Welcome back to the series on Zero Day Attack,If you have come directly to this post I would recommend you to go through the previous posts “What is a Zero Day Attack Part one“. and About Fuzzers part two (on application firewalls).In this final post we will look into Web Server Protection.

Web Server Protection:

Remember famous worms like Code Red and Nimda that attacked web servers and cause plenty of damage? As network security is becoming harder to penetrate because of firewalls,IDS devices and secure gateways., Hackers have changed there target to Web Applications.

So even though the organizations have enough protection and firewalls to stop them but still the application that is running on those servers can be hacked.Some of the software I found using search engines and reviews are listed below.

WebApp.secure:

This is a software for web server hardening and web application security.It uses intelligent web/insite technology to recognize and and enforce a website’s intended use guidelines.If any activity happening on web application does not meet the guidelines, is automatically blocked and reported.Thus it can provide protection against a zero day attack.

You can download it from here

Prevx1:

This is an anti-malware software.It can run along with your anti virus, firewall etc.This works by learning the behavior of the system and also has a list of the current malware present.When it runs for the first time, it scans and catalogs all the executable on the system and verifies them against the online database list.Thus it needs a constant online access.Any unusual activity found after that is directly reported to the central server which is maintained by the online community.It keeps on scanning and rescanning and if it finds the activity to malicious, its blocked.This software is particularly more useful as the list of malware is maintained in the central database.Thus if any malware detected somewhere else can also be caught.

It works like Akismet used for wordpress.If any comments is caught in spam is reported to central server.Thus benefiting all the wordpress users before they get infected.

The tutorial of this software is here.They have given a very nice explanation.

Some other similar kind of application are listed below:

• Microsoft HoneyMonkey . This intent is to stop attacks that use webservers to exploit unpatched browser vulnerability and that install software on users system.
• Watchguard This can provide against even unsigned viruses.
• Symantec Critical System Protection This can provide protection through policy based rules to both desktop and severs.

Zero day attack will not stop as the bugs in softwares will never end.So the only things which is good is to be smarter on our side.Choose one of the products as it fits for you.Consult people around you and choose the right product.

This series was to make you aware of the Zero Day attack and its concept.Hope it helps.