Profile

unixronin: Galen the technomage, from Babylon 5: Crusade (Default)
Unixronin

Links

December 2012

S M T W T F S
      1
2345678
9101112131415
16171819202122
23242526272829
3031     

Navigation

Page Summary

Most Popular Tags

Expand Cut Tags

No cut tags

Another Symantec worm

unixronin: A somewhat Borg-ish high-tech avatar (Techno/geekdom)
[personal profile] unixronin
Friday, May 26th, 2006 11:13 am

A gaping security flaw in the latest versions of Symantec's anti-virus software suite could put millions of users at risk of a debilitating worm attack, Internet security experts warned May 25.

Researchers at eEye Digital Security, the company that discovered the flaw, said it could be exploited by remote hackers to take complete control of the target machine "without any user action."

"This is definitely wormable.  Once exploited, you get a command shell that gives you complete access to the machine.  You can remove, edit or destroy files at will," said eEye Digital Security spokesperson Mike Puterbaugh.

"We have confirmed that an attacker can execute code without the user clicking or opening anything," Puterbaugh said.

I've said it before, I'll say it again.  Not even three words, three letters:

AVG

And for individual personal use, it's even free.

Tags:
Flat | Top-Level Comments Only

[identity profile] skellington.livejournal.com
Friday, May 26th, 2006 03:16 pm (UTC)
Although AVG's free edition doesn't have options on scheduling scans, etc. It always scans on startup (or you can disable it entirely).

But I'm going to be buying it for my boxes...

ext_85396: (Default)
[identity profile] unixronin.livejournal.com
Friday, May 26th, 2006 03:27 pm (UTC)
True. But really, how many Windows users leave their boxen on 24/7...?

[identity profile] skellington.livejournal.com
Friday, May 26th, 2006 03:33 pm (UTC)
On my girlfriend's box, the scan at startup made it a complete dog until the scan was finished. Frequently she finished checking email, etc. before it finished. (I also don't see any options for making it a lower priority, etc.)

I prefer a once a week scan or something, scheduled for the first start after the deadline.

ext_85396: (Default)
[identity profile] unixronin.livejournal.com
Saturday, May 27th, 2006 04:21 am (UTC)
Actually, the current AVG7 Free Edition *does* allow scheduled tests. I forgot it, but it does. Mine is, in fact, scheduled to do a "basic" scan (i.e, key system files, registry and boot sector) every day at 0600.

[identity profile] darthgeek.livejournal.com
Sunday, May 28th, 2006 01:32 am (UTC)
Let's see. Most IT people I know that are forced to work with it leave it on 24/7. I leave my work box on 24/7, and [livejournal.com profile] dandelion_diva leaves her PC on 24/7.

ext_85396: (Default)
[identity profile] unixronin.livejournal.com
Sunday, May 28th, 2006 02:20 am (UTC)
Notice what we're saying here: all fairly hardcore geeks. We're very much in the minority, I think.

[identity profile] databeast.livejournal.com
Friday, May 26th, 2006 07:10 pm (UTC)
when AVG comes up with a good centrally-configurable+deployable enterprise solution, Symantec might have to worry..

I know, we hate symantec too, but for having a low-footprint network-deployable virus/malware/worm scanner that's got easy central admin and reporting, Symantec Enterprise AV is actually pretty damn good from an ease-of-use/effectiveness weighup..

course, then things like this pop and throw that whole weighup into irrelevance ...

ext_85396: (Default)
[identity profile] unixronin.livejournal.com
Friday, May 26th, 2006 10:34 pm (UTC)
for having a low-footprint network-deployable virus/malware/worm scanner that's got easy central admin and reporting, Symantec Enterprise AV is actually pretty damn good from an ease-of-use/effectiveness weighup


Yeah, that's a valid point.

Does it still break trying to upgrade a machine from the standalone product (aka Norton AV) to the Symantec enterprise product? Ran into that when I was working at Ceva ... if you want it to work, you have to completely remove Norton first, THEN push Symantec. If you try to add the client to management by pushing the Symantec enterprise client as an upgrade, which you're supposed to be able to do, it won't work.

ext_85396: (Default)
[identity profile] unixronin.livejournal.com
Friday, May 26th, 2006 10:35 pm (UTC)
Actually, to be fair, AVG does theoretically have a network-centric enterprise product, but I've never tried it.

[identity profile] ilcylic.livejournal.com
Saturday, May 27th, 2006 01:38 am (UTC)
Yeah, mine's called "Linux".

-Ogre

I'm trying AVG right now

[identity profile] dakiwiboid.livejournal.com
Saturday, May 27th, 2006 01:42 am (UTC)
It seems awfully slow. Hmmm... Any idea why?

Re: I'm trying AVG right now

[identity profile] dakiwiboid.livejournal.com
Saturday, May 27th, 2006 02:43 am (UTC)
AVG. The complete scan has been going on for over an hour now, which is ridiculous.

Re: I'm trying AVG right now

ext_85396: (Default)
[identity profile] unixronin.livejournal.com
Saturday, May 27th, 2006 04:19 am (UTC)
Just as a benchmark, I've just started a complete scan of vorlon, my Windows 2000 box. vorlon is an Athlon64 3000+ with a single SATA hard disk of 160 storage industry gigabytes, 149 gigabytes as computer geeks understand gigabytes, just over half full (78GB used, 70.9GB available).

I meant to report how long the scan took, but it doesn't actually include that in the test results and I was eating supper when it finished, so I didn't see. Ah well. :p But remember that there's two approaches to virus scanning. The safe approach is to scan EVERYTHING. AVG does this. If you want to appear to be faster, you can skip scanning files of types that you think are unlikely to contain viruses (i.e, you don't know of any viruses that propagate in that type of file). I know of several antivirus packages that do this. They're faster, yes, but they're less thorough.

[identity profile] olafthunderfoot.livejournal.com
Monday, May 29th, 2006 09:00 pm (UTC)
i have McCaffee on my 'puter!
Flat | Top-Level Comments Only