Page 4 of 5 FirstFirst ... 2345 LastLast
Results 31 to 40 of 45

Thread: Can you really get by with no av on a windows box

  1. #31
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Wouldn't this be simpler to just say "People who run Unix don't have to deal with Viruses much, yet still do something about security" and go from there? I mean, I've got a bunch of Linux and BSD boxes on here, and I don't just install and let it go, I lock them down. Just because I don't need AV software doesn't mean I don't need security.

    So, basically, what I'm saying is, it would probably be a lot simpler to look at what Unix admins do since they don't deal with AV really at all, yet they still manage to secure their networks.

    Actually I'm not sure WTF I didn't just ask that at the start since it makes sense. I don't have even one use for AV software as there really aren't many viruses running around on FreeBSD or Slackware these days, but I do use my own Security Policy and tools to manage to not become a Zombie or slave, so, given that to me, AV software would simply be something to make my system load a little higher, I could take what I do to keep my machines locked, and then translate all that to Windows, and you'd have a START.

    Anyway, Merry Christmas everyone. I'm sitting in here my brand new FreeBSD Tee shirt, with my two issues of BSD Magazine, and a BSD Hoody Pull Over, and I just finished putting PC-BSD 8.2 and FreeBSD 8.2 into my brand new FreeBSD CD Case. I didn't just get BSD stuff but I did get a decent amount of stuff from there. I just added a new FreeBSD Case Plate to this machine's Case this morning, along with some FreeBSD stickers I Like Stickers. If you need proof, do a search of posts made by me, and my first experience with SUSE Linux lol.

  2. #32
    Senior Member
    Join Date
    Mar 2008
    Posts
    262
    85°F here. I spent much of the day relaxing by the pool.

    IMO *nix systems make great servers when there is a knowledgeable system admin. They don't do so well in a desktop environment running business applications. *nix desktops are user hostile because they are much too complex for the typical user to manage. As such they require more desktop support people. From my consulting experiences with clients having large desktop installations of either HP-UX or Solaris desktops and Win2k desktops the requirements are approximately three *nix desktop support people for one Windows desktop support person. Because the skill requirements are greater and the supply is less, a *nix person costs more than a Windows person.

  3. #33
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    What if instead of Solaris, someone like me came in, installed SUSE, and then set it so that when they logged into Gnome or KDE, it had the apps they need for their job on the desktop and nothing else? SUSE much like the other easier aimed distros automatically does updates, and even with that, you can script that with XML and YAST2 so that the admin does a load of updates after testing them to all machines deployed.

    And of course, only Kernel updates really need a reboot, which kind of is a selling point I'd think. Solaris and HP-UX on the Desktop, I'd imagine would be more of an issue, but have you seen Linux today? My Mom knows nothing about Computing in general, and I'm constantly fixing Her machine.

    My Cousin is the same way but I don't have to anymore; I put his IM client, and web Browser and Music player on the desktop, after installing Linux, and set it to auto update everything for him. I haven't touched his machine in three years, but my Mom, I was over there last week fixing it again. These are two people who don't know Computers, let alone Unix, and one as issues I need to fix, the other, it stays up and running just fine, and I've set it so that every update is installed by default and then if a reboot is needed it tells him to do so, and I set up a firewall too.

  4. #34
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Wouldn't this be simpler to just say "People who run Unix don't have to deal with Viruses much, yet still do something about security"
    It would be simpler but incorrect. I have worked in many environments where the servers are Unix but the clients are Windows. The admins use the Unix servers to enforce policy (security) and try to stop the Windows clients infecting eachother.

    Securing their servers is a separate issue, as the attacks are far different from the usual rancid attachments and embedded executables or hyperlinks that a mail server handles; for example.

    The point that I am trying to make is that the admins are collectively responsible for the whole infrastructure, rather than just a part of it. Look at retail chains for example? if your EPOS systems are leaking credit card details it doesn't matter how secure your Unix servers are................ at least not in a court of Law

    Elitism and specialisation can be very dangerous paths to tread; somebody needs to have the big picture in view.

  5. #35
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Heh, I liked the part about how an admin would try keep the Windows machines from infecting each other. That kinda says something.

    Elitism may be dangerous, but used properly, it can also have benefits. Remember the Catch guy I brought up? He was a Windows Elitist, and the fact that we were friends at all was probably shocking to most people. True we argued openly, but we also kept it at least entertaining as we were still friends.

    The POS Terminals most places have, I DO worry about that stuff. I pay with my Debit Card quite a bit, and so the fact that some moron could have configured it wrong, bugs me.

    I think the issue, is that Microsoft, WAY back in the day, told multiple people of importance, that basically "You shouldn't keep buying your Proprietary Unix kits, because WE are going to make a Server OS, and it's going to be easy to use just like Windows is, but, it's gonna have real user accounts and be secure and stable" and Nihil, You're one of the only people here who's pretty open with your years of experience, and your interest in Historical stuff as am I. I don't have the years of experience, but being a fast learner that's OK, but the History part of this, you may even remember.

    Actually.... Come to think of it.... Nihil, do you remember when Microsoft did this? When NT wasn't out yet, and they told everyone that they were getting into the Server market?

    I wasn't into this stuff back when NT came out, so I can't say I was there, other than maybe saying I was BORN by then lol.

    But yea, I think something on this issue, may actually stem from way back then. Microsoft as a Company isn't known for it's good business practices. In fact, here in the US, they are fairly well known by lawyers and IT people as Nazis.

    Being of German descent I can say that some of the stuff I've read supports this, and some of what I've read, makes you wonder how in the crap they could be perceived that way.

    But, the facts are, Microsoft announced Windows NT, and told Unix Shops to wait, because "We have something way easier for you to use coming soon!" And from what I've read of this story, they kept repeating a tag line of "It's coming real soon now!" and then, when it did come....

    I've used old versions of Windows before, and I've used old versions of Linux, BSD, and Unix, and to tell you the Truth, I don't now WTF they were thinking. This **** was NOT gonna replace Unix ANYWHERE without HUGE support contracts, and a full staff to clean up the mess and the smoking remains.

    Nihil, would YOU let Windows NT 3.51 run the Equipment a Hospital was using to monitor your heart? I wouldn't. I've asked that question in different ways before, because if you recall, Tiger Shark used to be here a lot saying he was a Windows admin, and he lives not far from here, and eventually I asked him "You know, in Germany, they were using Unix for Kidney Dialysis, and I wonder, would you put your money where your mouth is, and let a Windows machine do this on YOU?" and he wouldn't answer.

    Anyway, Nihil, would you agree that Windows today, is STILL based on NT? I mean, Windows NT, it was rushed out to shelves long before it was really ready, and it had more memory leaks than someone with Alzheimer's. Add this to the fact that it still wasn't secure, and the fact that Windows 2000, XP, and everything else we use today, is still based on it, and you have an issue.

    If Microsoft makes Windows 8 properly, Viruses should be a thing of yesterday. They already are in a way, but Malware, Spyware, Adware, and the like, all should be. The fact that there are still OSs being made that can be broken like that, is something of an issue... No one would buy a Car that could have the Gas Siphoned off by another driver merely by driving passed that person's House, so why do we allow it on computers?

  6. #36
    Senior Member
    Join Date
    Mar 2008
    Posts
    262
    I was part of the pre-beta (alpha?) Windows NT testing program. IIRC it was 1990 when I was invited into the program. NT 3.1 was released in 1993. I can say that Microsoft had very stringent rules on accessing their network. When connecting, a system was checked to make sure that it was up to date including the last virus scan. If the system was stale it was quarantined and updates and scans were offered. One could fix the issues on the spot or disconnect, update the system before connecting again.

    An interesting tidbit. Most autos run on Microsoft or Apple software. My BMW runs Windows. One can even do a three finger salute to reboot the vehicle's OS.

  7. #37
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    Quote Originally Posted by ua549 View Post
    I was part of the pre-beta (alpha?) Windows NT testing program. IIRC it was 1990 when I was invited into the program. NT 3.1 was released in 1993. I can say that Microsoft had very stringent rules on accessing their network. When connecting, a system was checked to make sure that it was up to date including the last virus scan. If the system was stale it was quarantined and updates and scans were offered. One could fix the issues on the spot or disconnect, update the system before connecting again.
    I find that interesting. I wonder how they could set up something like that, and then release something like Windows ME. I only know of one or two people who ever used Windows ME without issues.

    An interesting tidbit. Most autos run on Microsoft or Apple software. My BMW runs Windows. One can even do a three finger salute to reboot the vehicle's OS.
    Lol I know man. I'm German AND from Michigan; Cars are in my Blood. Mit viel Oktan und frei von Blei Einen Kraftstoff wie Benzin ist im meine blut

  8. #38
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    A "one size fits all" approach to IT security doesn't work. The use of anti-virus/anti-malware devices and software is inexpensive and simply another tool in the network security toolbox.
    Rightly said, I have so many run-ins with admins who dont understand this. Im kind of a straight guy and for me to atgue with an admin why he doesnt have policies in place is very difficult in my line of work.
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  9. #39
    Senior Member gore's Avatar
    Join Date
    Oct 2002
    Location
    Michigan
    Posts
    7,177
    I still say it's totally plausible to not have any sort of AV of any kind. I'm not saying it has no use at all; My Mom, for example; She NEEDS AV software, because no amount of me bitching will stop Her from "Oh, look, I clicked on that link from a spam mail and now my Computer acts weird"....

  10. #40
    Senior Member nihil's Avatar
    Join Date
    Jul 2003
    Location
    United Kingdom: Bridlington
    Posts
    17,188
    Remember the Catch guy I brought up? He was a Windows Elitist,
    Actually he was a Windows security consultant. I do not recall him saying that Windows was better than anything else, only that you could secure it as well if you knew what you were doing.

    I think the issue, is that Microsoft, WAY back in the day, told multiple people of importance, that basically "You shouldn't keep buying your Proprietary Unix kits, because WE are going to make a Server OS, and it's going to be easy to use just like Windows is, but, it's gonna have real user accounts and be secure and stable" and Nihil, You're one of the only people here who's pretty open with your years of experience, and your interest in Historical stuff as am I. I don't have the years of experience, but being a fast learner that's OK, but the History part of this, you may even remember.

    Actually.... Come to think of it.... Nihil, do you remember when Microsoft did this? When NT wasn't out yet, and they told everyone that they were getting into the Server market?
    Well speaking for myself and just about every IT professsional I have ever met, when a vendor runs off at the mouth you have three questions:

    1. When can I see the demo?
    2. Where is my evaluation copy?
    3. Where is the list of current installations and contacts I can talk to.

    I have never come across an instance of anybody replacing an existing Unix environment with Windows.

    I can only comment from a UK perspective, but back then the market was very varied. There were lots of small mainframe, mid-range and even electro-mechanical "accounting machine" solutions. All were becoming aged, expensive and comparatively inefficient.

    Unix was well established but IT skills were in short supply and great demand. The concept of an "easy" solution would have been very attractive to those wanting to move on from their current obsolete environments.

    My view is that Microsoft bought the business from those who did not have a current solution and so, would not perceive any risk? After all, "if it ain't broke, don't fix it", so I don't think that Unix shops came into the equation.

    Basically, Microsoft grabbed themselves a share of an emerging market rather than an existing one.

    I find that interesting. I wonder how they could set up something like that, and then release something like Windows ME. I only know of one or two people who ever used Windows ME without issues.
    I know of plenty apart from myself. All it needed was plenty of RAM, regular defragmentation and turning off when you are not using it. It is a home user's desktop OS, and nothing more.

    384~512MB RAM and any processor from 333MHz to 1.3GHz. The processor didn't seem to matter that much as far as stability goes but it certainly leaked memory and fragmented files. Personally, I used Windows 2000 Professional except for games.

    If you look at the timeline you can see that it was never "finished" as such. 98SE was 1999 and XP was 2001, and they were developing Win 2000 at the same time.

    A cynical monetization of dead end R&D perhaps?

    For the non-IT average home user then security software will still have a part to play, along with least enablement in the OS ("run as"/UAC).

    There are also products like sandboxes and "deepfreeze" for the slightly more aware and irresponsible?

    EDIT:

    I missed this bit:

    Anyway, Nihil, would you agree that Windows today, is STILL based on NT? I mean, Windows NT, it was rushed out to shelves long before it was really ready, and it had more memory leaks than someone with Alzheimer's. Add this to the fact that it still wasn't secure, and the fact that Windows 2000, XP, and everything else we use today, is still based on it, and you have an issue.
    I would expect that it is, just like any other commercial or open source OS is based on its predecessors? I cannot think of an OS that I would consider "new" other than for sub-PC devices............... Android for example?

    In the workplace the managers like to see continuity and familiarity.

    My experience of NT only goes back to 4.0, as it wasn't popular or common over here before then. Also, the security requirements weren't anything like they are today, for example not many office workers had internet access as they didn't need it.

    Microsoft's problem back then was Windows 95 which was rushed out (late) and had several issues.

    The secret of OS development is to make your next release take account of the shortcomings in your previous release that couldn't be fixed through patches. That isn't an issue, there is only an issue if there are flaws that are not addressed. Given that NT has been around as a concept at least, for 20 years I would have thought that any problems fundamental to the design would have been eliminated by now.

    I believe that Microsoft have learned a few lessons over the years. They got away with it with ME because it was short lived and only affected domestic users, but Vista taught them that institutional customers will not tolerate that sort of crap. I would note that I haven't heard anyone complain about Windows 7, and from what I have seen of the pre-beta, Windows 8 will be pretty much the same.

    From my viewpoint what NT really meant was "without DOS" which was obviously a great limitation on early Windows.
    Last edited by nihil; December 28th, 2011 at 10:14 PM.

Similar Threads

  1. Windows and lack of Email and Media clients
    By gore in forum Operating Systems
    Replies: 13
    Last Post: May 29th, 2009, 05:11 PM
  2. May 06 security patches
    By mohaughn in forum Microsoft Security Discussions
    Replies: 9
    Last Post: May 13th, 2006, 10:17 PM
  3. Replies: 6
    Last Post: October 5th, 2004, 08:26 AM
  4. Windows 2003 Server Vulnerability
    By warl0ck7 in forum Microsoft Security Discussions
    Replies: 7
    Last Post: August 14th, 2003, 12:23 PM
  5. OS History and other info.
    By Remote_Access_ in forum Security Archives
    Replies: 9
    Last Post: January 12th, 2002, 03:02 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •