Forwarded from: security curmudgeon <jericho@attrition.org> To: David.Wall@RANDOLPH.AF.MIL cc: isn@attrition.org > Forwarded from: Wall David Civ AETC/DOXD <David.Wall@RANDOLPH.AF.MIL> > > Is it just me, or is somebody burying their heads in the sand? > Whatever happened to maintaining the latest antiviral signature > files so you don't get hit in the first place? > > Am I missing something here????? Yep. You are missing that the anti-virus industry is a 99.9% re-active industry. They write signatures shortly after the virus hits people. Even with a large number of anti-virus users updating sigs on a daily (even hourly basis), it leaves a hundred million+ that use no anti-virus at all. Several anti-virus packages ship with Heuristic scanning off by default even, making it that much harder to guard against viruses that are new. The obvious reason is that if the anti-virus packages were pro-active and stopped viruses before mass infection, they wouldn't get their monthly/yearly subscription fees for signatures, and their revenue stream would take a big hit. By eliminating software that is a target of viruses and worms, it is a pro-active measure to help stop the problem. Compare the various windows based worms/viruses with worms that target unix vulnerabilities. - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@attrition.org with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Tue May 28 2002 - 05:11:47 PDT