Server Shields

摘要

Every day, millions of vulnerability-assess- ment scans are conducted. Some are com-plex, targeted probes by professional attack-ers. Most are new vulnerabilities made public in late-night underground chat rooms, then lobbed hither and yon by script kiddies hoping to strike gold. Your server could be 0wn3d before you finish your morning McMuffin. We presented a simple premise to several host instrusion prevention (HIP) product vendors; "We have these servers that may or may not be vulnerable. Make sure they aren't." And we set two key requirements for the products we would test: First, they cannot rely solely on signature scans because signatures are reactive, not proactive. Second, the software must work with any application-from file servers to custom in-house services to Discount Bob's Big Webman Web server-because a server rarely runs only one process.