Can the LANGuardian detect malware?

  • 1
  • Question
  • Updated 8 years ago
  • Answered
Can the LANGuardian detect malware activity
Photo of NetFort

NetFort

  • 182 Posts
  • 2 Reply Likes

Posted 8 years ago

  • 1
Photo of NetFort

NetFort

  • 182 Posts
  • 2 Reply Likes
Official Response
We detect Malware in a number of ways:

1.

Most Malware does not remain dormant on the host. Once infected the system will contact an external website/source to send information out (banking info, passwords, etc..) or it can also download the latest version of the Malware. The LANGuardian includes a database of Malware related sites and if a host attempts so access one of these we trigger an event. The database is automatically updated via an hourly check to our website.
2.

Some malware can be detected via our traffic analysis engine. If a host is infected an it then tries to infect other hosts on the network our traffic analysis can detect this as a network scan (netscan). This is sometimes know as ‘Zero Day Attack Detection’, what it means is that we don’t need to know exactly what it is but the behaviour of the system suggests that it is infected with something.