security.itworld.com
  Search  
Security Home Page Security Webcasts Security White Papers Security Newsletters Security News Security Topics Careers ITworld Voices ITwhirled The Security site of ITworld.com
Few options for zero-day vulnerabilities
SECURITY.ITWORLD.COM --- 01/23/2007

Brent Huston

Zero-day vulnerabilities, for readers new to vulnerability classifications, are vulnerabilities in hardware or software that have been discovered, but do not yet have an available patch or fix. When details of the security hole become widely known, it gives attackers free rein to develop exploits, and forces infosec folks to figure out how to block attacks, develop workarounds or live without whatever service the systems provide. 

On this topic
Get practical tips, IT news, how-tos, and the best in tech humor.
Disaster Recovery Simplified - iSCSI and VMware Site Recovery Manager Deliver Results
Data Protection and Disaster Recovery with iSCSI and VMware
Five Security Mistakes to Avoid
Death to PST - Hidden Cost of Email Mismanagement
Osterman Report: The Advantages of a Hosted Messaging Security Solution
Top 10 Ways to Protect Against Web Threats
Apple dismisses Safari download issue
IE attack code released after 'treasure hunt'
DNS trouble knocks National Security Agency off Internet
EU raises privacy issue for Google Street View
Rent-a-botnet makes cyber crime a breeze

Unfortunately, these vulnerabilities are a growing reality. For the last several months, attackers have been releasing zero-day vulnerabilities and exploits for everything from word processors and spreadsheets to specific operating systems.

If there was ever a nearly impossible task of embracing and enforcing best practices across an organization – this is it. So, how can we better protect against zero-day holes and still continue to function?

One resource to be familiar with is eEye Research, a site that tracks these vulnerabilities. http://research.eeye.com/html/alerts/zeroday/index.html.

The site currently contains nine vulnerabilities that range in days of exposure from 17 to 428 (more than a year!) and the eEye list is not complete. Exploits and vulnerabilities are being trafficked in closed circles that have not surfaced yet.

We must also assume our strategy should include defense-in-depth, security mechanisms that remain flexible and maneuverable (such as host based intrusion detection systems and software firewalls) while embracing processes and standards that enclave our environments and close every unneeded port on every machine across the enterprise.

Last, stay current on the issues as they emerge. RSS feeds, security intelligence clients (such as WatchDog, free from our site) and security portals are the primary weapons.

Organizations that fail to heed the warning signs and that have not embraced holistic security had better invest heavily in tools for incident response, incident handling and forensics.

Watchdog
http://reg.itworld.com/servlet/Frs.frs?Context=LOGENTRY&Source=security_site&Source_BC=1&Script=/LP/10005210/reg

 

 Brent Huston is CEO and Security Evangelist of MicroSolved, Inc., an information security company, based in Columbus, OH. Brent and his staff have performed system and network security-consulting services for Fortune 500 companies, international telecomm firms and major financial institutions. His professional experience exceeds fifteen years in the information security field. To date, he has performed hundreds of vulnerability assessments and penetration tests against target organizations such as banks, credit unions, financial companies, e-commerce sites, critical infrastructure, federal/state/local governments and military/national security installations. He is well versed in the use and implementation of all major security tools, standards and systems and has developed the primary assessment methodologies in use at MicroSolved and the US Department of Energy. He has published numerous white papers on security-related topics, and is the co-author and technical editor of the book "Hack Proofing Your E-Commerce Site" from Syngress Publishing. Write him at mailto: bhuston@microsolved.com.
Advertisements
Sponsored links
KODAK i1400 Series Scanners stand up to the challenge
Locate Hidden Software on business PCs with this free tool
Top 5 Reasons to Combine App Performance and Security
Bring harmony to your mix of UNIX-Linux-Windows computing environments
Home  Newsletters SECURITY.ITWORLD.COM
www.itworld.com    open.itworld.com     security.itworld.com     smallbusiness.itworld.com
storage.itworld.com     utilitycomputing.itworld.com     wireless.itworld.com

 
Contact Us   About Us   Privacy Policy    Terms of Service   Reprints  

CIO   Computerworld   CSO   GamePro   Games.net   IDG Connect   IDG World Expo   Infoworld   ITworld   JavaWorld   LinuxWorld  MacUser   Macworld   Network World   PC World   Playlist  

Copyright © Computerworld, Inc. All rights reserved

Reproduction in whole or in part in any form or medium without express written permission of Computerworld Inc. is prohibited. Computerworld and Computerworld.com and the respective logos are trademarks of International Data Group Inc.