[ news_security_news ]
CyberGuard Stops Santy Worm Variants
SecurityProNews
Staff Writer
2004-12-29
 Insider Reports RSS Feed
Variants of the Santy worm are exploiting popular search engines such as AOL and Yahoo! to identify vulnerable Web pages.
If executed, the latest versions, Santy.C and Santy.E worm, infect Web sites and bulletin boards through PHP (Hypertext Preprocessor) scripts. A compromised Web site is defaced and the site's servers suffer slowdown and information theft. CyberGuard stops Santy worm variations with its Total Stream Protection (TSP) firewall series, combined with Webwasher Content Security Management (CSM) solution. Customers deploying the most recent versions of the CSM suite are also protected.
"Internet threats do not rest during the holidays," explains Roger Barranco, CISSP, director of world wide support at CyberGuard Corporation. "Our dynamic products never rest either to proactively secure the integrity of our customer's networks."
Webwasher's CSM solution uses two content filters to proactively secure networks against threats such as the Santy worm. First, the antivirus filter prevents known vulnerabilities from entering the network. Second, the generic body filter allows the network administrator to create a rule blocking files based on byte sequence or finger print match. This feature is beneficial in the situation of a rapidly spreading vulnerability, such as Santy variants, because the traditional antivirus engine may not be updated to counter the attack. Customers may also employ archive filters or proactive scanning filters to ensure network integrity in the case of Internet attacks.
About the Author:
SecurityProNews is a daily online and email publication focusing on internet security issues.
More news_security_news Articles
Insider Reports RSS Feed
|
|
iEntry 10th Anniversary
RSS
Archive
