a-squared (a²) - La protection futur contre les Malwares

Dans nos blogs
le 27/01/2008

Les nouvelles vulnérabilités

Risques de sécurité sur tous les systèmes d'exploitation (Mac et Linux compris) !!! ...

le 27/01/2008

L'école virtuelle sur la sécurité PC et Internet à l'honneur

Le portail renommé "OuSurfer" qui s'est fixé comme tâche de cataloguiser et d'évaluer les...

le 08/07/2007

Le module 'Parcours' a été ajouté

Ce module a été intégré dans la partie "Interface d'utilisation" afin que vous puissiez suivre...

le 23/06/2007

Travaux pratiques

La rubrique "Travaux pratiques" a été ajoutée. Elle sera utilisée dans tous les cours et dans...

le 30/05/2007

Problèmes avec les bases de données

Nous avons eu des problèmes avec les bases de données au 28.05.2007 et nous avons dû reconfigurer...

le 30/05/2007

Création de l'école virtuelle sur la Sécurité PC et Internet

Nous avons le plaisir de vous annoncer la création de l'école virtuelle sur la sécurité PC et...

le 05/02/2007

Projet finalisé

Nous y sommes quand même arrivé à le finaliser pour le blogathon ! Aujourd’hui, le 05 février...

le 02/02/2007

Projet virtuel pour le monde réel

Une question anodine a été posée au forum "Que dire à un technicien...?" pour ne pas se faire...

le 15/01/2007

Échange de connaissances avec le Québec (CA)

Fin avril 2006 je suis tombé par hazard sur un forum d'entraide informatique, le "911 ordi",...

eXTReMe Tracker

British ISP Fires Back at Spammers


British Telecom has implemented a system whereby they can identify those customers who are sending spam, especially those that trigger zombies in a botnet. After identifying the offending customer, they quarantine or terminate the account, depending on the activity. If quarantined, BT assists the customer in remediating their PC and returning it to the control of the owner.

British ISP Fires Back at Spammers

Well, this is something that has been a long time coming. Finally an ISP is going to start protecting its customers from other customers, for a start. When a client within an ISP is infected with botnet malware, typically their first victims come from the same ISP. BT's new feature will identify these zombies, block them from communicating with other customers and the Internet-at-large and eventually get them cleaned.

Of course, there is concern that there will be false positives, but StreamShield Networks is sure its Content Forensics product will keep those to a minimum, if not avoid them entirely.

We certainly hope that this live implementation will yield glowing reports of decreased spam and malware originating from BT networks, and that they, BT, announce an incredible improvement in response time for their customers as their networks become less congested with garbage traffic. This will be needed to inspire other ISPs to adopt similar strategies.

In 2001, I spelled out what I termed the "Internet Penalties Plan" which basically described an identical process.

A Multifaceted Approach to Understanding the Botnet Phenomenon Members of the John Hopkins University Computer Science Department have conducted an excellent study analyzing bots and botnets (download the PDF here). It's an extremely comprehensive study of botnets over a three-month period from early 2006. They constructed a sophisticated environment within which they were able to become infected, determine what the infected code doeso, monitor the actions of the code, as well as the Command and Control (C&C) channel used by the bot-master, and, finally, details the actual tasks performed by the bot-infected systems.

Without getting into human motivations, this study is extremely informative to anyone attempting to prevent or detect bot activity. It shows the difficulty in monitoring, detecting the sources and identifying the bot-masters.

It also provides some insight into the size and scope of botnets, indicating they are likely smaller than many of the media claims have been. They provide and understanding of why that is, namely, the fact that IRC servers have functional limitations on the number of computers they can simultaneously control. They explain their observations of how a few bot-masters attempt to overcome that limitation.

It's well worth a read. Hopefully this study will lead to more research in this area. This study, coupled with the BT announcement mentioned above, may well show signs that we may be making progress against the bot-herders.

More sophisticated passwords and better user education have done nothing to improve IT security, says a study involving 325 U.S. employees. The study recommends biometric controls instead of passwords.

The senior analyst for the study said; "This is really a lot like mom and dad buying a great new security system for the house and junior leaving the combination under the door mat."

Well, this simply isn't true. It is true if the password is pasted to the front of the monitor, and, the attacker is present at the monitor. It isn't true if the password is on the monitor and the attacker is entering via the Internet.

In other words, knowing the password isn't all that's required to gain access to password-secured systems. You have to have either physical or network access, and many other layers of security can enforce further restrictions such as MAC or IP address permission, time restrictions, and so on.

Source : MCPMAG

Vendredi 8 Décembre 2006
Lu 1224 fois

Dans la même rubrique :

Spam (DE) | Spam (FR) | Spam (EN)

Pour recevoir notre newsletter gratuite, veuillez taper votre adresse email et puis cliquez sur *OK*


Symantec (Norton) online security check

Test malwares
(nécessite Internet Explorer)

Der com! Sicherheits-Check

Tests mises à jour logiciels et vulnérabilités (nécessite Internet Explorer)

Test des mises à jour des logiciels installés

Test ports DNS

Derniers articles


Portail LaFrancité, pour rassembler les sites du savoir au sein de la Francophonie
 Portail LaFrancité : Liste des sites
Classement thématiqueInscription

Il n'y a pas de problèmes, seulement des solutions. Ensemble, nous trouverons la solution adéquate !
Copyright © by Gust MEES