Computer Crime Research Center


Viruses, spam and phishing

Date: January 25, 2006

It’s getting so you can’t stick your head out onto the Internet anymore without someone trying to sell you something, infect your computer with viruses or steal your identity. And several attacks developed to go after home users, such as phishing, are mutating to take aim at corporate offices and government agencies. Into this maelstrom we tossed the new MailFrontier M500 gateway appliance, which scans each and every e-mail coming in or going out of a network. It’s the baby brother of the M1000, but is no lightweight. The M500 can handle 1.2 million messages per day, or about 50,000 every hour.

First we set up the M500 on the GCN Lab test network to watch it in normal operation. Then we hooked it up to a test bed powered by two devices from Spirent Communications plc. Using the Spirent Avalanche and Reflector, we could simulate a network of 1,000 busy government users receiving and sending e-mails.

Out of the box, the M500 was not very difficult to set up. It took about an hour, which hardly makes it plug and play, but it was among the easier appliances we’ve tested to configure. After setup, the M500 will update itself with the most recent malware profiles, and little user intervention should ever be required again.

For testing, our simulated users received a constant stream of messages for half an hour, with all messages routed through the M500. We sent 16,606 viruses though the appliance. Some of these were old, while others were captured within the days leading up to the test. Still other test viruses were created in the GCN Lab specifically for this review. The M500 was rarely fooled. It nabbed 16,584 of the viruses for a 99.86 percent accuracy rate.

Original article

Add comment  Email to a Friend

Copyright © 2001-2013 Computer Crime Research Center
CCRC logo