[ISN] Security UPDATE -- In Focus: Yet Another Linux vs. Windows Report -- March 23, 2005

[InfoSec News]

====================

This email newsletter comes to you free and is supported by the 
following advertisers, which offer products and services in which 
you might be interested. Please take a moment to visit these 
advertisers' Web sites and show your support for Security UPDATE. 

Free Info Kit on Automating Patch Management
   http://list.windowsitpro.com/t?ctl=5BCD:4FB69 

Security on All Workstations Compromised in Minutes
   http://list.windowsitpro.com/t?ctl=5BC0:4FB69 

====================

1. In Focus: Yet Another Linux vs. Windows Report

2. Security News and Features
   - Recent Security Vulnerabilities
   - Help Writing an Incident Response Plan
   - CyberGuard Acquires Zix Security Assets

3. Security Toolkit
   - Security Matters Blog
   - FAQ
   - Security Forum Featured Thread

4. New and Improved
   - Fine-Tuning Permissions

====================

==== Sponsor: PatchLink ====

Free Info Kit on Automating Patch Management
   Now, in a free information kit, learn how easily you can identify, 
deploy, and maintain patches critical to the security and 
availability of your network. You'll also discover how you can 
maintain bulletproof security -- against a range of threats -- at 
every network endpoint. This information-packed kit, from the pros at 
PatchLink, also shows you how to reduce IT workload by automating the 
installation of critical patches while being confident that all 
installed patches are pre-tested – without having to do the testing. 
Click here to get your Free "Automating Patch Management" Kit now, 
and learn how to ease one of your biggest IT burdens. Download your 
Free Kit at:
   http://list.windowsitpro.com/t?ctl=5BCD:4FB69 

====================

==== 1. In Focus: Yet Another Linux vs. Windows Report ====
   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

How many reports and related news stories have you read that allege 
they will reveal that Linux is more secure than Windows or vice 
versa? Get set for yet another one. 

A recent news story, "Controversial Report Finds Windows More Secure 
than Linux," discusses a soon-to-be released report by a research 
professor at Florida Institute of Technology's College of Engineering 
and a director of research at a security technology provider. The 
report will compare Windows 2003 Server and Red Hat Enterprise Linux 
ES 3.0. As you might expect, the report is causing a stir of debate 
even before its release. 

There are problems with these kinds of comparison reports and their 
related news stories. One problem is that the media often generalize 
to the point that they propagate misinformation to the unknowing. For 
example, some people might not know that there are multiple versions 
of Linux, just as there are multiple versions of Windows. Dozens of 
entities produce their own unique brands of Linux, updating these 
brands with new versions over time. A statement such as "Windows is 
more secure than Linux" is broad to the point of being meaningless.

Another problem with the comparative reports is that they lack 
adequate context. The researchers often seem somewhat blind to other 
factors that play a key role in the risk in using any OS or 
application. 

According to the news story, the research report covers (among other 
information) statistics about the vulnerabilities that were found in 
each platform during 2004. Certainly that kind of information helps 
determine the overall security of an OS, but other data is necessary 
to put such reports in context. Among the data should be the answers 
to such questions as: How many security researchers were looking for 
security bugs and in what time frame? In which OS version were they 
looking? How much time did they spend on such efforts? What were 
their capabilities and what tools did they have at their disposal? 

Obviously, if less collective time is spent looking for security 
problems in a platform, then the probability is high that fewer 
problems will be found in that platform. Likewise, if more time is 
spent looking for problems in a platform, then the probability of 
discovering more problems in that platform increases. Applications 
also play a key role in the security of a platform. So data could be 
gathered about application vulnerabilities and how they've affected 
overall security. 

Equally as important, if not even more important, is the question of 
what motivates intruders and the makers of malware. How did these 
people spend their time? What OSs did they target most often and why?

Another set of interesting questions relate to how many of the cited 
vulnerabilities can be mitigated using configuration changes or 
defenses that are (or should) already be in place. For example, 
could a simple configuration change or a border or desktop firewall 
or Intrusion Prevention System (IPS) adequately defend against a 
particular vulnerability? 

None of this type of data is offered in any comparative reports that 
I know of. Yet all these questions should come into play when 
researching for security comparison purposes because this data would 
provide a much more complete picture of how much risk is involved in 
using a particular piece of software, whether it be an OS, a related 
service, or an application. Without this kind of data to offer a 
larger context, these comparative reports are far less useful than 
their production and associated media coverage imply. If you know of 
a report that includes this sort of context, please let me know about 
it. I'd surely like to read it.

====================

==== Sponsor: Lieberman Software ====

Security on All Workstations Compromised in Minutes
   In just a few minutes any of your domain users could become the 
administrator of ALL your machines without your knowledge. A quick 
search of Google.com for password crackers is all it takes. There is 
a solution. Download our guide to plugging the DISTRIBUTED 
CREDENTIALS FLAW in Windows. Our Random Password Generator + (New) 
Web Based Delegated Password Recovery Console automatically solve 
the common administrator account/password flaw that your 
workstations suffer from. We have a wide range of tools to beef up 
your workstation and server security. Contact us for a free demo.
   http://list.windowsitpro.com/t?ctl=5BCE:4FB69 

====================

==== 2. Security News and Features ====

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at
   http://list.windowsitpro.com/t?ctl=5BC3:4FB69

Help Writing an Incident Response Plan
   Do you have a plan in place for responding to security incidents? 
If not, a newly published outline can help you get started writing 
such a plan for your business. 
   http://list.windowsitpro.com/t?ctl=5BC7:4FB69

CyberGuard Acquires Zix Security Assets
   CyberGuard announced that it has acquired Zix's antispam, 
antivirus, and URL filtering assets for approximately $4 million in 
cash. CyberGuard will integrate Zix's technology into its Webwasher 
business and hopes to gain new customers through cross-selling to 
users of Zix products.
   http://list.windowsitpro.com/t?ctl=5BC8:4FB69

====================

==== Resources and Events ====

Improve Service Levels and Maximize IT Staff Efficiency
   Keeping your IT infrastructure on course can be a challenge given 
the complexity of servers, infrastructure, and application software. 
In this free Web seminar, learn practical techniques to monitor and 
manage your infrastructure applications, such as Active Directory 
and Exchange.
   http://list.windowsitpro.com/t?ctl=5BBC:4FB69

Get Ready for SQL Server 2005 Roadshow in a City Near You
   Get the facts about migrating to SQL Server 2005. SQL Server 
experts will present real-world information about administration, 
development, and business intelligence to help you implement a best-
practices migration to SQL Server 2005 and improve your database 
computing environment. Receive a 1-year membership to PASS and 1-year 
subscription to SQL Server Magazine. Register now!
   http://list.windowsitpro.com/t?ctl=5BBF:4FB69

Don't Miss Out--SQL Server Administration for Oracle DBAs On-Demand 
Web Seminar
   Sign up now for this free Web seminar and get a quick start in 
mapping Oracle database-management skills, knowledge, and experience 
to SQL Server database management. Learn about the varying 
similarities and differences between Oracle and SQL Server and get a 
preview of real-world tips and techniques for managing these 
associated technologies. Register now!
   http://list.windowsitpro.com/t?ctl=5BBA:4FB69

Exchange, Retention, and Regulatory Compliance
   The advent of Sarbanes-Oxley, Gramm-Leach-Bliley, and assorted 
market-specific regulations means that you may be legally required 
to have an email compliance and retention policy. In this free Web 
seminar, Exchange MVP Paul Robichaux will teach you to discover, 
manage, and archive information within your Exchange enterprise to 
successfully limit your legal exposure and protect your corporate 
information. Sign up today!
   http://list.windowsitpro.com/t?ctl=5BBE:4FB69

New eBook--Windows Certification and Public Keys
   PKI services are increasingly important in today's IT environment. 
PKI offers strong security services to internal and external users, 
computers, and applications. In this free eBook, you'll discover a 
starting point for understanding the PKI and certificate services 
available in Windows Server 2003. Download it now and learn about 
trust relationships, validating digital certificates, and more.
   http://list.windowsitpro.com/t?ctl=5BBB:4FB69 

====================

==== Hot Release ====

Try it Free – New NetOp Remote Control v8.0 – Faster, more secure, 
remote access & support, PC inventory, file transfers and scripting. 
New Remote Management Console and security options to help you meet 
today's auditing and compliancy requirements. NetOp - Nothing comes 
remotely close. Try it today.
   http://list.windowsitpro.com/t?ctl=5BB9:4FB69 

====================

==== 3. Security Toolkit ==== 

Security Matters Blog 
   by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=5BCC:4FB69

Is Your Mail Server on a Blacklist?
   Ever wonder if your mail server somehow wound up on a blacklist? 
I've found a tool that checks dozens of blacklist service databases 
for a server's IP address in one fell swoop. 
   http://list.windowsitpro.com/t?ctl=5BC5:4FB69

FAQ
   by John Savill, http://list.windowsitpro.com/t?ctl=5BCA:4FB69 

Q: Under which user accounts do the various Group Policy scripts run?

Find the answer at
   http://list.windowsitpro.com/t?ctl=5BC6:4FB69

Security Forum Featured Thread
   A forum participant is having trouble installing OpenSSH on Windows 
2003 Server. He's reasonably sure that he's set all NTFS permissions 
correctly (allowing read and write on working folders and read and 
execute on program folders). But he can't connect to an OpenSSH Secure 
FTP (SFTP) server using known SFTP clients (such as FileZilla or PuTTY 
SFTP--PSFTP). He can clearly see in the Application log that OpenSSH 
recognizes the user and authenticates the session by confirming that 
the right password has been used, but the logon attempt fails anyway. 
Join the discussion at 
   http://list.windowsitpro.com/t?ctl=5BC1:4FB69

====================

==== Announcements ====
   (from Windows IT Pro and its partners)

Get Windows IT Pro at 44% Off!
   Windows & .NET Magazine is now Windows IT Pro! Act now to get an 
entire year for just $39.95--that's 44% off the cover price! Our 
March issue shows you what you need to know about Windows Server 2003 
SP1, how to get the best out of your IT staff, and how to fight 
spyware. Plus, we review the top 10 features of Mozilla Firefox 1.0. 
This is a limited-time, risk-free offer, so click here now:
   http://list.windowsitpro.com/t?ctl=5BC9:4FB69

Vote for the Next MCP Hall of Famer
   Help decide who the most valuable member of the MCP community is. 
Take the time to reward excellence to those that deserve it and to 
make yourself a part of the first-ever MCP Hall of Fame. Voting only 
takes a few seconds, so cast your vote now for Round 2. Click here:
   http://list.windowsitpro.com/t?ctl=5BC2:4FB69 

====================

==== 4. New and Improved ====
   by Renee Munshi, products at windowsitpro.com

Fine-Tuning Permissions
   DesktopStandard (formerly AutoProf) offers PolicyMaker Application 
Security (PMAS), a Group Policy Management Console (GPMC) add-on that 
lets network administrators enforce the "least privilege" security 
principle on Windows desktops. PMAS makes it possible to reduce or 
elevate permissions on a per-application or per-task basis. Pricing 
starts at $25 per seat for enterprises with up to 500 computers; 
volume discounts are available for larger organizations. PolicyMaker 
supports Windows 2003 Server/XP/2000, Windows Terminal Services, 
Citrix MetaFrame, and all versions of Microsoft Outlook, Microsoft 
Office, and Microsoft Internet Explorer (IE). For more information, 
go to
   http://list.windowsitpro.com/t?ctl=5BD0:4FB69

Tell Us About a Hot Product and Get a T-Shirt!
   Have you used a product that changed your IT experience by saving 
you time or easing your daily burden? Tell us about the product, and 
we'll send you a T-shirt if we write about the product in a future 
Windows IT Pro What's Hot column. Send your product suggestions with 
information about how the product has helped you to 
   whatshot at windowsitpro.com.

Editor's note: Share Your Security Discoveries and Get $100
   Share your security-related discoveries, comments, or problems and 
solutions in the Windows IT Security print newsletter's Reader to 
Reader column. Email your contributions (500 words or less) to 
r2rwinitsec at windowsitpro.com. If we print your submission, you'll 
get $100. We edit submissions for style, grammar, and length.

====================

==== Sponsored Links ====

Exclusive Online Event: Email Protection at the Perimeter!
   Sign up today for this free online product demonstration and see 
the ePrism M500 from St. Bernard Software in action.
   http://list.windowsitpro.com/t?ctl=5BBD:4FB69

====================

==== Contact Us ==== 

About the newsletter -- letters at windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=5BCF:4FB69
About product news -- products at windowsitpro.com
About your subscription -- windowsitproupdate at windowsitpro.com
About sponsoring Security UPDATE -- emedia_opps at windowsitpro.com

====================

This email newsletter is brought to you by Windows IT Security, 
the leading publication for IT professionals securing the Windows 
enterprise from external intruders and controlling access for 
internal users. Subscribe today.
   http://list.windowsitpro.com/t?ctl=5BC4:4FB69

View the Windows IT Pro privacy policy at
   http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2005, Penton Media, Inc. All rights reserved.