[Mimedefang] More patent stupidity
Gary Funck
gary at intrepid.com
Sun May 15 01:29:18 EDT 2005
Checkpoint's firewall, and Trusted Information Systems' Gauntlet
likely did the job:
http://groups-beta.google.com/group/muc.lists.firewalls/browse_thread/thread/398284916e5f4019/fe79931c4d44d1e3?q=gauntlet+virus+scan
+1997&rnum=1#fe79931c4d44d1e3
short url: http://tinyurl.com/exaoo
That's a July 28, 1997 posting, so may not be quite early enough, but gives the
drift on what people were thinking.
A 1996 posting about TIS being acquired by McAfee and folded into Network Associates,
http://groups-beta.google.com/group/list.cypherpunks/browse_thread/thread/ab2df364e580c485/c4676e032bbf2ea5?q=gauntlet+virus+scan+19
96&rnum=11#c4676e032bbf2ea5
short url: http://tinyurl.com/8ay5g
quoting:
"With the completion of this transaction, Network Associates will be the largest
security software company in the industry. Network Associates, which was
formed late last year by the merger of McAfee Associates and Network General,
is now positioned to offer a complete suite of security technology. Their product
line includes enterprise encryption, authentication, intrusion detection, anti-virus
and firewall protection. Network Associates plans to combine all of these
technologies and market them as a suite of security programs, similar to the way
Microsoft Corp., has bundled collections of personnel computer software."
-------
This 1996 posting of the "virus FAQ" is interesting and shows this
to be about the turning point in thinking that virus scanning at
the inbound firewall might/might not be a good idea:
http://groups-beta.google.com/group/alt.comp.virus/browse_thread/thread/e7efc26077b126be/95603592d2f04a49?q=firewall+virus+scan+1995
&rnum=4&hl=en#95603592d2f04a49
short url: http://tinyurl.com/77flm
Quoting:
What about firewalls?
---------------------
What indeed? There is scope for more discussion here, but firewalls
don't generally screen computer viruses, and, arguably, never will
very effectively. Reassembling a packet stream to scan for
search strings on the fly introduces unacceptable overheads.
See comp.security, or, if you don't mind your mail by the ton, the
firewalls mailing-lists.
MIMESweeper, by Integralis, has been described as 'a sort
of firewall for viruses', which it isn't, by most useful definitions
of the term firewall. It's a Windows package which, I think, shunts
incoming material for inspection offline, which may be a viable
approach. In general, make sure your mail attachments, WWW downloads
etc. can't be automatically executed and use a good scanner.
Books:
Firewalls and Internet Security (Cheswick, Bellovin) - Addison-Wesley
Building Internet Firewalls (Chapman, Zwicky) - O'Reilly
More information about the MIMEDefang
mailing list