-
1
- #1
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
virus software 1
- Thread starter cptkirkh
- Start date
Empeethree
IS-IT--Management
not an expert by no means, but I use Antigen from Sybari ( it works pretty flawlessly, although it is the only program of it's type I have tried so I couldn't compare it to anything else.
From what I've seen on Sybari, it doesn't seem all that dissimilar from the Symantec product that I've just implemented. I've implemented the Norton Antivirus Corporate Edition and also implemented Norton Antivirus for Microsoft Exchange v2.0, and thus far it's caught everything coming in the server.
In fact it caught the 'Snow White and the Seven Dwarfs' e-mail virus that just started heading our way.
I give Symantec NAV a big thumbs up! Jason Wilder
IT/CAD Manager
In fact it caught the 'Snow White and the Seven Dwarfs' e-mail virus that just started heading our way.
I give Symantec NAV a big thumbs up! Jason Wilder
IT/CAD Manager
We decided on Trend ScanMail on Exchange but we use NAV Corp Ed for everything else. ScanMail works great. The install and config was simple enough and it has stopped every virus in its tracks including the recent Snow White and Kournikova. The only problem is it doesn't scan outgoing attachments. We have to trust that NAV is keeping us from sending out viruses.
Guest_imported
New member
- Jan 1, 1970
- 0
Read This if you are using scanmail
*** {01.14.034} Win - Trend Micro ScanMail for Exchange exposes
administrative credentials
Trend Micro's ScanMail for Exchange has been found to use a weak
encoding scheme to store the administrative credentials used by the
service in the Windows registry. The registry keys allow anyone full
access, which may allow an attacker to gain the encoded credentials,
decode them and use them to log into the specified domain with
administrative privileges.
The advisory indicates that the vendor has confirmed the problem and
recommends changing the ACLs on the appropriate registry keys (list in
advisory below) as a workaround.
Source: NTBugtraq
*** {01.14.034} Win - Trend Micro ScanMail for Exchange exposes
administrative credentials
Trend Micro's ScanMail for Exchange has been found to use a weak
encoding scheme to store the administrative credentials used by the
service in the Windows registry. The registry keys allow anyone full
access, which may allow an attacker to gain the encoded credentials,
decode them and use them to log into the specified domain with
administrative privileges.
The advisory indicates that the vendor has confirmed the problem and
recommends changing the ACLs on the appropriate registry keys (list in
advisory below) as a workaround.
Source: NTBugtraq
We use Norton for NT, Norton for Exchange, Norton for 9x, etc, across the board. It works 98% of the time, but is only as good as the latest virus signature download. Symantec is sometimes slow on the draw--twice in the last year--reacting to new threats. Not too bad, though.
In February, we had to shut an email server down for an entire day waiting for Symantec to produce the proper virus signature. If MS Exchange or Symantec had built in the simple feature of BLOCKING any email by keywords in the subject or attachment name, we'd be able to block any hostile inbound email.
But, of course, you have to buy another $3000-$6000 third party product to "filter" email by keyword.
Absolute muck!
In February, we had to shut an email server down for an entire day waiting for Symantec to produce the proper virus signature. If MS Exchange or Symantec had built in the simple feature of BLOCKING any email by keywords in the subject or attachment name, we'd be able to block any hostile inbound email.
But, of course, you have to buy another $3000-$6000 third party product to "filter" email by keyword.
Absolute muck!
We're using CA's InnocuLAN/InnoculateIT on our desktops. We were using their Exchange agent when we got hit with Prolin.A. The words were uttered: NEVER AGAIN.
Within a few days, we were trying out several packages. We opted to use something different on the Exchange servers than on the desktop. The goal was to have multiple layers of protection. Since our plans call to migrate to Norton on our desktops, that was immediately eliminated for Exchange.
We ultimately chose Trend Micro's Scan Mail for Exchange. We absolutely love it. In the four months we've had it, not a single virus has come through. We missed Anna, Hybris (Snow White), and Navidad.
If I have any one complaint about SMfE, it's that it only downloads signatures once a day. We auto download daily at 0500. We then have someone on our staff download around noon.
Mike Hillwig
mike@hypermike.com
I've done more R5 deployments than I care to think about.
Within a few days, we were trying out several packages. We opted to use something different on the Exchange servers than on the desktop. The goal was to have multiple layers of protection. Since our plans call to migrate to Norton on our desktops, that was immediately eliminated for Exchange.
We ultimately chose Trend Micro's Scan Mail for Exchange. We absolutely love it. In the four months we've had it, not a single virus has come through. We missed Anna, Hybris (Snow White), and Navidad.
If I have any one complaint about SMfE, it's that it only downloads signatures once a day. We auto download daily at 0500. We then have someone on our staff download around noon.
Mike Hillwig
mike@hypermike.com
I've done more R5 deployments than I care to think about.
I was recently running McAfee Groupshield on an NT4 Exchange 5.5 box and found the performance hit too great (The machine in question is quite old and handled a MASSIVE amount of mail)
We have now opted for an ASP service going by the name of Messagelabs ( basically all mail is routed via them and screened for viruses using 5 scanners.
They are the company that caught the I Love You virus! I have had no problems with them watsoever and if you have difficulty getting up and running the tech support is really great (for a change!)
Danny McGrath
Laserform Int. Ltd.
Lymm, Cheshire
We have now opted for an ASP service going by the name of Messagelabs ( basically all mail is routed via them and screened for viruses using 5 scanners.
They are the company that caught the I Love You virus! I have had no problems with them watsoever and if you have difficulty getting up and running the tech support is really great (for a change!)
Danny McGrath
Laserform Int. Ltd.
Lymm, Cheshire
I installed Antigen on my Exchange servers, and I would NEVER use anything else. First off, Antigen is not the same as Norton, etc. Antigen scans messages using the attachment table prior to the message hitting the user's mailbox. The result is that it places a much lower level of overhead on the server than the traditional av solutions for Exchange. It also lets you use multiple scan engines, and automatic downloads.
In the entire 2 years I've had it, I have only suffered one worm virus, and even that was due to operator error, not Antigen failing to detect it.
Seriously, look really hard at their solution, I think it's the best.
In the entire 2 years I've had it, I have only suffered one worm virus, and even that was due to operator error, not Antigen failing to detect it.
Seriously, look really hard at their solution, I think it's the best.
- Status
Similar threads