anomy-list

RE: Re: Re: swen virus

From: Systems Administrator (95951@xyz.molar.is)
Date: Mon 06 Oct 2003 - 01:53:24 GMT

  • Next message: Brent Kennedy: "RE: Re: Re: swen virus"

    On Sun, 5 Oct 2003, Brent Kennedy wrote:

    > The bad address would be my fault.. I am responding via the web interface.
    > Sometimes I type to fast and double key letters :P
    >
    > I agree that it wouldn't work for outgoing, but maybe you could setup a
    > central quarantine for outgoing and have someone there look at it when
    > something gets nabbed.. you could then, depending on what happened, be
    > proactive in letting the customer know they have a virus or whatnot. Maybe
    > have it send a message back to the sender that their mail had been held
    > because of (fill in the blank). Or you could just scan outgoing, if nothing
    > found, just let it pass. Atleast you are stopping it before it wastes
    > bandwidth.

            Yeah, I'd just scan for viruses and spam, and bounce back if there
    were any problems.

    > I come from the angle of: the less I have to do, the better. meaning less

            Amen to that, with the qualifier of, I also want to save my
    co-workers (eg. Helpdesk) time -- it makes them more responsive when I
    need something done :).

    > Its too bad that no one has a way to detect virus like activity, say the
    > same attachment to 15+ people all at once shortly after the person pulled
    > down their email. That would be REALLY nifty in finding and eliminating new

            ...like when you dial up, and send your church bulletin to the
    members of your church just after you dial up? I know it happens with our
    church :).

    > threats as well as saving bandwidth.
    >
    > Me being the US, I tend to forget about bandwidth limitations on my end
    > because I don't pay for a certain amount per month.

            Right. We pay a fixed monthly amount for a fixed amount of
    bandwidth. Sure we always make sure we have enough to go around, but if
    we cut down on bandwidth the customers don't even want to use, it makes
    the whole system function better for less :). Besides which, I once had a
    situation where one of our customers machines sent a virus to Site C via
    via Site B. Unfortunately, it got kinda stuck at site B, and Site B kept
    resending a copy to site C every few hours. The admin from Site C got
    quite narky with me about it, because their response procedures demanded
    that he fill out paperwork for each one (!!!). Anyway, each of us tried
    to contact site B, and eventually the problem went away, but I don't know
    that Site B ever did anything about it (or even spoke English, for that
    matter).
            My point with this one is, if I'd been blocking outgoing viruses,
    I would've saved myself quite a while that week :).

    -- 
    Tim Nelson
    Systems Administrator
    Sunet Internet
    Tel: +61 3 5241 1155
    Fax: +61 3 5241 6187
    Web: http://www.sunet.com.au/
    Email: 95951@xyz.molar.is
    



    hosted by molar.is