Forget the popular myth of the teen hacker. An older, more sophisticated hacker is out there, spreading malicious code disguised as files and standard Internet apps into corporate networks. It's this fear of the unknown that's starting to scare some IT managers into adding behavior-blocking, or "sandboxing," technology, as a last line of defense at the desktop. Behavior blocking prevents malicious code from doing something it's not authorized to do. If a downloaded executable program tries to erase the PC's hard drive or copy its address book, for instance, the software stops it cold.
One of the U.S. government's front-line defenses against cyber-sabotage will begin selling its early warnings about the latest Internet threats, something it used to share only with federal agencies.
The shift comes as the taxpayer-funded CERT Coordination Center, formerly known as the
Computer Emergency Response Team, joins a prominent electronics trade association to form a
new "Internet Security Alliance."
Many solutions providers are launching security practices to lock down corporate networks or to teach customers how to combat hackers and crackers.
Some solutions providers are even sending their employees to hacker school, where a typical one to four day course can cost $750 to $3,500.
With the click of a mouse on one computer, the screen of the laptop a few feet away flashes wildly as a flood of data flies silently across a private network cable connecting the two machines. Within a minute the laptop's file sharing password is compromised.
"The computer is having a bad day," says a reporter as he watches the effect of the attack on his machine. "Packets are coming at it so fast, the firewall doesn't know what to do."
Microsoft's first crack at the security market, its Internet Security and Acceleration (ISA) firewall, has been dealt a major blow only weeks after its release as security experts warned that the product is vulnerable to denial of service (DoS) attacks.
An advisory released by security firm SecureXpert Labs today revealed that Microsoft's ISA Server 1.0 running on a Windows 2000 platform with Service Pack 1 is vulnerable.
Full Story at SecurityFocus