Mirage Networks Stops Witty Worm Day-Zero: No Signature Required; Inverted Firewall Protects Internal Networks Against Destructive Code.Business Editors/High-Tech Writers AUSTIN, Texas--(BUSINESS WIRE)--March 22, 2004 Mirage Networks Inc., the pioneer in security solutions for Interior Defense, today announced that the Inverted inverted reverse in position, direction or order. inverted L block a pattern of local filtration anesthesia commonly used in laparotomy in the ox. Firewall protects internal networks from a new worm that exploits a vulnerability in some versions of ISS's BlackICE security products. Dubbed the "Witty" worm, this threat uses rapid propagation techniques to spread and carries a damaging payload (1) Refers to the "actual data" in a packet or file minus all headers attached for transport and minus all descriptive meta-data. In a network packet, headers are appended to the payload for transport and then discarded at their destination. that deletes random sections of hard drives on infected computers. The Witty worm sends itself as an ICQ ("I Seek You") A conferencing program for the Internet from Mirabilis, Tel Aviv, Israel (www.icq.com). It provides interactive chat, e-mail and file transfer and can alert you when someone on your predefined list has also come online. packet from source port 4000, exploiting a buffer overflow A common cause of malfunctioning software. If the amount of data written into a buffer exceeds the size of the buffer, the additional data will be written into adjacent areas, which could be buffers, constants, flags or variables. to overwrite (1) A data entry mode that writes over existing characters on screen when new characters are typed in. Contrast with insert mode. (2) To record new data on top of existing data such as when a disk record or file is updated. system memory. Because it resides in memory, not files, anti-virus solutions are ineffective at blocking it. The Witty worm then sends itself to 20,000 randomly generated IP addresses with random destination ports and begins overwriting Overwriting An options strategy that involves the sale of call or put options on stocks that are believed to be overpriced or underpriced. The options are not expected to be exercised. Notes: Also referred to as overriding. hard drives on the infected machine with meaningless data. The system hard drives are corrupted, which in many cases causes complete system failure. Mirage Networks customers are immediately able to detect and contain endpoints infected with the Witty worm. The Inverted Firewall's behavioral detection algorithms identify Witty as it attempts to propagate prop·a·gate v. 1. To cause an organism to multiply or breed. 2. To breed offspring. 3. To transmit characteristics from one generation to another. 4. by targeting random IP addresses. The appliance then automatically contains the infected source, preventing the attack from reaching other vulnerable systems on the network. IT is alerted to the source of the threat so they can clean the infected machine, and the Inverted Firewall will determine when the endpoint is no longer sending malicious traffic and allow the device back onto the network. "Attacks with damaging payloads like the Witty Worm are huge threats to network resources, end-user productivity and intellectual property," said Mark Wilkinson Mark Wilkinson (born in Windsor, England on October 31952) is best known for his detailed surrealistic cover art that he created for a number of British bands, most prominently the Progressive Rock band, Marillion. , Chief Technology Officer, Mirage Networks. "Unfortunately, these attacks are able to easily bypass traditional perimeter and host security, which is why we designed the Inverted Firewall specifically to stop threats on the network interior -- surgically isolating the source of malicious traffic." The Mirage Networks Inverted Firewall is the first security appliance Security appliances protect computer networks from unwanted data traffic, intruders, email spam, enforce policies, and may also be used to create and manage VPNs. There are a number of types of security appliances. designed specifically to protect internal networks. Virtually-inline, the Inverted Firewall identifies, slows and contains malicious traffic without interrupting normal business communications. The appliance is self-contained, requiring no signatures, no agents and no network re-architecture to immediately begin detecting and mitigating threats. About Mirage Networks Mirage Networks is the pioneer in security solutions for Interior Defense. With Mirage's virtually in-line Inverted Firewall(tm) appliance, companies can eliminate day-zero, rapidly propagating threats and network abuses from their internal network without introducing latency into business-critical communications. Based in Austin, Texas, Mirage Networks is funded by CenterPoint Ventures and Adams Capital Management. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion