News
News
3/10/2006
10:07 AM
Connect Directly
RSS
E-Mail
50%
50%

Free Search Engine Identifies Unknown Windows Files

To help ease their minds about what exactly is on all those corporate PCs, administrators can download a utility at Bit9's Web site to tap into the firm's 4-terabyte database.

Bit9 Inc. on Monday will launch a free search engine to identify unfamiliar software applications and executables found on any computer running the Windows operating system.

Users will be able to download a utility at Bit9's Web site to tap into the firm's 4-terabyte database at http://fileadvisor.bit9.com. The database holds approximately 25 million unique files and 250 million records to source and identify the software. Bit9 expects to triple the data the end of the year.

To keep up to date Bit9 collects and catalogs file data on commercial software and drivers from the Web, the National Institute of Standards and Technology (NIST)the National Software Reference Library (NSRL), IBM Corp., and other resources.

Unknown applications or executables are identified in the database by a "cryptographic hash, a mathematical algorithm that runs across the content of the file," said Bit9 Inc. vice president and co-founder John Hanratty, who also co-founded Synernetics, acquired by 3Com, and Agile Networks, scooped up by 3Com. "Any virus worth its chops will come in and rename itself as a legitimate name, for example, a file system."

FileAdvisor provides details on the file originator and the commercial software package it's contained in. Hanratty said the utility uses the cryptographic hash because it's common for malicious code to change its name so it appears harmless to the users.

Bit9 also will introduce the ParityCenter service to integrate with Bit9 Parity. The software provides network visibility to closely monitor unknown files as they are downloaded onto machines in an enterprise before they affect computers.

The problem is that "bad" always changes, said Hanratty. ParityCenter identifies that an executable file is of an unknown type, and keeps it from propagating.

While it's important to monitor unwanted software, IT professionals also "want the ability to control unauthorized and unlicensed software," he said. "They're spending as much money in virus and worm protection, as they are to clean up unauthorized utilities."

Comment  | 
Print  | 
More Insights
IT's Reputation: What the Data Says
IT's Reputation: What the Data Says
InformationWeek's IT Perception Survey seeks to quantify how IT thinks it's doing versus how the business really views IT's performance in delivering services - and, more important, powering innovation. Our results suggest IT leaders should worry less about whether they're getting enough resources and more about the relationships they have with business unit peers.
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Must Reads Oct. 21, 2014
InformationWeek's new Must Reads is a compendium of our best recent coverage of digital strategy. Learn why you should learn to embrace DevOps, how to avoid roadblocks for digital projects, what the five steps to API management are, and more.
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A roundup of the top stories and community news at InformationWeek.com.
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.