[SEL] <snip>Now Antivirus and O.T.

[bill at antique-engines.com]

I'm the network antivirus and security administrator at work (a state agency)
I use Symantec Endpoint Protection at work, and one a couple of my home
computers.
I use their 360 protection on a home computer.
They've come a @#$ of a long ways in reducing overhead. Nothing at all
like it was a couple of years ago. The charts showing performance hits
blow Trend, McAfee and the others out of the water - they now have the
lowest performance hit of any of the major vendors.
They have completely redesigned the scanning engine. On SEP, you get the
deltas of the updates. The issue is that viruses and threats run into the
hundreds of thousands now - not like it was a few years ago. There are
literally over a thousand new variants/strains and threats found every day
now, some morph in hours, some with each new infection so the vendors are
having issues keeping up.
A co-worker here uses AVG at home but has admitted that he's found he
still needs to resort to other things when he's doing high-risk work
because, well, it's not kept up like the major players have. (most folks
will never be exposed to the sort of risks we are - although those who
like to visit certain sorts of sites will be much higher risk than any of
us!)
He's is very familiar with multiple protections and for heavy work, he
still prefers SEP and says it's less overhead than his home AVG.
I've not compared, but know that they have put a lot of work into reducing
their overhead and it shows here at work. Folks hardly notice the regular
scans now. And there are good reasons to do a FULL scan of all files each
week. Trust me on that, been doing this very thing since about 1989 - 20
years now. "The rules have changed" as they say, in the world of viruses
and other risks. Try dealing with rootkits, rogue browser helpers/phony av
apps, etc. You don't even want to consider your papa's antivirus in
today's world. Even with the very best of protection, what should be safe
web sites can and will infect your computer.
You need a GOOD FIREWALL, too - forget that Windows firewall shit, biggest
bunch of crap ever. Worthless. Even I can crack through it! For the full
protection, browsing protection, firewall, intrusion prevention, etc. - I
use the Symnantec product. At work, I can even decide what will run and
not run on your computer. Whitelist. If I don't want it to run, you can't
run it. If I don't want it in, it won't get in, and I can block your USB
devices by brand, model, etc. as well. I've rigged it so autorun.inf file
won't function, and you can't run DLL or EXE files from certain areas.
I've even built custom IPS signatures that look into packets and block
certain content.

Love those products!
I protect 28 servers and 350 workstations and notebooks.
At Principal, I did the same for 1,200 servers and 16,000 computers around
the globe. I used SAV CE there.

Bill
ITS4
Network Security Administrator
State of Iowa, Iowa Vocational Rehabilitation Services (IVRS)

> Hey Jerry give the Wizard of OZ (Peter Lowe) a shout, he teachs comptuer
> science classes and uses AVG, maybe he can help you off list.
> Curt Andree
> -------------- Original message from Jerry Evans <jerrye at databak.co.za>:
> --------------
>
>
>> At 08:57 PM 07/10/2009, you wrote:
>> >Errr... given that Windows 1 came out in 1985
>> >
>>
>> Hi Guys 'n Gals,
>> Prepare for one of those "long posts" that I'm known for. (There
>> is always the "Delete" key - bottom right on your keyboard.)
>>
>> Seeing as that the topic is steering toward antivirus software
>> maybe some of you could give me a few pointers.
>>
>> The computer that I use to connect to the net with is a 4 year old
>> Acer laptop and only has a "Celeron" processor (1733 Mhz with only 512
>> Mbytes memory - running Win XP Service Pack 3 with all the updates.)
>> Yes, I do know that it is a "shitty" little computer but for now
>> it has to do.
>>
>> I've always been very aware and "up to date" on viruses (virii ?)
>> and used "Norton Antivirus" for many years but, a few years ago when I
>> was
>> still on dialup, the Norton updates became just too big (more than 10
>> Mbytes) for a dialup connection and I installed "AVG Free". (I do not
>> use
>> Microsoft's Firewall or Antivirus.)
>>
>> AVG worked very well for me but then they brought out ver.7 (I
>> think) and now with updates I'm on ver. 8.5.420.
>> This damn programme has now spoilt all my "computer fun". It is a
>> total "memory hog".
>> When I start up each morning the darn computer is useless for
>> about 10 minutes while AVG "does it's stuff". (In "Task Manager",
>> "performance" is "red lined" all this time and under "Processes" I can
>> see
>> that it is AVG (and their "add on" - TeaTimer) that is hogging all my
>> resources) This "hogging of resources" is so bad that, if I open
>> "Notepad"
>> (for example) and type a letter it takes about 5 seconds for the
>> "letter"
>> to show on the screen.
>> The next problem is that the "f%#*g" programme decides to run it's
>> daily scan and updates at 5:00pm every day - I change this often but the
>> next automatic update always "resets" it to 5:00 "f%#*g" pm. AVG seems
>> to
>> think that all it's users are imbecilic idiots and, no matter what they
>> want everything is reset to what AVG's "f%#*g"
>> programmers deem best.
>> On this computer that "scan" takes about 2 hours and in that time
>> (usually about time to check if the new "SEL" digest has arrived :-)).
>> the
>> computer is totally useless - AVG is hogging everything. (I do know that
>> I
>> can set "Scan Options" in case you are wondering).
>> Other problems that I experience (on this computer) are:
>> i) When saving a file using the "save as" command the windows
>> "save as - pop up" box takes ages to reach the stage where I can click
>> on a
>> folder or directory - I suspect/assume that this is while "f%#*g" AVG
>> makes
>> sure that I'm not opening a folder that has a virus in it - it seems to
>> scan the whole disk first instead of letting me choose a folder and then
>> only scanning that folder. After all, AVG has (previously) scanned
>> everything on my computer, why should it now waste all this (my) time
>> just
>> to ensure that there is not a virus anywhere.
>> ii) I used to have a problem with it's "f%#*g" email checking as
>> well but managed to disable that some time back. My ISP (as I'm sure
>> many
>> others have) has a pretty good prog to sort out all the "nasty" email.
>>
>> O.K. those are my gripes - now for some answers from you guys.
>> Please note that I'm looking for "constructive" answers from
>> knowledgeable
>> people. If you want to post an answer then please give reasons for your
>> recommendation based on my post above. I'd really like to hear your
>> reasons
>> as to why I should change to "such and such" an Antivirus programme.
>> It has been recommended that I change to "Panda" or "Avast" but
>> nobody has given reasons.
>> Paul mentioned Microsoft and gave good reasons but I'm
>> "Anti-Microsoft" (Hi Rob & Kelley - no I cannot change to Mac at this
>> time
>> :-)) - should I lower my expectations and go for Microsoft and why ?
>>
>> All I want is a programme that does not consider me to be an
>> idiot. I want to be able to tell this programme what I (THE USER) would
>> like it to do - not what the "f%#*g" programmer thinks I need and, if I
>> tell it to do "so and so" I do not want it to "reset" to what the
>> "f%#*g"
>> programmer feels is best for me on every update.
>> I also do not want it to hog all my resources while it is doing
>> it's job.
>>
>> I'm keeping an open mind here and asking for advice from guys who
>> know what "it's all about".
>>
>> FWIW - I have not had a virus on any of my computers for many
>> years - I put that down to "common sense" more than my choice of
>> "Antivirus
>> Software".
>>
>> I've also been "connected" since the days of "Bulletin Boards" -
>> about 1991 - not as long as Paul but certainly not a "newbie" to the
>> Internet.
>>
>> Hey Paul, I used to use "PC Tools" long before "Norton Commander"
>> and Symantec arrived on the scene. My first "computer" was a "Sinclair"
>> - I
>> think it had the magnificent total of 1 Kbyte of memory before they
>> brought
>> out the next version which had (again, I think) the magnificent total of
>> 64
>> Kbytes of memory. That was a long time ago - now my engines are far more
>> important to me :-)
>> The first virus I got was "Stoned" I'm sure you remember it! At
>> the time I was seriously stressed about it but, by todays standards it
>> was
>> harmless. There were no "Antivirus Programmes" in those days. I often
>> wonder if the "Antivirus" vendors are not the guys who write the viruses
>> in
>> the first place.
>> All for now, thanks to all who have read this far before hitting
>> the "delete" key.
>>
>> Keep the revs up (or down)
>> Jerry Evans
>> Near Johannesburg in Sunny South Africa.
>> Etched Brass Engine Plates made to order:
>>
>>
>>
>>
>>
>> _______________________________________________
>> SEL mailing list
>> SEL at lists.stationary-engine.com
>> http://www.stationary-engine.com/mailman/listinfo/sel
> _______________________________________________
> SEL mailing list
> SEL at lists.stationary-engine.com
> http://www.stationary-engine.com/mailman/listinfo/sel
>