-
October 30th, 2004, 11:31 AM
#21
Soda:
Heuristics scans without signatures. It looks for certain patterns in code. Email-borne viruses are a good example. In order for the virus to work it will have to insinuate itself into startup somehow so it will contain code to alter the registry, the startup folder or some other vector. Then it is going to have to spread itself so it will have code for it's SMTP engine. So upon seeing this file a heuristic engine would say:-
1. File changes the registry
2. File uses code to transmit email
3. File is smaller than xKb so it isn't a mailserver installer
this could be a virus......
Don\'t SYN us.... We\'ll SYN you.....
\"A nation that draws too broad a difference between its scholars and its warriors will have its thinking done by cowards, and its fighting done by fools.\" - Thucydides
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|