Tabnabbing is the newest form of phishing attack. You can try out the following series of events to find out as how you can be tabnabbed. Continue reading “Do not lose your passwords to ‘tabnabbing’”
Earlier this month Nasdaq reported a IT breach where it found “suspicious files” on its U.S. computer servers and determined that hackers could have affected one of its Internet-based client applications Continue reading “The Nasdaq breach –”
People do not like slow responses on web sites. It just drives them away. If you would like to know how fast/slow your web site is when 100 or 1000 users access it, what you are attempting to is labelled ‘load testing’. There are many commercial and free tools that do the job for web applications running on Java, ASP.NET, PHP etc. We will specifically look at testing ASP.NET applications using the open source tool called Jmeter.
Android is an open-source software stack for mobile devices that include an Operating System, middleware and key applications. Android’s OS is based upon a modified version of the Linux kernel.
Google purchased the initial developer of the software, Android Inc, in 2005. Google and other members of the Open Handset Alliance collaborated on Android’s development and release. Currently, the Android OS is the world’s best-selling smartphone platform.
Last week, Visa announced a new Payment Card Industry Data Security Standard (PCI DSS) compliance program that will fuel dynamic data authentication.
This will mean that merchants will not need to validate their compliance with the Payment Card Industry Data Security Standard (PCI DSS) if at least 75% of the merchant’s annual Visa card transactions originate on smartcard-enabled terminals.
Here is a list of commonly used evaluation criteria for anti-virus software
- • Ability to produce new virus signatures quickly
- • Dispersed/distributed manageability
- • Unified client features
- • Client transparency
- • Support for all Windows OSes and Linux
- • Web-based management console
- • Company strength and overall AV strategy
- • Ability to integrate with other solutions such as Cisco NAC
- • Proactive notification on potential outbreaks and/or problems
- • Ability to clean up after viruses and/or spyware have infected a system
- • Ability to quickly prevent outbreaks while new virus signatures are not yet available
Each of the above criteria has been explained further
Ability to Produce New Virus Signatures Quickly
The period between when a virus is discovered “in the wild” and when a signature or pattern file is available for clients is extremely critical. The longer it takes to get and distribute new pattern files, the more likely it is to have clients getting infected.
The ability to provide Unit Computing Specialists and/or departmental administrators access to manage their own clients was also an important feature. With the diversity in departmental IT policies, it is necessary to be able to give people the ability to set policies for their department differently than what is defined at the global level. Furthermore, departments need the ability to provide customized reports on systems under their control to their management.
Unified Client Features
The ability for client software to provide antivirus, anti-spyware, SPAM filtering, and firewall support in a single package was very high on the list of requirements. Packaging all of these features together under a single client not only reduces desktop and system tray clutter but typically takes up fewer system resources in terms of CPU and memory.
Another aspect that to consider is how the client itself performed while a system was under heavy usage. Real-time scanning and monitoring needed to be as unobtrustive as possible. This also meant that any error messages or warnings that popped up as viruses were found needed to be easy to understand and answer. It was very important that the client be as transparent and easy to use as possible to users.
Support for mulitple OSes
If there are a variety of operating systems is use it is important that any solution support the full range of Windows operating systems from Windows XP and2003 all the way back to Windows 98 and Windows 95. In addition, adding support for protecting the growing number of Linux desktops and servers may also be required.
Web-Based Management Console
Enterprise management tools needed to be web-based for ubiquitous access. Not all system administrators run Windows on their desktop, so use of a Windows client-based management system is not desired in our environment. Furthermore, the console needed to be able to provide granular control over systems being managed.
Company Strength / Overall AV Strategy
Another factor in selecting an antivirus solution is how strong the company itself was. Fiscally weak or unsound companies tend to get bought out by larger corporations who may then change the levels of service a product provides even during a contract.The availability of technical support for the anti-virus software is also relevant here. This particularly the case when using free anti-virus software.
Ability to Integrate with Other Solutions
Network security is another area of focus when selecting an antivirus solution. The ability of a solution to integrate with third party solutions such as Cisco’s Network Solution. It is therefore essential that anti-virus solution be able to integrate with the existing network infrastructure.
Proactive Notification of Potential Outbreaks and/or Problems
Limited human resources means that continuous monitoring of the system may not be possible. Therefore, it is critical that any solution be able to watch systems and automatically notify system administrators of possible outbreaks or issues on the network. The ability to email or page an administrator or administrators when there appears to be an anomaly on the network should be considered.
Ability to Clean Up after Viruses and/or Spyware
Obviously another factor that must be considered when evaluating antivirus solutions is how well the product is able to clean a system after an infection. If a solution simply detects a virus but doesn’t clean it up well, it doesn’t really save an administrator any time or effort. The solution should be able to successfully clean a majority of infections without having to rebuild the system.
Ability to Prevent Outbreaks Until New Virus Signatures Are Available
Many vendors have begun to discuss “zero-day” protection, but few actually do much about it. The ability to prevent an outbreak from occurring when there is no virus signature or pattern file available is extremely important. Hundreds of systems could potentially become infected in the time it takes a virus to be detected “in the wild” to the time a new pattern is available. A feature considered key was the ability for software to keep systems protected even though they were unable to detect the virus.