× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. January 2007

RE: How Secure is Windows, Really?

From: rob@xxxxxxxxx

Joe,

We tried the technique of scanning our IFS from a PC years ago.  It would
take days.  (Maybe it is one of the NetServer poor performers issues.)
Now, if it takes days to scan your IFS using this method, and you start
the scan on a Monday, get a virus into a completed directory an hour after
it starts, and it doesn't get trapped for a week you can be toast.


And there ya go... a perfectly valid reason for an iSeries based scanner.
Of course, this depends entirely on the amount of storage you open up to
network traffic.  If you were to use a virus scanner to scan your entire
IFS, I'd say that was overkill; certainly if you needed to do it more than
once it would indicate a serious problem in your procedures.

Second, this issue still exists for networks in general, and it's a good
point.  The larger your network is, the more storage you have, the more
difficult it is to keep it immune.  Thus you need even more security and
better procedures to quarantine data.



There are at least two levels to virus scanning software:
1 - To scan all existing files for virus.  This does a couple of things.
: Catches up on items that were installed prior to the AV package.
: Catches items that might have snuck through on an older pattern file.
: Catches items that got through when the AV package was disabled (Hey,
let's install this package while our system is in restricted state.)
2 - To catch items "as they occur".  Running your AV package on a PC and
having it scan your system is NOT going to do this.  IBM has created an
exit point that basically says perform an action on any IFS entry as soon
as it is created or changed.  Primarily for use by i5/os AV package
developers.  Also used by FTP exit point developers who want to post a
file into production upon arrival.


See?  This could be a very GOOD reason for an iSeries-based product.  If you
were to in effect create a DMZ in your IFS and say that no files could get
into your production environment without first passing through the DMZ, then
you could count on your IFS scanner to do its job.

Of course, you could also put your DMZ on a PC and just put procedures in
place to make certain that files don't get out of quarantine without being
scanned.

Because if you DON'T have such procedures in place, then all the iSeries
scanning in the world isn't going to do anything except waste iSeries
cycles, which as is often bemoaned in this list are the most expensive
cycles in the shop.

Joe

As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.