microsoft.public.windowsxp.security_admin

On Mar 19, 2:06=A0pm, "David H. Lipman"
wrote:
> From: "Rob"
>
> | Hello,
> |
> | I have F-prot version 6 (Anti-Virus) loaded on several Windows XP
> | systems in our lab. =A0The Windows XP systems have been configured for
> | security auditing (per NISPOM Ch. 8 requirement). =A0Using event viewer
> | to look at the security logs, I'm seeing 8500+ security messages for
> | two days worth of usage, of which =A094% of them read exactly like the
> | printout below.
> |
> | I'm not sure, but it seems like FPAVserv (f-prot process) might
> | running with the user's rights and not running as a system service.
> |
> | Any thoughts on how I can fix this?
> |
> | Thanks,
> |
>
> < snip >
>
> Interesting.
>
> If you have to follow "NISPOM Ch. 8 requirement", you can't use F-Prot. =
=A0It is an unapproved
> anti virus solution.
>
> The requirements are only for the DISA approved anti virus solutions under=
the DISA DoD wide
> license which include only; =A0Trend Micro, Symantec and MCafee.
>
> --
> Davehttp://www.claymania.com/removal-trojan-adware.html
> Multi-AV -http://www.pctipp.ch/downloads/dl/35905.asp

Hello Dave,

Contractors are governed by DSS. Their regulation reads:

DoD 5220.22-M, February 28, 2006

8-305. Malicious Code. Policies and procedures to detect and deter
incidents caused by malicious code, such as viruses or unauthorized
modification to software, shall be implemented. All files must be
checked for viruses before being introduced on an IS and checked for
other malicious code as feasible. The use of personal or public domain
software is strongly discouraged. Each installation of such software
must be approved by the ISSM.

I have F-Prot listed in my protection profile and I have an ATO letter
in-hand. I haven't read anything on DSS's website stating that a
particular piece of anti-virus software has to be used; at least not
for our classification level.

Not that any of that matters anyway. Any thoughts on the message I
posted?

Thanks,

Rob