[ISN] Windows & .NET Magazine Security UPDATE--May 28, 2003

From: InfoSec News (isnat_private)
Date: Thu May 29 2003 - 02:50:14 PDT

  • Next message: InfoSec News: "[ISN] Security researcher accuses Redmond of misleading customers"

    =================================
    
    ==== This Issue Sponsored By ====
    Research in Motion
       http://list.winnetmag.com/cgi-bin3/DM/y/eQ6U0CJgSH0CBw0BAOr0AM
    
    Windows & .NET Magazine
       http://list.winnetmag.com/cgi-bin3/DM/y/eQ6U0CJgSH0CBw06Kw0A5
    
    =================================
    
    1. In Focus: Security Tools: Everybody Has Favorites
    
    2. Security Risks
         - DoS in Cisco IOS
    
    3. Announcements
         - Get Windows 2003 Active Directory Answers in a New eBook!
         - Back by Popular Demand--Windows & .NET Magazine's Security Road
           Show!
    
    4. Security Roundup
         - News: Microsoft Launches Virus Information Center as Deceptive
           Worm Floods Inboxes
         - Feature: Improve Security with XP's Command-Line Tools
         - Feature: The Security of EFS
    
    5. Instant Poll
         - Results of Previous Poll: Managing Junk Mail
         - New Instant Poll: Windows Update and SUS
    
    6. Security Toolkit
         - Virus Center
         - FAQ: What Are the Differences Between Usrmgr.exe and
           Musrmgr.exe?
    
    7. Event
         - Windows & .NET Magazine Web Seminar
     
    8. New and Improved
         - Remove Risks in P2P File Sharing and IM Applications
         - Inoculate Windows 2003
         - Submit Top Product Ideas
    
    9. Hot Thread
         - Windows & .NET Magazine Online Forums
             - Featured Thread: Continuous Password Attacks
    
    10. Contact Us
       See this section for a list of ways to contact us.
    
    ====================
    
    ==== Sponsor: Research in Motion ====
    
       NEW BLACKBERRY SECURITY WHITE PAPER
       Prevent wireless handhelds from compromising your enterprise
    security! Download the BlackBerry Security White Paper for Microsoft
    Exchange and learn how the BlackBerry security architecture addresses
    data encryption, corporate firewalls, lost devices, and other critical
    security concerns.
       http://list.winnetmag.com/cgi-bin3/DM/y/eQ6U0CJgSH0CBw0BAOr0AM
    
    ====================
    
    ==== 1. In Focus: Security Tools: Everybody Has Favorites ====
       by Mark Joseph Edwards, News Editor, markat_private
    
    Handling information security is a tedious task. Having decent tools
    at your disposal makes the job easier to accomplish. Of course, some
    tools are more valuable than others, depending on the tasks at hand.
    
    You probably use some of the many security tools available today--to
    secure cross-network communication links, network borders and
    segments, servers, workstations, mobile devices, data storage systems,
    forensics, and more. Tool developers and vendors tout their wares, but
    what they say about their tools doesn't always provide enough insight
    into what a hands-on experience with a given tool might be like.
    
    You've probably found choosing which tools to use in a given scenario
    a challenge. One must review the possibilities, ask for
    recommendations, then investigate the most suitable tools to see which
    might meet a given set of needs. Nevertheless, you probably have a few
    favorites--depending on which tasks you need to perform.
    
    As a publisher of computing-related information, our publications
    review tools and present information about those tools in as unbiased
    a fashion as possible. But we can review only a fraction of the many
    tools available. At the same time, hundreds of thousands of people
    read our publications, and vast numbers of you have accumulated great
    hands-on experience with various security-related tools. Because many
    of you who read this newsletter are probably administrators who deal
    at some level with information security, I'm asking you what your
    favorite security tools are.
    
    Given the broad range of security tools available, I plan to leave the
    question wide open. I've no way of knowing which variables affect your
    network environment and your work--and thus your choice of tools.
    Perhaps you depend upon a particularly useful authentication tool,
    Wi-Fi (the 802.11b wireless standard) tool, encryption tool, Intrusion
    Detection System (IDS), firewall, packet analyzer, file system
    analyzer, scanner, Web protection, database protection, log analyzer,
    or spam prevention technology. Rather than developing a list of
    possible categories, I'm asking you to nominate the tools that serve
    you best.
    
    Whether you have one favorite tool or many, you probably like them
    because they're useful. Your experience can help others who might need
    such tools.
    
    If you're a security administrator (no developers or vendors, please),
    I hope you'll take time to send me an email message listing your
    favorite one or two tools (respond anonymously if you prefer). Prefix
    the subject of your response with "[Tools]" so that I can more easily
    gather the email messages and tally the results. In the body of the
    message, please list each of your favorite tools, and for each tool
    include the tool name; URL for each tool if possible; the platforms it
    runs on; whether the tool is commercial, shareware, or freeware; and a
    paragraph about the tasks it handles successfully. After June 12, I'll
    compile your responses and let you know the results when they're
    available.
    
    ==========================================
    
    ==== Sponsor: Windows & .NET Magazine ====
    
    Microsoft Mobility Tour
       If you were too busy to catch our Microsoft Mobility Tour event in
    person, now you can view the Webcast archives for free! You'll learn
    more about the available solutions for PC and mobile devices and
    discover where the mobility marketplace is headed.
       http://list.winnetmag.com/cgi-bin3/DM/y/eQ6U0CJgSH0CBw06Kw0A5
    
    ==========================================
    
    ==== 2. Security Risks ====
       contributed by Ken Pfeil, kenat_private
    
    DoS in Cisco IOS
       Cisco Systems' IOS software contains a vulnerability that might
    result in a Denial of Service (DoS) attack. This vulnerability stems
    from a flaw in the Service Assurance Agent, also known as the Response
    Time Reporter (RTR). By sending a malformed RTR packet to the router,
    a potential attacker can crash the router. Cisco has released an
    advisory and free upgrades for affected customers, which can be
    obtained through the usual support channels.
       http://www.secadministrator.com/articles/index.cfm?articleid=39055
    
    ==== 3. Announcements ====
       (from Windows & .NET Magazine and its partners)
    
    Get Windows 2003 Active Directory Answers in a New eBook!
       The first chapter of Windows & .NET Magazine's latest eBook,
    "Windows 2003: Active Directory Administration Essentials," is now
    available at no charge! Chapter 1 delves into Windows Server 2003 and
    focuses on what's new and improved with Active Directory. Expert
    Jeremy Moskowitz discusses which AD features might be important to you
    (and why). Download it now!
       http://list.winnetmag.com/cgi-bin3/DM/y/eQ6U0CJgSH0CBw0BALs0AK
    
    Back by Popular Demand--Windows & .NET Magazine's Security Road Show!
       Join the Windows & .NET Magazine 2003 Security Road Show (a free
    in-person event), and hear Mark Minasi and Paul Thurrott detailing how
    to attack your security problems head on. You'll learn 12 tips for
    securing a Windows 2000 network, discover the future of Microsoft's
    security strategy from Windows Server 2003 and beyond, and more!
    Register today!
       http://list.winnetmag.com/cgi-bin3/DM/y/eQ6U0CJgSH0CBw07Kz0AA
    
    ==== 4. Security Roundup ====
    
    News: Microsoft Launches Virus Information Center as Deceptive Worm
    Floods Inboxes
       Microsoft, Network Associates (McAfee's parent company), and Trend
    Micro announced that they've formed an initiative called the Virus
    Information Alliance (VIA), a new way for customers to get information
    about virus threats that affect Microsoft technology. The VIA
    announcement is well timed; a new network worm called Palyh is
    spreading quickly through email and LANs.
       http://www.secadministrator.com/articles/index.cfm?articleid=39060
    
    Feature: Improve Security with XP's Command-Line Tools
       If you've rolled out Windows XP in your organization or plan to do
    so, certain tools will help you monitor, manage, and secure your XP
    installations. Microsoft has beefed up several familiar GUI and
    command-line tools and added some new ones. Microsoft has chosen not
    to ship utilities with the "Microsoft Windows XP Resource Kit."
    Instead, the company has moved the more useful utilities from the
    "Microsoft Windows 2000 Resource Kit" and the "Microsoft Windows NT
    4.0 Resource Kit" into the base XP OS and into the Support Tools
    folder on the installation CD-ROM.
       http://www.secadministrator.com/articles/index.cfm?articleid=25014
    
    Feature: The Security of EFS
       Encrypting File System (EFS), which Microsoft introduced in Windows
    2000, is a surprisingly powerful and robust technology that lets users
    protect their sensitive data from unauthorized eyes by encrypting it.
    In "Securing Win2K with Certificate Services," September 2001,
    http://www.secadministrator.com , InstantDoc ID 22113, John Howie
    described how Microsoft's public key infrastructure (PKI) product,
    Certificate Services, worked and showed you how you can improve your
    network's security by leveraging the service as an Enterprise
    Certification Authority (CA). In this follow-up article, Howie shows
    you how to leverage the features that (EFS) offers by tying it into
    your PKI.
       http://www.secadministrator.com/articles/index.cfm?articleid=24051
    
    =====================
    ==== Hot Release ====
    
    Hewlett-Packard
       HP OpenView for Windows Test Drive
       Monitor the availability and performance of your corporate website
    -- FREE for 30 days, using powerful HP OpenView management software
    for Windows. Simulate activity. Monitor complex transactions. Meet
    business demands. Manage web services. Click here.
       http://list.winnetmag.com/cgi-bin3/DM/y/eQ6U0CJgSH0CBw08fJ0Ao
    
    =====================
    
    ==== 5. Instant Poll ====
    
    Results of Previous Poll: Managing Junk Mail
       The voting has closed in Windows & .NET Magazine's Security
    Administrator Channel nonscientific Instant Poll for the question,
    "Does your company use junk-mail filtering technologies?" Here are the
    results from the 155 votes.
       -  1% Yes--Whitelists
       -  8% Yes--Blacklists
       - 21% Yes--Mail filters
       - 40% Yes--Two or more of the above
       - 30% No
    
    New Instant Poll: Windows Update and SUS
       The next Instant Poll question is, "Do you use either Windows
    Update or Software Update Services (SUS)?" Go to the Security
    Administrator Channel home page and submit your vote for a) Yes, b)
    Yes--We also use a third-party update tool, c) No, or d) No--We use
    only a third-party update tool.
       http://www.secadministrator.com
    
    ==== 6. Security Toolkit ====
    
    Virus Center
       Panda Software and the Windows & .NET Magazine Network have teamed
    to bring you the Center for Virus Control. Visit the site often to
    remain informed about the latest threats to your system security.
       http://www.secadministrator.com/panda
    
    FAQ: What Are the Differences Between Usrmgr.exe and Musrmgr.exe?
       contributed by Jan De Clercq, jan.declercqat_private
    
    User Manager (musrmgr.exe) is a Windows NT Workstation 4.0 tool for
    managing a workstation's accounts (also known as local accounts). User
    Manager for Domains (usrmgr.exe) is an NT Server 4.0 tool for
    administering an NT domain's accounts (also known as domain accounts).
    
    Musrmgr is a reduced functionality version of Usrmgr. When you work
    with a workstation, many of the options for NT domains don't apply, so
    you don't need the extra features that Usrmgr provides. Unlike
    Musrmgr, Usrmgr can be used to administer domain accounts, global
    groups, and trust relationships.
    
    Usrmgr is the only tool a domain administrator really needs. You can
    use Usrmgr to manage not only domain accounts but also local accounts
    stored in the SAM of workstations and member servers. To connect to
    another SAM, simply choose Select Domain from the User menu. In the
    resulting dialog box, you can select a domain or type the name of a
    workstation or member server to whose SAM you want to connect. If you
    type the machine name, make sure that you precede it with two
    backslashes.
    
    If your primary computer is an NT workstation and you'll regularly
    administer domain accounts from this machine, you can install Usrmgr
    on it. To do so, go to the \Clients\Srvtools\Winnt directory on the NT
    Server 4.0 CD-ROM on your workstation and execute the Setup.bat file.
       http://www.secadministrator.com/articles/index.cfm?articleid=25021
    
    ==== 7. Event ====
    
    Windows & .NET Magazine Web Seminar
       How can you reclaim 30% to 50% of Windows server space? Attend the
    newest Web seminar from Windows & .NET Magazine and discover the
    secrets from the experts.
       http://list.winnetmag.com/cgi-bin3/DM/y/eQ6U0CJgSH0CBw06A10Ak
    
    ==== 8. New and Improved ====
       by Sue Cooper, productsat_private
    
    Remove Risks in P2P File Sharing and IM Applications
       Akonix Systems announced Akonix Enforcer, software that helps
    eliminate the security and corporate liability risks associated with
    unsanctioned peer-to-peer (P2P) file-sharing and public Instant
    Messaging (IM) applications. Using a protocol signature matching
    technology, the software blocks unsanctioned file transfers from
    entering or leaving your network through P2P and IM, protecting your
    company from potential liability for copyright infringements, for
    excessive bandwidth consumption, and for the transmission of viruses,
    Trojan horses, or installed spyware. Akonix Enforcer will be available
    in early June. Contact Akonix Systems at 619-814-2330 or
    salesat_private
       http://www.akonix.com
    
    Inoculate Windows 2003
       Panda Software announced Panda Antivirus for Windows Server 2003.
    The software operates in both 32-bit and 64-bit environments and
    adapts to the Active Directory Service (ADS) in Windows 2003. You can
    detect and disinfect viruses even in Encrypting File System (EFS)
    files. Features include automatic daily updates and centralized and
    remote management. The real-time scanner's core engine is
    multithreaded and uses multiple channel scanning technology optimized
    for parallel scanning on multiprocessor servers. Contact Panda
    Software at 800-603-4922, 818-543-6901, or info.usaat_private
       http://www.pandasecurity.com
    
    Submit Top Product Ideas
       Have you used a product that changed your IT experience by saving
    you time or easing your daily burden? Do you know of a terrific
    product that others should know about? Tell us! We want to write about
    the product in a future What's Hot column. Send your product
    suggestions to whatshotat_private
    
    ==== 9. Hot Thread ====
    
    Windows & .NET Magazine Online Forums
       http://www.winnetmag.com/forums
    
    Featured Thread: Continuous Password Attacks
       (Two messages in this thread)
    
    A user writes that he's administering a Microsoft Exchange 2000 Server
    with Microsoft Outlook Web Access (OWA) enabled. Continuous failed
    attempts from various IP addresses to log on as Administrator and with
    other usernames (about five attempts per hour, about 10 usernames
    being rotated) seem to indicate a concerted effort to break in by
    guessing passwords. Apart from blocking the offending IP addresses in
    his router, does anyone have a good strategy to deal with this type of
    attack? His company doesn't want him to disable OWA. Lend a hand or
    read the responses:
       http://www.winnetmag.com/forums/rd.cfm?cid=42&tid=58348
    
    ==== 10. Contact Us ====
    
    About the newsletter -- lettersat_private
    About technical questions -- http://www.winnetmag.com/forums
    About product news -- productsat_private
    About your subscription -- securityupdateat_private
    About sponsoring Security UPDATE -- emedia_oppsat_private
    
    ====================
       This email newsletter is brought to you by Security Administrator,
    the print newsletter with independent, impartial advice for IT
    administrators securing Windows and related technologies. Subscribe
     today.
       http://www.secadministrator.com/sub.cfm?code=saei25xxup
    
    Thank you!
    __________________________________________________________
    Copyright 2003, Penton Media, Inc.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomoat_private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Thu May 29 2003 - 05:31:54 PDT