[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

New paper - Testing the Enterprise Security: Anti-Spam and Anti-Virus Solutions

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: New paper - Testing the Enterprise Security: Anti-Spam and Anti-Virus Solutions
From: marian.ventuneac@xxxxx
Date: 9 Jun 2009 13:00:01 -0000

Paper: Testing the Enterprise Security: Anti-Spam and Anti-Virus Solutions

Abstract:

Enterprise Anti-Spam and Anti-Virus solutions are widely used to protect 
corporate e-mail servers against various external threats including spamming, 
viruses, spyware, and phishing attacks. Usually claiming a high rate of 
malicious message filtering (between 95-99%), it is hard to argue that its main 
purpose is realized. However, no comprehensive benchmarking on how such 
security solutions stand against internal attacks is currently available. 
Relying on various commercial and open-source technologies (Microsoft .NET, 
MySQL, PHP, Linux, Apache HTTP server, etc.), the majority of Anti-Spam and 
Anti-Virus enterprise solutions employ Web-based applications to allow remote 
configuration, administration and management of spam-quarantined e-mails. While 
Web-based applications are often found to be vulnerable to a wide variety of 
security vulnerabilities (including SQL Injection, Cross-Site Scripting, Denial 
of Service, Privilege Escalation, etc.), such enterprise security solution
 s make unfortunately no exception.

This paper highlights the need of vendor-certified security testing for 
Anti-Spam and Anti-
Virus enterprise solutions, in order to protect it against internal attacks. In 
a structured effort to benchmark and potentially improve various enterprise 
security products, the author?s recent research done in collaboration with Data 
Communication Security Laboratory from University of Limerick, (Ireland) is 
presented. Various security vulnerabilities identified in high-profile 
enterprise Anti-Spam and Anti-Virus products commercialized by vendors such as 
Marshal8e6 [1], Barracuda Networks [2], and Symantec [3] are discussed, while 
the implications of vulnerabilities exploitation and the risks for the 
enterprise are analyzed.

Author: Dr. Marian Ventuneac

Paper download: http://www.testingexperience.com/testingexperience02_09.pdf

Prev by Date: (Post Form var 'username') BLIND SQLi exploit --S-CMS <= v-2.0 Beta3-->
Next by Date: Re: XMLHttpRequest file upload vulnerability Chrome 2 & Safari 3
Previous by thread: (Post Form var 'username') BLIND SQLi exploit --S-CMS <= v-2.0 Beta3-->
Next by thread: Secunia Research: Microsoft Excel Record Parsing Array Indexing Vulnerability
Index(es):
- Date
- Thread