Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Endpoint appliance resists threats by botnets.

Promisec : 19 July, 2007  (New Product)
Promisec enpoint technology recognises botnet activities and helps prevent denial of service attacks breaking through to servers.
Promisec has announced that the company's endpoint security technology stops the growing threat of Botnet attacks from hijacking corporate computing environments by using a comprehensive approach to layered security, preventing crippled network activity and business disruption. Promisec recognises Botnet armies, also known as Zombie armies, as the IT security attack of choice for criminals since it allows them to leverage a corporation's entire network of computers for unlawful spamming or malware distribution at a very high rate, raising legal questions, but also slowing corporate computing to a crawl.

A Botnet consists of a number of computers that have been compromised to become part of a Botnet used by a miscreant to launch attacks such as a distributed denial-of-service, spam, viruses and other attacks on a single or large number of computers connected to the Internet. A computer hijacked in this way is called a BOT, and becomes part of a Botnet controlled by a 'Botherder.' Those who create and send Botnet attacks are typically motivated to damage one or more computing networks or to profit from their activity by creating large spam engines that result in service outages. The FBI, in what it dubbed Operation BOT Roast, recently shut down a major Botnet and arrested the ringleader, who had infected more than one million computers. The suspect faces 20 years in prison if convicted.

Recommended processes to ensure corporate networks remain free from attacks include implementing a network security strategy with the following layers:.

* Up-to-date anti-virus software.
* Up-to-date anti-spyware software.
* Automated OS vendor patching, such as Windows Update.
* Software or hardware firewall.

Endpoint security management software to provide single location management of all these security layers and manage policies to ensure proper third party security software operation.

'Botnets are of grave concern because they can operate in large numbers without being noticed, meaning a network could shutdown from the traffic surge alone,' said Amir Kotler, CEO of Promisec. 'Beyond serious disruptions in business continuity, corporations can potentially be held hostage - literally asked to pay ransoms that can cost millions of dollars - by the source of many spam, viruses, malware and denial-of-service attacks thundering from personal computers onto their networks. Organisations need to be aware of how Botnets can propogate, and how to detect and prevent these infections by implementing a comprehensive layered security solution.'

Experts agree that a layered security approach provides the greatest level of protection for enterprises. Layered security solutions are designed to protect sensitive system resources on the network, delivering added assurance that if one security layer fails, another layer of security will stop an attack. Promisec Spectator Professional stops Botnet armies by identifying infiltration at the endpoint and removing the startup commands and executables that allow Botnets to operate almost undetected on innocent workstations. Promisec also looks for IRC software which is used to communicate within a Botnet and remove it, effectively severing the host from the Botnet. Because Promisec monitors unauthorised processes in addition to deviant software, networks protected by Promisec are able to identify infected PCs and clean them before a Botherder starts using them for nefarious activities.

Promisec's white list capabilities enable organisations to detect infected computers through the startup commands, applications, processes and services which make up the BOT. By identifying these deviations from the standard, dormant BOTs hiding in the system are more easily identified. This is important because unlike other malicious codes, BOTs can be dormant for a very long time before they are activated, similar to terrorist sleeper cells. The actual command and control infrastructure often uses IRC channels. Being able to identify unauthorised chat programs and removing them will sever the command infrastructure and therefore prevent the BOT from being used to launch an attack. Promisec's extensive black list includes a very large number of chat programs that can be identified and uninstalled. Combined, Promisec's capabilities offer a powerful tool for preventing computers from being used to launch attacks.

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo