Protection
Zero-day protection is the ability to provide protection against zero-day exploits. Zero-day attacks can also remain undetected after they are launched.
Many techniques exist to limit the effectiveness of zero-day memory corruption vulnerabilities, such as buffer overflows. These protection mechanisms exist in contemporary operating systems such as Microsoft Windows 8, Windows 7, Windows Vista, Apple's Mac OS X, recent Oracle Solaris, Linux and possibly other Unix and Unix-like environments; Microsoft Windows XP Service Pack 2 includes limited protection against generic memory corruption vulnerabilities. Desktop and server protection software also exists to mitigate zero day buffer overflow vulnerabilities.
"Multiple layers" provides service-agnostic protection and is the first line of defense should an exploit in any one layer be discovered. An example of this for a particular service is implementing access control lists in the service itself, restricting network access to it via local server firewalling (i.e., IP tables), and then protecting the entire network with a hardware firewall. All three layers provide redundant protection in case a compromise in any one of them occurs.
The use of port knocking or single packet authorization daemons may provide effective protection against zero-day exploits in network services. However these techniques are not suitable for environments with a large number of users.
Whitelisting effectively protects against zero day threats. Whitelisting will only allow known good applications to access a system and so any new or unknown exploits are not allowed access. Although whitelisting is effective against zero-day attacks, an application "known" to be good can in fact have vulnerabilities that were missed in testing. To bolster its protection capability, it is often combined with other methods of protection such as host-based intrusion-prevention system or a blacklist of virus definitions, and it can sometimes be quite restrictive to the user.
Engineers and vendors such as Gama-Sec in Israel and DataClone Labs in Reno, Nevada are attempting to provide support with the Zeroday Project, which purports to provide information on upcoming attacks and provide support to vulnerable systems.
Keeping the computer’s software up-to-date is very important as well and it does help.
Users need to be careful when clicking on links or opening email attachments with images or PDF files from unknown users. This is how many cyber criminals deceive users, by pretending they are something they are not and gaining the user’s trust.
Utilize sites with Secure Socket Layer (SSL), which secures the information being passed between the user and the visited site.
Read more about this topic: Zero-day Attack
Famous quotes containing the word protection:
“As Jerome expanded, its chances for the title, “the toughest little town in the West,” increased and when it was incorporated in 1899 the citizens were able to support the claim by pointing to the number of thick stone shutters on the fronts of all saloons, gambling halls, and other places of business for protection against gunfire.”
—Administration in the State of Ariz, U.S. public relief program (1935-1943)
“Take away from the courts, if it could be taken away, the power to issue injunctions in labor disputes, and it would create a privileged class among the laborers and save the lawless among their number from a most needful remedy available to all men for the protection of their business interests against unlawful invasion.... The secondary boycott is an instrument of tyranny, and ought not to be made legitimate.”
—William Howard Taft (1857–1930)
“Men speak of natural rights, but I challenge any one to show where in nature any rights existed or were recognized until there was established for their declaration and protection a duly promulgated body of corresponding laws.”
—Calvin Coolidge (1872–1933)