Tren thi truong hien nay, khong co chuong trinh quet virus
doc lap nao duoc danh gia la nhanh nhat hay hieu qua nhat trong nhan dien cac
loai virus, trojan va nhieu de doa nguy hiem khac. Bai nay se chi ro ly do vi
sao su dung da chuong trinh quet virus o muc mail server lai la phuong thuc hieu
qua nhat de ngan chan hoat dong tan cong cua virus va phat hien duoc noi chung
an nau.
Gioi thieu
Mot su
that khong the phu nhan trong doi song IT la virus, trojan, worm, spam va mot so
dang phan mem doc hai khac luon luon tiem an moi de doa voi tat ca cac doanh
nghiep, to chuc. Chung tan cong, pha hoai, an cap du lieu, gay ra thiet hai hang
ngan do la, tac dong tieu cuc toi nang suat va hoat dong cua doanh nghiep. Theo
so lieu thong ke nam 2006 cua Trung tam khao sat an ninh va toi pham FBI (FBI
Crime and Security Survey), 97% trong so cac to chuc duoc hoi co cai dat it nhat
mot phan mem diet virus, nhung 65% trong so do da tung phai hung chiu it nhat
mot cuoc tan cong do virus gay ra trong 12 thang gan nhat. Network World cung
dan ra mot so ket qua nghien cuu khac: chi rieng cac cong ty o My da phai bo ra
3,5 ty do la trong cuoc chien voi Blaster, SoBig.F, Sober va nhieu virus e-mail
khac. Tuong tu, mot cuoc nghien cuu do chinh phu Anh tien hanh nam 2006 cho thay,
nam 2005 43% cac cong ty o Anh da bi virus tan cong.
Cac to
chuc chiu trach nhiem dong y rang ho can phai bao ve mang truoc cac cuoc tan
cong cua virus bang cach cai dat it nhat mot san pham bao mat e-mail. Song ma
doc hai ngay cang tinh vi va duoc nang cap tung ngay, do ky nang va trinh do cua
nhung ke viet ra chung ngay cang nang cao. Hinh thuc pha hoai cua virus luon di
truoc mot buoc so voi phuong phap do tim cua chuong trinh diet chung. Tham chi
chung co the de dang lot qua cac giai phap tuong lua, phan mem diet virus cho du
cac chuong trinh nay luon dua ra thong bao thuong xuyen. Thanh cong cua virus la
do lien ket duoc tren dien rong lo hong logic voi diem yeu ke thua tren co so
cac chien dich bao ve chi su dung mot chuong trinh diet virus.
Bai nay
se giai thich tai sao de tra loi cho cau hoi: “Lieu mot chuong trinh quet
virus co du suc bao ve mang noi bo truoc virus, sau va nhieu de doa khac?”,
chi co mot tu ngan gon nhung dut khoat duoc dua ra: “KHONG!”. Dong thoi
chung ta cung se kiem tra viec can thiet phai su dung da phan mem diet virus de
tang nhanh thoi gian phan ung khi xuat hien virus moi hay cac bien the cua chung,
nho do giam thieu nguy co mang co the bi tan cong. Su dung da phan mem diet
virus cung cho phep admin tro thanh mot chuyen gia doc lap, tu danh gia duoc
chat luong cu the cua tung phan mem va do do lua chon duoc san pham tot nhat,
phu hop nhat voi mang minh quan ly.
Can thiet phai rut ngan thoi gian phan ung truoc virus
Mot trong
nhung yeu to quan trong nhat khi muon bao ve mang thanh cong truoc virus la thoi
gian cap nhat file dinh danh virus cho chuong trinh phai that nhanh. Cac file
nay do hang san xuat phan mem diet virus cung cap, dua ra cac tieu chuan de xac
dinh nhu the nao thi duoc coi la mot virus. Thu dien tu cho phep virus duoc phat
tan nhanh chong voi toc do anh sang trong vai gio dong ho. Mot virus e-mail don
le cung du de co the tan cong toan bo mang cua ban. Do do, yeu to then chot la
cac file dau hieu phai duoc update nhanh chong khi virus moi xuat hien. Trong
tat ca cac cuoc tan cong do virus gay ra, luon co mot khoang thoi gian chenh
lech tu thoi diem virus tan cong cho den khi file dau hieu moi duoc cung cap,
phuc vu cho chuong trinh diet virus thu tieu va loai tru triet de chung. File
dau hieu cang duoc update nhanh, co hoi cho cac cuoc tan cong cang it. Mot
nghien cuu cua chinh phu Anh trong nam 2006 cho thay, trong nam 2005 mac du 100%
cac cong ty lon o Anh su dung san pham anti-virus, nhung 43% trong so ho van bi
virus tan cong, phan lon do file dau hieu ve virus moi duoc dua ra qua cham chap.
Hang san
xuat phan mem diet virus nao cung khang dinh san pham cua minh co thoi gian phan
ung nhanh nhat, nhung thuc te thi khong dang lac quan nhu vay. Moi hang co
khoang thoi gian update ban va diet virus va worm rat khac nhau. Tham chi ngay
ca voi cung mot hang, thoi gian update cho mot loai virus co the chi trong 6 gio,
nhung voi virus tiep sau do co khi mat den 18 gio. Tinh phuc tap cua van de
khien khong mot cong ty chuyen san xuat phan mem bao mat nao giu duoc vi tri so
mot trong suot thoi gian dai. Mot so cong ty co the co toc do nhanh hon o mot
thoi diem, nhung chua co cong ty nao duy tri duoc vi tri do qua lau. Co the lan
nay la Kapersky, lan sau lai la McAfee, BitDefender hay Norman…
Su khac
nhau ve thoi gian chua han da phan anh chat luong cong viec hay do gioi, kem cua
hang san xuat. Yeu to dau tien ma no phan anh la vi tri dia ly va vung thoi gian.
Mot
so nghien cuu ve thoi gian dua ra chuong trinh moi khi virus Worm/Sober
xuat hien cua mot so hang san xuat phan mem anti-virus.
Bang minh
hoa thoi gian:
Bang 1
- Thoi gian phan ung cua cac cong ty san xuat phan mem diet virus truoc su xuat
hien cua sau w32.Sober.C:
|
Cong ty |
Thoi gian
(tinh theo gio) |
| BitDefender |
10.5 |
| Kaspersky |
12.0 |
| F-Prot (Frisk) |
12.5 |
| F-Secure |
13.0 |
| Norman |
15.5 |
| eSafe (Alladin) |
15.5 |
| TrendMicro |
17.0 |
| AVG (Grisoft) |
17.5 |
| AntiVir (H+BEDV) |
19.5 |
| Symantec |
25.0 |
| Avast! (Alwil) |
31.0 |
| Sophos |
35.5 |
| Panda AV |
38.0 |
| McAfee/NAI |
49.0 |
| Ikarus |
56.5 |
Pham vi:
tu 10,5 gio den 56,5 gio. Trung binh: 17,5 gio. Thong thuong: 24,53 gio.
(Theo du lieu thang 2 nam 2004 cua VirusBTN)
Bang 2
- Thoi gian phan ung cua cac cong ty san xuat phan mem diet virus truoc
su xuat hien cua sau w32.Sober.Y:
|
Cong ty |
Thoi gian
(tinh theo gio) |
| AntiVir |
11.5 |
| McAfee/NAI |
40.5 |
| Kaspersky |
43.0 |
| Norman |
60.0 |
| BitDefender |
114.5 |
| Symantec |
116.0 |
| ClamAV |
164.5 |
| TrendMicro |
168.0 |
| Panda |
168.0 |
| Sophos |
170.0 |
Pham vi:
tu 11,5 gio den 170 gio. Trung binh: 115,75 gio. Thong thuong: 105,6 gio.
(Theo du lieu thang 11 nam 2005 cua av-Test.de).
Nhu ban
thay, thoi gian de cac cong ty dua ra duoc chuong trinh xu ly virus moi phai mat
hang gio, tham chi hang ngay. Khi ay thi qua du de chung co the tan cong “toi
boi” mang cua ban.
Can phai ket hop nhieu cong nghe voi nhau
Moi
chuong trinh quet virus deu co nhung diem khac nhau, khong co chuong trinh rieng
le nao duoc cho la tot nhat. Chung co nhung mat manh va diem yeu rieng. Cac san
pham phan mem diet virus thuong tong hop nhieu cong nghe trong mot bo hop nhat.
Ba phuong thuc tong hop pho bien nhat la:
-
Su dung file dinh danh virus, duoc chuan bi va cung cap co ban thuong
xuyen boi hang san xuat phan mem diet virus, chua thong tin chi tiet giup
xac dinh nhu the nao thi duoc coi la mot virus. Update chuong trinh
anti-virus tuc la update moi cac file dinh danh.
-
Tu tim toi, danh gia theo kinh nghiem: la phuong thuc nham xac dinh
vi tri an nau, hinh thuc, co che ve virus va cac de doa khac chua duoc dua
vao file dau hieu. Ve co ban, su dung phuong thuc nay tuc la xem xet cac
thuoc tinh hay dac trung khac biet cua mot file, danh gia thuoc tinh va co
co dau hieu cua virus. Ngoai ra, ban cung co the bat duoc cac virus bien
the, von co “suc de khang” rat cao voi file dinh danh.
-
Su dung sandbox de co lap va thuc thi ma dang ngo tren mot may ao va
xac dinh lieu no co doc hai hay khong.
Neu tach
rieng ra, moi cong nghe deu co mat hieu qua rieng, nhung khong the dam bao 100%
thanh cong voi tat ca cac loai virus. Nguoi ta thuong su dung ket hop hai hoac
ba san pham cung mot luc, vi khong co giai phap rieng le nao la tot nhat. Chi co
mot cach hieu qua, dam bao duoc muc an toan va bao mat cao nhat la su dung hang
rao bao ve chuyen sau da tang voi da phan mem diet virus.
Su dung da phan mem diet virus
Theo PC
SecurityShield, moi ngay co hon 40 virus moi duoc tao ra. Thang 6 nam 2006,
Microsoft thong bao rang cu trong 300 may tinh thi co mot may bi malware (phan
mem doc hai) tan cong. Ban cung nen nho rang, moi truong ngay nay cho phep
malware duoc tao ra boi hang loat ca nhan doc lap khac nhau voi nhung phuong
thuc va chien luoc tan cong rieng.
Yeu to
thu vi duoc dat len hang dau khi su dung da cong cu diet virus la don gian. Thuc
te cho thay khong co chuong trinh quet virus rieng le nao thuc hien duoc tat ca
chuc nang tren moi linh vuc bao mat, cung khong co chuong trinh quet virus doc
lap nao la nhanh nhat, hieu qua nhat va “tot nhat” moi luc moi noi. Neu hien tai
ban dang su dung chuong trinh co thoi gian phan ung trung binh nhanh nhat, rat
tot. Nhung dung nen nghi rang voi virus moi xuat hien tiep theo, thoi gian phan
ung cua no cung se la “nhanh nhat”. Van de khong phai nam o cho lieu cong cu
quet virus co toc do phan ung nhanh nhat voi mot vai virus cu the, hay khong
duoc trang bi tong hop nhieu cong nghe can thiet ma la mang cua ban co the se bi
tan cong nhanh chong, de lai nhieu hau qua het suc nang ne. Hau qua co the la
thiet hai ve nang suat, de lai thoi gian chet, mat co hoi kinh doanh va tang
them chi phi cho doanh nghiep.
Hon nua,
qua nhieu lan, cac ban update cua mot chuong trinh quet virus co the se bi sai
sot. Do la do cac hang san xuat luon co gang phat hanh cac ban upate nay cang
nhanh cang tot de do suc voi cac cuoc tan cong cua virus moi. Dua tren mot cong
cu rieng le thuong dan den that bai, do virus co the di duong vong, lot qua
hang rao bao ve con nhieu khiem khuyet cua mot chuong trinh xu ly, trong khi neu
dung da cong cu, ban se duoc cung cap mot ban sao luu.
Canh bao nho
Su dung
da cong cu quet virus la giai phap an toan va thong minh hon, nhung co mot diem
quan trong ban nen nho la phai hieu ro ban dang co trong tay nhung gi. Su dung 5
chuong trinh quet virus khong co nghia la ban co 5 tang bao ve. Don gian ban chi
duoc cung cap 5 co hoi de co duoc cau tra loi chinh xac. Moi cau tra loi, noi
mot cach hinh tuong, la cac su kien doc lap. Cung tuong tu nhu viec vuot qua nam
vong kiem tra o san bay, khi moi nhan vien an ninh chiu trach nhiem kiem tra mot
bo phan, duoc to chuc theo hinh thuc chuyen sau. Do do, ban co co hoi nam bat
duoc su kien truoc khi no dien ra.
Cac cuoc tan cong lien tuc lam suy giam tinh nang hieu qua
cua hang rao bao ve
Tro lai
voi bao cao nghien cuu nam 2006 cua FBI/CSI voi 65% cong ty bi tan cong it nhat
mot lan trong 12 thang gan nhat, khien cac to chuc o My bi thiet hai gan 16
trieu do la. Co the tat ca doi tuong tham gia cuoc nghien cuu deu la nguoi dung
phan mem diet virus dong cong nghiep. That bai trong bao ve mang thuong duoc ghi
nhan la do su dung cong cu diet virus rieng le
Da tang duoc dung trong hau het cac dang thuc an ninh, bao
mat khac
Rat kho
co the tim ra to chuc nao chi su dung mot hang rao bao ve hay he thong canh bao
rieng le de bao ve tat ca tai nguyen vat ly co gia tri truoc nhieu nguy co de
doa nhu trom cap, co y pha hoai, hoa hoan, tham hoa tu nhien… Thay vao do la su
pho bien cua lop bao ve da tang voi nhieu thanh phan nhu hang rao an ninh,
camera theo doi, he thong phun nuoc chong chay va mai vom. Tat ca deu co he
thong sao luu neu gap loi hoac su co that bai.
Du lieu
cua mot to chuc, da phan deu la tai nguyen quy gia, cung doi hoi phai co he
thong bao ve da dang nhu vay. Di nhien he thong da dang nay chi co the duoc cung
cap boi nhieu cong cu diet virus ket hop voi nhau. Cho den nay, chua co mot
phuong thuc nao khac dang tin cay hon cho ban lua chon.
Mo hinh moi va chien luoc moi
Nhu da
noi o tren, hang rao phong thu voi mot cong cu quet virus rieng le khong dem lai
hieu qua trong hoat dong bao ve mang. Do do doi hoi ban phai xac dinh chien luoc
khac tuong thich voi lop bao ve da chuong trinh. Cac to chuc can trien khai giai
phap quet phan tang, ket hop nhip nhang hoat dong sao cho tai moi thoi diem co
it nhat mot phan mem duoc update dau hieu virus moi. Su dung da cong cu quet
virus cung tuc la ket hop nhieu chuc nang ky thuat lai voi nhau de chong lai tat
ca cac de doa. Khi do, mang cua ban duoc bao ve o muc an toan toi da.
Khong co
cai gi la hoan hao, nhung su dung 4 hoac 5 chuong trinh quet virus dong thoi qua
trinh quan ly da cong cu nhu GFI MailSecurity for Exchange/SMTP se giup mang cua
ban duoc bao ve hieu qua, an toan. Ban hoan toan co the tin tuong rang, mot hang
san xuat rieng le cung co the dap ung nhanh chong, kip thoi va phu hop voi yeu
cau dua ra.
Tim hieu mot chut ve GFI MailSecurity for Exchange/SMTP
GFI
MailSecurity for Exchange/SMTP la giai phap bao mat e-mail, cung cap phuong thuc
xac dinh lo hong, phan tich nguy co de doa va diet virus, loai bo hieu qua tat
ca nguy hiem den tu thu dien tu truoc khi chung co the tac dong len nguoi dung
e-mail cua mot to chuc. GFI MailSecurity su dung da bo quet virus de ra soat tat
ca e-mail, nhu, McAfee, BitDefender, Norman va AVG Anti-Virus. Ngoai ra con co
mot so thanh phan quan trong khac nhu modul kiem tra file dinh kem va noi dung
e-mail, co the cach ly cac doi tuong nay neu phat hien co nguy hiem; mot luoi
bao ve khai thac lo hong, de ngan chan virus dua tren lo hong hien thoi va co
the ca trong tuong lai (nhu Nimda, Bugbear); mot co che ra soat HTML, de loai bo
cac script HTML; mot chuong trinh quet trojan va file chay (Trojan & Executable
Scanner), de do tim file thuc thi doc hai. Muon biet them thong tin va download
ban dung thu nghiem cua GFI MailSecurity for Exchange/SMTP , cac ban co the vao:
http://www.gfi.com/adentry.asp?adv=25&loc=112
Theo MsExchange
Article source http://w4rum.com/1088.t
| 