Daily virus attacks making me look bad . . .

Hi everyone

One of our cients is suffering regular daily email virus attacks . . . and he's hosted here on PowWeb. I've had a quick look round and understand there's no anti-virus protection provided by PowWeb, basically because they don't wish to be involved in deciding what is, or is not, a 'good attachment.'

Fair enough. I guess I'd be of the same mind if I was operating in litigious ole US of A. But my client still has his problem, and he expects me to solve it.

Bear in mind I'm a graphic designer, not a techie. I simply installed Nortons on the network server. I figured, "stop the viruses before they reach anyone's machine."

Problem is, when infected emails arrive they often cause interruptions to other users on the network, even crashes, as Norton does his job.

Any other solutions I might try?

Thanks in advance

John

PS: I'm posting this on a couple of other PowWeb forums, as I need an answer, quick smart, on this.

[paulselhi]

and do you have a firewall in place? what mail servers are they using if any, and are these in a DMZ (demiliterized zone)

unfortunately virus attacks are a part of life when you connect to the net and some companies will attract more attention than others

if you think your company is particulary a target then you would be well advised to bring in a third party security consultancy not only for viral attacks but also for general anti-hacker security

if the firm is being "targeted" for viral attacks then it may well be targeted by hackers as well

if the number of attacks is exceptionally high as in your case you may well have been compromised already and i would strongly suggest getting some outside security advice

[teamantivir]

Quote:

Originally posted by johnw
Hi everyone

One of our cients is suffering regular daily email virus attacks . . . and he's hosted here on PowWeb. I've had a quick look round and understand there's no anti-virus protection provided by PowWeb, basically because they don't wish to be involved in deciding what is, or is not, a 'good attachment.'

Please see my advice in the Utilities section. Again as well intentioned as many people are, beware of False Authority Syndrom (See http://www.vmyths.com for a definition).

[paulselhi]

"Most people who claim to speak with authority about computer viruses have little or no genuine expertise. Some virus experts describe it as "False Authority Syndrome" -- the person feels competent to discuss viruses because of his job title, or because of his expertise in another computer field, or simply because he knows how to use a computer."

i was only suggesting that if he feels that he is getting an abnormal amount of virus alerts he would be well advised to have a third party security analyses, i don't see this as FAS but as SPaSA- sensible proactive security advice !!!!

[teamantivir]

Quote:

Originally posted by paulselhi
i was only suggesting that if he feels that he is getting an abnormal amount of virus alerts he would be well advised to have a third party security analyses, i don't see this as FAS but as SPaSA- sensible proactive security advice !!!!

I wasn't addressing you specifically, you gave some good advice, I was just waning him some people are going to try to give him some detailed advice with out knowing the facts. I can almost hear it, "I use Scuzzy Scan, and have never had a virus, Your client should use it, because nothing else is as good", or "install the following rules on your mail server, and it will fix everything." I really get a sick feeling when I see that advice. Yours was right on target.

[paulselhi]

i am at this very moment removing the needles from your wax effigy

[paulselhi]

i was once called in to a large synagouge in london to sort out their exchange 5.5mail problems

they had their WHOLE operation running on one NT server- it was the pdc, mail server, application server (including all their financial data),webserver

They had already been compromised and i asked where their back up device was,. Backup? no we don't have one as yet

I asked them if they had a firewall, no we have several extinguishers and buckets of sand

i told them that i wouldn't touch their setup untill they had a backup in place and that unfortunately they had already been compromised, the web page had become colorfull to say the least

i also suggested thet they at least get another machine as a BDC and probably a seperate member server for their finnacial data and kept this on it's own network

they suggested that i was trying to hoodwink them into buying more kit, and anyway why should they be a target !!!!!!!

[teamantivir]

Quote:

Originally posted by paulselhi
They had already been compromised and i asked where their back up device was,. Backup? no we don't have one as yet

I asked them if they had a firewall, no we have several extinguishers and buckets of sand

i told them that i wouldn't touch their setup untill they had a backup in place and that unfortunately they had already been compromised, the web page had become colorfull to say the least

i also suggested thet they at least get another machine as a BDC and probably a seperate member server for their finnacial data and kept this on it's own network

Been there done that, went for the t-shirt and they were back ordered. It gets worse when you have the reply well we paid XXXX Consultancy, they said this was enough. Never mind the fact it was 10 years ago, and thing change, but the original colsultancy is out of business and specialize in stand-alone systems, so why should MY answer be any different from the original?