From: Cory.Bys@fbol.com
Date: Tue Feb 14 2006 - 09:44:09 EST
I use several things to combat malware -- all of which are based on egress
filtering:
Malware rules for Snort
NPI data rules for Snort (Detects sensitive information leaving your
network in clear text -- you'll be surprised at how much you will find)
Domain country code rules for Snort
Malware ACL for Squid (This is the best way I have found to defend yourself
against malware vendors that hide behind Akamai's cache servers)
IP blacklist for firewalls
All are available on my web site at http://www.kgb.to
Note that I consider third party tracking to be malicious, so I like to
kill banner ads and all kinds of other stuff.
------------------------------------------------------------------------------
Audit your website security with Acunetix Web Vulnerability Scanner:
Hackers are concentrating their efforts on attacking applications on your
website. Up to 75% of cyber attacks are launched on shopping carts, forms,
login pages, dynamic content etc. Firewalls, SSL and locked-down servers are
futile against web application hacking. Check your website for vulnerabilities
to SQL injection, Cross site scripting and other web attacks before hackers do!
Download Trial at:
http://www.securityfocus.com/sponsor/pen-test_050831
-------------------------------------------------------------------------------
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:55:31 EDT