<img height="1" width="1" style="display:none" src="https://www.facebook.com/tr?id=439793516377641&amp;ev=PageView&amp;noscript=1">

CATEGORY ARCHIVES: ip-reputation

"I had no idea my network printers are talking to China!"

"I had no idea my network printers are talking to China!" exclaimed Gary Woodward, network administrator of the West Memphis School District in Arkansas.  This is a typical reaction when customers first install ThreatSTOP and find that their network is infested with botnets and active malware from all the rogue places primarily in Eastern Europe and China.  This is their "Houston, we've got a problem!" moment.  See the case study for more details.

Read More

Share this:

ThreatSTOP releases new reporting features

This weekend we have put our new log-parsing and reporting code into production. The new code significantly increases our speed of log parsing (by about two orders of magnitude) and it provides a lot more help to help our users research what particular blocked threats were caused by. As product manager I am very pleased to say that it is a massive improvement over the previous stuff but, for our existing users, there are a couple of niggles.

Read More

Share this:

Krueger Wholesale Florist Uses ThreatSTOP to Block Botnets

Krueger Wholesale Florist, a Wisconsin-based distributor of fresh cut flowers, green plants and supplies to customers across a nine states, has deployed an EdgeWave iPrism Web Security solution to four separate locations with hundreds of employees.  One of the key reasons for EdgeWave's win was ThreatSTOP, whose botnet blocklist is integrated into the iPrism.  This is often the case with EdgeWave, Simwood and other partners, where ThreatSTOP provides a key differentiator and value unavailable anywhere else.

Read More

Share this:

ThreatSTOP integrated into DDoS Protection Service

In another illustration of ThreatSTOP's wide-ranging value proposition for different use cases and customers, we have been integrated into a multi-layered DDoS (distributed denial of service) protection service provided by British service provider Simwood.  ThreatSTOP will be Layer B of the service (out of 4 layers)  that drops “dirty traffic” from malware and botnet sites at the IP level, which is a very efficient approach to increase clean traffic for the network.  ThreatSTOP uses only 2-8% of the comparable bandwidth to filter inbound traffic compared with packet inspection products prevalent in the market.

Read More

Share this:

Academic Freedom Need Not Mean Botnet Infections

ThreatSTOP has a number of universities and places of higher education as clients and, it turns out, there's a good reason for this. That reason is 'Academic Freedom' and the possibly unintended consequences of that on computers and networks.

Read More

Share this:

The ineffectiveness of AV

Over at ZDnet Ed Bott has a report on the ineffectiveness of anti-vrus tools against current malware where he notes that many AV vendors only detect it a day or two after it has been distributed and that by then a new variant that they don't detect has also been sent out. In the IT security space, this is not exactly new news. In fact here at ThreatSTOP, we've been using similar statistics in our sales pitch for about a year now and in fact the AV vendors themselves admit they have a problem. If you ask them in private that is.

Read More

Share this:

SonicWALL IP Reputation Fail

Since ThreatSTOP is an IP Reputation company, we naturally have a google news feed on the topic of 'IP reputation'. Today, for some reason, it provided a link to the IP reputation page of the firewall vendor SonicWALL. Naturally I had to test the page out to see how well it did. I picked the 4 addresses currently listed on our home page as being the "worst of the web":

Read More

Share this:

Don't let your computers talk to countries they aren't allowed to

Many organizations are subject to government regulations such as ITAR or OFAC that prohibit any dealings with certain foreign nations. Many others have countries that they will not do business with for reasons of corporate policy - because of rampant piracy or fraud for example. However with the Internet it isn't always where another computer is located. At least not from the domain name it reports or the place a user fills in as contact address. This means that, wittingly or unwittingly, computers in any organization may be connecting with other computers in locations that they are legally forbidden to have any communication with.

Read More

Share this:

IP Reputation to Reduce the Risk of Being Hacked

As anyone who reads the technical, financial or even the general news is aware, May has not been a good month for Internet security. We started with Sony which appears to have been comprehensively "PWNed" by one of more groups of criminals and we end up with the news of Lockheed and PBS joining the list of victims. Needless to say these news reports have led to a lot of our customers (and potential customers) asking whether ThreatSTOP's IP Reputation can save them.

Read More

Share this:

Collateral Damage and IP Reputation

All IP reputation systems (and related filtering too for that matter) will tend to group similar things together under that assumption that if a number of them are definitely bad the rest probably are too. This isn't perfect but it generally works, as long as the system pays careful attention to corner cases to exclude any false positives.

Read More

Share this:

Home Page

OTHER THREATSTOP OUTLETS

  1. ThreatSTOP on YouTube
  2. ThreatSTOP on Twitter