Letter #5: Hackers will always go after the "big dog"

By SearchWindowsSecurity.com readers 31 May 2005 | SearchWindowsSecurity.com

Digg This!     StumbleUpon     Del.icio.us

Letter #5: Hackers will always go after the "big dog"

Reader:
Howard Sorensen
PC and Network Support
The National Arbor Day Foundation

Environment: Microsoft shop with Windows 2000 and XP Professional machines in an Active Directory environment.

Internet Explorer or Firefox: Internet Explorer

Why IE: Internet Explorer is our organization's default browser. We lock down the user desktops to prevent them from installing unauthorized applications so Firefox has not been used, except for those in our Web Development area, and of course, by some of our IT staff. We actively keep our PC's patched and regularly updated, and we constantly scan for viruses. We do what is necessary to keep the "bad guys" out short of totally locking everything down and allowing no access -- either in or out -- at all.

Setting this up in the beginning took some work, but now that it has been in place for quite some time, we find that this approach not only frees us up to explore other areas of network computing, but it has drastically reduced the number of instances of malware infestations that require drastic and time-consuming workarounds.

Firefox as a future attack target: Personally, I like Firefox. Of course I also like IE, the MAC OS, Linux and Windows. Each has its strong points and features thet help you accomplish what you want to do. But no matter how tight your code is, there will be some weakness that allows someone to expoit it and use it for his own purpose -- nothing is 100% fool-proof.

The bigger the dog the more people will go after it trying to find these weaknesses. Right now, IE is the target because Microsoft is the "Big Dog." If Firefox continues to gain market share and become a prominent player, then it too will begin to be attacked as much as IE is now.

How to enforce safe browsing: Our IT personnel constantly educates our users in the art of safe computing using a variety of methods ranging from formal training sessions to one-on-one conversations discussing what to do and not do, what to look for and how to protect yourself whether you are in front of a computer at work or home, and encourages them to be proactive in their approach.

Tags: Microsoft Internet Explorer (IE),  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Microsoft Internet Explorer (IE) Admins can wear many hats using Netcat Patching third-party browsers adds more work in Windows shops Four Internet Explorer 8 Group Policy security settings Safe enterprise Web browsing: Five tips in five minutes Top client security tips of 2006 General security configuration: Step 1 Protection against international domain names, URL handling: Step 3 ActiveX opt-ins, information bar and cross-domain protection: Step 4 Windows Vista and IE7: Step 5 Phishing filter: Step 2

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary ActiveX  (SearchEnterpriseDesktop.com) ActiveX control  (SearchEnterpriseDesktop.com) Internet Explorer  (SearchEnterpriseDesktop.com) Internet Explorer Administration Kit  (SearchEnterpriseDesktop.com) tabbed browsing  (SearchEnterpriseDesktop.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary