Detecting Internet Browser Attacks
Detecting incoming malicious mobile code in the browser environment (without relying on an antivirus scanner) isn’t for the technological faint of heart. It requires a minimum understanding of browser-based languages and technologies.
Use an Antivirus Scanner or Firewall
If you are using a well-designed and fully functional antivirus
scanner/firewall product, it should detect some known security
vulnerabilities. Unfortunately, browser exploits are frequent and
varied, and it only takes one little change to bypass a scanner.
Antivirus scanners do not have the greatest luck against
browser-based malicious mobile code. Some software tools, such as
Finjan's SurfinShield
are built from the
ground up to detect and prevent browser-based security threats, and
as such, should be given higher consideration in an environment with
a higher than normal risk of browser exploits.
Check Unexpected or Unexplained Errors
Malicious mobile code often causes unexpected errors or warnings. If you are surfing a web site and all of a sudden an error message pops up saying something like, “Unable to access System Registry,” there is a good chance malicious mobile code is afoot. I also get suspicious if my browser warns me that unsafe content is attempting to access local resources. That said, most browser errors are created by legitimate, poorly written scripts or buggy browser code. When in doubt, try the next step.
View Source Code
On suspicious web pages, I often view ...
Get Malicious Mobile Code now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.