LIV - The Linux integrated viruswall

This paper presents a system developed in Linux aiming the protection of local area networks containing Windows workstations against malicious agents. The developed solution, named LIV - Linux Integrated Viruswall, besides filtering SMTP, HTTP and FTP traffic destined to the protected network, is capable of detecting malicious agents propagation in the local area network using a technique that we call 'sharing-trap'. Compromised workstations are isolated from the network and their users are notified, stopping the malicious agent's spread. Results collected from a network protected by LIV, containing thousands of Windows workstations, are presented and discussed. This paper includes information about the recent incident caused by MyDoom worm.

Dantas de Medeiros, Teobaldo A.; Pires, Paulo S. Motta (2004): LIV - The Linux integrated viruswall. Detection of intrusions and malware & vulnerability assessment, GI SIG SIDAR workshop, DIMVA 2004. Bonn: Gesellschaft für Informatik e.V.. PISSN: 1617-5468. ISBN: 3-88579-375-X. pp. 187-200. Regular Research Papers. Dortmund. July 6-7, 2004

Sammlungen

P046 - DIMVA 2004 - Detection of intrusions and malware & vulnerability assessment, GI SIG SIDAR workshop,

Komplettanzeige

LIV - The Linux integrated viruswall

Volltext URI

Dokumententyp

Dateien

Zusatzinformation

Datum

Autor:innen

Zeitschriftentitel

ISSN der Zeitschrift

Bandtitel

Quelle

Verlag

Zusammenfassung

Beschreibung

Schlagwörter

Zitierform

DOI

Tags

Sammlungen