Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Internet Security | DShield SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Cyber Security Awareness tip #23 Using Browsers, SSL, Domain Names

Today's issue revolves around trust, implied, explicit, and undeserved. AKA the bad, the worse, and rather ugly. The question is, can a web server be trusted, and under what conditions? Can a web browser determine the trust value assigned to a web server, and what are the criteria for doing so? What reputation can be assigned to the URL based on IP address, SSL certificate, domain name or other parameters? What is the paradigm for using the Internet for business?

Please let us know your thoughts on the subject.

Update 1 our first example already! Irfanview is a popular graphic image viewer, and is free for personal use, available at its web site: interestingly enough other web sites seem to charge for the 'Pro' version. Are they legit? I'll leave that as an exercise for the reader. Thanks Curt for writing in.

Adrien de Beaupré
Bell Canada

I will be teaching next: Enterprise and Cloud | Threat and Vulnerability Assessment - SANS Secure Japan 2022

Adrien de Beaupre

353 Posts
ISC Handler
Oct 23rd 2007

Sign Up for Free or Log In to start participating in the conversation!