Security UPDATE, October 31, 2001

[InfoSec News <isn () c4i org>]

********************
Windows 2000 Magazine Security UPDATE--brought to you by Security
Administrator, a print newsletter bringing you practical, how-to
articles about securing your Windows 2000 and NT systems.
   http://www.secadministrator.com
********************

~~~~ THIS ISSUE SPONSORED BY ~~~~

IBM Infrastructure
   http://lists.win2000mag.net/cgi-bin3/flo?y=eIeM0CJgSH0BVg0g4v0A4 

VeriSign - The Internet Trust Company
   http://lists.win2000mag.net/cgi-bin3/flo?y=eIeM0CJgSH0BVg0Lo50AW 
   (under IN FOCUS)

~~~~~~~~~~~~~~~~~~~~

~~~~ SPONSOR: IBM INFRASTRUCTURE ~~~~
   Not worried about hackers? You should be. Because they can put your 
e-business out of business. If your customers don't feel comfortable 
dealing with you online, they'll work with someone else. With IBM 
infrastructure, you'll have the security your company needs to operate 
effectively and to keep your clients comfortable. Your networks and 
servers are the backbone of your company. It's time you treated them 
that way. In today's ever-changing e-environment, keeping network 
security tight is something that can't be ignored. So is keeping your 
clients happy. Find out more from our latest security white paper 
today. 
   Download at: http://lists.win2000mag.net/cgi-bin3/flo?y=eIeM0CJgSH0BVg0g4v0A4 

********************

October 31, 2001--In this issue:

1. IN FOCUS
     - SnortSam, DCPC, and the FIRST Conference

2. ANNOUNCEMENTS
     - MEC 2001, Nice, France, November 6 Through 9, 2001
     - Attention Home Computing Enthusiasts!

3. SECURITY ROUNDUP
     - News: Penton Media Announces Security Matters Conference and 
       Exhibition 
     - News: CERT Paper Highlights DoS Trends 
     - News: Activists Blame Government for XP Privacy Invasion
     - Feature: What to Do About Windows XP

4. SECURITY TOOLKIT
     - Book Highlight: Maximum Windows 2000 Security
     - Virus Center
     - FAQ: Do Any Web Sites Exist That Check a Machine's Security?

5. NEW AND IMPROVED
     - Security Configuration Scanning Software
     - VPN Solution

6. HOT THREADS
     - Windows 2000 Magazine Online Forums
         - Featured Thread: Secure Shell--Help!
     - HowTo Mailing List 
         - Featured Thread: UNIX DHCP Windows 2000 Active Directory

7. CONTACT US
   See this section for a list of ways to contact us.

~~~~~~~~~~~~~~~~~~~~

1. ==== COMMENTARY ====

Hello everyone,

The security front has been fairly quiet over the last week, but I 
found several tools that might interest you. The first item is 
SnortSam, an open-source plugin and agent for Snort, a lightweight 
Intrusion Detection System (IDS) for Windows and UNIX systems. SnortSam 
offers automated IP address blocking in conjunction with Checkpoint 
Firewall-1, so you don't have to review Snort logs and manually enter 
new firewall rules. The tool consists of two components: a Snort 
plugin, which interacts with Snort's detection mechanism, and an agent 
that runs on the Firewall-1 system. SnortSam supports a "white list" of 
addresses that it will never block, time-driven rule-making, and 
support for several databases such as Microsoft SQL Server and MySQL. 
You can download a copy of SnortSam and the source code at the SnortSam 
Web site. 
   http://www.snortsam.net

Another interesting tool, DCPC, lets you change the local Administrator 
account passwords on numerous machines across your network from one 
workstation. Version 1.0 of the tool is available as freeware. The 
tool's maker, DC Danish-Company, intends to develop a DCPC Pro version 
of the tool and is seeking comments from interested users about any new 
features or product improvements. Be sure to check it out. 
   http://www.danish-company.com/dcpc

The Forum of Incident Response and Security Teams (FIRST) is holding 
its 14th annual Computer Security Incident Handling Conference in 
Hawaii June 24 through 28, 2002. FIRST has issued a call for papers 
from people interested in delivering a tutorial during the 5-day event. 
Conference topics include incident response, operation and tools, 
cooperation and legal issues, new vulnerabilities, ISP security, 
intruder profiling, and secure programming techniques. If you're 
interested in delivering a tutorial or attending the conference, be 
sure to visit the FIRST Web site at the URL below. Until next time, 
have a great week.
   http://www.first.org/conference/2002/cfp.html

Sincerely,

Mark Joseph Edwards, News Editor, mark () ntsecurity net

********************

~~~~~ SPONSOR: VERISIGN -- THE INTERNET TRUST COMPANY
   Secure your servers with 128-bit SSL encryption! Grab your copy of 
VeriSign's FREE Guide, "Securing Your Web site for Business," and 
you'll learn everything you need to know about using 128-bit SSL to 
encrypt your e-commerce transactions, secure your corporate intranets 
and authenticate your Web sites. 128-bit SSL is serious security for 
your online business. Get it now!
   http://lists.win2000mag.net/cgi-bin3/flo?y=eIeM0CJgSH0BVg0Lo50AW 

~~~~~~~~~~~~~~~~~~~~

2. ==== ANNOUNCEMENTS ====

* MEC 2001, NICE, FRANCE, NOVEMBER 6 THROUGH 9, 2001
   MEC 2001 offers in-depth technical training for planning, deploying, 
and managing your enterprise infrastructure. Join industry experts to 
discuss best practices for deploying Microsoft Exchange 2000 and Active 
Directory (AD), extending the platform with Office XP, and integrating 
Exchange 2000 with the other .NET Enterprise Servers. Call to register 
at +44 1252 771 133, or visit the MEC Web site.
   http://lists.win2000mag.net/cgi-bin3/flo?y=eIeM0CJgSH0BVg0gcd0AY 

* ATTENTION HOME COMPUTING ENTHUSIASTS!
   Are you interested in home networking, home theater, wireless 
connectivity, and cool electronic devices? Do you want to keep up with 
the latest high-tech developments for the home? Subscribe now (for 
FREE!) to Connected Home Express, a biweekly email newsletter that 
brings you the latest news and information to help you work and play 
smarter.
   http://lists.win2000mag.net/cgi-bin3/flo?y=eIeM0CJgSH0BVg0gye0Av 

3. ==== SECURITY ROUNDUP ====

* NEWS: PENTON MEDIA ANNOUNCES SECURITY MATTERS CONFERENCE AND 
EXHIBITION
   Penton Media, owner of Internet World Magazine, Internet World Trade 
Show, and Windows 2000 Magazine, announced the launch of Security 
Matters, a conference and exhibition Penton will hold at the upcoming 
Internet World Spring 2002 conference in the Los Angeles Convention 
Center. The conference will take place April 22 through 26 and will 
feature a 3-day conference program along with an exhibitor showcase on 
the main show floor. For more details, go to the URL below.
   http://www.secadministrator.com/articles/index.cfm?articleid=23038

* NEWS: CERT PAPER HIGHLIGHTS DOS TRENDS 
   The Computer Emergency Response Team (CERT) released a study that 
highlights recent trends in Denial of Service (DoS) attacks. CERT said 
that an influx of DoS tools began appearing on the Internet in June 
1999. The team uses this timeframe as the starting point of its study, 
but it's careful to point out that DoS tools existed before that 
timeframe, some of which are still in use now. 
   CERT points out that all systems connected to the Internet face a 
real threat from DoS attacks for two basic reasons: The Internet has 
limited resources, and security across the Internet is highly 
interdependent. Go to the URL below for more about this study.
   http://www.secadministrator.com/articles/index.cfm?articleid=23039

* NEWS: ACTIVISTS BLAME GOVERNMENT FOR XP PRIVACY INVASION
   A set of consumer and privacy groups railed against the US 
government this week for not investigating or blocking the sale of 
Windows XP, which Microsoft released October 25. Microsoft competitors 
are backing some of the groups, which have complained that the Federal 
Trade Commission (FTC) should have acted against XP when the critics 
logged their first complaints earlier this summer. The groups are 
concerned that certain XP features, such as its Passport integration, 
violate consumers' privacy and US laws.
   http://www.secadministrator.com/articles/index.cfm?articleid=23018

* FEATURE: WHAT TO DO ABOUT WINDOWS XP
   An array of Microsoft competitors, government bodies, and special-
interest groups attempted to forestall the release of Windows XP, so 
you might wonder whether you should fear rather than adopt XP. The OS 
includes several technologies that scare people for various reasons. 
The biggest bugaboo, Windows Product Activation (WPA), enforces 
Microsoft licensing policies. Individuals will no longer be able to use 
one XP product key to install XP on multiple PCs. For corporate users, 
WPA is a nonevent because volume-licensed copies of XP won't even 
   Understanding and choosing among Microsoft volume-licensing options 
takes effort, but if your company isn't already using volume licensing, 
it should start. In addition to the obvious benefit of not having to 
deal with WPA, volume licensing offers lower prices and an array of 
support options. Any company purchasing five or more XP licenses 
qualifies.
   http://www.win2000mag.com/articles/index.cfm?articleid=22542

4. ==== SECURITY TOOLKIT ====

* BOOK HIGHLIGHT: MAXIMUM WINDOWS 2000 SECURITY
   By Sams
   List Price: $49.99
   Fatbrain Online Price: $39.99
   Hardcover; 800 pages
   Published by Sams, September 2001
   ISBN 0672319659

For more information or to purchase this book, go to 
http://www1.fatbrain.com/asp/bookinfo/bookinfo.asp?theisbn=0672319659 
and enter WIN2000MAG as the discount code when you order.

* VIRUS CENTER
   Panda Software and the Windows 2000 Magazine Network have teamed to 
bring you the Center for Virus Control. Visit the site often to remain 
informed about the latest threats to your system security.
   http://www.secadministrator.com/panda

* FAQ: DO ANY WEB SITES EXIST THAT CHECK A MACHINE'S SECURITY?
   ( contributed by Paul Robichaux, http://www.windows2000faq.com )

A. Microsoft Personal Security Advisor (MPSA) is a Web application that 
uses an ActiveX plugin to perform security checks on Windows 2000 and 
Windows NT 4.0 systems. (MPSA is available at the URL below.) MPSA 
checks include the following: account password strength, password 
length, automatic logon, anonymous access, auditing, service packs, 
shares, file systems, services, Microsoft Internet Explorer (IE), 
Microsoft Outlook zones, and Microsoft Office macro settings.
   http://www.microsoft.com/technet/mpsa/start.asp

MPSA provides a solution and detailed implementation instructions for 
any problems the tool finds. Although Microsoft designed MPSA for Win2K 
and NT machines, the application also works with Windows XP.

5. ==== NEW AND IMPROVED ====
   (contributed by Scott Firestone, IV, products () win2000mag com)

* SECURITY CONFIGURATION SCANNING SOFTWARE
   e-business technology released PoliVec Scanner 2.1, security-
configuration-scanning software for Windows 2000 and Windows NT 
networks and workstations. The new release features enhanced reporting, 
enhanced file management, remote configuration corrections, links to 
Microsoft technical articles, enhanced password evaluation, and 
scheduled audit evaluation. PoliVec Scanner 2.1 costs $995 for a five-
system license. Contact e-business technology at 719-599-9605.
   http://www.polivec.com

* VPN SOLUTION
   SSH Communications Security released SSH Complete VPN, the fist 
product in the company's IPVia family of VPN solutions. The solution 
consists of three components: the physical SSH VPN Gateway for site-to-
site connections, the SSH Sentinel software VPN client for mobile 
users, and the Central manager for centralized VPN management and 
configuration. The solution supports standard IP Security (IPSec) 
encryption and Internet Key Exchange (IKE) key management. For pricing, 
contact SSH Communications Security at 650-251-2700.
   http://www.ssh.com

6. ==== HOT THREADS ====

* WINDOWS 2000 MAGAZINE ONLINE FORUMS
   http://www.win2000mag.net/forums 

Featured Thread: Secure Shell--Help!
   (One message in this thread)

Jessica is looking for a systems administrator who has used Secure 
Shell 3.3.1 (latest version). She's working on a systems administration 
team in a lab that's based on Windows 2000, Windows NT, and UNIX, and 
she wants to implement the Secure Shell program to make sure that no 
one internally can steal the root/admin password. Can you help? Read 
more about the questions and responses or lend a hand at the following 
URL:
   http://www.secadministrator.com/forums/thread.cfm?thread_id=81566

* HOWTO MAILING LIST
   http://www.secadministrator.com/listserv/page_listserv.asp?s=howto

Featured Thread: UNIX DHCP Windows 2000 Active Directory
   (Three messages in this thread)

This user has a UNIX and Windows network that he intends to migrate to 
Windows XP. He's wondering if his UNIX-based DHCP daemon will 
interoperate properly with Windows 2000 Active Directory (AD). Can you 
help? Read the responses or lend a hand at the following URL:
http://63.88.172.96/listserv/page_listserv.asp?a2=ind0110d&l=howto&p=1706

7. ==== CONTACT US ====
   Here's how to reach us with your comments and questions:

* ABOUT THE COMMENTARY -- mark () ntsecurity net

* ABOUT THE NEWSLETTER IN GENERAL -- mlibbey () win2000mag com; please
mention the newsletter name in the subject line.

* TECHNICAL QUESTIONS -- http://www.win2000mag.net/forums

* PRODUCT NEWS -- products () win2000mag com

* QUESTIONS ABOUT YOUR SECURITY UPDATE SUBSCRIPTION? -- Email Customer
Support at securityupdate () win2000mag com.

* WANT TO SPONSOR SECURITY UPDATE? -- emedia_opps () win2000mag com

********************

   Receive the latest information about the Windows 2000 and Windows NT
topics of your choice. Subscribe to our other FREE email newsletters.
   http://www.win2000mag.net/email

|-+-+-+-+-+-+-+-+-+-| 

Thank you for reading Security UPDATE.

SUBSCRIBE
To subscribe, send a blank email to mailto:Security_UPDATE_Sub () lists win2000mag net.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY
of the mail.