Ask the Expert

Applying gateway products to stop malware

I am using Symantec Norton antivirus solution with the latest update. I don't have any protection on my gateways. We were recently attacked with the Nimda virus. I cleaned it, applied the Microsoft patch, but again and again we are getting that virus, even though I have configured it for quarantine. Why should that virus come again and again? Is there any permanent solution other than applying gateway products?

    Requires Free Membership to View

Malicious code, which is designed to probe for weaknesses and spread by constantly attempting to infect systems, will not go away or stop its activity once you have protected or patched your system.

The only way to stop the probes is by using something to filter them out, at the firewall or gateway level, as you suspected. Otherwise, they will continue to seek out weaknesses in your system and nothing you do at the desktop level will have any impact on them.

For example, I got tired of Sircam and Yaha-infected mail coming to me. I used a spam filter on the mail server to block incoming mail containing subject lines which correspond to these messages. Voila, no more infected e-mails of that type. The same idea can be applied to your case.


For more information on this topic, visit these other SearchSecurity.com resources:
  • Executive Security Briefing: Virus management: Never a dull moment
  • News & Analysis: To block, or not to block at the gateway
  • Virus Prevention Tip: Adding to antivirus software


    This was first published in February 2003

  • There are Comments. Add yours.

     
    TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

    REGISTER or login:

    Forgot Password?
    By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
    Sort by: OldestNewest

    Forgot Password?

    No problem! Submit your e-mail address below. We'll send you an email containing your password.

    Your password has been sent to: