 |
|
|
|
|
| 1. |
How to find antivirus software comparisons and reviews |
| Expert Ed Skoudis unveils where consumers can find antivirus software and product reviews and comparisons. |
| URL: |
|
| 2. |
Ed Skoudis, Information Security Threats |
| Ed Skoudis, founder and Senior Security Consultant with security consulting firm InGuardians, was a past SearchSecurity.com information security threat expert. Ed Skoudis is no longer answering questions on the site. |
| URL: |
|
| 3. |
What is the best antivirus software to use when running Linux? |
| In this Ask the Expert Q&A, Threat and mitigation expert Ed Skoudis reveals what he believes to be the best antivirus products on the market today for Linux users. |
| URL: |
|
| 4. |
How do I secure Windows NT/XP using the NetBIOS and LDAP protocols? |
| In this Ask the Expert Q&A, our security threats expert, Ed Skoudis, discusses how to secure Windows NT/XP using the NetBIOS and LDAP protocols and what steps should be taken to protect against intruders. |
| URL: |
|
| 5. |
How to protect the network from DoS attacks |
| In this Ask the Expert Q&A, our security threat expert, Ed Skoudis, discusses how a new type of DoS attack operates and what you can do to protect your network. |
| URL: |
|
| 6. |
Are there any Trojans or malware that target Blackberries? |
| Use a Blackberry? In this information security threats Ask the Expert Q&A, Ed Skoudis examines what, if any, attacks threaten the stability of its environment |
| URL: |
|
| 7. |
How to prevent cross-site scripting |
| Learn how cross-site scripting, a common Web application attack, operates and what Web users and Web developers can do to protect against it, in this information security threats Ask the Expert Q&A. |
| URL: |
|
| 8. |
Shareware applications vs. commercial software |
| Considering using a shareware application? In this information security threats Ask the Expert Q&A, SearchSecurity's resident expert Ed Skoudis examines if commercial software product are more secure than shareware applications. |
| URL: |
|
| 9. |
Phishing vs. Pharming attacks |
| Learn how phishing attacks differ from pharming attacks and whether or not pharming attacks still threaten, in this information security threat Ask the Expert Q&A. |
| URL: |
|
| 10. |
How to prevent VoIP phishing |
| Don't fall prey to a VoIP phishing scam. In this Information Security Threats Ask the Expert Q&A, Ed Skoudis explains why end-to-end encrypted VoIP phones cannot prevent VoIP scams and how to protect against them. |
| URL: |
|
| 11. |
Creating a security awareness program |
| In this Information Security Threats Ask the Expert Q&A, Ed Skoudis explains how creating a security awareness program can help thwart the insider threat. |
| URL: |
|
| 12. |
Combating phishing scams |
| In this Information Security Threats Ask the Expert Q&A, Ed Skoudis reviews what to do if you've been phished and identifies the phishing coalitions that can help combat this email threat |
| URL: |
|
| 13. |
What are the security risks associated with virtual PCs? |
| Since Virtual PCs enable you to run multiple operating systems simultaneously on a single piece of hardware, they can introduce risks into your networking environment. In this information security threats Q&A, Ed Skoudis examines what these risks are, and what you can do to mitigate them. |
| URL: |
|
| 14. |
How to prevent input validation attacks |
| Learn what canonicalization is and what Web developers can do to prevent input validation attacks. |
| URL: |
|
| 15. |
What is 'Trixie' and how do we remove it? |
| There are several tools that call themselves Trixie. Luckily, SearchSecurity.com's information security threats expert, Ed Skoudis, can tell the good from the bad and will help you rid your system of the malicious Trixie worm. |
| URL: |
|
| 16. |
How can I prevent spammers from populating my mailing list? |
| SearchSecurity.com's information security threats expert, Ed Skoudis, explains the workings of a spambot and teaches the strategies you need to counter spammers and clean up your mailing lists. |
| URL: |
|
| 17. |
How to reduce wireless driver security vulnerabilities |
| So, you have your up-to-date antivirus software with personal firewalls and antispam, antispyware and privacy control features. SearchSecurity.com's information security threats expert, Ed Skoudis, explores how to ensure complete wireless security. |
| URL: |
|
| 18. |
How can I prevent an FU rootkit from spreading throughout a network? |
| Information security threats expert, Ed Skoudis, explains the best way to stop an FU rootkit outbreak. Learn how to clean up your infected machine and prevent the malware from spreading across your network. |
| URL: |
|
| 19. |
Can simple antispam filters solve the image spam problem? |
| If your company has a problem with image spam, why not just filter it out? In this SearchSecurity.com Q&A, information security threat expert Ed Skoudis explains why filtering isn't the easy answer. |
| URL: |
|
| 20. |
What is WiPhishing? |
| In this expert Q&A, information security threats expert Ed Skoudis addresses WiPhishing and the reasons you shouldn't trust every wireless access point. |
| URL: |
|
| 21. |
If a virtual machine is hacked, what are the consequences? |
| In our expert Q&A, information security threats expert Ed Skoudis explains how attackers can compromise a virtual machine. |
| URL: |
|
| 22. |
Why is spyware still a powerful data theft weapon? |
| Spyware isn't going anywhere; information security threats expert, Ed Skoudis, explains why in this SearchSecurity.com Q&A. |
| URL: |
|
| 23. |
What new tactics can prevent cross-site scripting attacks? |
| Cross-site scripting attacks are a major threat to today's information security environment. In this expert Q&A, Ed Skoudis reveals how attackers use this technique to exploit vulnerable Web sites. |
| URL: |
|
| 24. |
Do USB memory sticks pose enterprise threats? |
| USB memory sticks bring new risks to the enterprise, but don't start gluing shut your computer system's USB slots just yet. In this Q&A, information security threats expert Ed Skoudis lays out your other options. |
| URL: |
|
| 25. |
Who should install handheld device security: Vendors or customers? |
| Shipping companies use mobile devices to track their packages, but who should be in charge of the security software: the vendor or the customer? In this SearchSecurity.com Q&A, information security threats expert Ed Skoudis suggests who should be protecting these tracking tools. |
| URL: |
|
| 26. |
How does a mail server respond to fake email addresses? |
| In this SearchSecurity.com Q&A, Ed Skoudis reviews the actions of a mail server when it is presented with a bogus email address. |
| URL: |
|
| 27. |
Is Warezov a security concern? |
| Warezov, also known as Stration and Stratio, is a widespread scourge, already infecting hundreds of thousands of systems. In this SearchSecurity.com Q&A, information security threats expert Ed Skoudis reveals the dangerous capabilities that separate this type of malware from the rest. |
| URL: |
|
| 28. |
Interpretting firewall security alert messages |
| If you can't decipher the security alert messages from your firewall, information security threats expert Ed Skoudis can help with some of the interpretation. In this SearchSecurity.com Q&A, Ed Skoudis uses a sample alert message to explain whether your firewall is doing its job. |
| URL: |
|
| 29. |
Can intrusion prevention systems alone prevent botnet attacks? |
| Network-based intrusion prevention systems offer some protection against botnets, but that's only one piece of the puzzle. In this SearchSecurity.com Q&A, information security threat expert Ed Skoudis reviews the other tools that should be a part of your botnet defense plan. |
| URL: |
|
| 30. |
Cross-site tracing vs. Cross-site scripting |
| Cross-site tracing, slightly different from cross-site scripting, can still do some significant damage to your Web applications. In this SearchSecurity.com Q&A, information security threats expert Ed Skoudis reveals how each attack is carried out. |
| URL: |
|
| 31. |
What are polymorphic viruses? |
| Polymorphic viruses are built to dodge signature-based detection technologies. In this expert Q&A, Ed Skoudis examines the morphing malware and reveals which defenses are keeping up with the threat. |
| URL: |
|
| 32. |
What tools can remove rookits or prevent their installation? |
| Once installed, rootkits can stealthily monitor your traffic and keystrokes. In this SearchSecurity.com Q&A, information security threats expert Ed Skoudis offers four ways to keep the malware off of your systems in the first place. |
| URL: |
|
| 33. |
How well does virtualization technology defend against malware? |
| Virtualization products can protect your host operating system from malware, but the their detection methods aren't foolproof. In this expert Q&A, information security threats expert Ed Skoudis explains how malware and its writers are catching on to VMware. |
| URL: |
|
| 34. |
What are common kinds of mobile spyware? |
| When it comes to mobile spyware, there are almost too many types. Luckily, in this expert Q&A, Ed Skoudis narrows down the field and reveals how to defend against browser exploits, file droppers and keystroke loggers. |
| URL: |
|
| 35. |
What are the risks of social networking sites? |
| Social networking sites allow someone to post information that thousands of other users can read. But that's not at all. In this Q&A, information security threats expert Ed Skoudis reveals how sites like Myspace and Youtube let the bad guys post something more dangerous: malware. |
| URL: |
|
| 36. |
Why can't antimalware tools scan inside virtual machines? |
| You'd think that it would be easy for an antimalware tool to see what's going on inside a virtual workstation. Unfortunately, it's not. In this expert Q&A, Ed Skoudis explains the difficulty of scanning a guest virtual machine. |
| URL: |
|
| 37. |
How can attackers exploit RSS software flaws? |
| RSS syndication feeds are a convenient way to get your news, blogs or other favorite content, but these popular tools are often left exposed. In this SearchSecurity.com Q&A, Ed Skoudis explains how malicious hackers can attack RSS software and distribute malicious code. |
| URL: |
|
| 38. |
Can service providers prevent DDoS attacks? |
| The results of a DDoS attack can be crippling, but what are service providers doing about the threat? In this SearchSecurity.com Q&A, Ed Skoudis explains how innovative ISPs are raising the bar -- and malicious hackers are jumping right over it. |
| URL: |
|
| 39. |
Will the botnet threat continue? |
| Is the botnet threat here to stay? In this SearchSecurity.com Q&A, information security threat expert Ed Skoudis explains how these money-making machines will become a greater threat in 2007. |
| URL: |
|
| 40. |
How can hackers bypass proxy servers? |
| Hackers are bypassing proxy servers all the time and doing so for a variety of reasons. In this SearchSecurity.com expert Q&A, Ed Skoudis points out the holes in your protective filtering tools. |
| URL: |
|
| 41. |
How vulnerable are network printers? |
| Security personnel often don't give network printers much attention; after all, they are "only printers." In this SearchSecurity.com Q&A, Ed Skoudis explains why such devices are, in fact, a juicy target and need to be properly patched and hardened. |
| URL: |
|
| 42. |
Should USB token data be copied to a hidden directory called 'IEDW?' |
| If the data from your USB token is being copied into a hidden directory called "IEDW," be extra cautious. Whether spyware is the root of the problem or not, security threat expert Ed Skoudis explains why it's certainly a cause for concern. |
| URL: |
|
| 43. |
Will disabling thumb drives affect keyboard and mouse functions? |
| Shutting down USB drives altogether may be a wise decision for your enterprise, but what does that mean for systems that rely exclusively on USB for the keyboard and mouse? Security threat expert Ed Skoudis explains. |
| URL: |
|
| 44. |
Is it possible to prevent email forwarding? |
| For professionals who send sensitive information through email, it may be useful to prevent message forwarding. Not so fast, says Ed Skoudis. SearchSecurity.com's information security threat expert explains the limitations of SMTP and why you may want to avoid sending confidential information altogther. |
| URL: |
|
| 45. |
Can a certificate authority be trusted? |
| It's important to verifiy a root certificate's legitimacy, but with hundreds of issued certificates, the task can be overwhelming. In this expert Q&A, Ed Skoudis reveals what research needs to be done before importing a certificate into your browser. |
| URL: |
|
| 46. |
Should a rise in text message spam be expected? |
| According to a Ferris Research study, consumers this year are expected to receive a total of about 1 billion cell phone spam messages. Yet, compared to other countries, text message spam hasn't hit the United States very hard. In this SearchSecurity.com Q&A, Ed Skoudis explains why we shouldn't hold our breath. |
| URL: |
|
| 47. |
Are encryption products better than self-destructing data? |
| Although spy vs. spy shows may have made lost data deletion technologies a fun gimmick, information security threat expert Ed Skoudis explains the data protection problems that may arise when a tape "will destruct in five seconds." |
| URL: |
|
| 48. |
Who's fighting the spyware operators? |
| There are plenty of malicious hackers who use spyware to gather others' personal data, so why aren't these cybercriminals behind bars? In this SearchSecurity.com Q&A, Ed Skoudis explains some of the challenges facing law enforcement. |
| URL: |
|
| 49. |
Can network behavior anomaly detection (NBAD) products stop rootkits? |
| There are plenty of network-based products that use packet and connection rates to detect rootkits and other malware. In this SearchSecurity.com Q&A, information security threats expert Ed Skoudis reviews which products, as well as Internet-based projects, are out to find network anomalies. |
| URL: |
|
| 50. |
What is a logic bomb? |
| A logic bomb is a dangerous piece of software designed to damage a computer or network and cause massive data destruction. In this SearchSecurity.com Q&A, Ed Skoudis explains how an enterprise can prepare for a hacker's detonation. |
| URL: |
|
| 51. |
Is the Storm worm virus still a serious threat? |
| Today, attackers continue to have success with the Storm worm and its many variations, using the malware to strengthen their nasty botnets. In this SearchSecurity.com Q&A, expert Ed Skoudis explains why these rather run-of-the-mill attacks are still a problem today. |
| URL: |
|
| 52. |
Will fixed-mobile convergence (FMC) create more security risks? |
| Many carriers want to deliver data and video by integrating wireline and wireless infrastructures, a move called fixed-mobile convergence (FMC). In this tip, Ed Skoudis explains. the security implications of such a combination. |
| URL: |
|
| 53. |
Are attackers using malware to exploit service oriented architectures? |
| Malware writers aren't taking advantage of service-oriented architectures. Not yet, anyways. In this expert Q&A, Ed Skoudis explains the vulnerabilities of an SOA, and why it's a potential target for malicious hackers. |
| URL: |
|
| 54. |
Do the Common Vulnerabilities and Exposures protect applications? |
| When discussing today's many security holes, security professionals can use the Common Vulnerabilities and Exposures (CVE) dictionary to make sure that they refer to the same flaw. But what can the list do for home-grown Web application software? Expert Ed Skoudis explains. |
| URL: |
|
| 55. |
Is it possible to detect today's peer-to-peer (P2P) botnets? |
| Historically, botnets used centralized architectures for command and control. In this SearchSecurity.com Q&A, Ed Skoudis explains how attackers have upgraded the botnet structure using peer-to-peer (P2P) technology. |
| URL: |
|
| 56. |
Can an antivirus program's behavior-based functions be judged? |
| Most antivirus tools do not give users the configuration option to turn specfic detection functions on or off, making it difficult to judge the accuracy of a program's behavior-based technology. In this expert Q&A, Ed Skoudis explains the best ways to judge performance. |
| URL: |
|
| 57. |
Does SMS spoofing require as much effort as email spoofing? |
| SMS text message spoofing demands a little more technical knowledge than email spoofing. But not much, says information security threat expert Ed Skoudis. In this Q&A, Skoudis explains how that technical know-how has now been embedded in easy-to-use, Web-based software. |
| URL: |
|
| 58. |
Investigating phone phishing calls |
| Will phishing calls ever be stopped? Maybe not, but it is possible to do a little detective work. In this expert Q&A, Ed Skoudis explains how to get some information on phishers and their "important messages." |
| URL: |
|
| 59. |
Can companies control their affiliate-based adware? |
| Companies often advertise unintentionally with adware. In this SearchSecurity.com Q&A, Ed Skoudis explains some best practices that can keep a company's Internet-marketing strategy spyware-free. |
| URL: |
|
| 60. |
Are iPhone security risks different than those of other mobile devices? |
| The security risks of an iPhone are comparable to other wireless devices, but the iPhone does bring some special issues that are a cause for concern. |
| URL: |
|
| 61. |
Will allowing virtual machines increase risk exposure? |
| Implementing enterprise virtual machines can lead to invisible pockets of software in a work environment. In this expert Q&A, Ed Skoudis explains what kind of bargain you can strike with VM users. |
| URL: |
|
| 62. |
What are the risks of logging into a botnet control channel? |
| By sniffing traffic as an infected machine logs into a botnet, it may possible to see an attacker's commands. Using that information to interact with the botnet, however, is dangerous, says information security threat expert Ed Skoudis. |
| URL: |
|
| 63. |
Has cross-site scripting evolved? |
| It's astounding what is being done with browser scripts these days. In this expert Q&A, Ed Skoudis explains how today's cross-site scripting attacks are a far cry from those of a decade ago. |
| URL: |
|
| 64. |
What are the best bot detection tools? |
| Today, antimalware tools can detect hundreds of different bot variants using signature and heuristic techniques, but they aren't perfect. Ed Skoudis reveals some other options. |
| URL: |
|
| 65. |
Has ransomware made a comeback? |
| Ransomware attacks, though not very common, do occur. Ed Skoudis explains how to "negotiate" with Gpcode and other malware of this type. |
| URL: |
|
| 66. |
Will Web browsers ever be fully equipped to detect and remove malware? |
| The latest group of browser updates allow for the detection of bogus Web sites, but what other features can be expected? Ed Skoudis explains how a Web browser's complexity may hinder its future malware defense capabilities. |
| URL: |
|
| 67. |
What additional security protection do virtual machines offer? |
| If software is exploitable in a real operating system, it will also be exploitable in a virtual machine. In this expert Q&A, Ed Skoudis sets the record straight and explains what virtualization technology can and can't do. |
| URL: |
|
| 68. |
Can fuzzing identify cross-site scripting (XSS) vulnerabilities? |
| Fuzzing may find weaknesses in software, but the testing process can't find every flaw. Ed Skoudis explains what other tools are necessary when looking for cross-site scripting vulnerabilities. |
| URL: |
|
| 69. |
What is Spycar? |
| Spycar, still available for free, tests a machine against 17 daggressive spyware-like behaviors. Information security threat expert Ed Skoudis explains the tool and gives a preview of Spycar 2. |
| URL: |
|
| 70. |
How can copying file and exchanging memory tokens spread malware? |
| Ed Skoudis explains the malware-related risks of copying files, exchanging memory sticks and downloading emails. |
| URL: |
|
| 71. |
Should keystroke loggers be used in enterprise investigations? |
| Keystroke loggers can provide a great deal of insight into what a perpetrator may be up to inside an enterprise. But not so fast. Ed Skoudis reveals what needs to be done before gathering your first keystroke. |
| URL: |
|
| 72. |
What security risks do enterprise honeypots pose? |
| Honeypots can provide a great deal of insight into an environment's attack activity. However, before implementing them, there are some significant issues that require careful consideration and planning. |
| URL: |
|
| 73. |
Does Teredo present security risks to the enterprise? |
| Teredo allows internal networks to transition to IPv6, interconnecting them through their NAT devices and across the IPv4 Internet. Ed Skoudis explains why this function isn't as innocent as it seems. |
| URL: |
|
| 74. |
How effective are phishing links that refer to FTP sites? |
| The vast majority of phishing emails still include HTTP links, but there has been a recent smattering that refer to FTP sites. In this SearchSecurity.com Q&A, Ed Skoudis explains how to be ready for the malicious messages. |
| URL: |
|
| 75. |
Should a Java Runtime Environment (JRE) be kept up to date? |
| Critical security flaws are often discovered in Java Runtime Environment implementations. Unfortunately, most users don't apply any appropriate patches. Ed Skoudis reveals the security risks posed by a vulnerable JRE. |
| URL: |
|
| 76. |
What security measures can be taken to stop crimeware kits? |
| Enterprises that don't have thoroughly patched browsers, PDF readers, media players and other client-side software are very likely to get compromised by MPack and similar crimeware tools. Ed Skoudis explains. |
| URL: |
|
| 77. |
What software development practices prevent input validation attacks? |
| Improper input validation leads to numerous kinds of attacks, including cross-site scripting, SQL injection and command injection. In this expert Q&A, Michael Cobb reviews the most important application development practices. |
| URL: |
|
| 78. |
Is there a market for standalone antivirus products? |
| In this SearchSecurity.com Q&A, Ed Skoudis says that there is still a market opportunity for standalone antivirus products -- but the window is shrinking. |
| URL: |
|
| 79. |
How should application developers manage cookies? |
| Cookies hold data, such as user preferences and session tracking credentials. In this expert Q&A, Ed Skoudis explains how application developers can define and manage the cookies appropriately. |
| URL: |
|
| 80. |
Can 'herd intelligence' effectively stop malware? |
| 'Herd intelligence' provides a distributed sensor net, finding new specimens that are potentially evil. Information security threat expert Ed Skoudis explains how effective the antimalware technology really is. |
| URL: |
|
| 81. |
Defining mobile device security concerns |
| Ed Skoudis explains how to secure sensitive data on mobile devices, and unveils the most common mobile security threats, such as physical theft and remote exploitation. |
| URL: |
|
| 82. |
What are the dangers of cross-site request forgery attacks (CSRF)? |
| Ed Skoudis defines the threats posed by cross-site request forgery attacks (CSRF), and explains how they are similar and different from cross-site scripting attacks. |
| URL: |
|
| 83. |
Should social engineering tests be included in penetration testing? |
| Information security threats expert Ed Skoudis weighs the positive and negative aspects of allowing social engineering tests to be a part of the penetration testing process. |
| URL: |
|
| 84. |
What kind of data is compromised during a Google hack? |
| Ed Skoudis defines Google hacking, unveils the type of data that is most commonly exposed during this type of attack and offers ways to ward off Google hackers. |
| URL: |
|
| 85. |
Best practices for using restriction policy whitelists |
| Ed Skoudis discusses which systems should be considered for software restriction policy whitelists, and unveils how whitelisting can improve security. |
| URL: |
|
| 86. |
What is the safest way to handle quarantined adware? |
| A computer's adware has been quarantined. Now what? Expert Ed Skoudis explains the safest way to dispose of unwanted adware. |
| URL: |
|
| 87. |
What are the risks associated with RIM's line of PDAs? |
| PDAs are everywhere. What are the biggest risks and the best ways to keep them secure? Security threats expert Ed Skoudis weighs in. |
| URL: |
|
| 88. |
Are social networking sites an easy target for malicious hackers? |
| With the rise of social networking giants like MySpace and Facebook, it makes sense that there would also be a rise in malware to attack them. |
| URL: |
|
| 89. |
What tools can a hacker use to crack a laptop password? |
| Password cracking may be a hacker's specialty, but there are also many strategies to keep passwords secure. |
| URL: |
|
| 90. |
Are there antivirus suites that pick up more than just run-of-the-mill viruses? |
| There are some rare forms of malware that antivirus software doesn't pick up on, but there are some good tools to remove all sorts of malware. |
| URL: |
|
| 91. |
John Strand |
| John Strand, Senior Security Researcher with his company Black Hills Information Security, fields all of your questions about today's information security threats. |
| URL: |
|
| 92. |
Will Google Chrome enhance overall browser security? |
| Expert John Strand reviews Google Chrome's browser security features and what the new tool will mean for enterprise IT teams. |
| URL: |
|
| 93. |
The telltale signs of a network attack |
| Some people believe that if IP addresses from China are attacking their network, then they are under attack from China. Expert John Strand explains why all that it is irrelevant. |
| URL: |
|
