Combating The Hidden Dangers Of Adware
by Dr. Horst Joepen - SVP Strategic Alliances CyberGuard & CEO Webwasher AG - Monday, 2 February 2005.
There is really no other way of protecting against Adware than adopting proper perimeter and desktop protection, putting proactive filtering defence in place. To take an analogy, proactive filtering is the moat that guards a mediaeval castle. The castle also has high walls and a drawbridge to protect it, but it is the moat that is the first line of defence, the deterrent for any would-be attacker.

The risk posed by Web traffic means that all traffic can be considered to be potentially harmful. No company can afford to allow these threats to get access to its network, and even SSL encrypted Web traffic must be considered.

By using proactive filtering, you prevent Adware by effectively deploying a shield, proactively stripping the content and code that enables Adware to be downloaded, installed and executed from Web based traffic at the gateway Ė i.e. before it can cross your moat and mount an attack.

Proactive filtering does not replace conventional anti-virus technology, but complements it to maximise protection and performance. A classic virus pattern can only protect against one particular attack after it has been found, perhaps already spreading via the Web.The proactive scanner does not look for a known virus that can be caught faster by a pattern-based scanner. Instead, proactive filtering offers a three way approach that verifies digital signatures and in so doing, blocks any untrusted program code; screens and blocks any suspicious code based on its potential behaviour; and finally, filters out any potentially harmful code that tries to exploit any vulnerabilities on the client.

Even with a new incident, proactive filtering can either block the attack, or even when it needs to be updated, can block the whole class of potential attacks using the same mechanics or scheme of attack. A Content Security Management (CSM) suite is perhaps the best example of how proactive filtering can protect a business from Adware by encompassing reactive and proactive protection across all forms of web, FTP and SMTP based traffic

Other solutions to Adware include ensuring that your system does not have a vulnerability that can be exploited. Keeping your Windows operating system fully patched is an obvious thing you can do to ensure security, as well as disabling the Windows Messenger Service, which can dish up unwelcome advertising on unsuspecting users. Disabling the service will prevent both the pop-ups and the exploit.

Adware may remain a threat to your Web users, but by adopting proactive filtering, you can ensure that the only unwanted advertisements they see are on TV.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Tue, Feb 9th