Matt Murphy said:
> Way to be responsive to the needs of your users. Are you an
> enabler in your company, or someone that people have to get through to
> get their work done? Think about that the next time you don't get
> promoted. You can be plenty safe without disallowing executable files,
> and TRAINING (yes that means actually talking to users) is a big part of
> that.
>
> The day the latest big worm hit I was out for drinks with some
> of my sysadmin friends, and they were all griping about how they spent
> all day cleaning up viruses. That was the first I'd heard of it, and we
> never got hit. Why is that? I have good security, good A/V, good
> policies, and users that know what to look for, and know that if they're
> the one that lets a virus through, it's their ass.
>
> Matt

I've found that the majority of users have no need of executable files,
.bat, .exe, .scr etc. They aren't the ones mailing them, they are all the
results of the various virii floating around. Zip files are a different
matter, there are a lot of reasons that a user would get a zip. That being
said, I had a couple of users get zapped by the first round of virii that
came out using zip files, prior to the various AV vendors posting
signatures, and I did drop zip files for a few at the mail server for a few
days.
Maybe its reactionary, maybe its not foolproof, but I don't care, it has
served to stop more than a one virus in the period of time between when the
virus hits and when signatures come out. For that matter, the whole idea
behind anti-virus technologies today is reactionary and not fool proof.
I have had virtually zero complaints about executable attachments being
blocked, though it was sticky for those few days I blocked zip files.

Josh


_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
http://www.mn-linux.org tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list