malware and all those terms

Discussion in 'other anti-malware software' started by gambla, Apr 3, 2011.

Thread Status:
Not open for further replies.
  1. gambla

    gambla Registered Member

    Joined:
    Sep 4, 2007
    Posts:
    166
    Location:
    Frankfurt, Germany
    Hi,
    my second question today: I just wondered if it's still necessary to distinguish viruses, malware, trojans etc. ? What do you think ?
     
    gambla, Apr 3, 2011
    #1
  2. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,899
    Location:
    localhost
    fax, Apr 3, 2011
    #2
  3. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    4,020
    Location:
    California
    Hello, gambla,

    Whether something is "necessary" is relative, so that to a forensic analyst, differentiating between the types of attacks is helpful and probably required in making a report.

    To the average home users, I question whether or not it's necessary, or can be just a matter of interest, if they are so inclined to learn about the differences.

    I've been content over many years to refer to all malware as a "virus" with home users. It's the term they come into contact with most frequently.

    More important, from my point of view, are

    1) setting up good security policies and procedures that make them aware of the various exploit methods that cybercriminals use in tricking people into installing stuff

    2) having security in place to block the remote code execution exploit

    Then, it doesn't matter whether the exploit blocked is a rogue AV (trojan) or the Conficker USB remote code execution exploit (worm).

    regards,

    -rich
     
    Rmus, Apr 3, 2011
    #3
  4. gambla

    gambla Registered Member

    Joined:
    Sep 4, 2007
    Posts:
    166
    Location:
    Frankfurt, Germany
    Thank you. Maybe my question wasn't very precise. I asked in relation to all the different security apps. Afaik, all modern Antivirus softwares usually protect against malware too, as they claim. But still you read about Antimalware and other security apps. Does everybody everything today ? Or do we have take a closer look in the features they have ?
     
    gambla, Apr 3, 2011
    #4
  5. Rmus

    Rmus Exploit Analyst

    Joined:
    Mar 16, 2005
    Posts:
    4,020
    Location:
    California
    Hello, gambla,

    Security products have evolved to the most technical complexity, yet many computers are compromised daily. Even in Organizations which employ knowledgeable technical people.

    See this ISC diary:

    RSA/EMC: Anatomy of a compromise
    http://isc.sans.edu/diary.html?storyid=10645

    Read the comments by experts in the field - many different opinions and approaches as to how this exploit could have been prevented from doing its dirty work. Which would have been most effective? With the rise of sophistication of malware, can any one solution cover everything?

    Of course, you can argue that the employee should not have opened the unsolicited email attachment in the first place!

    regards,

    -rich
     
    Last edited: Apr 3, 2011
    Rmus, Apr 3, 2011
    #5
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...