Protect your corporate IT network from hackers and other unwanted intruders with Proxy Sentinel™. Click here for all the details and get the peace of mind you deserve.
Back to our Homepage Proxy Sentinel™ high performance Internet proxy server and secure firewall solution Firewall Sentinel™ secure & powerful Internet firewall solution About Internet Security.ca and GCIS Frequently Asked Questions on Internet security issues Internet Security Industry News - Stay informed of what's happening Contact Internet Security.ca today and order your Proxy Sentinel™ or Firewall Sentinel™ server now!

Internet Security Industry News

Companies need better Internet security

Save your company's valuable data with Proxy Sentinel™ from Internet Security. Click here for all the details.

August 29, 2003

As industry recovers from the latest security breaches, particularly the Blaster worm and the Sobig.F virus, affected companies should be implementing long-term solutions to make sure such problems do not happen again.

Last year's ICSA Labs survey on viruses showed that 87 percent of corporates reported virus problems even though 95 percent have antivirus software installed. Clearly, antivirus tools coupled with an activated update scheduler are not the whole solution. Shimon Gruper, executive vice president of ESafe Technologies, commented, "Most solutions are based on reactive updates and virus proliferation is always faster than the speed at which these updates can be applied."

To stop people clicking on attachments with hidden extensions it is best to have specific attachments blocked at the gateway, according to Gruper. "The best protection scenario is to not let attachments in if they are deemed not to be productive, which means only office documents and PDFs," he said. "By just stopping .pifs and .exes the majority of problems can be avoided."

Although companies have been affected by the recent wave of virus attacks, Kevin Hogan, senior manager at Symantec Security Response in Dublin, said, "It's been more severe on the home user than the corporates since they don't have the sophisticated gateways that can block [viruses]."

But there are still problems with misconfigured gateways on corporate networks. "Some gateways are auto responding to spoofed emails [email addresses harvested by Sobig] and sending the virus back," Hogan added. The Blaster virus hit a number of high-profile firms, including Sainsbury's. To prevent a recurrence, Gruper said companies should implement a solution that tackles the problems caused by Microsoft's patching regime. "Patching is not the right solution; Microsoft's ability to enforce patching of all the millions of computers is impossible," Gruper added.

Patch testing can cause headaches for IT teams. "Policy compliance in relation to patching is a problem, since you don't want to automatically update patches via Windows Update," said David Emm, marketing manager for the AV emergency response team at Network Associates. "Patch testing usually needs to be done to ensure systems run properly. Determining which patches are important is the problem." Some firms seek assistance from third-party patch management systems. "The US is about a year ahead of the UK in adopting third-party patch management systems and patch management software has three times the players it had 18 months ago," said Ron Kaplan, product manager for St Bernard Software.

Firewalls could minimise the damage caused by Blaster, if they are properly configured. "You may think that because you have a firewall you're isolated from the attacks," said Russ Cooper, editor of NTBugtraq. "[But] as in the Falklands, sooner or later observing is just not enough and it's time to send in the Royal Marines." Although companies may have the infrastructure to deal with the current band of worms, Trojans and viruses, there is currently a line of defence that is not in place. "The problem isn't Microsoft's products or the knowledge of the consumer. The problem lies in the ISPs' unwillingness to make this issue disappear or at least reduce it dramatically," said Cooper.

He added that ISPs have the view and ability to prevent en-masse attacks. "All these attacks traverse their networks before they reach you and me. If they would simply stop attack traffic that has been identified and accepted as such, we'd all sleep better," Cooper said.

Source: PCO.co.uk


Save Internet Security.ca's URL to the list of your favorite web sites
in your Web browser by clicking here.

Back to the top of the page.         

You can link to the Internet Security web site as much as you like. Read our section on how your company can participate in our reciprocal link exchange program and increase your rankings in the major search engines such as
Google and all the others.

Click here to order your Proxy Sentinel™ Internet security server today!

Proxy Sentinel™ is the most secure Internet proxy server on the market today. Click here for more information.
Site optimized by Pagina+™
Powered by Sun Hosting
Search engine keywords by Rank for Sales
Development platform by My Web Services
Internet Security.ca is listed in
Global Business Listing

| Home | Proxy Sentinel™ | Firewall Sentinel™ | FAQ | News | Sitemap | Contact |
Copyright © Internet Security.ca 2003    Terms of use    Privacy agreement    Legal disclaimer