Security Now 2

Hosts: Leo Laporte and Steve Gibson Topic: " HoneyMonkeys " Published: August 25, 2005 Duration: 00:25:03 Transcript Previous episode – Next episode

Security Now: 002

News & Errata

• This episode was recorded using Google Talk[1]

Topic

• Strider HoneyMonkey Exploit Detection System[2]
• A Honeypot is a computer set on the internet to be attacked by hackers to find exploits
• A HoneyMonkey is a computer that mimics users and surfs to websites that are malicious to get infected
• A common source of websites to tests are hosts files that are published online and links in phishing emails
• Microsoft found in just one moth, 752 URL's that try to infect Windows XP machines using Internet Explorer
  • They even found one exploit that would infect an up to date Windows XP machine with all patches applied
  • Most of the exploited URL's are pornography sites
  • A user does not have to download anything, or click on anything to get infected, just going to the site can infect a computer
  • Microsoft removed the malicious links they found from MSN search
• Infecting computers has become a business model now

Notable Quotes

• Leo: By the way, ladies and gentlemen, this may be the only podcast where you ever hear the phrase, "spoof the IP of the HoneyMonkey."

External Links

• Show transcripts[3]
• Steve's shownotes [4]
• Download this episode[[5]]
• Download 16kb version of this episoden [6]

Production Information

This area is for use by TWiT staff only. Please do not add or edit any content within this section.

Previous Show - Next Show