WhatsUp Gold: Daily Network Monitor Blog

Network Monitoring News

By Erin Hayes

As technology evolves so does the ability for people to hack it.

Ipswitch WhatsUp Gold is staying ahead of the game with its versatile network traffic analyzer, Flow Monitor.

Did you know it’s rarely an apocalyptic hack, like the ones depicted in SyFy films, of which businesses should be weary? Instead – according to a recent report on the Black Hat Briefings by SearchSecurity.com- – it’s the persistent, targeted attacks that weaken a company’s IT infrastructure and compromise its business.

SearchSecurity.com reported last week on two researchers who demonstrated examples of hacks at the Black Hate Briefings. The duo’s hacks ranged from zero-day PDF attacks to memory-based rootkits.

The presenters, Nick Percoco, senior VP at Trustwave’s SpiderLabs and Trustwave senior forensic investigator Jibran Ilyas pointed out what WhatsUp Gold Flow Monitor customers already know:

That attackers are hiding in plain sight and that they are moving data out of organizations using tried-and-true means, such as FTP, HTTP and SMTP.

Firewalls are of little use in these situations. They won’t flag HTTP traffic as an anomaly.

What you need is the ability to monitor traffic moving over TCP port 31337. WhatsUp Gold Flow Monitor, in conjunction with Alert Center, provides this ability and alerts users in real-time when a security breach happens.

In addition, the new release of WhatsUp Gold Flow Monitor allows users to set up monitors on multiple TCP ports (80.8080, etc) so by setting up an alarm specifically for port 31377, you can monitor in real-time and detect the kinds of attacks that Black Hat is reporting.

For the full article click here.

To download a free trial of Flow Monitor click here.

Share:
  • Facebook
  • Twitter
  • Digg
  • Tumblr
  • StumbleUpon
  • del.icio.us
  • Yahoo! Buzz
  • Google Bookmarks
  • Reddit

One Comment

  1. dulcet30@gmail.com on March 14, 2011 12:04 am

    Great report about traffic analysis.I agree with your firewall point.Thanks for the report.

Write a Comment