The Sting: Focus on Internet Security, Malware, Open Source, Windows Security

Security Park, the leading online news site for security professionals

Security News Security companies Jobs forum Knowledge base White papers Research library Security books Special reports Security links Security events Classifieds Directory GET LISTED!

Access Control Biometrics CCTV Intruder Alarms IT Security Manned Guarding Perimeter Protection Physical Security Remote Monitoring Security Services Fire, Health & Safety Other Security Products

Bank and financial services security Buildings and office security Education and school security Entertainment and events security Homeland and Government security Hospital and healthcare security Infrastructure and utilities security Manufacturing and industrial security Public sector security Residential and home security Retail security SME security Sports and recreational security Transport and logistics security

Develop an ISO 27001-compliant Information Security Management System This useful guide clarifies the steps you have to follow to develop an ISO 27001-compliant ISMS. Each step is integral in how secure your information security system is.

Need a
reference book?
Find it on Amazon:

Security books and magazines in association with Amazon.co.uk

SecurityPark Research Library

The Sting
sponsored by Information Security Magazine

Posted:	12 Nov 2007
Published:	01 Nov 2007
Format:	HTML
Length:	6 Page(s)
Type:	Journal Article
Language:	English

Get this Document

E-mail this to a colleague!

ABSTRACT: The desktop Web browser has long been a security sinkhole. It's grown deeper, despite emphasis on secure coding, greater user awareness, improvements to Internet Explorer and the use of alternatives like Firefox and Opera. Criminals lure users to thousands of malicious or compromised Web sites to scam their identity information or drop some nasty code on their computers. Detecting these sites and collecting and countering exploits has been somewhat like playing Whack-A-Mole, but security researchers are finding effective ways to fight back. Microsoft and open source advocates are pursuing two of the more promising initiatives, aggressively hunting for exploits using honeyclients, an active variation of honeynet techniques. While honeynets have been around for some time, they are passive collectors, sitting on some random network on the Internet, waiting for a hacker to connect to and leave evidence. Typically, they consist of a Web server and a stripped-down operating system with tracking software that registers when a hacker tries to compromise the system. While they are great at documenting exploits, they have one big disadvantage: They can't go out and actively search for the bad guys who are running Web sites designed to infect unsuspecting visitors. Honeyclients, however, are hunters, not decoy victims; they run Web browsers and actively seek dangerous sites.

AUTHOR: David Strom Independent network security expert David Strom is one of the leading experts on network and Internet technologies and has written extensively on the topic for nearly 20 years. He has held several editorial management positions for both print and online properties, most recently as editor-in-chief for Tom's Hardware. In 1990, Strom created Network Computing magazine and was the first editor-in-chief, establishing the magazine's networked laboratories. He is a noted author and a frequent speaker, panel moderator and instructor.

BROWSE RELATED RESOURCES:

Internet Security | Malware | Open Source | Windows Security

View All Resources sponsored by Information Security Magazine

Library Home | Advertise with Us | Product Library

SecurityPark Research Library Copyright © 1998-2008 Bitpipe, Inc. All Rights Reserved.
Designated trademarks and brands are the property of their respective owners.
TechTarget · 117 Kendrick St · Needham, MA · 02494
Use of this web site constitutes acceptance of the Bitpipe Terms and Conditions and Privacy Policy.
webmaster@bitpipe.com