Security Basics mailing list archives
Re: How to prevent zero day attacks
From: Brandon Edmunds <brandonedmunds () gmail com>
Date: Tue, 22 May 2012 09:08:23 -0600
Amishra, You are correct, signature based detection is a weak approach and can be easily bypassed. Some vendors like Fireeye have tried to come up with solutions to defend against APT, or zero day, but that all could very well be vendor speak. I'm not sure as I don't have experience with them, The best defense, is strong best practices things like: -baselines (monitoring for changes in the baselines) -log monitoring (egress and ingress) -IDS/Firewall at the perimeter and within in the network -patching -user training - Incident Response Policy -etc Brandon " And in the end it's not the years in your life that count. It's the life in your years" - Abraham Lincoln On Tue, May 22, 2012 at 12:04 AM, <amishra.jsr () gmail com> wrote:
Hello, Traditionally all the anitvirus, IPS works using signature based technique. This doesn't help in zero day attack. Therefore, what can be done to prevent zero-day attacks? ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- How to prevent zero day attacks amishra . jsr (May 22)
- Re: How to prevent zero day attacks AK (May 22)
- Re: How to prevent zero day attacks Cody Alexander (May 22)
- Re: How to prevent zero day attacks Littlefield, Tyler (May 22)
- Re: How to prevent zero day attacks Brandon Edmunds (May 22)
- Re: How to prevent zero day attacks Nathan Sherlock (May 22)
- RE: How to prevent zero day attacks David Gillett (May 22)
- Re: How to prevent zero day attacks GreyHat LispHacker (May 23)
- Re: How to prevent zero day attacks Peter Thomas (May 25)
- RES: How to prevent zero day attacks Fábio Soto (May 28)
- <Possible follow-ups>
- Re: How to prevent zero day attacks securityfocus (May 22)
- Re: How to prevent zero day attacks Matt J. Corrigan (May 22)
- Re: How to prevent zero day attacks synja (May 22)
- Re: How to prevent zero day attacks Stephanus J Alex Taidri (May 22)
- Re: How to prevent zero day attacks Michał Purzyński (May 22)
- Re: How to prevent zero day attacks Stephanus J Alex Taidri (May 22)
(Thread continues...)
- Re: How to prevent zero day attacks AK (May 22)