Sophos AntiVirus

  • Thread starter Thread starter sds
  • Start date Start date
In
Detlev Rackow said:
Not every company wants to do this - installing EM in such a way as to
update a publicly available Webserver requires access from EM into
the demilitarized zone, and for licensing reasons, the folder on the
website should be passwordprotected as well. These things can be
solved, but these days, admins are chronically hardworking guys as
IT-budgets are under pressure.
Click to expand...

You can put EM inside your firewall, allowing incoming HTTP #80, and
outgoing NetBIOS (TCP/UDP #137,138,139), so you can put an extra CID on your
webserver in the DMZ. IIS is the simplest, you can web publish or simply
add virtual directories with specific access credentials.

Steve :)
 
Twinkletoes said:
You can put EM inside your firewall, allowing incoming HTTP #80, and
outgoing NetBIOS (TCP/UDP #137,138,139), so you can put an extra CID on your
webserver in the DMZ. IIS is the simplest, you can web publish or simply
add virtual directories with specific access credentials.
Click to expand...
Steve, I think we misunderstand each other:

I am not seeking a solution for this.

Besides, the installation of IIS is nothing to recommend lightly, as
IIS up to Version 5 had serious securityproblems, therefore your
solution is not a recommendable one. Securing IIS up to release 5 is a
task which requires a lot of experience, and allowing SMB-access
between an IIS-server in the DMZ and the corporate Intranet is not a
good solution unless you know very exactly what you 're doing. You
should reconsider giving such advice lightly without a thorough
explanation of the security considerations.

Bye,

Detlev
 
In
Detlev Rackow said:
Steve, I think we misunderstand each other:

I am not seeking a solution for this.

Besides, the installation of IIS is nothing to recommend lightly, as
IIS up to Version 5 had serious securityproblems, therefore your
solution is not a recommendable one. Securing IIS up to release 5
is a task which requires a lot of experience, and allowing
SMB-access between an IIS-server in the DMZ and the corporate
Intranet is not a good solution unless you know very exactly what
you 're doing. You should reconsider giving such advice lightly
without a thorough explanation of the security considerations.
Click to expand...

I never recommend installing IIS, I used it as an example of how to
'publish' the required files. I agree, misunderstandings... hopefully
someone reading this thread might have gained some knowledge along the way!

Cheers,
Steve :)
 
Detlev Rackow said:
Steve, I think we misunderstand each other:

I am not seeking a solution for this.

Besides, the installation of IIS is nothing to recommend lightly, as
IIS up to Version 5 had serious securityproblems, therefore your
solution is not a recommendable one. Securing IIS up to release 5 is a
task which requires a lot of experience, and allowing SMB-access
between an IIS-server in the DMZ and the corporate Intranet is not a
good solution unless you know very exactly what you 're doing. You
should reconsider giving such advice lightly without a thorough
explanation of the security considerations.

Bye,

Detlev
Click to expand...

Dear Detlev, are you willing to share your sweep update to a University
institution's computer user? I have a script, but it relies on
existence of GNU utilities ...

Thank you in advance.

Sadimir
 
Sadimir Trpitrachevich said:
Dear Detlev, are you willing to share your sweep update to a University
institution's computer user? I have a script, but it relies on
existence of GNU utilities ...
Click to expand...
Sadimir,

sorry but I didn't read this group for a couple of days. The tool is
free for personal use, therefore you can use it on your personal
machine without any fee. Installation on the university's machines
would require a license - however, EM together with it's variety of
clients is probably the better solution for this scenario unless you
have networks without access to a private webserver or are unwilling
to maintain EM.

Bye,

Detlev
 
Back
Top