Windows & .NET Magazine Security UPDATE--Fending Off Viruses and Spam--March 10, 2004

[InfoSec News <isn () c4i org>]

====================

==== This Issue Sponsored By ====

Symantec V2i Protector--Real-time Backup/Recovery
   http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BGE30A6

Symantec ON iPatch--Enterprise Patch Management Solution
   http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BGFB0AN

====================

* In Focus: Fending Off Viruses and Spam

* Security News and Features
   - Feature: Email Security Suites
   - Feature: Using Windows Mobile 2003 to Access Exchange
   - Feature: Windows XP SP2 Beta Review
   - News: Hundreds of Windows XP Registry Tweaks

* New and Improved
   - Enable Secure Remote Access
   - Policy-Based Remote-Access Security Solution

====================

==== Sponsor: Symantec V2i Protector–-Real-time Backup/Recovery ====
   In the event of a security threat or disaster V2i Protector
provides a real-time, disk-based backup and disaster recovery solution
designed to capture a system's active state, including all
server/desktop files and configurations.
   Using V2i Protector, you can quickly restore failed systems to a
specified point-in-time without taking hours to manually reinstall and
restore data from tape backup or rebuilding from scratch. Perform a
full system restoration, a complete bare metal restoration or restore
individual files and folders in minutes.
   V2i Protector also creates exact backups of volumes/partitions
through the use of snapshot technology. This captures all files and
system personalities and configurations. Backups are created without
disrupting data access or application usage.
   Click here to download an evaluation version today
   http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BGE30A6

====================

==== In Focus: Fending Off Viruses and Spam ====
   by Mark Joseph Edwards, News Editor, mark at ntsecurity dot net

Last week, I wrote about three SMTP authentication solutions that
might help curb junk email and the influx of viruses, worms, and
Trojan horses. Sender Policy Framework (SPF) is already rolled out to
more than 7500 networks; the other two solutions, DomainKeys and
Caller ID for E-Mail, are still in the design and testing phases.
However, it's possible that later this year, DomainKeys and Caller ID
will become available to the public, so you might soon be able to
begin implementing and testing them on your own networks.

For the next 2 weeks, we're conducting a poll that asks which of the
three solutions your company might implement. Please take a moment to
respond to the poll, which you'll find on our Security Web page.
   http://www.winnetmag.com/windowssecurity

In the meantime, a couple other options can help you eliminate junk
mail and prevent malicious software (malware) from entering your
network. One technique that many people use is disposable email
addresses--in other words, using a free email address when you sign up
for newsgroups and mailing lists and changing the address when it
begins to receive a lot of unwanted email.

Spammers harvest email addresses from Web sites, newsgroups, and
mailing lists, so if your email address is posted in any of those
formats or forums, it's likely to begin receiving junk mail. For
example, you might think your participation in a private, members-only
mailing list wouldn't lead to the exposure and misuse of your email
address. But if someone archives that mailing list to a Web site
(which is the case with numerous security-related mailing lists),
eventually spammers will harvest the email addresses for their own
use.

Managing disposable email addresses might seem tedious at first. You
must delete the old address, create a new one, and change your email
address for any forum memberships, but those steps take only a few
minutes and are probably far less time-consuming than filtering junk
mail over long periods of time.

Another technique some of you can use is called selective mail
download. Email clients such as Eudora and Pegasus have such a
feature; Microsoft Outlook and Mozilla don't (at least they didn't the
last time I checked). Selective mail download is when a mail client
downloads a list of the headers of all the messages waiting for the
user on the mail server. The displayed list typically includes the To,
From, Subject, Date, and Size parameters of each waiting message. The
user can then choose which messages to download and which messages to
delete. The user can also view a message's complete SMTP header as
written by the mail servers.

The selective mail download technique doesn't prevent you from having
to work with junk mail, but it does let you filter out countless
viruses, worms, Trojan horses, and junk messages before they make it
to your email client. It also lightens the load on desktop antivirus
and spam-filtering solutions.

Check whether your email client software supports a selective mail
download feature. If your client does, consider using the feature; if
not, consider asking your email software vendor to add it.

Microsoft Security Strategies
   Network security is at the forefront of everyone's minds. Microsoft
has teamed with Avanade and Network Associates to bring you a full day
of training to better help you secure your organization and keep it
secure. The event is scheduled for April 8 in Phoenix.
   http://www.winnetmag.com/events/index.cfm?filter=event&fid=430

   If you haven't visited our Event Central Web site recently, check
it out. You'll find information about this event and many others.
Event Central provides a comprehensive listing of trade shows,
conferences, and Web seminars targeted to the IT user.
   http://www.winnetmag.com/events

====================

==== Sponsor: Symantec ON iPatch - Enterprise Patch Management
Solution ====
   ON iPatch allows you to proactively patch and secure thousands of
computers simultaneously--including remote and mobile computers, no
matter where they are located or connected--and rapidly recover from
virus corruption, without the significant cost and time delay by
sending IT staff to remote locations.
   As a result, ON iPatch allows you to cost effectively protect all
your business-critical systems and minimize the substantial risk of
lost revenue and downtime caused by future virus and worms.
   Click here to download an evaluation version today
   http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BGFB0AN

====================

==== Announcements ====
   (from Windows & .NET Magazine and its partners)

Windows Scripting Solutions for the Systems Administrator
   You might not be a programmer, but that doesn't mean you can't
easily learn to create and deploy timesaving, problem-solving scripts.
Discover Windows Scripting Solutions, the monthly print publication
that helps you tackle common problems and automate everyday tasks with
simple tools, tricks, and scripts. Try a sample issue today!
   http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BFyu0A3

Register Today for Microsoft Tech·Ed 2004
   Don't miss Tech·Ed 2004 -- May 23-28, 2004 in San Diego, CA -- the
definitive Microsoft conference for building, deploying, securing and
managing connected solutions. You'll find 11 conference tracks and
over 400 sessions. Get answers to your technical questions, meet
industry experts, evaluate new products, and take advantage of
extensive networking opportunities. Register today.
   http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BGE40A7

Free Web Seminar--Streamline User Provisioning and Password Management
   Analysts estimate that it costs as much as $50 every time a user
calls the Help desk with a password-related problem. In this Web
seminar, you'll discover the tangible benefits of automating,
provisioning, and centralizing password management as well as how to
reduce support costs and security breaches by leveraging Windows
Server 2003 technology. Register today!
   http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BFH30A8

====================

==== Sponsor: Virus Update from Panda Software ====
   Are your traditional antivirus solutions really protecting your
network? Panda Antivirus GateDefender is a dedicated hardware device
installed at the Internet gateway to block viruses before they
contaminate your network. It scans 7 different communication
protocols, achieving optimum protection against external attacks.
Panda Antivirus GateDefender 7100 (25-500 seats) & Panda Antivirus
GateDefender 7200 (500 seats+) provide the highest scalability with
native load balancing that transparently adapts to traffic volume.
   Visit "Panda's GateDefender Stands Guard!" at
   http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BEGa0Ar
for more information.

====================

==== Security News and Features ====

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these discoveries
at
   http://www.winnetmag.com/departments/departmentid/752/752.html

Feature: Email Security Suites
   The enterprise is experiencing an email security crisis. Spam now
constitutes more than 50 percent of all email, and one in every 30
email messages contains a computer worm or virus. Apart from the real
damage these scourges can do, they eat up CPU resources, deplete
bandwidth, take up disk space, and waste our time. Protecting and
reclaiming email servers from this onslaught should be a top priority
for every network administrator. Check out products that can help in
our Email Security Suites Buyer's Guide.
   http://www.winnetmag.com/article/articleid/41397/41397.html

Feature: Using Windows Mobile 2003 to Access Exchange
   Last summer, Microsoft released Windows Mobile 2003, the successor
to Pocket PC 2002. If you're considering implementing a Windows Mobile
device as a PDA standard in your enterprise, you'll want to know about
the new and updated Windows Mobile 2003 connectivity and email
features and some improvements that will enhance the security of your
mail system and your enterprise. Read all about how Windows Mobile
2003 accesses Exchange Server in Joseph Neubauer's article.
   http://www.winnetmag.com/article/articleid/41347/41347.html

Feature: Windows XP SP2 Beta Review
   In January, Microsoft issued a semipublic beta of its upcoming
Windows XP Service Pack 2 (SP2), a major upgrade that's focused
largely on security. The XP SP2 beta isn't complete, but it does
provide an interesting look at the direction the company is taking
with its so-called "Springboard" security technologies, which are
designed to retroactively apply recent security thinking to older
products. Sneak a peek into XP SP2 in Paul Thurrott's review.
   http://www.winsupersite.com/reviews/windowsxp_sp2_preview2.asp

News: Hundreds of Windows XP Registry Tweaks
   The Daily Rotation Web site mirrors news from Geek News Central
(GNC) and various other sites. Recently, when I was scanning headlines
at Daily Rotation, I noticed that GNC had posted a link to the Kelly's
Korner site, which has loads of information for Windows XP users. One
resource I found interesting is the XP Tweaks section, in which you'll
find hundreds of registry tweaks for all sorts of situations, many of
which are tweaks that affect security in one way or another. If you
use XP, you might want to check it out.
   http://www.kellys-korner-xp.com/xp_tweaks.htm

====================

==== Hot Release ====
Assure On-line Compliance--an on-demand Webcast
   Is your organization up to speed on best practices in website
 management?
   Many organizations find that website management is a critical top
and bottom line business issue, but surprisingly, on-line compliance
is often overlooked. To view an on-demand Webcast "Assuring On-line
Compliance with Industry Standards and Current Legislation" go to:
   http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BFQa0A3

====================

==== Instant Poll ====

Results of Previous Poll
   The voting has closed in the Windows & .NET Magazine Network
Security Web page nonscientific Instant Poll for the question, "Do you
rely on bootable Windows or Linux disks for system recovery and
analysis?" Here are the results from the 58 votes.
   - 33% Yes (Windows)
   - 36% Yes (Linux)
   - 19% No, but I plan to start
   - 12% No, and I don't plan to start

New Instant Poll
   The next Instant Poll question is, "Does your company plan to
implement a server-based mail-authentication solution?" Go to the
Security Web page and submit your vote for
   - Yes, Sender Policy Framework
   - Yes, DomainKeys
   - Yes, Caller ID for E-Mail
   - Yes, two or more of the above
   - No
   http://www.winnetmag.com/windowssecurity

==== Security Toolkit ====

Virus Center
   Panda Software and the Windows & .NET Magazine Network have teamed
to bring you the Center for Virus Control. Visit the site often to
remain informed about the latest threats to your system security.
   http://www.winnetmag.com/windowssecurity/panda

Virus Alert: Netsky.D
   A new variant of the Netsky worm, Netsky.D, is spreading rapidly.
The worm spreads by sending copies of itself through its own SMTP
engine. Copies of the worm target email addresses harvested by
scanning disk drives (C through Z) of an infected system and network.
Netsky.D tries to disable other worms, such as MyDoom.A and MyDoom.B,
and deletes various registry keys.
http://www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=45205&sind=0

Virus Alert: New Bagle Variants
   Several new variants of the Bagle virus, including Bagle.F,
Bagle.G, Bagle.H, Bagle.I, Bagle.J, and Bagle.K, have emerged. They
each spread through email and can reach a computer in an attached .zip
file that's password protected and thus can't be scanned by some
antivirus software.
http://www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=45300&sind=0

FAQ: How can I restore the contents of the Default Domain and Default
Domain Controller Group Policy Objects (GPOs)?
   by John Savill, http://www.winnetmag.com/windowsnt20002003faq

A. You shouldn't modify the Default Domain and Default Domain
Controller GPOs. Instead, you should create new GPOs and link them to
the relevant containers. However, if you've already modified a GPO and
want to restore the default content, perform the steps outlined in
this FAQ:
   http://www.winnetmag.com/article/articleid/41878/41878.html

Featured Thread: Application Service Ports
   (Two messages in this thread)
   Christian writes that his company is in the process of setting up
security for its new Web application. The Web application is developed
in ASP.NET Framework and requests data from Microsoft SQL Server 2000,
which generates the reports for the clients. His company needs to
tighten security between the Web server in the demilitarized zone
(DMZ) and the internal network on which the SQL Server system resides.
Christian wants to know what service ports must be open for mixed-mode
authentication for access between the Web server and SQL Server. Lend
a hand or read the responses:
http://www.winnetmag.com/forums/messageview.cfm?catid=42&threadid=117538

==== Event Central ====
   (A complete Web and live events directory brought to you by Windows
& .NET Magazine: http://www.winnetmag.com/events )

New--Microsoft Security Strategies Roadshow!
   We've teamed with Microsoft, Avanade, and Network Associates to
bring you a full day of training to help you get your organization
secure and keep it secure. You'll learn how to implement a
patch-management strategy; lock down servers, workstations, and
network infrastructure; and implement security policy management.
Register now for this free, 20-city tour.
   http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BELe0A1

==== New and Improved ====
   by Jason Bovberg, products () winnetmag com

Enable Secure Remote Access
   AEP Systems announced the advanced edition of AEP SureWare A-Gate
AG-600, a 19" rack-mount appliance for small and midsized enterprises
that offers secure remote access to company applications and
resources. SureWare A-Gate AG-600's A-Gate Anywhere component lets
employees and partners access email and other Web-enabled or Windows
Terminal Services applications from any PC running a standard browser.
The appliance's A-Gate Central component gives road warriors and
remote workers full access to client/server applications from a client
PC. SureWare A-Gate AG-600 permits remote access for as many as 400
online users and costs $8995. For more information, contact AEP
Systems on the Web.
   http://www.aepsystems.com

Policy-Based Remote-Access Security Solution
   OPSWAT and Shavlik Technologies signed an OEM and comarketing
agreement, and OPSWAT released OPSTOP SecurePatch, an enterprise
security solution that lets you create and enforce policies
guaranteeing that only well-patched hosts can gain remote access to
networks. To create a policy, you define an exact list of the required
patches or use an automatically updated list (from Microsoft, for
example). OPSTOP SecurePatch leverages Shavlik's HFNetChk scanning
engine and Shavlik's HFNetChkPro patch-management solution. For more
information about the partnership and the products, contact OPSWAT at
415-543-1534. You can also reach the company on the Web.
   http://www.opswat.com

Tell Us About a Hot Product and Get a T-Shirt!
   Have you used a product that changed your IT experience by saving
you time or easing your daily burden? Tell us about the product, and
we'll send you a Windows & .NET Magazine T-shirt if we write about the
product in a future Windows & .NET Magazine What's Hot column. Send
your product suggestions with information about how the product has
helped you to whatshot () winnetmag com.

==== Contact Us ====

About the newsletter -- letters () winnetmag com
About technical questions -- http://www.winnetmag.com/forums
About product news -- products () winnetmag com
About your subscription -- securityupdate () winnetmag com
About sponsoring Security UPDATE -- emedia_opps () winnetmag com
Primary/Secondary Sponsor: Symantec -- http://www.symantec.com

This email newsletter is brought to you by Windows & .NET Magazine,
the leading publication for IT professionals deploying Windows and
related technologies. Subscribe today.
   http://www.winnetmag.com/sub.cfm?code=wswi201x1z

You received this email message because you asked to receive
additional information about products and services from the Windows &
.NET Magazine Network. To unsubscribe, send an email message to
mailto:Security-UPDATE_Unsub () list winnetmag com. Thank you!

View the Windows & .NET Magazine privacy policy at
http://www.winnetmag.com/AboutUs/Index.cfm?action=privacy

Windows & .NET Magazine, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2004, Penton Media, Inc. All rights reserved.




-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo () attrition org with 'unsubscribe isn'
in the BODY of the mail.