 |
|
|
| News archive about antivirus software, virus threats, trojans |
|
February 2003
Public Testing for BitDefender Enterprise 2.0 -- Posted by Igor_Donchenko on Sunday, February 16 2003
BitDefender, a provider of security software and services, announces the beta version release of its antivirus management solution, BitDefender Enterprise v2.0. The second version of BitDefender Enterprise offers superior scalability in a heterogeneous computer network, flexible security policies and real time reaction to network security incidents.
Covering all possible ways to enter a network, BitDefender Enterprise uses workstation, file server and mail server clients in order to prevent any potential attempt to infect a system or to commit a breach in a company policy.
The Security Officer will be able to know in real time where, when and what happened anywhere in the network, on any platform. The alert is scaled depending on client type, providing three different levels of information: critical, warning or simple report.
Main benefits: Makes it easier to set the protection tasks and to generate reports about the protection tasks results by using a single management console for all network clients.Allows setting the security options directly from the management console, by integrating with all BitDefender products.The user can schedule the execution of common operations such as: scheduled scan, virus definitions update and protection options configuration for BitDefender products installed on workstations.The security options for the products installed on workstations can be remotely changed, using the management consoleSingle tasks configuration so these should execute on a single station, on entire groups or across the whole network.Complete information concerning the antivirus activity during a period of time through generation of detailed reports and statistics.Automatic and remote installation of BitDefender Enterprise Manager clients anywhere in the network.
Remote network administration using the possibility to install the management console on any workstation and to connect it to BitDefender Server.The product will also be demonstrated at CeBIT 2003, in Hannover, Germany, in Hall 6, booth F8.
|
The 7th generation of Bitdefender Standard Edition enters the public beta testing -- Posted by Igor_Donchenko on Tuesday, February 11 2003
BitDefender, a provider of security software and services, announces the beta version release of its new generation of antivirus solutions for home users. All users are invited to examine the new BitDefender Antivirus - Standard Edition and to take part to a testing contest endowed with valuable prizes.
The new graphic interface and the way the product is designed ensure a high level of accessibility, helping users to easily configure their security options.
As the scan engines now use optimized techniques, the scan rate is obviously improved, reducing the consumption of system resources during the scanning process. BitDefender Standard Edition also surveys the Windows registry, detecting malicious codes as they try to overwrite the default settings.
Among the main features of BitDefender Antivirus - Standard Edition worth mentioning: - Improved scan rate
- New and revolutionary, skinnable interface
- Centralized management interface, making easy to access the protection components
- Centralization of all information regarding the current version of BitDefender Standard Edition
- Superior stability.
The product will also be demonstrated at CeBIT 2003, in Hannover, Germany, in Hall 6, booth F8.
|
Weekly virus report from Panda Software -- Posted by Igor_Donchenko on Saturday, February 1 2003
This week's virus report focuses on SQLSlammer, as well as a worm known as Netspree and a Trojan called Winpao.
The attack launched by SQLSlammer is considered to be the one that has had the biggest impact on the Internet over the last 18 months. This worm exploits a vulnerability in Microsoft SQL Server to launch denial of service attacks (DoS) against these corporate servers, blocking networks and communication services.
The second worm in today's report is Netspree, which can infect computers with any Windows operating system installed, although it only spreads through shared network drives running under Windows XP/2000/NT. This malicious code connects to an IRC server through port 6667 and discloses confidential information from the machine in which it is installed. By doing this it also leaves the computer vulnerable, as any remote user could access it. Another effect of this virus is that it can use the affected computer to launch DoS attacks.
Netspree creates a file called WIN32LOAD.EXE in the Windows system directory, which contains the worm's code. This file goes memory resident and waits for an Internet connection to be established. When this happens, it downloads a file called LCP_NETBIOS.DLL, which incorporates the utility PSEXEC.EXE and a file with a BAT extension. The BAT file contains instructions for connecting to a remote system and the commands it uses to carry out infection. Netspree also inserts several entries in the Windows Registry in order to ensure that it is run every time the computer is started.
The Trojan in today's report is Winpao, which is programmed to steal confidential information from the computer and send it to the virus author. The data it steals includes: the server name, the e-mail password, mail received, message subjects, the passwords file, the SMTP ID, the user name and password, etc. It also ends processes that belong to antivirus programs or system monitors.
An indication that Winpao is present in a computer are files with random names appearing in all drives for no apparent reason. This malicious code also creates a file called ESPLORER.EXE in the Windows system directory and multiple copies of itself in the available disk drives. Finally, it is worth highlighting that this Trojan also modifies several entries in the Windows Registry in order to ensure that it is loaded in memory before any file with a EXE, CHM, INI, REG, SCR or TXT extension is run. If the files created by the Trojan are deleted but the Windows Registry is not restored, the files with the extensions mentioned above will not be run.
Source: http://www.pandasoftware.com/
|
|
