Upload
colten-with
View
232
Download
0
Tags:
Embed Size (px)
Citation preview
Bit ShieldBit ShieldCORPORATION
3Gweb® 1Copyright 2005-07 BitShield Corp.
Provide an Ultra-Secure and Trust Web Infrastructure for Your Critical Business.Provide an Ultra-Secure and Trust Web Infrastructure for Your Critical Business.
BitShieldBitShield Corporation, California, USA Corporation, California, [email protected]@bit-shield.comwww.bit-shield.com
WebServer
BS-3Gweb-I-2400
Version 3.0 Nov. Version 3.0 Nov. 20082008
BitShieldBitShield-3Gweb®
Self-Defending Web ServerImmunity, Self-Healing, Digital-Skin, Nerve-Monitoring
Secure, Trust, Powerful and Reliability
Bit ShieldBit ShieldCORPORATION
3Gweb® 2Copyright 2005-07 BitShield Corp.
AwardAward
Winner of Best of Interop AwardWinner of Best of Interop Award ““The process of selecting the winners was rigorous, BitShield’s The process of selecting the winners was rigorous, BitShield’s
BS-3GWeb-I-2400 is the most innovative solution in the BS-3GWeb-I-2400 is the most innovative solution in the Network Software and Services category, and that’s why we Network Software and Services category, and that’s why we selected it as a Best of Interop winner”selected it as a Best of Interop winner”---- ---- said head judging team for the Best of Interop said head judging team for the Best of Interop
AwardsAwards
NETWORLD+INTEROP 2005 LAS VEGAS, U.S. One of largest International exhibition in the network and Internet industry. Over 250 top companies exhibited. Included CISCO, Juniper, NEC and so on.
Bit ShieldBit ShieldCORPORATION Today’s InternetToday’s Internet
““Internet powers the US and global economy. By 2010, the Internet Internet powers the US and global economy. By 2010, the Internet expected to save US businesses expected to save US businesses $500 billion $500 billion and increase revenues by and increase revenues by $1.5 trillion$1.5 trillion..”” ---- Cyber Security Industry Alliance, 2007---- Cyber Security Industry Alliance, 2007
Today, there are Today, there are 12+ Billion 12+ Billion Web pages stay on Web pages stay on 175+ million 175+ million Web sites Web sites under the Internet to conduct e-commerce, e-gov, e-banking, etc.under the Internet to conduct e-commerce, e-gov, e-banking, etc.
““The federal government has The federal government has 33 million 33 million Web pages scattered across Web pages scattered across 23,00023,000 Web sites.” Web sites.” (See:(See: http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2862311,00.html)http://techupdate.zdnet.com/techupdate/stories/main/0,14179,2862311,00.html)
However, the big issues are:However, the big issues are: Google reported Google reported 25% 25% Web pages searched contains malicious code which Web pages searched contains malicious code which
may hurt client’s PC or steal sensitive information. may hurt client’s PC or steal sensitive information. [May.13.2007][May.13.2007] New infected web pages/day: New infected web pages/day: 10,000 10,000 [06.21.2007], [06.21.2007], 16,00016,000 [09.15.2008] [09.15.2008] A new Infected site appearing A new Infected site appearing once every once every 55 seconds vs. seconds vs. every every 1414 seconds seconds
just a year ago. just a year ago. [April 23, 2008][April 23, 2008] Hundreds of thousands of Web defacements happen every day. Included Hundreds of thousands of Web defacements happen every day. Included
sites of sites of U.N., Obama, NASA, Phelps, Microsoft, USA TodayU.N., Obama, NASA, Phelps, Microsoft, USA Today etc, etc, http://www.zone-h.org
Bit ShieldBit ShieldCORPORATION
3Gweb®4 Copyright 2005-07 BitShield Corp.
Innumerable cyber crimes have proven that current solution of “Perimeter Security Products + Web” never allows businesses to achieve a secured and trusted Web infrastructure to conduct Internet business!
Big issue for Internet Big issue for Internet Business Business
Conventional Web ServersSuch as Apache, MS IIS etc.
Inte
rn
et
Web AttacksWeb Attacks….
Unknown attack2Unknown attack1
Bots attackTargeted attack
Smart attackSanty WormScob Worm
Nimda WormCodeRed
Buffer-OverflowSQL injection
Cookie-TamperingDoS/DDoSWeb Hijeck
DefacementIntrusion
Cross-site-scripting
Password-Cracking
So on
FireFireWallWall
IDS/ IDS/ IPSIPS
Apps Apps FirewFirew
allall
Anti- Anti- VirusesVirusesAttacks
Attacks
Attacks
Attacks
Attacks
83%83%of Internet traffic is
malicious, Today!
--“Attack Trends and Security
Webinnar” ,2006 Sun microsystem
Attacks
OriginalWeb Contents Static Dynamic
At very least “Unknown Attacks” that carry no “Attack signatures”, can NOT be blocked by the perimeter security products
Today, Almost all business rely on the Web site. To prevent that hacker exploit the vulnerabilities of Web servers, you have to use many security products such as Firewall, IDS and so on, However,
Bit ShieldBit ShieldCORPORATION
3Gweb® 5Copyright 2005-07 BitShield Corp.
Security GapSecurity Gap
1,000100
200,000 21,0
00184,000
127,000100,0
00
Max Attack Power(Defacements/Day)
Cyber Threats(Reported by McAfee)
Issuer 3: Issuer 3: Cyber attacks always ahead Cyber attacks always ahead of of
the current security solutions the current security solutions
1990 1995 2000 2005 2010
DDoS/DoS
CodeRed
Sniffers
Back Doors
Defacement
Cryptograph&Authentication
Firewall
VPN
Intrusion Detection
Anti-viruses
CA
NimdaCross-site scripting
Scob Santy worm83%83% of Internet of Internet traffic is malicious, traffic is malicious, Today!Today! ---- “Attack Trends & ---- “Attack Trends & Security Webinar”, Security Webinar”, Sun MicrosystemSun Microsystem
Password Cracking
Cyber-attack and threats increase very fast. and are ever more frequent, sophisticated, systematism and unpredictable.
Attack Methods
Zeor-Day Attack XSS Attack
Unknown Attack
Web HijeckSweepers
To fill full the Security Gap, need next gen. technology: Self-Defending.
Unlike the current security products which stop attack from perimeter,
Self-Defending Technologies
Self-Defending Technologies
Security Gap between attack technologies and current security products grows fast.
SQL Injection
125125 to 175175 new malicious software codes pop up every day.2525 nations now have a cyber warfare program. ---- Cyber Security Industry Alliance
Self-Defending will enable computer serving continually even if be intruded by hacker.
Bit ShieldBit ShieldCORPORATION
Natural WorldNatural World
3Gweb®
7
Copyright 2005-07 BitShield Corp.
Our Self-Defense SystemOur Self-Defense SystemOur Self-Defending technology based on the cutting-edge Computer Bit-Our Self-Defending technology based on the cutting-edge Computer Bit-Security principle. Security principle.
Self-Defending SystemSelf-Defending System Skin (Anti-Intrusion)
1st line of defense for body protection
Self-Healing Build-in mechanism to start self
recovery process when hurt and becomes sick.
Immunity System Fight known and unknown viruses
to prevent/minimize infection Nerve-Monitoring
Nerve system detecting ache and threats, and transfer signal to brain, and taking action to defend against further damage.
Internet WorldInternet World
In human body:In Computer:
We have successful implemented the Bio Self-Defending system into the computer system, first in the world. Thus, computer will be able to run robustly on the Internet by longer-term, like human being.
The current computer system The current computer system does not have a built-in Self-does not have a built-in Self-Defending system. Thus, if be Defending system. Thus, if be intruded, then computer stops intruded, then computer stops the work.the work.
Lot of viruses and attackers are existingLot of viruses and attackers are existing
Bit ShieldBit ShieldCORPORATION
3Gweb® 8Copyright 2005-07 BitShield Corp.
3Gweb3Gweb® Self-Defending Web server Self-Defending Web server
HTTP Server FunctionsHTTP Server Functions
Current Web Servers(Such as Apache, IISApache, IIS, etc.)
HTTP Server Functions + Immunity+ Immunity + Self-Healing+ Self-Healing + Digital Skin+ Digital Skin + + Nerve-MonitoringNerve-Monitoring
HTTP Server Functions + Immunity+ Immunity + Self-Healing+ Self-Healing + Digital Skin+ Digital Skin + + Nerve-MonitoringNerve-Monitoring
Self-Defending Web Server 3Gweb-I-24003Gweb-I-2400
No-Trust and UnsecureNo-Trust and UnsecureInvented in the 20th CenturyInvented in the 20th Century
3Gweb-I-2400 is an all-in-one the next gen. Web server appliance with the cutting-edge Self-Defense System. It will be able to run longer term on the dangerous Internet strongly, like as human being.
U.S.A. Patent U.S.A. Patent No. 7,313,823No. 7,313,823Dec. 25, 2007Dec. 25, 2007
Unmatched Anti-Attack capabilities against various Web attacks, whether Unknown or Known attacks.
Isolate Zone Germfree Zone Internet
Bit ShieldBit ShieldCORPORATION
3Gweb® 9 Copyright 2005-07 BitShield Corp.
3GWeb3GWeb® ® vs. vs. 22ndnd Gen. Gen. Web Web ServerServer
Conventional Web servers (Apache, IIS, etc.)
internetinternetOriginalWeb Contents Static Dynamic
Firewall 1
Unsafe SegmentUnsafe Segment Safe Segment
DMZ Internal LAN
Original Web contents are directly disclosed to Internet every days.
No way to inspect the Web contents after upload to the server.
No monitoring for Web server. A bridge between Internet and
internal LAN for attacker intrusion.
CrackerAttackerhttp viruses/worm
Visitor
Data Base
3Gweb®® Self-Defense Web server
internetinternet
Visitor
Unsafe SegmentUnsafe Segment
Germfree Zone
Self-Monitoring Alarm by email or mobile phone No anyone can directly
access your original Web contents from Internet!
Auto check Web content per bit before send back to visitor!
Auto monitoring Web server every minutes with the alarm!
Auto recovery if be altered.
CrackerAttackerhttp viruses/worm
USA Patent ProtectedUSA Patent Protected
Original Web Contents Static Dynamic
Isolation Zone
Authenticated&Encrypted Web Contents
Giga bit Firewall Giga bit FirewallURL Filtering Giga bit Firewall
Bit ShieldBit ShieldCORPORATION
3Gweb® 10Copyright 2005-07 BitShield Corp.
Key Features (1)Key Features (1) Highly Trusted:Highly Trusted:
Always send clear and trusted Web pages to your visitors. No more Always send clear and trusted Web pages to your visitors. No more defacements, no viruses/worms, no any malicious code! Protect your defacements, no viruses/worms, no any malicious code! Protect your brand investment and your Web presence.brand investment and your Web presence.
Cutting-edge Immunity SystemCutting-edge Immunity System: : Physical separation: dual mother boards in one chassis:Physical separation: dual mother boards in one chassis: physically physically
separate to two segments: separate to two segments: Isolation Zone Isolation Zone and and Germfree ZoneGermfree Zone.. Isolates original Web contentIsolates original Web content, the original contents and database are , the original contents and database are
placed in the placed in the Germfree ZoneGermfree Zone, can not be accessed from Internet view. , can not be accessed from Internet view. Web contents on the Web contents on the Isolate Zone Isolate Zone are protected by authentication and are protected by authentication and
encryption, cannot be infected or modified by any hacker, HTTP encryption, cannot be infected or modified by any hacker, HTTP viruses or worms viruses or worms – whether – whether Known or Unknown – first in the world!Known or Unknown – first in the world!
Static files: html, jpg, wav, txt, gif, MP3, PDF, doc, etc. Static files: html, jpg, wav, txt, gif, MP3, PDF, doc, etc. Dynamic script files: CGI, shtml, PHP, Java, Perl, JSP etc. Dynamic script files: CGI, shtml, PHP, Java, Perl, JSP etc.
Auto authentication and encryption for new Web contents updated.Auto authentication and encryption for new Web contents updated. Cutting-edge Self-Healing Cutting-edge Self-Healing
Automatically recovery once the file altered or infected being fund, Automatically recovery once the file altered or infected being fund, the the exposed time of defacement is exposed time of defacement is 00 seconds seconds – first in the world! Site – first in the world! Site
visitors never see a defacement visitors never see a defacement –– at any timeat any time – – unlike other “file unlike other “file scan” or “file search” technologies. scan” or “file search” technologies.
Bit ShieldBit ShieldCORPORATION
3Gweb® 11Copyright 2005-07 BitShield Corp.
Key Features (3)Key Features (3) Eliminates Vulnerabilities of Web ServerEliminates Vulnerabilities of Web Server
Prevent defacement, deleting, modification of Web content Prevent defacement, deleting, modification of Web content Stop the intrusion of database through Web server: Stop the intrusion of database through Web server:
Hacker is unable to find information to access to database from Web program and Hacker is unable to find information to access to database from Web program and cannot insert malicious commands in Web program to hijack the program and gain cannot insert malicious commands in Web program to hijack the program and gain access to important or sensitive data. access to important or sensitive data.
Prevent data theft of confidential and sensitive Web content.Prevent data theft of confidential and sensitive Web content. Prevent hackers exploiting your Web site to spreading malicious code.Prevent hackers exploiting your Web site to spreading malicious code. Protect HTTPD daemon: Protect HTTPD daemon: recovery and auto-restart within 20 seconds, recovery and auto-restart within 20 seconds,
if the HTTPD daemon is stopped or deleted by attacker. if the HTTPD daemon is stopped or deleted by attacker. Delete uncertified files, such as Delete uncertified files, such as Trojan Horse,Trojan Horse, Anti Buffer Over Flow Attack,Anti Buffer Over Flow Attack,
Buffer Overflow Attack Buffer Overflow Attack is a very danger attack technology which can be used for take the root control right of Web is a very danger attack technology which can be used for take the root control right of Web server though Internet. The perimeter security products, such as Firewall, IDS etc. are no way to eliminating the server though Internet. The perimeter security products, such as Firewall, IDS etc. are no way to eliminating the vulnerability of Buffer Overflow Attack from your server. vulnerability of Buffer Overflow Attack from your server.
Malicious Malicious buffer overflow attacks buffer overflow attacks pose a significant security threat to businesses, increasing IT resource demands, and pose a significant security threat to businesses, increasing IT resource demands, and in some cases destroying digital assets. In a typical attack, a malicious worm creates a flood of code that overwhelms in some cases destroying digital assets. In a typical attack, a malicious worm creates a flood of code that overwhelms the processor, allowing the worm to propagate itself to the network, and to other computers. These attacks cost the processor, allowing the worm to propagate itself to the network, and to other computers. These attacks cost businesses precious productivity time, which can equal significant financial loss. businesses precious productivity time, which can equal significant financial loss.
Bit ShieldBit ShieldCORPORATION
3Gweb® 12Copyright 2005-07 BitShield Corp.
Anti Buffer Overflow Anti Buffer Overflow AttacksAttacks In the 3Gweb 2.4.3, we have included a new function that can protect against the various In the 3Gweb 2.4.3, we have included a new function that can protect against the various
Buffer Overflow AttacksBuffer Overflow Attacks. Please look the test results as the following. . Please look the test results as the following.
Fig1. No segmentation fault even a long word was input into a small buffer on the 3Gweb server!.
Fig2. The memory stock can not be protected on usual host server if a long words was input into a small buffer..
The results of inputting a very long words into a butter that just be 10 bytes.:
Bit ShieldBit ShieldCORPORATION
3Gweb® 13Copyright 2005-07 BitShield Corp.
Key Features (4):Key Features (4): (Digital Skin1) (Digital Skin1) Advanced FirewallAdvanced Firewall
Built-in Giga Bits FirewallBuilt-in Giga Bits Firewall Open port Open port 8080 and port and port 443443 only. Close all other ports. only. Close all other ports. Resists various DDoS/DoS Attacks: Resists various DDoS/DoS Attacks:
SYN Flood, TCP Sean, Land, Ping of Death, UDP Flood, http Flood,SYN Flood, TCP Sean, Land, Ping of Death, UDP Flood, http Flood, etc. etc. Response of 3Gweb to attacker’s hosts will down very slow automatically Response of 3Gweb to attacker’s hosts will down very slow automatically
once get DDoS/DoS attack, in order to save system resources. once get DDoS/DoS attack, in order to save system resources. But do not affect to Web server performance for legal visitors.But do not affect to Web server performance for legal visitors.
3Gweb
Router
Botnet Army
Bit ShieldBit ShieldCORPORATION Key Features (5): Key Features (5): Digital Skin2Digital Skin2: :
Advanced WAFAdvanced WAF Built-in WAF(Web Application Firewall or URL Filtering)Built-in WAF(Web Application Firewall or URL Filtering) All packets though the port All packets though the port 8080 for http and port for http and port 443443 for https for https
will be filtered by this WAF. will be filtered by this WAF. If catch any malicious code, 3Gweb can automatically block If catch any malicious code, 3Gweb can automatically block
the hacker’s IP address in order to stop the next attacks.the hacker’s IP address in order to stop the next attacks. Defense various application layer attacks, such as:Defense various application layer attacks, such as:
Input Validation AttacksInput Validation Attacks SQL Injection AttacksSQL Injection Attacks SQL Injection Access File AttacksSQL Injection Access File Attacks Cross-Site Scripting (XSS) AttacksCross-Site Scripting (XSS) Attacks Directory AttacksDirectory Attacks Access Key File AttacksAccess Key File Attacks cookie-tampering attacks,cookie-tampering attacks, CodeRed, CodeRed, Nimda, Nimda, Scob, Scob, Santy, Santy, etc. etc.
Unlike some WAF products on market that can not inspect the https.Unlike some WAF products on market that can not inspect the https.
Bit ShieldBit ShieldCORPORATION
3Gweb® 15Copyright 2005-07 BitShield Corp.
Key Features (6)Key Features (6) Nerve MonitoryNerve Monitory
Automatically Self-monitoring from Germfree Zone to Automatically Self-monitoring from Germfree Zone to Isolation Zone by 7x24 Isolation Zone by 7x24
Both Web site and content are monitoredBoth Web site and content are monitored Non stop monitoring, even during update the Web Non stop monitoring, even during update the Web
contents.contents.
Alarm functionsAlarm functions Instantly send the alarm message to Instantly send the alarm message to emailemail or or cell cell
phonephone Level ALevel A: need Web master help: the Isolation Zone server is fail, : need Web master help: the Isolation Zone server is fail, Level BLevel B: Don not need help: the Web contents attacked has been : Don not need help: the Web contents attacked has been
recovered. recovered.
Security log functionsSecurity log functions
Bit ShieldBit ShieldCORPORATION
3Gweb® 16Copyright 2005-07 BitShield Corp.
Key Features (7)Key Features (7) Performance AssurancePerformance Assurance
High response speed:High response speed: (Look the spec for each model). (Look the spec for each model).
Support HTTP Server FunctionsSupport HTTP Server Functions (Apache): (Apache): Completely meet the industory standards of WWW: Completely meet the industory standards of WWW:
URL (Uniform Resource Locators)URL (Uniform Resource Locators) HTTP (Hypertext Transfer Protocol);HTTP (Hypertext Transfer Protocol); HTML (Hypertext Markup Language);HTML (Hypertext Markup Language); CGI (Common Gateway Interface);CGI (Common Gateway Interface);
Static Pages (html, jpg, gif, wav, mp3, mov, etc, text, image, music, movie etc.)Static Pages (html, jpg, gif, wav, mp3, mov, etc, text, image, music, movie etc.) Dynamic Script Pages (CGI script, shtml, Perl, php, java, etc.)Dynamic Script Pages (CGI script, shtml, Perl, php, java, etc.) Virtual Host ( built multi Web sites on one server), Virtual Host ( built multi Web sites on one server), DSO (Dynamic Share Object), DSO (Dynamic Share Object), SSI (Server Side Includes),SSI (Server Side Includes), SSL (Secure Sockets Layer),SSL (Secure Sockets Layer), So on.So on.
Easy Easy No special client software or browser are required!No special client software or browser are required! Auto judge the legal upgrade and the illegal alteration about the Web contentAuto judge the legal upgrade and the illegal alteration about the Web content EasilyEasily upload the Web content without interruption in protection. Just upload the new upload the Web content without interruption in protection. Just upload the new
Web contents to the private server via sftp or ftp only.Web contents to the private server via sftp or ftp only.
Bit ShieldBit ShieldCORPORATION
17
Key Features (8)Key Features (8)All-in-One: All-in-One: Web server Web server
applianceapplianceSpecialized hardware with pre-configured
system and pre-installed software and data base
BS-3Gweb-I-2400BS-3Gweb-I-2400 RL 3000 RL 3000
RL2000RL2000 RL1100RL1100
It is a high reliability secure Web platform for all Web site purposes.
Best-in-class for government, enterprise-wide, Managed Service Providers, ISP etc.
1U Rack mount Series 4 times smaller, 4 times performance up!
Bit ShieldBit ShieldCORPORATION
3Gweb® 18Copyright 2005-07 BitShield Corp.
Key Features (9)Key Features (9) Save total Web costs and Raise up Web Save total Web costs and Raise up Web
management levelmanagement level Get alarm info at the first time once Web site is Get alarm info at the first time once Web site is
damaged; damaged; Reduce cost for the disaster recovery; Reduce cost for the disaster recovery; Doesn’t need patch so often; Doesn’t need patch so often; Improve under-staffed operation; Improve under-staffed operation; Improve customer retention and protects brand; Improve customer retention and protects brand; Save space for Web hosting; (1U)Save space for Web hosting; (1U) So on;So on;
Short time for Web site integrateShort time for Web site integrate Instant integration of Web site;Instant integration of Web site; All in one Appliance combined of hardware and softwareAll in one Appliance combined of hardware and software
Bit ShieldBit ShieldCORPORATION
3Gweb® 19Copyright 2005-07 BitShield Corp.
Support Multi-Tier WebsiteSupport Multi-Tier Website
3Gweb3GwebLAN
InternetInternet DBDB
Single-TierSingle-Tier- Web server and DB server on - Web server and DB server on commoncommon platform. platform.- Easy to Deploy- Easy to Deploy- Ideal for Web Hosting- Ideal for Web Hosting
DB is not exposed directly to Internet
3Gweb3GwebLAN
InternetInternet DBDBServer
Dual-TierDual-Tier- Web server and DB server on- Web server and DB server on separate platforms. separate platforms.- Supports: Oracle, DB2, Sybase, - Supports: Oracle, DB2, Sybase, etc.etc.- High security and performance- High security and performance
LAN3Gweb3Gweb
InternetInternet DBDBServer
ServletServletJSPJSPEJBEJB
ApplicationApplicationServerServer
Three TierThree Tier- Separate Web, Application & Database- Separate Web, Application & Database-Implementation: Web services, Implementation: Web services, e-commerce, e-business, etc. e-commerce, e-business, etc.-Third party application such as:Third party application such as:
-J2EE / IBM WebSphereJ2EE / IBM WebSphere
Bit ShieldBit ShieldCORPORATION
3Gweb® 21Copyright 2005-07 BitShield Corp.
2.2. Products Line Products Line
RL3000RL3000 RL2000RL2000 RL1100RL1100
Bit ShieldBit ShieldCORPORATION
3Gweb®22Copyright 2005-07 BitShield Corp.
Public HostPublic HostTwo Quad-CoreTwo Quad-CoreIntel Intel Xeon CPUXeon CPU1333 MHz FSB1333 MHz FSB
Private HostPrivate HostTwo Quad-CoreTwo Quad-Core Intel Intel Xeon CPUXeon CPU1333 MHz FSB1333 MHz FSB
BS-3Gweb-I-2400BS-3Gweb-I-2400 RL3000 RL3000 Highest ClassHighest Class
HTTP serverHTTP server Apache + 3Gweb Apache + 3Gweb
OSOS Red Hat Linux Enterprise 4 Red Hat Linux Enterprise 4
Requests per second Requests per second (mean) (mean) *1*1 with with
Firewall Firewall *1*1
> > 3,5 3,50000
> 3,3> 3,30000
Transfer rate Transfer rate *1*1
with Firewall with Firewall *1*1>> 40 40,000,000(Kbytes/sec) = (Kbytes/sec) =
320Mbps320Mbps
> 37,000> 37,000(Kbytes/sec) = (Kbytes/sec) = 296Mbps296Mbps
Data BaseData BaseWeb LanguageWeb Language
SecuritySecurity
Admin ToolAdmin Tool
MySQL (MySQL (Internal Host onlyInternal Host only) ) PHP; Perl; Java;PHP; Perl; Java;open-SSL; mod-SSL, SSHopen-SSL; mod-SSL, SSHDual Gigabit FirewallsDual Gigabit Firewalls, URL , URL DefenseDefenseWeb Base Administration Web Base Administration Tool; FTP; sendmail, etc.Tool; FTP; sendmail, etc.
Memory (Memory (for each for each host host ))
8GB8GB
Hard Drive (Hard Drive (for each for each host host ) )
Dual Dual 11 TB SATA; 7200RPM; TB SATA; 7200RPM; Hot swap; RAID1; Hot swap; RAID1;
InterfaceInterface Gigabit Ethernet Port x 2Gigabit Ethernet Port x 2Gigabit Ethernet Port x 2Gigabit Ethernet Port x 2Virtual Media + KVM Over Virtual Media + KVM Over LANLAN
Power Supply Power Supply DimensionsDimensions
980W AC w/RFC High-efficiency 980W AC w/RFC High-efficiency 1U Rack mount; H1.7”(43mm) x 1U Rack mount; H1.7”(43mm) x W17.2”(437mm) x D27.75”(705mm)W17.2”(437mm) x D27.75”(705mm)
High-Density High-Performance Computer. Tow in One 1U!With the peak performance.Best-in-class for government, Bank and enterprise-wide, ISP, etc
*1: The performance depend on size and structure of your HTML files, and your network. Our test Web content used is index.html. 11.2KB
(All in One; (All in One; 1U 1U chassis with chassis with dualdual system boards, system boards, High-Density HPC technology.!))
Isolate Zone Germfree Zone Internet
LAN
Bit ShieldBit ShieldCORPORATION
3Gweb® 23Copyright 2005-07 BitShield Corp.
BS-3Gweb-I-2400BS-3Gweb-I-2400 RL2000 RL2000 High ClassHigh Class
Public HostPublic Host Two Dual-Two Dual-CoreCore Intel Intel Xeon Xeon CPUCPU
1333MHz FSB1333MHz FSB
Private HostPrivate HostTwo Dual-Two Dual-
CoreCore Intel Intel Xeon Xeon
CPUCPU1066MHz FSB1066MHz FSB
HTTP serverHTTP server Apache + 3Gweb Apache + 3Gweb
OSOS Red Hat Linux Enterprise 4 Red Hat Linux Enterprise 4
Requests per second Requests per second (mean) (mean) *1*1 with Firewall with Firewall
*1*1
>> 2,6 2,60000
> > 2,5002,500
Transfer rate Transfer rate *1*1
with Firewall with Firewall *1*1>> 35 35,000,000 (Kbytes/sec) = (Kbytes/sec) =
280Mbps280Mbps
> 32,000 > 32,000 (Kbytes/sec) = (Kbytes/sec) = 256Mbps256Mbps
Data BaseData BaseWeb LanguageWeb Language
SecuritySecurity
Admin ToolAdmin Tool
MySQL (MySQL (Internal Host onlyInternal Host only) ) PHP; Perl; Java;PHP; Perl; Java;open-SSL; mod-SSL, SSHopen-SSL; mod-SSL, SSHDual Gigabit FirewallsDual Gigabit Firewalls, URL , URL Defense Defense Web Base Administration Tool; Web Base Administration Tool; FTP; sendmail, etc.FTP; sendmail, etc.
Memory (for each Host)Memory (for each Host) 4GB4GB
Hard Drive (for each Hard Drive (for each Host)Host)
Dual Dual 550000 GB SATA; 7200RPM; GB SATA; 7200RPM; Usable size: Usable size: 48480GB 0GB Hot swap; RAID1;Hot swap; RAID1;
InterfaceInterface Gigabit Ethernet Port x 2Gigabit Ethernet Port x 2Gigabit Ethernet Port x 2Gigabit Ethernet Port x 2Virtual Media + KVM Over LANVirtual Media + KVM Over LAN
Power Supply Power Supply DimensionsDimensions
980W AC w/RFC High-980W AC w/RFC High-efficienceyefficiencey1U Rack mount; H1.71U Rack mount; H1.7””x W17.2x W17.2””x x D27.75D27.75””
High-Density High-Performance Computer Tow in One 1U!
Best-in-class for government, Bank and enterprise-wide, Managed Service Providers etc.
*1: The performance depend on size and structure of your HTML files, and your network. Our test Web content used is index.html. 11.2KB
(All in One; (All in One; 1U 1U chassis with chassis with dualdual system boards, system boards, High-Density HPC!))
Isolate Zone Germfree Zone Internet
LAN
Bit ShieldBit ShieldCORPORATION
3Gweb® 24Copyright 2005-07 BitShield Corp.
BS-3Gweb-I-2400BS-3Gweb-I-2400 RL11000RL11000
Public HostPublic Host Dual-CoreDual-Core
Intel Intel Xeon Xeon CPUCPU1066MHz FSB1066MHz FSBHyper TreatingHyper Treating
Private HostPrivate Host Dual-CoreDual-Core
Intel Intel Xeon Xeon CPUCPU1066MHz FSB1066MHz FSBHyper TreatingHyper Treating
HTTP serverHTTP server Apache + 3Gweb Apache + 3Gweb
OSOS Red Hat Linux Enterprise 4 Red Hat Linux Enterprise 4
Requests per second Requests per second (mean) (mean) *1*1 with Firewall with Firewall
*1*1
>> 1,2 1,20000
> 1,1> 1,10000
Transfer rate Transfer rate *1*1
with Firewall with Firewall *1*1>> 14 14,000,000 (Kbytes/sec) = (Kbytes/sec) =
112Mbps112Mbps
> 13,500 > 13,500 (Kbytes/sec) = (Kbytes/sec) = 105Mbps105Mbps
Data BaseData BaseWeb LanguageWeb Language
SecuritySecurity
Admin ToolAdmin Tool
MySQL (MySQL (Internal Host onlyInternal Host only) ) PHP; Perl; Java;PHP; Perl; Java;open-SSL; mod-SSL, SSHopen-SSL; mod-SSL, SSHDual Gigabit FirewallsDual Gigabit Firewalls, URL , URL Defense Defense Web Base Administration Tool; Web Base Administration Tool; FTP; sendmail, etc.FTP; sendmail, etc.
Memory (for each Host)Memory (for each Host) 2GB2GB
Hard Drive (for each Hard Drive (for each Host)Host)
Dual Dual 252500 GB SATA; 7200RPM; GB SATA; 7200RPM; Usable size: Usable size: 22220GB 0GB Hot swap; RAID1;Hot swap; RAID1;
InterfaceInterface Gigabit Ethernet Port x 2Gigabit Ethernet Port x 2Gigabit Ethernet Port x 2Gigabit Ethernet Port x 2Virtual Media + KVM Over LANVirtual Media + KVM Over LAN
Power Supply Power Supply DimensionsDimensions
980W AC w/RFC High-980W AC w/RFC High-efficienceyefficiencey1U Rack mount; H1.71U Rack mount; H1.7””x W17.2x W17.2””x x D27.75D27.75””
High-Density High-Performance Computer Tow in One 1U!
Best-in-class for government, Bank and enterprise-wide, Managed Service Providers etc.
*1: The performance depend on size and structure of your HTML files, and your network. Our test Web content used is index.html. 11.2KB
(All in One; (All in One; 1U 1U chassis with chassis with dualdual system boards, system boards, High-Density HPC!))
Isolate Zone Germfree Zone Internet
LAN
Bit ShieldBit ShieldCORPORATION
3Gweb® 25Copyright 2005-07 BitShield Corp.
3.3. More issues of More issues of the conventional the conventional
Web serverWeb server
Bit ShieldBit ShieldCORPORATION
3Gweb® 26Copyright 2005-07 BitShield Corp.
Internet biggest VulnerabilitiesInternet biggest VulnerabilitiesWeb Server Rank First and Second PlaceWeb Server Rank First and Second Place
Top Vulnerabilities to Windows SystemsTop Vulnerabilities to Windows Systems W1 Web Servers & ServicesW1 Web Servers & Services W2 Workstation Service W2 Workstation Service W3 Windows Remote Access W3 Windows Remote Access
Services Services W4 Microsoft SQL Server (MSSQL) W4 Microsoft SQL Server (MSSQL) W5 Windows Authentication W5 Windows Authentication W6 Web Browsers W6 Web Browsers W7 File-Sharing Applications W7 File-Sharing Applications W8 LSAS Exposures W8 LSAS Exposures W9 Mail Client W9 Mail Client W10 Instant Messaging W10 Instant Messaging
Top Vulnerabilities to UNIX SystemsTop Vulnerabilities to UNIX Systems U1 BIND Domain Name System U1 BIND Domain Name System U2 Web ServerU2 Web Server U3 Authentication U3 Authentication U4 Version Control Systems U4 Version Control Systems U5 Mail Transport Service U5 Mail Transport Service U6 Simple Network Management U6 Simple Network Management
Protocol (SNMP) Protocol (SNMP) U7 Open Secure Sockets Layer (SSL) U7 Open Secure Sockets Layer (SSL) U8 Misconfiguration of Enterprise U8 Misconfiguration of Enterprise
Services NIS/NFS Services NIS/NFS U9 Databases U9 Databases U10 Kernel U10 Kernel
May, 2005, The SANS Institute published their Top 20 list of internet vulnerabilities. May, 2005, The SANS Institute published their Top 20 list of internet vulnerabilities. Over 600 new vulnerabilities discovered during the first quarter of this year.Over 600 new vulnerabilities discovered during the first quarter of this year.
Web server is ranked No.1 and No.2Web server is ranked No.1 and No.2
Source: http://www.bit-shield.com/Link/2005/June/Internet_Security_Problems_Proliferate.htmSource: http://www.bit-shield.com/Link/2005/June/Internet_Security_Problems_Proliferate.htm
Bit ShieldBit ShieldCORPORATION
3Gweb® 27Copyright 2005-07 BitShield Corp.
None Trust and easily be None Trust and easily be alteredalteredToday, we can’t trust any Web site, because we can’t
understand what Web page we seen even is whether original page or not?! No any tech can help us to recognition that today!
Which is falsified?Which is falsified?
Bit ShieldBit ShieldCORPORATION
3Gweb® 28Copyright 2005-07 BitShield Corp.
A pathway for Intrusion of DB and LAN A pathway for Intrusion of DB and LAN
This is one of biggest security vulnerability in the Today’s Internet. Almost all Web sites are connecting with back-end Database or front-end database such as MySQL, DB2, Oracle and so on. So, hacker is possible to intrude the database via at least the following ways, when they intruded your Web server: Method 1: From Web program such as .perl, .php, .asp etc, hacker can found the important information about how can access the Database, such as the DB server’s IP, Password, DB name etc. Because the almost Web programs are plain text files. Method 2: Hacker can insert malicious code to your Web program file, and then steal the data from database when you or your Web visitors run the Web program to access DB! Because the Web programs can be altered. Note: even implement a Firewall between the Web server and the Data Base, you can not stop this type of attack if your Web server is the monorail Web server such apache, IIS.
DatabaseDatabase ServerServerInternet
<%Set cn = server.createobject(“ADODB.Connection”)Cn.Open “driver={SQL Server}; Server=163.30.58.44; uid=sa; pwd=1234567; database=maxtk”%>
IP=163.30.58.44
Sample of ASP/SQL Languagefunction connect() { $db_IP = '163.30.58.44'; $db_name = ' maxtk '; $db_passwd = " 1234567"; if ($this->dbh == 0) { $this->dbh = mysql_connect($db_IP, $db_name, $db_passwd );}
Sample of PHP/MySQL Language
?
FirewallWeb Server
attack
Bit ShieldBit ShieldCORPORATION
3Gweb® 29Copyright 2005-07 BitShield Corp.
Amount of Amount of LossLoss Cause Cause aa DDisabling of Webisabling of Web Site Site
$Million dolor / Day$Million dolor / Day Web SiteWeb Site
1.61.6 YahooYahoo
4.54.5 AmazonAmazon
30.330.3 Cisco SystemsCisco Systems
33.033.0 IntelIntel
35.035.0 Dell ComputerDell Computer
Source: USA Today, Feb.10, 2000
Bit ShieldBit ShieldCORPORATION
3Gweb® 30Copyright 2005-07 BitShield Corp.
Issure 3. Total cost of Issure 3. Total cost of Web Web operating is too expensiveoperating is too expensive
Customers want:Customers want:
Secured Web platformSecured Web platform
Reduce the total expense Reduce the total expense
for Web operationfor Web operation
Rapidly response the Rapidly response the
dynamics of economy and dynamics of economy and
business environmentbusiness environment
Raise up the standard of Raise up the standard of
Web managementWeb management
Bit ShieldBit ShieldCORPORATION
3Gweb® 31Copyright 2005-07 BitShield Corp.
4.4. Various usage Various usage Best solution for government and banksBest solution for government and banks Best solution for safeguard IIS serverBest solution for safeguard IIS server Best solution for preventing inside cyber-Best solution for preventing inside cyber-
crimescrimes Best solution for Secure HostingBest solution for Secure Hosting Best solution for multi tier Web site and Best solution for multi tier Web site and
support the Web services.support the Web services.
How to build a large 3 tier site with Load How to build a large 3 tier site with Load Balancing Balancing
Single Network ConfigurationSingle Network Configuration
Database Tier
Application Tier
Web Tier
IP 192.168.1.2GW 192.168.1.1Cluster 192.168.1.3
Int IP 192.168.1.1
IP 192.168.1.5IP 192.168.1.5IP 192.168.1.6 IP 192.168.1.6 IP 192.168.1.7IP 192.168.1.7GW 192.168.1.2 GW 192.168.1.2
IP 192.1.50.5IP 192.1.50.6 IP 192.1.50.7
FortinetFirewall/VPN
Equalizer
3Gweb® Servers(Reverse side)
IP 192.168.50.101IP 192.168.50.102
Access Tier
AdministratorWeb site
Maintenanceand upgrade
IP 192.1.50.200
IBM WebSphereTomcatetc.
Bit ShieldBit ShieldCORPORATION
3Gweb® 33Copyright 2005-07 BitShield Corp.
Best Solution for Web services Best Solution for Web services and multi-tier Web siteand multi-tier Web site
Implement 3Gweb-I-2400 in the presentation tier where is at DMZ.Implement 3Gweb-I-2400 in the presentation tier where is at DMZ. 3Gweb can forward the request with http protocol to various Application Server such as 3Gweb can forward the request with http protocol to various Application Server such as
WebSphere, TomCat. etc. even if it runs under other OS such as Solaris, Windows, etc..WebSphere, TomCat. etc. even if it runs under other OS such as Solaris, Windows, etc.. It is a best solution if deploy the static pages to the 3Gweb, and run business logic programs It is a best solution if deploy the static pages to the 3Gweb, and run business logic programs
such as Servlet, JSP, DJB at the application server.such as Servlet, JSP, DJB at the application server. More secure, more reliability and most effective for entire Web site infrastructure.More secure, more reliability and most effective for entire Web site infrastructure. It is possible to provide the load balancing to support multi App servers in “business logical It is possible to provide the load balancing to support multi App servers in “business logical
layer”.layer”.
IBM WebSphereIBM WebSphere
TomCatTomCat
ResinResin
MS IIS MS IIS
DBDB
Tier 1: Presentation serverTier 1: Presentation server Tier 2: Application serverTier 2: Application server Tier 3: DB serverTier 3: DB server
InternetHTTP HTTP
Java J2EE platform, UNIXJava J2EE platform, UNIX
Self-Monitoring Self-Monitoring 24x7, 24x7,
Auto AlarmAuto Alarm URL Defense, URL Defense, Multi-FirewallMulti-Firewall Self-Healing. Self-Healing. ImmunityImmunity
WindowsWindows
DMZDMZ
3Gweb
Bit ShieldBit ShieldCORPORATION
3Gweb® 34Copyright 2005-07 BitShield Corp.
Private/Confidence
Webpages
Best solution for Web site of e-Government, e-Banks!Best solution for Web site of e-Government, e-Banks!Multi-Tier Lines of DefenseMulti-Tier Lines of Defense
TheThe BS-3Gweb-I-2400 BS-3Gweb-I-2400 platformplatform can be used to deploy a highly trusted and secure Web server can be used to deploy a highly trusted and secure Web server architecture, which provides multiple lines of defense with architecture, which provides multiple lines of defense with SSLSSL (Secure Sockets Layer), (Secure Sockets Layer), CACA (Certification (Certification Authority) and other security standards to completely protect your database and internal LAN environments. Authority) and other security standards to completely protect your database and internal LAN environments. SSLSSL will protects the data traffic between the server and client, will protects the data traffic between the server and client, CACA will certifies visitors and Web server. will certifies visitors and Web server.
You may publish the You may publish the private/private/confidenceconfidence Web contentsWeb contents for special visitors, and publish the for special visitors, and publish the public Web public Web contentscontents for commoner visitors on the same site. For example: a government Web site can publish the for commoner visitors on the same site. For example: a government Web site can publish the confidenceconfidence Web pages to Web pages to governors, mayors with governors, mayors with SSLSSL. The other people also can look the . The other people also can look the governmental governmental bulletinbulletin from the same site. from the same site.
The The confidence Web contentsconfidence Web contents cannot be stolen from 3Gweb cannot be stolen from 3Gweb even if hacker intrude the Web servereven if hacker intrude the Web server! ! And never see any defacement at any time ! Eliminates the vulnerabilities of Web to prevent the intrusion of And never see any defacement at any time ! Eliminates the vulnerabilities of Web to prevent the intrusion of back-end DB! back-end DB!
Update Web contents
Alarm
Web Master
DMZDMZ
Firewall
Internet
Global IP
Internet LAN
SSL Defense Area 3Gweb Defense AreaCommoner Visitors
Digital Certification
CA with X.509
Data Baseserver
Digital Certification
Special Visitors Ex. governors, Mayors, customers
Attacker
Private/Confidence
Webcontents
Public Web
contents
Public Web pages
HTTPS
HTTPRouter
Bit ShieldBit ShieldCORPORATION
3Gweb® 35Copyright 2005-07 BitShield Corp.
Oh, This site seems Oh, This site seems ApacheApache over over LinuxLinux. It isn’t . It isn’t
Windows.Windows.
Upgrade your Upgrade your MS-IISMS-IIS server serverfor more for more securesecure, , effectiveeffective, , reliabilityreliability
Hide Hide IPIP, , OSOS and and IIS IIS from Internet access. Attacker will see an Apache on the Linux from Internet; from Internet access. Attacker will see an Apache on the Linux from Internet; Isolate directory accessing, attacking and viruses from Internet;Isolate directory accessing, attacking and viruses from Internet; Move your IIS server from DMZ to safe segment to Move your IIS server from DMZ to safe segment to avoid any unknown attacksavoid any unknown attacks.. Using the MS Windows IIS server like as a Application server; 3Gweb is the presentation server.Using the MS Windows IIS server like as a Application server; 3Gweb is the presentation server. Reduce the traffic between the 3Gweb and IIS server, if put the static Web files to the 3Gweb, Reduce the traffic between the 3Gweb and IIS server, if put the static Web files to the 3Gweb,
and run program on the Windows! 3Gweb may forward requests of dynamic page to MS-IIS.and run program on the Windows! 3Gweb may forward requests of dynamic page to MS-IIS. You can still use Microsoft’s tool to modify and upgrad your Web site.You can still use Microsoft’s tool to modify and upgrad your Web site.
MS IIS server MS IIS server 11 DBDB
TierTier 11: Presentation server: Presentation serverTierTier 22: Application server: Application serverTierTier 33: DB: DB
Internet HTTP HTTP
MS IIS server MS IIS server 22Global IPGlobal IP=216.59.162.5=216.59.162.5
Domain: www.abc.comDomain: www.abc.com
Local IP=192.168.0.10Local IP=192.168.0.10
Local IP=192.168.0.20Local IP=192.168.0.20
3Gweb-I-24003Gweb-I-2400 htmlGifjpg
htmlGifjpg
Self-Monitory 24x7, Auto AlarmSelf-Monitory 24x7, Auto Alarm URL Defense, Multi-FirewallURL Defense, Multi-Firewall Self-Healing. ImmunitySelf-Healing. Immunity
Web MasterWeb Master
.asp.asp
.net.net
HTTPS HTTPS
AttackerAttacker
VisitorVisitor
DMZDMZ
3Gweb
Bit ShieldBit ShieldCORPORATION
3Gweb® 36Copyright 2005-07 BitShield Corp.
Prevent Cyber Crime for both Prevent Cyber Crime for both InternetInternet and inside of Organization and inside of Organization
To protect your critical Data including To protect your critical Data including
customer info, R&D info and so on., You should customer info, R&D info and so on., You should isolateisolate all Data Bases all Data Bases from both from both IntranetIntranet and and InternetInternet directory access! directory access!
Use one 3Gweb-I-2400 for Internet Web site,Use one 3Gweb-I-2400 for Internet Web site, Use another 3Gweb-I-2400 for the intranet Use another 3Gweb-I-2400 for the intranet
Web site!Web site! That way you can prevent any internal attacker That way you can prevent any internal attacker
who want to steal confidential data from within who want to steal confidential data from within the LAN. You can also use https (SSL) protocol the LAN. You can also use https (SSL) protocol with your Web site, and prevent intrusion of with your Web site, and prevent intrusion of Data base though the web server for both Data base though the web server for both internet and intranet access!internet and intranet access!
DBDBDBDB
Data CenterData Center
LAN LAN
InternetInternet
HTTPS (SSL) HTTPS (SSL)
Accounting; HR; Manufacture; CRM; Sales; Purchases; R&DAccounting; HR; Manufacture; CRM; Sales; Purchases; R&D
Internet Web siteInternet Web siteFor e-commerceFor e-commerce
Intranet Web siteIntranet Web sitefor managementfor management
Organization InternalOrganization Internal
DMZ DMZ
TheThe Inside attacker Inside attacker finds an easier way to steal or alter the finds an easier way to steal or alter the Data within LAN, or intrude the Data Base easier than the Data within LAN, or intrude the Data Base easier than the outside attackeroutside attacker..
Bit ShieldBit ShieldCORPORATION
3Gweb® 37Copyright 2005-07 BitShield Corp.
Best Solution Applicable Web HostingBest Solution Applicable Web Hosting Save time and money in Web managementSave time and money in Web management Provide a Ultra-Secure Web platform to customers Provide a Ultra-Secure Web platform to customers
Self-Defending Dedicated Web ServiceSelf-Defending Dedicated Web Service Self-Defending Shared Web hosting ServiceSelf-Defending Shared Web hosting Service
DB
3Gweb Internet
Public Global IP, receive all IP access; open ports: http,https, ssh
Administrator ISP, Data CenterHost company
HTTPHTTPS
HTTPSSSHAlarm message by e-mail
Alarm message by mobile phone
Voice server
Upload, maintenance
Web-based Admin Tool
Giga Bit FirewallPrivate Global IP, Allow Admin’s IP only.Secure protocol:,https, ssh
Bit ShieldBit ShieldCORPORATION
3Gweb® 38Copyright 2005-07 BitShield Corp.
5.5. Case studies Case studies of Web Attacksof Web Attacks
Case1. Defaced Web sites of GovernmentCase1. Defaced Web sites of Government Case2. Defaced Web sites of EnterpriseCase2. Defaced Web sites of Enterprise Case3. Steal sensitive info from HD of Case3. Steal sensitive info from HD of
Web server Web server Case4. http viruses/worms attacking Case4. http viruses/worms attacking
Web siteWeb site Case5. Spread Viruses/WormsCase5. Spread Viruses/Worms
Bit ShieldBit ShieldCORPORATION
3Gweb® 39Copyright 2005-07 BitShield Corp.
President Bush was shown on a President Bush was shown on a Web site of China government Web site of China government defaced by the RedEye hacker, defaced by the RedEye hacker,
in 2004in 2004 In August 2005:In August 2005:
2020 US Government Web sites US Government Web sites were defaced, including were defaced, including 44 NASA Web sites perpetrated NASA Web sites perpetrated by an Iranian hacker.by an Iranian hacker.
480480 Chinese Government Web Chinese Government Web sites were defaced by sites were defaced by “ChinaHacker”. “ChinaHacker”. OS: Win 2000 and OS: Win 2000 and Win 2003Win 2003
Case Study1:Case Study1: Government Defaced WebsitesGovernment Defaced Websites
A defacement of China Government’s Web site.
Bit ShieldBit ShieldCORPORATION
3Gweb® 40Copyright 2005-07 BitShield Corp.
Case Study2: Enterprise DefacementsCase Study2: Enterprise DefacementsEvenEven Microsoft’s Microsoft’s Web sites were defaced again and again Web sites were defaced again and again
July 2008, 6 Microsoft Web sites got defaced.July 2008, 6 Microsoft Web sites got defaced. June 2007 The Web site June 2007 The Web site Microsoft UKMicrosoft UK was victim of defacement. was victim of defacement. May 2007May 2007 The Web siteThe Web site Microsoft IEAK Microsoft IEAK was victim of defacement . was victim of defacement . July 2006 The Web site July 2006 The Web site Microsoft MSNMicrosoft MSN was victim of defacement . was victim of defacement . June 2005 The Web site June 2005 The Web site Microsoft Microsoft MSN KoreaMSN Korea was victim of defacement was victim of defacement July 2005 The Web site July 2005 The Web site Microsoft UKMicrosoft UK was victim of defacement. was victim of defacement. May 2004 The Web site May 2004 The Web site Microsoft UKMicrosoft UK was victim of defacement . was victim of defacement . March 2002 Three March 2002 Three MicrosoftMicrosoft Web sites were victim of defacement . Web sites were victim of defacement . June 2001 The Web site June 2001 The Web site Microsoft UKMicrosoft UK was victim of defacement . was victim of defacement . May 2001 The Web site May 2001 The Web site Microsoft UKMicrosoft UK was victim of defacement . was victim of defacement .
Even Microsoft’s Web sites Even Microsoft’s Web sites cannot be protected by current cannot be protected by current perimeter security products,perimeter security products,
How about your Web siteHow about your Web site?!?!Image of the defacement to http://ieak.microsoft.com
Bit ShieldBit ShieldCORPORATION
3Gweb® 41Copyright 2005-07 BitShield Corp.
Case Study3: Steal Case Study3: Steal Sensitive Info from HDD of Sensitive Info from HDD of
Web serverWeb server One of favorite girl in China uploaded her self's One of favorite girl in China uploaded her self's
nude pictures and the pictures of kissing with nude pictures and the pictures of kissing with her boyfriend to her Web site. And set the her boyfriend to her Web site. And set the password to inhibit other people to looking those password to inhibit other people to looking those pictures. pictures.
However, in Apr. 14 2007, the hacker intruded However, in Apr. 14 2007, the hacker intruded this Web server, steal those picture and this Web server, steal those picture and
published them to many large voluptuous sites!published them to many large voluptuous sites! http://ent.phoenixtv.com/idolnews/200704/0414_8_102925.shtml
It is because a big vulnerability existing in the It is because a big vulnerability existing in the current Web server: the all Web contents are current Web server: the all Web contents are plain text, can’t be protected on the HD, but are plain text, can’t be protected on the HD, but are directly exposed to the Internet!directly exposed to the Internet!
Bit ShieldBit ShieldCORPORATION
3Gweb® 42Copyright 2005-07 BitShield Corp.
Case Study5: Spread Case Study5: Spread Viruses/MalwareViruses/Malware
In May 16, 2005, the In May 16, 2005, the Web pages were found that were Web pages were found that were infected with viruses. Resulted many visitor’s PCs were infected with viruses. Resulted many visitor’s PCs were compromised by the viruses spread from this site. compromised by the viruses spread from this site.
This site was disabled in This site was disabled in 9 9 daysdays to repair it. to repair it. The stock price of the company down The stock price of the company down 9%!9%!
3/30/2008: Many prime sites, include USA Today, abc News, Target and Wal-Mart, U.N., UK government were infected with malware. http://www.bit-shield.com/Link200803_IFrame_attack.html
3/9/2008:3/9/2008: Web site of even large Anti-Viruses vendor Web site of even large Anti-Viruses vendor Trend Micro Trend Micro was was infected and spread malware! infected and spread malware! CACA is also is also. . http://www.bit-shield.com/Link200803_trademicro_spread_Viruses.html
25% Web pages 25% Web pages searched contains malicious code, around World.searched contains malicious code, around World. 5/13/2007, A study conducted by 5/13/2007, A study conducted by GoogleGoogle has found that about 25% web pages contained has found that about 25% web pages contained
malicious code.malicious code. http://www.bit-shield.com/Link2007051_in_10pages_infected_M_code.html
CEO offered the apology to IT industry & customers at TV station in Japan.
Viruses hacked one of largest Web site kakaku.com (IPO) in JapanViruses hacked one of largest Web site kakaku.com (IPO) in Japan
Bit ShieldBit ShieldCORPORATION
3Gweb® 43Copyright 2005-07 BitShield Corp.
Case Study4: the http Case Study4: the http viruses/worms attacking viruses/worms attacking
Web siteWeb site
http http viruses/wormviruses/worm
DateDate Hurt Web sites or Hurt Web sites or hostshosts
Takes timeTakes time
SantySanty Dec, 2004Dec, 2004 340,000340,000 2 weeks2 weeks
NimdaNimda Sep. 2001Sep. 2001
Code RedCode Red July, 2001July, 2001 250,000250,000 3 months3 months
Sadmind-IISSadmind-IIS May.2001May.2001
The http worms which can alter/disable Web The http worms which can alter/disable Web automatically are generating continue!automatically are generating continue!
No one can forecast what is the next, But the No one can forecast what is the next, But the experts are believing that the next must experts are believing that the next must come!come!
Bit ShieldBit ShieldCORPORATION
3Gweb® 44Copyright 2005-07 BitShield Corp.
Thank you for sending this file to your friends, your boss as well as your customers.
Bit Shield Corp. California USA
(714) 331-5190
http://www.bit-shield.com
BitShieldComputer Bio-Security
With ever increasing cyber threats, why should your critical business be on today’s unsecured Web servertoday’s unsecured Web server?
Thank you for your time!Thank you for your time!
Visit our Web site http://www.bit-shield.com for latest technical Information, and to Know how can purchase the 3Gweb® Self-Defending Web server!
No any person can predict what cyber-attack will come next!