Printable View
Right on both accounts, it mostly acts like a "firewall" I suppose, it will detect the threat of a network virus and depending on how you have it set up will either quarantine the malware or shutdown the network connection, or both.Quote:
Originally posted here by Synja
So... it gets the malware before it has connected to a vulnerable service?
And it gets it before the download starts?
If a local process can see it, it has already reached the machine.
I will post some suggestions about locking down IE through local security policy and file permissions later tonight. I just have to wait for t3h b4by to go to sleep. If I don't get to it tonight, I'll do it tomorrow morning when everyone's still sleeping.
And your point is ?Quote:
If a local process can see it, it has already reached the machine.
If you connect to it with IE, IE is a local process, and it can see it too. But the question is, what will your system do with it?
IF you have locked down your system so it won’t run ActiveX components, then you have told it to ignore what it sees.
If your AV quarantines it, it doesn’t run.
If you have your system locked down and an ActiveX runs, but doesn’t have permissions to alter or install anything on the system, then you have mitigated damage that way.
An AV is just another layer. If the AV catches something before it has had a chance to do its damage then where is the difference and what are you talking about?
It is just a different local process that sees it and prevents it from doing damage. ( we are talking web browsing here, you have not addressed e-mails, etc., although I tried to earlier.)
Want some examples ( beyond the masses of stupid people who are everyday users of computers? )
How about you, while browsing and have your kid on your lap, you go to look at something only to find that it has an ActiveX script to run. You are distracted by your kid. You get prompted to run it, you don’t want to, but your kid picks that moment to fling the bottle at your groin; you clicked on accept instead of cancel ... now you are hoping you have something else in place just in case. ( I was going to use the drunk scenario, but thought this would ‘hit home.’ If it didn’t, it will! )
Or what about when your ‘significant other’ is trying to view something, then can’t? ( or that bastard at work who wants to make your life miserable, and has the ear of your boss’s boss ? ) Or you want to view the new Harleys, but they use off-site images, etc.?
I posted this ( in disgust ) on another site, think it appropriate here. It exemplifies the mind set of people in general about computers:
That is the reality of what we are dealing with.Quote:
Something caught my eye in the February 16 edition of Network Computing Magazine :
"AJAX Isn't Squeaky Clean "
( the title of the online article is a little different: Is Is AJAX a security risk? )
What really intrigued me was the last line,
Quote:
Is AJAX a security risk? Probably. But let's not drag Web services through the mud just because AJAX is one of today's most commonly used SOA clients.
Does this chew at anyone else?
I mean not just the statement, but the underlying concept behind it. It is prevalent throughout the industry, has steered the development of the IT industry for the past decade, but isn't it time that people in general came to grasp that security is everyone's responsibility, and liability?
Am I off base here? Or doesn't anyone else see what I see?
Terms used in the article:
Ajax
SOA
Don’t get me wrong. AV software is not ( although many believe it is ) an end-all to answer security. Far from it. But it fills a gap, especially when people want to view sites who’s only consideration is usability and convenience and have no concern for security. ( BTW, this is also applicable to software developers, ISPs, etc. )
The concept has been around for years: Security in Depth, Layered Security, whatever you want to call it. Hopefully, those in the field will eventually be able to understand and overrule when it comes to security, but right now the all mighty dollar and user conveyance rule.
Education is the key.
AO has been a place for people to learn this. Hopefully, it will continue to lead in this respect
LOL. Be sure to tell me this when your identity is being used by Dr. Akeem Hoobackaloo, the sole benefactor of the kingdom of Zamunda.Quote:
You guys need to get out of your ivory towers more often.
I think he may still need some additional info from you so he can transfer your 2 million dollars of US.
;)
How did you know my real name, horse?
;)