Re: [EXTERNAL] Re: [SECURITY] Malware distribution?

[Valdis Klētnieks <valdis.kletnieks () VT EDU>]

On Thu, 31 Oct 2019 15:17:41 -0000, "Bridges, Robert A." said:
> Related question—is there a way to get a handle on the ratio of benign to
> malicious files in an organization?

It's *hopefully* going to be vanishingly small.  I don't have a Windows box
handy, but I'm sure that once you install Windows 10 and Microsoft Office,
you're looking at 200K files or more.  This Fedora laptop has over 200K files
between /, /usr, and /usr/share, and it's not even a complete install.

So if 1% of your users have been pwned and have malware on their boxes,
and the average pwned user has 100 malicious files, and 200K files for a base
install, you're looking at 0.0005% malicious files.  And if you have a large archive
server (I was running one that was over a half-billion files and 12 petabytes+ of
data), that's going to dilute the percentage even more unless there's a lot of
malware in the archive....



**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

Attachment: _bin
Description: