hit hard with virus's and googles down.

[RebelToTheEnd]

I'm getting the same exact error. I thought maybe I was typing in bad strings, but even when I search for things I knew would work I still get the same error page. I guess I'll just have to temporarily use another search engine unfortunately.

[RoadClosed]

I don't know your system deftones12 but netshield is a file level scanner and it only works on the servers. Clients would need a local file level access scanner on each workstation. Netshield will ONLY catch a virus if it's local file system is accessed. So a client getting email off the internet or an Exchange file share will NOT access the local Netshield system and NOT be detected. If you use exchange the Netshield scanner will not be able to scan or access the information store EVEN if located on the same machine. Groupshield is necessary or a client scanner like VirusScan plugged into Outlook.

[deftones12]

For all incoming email, gee-whiz, our email scanner at the gateway, grabs the emails and scans them, using netshield that our servers use to scan the servers and shares. So on the server pretty much our email scanner uses the netshield engine and dat's. Im just wondering why netshield isnt catching them. I have looked through the forums and on the internet the best i can without google and cant find anyone else to be having this problem. Currently so far the virus's that are getting throught are the latest doom variant (the spoofing email of the mail delievery subsystem, to many employees fall for that one :-/) and the bagle-ai, which has been getting through since like tuesday or wenesday i think and its really startin to frustrate me, netshield should be catching those. The client version of mcafee scanner catches them though and im gettin flooded with questions and calls saying why do i have a virus and why is this scanner saying i have a virus. The netshield on our server and the client scanners are using the same DAT file too, im not positive if its gee-whiz or not, dont see why it would be. The scan time allowed for each incoming email is set at 65000 milliseconds, should i make that a little longer?

[Vorlin]

I personally would disallow all incoming files period. Nothing blocked on the intranet, but as far as outside, hell no. These variants are getting smarter and smarter and I wouldn't trust anything coming inside my network. I can barely trust my users to not bring in floppies or USB drives, but since I have to give some of them some "privileges", I just have to be extra-wary. We have an inbound scanner on our email server and for me, I use sendmail into a chrooted directory.

[RoadClosed]

What is your email server?

[deftones12]

no way the boss would allow that to happen. so far i mentioned disallowing .com .pif and other extentions that the worm uses but he's not to keen on doin it, i explained users have no reason to be sending those but he sais just wait for the scanner to pick 'em up eventually, which i dont know if it will happen soon since its been happenin since last week, so im kinda stuck on the blocking part. thats why im just tryin to figure out how in the hell i can get netshield to see those virus's. i've posted for help in the mcafee forum but no one has replied. well thanks for all the help im not sure if theres anything you guys can do or suggest. if you have anymore advice pleeeeaaaasssee send my way. i swear im gonna kill the author of that virus. it doesnt help that he released the source code either for more to come. congrats on your soon to come 1000th post vorlin. thanks to everyone.

[mohaughn]

Originally posted here by deftones12
For all incoming email, gee-whiz, our email scanner at the gateway, grabs the emails and scans them, using netshield that our servers use to scan the servers and shares. So on the server pretty much our email scanner uses the netshield engine and dat's. Im just wondering why netshield isnt catching them. I have looked through the forums and on the internet the best i can without google and cant find anyone else to be having this problem. Currently so far the virus's that are getting throught are the latest doom variant (the spoofing email of the mail delievery subsystem, to many employees fall for that one :-/) and the bagle-ai, which has been getting through since like tuesday or wenesday i think and its really startin to frustrate me, netshield should be catching those. The client version of mcafee scanner catches them though and im gettin flooded with questions and calls saying why do i have a virus and why is this scanner saying i have a virus. The netshield on our server and the client scanners are using the same DAT file too, im not positive if its gee-whiz or not, dont see why it would be. The scan time allowed for each incoming email is set at 65000 milliseconds, should i make that a little longer?

What version of the .dats are you running? You have to be running 4381 to be protected from the new mydoom. You need the 4381 to be protected from bagle.ak. They just came out today.

[deftones12]

yeah i've got 4381. it autoupdates automatically and it did it this morning. 2 of the servers abended after they updated im pretty sure. the i think like 2 previous dats even protect from the bagle-ai even, not sure about the doom. we use groupwise RoadClosed, we have a postoffice agent which transports emails outside (internet) and a local one that just does intercounty, both of them get scanned before the email reaches though with the Gee-Whiz program. So obviously gee-whiz isnt stopping them and its gettin through. We are planning on redoing the webserver though which hosts the gee-whiz and netshield, so maybe redoing it and reinstalling netshield should fix the problem? it wont be anytime soon though like hours or days.