Windows & .NET Magazine Security UPDATE--July 9, 2003

[InfoSec News <isn () c4i org>]

====================

==== This Issue Sponsored By ====

HP & Microsoft Network Storage Solutions Road Show
   http://list.winnetmag.com/cgi-bin3/DM/y/eRhZ0CJgSH0CBw07cD0Aa

====================

1. In Focus: Antispam Movement: Going in Opposite Directions

2. Security Risks
     - DoS in Opera Web Browser

3. Announcements
     - Attend the Black Hat Briefings & Training, July 28-31 in Las
       Vegas
     - Active Directory eBook Chapter 2 Published!

4. Security Roundup
     - News: Exclusive: Microsoft's Plan to End the Patch Management
 Nightmare
     - News: Catastrophic Risk Index
     - News: Microsoft Plugs Another Passport Security Hole
     - News: Department of the Interior Kicked Off the Internet
 
5. Instant Poll
     - Results of Previous Poll: Fighting Software Piracy
     - New Instant Poll: Handling Spam

6. Security Toolkit
     - Virus Center
     - FAQ: What Automated Procedure Can I Use to Disconnect All Users
       from My Server at a Certain Time Each Day?

7. Event
     - New--Mobile & Wireless Road Show!
 
8. New and Improved
     - Conduct Network Security Audits
     - Submit Top Product Ideas

9. Hot Thread
     - Windows & .NET Magazine Online Forums
         - Featured Thread: Using Subinacl to Change Ownership on All
           Files in a Directory Tree

10. Contact Us
   See this section for a list of ways to contact us.

====================

==== Sponsor: HP & Microsoft Network Storage Solutions Road Show ====

   Missed the Network Storage Solutions Road Show?
   If you couldn't make the HP & Microsoft Network Storage Solutions
Road Show, you missed Mark Smith talking about Windows-Powered NAS,
file server consolidation, and more.  The good news is that you can
now view the Webcast event in its entirety at:
   http://list.winnetmag.com/cgi-bin3/DM/y/eRhZ0CJgSH0CBw07cD0Aa

====================

==== 1. In Focus: Antispam Movement: Going in Opposite Directions ====
   by Mark Joseph Edwards, News Editor, mark () ntsecurity net

As you know, spam is causing an uproar, and many are mounting a
considerable effort to put a damper on it. That effort recently
delivered a significant blow, when the British Broadcasting
Corporation (BBC) revealed that it had uncovered what it believes to
be the source of tens of millions of spam items sent out each day.

During a special journalistic investigation, the BBC found evidence
that the computers of thousands of companies around the world are
being hijacked to deliver spam and to host questionable Web sites.
Obviously, spammers use hijacked computers to help cover their tracks.
One of the hijacked companies was British Airways, whose network
attackers used to host a Web site for mail-order brides.

By further tracking clues such as IP addresses and domain-registry
information, the BBC followed the trail first to South America, then
to the Netherlands. In the Netherlands, the BBC discovered that Dutch
ISP MegaProvider is connected to a known group of spammers. The BBC
investigation team confronted the operator of MegaProvider, and you
can read the details in a news story at the BBC News Web site.
   http://news.bbc.co.uk/1/hi/technology/3036092.stm

The fallout against MegaProvider is significant so far: The company
lost peering contracts and customers, and other ISPs entirely blocked
its networks. The complete outcome remains to be seen. The BBC story
points out that we can prevent spam by nipping it in the bud.

As you know, corporate giants have taken a more public stance against
spammers. Some of their endeavors have gained the spotlight in various
US publications. You might be surprised to learn what's been reported.

 The "Washington Post" reports that Missouri Attorney General Jay
Nixon has accused Microsoft of trying to run a protection racket
through which Microsoft would earn money from companies that want to
send bulk mail. In addition, The "Washington Post" reports that
Microsoft opposes a do-not-spam registry because such registries might
be attacked to reveal millions of email addresses.
   http://www.bayarea.com/mld/cctimes/news/6244003.htm

The "Washington Times" also reports that Microsoft opposes a
do-not-spam registry--because it would be technologically impractical
and unenforceable. But if a registry works to curb telemarketers, why
can't it work to curb spammers too?
   http://washingtontimes.com/business/20030629-103835-5128r.htm

ZDNet UK and CNET report that critics of Microsoft's push against spam
say the company's stated opposition to spam is hypocritical--and that
the company should "get its own house in order" first. Microsoft has
defended itself against the criticism, which cites MSN and Hotmail as
contributors to the spam problem.
   http://news.zdnet.co.uk/story/0,,t269-s2136652,00.html
 
"The Sacramento Bee" reports that Microsoft "has fought legislation in
Missouri, Michigan, and California that would make it illegal to send
commercial email to anyone who doesn't want it. Microsoft instead has
supported laws that allow companies to send unsolicited email,
provided that they do not use deceptive or fraudulent practices and
offer consumers the chance to opt out of future solicitations."
   http://www.sacbee.com/content/politics/story/6960914p-7910017c.html

The bottom line is that spam is a huge money-maker for companies that
deliver it (whether the spam is legitimate advertising or not),
companies that advertise through spam, and companies that sell
products that help filter spam. At the same time, spam costs
businesses a lot of money because they have to buy and administer
filtering products--and bear the expense of the associated bandwidth.

Spam represents the opportunity to make big money fast--for software
and service companies and for entities involved in advertising. Even
so, people are for the most part tired of unwanted email messages. I
think the most cost-effective ways to curb unwanted email involve a
combination of efforts that include a law that requires people to
opt-in to receive advertising, do-not-spam lists, and filtering
technologies. (I realize that I might be shortsighted about this
matter. Email me your ideas.) We might even see significant changes to
the underlying technology of email itself, such as digital postage or
mandatory identity management to ensure that email messages arrive at
their destination.

Laws do help curb spam (large companies are successfully suing
spammers), but they don't always address the challenges that
international spammers present. Digital postage might help, but it
won't be well received. Identity management seems like the most
potentially effective course. In any case, I think we'll all probably
spend more time and more money on technology to keep unwanted email at
bay in the future. Keep an eye on the spam debates because you might
have to adjust your budgets and network topology accordingly.

==== 2. Security Risks ====
   contributed by Ken Pfeil, ken () winnetmag com

DoS in Opera Web Browser
   A person using the alias "Operash" discovered five new bugs in
Opera 7 for Windows Web browser, each of which can result in a Denial
of Service (DoS) condition. Opera was notified on June 24, 2003, but
hasn't yet responded to these problems.
   http://www.secadministrator.com/articles/index.cfm?articleid=39456

==== 3. Announcements ====
   (from Windows & .NET Magazine and its partners)

Attend the Black Hat Briefings & Training, July 28-31 in Las Vegas
   This is the world's premier technical IT security event, with lots
of Windows sessions! 10 tracks, 15 training sessions, 1800 delegates
from 30 nations including all of the top experts from CSOs to
"underground" security specialists. See for yourself what the buzz is
all about! This event will sell out, so register now.
   http://list.winnetmag.com/cgi-bin3/DM/y/eRhZ0CJgSH0CBw0pHV0AO

Active Directory eBook Chapter 2 Published!
   The second chapter of Windows & .NET Magazine's popular eBook
"Windows 2003: Active Directory Administration Essentials" is now
available at no charge! Chapter 2 looks at what's new and improved
with Active Directory (AD). Download it now!
   http://list.winnetmag.com/cgi-bin3/DM/y/eRhZ0CJgSH0CBw0BALs0AG

==== 4. Security Roundup ====

News: Exclusive: Microsoft's Plan to End the Patch Management
Nightmare
   One of the biggest challenges facing Microsoft's enterprise
customers today is patch management, primarily because the company's
many products all have their own tools and methods for providing
software updates.
   http://www.secadministrator.com/articles/index.cfm?articleid=39451

News: Catastrophic Risk Index
   Internet Security Systems (ISS) has released its Catastrophic Risk
Index (CRI), which the company says is "a list of the most serious,
high-risk vulnerabilities and attacks currently affecting computer
networks." To be included in the CRI, a vulnerability had to meet
several criteria, such as being pervasive across all industries.
   http://www.secadministrator.com/articles/index.cfm?articleid=39464

News: Microsoft Plugs Another Passport Security Hole
   Microsoft has plugged another security hole in its .NET Passport
solution a few days after Victor Manuel Alvarez Castro posted a
message to a vulnerability discussion mailing list that discussed
details of the problem.
   http://www.secadministrator.com/articles/index.cfm?articleid=39465

News: Department of the Interior Kicked Off the Internet
   According to a report by Jupitermedia, the US Department of the
Interior has been ordered to disconnect from the Internet because the
department refused to cooperate with security auditors.
   http://www.secadministrator.com/articles/index.cfm?articleid=39463

=====================
 
==== Hot Release ====

Research in Motion
   * BlackBerry Security White Paper for Microsoft Exchange
   Download this free technical white paper now from Windows & .NET
Magazine's White Paper Central. Brought to you courtesy of Research in
Motion.
   http://ad.doubleclick.net/clk;5580710;7402808;g?http://www.blackberry.com/select/server_wp/index.shtml?CPID=AF22037


==== 5. Instant Poll ====

Results of Previous Poll: Fighting Software Piracy
   The voting has closed in Windows & .NET Magazine's Security
Administrator Channel nonscientific Instant Poll for the question, "Do
you think legalizing the destruction of software pirates' computers is
a reasonable course of action?" Here are the results from the 287
votes.
   -  7% Yes
   - 93% No

New Instant Poll: Handling Spam
   The next Instant Poll question is, "Which is the best approach to
handling spam?" Go to the Security Administrator Channel home page and
submit your vote for a) Networks should operate their own filtering
technology, b) Users should have to "opt-in" to receive spam from a
given source, c) Users should have to "opt-out" to not receive spam
from a given source, or d) Other (email your idea to
security () winnetmag com).
   http://www.secadministrator.com

==== 6. Security Toolkit ====

Virus Center
   Panda Software and the Windows & .NET Magazine Network have teamed
to bring you the Center for Virus Control. Visit the site often to
remain informed about the latest threats to your system security.
   http://www.secadministrator.com/panda

FAQ: What Automated Procedure Can I Use to Disconnect All Users from
My Server at a Certain Time Each Day?
   (contributed by Randy Franklin Smith, rsmith () montereytechgroup com)

Run the Net Session command to receive a list of all remote users and
computer names connected to your computer. To log those users off of
your server, type

   net session /delete /y

The /y parameter instructs Windows 2000 not to ask for confirmation
before disconnecting these users, which means that you can use Task
Scheduler to configure the command to run without your intervention or
oversight. Note that this command logs off all remote users, even
those who have files open.

==== 7. Event ====

New--Mobile & Wireless Road Show!
   Learn more about the wireless and mobility solutions that are
available today! Register now for this free event!
   http://list.winnetmag.com/cgi-bin3/DM/y/eRhZ0CJgSH0CBw0BA8Y0AU

==== 8. New and Improved ====
   by Sue Cooper, products () winnetmag com

Conduct Network Security Audits
   GFI released GFI LANguard Network Security Scanner (NSS) 3.2, a
tool for conducting network security audits of Windows machines and
remotely deploying patches and service packs. GFI LANguard NSS detects
network vulnerabilities, generates vulnerability reports, and remotely
installs security patches without user intervention. Prices start at
$249 for 50 IPs and $895 for unlimited IPs. Contact GFI at
800-243-4329.
   http://www.gfi.com/lannetscan

Submit Top Product Ideas
   Have you used a product that changed your IT experience by saving
you time or easing your daily burden? Do you know of a terrific
product that others should know about? Tell us! We want to write about
the product in a future What's Hot column. Send your product
suggestions to whatshot () winnetmag com.

==== 9. Hot Thread ====

Windows & .NET Magazine Online Forums
   http://www.winnetmag.com/forums

Featured Thread: Using Subinacl to Change Ownership on All Files in a
Directory Tree
   (One message in this thread)

A user writes that he's been trying to use Subinacl from the
"Microsoft Windows NT 4.0 Resource Kit" to change all the file and
directory ownership details on 500+ disk drives before a migration.
However, using the tool with the documented syntax (subinacl
/subdirectories g:\users\<username>\*.* /setowner=<domain
name>\username) lets the changes go down only one directory level.
(Using the tool from the "Microsoft Windows 2000 Resource Kit" on a
Win2K Server with the same command structure does change permissions
all the way down a directory tree.) Does anyone know a way to make the
needed changes on NT 4.0? Lend a hand or read the responses:
   http://www.winnetmag.com/forums/rd.cfm?cid=42&tid=60536

==== Sponsored Links ====

AutoProf
   Jerry Honeycutt Desktop Deployment Whitepaper
   http://list.winnetmag.com/cgi-bin3/DM/y/eRhZ0CJgSH0CBw0BBDo0A4

===================

==== 10. Contact Us ====

About the newsletter -- letters () winnetmag com
About technical questions -- http://www.winnetmag.com/forums
About product news -- products () winnetmag com
About your subscription -- securityupdate () winnetmag com
About sponsoring Security UPDATE -- emedia_opps () winnetmag com

====================
   This email newsletter is brought to you by Security Administrator,
the print newsletter with independent, impartial advice for IT
administrators securing Windows and related technologies. Subscribe
 today.
   http://www.secadministrator.com/sub.cfm?code=saei25xxup

Thank you!
__________________________________________________________
Copyright 2003, Penton Media, Inc.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.