InterScan AppletTrap Zhang Hong Trend Micro, AppletTrap Team 2001.09.18 (Nanjing)

Slides:



Advertisements
Similar presentations
Enabling Secure Internet Access with ISA Server
Advertisements

Overview Environment for Internet database connectivity
Mobile Code Security Yurii Kuzmin. What is Mobile Code? Term used to describe general-purpose executables that run in remote locations. Web browsers come.
Chapter 17: WEB COMPONENTS
Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee
DESIGNING A PUBLIC KEY INFRASTRUCTURE
Building Applications using ASP.NET and C# / Session 1 / 1 of 21 Session 1.
Abdelilah Essiari Gary Hoo Keith Jackson William Johnston Srilekha Mudumbai Mary Thompson Akenti - Certificate-based Access Control for Widely Distributed.
INTERNET DATABASE Chapter 9. u Basics of Internet, Web, HTTP, HTML, URLs. u Advantages and disadvantages of Web as a database platform. u Approaches for.
Report Distribution Report Distribution in PeopleTools 8.4 Doug Ostler & Eric Knapp 7264.
Mobile Code and Worms By Mitun Sinha Pandurang Kamat 04/16/2003.
Implementing ISA Server Caching. Caching Overview ISA Server supports caching as a way to improve the speed of retrieving information from the Internet.
How Clients and Servers Work Together. Objectives Learn about the interaction of clients and servers Explore the features and functions of Web servers.
Computer Security and Penetration Testing
MCDST : Supporting Users and Troubleshooting a Microsoft Windows XP Operating System Chapter 15: Internet Explorer and Remote Connectivity Tools.
Mgt 240 Lecture Website Construction: Software and Language Alternatives March 29, 2005.
 Proxy Servers are software that act as intermediaries between client and servers on the Internet.  They help users on private networks get information.
COMPUTER TERMS PART 1. COOKIE A cookie is a small amount of data generated by a website and saved by your web browser. Its purpose is to remember information.
Page 1 Sandboxing & Signed Software Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Course 201 – Administration, Content Inspection and SSL VPN
INTRODUCTION TO WEB DATABASE PROGRAMMING
M. Taimoor Khan * Java Server Pages (JSP) is a server-side programming technology that enables the creation of dynamic,
FALL 2005CSI 4118 – UNIVERSITY OF OTTAWA1 Part 4 Web technologies: HTTP, CGI, PHP,Java applets)
1 Modular Software/ Component Software 2 Modular Software Code developed in modules. Modules can then be linked together to produce finished product/program.
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
Chapter 16 The World Wide Web Chapter Goals Compare and contrast the Internet and the World Wide Web Describe general Web processing Describe several.
Masud Hasan Secue VS Hushmail Project 2.
Chapter 4: Core Web Technologies
Ladd Van Tol Senior Software Engineer Security on the Web Part One - Vulnerabilities.
SUSE Linux Enterprise Server Administration (Course 3037) Chapter 4 Manage Software for SUSE Linux Enterprise Server.
Web Security Chapter 6. Learning Objectives Understand SSL/TLS protocols and their implementation on the Internet Understand HTTPS protocol as it relates.
NASRULLAH KHAN.  Lecturer : Nasrullah   Website :
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Client Side Vulnerabilities Aka, The Perils of HTTP Lesson 14.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
A virus is software that spreads from program to program, or from disk to disk, and uses each infected program or disk to make copies of itself. Basically.
Web Pages with Features. Features on Web Pages Interactive Pages –Shows current date, get server’s IP, interactive quizzes Processing Forms –Serach a.
Active Server Pages  In this chapter, you will learn:  How browsers and servers interacted on the Internet when the Internet first became popular 
Module 5: Configuring Internet Explorer and Supporting Applications.
Introducing ASP.NET 2.0. Internet Technologies WWW Architecture Web Server Client Server Request Response Network HTTP TCP/IP PC/Mac/Unix + Browser (IE,
1 World Wide Web Concepts (Chapter 18) 인공지능연구실. 2 목 차  Elements of the Web  Web Browsers  Keeping Tracking of your Favorite Web sites  Security and.
1 MSCS 237 Overview of web technologies (A specific type of distributed systems)
Troubleshooting Security Issues Lesson 6. Skills Matrix Technology SkillObjective Domain SkillDomain # Monitoring and Troubleshooting with Event Viewer.
RUBRIC IP1 Ruben Botero Web Design III. The different approaches to accessing data in a database through client-side scripting languages. – On the client.
Module 7: Advanced Application and Web Filtering.
Introduction to Internet. Chapter 1 Objectives Origins of the Internet Packets and Routers TCP/IP DNS HTTP URL Client-Server.
1 Mobile Code l Java Review –Java code is platform independent and runs within a “sandbox”, or a set of restrictions that keep downloaded applets from.
1 WWW. 2 World Wide Web Major application protocol used on the Internet Simple interface Two concepts –Point –Click.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Web Design and Development. World Wide Web  World Wide Web (WWW or W3), collection of globally distributed text and multimedia documents and files 
NASRULLAH KHAN.  Lecturer : Nasrullah   Website :
Dispatching Java agents to user for data extraction from third party web sites Alex Roque F.I.U. HPDRC.
LAB#8 PKI & DIGITAL CERTIFICATE CPIT 425. Public Key Infrastructure PKI 2  Public key infrastructure is the term used to describe the laws, policies,
Active X and Signed Applets Chad Bollard. Overview ActiveX  Security Features  Hidden Problems Signed Applets  Security Features  Security Problems.
Digital Certificates Presented by: Matt Weaver. What is a digital certificate? Trusted ID cards in electronic format that bind to a public key; ex. Drivers.
ClickOnce Deployment (One-click Deployment)
CX Introduction to Web Programming
BUILD SECURE PRODUCTS AND SERVICES
Web Programming Language
Tonga Institute of Higher Education IT 141: Information Systems
5/7/2018 Java Security and a Firewall Extension for Authenticity Control of Java Applets.
WWW and HTTP King Fahd University of Petroleum & Minerals
Ad-blocker circumvention System
Web Caching? Web Caching:.
Using SSL – Secure Socket Layer
Tonga Institute of Higher Education IT 141: Information Systems
Communication and Information Resource Centre Administrator
Tonga Institute of Higher Education IT 141: Information Systems
ClickOnce Deployment (One-click Deployment)
The new EDAMIS and its security
Presentation transcript:

InterScan AppletTrap Zhang Hong Trend Micro, AppletTrap Team (Nanjing)

InterScan AppletTrap Trend Micro InterScan AppletTrap is a policy-based, centrally-managed enterprise solution at the Internet gateway that monitors the behavior of malicious applets, ActiveX, JavaScript and VBScript. Wheres AppletTrap

InterScan AppletTrap SurfinShield: Client solution. Replace Java library in browsers administration issue(deploy, upgrade) SurfinGate: Server Solution. Static parsing at server. Heavy load on server The competitors

InterScan AppletTrap Distribute work between client and server evenly Balance between runtime monitoring and static scanning Low administration cost Support resign for Jar file AppletTrap

InterScan AppletTrap How AppletTrap works?

InterScan AppletTrap AppletTrap Proxy AppletTrap stands as a HTTP proxy and not require any client-side modification Implemented Cache Support Http, Https and Ftp

InterScan AppletTrap Jar File Controls Check the block list firstly Check the certification Do instrument Repack the Jar file Resign with imported sign key

InterScan AppletTrap Class File Controls Check the block list firstly Do instrument

InterScan AppletTrap Instrument Alter java code sequence during downloading Server: static scan java code to find insecure function Server: insert monitoring instruction before and after insecure function Client: run original code and monitoring code Client: send report back if malicious code found

InterScan AppletTrap Certification checks Check the integrality of certification to prove that the certification not be modified Check whether the CP are trusted with our CP list Check the integrality of software with the public key of CP

InterScan AppletTrap Certification A certificate is a set of data that identifies an entity. The data in a certificate includes the public cryptographic key. A certification include CP and CA

InterScan AppletTrap CA & CP The trusted organization that issues the certificate is a Certification Authority (CA) and is known as the certificate's issuer. CP is some one who publish the software, as well as the certificate, and we can verify the authenticity of that CP by verifying the digital signature and the certificate

InterScan AppletTrap Re-Sign Break the integrity of digitally signed Applets Re-sign by specified signer Client: only accept specified signer

InterScan AppletTrap ActiveX Signature Scanning AppletTrap can check the certification and block unsafe PE (Portable Executable) formats (for example,.exe,.ocx etc.) and cabinet (.cab) files with hash list.

InterScan AppletTrap HTML Script Filtering AppletTrap just gets out all the script from the html file. AppletTrap only filter scripts from Hypertext Markup Language file and will not do script filter for a normal script file.

InterScan AppletTrap URL Blocking AppletTrap provides the ability to forbid all the clients access the given URLs Administrator can add a remote folder and set recursive to forbid access all the files and all subfolders in it.

InterScan AppletTrap TVCS compatible InterScan AppletTrap comes fully compatible with the Trend Virus Control System TVCS registration supports through a proxy and supports

InterScan AppletTrap Update Block Lists Upload all blocked java,URL and ActiveX to server and download trend identified block list

InterScan AppletTrap Configure Controls Support remote configure InterScan AppletTrap comes with a web-based administrator console for central management on the network.

InterScan AppletTrap Q & A

InterScan AppletTrap Known issues #1 UTF8 name file can't exact correctly and report error in server log

InterScan AppletTrap Known issues #2 If cached file quantity is large and shut down the PC abnormal, restart the applettrap service will take long time.

InterScan AppletTrap Known issues #3 Can t access some website chat room or forum with Applettrap. For example, chat rooms in

InterScan AppletTrap Known issues #4 We only support digital ID which is for Netscape Object signing purpose and can export to.p12 format by Netscape browser.Digital ID from Verisign is recommended.

InterScan AppletTrap Known issues #5 If the disk space is near to full, the all ActiveX can pass through, AppletTrap cant block it.

InterScan AppletTrap Known issues #6 If update licensed version 2.0 to Version 2.5, it is still trial run version, user must input the license key again

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.