際際滷

際際滷Share a Scribd company logo

Mtt p2

Download as pptx, pdf
K
Kerry Ingram

The document discusses the threats posed by viruses and malware and describes how AspenMAS provides effective protection against these threats. It explains that viruses can infect systems and remain unseen, then outlines AspenMAS's approach of using event tracing and comparing binaries to signature files from multiple antivirus programs to identify and remove infections that other programs may miss. The document promotes AspenMAS's security plans and services for businesses seeking robust protection.

1 of 16
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
The Future of PC Protection 1 The Presentation is sole property of Aspenmas and cannot be used without permission.
When do you see a Virus or Malware? After it is in your PC and already effecting your machine, right. How does a virus really infect and effect your machine? The virus or malware is an executable piece of program that runs in your machine. Everything that happens on your PC is a program execution of some form or another. Most of these executions are good and some are bad. 2 The Presentation is sole property of Aspenmas and cannot be used without permission.
What are some of the primary characteristics of the current malware today? Sources: All media forms, usually controlled by a Botnet. Whos the target: Anyone, any company any individual. What happens to a typical victim: 1 System is compromised 2 Information is stolen, sold, exploited. 3 PC is subjugated to a bot-network. What does an Infection look like: 1 Primary objective is to remain unseen. 2 Make tracking almost impossible. 3 Setup shop and not effect the PC operation. 4 Your PC is then controlled by the Botnet. 3 The Presentation is sole property of Aspenmas and cannot be used without permission.
A Little Analysis So when you see a problem, there has been an execution of a program. What else can be associated with this execution event? There can be several: First, the piece of code or program that was run. This is called a binary. Second might be a file copied or saved and the address or path. The Third association, to the event, is the preceding or parent event. So now we have a parent event and the child event that we found from the original problem we discovered. 4 The Presentation is sole property of Aspenmas and cannot be used without permission.
What is the binary that is associated with an event? Bottom line is, it is a program. It might be MS Word or Outlook or your browser or anything else has been installed or run on your PC. What does a virus binary do? Basically, it can do anything that any other program can do. It can copy itself from place to place. It can attach itself to other binaries, in order to hide, like a windows system file or other programs. It can even delete files or itself and, if it want to, it could destroy your entire hard drive. 5 The Presentation is sole property of Aspenmas and cannot be used without permission.
So what can we do with this information? If we knew all of the events, we can trace from one event to another. If we have each of the original binaries we can do three things. 1. We can replace a damaged binary with the original one. 2. We can compare this binary to know bad programs. 3. We could see the original malware or virus when it entered the PC and its source point. 6 The Presentation is sole property of Aspenmas and cannot be used without permission.
The original event Discovered while using the PC (O.E.) 7 The Presentation is sole property of Aspenmas and cannot be used without permission.
O.E. Parent event. (P.E.) 8 The Presentation is sole property of Aspenmas and cannot be used without permission.
O.E. P.E. P.E. Trace back to the event that started the chain. 9 The Presentation is sole property of Aspenmas and cannot be used without permission.
The origin event will give up the source of the problem. O.E. P.E. P.E. 10 The Presentation is sole property of Aspenmas and cannot be used without permission.
From the entry parent event we can trace each of the child C.E. events and the effects of those events in the PC and what each future event has effected. P.E. O.E. P.E. C.E. 11 The Presentation is sole property of Aspenmas and cannot be used without permission.
C.E. C.E. C.E. One original virus event can P.E. create many P.E. effects in different parts of C.E. your PC. C.E. C.E. 12 The Presentation is sole property of Aspenmas and cannot be used without permission.
Bad News and Good News The bad news is, this is real. The actions of a virus or malware binary are very serious. In the past, it used to be that virus would send you a nasty note and do its nasty business. Now they dont tell you anything. As a mater of fact, one primary goal is to NOT be detected or tracked. This way it can continue to do its business without you knowing it exists and you removing it. The good news is this entire process has been built into a tool that we install on our clients machines to assist in identifying and cleaning problems that occur. 13 The Presentation is sole property of Aspenmas and cannot be used without permission.
The Better News The current anti-virus and anti-malware software compares the programs (binaries) against a list of binaries that are known copies of the bad viruss and malware. These lists are called a signature files. A search, with the signature file, will identify programs on your PC that are similar to or are bad binaries. They then can then be removed and your PC can now be cleaned. The problem is no one anti-virus program will find all of the bad software. The great news is our tool has the ability to compare all of the binaries in your system to ALL of the signature files from All of the major software programs on the market. This can be done with in minutes of a new binary being introduced into your PC. 14 The Presentation is sole property of Aspenmas and cannot be used without permission.
AspenMAS Aspenmas is a Colorado based MSP. We provide one of the most effective PC and Server protection systems available today. Our security Plans include Firewalls, software, monitoring and Pro-Active Security Systems. If we cant stop the problem, our systems can identify and allow us to correct the infection. 15 The Presentation is sole property of Aspenmas and cannot be used without permission.
What do you do now The AspenMAS security Plans are available to our regular MSP clients. If you are interested in becoming an AspenMAS client contact us at: AspenMAS 40 W. Littleton Blvd Suite 210-284 Littleton, CO 80120 sales@aspenmas.com www.aspenmas.com 16 The Presentation is sole property of Aspenmas and cannot be used without permission.
Ad

Recommended

iOS Backgrounding - SLC Cocoaheads
iOS Backgrounding - SLC Cocoaheads
Dave Stevenson
Giant bags of mostly water
Giant bags of mostly water
roensel
Virus removal services, Laptop repair las vegas nv
Virus removal services, Laptop repair las vegas nv
Ashu Pandey
Horror pitch
Horror pitch
xtara15
Evaluacion1.pdf
alex quitio balda
Vtiger Open Source
Vtiger Open Source
Carlos J. Garc鱈a Carmona
Adele
Adele
TammieAnnie
Horror pitch final
Horror pitch final
xtara15
Horror pitch final
Horror pitch final
xtara15
Horror pitch final
Horror pitch final
xtara15
Horror pitch
Horror pitch
xtara15
Director case study
Director case study
xtara15
Horror pitch final
Horror pitch final
xtara15
The 2009 Presidential Car - Cadillac One
The 2009 Presidential Car - Cadillac One
mrballantyne
Cleft lip
Cleft lip
Mo'men Bakr
Viruses & Malware: Effects On Enterprise Networks
Viruses & Malware: Effects On Enterprise Networks
Diane M. Metcalf
Virus and antivirus
Virus and antivirus
Harshal Joshi
Basic Computer Security for Doctors
Basic Computer Security for Doctors
Plus91 Technologies Pvt. Ltd.
computer virus full explain ppt.pptx
computer virus full explain ppt.pptx
TayyabaAbbas4
Information security and privacy
Information security and privacy
Joy Chakraborty
Information security and privacy
Information security and privacy
Joy Chakraborty
Is Anti-Virus Dead?
Is Anti-Virus Dead?
ESET
E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpo...
E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpo...
Lumension
Ast 0052862 Sophos Stopping Fake Antivirus Wpna Sept11
Ast 0052862 Sophos Stopping Fake Antivirus Wpna Sept11
Josh Castellano
Malware Protection Week5Part4-IS Revision Fall2013 .docx
Malware Protection Week5Part4-IS Revision Fall2013 .docx
infantsuk
Powerpoint
Powerpoint
Sophos Threatsaurus: The A-Z of Computer and Data Security Threats
Sophos Threatsaurus: The A-Z of Computer and Data Security Threats
Connecting Up
cyber security cyber security cyber security cyber security
cyber security cyber security cyber security cyber security
Nagaraja465570
Introducing Intelligence Into Your Malware Analysis
Introducing Intelligence Into Your Malware Analysis
Brian Baskin
CS111-PART 7 (MALWARE).pdf
CS111-PART 7 (MALWARE).pdf
Kakai Catalan

More Related Content

Viewers also liked (7)

Horror pitch final
Horror pitch final
xtara15
Horror pitch final
Horror pitch final
xtara15
Horror pitch
Horror pitch
xtara15
Director case study
Director case study
xtara15
Horror pitch final
Horror pitch final
xtara15
The 2009 Presidential Car - Cadillac One
The 2009 Presidential Car - Cadillac One
mrballantyne
Cleft lip
Cleft lip
Mo'men Bakr
Horror pitch final
Horror pitch final
xtara15
Horror pitch final
Horror pitch final
xtara15
Horror pitch
Horror pitch
xtara15
Director case study
Director case study
xtara15
Horror pitch final
Horror pitch final
xtara15
The 2009 Presidential Car - Cadillac One
The 2009 Presidential Car - Cadillac One
mrballantyne
Cleft lip
Cleft lip
Mo'men Bakr

Similar to Mtt p2 (20)

Viruses & Malware: Effects On Enterprise Networks
Viruses & Malware: Effects On Enterprise Networks
Diane M. Metcalf
Virus and antivirus
Virus and antivirus
Harshal Joshi
Basic Computer Security for Doctors
Basic Computer Security for Doctors
Plus91 Technologies Pvt. Ltd.
computer virus full explain ppt.pptx
computer virus full explain ppt.pptx
TayyabaAbbas4
Information security and privacy
Information security and privacy
Joy Chakraborty
Information security and privacy
Information security and privacy
Joy Chakraborty
Is Anti-Virus Dead?
Is Anti-Virus Dead?
ESET
E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpo...
E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpo...
Lumension
Ast 0052862 Sophos Stopping Fake Antivirus Wpna Sept11
Ast 0052862 Sophos Stopping Fake Antivirus Wpna Sept11
Josh Castellano
Malware Protection Week5Part4-IS Revision Fall2013 .docx
Malware Protection Week5Part4-IS Revision Fall2013 .docx
infantsuk
Powerpoint
Powerpoint
Sophos Threatsaurus: The A-Z of Computer and Data Security Threats
Sophos Threatsaurus: The A-Z of Computer and Data Security Threats
Connecting Up
cyber security cyber security cyber security cyber security
cyber security cyber security cyber security cyber security
Nagaraja465570
Introducing Intelligence Into Your Malware Analysis
Introducing Intelligence Into Your Malware Analysis
Brian Baskin
CS111-PART 7 (MALWARE).pdf
CS111-PART 7 (MALWARE).pdf
Kakai Catalan
Apt presso good to learn
Apt presso good to learn
Fajar Isnanto
virus
virus
Vinod siragaon
Computer virus
Computer virus
Manjula Pradeep Gunathilake
Computer viruses by joy chakraborty
Computer viruses by joy chakraborty
Joy Chakraborty
Malware ppt final.pptx
Malware ppt final.pptx
LakshayNRReddy
Viruses & Malware: Effects On Enterprise Networks
Viruses & Malware: Effects On Enterprise Networks
Diane M. Metcalf
Virus and antivirus
Virus and antivirus
Harshal Joshi
Basic Computer Security for Doctors
Basic Computer Security for Doctors
Plus91 Technologies Pvt. Ltd.
computer virus full explain ppt.pptx
computer virus full explain ppt.pptx
TayyabaAbbas4
Information security and privacy
Information security and privacy
Joy Chakraborty
Information security and privacy
Information security and privacy
Joy Chakraborty
Is Anti-Virus Dead?
Is Anti-Virus Dead?
ESET
E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpo...
E is for Endpoint II: How to Implement the Vital Layers to Protect Your Endpo...
Lumension
Ast 0052862 Sophos Stopping Fake Antivirus Wpna Sept11
Ast 0052862 Sophos Stopping Fake Antivirus Wpna Sept11
Josh Castellano
Malware Protection Week5Part4-IS Revision Fall2013 .docx
Malware Protection Week5Part4-IS Revision Fall2013 .docx
infantsuk
Powerpoint
Powerpoint
Sophos Threatsaurus: The A-Z of Computer and Data Security Threats
Sophos Threatsaurus: The A-Z of Computer and Data Security Threats
Connecting Up
cyber security cyber security cyber security cyber security
cyber security cyber security cyber security cyber security
Nagaraja465570
Introducing Intelligence Into Your Malware Analysis
Introducing Intelligence Into Your Malware Analysis
Brian Baskin
CS111-PART 7 (MALWARE).pdf
CS111-PART 7 (MALWARE).pdf
Kakai Catalan
Apt presso good to learn
Apt presso good to learn
Fajar Isnanto
virus
virus
Vinod siragaon
Computer virus
Computer virus
Manjula Pradeep Gunathilake
Computer viruses by joy chakraborty
Computer viruses by joy chakraborty
Joy Chakraborty
Malware ppt final.pptx
Malware ppt final.pptx
LakshayNRReddy
Ad

Mtt p2

  • 1. The Future of PC Protection 1 The Presentation is sole property of Aspenmas and cannot be used without permission.
  • 2. When do you see a Virus or Malware? After it is in your PC and already effecting your machine, right. How does a virus really infect and effect your machine? The virus or malware is an executable piece of program that runs in your machine. Everything that happens on your PC is a program execution of some form or another. Most of these executions are good and some are bad. 2 The Presentation is sole property of Aspenmas and cannot be used without permission.
  • 3. What are some of the primary characteristics of the current malware today? Sources: All media forms, usually controlled by a Botnet. Whos the target: Anyone, any company any individual. What happens to a typical victim: 1 System is compromised 2 Information is stolen, sold, exploited. 3 PC is subjugated to a bot-network. What does an Infection look like: 1 Primary objective is to remain unseen. 2 Make tracking almost impossible. 3 Setup shop and not effect the PC operation. 4 Your PC is then controlled by the Botnet. 3 The Presentation is sole property of Aspenmas and cannot be used without permission.
  • 4. A Little Analysis So when you see a problem, there has been an execution of a program. What else can be associated with this execution event? There can be several: First, the piece of code or program that was run. This is called a binary. Second might be a file copied or saved and the address or path. The Third association, to the event, is the preceding or parent event. So now we have a parent event and the child event that we found from the original problem we discovered. 4 The Presentation is sole property of Aspenmas and cannot be used without permission.
  • 5. What is the binary that is associated with an event? Bottom line is, it is a program. It might be MS Word or Outlook or your browser or anything else has been installed or run on your PC. What does a virus binary do? Basically, it can do anything that any other program can do. It can copy itself from place to place. It can attach itself to other binaries, in order to hide, like a windows system file or other programs. It can even delete files or itself and, if it want to, it could destroy your entire hard drive. 5 The Presentation is sole property of Aspenmas and cannot be used without permission.
  • 6. So what can we do with this information? If we knew all of the events, we can trace from one event to another. If we have each of the original binaries we can do three things. 1. We can replace a damaged binary with the original one. 2. We can compare this binary to know bad programs. 3. We could see the original malware or virus when it entered the PC and its source point. 6 The Presentation is sole property of Aspenmas and cannot be used without permission.
  • 7. The original event Discovered while using the PC (O.E.) 7 The Presentation is sole property of Aspenmas and cannot be used without permission.
  • 8. O.E. Parent event. (P.E.) 8 The Presentation is sole property of Aspenmas and cannot be used without permission.
  • 9. O.E. P.E. P.E. Trace back to the event that started the chain. 9 The Presentation is sole property of Aspenmas and cannot be used without permission.
  • 10. The origin event will give up the source of the problem. O.E. P.E. P.E. 10 The Presentation is sole property of Aspenmas and cannot be used without permission.
  • 11. From the entry parent event we can trace each of the child C.E. events and the effects of those events in the PC and what each future event has effected. P.E. O.E. P.E. C.E. 11 The Presentation is sole property of Aspenmas and cannot be used without permission.
  • 12. C.E. C.E. C.E. One original virus event can P.E. create many P.E. effects in different parts of C.E. your PC. C.E. C.E. 12 The Presentation is sole property of Aspenmas and cannot be used without permission.
  • 13. Bad News and Good News The bad news is, this is real. The actions of a virus or malware binary are very serious. In the past, it used to be that virus would send you a nasty note and do its nasty business. Now they dont tell you anything. As a mater of fact, one primary goal is to NOT be detected or tracked. This way it can continue to do its business without you knowing it exists and you removing it. The good news is this entire process has been built into a tool that we install on our clients machines to assist in identifying and cleaning problems that occur. 13 The Presentation is sole property of Aspenmas and cannot be used without permission.
  • 14. The Better News The current anti-virus and anti-malware software compares the programs (binaries) against a list of binaries that are known copies of the bad viruss and malware. These lists are called a signature files. A search, with the signature file, will identify programs on your PC that are similar to or are bad binaries. They then can then be removed and your PC can now be cleaned. The problem is no one anti-virus program will find all of the bad software. The great news is our tool has the ability to compare all of the binaries in your system to ALL of the signature files from All of the major software programs on the market. This can be done with in minutes of a new binary being introduced into your PC. 14 The Presentation is sole property of Aspenmas and cannot be used without permission.
  • 15. AspenMAS Aspenmas is a Colorado based MSP. We provide one of the most effective PC and Server protection systems available today. Our security Plans include Firewalls, software, monitoring and Pro-Active Security Systems. If we cant stop the problem, our systems can identify and allow us to correct the infection. 15 The Presentation is sole property of Aspenmas and cannot be used without permission.
  • 16. What do you do now The AspenMAS security Plans are available to our regular MSP clients. If you are interested in becoming an AspenMAS client contact us at: AspenMAS 40 W. Littleton Blvd Suite 210-284 Littleton, CO 80120 sales@aspenmas.com www.aspenmas.com 16 The Presentation is sole property of Aspenmas and cannot be used without permission.
About
息 2025 際際滷