[ISN] Security UPDATE -- In Focus: Keeping Private Information
Private -- April 6, 2005
InfoSec News
isn at c4i.org
Thu Apr 7 02:15:13 EDT 2005
====================
This email newsletter comes to you free and is supported by the
following advertisers, which offer products and services in which
you might be interested. Please take a moment to visit these
advertisers' Web sites and show your support for Security UPDATE.
Diskeeper - The Number One Automatic Defragmenter
http://list.windowsitpro.com/t?ctl=6DDE:4FB69
CrossTec
http://list.windowsitpro.com/t?ctl=6DD7:4FB69
====================
1. In Focus: Keeping Private Information Private
2. Security News and Features
- Recent Security Vulnerabilities
- New Alliance Automates Attack Mitigation
- Bug Hunting for Mozilla Pays
- Attack Shield Worm Suppression
3. Security Toolkit
- Security Matters Blog
- FAQ
- Security Forum Featured Thread
4. New and Improved
- Isolating Internet Activity
====================
==== Sponsor: Executive Software ====
Diskeeper - The Number One Automatic Defragmenter
Keeping your systems up and running and available to the users is
vital! Slow, crash-prone systems have a devastating effect on your
organization's productivity. Disk fragmentation is a major cause of
crashes, slowdowns and freeze-ups, and it must be kept in check.
Fortunately, there is a solution: Diskeeper, the Number One Automatic
Defragmenter. Automatic defragmentation boosts performance and
reliability, reducing help desk traffic by heading off problems before
they become emergencies. See for yourself—download a FREE 30-day fully-
functional evaluation version of Diskeeper. Install it then just "Set
It and Forget It", and watch as the problems caused by fragmentation
simply disappear! See why over 16 million Diskeeper licenses have been
sold—get your free evaluation version of Diskeeper 9 now!
http://list.windowsitpro.com/t?ctl=6DDE:4FB69
====================
==== 1. In Focus: Keeping Private Information Private ====
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
You might have read the somewhat recent news stories about people's
private information being either stolen or leaked from four different
entities. One incident involved consumer data collector ChoicePoint,
which somehow managed to divulge the personal information of more than
140,000 people. It took the company quite some time to determine how
many people's data was actually leaked.
Another incident involved LexisNexis. Intruders managed to break in to
the company's computer systems, where they gained access to roughly
32,000 people's private information. Intruders also broke in to the
computer systems of Chico State University (California) and gained
access to the private information of nearly 60,000 people. And a laptop
went missing from the University of California, Berkeley. As you might
suspect, the laptop contained private information--of more than 96,000
people.
These stories boggle the mind. In the first three incidents, the
computers were accessed through the Internet. Crucial systems that, if
breached, would affect thousands or even millions of people should
under no circumstances be accessible via the Internet. There are other
ways to provide necessary access to the information without adding the
gigantic risk of a global open network. The Internet serves a fantastic
and incredibly useful purpose. However, I don't think part of that
purpose should include connecting every computing device on the planet.
Intrusion incidents seem to make that notion very clear.
The incident at Berkeley points out a different problem that has a
simple solution. Don't keep sensitive information, such as the private
information of more than 96,000 people, on a system that can be stolen
by anybody capable of lifting a few pounds of weight. Even though the
stolen laptop was supposedly in a "secure" area, it went missing. This
incident points out the need for people to consider exactly what they
keep on mobile computers, why they think they need to keep the data on
such devices, and the worst-case scenarios of the computer and data
being lost.
People could argue that even a regular large server could be stolen.
That's true. But someone is much more conspicuous walking out of a
secure area with a big heavy computer box. On the contrary, anybody can
hide a laptop in a briefcase or backpack or under a jacket. In
addition, regular computers and rack-mounted systems can be bolted into
place such that they can't easily be taken or their covers removed to
gain access to their internal devices, such as hard drives.
====================
==== Sponsor: CrossTec ====
FREE Download – The Next Generation of End-Point Security is Available
Today. NEW NetOp Desktop Firewall's fast 100% driver-centric design
offers a tiny footprint that protects machines even before Windows
loads - without slowing them down. NetOp is also the only solution to
provide process control as well as application control to give you the
highest level of security. The NetOp Desktop Firewall utilizes real-
time centralized management and control, intelligent network detection,
stateful packet filtering, port blocking, protection from process
hijacking, and much more. Try it FREE.
http://list.windowsitpro.com/t?ctl=6DD7:4FB69
====================
==== 2. Security News and Features ====
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at
http://list.windowsitpro.com/t?ctl=6DDF:4FB69
New Alliance Automates Attack Mitigation
A new alliance of network service providers, hosting companies, and
educational institutions have joined together to automate attack
mitigation. The Fingerprint Sharing Alliance, developed by Arbor
Networks, is based on the company's Peakflow SP solution and lets
alliance members share attack-fingerprint information to more quickly
thwart attacks.
http://list.windowsitpro.com/t?ctl=6DE8:4FB69
Bug Hunting for Mozilla Pays
Mozilla Foundation's Bug Bounty Program pays researchers to find
security problems in Mozilla software. This week, the company awarded
$2500 to German bug hunter Michael Krax.
http://list.windowsitpro.com/t?ctl=6DE4:4FB69
Attack Shield Worm Suppression
Sana Security's Attack Shield Worm Suppression (WS) is a software-
only solution to protect workstations from worms that spread via
buffer-overflow attacks. The software operates only when an exploit
makes a system call. So although it prevents exploits from using a
buffer overflow for actions such as privilege escalation and file-
system access, it won't protect against buffer overflows that cause a
crash by corrupting memory. Read the rest of Adam Carheden's mini-
review on our Web site.
http://list.windowsitpro.com/t?ctl=6DE7:4FB69
====================
==== Resources and Events ====
Meet the Risks of Instant Messaging Head On in This Free Web Seminar
Don't overlook IM in your compliance planning. Attend this free Web
seminar and learn how to minimize IM's authentication and auditability
risks and prevent security dangers. You'll also receive a list of the
top requirements to consider when choosing a secure IM solution. Sign
up now!
http://list.windowsitpro.com/t?ctl=6DDB:4FB69
Get Ready for SQL Server 2005 Roadshow in a City Near You
Get the facts about migrating to SQL Server 2005. SQL Server experts
will present real-world information about administration, development,
and business intelligence to help you implement a best-practices
migration to SQL Server 2005 and improve your database computing
environment. Receive a 1-year membership to PASS and 1-year
subscription to SQL Server Magazine. Register now!
http://list.windowsitpro.com/t?ctl=6DDC:4FB69
Windows Connections 2005 Conference
April 17-20, 2005, Hyatt Regency, San Francisco. Microsoft and
Windows experts present over 40 in-depth sessions with real-world
solutions you can take back and apply today. Don't miss Mark Minasi's
entertaining and insightful keynote presentation on "The State of
Windows" and your chance to win a 7-night Caribbean cruise! 800-505-
1201.
http://list.windowsitpro.com/t?ctl=6DED:4FB69
Overcoming "The Fiefdom Syndrome": How to Conquer the Turf Battles That
Undermine Companies
Can your organization benefit by overcoming turf battles? Don't miss
this opportunity to hear Robert J. Herbold, former COO of Microsoft and
author of "The Fiefdom Syndrome," and Jim Davis, Senior VP, SAS. Join
Business Finance in welcoming these thought leaders on Tuesday, April
19th at 11:00 a.m. EST. Register here:
http://list.windowsitpro.com/t?ctl=6DE2:4FB69
Keeping Critical Applications Running in a Distributed Environment
Get up to speed fast with solid tactics you can use to fix problems
you're likely to encounter as your network grows in geographic
distribution and complexity, learn how to keep your network's critical
applications running, and discover the best approaches for planning for
future needs. Don't miss this exclusive opportunity--register now!
http://list.windowsitpro.com/t?ctl=6DDA:4FB69
====================
==== Hot Release ====
An Evaluation of the Total Cost of Ownership of Email Security
Solutions
Quantifying the Total Cost of Ownership (TCO) of email security
solutions is a notoriously difficult task. Discover how Total Cost of
Ownership is much more than the initial acquisition cost of a solution,
and how you can save thousands of dollars each year without sacrificing
accuracy, control or effectiveness in protecting your email systems.
Download this free whitepaper now!
http://list.windowsitpro.com/t?ctl=6DD9:4FB69
====================
==== 3. Security Toolkit ====
Security Matters Blog
by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=6DEB:4FB69
RookitRevealer Is Now a Moving Target
RookitRevealer is a new tool from Sysinternals that can help sniff
out rootkits. Rootkit designers quickly started creating ways to hide
their rootkits from RootkitRevealer, so last week, Sysinternals
released a new version that uses random executable names to make the
tool a moving target.
http://list.windowsitpro.com/t?ctl=6DE5:4FB69
FAQ
by John Savill, http://list.windowsitpro.com/t?ctl=6DE9:4FB69
Q: How can I move users between forests?
Find the answer at
http://list.windowsitpro.com/t?ctl=6DE6:4FB69
Security Forum Featured Thread: File Permissions on an Archive Server
A forum participant has a Windows NT archive server on which files
and folders are created, moved, and deleted regularly. He would like
all the root folders on the server to automatically be created with
read only permission for regular users, but he'd like the files and
folders below the root folders to have full permission for regular
users. Join the discussion at
http://list.windowsitpro.com/t?ctl=6DDD:4FB69
====================
==== Announcements ====
(from Windows IT Pro and its partners)
Check Out the New Windows IT Security Newsletter!
Security Administrator is now Windows IT Security. We've expanded
our content to include even more fundamentals on building and
maintaining a secure enterprise. Each issue also features product
coverage of the best security tools available and expert advice on the
best way to implement various security components. Plus, paid
subscribers get online access to our entire security article database!
Click here to try a sample issue today:
http://list.windowsitpro.com/t?ctl=6DE1:4FB69
====================
==== 4. New and Improved ====
by Renee Munshi, products at windowsitpro.com
Isolating Internet Activity
GreenBorder Technologies announced the availability of GreenBorder,
software that transparently isolates Internet activity performed
through Microsoft Internet Explorer (IE) and Outlook from the desktop
OS, user files, and the enterprise network. GreenBorder protects
against damage, theft, and hijacking by Internet-delivered malicious
code that uses HTTP or SMTP to break into the desktop. When users log
off, GreenBorder automatically flushes the remnants of any Internet
activity, including code, files, and cookies. GreenBorder Professional
Edition has a desktop agent and a management server that provides
centralized configuration, deployment, and reporting. GreenBorder
Personal Edition will be available free for download beginning this
month. For more information, go to
http://list.windowsitpro.com/t?ctl=6DEF:4FB69
Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving
you time or easing your daily burden? Tell us about the product, and
we'll send you a T-shirt if we write about the product in a future
Windows IT Pro What's Hot column. Send your product suggestions with
information about how the product has helped you to
whatshot at windowsitpro.com.
Editor's note: Share Your Security Discoveries and Get $100
Share your security-related discoveries, comments, or problems and
solutions in the Windows IT Security print newsletter's Reader to
Reader column. Email your contributions (500 words or less) to
r2rwinitsec at windowsitpro.com. If we print your submission, you'll
get $100. We edit submissions for style, grammar, and length.
====================
==== Sponsored Links ====
Quest Software
Heading to Exchange from Notes or GroupWise? Get Expert Help!
http://list.windowsitpro.com/t?ctl=6DF0:4FB69
NetOp – Control PCs from a USB Drive
Securely access PCs from your desktop, web, CE, or thumb drive
http://list.windowsitpro.com/t?ctl=6DF1:4FB69
====================
==== Contact Us ====
About the newsletter -- letters at windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=6DEC:4FB69
About product news -- products at windowsitpro.com
About your subscription -- windowsitproupdate at windowsitpro.com
About sponsoring Security UPDATE -- emedia_opps at windowsitpro.com
====================
This email newsletter is brought to you by Windows IT Security,
the leading publication for IT professionals securing the Windows
enterprise from external intruders and controlling access for
internal users. Subscribe today.
http://list.windowsitpro.com/t?ctl=6DE3:4FB69
View the Windows IT Pro privacy policy at
http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2005, Penton Media, Inc. All rights reserved.
More information about the ISN
mailing list