• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs
Kudos2

Norton Browser Protection: Protecting you from web attacks

Norton Browser Protection       

One of the lesser known capabilities in our Norton protection products is a feature that protects you from attack when you surf the web. We call this feature Norton Browser Protection and I thought I’d spend a few minutes sharing with you what it does and why we believe it has become a critical part of protecting you from attack as you surf the web.

 

What’s the problem that Browser Protection addresses? 

Well think about how much time you spend surfing the web every day. I bet it’s a lot more that it was five years ago. As more and more of our activities migrate into cyberspace, we find ourselves increasingly relying on a web browser to surf sites, to shop, to pay our bills and to interact socially. This has unfortunately created a new opportunity for cybercriminals. Two things contribute making this a big problem:

1)      It’s no longer just bad sites that serve up malicious code. While it used be that if you stayed clear of the darker corners of the internet (e.g. adult content sites or sites offering pirated software) you were far less likely to encounter malware online, today that is no longer the case. The regular day to day websites that we all interact with have become more and more complex, and while large corporations have sufficient resources to oversee the security of their web operations, typically smaller sites do not. Consider your local pizza shop or neighbourhood school website. You may interact with such sites on a frequent basis and certainly wouldn’t expect them to infect you with malware, but the reality is that today they just very well might. How do you know they have not been compromised by a cybercriminal? Realizing that such sites are often poorly protected, cybercriminals actively search out such sites looking for weaknesses to find their way in. Once inside (unlike the highly visible hacker attacks of yesteryear) they don’t announce their presence, but stealthily install malicious code which sits there attempting to infect the visitors of the compromised sites, in other words you and me. Think about it, using such stealthy techniques, the local pizza store owner never even knows their site has been compromised…

2)      The software we use on our PCs has gotten ever more complex. Adding to the problem is the growing complexity of our PCs. We all use a piece of software called a web browser to surf the web, but the simple web browser is no longer just that. Today’s browser has evolved into a multitude of moving parts (including many plug-ins) that enable you and I to engage in rich web interactions such as viewing movies and automatically rendering PDF documents. Unfortunately complexity brings with it a higher likelihood of software bugs and many of these bugs (called vulnerabilities) can allow an attacker to inject malicious code into your system simply as a side effect of you simply visiting a compromised website, even if you don’t click or download anything from that side. Of course software vendors are quick to release patches to fix these bugs, but realistically how many of us are diligent enough to keep our web browser (and all of the plug-ins) patched and up to date. Our data tells us that many users don’t. In fact of the visitors that visit this website each day, more than 20% are still using Internet Explorer version 6, yet version 8 has been available for over a year now. 

Together these two factors have increased the likelihood that you will come under attack as you surf the web.

So what’s our solution?

Well our Intrusion Prevention System (IPS) is part of the solution. I wrote about this in a previous blog entry. In many cases it can spot attempts to leverage software bugs in the browser by just watching the HTTP network traffic as it enters your machine. Cybercriminals however are learning to hide their tracks and are starting to go to great lengths to obfuscate their attacks.

Anticipating this trend in the threat space, over the last few years we have been investing in technology to strengthen the defences of popular browsers. This technology, called Norton Browser Protection, watches your web browser as you surf the web and looks out for attempts by remote web sites to exploit known software bugs (vulnerabilities) in your web browser to inject code onto your PC. Unlike our IPS which focuses on examining network traffic, Norton Browser Protection sits inside the browser and watches each webpage as it is displayed on your screen. This makes it much harder to hide the malicious code.

The nice thing about this is that, Norton Browser Protection technology is signature driven. This means that when you update your Antivirus definitions (which our Norton products do automatically for you many times throughout the day) you also get updated signatures to prevent against any newly discovered bugs (vulnerabilities) in your web browser (and plug ins) from being exploited.  These signatures protect against the underling vulnerability and just one signature can protect against thousands of variants of malware including ones we have never seen before!  Our security response team monitors for new vulnerabilities in browsers and browser plug-ins on a 24x7 basis. So even if you are not good about patching and keeping the software on your PC up to date, you can still surf the web safe in the knowledge that Norton Browser Protection is looking out for you.

So what about performance, will this slow me down as I surf the web?  

No, one nice advantage of Norton Browser Protection is that, it protects against “real” attacks. It only applies its defences to vulnerable systems and browsers (i.e. it focuses on monitoring known software bugs that have not yet been patched). If your system has been patched for a particular vulnerability, the Norton Browser Protection does not block attempts to exploit it. This ensures higher performance on fully patched systems.

What happens when this Browser Protection blocks an attack?

In most cases Browser Protection filters only the malicious portion of a web page, while allowing the rest of the web content to be displayed without change. This allows you to still access a compromised website (e.g. your local pizza store or neighbourhood school website) but it keeps the malicious content off your machine. You will see a pop-up letting you know that Norton Browser Protection has kept you safe. In other cases where websites are highly infected Norton Browser Protection will take you to a warning page (like the one shown here).

 

 

 

 

 

 

 

 

 

 

 

 

 

This gives you the opportunity to decide for yourself whether you want to continue browsing the infected website.  In a few rare cases, where the remote website is dangerously infected Norton Browser Protection may have to abruptly terminate your local web browser to ensure your safety.

What sort of results are we seeing with Norton Browser Protection?

Based on our statistics, Norton’s Browser Protection has prevented close to 25 Million attack attempts on our users over the last twelve months and it did this while still maintaining the high performance protection that Norton users have come to expect. We’re continue to monitor the threat landscape looking for new bugs in the browsers that we all use and keep Norton Browser Protection updated to protect against attempts to exploit those bugs.

Conclusion

So there you have it. Norton Browser Protection has been a part of our NAV/ NIS/ N360 shipping products for the last three years. It’s available today for the most popular browsers like Internet Explorer and Firefox and we are continuing to add support for newer browsers as our users (like you) demand. If you’ve any questions about this technology, drop me a note and I’ll be happy to provide more detail.

Comments

Kudos0

INSTALLED NORTON ANTIVIRUS 2011

Received a FREE card that says can get a PC Performance FREE and to go to

Norton.com/FreeCheckup. Went to this site and cannot find.

Anyone taken advantage of this or just forget it.

Kudos0

WOULD SOMEONE, EVEN A NORTON TECH., PLEASE HELP ME FIND WHAT IS CAUSING ME, HELL, ANYTIME I TYPE. IT HAPPENS ESPECIALLY, IN GMAIL. CURSOR JUMPS ALL OVER THE PLACE AND WORDS GO EVERYWHERE THEY SHOULDN'T. ALSO, I HAVE NOTICED THE GMAIL, AUTOSAVE DOES NOT HELP AND WHEN IT GOES I SOMETIMES GET POP UP SCREENS AND THE SPACE BAR AND TOUCHPAD ARE LIKE ELECTRICALLY, ENERGIZED AND WHEN I MOVE  MY HAND OVER THEM TO TYPE, THE CURSOR GOES WILD. I THINK, IT IS SPYWARE BUT I CAN'T FIND IT AND NEITHER CAN NORTON SECURITY, (RECENT EDITION).

  THANKS,

 

MLG

Kudos0

This is typical FakeAV UI. We will take a look at this weblink ... as long as it is still live. 

Kudos0

Norton Browser Protection       

One of the lesser known capabilities in our Norton protection products is a feature that protects you from attack when you surf the web. We call this feature Norton Browser Protection and I thought I’d spend a few minutes sharing with you what it does and why we believe it has become a critical part of protecting you from attack as you surf the web.

 

What’s the problem that Browser Protection addresses? 

Well think about how much time you spend surfing the web every day. I bet it’s a lot more that it was five years ago. As more and more of our activities migrate into cyberspace, we find ourselves increasingly relying on a web browser to surf sites, to shop, to pay our bills and to interact socially. This has unfortunately created a new opportunity for cybercriminals. Two things contribute making this a big problem:

1)      It’s no longer just bad sites that serve up malicious code. While it used be that if you stayed clear of the darker corners of the internet (e.g. adult content sites or sites offering pirated software) you were far less likely to encounter malware online, today that is no longer the case. The regular day to day websites that we all interact with have become more and more complex, and while large corporations have sufficient resources to oversee the security of their web operations, typically smaller sites do not. Consider your local pizza shop or neighbourhood school website. You may interact with such sites on a frequent basis and certainly wouldn’t expect them to infect you with malware, but the reality is that today they just very well might. How do you know they have not been compromised by a cybercriminal? Realizing that such sites are often poorly protected, cybercriminals actively search out such sites looking for weaknesses to find their way in. Once inside (unlike the highly visible hacker attacks of yesteryear) they don’t announce their presence, but stealthily install malicious code which sits there attempting to infect the visitors of the compromised sites, in other words you and me. Think about it, using such stealthy techniques, the local pizza store owner never even knows their site has been compromised…

2)      The software we use on our PCs has gotten ever more complex. Adding to the problem is the growing complexity of our PCs. We all use a piece of software called a web browser to surf the web, but the simple web browser is no longer just that. Today’s browser has evolved into a multitude of moving parts (including many plug-ins) that enable you and I to engage in rich web interactions such as viewing movies and automatically rendering PDF documents. Unfortunately complexity brings with it a higher likelihood of software bugs and many of these bugs (called vulnerabilities) can allow an attacker to inject malicious code into your system simply as a side effect of you simply visiting a compromised website, even if you don’t click or download anything from that side. Of course software vendors are quick to release patches to fix these bugs, but realistically how many of us are diligent enough to keep our web browser (and all of the plug-ins) patched and up to date. Our data tells us that many users don’t. In fact of the visitors that visit this website each day, more than 20% are still using Internet Explorer version 6, yet version 8 has been available for over a year now. 

Together these two factors have increased the likelihood that you will come under attack as you surf the web.

So what’s our solution?

Well our Intrusion Prevention System (IPS) is part of the solution. I wrote about this in a previous blog entry. In many cases it can spot attempts to leverage software bugs in the browser by just watching the HTTP network traffic as it enters your machine. Cybercriminals however are learning to hide their tracks and are starting to go to great lengths to obfuscate their attacks.

Anticipating this trend in the threat space, over the last few years we have been investing in technology to strengthen the defences of popular browsers. This technology, called Norton Browser Protection, watches your web browser as you surf the web and looks out for attempts by remote web sites to exploit known software bugs (vulnerabilities) in your web browser to inject code onto your PC. Unlike our IPS which focuses on examining network traffic, Norton Browser Protection sits inside the browser and watches each webpage as it is displayed on your screen. This makes it much harder to hide the malicious code.

The nice thing about this is that, Norton Browser Protection technology is signature driven. This means that when you update your Antivirus definitions (which our Norton products do automatically for you many times throughout the day) you also get updated signatures to prevent against any newly discovered bugs (vulnerabilities) in your web browser (and plug ins) from being exploited.  These signatures protect against the underling vulnerability and just one signature can protect against thousands of variants of malware including ones we have never seen before!  Our security response team monitors for new vulnerabilities in browsers and browser plug-ins on a 24x7 basis. So even if you are not good about patching and keeping the software on your PC up to date, you can still surf the web safe in the knowledge that Norton Browser Protection is looking out for you.

So what about performance, will this slow me down as I surf the web?  

No, one nice advantage of Norton Browser Protection is that, it protects against “real” attacks. It only applies its defences to vulnerable systems and browsers (i.e. it focuses on monitoring known software bugs that have not yet been patched). If your system has been patched for a particular vulnerability, the Norton Browser Protection does not block attempts to exploit it. This ensures higher performance on fully patched systems.

What happens when this Browser Protection blocks an attack?

In most cases Browser Protection filters only the malicious portion of a web page, while allowing the rest of the web content to be displayed without change. This allows you to still access a compromised website (e.g. your local pizza store or neighbourhood school website) but it keeps the malicious content off your machine. You will see a pop-up letting you know that Norton Browser Protection has kept you safe. In other cases where websites are highly infected Norton Browser Protection will take you to a warning page (like the one shown here).

 

 

 

 

 

 

 

 

 

 

 

 

 

This gives you the opportunity to decide for yourself whether you want to continue browsing the infected website.  In a few rare cases, where the remote website is dangerously infected Norton Browser Protection may have to abruptly terminate your local web browser to ensure your safety.

What sort of results are we seeing with Norton Browser Protection?

Based on our statistics, Norton’s Browser Protection has prevented close to 25 Million attack attempts on our users over the last twelve months and it did this while still maintaining the high performance protection that Norton users have come to expect. We’re continue to monitor the threat landscape looking for new bugs in the browsers that we all use and keep Norton Browser Protection updated to protect against attempts to exploit those bugs.

Conclusion

So there you have it. Norton Browser Protection has been a part of our NAV/ NIS/ N360 shipping products for the last three years. It’s available today for the most popular browsers like Internet Explorer and Firefox and we are continuing to add support for newer browsers as our users (like you) demand. If you’ve any questions about this technology, drop me a note and I’ll be happy to provide more detail.

Kudos0
Moved to Norton for Mac Board for better exposure.
Kudos0

 Just a warning, this site marked as questionable is definitley bad. I clicked on it in error.

google.co.uk/url?sa=t&source=web&cd=45&ved=0CCkQFjAEOCg&url=http%3A%2F%2Ftuscanygiftcard.com%2FM6tKp3%2F&ei=0-

ulTNWfG5HQ4wb_3KDMDQ&usg=AFQjCNGZLQbqijY81ysJBCVtvkVII134Pg


  • download this is halloween sheet music Deep River Negro Spiritual (Parsfield) Sa (Ea310) at ... The biggest selection of sheet music, scores, songbooks, ...
    tuscanygiftcard.com/M6tKp3/ - Cached
  • It downloads a false warning that your computer is under attack and then offers to install some software to clear the problem (!) all dressed up with a Microsoft Logo. However Norton did not appear to intervene.

    Ed B

    [edit: Please do not direct link to potentially dangerous websites per the Participation Guidelines and Terms of Service.]

    Kudos0

    There are many news reports from Pwn2Own contest in Vancouver this past week where hackers in seconds managed to compromise many major browsers. I have found no mention of what if any anti virus/anti malware packages any of the target machines were running. The questions are: a; were they running any internet suites, b; will any of the internet suites prevent the compromises, c; the Norton 360 I am using, does it provide me protection from the compromises detailed at Pwn2Own?

    Kudos1

    Has anyone had any problems from something called AV8 .  I did not download it, but there it was on the desktop.  I did not open it, but then made the mistake of clicking on uninstall.  I have yet to recover the computer.  It restarts over and over.  You can't even shut it down properly.  I am at a loss as to what to do.

    Kudos0

    I DL'ed a nice little PacMan/Trojan bundle (win32.Suspect Crc!) from a 'trusted' site. Norton and Power Eraser couldn't detect this old trojan (!), and neither could Malwarebytes. If you like getting gadgets, extensions, and other useless stuff, I strongly recommend you get Emsisoft with the Ikarus scanner (free scan), which picked up this trojan and quarantined it for me to kill.

    Kudos0

    what part of norton would cause my interactive games to not be loaded?  I like to play Boggle on Pogo but when I try to play it closes my tabs (e) or crashes my session in Chrome.  I can play other games just not anything that is interactive or live with other participants.  It is something on this PC whitch has Windows 7 and is a Sony Viao.  I have download new Flash and disabled pop-up blockers but still no luck.  Any help would be appreciated. Thanks

    Kudos0

    Norton Browser Protection: Not protecting you from web attacks

    see http://community.norton.com/t5/Norton-Internet-Security-Norton/NIS-2011-allows-downloads-from-malicious-sites/td-p/308796 topic of Norton Community Forum

    Kudos1

    I HAVE BEEN DESPERATELY TRYING TO GET THE TOOLBAR YOU SHOW HOW TO ENTER THAT TOOLBAR WITH THE GREEN SAFE SEARCH WITH THE YELLOW LOGIN BUTTON INTO MY INTERNET TOOLBAR

    Kudos0

    Looks like there are some comments here that needs a little clean-up 

    Anyways. We've been very happy with a browser protection although the Google Chrome web browser has developed into a really safe browser.