Archive

Archive for May 13, 2010

Finding unexpected Trojans on your network? Perhaps you need an ICA!

If a Trojan survives on your network for more than 72 hours, chances are that you’ll never find it unless you stumble upon it by accident.  If your security tools don’t see it or its network traffic, how are you ever going to know it’s there?

Too many organizations are finding malware on their network – days, weeks or even months after the initial compromise. Are you experiencing these types of problems? Are you concerned that there might be well-hidden malware on your network?

A Internet Connectivity Audit (ICA) can help you identify network activity indicative of a malware infection on your network.  A ICA is an in-depth analysis of ALL traffic leaving and entering your network using a custom suite of packet crunching tools that can identify much more than a simple protocol analyzer (a.k.a sniffer).  In some cases, a ICA will even identify covert channels used by malware that adhere to protocol RFCs.  If you want to increase your chances of finding well-hidden malware, you need a ICA.

The problem is that many organizations don’t know about ICAs or that it’s even possible to do such an audit. Why? Because the tools to do a proper ICA don’t exist on the commercial market. As a result, many organizations will never know that a hacker is on their network or that a hacker came and left. Until ICAs become a mainstream capability, hackers will continue to remain undetected on many organization’s networks.

To learn more about ICAs, click here.

Advertisements