| Javascript Feeds RSS Feed Security Dashboard | SearchSecurity.com |
|
A System Administrator's Guide to Implementing Various Anti-Virus Mechanisms: What to do When a Virus is Suspected On a Computer Network This paper, presented in the form of sample guidelines/procedures, will express in much detail the steps, techniques and methods of defense utilized/implemented in the detection, investigation and tracing of a suspected computer virus. Proposed courses of action will be discussed. The effectiveness of these actions, as well as the use and effectiveness of established mechanisms of defense will be evaluated.
04/15/2004
|
|
Why You Need an Email Exploit Detection Engine: Networks Must Supplement Anti-Virus Protection for Maximum Security The number of email viruses and attacks skyrocketed in 2001, causing security experts and vendors to dub it "the year of the virus" (IDG News Service, Jan. 02; silicon.com, Dec. 01). One new factor to emerge in 2001 was that virus-writers are using increasingly complex and sophisticated techniques in their bid to circumvent anti-virus software and disseminate their viruses. A case in point was the notorious Nimda virus that used multiple methods to spread itself and was based on an exploit rather than on the virus/Trojan behavior that anti-virus products typically search for. Email security tools must become more sophisticated if such threats are to be blocked before they can cause harm. Anti-virus software, though essential, cannot combat such threats; an email exploit detection tool is also necessary.
03/10/2004
|
|
Building an Anti-Virus engine The article will describe the basic ideas, concepts, components and approaches involved in developing an anti-virus program from scratch from a developer's/software engineer's point of view. It will focus on the main elements of an anti-virus engine (hereafter referred to as AV engine) and will exclude aspects like graphical user interfaces, real-time monitors, file system drivers and plug-ins for certain application software like Microsoft Exchange or Microsoft Office. Although AV engines running/scanning for single platforms (such as Palm OS or EPOC/Symbian OS) can be designed in the same way, this article will focus on designing multi-platform scanning engines, which are far more complex.
03/23/2004
|
|
Anti-Virus Defense In Depth When I first became aware of the concept of defense in depth, the extent of depth was servers and workstations. At that time, most people felt that it was cost ineffective to protect both layers. I remember some very big, established names making very public statements of how we didn't need anti-virus software on servers, as it only added overhead, and offered little protection since a majority of viruses are boot sector infectors. These people were industry insiders and very respected "experts" at the time.
03/23/2004
|
|
Choosing your anti-virus software In today's connected world, anti-virus software is more than ever a necessity to protect your computer against viruses, worms and other types of malicious code. It is by far the easiest way to give your computer a minimal level of protection. Yet, the process of choosing which anti-virus software is best suited for your protection is not so easy. That task is made challenging by numerous misconceptions that surround the anti-virus world and some of the questionable claims made by some vendors. If you surf anti-virus vendors? web sites, for example, you will soon find out that many of them are the best, that many have the biggest market share or that many are the only vendors with a 365x24 support. The marketing war raging among those vendors and sometimes the lack of knowledge of their own competitors makes it rather difficult for the end-user to make a knowledgeable choice.
04/03/2004
|
|
Implementing A Norton AntiVirus Managed Infrastructure The purpose of this paper is not to go into a history of viruses, or even spend paragraphs describing how viruses work. I’d like to concentrate on some of the practical aspects of rolling out a managed antivirus solution to a large company, specifically for workstations and servers. If you spend any time at all perusing vendor documentation, you know there are holes, gaps and sometimes large crevices of missing information that are needed to make the practical decisions. That, coupled with the typical corporate politics and red tape, can send you into a tailspin! But, with some planning, forethought and good advice from people who have gone through it before, successful managed antivirus protection can be implemented. And, just think of how good it will feel when the next virus is thwarted before it has a chance to negatively impact the company’s resources.
04/15/2004
|
|
Issues with Keeping AntiVirus Software Up to Date Explore different aspects to keeping ANY virus protection software up to date to be protected from virus infection. It is obvious that as Information Security professionals that we need to be aware of all of the “latest and greatest” information on outbreaks of malicious code, including how to recognize and repair them. Also, we know that we need to have virus protection software loaded at all possible points of failure within our organizations and we need to have procedures for when these outbreaks occur. However, it seems to me that one of the most difficult tasks is keeping all of this virus protection software up to date. All reputable virus protection software products come out with updates on a fairly frequent basis, and it is up to each organization to get these updates out to all computers that need to be protected. There are many ways to do this and many challenges that we face in accomplishing this, but it is important to keep our organizations as “clean” as possible.
04/15/2004
|
|
Why anti-virus software is not enough This white paper explains why anti-virus software alone is not enough to protect your organization against the current and future onslaught of computer viruses. Examining the different kinds of email attacks that threaten today’s organizations, this paper describes the need for a solid server-based content-checking gateway to safeguard your business against email viruses and attacks.
03/10/2004
|
|
Behavior Blocking: The Next Step in Anti-Virus Protection Before the arrival of the fast-spreading worm/blended threat, the staple technology of anti-virus software - fingerprinting - arguably provided both preventative and proactive protection against the average computer virus. That is, in the past, vendors were able to ship new fingerprints for most viruses before they could achieve widespread distribution. This is because traditional viruses spread slowly - only when humans exchange infected files - on the order of days or weeks. Consequently, in the majority of cases, anti-virus software blocked initial infection, preventing corporate machines from being compromised and precluding the need for costly manual cleanup and downtime.
03/23/2004
|
|
Antivirus Concerns in XP and .NET Environments After Windows NT was released, it took virus writers five years to learn how to infect it. Windows NT 3.1 and the Win32 API were released in late 1993, but it wasn't until August 1998 that W32.Cabanas became the first NT virus by capturing coveted kernel mode access. .NET and some of Microsoft's other initiatives have not been as lucky. The purpose of this article is to discuss antivirus (AV) concerns with .NET and Microsoft Windows XP.
03/23/2004
|
|
Page: 12 3 4 |
