Web Hosting News

  Home arrow Web Hosting News arrow Page 5 - An Old Trojan in New Clothing
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
  >>> SIGN UP!  
  Lost Password? 

An Old Trojan in New Clothing
By: Terri Wells
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 7

    Table of Contents:
  • An Old Trojan in New Clothing
  • It's a Trap!
  • Killing the Trojan
  • How Does Symantec Respond?
  • The Cat-and-Mouse Game

  • Rate this Article: Poor Best 
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article




    An Old Trojan in New Clothing - The Cat-and-Mouse Game

    (Page 5 of 5 )

    This reminded me of something that Phil explained to me about how some anti-virus software works when it encounters a threat for which it doesn't have the signature. It looks for suspicious behavior – i.e. something trying to download itself onto your computer without asking your permission first, or making changes to the sensitive settings of your computer (i.e. the registry). Haley explained that this is exactly how their “sonar” works. One of the challenges, of course, is making sure that the good software is allowed to function properly, while the bad stuff is trapped.

    Malicious hackers try to bypass these techniques of trapping them in a way that keeps your computer from realizing it's being duped; think of it as a digital way of “acting natural.” In response, anti-virus writers make their software more sensitive to suspicious behavior, and in response, hackers try to bypass the new protection, and the cycle continues.

    “The bad guys are constantly creating variants...specifically written to evade detection,” said Haley. His company sees it daily, and updates accordingly. “We'll always play the cat-and-mouse...but we're also using new technologies as well, less susceptible to these variants.”

    So how does Symantec keep up-to-date on the latest threats? Many get sent in by customers, of course, but the company has a Global Intelligence Network (GIN) – research facilities at 11 different locations around the world. While these facilities respond to 200,000 submissions from customers every day, Symantec also has “honey pots” and “honey networks” set up around the world, and sensors on machines that let them monitor activity and detect threats more directly.

    How does Symantec analyze all of these threats and decide how to respond? Much of the analysis and signature creation is automated, because they couldn't keep on top of it otherwise. For more complex cases, the company maintains about 200 human analysts. Some of their criteria for determining whether a particular piece of malware is a threat, and how bad of a threat, include how prevalent it is, whether Symantec's customers are seeing it, and how much damage it does.

    So be careful when you web surf. Keep your security software up to date, and make sure it uses more than one technique to protect your computer. If you see professional-looking software you've never heard of, be more than a little suspicious, especially if it's supposedly designed to protect your computer. And if your system reboots itself for no apparent reason, you'd better do some research; you just might have a virus on your hands. Remember, it's a jungle out there.

    DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.


    - FreedomPop Offering Open Wi-Fi Service
    - Go Daddy Goes to India
    - Netelligent, Savvis Add New Canadian Web Hos...
    - World IPv6 Launch Happens Today
    - IT Teams Struggle to Keep Pace with Malware
    - Lulz Security Hacks CIA, Takes Requests
    - Apple Unveils iCloud
    - Rackspace Introduces Cloud Load Balancers
    - Amazon Offers Cloud Drive, Disses Music Indu...
    - New Android.Pjapps Trojan
    - Copyright Fight over Hurt Locker Downloads I...
    - Data Reveals Many Browsers Remain Unpatched
    - PandaLabs Report - What Happens to Stolen In...
    - Safari Books Online Review
    - Hackers Targeting Human Rights Groups

    Developer Shed Affiliates


    © 2003-2018 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap