[There's a reason that Yoda is the unofficial mascot of SBS. Size indeed matters not.] Spyware for the Server? - THE OFFICIAL BLOG OF THE SBS "DIVA"
Friday, August 05, 2005 5:52 PM bradley

Spyware for the Server?

From the mailbag tonight comes the question...”What spyware protection and registry maintenance do you recommend for the SBS 2003 server?”

...uh..dude?  You surfing at that server so it needs spyware protection?  Don't.  Let's nip that right in the bud dude and stop doing that.  That is the absolute worst thing you can be doing is surfing at that server, logged in as domain administrator on your domain controller.  I don't put spyware protection on the server because I don't surf at the server... it's not getting in at the server...spyware comes from CLICKING end users on workstations.

In fact that's why there's that annoying Enhanced IE thingy on the server that you shouldn't remove.  That's the Michael Howard annoyance factor to make you want to go back to your own workstation.  Pretty darn effective isn't it?  But the point is when the threat modeling was done for the server they knew the worst thing would be to have an admin surf at a server.  Don't.  Don't need antispyware.  It's that simple.

Registry maintenance?  The last time I installed software directly ON the server... was... I don't know what it was.. it was so long ago...the only thing I install these days is security patches.  Only server applications that I've installed went on there ages ago as it was built and pretty much everything else is installed from a workstation pointing to the server so it's not going into a 'registry' per se.

Most will also say..don't defrag.  As long as you keep about 20% ish of your drives free NTFS will be just fine.

Bottom line... your server is ...just that .... your server....and really does the best when it's just left to be ....your server and doesn't need all the tweakage you may be doing on workstations.

Filed under: ,

# re: Regstry Maintenance

Friday, August 05, 2005 8:10 PM by bradley

E-Bitz -

Good advice, as usual.

[and here comes the "BUT"]

Apps like the monthly updates to the PPC library require direct installation on the server.

And, we recently moved to a new time & billing app which required the installation directly on the server of SQLite and parts of the app itself

Thus the question regarding "maintenance" of the registry. Not a chance this side of the snow fields in Hell would I ever contemplate anything from the Yellow Box on the server.

Just wondering if there is a need and, if so, possibly another solution

Thanks

Terry Seiberlich, CPA CITP

# re: Spyware for the Server?

Sunday, August 07, 2005 11:13 AM by bradley

Susan,

I agree that surfing from the server is a bad practice and that you are right to raise awareness of this.

I would just add one comment:

Security is a process and raising awareness of that process is important. Not having detection software, of spyware, viruses, etc. on a server that is interconnected to the internet in any manner is not really safe. The first thing that many rootkits and other hacking utilities do is look for unprotected machines on the same network. So if a piece of spyware or virus is able to penetrate at the workstation where surfing occurs *even for a moment*, the network as a whole remains vulnerable. Detection is a valuable tool for the server.

---O

# Clean computer spyware adware registry

Thursday, September 08, 2005 5:58 PM by bradley

Free computer clean up of hard drive of spyware, adware and registry. Get firewall anti-virus patches remove Spyware. www.clean-computer.org <a href="http://www.clean-computer.org">spyware and adware clean up computer registry</a>