|
|
|
Growth of Anti-Botnet Startups Points to AV Deficiencies
By: Ryan Naraine
2008-02-29
Article Rating:  / 19
There are 9 user comments on this Network Security & Hardware story.
Growth of Anti-Botnet Startups Points to AV Deficiencies - A Case of Double-Dipping (
Page 2 of 2 )
For companies such as Symantec, which sells the Sana-powered Norton AntiBot and anti-malware subscriptions, it's a nickel-and-dime situation.
Symantec officials say Norton AntiBot is for a specialized, technical market segment looking for high-end tools to deal with botnets, but Jaquith said it's a case of anti-malware companies double-dipping.
"Ultimately, it's hard for an enterprise to justify paying twice for botnet protection when they're already paying for anti-malware protection," he said. "You can make the argument that anti-botnet can be intrusion and extrusion detection and pay for that as a separate layer of defense, but even that's a bit of stretch."
John Mitchell, professor of computer science at Stanford University and co-director of Stanford Computer Security lab, said there has been a noticeable shift in the types of emerging zero-day malware threats that result in identity theft, computer crashes and drive-by malware downloads.
"Current technologies are slow to adapt," Mitchell said, suggesting there's a legitimate need for newer, more powerful products capable of disrupting botnet activities.
Dan Geer, vice president and chief scientist at Verdasys, said traditional anti-virus technologies "have peaked" and are unable to cope with the rapid pace of sophisticated virus payloads. "I don't think anti-virus protection can get better than it is today. The problem with that is that, when anti-virus fails, the effects of a successful attack are difficult to reverse," Geer said.
This is where anti-botnet tools come in, said Tripp Cox, Damballa vice president of engineering. The 25-employee company has raised about $8 million and has introduced two enterprise-facing products that promise protection from bot armies.
Damballa's products, which include an in-the-cloud monitoring component that runs alongside technology deployed on corporate networks, can be used to identify and isolate communications between compromised drones and the command-and-control centers on the Internet that pass instructions between hijacked machines.
"The threat itself is no longer just a virus or a piece of spyware. It's a multi-network, multi-faceted type of threat," Cox said. "There are multiple command-and-controls and multiple attack capabilities. You really can't depend on anti-virus protection anymore. If you are running a business, you need a combination of multiple security tools. Signature-based anti-virus serves an important purpose, but you can't look at bot armies the same way you look at a virus attack. There are bots that can update themselves every 30 minutes. You can't expect signature-based anti-malware on a desktop to be effective against that."
For Damballa, NovaShield and the venture capital firms pumping money into anti-botnet solutions, that's the marketing message.
| | Reader Comments: Growth of Anti-Botnet Startups Points to AV Deficiencies | | >>> Post your comment now!
| | Botnet ProtectionI would greatly prefer that one or more of the security systems I use would add botnet protection to their services. I already use redundant... Posted At: 06-13-08
By: James38 | | | | | | A user comment on this articleCrappy people? The question was asked of the readership of this article...presumably to determine if it would be better to pursue marketing a... Posted At: 05-05-08
By: Anonymous | | | | | | VP, OpsAnti-botnet software as a standalone package is not something that I would buy for my organization, mother, or family. While Symantec will likely... Posted At: 05-05-08
By: Scott | | | | | | I believe you asked wrong people.Hi!
I believe, you just asked wrong people with this topic. There are a number of behavioural-based defense systems, highly trusted at security... Posted At: 03-07-08
By: Ilya Rabinovich | | | | | | A user comment on this articleIf there is an opportunity for Symantec, McAfee, etc. to box an anti-botnet package and sell it, they will. Plan on it being offered sometime in... Posted At: 03-06-08
By: Anonymous | | | | | | NovaShieldThere's more about NovaShield here: www.novashield.com Posted At: 03-03-08
By: James | | | | | | anti-botnet?I think the anti-malware developers will find a [less costly] way to handle the bots. And when some clever team is paired up with appropriate law... Posted At: 03-01-08
By: Steve | | | | | | >>> Post your comment now! | | | | | |
|
 |
|
|
�������xr80�VӮc�|)B岦lcS��(Hb"9$e[;/qؗgL�I"%R]}]6I� d"3H$��Iȅ�M{L.̢dw�>5)2zʠ ��{�s��!%�>�ڥq�ϊ�}$c#�(>r@ߩx�� pTƦ^ʾ0�IYI�b&[�By4��5n�;�;�0k��Ba5wЫvʡ黖>?$�1CVl�fes֠��6�y!�
��#�gKݻ�H}H%�;qؒ�I5hlb#Ӥbfx���k�#@gPp,ǃΩV�TjFԴ9g�u[gb]ױ}ǣC5�G(&�$g��6?ĵQ Ig%K�a�S+ K��w?L�G`B#lǦ"
'�e֯U�]�q7=<$3z3 �wZeNXj%o�~�c> �c
xz`:v�xtT/`[�eY���F42M�ٰ4R9�T+W�^�yxx(>y-Ӟ=89npz�j�\v���~�]`�vAJ�y]J�teUs흒./�!=O}�nr@
I/��o,nGba(�a0,n>�@|sH`6dʩ�$|ǚ�z�N��lZ2�FE Շ70���S��I3^8�n�ZK=�^@e)#p?�݃A��hJq�䰊3X�1�"%��hJyO{���"�=hI"A]d]ϧ+doF"���a\�B(��pHq�b�?�N�IRn�.Ӱt�9?�6wެ-�UjմX[��ӲSsq}iuVЂ!g�C���EhYf7-6I��QN}sQU�b1xH�rPP9P"&�r/N̶-a[e)!�3+(~�L>���NR�}�)�i}vk(|?$6hƋM�rinLL�r�Ӈ{�54A���ݣn]'ufo7LAb��CR߭��0C5u�|h�LR}l;>4��HhS0<�xw0ܛ[Sh_�#]Ѽ[:���?`#/Z-{����Be^~�}�¢�Ps�̧�mM�rA=S9nZc@<:�Gڀ�o;r%E3�C&G)))P�]HPw9�J�
B�!B�&0H��V0(fNJ9i�W*l�ǀJe �gJRF;7� +=*)�nqR0٘��,%5L힟
X5�*_ȉ#�o"0�%X����
-gZ
X��us֪%�6
��ҋz0�LBOؑAEQ���ңF +<�dC7m�rH�y::3�|lz�pČ'H;� %]&0�
��LÄ��Ks̆!M&��--j�|��C�Zԛ00E�Mdk6pm}j�0&[b6c��{ΔA���Ff_����3�f59[�/ݻ��҃> 0F����d5�0�+�xkݨ ƃܑ�>� .�U=b�$`~�
=D4>jL:MܝTM.r?M�md2፬�+Վ4_.<>玍p�X"@�@��w�߇R&a3Bڨ
`O��i9��EzGn'zS|f:��3�نdp܉D8W�2Pa�Ibg`u1J�x#e4�8�� ,Yb_F.#��Wɉcͧۋ�Ҥ{ZSvԻ~5G|2ݴZ��ƭA`V9aaN�g43J�� }Ӛg�W+H.ZS z6Vƴ'i?ꀚH|A��2̮e(�&G-cYC>euEm�s�Ʊ4]��bj\,��~�)fQ�Po�>�5
\��!E+LTRUad�[s�V/+g>xF`+pW��$�L�J}�WYLz8cJ�r�\.)J5��)` N� 02&|h�:|�#H�& ,"]����je���4>�\Rb�r>+5ˈ`n�S@Ak�SU�
Փ&ZD^qv�V��K
i?aF?"'t1ڥ�s!�a*/73g Z|�O�~_'VUJj5�㬰H4.7q�)4K
@F�G}}1NzsgrЧ{`3�|xk}KMޫ0 c�Z$�1?ٙ"yb�ėaF*�ӕ�~�>V�VʼnG� �̂q=@W4Ue�0ù3�`���Qе�a�⤉�#h�3����4�^�ƙl)=P˥U;OP�[Ђ7+?9��`"+jZ�U>*�5P6>*�09g~kӥ��
�{î�#f�uMa�Sb/R;/ښO<#�KAG�^320"��;�WF� vʬi1\\�|렄6R)#3m&-nj^Ku7
x8.3�ozJ~��Qby6UA#���dߊ�g&zf�[}#z=%�9~܄9�b@m�"^i�/�_Cd&�T~�#\{l�)[36p37�TMgP�S#c7Q:
GqMX7f|/�DV>s5ѹtNsl
s
ƻ~rn�Ay3��Y�sF>
��W|��`�?8�y#'Gu�"�M."8&́08h#2"�06��$p�k��VRQ�X@"��A�ұe.3_�5
_g.7ny"
ҧ��HrOn,�iu[=$c��e�TMFRV�%^萫iI�2B��02hs%p~�/O&FͧzM�%��q4I#̸zF0.Ɨ��s�sg�G�M�y0@]6z%]M茻h^e��1Tcfa2N$[G�knIG:��a�GF*}(�wOLۗ~IRE'�nu�0�|�aߍ
uRԧkkћn@pk#
�w}}}�惢N
l U˚V�*j�ȥ9��8!`��\T+{(,%~w9Yo9�~J�5�d��XX'_�bKDP��Zn��WOXO�\dM!O�o%EDK!Z4�2L�q�vóJU1\?3Z c쓡�ov/?B�}eQ����b�.}�WF�mx�C7&�[�nCal8)e�w~�y0�;?ܶO{燤eUO:k^/�!{|~mڝC^;�GpދN�G�q?KK��FqhïRCR9"0iTj_6?ư�C-tj2}�e'A*$�`Qۮ�>jnSit0lo�^�hy+ 8$aN�p.7�W%Eo;"�lu���9"�!5/��(d�0
srjބ{#֛�3:0fhRbA��fF<$pF
T�()�i3�\/D]s>֒\zF[mXr!s`Q5L4�^Ί#s�´V�XȬE`CxC7$��T�a��H��H0]�R
~ti{}�mN�.�fOA��VBt0FGHE*4ДK�%I�A&N:7M�{|Mr/HUɉm
#^4} y*}y:}_exD+%�B�{ӣ3YTJqvi3\�c~<)}B/�-N9˙��~DҼ�"g�ÍW�7 r�E
p!!#N M9�W"vӆ'>�fax!w,0lq�%՜r"0yRq;Is6�uYԺ[�&�N#hAS:%I(�F�=)�jZ$jRSfj�# $_2HI,v+2B:zs �gnMv6unϼ�Kڗ����Ý ,M�Y+CT䵤�
G[*$�?�ÍstH1��y�i= xPHx"!9/�rq�=|zpPugj�GڶQ$��GN��Ă#
9BG,�2k�(�~
ܳ4/t0wo}>d#Γd�fc�T1.�Qݘ�t�r�zv`蹳)�= �c-;oC�lÆ_$w"BR]�iP<2hcŰ";8F|.şg%>Cg6!�rEuCW_z砆q�W�]Ƃ'*���=QG
�U�ׅ_>w�TdX��gE�V:7vkm,d�a.}~vkW}n; ��y�}P/�?�Ro#I1&�ZQ@,*sᔤ�vMȔ�XlN�GX�d7K0d&zvN�RG3`̞�xqG7�bRc�o _�=,Y.=]awߣIݣ(PžwYjEU�.J\�-"Pn'ZY8�|�%0Nگ�y^fm ,$.Egg�"fF}�8EE]o\ӧ{=|n1G6,o2d]�'Gq"F��Ȼb۴�Slz3^��&μ{:Ǹv�HGm-"5�d$ht�n�=s�d,�/H`߲L��A@np6=0e��O>Lw�~���`0��r$Cޑ AsXWKeM7У.˝QGVcAm/�_#Zgb��vlR{ę�@�Q& Ə��R}~"`>w?{䆎gl2q � 3]NH�v�=۬03.N8m�Plh'O.)�&�`�~3�h]yG; /���b���&
K��s[�^�~c��hnZc}m�e�{9u5n(�t�.n/4�$,�1%Py~
kli[~$5S5�1dgNDNNNN狼*�p�}uN>*x20z�/TFM�+�$_9$8�B �O�@�;)�T#TH�`��ߐ)^֊T�}�gPi>).�Mvo)i�><�}�鿸�b�O֗ь,u5ذ/_K֔�SON`�C#>ȧ~l�Q`�6RZ'�R#7yî{1��^#.,%|��]4I`�K]}Da���u4у;3)"txw9xlk�E{H���cVTiQu�ƟFƓno/e�>5).f�tb��%,^�Q6��5ݱ!!([쇤ӌ�}}}}}^R:Efhݣm'&sg-|\��̽Cn�b�eV#��ף��k=_`]lG*�^-d��Mt�"WU"D\"|31!v(52^{diH�k�0jʗ{G�L/UQKIm{d�ݒZ�m;�@�*� ��A8�Ĺ�;h�9~mߓU21 Zd^3VD��7#O"@�6EEZ�P�b!;�*�6-QىgF;��Ϻ9��8�=I�=� ��-^Bq�(xbNK-�ٸs�GK8'�s�
Q�Fa�̅#AaI/xd�賡 Mz6YaeE4Dɠ0Ce).{
BH�=DFFO�'G66ɕ
�&�7w�9�ZzoX3o"V-gkGw2�=@�b�W$%?�^cج&~)�j-�p�-KB�_0�GIff7
�o<5Mo�{�uXo ۩̃SLfER�oA۴Vx{�7�wc�W0;pX}0�O�Dž�u]xbqċť�=�D#ঀ�P>�-�o��F 5v�م�?H�|PUrc]0�/�e~xn�c!M[Lz�Kp=BYâ B(l h�F␂�8"6,�A�ˢǝ*��'5Ns�nIv(aZ�}W�F=�%䅨�m1? ,q%]Es��.?��#u"�/kZ���aX��['{�B�A8A�XJ�oL"%(vEǣ�D^�biH
c{(h#8iLʃxSZB=��Փ>/,b'c�0/ǘk0Tri¼{֜4�`AA�S(q <�O}TK[RI`m�ο
2lŐ|I��A�l:
}=ZFݽ5
���/.AH�*�n���{{i1�~Hk�Dd#;p%9S�z;6CW57ARI{3�EJMh>#Ծ7=F+�1/o9�0�؞`/,9+�h
ͬͱj-!F]��'h')q8�@\u�m:|�/:�Iץ0�?R)!o$Z�z�9`V=1�oi#*
}Tb0u2D�6cX&z&=ZKi�J3�A�_ckӘP�1eL#$#S�O L-&�H!4�w�\��P�"?4�u۽hz.zxX�2�LG��ț�R@S�ޔ+}N
�AN��l��0V)^X̂�-�� zqeL�;βC^?��&�҇�
,P(��9Ĝ#Mٶ�Qo~*�J ���8�h0�.gj9�U%�L*2&�B�c�8���or~�vtV4!"�C��-�a��nne{p��24G#1C[x�6����Ӧ{86X^<ދ6�ϝ5�c�ZuC@e-D�q�y�E�S�|XP؞�?pk2�&H0�w5)
&�X`�,rZz:E�.Ӈ;q{��&*[���z`�
8g):.
9�:�eOtg��@=�:ς؍f�s.aZ; Q/B�<䱤�Pl�<'*<(e�R7LȌy;1
_F`�!���3&+z+jM_Bz_}�!2L��-VJb#<>�ukfU3[�8~wBK�z%
%uW0`A i�2b{4tA!��_��V#�Ds�5N.M�o���
�QۺhHUh&5/(/6/�/r?Bǜ_!ל�HN?i99�H#O��H?N?��CN?|OB㼝>-4ڧ9оvN?ӾIs[h|/��"�>v˜�/s�y9�\��2?/?/s�e*�ϐ9'�s�I˜t߫�ʑ+迫@;9�N~�k(S�&7�.� _韀>gH�}3s�n!6/�6oۜons/9IR8��9k^T�8'Rh�K
"|
)/�PWg9�Ϫ
�̴��~4:R�@nW~_ ksW�KM0TntEST7L1v�uחG{1Ph� �+[:k��
hWyd�r�
bze?VR�w;]�SҤ�]�j.�{%])7[O'js\ȜH44f[ Syzޜdޗ<&C0_u9�ݣ윘�WV+sy˘�w_�S+:�t{r
�M4K�.�\�y�
$�|
GG0�%.sOkr>u;"K~_<Ȭ+3#B�Ab_b
9"ι>^݉ylߣ߅�ߊD��-;� ÈC�c
H7�xi�U8#~u¾�^�Ub�ٴ^bO>�*{�MoNĩ:S��v��?|H-M�ԳpNR?Ѱq|l��:$C=CQfȺThBn �?�g�F>�1$uRpg�ZִZjVU�G?'7Hdr����{[ڠ�UMV�Y'}a`rP)�&�� �K}=
P .eMOJ�qkq9Kh�A���
{}�z܊87mJN+L#�[to�t^]~[/dp!gB-ZӋt!tPeG&@fB`
�,kϗ=3;nYc9$7SEE��H|r����{w{#��+Fj�e�8x-0�#�C0B�O^xE�ǻ�80."6�
I�H!v�@Z�/a5q&�.
`~3 O^3&2?��.|J �1-�X�Ơ}QA�IœZ#跘�[NN_h_=LNW"F�8��̺I�+�۰܉̆�Z�.�S@9�?�cac>H-�m�goC�k��jvܙ%O_|y
�${l;�S70̚ 9(L:nF#po/P�Im@��@��,ʌӟ$4��:�N_�Ӟ=+�;.�˶��lt> aJx?gV|gg/�<�>Ǝ�$
0q?y��0p;l'�Sr�]LJ�~K|
AX�vud$�}9=
>�Z7}`V\�s7��.9v�{M�ʨ bBwN[a��~$Xl!Ӿf,ӣ�u'�g}M5�nvP�ք.цI�dgf[��U/=��3d0�Z<
hP��:X-U,l$9�=�N�Ch�W�WU���EXf%�9r\lš�N_|
Њ3oec�q`�o�;[S1U)ւ�_6Ogз�d&%�}YQ $�.m�hD˒v\z�$t>O=$v��w�'|oW|F�L;�k�8m`�k(4��6�xNu+H' �"@"d̴u�P˖4SF)f��%NS���sE�z�_�.�; 3!�t>���;?
�O`7@I\��9a7cxċc� *|�?q
3f�o��C>�`0C3`�V݀=ʷсI-��Ox�R}r:`k��Lܵ��?�dtK��&bSpQ@�l_L�.�ѪB`vb�b~��3
E�|B��p�c��*Ԯmg
͜5ŧS�W<2JP+rq;�X?Y m-p���$`�<�fږ+zyL0\e~m=3�{(qw",@�݆!Rэ+�K�e'I�^3H\�.*ZB��+2�t�cVB�(�� L/a˟�8mێR#mRd�FELMa[�8~1(<}Nto�ۊ|Va=r���a:igNb��ȱ�ya1 e;{yW=?9^6Љ'l��~wx}z!}đ,L�öV�/ϵO4 �hX!L;,lyF�G%��RJACb�~w����lv�S�*t�0 '�Ɣ
߰O"�- s�k29)>�-�ǝ/�<���U O�"[]r*玅A-~{eb�x�ٜջHS#.�味"��A�Cǰ�3=V�v=g8��aX�>x>�ue�#fSv12G�]<\eSaxI4p3 �{@ý]�Ag*a7&�ah(�E�xy��jSSQ2��+$Y$3}=;`ol�'3g�
|
Network Security & Hardware 
