[Owasp-Malaysia] News: Infosec Threat

Hazrul Hamzah hazrul at hazrulnz.net
Mon Nov 15 03:07:42 EST 2010


Obscurity is good but then it is important to know what are the
things/assets that we are defending for. As long as the defender can
have the visibility as much as possible, I dun see any problem.
Monitoring SSL channel is kinda useless unless the sensor were placed
properly (behind ssl terminator or reverse proxy or ssl accelerator).
Monitoring just the packet size alone is not that sufficient. Monitoring
the system/application logs alone is kinda lil bit late and defeat the
purpose of having early warning system emplaced..

My view lah

On 15/11/2010 15:42, Najmi wrote:
> Kinda like the idea of security through obsecurity, instead of
> security by design.. :p
>
> "Hazrul Hamzah" <hazrul at hazrulnz.net> wrote:
>
> > To add,
>
> > Do not use "FREE" as the main reason of using Open Source Software.
> > Open
> > source not only good in sense of customization etc but also it provides
> > inside information for the attackers for executing his attacks. Try to
> > avoid too generic installation and do have the resources of maintaining
> > that particular apps. ;)
>
> > Thanks
>
> > On 15/11/2010 14:10, Mohd Fazli Azran wrote:
> >> Dear members,
> >>
> >> You can read the Infosec Threat 2010
> >>
> >
> <http://www.securelist.com/en/analysis/204792133/Information_Security_Threats_in_the_Second_Quarter_of_2010>.
> >> What i worried is Malaysia are listed as one of the country as
> >> Maliciois Farm. Thanks to Najmi for the info.
> >>
> >> *1) Distribution of attacks by country : *Malaysia on 7 place*
> >>
> >> 2) **Top 20 countries with servers hosting malicious code : *Malaysia
> >> on 19 place*
> >>
> >> *So we know now our country was listed on this threat. I just
> >> thingking why others country Europe or America Latin not many in the
> >> list.**We can see many are from ASIA*. *Specially in Malaysia we have
> >> others mechanism or a way to protect it. What we done so far are not
> >> enough to prevent it. Now maybe cause 80% of malaysian now have
> >> PC/laptop so the virus/malware also grow up. And for sure many of
> >> Malaysian users use pirate software especially use Microsoft,Game &
> >> Antivirus Software that not many people notice that pirate software
> >> already include malware or virus ready.
> >>
> >> We have solution?
> >>
> >> 1) Use original software!! Specially (Microsoft, Antivirus & Game)
> >> 2) Use Open Source Software
> >> 3) We need do more awareness & education program in National level.
> >>
> >> That my 0.5 cent thinking. Anyone have better idea or suggestion.
> >> Pease share it.
> >>
> >> Mohd Fazli Azran
> >> OWASP Malaysia
> >>
> >>
> >> _______________________________________________
> >> Owasp-Malaysia mailing list
> >> Owasp-Malaysia at lists.owasp.org
> >> https://lists.owasp.org/mailman/listinfo/owasp-malaysia
> >>
> >> OWASP Malaysia Wiki
> >> http://www.owasp.org/index.php/Malaysia
> >>
> >> OWASP Malaysia Wiki Facebook
> >>
> > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
> >>
> >>
> >> __________ Information from ESET NOD32 Antivirus, version of virus
> > signature database 5619 (20101114) __________
> >>
> >> The message was checked by ESET NOD32 Antivirus.
> >>
> >> http://www.eset.com
> >>
>
>
>
>
> > __________ Information from ESET NOD32 Antivirus, version of virus
> > signature database 5619 (20101114) __________
>
> > The message was checked by ESET NOD32 Antivirus.
>
> > http://www.eset.com
>
> > _______________________________________________
> > Owasp-Malaysia mailing list
> > Owasp-Malaysia at lists.owasp.org
> > https://lists.owasp.org/mailman/listinfo/owasp-malaysia
>
> > OWASP Malaysia Wiki
> > http://www.owasp.org/index.php/Malaysia
>
> > OWASP Malaysia Wiki Facebook
> > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
>

_______________________________________________
Owasp-Malaysia mailing list
Owasp-Malaysia at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-malaysia

OWASP Malaysia Wiki
http://www.owasp.org/index.php/Malaysia

OWASP Malaysia Wiki Facebook
http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420



__________ Information from ESET NOD32 Antivirus, version of virus
signature database 5619 (20101114) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com






__________ Information from ESET NOD32 Antivirus, version of virus signature database 5619 (20101114) __________

The message was checked by ESET NOD32 Antivirus.

http://www.eset.com




More information about the Owasp-Malaysia mailing list