[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Re: January 15 is Personal Firewall Day, help the cause
- To: Wes Noonan <mailinglists@wjnconsulting.com>
- Subject: RE: [Full-Disclosure] Re: January 15 is Personal Firewall Day, help the cause
- From: "David F. Skoll" <dfs@roaringpenguin.com>
- Date: Sun, 18 Jan 2004 10:14:48 -0500 (EST)
On Fri, 16 Jan 2004, Wes Noonan wrote:
> This is not quite correct. Nachia and Blaster, as well as Code Red and its
> variants are all detectable and preventable with virus protection.
All of those are Windows viruses, no?
> While
> they may not stop the worm on the network, they can and do stop systems from
> becoming infected and propagating the worm.
So does mounting /tmp noexec, and it doesn't involve shelling out money
to AV vendors. Mounting /tmp noexec also protects against future threats,
not just ones that happen to be in the AV database.
(I know that someone recently released code to do a "user-space" exec,
so mounting /tmp noexec is not 100% foolproof, but it's pretty good
protection.)
--
David.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html