You are here: silicon.com > Resources > White Papers > Security > Intrusion - Tampering > Network Security

Network Security White Papers

Malicious Websites

Overview 2005 saw the beginning of a movement towards an entirely new type of attack method. Until then, most attackers would compromise a computer system by simply attacking it with known vulnerabilities or "bugs" that could allow the attacker to gain some level of control over the system. These are commonly referred to as "inbound attacks." With personal firewalls loaded onto many systems, as well as other security features enabled, the "inbound attack" approach became increasingly less profitable.

New attack methods started being seen where the attacker would take advantage of vulnerabilities within the Internet browser itself. These vulnerabilities would allow the attacker to download malicious code, Trojan horses, or other applications in the background simply by having the user look at a web page.

This white paper explores and provides solutions for many of the security threats that are part of today's Internet environment.

Further White Paper Details
Publisher	Perimeter eSecurity	File Format	PDF
Date Published	February 2007
Format	White Papers
Topics	Network Security, Security Standards, Security Management, Intrusion Detection Systems, Best Practices

Did you find this white paper useful? 4 out of 8 users found this white paper useful

Balancing Security Against Productivity

Publisher:
Novell

Novell Zenworks Endpoint Security Management: Total Control from a Single Console

Publisher:
Novell

Secure Desktop On-Demand Webcast

Publisher:
Novell

U.S. Bancorp: Using VeriSign to Further Strengthen Its Network Security

Publisher:
VeriSign

NAC 2.0: A new model for a more secure future

Publisher:
Sophos

Three security threats you'll never have heard of

This connection can be made to look like a normal FTP/web connection, normally permitted by firewalls, allowing the attacker to take control of the system remotely. The attacker can then send a command requesting all the information in that database.

Channel:
Security Strategy

Surfers at risk from corporate websites

The software records the victim's keystrokes and opens a back door in the system's security to allow the attacker to access the computer. Windows users could download an alternate browser, such as Mozilla or Opera, and Mac users are not in danger.

Channel:
Malware

Microsoft patches three "critical" IE security holes

Technically, the flaw is what's known as a cross-domain vulnerability, through which an attacker is able to cross a security boundary within the browser to deliver and execute malicious code. Toulouse noted that the company has improved IE in the...

Channel:
Malware

US uni tells students to dump IE

Once the PC is compromised, the attacker could access account information, load other software and delete files. Malicious code writers have targeted security holes in the browser to launch attacks or install spyware.

Microsoft denies SP2 flaw is a danger

Microsoft said in a statement: "An attacker cannot use this method by itself to attempt to run malicious code on a user's system. Those "security technologies in Windows XP Service Pack 2 are meant to help make it more difficult for an attacker to...

Channel:
Security Strategy

Microsoft fixes smorgasbord of IE flaws

Referring to the two critical IE flaws, Microsoft warned in its security bulletin: "An attacker who successfully exploited the most severe of these vulnerabilities could take complete control of an affected system.

Virtualisation: Architectual Considerations and other Evaluation Criteria

In the past several years, server virtualisation technology has moved quickly and firmly into the IT mainstream. Of the many approaches to system virtualisation available in the market today, VMware's hypervisor architecture has gained the greatest market acceptance. This paper examines the architectural issues, solution support, and enterprise readiness required when deploying such a virtualisation solution.

Publisher:
EMC

Getting Started with Master Data Management

Master data management forms part of an overall enterprise governance program that aims to establish trusted data throughout the enterprise. This white paper from Mike Ferguson of Intelligent Business Strategies defines master data, examines why it is needed, and explores methodologies for implementing master data management.

Publisher:
DataFlux

Optimising Storage with Global File Virtualisation

This white paper will provide an overview on how Rainfinity Global File Virtualisation virtualises unstructured data environments and moves data -including active, open files-without disruption to users or applications. Rainfinity is the only enterprise-class file virtualisation solution, and delivers complete NAS optimisation across geterogeneous environments, such as NAS, CAS, and file servers.

Publisher:
EMC

Also on silicon.com

Site Navigation:

Network Security White Papers

Malicious Websites

Quick Sitemap Links:

About Us

Search

Blogs

Verticals

Advertising Features

CNET Networks in Europe

CNET Networks in the United States

CNET Networks in Asia Pacific