Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Firms put the SWAT team on viruses

Feb 12, 2004 6:46AM PST

The article describes the procedures two antivirus companies use in their day-to-day operations, and in the face of the MyDoom worm. McAfee, a division of Network Associates, maintains an antivirus emergency response team (AVERT) of 120 experts worldwide. AVERT receives virus notifications from McAfee VirusScan users, which are then analyzed to determine whether they are documented or newly discovered malwares. Symantec also keeps a network of virus experts, but collects data from a network of 200 honeypots, computers designed to collect viruses, but keep them from spreading. Symantec discovers fifteen new viruses a day, up from ten new viruses a day in 1999. At the beginning of the MyDoom attack, Symantec received 150 reports of the virus an hour, then the rate climbed to around 6,000 over a 24 hour period. Antivirus companies can release a definition for a new virus in about two hours, but they say it is getting harder to keep up as attacks become more sophisticated.

http://www.globetechnology.com/servlet/story/RTGAM.20040212.wkapi0212/BNStory/Technology

Discussion is locked