Author: admini

She listed BorderWare Technologies and Sipera Systems as key providers of VOIP security tools on the infrastructure side, and Zfone’s encryption technology—which has been submitted to the IETF (Internet Engineering Task Force) as a proposed public standard—as important on the client side.

“because most of the voice-over-IP traffic is still not encrypted,” said Paul Wood, an analyst with MessageLabs, headquartered in Gloucester, England. However, he added, VOIP security threats remain largely theoretical, as hackers and cyber-thieves tend to focus their efforts on e-mail. e-mail is certainly the single biggest target for [such attackers] because it enables them to exploit this massive ecosystem,” Wood said, adding that the mix of hardware- and software-based VOIP deployments makes it harder for hackers to target systems.

It takes a mix of security tools, from session border controllers to dedicated firewalls for VOIP traffic to network and host intrusion detection/prevention systems, to secure VOIP, Fodale said. She added that the key challenge for businesses will be to integrate VOIP security into a unified security framework.

http://www.eweek.com/article2/0%2C1759%2C2175285%2C00.asp

Stick it somewhere in your environment where it’s likely to get noticed by an intruder, and tell it to page your incident response team (or you) if anything unexpected tries to connect to it. It’s a fake computer asset, and nothing (once you’ve fine-tuned the false positives out) should ever connect to it.

Months and months go by without any significant updates, but this month has seen a cornucopia of new developments and updates. New honeypot book Niels Provos (creator of Honeyd and senior staff engineer at Google) and Thorsten Holz have written an excellent honeypot book in “Virtual Honeypots: From Botnet Tracking to Intrusion Detection.” As a seasoned honeypot and honeyclient professional (and honeypot book author), he had high hopes for this book — and it delivers. The only downsides he could even come up with is that the book deals with a lot of Unix/Linux-only products, just like the honeypot software world, which might be a put-off for Windows-only readers.

In the end, what he really liked about this book is its coverage of a wide range of products and its practical application to capturing and analyzing malware.

Updated Honeyd for Windows Honeyd, originally a Unix/Linux-only product by Niels Provos, is one of the best virtual honeypot software programs in existence. Michael Davis did the original Honeyd port to Windows (thank you very much, Michael), but that version didn’t keep up as Windows XP and later came out. Jesper Jurcenoks, co-founder of netVigilance, has released an updated version of Honeyd for Windows. It works on all Win32 systems, including Vista, and comes with the ability to exclude predefined types of activity (which is a must when you’re doing real-time file and registry analysis).

The New Zealand Honeypot Project, which produced Capture-HPC, also wrote an excellent white paper on using Capture-HPC to identify malicious Web servers.

http://www.infoworld.com/article/07/08/24/34OPsecadvise_1.html