Disarm Net Threats
-
Buffmaster
- Posts: 3570
- Joined: Fri May 12, 2006 11:37 am
- Location: The Alamo
Disarm Net Threats
Big Red died 23 NOV 2001
You owe your success to your first wife. You owe your second wife to your success---Sean Connery
You owe your success to your first wife. You owe your second wife to your success---Sean Connery
| BBcode: | |
| Hide post links |
-
ruffriders23
- Posts: 2113
- Joined: Fri Aug 18, 2006 1:49 am
- Location: Rio Rancho, NM
- Contact:
It is a good idea, but it took this long before someone decided to limit a programs access to ones registry? I like the idea of what the article talks about and I will try the 2 programs mentioned, but talk about too little, too late.
My http://www.ronmexico.com disguise name is Franc Martinique.
| BBcode: | |
| Hide post links |
-
emanon
- Posts: 2122
- Joined: Wed Feb 16, 2005 3:46 pm
most software has previously taken the "block the bad stuff allow everything else" stategy. The flaw in this approach is when the bad-stuff traffic and activity becomes as frequent as the good stuff requested activity and traffic, it gets increasingly more difficult to filter appropriately.
The alternative approach, assume it is all bad stuff and only allow the apps and processes necessary for the task you are try to accomplish at that moment to get throug the barrier(s) of defense, is much safer because you never have to worry about malware etc being able to get through a port that has been left open just because it was not used to initiate any attacks previously.
It is my prediction that software virtualization of hardware is going to explode over the next couple of years and it will soon be very common to be running layers of Operating Systems within one another that can be disabled or suspended dynamically depending on the work being done. For example a browser layer that when active will not be able to access your mission critical database server layer because it has been suspended and it is not even visible to the browser.
The alternative approach, assume it is all bad stuff and only allow the apps and processes necessary for the task you are try to accomplish at that moment to get throug the barrier(s) of defense, is much safer because you never have to worry about malware etc being able to get through a port that has been left open just because it was not used to initiate any attacks previously.
It is my prediction that software virtualization of hardware is going to explode over the next couple of years and it will soon be very common to be running layers of Operating Systems within one another that can be disabled or suspended dynamically depending on the work being done. For example a browser layer that when active will not be able to access your mission critical database server layer because it has been suspended and it is not even visible to the browser.
| BBcode: | |
| Hide post links |
-
ruffriders23
- Posts: 2113
- Joined: Fri Aug 18, 2006 1:49 am
- Location: Rio Rancho, NM
- Contact:
Yes, I have tried the "allow only when I need it" approach and hate it. Every time I want to do something I have to find the ports, allow them on my modem/router, check it, then troubleshoot where I screwed up. I am going to try the DropMyRights program later this weekend. Anyone know anything about it from personal use?
My http://www.ronmexico.com disguise name is Franc Martinique.
| BBcode: | |
| Hide post links |