Yet another way to evade NIDS (and spread malware)

Monday, 5 November 2007, 3:03 PM EST

Although online privacy is something we always need to take care of, the use of anonymous proxy services could lead to trouble as well. First of all, the use of SSL prevents NIDS and most desktop-based IPS from checking those resources visited through the proxy, leaving the desktop antivirus with the full burden of protecting the computer. Then, in an enterprise environment, these systems can bypass security policies through URL and traffic encoding, allowing internal users to browse resources that would otherwise be restricted. For example, this could lead to users checking their private Web emails and downloading those "funny jokes" sent by their friends, unfiltered by the corporate network.

At Symantec.

[ Read more ]




Spotlight

The big picture of protecting and securing Big Data

Today almost every company is dealing with big data in one way or another – including customer data, tracking data, and behavioral marketing information – connecting every aspect of our lives. While this is a cutting edge use of technology, data monitoring can become dangerous when placed in the wrong hands.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  
DON'T
MISS

Fri, Aug 28th
    COPYRIGHT 1998-2015 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //