SecurityFocus

Effects of Worms on Internet Routing Stability
This article discusses the impact of worms on Internet endpoints and infrastructure, as well as their impact on global routing instability throughout the Internet.
By: Ido Dubrawsky 2003-06-11
http://www.securityfocus.com/infocus/1702

Malware Myths and Misinformation Part 2
This article is the second of a three-part series looking at some of the myths and misconceptions that undermine anti-virus protection.
By: David Harley 2003-05-28
http://www.securityfocus.com/infocus/1698

Malware Myths and Misinformation, Part 1
This article is the first of a three-part series looking at some of the myths and misconceptions that undermine anti-virus protection. The fallacies we address here tend to begin with the words "I'm safe from viruses because..."
By: David Harley 2003-05-19
http://www.securityfocus.com/infocus/1695

Anti-Virus Defence In Depth
This article will discuss defence in depth as it applies to anti-virus protection. While there are many papers written on this topic, most miss out on two crucial components: layered best of breed AV protection and centralized reporting and control.
By: Ken Bechtel 2003-04-22
http://www.securityfocus.com/infocus/1687

An Analysis of Simile
Virus writers have always tried new methods to evade detection, from encryption to polymorphism to EPO (entry point obscuring). Finally, virus writers used the cross-platform infection to increase the number of available infection vectors. Thus, it was no surprise when a virus that combined these methods was discovered - Simile.
By: Adrian Marinescu 2003-03-04
http://www.securityfocus.com/infocus/1671

Are You Infected? Detecting Malware Infection
Once executed, malware can perform its intended malicious function on a system. Unfortunately, it may not always be apparent to users that their system is indeed infected. This article will discuss how to determine whether or not the system has been infected and will offer some tips on to manually disinfect the system.
By: Jong Purisima 2003-02-13
http://www.securityfocus.com/infocus/1666

Smallpot: Tracking the Slapper and Scalper Unix Worms
As Unix worms become more common, it would be very interesting to compare the spreading of Linux and FreeBSD malware with their Win32 counterparts as a means of evaluating the relative security of these platforms. This article will look at the Smallpot Project, a generic honeypot designed to track almost any malware on the Internet, using the Slapper and Scalper worms as a case study.
By: Costin Riau 2003-02-04
http://www.securityfocus.com/infocus/1662

OpenAV: Developing Open Source AntiVirus Engines
The OpenAntivirus Project was founded to bring together antivirus programmers to develop open source antivirus protection. This article will take a look at the OpenAntiVirus AV engine, assess its progress so far, and offer some suggestions of how the developers can continue to develop it.
By: Costin Riau 2002-12-16
http://www.securityfocus.com/infocus/1650

.NET/MSIL Malicious Code and AV/Heuristic Engines
While the Windows .NET strategy incorporates numerous aspects, this article will focus on what aspects to cover in developing an AV/heuristic engine for this new platform. Specifically, it will address the additions introduced by .NET technologies to standard Windows PE (portable executable) file format and how that will affect the development of an effective heuristic engine. It will also briefly discuss the existing malicious codes for the .NET environment.
By: Markus Schmall 2002-11-18
http://www.securityfocus.com/infocus/1642

Polymorphic Macro Viruses, Part Two
This article is the second of a two-part series that will offer a brief overview of polymorphic strategies in macro viruses. This installment will look at the first serious polymorphic macro viruses, as well as the evolution of viruses into true polymorphic and, ultimately, metamorphic viruses.
By: Gabor Szappanos 2002-11-05
http://www.securityfocus.com/infocus/1638