It has been a best practice for some time in security circles that a network needs antivirus software installed on all its elements to properly protect it from the slings and arrows hurled at it by cyber miscreants. With slavish dedication, administrators have loaded antivirus programs on their organization’s desktops, servers and perimeter defenses.

The logic behind those deployments seems unassailable. The odds against network defenders are long. To be successful, those defenders must foil every attack on their systems, which can number in the thousands. The attackers, on the other hand, only need to unleash one of their pernicious payloads to claim victory. In view of those odds, it only makes sense to put as many barriers as possible between the Black Hats and success.

Continue reading Should you dump antivirus software on your Exchange server?

In data centers many applications are run that must be upgraded regularly in order to keep applications up to date. And in today’s world, anti-virus software is a necessary component of every enterprise’s application environment. Email software, web servers, application servers and database servers are usually the most common applications found in the data center. But over the years software which protects your users, their data and everything else behind the firewall has become another integral component in your enterprise computing environment.

One application that is a must have to run in the same environment as email servers and email clients is anti-virus software.

But the protection that anti-virus software provides can sometimes inadvertently produce problems in your environment as well. Those problems can in particular have adverse effects when running Microsoft Outlook, Express or Exchange server.

One situation that can cause problems for Outlook or Exchange is when anti-virus software is installed or updated.  You may not notice these problems until a user attempts to open a document or tries to start Outlook.

Continue reading Troubleshooting Errors Related to Outlook and Anti-Virus Software

A recent article on eWeek triggered a lively discussion on an old topic that’s always sure to get the blood pumping. The article’s headline proclaims, “Apple’s Mac isn’t as secure as some want us to believe,” and there’s no doubt that it’s true.

The old argument, often eliciting strong response, really highlights the difference between the hype and reality. Now every computer company is guilty of a little hype. That’s the job of the marketing department, and they wouldn’t be doing their jobs if there wasn’t at least a little hype surrounding a product at any given time. Apple does it, Microsoft does it, and so does everybody else. That’s how products get sold. But in the case of Apple, far too many people have bought into the party line, and there could be a long-term danger as a result. Here’s the conflict: Mac fans believe that the Mac is absolutely secure and requires no anti-virus or email security software of any kind. Security experts generally have always disagreed, and even Apple itself has reiterated its own suggestion that users deploy anti-virus software. But still the faithful cling to their illogical contention that “it can’t happen to me because I have a Mac.”

Now here’s the reality. Yes, OS X is a good operating system, and the Mac is a pretty good machine. For the most part, it has fewer vulnerabilities and less attacks. But there’s a big difference between that reality, and the claim that “it can’t happen to me because I have a Mac.” That claim is just hype.

In fact, it can happen to you, and it will probably continue happening to you with increasing frequency. Just this month, an updated piece of malware targeting the Mac OS X was found; a new variant of Jahlav, as well as a new variant of Tored, which is being used in an attempt to create a Mac-based botnet. The lure of money will continue to attract bad guys to the OS X platform.

A professor at Sonoma State University is shaking things up in his computer science class. According to a recent Newsweek article, Professor George Ledin is teaching his students how to write viruses and how to penetrate antivirus software. His philosophy is that in order to teach students about effective security and attack prevention, the students must first learn what it is they are fighting.

According to the Newsweek article, the students are working “in the computer equivalent of biohazard suits”, using closed networks from which viruses cannot escape. But Professor Ledin should know more than anybody that when it comes to computer security, there’s no such thing as foolproof. Rule number one is always “trust no one”, and so the argument that viruses cannot escape his controlled environment is a disingenuous one. A single malcontented student with a thumb drive could easily export the classroom creations out into the wild. However, we will have to file this under “acceptable risk,” and hope that he teaches some ethics along with his virus writing tutorials.

Continue reading Understanding your virus enemy from within