Intelligence Sources From Unlikely Places
No matter how hard we try to protect our networks, there is always the chance something will go awry. From hackers breaking into our mail servers to laptops infected with malware, we must watch for issues and get help where we can. Most of us have our traditional tools in place to watch for issues from the desktop to the servers: log analysis tools, IDS, AV reporting, and anything else we can possibly gather information from to help us fight threats and know what has burrowed into our infrastruc
October 6, 2010
No matter how hard we try to protect our networks, there is always the chance something will go awry. From hackers breaking into our mail servers to laptops infected with malware, we must watch for issues and get help where we can. Most of us have our traditional tools in place to watch for issues from the desktop to the servers: log analysis tools, IDS, AV reporting, and anything else we can possibly gather information from to help us fight threats and know what has burrowed into our infrastructures. Now content and ISPs are getting into the game for free.
Luckily, we have some new friends providing information to help our security efforts. Google announced they have a free service to notify network administrators when malicious content is found hiding in websites. Network administers and security teams now have another source of reporting when threats slip into the network. Since web malware can be hard to detect, this is useful tool. While Google's offering doesn't replace full web malware detection and analysis services such as Armorize, it is helpful nonetheless. Google's offering is similar to someone who sees that you left your coffee on the roof of your car and shouts to you as you drive off, but it is not a guaranteed service and is still in trial.
Comcast has also announced it will now notify customers when botnet activity is detected from the customer's home. This offering does not directly apply to enterprises, but it does directly affect our enterprises. Most of our users get infected with botnets and other malware when at home and graciously share it with our networks when they come to work. With Comcast taking an active role in detecting and notifying customers, some of these infections will be brought to the attention of the home user and ultimately the corporate IT department, helping the enterprise. Thanks, Comcast.
Barracuda Labs provides a reputation search service to understand the trust reputation of your URL, IP, email address, and even twitter account. This allows an organization to understand how it may be perceived by others and is built based on the intelligence gathers by Barracuda from around the world. McAfee's TrustedSource website provides an IP reputation tool allowing enterprises to learn the reputation of their mail servers and help explain why your organization's mail might be flowing straight to the spam folder.
It's good to see big companies with lots of insight into our organizations giving back some of that knowledge for the greater security good. There are many resources available online, some from big companies and others from groups of volunteers, but they aren't tailored to your environment or report on what is happening on your network. Take the time to subscribe or check services relevant to your organization. Knowing is half the battle and keeping your network clean will help keep everyone's network clean.
Read more about:
2010About the Author
You May Also Like