This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Possible To Block Malware (Fake Virus Scanners, etc)?

Anyone know if this is doiable somehow in Astaro? Reason is, I was on a site earlier... maybe it was one that was compromised, and all of a sudden I got a popup showing a fake antivirus scanner. av.exe and I had to clean it up and all.

Of course, I wasn't behind Astaro. I was on a sprint card at the time..but it made me wonder if Astaro would have been able to block it? I have my content scanner at home blocking things like web ads, spyware, etc..but just wondering if I've done all I could do, so if I was at home behind astaro, if it would block these things. [;)]

This thread was automatically locked due to age.

0 Scott_Klassen over 16 years ago

Yes and No.  As with most security filtering technologies, they are reactive in nature.  AV scanners work from definition files, as does IPS/IDS.  Content Filtering works from a database of categorized web objects.

If a given bit of malware hasn't been categorized yet or added to blocking definitions, then it may not be caught or blocked.  The folks who create the "Bad stuff" are constantly modifying their code to bypass such filtering techniques (at least until such time, that the new version of bad code is added to filtering lists).

One good method of blocking the vast majority of this sort of thing is to use the web filtering in Astaro, setting it to block uncategorized pages.  The negative side of this is that newer valid web sites that haven't been catalogued yet will also be blocked.

__________________
ACE v8/SCA v9.3

...still have a v5 install disk in a box somewhere.

http://xkcd.com
http://www.tedgoff.com/mb
http://www.projectcartoon.com/cartoon/1
Cancel
Vote Up 0 Vote Down

Cancel