100 likes | 239 Vues
SOFT-TRONIK, a.s. Defending Malware. Michal Červinka Pre-sales SE. Defending Malware. Blocking Access to Malware Sites Detecting Hidden File Types Removing Active Content from HTML Pages Blocking Mobile Malicious Code Implementing Anti-malware Protection ….
E N D
SOFT-TRONIK, a.s. Defending Malware Michal ČervinkaPre-sales SE
Defending Malware • Blocking Access to Malware Sites • Detecting Hidden File Types • Removing Active Content from HTML Pages • Blocking Mobile Malicious Code • Implementing Anti-malware Protection • …
Blocking Access to Malware Sites • BCWF Categories • Spyware/Malware Sources • Spyware Effects/Privacy Concerns • Phishing
Detecting Hidden File Types • ProxySG provides • file extensions • MIME data types • apparent data types (DOS/Win executables, MS CAB) As a destination in Web Access Layer • ProxyAV delivers • file extensions • true file-type checking in any container (archive …) • executables, images, documents, archives
Removing Active Content • Strip • Java Applets • Plugins • ActiveX • JavaScript, VB Script Action at web access layer
Blocking Mobile Malicious Code • script string rewriting (substitute keywords) • script injection (prevent execution) CPL only CPU intensive
Anti Malware Scanning • Scan once, serve many times • ISTAG for cacheable objects • fingerprints for non cacheable • Many ICAP Error Codes • file scanning timeout • maximum individual file size exceeded • maximum total uncompressed size exceeded • maximum total number of files in archive exceeded • maximum number of archive layers exceeded • decode/decompress error (unsupported compression method, corrupted compression file) • password protected archive • out of temporary storage space • other errors
http Parsing • ProxySG blocks malformed HTTP requests and returns a 400 Invalid Request error by default SGOS#(config) http tolerant-request-parsing
Michal ČervinkaPre-sales SEmichal.cervinka@soft-tronik.czSOFT-TRONIK, a.s.OstravaTvorkovských 5709 00 Ostrava - Mariánské Horytel.: +420 597 488 811 fax: +420 596 622 486PrahaNagano Office and Technology Park,Nagano IIIU nákladového nádraží 10130 00 Praha 3tel: +420 266 109 211 fax: +420 283 840 236www.soft-tronik.cz