There are some things that security specialists take for granted that not everyone thinks about.
This came to the fore for me today when I found out that a list server that runs mailing lists for several organizations that shares proprietary information with one another had been infected with a piece of malware for which almost all anti-malware applications had signatures for at least the last four years.
This also brought to mind that I need to remind you all that you need to be running anti-malware on your servers that accept inbound connections and allow any kind of "write" activity to that server's file system. This is especially true if the server is an Internet facing device, but also applies to internal servers that never accept any kind of connections from external hosts.
While Windows Server 2008 has gone a long way to providing a high secure default configuration, most companies are using previous versions of Windows, including Windows 2000 Server and Windows Server 2003, where the default configurations were not as robust as the default Windows Server 2008 configuration. So, if you're running those operating systems, you need to be extra careful to make sure that you've locked down the operating system and have anti-malware installed on those machines.
By the way, if you're looking for a great anti-malware solution for these servers, you can't do much better than Microsoft Forefront Client Security (FCS). FCS can protect both your clients and servers, and it also provides you an excellent way to viewing the security configuration for all the hosts on your network. For more information on FCS, check out:
Thomas W Shinder, M.D.
GET THE NEW BOOK! Go to http://tinyurl.com/2gpoo8
Email: [email protected]
MVP - Microsoft Firewalls (ISA)