The invention generally relates to computer virus information, and more particularly to disseminating information about computer viruses.
A portion of the disclosure of this patent document contains material that is subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by anyone of the patent document or the patent disclosure as it appears in the Patent and Trademark Office patent file or records, but otherwise reserves all copyright rights whatsoever. The following notice applies to the software and data as described below and in the drawings hereto: Copyright (copyright) 2001, Networks Associates Technology, Inc., All Rights Reserved.
With the advent of general access computer networks, such as the Internet, people may now easily exchange application programs and application data between computer systems. Unfortunately, some people have taken advantage of such easy data exchange by developing computer xe2x80x9cvirusesxe2x80x9d designed to spread among and sometimes attack interconnected devices, such as networked computers. A virus is application code that executes on one""s computer without one""s knowledge, and against one""s interests. Viruses tend to replicate themselves within all interconnected devices, allowing an exponential xe2x80x9cinfectionxe2x80x9d of other devices. In addition, the number of viruses that can infect a computer has grown exponentially, with the proliferation of several new viruses every day.
In response to the security threat intrinsic to viruses, it is critical for a user to keep abreast of current threats. Nearly all virus information is disseminated in the form of a virus alert posted to one of several virus information websites. The virus alert contains information that describes the virus, including its name, a description of how it operates, and other breaking news and announcements related to the virus. It is not uncommon for information about the same virus to be posted to each of the several virus information websites, with varying levels of specificity and accuracy.
With so much information available on the web, it is difficult to stay on top of breaking news and announcements or other information about new or current threats. System administrators responsible for a company-wide system of networked computers must be especially vigilant. Unfortunately, it is an extremely time-consuming task to monitor all of the virus alerts posted to the various websites. In addition, there is no uniform way of searching through the current and historical data that the websites contain.
According to one aspect of the present invention, a virus information patrol (VIP) data collector monitors virus information repositories and collects selected virus descriptor data into a VIP database in accordance with a VIP configuration data. The VIP configuration data may include various VIP criteria to determine which virus information repositories to patrol and which virus descriptor data to collect. The VIP configuration data may further include a VIP indicator of whether to include or exclude a particular repository or virus descriptor data that satisfies the various VIP criteria. The VIP configuration data may further include a VIP category that describes the type of virus descriptor data that satisfies the various VIP criteria.
According to another aspect of the present invention, a VIP data presenter searches, en formats, and presents the collected virus descriptor data in the VIP database to a user in accordance with a VIP selection data.