Manualshelf

Installation instructions

ManualsBrandsGFI ManualsSoftwareMailSecurity, 10-24, 1 Year SMA
919293949596979899100
GFI MailSecurity for Exchange/SMTP The Trojan & Executable Scanner 87
The Trojan & Executable Scanner
Introduction to the Trojan & Executable Scanner
GFI MailSecurity includes an advanced Trojan and Executable
Scanner, which is able to analyze and determine the function of an
executable file. This scanner can subsequently quarantine any
executables that perform suspicious activities (such as a Trojan).
What is a Trojan horse?
The Trojan horse got its name from the old mythical story about how
the Greeks gave their enemy a huge wooden horse as a gift during
the war. The enemy accepted this gift and brought it into their fortress.
During the night, Greek soldiers crept out of the horse and attacked
the city.
In computers a Trojan horse is a way of penetrating a victims
computer undetected, allowing the attacker unrestricted access to the
data stored on that computer. Subsequently the attacker can
manipulate the data and can cause great damage to the victim, just
like the citizens of Troy.
A Trojan can be a hidden program that runs on your computer without
your knowledge. Furthermore, hackers sometimes hide Trojans into
legitimate programs that you normally use.
Difference between Trojans and viruses
The difference between Trojans and viruses is that Trojans are often
„one-off‟ (tailor made) executables, targeted to obtain information
from a specific target (user/system). In general, a hacker deploys a
Trojan to create a backdoor on a system, thus gaining unrestricted
access to the system. Signature based anti-virus software, are unable
to detect one-off Trojans. Indeed any application that only uses
signatures to detect malicious software will not be effective in
detecting such threats. These include specialized anti-Trojan software.
The main reason is that signature based software can only detect
known viruses and Trojans. That is why such applications need
frequent updates.
How does the Trojan & Executable Scanner work?
GFI MailSecurity is able to rate the risk-level of an executable file by
decompiling the executable, and detecting in real time what the
executable might do. Subsequently, it compares capabilities of the
executable to a database of malicious actions and then rates the risk
level of this executable file. With the Trojan & Executable scanner, you
can detect and block potentially dangerous, unknown or one-off
Trojans before they penetrate your network.