Ethical Hacker Community Forums

Hello,

I was doing a research paper on client-side attacks and needed to include a few more counter measures. I know there's alot of security people that use this forum. Anyone willing to throw out some useful countermeasures my way. Thanks in advance!

care to put what you have already?

but i'll give you one for free. noscript in firefox.

Yeah, I had a few.
- Keep AntiVirus/Firewall/IDS Software up-to-date
- Keep your OS up-to-date
- Keep your software versions up-to-date
- Refrain from opening mail from untrusted/unknown sources

you'll also want to mention a locked down group policy forcing least privilege across the domain.

in there you can do things like setting browser zone and office macro settings to the appropriate level for the organization and ideally not let the user lower those settings.

Ight, thanks for the reply Chris, good to get info from a respected member of this forum.

awarness, one of the most important vectors of the client side attacks is social engineering, training users, and admins and briefing them on these kind of attacks is one counter measure also :)

oh well hopefully one of those guys will reply soon.

oh well hopefully one of those guys will reply soon.

lol... ;D

It is worth remembering in order to minimise the impact of a client side attack, it is advised to run with least privilege. I have lost count of the number of times I have seen admins surfing the Internet, reading email etc. with full domain admin access...