SecurityFocus

How to prevent zero day attacks May 22 2012 06:04AM
amishra jsr gmail com (7 replies)

Re: How to prevent zero day attacks May 24 2012 11:31PM
Peter Thomas (hackertarget admin gmail com) (1 replies)

RES: How to prevent zero day attacks May 26 2012 01:40PM
FÃ¡bio Soto (fabio andradesoto com br)

Re: How to prevent zero day attacks May 23 2012 02:55AM
GreyHat LispHacker (greyhatlisphacker gmail com)

RE: How to prevent zero day attacks May 22 2012 05:31PM
David Gillett (gillettdavid fhda edu)

Re: How to prevent zero day attacks May 22 2012 03:10PM
Nathan Sherlock (nsherlock herjavecgroup com)

Re: How to prevent zero day attacks May 22 2012 03:08PM
Brandon Edmunds (brandonedmunds gmail com)

Amishra,

You are correct, signature based detection is a weak approach and can
be easily bypassed. Some vendors like Fireeye have tried to come up
with solutions to defend against APT, or zero day, but that all could
very well be vendor speak. I'm not sure as I don't have experience
with them, The best defense, is strong best practices things like:
-baselines (monitoring for changes in the baselines)
-log monitoring (egress and ingress)
-IDS/Firewall at the perimeter and within in the network
-patching
-user training
- Incident Response Policy
-etc

Brandon

" And in the end it's not the years in your life that count. It's the
life in your years" - Abraham Lincoln

On Tue, May 22, 2012 at 12:04 AM, <amishra.jsr (at) gmail (dot) com [email concealed]> wrote:
> Hello,
> Traditionally all the anitvirus, IPS works using signature based technique. This doesn't help in zero day attack. Therefore, what can be done to prevent zero-day attacks?
>
> ------------------------------------------------------------------------

> Securing Apache Web Server with thawte Digital Certificate
> In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
>
> http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
> ------------------------------------------------------------------------

>

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

[ reply ]

Re: How to prevent zero day attacks May 22 2012 03:05PM
Littlefield, Tyler (tyler tysdomain com)

Re: How to prevent zero day attacks May 22 2012 03:01PM
AK (platsakos gmail com) (1 replies)

Re: How to prevent zero day attacks May 22 2012 03:16PM
Cody Alexander (tab604 hotmail com)