03-13-2006 07:21 AM - edited 03-09-2019 02:14 PM
Has anyone seen or heard of the effects that the McAfee DAT 4715? Was anyone running CSA - and if so, how did it respond? I'm anxious to find out if CSA would have stopped this behavior...
03-17-2006 07:37 AM
To the best of my knowledge, the 4.5 system replaces the network worm heuristic with a user-configurable rule module. You can configure this worm rule module to display a query popup, a straight deny, or an allow.
Note: These options are similar to other configurable rule types
http://www.cisco.com/en/US/products/sw/secursw/ps5057/products_qanda_item09186a008049ad72.shtml#qa12
03-20-2006 11:34 AM
CSA would have stopped it only if you didn't allow deletion or renaming of the affected files (and how would you have guessed that ahead of time?).
We allow our AV software unrestricted access to all files so we would have been affected had we not switched from McAfee to another vendor last November.
Whew...
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: