[ISN] Windows & .NET Magazine Security UPDATE--Wiping Old Hard Disks Clean--March 31, 2004

InfoSec News isn at c4i.org
Fri Apr 2 07:23:03 EST 2004


====================

==== This Issue Sponsored By ====

Symantec ON iPatch - First Enterprise Patch Management Solution
   http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0BGbT0AO

Symantec V2i Protector - Real-time Backup/Recovery
   http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0BGbS0AN

====================

* In Focus: Wiping Old Hard Disks Clean

* Security News and Features
   - News: Scripting MBSA 1.2
   - News: Windows 2003 AD Quotas
   - News: Cryptcat and Netcat; Secure Your Domain for 100 Years
   - News: Three Betas: XP SP2, LimitLogon, Mozilla 1.7

* New and Improved
   - Respond to Network Security Information in Real Time

====================

==== Sponsor: Symantec ON iPatch - First Enterprise Patch Management
Solution ====
   ON iPatch lets you proactively patch and secure thousands of
computers simultaneously - including remote and mobile computers, no
matter where they are located or connected - and rapidly recover from
virus corruption, without the significant cost and time delay of
sending IT staff to remote locations.
   ON iPatch proactively identifies and installs all missing patches
and removes unauthorized files and applications. It provides an
automated, unattended solution for a security audit of all your
managed computers, and has the ability to place corrupted computers in
"safe mode" and then execute remediation utilities off line in a 100%
unattended manner.
   Click here for more information:
   http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0BGbT0AO

====================

==== In Focus: Wiping Old Hard Disks Clean ====
   by Mark Joseph Edwards, News Editor, mark at ntsecurity dot net

A component that's typically changed during computer upgrades is the
hard disk. Users run out of space and need a larger disk, particularly
if their existing disks are somewhat old and therefore probably have
less capacity.

Swapping out disks or complete systems is common, but I wonder whether
you wipe clean your old disks before sending them off for recycling or
resale. If you do wipe the disks, are you sure that data can't be
recovered from them?

Some people might think that simply using Fdisk to destroy partitions
is a good enough technique for eliminating data. After all, if the
partitions are gone, who could recover the data, right? Wrong. Fdisk
changes only partition tables--it doesn't touch the other sectors on
the drive. So any data that users stored on those other sectors is
still there, which means that someone with a little knowledge could
recover that data.

Simson Garfinkel wrote the article "Hard Disk Risk" about a year ago
for CSO Magazine. In the article, Garfinkel talks about his adventures
in purchasing old hard drives at resale shops and the data that he
found on them. One drive was formerly used in an ATM machine and
contained a year's worth of transaction records; another drive had
more than 5000 credit card numbers; yet another had sensitive personal
information about an individual Only 10 percent of the drives
Garfinkel purchased were properly wiped of data.
   http://www.simson.net/clips/2003.CSO.04.hard_disk_risk.htm

To wipe a disk clean, you need to overwrite all sectors on a drive in
some fashion. Some disk-wiping tools can overwrite sectors numerous
times to better ensure that the magnetic flux (which is the means by
which data is recorded) is dramatically changed so that little if any
flux remains to be used toward data recovery. Or you might decide that
one overwrite process is enough for your needs.

Garfinkel raises an interesting question: If you give your old
hardware to resellers or other organizations, do you trust these
organizations to satisfactorily delete your data? You might consider
wiping your own drives before you release them from your control. To
get the job done, you might use Autoclave, LSoft Technologies'
Active at KillDisk, Stellar Information Systems' Stellar Wipe Safe Data
Eraser, Heidi Computers' Eraser, or any number of other tools designed
to destroy disk-based data.
   http://staff.washington.edu/jdlarios/autoclave
   http://www.killdisk.com
   http://www.stellarinfo.com/file-eraser.htm
   http://www.heidi.ie/eraser

If you're interested in some facts as well as theory about how someone
might recover data from your old drives and how disk-wiping technology
can help prevent that from happening, be sure to read Peter Gutmann's
extensive article on the subject.
http://www.usenix.org/publications/library/proceedings/sec96/full_papers/gutmann/

Last week, I requested feedback about this newsletter. I've received
numerous responses and want to thank those of you who did respond.
However, I'd like to hear from even more of you! If you're so
inclined, please email me your comments. If you missed last week's
editorial, you can read it at the URL below. In essence, I welcomed
any suggestions, comments, or critiques regarding this newsletter.
Send your response to mark at ntsecurity dot net, and please prefix
the subject line with "SECUPD" so that I can more easily identify
responses to this request.
   http://www.winnetmag.com/article/articleid/42127/42127.html

====================

==== Sponsor: Symantec V2i Protector – Real-time Backup/Recovery ====
   In the event of a security threat or disaster V2i Protector
provides a real-time, disk-based backup and disaster recovery solution
designed to capture a system's active state.  Using V2i Protector, you
can also quickly restore failed systems to a specified point-in-time
by performing a full system restoration, a complete bare metal
recovery or restore individual files and folders in minutes.
   V2i Protector creates exact backups of volumes/partitions through
the use of snapshot technology. This captures all files and volumes,
including system personalities and configurations.
   Click here to download an evaluation version today:
   http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0BGbS0AN

====================

==== Security News and Features ====

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these discoveries
at
   http://www.winnetmag.com/departments/departmentid/752/752.html

News: Scripting MBSA 1.2
   Updated sample scripts are now available for the Microsoft Baseline
Security Analyzer (MBSA) 1.2. Microsoft published the updates on March
17.
   http://www.winnetmag.com/article/articleid/42116/42116.html

Feature: Windows 2003 AD Quotas
   Windows Server 2003 has a new Active Directory (AD) quotas feature
that lets you monitor and limit the number of objects a security
principal (user, group, or computer) can create in a partition. This
feature is similar to the built-in quota that Windows 2000 and later
versions assign to authenticated users for creating computer objects
except that the new Windows 2003 quotas apply to all object types.
Robbie Allen explains the new feature in this article on our Web site.
   http://www.winnetmag.com/article/articleid/41898/41898.html

News: Cryptcat and Netcat; Secure Your Domain for 100 Years
   You've probably heard of Netcat, a flexible network utility that
can perform all sorts of functions. But have you heard of Cryptcat?
The tool has been around for almost 4 years, but plenty of people
don't know it exists. Network Solutions now lets you secure your
domain name for 100 years in advance for $999.
   http://www.winnetmag.com/article/articleid/42131/42131.html

News: Three Betas: XP SP2, LimitLogon, Mozilla 1.7
   Microsoft released Windows XP Service Pack 2 (SP2) to public beta
last week. Along with the beta, the company established 11 newsgroups
in which users can discuss various aspects of the service pack. The
ieXbeta.com Web site reports that Microsoft is now accepting
applications for beta testers of an upcoming Windows Server 2003
Resource Kit tool, LimitLogon, which will let you limit the number of
allowed concurrent sessions per user in an Active Directory (AD)
domain. The tool requires Windows 2003 and Microsoft IIS 6.0. The
Mozilla Organization released the Mozilla 1.7 public beta. The new
version includes improved cookie controls, support for SMTP "MSN
Authentication" in the mail client, performance improvements, and
several other enhancements.
   http://www.winnetmag.com/article/articleid/42093/42093.html

====================

==== Sponsor: Virus Update from Panda Software ====
   Are your traditional antivirus solutions really protecting your
network? Panda Antivirus GateDefender is a dedicated hardware device
installed at the Internet gateway to block viruses before they
contaminate your network. It scans 7 different communication
protocols, achieving optimum protection against external attacks.
Panda Antivirus GateDefender 7100 (25-500 seats) & Panda Antivirus
GateDefender 7200 (500 seats+) provide the highest scalability with
native load balancing that transparently adapts to traffic volume.
   Visit "Panda's GateDefender Stands Guard!" at
http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0BEGa0A7
for more information.

====================

==== Announcements ====
   (from Windows & .NET Magazine and its partners)

Windows & .NET Magazine Connections
   Windows & .NET Magazine Connections features speakers from
Microsoft and other top independent experts. Complete details about
workshops, breakout sessions, and speakers are now online. All
attendees will get a chance to win a Florida vacation. Keep your
competitive edge by learning from the world's best experts. Go online
now to register.
   http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0KXQ0A8

Take Our Brief Survey!
   Does your company use third-party management tools to manage your
Microsoft Windows network? If you do, Windows & .NET Magazine would
like to hear from you about your preferences. Please respond to our
short survey regarding Windows management tools and we'll enter you in
a drawing to win one of two $50 Amazon.com gift certificates.
   http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0BGAr0AL

====================

==== Hot Release: Free Trial SSL Certificate from Thawte ====
   Take your first step towards giving your online business a
competitive advantage. Test-drive a Thawte SSL certificate - our easy
online guide will show you how.
   Click here to get started:
   http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0BGmP0AV

====================

==== Security Toolkit ====

Virus Center
   Panda Software and the Windows & .NET Magazine Network have teamed
to bring you the Center for Virus Control. Visit the site often to
remain informed about the latest threats to your system security.
   http://www.winnetmag.com/windowssecurity/panda

FAQ: Can I Move Microsoft Exchange Server Systems Between
Administrative Groups?
   by John Savill, http://www.winnetmag.com/windowsnt20002003faq

A. No, even in a native Exchange Server 2003 organization, you can't
move servers between administrative groups. However, if you're running
Exchange in native mode, you can move mailboxes between administrative
groups. To work around the inability to move Exchange servers between
administrative groups, you can delete a server in one group and
recreate it from scratch in another by performing the following steps:

   1. Remove all resources and mailboxes from the server you want to
move (in native mode, you can move the mailboxes to another server
temporarily or use Exmerge to export the mailboxes).
   2. Remove the server from the administrative group (i.e., uninstall
 Exchange).
   3. Rebuild the server and select the new administrative group.
   4. If Exchange is in native mode, move the mailboxes from the
temporary Exchange server back to the original server. If you used
Exmerge, import the mailboxes and relink them to the Active Directory
(AD) accounts.

Featured Thread: pcAnywhere with ISA Server
   (Four messages in this thread)
   Yushi writes that a client has requested that Yushi set up
pcAnywhere on the client's server so that the client can remotely
administer a database. The server is running Small Business Server
(SBS) 2000 and Internet Security and Acceleration (ISA) Server. Yushi
wants to know how to configure ISA Server to allow access to
pcAnywhere. Lend a hand or read the responses:
http://www.winnetmag.com/forums/messageview.cfm?catid=42&threadid=118332

==== Events Central ====
   (A complete Web and live events directory brought to you by Windows
& .NET Magazine: http://www.winnetmag.com/events )

New Web Seminar
   Preemptive Email Security: How Enterprise Rent-A-Car Eliminates
 Spam
   Get the inside scoop on how Enterprise Rent-A-Car eliminated spam
and viruses, improved their email security, and increased
productivity. Don't miss this opportunity to educate yourself and
become a smarter customer when it comes to choosing an antispam
solution that best fits your organization's needs. Sign up for this
free Web seminar today!
http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0BGhc0Aj

==== New and Improved ====
   by Jason Bovberg, products at winnetmag.com

Respond to Network Security Information in Real Time
   eEye Digital Security and e-Security announced an enterprise
threat-management solution. The eEye Retina Network Security Scanner
scans every machine on a corporate network for vulnerabilities and
immediately makes that information available to the e-Security ESM
real-time management console, so you have accurate and timely
information available to help you prioritize resources for
vulnerability remediation. For more information about this
partnership, contact eEye or e-Security on the Web.
   http://www.eeye.com
   http://www.esecurity.net

Tell Us About a Hot Product and Get a T-Shirt!
   Have you used a product that changed your IT experience by saving
you time or easing your daily burden? Tell us about the product, and
we'll send you a Windows & .NET Magazine T-shirt if we write about the
product in a future Windows & .NET Magazine What's Hot column. Send
your product suggestions with information about how the product has
helped you to whatshot at winnetmag.com.

===================

==== Contact Us ====

About the newsletter -- letters at winnetmag.com
About technical questions -- http://www.winnetmag.com/forums
About product news -- products at winnetmag.com
About your subscription -- securityupdate at winnetmag.com
About sponsoring Security UPDATE -- emedia_opps at winnetmag.com

====================

==== Contact Our Sponsors ====

Primary/Secondary Sponsor:
   Symantec -- http://www.symantec.com

Hot Release Sponsor:
   Thawte -- http://www.thawte.com

====================

This email newsletter is brought to you by Windows & .NET Magazine,
the leading publication for IT professionals deploying Windows and
related technologies. Subscribe today.
   http://www.winnetmag.com/sub.cfm?code=wswi201x1z

You received this email message because you asked to receive
additional information about products and services from the Windows &
.NET Magazine Network. To unsubscribe, send an email message to
mailto:Security-UPDATE_Unsub at list.winnetmag.com. Thank you!

View the Windows & .NET Magazine privacy policy at
http://www.winnetmag.com/AboutUs/Index.cfm?action=privacy

Windows & .NET Magazine, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2004, Penton Media, Inc. All rights reserved.





More information about the isn mailing list