R E L A T E D   C O N T E N T
Similar articles
KnowledgeBANK
News centre
More from Computing
ADVERTISEMENT

Patrick Walsh

How to combat the full threat lifecycle

Fighting off bot networks is possible but it requires a combination of technologies

Computing, 16 Oct 2008
ADVERTISEMENT

It is commonly understood that being connected to the internet is a fundamental requirement of modern business. It is also understood that connection brings risks.
The most typical attack seen today is part of the so-called bot threat cycle. Users are tricked into letting their computers become part of that network. Compromised computers then infect others and overwhelm web servers that attract the ire of the group controlling the bots.

Nearly every security company claims to stop bots and to some extent they do. Anti-spam, anti-virus, intrusion prevention, web filtering and other technologies can all be used to break the bot cycle at some stage. However, to truly combat the threat, it must be stopped at every stage, which requires a combination of security technologies.

The first step is to block emails being sent by bots. This means using a spam filter that can drop all traffic from known bots. IP reputation is one of the best tools in combating bots. The best solutions also look at the URLs in every received email and reject any that link to malicious web sites.

Businesses also need a web filter to block unsafe sites. These must have real-time updating since the average phishing site lasts less than 24 hours and does most of its damage in the first 90 minutes.

At the next stage of the cycle, an exploit installs software on the PC visiting the site. A good intrusion-prevention system is needed to detect the exploit and block access to the site immediately.

Next, the exploit typically fetches a virus from the internet. At this point, a gateway anti-virus solution capable of unpacking even nested compressed files is necessary.

Finally, it is critical that security protections be put in place to detect a bot infestation on the local network, to identify devices that have contracted a virus despite the gateway precautions.

While there is no sure-fire way to stop bots, addressing every step of the threat cycle is our only chance of taking back control of the web from the criminals lurking at one in four PCs worldwide.

Patrick Walsh is a BCS contributor

Tags: Management, Security, Threats-and-risks

Like this story? Spread the news by clicking below:

Post this to Delicious del.icio.us    Post this to Digg Digg this    Post this to reddit reddit!

Permalink for this story
RELATED ARTICLES
M A R K E T P L A C E
Sponsored links
F E A T U R E D   J O B S
R&D Biotechnology C++ Developer
| Aston Carter
C++ Research Developer Global Pharmaceutical Company London C++ Research Developer Biotechology Global Medical Company London Global Biotechnology Company specialising in the research and development of cutting edge health care products is looking for an innovative, ... more >
C++ Developer, Unix, FX Algo Trading, London
| Aston Carter
Your role will be working on direct market access and exchange connectivity part of the application built in C++ on a Unix platform. The team is currently just 9 people including architect and team lead, ... more >
Java Analyst Developer, Agile, Greenfield development, London
| Aston Carter
This is a fantastic opportunity working for a leading global software house, which is part of a larger multi media company. The role is working in the core development team in central London developing a ... more >
C++, Developer, OO, Unix/NT, API, London, City, Graduate
| Aston Carter
C++, Developer, OO, Unix/NT, API, London, City, Graduate A senior core C++/ Unix developer wanting to work in the heart of the city for one of London's most successful companies is required. The successful candidate ... more >
More job opportunities
Useful links: About us . Privacy policy . Terms & conditions . Site map . Bookmark this site
Consumer Technology websites:
Active Home Product reviews, competitions, news
Computeractive Software reviews, hardware reviews, buyers' guides, workshops, downloads
Gizmodo the daily gadget blog: technology news and reviews
PC Magazine your personal guide to technology
PCW software product reviews, hardware product reviews, buyers' guides, competitions
WebAct!ve what's happening on the web
What PC? helping you purchase the right computer, digital camera, peripherals, gadgets and more
Blogs:
Test Bed The PCW Labs blog, PCW Inter@ctive A reader blog from PCW. Your views, your comments, your say, Windows Watch Keeping an eye on the latest XP % Vista news
Jobs & Recruitment websites:
Accountancy Age Jobs Accountant jobs, jobs in finance, audit jobs, cima jobs, acca jobs, corporate finance jobs, management accounting jobs, finance director jobs, finance recruitment agency directory, Top 50 accountancy firms, accountant salary survey
Computing Careers IT jobs, Programmer jobs, Developer jobs, IT manager jobs, Project manager jobs, SAP jobs, Oracle Jobs, Java Jobs, IT recruitment agency directory, Top IT Employers 2005
Inquirer Jobs Software Engineer Jobs, firmware developer jobs, electronics engineer jobs
Other titles in the Incisive Media network:
Business Technology websites: BusinessGreen . Computing . Computing Business . CRN . The Inquirer . vnunet.com
Business & Finance websites: Accountancy Age . Best Practice . Financial Director . Management Consultancy
© Incisive Media Ltd. 2008
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503