RSG Model Works

Treend Micro OfficeScan. From the eval download. Looks reasonable for a small system-count closed environment i.e. a physical security infrastructure.

Doesn’t like to be run on an underpowered Windows XP system as the server. Can’t fault it for that, except it neither stopped me or winged at me when I tried.

Worse, it fails to detect certain kinds of malware we have samples of. Specifically, it can’t see “Trojan.Downloader.Bredolab.AZ”, which is what BitDefender’s onlnie web scan calls it. This is in a tgz of a mailbox that happens to be on the disk. Kaspersky also saw it. Two a/v packages saw it counts as a “fail” for trend micro, in my view.

So we’ll pass on this one for a recommendation, for now.

This was a live drive-by product review, of course. If/when we do a more organized search this solution may be a fit.jan

Speaking of server compromise, someone shot a server.

note article doesn’t say “…and had to bypass a locked door, and was seen on security cameras, and…”.   One wonders how the insurance claim will read.

I believe one gets to count this as “insider threat”.

I stopped in to Harbor Freight Tools today.  Cheap tools, camping gear you wouldn’t mind trashing if you went to the playa in August, and good solid mid/low quality Chinese-manufactured motorized tools are always available there.  And some oddball things.  Like fake security cameras.

I felt slightly guilty tossing a fake camera in my shopping cart but, hey, it’s 7 bucks.  I can use it as a prop at ASIS in Dallas or something.

I go to check out and there’s a fellow in line in front of me wearing a Bay Alarm uniform.  I *think* he was just buying batteries, but I still think it’s good to know that high-end security installers in my area show at places that sell fake security cameras.  I was wearing a Black Hat shirt, too.  Nothing at all sketchy about me buying fake security cameras…

When staging network equipment we prefer to use a pre-planned test environment. Just hanging your new laptop on the public internet so the malware inside your Costco laptop can phone home is… well, a debatable tactic. We model networks so you can try out gear before you really make yourself a user (or victim.)