Archive for February, 2007

Anti-phishing service

Wednesday, February 14th, 2007

Services to prevent losses from phishing attempts typically include computerized applications or personnel to assist with:
• detection,
• notification,
• containment,
• forensics, and
• prosecution.

Detection services collect information from thousands of decoy e-mail accounts spread across the web and screen them for phishing attempts. When a phishing attempt is detected, the customer is notified so that they can immediately take preventative action, sometimes contacting their own customers to warn them of the fraud attempt. Anti-phishing service providers can also notify major ISPs so that messages from the phishing source can be blocked from the mailboxes of millions of potential victims, along with other kinds of spam.

The best anti-phishing service providers have staff that are trained in forensics. They do the research necessary to find the people responsible and, when possible, provide their customers the information they need to prosecute.

The primary customers for anti-phishing services are large banks and service providers who want to preserve customer confidence in their on-line services.

Original post by SecuMania Staff

Posted in Uncategorized | No Comments »

Alerting, alerts

Wednesday, February 14th, 2007

A robust network-security monitoring application should include an alerting service. When an event that requires attention occurs, this service will send a notice by e-mail, page, instant messaging or other urgent method to a security expert.

The administrator may configure this service for pre-determined events or baselining may be used. When baselining is used, a threshold value is configured. When the value exceeds the threshold for a particular kind of event, an alert is issued.

For example, a number of failed attempts to log into an administrative account on a server may indicate that an attacker is trying to gain control of the server. The network team decides that up to ten tries is reasonable for someone who has just temporarily forgotten the password, so they set a threshold of ten failed attempts for this kind of event. At the eleventh attempt, an alert is sent so that an expert can investigate for other symptoms that would indicate an attack.

Original post by SecuMania Staff

Posted in Uncategorized | No Comments »

2007 A hacking Odyssey: Part One – Reconnaissance

Wednesday, February 7th, 2007

2007 A hacking Odyssey – Reconnaissance

The aim of this series of papers that will take an in-depth look at how someone may target and electronically break into an organisation, is to educate people who may be tasked with looking after and securing a corporate network to do so in an effective manner.

My personal outlook on this issue is that if you have no idea about the steps a would-be attacker will take to try and gain access to your systems, then you as an administrator can not effectively secure your system to an acceptable standard. Some people may disagree about the concept of demonstrating to people how to gain access to networks they are not meant to, whilst others agree with the ‘full disclosure’ approach.

Take a firewall for example – if you don’t understand the steps an attacker will go through to try and get traffic through your firewall, then how can you stop them for doing it? All you can do is configure it the best way you know how and hope it is good enough.

2007 A hacking Odyssey: Part One – Reconnaissance

Original post by sportsnut

Posted in 2574 | No Comments »