Computerworld - Zero-second exploits

Thursday | 4 December, 2008

Zero-second exploits

The number of days between a vendor patch being released and the malware exploit being announced has shrunk

Roger A. Grimes (InfoWorld) 06/05/2008 12:04:48

Page:

Snort has offered additional plug-ins to do similar things for years, and was the first network-based IDS I remember that addressed the many challenges faced by any tool trying to do that sort of analysis and response. Microsoft Research has a product called Shield and Generic Application-Level Protocol Analyzer. This particular project claimed research success across 10 protocols at speeds up to 60Mbps, while the analyzers remained memory-safe and DoS-resilient. There's even an entire company, Bluelane dedicated to this idea. I reviewed their ServerShield appliance in 2006 (called PatchPoint back then) and gave it a pretty good ranking. None of these solutions are perfect. They all have their limitations.

But it begs the question, what should you be planning to do different as the time to patch before the exploit continues to decrease?

I, only slightly humorously, believe that we should fight back with one-second patch engines. I don't think anyone should get too concerned about automatic exploit engines. I mean the bad guys are being pretty successful without them. Second, if they do ever become a reality, the security defense community has been working on this threat for a long time, and appropriate solutions would come out pretty quickly. Instead of being worried about future attacks, most security administrators should focus on being more consistent on the stuff they can do today to lower security risk.

Page:

Computerworld Buyer's Guide - Vendors Matched to this Article

HAL Data Services , Dimension Data , WebReq , Trend Micro , GFI , IBS Australia , epicor , MessageLabs , CA

More about Microsoft, INS

More by Roger A. Grimes

Computerworld Buyer's Guide - Vendors Matched to this Article

HAL Data Services , Dimension Data , WebReq , Trend Micro , GFI , IBS Australia , epicor , MessageLabs , CA

Additional Resources

Executive Guides

Exploring the Future State of the CRM Market

Whitepapers

Read up on the latest ideas and technologies from companies that sell hardware, software and services.

Zones

Zones provide focussed content from Computerworld and leading technology partners.

RSS Feeds

Computerworld Today

Show all RSS feeds

Market Place

IDC Report | Making the Business Case for IT Consolidation | Download now

IDC Report | IT Service Management Needs and Adoption Trends | Download now

Level the playing field. Report unlicensed software. $5000 reward. Contact the BSA today.

Learn to use EMC Celerra IP Storage with Vmware Infrastructure 3 over iSCSI and NFS | Download white paper now

CRM Webcast: Learn how to find a CRM solution that fits into your existing business environment. View now.

Beat the credit crunch. 0% for 24 months. Just for small business. Offer ends 24th Dec!

New webcast | Discover the advantages of an open architecture multi-vendor network solution | View now

Discover why Ubiquitous Mobility is a key future component of Network Architecture | Download Forrester report now

Discover best practice strategies for the archival and removal of .PST files using email archiving

Learn how to prioritize services with IT Service Management (ITSM). Watch the Computerworld webinar now!

Understand the Value of Unified Communications | Download white paper now

More >

Smart SOA World Tour

Discover how SOA can create smarter outcomes for your business.

Attend and learn:

How SOA is helping leading companies to become more agile
Where you should be applying SOA processes in your company
The top SOA implementation mistakes to avoid

Click here for more information.

+

Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36

This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure.

[ MP3 (6.85 MB) | Windows Media (6.93 MB) ]
+

Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22

CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks.

[ MP3 (4.61 MB) | Windows Media (4.67 MB) ]
+

Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33

This week we look at sustainability and the development of multicore technologies to build multi-petascale systems.

[ MP3 (3.47 MB) | Windows Media (3.52 MB) ]
+

IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55

This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport.

[ MP3 (3.34 MB) | Windows Media (3.38 MB) ]
+

IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47

Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.

[ MP3 (3.58 MB) | Windows Media (3.63 MB) ]

More >

Borderless corporate networks to shift focus to secure content management in Australia in 2009 2008-12-04 16:06:00+11
IDC Says Asia/Pacific Excluding Japan IT Market Will Remain The Bright Spot... 2008-12-04 15:04:00+11
MySpot SOS "Panic Button" Smartphone Application could save lone worker lives 2008-12-04 13:34:00+11
Charles Sturt University Commences Unified Communications Deployment With Interactive Intelligence 2008-12-04 08:30:00+11
AOC Launches 18.5” Widescreen Green 16:9 LCD Monitor in Australia and New Zealand 2008-12-03 15:30:00+11

More >

Whitepaper

Read Whitepaper

CRM your salespeople will love

Winning over the sales department and obtaining buy-in at all levels is crucial to the success of any CRM initiative. Discover how you can let salespeople work how they want to and reduce their administrative burden with the latest CRM technology.

Enterprise IT Buyer's Guide

Find Technology Vendors Fast

Find vendors by name | Find by category

Economic crisis threatens networking growth

Can Apple Save the Netbook?

Cloud computing. More than blue sky thinking

This software brought to you by Ovaltine

Why Microsoft won't dominate the cloud

Economic crisis threatens networking growth

Can Apple Save the Netbook?

Exploring the Future State of the CRM Market

Solve Exchange Mailbox Storage Issues Once and for All

Refresh your AUP: Top tips to ensure your acceptable use policy is fit for purpose

IT Service Management Needs and Adoption Trends: An Analysis of a Global Survey of IT Executives

Gaining Competitive Advantage Through Enterprise Planning

Business Intelligence and Enterprise Performance Management: Trends for Emerging Businesses

Strategies for Eliminating .PST Files

The state of Middleware

Making the Business Case for IT Consolidation

Serena On Demand Software Zone

Wireless World Australia 2009

Telstra execs unveil prodigious plans for broadband network

Perl 6 to break compatibility, support other interpreters

Forrester: How to squeeze your vendors

Virtually every Windows PC at risk, says Secunia

Microsoft spells out Vista SP2 contents

Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36

Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22

Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33

IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55

IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47

Anti Internet filtering rebels hit the streets

Swimmer sizzles as Google’s golden girl, but games was the winner

7 ways to cut your software costs during the economic downturn

ATO switches off IT for Christmas

Too good to ignore: 6 alternative browsers

Borderless corporate networks to shift focus to secure content management in Australia in 2009 2008-12-04 16:06:00+11

IDC Says Asia/Pacific Excluding Japan IT Market Will Remain The Bright Spot... 2008-12-04 15:04:00+11

MySpot SOS "Panic Button" Smartphone Application could save lone worker lives 2008-12-04 13:34:00+11

Charles Sturt University Commences Unified Communications Deployment With Interactive Intelligence 2008-12-04 08:30:00+11

AOC Launches 18.5” Widescreen Green 16:9 LCD Monitor in Australia and New Zealand 2008-12-03 15:30:00+11

CRM your salespeople will love

Not a member?

Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36

Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22

Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33

IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55

IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47

Borderless corporate networks to shift focus to secure content management in Australia in 2009 2008-12-04 16:06:00+11

IDC Says Asia/Pacific Excluding Japan IT Market Will Remain The Bright Spot... 2008-12-04 15:04:00+11

MySpot SOS "Panic Button" Smartphone Application could save lone worker lives 2008-12-04 13:34:00+11

Charles Sturt University Commences Unified Communications Deployment With Interactive Intelligence 2008-12-04 08:30:00+11

AOC Launches 18.5” Widescreen Green 16:9 LCD Monitor in Australia and New Zealand 2008-12-03 15:30:00+11

CRM your salespeople will love

Buying Guides

Buying Guides

Latest Products