On Aug 24, "Tom Holub" wrote:
> On Tue, Aug 24, 2004 at 08:41:10PM -0700, Aron Roberts wrote:
> > Hi Tom and Mike,
> >
> > Thanks for your views!
> >
> > Tom, does this mean that there is a possibility that the the
> > anti-virus component of the minimum standards and/or its
> > implementation guidelines might be refined this fall?
> >
> > How can we (from a Micronet perspective, not an IST one, that is)
> > track these developments, and/or contribute to this refinement
> > process, if it occurs?
>
> I doubt that the standards themselves will be changed, but there is
> still a great deal of flexibility in what winds up as "platforms
> listed on software.berkeley.edu." For example, we could list "Sophos
> Anti-Virus for Solaris/Linux email servers"; that would limit the
> requirement to email servers, rather than making the rather
> nonsensical requirement that Sophos should run on a DNS server.
I like the idea of stating the intended use on the software.berkeley.edu
site to help make sure the guidelines are appropriate. But I still see
problems. For example, if I bought a "hardware" spam filtration system
to put in front of my linux mail server, it seems I'm still required to
run spam software on the linux mail server, since software is available.
The real issue IMHO is that we need to look at the entire system.
> Actually, I am not certain what mechanism will be used to determine
> what platforms are listed on the software.berkeley.edu site. I expect
> that WSS is making those determinations for the Mac and Windows
> clients, and I would guess that CISC will talk about Sophos and
> similar server products, although up to this point we've not had a
> serious discussion about it.
I've always thought the mss were an excellent statement of best practice for
*undermanaged windows workstations* ("undermanaged" here includes setting
up workstations that allow non-power users to run arbitrary code.) I
would like to see a different set of rules for servers. I also tend to
think there should be a different set of guidelines for unix workstations,
but I can see the political sensitivity of having different standards for
different tribes of users. Having said that, does anybody really think
you're practicing prudent unix workstation security if you install a
firewall when you're only listening on the ssh port? Do I recall
correctly that SNS-recommended firewalls have been the victims of exploits
in recent months? :)
Mike
------------------------------------------------------------------------
The following was automatically added to this message by the list server:
For information about Micronet, including subscribing to
or unsubscribing from its mailing list and finding out
about upcoming meetings, please visit the Micronet Web site:
<http://micronet.berkeley.edu/>.
Received on Wed Aug 25 09:25:56 2004
This archive was generated by hypermail 2.1.8 : Wed Aug 25 2004 - 09:26:05 PDT