On mySimon: The Biggest Box Sets
BNET Business Network:
BNET
TechRepublic
ZDNet
TalkBack 14 of 34:
Next »
« Previous
Do you plan on collecting your bonus anytime in the future?
jfrankcarr wrote: "Phishing attempts and virus/trojan emails are stopped by mail filtering software at the server side."

That's some mightly impressive prognostic firewall software you must be using, because how can it predict and detect the following blended threat?
1) Hostile emails are increasingly using the tactic of grabbing the email address, In-Reply-To and subject headers from the outlook inbox, making it appear that the email is a reply to a legitmate email.
2) The email itself contains the social engineering and a URL to one of many compromised webservers.
3) The URL links to a SSL (https://) site. The connection is encrypted from the website to the browser -- no chance of the firewall proxy reading the content.
4) The hostile webpage itself exploits a combination of known vulnerabilities in Microsoft's Internet Explorer that Microsoft has chosen not to relase an update to fix.
http://www.safecenter.net/UMBRELLAWEBV4/ie_unpatched/index.html

Requiring personal responsibility by employees for their Internet activities on the job has also helped.

How can they tell if it's a threat? What indication does the software give them?

To quote myself back in 2000...
http://www.google.com/groups?threadm=slrn8t15s9.1bt.heretic%40heretic.ihug.co.nz
I do agree, but it is easier saying "practice safe computing" than producing
a list of practical rules if your using Microsoft Office in a large
organization ( getting the nice people, especially the overworked ones, to
follow it is a another matter ).

http://www.google.com/groups?threadm=slrn8j2cen.pns.heretic%40localhost.localdomain
Human nature being as it is, relying on users to follow a strict protocol
when dealing with incoming email or other Office documents via the internet
is doomed to failure. Love letter from whom? The temptation to open the
attachments is too great even for the most security conscious person.
To quote Mark Twain "You can fool some of the people all of the time,
and all of the people some of the time ...". When presented with a dialog
window with Yes/No buttons, a LOT of users click yes without even reading
the dialog.

You stated that MSBlast did cost you your bonus last year. How can expect to earn any such bonus anytime in the near future when that vendor you rely upon, Microsoft, continues to choose not to secure their software against attack?
http://www.google.com/search?q=%22shatter+attack%22
Posted by: David Mohring   Posted on: 03/20/04 You are currently: a Guest | Members login | Terms of Use
Reply to Story Reply to Message

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

blah  carbon-12 | 03/19/04
does anyone see a correlation?  stephen732@... | 03/19/04
One train, just switch to Linux  FilledOut | 03/19/04
Costs too much  jfrankcarr | 03/19/04
your forgetting something  stephen732@... | 03/19/04
That is a consideration  jfrankcarr | 03/20/04
RE: That is a consideration  nite_w0lf | 03/20/04
Delegating virus software  jfrankcarr | 03/20/04
2000/05/28:Microsoft Applications Security And The Internet  David Mohring | 03/19/04
Pretty dated information there.  jfrankcarr | 03/19/04
If anything, its worse - Phishing for IE vulnerabilities  David Mohring | 03/19/04
Have to somewhat disagree based on my experience  jfrankcarr | 03/20/04
a laptop solution  Iain_Peters | 03/20/04
Do you plan on collecting your bonus anytime in the future?  David Mohring | 03/20/04
You're still talking about 2000 era threats  jfrankcarr | 03/20/04
Did you even bother to read what I wrote?  David Mohring | 03/20/04
The exploits are scripting related  jfrankcarr | 03/20/04
So how much does Windows really cost???  DonnieBoy | 03/19/04
Still think M$ has a lower TCO?  carbon-12 | 03/19/04
TCO THIS!  spinit | 03/20/04
If Everyone Used Linix == Same problems  lslade | 03/20/04
RE: If Everyone Used Linix == Same problems - rubbish  Iain_Peters | 03/20/04
RE: If Everyone Used Linix == Same problems - rubbish  seosamh_z | 03/21/04
The problem is when MSCEs talk *nix security  Richard Flude | 03/21/04
IIS vs Apache  doe_z | 03/20/04
Linux CAN be made secure relative to Windows...  deathbymilkfloat | 03/20/04
Linux CAN be made secure relative to Windows...  seosamh_z | 03/21/04
just out of curiosity, how did you ever find your way onto the net!  nite_w0lf | 03/20/04
If Everyone Used Linix -- Execute bit  SilverEagle_z | 03/27/04
TCO! TCO! Get The Facts! TCO!  B_HI | 03/20/04
Mindless Sheep?  TWRX | 03/20/04
Stupid response to a stupid post?  ZorakQMantis | 03/21/04
And the viruses are spreading to automobiles  Squawkbox | 03/20/04
and where do we get these figures  JWatson77 | 03/24/04

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

advertisement
advertisement

SmartPlanet

  • Thought-provoking progressive ideas on diverse topics that intersect with technology, business, and life, and matter to the world at large. Visit SmartPlanet
  • More from IBM
  • Innovate your business' process model, play against the market, compete against others on our scoreboards and WIN! Try INNOV8 2.0: A BPM Simulator
  • Enabling Real-World Business Transformation through IBM Service Management Read the EMA Analyst Report
Click Here