Modern Malware has become one of the most dangerous threat to any network structure of the company itself. Compared to the old and dumb modern malware malware is getting smarter and more persistent. Can be used by hackers modern malware as an area within a company, which can be used at any time to take advantage of an attack. But what the company can do to protect their systems against modern malware.
Avoid or control applications suspects
before the appearance the meet modern Web malware, malware commonly use the most common means of communication these days - email. However, modern malware from various types of applications other than e-mail arrives. To prevent malware on the system, network administrators and , the application, the media in all company employees webmail, IM, P2P and social networks used to identify. These vectors have the same quality of security, because the company e-mail with application.
controlling these applications must be important. The first is to eliminate dangerous and suspicious applications and the next is to ensure the visibility of each permitted use. Enforce rules against the use of harmful applications such as P2P networks, limiting the people who have permission to use that network. Limit each file sharing application and the proxy shall be allowed for business purposes only.
Some of these applications are not directly to see whether they have seen and it specifically blocks for alternative path in the network, so it is important to see how the applications behave second phase is to ensure the safety of allowed useful applications. Applications should be visible to the administrator and allows the application to SSL security and privacy. But even if the application has SSL certificate, the company must have the ability to decrypt the encrypted message and inspect each SSL-encrypted page.
Middle-Man
Although different applications that are provided lines malware malware found a new way of delivering trip by downloading. In fact, the user would like his system is confused with malware infections in the first place. This malware system starts in a remote exploitation against the company or the infected computer, a sample of the infected file is found on a particular website. The malware can be targeted OS, browser or other application, the root access to the system. When this happens, non-delivered malware to the computer without any unusual happen. In fact, OS and browsers warn users about any file to download, but not reliable. Thus, the company needs a certain checkpoint among Internet users and Internet. The in-line network security.
But the important role it should in-line and real-time security do as administrators with real-time web-based application has. If the administrator has completed computer forensics training, he will learn that some anti-malware software is not designed for real-time work and can easily slow down the system. It should be examined carefully, software, or better yet a lot better.
Administrator should automatically recognize any file transfer different types of applications. He has the tools to decrypt and decode the different kinds of protocols to ensure that there is no hidden file transfer traffic in every situation
identify malware
Although the administrators will be able to see all the applications that deliver malware or have the opportunity to meet and also control any malware delivered, it is still important to recognize that the malware. Modern malware can now network and managed so that it is more sophisticated and capable of identifying any attack on the system. Once the administrator has captured a possible malware, it is important to know if you really malware and understand how it works and affects the system. In computer forensics course, administrators will learn how to use the sandbox.
sandbox is a safe environment, where possible malware or unknown files can test and observe. Unfortunately sandbox in real time the administrator will have to wait for any bad behavior before it appeared in a closure. Sometimes impatient administrator will automatically send an unknown file system only to find out later that it is a malware after the violation occurred.
consideration that these are some of the things they do business to protect their systems from malware. Hopefully this article useful enough in terms of your company secure against the threat of malware.
The International Council of E-Commerce Consultants (EC-Council) is a member-based organization that certifies individuals in cybersecurity and e-commerce. It is the owner and developer of 20 security certifications. EC-Council has trained over 90,000 security professionals and certified more than 40,000 members. These certifications are recognized worldwide and have received endorsements from various government agencies. They also provide training in computer forensics.
0 comments:
Post a Comment