• 消除“不对位”“零差别”br创新机关党员日常管理量化考评工作 2019-09-17
  • 人民网春季糖酒会专访湖南武陵酒业集团董事长浦文立 2019-09-17
  • 传销就是利用这种劣根性。 2019-09-07
  • “妃子笑”熟了! 东莞22个官方荔枝采摘点出炉 2019-09-07
  • 钱念孙:从文化传统看中国梦的题中之义 2019-09-05
  • 清新 —频道 春城壹网 七彩云南 一网天下 2019-09-05
  • 40多年义务理发5万人 2019-08-28
  • 失窃案牵出地下药品交易链 2019-08-28
  • 40多年义务理发5万人 2019-08-21
  • 走错片场?中国奥运队服惊现世界杯 2019-08-21
  • 福音!全球首例3D打印眼角膜 数百万盲人重获光明不再遥不可及 2019-08-11
  • 出差还是度假?副局级干部外地调研55次坐头等舱或公务舱被处分 2019-08-11
  • 晋城:八项重点打好水污染防治攻坚战 2019-07-26
  • 在楼主大谈共产主义分配的时候,希望楼主先说明一下对马克思关于共产主义基本原则的理解。一个社会如果仍然存在“按劳动分配”,怎么会是“每一个个人的全面而自由的发展” 2019-07-19
  • 山西方山县:以产业扶贫助推百姓脱贫 坚决打赢脱贫攻坚战 2019-07-19
  • Beyond Security - Jul 11, 2018

    山东群英会顺选五位走势:Defending against Malware

    Reactive Malware Defense Technologies

    群英会跨度走势图 www.xxnr.net Defending against Malware has focused on reactive technologies: intrusion detection, content filtering, detecting and blocking malware, etc. Time to get proactive.

    There is an ongoing argument as to how effective those reactive technologies are. There's no argument about the fact that most of these solutions require very competent operators: without a good administrator, an intrusion detection solution is meaningless.

    This discussion is not going to be about how good malware attack detection and blocking solutions really are, there are some excellent products out there, but more that they are all reactive. They must do a perfect job and block 100% of the attacks, or the web site will be infected. With the amount of attacks conducted today defense perfection is a difficult task.

    The number of different attack signatures currently being used recently doubled from 600K to over 1,600K - in just one year. This is following a multiyear, exponential rate of attack signature growth that is swamping the reactive solutions and their ability to find, and include each signature in their databases.

    The Malware Attack

    Malware attacks are almost entirely an automated activity. The days where a lone hacker decides to attack a single site are over. The goal is to use search and destroy programs to find thousands of vulnerable computers into which malware can then be installed. The goal? Build a botnet; a large network of computers that is ready to do the bidding of the controller.

    The goal of a botnet operator is to quickly get as many compromised machines as possible, and he cares very little about who the victims are. This means the 'low hanging fruit' - the machines that are easiest to attack - will be compromised and the sites and servers that are even slightly harder to crack are skipped.

    Focus: Proactive Malware Defense Solutions

    In the real world context of automated attacks, an excellent protection strategy consists of making your site and network less vulnerable than others. By identifying and eliminating your underlying vulnerabilities instead of attempting to detect and block 100% of the attacks against them you make your network harder to attack than hundreds of thousands of others who have left their vulnerabilities in place.

    By addressing this relatively small set of vulnerability issues, you can easily cause the attacker (typically an automated 'bot') to move to their next target in the target list rather than trying harder to penetrate you. This avoids the need to play Russian roulette by trying to identify and block every attack signature before it can carry malware into your machine and disable your defense perimeter.

    Making machines less vulnerable is not difficult. Botnets use relatively few, known vulnerabilities to attack (more on that later), and those vulnerabilities could be checked for and plugged relatively easily by finding and installing a missing patch, changing a vulnerable configuration, tightening up web applications, etc. A bot trying to attack a network with no high or medium risk, known vulnerabilities will be unsuccessful and will swiftly move on to the next target. From your point of view (protecting the organization you are responsible for) the task is accomplished.

    How Proactive Does Malware Defense Need To Be?

    Vulnerability Assessment and Management has been a major pillar of network security in enterprise, Class A networks for many years. Within just the last couple of years, medium and even small businesses are discovering the common sense of fixing their relatively few vulnerabilities rather than erecting more and more defenses to keep them from being attacked.

    Vulnerability Assessment tools, like beSECURE, scan every node on a network on a frequent, regular basis. Doing a penetration test, or having a security consultant scan your network once a year, every 6 months or even every 3 months doesn't cut it. They must be done regularly; on a weekly or at the very least monthly basis. The reason is obvious - Microsoft alone discloses a boatload of vulnerabilities every month (on "Patch Tuesday"), every one of which can affect your organization and open a potential security risk. But on top of that - networks are dynamic. Someone changing the firewall configuration can accidentally create an opening for an attacker.

    We strongly believe that periodic vulnerability scans, coupled with even basic malware detection and blocking, will be enough to prevent an organization from being compromised and becoming a part of a botnet - not because either method of defense alone leads to absolute protection, but because they harden the organization enough for the botnet operator to simply give up and move on to their next, weaker, target.

    Malware, Botnets and Known vs. Unknown Vulnerabilities

    A quick note about known vs. unknown vulnerabilities. While it is true that some malware attacks utilize "zero-day" vulnerabilities (attacks that have just been discovered and are referred to as 'unknown vulnerabilities') these attacks are a tiny minority. The reason is that 'zero day', unknown vulnerabilities are hard to discover and are thus expensive and relatively few in number.

    Computers that have been infected (zombies) are so numerous that there open market value is currently 4 cents (US). If I have information on how to compromise a network that nobody else knows about, would I waste it adding zombies to my botnet? No - I would sell it on the open market (where I can fetch $10,000-$100,000 easily for this information) or use it to compromise a lucrative target such as a bank, sensitive government network, or similar high value target. The fact of the matter is that close to 100% of the successful malware and botnet-related attacks use known vulnerabilities.

    Proactive vs. Reactive Malware Defense ROI

    In summary, while it is 'sexy' to talk about reactively detecting and blocking attacks, it is impractical, reactive and often impossible to do without expensive technical expertise. It is much cheaper and effective to be proactive and run periodic vulnerability scans to detect the relatively easy to find known vulnerabilities that are used to break into the network, and plug those holes before they are used by attackers.

    Find out more about how beSECURE, the Automated Vulnerabilty Detection System, can protect against malware. Use the form on this page, email or call us.

    PREVIOUS POST
    Web Security Basics

    Written by Beyond Security

    We had an impossible mission: transform the hackers brain into a machine. Mission accomplished. Using automated software, Beyond Security is dedicated to finding common vulnerabilities and zero-day exploits at a fraction of the cost of human-based penetration testing. Businesses around the world have been relying on Beyond Security's vulnerability and compliance solutions since 1999. Whether you need to accurately assess and manage security weaknesses in your networks, applications, industrial systems or networked software, we're here for you - one step ahead of the hackers.

    • 消除“不对位”“零差别”br创新机关党员日常管理量化考评工作 2019-09-17
    • 人民网春季糖酒会专访湖南武陵酒业集团董事长浦文立 2019-09-17
    • 传销就是利用这种劣根性。 2019-09-07
    • “妃子笑”熟了! 东莞22个官方荔枝采摘点出炉 2019-09-07
    • 钱念孙:从文化传统看中国梦的题中之义 2019-09-05
    • 清新 —频道 春城壹网 七彩云南 一网天下 2019-09-05
    • 40多年义务理发5万人 2019-08-28
    • 失窃案牵出地下药品交易链 2019-08-28
    • 40多年义务理发5万人 2019-08-21
    • 走错片场?中国奥运队服惊现世界杯 2019-08-21
    • 福音!全球首例3D打印眼角膜 数百万盲人重获光明不再遥不可及 2019-08-11
    • 出差还是度假?副局级干部外地调研55次坐头等舱或公务舱被处分 2019-08-11
    • 晋城:八项重点打好水污染防治攻坚战 2019-07-26
    • 在楼主大谈共产主义分配的时候,希望楼主先说明一下对马克思关于共产主义基本原则的理解。一个社会如果仍然存在“按劳动分配”,怎么会是“每一个个人的全面而自由的发展” 2019-07-19
    • 山西方山县:以产业扶贫助推百姓脱贫 坚决打赢脱贫攻坚战 2019-07-19
    • 江苏快3今天走势图3 青海十一选五基本走势图 排列5走势图带连线图表 广东快乐十分时时彩网 上海天天彩选4第2018348期 江苏体育彩票 必赢客广西快三软件 广东26选5中奖规则 澳洲幸运10开奖结果下载 福建十三水下载 女排自由人的要求 彩客网 www.310win.com 彩经网3d走势图带连线 时时彩单期全天计划 梭哈游戏平台什么好玩