[ISN] eEye sets out to build lagest honeypot network

From: InfoSec News (alerts@private)
Date: Mon Oct 16 2006 - 23:29:52 PDT


http://www.vnunet.com/vnunet/news/2166552/eeye-seeks-build-mega-honeypot

Tom Sanders in California
vnunet.com 
17 Oct 2006

Enterprise security vendor eEye is preparing to unveil a free version of 
Blink security software for consumers next week.

Blink offers a single application that among things protects against 
buffer overflow and phishing attacks. It also offers intrusion 
prevention, application white listing and location specific security 
settings.

Consumers will be asked to share data on attacks that target their 
computers. The company's chief executive Ross Brown said that the 
company aims for the software to act as the world's largest honeypot, 
allowing the firm's security experts to collect samples of live exploits 
and malware as soon as they become available.

"I need a one million man strong honeypot," Brown told vnunet.com.

A honeypot is a computer that is set up to collect security data by 
attracting online attacks. The information is used to analyse new attack 
and attack methods. They work on the premise that attackers will cast a 
wide net, distributing malware through spam email messages or by 
scanning random systems for common security vulnerabilities.

The technique however has lost its value in today's world, Brown told 
vnunet.com in an. Instead of going after a wide range of targets, 
criminals are increasingly using targeted attacks where malware is sent 
only to a few recipients within a company. If malware succeeds to evade 
security researchers, attackers will remain successful at exploiting 
software flaws and using new attack methods.

In addition to building a honeypot, Brown expect that the free consumer 
version will drive sales of his enterprise software that is listed at 
$60 per seat. The consumer product will mostly appeal to power users who 
work in IT departments. The company hopes that their experiences will 
cause them to promote the software at work.

Brown prides himself on the fact that none its enterprise customers has 
been hit by a remote exploit since June 2004 and claims that the tool 
will mitigate against most zero day vulnerabilities, allowing users 
additional time to properly test and deploy software patches.

It remains to be seen however how much traction the software will get in 
the consumer market.

Several of the software's features however are designed specifically for 
enterprises and will find a limited appeal with consumers. The 
application for instance offers to disable external USB storage devices 
and hard drives from accessing a device.

Blink Personal is based on Blink 2.5 which started shippping last 
September. The consumer version will officially be launched on October 
23 and is available for download from eEye's website.



_________________________________
Visit the InfoSec News store!
http://www.shopinfosecnews.org 



This archive was generated by hypermail 2.1.3 : Mon Oct 16 2006 - 23:47:37 PDT