上QQ阅读APP看书，第一时间看更新

Server antivirus and malware protection

Understanding the difference between malware, spyware, trojans, ransomware, scareware, and viruses is very important. For example, a computer virus is the most famous type of malware. Malware is short for malicious software or code and is used as a single term to refer to a virus, spyware, worm, and so on, written to disrupt, exploit, steal data, or disable computers over networks. It is important that all users know how to recognize and protect themselves from malware in all of its forms. By nature, computer viruses and worms spread by making copies of themselves. Most of us feel that a firewall does protect us from malware, but, in reality, normal stateful (we will discuss how stateful firewalls work in detail in the Chapter 10, Firewall Placement and Detection Techniques) firewalls don't protect against malicious content on websites, but anti-malware protects servers and workstations. I would like to clarify here that next-generation firewalls come with antivirus and malware protection, but it has to be configured for the traffic you would like to inspect. You still need endpoint protection.

A robust antivirus software package is the primary layer of technological defenses that every personal and business computer system must have. Well-designed antivirus protection comes with several characteristics:

Ransomware protection
Malware protection
Web security
Email security
Scan engine
Anti-keylogger

The WannaCry ransomware outbreak infected millions of Windows based systems across the globe in May 2017. WannaCry searches for and encrypts 176 different file types. The ransom note indicates that the payment amount will be doubled after three days. If payment is not made after seven days, it claims that the encrypted files will be deleted. WannaCry has affected inpiduals, as well as government organizations, hospitals, and universities. You can finally remove WannaCry using an antivirus software, but unfortunately this doesn't magically decrypt your files owing to a strong combined encryption of AES-128 with the RSA-2048 being used.
To stay safe from WannaCry ransomware attacks, it's important to keep your software, especially your operating system, up to date. It is recommended to install a second layer of protection through an endpoint antivirus package.