Security Basics mailing list archives
RE: Your opinions on spyware, adware, spam, etc. and dealing with them
From: "Kevin Doheny" <kdoheny () CNP net>
Date: Thu, 30 Jun 2005 13:21:04 -0400
A quick point: 1st - Prashant - the American Constitution does not apply to other countries. Now Joe, You are right on the money. FD is the only way to level the playing field... Even if sploit code was not made public... many ....of.... us would have no problem getting hold of it - one way or another. So I say, in a world of rampant code reuse, slack coding standards, etc... spread the code... implement smart security and prosper. K ________________________________ From: Prashant Meswani [mailto:prashant.meswani () ukonline co uk] Sent: Wed 6/29/2005 4:07 PM To: 'Joe George'; security-basics () securityfocus com Subject: RE: Your opinions on spyware, adware, spam, etc. and dealing with them Hi Joe, What I am about to say is not an attack on your comments, so I hope that it isn't taken that way. Would you want someone to hack / crack into your network and steal all or data, or would you feel safer knowing that your data is safe? Is it ethical for a hacker / cracker to break into your network and steal your data with your knowledge? You could cite the first amendment of the American Constitution, but how far does that go in terms of overseas protection? How far does one have to go to protect ones network? There is no hard or fast rule on this from what I understand. Part of the answer, I believe, is to educate staff and to ensure that the Security policy IS enforced. There is an appliance called Bluecoat (which is not an intentional plug as I don't work for them) that when configured correctly, prompts the user (who will have their systems configured to point to it for Internet access) to accept the AUP before they use the internet, and if they breach it, a notification is sent to their superiors. The staff will get a warning from their superiors. In terms of how to stop threats....it's down to education and enforcement as well as having the right kit. To protect against external initiated intrusion, that is purely down to firewall policies as well as having an IDS (which is, depending on your definition, correctly configured) installed on your network at every entry point. Having network based Virus and IDS scanning devices should be crucial to defending against many threats (I use many as some threats are physical and social based). I know what I have said doesn't make complete sense and doesn't go far to answering your question thoroughly, but I hope that someone can either correct me or extend on what I have mentioned above. Regards, Prashant Meswani, CEH The opinions expressed in this email are those of my own and does not represent those of any organisation or associations to which I belong to unless stated otherwise. -----Original Message----- From: Joe George [mailto:j.george () conservation org] Sent: 29 June 2005 16:50 To: security-basics () securityfocus com Subject: Your opinions on spyware, adware, spam, etc. and dealing with them Dear all, It has been very informative and helpful hearing your opinions. I'd like to ask you all what are your thoughts on the various anti-security threat software that is available out there? I've read many articles and tried out many such as spam filters (Spam assassin, Postini products, Brightmail) anti-spyware apps like Xoftspy, Spybot, MS-antispyware, Ad-aware, along with a myriad of others. Some indeed work better than others, and it is clear that it is necessary to use more than one in a lot of cases. It seems though, that malware evolves with the software used to remove it. At one point, I felt I saw a light at the end of the tunnel. Implementing a security policy, restricting local admin access in Windows environments along with implementing IDS, managed anti-virus software, blacklists, and so forth work very well, but doesn't mean intrusion can't take place. Do you all feel it is a never-ending battle? What do you all feel is the next step in combatting MalWare? How do you all feel about Federal authorities enacting legislation? What do you think are the moral and ethical implications? I have had these questions on my mind awhile, ! and I just wanted to get your thoughts. Thank you in advance for your input! Best wishes, Joe
Current thread:
- Your opinions on spyware, adware, spam, etc. and dealing with them Joe George (Jun 29)
- RE: Your opinions on spyware, adware, spam, etc. and dealing with them Prashant Meswani (Jun 30)
- <Possible follow-ups>
- RE: Your opinions on spyware, adware, spam, etc. and dealing with them Kevin Doheny (Jun 30)