Review: PestPatrol 3.0

Anti-virus programs largely protect you from viruses, but what about other forms of malicious code? This software package works to analyze and disinfect your network to assure that you're free from already active Trojans, backdoors, and hacker tools.

 By Jim Freund
Page 1 of 3
Print Article

There's a perception that once you've installed your preferred anti-virus software on your network, network edges, and end-user's machines; and that you constantly update the scanning signatures, you're safe from viruses, right? Well, to a large extent that may be true, so long as your users follow your cautionary rules. But even then, are you safe from hackers programs?

According to David Stang, co-founder and CTO of PestPatrol, you're not necessarily free from malicious code at all. Stang, also a founder of the National Computer Security Association (1989) and International Computer Security Association (1991), maintains that anti-virus programs catch up to 90% of viruses, 15% of resident Trojans, and 0% of hacker tools existing on an end-users machine or a server.

PestPatrol has been positioned as an adjunct to anti-viral software, and scans and quarantines or eradicates malicious code that does not necessarily spread like a virus. They call these pests, and break them down into such categories as RATs (Remote Administration Trojan), probe tools, virus and Trojan creation tools, port scanners, password crackers, etc. These are distinct from viruses, as viruses are usually a portion of code, and pests tend to be full-blown programs.

The program has been out for awhile, targeted mainly at consumers who, in addition to the pest protection, are very interested in the many forms of spyware that are inevitably collected in cookies or programs that report back to their creators about its usage, such as Go!Zilla or Gator. While less important in the business environment, these programs en masse can affect bandwidth, and can be useful to know just how much outgoing traffic is affected.

However, there is now a version that will work across networks to scan all the Windows-based machines and servers. Rather than using the GUI version preferred by consumers, PestPatrol can be invoked from a command-line, best invoked from a login script or an automatic scheduler, such as Windows AT command. The program itself can reside on the server. The logged results can in turn be sent to a master log on the network, and can in turn be monitored by another program capable of sending an alert to the network manager via Windows Messaging.

This article was originally published on Feb 8, 2002
Get the Latest Scoop with Networking Update Newsletter