Security Basics mailing list archives
Re: How to prevent zero day attacks
From: Cody Alexander <tab604 () hotmail com>
Date: Tue, 22 May 2012 08:16:42 -0700
Agreed, also make sure different services have minimum required permissions to run and use different service accounts and processes for each service when possible. Keep your attack surface small by disabling unneeded services and properly configuring your firewalls. All these things just lower the chance a zero day will be applicable to your systems. The nature of a zero day is that you don't know what is vulnerable or what you need to secure, so risk mitigation is the way to go On 2012-05-22, at 8:07 AM, "AK" <platsakos () gmail com> wrote:
Hi, a nice viewpoint in the face of zero days is sandboxing. By sandboxing applications you accept the fact that,even after what hopefully is a best effort you will still have security vulnerabilities and you try to limit as much as possible the effect of such aftermath. This is more suited to application level as payloads disabling kernel-level enforcements are not unheard of :-) On 5/22/12 8:04 AM, amishra.jsr () gmail com wrote:Hello, Traditionally all the anitvirus, IPS works using signature based technique. This doesn't help in zero day attack. Therefore, what can be done to prevent zero-day attacks? ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- How to prevent zero day attacks amishra . jsr (May 22)
- Re: How to prevent zero day attacks AK (May 22)
- Re: How to prevent zero day attacks Cody Alexander (May 22)
- Re: How to prevent zero day attacks Littlefield, Tyler (May 22)
- Re: How to prevent zero day attacks Brandon Edmunds (May 22)
- Re: How to prevent zero day attacks Nathan Sherlock (May 22)
- RE: How to prevent zero day attacks David Gillett (May 22)
- Re: How to prevent zero day attacks GreyHat LispHacker (May 23)
- Re: How to prevent zero day attacks Peter Thomas (May 25)
- RES: How to prevent zero day attacks Fábio Soto (May 28)
- <Possible follow-ups>
- Re: How to prevent zero day attacks securityfocus (May 22)
- Re: How to prevent zero day attacks Matt J. Corrigan (May 22)
- Re: How to prevent zero day attacks synja (May 22)
(Thread continues...)
- Re: How to prevent zero day attacks AK (May 22)