Websense Offers Facebook Users Free ‘Firewall’ Service

Outsmart Malicious Hackers


There have been quite a few security concerns with Facebook, especially with the amount of personal information it collects on it’s users.

Of course there is Koobface and it’s many variants which have been propagating all kinds of spam through Facebook wall posts and messages.

I’m glad someone is offering a solution for free, yes they benefit from it too by being able to gather data on Facebook activity and the quantity of malicious posts occurring on Facebook.

Security vendor Websense if offering Facebook users and businesses a new free ‘firewall’ service that monitors their pages for malicious posts, links and spam.

Defensio 2.0 checks all posts to Facebook in real time against Websense’s ThreatSeeker Network, a database of problem URLs, before deciding whether to categorise a post as malicious or unwanted. This also draws from data gathered by US ISP Radialpoint and URL shortening service bit.ly before performing further heuristic analysis as a final check.

If a bad post is detected, the system logs and informs the user who makes the final decision. As with the original Defensio system – acquired a year ago when Websense bought the company of the same name – it can also monitor web pages for rogue posting, pre-emptively blocking those it deems unwanted.

“We are seeing real threats to Facebook such as Koobface,” said Websense senior research manager, Carl Leonard.

It seems to work on a ‘moderation’ model so if the software detects any suspicious automated messages/links or other dodgy activity it will block the post/message and allow the user to approve/deny the request.

But then it’s only going to be effective if take-up is good amongst the non-tech savvy users where the problems tend to be a lot more common.

Sadly this seems highly unlikely as only people who read sites like this will know about it, unless it get’s heavily promoted on Facebook..but then you have to contend with ad-blindness problems.

According to Leonard, an advantage of Web 2.0 monitoring was that it gave security companies a way of following criminals inside the otherwise closed world of social media, something that many security vendors can’t yet do. “We can have visibility into threats on these social networks, and have a fantastic feed of information that can benefit all our customers,” he said.

Leonard was not able to say when or if the monitoring might be available other social media sites or feeds such as twitter, where rogue behaviour can be difficult to spot.

The service is free for anyone with fewer than 50,000 posts per month, and for companies with 15 employees of less. For professional sites or sites with larger volumes of posts, the service starts at $5 (£3) per month, per site.

It’s free for most people, I’d imagine very few companies are making 1500 posts per day! Even if you need to pay it’s pretty cheap.

I hope to see more initiatives from companies like this, and ideally someone working with Facebook themselves to increase pro-active security measures on the site.

Obviously that’s not their first priority and with the recent brouhaha about their new privacy terms and default settings..you should be concerned about what information of yours they intend to utilise.

Source: Network World

Posted in: Countermeasures, Malware, Security Software, Web Hacking

, , , , , , , ,


Latest Posts:


StaCoAn - Mobile App Static Analysis Tool StaCoAn – Mobile App Static Analysis Tool
StaCoAn is a cross-platform tool which aids developers, bug bounty hunters and ethical hackers performing mobile app static analysis on the code of the application for both native Android and iOS applications.
snallygaster - Scan For Secret Files On HTTP Servers snallygaster – Scan For Secret Files On HTTP Servers
snallygaster is a Python-based tool that can help you to scan for secret files on HTTP servers, files that are accessible that shouldn't be public and can pose a s
Portspoof - Spoof All Ports Open & Emulate Valid Services Portspoof – Spoof All Ports Open & Emulate Valid Services
The primary goal of the Portspoof program is to enhance your system security through a set of new camouflage techniques which spoof all ports open and also emulate valid services on every port.
Cambridge Analytica Facebook Data Scandal Cambridge Analytica Facebook Data Scandal
One of the biggest stories of the year so far has been the scandal surrounding Cambridge Analytica that came out after a Channel 4 expose that demonstrated the depths they are willing to go to profile voters, manipulate elections and much more.
GetAltName - Discover Sub-Domains From SSL Certificates GetAltName – Discover Sub-Domains From SSL Certificates
GetAltName it's a little script to discover sub-domains that can extract Subject Alt Names for SSL Certificates directly from HTTPS websites which can provide you with DNS names or virtual servers.
Memcrashed - Memcached DDoS Exploit Tool Memcrashed – Memcached DDoS Exploit Tool
Memcrashed is a Memcached DDoS exploit tool written in Python that allows you to send forged UDP packets to a list of Memcached servers obtained from Shodan.


2 Responses to Websense Offers Facebook Users Free ‘Firewall’ Service

  1. Deborah S January 26, 2010 at 6:52 pm #

    Oh great. Well, I suppose for those people who feel that they absolutely must use Facebook, this tool could be helpful. But from a privacy perspective, those using it are simply acquiring another peeping Tom. Not only will they have Facebook monitoring their activities, but they’ll have Websense snooping on them as well. No thanks, I’ll cultivate my friends and communicate with my family one-on-one, the old-fashioned way.

  2. NNM January 27, 2010 at 9:36 am #

    Adblock Facebook domain and all these annoying little icons that are spawning all over the next (adblock *facebook*, block domain, adblock icons containing fb.gif, etc.)
    If anyone goes on a “rid the world of facebook crusade”, please invite me.