FTP Spyware/Grayware Scan Rule Parent topic

FTP > Scan Rules | Spyware/Grayware Scan Rule
Spyware, phish, and other so-called grayware threats are beginning to surpass viruses, Trojans and worms in terms of prevalence and risk level. IWSVA can help enforce your right to prevent unwanted or unauthorized software from entering your network. In addition, you can break down your "virus" reports by threat type, and IWSVA take different actions according to the threat type.
  • Spyware—High prevalence. Spyware is software that can monitor a user’s computing habits and personal information, for example credit card numbers and password. Spyware can track a user's keystrokes and send this information back to the author without the user’s authorization or knowledge. Not all spyware is that pernicious, however. Web browser cookies, which track Web hits for targeted marketing, are also considered spyware.
  • Dialers—Low/medium prevalence. Dialers, or "phone home" programs, are a form of Trojan. Upon execution, a dialer will try to connect the system to a pay-per-call location without the user's knowledge or consent. Dialers often arrive in porn-related or other enticing service-related applications, and can run up large phone bills for the victim.
    Dialers, or "phone home" programs, are a form of Trojan. Upon execution, a dialer will try to connect the system to a pay-per-call location without the user's knowledge or consent. Dialers often arrive in porn-related or other enticing service-related applications, and can run up large phone bills for the victim.
  • Hacking tools—Low prevalence. Hacking tools include programs that can be used by IT administrators to test their network's vulnerability and/or their susceptibility to attacks. Whereas in this context these programs are legitimate, they may be downloaded from rouge sites by users who want to use the powerful programs for malicious purposes.
  • Password cracking applications—Low prevalence. Like hacking tools, password crackers are tools designed to test for weak passwords, general security or to recover data. In the context of IT use, these programs are usually considered legitimate. In the hands of the wrong users, however, they can create significant security concerns.
  • Adware—High prevalence. Adware is a software application that displays advertising banners while the program is running. Adware often contains spyware in order for the program to know which advertisements to display based on the current user’s preference.
  • Joke programs—Low prevalence. Joke programs are ordinary executable programs, often written for the amusement of the recipient. But because so many network administrators do not want this kind of diversion entering their networks.
  • Remote access tools—Low prevalence. This class of software enables the user to gain remote access to network clients or even servers. Once access is gained, the user is often able to perform a variety of computing tasks, including complete control of the system. Like others of this type, these programs have potential for both legitimate and illegitimate use.
  • Others—Low prevalence. This category is used as an umbrella to include newly emerging threats that do not fit into any of the existing categories. In other words, it is a catch-all for a variety of unique or undefinable threats.
See also