The link above goes to a good article about threats on web pages, including poisoned websites. The key to this, is the second section which says that cyber-criminals can poison legitimate websites. I've discussed in the past that your web proxy needs to be able to block malicious content regardless of source. Web reputation doesn't buy you much when it allows a site just because it has a good reputation, in the off chance that site has been poisoned. Hedge your bets and scan everything that could possibly be malicious.
The other really interesting piece mentioned in this article occurs at the end. There's a demonstration of how something we all consider relatively benign - MP3 files can contain malicious content. The author has an MP3 you can download, but the catch here is the MP3 file contains code that executes pop windows when you play the music file. That's pretty scary if you think there's probably more than just opening browser windows that could happen from downloading and playing an MP3 file.
So what's the lesson here? Make sure your web proxy scans for viruses, malware, and protects you from spyware on all the pages your employees visit. Don't let a webpage get past a scan just because it's got a good reputation.
Welcome to the Proxy Update, your source of news and information on Proxies and their role in network security.
Monday, April 21, 2008
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment