[ISN] Security UPDATE--Mobile Computing Security Through Obscurity--June 23, 2004

InfoSec News isn at c4i.org
Fri Jun 25 09:10:13 EDT 2004


====================

==== This Issue Sponsored By ====

Windows & .NET Magazine
   http://list.winnetmag.com/cgi-bin3/DM/y/egR50CJgSH0CBw0BEuX0Au

Implementing Client Security on Windows 2000/XP
  
   http://list.winnetmag.com/cgi-bin3/DM/y/egR50CJgSH0CBw0BHGO0A3

====================

1. In Focus: Mobile Computing Security Through Obscurity

2. Security News and Features
   - Recent Security Vulnerabilities
   - eBook: Preemptive Email Security and Management
   - News: Audit Reveals Spyware Infestation
   - News: Secure SMS and Your Passwords

3. Security Toolkit
   - FAQ
   - Featured Thread

4. New and Improved
   - Monitor Your System and Applications
   - Protect Your Privacy

====================

==== Sponsor: Windows & .NET Magazine ====
   Get 2 Sample Issues of Windows & .NET Magazine!
   Every issue of Windows & .NET Magazine includes intelligent,
impartial, and independent coverage of security, Active Directory,
Exchange, scripting, and much more. Our expert authors deliver how-to
articles and product evaluations that will help you do your job
better. Try two, no-risk sample issues today, and find out why 100,000
IT professionals rely on Windows & .NET Magazine each month!
   http://list.winnetmag.com/cgi-bin3/DM/y/egR50CJgSH0CBw0BEuX0Au

====================

==== 1. In Focus: Mobile Computing Security Through Obscurity ====
   by Mark Joseph Edwards, News Editor, mark at ntsecurity dot net

I wonder if part of your job as security administrator or manager
includes handling mobile phone security? Someone at your company
should be tending to that responsibility, especially if employees are
storing company information on their phones.

Last week, Kaspersky Labs announced the discovery of the first virus
to infect mobile phones. The virus, which Kaspersky named Cabir,
affects mobile phones that use the Symbian OS. The virus is relatively
harmless--its only purpose is to propagate itself, and it does so only
to other phones that have Bluetooth enabled and are broadcasting their
presence. However, Denis Zenkin, head of Corporate Communications at
Kaspersky Labs, said that sooner or later, more malicious forms of
mobile phone malware that will possibly destroy or steal data will
begin to spread.
   http://www.viruslist.com/eng/viruslist.html?id=1689517

Since Cabir spreads to mobile phones that broadcast their presence via
Bluetooth wireless technology, you might want to configure Symbian to
use Bluetooth in an invisible mode that doesn't broadcast the phone's
presence. Configure other mobile phone OSs too to prevent any future
attacks against them. Using invisible mode is similar to configuring
wireless Access Points (APs) to not broadcast their SSID. If an AP
broadcasts its SSID, intruders can detect it and use it as a starting
point for penetrating your network. Bluetooth invisible mode is also
similar to using a firewall, which makes your internal networks
invisible to connected networks.

These security measures are probably common sense for you, but they
might not be for mobile phone users in your organization. You could
explain the security needs to users by comparing their
Bluetooth-broadcasting mobile phone to a wallet or purse left lying on
a car seat while they're out of the car. The wallet or purse is
essentially begging somebody to break into the car and steal it. A
little security through obscurity might save a lot of frustration
sooner or later. Some people might disagree, but I think you can gain
a fair amount of security by obscuring the presence of anything,
whether it be a wallet, purse, or wireless network.

Of course, you can gain plenty of security by adding device
protection, such as antivirus software for mobile phones, which is
available from many antivirus software vendors. And, as I mentioned
earlier, you might also consider some configuration changes to your
mobile phone OS, particularly disabling Bluetooth broadcasts to make
the devices somewhat invisible.

If you're interested in other problems with Bluetooth and mobile
phones, you might want to read about a few other related
vulnerabilities, which are mentioned in a recent Integralis press
release.
http://www.integralis.co.uk/about_us/press_releases/2004/150604PR.html

====================

==== Sponsor: Implementing Client Security on Windows 2000/XP ====
   Learn the requirements for securing client computers in
environments where Windows Server 2003, Windows 2000 and Windows NT
4.0 servers are present. You will also learn how to implement best
practices for clients in extreme high-security environments. The
session will discuss the use of Group Policy and Administrative
Templates to secure Windows 2000 and Windows XP installations and
provide guidance on software restriction policies, anti-virus
strategies, and distributed firewall technologies. This session also
covers configuring Microsoft Office and Internet Explorer to help
achieve a secure client environment. Register now!
   http://list.winnetmag.com/cgi-bin3/DM/y/egR50CJgSH0CBw0BHGO0A3

====================

==== 2. Security News and Features ====

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these discoveries
at
   http://www.winnetmag.com/departments/departmentid/752/752.html

eBook: Preemptive Email Security and Management
   In this free eBook, author Peter Bowyer details a preventive
approach to eliminating spam and viruses, stopping directory harvest
attacks, guarding content, and improving email performance. The first
two chapters of the book are already online. You can download them in
PDF format from our Windows IT Library.
   http://www.windowsitlibrary.com/ebooks/emailsecurity/index.cfm

News: Audit Reveals Spyware Infestation
   An April audit conducted by EarthLink and Webroot Software scoured
420,761 computer systems. The audit discovered more than 11.3 million
instances of spyware and Trojan horse programs installed on the
computers.
   http://www.winnetmag.com/article/articleid/43016/43016.html

News: Secure SMS and Your Passwords
   Microsoft released two new security-related articles that cover
Systems Management Server (SMS) environments and user password
management. The SMS article, "Scenarios and Procedures for Microsoft
Systems Management Server 2003: Security," details security
fundamentals, how to secure SMS, and how to maintain SMS security. The
password article, "Mind Those Passwords!" addresses the problems many
users face in managing numerous passwords.
   http://www.winnetmag.com/article/articleid/43021/43021.html

====================

==== Announcements ====
   (from Windows & .NET Magazine and its partners)

Attend the Black Hat Briefings & Training USA Event - July 24-29, 2004
   This is the world's premier technical IT security conference,
hosting 2,000 delegates from 30 nations. Featuring 27 hands-on
training courses and 10 conference tracks with presentations by
security experts and "underground" security specialists. The
early-bird registration deadline is July 1!
   http://list.winnetmag.com/cgi-bin3/DM/y/egR50CJgSH0CBw0pHV0Ak

The Conference on Securing and Auditing Windows Technologies, July
20-21
   New for 2004, The Conference on Securing and Auditing Windows
Technologies will be held July 20-21, 2004, at the Fairmont Copley
Plaza in Boston, MA. In vendor-neutral sessions on today's hottest
topics, you'll get practical strategies for mitigating risk and
safeguarding your systems. For more information, call 508-879-7999 or
go to:
   http://list.winnetmag.com/cgi-bin3/DM/y/egR50CJgSH0CBw0BHtU0At

Free eBook--"Preemptive Email Security and Management"
   Chapter 2 available now, "Evolving techniques for eliminating spam,
email virus and worm threats." In this eBook, you'll discover a
preventive approach to eliminating spam and viruses, stopping
directory harvest attacks, guarding content, and improving email
performance. Download this eBook today!
   http://list.winnetmag.com/cgi-bin3/DM/y/egR50CJgSH0CBw0BJJe0AV

====================

==== 3. Security Toolkit ====

FAQ: How Can I Enable the Security Tab at the Exchange Organization
Level?
   by John Savill, http://www.winnetmag.com/windowsnt20002003faq

A. By default, the Security tab isn't displayed on an Exchange
organization's properties page. To display the tab, perform these
steps:

   1. Start the registry editor (regedit.exe).
   2. Navigate to the
HKEY_CURRENT_USER\Software\Microsoft\Exchange\EXAdmin subkey.
   3. From the Edit menu, select New and click DWORD Value.
   4. Enter the name ShowSecurityPage and press Enter.
   5. Double-click the new value and set it to 1. Click OK.
   6. Close the registry editor.

The Security tab will now be displayed on the Exchange organization's
properties page. On the Security tab, you can turn off the Send As and
Receive As deny settings to grant Exchange administrators full access
to all mailboxes in the organization. Using the Security tab to allow
full access is a simpler way to grant administrators access to users'
mailboxes than the technique described in the FAQ "How can I configure
Microsoft Exchange Server 2003 administrators so that they can access
all users' mailboxes?" at the URL below. However, keep in mind that
the Security tab lets you grant access only to all mailboxes or none.
   http://www.winnetmag.com/articles/index.cfm?articleid=42867

Featured Thread: Port Filtering on Windows 2000 Server
   (One message in this thread)
   Jeff writes that he needs to tighten security on a Windows 2000
Advanced Server Web server. He wants to allow most UDP traffic, except
through ports 161 and 445. He doesn't want to use the OS's IP
filtering because it only lets you define allowed ports, not blocked
ports, which means that he'd have to manually create a long list of
allowed ports. Do you know an easy way to accomplish this task? Lend a
hand or read the responses:
http://www.winnetmag.com/forums/messageview.cfm?catid=42&threadid=122412

====================

==== Events Central ====
   (A complete Web and live events directory brought to you by Windows
& .NET Magazine: http://www.winnetmag.com/events )

We're Bringing the Experts Directly to You with 2 New IT Pro Workshop
Series About Security And Exchange
   Don't miss two intense workshops designed to give you simple and
free tools to better secure your networks and Exchange servers.
Discover how to prevent hackers from attacking your network and how to
perform a security checkup on your Exchange Server deployment. Get a
free 12-month subscription to Windows & .NET Magazine and enter to win
an Xbox. Register now!
   http://list.winnetmag.com/cgi-bin3/DM/y/egR50CJgSH0CBw0BJJg0AX

====================

==== 4. New and Improved ====
   by Jason Bovberg, products at winnetmag.com

Monitor Your System and Applications
   Anfibia Software announced Watchman 6.0, an application-monitoring
and system-protection tool. Watchman's new GUI offers file protection,
application-usage logging, and access-control management. You can stop
unwanted applications and protect documents from tampering. The
software works on Windows 2003/XP/2000/Me/NT 4.0/98 systems, and
single licenses start at $45. You can download a fully functional
evaluation version from the company Web site.
   http://www.anfibia-soft.com

Protect Your Privacy
   WinGuides released Privacy Guardian 3.0, a privacy protection tool
that deletes Internet tracks and program history information stored on
your computer. Information from the Web sites you visit is stored on
your computer in hidden locations including temporary files, cookies,
the registry, and the index.dat file. Privacy Guardian cleans out
these hidden files. Privacy Guardian runs on Windows XP/2000/Me/9x,
and prices begin at $29.95 for a single-user license. For more
information, contact WinGuides at 877-576-2445 or info at winguides.com.
You can download a free trial version of Privacy Guardian from the
company's Web site.
   http://www.winguides.com/privacy

Tell Us About a Hot Product and Get a T-Shirt!
   Have you used a product that changed your IT experience by saving
you time or easing your daily burden? Tell us about the product, and
we'll send you a Windows & .NET Magazine T-shirt if we write about the
product in a future Windows & .NET Magazine What's Hot column. Send
your product suggestions with information about how the product has
helped you to whatshot at winnetmag.com.

====================

==== Sponsored Links ====

Argent
   Comparison Paper: The Argent Guardian Easily Beats Out MOM
   http://list.winnetmag.com/cgi-bin3/DM/y/egR50CJgSH0CBw0BDWV0AN

CommVault
   CommVault - Free White Paper: Managing the Infinite Inbox
   http://list.winnetmag.com/cgi-bin3/DM/y/egR50CJgSH0CBw0BJKg0AY

VERITAS Software
   VERITAS White Paper: Reclaim 30% of Your Windows Storage Space Now!
   http://list.winnetmag.com/cgi-bin3/DM/y/egR50CJgSH0CBw0BJJh0AY

====================

Editor's note: Share Your Security Discoveries and Get $100
   Share your security-related discoveries, comments, or problems and
solutions in the Security Administrator print newsletter's Reader to
Reader column. Email your contributions (500 words or less) to
r2rsecadmin at winnetmag.com. If we print your submission, you'll get
$100. We edit submissions for style, grammar, and length.

====================

==== Contact Us ====

About the newsletter -- letters at winnetmag.com
About technical questions -- http://www.winnetmag.com/forums
About product news -- products at winnetmag.com
About your subscription -- securityupdate at winnetmag.com
About sponsoring Security UPDATE -- emedia_opps at winnetmag.com

====================

This email newsletter is brought to you by Windows & .NET Magazine,
the leading publication for IT professionals deploying Windows and
related technologies. Subscribe today.
   http://www.winnetmag.com/sub.cfm?code=wswi201x1z

View the Windows & .NET Magazine privacy policy at
http://www.winnetmag.com/AboutUs/Index.cfm?action=privacy

Windows & .NET Magazine, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2004, Penton Media, Inc. All rights reserved.





More information about the ISN mailing list