Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Windows & .NET Magazine Security UPDATE - November 12, 2003

From: InfoSec News <isn () c4i org>
Date: Thu, 13 Nov 2003 07:50:49 -0600 (CST)
====================

==== This Issue Sponsored By ====

Protocom Development Systems
   http://list.winnetmag.com/cgi-bin3/DM/y/edZN0CJgSH0CBw0BC8w0As 

VeriSign - The Value of Trust
   http://list.winnetmag.com/cgi-bin3/DM/y/edZN0CJgSH0CBw0BDeV0A6 

====================

1. In Focus: Is It Time for Security Bug Bounties?

2. Announcements
     - Order Windows & .NET Magazine and the Article Archive CD at One Low
       Rate!
     - We Need Your Feedback

3. Security News and Features
     - Recent Security Vulnerabilities
     - News: Microsoft Funds Bounty Hunters to Track Down Malicious Coders
     - Buyer's Guide: Single Sign-On Products 
     - News: NetScreen Announces Deep Inspection Firewall

4. Instant Poll
     - Results of Previous Poll: Work Responsibilities
     - New Instant Poll: Security Bug Bounty

5. Security Toolkit
     - Virus Center
     - FAQ: When does Windows Installer use elevated privileges?
     - Featured Thread: Encrypting AD

6. Event
     - Check Out 4 New Upcoming Web Seminars

7. New and Improved
     - Firewall Appliances Offer Integrated Security
     - Cobion Adds Sophos Virus Detection
     - Tell Us About a Hot Product and Get a T-Shirt

8. Contact Us 
   See this section for a list of ways to contact us. 

==================== 

==== Sponsor: Protocom Development Systems ====

   Single sign-on does exist, even for heterogeneous environments, with 
SecureLogin Single Sign-On or SecureLogin Password Management Suite. 
Increase security while enhancing the end-user experience. It is 
possible. SecureLogin was named TechEd Best of Show in the security 
category. Request your evaluation copy of SecureLogin Single Sign-On. 
   http://list.winnetmag.com/cgi-bin3/DM/y/edZN0CJgSH0CBw0BC8w0As 

====================

==== 1. In Focus: Is It Time for Security Bug Bounties? ====
   by Mark Joseph Edwards, News Editor, mailto:mark () ntsecurity net

A few weeks ago, I wrote about the Microsoft Most Valuable Professional 
(MVP) program in which some MVPs will be allowed restricted access to parts 
of Microsoft's code. I expressed doubts that such code access would have 
any significant effect on the security of Windows platforms. 

One reader pointed out that many MVPs are talented people who do 
occasionally find security problems in Microsoft code. I have no idea who 
participates in the MVP program. I do know that a vast pool of proven 
programmers who understand security regularly discover bugs in code even 
without being able to examine source code. So I, along with others, wonder 
what could such people achieve if they could view source code. 

You might have heard the news by now that Microsoft has put a $250,000 
bounty on the heads of the person or people who unleashed the MSBlaster and 
Sobig worms onto the public. The bounty money is part of a $5 million fund 
Microsoft has launched to aid the capture of future malicious code writers. 
You can link to the story from the Security News and Features section 
below.

I expect most of you think it sounds reasonable to offer a reward, and I 
agree. However, I wonder why the company doesn't create a similar or larger 
fund to reward those who capture and correct bugs in its software? A bug 
bounty would benefit the public as much, or perhaps even more than the 
capture of a few contemptuous criminals. What better way to convert 
potential perpetrators (and keep honest people honest) than by putting them 
indirectly on the payroll by offering them bounty money to seek out 
security bugs in the world's most widely used code base? Microsoft's 
reputation and public image, its products, and public safety around the 
world would benefit. Many people have expressed similar sentiments in 
various online forums, but will such an idea ever become a reality through 
Microsoft--or any other software company? We'll have to wait and see. 

We're conducting a new poll this week that asks the question, "Regarding 
Microsoft's $5 million bounty to capture and convict malicious coders, 
could the money be better spent?" Stop by the Windows & .NET Magazine 
Security Hot Topic home page and offer your answer. 
    http://www.winnetmag.com/windowssecurity

====================

==== Sponsor: VeriSign - The Value of Trust ====

   Secure all your Web servers now - with a proven 5-part strategy. The 
FREE Server Security Guide shows you how:
   * DEPLOY THE LATEST ENCRYPTION and authentication techniques
   * DELIVER TRANSPARENT PROTECTION with the strongest security without 
disrupting users. And more. Get your FREE Guide now:
   http://list.winnetmag.com/cgi-bin3/DM/y/edZN0CJgSH0CBw0BDeV0A6 

====================

==== 2. Announcements ====
   (from Windows & .NET Magazine and its partners)

Order Windows & .NET Magazine and the Article Archive CD at One Low Rate!
   What's better than Windows & .NET Magazine? Try Windows & .NET Magazine 
and the Windows & .NET Magazine Article Archive CD at one super low 
rate. Read Windows & .NET Magazine in the office. Take the Article 
Archive CD with you on the road. Subscribe now!
   http://list.winnetmag.com/cgi-bin3/DM/y/edZN0CJgSH0CBw0BDQB0AR

We Need Your Feedback
   In order to improve our security-related content in our Microsoft 
Security Watch newsletter, we need your opinion about what issues are of 
greatest importance to you and your organization. It only takes a few 
minutes to respond and complete the survey at
   http://list.winnetmag.com/cgi-bin3/DM/y/edZN0CJgSH0CBw0BDXG0Ad

====================

==== Sponsor: Virus Update from Panda Software ====

   Check for the latest anti-virus information and tools, including weekly 
virus reports, virus forecasts, and virus prevention tips, at Panda 
Software's Center for Virus Control.
   http://list.winnetmag.com/cgi-bin3/DM/y/edZN0CJgSH0CBw0BDeW0A7 
   Viruses routinely infect "fully protected" networks. Is total protection 
possible? Find answers in the free guide HOW TO KEEP YOUR COMPANY 100% 
VIRUS FREE from Panda Software. Learn how viruses enter networks, what 
they do, and the most effective weapons to combat them. Protect your 
network effectively and permanently - download today! 
   http://list.winnetmag.com/cgi-bin3/DM/y/edZN0CJgSH0CBw0BBDp0Aw 

====================

==== 3. Security News and Features ====

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security Alerts, 
which inform you about recently discovered security vulnerabilities. You 
can also find information about these discoveries at
   http://www.winnetmag.com/departments/departmentid/752/752.html

News: Microsoft Funds Bounty Hunters to Track Down Malicious Coders
   Microsoft announced that it has created a new program, the Anti-Virus 
Reward Program, and funded it with $5 million to pay for information 
leading to the arrest and conviction of virus spreaders. The company 
said the new program is "an old fashioned criminal justice tactic to 
help solve a modern day problem."
   http://winnetmag.com/articles/index.cfm?articleid=40768

Buyer's Guide: Single Sign-On Products 
   In many organizations, users struggle with having to sign on multiple 
times to access different applications, Web portals, and servers. As the 
number of mandatory unique sign-ons grows, the burden on users to 
remember numerous usernames and passwords increases. Unfortunately, 
reducing the need for multiple sign-ons isn't a simple task. Here are 
some products that help ease authentication.  
   http://winnetmag.com/articles/index.cfm?articleid=40453

News: NetScreen Announces Deep Inspection Firewall
   NetScreen Technologies announced a new type of firewall, which the 
company has named the Deep Inspection firewall. The firewall provides 
application-level intrusion protection along with stateful inspection 
capabilities.
   http://winnetmag.com/articles/index.cfm?articleid=40658

====================

==== 4. Instant Poll ====

Results of Previous Poll: Work Responsibilities
   The voting has closed in the Windows & .NET Magazine Network Security 
Hot Topic nonscientific Instant Poll for the question, "Which of the 
following options best describes your work-related responsibilities?" 
Here are the results from the 52 votes.
   - 17% Administration only
   - 4% Administration and auditing
   - 52% Administration, auditing, and network monitoring
   - 10% Networking monitoring and auditing
   - 17% Development

New Instant Poll: Security Bug Bounty
   The next Instant Poll question is, "Regarding Microsoft's $5 million 
bounty to capture and convict malicious coders, could the money be 
better spent?" Go to the Security Hot Topic home page and submit your 
vote for 
   - Yes, by paying non-Microsoft security researchers to find bugs
   - Yes, by paying Microsoft programmers to find bugs
   - Yes, by paying both non-Microsoft researchers and Microsoft 
programmers
   - No, it's exactly the thing to do
   http://www.winnetmag.com/windowssecurity

==== 5. Security Toolkit ==== 

Virus Center
   Panda Software and the Windows & .NET Magazine Network have teamed to 
bring you the Center for Virus Control. Visit the site often to remain 
informed about the latest threats to your system security.
   http://www.winnetmag.com/windowssecurity/panda

FAQ: When does Windows Installer use elevated privileges?
   by John Savill, http://www.winnetmag.com/windowsnt20002003faq 

A. You can use a tool such as Group Policy to perform a managed 
installation of a Windows Installer file, or you can manually install a 
Windows Installer file. Some applications that you install with a Windows 
Installer file require elevated privileges to access file system areas or 
registry keys. When you use a tool such as Group Policy to install a 
Windows Installer file that deploys an application to a user's system, the 
application runs with elevated privileges (e.g., system permissions) that 
replace the user's limited permissions. However, when a user uses a Windows 
Installer file to install an application manually, the installation is 
limited by the user's current privilege level, which might cause some 
installations to fail.

You can configure a system to run all Windows Installer installations, 
including manual installations, with elevated privileges. However, keep in 
mind that doing so carries the risk that a skilled user could use the 
elevated privileges to access areas of the system that would otherwise be 
protected. For information about how to configure all Windows Installer 
installations to use elevated privileges, see the FAQ "How can I configure 
all Windows Installer installations to run with elevated privileges?" 
   http://www.winnetmag.com/article/articleid/40694/40694.html 

If you enable a Group Policy Object (GPO) to let all installations run with 
elevated privileges, be aware that if you install an application on a 
per-machine basis (i.e., all users on that machine can use it), any repair 
operations performed for that application will run with elevated 
privileges, even if you remove the GPO. If, however, you install an 
application on a per-user basis, then remove the GPO, any attempts to 
repair that application might fail because the elevated privileges no 
longer apply.

Featured Thread: Encrypting AD
   (Four messages in this thread)
   Chris wants to know whether he can encrypt the Windows 2000 Active 
Directory (AD) components, namely the C:\winnt\ntds folder and its 
contents (ntds.dit and log files), and the C:\winnt\sysvol folder and 
its contents. He has just implemented the Encrypting File System (EFS) 
to encrypt Microsoft SQL Server, and he'd like to do the same for the AD 
folders. If applying EFS isn't possible, can he secure the contents of 
AD some other way? Lend a hand or read the responses:
http://www.winnetmag.com/Forums/messageview.cfm?catid=42&threadid=64863

==== 6. Event ====

Check Out 4 New Upcoming Web Seminars
   Sign up today for these upcoming Web seminars: Access Control for the 
Web (NEW!), Assess IM Risks on Your Network, Five Keys to Choosing the 
Right Patch Management Solution, and The Secret Costs of Spam ... What 
You Don't Know Can Hurt You. Don't miss these free events!
   http://www.winnetmag.com/seminars

==== 7. New and Improved ====
   by Jason Bovberg, products () winnetmag com

Firewall Appliances Offer Integrated Security
   Symantec announced the Symantec Gateway Security 5400 Series, the 
company's new line of firewall appliances. The appliances offer 
customers a ready-to-deploy network security solution designed to 
protect against various types of malicious threats, including blended 
Internet threats such as Blaster, Slammer, and Sobig. The solutions 
provide comprehensive gateway-level protection by integrating 
intrusion-prevention, intrusion-detection, antivirus, content-filtering, 
VPN, and antispam technologies in one device. The Symantec Gateway 
Security 5400 Series comes in three models--the 5420, 5440, and 
5460--starting at an estimated retail price of $3995. For more 
information about the firewall appliances, contact Symantec on the Web.
   http://www.symantec.com 

Cobion Adds Sophos Virus Detection 
   Cobion announced that it will add the Sophos virus-detection engine as a 
plugin to its email-security product, OrangeBox Mail 2.0. OrangeBox Mail 
2.0 checks all incoming and outgoing email messages and filters spam. 
Sophos's virus-detection technology checks all incoming, outgoing, and 
internal mail messages for viruses before the messages arrive at the 
user's mailbox or are sent out to the Internet. The software refuses and 
quarantines any attachments that contain viruses. For more information 
about OrangeBox Mail 2.0 and Sophos, contact Cobion and Sophos on the 
Web.
   http://www.cobion.com
   http://www.sophos.com

Tell Us About a Hot Product and Get a T-Shirt!
   Have you used a product that changed your IT experience by saving you 
time or easing your daily burden? Tell us about the product, and we'll 
send you a Windows & .NET Magazine T-shirt if we write about the product 
in a future Windows & .NET Magazine What's Hot column. Send your product 
suggestions with information about how the product has helped you to 
whatshot () winnetmag com.

===================

==== Sponsored Links ====

Argent
   Comparison Paper: The Argent Guardian Easily Beats Out MOM
http://list.winnetmag.com/cgi-bin3/DM/y/edZN0CJgSH0CBw0BDWV0Ar

NetIQ
   Check out our free web seminar on The Costs of Spam - Nov. 18!
http://list.winnetmag.com/cgi-bin3/DM/y/edZN0CJgSH0CBw0BDeX0A8

===================

==== 8. Contact Us ==== 

About the newsletter -- letters () winnetmag com
About technical questions -- http://www.winnetmag.com/forums
About product news -- products () winnetmag com
About your subscription -- securityupdate () winnetmag com
About sponsoring Security UPDATE -- emedia_opps () winnetmag com

This email newsletter is brought to you by Security Administrator, the 
print newsletter with independent, impartial advice for IT administrators 
securing Windows and related technologies. Subscribe today.
https://secure.pentontech.com/nt/security/index.cfm?promocode=00&Code=ei25xxup

Copyright 2003, Penton Media, Inc.



-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.
Previous By Date Next
Previous By Thread Next

Current thread: