Information Security News mailing list archives
Windows & .NET Magazine Security UPDATE--November 5, 2003
From: InfoSec News <isn () c4i org>
Date: Thu, 6 Nov 2003 03:20:41 -0600 (CST)
==================== ==== This Issue Sponsored By ==== Shavlik HFNetChkPro AdminSuite http://list.winnetmag.com/cgi-bin3/DM/y/edVd0CJgSH0CBw076e0AY NetIQ http://list.winnetmag.com/cgi-bin3/DM/y/edVd0CJgSH0CBw0BDZP0A7 ==================== 1. In Focus: Spreading Use of Personal Firewalls 2. Announcements - New Windows & .NET Magazine Web Site Unveiled! - Readers' Choice and Best of Show Nominees and Winners 3. Security News and Features - Recent Security Vulnerabilities - News: Infonetics Projects Massive Growth for Wireless and Security - News: Verizon Offers Managed Security Services - News: NetScreen Announces Deep Inspection Firewall 4. Security Toolkit - Virus Center - Virus Alert: Sober.A - FAQ: What permissions do I need to install the Windows 2000 Server Terminal Services client on Windows Server 2003 and Windows XP? - Featured Thread: Disable Modem on LAN-Connected Computer 5. Event - Don't Miss Our 4 New Web Seminars 6. New and Improved - Simple File Security - Remote Access for Small to Midsized Businesses - Tell Us About a Hot Product and Get a T-Shirt 7. Contact Us See this section for a list of ways to contact us. ==================== ==== Sponsor: Shavlik HFNetChkPro AdminSuite ==== As you prepare to roll out the next critical security patch, don't be sour. For a limited time, Shavlik is offering an exclusive opportunity to purchase HFNetChkPro AdminSuite for the price of HFNetChkPro. With a savings of over $1,000 and three notable security tools - patch management, assessment and account and password evaluation - it's a "suite" deal. Go to http://list.winnetmag.com/cgi-bin3/DM/y/edVd0CJgSH0CBw076e0AY for details. ==================== ==== 1. In Focus: Spreading Use of Personal Firewalls ==== by Mark Joseph Edwards, News Editor, mark () ntsecurity net Microsoft recently announced its campaign to "secure the perimeter" of Windows networks. We conducted a poll about Microsoft's campaign that asked the question, "Do you think Microsoft's 'Secure the Perimeter' strategy will significantly reduce the company's security problems?" The vast majority of respondents answered "No, Microsoft needs to address the underlying security of its products." http://www.winnetmag.com/poll/index.cfm?action=pollresults&q_id=1496 The impetus for securing the perimeter is obvious: If the perimeter is well secured, intrusion into vulnerable Windows systems is less likely and the stress on network administrators, the businesses they work for, and of course Microsoft's overall reputation is reduced. Interestingly enough, part of Microsoft's campaign to secure network perimeters involves securing machines that are inside the perimeter. The company plans modifications for Windows XP in the upcoming Service Pack 2 (SP2) that will make the built-in Internet Connection Firewall (ICF) technology more manageable--which might make administrators more inclined to use it. How many people use ICF technology now or might use it in the future is unknown. What is known is that a huge number of people rely on third-party desktop firewall products to protect their systems, especially mobile computers and pre-XP systems. Such products are typically more powerful than XP's built-in ICF, and Microsoft doesn't provide any kind of reasonable firewall technology for any Windows version earlier than XP. Even though many people use desktop firewall technology, many more Windows users probably don't. If they did use personal firewalls and locked them down properly, we wouldn't have to endure such nuisances as the MSBlaster worm, which affected hundreds of thousands of Windows systems around the world. An effort to get as many people as possible to load desktop firewalls would benefit everyone because Windows is buggy and has long remained the favorite target of large-scale attacks. One way to help expand the use of desktop firewalls is by spreading the word about how important they are. At the recent NTBugtraq conference in Canada, Paul Robertson (moderator of the firewall-wizards mailing list) discussed the possibility of a "personal firewall day"--a 1-day blitz aimed at enticing users everywhere into obtaining and installing personal firewalls. Whether such an effort would work remains to be seen, but the idea seems useful. NTBugtraq moderator Russ Cooper has put together a Web page (see the URL below) that contains a list of personal firewall software products and is working with Robertson to further develop the "personal firewall day" idea. Cooper said that we can expect more information about the project in the near future. Meanwhile, Cooper intends to conduct a poll to see which personal firewall products are the most popular. http://www.ntbugtraq.com/pfp.asp Public participation would obviously be necessary for the "personal firewall day" to succeed. If you're interested in the idea, be sure to read the NTBugtraq archives to watch for more details as they become available. http://www.ntbugtraq.com/default.asp?pid=36&sid=1 ==================== ==== Sponsor: NetIQ ==== Security Event Management Made Easy If you're drowning in a flood of data, you're probably having a hard time identifying and responding to security threats? As threats become more sophisticated and "blended" in nature, intelligent event correlation becomes a necessity to identify attack or policy violation patterns. Get the answers you need to deploy an effective Security Event Management solution. Download NetIQ's free white paper, "Security Event Management Made Easy." Discover how you can protect against inconsistency in policy execution and what every organization must consider when thinking about Security Event Management. http://list.winnetmag.com/cgi-bin3/DM/y/edVd0CJgSH0CBw0BDZP0A7 ==================== ==== 2. Announcements ==== (from Windows & .NET Magazine and its partners) New Windows & .NET Magazine Web Site Unveiled! We are proud to announce the new and improved Windows & .NET Magazine Web site. Discover the fresh, new look and a more simplified way to find answers, news, strategic guidance, and how-to information. Check out our new Web site at http://list.winnetmag.com/cgi-bin3/DM/y/edVd0CJgSH0CBw0owX0AM Readers' Choice and Best of Show Nominees and Winners The votes are in! We asked you, our readers, to give us your opinions about the latest industry products and services. Find out who is the best of the best! http://list.winnetmag.com/cgi-bin3/DM/y/edVd0CJgSH0CBw0BDBp0AG ==================== ==== Sponsor: Virus Update from Panda Software ==== Check for the latest anti-virus information and tools, including weekly virus reports, virus forecasts, and virus prevention tips, at Panda Software's Center for Virus Control. http://list.winnetmag.com/cgi-bin3/DM/y/edVd0CJgSH0CBw0BBlT0AS Viruses routinely infect "fully protected" networks. Is total protection possible? Find answers in the free guide HOW TO KEEP YOUR COMPANY 100% VIRUS FREE from Panda Software. Learn how viruses enter networks, what they do, and the most effective weapons to combat them. Protect your network effectively and permanently - download today! http://list.winnetmag.com/cgi-bin3/DM/y/edVd0CJgSH0CBw0BBDp0AG ==================== ==== 3. Security News and Features ==== Recent Security Vulnerabilities If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at http://www.winnetmag.com/departments/departmentid/752/752.html News: Infonetics Projects Massive Growth for Wireless and Security Infonetics Research said that it expects to see considerable growth in both wireless solutions and security solutions between 2003 and 2007. Based on studies of 225 European companies, Infonetics expects European spending on security and VPN technology to grow from $10.7 billion to $18.1 billion by 2007. http://www.winnetmag.com/article/articleid/40665/40665.html News: Verizon Offers Managed Security Services Verizon announced a new group of managed security solutions, Business Internet Security Services, aimed at small businesses. The services are the first in a series of managed services the company plans to offer to small and midsized businesses. http://www.winnetmag.com/article/articleid/40664/40664.html News: NetScreen Announces Deep Inspection Firewall NetScreen Technologies announced a new type of firewall, which the company has named the Deep Inspection firewall. The firewall provides application-level intrusion protection along with stateful inspection capabilities. http://www.winnetmag.com/article/articleid/40658/40658.html ==================== ==== Hot Release ==== Free Trial SSL Certificate from Thawte Take your first step towards giving your online business a competitive advantage. Test-drive a Thawte SSL certificate - our easy online guide will show you how. Click here to get started: http://list.winnetmag.com/cgi-bin3/DM/y/edVd0CJgSH0CBw0BC140Aw ==================== ==== 4. Security Toolkit ==== Virus Center Panda Software and the Windows & .NET Magazine Network have teamed to bring you the Center for Virus Control. Visit the site often to remain informed about the latest threats to your system security. http://www.winnetmag.com/windowssecurity/panda Virus Alert: Sober.A Sober.A reaches victims' computers in an email message with variable subjects, text, and attachment names in English or German. If the attached file containing Sober.A is run, a false error message is displayed. At the same time, the worm uses its own SMTP engine to send itself to all the addresses it finds in multiple files on the computer. One of the main dangers of Sober.A is that it leaves two resident copies of itself running continually. If a user terminates or deletes one of the copies, the other will create it again. For complete details on the worm, be sure to read Panda's report: http://www.pandasoftware.com/about/press/viewnews.aspx?noticia=4311 FAQ: What permissions do I need to install the Windows 2000 Server Terminal Services client on Windows Server 2003 and Windows XP? by John Savill, http://www.winnetmag.com/windowsnt20002003faq A: Windows 2003 and XP both ship with Remote Desktop Connection, which is the latest Terminal Services client. However, you might have a reason to install a previous version of the client. To do so, you must be a local administrator or have Write and Modify permissions on the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\MSLicensing\Store\MSLicensing registry value. Featured Thread: Disable Modem on LAN-Connected Computer (Three messages in this thread) A forum reader writes that his site uses Windows 2000 and Active Directory (AD) in one native mode domain, and all servers, desktops, and laptops in the domain use Windows 2000 with Service Pack 3 (SP3). He wants to know whether he can use group policies, registry hacks, or some other technique to disable the use of dial-up modems on any computer that's connected to or at least logged on to the domain. However, laptop computers would need to be able to dial when not connected to the LAN. Lend a hand or read the responses: http://www.winnetmag.com/forums/messageview.cfm?catid=42&threadid=64393 ==== 5. Event ==== Don't Miss Our 4 New Web Seminars Sign up today for these upcoming Web seminars: How to Pick the Right Anti-Spam Solution, Assessing IM Risks on Your Network, Choosing the Right Patch Management Solution, and the Costs of Spam. Don't miss these free events! http://list.winnetmag.com/cgi-bin3/DM/y/edVd0CJgSH0CBw02lB0Am ==== 6. New and Improved ==== by Jason Bovberg, products () winnetmag com Simple File Security Inv Softworks released Kryptel Encryption Suite 5.0, a single-click solution that simplifies file and folder encryption. Although the product strives for simplicity, it also offers advanced features that let you create encrypted filesets and perform batch-mode processing. You can use Kryptel's encrypted backup feature and efficient data compression to archive sensitive data. Kryptel uses the Advanced Encryption Standard (AES), but you can select other strong ciphers from the software's Crypto Settings panel. Kryptel Encryption Suite 5.0 costs $39.95 for a single-user license. Significant discounts are available for multiuser licenses. To download a free trial version, contact Kryptel on the Web. http://www.kryptel.com Remote Access for Small to Midsized Businesses AEP Systems announced AEP SureWare A-Gate AG-600, an advanced version of its Secure Sockets Layer (SSL) VPN appliance that offers secure access to company applications and resources. The product lets employees and partners access email and other Web-enabled or Terminal Services applications from any PC running a standard browser. The company is targeting its newly enhanced feature set toward small and midsized enterprises. AEP SureWare A-Gate AG-600 costs $8995. For more information, contact AEP Systems on the Web. http://www.aepsystems.com Tell Us About a Hot Product and Get a T-Shirt! Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to whatshot () winnetmag com. =================== ==== Sponsored Links ==== Argent Comparison Paper: The Argent Guardian Easily Beats Out MOM http://list.winnetmag.com/cgi-bin3/DM/y/edVd0CJgSH0CBw0BDWV0AB =================== ==== 7. Contact Us ==== About the newsletter -- letters () winnetmag com About technical questions -- http://www.winnetmag.com/forums About product news -- products () winnetmag com About your subscription -- securityupdate () winnetmag com About sponsoring Security UPDATE -- emedia_opps () winnetmag com This email newsletter is brought to you by Security Administrator, the print newsletter with independent, impartial advice for IT administrators securing Windows and related technologies. Subscribe today. https://secure.pentontech.com/nt/security/index.cfm?promocode=00&Code=ei25xxup Copyright 2003, Penton Media, Inc. - ISN is currently hosted by Attrition.org To unsubscribe email majordomo () attrition org with 'unsubscribe isn' in the BODY of the mail.
Current thread:
- Windows & .NET Magazine Security UPDATE--November 5, 2003 InfoSec News (Nov 06)