illurity-logo
Log in

Site menu:

Categories

Tags

Site search

July 2018
M T W T F S S
« Dec    
 1
2345678
9101112131415
16171819202122
23242526272829
3031  

Links:

Archives

Search engines the new security vendors?

NewScientist has a good article on the evolution of Botnet infestations, reinforcing the need for Web Application Firewalls to protect against injection attacks.

Seeing a publication like NewScientist providing coverage to this topic suggests an expanded set of minds offering consideration to this problem. The research paper cited in the article was produced by Google (not your traditional security company), who themselves now offer a SiteAdviser-like service directly within their search results. For example, search for “keygencrack” and try to follow what is currently the first link. This free Google service is described further here.

The point is that malware creators, frustrated by the effectiveness of traditional anti-malware security measures have shifted to content obfuscation and insertion to deliver their payload through co-opted, but otherwise innocuous and trusted web-sites. They exploit inadequate content sanitization, application server vulnerabilities, and malicious scripts retrieved through legitimate interfaces (third-party scripts, user-created content, etc.)

Google is not only the eye-in-the-sky that can see the whole web, but they are also usually the path through which people get to content. This puts them in a very advantaged position to protect against this class of vulnerability. Microsoft can’t be far behind.

Can a security vendor help? Some emerging projects suggest so:

HTMLPurifier – HTML validator, tests/protects against the legendary XSS Cheat Sheet list.
Guardian@JUMPERZ.NET – an open source web application firewall.
NoScript – Client-based, browser extension script execution control with XSS protection.
Spybye – a proxy service that scans URL targets on a page using ClamAV.

Share: These icons link to social bookmarking sites where readers can share and discover new web pages.
  • Twitter
  • LinkedIn
  • Facebook
  • email
  • Google Bookmarks
  • del.icio.us
  • StumbleUpon
  • Reddit

You must be logged in to post a comment.