What is the source for the malware etc. signatures?

Comments

5 comments

  • Avatar
    MilesBFree

    Thanks for the quick reply.  I was more looking for something like is there a central repository on the Internet like CERN where these are stored/aggregated, or do you monitor a bunch of different sources like Apple, Microsoft, Norton, etc. and aggregate the signatures yourself? 

    And have you automated the process so if for example CERN publishes a new threat, you scan their "list" every X minutes/hours and push a new signatures list to the Firewalla within Y minutes? 

    1
    Comment actions Permalink
  • Avatar
    networker5

    So if there is some intrusion trigger, would an alarm be generated? I have never seen one so perhaps nobody is trying to hack me? I find that strange because I used to find many attacks in my old firewall. This is directly connected to the Verizon otn.

    1
    Comment actions Permalink
  • Avatar
    Firewalla

    If attacks are blocked, we do not show them.  (this is outside in).  I have replied to another thread, we are slowly adding "blocked" sites, starting 1.45 and 1.972 on the firewalla box side.  So you will be getting that visibility soon. 

    1
    Comment actions Permalink
  • Avatar
    Firewalla

    It really depends on the signature and the source of the signature.   Most are daily, and some are API based (instantly), some are hourly.  There are some are calculated by us ... which has a life of its own.

    We did answer someone question a while back

    https://www.reddit.com/r/firewalla/comments/i3s6f5/how_does_firewalla_make_money/

     

     

    0
    Comment actions Permalink
  • Avatar
    David Koppenhofer

    So _if_ y'all do go out of business, the cloud stuff will stop working, which I'm understanding is pretty much everything... (?) Not only the block lists, but the management interface also.

    0
    Comment actions Permalink

Please sign in to leave a comment.