Skip to main content

How to protect your network from Trojans?

So how do you protect your network from Trojans?

A common misconception is that anti-virus software offers all the protection you need.

The truth is anti-virus software offers only limited protection.

Anti-virus software recognizes only a portion of all known Trojans and does not recognize unknown Trojans.

Although most virus scanners detect a number of public/known Trojans, they are unable to scan UNKNOWN Trojans.

This is because anti-virus software relies mainly on recognizing the signatures of each Trojan.

Yet, because the source code of many Trojans is easily available, a more advanced hacker can create a new version of that Trojan, the signature of which NO anti-virus scanner will have.

If the person planning to attack you finds out what anti-virus software you use, for example through the automatic disclaimer added to outgoing emails by some anti-virus engines, he will then create a Trojan specifically to bypass your virus scanner engine.

Apart from failing to detect unknown Trojans, virus scanners do not detect all known Trojans either - most virus vendors do not actively seek new Trojans and research has shown that virus engines each detect a particular set of Trojans.

To detect a larger percentage of known Trojans, you need to deploy multiple virus scanners; this would dramatically increase the percentage of known Trojans caught.

  >> To effectively protect your network against Trojans, you must follow a multi-level security strategy:

  You need to implement gateway virus scanning and content checking at the perimeter of your network for email, HTTP and FTP - It is no good having email anti-virus protection, if a user can download a Trojan from a website and infect your network.

You need to implement multiple virus engines at the gateway - Although a good virus engine usually detects all known viruses, it is a fact that multiple virus engines jointly recognize many more known Trojans than a single engine.

You need to quarantine/check executables entering your network via email and web/FTP at the gateway.

You have to analyze what the executable might do.
  _________________________

Labels:

Comments

Post a Comment

Popular posts from this blog

Step by Step: Connecting to a VPN (Outgoing)

Step 1 Click the Start button. In the search bar, type VPN and then select Set up a virtual private network (VPN) connection. Step 2 Enter the IP address or domain name of the server to which you want to connect. If you’re connecting to a work network, your IT administrator can provide the best address.   Step 3 If you want to set up the connection, but not connnect, select Don’t connect now; otherwise, leave it blank and click Next.   Step 4 On this next screen, you can either put in your username and password, or leave it blank. You’ll be prompted for it again on the actual connection. Click Connect.   Step 5 To connect, click on the Windows network logo on the lower-right part of your screen; then select Connect under VPN Connection.   Step 6 In the Connect VPN Connection box, enter the appropriate domain and your log-in credentials; then click Connect.   Step 7 If you can’t connect, the problem could be due to the server configuration. (There...
Post a Comment
Read more

How to Connect Two Computers Via Crossover Ethernet Cable?

In this tutorial we are going to show you how to transfer data from one computer to another. We need to PC/Laptop and a crossover cable to transfer data. PC 1 Step1: Go to “Open Networking and Sharing Center“. Step2: Click on “Local Area Connection“. Step3: Now click on “Properties“. Step4: Double click on “Internet Protocol Version 4(TCP/IPv6)“. Step5: Click on “Use the following IP address:” and enter the IP address: as 192.168.1.1 and just give a click onSubnet mask. Once done click “Ok” and close it.   PC 2 Step1: Go to “Open Networking and Sharing Center“. Step2: Click on “Local Area Connection“. Step3: Now click on “Properties“. Step4: Double click on “Internet Protocol Version 4(TCP/IPv6)“. Step5: Click on “Use the following IP address:” and enter the IP address: as 192.168.1.2 and just give a click onSubnet mask. Once done click “Ok” and close it. Now  two computers are connected. To share files we need to give access to our drives, so fol...
Post a Comment
Read more