Yet another way to evade NIDS (and spread malware)

Monday, 5 November 2007, 3:03 PM EST

Although online privacy is something we always need to take care of, the use of anonymous proxy services could lead to trouble as well. First of all, the use of SSL prevents NIDS and most desktop-based IPS from checking those resources visited through the proxy, leaving the desktop antivirus with the full burden of protecting the computer. Then, in an enterprise environment, these systems can bypass security policies through URL and traffic encoding, allowing internal users to browse resources that would otherwise be restricted. For example, this could lead to users checking their private Web emails and downloading those "funny jokes" sent by their friends, unfiltered by the corporate network.

At Symantec.

[ Read more ]




Spotlight

The psychology of phishing

Posted on 23 July 2014.  |  Cybercriminals no longer send out thousands of emails at random hoping to get a handful of hits, today they create highly targeted phishing emails which are tailored to suit their recipients.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Thu, Jul 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //