Detecting and Eliminating Computer Viruses at the Gateway

Written by CipherTrust

Traditional anti-virus software only stops known computer viruses – stopping undefined computer viruses requires a different approach.

Inrepparttar past, network administrators scrambled to apply new virus signatures whenever new computer viruses were discovered. While these signatures will stop a known threat, it takes time for anti-virus vendors to develop them. Unfortunately,repparttar 109509 newest and most damaging viruses are able to spread so quickly thatrepparttar 109510 damage is done before a signature can be developed and distributed.

In fact,repparttar 109511 independent testing laboratory foundrepparttar 109512 response times for major anti-virus software publishers to range from just under 7 hours to almost 30 hours , withrepparttar 109513 four leading vendors (Sophos, McAfee, Symantec and Trend Micro) clocking in at no less than 12 hours.

In January 2004,repparttar 109514 computer virus known as “MyDoom” created mass disruption to corporate resources and reputations as it quickly spread through e-mail networks worldwide. At its peak, MyDoom infected one in every five e-mails transmitted overrepparttar 109515 Internet. The worm broke records set by previous malware, such as Sobig.F, to becomerepparttar 109516 fastest-spreading virus ever. This incredible propagation speed left many networks vulnerable - despiterepparttar 109517 presence of anti-virus software - because ofrepparttar 109518 lag time between whenrepparttar 109519 virus outbreak began, and when a virus definition became available.

As a result of recent malware threats, corporations and organizations have learned a painful but important lesson: simply deploying a signature-based solution is no longer enough. Detecting and eliminating computer viruses requires a multi-faceted, rapid-response approach that traditional anti-virus protection cannot provide. Even a single unprotected computer on an enterprise network can bring downrepparttar 109520 entire system in just minutes, rendering evenrepparttar 109521 most expensive and up-to-date software useless.

Why E-Mail is Particularly Susceptible

In many organizations, e-mail has replacedrepparttar 109522 telephone asrepparttar 109523 most useful business tool available. Unfortunately, e-mail has also been a victim of its own success and presents a unique threat torepparttar 109524 enterprise network as a whole.

Detecting and eliminating threats has traditionally beenrepparttar 109525 combined responsibility of firewalls, virus scanners, and intrusion detection systems (IDS) set up by enterprises to defend against attacks. Firewalls prevent unauthorized programs from accessingrepparttar 109526 network, virus scanners scan each PC inrepparttar 109527 network for malicious code, and gateway servers lock down extraneous ports to protect against unauthorized access.

But key Internet-facing applications, including e-mail are unguarded by firewalls. In order to function, e-mail must expose firewall ports, including port 25,repparttar 109528 port used by SMTP (Simple Mail Transfer Protocol) and port 110,repparttar 109529 port used by POP (Post Office Protocol).

When a firewall receives a connection on port 25, it generally assumes thatrepparttar 109530 transmission is e-mail and allows it to flow through torepparttar 109531 e-mail server. The transmission may very well be a valid e-mail; however, it could also be a virus, spam or something much worse. Firewalls are not able to distinguish between “good” mail and “bad” mail and therefore they are unable ot protectrepparttar 109532 e-mail application.

Stop E-Mail Threats atrepparttar 109533 Gateway

Therefore, some sort of protection is needed specifically for e-mail and, sincerepparttar 109534 best place to stop a threat is before it gets insiderepparttar 109535 network,repparttar 109536 protection should be atrepparttar 109537 e-mail gateway. Protectingrepparttar 109538 e-mail gateway requires a coordinated effort to combat a host of issues, including spam, viruses, corporate policy infringements, directory harvest attacks, denial of service attacks, phishing, spoofing, and snooping. As e-mail threats evolve,repparttar 109539 distinction between each of these types of threats becomes blurred.

Furthermore, accuracy in identifying “bad” e-mails is crucial. Extreme care must be taken to avoid filtering out legitimate e-mails (false positives), which could contain important information from customers or partners.

Historically, enterprises have turned to multiple vendors to solve their e-mail security issues. They have relied on anti-virus vendors to protect them from viruses. They use a separate anti-spam vendor to help cut back onrepparttar 109540 spam. Then, there arerepparttar 109541 issues of content filtering, policy enforcement, encryption, and network security. Unfortunatley, attackers are now highly adept at exploiting these non-integrated solutions. This “Swiss cheese” defense has not only been costly, but increasingly ineffective at protecting corporate email systems.

Dealing With Spam

Written by Oswyn James

I do not have an account at Citibank , neither am I an American citizen however I keep getting emails asking me to check my account details at Citibank as they are going through some restructuring. I even received one that said that a check had been returned and that I should check my account online by following a link to make sure all is well.

Another date in question I received one that said that I had won a free DVD player and for me to collectrepparttar prize I just had to send my details of address and so on. Wowrepparttar 109508 internet has spurned a new era of con artists. There are those who are trying their best to get your info especially your credit card number while others use it to control your surfing habits with all these viruses that force your browser software to surf to one URL no matter how hard you try to avoid it. (Porn sites are notorious for that!)

One has to be very careful when one opens his or email these days as more often than not you inbox is flooded with all kinds of filth. Persons get your email address even though you have never surfed to their website. How do they get you email address. Robots that is how, these little programmes surfrepparttar 109509 net trapping email addresses from webpages, your own mail and forwards. These are stored by companies which sell these lists out for cash. Yes surprising that is a hot item. You have no control over it you just have to live with it.

Cont'd on page 2 ==> © 2005
Terms of Use