Chapter 10: Antivirus Protection | Secure Messaging with Microsoft Exchange Server 2000

Overview

Be careful about reading health books. You may die of a misprint.

—– Mark Twain

Computer viruses have been with us for a long time. However, over the last few years, virus creators have become more sophisticated, and so have their viruses. In particular, virus writers have gotten devilishly good at exploiting the features of messaging systems to spread their wares much faster than old-school, file-based viruses. Fortunately for us, the available antivirus tools have kept pace, and third- party vendors have taken advantage of the interfaces Microsoft supports for antivirus tools on the desktop and the Exchange server. (Interestingly, the most effective way to scan for file- and memory-based viruses remains the use of a DOS-based scanner; these tend to catch about 99 percent of viruses, whereas some more complicated Windows-based scanners only catch around 80 percent!)

Of course, these solutions are only effective when they’re deployed properly and in a timely manner. In this chapter, I begin by explaining some foundational principles of virus protection, then go on to discuss the methods you can use to protect your networks and servers, and the questions you should ask when choosing an antivirus product.

Note

Because this book is about messaging security, I haven’t spent any time talking about scanning file servers for viruses. It’s important that you protect these servers, though, because if they’re infected, the infected files they serve could end up as attachments in your Exchange store or on your clients. Adding file-server scanning protects you against CodeRed and Nimda-style attacks that attempt to compromise all files on visible shares, and it adds a needed layer to your defense in depth.