XML Viruses
From searchwebservices.com:

On Monday, Layer 7 Technologies Inc. added Cupertino, Calif.-based Symantec Corp.'s AntiVirus Scan Engine to its SecureSpan Gateway product. Under the partnership, SecureSpan, which enforces security policies for Web services, can now forward any malicious SOAP attachments to the AntiVirus Scan Engine, which in turn rejects or quarantines any infected files before they can penetrate an application.

In a related announcement, Forum Systems Inc. and Islandia, N.Y.-based Computer Associates (CA) Inc. teamed up to integrate CA's eTrust EZ antivirus software with the Forum XWall Web Services Firewall. XWall will add a new XML Antivirus module that will apply security policies and antivirus signatures to SOAP messages, SOAP attachments and raw XML....

XML traffic has increased because common formats like MP3 files and Microsoft Word documents can now be sent as XML. Additionally, the fact that SOAP envelopes and WSDL files can carry embedded macros and files increases the risk of exchanging Web services messages.

"XML and Web services cut through existing firewalls and email-based spam and virus filters like a hot knife through butter," said Ron Schmelzer, senior analyst at Waltham, Mass.-based ZapThink LLC. "Existing routers don't inspect the actual content at the level necessary to deal with XML-based virus and content-based attacks."...

While viruses embedded inside SOAP attachments are the easiest way to strike, a sophisticated parser can find sensitive information inside XML documents like credit card numbers or "dirty words", according to Wes Swenson, CEO of Salt Lake City-based Forum Systems.

"Anything that's XML-ified needs to be parsed," Swenson said. "Most network layer technologies do not parse, they only deal with packets, envelopes and messages."

Parsing attacks and XML schema poisoning are the next types of Web services security threats we can expect to see, Swenson said. Malicious macros or circular references can poison schemas and cause a parser to consume all of its resources and shut down.


oempomeme: What are your car radio presets?

Technorati Tags:

Comments

Post a Comment

Popular posts from this blog

Where Are They Now at laradio.com laradio.com includes an excellent "Where Are They Now?" section. Here are some excerpts: Baka Boyz: KPWR, 1993-99; KKBT, 1999-2000. Eric and Nick Vidal moved to Miami in early 2003. Blade, Richard: KNAC; KROQ, 1982-2000. Richard left KROQ in April 2000 and moved to St. Thomas Island to teach scuba diving. He returned to the Southland in 2003. Burton, Michael: KROQ, 1990-95. Michael "the maintenance man" left the Kevin & Bean morning show in the fall of 1995 and filed a wrongful-termination suit charging the station with racial and religious discrimination. The suite was settled in late 1996 with both parties prohibited from revealing financial details. Furillo, Bud: KABC, 1973-75; KIIS, 1975-79; KABC, 1979-87; KFOX, 1988-90. Bud is working at KPSI-Palm Springs. Jackson, Michael : KHJ, 1963-65; KNX, 1965; KABC, 1966-98; KRLA, 1999-2000; KLAC, 2001-02. Michael left KLAC in late 2002 following a format change from Talk to Adult S
Read more
Random Braveman...Random Contest Discoveries With all the hits that he's been getting, it's obvious that Mitzzee and I are not the only ones who have discovered Daily Dancer . Blogpulse and other sources list the following references to Daily Dancer: jrnev.blogspot.com/2005/06/i-might-do-this.html aprilshah.blogspot.com/2005/06/so-much-stuff-so-little-time.html bamapachyderm.com/archives/2005/06/01/omglollmaowtf/ andrightlyso.com/archives/2005/06/01/daily-dancer/ badhairblog.blogspot.com/2005/06/this-is-what-watching-clive-owen.html mickey.ondragonswing.com/archives/006310.html www.tabulas.com/~lainie/877653.html dailydancer.com/plesk-stat/webstat/usage_200506.html showdown.contagiousmedia.org/ The post from Lainie is especially illuminating: Daily Dancer. A computer geek who posts up videos of himself dancing to a different song everyday. This is part of the Contagious Media Showdown awards. Since he needs to get as many visitors per day as possible, I doubt he's reall
Read more