Login or Register to Ask a Question and Join Our Community


UNIX and Linux RSS News

A randomized defence of virus throttling

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums News, Links, Events and Announcements UNIX and Linux RSS News A randomized defence of virus throttling
# 1  
Old 10-23-2008
A randomized defence of virus throttling
HPL-2008-135 A randomized defence of virus throttling - Mowbray, Miranda; Ananthanarayanan, Ganesh; Joseph, Anthony
Keyword(s): virus throttling, security
Abstract: This paper gives a simple example of a defence against a worm attack which is a randomized combination of pure strategies, and which is superior to all of the pure strategies that it combines. Although it was developed to defend against an attack on virus throttling in a specific network device, bot ...
Full Report

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

8 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

Randomized shuffle words on each line

Hi Folks, I have a text file with a thousand lines consisting of words or a group of words separated by commas. I would like to randomize / shuffle the words on each line. Eg; file.txt Linux,Open,Free,Awesome,Best Things in Life,The Greatest Laptop,PC,Tablet,Home Computers,Digital... (2 Replies)
Discussion started by: martinsmith
2 Replies

2. Red Hat

Throttling a Yum Mirror sync

I'm building a yum mirror on Oracle Enterprise Linux, which is a fork of RHEL. I'm using uln-yum-mirror to create and maintain the mirror. In the Yum client, more specifically in /etc/yum.conf there is a throttle setting. Is there a like feature in /etc/sysconfig/uln-yum-mirror? If so, what is... (0 Replies)
Discussion started by: os2mac
0 Replies

3. Solaris

Solaris sftp throttling?

I get poor performance when sftp'ing a file to a server on a SunOS 5.10 system, with Sun_SSH_1.1.4. The same client performs much better to a linux system at the same site. From a TCPdump, it appears that the Solaris server is throttling the thruput. After proceeding normally for a while, the... (0 Replies)
Discussion started by: AGermain
0 Replies

4. UNIX for Dummies Questions & Answers

Making replicates of a file with part of a line randomized for each file

Ok, so let's say that I have a file like the following: I want to create 100 replicates of this file, except that for each file, I want different randomized combinations of either A or B at the end of each line so that I would end up with files like the following: and etc. I... (1 Reply)
Discussion started by: Scatterbrain26
1 Replies

5. UNIX for Advanced & Expert Users

Throttling Process Resource Consumption

Is there a way of throttling a process resources, something akin to limits but for processes not users? ie I want processX to be restricted in the amount of memory it can consume. For process cpu I guess I can simply nice the process, but total memory consumption is my primary concern. (3 Replies)
Discussion started by: humbletech99
3 Replies

6. Shell Programming and Scripting

Throttling

Hey guys, Need your help/suggestions I have a log file which has 5K lines in it, I need to send only 200 lines to an application at a time and delete the 200 lines from log fileafter its been fed to application. The script should keep on running until all 5K has been... (2 Replies)
Discussion started by: achararun
2 Replies

7. Windows & DOS: Issues & Discussions

virus help:

:confused: folder option is dissapiaring in tool menu iam formatting c drive after removal of this virus & also regedit is also not opening the messerge say's administrater disabled with out formattiung how ican solve this problem i.e iwant to get folder options& regedit (2 Replies)
Discussion started by: seshumohan
2 Replies

8. UNIX for Dummies Questions & Answers

Virus !!!!!!!!!!!!!!!!!!!

can linux get a virus on the boot sec from windows? becuse my buddys computer micro trend cmos virus keeps telling him that there is a boot sec virus on my hdd is that possable or is the box being dumb and looking at the linux boot as a virus? it was set up as a windows box not a linux... (4 Replies)
Discussion started by: amicrawler2000
4 Replies
Login or Register to Ask a Question

LEARN ABOUT OPENSOLARIS

vscand

vscand(1M)						  System Administration Commands						vscand(1M)

NAME

       vscand - vscan service daemon

SYNOPSIS

       /usr/lib/vscan/vscand

DESCRIPTION

       vscand  is  the	daemon	that  handles  virus  scan requests from file systems on file open and close operations. A file system may support
       enabling and disabling of virus scanning on a per dataset basis, using that file system's administrative command, for example zfs(1M).

       If the file state or scan policy (see vscanadm(1M) requires that a file be scanned, vscand communicates	with  external	third-party  virus
       scanners (scan engines) using the Internet Content Adaptation Protocol (ICAP, RFC 3507) to have the file scanned.

       A  file is submitted to a scan engine if it has been modified since it was last scanned, or if it has not been scanned with the latest scan
       engine configuration (Virus definitions). The file's modified attribute and scanstamp attribute are used to store  this	information.  Once
       the file is scanned, the modified attribute is cleared and the scanstamp attribute is updated.

       If  the	file  is found to contain a virus, the virus is logged in syslogd(1M), an audit record is written, and the file is quarantined (by
       setting its quarantine attribute). Once a file is quarantined, attempts to read, execute or rename the file will be denied by the file sys-
       tem.  The syslogd(1M) entry and the audit record specify the name of the infected file and the violations detected in the file. Each viola-
       tion is specified as "ID - threat description", where ID and threat description are defined in the  X-Infection-Found-Header  in  ICAP  RFC
       3507; Extensions.

       By  default,  vscand  connects  to  scan  engines on port 1344. The port and other service configuration parameters can be configured using
       vscanadm(1M).

       The vscan service is disabled by default, and can be enabled using svcadm(1M).

EXIT STATUS

       The following exit values are returned:

       0	   Daemon started successfully.

       non-zero    Daemon failed to start.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWvscanu		   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Uncommitted		   |
       +-----------------------------+-----------------------------+

SEE ALSO

       ps(1), svcs(1), logadm(1M), svcadm(1M), syslogd(1M), vscandadm(1M), zfs(1M), attributes(5), smf(5)

NOTES

       If a file is accessed using a protocol which does not invoke the file system open and close operations, for example NFSv3,  virus  scanning
       is not initiated on the file.

       File content is transferred to the scan engines as cleartext data.

       Administrative  actions for the vscan service, such as enabling, disabling, or requesting a restart, can be performed using svcadm(1M). The
       vscan service status can be queried using the svcs(1) command.

       The vscan service is managed by the service management facility, smf(5), under the service identifier:

	 svc:/system/filesystem/vscan

SunOS 5.11							    6 Nov 2007								vscand(1M)