Reference Guide

ManualsBrandsDell ManualsConverged InfrastructureEndpoint Security Suite Pro

Security Management Server Virtual - AdminHelp v9.8

Worm

Malware that propagates by copying itself to another device.

Code Red, Stuxnet

Dual Use

Dual Use indicates the file can be used for malicious and non-malicious purposes. Caution should be used

when allowing the use of these files in your organization. For example, while PsExec can be a useful tool for

executing processes on another system, that same benefit can be used to execute malicious files on another

system.

Subclass

Definition

Examples

Crack

Technologies that can alter (or crack) another application in order to

bypass licensing limitations or Digital Rights Management protection (DRM).

Generic Any Dual Use tool that does not fit into an existing category.

KeyGen

Technologies which can generate or recover/reveal product keys that can

be used to bypass Digital Rights Management (DRM) or licensing protection

of software and other digital media.

MonitoringTool

Technologies that track a user's online activities without awareness of the

user by logging and possibly transmitting logs of one or more of the

following:

• user keystrokes

• email messages

• chat and instant messaging

• web browsing activity

• screenshot captures

• application usage

Veriato 360,

Refog Keylogger

Pass Crack

Technologies that can reveal a password or other sensitive user credentials

either by cryptographically reversing passwords or by revealing stored

passwords.

l0phtcrack, Cain

& Abel

RemoteAccess

Technologies that can access another system remotely and administer

commands on the remote system, or monitor user activities without user

notification or consent.

Putty, PsExec,

TeamViewer

Tool

Programs that offer administrative features but can be used to facilitate

attacks or intrusions.

Nmap, Nessus,

P0f

Potentially Unwanted Programs

The file has been identified as a Potentially Unwanted Program. This indicates that the program may be

unwanted, despite the possibility that users consented to download it. Some PUPs may be permitted to run

on a limited set of systems in your organization (EX. A VNC application allowed to run on Domain Admin

devcies). A Dell Server administrator can choose to waive or block PUPs on a per device basis or globally

quarantine or safelist based on company policies. Depending on how much analysis can be performed against

a PUP, further subclassification may be possible. Those subclasses are shown below and will aid an Admin in

determining whether a particular PUP should be blocked or allowed to run:

Subclass

Definition

Examples