| Author |
Topic |
|
uberman
Posting Yak Master
159 Posts |
 Posted - 2005-11-07 : 04:41:45
|
| Can I have some thoughts / opinions on running MS anti spy ware and a virus checker on a sql server.Is this a good idea or a bad idea... I can think of good reasons (stopping nastys) and bad things (extra over head, all the checking of .mdf .ldf files etc, plus why are you surfing the net from a server in the first place?).Anyone out there got strong opinions either way...(And as a PS., what about running the same on an IIS6 web box?) |
|
|
jen
Master Smack Fu Yak Hacker
4110 Posts |
Posted - 2005-11-07 : 04:50:30
|
iis should be disabled or separate from the sql server boxno internet surfing to keep those worms from getting into the servershould you need web apps running, use an application serverbut anti-virus is still needed atleast running on a schedule instead of real-timejust my humble opinions  --------------------keeping it simple... |
 |
|
|
spirit1
Cybernetic Yak Master
11752 Posts |
Posted - 2005-11-07 : 05:34:41
|
i'll second that  Go with the flow & have fun! Else fight the flow |
|
|
|
uberman
Posting Yak Master
159 Posts |
Posted - 2005-11-07 : 05:45:33
|
| Thanks for the replies so far...FYI, the IIS and SQL boxes are separate, just wondering about ms anti spy ware and virus checking on both. |
|
|
|
Rovastar
Starting Member
38 Posts |
Posted - 2005-11-07 : 06:51:39
|
| Generaly agree with the points thus far.I am not convinced that there is a lot of additional overhead in running a decent virus checker in realtime.Personaly i would like to know asap if someone was on one of my web boxes. A daily scan can be a long time in teh Internet world.Try it and see if it a problem for you.Seperate boxes good. Hardware firewall would be good too.Lockdown the boxes. I change stuff like disable the default administrator accounts and create a new accounts with full access for you, etc. |
|
|
|
spirit1
Cybernetic Yak Master
11752 Posts |
Posted - 2005-11-07 : 07:14:33
|
| well we have nod32 installed on both sql and web server. overhead cost = 0%.it's amazing... it works as spyware as well as antivirus... sorry if this feels like an add but compared to previous antiviruses we had it's simply amazing.Go with the flow & have fun! Else fight the flow |
|
|
|
derrickleggett
Pointy Haired Yak DBA
4184 Posts |
Posted - 2005-11-07 : 21:31:29
|
| We have antivirus on all SQL Servers. We exclude the SQL Server database directories and specifically any .mdf, .ldf, or .bak files from the scanning. I wouldn't recommend anti-spyware personally, although it sounds like spirit has had good luck. We have not issues, and have been running this configuration for a long time. We disable web browsing from our production SQL Servers. You should also.MeanOldDBAderrickleggett@hotmail.comWhen life gives you a lemon, fire the DBA. |
|
|
|
Kristen
Test
22859 Posts |
Posted - 2005-11-08 : 01:20:13
|
| "no internet surfing to keep those worms from getting into the server"All our SQL boxes are "on the internet" so to get a file onto them my only choices are FTP or HTTP, we [TS into the box and] use HTTP because we have to acquire patches etc. that way anyway, and FTP means the "IIS bag of tricks" short of using some 3rd party FTP.We have to "allow" each domain that we access in IE, so its pretty few, but even so perhaps we should have AntiSpyWare stuff on the SQL boxes.And there have been some big SQL Server Virus scares - but keeping things patched up to date seems to be as good a policy.Spirit: Never heard of "nod32", I'll take a look, thanks.Kristen |
|
|
|
eyechart
Master Smack Fu Yak Hacker
3575 Posts |
Posted - 2005-11-08 : 01:33:07
|
| we also run antivirus on all servers. For our SQL boxes we exclude the datafiles, quorum drive, .bak, .dif, .trn backup files and a few others. Seems to work fine.these machines only go to windows update, so not anti-spyware is installed. I don't recommend surfing the internet from your server anyway, so that shouldn't be a problem anyway.-ec |
|
|
|
spirit1
Cybernetic Yak Master
11752 Posts |
Posted - 2005-11-08 : 04:15:10
|
| well it's eset's product and they have a promotion of it in germany go to:https://www.esetsoftware.de/ctaktion2005/form.jsp country = Germanytown: 52066 Aachen first on the list... you can choose other...password: ctaktion that's it... you get a mail with username, password and a link from where you can download the fully licenced version for a year.hope it's still on.EDIT:It will be from 14.11.2005 12:00 againGo with the flow & have fun! Else fight the flow |
|
|
|
sachinsamuel
Constraint Violating Yak Guru
383 Posts |
Posted - 2005-11-08 : 04:46:14
|
| We have antivirus on our database server and I will strongly support it. But as derrickleggett will agree that the .mdf, .ndf, .ldf and backuup files should be excluded from the scan list. This help to avoid any conflict between the antivirus and sql server.I will recommend to go through the below link.http://www.sqlservercentral.com/columnists/bkelley/sqlserversecuritydealingwithantivirusprograms.aspRegardsSachinDon't sit back because of failure. It will come back to check if you still available. -- Binu |
|
|
|
SamC
White Water Yakist
3467 Posts |
Posted - 2005-11-08 : 07:55:36
|
| I evaluated a couple of high-end "server" anti-virus packages a year ago. These products listed for something like $2,000 (US) per server. The drift on the difference was that "server" anti-virus would scan in real time on the first read, and save the file checksum. Subsequent reads of a file would not scan the file but would compare the file checksum to the saved checksum.BTW - crippling browser surfing on a server is fine, but another overlooked source of a virus is a disgruntled or mischevous employee / contractor / insider. Having some kind of real-time detection can be a good thing even if your server is properly configured.Sam |
|
|
|
|
Anti-Spyware/Anti-Virus on server.. Good / Bad ?