News
News
3/10/2006
10:07 AM
50%
50%

Free Search Engine Identifies Unknown Windows Files

To help ease their minds about what exactly is on all those corporate PCs, administrators can download a utility at Bit9's Web site to tap into the firm's 4-terabyte database.

Bit9 Inc. on Monday will launch a free search engine to identify unfamiliar software applications and executables found on any computer running the Windows operating system.

Users will be able to download a utility at Bit9's Web site to tap into the firm's 4-terabyte database at http://fileadvisor.bit9.com. The database holds approximately 25 million unique files and 250 million records to source and identify the software. Bit9 expects to triple the data the end of the year.

To keep up to date Bit9 collects and catalogs file data on commercial software and drivers from the Web, the National Institute of Standards and Technology (NIST)the National Software Reference Library (NSRL), IBM Corp., and other resources.

Unknown applications or executables are identified in the database by a "cryptographic hash, a mathematical algorithm that runs across the content of the file," said Bit9 Inc. vice president and co-founder John Hanratty, who also co-founded Synernetics, acquired by 3Com, and Agile Networks, scooped up by 3Com. "Any virus worth its chops will come in and rename itself as a legitimate name, for example, a file system."

FileAdvisor provides details on the file originator and the commercial software package it's contained in. Hanratty said the utility uses the cryptographic hash because it's common for malicious code to change its name so it appears harmless to the users.

Bit9 also will introduce the ParityCenter service to integrate with Bit9 Parity. The software provides network visibility to closely monitor unknown files as they are downloaded onto machines in an enterprise before they affect computers.

The problem is that "bad" always changes, said Hanratty. ParityCenter identifies that an executable file is of an unknown type, and keeps it from propagating.

While it's important to monitor unwanted software, IT professionals also "want the ability to control unauthorized and unlicensed software," he said. "They're spending as much money in virus and worm protection, as they are to clean up unauthorized utilities."

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest, Nov. 10, 2014
Just 30% of respondents to our new survey say their companies are very or extremely effective at identifying critical data and analyzing it to make decisions, down from 42% in 2013. What gives?
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on InformationWeek.com for the week of November 16, 2014.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.