[ISN] Security UPDATE, January 15, 2003

From: InfoSec News (isnat_private)
Date: Wed Jan 15 2003 - 23:09:35 PST

  • Next message: InfoSec News: "Re: [ISN] 'Sanitized' hard drives prove data trove"

    ********************
    Windows & .NET Magazine Security UPDATE--brought to you by Security
    Administrator, a print newsletter bringing you practical, how-to
    articles about securing your Windows .NET Server, Windows 2000, and
    Windows NT systems.
       http://www.secadministrator.com
    ********************
    
    ~~~~ THIS ISSUE SPONSORED BY ~~~~
    
    Experience How Real Time Monitoring Will Benefit YOU
       http://list.winnetmag.com/cgi-bin3/flo?y=ePEP0CJgSH0CBw07Ln0A7
    
    Microsoft Mobility Tour
       http://list.winnetmag.com/cgi-bin3/flo?y=ePEP0CJgSH0CBw06Kw0AF
       (below IN FOCUS)
    
    ~~~~~~~~~~~~~~~~~~~~
    
    ~~~~ SPONSOR: EXPERIENCE HOW REAL TIME MONITORING WILL BENEFIT YOU ~~~~
       A proactive Security Administrator installed TNT Software's ELM
    Enterprise Manager 3.0 on his critical servers to assess the benefits
    of real time monitoring. During the first week, EEM 3.0 paged him as a
    disgruntled employee attempted to access confidential files, emailed
    him during a port scan attack, and automatically restarted a failed
    anti-virus service. As a result, ELM Enterprise Manager was purchased
    and fully deployed during the second week. Download your FREE 30 day
    full feature evaluation copy today and experience how real time
    monitoring will benefit YOU.
       http://list.winnetmag.com/cgi-bin3/flo?y=ePEP0CJgSH0CBw07Ln0A7
    ~~~~~~~~~~~~~~~~~~~~
    
    January 15, 2003--In this issue:
    
    1. IN FOCUS
         - Security Initiatives and Windows Server 2003
    
    2. ANNOUNCEMENTS
         - InfoSec World Conference and Expo/2003
         - Windows Scripting Solutions for the Systems Administrator
         - Back by Popular Demand--Don't Miss Our Security Road Show
           Event!
    
    3. SECURITY ROUNDUP
         - News: Lirva Worm Might Spoof Microsoft Security Bulletin
         - News: Finjan Software Acquires Alchemedia Technologies
         - News: Microsoft Releases ISA Server 2000 Feature Pack 1
    
    4. SECURITY TOOLKIT
         - Virus Center
         - FAQ: How Can I Prevent Windows XP's Network Bridge Feature from
           Forwarding Network Packets?
         - Event Highlight: Smart Card Alliance Mid-Winter Conference
    
    5. NEW AND IMPROVED
         - Assess Windows Server Security
         - Secure Your Desktops
         - Submit Top Product Ideas
    
    6. HOT THREAD
         - Windows & .NET Magazine Online Forums
             - Featured Thread: Tool for ACL Comparison and Changes
          - HowTo Mailing List:
             - Featured Thread: Sharing XP Folders in a Workgroup
     
    7. CONTACT US
       See this section for a list of ways to contact us.
    
    ~~~~~~~~~~~~~~~~~~~~
    
    1. ==== IN FOCUS ====
       (contributed by Mark Joseph Edwards, News Editor,
    markat_private)
    
    * SECURITY INITIATIVES AND WINDOWS SERVER 2003
    
    As I wrote in last week's Security UPDATE, Microsoft has been working
    on its Trustworthy Computing initiative. The initiative involves
    addressing concerns customers have about the security of Microsoft
    products, especially the issues customers encounter most frequently.
    To address those concerns, Microsoft has developed a strategy called
    SD3+C--Secure by Design, Secure by Default, Secure in Deployment, and
    Communications.
    
    Secure by Design means better-designed products, more thorough testing
    and approval processes before release, and more security features. As
    you know, Microsoft stopped development on Windows Server 2003 for 2
    months while the company focused attention on matters such as employee
    training and product redesign.
    
    The company changed some of the server architecture to improve
    security. For example, the Web listener is no longer part of the
    kernel. Also, at a lower level of architecture, Microsoft has improved
    the server's compilers and changed code-development processes such as
    the thread-modeling processes. In addition, teams must review and test
    code to ensure quality--reviews that can stop a product's release
    until developers change the code.
    
    Secure by Default emphasizes not exposing aspects of functionality
    unless an administrator wants them exposed. For example, Microsoft IIS
    and many other services are no longer active by default. Microsoft has
    added two new accounts for network access and local system access to
    offer administrators more ways to limit service exposure. In addition,
    people can't use blank passwords to authenticate to network services.
    
    Microsoft is taking several steps in the areas of Secure by Deployment
    and Communications. One such step is to offer users more documentation
    to help architect their particular data centers. Another step is to
    continue building enterprise customer communications, a response to
    enterprise customers who assert that they don't have enough
    communication with Microsoft. But SD3+C contains much more than I can
    discuss here; you can read about SD3+C's overall premises on
    Microsoft's Web site.
       http://www.microsoft.com/enterprise/articles/security.asp
    
    You might already be aware of some of the matters I mention above.
    However, on January 27, Microsoft will begin briefing the press in
    more detail about its security innovations in Windows 2003. Stay
    tuned, and I hope I'll be able to fill you in on new details in that
    week's edition of Security UPDATE.
     
    Meanwhile, take advantage of some new documentation Microsoft has made
    available on its Microsoft Developer Network (MSDN) Web site. In
    November 2002, Microsoft published the online book "Building Secure
    ASP.NET Applications: Authentication, Authorization, and Secure
    Communication." Chapters include Security Model for ASP.NET
    Applications, Authentication and Authorization, Secure Communication,
    Intranet Security, Extranet Security, Internet Security, ASP.NET
    Security, Enterprise Services Security, Web Services Security,
    Remoting Security, Data Access Security, and Troubleshooting Security
    Issues. In December, Microsoft published "Building and Configuring
    More Secure Web Sites," a paper that discusses best practices for
    Windows 2000 Advanced Server, Internet Information Services (IIS) 5.0,
    Microsoft SQL Server 2000, and the Microsoft .NET Framework.
       http://msdn.microsoft.com/library/en-us/dnnetsec/html/secnetlpMSDN.asp
       http://msdn.microsoft.com/library/en-us/dnnetsec/html/openhack.asp?frame=true
    
    Be sure to check out these resources. Also, stop by the .NET Security
    Web site to see what else you might find useful.
       http://msdn.microsoft.com/nhp/default.asp?contentid=28001369
    
    ~~~~~~~~~~~~~~~~~~~~
    
    ~~~~ SPONSOR: MICROSOFT MOBILITY TOUR ~~~~
       THE MICROSOFT MOBILITY TOUR IS COMING SOON TO A CITY NEAR YOU!
       Brought to you by Windows & .NET Magazine, this outstanding
    seven-city event will help support your growing mobile workforce!
    Industry guru Paul Thurrott discusses the coolest mobility hardware
    solutions around, demonstrates how to increase the productivity of
    your "road warriors" with the unique features of Windows XP and Office
    XP, and much more. There is no charge for these live events, but space
    is limited so register today!
       http://list.winnetmag.com/cgi-bin3/flo?y=ePEP0CJgSH0CBw06Kw0AF
    ~~~~~~~~~~~~~~~~~~~~
    
    2. ==== ANNOUNCEMENTS ====
       (brought to you by Windows & .NET Magazine and its partners)
    
    * INFOSEC WORLD CONFERENCE AND EXPO/2003
       MIS Training Institute's InfoSec World Conference and Expo/2003
    will be held in Orlando, FL, March 10-12, 2003, with optional
    workshops on March 8, 9, 12, 13, and 14. InfoSec World will cover
    today's need-to-know topics and deliver proven strategies for
    protecting your systems. For details and to register, visit:
       http://list.winnetmag.com/cgi-bin3/flo?y=ePEP0CJgSH0CBw07Lo0A8
    
    * WINDOWS SCRIPTING SOLUTIONS FOR THE SYSTEMS ADMINISTRATOR
       You might not be a programmer, but that doesn't mean you can't
    learn to create and deploy timesaving, problem-solving scripts.
    Discover Windows Scripting Solutions, the monthly print publication
    that helps you tackle common problems and automate everyday tasks with
    simple tools, tricks, and scripts. Try a sample issue today at
       http://list.winnetmag.com/cgi-bin3/flo?y=ePEP0CJgSH0CBw06ob0AU
    
    * BACK BY POPULAR DEMAND--DON'T MISS OUR SECURITY ROAD SHOW EVENT!
       If you missed last year's popular security road show event, now is
    your chance to catch it again in Portland, Oregon, and Redmond. Learn
    from experts Mark Minasi and Paul Thurrott about how to shore up your
    system's security and what desktop security features are planned for
    Microsoft .NET and beyond. Registration is free so sign up now!
       http://list.winnetmag.com/cgi-bin3/flo?y=ePEP0CJgSH0CBw07Kz0AJ
    
    3. ==== SECURITY ROUNDUP ====
    
    * NEWS: LIRVA WORM MIGHT SPOOF MICROSOFT SECURITY BULLETIN
       New variants of the worm Lirva are spreading around the Internet
    infecting users of Microsoft Outlook. The worm is dangerous in that it
    can shut down antivirus and firewall software and overwrite Microsoft
    Word, Excel, and PowerPoint files, leaving the file sizes at 0KB,
    which renders the files unrecoverable without a backup.
       http://www.wininformant.com/articles/index.cfm?articleid=37662
     
    * NEWS: FINJAN SOFTWARE ACQUIRES ALCHEMEDIA TECHNOLOGIES
       Finjan Software announced that it has acquired Dallas-based
    Alchemedia Technologies. The acquisition includes the customer base,
    intellectual property, and products. Alchemedia's flagship product,
    Mirage, offers Digital Rights Management (DRM) to documents.
       http://www.secadministrator.com/articles/index.cfm?articleid=37644
    
    * NEWS: MICROSOFT RELEASES ISA SERVER 2000 FEATURE PACK 1
       Microsoft has announced the release of Internet Security and
    Acceleration (ISA) Server 2000 Feature Pack 1, a set of add-ons that
    enhance security for Microsoft Exchange Server, IIS, and Outlook Web
    Access (OWA) and improve ease of use for administrators.
       http://www.secadministrator.com/articles/index.cfm?articleid=37583
    
    4. ==== SECURITY TOOLKIT ====
    
    * VIRUS CENTER
       Panda Software and the Windows & .NET Magazine Network have teamed
    to bring you the Center for Virus Control. Visit the site often to
    remain informed about the latest threats to your system security.
       http://www.secadministrator.com/panda
    
    * FAQ: HOW CAN I PREVENT WINDOWS XP'S NETWORK BRIDGE FEATURE FROM
    FORWARDING NETWORK PACKETS?
       ( contributed by John Savill, http://www.windows2000faq.com )
    
    A. The Network Bridge feature in XP Professional and XP Home Edition
    can forward network packets; however, this capability can cause major
    problems on some networks. To permanently disable packet forwarding,
    perform the following steps:
       1. Start a registry editor (e.g., regedit.exe).
       2. Navigate to the
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\BridgeMP registry
     subkey.
       3. From the Edit menu, select New, DWORD Value; enter the name
    DisableForwarding; then press Enter.
       4. Double-click the new value, set it to 1, then click OK.
       5. Close the registry editor.
       6. Reboot the machine for the change to take effect.
    
    * EVENT HIGHLIGHT: SMART CARD ALLIANCE MID-WINTER CONFERENCE
       February 12 through February 13, 2003
       Salt Lake City, Utah
    
    "Identity: Technology and Policy Issues of Trust" addresses how we
    protect our identities and minimize the risks to our privacy. Expert
    panels will examine the specific roles in which individuals use their
    identities--as public citizens (such as crossing borders, at airports,
    in voting booths); as corporate citizens (accessing buildings,
    networks, private databases); and as private citizens (in retail
    stores, on the Internet, and using wireless devices). For more
    information, go to
       http://www.smartcardalliance.org
    
    5. ==== NEW AND IMPROVED ====
       (contributed by Sue Cooper, productsat_private)
    
    * ASSESS WINDOWS SERVER SECURITY
       Winzero Custom Solutions released ACLReporter, security assessment
    and reporting software for your NTFS file, folder, and share data.
    ACLReporter lets you perform security permission searches and gather
    security information from remote servers in realtime or when they're
    offline. Supports Windows Server 2003, Windows 2000, and Windows NT
    servers. An enterprise license for unlimited servers and users is $695
    until January 31, 2003. Contact Winzero Custom Solutions at
    604-736-7395 in Canada, at 973-439-6908 in the United States, or at
    salesat_private
       http://www.winzero.ca
    
    * SECURE YOUR DESKTOPS
       Anfibia announced Deskman 5.2, a Windows desktop security tool that
    gives you control over your users' desktop components. Deskman
    features include encrypted profiles, authentication procedures, and
    Windows NT service implementation. Deskman 5.2 now offers a new
    password policy and the ability to protect access to drives. Contact
    Anfibia at salesat_private
       http://www.anfibia.net
    
    * SUBMIT TOP PRODUCT IDEAS
       Have you used a product that changed your IT experience by saving
    you time or easing your daily burden? Do you know of a terrific
    product that others should know about? Tell us! We want to write about
    the product in a future What's Hot column. Send your product
    suggestions to whatshotat_private
    
    6. ==== HOT THREAD ====
    
    * WINDOWS & .NET MAGAZINE ONLINE FORUMS
       http://www.winnetmag.com/forums
    
    Featured Thread: Tool for ACL Comparison and Changes
       (Two messages in this thread)
    
    A user writes that he's seeking a tool that will compare current
    folder and file ACLs against a database, then apply ACL changes to all
    files and folders that don't have the NTFS permissions. The tool
    should also generate a comparison report. Is there such a tool, other
    than CACLS or SuperCACLS? Lend a hand or read the responses:
       http://www.winnetmag.com/forums/rd.cfm?cid=42&tid=52418
    
    * HOWTO MAILING LIST
       http://63.88.172.96/listserv/page_listserv.asp?a0=howto
    
    Featured Thread: Sharing XP Folders in a Workgroup
       (Three messages in this thread)
    
    A user writes that he needs to share folders on a Windows XP
    Professional system that's in a workgroup, and he wants to provide
    granular security permissions on the folders. Without joining a
    domain, however, he can't remove the Everyone group--which means he
    can't provide individualized user access permission to the folders.
    How can he solve this problem? Read the responses or lend a hand at
    the following URL:
       http://63.88.172.96/listserv/page_listserv.asp?A2=IND0301B&L=HOWTO&P=345
    
    7. ==== CONTACT US ====
       Here's how to reach us with your comments and questions:
    
    * ABOUT IN FOCUS -- markat_private
    
    * ABOUT THE NEWSLETTER IN GENERAL -- lettersat_private (please
    mention the newsletter name in the subject line)
    
    * TECHNICAL QUESTIONS -- http://www.winnetmag.com/forums
    
    * PRODUCT NEWS -- productsat_private
    
    * QUESTIONS ABOUT YOUR SECURITY UPDATE SUBSCRIPTION? Customer
    Support -- securityupdateat_private
    
    * WANT TO SPONSOR SECURITY UPDATE? emedia_oppsat_private
    
    ********************
    
       This email newsletter is brought to you by Security Administrator,
    the print newsletter with independent, impartial advice for IT
    administrators securing a Windows 2000/Windows NT enterprise.
    Subscribe today!
       http://www.secadministrator.com/sub.cfm?code=saei25xxup
    
       Receive the latest information about the Windows and .NET topics of
    your choice. Subscribe to our other FREE email newsletters.
       http://www.winnetmag.com/email
    
    |-+-|-+-|-+-|-+-|-+-|
    
    Thank you for reading Security UPDATE.
    
    
    MANAGE YOUR ACCOUNT
       You can manage your entire Windows & .NET Magazine Network email
    newsletter account on our Web site. Simply log on and you can change
    your email address, update your profile information, and subscribe or
    unsubscribe to any of our email newsletters all in one place.
       http://www.winnetmag.com/email
    
    Thank you!
    __________________________________________________________
    Copyright 2003, Penton Media, Inc.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Thu Jan 16 2003 - 01:27:08 PST