ÿþ¡{ t •¬0¤0É0

Transcription

ÿþ¡{ t •¬0¤0É0

Dr.Web Security Space
RAM
Dr.Web
Novell® NetWare® Macintosh® Microsoft
Andorid®
Windows
OS/2®
Mobile®
Linux®
Dr.Web Scanner for Windows (Scanner) –
Windows
SpIDer Guard® for Windows
Monitor
Guard –
SpIDer Mail® for Windows (Mail Guard) –
SpIDer Mail
Dr.Web for Outlook – Microsoft
SpIDer Gate™ –
–
Dr.Web Firewall –
Dr.Web Updater –
SpIDer Agent – Dr.Web Security Space
http://www.
drweb.co.jp/
Doctor Web
('+')
GUI – Graphical User Interface
OS – operating system
PC – personal computer
RAM – Random Access Memory
ALT+F1
Dr.Web Firewall
OS
Microsoft® Windows® 2000 Workstation SP4
with Update Rollup 1
Windows® XP SP2 or SP3
Windows® Vista
Microsoft® Windows® 7
Microsoft® Windows® 8
CPU
RAM
.key
Dr.Web
Dr.Web
Dr.
Web Security Space
SpIDer Agent
Web
My Dr.
Update
Dr.
Web Security Space
1.
2.
3.
4.
5.
Dr.
Web Updater
Dr.Web
1.
Doctor Web
SpIDer Agent
2.
Dr.Web
EICAR(European Institute for Computer Anti-Virus
Dr.
Web Security Space
EICAR
Test
File (Not a Virus!)
X5O!P%@AP[4 PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
SpIDer Guard
SpIDer Guard
Dr.Web
Dr.Web
Dr.Web
Dr.Web
Origins Tracing™
Dr.Web
Origins Tracing
Dr.Web
I
II
Dr.Web
Doctor Web
Dr.Web
http://windowsupdate.microsoft.com
1.
2.
Dr.Web Firewall
/S /V/qn
/S /V"/qn REBOOT=Force"
or
/S /V"/qn REBOOT=F"
/S /V"/qn /lv* \"<path>\drwebsetup.log\""
/S /V"/qn /lv* "<path>\drwebsetup.log\" REBOOT=F"
or
/S /V"/qn /lv* \"<path>\drwebsetup.log\" REBOOT=Force"
Dr.Web Firewall
/S /V"/qn
REBOOT=F"
INSTALL_FIREWALL=1
or
/S /V"/qn
INSTALL_FIREWALL=1
REBOOT=Force"
C:\Documents and Settings\drweb-700-win-spacex86.exe /S /V"/qn /lv* \"%temp%\drweb-setup.
log\"REBOOT=F"
/L<
>
/L1049 /S /V"/qn REBOOT=Force"
1026
2052
1028
1033
1061
1036
1031
1032
1038
1040
1041
1062
1063
1045
2070
1049
1051
1034
1055
1058
1.
2.
3.
Dr.Web
4.
Dr.Web Firewall
Dr.Web Firewall
Doctor
Dr.Web Firewall
Doctor Web
5.
Dr.Web
Dr.Web
6.
.key
7.
12
8.
9. Dr.Web Security Space
10.
IP
11.
12.
13.
14.
15.
Windows Blinds Windows
Dr.Web
Security Space
Dr.Web
16.
1.
SpIDer Agent
3.
SpIDer Agent
Doctor
1.
Dr.Web
2.
3.
SpIDer Guard
SpIDer Mail
Dr.Web for Outlook
SpIDer Gate
SpIDer Agent
Link Checker
SpIDer Guard
SpIDer Guard
SpIDer Mail
SpIDer Mail
SpIDer Guard
HTTP
SpIDer
SpIDer Gate
Gate
Dr.Web Firewall
Dr.Web Firewall
Dr.Web
Security Space
SpIDer Guard
SpIDer Mail
SpIDer Gate
Dr.Web Firewall
SpIDer Guard
SpIDer Agent
SpIDer Agent
Doctor Web
Doctor Web
SpIDer Guard SpIDer Mail SpIDer
SpIDer Agent
SpIDer Agent
Dr.Web
/
SpIDer Agent Dr.Web
Security Space
Dr.Web Security
Space
SpIDer Agent
Doctor Web
Dr.Web
Dr.Web
%allusersprofile% Application
Data Doctor
Web Logs Windows
7
%allusersprofile% Doctor
Web Logs
dwupdater.log
Doctor Web
SSL
SpIDer
Gate
POP3S SMTPS IMAPS
SpIDer Mail
Doctor
Web SSL
SpIDer Agent
Dr.
Doctor Web
1.
2.
Dr.Web
Security Space
SpIDer Agent
SpIDer Agent –
–
Space
–
Dr.Web Security
1.
2.
3.
4.
OK
–
–
–
–
Doctor
Doctor Web
–
–
Dr.Web
Security Space
SpIDer Agent
SpIDer Agent
Dr.Web
SpIDer Guard
SpIDer Mail
SpIDer Gate
Dr.Web Firewall
Dr.Web
Dr.Web
Dr.Web
Dr.
Web Scanner
(
Dr.
Windows
Dr.
RAM
SpIDer Agent
SpIDer Agent
->
Dr.Web Scanner
Dr.Web Scanner
1.
2.
Doctor Web
Doctor
Data Doctor Web Logs
Doctor Web Logs
%allusersprofile% Application
%allusersprofile%
dwscanner.log
1.
2.
3.
4.
ОК
1.
2.
3.
4.
5.
6.
7.
[
]drweb32w [
/FAST
/FULL
/LITE
(/)
][
]
[
0 –
1–
10 –
11 –
12 –
255 –
]dwscancl [
][
]
SpIDer Guard
SpIDer
Guard
SpIDer Guard
SpIDer Guard
Scanner
SpIDer Guard
SpIDer Guard
SpIDer Guard
SpIDer Guard
SpIDer Guard
SpIDer Guard
SpIDer Guard
ОК
SpIDer Guard
SpIDer Guard
SpIDer Guard
SpIDer Guard
SpIDer Guard
SpIDer Guard
B.
1. SpIDer Guard
2.
3.
4.
5.
6.
7.
SpIDer Guard
OK
–
SpIDer Guard
SpIDer Guard
–
SpIDer Guard
SpIDer Guard
–
SpIDer Guard
Web Logs Windows
SpIDer Guard
%allusersprofile% Application Data Doctor
%allusersprofile% Doctor Web Logs
SpIDer Mail
SpIDer Agent
SpIDer Mail
SpIDer Mail
SpIDer Mail
SpIDer
SpIDer Mail
SpIDer Mail
SpIDer Mail
SpIDer Mail
Dr.Web
–
–
–
–
–
Dr.Web
–
SpIDer Mail
SpIDer Mail
SpIDer Agent
SpIDer Agent
SpIDer Mail
SpIDer Mail
SpIDer Mail
SpIDer Mail
OK
1.
2.
3.
4.
5.
6.
7.
SpIDer Mail
SpIDer Guard
OK
SpIDer Mail
X-DrWeb-SpamState: Yes/No. Yes
No
SpIDer Mail
X-DrWeb-SpamVersion: version. version
X-DrWeb-SpamReason: spam rate.
DRWEB-VR-ANTISPAM
RULE
Express
[SPAM]
SpIDer Mail
Outlook
*@domain.org
(*)
domain.org
[email protected]
[email protected]
SpIDer
*
*
1.
localhost
2.
SpIDer
Mail
3.
SpIDer Mail
4.
5. OK
localhost:
(POP3S/SMTPS/IMAPS)
Web
–
SpIDer Mail
–
–
SpIDer Mail
SpIDer Mail
Web Logs Windows
netfilter.log
Dr.Web for Outlook
->
Outlook
-> [Dr.Web Anti-virus]
Microsoft Outlook
Dr.Web for MS
addin
Dr.Web for Outlook
Microsoft Outlook
Dr.Web Anti-Virus
–
-
Dr.Web Anti-virus
–
Dr.Web for Outlook
Dr.Web for Outlook
Dr.Web for Outlook
->
Outlook
for MS Outlook addin
Microsoft
Dr.Web
-
Spam Filter
Spam filter
Dr.Web for Outlook
->
Outlook addin
Microsoft Outlook
Dr.Web for MS
Spam filter
1.
2.
***SPAM***
3.
4.
[email protected]
[email protected]
1.
2.
3. OK
1.
2.
3. OK
1.
2.
OK
*
[email protected]
*
[email protected]
*[email protected]
mailbox@dom*
*box@dom*
@
*@example.net
example.net
ivanov@*
ivanov
SpIDer
Mail
SpIDer
[email protected]
*
[email protected]
*[email protected]
mailbox@dom*
*box@dom*
@
*@spam.ru
Mail
SpIDer Mail
SpIDer
ivanov@*
ivanov
mail.ru
mail.ru
Dr.Web for Outlook
Dr.Web
Dr.Web for Outlook
spam.ru
Event
1.
2.
]
[
Dr.Web for
Outlook
Dr.Web for Outlook
Dr.Web for Outlook
Dr.Web
Dr.Web for Outlook
1. [Dr.Web Anti-virus
2.
0
5
3.
4. OK
:
->
Microsoft Outlook
Dr.Web for MS Outlook addin
Web Anti-virus]
-> [Dr.
–
–
–
–
–
–
–
–
–
%USERPROFILE% DoctorWeb
Windows
drwebforoutlook.stat
SpIDer Gate
Gate
SpIDer
SpIDer Gate
SpIDer Gate
SpIDer Gate
SpIDer Gate
SpIDer Agent
SpIDer Agent
SpIDer Gate
SpIDer Gate
SpIDer Gate
1. SpIDer Gate
2.
3.
4.
OK
SpIDer Gate
SpIDer Gate
SpIDer Gate
HTTPS
(POP3SHTTPS)
Web
SpIDer Gate
–
SpIDer Gate
–
SpIDer Gate
–
SpIDer Gate
SpIDer Gate
Web Logs Windows
netfilter.log
1.
2.
3.
4. OK
Dr.Web Security
Space
SpIDer Agent
URL
www.example.com
example
example.com example.test.com test.com/
example test.example
example.com/test
example.com/test11 template.example.com/test22
http://
www.example.com
www.example.com
Dr.Web® Firewall
Dr.Web Firewall
Dr.Web Firewall
Dr.Web Firewall
Firewall
1.
2.
3. OK
Dr.Web Firewall
1.
2. OK
Dr.Web Firewall
Dr.Web Firewall
Dr.Web
Firewall
Firewall
SpIDer Agent
Dr.Web Firewall
SpIDer Agent
Dr.Web Firewall
SpIDer Agent
Firewall
Dr.Web Firewall
Dr.Web Firewall
Dr.Web Firewall
Dr.Web Firewall
Dr.Web Firewall
/
Dr.Web Firewall
Dr.Web Firewall
Dr.Web Firewall
Dr.Web Firewall
ICS
Dr.Web
Firewall
Dr.Web Firewall
Dr.Web Firewall
Dr.Web
Firewall
–
–
–
1.
2.
–
–
–
3.
4.
5.
6.
ОК
1.
–
–
–
–
–
Dr.Web
Firewall
Dr.Web Firewall
IPv4
IPv6
IP all –
Dr.Web Firewall
TCP
UDP
TCP & UDP –
MY_NETWORK
2.
1.
ОК
2.
Firewall
1. Dr.Web Firewall
2.
3.
OK
Dr.Web Firewall
Dr.Web Firewall
Allow all –
Deny all –
Default rule –
1. Dr.Web Firewall
2.
Dr.Web Firewall
MTU - Maximum Transmission
Dr.Web Firewall
–
–
–
Dr.Web Firewall
–
–
-
1.
2.
3.
4.
5.
ОК
1.
2.
Dr.Web Firewall
–
–
–
–
–
-
3.
OK
Dr.Web Firewall
1. Dr.Web Firewall
2.
–
– Dr.Web Firewall
–
3.
OK
Dr.Web Firewall
Dr.Web Firewall
Dr.Web Firewall
Dr.Web Firewall
Dr.Web Firewall
Firewall
Dr.Web
Dr.Web Firewall
Dr.Web Firewall
Dr.Web Firewall
Dr.Web Firewall
Dr.Web Firewall
1. Dr.Web Firewall
2.
Dr.Web Firewall
3.
OK
Doctor Web
Dr.Web Firewall
Firewall
1. SpIDer Agent
2. Firewall
–
–
–
–
–
–
Dr.Web Firewall
–
–
–
–
Doctor Web
Doctor Web
Dr.Web
Security Space
Dr.Web Updater
exe
SpIDer Agent
drwupsrv.
Dr.Web
Security Space
Dr.Web
allusersprofile% Application Data Doctor Web Logs
Windows
dwupdater.log
%
Doctor Web
Dr.Web
Security Space
SpIDer Guard
SpIDer Mail
Doctor Web
Microsoft
–
–
–
–
–
–
–
Doctor Web
–
Doctor Web
–
Dr.Web
–
–
Dr.Web
Win – Windows
Win95 – Windows 95/98/Me
WinNT – Windows NT/2000/XP/Vista
Win32 – Windows 95/98/Me
NT/2000/XP/Vista
Win32.NET – Microsoft .NET Framework
OS2 – OS/2
Unix –
Linux – Linux
FreeBSD – FreeBSD
SunOS – SunOS Solaris
Symbian – Symbian OS
OS
WM – Word Basic (MS Word 6.0-7.0)
XM – VBA3 (MS Excel 5.0-7.0)
W97M – VBA5 (MS Word 8.0) VBA6 (MS Word 9.0)
X97M – VBA5 (MS Excel 8.0) VBA6 (MS Excel 9.0)
A97M – MS Access'97/2000
PP97M – MS PowerPoint
O97M – VBA5 (MS Office'97) VBA6 (MS Office 2000)
HLL
HLLW –
HLLM –
HLLO –
HLLP –
HLLC –
Java –
VBS – Visual Basic Script
JS – Java Script
Wscript – Visual Basic Script
Perl – Perl
Java Script
PHP – PHP
BAT – MS-DOS
Trojan
–
Trojan
PWS –
Backdoor
–
Remote Administration Tool –
IRC – Internet Relay Chat
DownLoader –
MulDrop –
Proxy –
StartPage
Seeker –
Click –
KeyLogger –
AVKill –
KillFiles KillDisk DiskEraser –
DelWin – Windows OS
FormatC – C
FormatAll –
KillMBR –
KillCMOS – CMOS
Nuke –
DDoS –
Distributed Denial Of
FDoS Flooder –
Adware –
Dialer –
Joke –
Program –
Tool –
Exploit –
Generic –
Silly –
Origin – Origins Tracing
generator –
based –
dropper –
Dr.Web
http://support.drweb.co.jp/
Doctor Web
Doctor
Web
http://download.drweb.co.jp/
http://forum.drweb.com/
official
Doctor Web
Doctor Web
company.drweb.co.jp/contacts/japan/
http://

ÿþ¡{ t •¬0¤0É0

Transcription

Similar documents

ÿþ¡{ t •¬0¤0É0