search

McAfee SAV85E - Active VirusScan - PC Manual de usuario Pagina 20

  • Descarga
  • Añadir a mis manuales
  • Imprimir
  • Pagina
    / 24
  • Tabla de contenidos
  • MARCADORES
    • Valorado. / 5. Basado en revisión del cliente
Vista de pagina 19
20
White Paper Access Protection in McAfee VirusScan Enterprise and
Host Intrusion Prevention
The rules will trigger when a user logs on and the virus tries to run. This will also identify computers
where the virus is already installed and prevent the virus from running again.
Again, rules of this form will be effective against many new viruses when they have known filenames.
The VIL article also says that W32/Bagel.AB@MM will mail itself using SMTP, it listens on port 2535 for
instructions from its author and it downloads scripts from websites. All of this behavior can be blocked
using the following port-blocking rules:
Port: 25
Direction: Outgoing
Exclusion list: Any SMTP clients that are allowed to run
Port: 2535
Direction: Incoming
Exclusion list: None
Port: 80
Direction: Outgoing
Exclusion list: Any web browsers that are allowed to run
The first and last of these are included by default in VSE. If they cannot be enabled all the time, enable
them for the duration of the outbreak if possible.
The last thing that the virus does is “Files are created in folders that contain the phrase ‘shar.’” There is
a long list of filenames that the virus uses so it is not practical to make a separate rule for each file. A
broader rule, which prevents any .EXE files being created in a directory that contains “shar” would
look like:
Process: *
Wildcard: **/*shar*/**/*.exe
Prevent: create
The W32/Bagel.ab@MM virus doesn’t contain a destructive payload. If we look instead at
W32/Shodi.c@MM http://vil.nai.com/vil/content/Print104469.htm, the VIL says “it delivers a destructive
payload, deleting … C:\NTDETECT.COM.”
Therefore, a rule such as:
Process: *
Wildcard: c:\ntdetect.com
Prevent: delete
will prevent this virus from rendering the computer unbootable. Since ntdetect.com is a Windows file,
preventing access to it may affect the application of Microsoft hot fixes or service packs.
Vista de pagina 19
1 2 ... 15 16 17 18 19 20 21 22 23 24

Comentarios a estos manuales

Sin comentarios
Relacionado con productos y manuales para Software McAfee SAV85E - Active VirusScan - PC
Software McAfee VIRUSSCAN HOME EDITION 7.0 Guía de usuario   (40 paginas)
Software McAfee INTERNET SECURITY 5.0 Guía de usuario   (122 paginas)
Software McAfee MANAGEMENT EDITION 2.5 Manual de usuario   (31 paginas)
Software McAfee EPOLICY ORCHESTRATOR 4.0.2 - Guía de usuario   (96 paginas)
Software McAfee MANAGEMENT EDITION 2.5 Guía de usuario   (74 paginas)
Software McAfee UTILITIES 4.0 Manual de usuario   (10 paginas)
Software McAfee EPOLICY ORCHESTRATOR 4.5 - Guía de instalación   (110 paginas)
Software McAfee OFFICE 3.1 Manual de usuario   (35 paginas)
Software McAfee INTERNET GUARD DOG 3.0 Guía de instalación   (108 paginas)
Software McAfee VIRUSSCAN 4.5 - Manual de usuario   (21 paginas)
Software McAfee VIRUSSCAN 4.5 - Manual de usuario   (14 paginas)
Software McAfee UTILITIES 4.0 Guía de instalación   (34 paginas)
Software McAfee SAV85E - Active VirusScan - PC Guía de usuario   (42 paginas)
Software McAfee UNINSTALLER 6.0 Guía de usuario   (180 paginas)
Software McAfee UTILITIES 4.0 Guía de usuario   (112 paginas)
Software McAfee INTERNET SECURITY 5.0 Manual de usuario   (13 paginas)
Software McAfee VIRUSSCAN HOME EDITION 7.0 Guía de usuario   (48 paginas)
Software McAfee EPOLICY ORCHESTRATOR 3.6 - WALKTHROUGH GUIDE Guía de usuario   (200 paginas)
Software McAfee QUICKCLEAN 3.0 Guía de usuario   (41 paginas)
Software McAfee UNINSTALLER 6.0 Guía de usuario   (99 paginas)
  • Carrier Opticis Cal Spas U.S. Guitar Kits ELO Digital Office
  • Casio Accesorios de la cámara Radio Shack Calculadoras Sharkoon Ratones Roland Bombas De Agua McIntosh Amplificadores de audio
  • AEG IKB64301FB HP ENVY 121 e-All-in-One Printer Lg 50PK540 Liebherr GG 5260 Electrolux EN3453AOX
  • Electrolux EWF1294DSW Manual de usuario Danby SILHOUETTE DPAC120061 Manual de usuario Ingo HEM060C Ficha de datos Draytek Vigor3900 Manual de usuario Symmons S-3602-STN Guía de instalación