Те могат да бъдат използвани както от държавни агенции за сигурност, така и от големи, средни, малки компании. Наричат ги “тигрови екипи”, защото начинът по който работят заедно прилича на лов – лов за слаби точки в компютърни системи. В случая обаче, те работят за вас – защото обикновено “tiger team” е вътрешен екип, борещ се с вътрешни уязвимости, постоянно атакуващ собствената си мрежа, плътно до персоналните компютри, лаптопи, фирмени смартфони на служителите в компанията
Today a friend of mine called me and asked for help. His website apparently was hacked, but he did not know how, why… when… Ok, so I open up my browser, and see… “This site has been reported of malware” red screen of death, the Firefox one. If you try to Google for this page, same thing happens – Google had forbidden access to his site, although he was ranked №1 there. Strange? Not really. But it was devastating to his business, and a solution had to be found asap. His Twitter account got suspended for the same reason, too..
Ok… our next steps? Source code audit. A quick browse through the source code revealed a home-grown CMS, where NONE of the variables were protected, and a few files were infected with a known chinese web worm. Clean the worm? Not so fast security-boy! The CMS apparently was written in such a way, that if you try to strip out JS functionality, the whole system breaks up. If you try to clean the JS file, the whole system breaks up. In the end, I ended up manully modifying the core code of the CMS just to prevent future infections and clean it up. Not nice… not your regular virus/worm infection.
A quick remote check on his computer revealed trojans too – so who knows where the infection originated from. A complete reinstall was suggested, as well as thorough follow-up on the videos on this site in order to prevent the same thing from happening agian.
Update: his site is restored in Google and Firefox rankings after the clean-up, just 24 hours later.
I’m working on a all-in-one server for small/medium businesses, that will cover all the needs of a small office – spam filtering, web site filtering, PDC, file sharing, dns service etc.
From what my testing shows, it’s amazing in performance and will serve more than well almost everybody.
Много може да бъде написано за сигурността на информацията. Това как да не бъде изнесена от вътрешни хора, как да не бъде открадната от външни, как да се предпази от унищожение или да бъде осигурена нейната постоянна достъпност. Тук ще се концентрирам върху предпазване от кражба на информация чрез проникване отвън – и ще ви представя най-лесния, най-ефективния, и най-краткия откъм описания метод