Forefront for Sharepoint Eval

We’ve decided that McAfee Portalshield for Sharepoint isn’t cutting the mustard so its time to look for other products. The Sharepoint guys are working on upgrading to Sharepoint 2007. From what I’ve heard McAfee doesn’t support Sharepoint 2007 yet. McAfee Portalshield has had a couple annoying habits anyway. Once we installed it, we had to …

Continue reading ‘Forefront for Sharepoint Eval’ »

Mal/Dropper-L

We had a couple viruses get past MessageLabs last night. That is not something I normally see. Both files were named lgame.zip and contained a single file lgame.exe. The subject of the message was “Hot Pictures.” Sunbelt Software’s analysis of this file is really good. You can view that online here. The email messages were …

Continue reading ‘Mal/Dropper-L’ »

FT reports Message Labs is for sale

After hearing about Postini’s sale to Google, I wrote earlier this week wondering if Message Labs were also on the market. A Friday article in the Financial Times reports that Message Labs has been positioning itself to be bought. As Brightmail, Frontbrdge and now Postini were purchased, it is hard for me to see if …

Continue reading ‘FT reports Message Labs is for sale’ »

Symantec Endpoint Security 11

Yesterday, I attended a webinar on Symantec Endpoint Security 11. It should be available for ondemand replay at some point on at symantec.com. A lot of people including myself have been very negative about the Symantec product, virus detection rates, and product support. I’m actually starting to believe that Symantec is turning things around. Yes, …

Continue reading ‘Symantec Endpoint Security 11’ »

AV-Test Bakeoff

PC Mag has an article with the results of the latest av-test.org Antivirus bakeoff. I’m kind of surprised Symantec did so well. It seems like just a few years ago they were days behind other vendors in releasing updates. They even beat McAfee who only had a 87.28% detection rate.

Delf.aki

The HTTP gateway detected the Delf.aki virus in a file profilewatcher_setup.exe which one of my users tried to download. Just for kicks I uploaded it to the virustotal site and here’s the result. File size: 985897 bytes MD5: 837c3036adf45c11a45c8a2f356c060e SHA1: ef7311d94a80962d886befefb6bc08f03941f3e4 packers: BINARYRES Antivirus Version Update Result AhnLab-V3 2007.5.21.1 05.22.2007 no virus found AntiVir 7.4.0.27 …

Continue reading ‘Delf.aki’ »

McAfee Joins Data Leakage Market

McAfee called me earlier this week about their Data Loss Prevention Host software. In addition to host-based software, they have an appliance check for leakage at the network boundary. Enterprises that have implemented full disk encryption now realize that their data is at risk from more than just a stolen laptop. Social Security Numbers, Credit …

Continue reading ‘McAfee Joins Data Leakage Market’ »

What is your selection criteria for corporate antivirus?

I was really impressed by the the RFP George Washington University put together for their Encryption project. It was made available at the SANS Desktop and Storage Encryption Summit that I attended a few months back. I decided to sit down and try to hammer out a list of requirements for some upcoming projects. I’ …

Continue reading ‘What is your selection criteria for corporate antivirus?’ »