http://www.vnunet.com/vnunet/news/2166552/eeye-seeks-build-mega-honeypot Tom Sanders in California vnunet.com 17 Oct 2006 Enterprise security vendor eEye is preparing to unveil a free version of Blink security software for consumers next week. Blink offers a single application that among things protects against buffer overflow and phishing attacks. It also offers intrusion prevention, application white listing and location specific security settings. Consumers will be asked to share data on attacks that target their computers. The company's chief executive Ross Brown said that the company aims for the software to act as the world's largest honeypot, allowing the firm's security experts to collect samples of live exploits and malware as soon as they become available. "I need a one million man strong honeypot," Brown told vnunet.com. A honeypot is a computer that is set up to collect security data by attracting online attacks. The information is used to analyse new attack and attack methods. They work on the premise that attackers will cast a wide net, distributing malware through spam email messages or by scanning random systems for common security vulnerabilities. The technique however has lost its value in today's world, Brown told vnunet.com in an. Instead of going after a wide range of targets, criminals are increasingly using targeted attacks where malware is sent only to a few recipients within a company. If malware succeeds to evade security researchers, attackers will remain successful at exploiting software flaws and using new attack methods. In addition to building a honeypot, Brown expect that the free consumer version will drive sales of his enterprise software that is listed at $60 per seat. The consumer product will mostly appeal to power users who work in IT departments. The company hopes that their experiences will cause them to promote the software at work. Brown prides himself on the fact that none its enterprise customers has been hit by a remote exploit since June 2004 and claims that the tool will mitigate against most zero day vulnerabilities, allowing users additional time to properly test and deploy software patches. It remains to be seen however how much traction the software will get in the consumer market. Several of the software's features however are designed specifically for enterprises and will find a limited appeal with consumers. The application for instance offers to disable external USB storage devices and hard drives from accessing a device. Blink Personal is based on Blink 2.5 which started shippping last September. The consumer version will officially be launched on October 23 and is available for download from eEye's website. _________________________________ Visit the InfoSec News store! http://www.shopinfosecnews.org
This archive was generated by hypermail 2.1.3 : Mon Oct 16 2006 - 23:47:37 PDT