Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Making yourself a smaller target to internet attackers

InfoSecurity Europe : 19 January, 2010  (Technical Article)
Davin Fligel, a Security Analyst at Caretower compares modern internet threats to "lightning down the wire" and suggests the way to reduce the risk of strikes
See our events guide listing for more details

Nobody wants to be an innocent bystander; we avoid high risk areas where problems are likely to break out. The risk averse amongst us avoids areas that pose even a modicum of risk such as lightning coming down a telephone line which so horrified me as a teenager.

I could become an innocent bystander in my own home. The first thing that came to mind was: "What are the chances of that?" closely follow by, "I live in a lightning prone area" and "I need the phone to communicate." This was the choice of communication methods before the ubiquitous mobile phone and the pervasive Internet.

On the Internet computers are to homes as browsers are to telephones. To be able to communicate between houses you need to use your browser. Some would say the Internet is somewhat "lightning prone." You browse around as normal until unsuspectingly hitting an intentionally malicious or even legitimate site that had been compromised and your computer is compromised. How does not using the internet for security reasons sound to you? Could you do it or would you sprint out and get the first "surge protector" you could find?

"But I have a firewall" cries the recently recruited member to the latest fashionable botnet. Unless your firewall can stop you connecting outbound to a compromised site then it is useless against this threat. The last time I checked, I was not blocking my browser from connecting to the Internet. That would defeat the purpose.

"But I only visit safe sites" cries the latest attack vector into a corporate network after being compromised by the penetration testing team. Man in the middle attacks from fake or compromised wireless access points or internet cafes, even man in the middle attacks on the LAN if the opportunity arises. No WiFi? That would surely be ridiculous.

"But I have antivirus" cries the IT Manager as he explains to the CIO how he just lost a stack of confidential records. Kernel rootkit injection and core library replacement through an un-patched vulnerability had left him open long enough to get the data and leave without writing the files that AV definitions would easily identify.

The truth of the matter is browser security is the new file and network security. Even legitimate web sites fall prey to zero day vulnerabilities, cross site scripting and SQL injection attacks. If not the sites themselves, then the advertising engines posting advertisements for their parent sites. This is assuming you are surfing from a safe network let alone the added risks of unprotect wireless networks and the hacker friendly man in the middle opportunities they present.

This is lightning down the wire all over again, only on a grander scale with exponentially more lightning.

The moral of this story is simple to elucidate but difficult to implement: Make yourself a smaller target, install your lightning protectors, patch your browsers and if you cannot patch them use ones that are not vulnerable, use Intrusion Prevention Systems (IPS), Host Intrusion Prevention Systems (HIPS), Layer-7 aware Web Application Firewalls (WAFs), use a secure VPN from public WiFi hotspots, block unnecessary outbound communications, or at a minimum monitor them.

Surf safe, don't browse without protection.

Caretower Limited is exhibiting at Infosecurity Europe 2010, the No 1 industry event in Europe held on 27th - 29th April in its new venue Earl's Court, London. The event provides an unrivalled free education programme, exhibitors showcasing new and emerging technologies and offering practical and professional expertise.
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo