can't come without being
> vaccinated for feline leukemia".

Point well taken. The reason our policy is worded as such is so that it 
does not appear "biased" against any particular OS. It does allow 
exceptions for situations where "anti-virus protection is not feasible".

I personally think the policy should explicitly say Windows machines 
must run AntiVirus. But I've got better things to do than pick nits. And 
I don't write policy.

Brian
-- 
Brian Eckman
Security Analyst
OIT Security and Assurance
University of Minnesota



More information about the unisog mailing list