Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 1 subscriber
  • Views 2442 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

AV signatures date 06.08.2012

isle-gmbh

Halo,

using Ednpint Security and Control 10.0.

The virus data date from 06.08.2012.

The last update was today (07.09.2012), but I still have the old definitions.

I think this might be a problem.

Nice weekend, O. Schumann.

ISLE GmbH.

[Antivirus und HIPS]

-[ Software]

Sophos Anti-Virus 10.0.7

Veröffentlichungsstatus Full

On-Access-Status Aktiviert

Detection Engine 3.34.0

Erkennungsdaten 4.80G

Datum der Virendaten 06.08.2012

Objekte erkannt 3880695

Erkennungsdateien 385

Version der HIPS-Regeln 9.7.8

Version der HIPS-Konfiguration 1.0.4

Letztes Update 07.09.2012 12:03:11

:29261


This thread was automatically locked due to age.
Parents
  • 0

    Hi QC, 

    Thanks for all of your good info on this.  I am still a bit confused on the date concepts, from this perspective.  Lets say a VDL was last released on Aug 6, but since then, IDEs have been released every day up to the present (October 15).  If I want to check the endpoint to see whether it is up-to-date or not, isn't the date of the last IDE the relevant date?  If I see that the "virus data date" is Aug 6, I will assume that the endpoint is way out of date (and thus the endpoint is compromised).  The relevant piece of information is the October 15 IDE that was last downloaded.   Also, the relevant information is not the date the IDE file was downloaded to the endpoint, but the date that the IDE file was posted by Sophos.  i.e. if the last IDE the user downloaded was created on Oct 4, but he happened to download it on Oct 15, the date I am interested in is the Oct 4 date.  As far as I can tell, there is no way for me to see that on the GUI.  Am I missing something here?

    :34133
Reply
  • 0

    Hi QC, 

    Thanks for all of your good info on this.  I am still a bit confused on the date concepts, from this perspective.  Lets say a VDL was last released on Aug 6, but since then, IDEs have been released every day up to the present (October 15).  If I want to check the endpoint to see whether it is up-to-date or not, isn't the date of the last IDE the relevant date?  If I see that the "virus data date" is Aug 6, I will assume that the endpoint is way out of date (and thus the endpoint is compromised).  The relevant piece of information is the October 15 IDE that was last downloaded.   Also, the relevant information is not the date the IDE file was downloaded to the endpoint, but the date that the IDE file was posted by Sophos.  i.e. if the last IDE the user downloaded was created on Oct 4, but he happened to download it on Oct 15, the date I am interested in is the Oct 4 date.  As far as I can tell, there is no way for me to see that on the GUI.  Am I missing something here?

    :34133
Children
No Data