[ISN] Security UPDATE -- Add VMware Player to Your Security Toolkit
-- October 26, 2005
InfoSec News
isn at c4i.org
Thu Oct 27 03:12:15 EDT 2005
====================
This email newsletter comes to you free and is supported by the
following advertisers, which offer products and services in which
you might be interested. Please take a moment to visit these
advertisers' Web sites and show your support for Security UPDATE.
CDW. The Technology You Need When You Need It.
http://list.windowsitpro.com/t?ctl=179A6:4FB69
Bindview
http://list.windowsitpro.com/t?ctl=17987:4FB69
====================
1. In Focus: Add VMware Player to Your Security Toolkit
2. Security News and Features
- Recent Security Vulnerabilities
- Exchange Server 2003 SP2 Improves Security
- Multiple Vulnerabilities in Oracle Products
- Buffer Overflow Vulnerability in Snort and Sourcefire
- Secure Your Wireless Network
3. Security Toolkit
- Security Matters Blog
- FAQ
- Security Forum Featured Thread
4. New and Improved
- Secure IM for Mobile Users
====================
==== Sponsor: CDW ====
CDW. The Technology You Need When You Need It.
It takes a lot to keep up with today's business. Starting with
today's technology. Our account managers and product specialists can
get you quick answers to any questions you might have. So visit us
online and find out first hand how we make it happen. Every order,
every visit, every time. No matter what you need in technology, you can
count on CDW for the right technology, right away.
http://list.windowsitpro.com/t?ctl=179A6:4FB69
====================
==== 1. In Focus: Add VMware Player to Your Security Toolkit
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
VMware is a tool that lets you run various OSs as virtual machines
(VMs) on a single computer. The Windows IT Pro Web site has many
articles about VMware, which you can find listed at
http://list.windowsitpro.com/t?ctl=1798C:4FB69
I've been testing VMware Workstation lately, and last week I woke up to
a pleasant surprise. While doing a little early morning blog surfing, I
came across a blog I hadn't read before called Wubble. As it turns out,
the blog author, Philip Langdale, works at VMware.
In a blog entry, "VMs for Everyone!" (at the first URL below), I
learned that during the VMworld 2005 conference in Las Vegas (Oct. 18-
20), VMware released a new standalone tool, VMware Player (at the
second URL below). If you've used VMware Workstation, the VMware
servers, or VMware ACE (Assured Computing Environment), then you know
how incredibly useful VMware is. The new Player (which will also ship
with the upcoming VMware Workstation 5.5) is equally useful for two
particular reasons. First, it lets you run existing VMs created by
other VMware tools and supports VMs created with Microsoft Virtual
Server as well as Symantec LiveState Recovery snapshots. Second, it's
free.
http://list.windowsitpro.com/t?ctl=179A4:4FB69
http://list.windowsitpro.com/t?ctl=179A2:4FB69
As with many free tools, VMware Player has some limitations. For
example, you can't create new VMs and you can't add new hardware to a
VM. You can learn about other limitations in VMware's comparison chart.
http://list.windowsitpro.com/t?ctl=17996:4FB69
Even with some limitations, VMware Player is a great offering. As you
might suspect, you can use it to run Windows, Linux, Novell NetWare,
Sun Microsystems Solaris, and FreeBSD as guest OSs. Another nice thing
is that if you don't have a VM to run in VMware Player or don't want to
create one, you can download one from VMware's Web site. Available are
VMs for Novell Linux Desktop, Novell SUSE Linux Enterprise Server, and
Red Hat Enterprise Linux, plus several other VMs provided by various
application vendors. VMware also provides a VM based on Ubuntu Linux
that's configured as a Browser Appliance and designed to let you surf
the Internet while protecting your underlying OS from malware.
http://list.windowsitpro.com/t?ctl=179A5:4FB69
If you've run a honeypot or a honeymonkey or had to test various
software and tools, you probably know (or can imagine) how using a VM
can be of great benefit. For example, you can build your honeypot on
any supported OS and run it inside a VM. Then if the honeypot is
compromised, it's not a problem--just shut down the VM and restart it
again, and any changes made by an intruder are gone. The same goes for
running a honeymonkey or testing spyware and other forms of malware.
Plus, you can run Linux-based security tools on a Windows desktop by
loading them into a Linux-based VM. With VMware Player, you can extend
your use to other systems quickly and easily--and that's what makes
VMware Player a great addition for your security toolkit. Check it out.
====================
==== Sponsor: Bindview ====
Learn To Sort Through Sarbanes-Oxley, HIPAA And More Legislation
Quicker And Easier! In this free white paper, get the tips you've been
looking for to save time and money in achieving IT security and
regulatory compliance. Find out how you can simplify these manually
intensive, compliance-related tasks that reduce IT efficiency. Turn
these mandates into automated and cost effective solutions--Download
your copy today!
http://list.windowsitpro.com/t?ctl=17987:4FB69
====================
==== 2. Security News and Features ====
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at
http://list.windowsitpro.com/t?ctl=17991:4FB69
Exchange Server 2003 SP2 Improves Security
Microsoft released Exchange Server 2003 Service Pack 2 (SP2), which
includes a number of new features, including some security
enhancements. Learn about the new features in a news story on our Web
site (at the first URL below), in Paul Robichaux's article "Exchange
Server 2003 SP2 Ships" (at the second URL below), and in Tony Redmond's
article "Exploring Exchange 2003 Service Pack 2" (at the third URL
below).
http://list.windowsitpro.com/t?ctl=1799D:4FB69
http://list.windowsitpro.com/t?ctl=17999:4FB69
http://list.windowsitpro.com/t?ctl=1799C:4FB69
Multiple Vulnerabilities in Oracle Products
Multiple high-risk vulnerabilities exist in Oracle9i Database
Server, Oracle Database Server 10g, and many other Oracle products.
They consist of one buffer overflow condition and numerous possible SQL
injection attacks, many of which could be exploited by an intruder to
gain complete control of the products. Oracle released a Critical Patch
Update (at the URL below) to correct many (but not all) of the
problems.
http://list.windowsitpro.com/t?ctl=17990:4FB69
Buffer Overflow Vulnerability in Snort and Sourcefire
Internet Security Systems (ISS) X-Force discovered a buffer overflow
vulnerability in Snort, which according to ISS also affects
Sourcefire--the commercial version of Snort. The vulnerability exists
in the Back Orifice preprocessor; systems that don't use Back Orifice
aren't affected. Snort 2.4.3 was released to correct the problem. For
more details about the problem in Snort, read the announcement on the
Snort.org Web site (first URL below) and ISS's advisory at the second
URL below. At the time of this writing, no information was available
about updates to Sourcefire.
http://list.windowsitpro.com/t?ctl=1799F:4FB69
http://list.windowsitpro.com/t?ctl=179A1:4FB69
Secure Your Wireless Network
Along with the benefits of wireless networks comes a need to keep
them secure. John Howie gives you a look at some practical steps you
can take to secure your wireless networks, methods to automate
configuration-setting deployment, and tools you can use to probe for
unsecured and unauthorized wireless networks.
http://list.windowsitpro.com/t?ctl=1799A:4FB69
====================
==== Resources and Events ====
Get Ready for the SQL Server 2005 Roadshow in Europe--Get the facts
about migrating to SQL Server 2005!
SQL Server experts will present real-world information about
administration, development, and business intelligence to help you
implement a best-practices migration to SQL Server 2005 and improve
your database-computing environment. Receive a one-year membership to
PASS and one-year subscription to SQL Server Magazine. Register now.
http://list.windowsitpro.com/t?ctl=1798B:4FB69
Exploit the Opportunities of a Wireless Fleet
With the endless array of mobile and wireless devices and
applications, it's hard to decide what you can do with the devices
beyond providing mobile email access. It's even tougher to know how to
keep it all secure. Join industry guru Randy Franklin Smith in this
free Web seminar and discover what you should do to leverage your
mobile and wireless infrastructure, how to pick devices that are right
for you, and more!
http://list.windowsitpro.com/t?ctl=1798A:4FB69
Get the Most from Your Infrastructure by Consolidating Servers and
Storage
Improved utilization of existing networking resources and server
hardware let you allocate money and time where they're needed most. In
this free Web seminar, learn to optimize your existing infrastructure
with the addition of server and storage consolidation software and
techniques. You'll get the jumpstart you need to evaluate the
suitability and potential of your computing environments for the added
benefits that consolidation technology can provide.
http://list.windowsitpro.com/t?ctl=17989:4FB69
Deploy VoIP and FoIP Technologies--Win a Starbucks Gift Card
Voice over Internet Protocol (VoIP) is the future of
telecommunications and many companies are already enjoying the benefits
of using voice over IP networks to significantly reduce telephone and
facsimile costs. Join industry expert David Chernicoff for this free
Web seminar to learn the ins and outs of boardless fax in IP
environments, tips for rolling out fax and integrating fax with
telephony technologies, and more. Attend, and you could win a Starbucks
gift card!
http://list.windowsitpro.com/t?ctl=1798F:4FB69
What Does It Mean to Be Compliant?
We've all heard about legal and regulatory requirements, but there
are other types of compliance that might also affect you--specifically
email compliance. In this free Web seminar, you'll get insights into
compliance and policy issues that you need to know about, as well as
suggestions on what to look for when implementing your compliance
strategy and more! Register today!
http://list.windowsitpro.com/t?ctl=1798E:4FB69
All High Availability Solutions Are Not Created Equal--How Does Yours
Measure Up?
In this free, on-demand Web seminar you'll get the tools you need to
ensure your systems don't go down. You'll learn what solutions help you
take preemptive, corrective action without resorting to a full system
failover, that perform a nondisruptive, automatic switchover to a
secondary server in extreme cases.
http://list.windowsitpro.com/t?ctl=17988:4FB69
====================
==== Featured White Paper ====
Dashboard Development and Deployment--A Methodology for Success
Business information carries little value unless it reaches the
right person at the right time. This free white paper tells you what
you need to know to remain competitive while improving the speed and
quality of decision-making. Learn how a well-designed dashboard can
provide critical information to decision makers, enable them to monitor
the health of your organization and bring immediate ROI to your
business.
http://list.windowsitpro.com/t?ctl=1798D:4FB69
====================
==== Hot Release ====
Audit your Network for Security Weaknesses
Are you confident your network is secure? Get a free network
security check from Qualys and find out the necessary fixes to
proactively guard your network. No software downloads required.
Make sure your network is secure. Get a Free Trial today!
http://list.windowsitpro.com/t?ctl=17997:4FB69
====================
==== 3. Security Toolkit ====
Security Matters Blog: New Linksys Wireless Adapter Puts a Wi-Fi
Scanner in Your Pocket
by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=179A0:4FB69
The new Linksys Wireless-G USB Network Adapter with Wi-Fi Finder is a
really slick and innovative product. It has a built-in wireless scanner
to detect available networks, and it works as a standalone unit so you
can detect 802.11b/g networks before you power up your laptop. Having
one of these is sort of like having NetStumbler in a device the size of
a pack of gum! Check it out in this blog entry.
http://list.windowsitpro.com/t?ctl=1799B:4FB69
FAQ
by John Savill, http://list.windowsitpro.com/t?ctl=1799E:4FB69
Q: How can I redirect Microsoft Outlook profiles during cross-
Administrator group mailbox migrations?
Find the answer at
http://list.windowsitpro.com/t?ctl=17998:4FB69
Security Forum Featured Thread: Automate Setting ACLs on Folders
A forum participant wants to know how to configure a Linksys router,
which is connected to a Zyxel DSL modem, so that it will work with a
proxy server to filter unwanted sites. The writer has built a similar
configuration before, but now an application keeps presenting a
connection error. Join the discussion at:
http://list.windowsitpro.com/t?ctl=17986:4FB69
====================
==== Announcements ====
(from Windows IT Pro and its partners)
Become a VIP Subscriber!
Get inside access to ALL the articles, tools, and helpful resources
published in Windows IT Pro, SQL Server Magazine, Exchange and Outlook
Administrator, Windows Scripting Solutions, and Windows IT Security--
that's more than 26,000 articles at your fingertips. Your VIP
subscription also includes a valuable one-year print subscription to
Windows IT Pro and two VIP CDs (includes the entire article database on
CD). Sign up now:
http://list.windowsitpro.com/t?ctl=17993:4FB69
The Windows IT Security Newsletter
We've expanded our content to include even more fundamentals on
building and maintaining a secure enterprise. Each issue features in-
depth product coverage of the best security tools available, including
expert advice on the best way to implement various security components.
Plus, paid subscribers now get online access to our entire online
security article database (more than 1900 articles). Order now:
http://list.windowsitpro.com/t?ctl=17994:4FB69
====================
==== 4. New and Improved ====
by Renee Munshi, products at windowsitpro.com
Secure IM for Mobile Users
Akonix Systems announced L7 Remote User Agent, which provides IM
security and logging capabilities for mobile employees. When deployed
on a laptop, L7 Remote User Agent monitors IM use and ensures that all
IM activity is secured and logged by Akonix L7 Enterprise, minimizing
risks of attack or noncompliance through unsecured IM access. L7 Remote
User Agent supports all public IMs--AOL's AIM, Yahoo! Messenger, MSN
Messenger, ICQ, and Google Talk--and Windows Server 2003/XP/2000. For
more information, go to
http://list.windowsitpro.com/t?ctl=179A7:4FB69
Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving
you time or easing your daily burden? Tell us about the product, and
we'll send you a T-shirt if we write about the product in a future
Windows IT Pro What's Hot column. Send your product suggestions with
information about how the product has helped you to
whatshot at windowsitpro.com.
Editor's note: Share Your Security Discoveries and Get $100
Share your security-related discoveries, comments, or problems and
solutions in the Windows IT Security print newsletter's Reader to
Reader column. Email your contributions (500 words or less) to
r2rwinitsec at windowsitpro.com. If we print your submission, you'll
get $100. We edit submissions for style, grammar, and length.
====================
==== Contact Us ====
About the newsletter -- letters at windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=179A3:4FB69
About product news -- products at windowsitpro.com
About your subscription -- windowsitproupdate at windowsitpro.com
About sponsoring Security UPDATE -- salesopps at windowsitpro.com
====================
This email newsletter is brought to you by Windows IT Security,
the leading publication for IT professionals securing the Windows
enterprise from external intruders and controlling access for
internal users. Subscribe today.
http://list.windowsitpro.com/t?ctl=17995:4FB69
View the Windows IT Pro privacy policy at
http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2005, Penton Media, Inc. All rights reserved.
More information about the ISN
mailing list