Tackle malicious Web code without infecting yourself


How do you investigate potentially malicious Web page code without infecting yourself? As a computer security defender, I'm often in a position where I need to investigate a potentially malicious Web link. Maybe it arrived as a really legitimate looking phish email, in a new exploit announcement, or within embedded codes of some other media. Either way, either I'm not sure whether the link is really malicious or I'm sure the link is malicious, but I want to view the source or intended download.

The quickest investigation method -- but probably the least secure -- is to run an alternate browser that is not normally capable of automatically executing the malicious link or malware. For instance, because most browser threats are made for Microsoft’s Internet Explorer, I often use Mozilla Firefox or another browser. This usually works, but you never know when your alternate browser will be just as exposed to the malicious link or program that you are exploring. Tackle malicious Web code without infecting yourself | InfoWorld | Column | 2006-06-09 | By Roger A. Grimes

Linked by shanmuga Monday, 12th June 2006 11:27PM