Re: [OT] Virii on vger.kernel.org lists

Riley Williams (rhw@MemAlpha.CX)
Wed, 1 Aug 2001 00:19:28 +0100 (BST)

Hi William.

> As I said in another post on the list,

> "http://www.mcafeeb2b.com/naicommon/buy-try/try/products-evals.asp

> Go there, select your language and LINUX, and you will get a
> survey to fill out that then lets you test drive their stuff for
> linux."

I've not seen that post yet, so must apologise for missing it...

> I don't feel that I am particularly blasé, but I will concede
> that you have several good points. My main point was that people
> seem to be more interested in the server doing the scanning for
> them rather than taking responsibility for their own (lack of)
> security. Your view point is just as valid.

I've met people like that, and earn quite a reasonable living from
securing systems for computer novices. In my case, most of my
customers are elderly people who're interested in tracing their
ancestry and have been persuaded by the local computer mart that they
need a computer to do so, and nothing less than the latest all-singing
all-dancing system will do the job - and oh, Internet connectivity isa
a must so you'd better sign up to our company ISP for which we get
£X commission for everybody we sign up. I'm sure you know the type I'm
talking about...

> And I don't think your experience with McAfee as reported is
> typical at all. If it was, I'd still be having problems, and NAI
> would be out of business. How long ago was this? What version of
> the product? What OS? How did you update? What 14 Virii were you
> hit with? Did you contact McAfee for support? I'd be very
> interested to get more details about this.

I contacted McAfee about this straight away. Their response was that
on average, there's a timelapse of 53 hours from a virii first
appearing to their having a signature for it, and as there are at
least 370 new virii produced each day, many with multiple strains, it
was quite possible for such as I reported to happen.

The timeframe was around October 1999, so was mixed in with the
intensive Y2K tracing that was going on then, and I don't have details
of the specific virii any more, so can't advise there...

Best wishes from Riley.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/