[unisog] Dropping executables - who does it?

Michael Janke Michael.Janke at csu.mnscu.edu
Mon Feb 9 18:53:35 GMT 2004


We require that any server that shares files be protected. If a Linux
box runs Samba, then it must run real-time AV software to prevent it
from becoming a transport mechanism for PC viruses. If it doesn't share
files the no protection needed.

We also require e-mail to be Virus scanned. We drop executables, but
that is not written in policy. 

Our standard:

    *   All Servers shall be protected by a file integrity checking
mechanism to insure integrity of OS and application files.
    * All file sharing Servers shall implement and maintain a malicious
software protection mechanism approved by the Information Security
Manager or designee.

--Mike

___________________________________
Michael Janke
Director, Network Services
Minnesota State Colleges and Universities
1450 Energy Park Drive Suite 300
St Paul MN 55108
Voice:651-649-5982 Fax: 651-649-5770
NEW Cell: 612-964-3340 


___________________________________
Michael Janke
Director, Network Services
Minnesota State Colleges and Universities
1450 Energy Park Drive Suite 300
St Paul MN 55108
Voice:651-649-5982 Fax: 651-649-5770
NEW Cell: 612-964-3340 


>>> <Valdis.Kletnieks at vt.edu> 2/6/2004 5:27:28 PM >>>
On Fri, 06 Feb 2004 17:11:40 CST, Brian Eckman said:

> Point well taken. The reason our policy is worded as such is so that
it 
> does not appear "biased" against any particular OS. It does allow 
> exceptions for situations where "anti-virus protection is not
feasible".

Oh, OK.. that covers the problem well enough. ;)

I'm harping on it mostly because I've received too many reports of
sites that have gotten very medieval about it, and not granting
exceptions just because the box is essentially immune to viruses and
there's no real products to scan for native viruses because no in the
wild
native viruses are known to exist...

Unfortunately, the world is full of PHB's who are too clueless to
enter
into the competition for a Darwin Award, no matter now deserving they
are. ;)

> I personally think the policy should explicitly say Windows machines

> must run AntiVirus.

If you ever get a chance to write policy, make sure you add in a
clause
that Windows users must attend a 'Computer Safety" course before being
allowed to use the net.  If the powers that be object, point out that
your groundskeepers have to take safety training before they're
issued lawnmowers (they *are* required to, right? ;), even though a
fool
with a lawnmower would be hard-pressed to do something so blazingly
stupid
that it would shut down the entire university for a day - but you're
willing to let untrained secretaries loose with equipment that can do
it
with one mouse click?



More information about the unisog mailing list