[FX.php List] [OFF] Antivirus software on a Windows web server?

Leo R. Lundgren leo at finalresort.org
Wed Jun 1 01:43:36 MDT 2016


If the machine (in question) just runs a web service, and the application it serves (if it's even an application, might just be a static for all we know) is well written to there's good confidence it's not full of vulnerabilities, then perhaps it might not make as much sense to install a piece of insecure AV software running with the highest privileges possible on the system.

Taviso has shown that most common AV software have very serious vulnerabilities. So for that reason one should consider if running that software is needed, when there's things like EMET and other measures you can apply.

I'm not saying you never should, I'm just saying that it depends on what you are protecting from and what you need to protect. For example, a targeted attack might very well try to make use of the recent research on AV software security.

Regards, Leo

1 jun 2016 kl. 07:11 skrev Malcolm Fitzgerald <malcolm at notyourhomework.net>:

> Why would you not? You'll lose a few clock cycles to forensic processes. In return you obtain a higher level of security and decrease the risk of malfeasance.
> 
> The flip side is that you ignore the risk. When an unwanted event occurs you'll have to show that real benefits were obtained during the period before the machine was compromised. That shouldn't be hard, they'll be obvious to everyone and would have been used to rationalise the decision to go without antivirus software in the first place. The appropriate questions at that point will be, was enough benefit obtained to justify the repair costs and the downtime incurred, and will you continue to support the policy of running the server in the same fashion?
> 
> good luck,
> 
> malcolm
> 
> 
> 
> On 1/06/2016 2:49 AM, Joel Shapiro wrote:
>> Hi all
>> 
>> I’ve got a client that’s just created a brand new Windows Server 2012 VM to act exclusively as a ‘vanilla' web server (no FileMaker components installed).
>> 
>> They’ve asked me if they should install antivirus software on it.  Googling returns a mixed response.  What do y’all think?
>> 
>> Thanks very much,
>> -Joel
>> 
>> 
>> _______________________________________________
>> FX.php_List mailing list
>> FX.php_List at mail.iviking.org
>> http://www.iviking.org/mailman/listinfo/fx.php_list
> 
> 
> _______________________________________________
> FX.php_List mailing list
> FX.php_List at mail.iviking.org
> http://www.iviking.org/mailman/listinfo/fx.php_list



More information about the FX.php_List mailing list