Know Your Enemy: Malicious Web Servers
by The Honeynet Project - Monday, 20 August 2007.
Today, many attackers are part of organized crime with the intent to defraud their victims. Their goal is to deploy malware on a victim’s machine and to start collecting sensitive data, such as online account credentials and credit card numbers.

Since attackers have a tendency to take the path of least resistance and many traditional attack paths are barred by a basic set of security measures, such as firewalls or anti-virus engines, the “black hats” are turning to easier, unprotected attack paths to place their malware onto the end user’s machine. They are turning to client-side attacks.

This paper examines client-side attacks and evaluates methods to defend against client-side attacks on web browsers. First, it provides an overview of client-side attacks and introduces the honeypot technology that allows security researchers to detect and examine these attacks. Then it proceeds to examine a number of cases in which malicious web servers on the Internet were identified with honeypot technology and evaluates different defense methods. It concludes with a set of recommendations that one can implement to make web browsing safer.

Download the paper in PDF format here.

Spotlight

The synergy of hackers and tools at the Black Hat Arsenal

Posted on 27 August 2014.  |  Tucked away from the glamour of the vendor booths and the large presentation rooms filled with rockstar sessions, was the Arsenal - a place where developers were able to present their security tools and grow their community.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Sep 1st
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //