Username: Save?
Password:
Home Forum Links Search Login Register*
    News: Keep The TechnoWorldInc.com Community Clean: Read Guidelines Here.
Recent Updates
[September 10, 2022, 06:18:04 PM]

[September 10, 2022, 06:18:04 PM]

[September 10, 2022, 06:18:04 PM]

[September 10, 2022, 06:18:04 PM]

[September 05, 2022, 11:15:48 AM]

[September 05, 2022, 11:15:48 AM]

[September 05, 2022, 11:15:48 AM]

[September 05, 2022, 11:15:48 AM]

[August 26, 2022, 11:44:36 AM]

[August 26, 2022, 11:44:36 AM]

[August 26, 2022, 11:44:36 AM]

[August 26, 2022, 11:44:36 AM]

[August 13, 2022, 12:51:50 PM]
Subscriptions
Get Latest Tech Updates For Free!
Resources
   Travelikers
   Funistan
   PrettyGalz
   Techlap
   FreeThemes
   Videsta
   Glamistan
   BachatMela
   GlamGalz
   Techzug
   Vidsage
   Funzug
   WorldHostInc
   Funfani
   FilmyMama
   Uploaded.Tech
   MegaPixelShop
   Netens
   Funotic
   FreeJobsInc
   FilesPark
Participate in the fastest growing Technical Encyclopedia! This website is 100% Free. Please register or login using the login box above if you have already registered. You will need to be logged in to reply, make new topics and to access all the areas. Registration is free! Click Here To Register.
+ Techno World Inc - The Best Technical Encyclopedia Online! » Forum » THE TECHNO CLUB [ TECHNOWORLDINC.COM ] » Ethical Hacking / Security / Viruses » Viruses
 Computer & Network Security: Two Anti Virus Strategies
Pages: [1]   Go Down
  Print  
Author Topic: Computer & Network Security: Two Anti Virus Strategies  (Read 1838 times)
Daniel Franklin
TWI Hero
**********


Karma: 3
Offline Offline

Posts: 16647


View Profile Email
Computer & Network Security: Two Anti Virus Strategies
« Posted: October 02, 2007, 02:21:45 PM »


Rootkits and advanced spyware have fundamentally changed the playing field says Mike Danseglio, Program Manager in the Security Solutions group at Microsoft, according to Fox News' "Microsoft Official: Malware Recovery Not Always Possible" by Ryan Naraine, reporting from InfoSec World on April 5th, 2006. "When you are dealing with rootkits and some advanced spyware programs, the only solution is to rebuild from scratch. In some cases, there really is no way to recover without nuking the systems from orbit," states Mr. Danseglio.

He cites a recent instance where an unnamed branch of the U.S. government struggled to design an automated process to wipe and rebuild 2,000 infected client machines. "In that case, it was so severe that trying to recover was meaningless." While training costs can be high, they pale in comparison to the mounting expenses incurred by detecting damage, recovering lost work and rebuilding compromised systems--let alone "nuking" and starting all over again from scratch.

Rootkits, for example, use kernel hooks which often make them undetectable. Because of this, they are able to hide malware programs, making them the weapon of choice to compromise computer systems. Mr. Danseglio adds that IT administrators may never even know if the entire rootkit has been successfully removed. The cleanup process is "just way too hard."

"We've seen the self-healing malware that actually detects that you're trying to get rid of it. You remove it, and the next time you look in that directory, it's sitting there. It can simply reinstall itself," he said. "Detection is difficult, and remediation is often impossible," Danseglio declared. "If it doesn't crash your system or cause your system to freeze, how do you know it's there? The answer is you just don't know," he explained. "Lots of times, you never see the infection occur in real time, and you don't see the malware lingering or running in the background.

Fortunately, however, the alternative, training, is easier than it ever was, thanks to new online technologies such distance learning. The important point to remember is that, with today's viruses. all employees--not just IT people--must be trained.

Articles Source - Free Articles
About the Author

Tom McClintock is a Senior Analyst with NSI Partners (http://www.nsipartners.com), the consulting firm that operates the IT distance learning web site eLearnConnect which can be found at http://www.elearnconnect.com

Logged

Pages: [1]   Go Up
  Print  
 
Jump to:  

Copyright 2006-2021 TechnoWorldInc.com. All Rights Reserved. Privacy Policy | Disclaimer
Page created in 0.071 seconds with 24 queries.