anomy-list

Re: swen virus

From: Systems Administrator (94788@xyz.molar.is)
Date: Tue 30 Sep 2003 - 23:26:32 GMT


On Tue, 30 Sep 2003, henry j. mason wrote:

> just ripping out executables takes care of Swen.
> this is a highly recommended configuration, anyway;
> there's really no reason to let any executables
> through, period. yes, some of your users may be

1. You're an ISP, and your customers will go elsewhere if you rip out
        executables
2. You have an attached computer shop, and can make more money
        selling people an antivirus solution :).

> used to attaching executables to their messages,
> but they're just going to have to learn how to
> either use a compression program or to rename their
> files so they can't be automatically executed. it's
> funny, but i've never gotten a single complaint
> about executables being just plain dropped from a
> message (i save them on the server where anomy is
> running, where they can do no harm). i think most
> people understand that it's a security risk.
>
> short answer: yes, and very well. you don't even
> need an AV program (i'm not a fan of reactive
> defense anyway).
>
> henry
>
> Adam Kosmin wrote:
> > Hello list,
> >
> > Can anomy be used to protect against SWEN? If so, I'd appreciate any
> > tips or discussion.
> >
> > Thanks,
> >
> > Adam Kosmin
>
>
>

-- 
Tim Nelson
Systems Administrator
Sunet Internet
Tel: +61 3 5241 1155
Fax: +61 3 5241 6187
Web: http://www.sunet.com.au/
Email: 94788@xyz.molar.is



hosted by molar.is