Haute Secure - Blocking drive-by malware downloads

Security

Haute Secure – Blocking drive-by malware downloads

By ryan naraine July 17, 2007, 3:21 AM PDT

Image
1
of 11

Haute Secure – Blocking drive-by malware downloads

Read the EULA

Before installing, the user is required to agree to an End User Licensing Agreement (EULA).

Requires a restart

Upon installation, Haute Secure requires a Windows restart to complete the process.

The Haute Secure Toolbar

The utility works within Internet Explorer, much like a regular toolbar. This screen shows Haute Secure living within IE 7 on Windows Vista.

The warning icon

When Internet Explorer browses to an unsafe Web site, the Haute Secure toolbar turns red and displays a “warning” sign.

This site is very dangerous

On live exploit sites, Haute Secure blocks the Internet Explorer user from browsing and displays a bright red icon with a blunt “This site is very dangerous” warning.

Unblocking a site

If an Internet Explorer user wishes to unblock a site flagged as dangerous, this can be done via a few mouse-clicks.

Rootkit.com, marked as safe

During my testing, I browsed to some sites that host known harmful code. Haute Secure lists Rootkit.com as safe, because there is no attempt to launch a drive-by exploit.

OffensiveComputing.net, not so safe

At OffensiveComputing.net, a research-focused malware repository, Haute Secure isn’t as accomodating. rnrn

An IE user is greeted with a blinking yellow message in the toolbar, marking Offensive Computing as hosting “embedded” content.

Embedded content warning

Browsing to a known exploit site brings up another orange-colored “embedded content warning.”rnrn

EDITOR’S NOTE: Do not browse to the URL in this screenshot with an unpatched Windows machine and without adequate protection from malware files.

No search page warning

Unlike McAfee’s SiteAdvisor and Exploit Prevention Labs’ LinkScanner, Haute Secure does not issue a warning when search results return known bad sites.rn

In this example a search for “Lindsay Lohan screensavers” brings up a known exploit site but Haute Secure does not flag this. rnrn

See next slide to see what happens when the known site is launched…

Lindsay Lohan screensaver warning

When the user clicks on the “Lindsay Lohan screensaver” from the search result (see previous slide), Haute Secure flashes a “warning” in the Internet Explorer toolbar.

By ryan naraine

Account Information

Contact ryan naraine

Your message has been sent
|
See all of ryan's content

PURPOSE Finding a back-end developer with programming and technical expertise as well as superior collaboration and communication skills will require a comprehensive recruitment strategy. This Hiring Kit from TechRepublic Premium provides an adjustable framework your business can use to find, recruit and ultimately hire the right person for the job. From the hiring kit: TYPICAL ...

PURPOSE Application engineers need to have technical expertise in programming, design, business and the software and hardware required to run the application. This Hiring Kit from TechRepublic Premium provides an adjustable framework your business can use to find, recruit and ultimately hire the right person for the job. From the hiring kit: DETERMINING FACTORS, DESIRABLE ...

PURPOSE The purpose of this policy from TechRepublic Premium is to provide guidelines for employee performance reviews, which will clearly document accomplishments and areas of opportunity via an encouraging and thought-provoking analysis. This will assist in determining the next steps for employees as well as their future at the organization. This policy can be customized ...