Traditionally, the area of information security has been purely defensive. Classic examples of the defensive mechanisms used in order to protect communication networks include firewalls, encryption and IDS (Intrusion Detection Systems). The strategy follows the classical security paradigm of "Protect, Detect and React.” In other words, try to protect the network as best as possible, detect any failures in that defense, and then react to those failures.
The problem with this approach is that the attacker has the initiative, always being one step ahead. For example, traditional, signature-based antivirus solutions have a hard time keeping up with the flood of new malware appearing each day (since the attackers can test new malware samples before releasing them into the wild). In the last few years, it has become more and more clear that these traditional, network-based defense techniques have severe limitations. How to Use Honeypots to Improve Your Network Security - Security
From around the Web
- Users not patching third party apps
- Mozilla patches 12 Firefox bugs, a third of them critical
- IE 7 and 8 Default Security Leaves Intranets At Risk
- Microsoft ships fixes for Excel, WordPad malware attacks
- 15 Firefox addons for Web developers
- Windows 7 will nag users 29% less often, Microsoft claims
- Vista7 more secure than Linux and Mac OS X
- Conficker self updates, launches false infection alert
- SSH server attacks resurface
- Hacking Tools & Techniques and How to Protect Your Network from Them
- Microsoft Black Tuesday: Microsoft finally fixes Excel zero day, plus more
- Conficker self updates, launches false infection alert
- Conficker reprogrammed for new attack run
- Rogue security software a rising threat
- Further Windows 7 features revealed