[ISN] Windows & .NET Magazine Security UPDATE--Linux vs. BSD--January 21, 2004

From: William Knowles (wk@private)
Date: Thu Jan 22 2004 - 00:22:02 PST

  • Next message: William Knowles: "[ISN] Trend Micro balks at Reuters hysteria"

    ====================
    
    ==== This Issue Sponsored By ====
    
    Exchange & Outlook Administrator
       http://list.winnetmag.com/cgi-bin3/DM/y/eeKY0CJgSH0CBw0BEf10AT
    
    ====================
    
    1. In Focus: Linux vs. BSD
    
    2. Announcements
         - Get 2 Sample Issues of Windows & .NET Magazine!
         - New Web Seminar: Email Is a Service--Manage It Like One
         - Event Central--a Comprehensive Resource for the Latest Events
           in Your Field
    
    3. Security News and Features
         - Recent Security Vulnerabilities
         - News: Microsoft Issues January Security Patches
         - Feature: Not Ready for an Antispam Solution?
         - Feature: Malicious Hackers and Spam, Part 2
    
    4. Security Toolkit
         - Virus Center
         - FAQ: How Can I Enable Advanced File System and Sharing Security
           for a Windows XP Machine in a Workgroup?
         - Featured Thread: Vulnerabilities in NTP Protocol?
    
    5. Event
         - Free Web Seminar--The Costs of Spam
    
    6. New and Improved
         - Content Security and Antispam
         - Policy Compliance and Assessment
         - Tell Us About a Hot Product and Get a T-Shirt
    
    7. Contact Us
       See this section for a list of ways to contact us.
    
    ====================
    
    ==== Sponsor: Exchange & Outlook Administrator ====
       Try a Sample Issue of Exchange & Outlook Administrator!
       If you haven't seen Exchange & Outlook Administrator, you're
    missing out on key information that will go a long way towards
    preventing serious messaging problems and down time. Request a sample
    issue today, and discover tools you won't find anywhere else to help
    you migrate, optimize, administer, and secure Exchange and Outlook.
    Order now!
       http://list.winnetmag.com/cgi-bin3/DM/y/eeKY0CJgSH0CBw0BEf10AT
    
    ====================
    
    ==== 1. In Focus: Linux vs. BSD ====
       by Mark Joseph Edwards, News Editor, mark@private
    
    Many of you operate networks that involve a mix of OSs, or maybe
    you're considering adding systems that run on other platforms. Windows
    and the many Linux varieties are the dominant platforms of the day,
    but a few other OSs--varieties of Berkeley Software Distribution (BSD)
    UNIX, Apple Computer's Mac OS X (which is based on BSD), and IBM AIX,
    HP-UX, and Sun Microsystems' OSs--are dear to the hearts of many
    computer users.
    
    Many respectable varieties of Linux exist, such as SUSE LINUX
    (recently purchased by Novell), Red Hat Enterprise Linux,
    MandrakeSoft's Mandrake Linux, and Debian GNU/Linux. Multiple
    varieties of BSD also exist, including NetBSD, FreeBSD, OpenBSD, and
    Wind River's BSD/OS. Did you know that even though BSD and Linux are
    both UNIX variants, they have fundamental differences?
    
    Last week, Richard Bejtlich in his TaoSecurity Weblog (see the first
    URL below) discussed Matt Fuller's rant "BSD vs Linux" (see the second
    URL below), which explains some of the history and background of BSD
    and Linux. The backgrounds of the two OSs are different, yet both were
    developed as open-source projects.
       http://taosecurity.blogspot.com
       http://www.over-yonder.net/~fullermd/rants/bsd4linux/bsd4linux1.php
    
    Fuller gives a brief background on a variety of points about BSD and
    Linux, including their respective base systems, OS add-on mechanisms,
    update releases, and upgrading. In summary, Fuller's opinion is that
    BSD is developed in a more controlled fashion than most Linux
    varieties and uses more effective methods for updates, upgrades, and
    add-ons.
    
    Many security professionals prefer BSD because of the attention it
    pays to the overall security of the OS. For example, NetBSD
    historically has been considered a well-secured OS, much more so than
    most of the Linux varieties. OpenBSD and FreeBSD also focus intensely
    on security. In fact, the OpenBSD home page boasts, "Only one remote
    hole in the default install, in more than 7 years!" in big, bold, red
    letters. That's an impressive record.
    
    If you're deciding among OSs, consider BSD. Among the Linux varieties,
    SUSE is considered to be one of the most secure. And don't overlook
    the fact that Windows Server 2003 is a great improvement over its
    predecessors. Microsoft's effort to improve overall out-of-the-box
    security shows, so you might consider upgrading from Windows NT or
    Windows 2000 to Windows 2003.
    
    ==== 2. Announcements ====
       (from Windows & .NET Magazine and its partners)
    
    Get 2 Sample Issues of Windows & .NET Magazine!
       Every issue of Windows & .NET Magazine includes intelligent,
    impartial, and independent coverage of security, Active Directory,
    Exchange Server, and more. Our expert authors deliver content you
    simply can't find anywhere else. Try two, no-risk sample issues today,
    and find out why 100,000 IT professionals read Windows & .NET Magazine
    each month!
       http://list.winnetmag.com/cgi-bin3/DM/y/eeKY0CJgSH0CBw0BEuX0AN
    
    New Web Seminar: Email Is a Service--Manage It Like One
       True end-to-end management of the messaging infrastructure requires
    an integrated, service-oriented approach. This free Web seminar
    introduces service-driven management and best practices for managing
    and monitoring the key elements crucial to ensuring email health and
    performance, including Exchange Server, Active Directory, network, and
    storage. Sign up today!
       http://list.winnetmag.com/cgi-bin3/DM/y/eeKY0CJgSH0CBw0BElA0Ap
    
    Event Central--a Comprehensive Resource for the Latest Events in Your
    Field
       Looking for one place to find the latest Web seminars, roadshows,
    and conferences? Event Central has every topic you're looking for.
    Stay current on the latest developments in your field. Visit Event
    Central and find answers now!
       http://list.winnetmag.com/cgi-bin3/DM/y/eeKY0CJgSH0CBw0BEtb0AW
    
    ====================
    
    ==== Sponsor: Virus Update from Panda Software ====
       Are your traditional antivirus solutions really protecting your
    network? Panda Antivirus GateDefender is a dedicated hardware device
    installed at the Internet gateway to block viruses before they
    contaminate your network. It scans 7 different communication
    protocols, achieving optimum protection against external attacks.
    Panda Antivirus GateDefender 7100 (25-500 seats) & Panda Antivirus
    GateDefender 7200 (500 seats+) provide the highest scalability with
    native load balancing that transparently adapts to traffic volume.
       Visit "Panda's GateDefender Stands Guard!" at
    http://list.winnetmag.com/cgi-bin3/DM/y/eeKY0CJgSH0CBw0BEGa0Ak
    for more information.
    
    ====================
    
    ==== 3. Security News and Features ====
    
    Recent Security Vulnerabilities
       If you subscribe to this newsletter, you also receive Security
    Alerts, which inform you about recently discovered security
    vulnerabilities. You can also find information about these discoveries
    at
       http://www.winnetmag.com/departments/departmentid/752/752.html
    
    News: Microsoft Issues January Security Patches
       Microsoft issued three security patches on January 13, once again
    making good on its promise to provide regularly scheduled security
    updates rather than randomly releasing patches as they're finished.
    The patches apply to Microsoft Exchange Server 2003, Microsoft
    Internet Security and Acceleration (ISA) Server 2000, and Windows, but
    only the ISA Server 2000 patch is rated critical. In addition, the
    company has reissued a security patch for various Windows versions;
    Microsoft describes this patch as "important."
       http://www.winnetmag.com/article/articleid/41463/41463.html
    
    Feature: Not Ready for an Antispam Solution?
       The Help desk is receiving escalating incidents of people receiving
    email advertisements that aren't addressed to them, and users are
    complaining about receiving pornography and other offensive ads. You
    propose that the company implement an antispam solution, but the
    decision makers say no. Joseph Neubauer outlines five reasons why
    companies don't deploy antispam software, so you can be ready to
    counter those arguments.
       http://www.winnetmag.com/article/articleid/41025/41025.html
    
    Feature: Malicious Hackers and Spam, Part 2
       As you might recall, in "Malicious Hackers and Spam, Part 1," one
    of Alan Sugano's clients was experiencing backup problems and poor
    Exchange Server performance. He discovered that a spammer was using
    the client's server to relay spam. Although the server wasn't an open
    relay, the spammer was somehow authenticating to the server to send
    messages. In Part 2, Sugano tells how the spammer managed to send
    messages through the server, how he stopped the spam, what he found
    after some forensic analysis, and what he recommends to prevent the
    same thing from happening to your network.
       Part 1: http://www.winnetmag.com/article/articleid/41094/41094.html
       Part 2: http://www.winnetmag.com/article/articleid/41456/41456.html
    
    ==== 4. Security Toolkit ====
    
    Virus Center
       Panda Software and the Windows & .NET Magazine Network have teamed
    to bring you the Center for Virus Control. Visit the site often to
    remain informed about the latest threats to your system security.
       http://www.winnetmag.com/windowssecurity/panda
    
    FAQ: How Can I Enable Advanced File System and Sharing Security for a
    Windows XP Machine in a Workgroup?
       by John Savill, http://www.winnetmag.com/windowsnt20002003faq
    
    A. When an XP machine belongs to a domain with shared resources, a
    Security tab appears on the Properties dialog box for the file,
    folder, or share. You can use this tab to assign advanced sharing
    permissions. However, this tab is missing for XP machines that belong
    to a workgroup.
    
    A new feature in XP effectively logs all remote logons in a workgroup
    as Guest, regardless of the account and password credentials that the
    remote computer passes. (This approach obviates the need for machines
    in a workgroup to replicate local accounts, which is the method
    Windows 2000 uses to enable transparent sharing.) XP locks down the
    permissions of the Everyone group (to which Guest belongs) to cut down
    on the security problems that exist in Win2K as a result of enabling
    the Guest account. Because all machines in a workgroup are effectively
    Guest connections, the advanced security features aren't very useful,
    which is why Microsoft disabled them in XP.
    
    If you want to enable advanced file system and sharing security, you
    must disable the ForceGuest registry setting by performing the
    following steps:
    
       1. Start a registry editor (e.g., regedit.exe).
       2. Navigate to the
    HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa registry
     subkey.
       3. Double-click ForceGuest, set it to 0, then click OK.
       4. Restart the computer for the change to take effect.
    
    If you disable the Guest account but enable the ForceGuest setting,
    remote connections will fail, regardless of the username and password
    the user passes in--even if the credentials are valid.
    
    Featured Thread: Vulnerabilities in NTP Protocol?
       (Three messages in this thread)
       Will writes that he has a secured network with no outside access of
    any kind. He'd like to have the domain controller (DC) on this network
    sync with a Spectracom NTP 9188 Ethernet Time Server on his other
    network. He's planning to let the DC on the secured network access
    only the time server and further restricting the connection to let
    only the Network Time Protocol (NTP) through the ports in either
    direction. Will wants to know whether a virus or malicious code could
    get through if only NTP is allowed. Lend a hand or read the responses:
    http://www.winnetmag.com/forums/messageview.cfm?catid=42&threadid=66639
    
    ==== 5. Event ====
    
    Free Web Seminar--The Costs of Spam
       In this free Web seminar, learn how to identify and measure the
    costs and savings of spam activities by investigating the impacts that
    spam has on bandwidth, storage, and server-processing costs. Discover
    the impact of implementing antispam solutions and how other IT pros
    like you found rapid time-to-value solution. Bring back cost-saving
    information to your CEO. Register today!
       http://list.winnetmag.com/cgi-bin3/DM/y/eeKY0CJgSH0CBw0BDDl0Ar
    
    ==== 6. New and Improved ====
       by Jason Bovberg, products@private
    
    Content Security and Antispam
       Aladdin Knowledge Systems announced the availability of eSafe 4.0,
    content-security software that features a new antispam module.
    Designed to eliminate false positives, eSafe 4.0 offers 17 methods for
    detecting and managing spam. In addition to gateway protection, the
    new version offers unique URL matching, an updateable database with
    smart spam signatures gathered from thousands of spam-collecting
    mailboxes covering nearly 3 million different spam messages, the
    option to off-load spam management to individuals instead of IT teams,
    and advanced heuristics. For detailed information about eSafe 4.0,
    including pricing, contact Aladdin Knowledge Systems on the Web.
       http://www.ealaddin.com/esafe
    
    Policy Compliance and Assessment
       Symantec announced the release of Symantec Enterprise Security
    Manager (ESM) 6.0, a policy-compliance solution that performs more
    than 2000 security and vulnerability checks to measure whether systems
    and applications are properly configured. The software also discovers
    unpatched vulnerabilities so that you can contain and remediate them.
    ESM 6.0 includes preconfigured industry best-practice security
    policies and application modules to protect you against potential
    security risks within the enterprise environment. For detailed
    information about ESM 6.0, including pricing, contact Symantec on the
    Web.
       http://www.symantec.com
    
    Tell Us About a Hot Product and Get a T-Shirt!
       Have you used a product that changed your IT experience by saving
    you time or easing your daily burden? Tell us about the product, and
    we'll send you a Windows & .NET Magazine T-shirt if we write about the
    product in a future Windows & .NET Magazine What's Hot column. Send
    your product suggestions with information about how the product has
    helped you to whatshot@private
    
    ===================
    
    ==== Sponsored Link ====
    
    Argent
       Comparison Paper: The Argent Guardian Easily Beats Out MOM
       http://list.winnetmag.com/cgi-bin3/DM/y/eeKY0CJgSH0CBw0BDWV0Ao
    
    ===================
    
    ==== 7. Contact Us ====
    
    About the newsletter -- letters@private
    About technical questions -- http://www.winnetmag.com/forums
    About product news -- products@private
    About your subscription -- securityupdate@private
    About sponsoring Security UPDATE -- emedia_opps@private
    
    This email newsletter is brought to you by Windows & .NET Magazine,
    the leading publication for IT professionals deploying Windows and
    related technologies. Subscribe today.
       http://www.winnetmag.com/sub.cfm?code=wswi201x1z
    
    Windows & .NET Magazine, a division of Penton Media, Inc.
    221 East 29th Street, Loveland, CO 80538
    Attention: Customer Service Department
    
    Copyright 2004, Penton Media, Inc. All rights reserved.
    
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Thu Jan 22 2004 - 03:03:54 PST