Live Hack DemoDrive By Download Winter 2010 Pete Adams Manager Sales Engineering, WatchGuard
Most major attacks have moved to the web. Internet Security continues to evolve
One Example: “Drive By Downloads” Today, I am going to show you one way that hackers access your network today. (A “Drive By Download”) 1. A user is enticed to view a website. 2. This website installs an application locally without the users knowledge. 3. The Users computer “Dials Home” to an IRC server the hacker “Owns”. At this stage, the computer is under complete control of the hacker, and will follow any of his instructions from this day forward!
A few basic facts • Any website can be used to spread malicious data. (P2P, IM, IRC, Spyware, Malware, Trojans, etc…..) Just because a website belongs to a large well known company does not mean that you can “Trust” the data they send you. • I like to say “I don’t trust my computer, why should I trust yours?” When doing business on the Internet, I am not giving my credit card to Best Buy, I am giving it to Best Buy’s COMPUTER. • Most malicious applications today are going to come through a “Trusted Protocol” such as HTTP, FTP, SMTP, POP3, DNS.