Norman Data Defense Systems Oliver Kunzmann Support Manager

Size: px
Start display at page:

Download "Norman Data Defense Systems Oliver Kunzmann Support Manager"

Transcription

1 Norman Data Defense Systems Oliver Kunzmann Support Manager Author: Oliver Kunzmann.

2 Viren 2004 Bagle.A January MyDoom.A MyDoom.B Netsky.A Netsky.B Netsky.C1 Bagle.C Bagle.D Bagle.E Bagle.F February Bagle.G Bagle.I MyDoom.D MyDoom.E Bagle.B MyDoom.F Netsky.C3 Netsky.D1 Bagle.J MyDoom.G MyDoom.H Netsky.L Bagle.O Netsky.C2 March Netsky.E Bagle.H Netsky.F Bagle.K Netsky.G Netsky.H Netsky.M Bagle.L Netsky.K Netsky.N Netsky.J Netsky.O Bagle.Q Bagle.T Bagle.R Bagle.S Netsky.I 2 Author: Oliver Kunzmann

3 War of the worms Der Mydoom, Bagle und Netsky Virenkrieg Neue Viren werden im schneller entwickelt Virenschreiber haben immer neue Ideen z.b zip-dateien mit Passwort in einer Bilddatei 3 Author: Oliver Kunzmann

4 4 Author: Oliver Kunzmann

5 Quicker spreading 5 Author: Oliver Kunzmann

6 Proactive virus protection From virus to definition files Author: Oliver Kunzmann.

7 Norman SandBox US Patentpending Author: Oliver Kunzmann.

8 Ordinary Antivirus Antivirus clear the traffic Traffic checking against definition files SoBig.a Sobig.b z Gibe a z Swen.A Swen b-z Dialer.a Dialer.b - z Dialer Trojaner 1 Xxxxxxxxxxxxx Xxxxxxxxxxxxxxxxxx Xxxxxxxxx Xxxxxxxxxxxx Xxxxxxxxxxxxxxx Xxxxxxxxxxxxxxxxx Xxxxxxxxxxxxx Xxxxxxxxxxxxxxxxxx Xxxxxxxxx Xxxxxxxxxxxx Xxxxxxxxxxxxxxx Xxxxxxxxxxxxxxxxx 8 Author: Oliver Kunzmann

9 Smart Antivirus Antivirus clear the traffic with definition files and the ruleset Traffic checking against definition files SoBig.a Sobig.b z Gibe a z Swen.A Swen b-z Dialer.a Dialer.b - z Dialer Trojaner 1 Xxxxxxxxxxxxx Xxxxxxxxxxxxxxxxxx Xxxxxxxxx Xxxxxxxxxxxx Xxxxxxxxxxxxxxx Xxxxxxxxxxxxxxxxx Xxxxxxxxxxxxx Xxxxxxxxxxxxxxxxxx Xxxxxxxxx Xxxxxxxxxxxx Xxxxxxxxxxxxxxx Xxxxxxxxxxxxxxxxx What if? Suppose? Traffic checking against ruleset (Heuristics) 9 Author: Oliver Kunzmann

10 Antivirus m. Sandbox Traffic checking against definition files Antivirus clear the traffic with definition files and the sandbox SoBig.a Sobig.b z Gibe a z Swen.A Swen b-z Dialer.a Dialer.b - z Dialer Trojaner 1 Xxxxxxxxxxxxx Xxxxxxxxxxxxxxxxxx Xxxxxxxxx Xxxxxxxxxxxx Xxxxxxxxxxxxxxx Xxxxxxxxxxxxxxxxx Xxxxxxxxxxxxx Xxxxxxxxxxxxxxxxxx Xxxxxxxxx Xxxxxxxxxxxx Xxxxxxxxxxxxxxx Xxxxxxxxxxxxxxxxx Traffic checking against SandBox Vituelt miljø: Virtual environment: Maskinvare Hardware Operativsystem Operative Applikasjoner Applications Kommunikasjon Communication 10 Author: Oliver Kunzmann

11 Sandbox contents SMTP Backdoors MAPI SMTP server IP Open ports: 25 IRC \\Another\Machine IP Open ports: 137,139 Port139(SMB) Updates via HTTP Name: FAKE IP address: Drive N:\ mapped network drive \\Remote\Machines Default IP: Any Open ports: all Mapped network drives ICQ Kazaa DNS IP Open ports: Author: Oliver Kunzmann

12 Sandbox Live!! 12 Author: Oliver Kunzmann

13 Virus ALIZ * SMTP Engine * Adress * Location WAB-File * Memory maps the WAB-File * Connects to SMTP Server / Send mail 1. OS searching. Finish Found files WINSOCK32 ADVAOI32 2. OS searching. Finish Found files FILE ( Adressbuch) WAB-FILE 3. OS searching. Finish EXIT Found files SMTP Server MS Account Manager IP Adress / PORT Number PORT IP Create mail.dat 13 Author: Oliver Kunzmann

14 5. OS Send Finishmails. EXIT send mail process finish exit process SEND mail.dat 6. CLOSE SOCKET 14 Author: Oliver Kunzmann

15 Virus ALIZ 1. OS W98 connect connect Sandbox emuliert simuliert searching Finish Virus Infos. sending Finish Virus Infos found VIRUS search order WINSOCK32 ADVAOI32 2. OS W98 connect connect Sandbox emuliert simuliert 3. OS W98 connect connect Sandbox emuliert simuliert searching Finish Virus Infos. sending Finish Virus Infos searching Finish Virus Infos. sending Finish Virus Infos found VIRUS search order FILE ( Adressbuch) WAB-FILE create virtual adressbook sandbox.wab c:\sandbox.wab found VIRUS search order SMTP Server / SMTP.global.no MS Account Manager IP Adress / PORT Number 4. connect connect W98 Sandbox send virtuel mail SMTP.global.no create virtual virtuel PORT/ IP Adress PORT 25 IP Create mail.dat 15 Author: Oliver Kunzmann

16 16 Author: Oliver Kunzmann

17 new Netsky And we also have a new Netsky on our hands, from Sybari: *********File name : C:\MINM\NETSKY.ZIP\YOUR_P~1.VIF ALWIL AVAST! LGUARD : NO_VIRUS H+BEDV AntiVir/DOS32 : NO_VIRUS GRISoft AVG : NO_VIRUS Kaspersky Lab AVPDOS32 : NO_VIRUS SOFTWIN AVXC/BDC : NO_VIRUS Dialogue Science DrWeb386 : NO_VIRUS Frisk Software F-Prot : NO_VIRUS McAfee Scan : NO_VIRUS Prognet FireLite : NO_VIRUS IKARUS PSCAN : NO_VIRUS MkS MkS_vir : NO_VIRUS Symantec NAV VSCAND : NO_VIRUS ESET NOD32 : ~NEW_VIRUS Norman NVCC : Sandbox: W32/ Worm Panda Antivirus 6.0 PAVCL : NO_VIRUS Trend Micro VScan : NO_VIRUS GeCAD RAV : NO_VIRUS Sophos SWEEP : NO_VIRUS CA VET RESCUE : NO_VIRUS CA InoculateIT INOCUCMD : NO_VIRUS VirusBuster VirusBuster : NO_VIRUS ClamAV for Windows : NO_VIRUS w32_p2pworm.vxe : [SANDBOX] infected with unknown worm - W32/P2PWorm [ General information ] * **IMPORTANT: PLEASE SEND THE SCANNED FILE TO: - REMEMBER TO ENCRYPT IT (E.G. ZIP WITH PASSWORD)**. * Display message box (Error!) : Can't find a viewer associated with the file. * Attemps to open C:\WINDOWS\SYSTEM\drvsys.exe NULL. * **Uses Ole32CreateStreamOnHGlobal. * File length: bytes. [ Changes to filesystem ] * Creates file C:\WINDOWS\SYSTEM\drvsys.exe. * Creates file C:\temp\ole320. * Creates file C:\temp\ole321. * Creates file C:\temp\ole322. * Creates file C:\temp\ole323. * Creates file C:\temp\ole324. * Creates file C:\temp\ole325. * Creates file C:\temp\ole326. * Creates file C:\temp\ole327. * Creates file C:\temp\ole328. * Creates file C:\temp\ole329. * Creates file \12;. * Creates file C:\temp\ole32;. * Creates file C:\temp\ole32<. * Creates file C:\temp\ole32=. * Creates file C:\temp\ole32>. * Creates file C:\PROGRA~1\KAZAA\MYSHAR~1\Microsoft Office 2003 Crack, Working!.exe. [ Changes to registry ] * Deletes value "My AV" in key "HKCU\Software\Microsoft\Windows\CurrentVersion\Run". * Deletes value "My AV" in key "HKLM\Software\Microsoft\Windows\CurrentVersion\Run". 17 Author: Oliver Kunzmann

18 New Bagle > AntiVir - HB+EDV: Not detected > AVG - Grisoft: Not detected > AVP - Kaspersky: Not detected > DrWeb - Dialogue Science : Not detected > F-Prot - Frisk: be infected with an unknown virus > NOD - ESET: Not detected > NVCC Norman: W32/Malware > RAV - Microsoft: Not detected > ScanPM - NAI: W32/Bagle.dll.dr > Sweep - Sophos: Not detected > VScan - Trend: Not detected > VScanD - Symantec: Not detected 18 Author: Oliver Kunzmann

19 Andreas Marx - AV-Test 100 unknown viruses/worms/bots Author: Oliver Kunzmann.

20 the start 20 Author: Oliver Kunzmann

21 Author: Oliver Kunzmann

22 Author: Oliver Kunzmann

23 Sandbox online service Author: Oliver Kunzmann.

24 24 Author: Oliver Kunzmann

25 Sandbox online services 25 Author: Oliver Kunzmann

26 Sandbox online services 26 Author: Oliver Kunzmann

27 SandBox v2 - service 27 Author: Oliver Kunzmann

28 Herzlichen Dank fürf Ihre Aufmerksamkeit Professioneller Datenschutz für Ihr Netzwerk 28 Author: Oliver Kunzmann

Approved Anti-Virus Software

Approved Anti-Virus Software Approved Anti-Virus Software AEC, spol. s.r.o. TrustPort Antivirus 2.x AhnLab, Inc. AhnLab Security Pack 2.x AhnLab V3 Internet Security 2007 Platinum 7.x AhnLab V3 Internet Security 7.0 Platinum Enterprise

More information

B-HAVE the road to success

B-HAVE the road to success B-HAVE the road to success A case study in the successful deployment of new anti-malware technology Speed is the name of the game In October 2004, AV-Test, an independent testing organization based in

More information

AntiVirus Market Opportunities, Strategies, and Forecasts, 2004 to 2009. AntiVirus. Picture by Susie Eustis MOUNTAINS OF OPPORTUNITY

AntiVirus Market Opportunities, Strategies, and Forecasts, 2004 to 2009. AntiVirus. Picture by Susie Eustis MOUNTAINS OF OPPORTUNITY AntiVirus Market Opportunities, Strategies, and Forecasts, 2004 to 2009 AntiVirus Picture by Susie Eustis MOUNTAINS OF OPPORTUNITY WinterGreen Research, Inc. Lexington, Massachusetts www.wintergreenresearch.com

More information

Why one virus engine is not enough

Why one virus engine is not enough GFI White Paper Why one virus engine is not enough Multiple virus engines are needed to reduce time lag between virus outbreak and signature update There is no single antivirus engine on the market that

More information

31-05-2007. Sérgio Martinho Microsoft Portugal Sergio.Martinho@microsoft.com

31-05-2007. Sérgio Martinho Microsoft Portugal Sergio.Martinho@microsoft.com As melhores soluções servidoras empresariais e a maior facilidade de gestão 31-05-2007 Sérgio Martinho Microsoft Portugal Sergio.Martinho@microsoft.com Agenda IT Solution Priorities by Vertical Market

More information

Supported Anti Virus from ESAP 2-6-1

Supported Anti Virus from ESAP 2-6-1 Supported Anti Virus from ESAP 2-6-1 avast! Antivirus (4.8.x) avast! Antivirus (4.x) avast! Antivirus (managed) (4.x) avast! Antivirus Professional (4.8.x) avast! Antivirus Professional (4.x) avast! Business

More information

Fully supported Antivirus software (Managed Antivirus)

Fully supported Antivirus software (Managed Antivirus) You are here: Antivirus > Managed Antivirus Vendors Fully supported Antivirus software (Managed Antivirus) Antivirus (AV) vendors often release software updates. We hard-code the update into our RMM agent

More information

Test Case - Privatefirewall 5.0, Intrusion and Malware Defense

Test Case - Privatefirewall 5.0, Intrusion and Malware Defense Test Case - Privatefirewall 5.0, Intrusion and Malware Defense Objective and Methodology: Privatefirewall is a desktop defense application comprised of several distinct technology layers designed to block

More information

Products supported by ESAP 1.3.8 FIREWALL PRODUCTS: Product Name. AOL Firewall (1.x) AOL Privacy Wall (2.x) AVG 8.0 [Firewall] (8.

Products supported by ESAP 1.3.8 FIREWALL PRODUCTS: Product Name. AOL Firewall (1.x) AOL Privacy Wall (2.x) AVG 8.0 [Firewall] (8. Products supported by ESAP 1.3.8 FIREWALL PRODUCTS: Product Name AOL Firewall (1.x) AOL Privacy Wall (2.x) AVG 8.0 [Firewall] (8.x) AVG Firewall (7.x) AhnLab Security Pack (2.x) AhnLab V3 Internet Security

More information

Mobile Security Apps. Hendrik Pilz Director Technical Lab / Mobile Security hpilz@av-test.de

Mobile Security Apps. Hendrik Pilz Director Technical Lab / Mobile Security hpilz@av-test.de Hendrik Pilz Director Technical Lab / Mobile Security hpilz@av-test.de The test report is also available on About AV-TEST 24 employees in Magdeburg and Leipzig Tests of security solutions for consumers

More information

Security Industry Market Share Analysis

Security Industry Market Share Analysis Security Industry Market Share Analysis December Introduction The Research OPSWAT releases quarterly market share reports for several sectors of the security industry. This report includes both worldwide

More information

Products supported by ESAP 1.4.7 FIREWALL PRODUCTS:

Products supported by ESAP 1.4.7 FIREWALL PRODUCTS: Products supported by ESAP 1.4.7 FIREWALL PRODUCTS: Product Name AOL Firewall (1.x) AOL Privacy Wall (2.x) AVG 8.0 [Firewall] (8.x) AVG Firewall (7.x) AhnLab Security Pack (2.x) AhnLab V3 Internet Security

More information

Products supported by ESAP 1.4.8

Products supported by ESAP 1.4.8 Products supported by ESAP 1.4.8 FIREWALL PRODUCTS: Product Name AOL Firewall (1.x) AOL Privacy Wall (2.x) AVG 8.0 [Firewall] (8.x) AVG Firewall (7.x) AhnLab Security Pack (2.x) AhnLab V3 Internet Security

More information

Detection of Linux malware

Detection of Linux malware 5th October 2015 created by Markus Selinger Linux: 16 Security Packages Against Windows and Linux Malware Put to the Test As Linux PCs are increasingly used to connect Windows PCs, they ought to use a

More information

Scripting AV Signature File Updates and Testing. By Randy Abrams and Andreas Marx With Mary Landesman as contributing editor

Scripting AV Signature File Updates and Testing. By Randy Abrams and Andreas Marx With Mary Landesman as contributing editor Scripting AV Signature File Updates and Testing By Randy Abrams and Andreas Marx With Mary Landesman as contributing editor About the authors: Randy Abrams Operations Manager Microsoft Corporation, One

More information

MaaS360 Application Support Matrix

MaaS360 Application Support Matrix MaaS360 Application Support Matrix May 2010 MatrtrixMatrixProductSupportVisibility Service Table of Contents MaaS360 Application Support Matrix User Guide... 3 Support Legend... 3 Definitions... 3 Change

More information

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details: Malicious software About ENISA The European Network and Information Security Agency (ENISA) is an EU agency created to advance the functioning of the internal market. ENISA is a centre of excellence for

More information

Security Industry Market Share Analysis

Security Industry Market Share Analysis Security Industry Market Share Analysis September 2011 Introduction The Research OPSWAT releases quarterly market share reports for several sectors of the security industry. This quarter s report includes

More information

Anti-Virus Firewall Solutions

Anti-Virus Firewall Solutions TECHNOLOGY REPORT - Anti-Virus Firewall Solutions An Independent Technology Report produced by Product Testing, Evaluation and Certification Services West Coast Labs provides a superior quality testing

More information

Kaspersky Internet Security 6.0 vs Microsoft Windows Live OneCare. Comparative Analysis

Kaspersky Internet Security 6.0 vs Microsoft Windows Live OneCare. Comparative Analysis Kaspersky Internet Security 6.0 vs Microsoft Windows Live OneCare Table of Contents 1 A brief overview of functionality...3 2 General information...4 3 Installation on infected PC and treatment of active

More information

IT Maintenance Checklist. Infrastructure

IT Maintenance Checklist. Infrastructure Check Network Owners Manual on site IT Maintenance Checklist Infrastructure o LAN diagram showing computer and device locations Internet Service Provider o Name of Provider (i.e. AT&T, Time Warner, Embarq,

More information

Insecurity in Security Software

Insecurity in Security Software Insecurity in Security Software Maik Morgenstern Andreas Marx AV-Test GmbH http://www.av-test.org Virus Bulletin 2005 Conference presentation about Insecurity in Security Software Copyright 2005 AV-Test

More information

Products supported by ESAP 1.5.3 FIREWALL PRODUCTS:

Products supported by ESAP 1.5.3 FIREWALL PRODUCTS: Products supported by ESAP 1.5.3 FIREWALL PRODUCTS: Product Name AOL Firewall (1.x) AOL Privacy Wall (2.x) AVG 8.0 [Firewall] (8.x) AVG Firewall (7.x) AhnLab Security Pack (2.x) AhnLab V3 Internet Security

More information

Henry Ford Health System Remote Access Support Details

Henry Ford Health System Remote Access Support Details Henry Ford Health System Remote Access Support Details Last Updated: March 5 th, 2014 Access Disclaimer: This document assumes that you already have an ID to access the Henry Ford Health System (HFHS)

More information

VB100 Results Overview: Eset

VB100 Results Overview: Eset VB100 Results Overview: Eset 59 Success / 3 Failure / 5 No Entry Test history December 2009 - ESET NOD32 Antivirus 5 Product name: ESET NOD32 Antivirus 5 More: December 2009 in full Review: ESET NOD32

More information

AV-TEST Examines 22 Antivirus Apps for Android Smartphones and Tablets

AV-TEST Examines 22 Antivirus Apps for Android Smartphones and Tablets Protection Apps for Android Feb. 2013 AV-TEST Examines 22 Antivirus Apps for Android Smartphones and Tablets Millions of Android smartphones are currently accessing the Internet without any protection.

More information

Anti-Virus Comparative

Anti-Virus Comparative Anti-Virus Comparative On-demand Detection of Malicious Software includes false alarm and on-demand scanning speed test Language: English August 2010 Last Revision: 5 th October 2010 Table of Contents

More information

KASPERSKY LAB PROVIDES BEST IN THE INDUSTRY PROTECTION*

KASPERSKY LAB PROVIDES BEST IN THE INDUSTRY PROTECTION* Score of TOP 3 places KASPERSKY LAB PROVIDES BEST IN THE INDUSTRY PROTECTION* 100% In 2013 Kaspersky Lab products participated in 79 independent tests and reviews. Our products were awarded 41 firsts and

More information

ANTIVIRUS BEST PRACTICES

ANTIVIRUS BEST PRACTICES ANTIVIRUS BEST PRACTICES Antivirus Best Practices 1. Introduction This guideline covers the basics on Antivirus Software and its best practices. It will help to have an overall understanding of the subject

More information

CORPORATE AV / EPP COMPARATIVE ANALYSIS

CORPORATE AV / EPP COMPARATIVE ANALYSIS CORPORATE AV / EPP COMPARATIVE ANALYSIS Exploit Evasion Defenses 2013 Randy Abrams, Dipti Ghimire, Joshua Smith Tested Vendors AVG, ESET, F- Secure, Kaspersky, McAfee, Microsoft, Norman, Panda, Sophos,

More information

Cisco Identity Services Engine Supported Windows AV/AS and Patch Management Products Compliance Module Version 3.6.9981.2

Cisco Identity Services Engine Supported Windows AV/AS and Patch Management Products Compliance Module Version 3.6.9981.2 Cisco Identity Services Engine Supported Windows AV/AS and Patch Management Products Compliance Module Version 3.6.9981.2 This document provides Windows AV/AS and Patch Management support information on

More information

Anti-Virus Comparative

Anti-Virus Comparative Anti-Virus Comparative On-demand Detection of Potentially Unwanted Applications (incl. Adware, Spyware and Rogue Software) Language: English December 2010 Last Revision: 22 nd December 2010 Table of Contents

More information

ODOT UAG Tips/Troubleshooting Guide

ODOT UAG Tips/Troubleshooting Guide ODOT UAG Tips/Troubleshooting Guide These helpful tips are provided by ODOT Computer Support to help those using a non-odot PC and running into issues with connecting the UAG/VPN. This is a best-effort

More information

Global Antivirus Software Package Market 2015-2019

Global Antivirus Software Package Market 2015-2019 Brochure More information from http://www.researchandmarkets.com/reports/3498718/ Global Antivirus Software Package Market 2015-2019 Description: About antivirus software package An antivirus scans the

More information

Introduction to Computer Security Table of Contents

Introduction to Computer Security Table of Contents Introduction to Computer Security Table of Contents Introduction... 2 1 - Viruses... 3 Virus Scanners... 3 2 - Spyware... 7 Spyware Scanners... 8 3 - Firewalls... 10 Windows Firewall... 10 4 - References...

More information

Computer infiltration

Computer infiltration Computer infiltration Computer infiltration means unauthorized entering program code into computer system in order to perform undesired (often concealed) activities. Currently, there are about 80,000 types

More information

EXCERPTS FROM VIRUS BULLETIN COMPARATIVE REVIEWS AUGUST DECEMBER 2010

EXCERPTS FROM VIRUS BULLETIN COMPARATIVE REVIEWS AUGUST DECEMBER 2010 VIRUS BULLETIN AUTHORIZED REPRINT EXCERPTS FROM VIRUS BULLETIN COMPARATIVE REVIEWS AUGUST DECEMBER 2010 VIRUS BULLETIN VB100 TESTING The basic requirements for a product to achieve VB100 certification

More information

MRG Effitas 360 Assessment & Certification Programme Q4 2014

MRG Effitas 360 Assessment & Certification Programme Q4 2014 MRG Effitas 360 Assessment & Certification Programme Q4 2014 1 Contents Introduction... 3 Executive summary... 3 Certification... 4 The purpose of this report... 5 Tests employed... 6 Security Applications

More information

Online Payments Threats

Online Payments Threats July 3, 2012 Introduction...2 Tested Products...2 Used Configuration...3 Real Malware Inspiration...3 Total Scores Chart...4 Conclusion...4 About matousec.com...4 Detailed Descriptions of Tests...5 Detailed

More information

BitDefender for Microsoft ISA Servers Standard Edition

BitDefender for Microsoft ISA Servers Standard Edition BitDefender for Microsoft ISA Servers Standard Edition Copyright 2006 SOFTWIN Edition 1. How Does It Work? As content entering or leaving your company must meet security policies, it is crucial to choose

More information

Comodo Endpoint Security Manager Professional Edition Software Version 3.0

Comodo Endpoint Security Manager Professional Edition Software Version 3.0 Comodo Endpoint Security Manager Professional Edition Software Version 3.0 Administrator Guide Guide Version 3.0.052313 Comodo Security Solutions 1255 Broad Street STE 100 Clifton, NJ 07013 Table of Contents

More information

NOD32 Antivirus System version 2 Installation Guide

NOD32 Antivirus System version 2 Installation Guide NOD32 Antivirus System version 2 Installation Guide V1_0606/2003 Copyright 2003 ESET, LLC Table of contents 2 1. Introduction... 3 2. Installing NOD32 v2.........4 2.1 Brand new installation.........4

More information

Host Checker Security software requirements

Host Checker Security software requirements Host Checker Security software requirements In this document we describe requirements on security software in computers that are to be used together with the feature Host Checker in Telia Secure Remote

More information

Windows Antivirus Inspector Support Chart

Windows Antivirus Inspector Support Chart Index : Users : Endpoint Security : Inspectors : Antivirus Support Chart : Windows Antivirus Support Chart > Windows Antivirus Inspector

More information

Global Endpoint Security Market 2015-2019

Global Endpoint Security Market 2015-2019 Brochure More information from http://www.researchandmarkets.com/reports/3097865/ Global Endpoint Security Market 2015-2019 Description: About Endpoint Security Endpoint security is a methodology that

More information

PCSL. PCSL IT Consulting Institute 机 安 全 软 件 病 毒 检 测 率 测 试

PCSL. PCSL IT Consulting Institute 机 安 全 软 件 病 毒 检 测 率 测 试 2014 IT Consulting Institute ⓫ 手 机 安 全 软 件 病 毒 检 测 率 测 试 报 告 目 录 Table of Contents P1 P2 P3 测 试 背 景 测 试 流 程 待 测 软 件 P4 P6 P7 测 试 结 果 月 度 奖 项 相 关 信 息 P8 权 利 说 明 P9 免 责 声 明 CHAP. 1 Background 1 CHAP. 2 Test

More information

iviz Security Inc (In) Security in Security Products 2013

iviz Security Inc (In) Security in Security Products 2013 iviz Security Inc (In) Security in Security Products 2013 iviz Security Inc 2013 Introduction We use security products to secure our systems and our businesses. However, the very security products we use,

More information

GFI Product Manual. Administration and Configuration Manual

GFI Product Manual. Administration and Configuration Manual GFI Product Manual Administration and Configuration Manual http://www.gfi.com info@gfi.com The information and content in this document is provided for informational purposes only and is provided "as is"

More information

Simplicity Value Documentation 3.5/5 5/5 4.5/5 Functionality Performance Overall 4/5 4.5/5 86%

Simplicity Value Documentation 3.5/5 5/5 4.5/5 Functionality Performance Overall 4/5 4.5/5 86% Alt-N SecurityGateway for Email Servers - Universal Email Security Gateway Manufacturer: Alt-N Technologies Model: Standard Origin: Texas, USA Website: www.altn.com Price: 204 for up to 25 users Simplicity

More information

Fraud and Phishing Scam Response Arrangements in Brazil

Fraud and Phishing Scam Response Arrangements in Brazil Fraud and Phishing Scam Response Arrangements in Brazil Marcelo H. P. C. Chaves mhp@cert.br Computer Emergency Response Team Brazil CERT.br http://www.cert.br/ Brazilian Internet Steering Committee http://www.cgi.br/

More information

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006

Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 Enterprise Cybersecurity Best Practices Part Number MAN-00363 Revision 006 April 2013 Hologic and the Hologic Logo are trademarks or registered trademarks of Hologic, Inc. Microsoft, Active Directory,

More information

Ad-Aware Total Security [Firewall] (3.x) Ad-Aware Total Security [Firewall] (3.x)

Ad-Aware Total Security [Firewall] (3.x) Ad-Aware Total Security [Firewall] (3.x) Host Checker - Security software recognition Products supported (by ESAP 1.7.6, Juniper terminology FIREWALL PRODUCTS: Marketing Name Display Name ALYac (2.x) ALYac (2.x) AOL Firewall (1.x) AOL Firewall

More information

Anti-Virus Comparative - Proactive/retrospective test May 2009

Anti-Virus Comparative - Proactive/retrospective test May 2009 Anti-Virus Comparative Proactive/retrospective test (on-demand detection of virus/malware) Language: English May 2009 Last revision: 27 th May 2009 1 - Content 1. Introduction 3 2. Description 3 3. Test

More information

PROACTIVE PROTECTION MADE EASY

PROACTIVE PROTECTION MADE EASY PROACTIVE PROTECTION AUTHOR: ANDREW NIKISHIN KASPERSKY LAB Heuristic Analyzer Policy-Based Security Intrusion Prevention System (IPS) Protection against Buffer Overruns Behaviour Blockers Different Approaches

More information

ESAP Release Notes

ESAP Release Notes ESAP 2.7.3 Release Notes SDK Version: Mac and Windows 3.6.9772.2 (V2 Unified + V3) Note: The SDK embedded in this ESAP version has been tested and qualified to interoperate with an extensive list of endpoint

More information

Cryptography and Network Security Chapter 21. Malicious Software. Backdoor or Trapdoor. Logic Bomb 4/19/2010. Chapter 21 Malicious Software

Cryptography and Network Security Chapter 21. Malicious Software. Backdoor or Trapdoor. Logic Bomb 4/19/2010. Chapter 21 Malicious Software Cryptography and Network Security Chapter 21 Fifth Edition by William Stallings Chapter 21 Malicious Software What is the concept of defense: The parrying of a blow. What is its characteristic feature:

More information

OutbreakShield Effective and Immediate Protection against Email Virus Outbreaks

OutbreakShield Effective and Immediate Protection against Email Virus Outbreaks OutbreakShield Effective and Immediate Protection against Email Virus Outbreaks Ralf Benzmüller G DATA Software AG Introduction The virus protection provided by all current antivirus software products

More information

Release: 1. ICASAS206A Detect and protect from spam and destructive software

Release: 1. ICASAS206A Detect and protect from spam and destructive software Release: 1 ICASAS206A Detect and protect from spam and destructive software ICASAS206A Detect and protect from spam and destructive software Modification History Release Release 1 Comments This Unit first

More information

Signal Customized Helpdesk Course

Signal Customized Helpdesk Course Signal Customized Helpdesk Course This course is a combination of modules taken from two Microsoft Courses: 50311A and 50331A. It is geared toward staff who handle helpdesk calls and troubleshoot end user

More information

OPSWAT Antivirus Integration SDK 3.5.3633.2

OPSWAT Antivirus Integration SDK 3.5.3633.2 OPSWAT Antivirus Integration SDK 3.5.3633.2 360Safe.com 360 Antivirus 360 杀 毒 360 杀 毒 360 Antivirus 360 杀 毒 360 Antivirus 360 杀 毒 360 Antivirus Product Name Product Version Product ID Check Virus Definitions

More information

Serial Deployment Quick Start Guide

Serial Deployment Quick Start Guide PaperClip em 4 11/19/2007 Serial Deployment Quick Start Guide This checklist should be completed before installing the em4 Relay. Your answers with the associated screens will enable you to install and

More information

Valid Anti-Spyware Packages as of 8/4/2015

Valid Anti-Spyware Packages as of 8/4/2015 Valid Anti-Spyware Packages as of 8/4/2015 360-Safe-Internet-Security 360-Safe-Total-Security AVG-2011 AVG-2012 AVG-2013 AVG-2014 AVG-2015 AVG-8.0 AVG-8.5 AVG-9.0 AVG-Anti-Spyware Ad-Aware-2007 Ad-Aware-2008

More information

Outlook 2010 Setup Guide (POP3)

Outlook 2010 Setup Guide (POP3) Versions Addressed: Microsoft Office Outlook 2010 Document Updated: 8/31/2012 Copyright 2012 Smarsh, Inc. All rights Purpose: This document will assist the end user in configuring Outlook 2010 to access

More information

AV Management Dashboard

AV Management Dashboard LabTech AV Management Dashboard AV MANAGEMENT DASHBOARD... 1 Overview... 1 Requirements... 1 Dashboard Overview... 2 Clients/Groups... 2 Offline AV Agents... 3 Threats... 3 AV Product... 4 Sync Agent Data

More information

Standalone Sidegrade Tool

Standalone Sidegrade Tool Standalone Sidegrade Tool Manufacturer Product Display Name Agnitum Agnitum Outpost Firewall Pro 1.0 Ahnlab AhnLab V3 VirusBlock Internet Security 2007 Ahnlab AOL Authentium, Inc. Authentium, Inc. Authentium,

More information

KASPERSKY LAB PROVIDES BEST IN THE INDUSTRY PROTECTION*

KASPERSKY LAB PROVIDES BEST IN THE INDUSTRY PROTECTION* KASPERSKY LAB PROVIDES BEST IN THE INDUSTRY PROTECTION* 100% 80% 60% Score of TOP 3 places In 2014 Kaspersky Lab products participated in 93 independent tests and reviews. Our products were awarded 51

More information

Can Consumer AV Products Protect Against Critical Microsoft Vulnerabilities?

Can Consumer AV Products Protect Against Critical Microsoft Vulnerabilities? ANALYST BRIEF Can Consumer AV Products Protect Against Critical Microsoft Vulnerabilities? Author Randy Abrams Tested Products Avast Internet Security 7 AVG Internet Security 2012 Avira Internet Security

More information

PGP Universal Satellite Version 2.7 for Windows Release Notes

PGP Universal Satellite Version 2.7 for Windows Release Notes PGP Universal Satellite Version 2.7 for Windows Release Notes Thank you for using this PGP Corporation product. These Release Notes contain important information regarding this release of PGP Universal

More information

CYAN SECURE WEB APPLIANCE. User interface manual

CYAN SECURE WEB APPLIANCE. User interface manual CYAN SECURE WEB APPLIANCE User interface manual Jun. 13, 2008 Applies to: CYAN Secure Web 1.4 and above Contents 1 Log in...3 2 Status...3 2.1 Status / System...3 2.2 Status / Network...4 Status / Network

More information

ESAP 2.7.9. Release Notes. Version Published

ESAP 2.7.9. Release Notes. Version Published ESAP 2.7.9 Release Notes Version Published Mac and Windows 3.6.10004.2 (V2 Unified + V3) July 2015 Note: The SDK embedded in this ESAP version has been tested and qualified to interoperate with an extensive

More information

Antivirus Product Comparison: A real-world does it work test

Antivirus Product Comparison: A real-world does it work test : A real-world does it work test November 2004 By: Scott Brown Information Security Analyst Colby-Sawyer College Antivirus Programs: Testing For A Solution For many years, I read testing results from industry

More information

Microsoft Software Update Services and Managed Symantec Anti-virus. Michael Satut TSS/Crown IT Support m-satut@northwestern.edu

Microsoft Software Update Services and Managed Symantec Anti-virus. Michael Satut TSS/Crown IT Support m-satut@northwestern.edu Microsoft Software Update Services and Managed Symantec Anti-virus Michael Satut TSS/Crown IT Support m-satut@northwestern.edu Introduction The recent increase in virus and worm activity has created the

More information

ESAP 2.5.2 Release Notes. SDK Version: Windows 3.6.8649.2 (V2 Unified + V3), Mac 3.6.8470.2

ESAP 2.5.2 Release Notes. SDK Version: Windows 3.6.8649.2 (V2 Unified + V3), Mac 3.6.8470.2 ESAP 2.5.2 Release Notes SDK Version: Windows 3.6.8649.2 (V2 Unified + V3), Mac 3.6.8470.2 ESAP 2.5.2 and Junos Pulse Secure Access/Access Control Service Compatibility Chart: This ESAP package can be

More information

Quick Reference Guide: Business Mail

Quick Reference Guide: Business Mail : Business Mail TABLE OF CONTENTS GENERAL INFORMATION...2 DETAILED STEPS ON CONFIGURING WINDOWS FOR E-MAIL...2 Set-up For Microsoft Outlook Express...7 Set-up Of Microsoft Outlook On Windows XP...9 PROBLEMS

More information

ESET CYBER SECURITY PRO for Mac Quick Start Guide. Click here to download the most recent version of this document

ESET CYBER SECURITY PRO for Mac Quick Start Guide. Click here to download the most recent version of this document ESET CYBER SECURITY PRO for Mac Quick Start Guide Click here to download the most recent version of this document ESET Cyber Security Pro provides state-of-the-art protection for your computer against

More information

HoneyBOT User Guide A Windows based honeypot solution

HoneyBOT User Guide A Windows based honeypot solution HoneyBOT User Guide A Windows based honeypot solution Visit our website at http://www.atomicsoftwaresolutions.com/ Table of Contents What is a Honeypot?...2 How HoneyBOT Works...2 Secure the HoneyBOT Computer...3

More information

thriller INTERNET SECURITY

thriller INTERNET SECURITY + thriller INTERNET SECURITY Saturday, October 31, 2009 1:30 PM 3:00 PM Matthew 28:18-20 Website Ministry + Agenda 2 Scripture (Col 3:12-15) Prayer Internet Security Security Threats Security Protection

More information

Synchronized Security and Security Heartbeat

Synchronized Security and Security Heartbeat Synchronized Security and Security Heartbeat Revolutionizing Advanced Threat Protection George Kouimintzis NSS Commercial Director 1 What we re going to cover What s the problem? It s time for a security

More information

Symantec Endpoint Protection Integration Component 7.5 Release Notes

Symantec Endpoint Protection Integration Component 7.5 Release Notes Symantec Endpoint Protection Integration Component 7.5 Release Notes Symantec Endpoint Protection Integration Component 7.5 Release Notes Legal Notice Copyright 2013 Symantec Corporation. All rights reserved.

More information

McAfee VirusScan Enterprise 8.7 Users Guide

McAfee VirusScan Enterprise 8.7 Users Guide McAfee VirusScan Enterprise 8.7 Users Guide MCAFEE VIRUSSCAN 8.7 (VS) USER'S GUIDE This document aims to introduce to the users McAfee VS 8.7 software and covers information about how to use it in order

More information

What are Viruses, Trojans, Worms & Spyware:

What are Viruses, Trojans, Worms & Spyware: What are Viruses, Trojans, Worms & Spyware: There are many different types of computer viruses circulating in the cyber world, including regular Computer Viruses, Worms, Trojans, and Spyware. Each is different

More information

Kaseya 2. User Guide. Version 7.0. English

Kaseya 2. User Guide. Version 7.0. English Kaseya 2 Antivirus User Guide Version 7.0 English September 3, 2014 Agreement The purchase and use of all Software and Services is subject to the Agreement as defined in Kaseya s Click-Accept EULATOS as

More information

List of Products supported by ESAP 2.2.1

List of Products supported by ESAP 2.2.1 List of Products supported by ESAP 2.2.1 Table of Contents Products supported on:... 2 Junos Pulse Secure Access Service 7.2Rx / Junos Pulse Access Control Service 4.2Rx... 2 Products supported on:...

More information

Configuring Security for SMTP Traffic

Configuring Security for SMTP Traffic 4 Configuring Security for SMTP Traffic Securing SMTP traffic Creating a security profile for SMTP traffic Configuring a local traffic SMTP profile Assigning an SMTP security profile to a local traffic

More information

Computer Security DD2395

Computer Security DD2395 Computer Security DD2395 http://www.csc.kth.se/utbildning/kth/kurser/dd2395/dasakh11/ Fall 2011 Sonja Buchegger buc@kth.se Lecture 7 Malicious Software DD2395 Sonja Buchegger 1 Course Admin Lab 2: - prepare

More information

Netsafe/ AVG New Zealand. NetSafe/ AVG New Zealand. Cyber Security Research. Cyber Security Research. Supplementary Tables. March 2011.

Netsafe/ AVG New Zealand. NetSafe/ AVG New Zealand. Cyber Security Research. Cyber Security Research. Supplementary Tables. March 2011. NetSafe/ AVG New Zealand Contents Page 1. Objectives and Methodology 3 2. Summary and Conclusions 6 3. Main Findings 8 Online security a serious issue 9 Concern about online challenges 11 Most important

More information

User Guide. Version R93. English

User Guide. Version R93. English Antivirus User Guide Version R93 English May 9, 2016 Copyright Agreement The purchase and use of all Software and Services is subject to the Agreement as defined in Kaseya s Click-Accept EULATOS as updated

More information

Anti-Virus Comparative

Anti-Virus Comparative Anti-Virus Comparative Malware Removal Test Language: English September 2009 Last Revision: 24 th October 2009 Table of Contents Tested Products 3 Conditions for participation and test methodology 4 Introduction

More information

Real World and Vulnerability Protection, Performance and Remediation Report

Real World and Vulnerability Protection, Performance and Remediation Report Real World and Vulnerability Protection, Performance and Remediation Report A test commissioned by Symantec Corporation and performed by AV-Test GmbH Date of the report: September 17 th, 2014, last update:

More information

Computer Viruses: How to Avoid Infection

Computer Viruses: How to Avoid Infection Viruses From viruses to worms to Trojan Horses, the catchall term virus describes a threat that's been around almost as long as computers. These rogue programs exist for the simple reason to cause you

More information

Hacker Intelligence Initiative, Monthly Trend Report #14. Assessing the Effectiveness of Antivirus Solutions

Hacker Intelligence Initiative, Monthly Trend Report #14. Assessing the Effectiveness of Antivirus Solutions December 2012 Hacker Intelligence Initiative, Monthly Trend Report #14 Assessing the Effectiveness of Antivirus Solutions Executive Summary In 2012, Imperva, with a group of students from The Technion

More information

System Compatibility. Enhancements. Operating Systems. Hardware Requirements. Email Security

System Compatibility. Enhancements. Operating Systems. Hardware Requirements. Email Security Email Security SonicWALL Email Security 7.0 for Microsoft Small Business Server System Compatibility SonicWALL Email Security 7.0 Software is supported on systems with the following: Operating Systems

More information

Installation Guide. NOD32 Typical. Proactive protection against Viruses, Spyware, Worms, Trojans, Rootkits, Adware and Phishing

Installation Guide. NOD32 Typical. Proactive protection against Viruses, Spyware, Worms, Trojans, Rootkits, Adware and Phishing NOD32 Typical Installation Guide Version 2.7 Includes Windows Vista and 64-bit protection Proactive protection against Viruses, Spyware, Worms, Trojans, Rootkits, Adware and Phishing Best Detection Fastest

More information

Chapter 14 Computer Threats

Chapter 14 Computer Threats Contents: Chapter 14 Computer Threats 1 Introduction(Viruses,Bombs,Worms) 2 Categories of Viruses 3 Types of Viruses 4 Characteristics of Viruses 5 Computer Security i. Antivirus Software ii. Password,

More information

BlackEnergy DDoS Bot Analysis

BlackEnergy DDoS Bot Analysis BlackEnergy DDoS Bot Analysis Jose Nazario, Ph.D. jose@arbor.net Arbor Networks October 2007 Summary BlackEnergy is an HTTP-based botnet used primarily for DDoS attacks. Unlike most common bots, this bot

More information

MALWARE THREATS AND TRENDS. Chris Blow, Director Dustin Hutchison, Director

MALWARE THREATS AND TRENDS. Chris Blow, Director Dustin Hutchison, Director MALWARE THREATS AND TRENDS Chris Blow, Director Dustin Hutchison, Director WHAT IS MALWARE? Malicious Software Viruses Worms Trojans Rootkits Spyware Ransomware 2 MALWARE ORIGINS Users bring it from home

More information

Managed Network Services

Managed Network Services ManagedNetwork Services Whatareyouwaitingfor? enesissystemsconsulting,inc.isaleading managed service provider of network, applicationsandserviceswithexpertisein voice,data,wireless,video,andvoiceover IP

More information

Internet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT

Internet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT Internet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT TESTED PRODUCTS: AVG Internet Security Network Edition v8.0 Kaspersky Total Space Security v6.0 McAfee Total Protection for Endpoint Sophos

More information

Miloš Kamenický ICSP Mail and Web

Miloš Kamenický ICSP Mail and Web IronPort Miloš Kamenický ICSP Mail and Web milos.kamenicky@alefnula.sk Session number: 202 525 549 Bezplatné číslo (volanie cez Skype): +1 866 432 9903 Lokálny tel. pre Česko: +420 221 435 100 Lokálny

More information