[ISN] Security UPDATE -- In Focus: Keeping Private Information Private -- April 6, 2005

InfoSec News isn at c4i.org
Thu Apr 7 02:15:13 EDT 2005


====================

This email newsletter comes to you free and is supported by the 
following advertisers, which offer products and services in which 
you might be interested. Please take a moment to visit these 
advertisers' Web sites and show your support for Security UPDATE. 

Diskeeper - The Number One Automatic Defragmenter
   http://list.windowsitpro.com/t?ctl=6DDE:4FB69

CrossTec
   http://list.windowsitpro.com/t?ctl=6DD7:4FB69 

====================

1. In Focus: Keeping Private Information Private 

2. Security News and Features
   - Recent Security Vulnerabilities
   - New Alliance Automates Attack Mitigation
   - Bug Hunting for Mozilla Pays
   - Attack Shield Worm Suppression

3. Security Toolkit
   - Security Matters Blog
   - FAQ
   - Security Forum Featured Thread

4. New and Improved
   - Isolating Internet Activity

====================

==== Sponsor: Executive Software ====

Diskeeper - The Number One Automatic Defragmenter
   Keeping your systems up and running and available to the users is 
vital! Slow, crash-prone systems have a devastating effect on your 
organization's productivity. Disk fragmentation is a major cause of 
crashes, slowdowns and freeze-ups, and it must be kept in check. 
Fortunately, there is a solution: Diskeeper, the Number One Automatic 
Defragmenter. Automatic defragmentation boosts performance and 
reliability, reducing help desk traffic by heading off problems before 
they become emergencies. See for yourself—download a FREE 30-day fully-
functional evaluation version of Diskeeper. Install it then just "Set 
It and Forget It", and watch as the problems caused by fragmentation 
simply disappear! See why over 16 million Diskeeper licenses have been 
sold—get your free evaluation version of Diskeeper 9 now!
   http://list.windowsitpro.com/t?ctl=6DDE:4FB69

====================

==== 1. In Focus: Keeping Private Information Private ====
   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

You might have read the somewhat recent news stories about people's 
private information being either stolen or leaked from four different 
entities. One incident involved consumer data collector ChoicePoint, 
which somehow managed to divulge the personal information of more than 
140,000 people. It took the company quite some time to determine how 
many people's data was actually leaked. 

Another incident involved LexisNexis. Intruders managed to break in to 
the company's computer systems, where they gained access to roughly 
32,000 people's private information. Intruders also broke in to the 
computer systems of Chico State University (California) and gained 
access to the private information of nearly 60,000 people. And a laptop 
went missing from the University of California, Berkeley. As you might 
suspect, the laptop contained private information--of more than 96,000 
people. 

These stories boggle the mind. In the first three incidents, the 
computers were accessed through the Internet. Crucial systems that, if 
breached, would affect thousands or even millions of people should 
under no circumstances be accessible via the Internet. There are other 
ways to provide necessary access to the information without adding the 
gigantic risk of a global open network. The Internet serves a fantastic 
and incredibly useful purpose. However, I don't think part of that 
purpose should include connecting every computing device on the planet. 
Intrusion incidents seem to make that notion very clear. 

The incident at Berkeley points out a different problem that has a 
simple solution. Don't keep sensitive information, such as the private 
information of more than 96,000 people, on a system that can be stolen 
by anybody capable of lifting a few pounds of weight. Even though the 
stolen laptop was supposedly in a "secure" area, it went missing. This 
incident points out the need for people to consider exactly what they 
keep on mobile computers, why they think they need to keep the data on 
such devices, and the worst-case scenarios of the computer and data 
being lost. 

People could argue that even a regular large server could be stolen. 
That's true. But someone is much more conspicuous walking out of a 
secure area with a big heavy computer box. On the contrary, anybody can 
hide a laptop in a briefcase or backpack or under a jacket. In 
addition, regular computers and rack-mounted systems can be bolted into 
place such that they can't easily be taken or their covers removed to 
gain access to their internal devices, such as hard drives. 

====================

==== Sponsor: CrossTec ====

FREE Download – The Next Generation of End-Point Security is Available 
Today. NEW NetOp Desktop Firewall's fast 100% driver-centric design 
offers a tiny footprint that protects machines even before Windows 
loads - without slowing them down. NetOp is also the only solution to 
provide process control as well as application control to give you the 
highest level of security. The NetOp Desktop Firewall utilizes real-
time centralized management and control, intelligent network detection, 
stateful packet filtering, port blocking, protection from process 
hijacking, and much more. Try it FREE. 
   http://list.windowsitpro.com/t?ctl=6DD7:4FB69 

====================

==== 2. Security News and Features ====

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at
   http://list.windowsitpro.com/t?ctl=6DDF:4FB69

New Alliance Automates Attack Mitigation
   A new alliance of network service providers, hosting companies, and 
educational institutions have joined together to automate attack 
mitigation. The Fingerprint Sharing Alliance, developed by Arbor 
Networks, is based on the company's Peakflow SP solution and lets 
alliance members share attack-fingerprint information to more quickly 
thwart attacks. 
   http://list.windowsitpro.com/t?ctl=6DE8:4FB69

Bug Hunting for Mozilla Pays
   Mozilla Foundation's Bug Bounty Program pays researchers to find 
security problems in Mozilla software. This week, the company awarded 
$2500 to German bug hunter Michael Krax. 
   http://list.windowsitpro.com/t?ctl=6DE4:4FB69

Attack Shield Worm Suppression
   Sana Security's Attack Shield Worm Suppression (WS) is a software-
only solution to protect workstations from worms that spread via 
buffer-overflow attacks. The software operates only when an exploit 
makes a system call. So although it prevents exploits from using a 
buffer overflow for actions such as privilege escalation and file-
system access, it won't protect against buffer overflows that cause a 
crash by corrupting memory. Read the rest of Adam Carheden's mini-
review on our Web site.
   http://list.windowsitpro.com/t?ctl=6DE7:4FB69

====================

==== Resources and Events ====

Meet the Risks of Instant Messaging Head On in This Free Web Seminar
   Don't overlook IM in your compliance planning. Attend this free Web 
seminar and learn how to minimize IM's authentication and auditability 
risks and prevent security dangers. You'll also receive a list of the 
top requirements to consider when choosing a secure IM solution. Sign 
up now!
   http://list.windowsitpro.com/t?ctl=6DDB:4FB69

Get Ready for SQL Server 2005 Roadshow in a City Near You
   Get the facts about migrating to SQL Server 2005. SQL Server experts 
will present real-world information about administration, development, 
and business intelligence to help you implement a best-practices 
migration to SQL Server 2005 and improve your database computing 
environment. Receive a 1-year membership to PASS and 1-year 
subscription to SQL Server Magazine. Register now!
   http://list.windowsitpro.com/t?ctl=6DDC:4FB69

Windows Connections 2005 Conference
   April 17-20, 2005, Hyatt Regency, San Francisco. Microsoft and 
Windows experts present over 40 in-depth sessions with real-world 
solutions you can take back and apply today. Don't miss Mark Minasi's 
entertaining and insightful keynote presentation on "The State of 
Windows" and your chance to win a 7-night Caribbean cruise! 800-505-
1201.
   http://list.windowsitpro.com/t?ctl=6DED:4FB69

Overcoming "The Fiefdom Syndrome": How to Conquer the Turf Battles That 
Undermine Companies
   Can your organization benefit by overcoming turf battles? Don't miss 
this opportunity to hear Robert J. Herbold, former COO of Microsoft and 
author of "The Fiefdom Syndrome," and Jim Davis, Senior VP, SAS. Join 
Business Finance in welcoming these thought leaders on Tuesday, April 
19th at 11:00 a.m. EST. Register here:
   http://list.windowsitpro.com/t?ctl=6DE2:4FB69

Keeping Critical Applications Running in a Distributed Environment
   Get up to speed fast with solid tactics you can use to fix problems 
you're likely to encounter as your network grows in geographic 
distribution and complexity, learn how to keep your network's critical 
applications running, and discover the best approaches for planning for 
future needs. Don't miss this exclusive opportunity--register now!
   http://list.windowsitpro.com/t?ctl=6DDA:4FB69

====================

==== Hot Release ====

An Evaluation of the Total Cost of Ownership of Email Security 
Solutions
   Quantifying the Total Cost of Ownership (TCO) of email security 
solutions is a notoriously difficult task. Discover how Total Cost of 
Ownership is much more than the initial acquisition cost of a solution, 
and how you can save thousands of dollars each year without sacrificing 
accuracy, control or effectiveness in protecting your email systems. 
Download this free whitepaper now!
   http://list.windowsitpro.com/t?ctl=6DD9:4FB69

====================

==== 3. Security Toolkit ==== 

Security Matters Blog 
   by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=6DEB:4FB69

RookitRevealer Is Now a Moving Target
   RookitRevealer is a new tool from Sysinternals that can help sniff 
out rootkits. Rootkit designers quickly started creating ways to hide 
their rootkits from RootkitRevealer, so last week, Sysinternals 
released a new version that uses random executable names to make the 
tool a moving target. 
   http://list.windowsitpro.com/t?ctl=6DE5:4FB69

FAQ
   by John Savill, http://list.windowsitpro.com/t?ctl=6DE9:4FB69 

Q: How can I move users between forests?

Find the answer at
   http://list.windowsitpro.com/t?ctl=6DE6:4FB69

Security Forum Featured Thread: File Permissions on an Archive Server
   A forum participant has a Windows NT archive server on which files 
and folders are created, moved, and deleted regularly. He would like 
all the root folders on the server to automatically be created with 
read only permission for regular users, but he'd like the files and 
folders below the root folders to have full permission for regular 
users. Join the discussion at 
   http://list.windowsitpro.com/t?ctl=6DDD:4FB69

====================

==== Announcements ====
   (from Windows IT Pro and its partners)

Check Out the New Windows IT Security Newsletter!
   Security Administrator is now Windows IT Security. We've expanded 
our content to include even more fundamentals on building and 
maintaining a secure enterprise. Each issue also features product 
coverage of the best security tools available and expert advice on the 
best way to implement various security components. Plus, paid 
subscribers get online access to our entire security article database! 
Click here to try a sample issue today:
   http://list.windowsitpro.com/t?ctl=6DE1:4FB69

====================

==== 4. New and Improved ====
   by Renee Munshi, products at windowsitpro.com

Isolating Internet Activity
   GreenBorder Technologies announced the availability of GreenBorder, 
software that transparently isolates Internet activity performed 
through Microsoft Internet Explorer (IE) and Outlook from the desktop 
OS, user files, and the enterprise network. GreenBorder protects 
against damage, theft, and hijacking by Internet-delivered malicious 
code that uses HTTP or SMTP to break into the desktop. When users log 
off, GreenBorder automatically flushes the remnants of any Internet 
activity, including code, files, and cookies. GreenBorder Professional 
Edition has a desktop agent and a management server that provides 
centralized configuration, deployment, and reporting. GreenBorder 
Personal Edition will be available free for download beginning this 
month. For more information, go to
   http://list.windowsitpro.com/t?ctl=6DEF:4FB69

Tell Us About a Hot Product and Get a T-Shirt!
   Have you used a product that changed your IT experience by saving 
you time or easing your daily burden? Tell us about the product, and 
we'll send you a T-shirt if we write about the product in a future 
Windows IT Pro What's Hot column. Send your product suggestions with 
information about how the product has helped you to 
   whatshot at windowsitpro.com.

Editor's note: Share Your Security Discoveries and Get $100
   Share your security-related discoveries, comments, or problems and 
solutions in the Windows IT Security print newsletter's Reader to 
Reader column. Email your contributions (500 words or less) to 
r2rwinitsec at windowsitpro.com. If we print your submission, you'll 
get $100. We edit submissions for style, grammar, and length.

====================

==== Sponsored Links ====

Quest Software
   Heading to Exchange from Notes or GroupWise? Get Expert Help!
   http://list.windowsitpro.com/t?ctl=6DF0:4FB69

NetOp – Control PCs from a USB Drive
   Securely access PCs from your desktop, web, CE, or thumb drive
   http://list.windowsitpro.com/t?ctl=6DF1:4FB69

====================

==== Contact Us ==== 

About the newsletter -- letters at windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=6DEC:4FB69
About product news -- products at windowsitpro.com
About your subscription -- windowsitproupdate at windowsitpro.com
About sponsoring Security UPDATE -- emedia_opps at windowsitpro.com

====================

This email newsletter is brought to you by Windows IT Security, 
the leading publication for IT professionals securing the Windows 
enterprise from external intruders and controlling access for 
internal users. Subscribe today.
   http://list.windowsitpro.com/t?ctl=6DE3:4FB69

View the Windows IT Pro privacy policy at
   http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2005, Penton Media, Inc. All rights reserved.





More information about the ISN mailing list