Web Hosting How-Tos

  Home arrow Web Hosting How-Tos arrow How to Prevent Drive-by Downloads
Web Hosting Articles  
Web Hosting FAQs  
Web Hosting How-Tos  
Web Hosting News  
Web Hosting Reviews  
Web Hosting Security  
Weekly Newsletter 
 
Developer Updates  
Free Website Content 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Contact Us 
Site Map 
Privacy Policy 
Support 
 USERNAME
 
 PASSWORD
 
 
  >>> SIGN UP!  
  Lost Password? 
WEB HOSTING HOW-TOS

How to Prevent Drive-by Downloads
By: wubayou
  • Search For More Articles!
  • Disclaimer
  • Author Terms
  • Rating: 5 stars5 stars5 stars5 stars5 stars / 2
    2012-02-28

    Table of Contents:

    Rate this Article: Poor Best 
      ADD THIS ARTICLE TO:
      Del.ici.ous Digg
      Blink Simpy
      Google Spurl
      Y! MyWeb Furl
    Email Me Similar Content When Posted
    Add Developer Shed Article Feed To Your Site
    Email Article To Friend
    Print Version Of Article
    PDF Version Of Article
     
     

    SEARCH WEB HOSTERS

    TOOLS YOU CAN USE

    advertisement
    This article discusses methods hackers use to perform drive-by downloads, and how to prevent them.

    Drive-by downloads are attacks that, as their name suggests, work quickly and install malicious software on unsuspecting victims’ computers.  Their stealthy success relies on the exploitation of vulnerabilities found in Web-browsers, plugins, add-ons, and similar components that make up the browsing ecosystem.  Once entrenched, they can install viruses, spyware, and take control of a computer for a wide variety of purposes.  Daniel Peck, a researcher with Barracuda Labs, described the severity of drive-by downloads, “Anytime someone else gets to decide what software, what code is running on your computer, then your computer--all the information on it and everything on the network that is connected to it--is at risk.”

    A report from Cisco ScanSafe revealed that enterprise users experienced an average of 274 Web-based malware attacks in the first quarter of 2011.  That statistic represented a 103 percent increase over 2010’s first quarter numbers.  Such a drastic increase has to have some driving force behind it, and many believe that drive-by downloads are the culprit.

    Drive-by downloads come in many forms.  Perhaps the most common form occurs when browsing the Web.  You may visit a malicious site that was specially designed by attackers that downloads malware to your computer.  Even worse, you may visit a site that is usually legitimate, but was compromised and infects your computer as well.  Advertisements are another method used by drive-by downloads, as rogue antivirus software that prompts you to “protect” your computer when all it will really do is infect it.

    As to why drive-by downloads are increasing, Andre Brandt, Solera Networks’ director of threat research believes the availability of sophisticated exploit kits on the black market are a driving force.  Many of the exploit kits offer automated functionality which enables their users to apply them across multiple targets.  Another reason for the increase, Peck believes, is the expansion of browser environments.  As more browser versions, plugins, and add-ons hit the market, cybercriminals have more targets they can exploit.

    Although the news of drive-by downloads is disconcerting, one has to wonder if their frequency will lessen in the near future.  Not so, says Jeff Schmidt, CEO of JAS Global Advisors.  “Now, with HTML5, the boundaries around the browser are lessening, so I expect more of this will happen in the future,” he noted.

    Tips to Protect Yourself

    Now that you have a background on what drive-by downloads are and why their presence is increasing, you are probably wondering what you can do to protect yourself.  Here are some tips:

    Stay Up-to-date

    The steady increase of online threats has made the existence of frequent updates a fact of life.  It’s unfortunate, but it’s a result of the constant cat and mouse game between security companies and cybercriminals.  Having to install frequent updates can definitely be irritating, but if you want to keep drive-by downloads at bay, it’s an exercise you must practice. 

    Hackers know that users tend to ignore updates as a matter of convenience, and they use this knowledge to exploit vulnerabilities that exist in outdate versions of plugins and browsers.  According to Zscaler ThreatLabs, Adobe Acrobat is the most common outdated plugin affected by such exploits.  Again, while installing updates may be a hassle, taking the few minutes to install them can prevent major headaches down the road.  You’ll often find that updating your antivirus software, browsers, plugins, add-ons, and more won’t even take minutes to complete, so there really is no excuse not to do it.

    Limit Admin Privileges

    This bit of advice is geared towards IT professionals.  Most IT departments allocate standard user accounts to employees as a protective measure.  This was not always the case, as employees used to be given administrative access to make it easier to download drivers and the like.  Of course, such a practice offers up consequences, so the trend has shifted over time to standard accounts.  Regardless, limiting administrative access helps lower the amount of damage malware could inflict on a system.  “If I happen to open a browser when I'm logged in and download something bad, the scope of the damage is limited to the user context. It doesn't own the machine,” argued Schmidt.

    Make Use of Web-filtering Software

    One good way to keep safe while browsing is to make use of Web-filtering software.  As its name suggests, this type of software helps to filter out the bad from the good.  As the presence of sites tainted by drive-by downloads increases, the likelihood of you stumbling upon such a site is higher.  Using Web-filtering software can form a protective barrier between you and such sites by offering recommendations on which sites are safe or unsafe.  Think of this preventative measure as sort of a virtual bodyguard for your browsing needs.

    Turn Java Off

    Brandt suggests that IT departments should uninstall Java from systems under their watch until a patch becomes available for the CVE-2011-3544 issue.  This malicious Java applet comes embedded in a Java Archive file and has the potential to permit an unsigned applet to gain unrestricted access to run arbitrary Java code.  On an added note, Brandt also believes users should go into their PDF reader preferences and disable JavaScript in PDF documents.

    Firefox Users: Employ the NoScript Add-on

    If Mozilla’s Firefox is your browser of choice, its NoScript add-on is a must.  Having this add-on installed and enabled gives you the power to grant permissions to only trusted websites to run Flash, Java, and JavaScript.  According to Brandt, employing NoScript for your Firefox browsing is a way to decrease your chances of getting hit by a drive-by download.  “As far as I can tell, it's the only surefire method of preventing an accidental infection of a Windows PC by exploit-kitted web pages,” he added.

    Watch Out for BLADE Software

    BLADE, or Block All Drive-by Download Exploits, is software that is coming soon from researchers at SRI International and Georgia Tech University.  Still in its stages of development, BLADE promises to keep drive-by downloads from infecting vulnerable Windows machines.  A free prototype is said to be in the works, so keep your eyes open for the launch date of this crafty tool.

    For more on this topic, visit http://www.pcworld.com/article/249814/6_ways_to_defend_against_driveby_downloads.html


    DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

    More Web Hosting How-Tos Articles
    More By wubayou

    WEB HOSTING HOW-TOS ARTICLES

    - Phishing Scams: An Overview and How to Detec...
    - Tips for Safe Downloading Online
    - How To Avoid Spam
    - How to Get Into Ethical Hacking
    - How to Prevent Drive-by Downloads
    - Facebook Timeline Tips and Tricks
    - How to Keep Up with Facebook`s Changes
    - Wi-Fi Network Security Tips
    - Tips for Safe Online Holiday Shopping
    - Facebook Privacy: Keeping Up with the Const...
    - Tips for Facebook Privacy
    - How to Cover Your Tracks on the Web
    - SSH Keys for FileZilla and Putty in Cpanel
    - How to Create a Filezilla FTP User
    - How to Install FileZilla Server

    Developer Shed Affiliates

     




    © 2003-2017 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap