Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Looking for malware/virus/hijack protection on fileserver


  • Please log in to reply
8 replies to this topic

#1 picturecar

picturecar

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:11:54 AM

Posted 31 July 2014 - 11:51 AM

winsows server 12 Tried contacting malware bytes several times and even e-mails go unanswered except for auto responders so they would be useless to me.  Superantispyware do contact and are fairly quick as well.  what would you suggest.  it is for an animal shelter hospital.



BC AdBot (Login to Remove)

 


#2 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:54 PM

Posted 01 August 2014 - 07:23 AM

Emsisoft Business Products
Emsisoft Anti-Malware for server
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#3 picturecar

picturecar
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:11:54 AM

Posted 01 August 2014 - 10:53 AM

It looks good.  Thank you.



#4 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:12:54 PM

Posted 01 August 2014 - 11:39 AM

You're welcome.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#5 picturecar

picturecar
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:11:54 AM

Posted 04 August 2014 - 10:31 AM

What about workstations?  would this be enough?



#6 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 PM

Posted 04 August 2014 - 12:51 PM

What about workstations?  would this be enough?

Yes, they have a central management console. Assuming that you have enough workstations in that organization that you want centralized management.
If you have just a few workstations and don't need centralized management, you can also pick AV for home use.

Edited by Didier Stevens, 04 August 2014 - 12:53 PM.

Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#7 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 PM

Posted 04 August 2014 - 01:09 PM

I just see in your title that this is for a fileserver. So there are shares on the fileserver accessed by the workstations?

 

Does the server fulfill other roles? Domain controller, database server, e-mail server, ... ?


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"


#8 picturecar

picturecar
  • Topic Starter

  • Members
  • 41 posts
  • OFFLINE
  •  
  • Local time:11:54 AM

Posted 04 August 2014 - 01:58 PM

It does,  It is a Domain controller everything else resides in standalones.  And I currently have a hardware firewall I will not be using, so while I look for something, I will use software.



#9 Didier Stevens

Didier Stevens

  • BC Advisor
  • 2,698 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:54 PM

Posted 04 August 2014 - 02:08 PM

Then there is a small advantage to use AVs from different vendors: files will be scanned by different AVs.

By default, your AV will scan all files that are read and written. So when a workstation accesses a file on a share, this file will be scanned by the AV on the server and by the AV on the workstation.

In a situation were AVs are identical on the server and workstation, having the file scanned twice doesn't bring you extra security.

But if the AV on the server and on the workstations are different products (different vendors), then there is an small increased probability of detection because one AV might detect something that the other doesn't.

Of course, this is the case for true positives as well as false positives.

 

You'll have to decide if this small advantage warrants the overhead of dealing with 2 AV vendors.


Didier Stevens
http://blog.DidierStevens.com
http://DidierStevensLabs.com

SANS ISC Senior Handler
Microsoft MVP 2011-2016 Consumer Security, Windows Insider MVP 2016-2019
MVP_Horizontal_BlueOnly.png

 

If you send me messages, per Bleeping Computer's Forum policy, I will not engage in a conversation, but try to answer your question in the relevant forum post. If you don't want this, don't send me messages.

 

Stevens' law: "As an online security discussion grows longer, the probability of a reference to BadUSB approaches 1.0"





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users