Cisco Cisco Web Security Appliance S170 사용자 가이드
19-18
Cisco IronPort AsyncOS 7.7 for Web User Guide
Chapter 19 Configuring Security Services
Malware Category Descriptions
Malware Category Descriptions
describes the different categories of malware the Web Security appliance can block.
Table 19-9
Malware Category Descriptions
Malware Type
Description
Adware
Adware encompasses all software executables and plug-ins that direct users
towards products for sale. Some adware applications have separate processes
that run concurrently and monitor each other, ensuring that the modifications are
permanent. Some variants enable themselves to run each time the machine is
started. These programs may also change security settings making it impossible
for users to make changes to their browser search options, desktop, and other
system settings.
towards products for sale. Some adware applications have separate processes
that run concurrently and monitor each other, ensuring that the modifications are
permanent. Some variants enable themselves to run each time the machine is
started. These programs may also change security settings making it impossible
for users to make changes to their browser search options, desktop, and other
system settings.
Browser Helper
Object
Object
A browser helper object is a browser plug-in that may perform a variety of
functions related to serving advertisements or hijacking user settings.
functions related to serving advertisements or hijacking user settings.
Commercial System
Monitor
Monitor
A commercial system monitor is a piece of software with system monitor
characteristics that can be obtained with a legitimate license through legal
means.
characteristics that can be obtained with a legitimate license through legal
means.
Dialer
A dialer is a program that utilizes your modem or another type of Internet access
to connect you to a phone line or a site that causes you to accrue long distance
charges to which you did not provide your full, meaningful, and informed
consent.
to connect you to a phone line or a site that causes you to accrue long distance
charges to which you did not provide your full, meaningful, and informed
consent.
Generic Spyware
Spyware is a type of malware installed on computers that collects small pieces
of information about users without their knowledge.
of information about users without their knowledge.
Hijacker
A hijacker modifies system settings or any unwanted changes to a user’s system
that may direct them to a website or run a program without a user’s full,
meaningful, and informed consent.
that may direct them to a website or run a program without a user’s full,
meaningful, and informed consent.
Other Malware
This category is used to catch all other malware and suspicious behavior that
does not exactly fit in one of the other defined categories.
does not exactly fit in one of the other defined categories.
Phishing URL
A phishing URL is displayed in the browser address bar. In some cases, it
involves the use of domain names and resembles those of legitimate domains.
Phishing is a form of online identity theft that employs both social engineering
and technical subterfuge to steal personal identity data and financial account
credentials.
involves the use of domain names and resembles those of legitimate domains.
Phishing is a form of online identity theft that employs both social engineering
and technical subterfuge to steal personal identity data and financial account
credentials.
PUA
Potentially Unwanted Application. A PUA is an application that is not
malicious, but which may be considered to be undesirable.
malicious, but which may be considered to be undesirable.
System Monitor
A system monitor encompasses any software that performs one of the following
actions:
actions:
•
Overtly or covertly records system processes and/or user action.
•
Makes those records available for retrieval and review at a later time.
Trojan Downloader
A trojan downloader is a Trojan that, after installation, contacts a remote
host/site and installs packages or affiliates from the remote host. These
installations usually occur without the user’s knowledge. Additionally, a Trojan
Downloader’s payload may differ from installation to installation since it
obtains downloading instructions from the remote host/site.
host/site and installs packages or affiliates from the remote host. These
installations usually occur without the user’s knowledge. Additionally, a Trojan
Downloader’s payload may differ from installation to installation since it
obtains downloading instructions from the remote host/site.