A Mountain View, Calif., startup company has developed what it calls a storage “firewall” to prevent computer viruses from wrecking the data on desktop computers.
DriveSentry’s software sets up a whitelist of trusted programs that are allowed to write to certain folders or file types. Should another program try to write to the drive, DriveSentry generates a pop-up window and asks the user if this should be allowed.
“What we’ve developed is a number of low-level drivers that basically can intercept the drive traffic,” said John Safa, chief technology officer and founder of the company. “We’ve built a complex engine that monitors this traffic in real-time and can then present an issue to you visibly on screen.”
This software could block a virus from writing to a .doc file used by Word or to the Windows registry. But if a user tried to edit that same document using OpenOffice.org, DriveSentry would first ask if this is OK, and then place OpenOffice.org on the whitelist.
DriveSentry can also be used to prevent rootkits and keyloggers from writing to the hard drive, and it works with peripheral storage devices like USB drives.
Safa came up with the idea for DriveSentry several years ago, after he downloaded software that he meant to test for security purposes. In fact, the code turned out to be a malicious Trojan horse program.
DriveSentry will be available for download Monday. It costs US$29, but the company will also offer a free version that will allow users to monitor five different file types and two folders on their computer.
The software will work with Windows 2000, Windows XP, Windows Server 2003 and Windows Vista.
-Robert McMillan, IDG News Service (San Francisco Bureau)
Check out our CIO News Alerts and Tech Informer pages for more updated news coverage.