Code Red antidote - Kaspersky. (News and Products).Kaspersky Labs, has released the first active defence system for Web servers operating on the Internet Information Server See IIS. (World-Wide Web) Internet Information Server - (IIS) Microsoft's web server and FTP server for Windows NT. IIS is intended to meet the needs of a range of users: from workgroups and departments on a corporate intranet to ISPs hosting websites that receive (IIS (Internet Information Services) Microsoft's Web server. IIS runs under the server versions of Windows, adding HTTP server capability to the Windows operating system. ), combating all of the Code Red modifications. The anti-virus industry was unprepared for the infections attack perpetrated by the new generation of "fileless" Internet-worm, Code Red. The standard means of defense, such as anti-virus scanners, monitors and even special anti-virus filtration modules for firewalls, are not capable of neutralizing the attacks carried out by Code Red-style malicious programs. Monitors and scanners are only able to establish the fact that malicious code is present in a computer's system memory, but are powerless to remove it; and even if they could, Code Red would simply repeat the attack, once again infecting the computer. As is known, Code Red exploits a security breach in IIS that is classed as a "Buffer Overflow A common cause of malfunctioning software. If the amount of data written into a buffer exceeds the size of the buffer, the additional data will be written into adjacent areas, which could be buffers, constants, flags or variables. " allowing a malefactor MALEFACTOR. He who bas been guilty of some crime; in another sense, one who has been convicted of having committed a crime. to run unwanted code on a Web server. Instead of the standard requests for viewing specific Web pages, a hacker sends a special binary code binary code Code used in digital computers, based on a binary number system in which there are only two possible states, off and on, usually symbolized by 0 and 1. Whereas in a decimal system, which employs 10 digits, each digit position represents a power of 10 (100, 1,000, that overwrites the memory buffer designated for this request, and then causes the server to execute the malicious code presented as a part of the request. The only way to prevent such an attack is to install the corresponding patch available form Microsoft However, many network administrators have ignored and continue [to ignore this, because they believe these patches can cause more harm than the viruses themselves. In addition to this, large companies with underdeveloped un·der·de·vel·oped adj. Not adequately or normally developed; immature. computer infrastructures could require a week to install such patches, interfering with regular day-to-day functioning. Most importantly Adv. 1. most importantly - above and beyond all other consideration; "above all, you must be independent" above all, most especially , there is always a lag between the detection of a breach and the patch thwarting it, during which time users are virtually left defenseless. We predict that in the very near future, such 'fileless' worms as Code Red will become one of the most widespread forms of malicious programs, and an anti-virus' ineffectiveness in the 'face of such a threat simply invites danger. This situation demands that the development of special filter modules for US servers be given top priority - filters cleansing the requests and treating those -containing malicious code. The current US-server anti-virus-filtration version reliably defends computers against all known versions of the Code Red worm, and does not require the Microsoft patch. Soon, the program will have built-in heuristic A method of problem solving using exploration and trial and error methods. Heuristic program design provides a framework for solving the problem in contrast with a fixed set of rules (algorithmic) that cannot vary. 1. technology Capable of detecting and neutralizing the attack of even an unknown virus using the "Buffer Overflow" similar to Code Red. Unlike the hundreds of megabytes required by the Microsoft Service Pack containing the Code-Red patch, Kaspersky Anti-Virus Kaspersky Anti-Virus (Russian: Антивирус Касперского; formerly known as AntiViral Toolkit Pro) is an antivirus program developed by Kaspersky Lab. for US Servers takes up all of a few dozen kilobytes of disk space, and doesn't interfere with a Web server's performance. The current program's anti-virus database is quickly updated following the detection of the latest "fileless' worm in much a way that users don't need to wait for the release of the corresponding patch. In closing, the filtration module is capable of being downloaded by everyone free of charge. Users can download Kaspersky Anti-Virus for US Servers from the Kaspersky Labs site: www.Kasersky.com/utlls/kavisapl.zip |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion