Page 2 of 2 FirstFirst 12
Results 11 to 20 of 20

Thread: What the hell is wrong with MS??!!

  1. #11
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    Tiger,

    Battlefield montra 101:

    Everything that moves is the enemy.

    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  2. #12
    AO Ancient: Team Leader
    Join Date
    Oct 2002
    Posts
    5,197
    Hoss: ROFLMAO.....

    Battlefield montra for WMD: Everything that moves is the enemy.

    Battlefield montra for precision guided weapons: Who cares what moves my target is _there_.

    PS: I can stand still for incredibly long periods of time...... Old age you know.... LOL
    Don\'t SYN us.... We\'ll SYN you.....
    \"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides

  3. #13
    Senior Member
    Join Date
    Oct 2001
    Posts
    748
    In all fairness I think recommending that you stop on access virus scanning to troubleshoot a network file system issue is sound advice.

    If I have any types of issues moving a large item from point a to point b I always go and check the virus logs, if there are any, or stop the auto-scanning and try to move again to see if the issue goes away..

    If you are relying solely on your AV software to keep you from getting infected and not using good techniques in disabling common infection points than it is your fault for making your security layer so flimsy...

    The only way a properly patched system that does not have any file shares on it can become infected by a virus is for the user to run something that they shouldn't be running. Given that you are talking about a business you should be preventing the user from getting any type of virii to their desktop by having a strong proxy policy in which everything going through the proxy is scanned, as well as scanning all email attachments and blocking known attachments from email altogether.

  4. #14
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    If you are relying solely on your AV software to keep you from getting infected and not using good techniques in disabling common infection points than it is your fault for making your security layer so flimsy...
    Very good point, however, if you have 60,000 nodes, how would you defend against contractors and end users plugging in a laptop that has been infected from external sources? In addition to that, not every department is as vigilant about patching and definition updates.

    See where I'm coming from? It's very tough to keep a large userbase clean. It makes it even worse when the leading software vendor on the planet is advising you to disable virus protection without so much as a mention that it may be a bad idea or even more so, a violation of your organization's security policy.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  5. #15
    Senior Member RoadClosed's Avatar
    Join Date
    Jun 2003
    Posts
    3,834
    Well it does day "temporarily disable it" Actually I think it said just to turn off that related feature. (just giving you a hard time). In a normal business environment where people have the ability to surf poinsoned sites and move around computers and laptops, stoping clients infections is extremely difficult. In less creative business practices that might be more practical. I stake my ass on server side controls and centralized outbreak monitoring. Then if it does get to the client that last bit of software helps in many cases. Somehow a mydoom got through the email filter while stopping hundreds of others. The client plug in for Outlook stopped it when some idiot clicked on the message. If that hadn't worked hopefull the on access file scanner got it but it didn't get that far.

  6. #16
    Junior Member
    Join Date
    Feb 2004
    Posts
    12

    Re: What the hell is wrong with MS??!!

    Originally posted
    It took an unreasonable amount of time to perform the task
    Just out of Idal curiosity...what connection speed are you running and how big was the file?
    Just another quick question...how did you resolve it? Did you go ahead and kill the RVP and then download or is there another trick?

    Only reason I ask is because I have seen that request put on quite a few patches and other misc downloads, but I have never run across a problem with the actual downloading.

    Just Curious.

    Bio
    \"If you know your enemy and know yourself; in a hundred battles, you will never be defeated. When you are ignorant of the enemy but know yourself, your chances of winning or losing are equal. If ignorant of both of your enemy and of yourself, you are sure to be defeated in every battle.\"

    -Sun Tzu

  7. #17
    Originally posted here by thehorse13
    Very good point, however, if you have 60,000 nodes, how would you defend against contractors and end users plugging in a laptop that has been infected from external sources? In addition to that, not every department is as vigilant about patching and definition updates.
    I have the same concern hoss. Some of us dont have the tools or technologies (much less do they integrate with each other) to have tight security measures at every piece of the network. You have AV on your email server, file server, gateway but these dont protect you (as you mentioned I think earlier) from someone plugging in laptop (or PDA) from home thats infected. If users can disable AV, what protects them when they stick a floppy or CD with infected files on them. By the way, we dont allow users to disable our AV sw however (very) savvy people can get around this and disable it.

    Let's face it: the perimeter has been pushed down to the desktop and we must put protections there!

    I am hoping that Cisco (and others) initiative where a node cannot connect to the network or is quarantined if it is not running an up-to-date AV or firewall (if you choose). It's called Cisco Network Admission Control (NAC) and looks promising...but we'll see.

    <disclaimer> I do not work for Cisco nor own their stock </disclaimer>

    Network access based on policy is one of my hopes...and better integrated products (VPNs, dialup, etc) is another.

  8. #18
    Master-Jedi-Pimps0r & Moderator thehorse13's Avatar
    Join Date
    Dec 2002
    Location
    Washington D.C. area
    Posts
    2,885
    am hoping that Cisco (and others) initiative where a node cannot connect to the network or is quarantined if it is not running an up-to-date AV or firewall (if you choose). It's called Cisco Network Admission Control (NAC) and looks promising...but we'll see.
    We are banking on this technology for all of the reasons above. We even signed up to be beta testers because it will solve so many headaches we currently face. I believe the first release will be ready sometime late this year.
    Our scars have the power to remind us that our past was real. -- Hannibal Lecter.
    Talent is God given. Be humble. Fame is man-given. Be grateful. Conceit is self-given. Be careful. -- John Wooden

  9. #19
    The Doctor Und3ertak3r's Avatar
    Join Date
    Apr 2002
    Posts
    2,744
    Customer: How long before Microsoft have a patch to stop All these Viriuses?
    und3rtak3r: do you have win auto update turned on or do you check for and install MS updates atleast onece a week?
    customer: No
    und3rtak3r: is your virus Definitions upto date?
    customer: no? whats that?
    und3rtak3r: that will be $75 for the repair thank you..

    the wording of advice, in solutions or tempory solutions to problems, always will be the weakest link. The readers interpretation is where many problems lay. The dumber the reader you try to assist the dumber the text becomes..
    the more the problems grow..


    cheers
    "Consumer technology now exceeds the average persons ability to comprehend how to use it..give up hope of them being able to understand how it works." - Me http://www.cybercrypt.co.nr

  10. #20
    Senior Member
    Join Date
    Oct 2001
    Posts
    748
    Originally posted here by thehorse13
    Very good point, however, if you have 60,000 nodes, how would you defend against contractors and end users plugging in a laptop that has been infected from external sources? In addition to that, not every department is as vigilant about patching and definition updates.

    See where I'm coming from? It's very tough to keep a large userbase clean. It makes it even worse when the leading software vendor on the planet is advising you to disable virus protection without so much as a mention that it may be a bad idea or even more so, a violation of your organization's security policy.
    I totally agree. My company currently has an employee base of around 75k people and we have a very very hard time securing the desktop. That is why we place a much higher emphasis on securing the other areas of our network. We've taken the standpoint of blocking all traffic from a suspected contaminated computer first, and asking questions later. It is really the only way to deal with non standard infected machines being plugged into the network.

    I can see where some clarification of the original technet article would be good for the end users well being. I guess we are not confident enough in our users to tell them to go look at technet themselves. Instead we have built up extensive internal documents and help sites that we recommend our user base go to before calling a helpdesk.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •