Detecting Trojans and Worms with Network Analyzer

Thursday, September 09, 2010

Ray Tan


As network security professionals, we definitely understand the importance of antivirus software, as it is always the first choice for most enterprises and home users.

But it disappoints me that although antivirus has adapted to cloud computing, it still works on signature detection method.

Now we come to the end of antivirus software age, as there are several reasons that we can not rely on it any more.

  • The number of new signatures released yearly exceeds a million, this makes the antivirus less reliable. We have detected virus with valid signature, and we found out that some company released their product within suspicious code.
  • We are facing threats more than virus, such as malware, trojan, worms and distributed denial-of-service attack, antivirus can do nothing or very limited on them.
  • There are more and more attacks targeted at antivirus software itself, this may lead to data breach and other potential loss without the awareness of user.
What are your thoughts on the future of antivirus software? Leave a comment...
Possibly Related Articles:
Viruses & Malware
Antivirus malware
Post Rating I Like this!
Mister Reiner I have some posts on my blog that you might find interesting:

Finding unexpected Trojans on your network? Perhaps you need an ICA!

How to catch hackers security sensors don’t see – Part 1

How to catch hackers security sensors don’t see – Part 2

Is it possible to engineer a computer that is 100% secure?
Ray Tan Thank you for your sharing.
Ray Tan I have posted the full article on my blog:

Please leave your comment if you are interested in it.
Thank you.
Karen Kast This is taken from a section of our company newsletter:

While heuristic, reputation and relationship technologies
continue to improve (and are an important tool in the fight
against malware) signature based systems continue to be the
primary technology used in malware protection.
Ray Tan I have viewed your website, but I did not find the newsletter you have mentioned.
As I have stated, anti-virus still works for known virus if you update it everyday, however, it fail to detect the unknown ones, it can not detect the attacks from hacker.
The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.