Click here to receive your FREE subscription to Campus Technology
News
Mirage NACs Stave Off Storm Worm
11/21/2007
Network Access Control systems from maker Mirage Networks can now recognize and isolate the Storm Worm, and variants thereof. The Storm Worm incorporates infected computers into a global, distributed botnet estimated to range in size anywhere between 250,000 and 10 million infected computers.The e-mail-borne Storm Worm, which started affecting computers nearly a year ago in January, uses compelling subject lines to entice users to open up attached executables (.exe), which then infect the computer and makes it part of the botnet. Storm Worm's botnet is not centrally controlled and behaves in a peer to peer fashion, with infected machines receiving and acting upon commands from the malware's programmers without their users' knowledge, let alone permission.
Mirage said its research team acquired copies of Storm and its variants and ensured that its NACs detect and shut down the worm, which is key for Mirage "because several aspects of the worm's behavior suggest that its programmers designed it to thwart NAC applications specifically," said Grant Hartline, Mirage's chief technical officer, in a prepared statement.
The worm's behavior could indicate attempts to beat anti-virus (AV) and intrusion prevention systems (IPS), according to Mirage, which points to the fact that the code Storm uses to propagate changes every 30 minutes, which can foil signature-based AV and IPS. The distributed botnet also shifts the infected hosts' roles so that a host could cease functioning as a "command and control" server soon after it is detected, and that role reassigned to another zombified computer.
Storm Worm is also reputed to launch dedicated denial of Service (DDoS) attacks on security vendors that have purposely tried to get machines infected and connected to the botnet in order to reconnoiter the network.
Read More:
David Kopf is a freelance technology writer and marketing consultant. He can be reached at david@dkcopy.com.
Cite this Site
copy text (above) for proper citation
Recommended Reading
- Tufts Grants Rights for Mileage-Increasing Transportation Technology to Electric Truck
Tufts University has optioned rights to a technology that can recharge the batteries of any hybrid electric and electric-powered vehicle while it is driven. The Tufts-developed technology could increase by 20 percent to 70 percent the miles per gallon or total driving range performance of vehicles like the Honda Civic, Ford Escape, and Toyota Prius hybrids and the Tesla Motors and Phoenix Motorcars electric vehicles.
- U Florida and Cyntellect Collaborate to Unlock Mysteries of Cancer Stem Cells
The University of Florida has entered into a research agreement with life sciences company Cyntellect. The university's Interdisciplinary Center for Biotechnology Research will work with the company to focus on a variety of research areas including the purification and analysis of cancer stem cells (CSCs), rare cells believed to be directly involved in propagating cancers.
- George Mason U Receives Grant To Deploy Intergraph Apps for Intelligence Curriculum
George Mason University (GMU) in Fairfax, VA has been awarded a grant from Intergraph to enable students enrolled in GMU's Geospatial Intelligence Graduate Certificate program to use the company's geospatial production and exploitation software as part of their core curriculum.
- Institute for Cyber Security at U Texas, San Antonio Opens Incubator
The University of Texas at San Antonio (UTSA) Institute for Cyber Security (ICS) has launched a new Internet security incubator. The incubator was developed to commercialize promising technologies that address major cyber security and privacy issues. The first companies to enter the incubator are Denim Labs and SafeMashups.
- ISO/IEC Publishes Office Open XML Standard
ISO/IEC has published the Office Open XML (OOXML) file format standard, formally known as ISO/IEC 29500:2008. It describes file formats originally designed by Microsoft for its Office 2007 productivity suite, which are used in presentation, spreadsheet and word processing applications.
- Dynamics NAV 2009 ERP Coming Next Month
Microsoft exec Kirill Tatarinov Wednesday described some new features to expect in the forthcoming Microsoft Dynamics NAV 2009 enterprise resource planning solution. He gave the keynote address at Microsoft's Convergence 2008 event in Copenhagen, Denmark.
