Agreed sir.
Timoteo "Timo" Vasquez; MCTS, MCP
Client Services - Network Security Team
[log in to unmask] - 517.884-3082
Administrative Information Services
2 Administration Bldg
East Lansing, MI 48832
"...I agree with you!"
From: STeve Andre' [mailto:[log in to unmask]]
Sent: Thursday, September 23, 2010 2:50 PM
To: [log in to unmask]
Subject: Re: [MSUNAG] Re-evaluating tools for patching
workstations/servers and 3rd party apps
If I get what you're saying Timo--and please correct me if I'm wrong--
you are saying that most of the risk now is people downloading things
they first see when Googling, and they get zapped by some extra treat
in the software they just got.
I don't believe that. I think that Adobe's horrors (the three fates of
Windows!), Acrobat, Flash and Shockwave represent an amazing
amount of the exploits out there. Flash especially is a great vehicle
for handing out exploits.
Yes, some people wander around the net and say "Ohh! Thats neat!"
and download some crawling horror, but I think that the more main-
stream exploit is to take advantage of something dealing with the
web.
--STeve Andre'
On 09/23/10 14:18, Vasquez, Timo wrote:
You know Firmin,
Most of the risk has been shifted to the source people are downloading
from. So many people rather Google a product, and grab from the first
page of results. So that is a majority of the issue is repackaged
products with additional *ware in it. This is very hard to find cause
most actions that are being executed are not going to set off a lot of
the antivirus products with medium to low heuristics.
You know I am curious as to a good antivirus that can run on Linux
without having to be installed whenever there is a new kernel update.
So good luck to you and your quest old friend.
Timoteo "Timo" Vasquez; MCTS, MCP
Client Services - Network Security Team
[log in to unmask] - 517.884-3082
Administrative Information Services
2 Administration Bldg
East Lansing, MI 48832
"...I agree with you!"
From: Charlot, Firmin [mailto:[log in to unmask]]
Sent: Wednesday, September 22, 2010 3:15 PM
To: [log in to unmask]
Subject: [MSUNAG] Re-evaluating tools for patching workstations/servers
and 3rd party apps
As you know the vectors of attacks have been shifting for some time now
towards 3rd party apps like Adobe, Flash and others.
Do you know of any tools that can centrally scan for vulnerabilities and
centrally remediate 3rd party apps, Windows & Linux Operating Systems?
If you have a favorite that you would like to share that would be great.
Thanks.
Firmin Charlot, ITIL, MCSE, A+, Information Systems Manager
Michigan State University - Student Services
Educational and Support Services 162 Student Services Building East
Lansing, MI 48824
[log in to unmask] <blocked::mailto:[log in to unmask]> (517) 432-7541
Submit technical requests at https://help.ess.msu.edu/
<blocked::http://help.ess.msu.edu/>
