This article can also be found in the Premium Editorial Download "Information Security magazine: Comparing seven top integrated endpoint security suites."
Download it now to read this article plus other related content.
"This has been driven both by advancements in secure coding practices for server-side software and, more importantly, by the explosion of phishing and identity theft attacks," says Michael Sutton, the security evangelist for SPI Dynamics, which was recently acquired by HP. "Attackers have realized that it is easier to find a weak point when targeting employees and end users versus a hardened server, which is actively protected."
The situation is fairly depressing. There are compromised Web sites in most any subject category, according to honeynet researchers.
"Anybody accessing the Web is at risk regardless of the type of content they browse for or the way the content is accessed," writes Holz and four other authors of the Honeynet Project paper Know Your Enemy: Malicious Web Servers. "Adjusting browsing behavior is not sufficient to entirely mitigate such risk. Even if a user makes it a policy to only type in URLs rather than following hyperlinks, they are still at risk from typo-squatter URLs."
Flying Across the Web
| of URLs whose security status is undetermined.
Honeyclients have three components:
This was first published in November 2007