A zero day refers to an exploit through a worm or a virus that is meant for attacking a computer before the public announcement of a vulnerability in a computer system for which there is no fix available. Anti-virus software is useless against zero day attacks because there is no update available on how to identify them and hence it is difficult to defend against them.
Zero-day is a high alert label, its attacks are often effective against “secure” networks and can remain undetected even after they are launched.
Zero Day Protection;

Intelligent hardware is the only way to protect network from zero day attacks by monitoring and analyzing sudden changes in network behavior. When it notices that the behavior is going abnormal it will divert resources from the affected areas and alert the users. The most recent was a new zero day exploit alert recently on 18th sept 2006, that was supposed to originate from a porn website particular targeted because of its vulnerability in VML inside of IE. Usually a security update is released to prevent future attacks. ZERT [Zero day Emergency Response Team] is a group of software engineers who work to release non-vendor patches for such exploits.

Article by Paul Johnson, CMO, http://www.eTechSupport.net

Bookmark This Post: