Comments on: Security Choices, Part 3: Proactive Security Solutions http://www.securityteacher.com/2008/03/12/security-choices-part-3-proactive-security-solutions/ Internet Security Tips and Advice Thu, 22 Jan 2009 18:13:06 -0600 http://wordpress.org/?v=2.8.6 hourly 1 By: Matt http://www.securityteacher.com/2008/03/12/security-choices-part-3-proactive-security-solutions/comment-page-1/#comment-150 Matt Mon, 24 Mar 2008 12:22:22 +0000 http://www.securityteacher.com/2008/03/12/security-choices-part-3-proactive-security-solutions/#comment-150 Perhaps the simplest way to understand what a HIPS is, is to think of it as a firewall between applications and system components. Of course there can be issues, something attempting to hook the keyboard input, may be a helpful macro expander tool or an evil piece of spyware, so some understanding by either the user or the protection program of what is reasonable and what is unsafe is needed, as haphazard answers to prompts, can leave security minimal or devastate legitimate operations, neither of which are desirable. Some progress has been made, but not nearly enough. At their present state, most forms of HIPS do not score highly on usability. Perhaps the simplest way to understand what a HIPS is, is to think of it as a firewall between applications and system components.

Of course there can be issues, something attempting to hook the keyboard input, may be a helpful macro expander tool or an evil piece of spyware, so some understanding by either the user or the protection program of what is reasonable and what is unsafe is needed, as haphazard answers to prompts, can leave security minimal or devastate legitimate operations, neither of which are desirable. Some progress has been made, but not nearly enough.

At their present state, most forms of HIPS do not score highly on usability.

]]> By: Raymond Juillerat http://www.securityteacher.com/2008/03/12/security-choices-part-3-proactive-security-solutions/comment-page-1/#comment-148 Raymond Juillerat Sun, 16 Mar 2008 14:35:44 +0000 http://www.securityteacher.com/2008/03/12/security-choices-part-3-proactive-security-solutions/#comment-148 Certain sites protect their images or other critical pages against the possibility to refer them from another site. To do this they need to know the referrer to give back the content only it is the awaited one (in the same domain as current one). With PHP programming, it is easy to do this. But on a computer having outpost security suite v6, the referrer is blocked also when it's domain is the same as the asking one. That is a very strong drawback of your solution. I mean it's an error to block in that case. Any solution ? Certain sites protect their images or other critical pages against the possibility to refer them from another site. To do this they need to know the referrer to give back the content only it is the awaited one (in the same domain as current one). With PHP programming, it is easy to do this. But on a computer having outpost security suite v6, the referrer is blocked also when it’s domain is the same as the asking one. That is a very strong drawback of your solution. I mean it’s an error to block in that case.
Any solution ?

]]>