Definition Edit

A malware scanner can provide precise identification of known malicious code. Scanners search for “signature strings” or use algorithmic detection methods to identify known code. Scanners rely on a significant amount of a prior knowledge about the code. Therefore, it is critical that the signature information for scanners is current. Most scanners can be configured to automatically update their signatures from a designated source, typically on a weekly basis; scanners can also be forced to update their signatures on demand.[1]

Scanner software can also be used by an attacker to

send a series of messages to other computers to try to learn more about them. These tools can check hundreds or thousands of computers an hour to identify good targets for future attacks. A computer connected directly to the Internet is scanned constantly; if the computer is not protected, attackers could gain information from the scans that would help them in planning attacks against the computer.[2]

References Edit

  1. NIST Special Publication 800-36, at 36-37.
  2. NIST Special Publication 800-69, at 2-3, 2-4.

Ad blocker interference detected!

Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.