Stopping Computer Viruses Before They Reach You

from the is-this-that-big-of-a-deal? dept

Roland Piquepaille writes "The Washington University in St. Louis (WUSL) announced that one of its computer science teams has developed a new technology to stop computer viruses and worms before they reach your system. John Lockwood and his team didn't use software. Instead, they created an open platform that augments a network with reprogrammable hardware, called the Field-programmable Port Extender (FPX). "The FPX can scan each and every byte of every data packet transmitted through a network at a rate of 2.4 billion bits per second. In other words, the FPX could scan every word in the entire works of Shakespeare in about 1/60th of a second," said Lockwood. Real products based on the technology should appear soon. More excerpts and references are contained in my blog which also includes a photograph of an FPX module." I'm a little confused as to what the big deal is about this. It's basically doing two things: put antivirus protection at the network level instead of the end client, which isn't a new idea at all and using an FPGA hardware solution instead of software (which they seem to be saying is faster). Am I missing something, or is this not that big of a deal?
Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • identicon
    Doubter, 12 Nov 2003 @ 11:08am

    Need more details

    What size memory does this thing have? It may be able to scan all of shakespeare in 1/60 seconds, but that shakespeare is only coming 1 IP packet at a time. Does it not need to cache file data coming through to detect signatures?

    I'd also be curious as to the number of concurrent file transfers it can maintain state info for.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Nov 2003 @ 7:03am

    One problem:

    zero day worms

    How the hell are your going to scan traffic if you don't know what to fscking look for.

    All it takes is one worm that isn't stupid about how it discovers adjacent hosts (how about using netbios/another "native" microsoft protocol instead ICMP?) and uses a polymorphic intrusion process (no need to fill that buffer up with the same thing over and over again).

    ...15 minutes later, while the admin is still typing content into their nifty filter, you're entire network is wormed.

    This sounds like a really weak technology that only fixes the current state of the art problems.

    link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Nov 2003 @ 7:05am

    I'm a little curious...

    ...how is the different from MPLS tagging and filtering?

    link to this | view in chronology ]

    • identicon
      Learning, 13 Nov 2003 @ 8:38am

      Re: I'm a little curious...

      What's MPLS tagging and filtering? You got a summary or a link you can post?

      link to this | view in chronology ]

  • identicon
    Anonymous Coward, 13 Nov 2003 @ 7:07am

    ...and it's implemented in hardware.

    yeah, like this will ever see widespread deployment/the light of day...

    link to this | view in chronology ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.