Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Simple Settings That Could Curtail Some Attacks

From: InfoSec News <alerts () infosecnews org>
Date: Wed, 21 Mar 2012 02:27:36 -0500 (CDT)
http://www.darkreading.com/vulnerability-management/167901026/security/vulnerabilities/232602900/simple-settings-that-could-curtail-some-attacks.html

By Kelly Jackson Higgins
Dark Reading
March 20, 2012
Sometimes it's the little things -- a misconfigured network proxy or an unused and forgotten port -- that can make the difference in whether an organization suffers a major hack.
Organizations, especially those without the security resources to keep on top of these basic hygiene configurations, often leave themselves exposed as they struggle to keep track of the configurations. Even some large companies forget the little things or are so overwhelmed with volume that they miss them. "These little things -- not letting users download .exe files, or [not] using proxies for filtering, that don't impact the business in any way" basically raise the bar for the attacker, says Marc Maiffret, CTO and co-founder of eEye Digital Security.
So Maiffret says eEye later this week will roll out a free tool that runs a quick "health-check" on some key and simple-to-fix configuration best practices that can help shrink the attack surface. The so-called In Configuration We Trust Tool isn't meant to replace a vulnerability assessment, penetration test, or proper patch management programs, but instead to take the pulse of some of the basic protective steps in configuring a safer environment, Maiffret says.
The tool checks for 10 basic things you can do to properly configure your environment: use digitally signed running processes; use digitally signed DLLHost Services and egress port filtering; disable Microsoft Office converters; update Windows operating system with the latest releases; update Microsoft Office with the latest releases; remove administrative privileges from end user accounts; disable WebDAV; block direct downloads of executable files; and push egress traffic through a Web proxy. 

[...]


______________________________________________________________________________
CISSP and CEH training with Expanding Security is the fastest, easiest way
to grock the relevant data you need now.   A free class invite is in every
PainPill.  Sign up for the free weekly PainPill .  It's that easy.
http://www.expandingsecurity.com/PainPill
Previous By Date Next
Previous By Thread Next

Current thread: