Announcement

Collapse
No announcement yet.

I've seen it recommended not to run

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • David Clarke
    replied
    We use Microsoft security essentials and add some exceptions and have this on all the time on our computers. You don't just get viruses from the Internet, I remember at a show a customer approached me with a USB pen asking if I could look at his footage and see why he could not use the alpha channel on it. The pen had a a virus which my anti-virus software caught thankfully otherwise it would have infected all the machines at the show (none of which were on the internet).

    I personally think you should have one running which you have been told by others does not cause problems. If you get problems think about turning it off. If not running an anti-virus you must run a tight ship as Steve describes, and scan ANY media on a different machine before you plug it into the editing machine.

    Leave a comment:


  • GrassValley_SL
    replied
    System updates are network deployed.
    That is something taken serious.

    Leave a comment:


  • THoff
    replied
    In most cases systems aren't specifically targeted, a lot of malware propagates by probing blocks of IP addresses on the local or nearby networks.

    Here is a graph that shows average survival times of unpatched systems. It illustrates the need to stay current with security updates, and also some of the mechanisms that are used by self-propagating malware. If your system was fully patched and up-to-date two months ago, it isn't today. New remote attack mechanisms are discovered all the time.

    http://isc.sans.edu/survivaltime.html

    Leave a comment:


  • GrassValley_SL
    replied
    Originally posted by dpalomaki View Post
    You've been fortunate.

    Risk depends in large part on what the user does on the PC.
    I agree . On the Editors Internet only gets activated for uploads/activation. (with firewall, Antivirus the whole works)

    Browsing is done from an island which is protected.
    All foreign files get scanned first.

    It is a matter of following the rules. Simple as that. :)

    Leave a comment:


  • dpalomaki
    replied
    13 years of doing this way and counting. :)
    You've been fortunate.

    Risk depends in large part on what the user does on the PC. Web surfing, downloading/viewing files, using sneaker-net to view files provided by others, opening e-mails and attachments or links, allowing scripts to run, all increase risk. Not having a problem in the past is no assurance of the future any more than not being t-boned on the street in the past is of the future.

    Another key factor is whether or not someone else believes you are a worthy target. Do you have intellectual property on your systems of significant value to them beyond your generic identity; e.g., account numbers, future product information, etc.?

    Leave a comment:


  • Ron Evans
    replied
    I am much like noafilm. We have 4 PC's on a network at home they are all WIN 7 64bit Home Premium. My wife's, finance, my email and browsing PC and my editing PC. The editing PC has nothing running on it but the others have virus and firewall running on them. The network goes via a router/firewall to the cable modem. Most of the time there is only 1 PC running. I check them all with Housecall at least once a week. Been that way for years. Had one issue with my wifes PC when it was running WIN 2K and Zone Alarm etc did not support anymore, I think one of her lady friends sent a joke to her !!! Got past Zone Alarm, Avast, Spybot but caught it with Housecall. That was when I upgraded all PC's to WIN7 and latest virus checking !!!

    I scan editing PC after every new upgrade then do a backup so that if there was a problem I would clean off and reload the image.

    Yes I accept and understand there is a risk.

    Ron

    Leave a comment:


  • Harro
    replied
    I think I will follow THoff's advice from now. Someone who works as a software engineer in the AV area would really be aware of the various pitfalls and can see potential problems before they become a real problem. Thanks for your advice THoff.

    Leave a comment:


  • noafilm
    replied
    Originally posted by chappyware View Post
    Do you just connect to the internet without A/V protection?
    Yeah sure, don't see any reason why to have an antivirus, firewall or whatever extra protection if you don't surf the internet on that machine. I also use tmpgenc and just plugin in the internet cable for a few seconds so that the validation is ok. For all other things like updates, drivers and so I just download on a dedicated internet pc, scan for virusses there and then transfer to my editing pc.

    In all these years I never had any virus on my editing machine in this way. I know this because once a year I run a Linux virus scan dvd, it loads from dvd, downloads all virus updates from 3 different scanners and then scans my pc, never found any virus.

    Leave a comment:


  • GrassValley_SL
    replied
    13 years of doing this way and counting. :)

    But it is always good to have a different perspective.
    Last edited by GrassValley_SL; 10-28-2011, 08:21 PM.

    Leave a comment:


  • THoff
    replied
    Slow down? Somewhat. Bog down? That's dependent on the software you use.

    I think we just have different perspectives. I don't shoot or edit video for a living, I'm a software engineer for the largest security software company in the world, working on AV software. The approach you are taking would never pass any sort of security certification. You think you are protecting your system, but you are not. Malware could infect your computer through NFS or administrative shares and install a rootkit that loads before Windows and your AV software, making it difficult or impossible to detect and remove.

    I'm sure you'll do what you feel is best for your situation, I just want you to be aware that there is a gaping hole in your security policy.

    Leave a comment:


  • GrassValley_SL
    replied
    It would bog down the storage paths.
    That's why they are separate networks.

    All client delivered files are first scanned on a machine which is not connect to the network.

    Leave a comment:


  • THoff
    replied
    Originally posted by GrassValley_SL View Post
    On every system we have 2 nics with 2 networks not bridged one for internet and one for storage network.
    With your advise if the storage nic active we would have to turn on Antivirus. :)
    Yup, and that is what I would advise.

    If any system connected to the storage network gets infected, malware can and will spread.

    Leave a comment:


  • GrassValley_SL
    replied
    Originally posted by THoff View Post
    I would like to make one small correction to this advice: have your AV solution enabled anytime your network adapter is enabled / a network cable is plugged in.
    On every system we have 2 nics with 2 networks not bridged one for internet and one for storage network.
    With your advise if the storage nic active we would have to turn on Antivirus. :)

    Rule here is AV on before internet nic is made active. It has worked great so far.

    Leave a comment:


  • SoundFreak_HD
    replied
    Zonealarm free Internet lock, it's a right click feature to fully lock down / disable all network adaptors, secure, stable, free :)

    Leave a comment:


  • THoff
    replied
    I would like to make one small correction to this advice: have your AV solution enabled anytime your network adapter is enabled / a network cable is plugged in.

    To some people "going on the Internet" means starting a web browser or e-mail client. However, with today's always-on broadband connections, any active network connection can become a pathway for malware to invade your system unless something stands in its way.

    Some AV solutions can automatically disable all network adapter while the AV solution is turned off. That would help insure that you can not go online without the protections (AV, firewall, AS etc.) they provide.

    Leave a comment:

Working...
X