Newsletters

Select newsletters below and click the button to sign up!

Boston News NY News
DC News Internet Daily
SiliconValley News
InternetNews Business Report




Become a Marketplace Partner


Partner With Us


Internetnews Bloggers

Recent Entries

Archives

August 2009
Sun Mon Tue Wed Thu Fri Sat
            1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31          

Monthly Archives

Search The Blog

Netstat -vat by Sean Michael Kerner (bio)

A command line view of IT



Mod Anti-Malware goes open source for server security

By Sean Michael Kerner on August 11, 2009 8:50 AM
dasient_small.jpg
From the 'kinda/sorta open source' files:

Web security vendor Dasient today released an open source version of their Web Anti-Malware (WAM) server security technology. It's called mod anti-malware lite and the basic idea is that it will identify and block/redirect malware on a server.

Dasient announced their core technology in June, but the new part in my view, is the open source aspect. Dasient is not open sourcing their whole product, instead it's just the 'lite' version - the difference between the lite and the full version is that the lite version does not actually remove the detected malware, but it does enable a server admin to put up a page that can redirect users away from the issue.

I spoke with Dasient founders Neil Daswani and Ameet Ranadive and asked them why they open sourced mod anti-malware. Their answer (to me) sounded like they were using open source as a 'trial-mode' channel of distribution as opposed to a method of development. But they are open to community participation. Here is what they said.
"This is our first step into the  open source world," Daswani told InternetNews.com."We're doing it mostly so web hosting providers and other sites can try it out. If  people have interest in helping us build it out we're more then happy to work with them."
The other key question that I had for Dasient was how their technology is different than say the mod_security Web Application Firewall (WAF), that is also open source.

A WAF is a technology that is supposed to be able to pro-actively protect a web server against new threats, so to my naked eye Dasient's technology seemed to be a similar concept.

As it turns out, they're not quite the same.

Daswani explained to me that a WAF is good for protecting against web server issues/vulnerabilities whereas the web anti-malware protects against malware. Here's the difference, say an attacker is able to get control of a server (FTP or otherwise) and has a legitimate password (or is able to otherwise upload a piece of malware). That malware itself isn't necessarily a web server vulnerability that a WAF will defend against. That's where mod anti-malware comes in, looking specifically for malware that may be on a server.

So Dasient's technology is not a pure web server vulnerability defense mechanism in my opinion, but rather a new part of a defense in depth strategy to ensure that a web server is not being used as a host for drive-by malware distribution.

| Comments (0) | TrackBacks (0) | Share

0 TrackBacks

Listed below are links to blogs that reference this entry: Mod Anti-Malware goes open source for server security.

TrackBack URL for this entry: https://swarm.jupitermedia.com/mt-tb.cgi/8680

Leave a comment