TOPICS
All Sections
ISSJ Archives
Book Excerpt
Case Study
Data Storage
Disaster Recovery
E-mail
Hot Stories
ILM (Information Lifecycle Management)
Identity Management & IM Software
Industry News
Issue 1
Issue 2
Issue 3
Linux & Security
NAS (Network Attached Storage)
Q&A
SAN (Storage Area Network)
Security Management
Smart Cards
SoX & Compliance
Solutions
Standards
Storage Protocols
Storage Virtualization
Virtualization Conference & Expo News Desk
Virtualization Editorial
Virtualization News Desk
Write For Us

Virtualization is the Future of Enterprise Computing
Virtualization Journal thought it was time to go in search of industry insights into this fast-growi
Did you read today's front page stories & breaking news?
BLOG-N-PLAY.COM
Another Darwin Award Wannabe
Another Darwin Award Wannabe
May. 16, 2008 07:30 PM
TODAY'S TOP SOA & WEBSERVICES LINKS


Solutions
Information Security - What to Look for in an Endpoint Intrusion Prevention Solution
Even in the best of times, security products that aim to thwart worms are playing catch-up. Anti-virus and anti-malware products are populated with signatures created for attack specific signatures, which are created and distributed only after an attack is underway. Internet worms propagate too quickly for such reactive solutions to be effective. This is a major problem in maintaining information security as well as providing business continuity for many organizations.
Reader Feedback : Page 1 of 1

The ability to help against zero-day anomalies, such as DDoS attacks or worms, is of course an important one, as outlined in the article.

The problem is that most so-called behavioral anomaly detection solutions may be able to detect the presence of an anomaly even without prior signature knowledge (zero-day). They might then be able to tell you the ports and protocols used, and maybe also the machines that are involved. However, more often than not, there are no fine-grained signatures forth-coming from those solutions.

When you then try to use this information to stop the worm or DDoS attack or other zero-day anomaly you are likely to cut out innocent traffic as well. The signature is too broad.

Therefore, it is necessaary to have the ability to generate truly fine-grained signatures of the anomaly/worm/attack, which can then be used to surgically filter out the attack traffic. I wrote about the need for fine-grained signatures here:

[visit link]

For information on how to use those fine-grained signatures with your already existing network infrastructure, take a look here:

[visit link]

Juergen Brendel
CTO
Esphion Ltd.
Url: [visit link]
Blog: [visit link]

Why is Linux NOT afected by all you mention above?

Information Security - What to Look for in an Endpoint Intrusion Prevention Solution
Even in the best of times, security products that aim to thwart worms are playing catch-up. Anti-virus and anti-malware products are populated with signatures created for attack specific signatures, which are created and distributed only after an attack is underway. Internet worms propagate too quickly for such reactive solutions to be effective. This is a major problem in maintaining information security as well as providing business continuity for many organizations.

Information Security - What to Look for in an Endpoint Intrusion Prevention Solution
Even in the best of times, security products that aim to thwart worms are playing catch-up. Anti-virus and anti-malware products are populated with signatures created for attack specific signatures, which are created and distributed only after an attack is underway. Internet worms propagate too quickly for such reactive solutions to be effective. This is a major problem in maintaining information security as well as providing business continuity for many organizations.

Information Security - What to Look for in an Endpoint Intrusion Prevention Solution
Even in the best of times, security products that aim to thwart worms are playing catch-up. Anti-virus and anti-malware products are populated with signatures created for attack specific signatures, which are created and distributed only after an attack is underway. Internet worms propagate too quickly for such reactive solutions to be effective. This is a major problem in maintaining information security as well as providing business continuity for many organizations.


FEATURED WHITE PAPERS
YOUR FEEDBACK
NGASI Releases AppServer Manager 8.1
By Virtualization News Desk
Dave Jenkins wrote: The remote server management is a welcomed added feature in our IT Department as we can now just have one install of NGASI managing our many application servers on over 20 machines. Keep up the good work.
The Many Faces of Virtualization - Understanding a New IT Reality
By Virtualization News Desk
23b32d376ec1 wrote: Trackback Added: 23b32d376ec1; 23b32d376ec146077c77
AMD Wants To Depose 486 People in Intel Case
By Maureen O'Gara
AMD News Desk wrote: Contrary to what you may have read elsewhere, AMD has not added anything new to its antitrust charges against Inte
Virtualization - AMD Kills Montreal for Istanbul
By Maureen O'Gara
AMD News Desk wrote: it's scrubbing Montreal, the eight-core chip that was supposed to follow Shanghai, the chip after Barcelona, and substituting a six-core part code named Istanbul
Simplifying Data Center Management
By Madhur Kohli
Sashi wrote: They still owe me a large sum of money!!
HOT DISCUSSIONS
Simplifying Data Center Management
By Madhur Kohli
"Virtualization Journal" Debuts This Week at JavaOne
By Virtualization News Desk
Virtualization: Microsoft's Hyper-V Should Support Other Linux Distros
By Clint Eschberger
Virtualization: Has VMware Awoken the Slumbering Microsoft Giant?
By Brian Madden
Virtualization is the Future of Enterprise Computing
By Jeremy Geelan
Virtualization - NetSuite, SugarCRM Get BT Reselling Their "Cloudware"
By Maureen O'Gara
SUBSCRIBE TO THE WORLD'S MOST POWERFUL NEWSLETTERS
Help Wanted: SYS-CON Media is looking for i-technology reporters, and journalists. Please apply to reporters(at)sys-con.com.
We are also seeking online advertising sales representatives with proven track record. Please apply to careers(at)sys-con.com.

SYS-CON FEATURED WHITEPAPERS


BREAKING NEWS FROM THE WIRES
EMA Research Finds Technology Spending to Remain Strong in 2008 Despite Economic Concerns
Despite the drumbeat of gloomy outlooks for the U.S. economy, current research from Enterprise
May. 15, 2008 02:45 PM
SYS-CON's Virtualization Conference Keynote on SYS-CON.TV
International Virtualization Conference & Expo faculty alumni include such notable speakers as: Bria
SYS-CON's Virtualization Conference & Expo Europe to Debut in London
International Virtualization Conference & Expo faculty alumni include such notable speakers as: Bria
Virtual Computing in the Cloud -- How a Universal Dialtone Will Change the Way We Work and Play
Virtual Cloud Computing represents the next wave of virtualization and offers significant market opp
Is Modern Grid Computing Applicable to Business?
With cloud computing becoming ever more prevalent in the consumer space for rapidly scaling Web 2.0
IBM, Microsoft & Google Eras of Computing
By now it is conventional wisdom to say that there was an IBM Era of computing, then a Microsoft Era
I/O Virtualization: Approaches and Applications
I/O is a key element of server architecture, but its virtualization is only now starting to be addre
How the Delivery of Virtualization is Changing
As virtualization becomes more widely deployed, and enterprises look for new ways to leverage this r
3rd International Virtualization Conference & Expo: Themes & Topics
From Application Virtualization to Xen, a round-up of the virtualization themes & topics being discu
Virtualizing End Points - A Closer Look at This Game Changing Architecture
The need for a way to more effectively manage and reduce the complexity of end points has never been
The Future of Virtual Desktops: Turning Rich Desktops into a Ubiquitous Service
Does virtualization matter? Can virtual desktops go beyond the sum of the virtual parts? What is the
Open-Xchange to Deliver Collaboration Solution Integrated With Parallels Virtualization
Open-Xchange and Parallels are integrating Open-Xchange open source email and collaboration software
eApps Hosting Now Offers the GlassFish Java Application Server in VPS Hosting Plans
eApps Hosting announced that the GlassFish Open Source Application Server for Java EE 5, from the Gl
The Ever-Rising Value and Power of Virtualization
Virtualization is a no-brainer for medium to large companies. In today's world server sprawl has bec
Virtualization Viewpoint: Security Challenges & Solutions
I am curious about something - how many organizations are using a single physical host with VMs acro
Transforming the Enterprise: Where Virtualization Meets Automation
Virtualization is the future of IT management, but what exactly does that mean to your organization?
Maximize Your Virtualization Payoff: There's More Than You Think
Businesses that virtualize can increase efficiency and reduce costs by eliminating low-performance/l
Infrastructure Virtualization - Dead Bare Metal to Live Connected Servers in Five Minutes or Less
Join us for an interactive discussion presented by Scalent Systems, as we address the big three chal
Virtualization for High-End Computing
The session will describe the use of system aggregation, a revolutionary virtualization technology t
Leveraging Virtualization for Software Testing & Development
As more and more enterprises and ISVs seek additional ways to leverage virtualization technology, vi
Using Virtualization to Transform Your Datacenter
How can virtualization help transform your IT environment into a dynamic datacenter? In this Virtual
ADS BY GOOGLE