[ISN] Windows & .NET Magazine Security UPDATE--Creating a Bootable Windows CD-ROM--February 25, 2004

From: InfoSec News (isn@private)
Date: Wed Feb 25 2004 - 23:12:45 PST

  • Next message: InfoSec News: "[ISN] Yukon to Ship with Features Securely Off"

    ====================
    
    ==== This Issue Sponsored By ====
    
    VERITAS Software
       http://list.winnetmag.com/cgi-bin3/DM/y/eely0CJgSH0CBw0BFrl0Ak
    
    Free Download: Shavlik Security Patch Management
       http://list.winnetmag.com/cgi-bin3/DM/y/eely0CJgSH0CBw0BDoF0A2
    
    ====================
    
    * In Focus: Creating a Bootable Windows CD-ROM
    
    * Security News and Features
       - News: Leaked Code Leads to Vulnerability Discovery in IE 5.x
       - News: Microsoft's Security Guidance Center
       - News: Windows Security Update CD Now Available
    
    * New and Improved
       - Establish Hardware-Based Encryption
       - Protect Your Email Systems
       - Tell Us About a Hot Product and Get a T-Shirt!
    
    ====================
    
    ==== Sponsor: VERITAS Software ====
       Improving the performance of applications relying on databases and
    storage can be a daunting task. Join this Webcast hosted by VERITAS
    Software - "Improving Application Performance on Storage Arrays" - to
    pick up tools and techniques that will help you to improve your
    application performance.
       http://list.winnetmag.com/cgi-bin3/DM/y/eely0CJgSH0CBw0BFrl0Ak
    
    ====================
    
    ==== In Focus: Creating a Bootable Windows CD-ROM ====
       by Mark Joseph Edwards, News Editor, mark at ntsecurity dot net
    
    A system failure can be an aggravating experience. Any number of
    problems can cause erratic system behavior, including viruses, worms,
    Trojan horses, corrupt or missing files, or a failed software update.
    Recovering from such instances sometimes requires that we gain access
    to a disk subsystem without using the installed OS.
    
    Booting to the Windows recovery console can typically be a great help,
    but in some cases, that method doesn't provide enough utility to get
    the job done. Sometimes, you must remove a drive and install it in a
    working system so that you can boot an OS to gain access to the drive
    or files that need repair or inspection.
    
    You might be aware that numerous versions of bootable Linux CD-ROMs
    are available--many of which can support NTFS. These CD-ROMs are handy
    for tasks such as fixing corrupted files or recovering and resetting
    lost passwords. Did you know that you can create a customized bootable
    Windows CD-ROM complete with the tools you might need for security
    analysis and system recovery?
    
    Bart Lagerweij has created BartPE, a tool that you might consider
    adding to your security toolkit. BartPE uses a licensed copy of
    Windows Server 2003 or Windows XP to create a bootable CD-ROM in the
    form of a preinstalled environment (PE). You can boot a system from
    that CD-ROM and have access to network resources as well as various
    tools, depending on what you've included on the CD-ROM during the
    build process.
    
    In its default configuration, BartPE builds a bootable Windows CD-ROM
    that contains Chkdsk, a RAM disk, a remote desktop client, mouse
    support, and more. BartPE also has a framework into which you can plug
    other tools, such as various network drivers, spyware-removing tools,
    virus-scanning tools, the PuTTY SSH client, Advanced SCSI Programming
    Interface (ASPI) support, Mozilla, Winternals Software's Disk
    Commander and ERD Commander, Symantec Ghost, and Ahead Software's Nero
    for creating CD-ROM and DVD images. You can also add a Citrix client,
    Novell NetWare client, hexadecimal editor, data-recovery tools, and
    numerous other tools. Keep in mind that if you want to plug a tool
    that's not freeware or shareware into your bootable CD-ROM, you'll
    need a licensed copy of the tool. You can learn more about BartPE and
    download the related building tools at the Nu2 Productions Web site.
       http://www.nu2.nu/pebuilder
    
    ====================
    
    ==== Sponsor: Free Download: Shavlik Security Patch Management ====
       Install the latest critical Microsoft security patch today with
    HFNetChkPro. A free, fully functional, no time-out version of
    HFNetChkPro is available to help you automate the delivery and testing
    of this critical patch. HFNetChkPro offers unlimited scanning, a
    complete GUI and Shavlik's exclusive PatchPush capabilities. Save time
    on patch deployment, ensure systems are fully protected and safeguard
    your systems from remote code execution, identity spoofing, arbitrary
    code execution and other attacks. It's free, and it simplifies patch
    management without agents. Learn more and download the free version of
    HFNetChkPro at
       http://list.winnetmag.com/cgi-bin3/DM/y/eely0CJgSH0CBw0BDoF0A2
    
    ====================
    
    ==== Announcements ====
       (from Windows & .NET Magazine and its partners)
    
    Get the SQL Server 2000 System Table Map Poster!
        If you're an administrator or developer and work with SQL Server,
    SQL Server Magazine can help you at work. Subscribe today and you'll
    gain access to a treasury of SQL Server experts, content, tips, code
    listings, articles, and more. Bonus--the System Table Map Poster.
    Click here for details:
       http://list.winnetmag.com/cgi-bin3/DM/y/eely0CJgSH0CBw0BFrm0Al
    
    Event Central--a Comprehensive Resource for the Latest Events in Your
    Field
       Looking for one place to find the latest Web seminars, roadshows,
    and conferences? Event Central has every topic you're looking for.
    Stay current on the latest developments in your field. Visit Event
    Central and find answers now!
       http://list.winnetmag.com/cgi-bin3/DM/y/eely0CJgSH0CBw0BEtb0Ab
    
    Take Our Quick Survey!
       Help shape the future of Windows & .NET Magazine! We want to hear
    your opinions about our name and your perceptions of us. Thank you in
    advance for your time and ideas. Click on this link to complete our
    quick survey.
       http://list.winnetmag.com/cgi-bin3/DM/y/eely0CJgSH0CBw0BFnz0Au
    
    ====================
    
    ==== Sponsor: Virus Update from Panda Software ====
       Are your traditional antivirus solutions really protecting your
    network? Panda Antivirus GateDefender is a dedicated hardware device
    installed at the Internet gateway to block viruses before they
    contaminate your network. It scans 7 different communication
    protocols, achieving optimum protection against external attacks.
    Panda Antivirus GateDefender 7100 (25-500 seats) & Panda Antivirus
    GateDefender 7200 (500 seats+) provide the highest scalability with
    native load balancing that transparently adapts to traffic volume.
       Visit "Panda's GateDefender Stands Guard!" at
    http://list.winnetmag.com/cgi-bin3/DM/y/eely0CJgSH0CBw0BEGa0Ap
    for more information.
    
    ====================
    
    ==== Security News and Features ====
    
    Recent Security Vulnerabilities
       If you subscribe to this newsletter, you also receive Security
    Alerts, which inform you about recently discovered security
    vulnerabilities. You can also find information about these discoveries
    at
       http://www.winnetmag.com/departments/departmentid/752/752.html
    
    News: Leaked Code Leads to Vulnerability Discovery in IE 5.x
       Someone with access to the leaked Windows source code found a hole
    in Microsoft Internet Explorer (IE) 5.x and leaked details to various
    security mailing lists.
       http://www.winnetmag.com/article/articleid/41784/41784.html
    
    News: Microsoft's Security Guidance Center
       Microsoft has launched its new Security Guidance Center Web site
    for developers and IT professionals. The site lets you register for
    training, obtain security-related tools, and sign up for Microsoft's
    email-based security alerts and newsletter.
       http://www.winnetmag.com/article/articleid/41799/41799.html
    
    News: Windows Security Update CD Now Available
       Microsoft is now taking orders for copies of its Windows Security
    Update CD, which is available free of charge. The CD-ROM contains
    updates for Windows XP, Windows 2000, Windows Me, and Windows 98 that
    have been released since October 2003.
       http://www.winnetmag.com/article/articleid/41801/41801.html
    
    ====================
    
    ==== Hot Release ====
    Get Thawte's New Step-by-Step SSL Guide for MSIIS
       In this guide you will find out how to test, purchase, install and
    use a Thawte Digital Certificate on your MSIIS web server. Throughout,
    best practices for set-up are highlighted to help you ensure efficient
    ongoing management of your encryption keys and digital certificates.
    Get your copy of this new guide now:
       http://list.winnetmag.com/cgi-bin3/DM/y/eely0CJgSH0CBw0BFrn0Am
    
    ====================
    
    ==== Instant Poll ====
    
    Results of Previous Poll: Protecting APs
       The voting has closed in the Windows & .NET Magazine Network
    Security Web page nonscientific Instant Poll for the question, "Does
    your company protect rogue wireless access points on its network?"
    Here are the results from the 31 votes.
       - 71% Yes
       - 16% No, we're not sure how to protect them
       - 13% No, we're unconcerned about protecting them
       - 0% I'm not sure
    
    New Instant Poll: Bootable CD-ROMs
       The next Instant Poll question is, "Do you rely on bootable Windows
    or Linux disks for system recovery and analysis?" Go to the Security
    Web page and submit your vote for
       - Yes (Windows)
       - Yes (Linux)
       - No, but I plan to start
       - No, and I don't plan to start
       http://www.winnetmag.com/windowssecurity
    
    ==== Security Toolkit ====
    
    Virus Center
       Panda Software and the Windows & .NET Magazine Network have teamed
    to bring you the Center for Virus Control. Visit the site often to
    remain informed about the latest threats to your system security.
       http://www.winnetmag.com/windowssecurity/panda
    
    Virus Alert: Netsky.B
       A new worm, Netsky.B, is spreading via email. The worm uses its own
    SMTP engine to mass-mail itself and once inside a network, it tries to
    further propagate through network shares. For more details about this
    worm, go to
    http://www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=44815
    
    FAQ: What's the Microsoft Systems Management Server (SMS) 2003
    Administration Feature Pack?
       by John Savill, http://www.winnetmag.com/windowsnt20002003faq
    
    A. The SMS 2003 Administration Feature Pack contains three tools. The
    Manage Site Accounts Tool lets you use the command line to manage
    accounts and passwords for one or multiple sites in a hierarchy. The
    tool also lets you update, create, verify, delete, and list the
    Windows accounts for the SMS sites.
    
    The Transfer Site Settings Wizard lets you copy site configuration,
    packages, and collection settings from one site to one or more target
    sites. You can copy settings interactively or by using XML templates.
    The tool provides both a graphical and command-line interface.
    
    The Elevated Rights Deployment Tool (aka RunOnce) lets you use the
    elevated privileges of the SMS software distribution features to
    install applications that require administration rights after a system
    restart. The tool can execute the registry entries in the RunOnce
    location by moving the entries in the registry to a new SMS\RunOnce
    location where SMS can execute those entries.
    
    You can download the SMS 2003 Administration Feature Pack from the
    Microsoft Web site. After you download the software, run the
    downloaded file to create three folders, each containing one of the
    tools.
    http://www.microsoft.com/downloads/details.aspx?familyid=7bd3a16e-1899-4e0b-bb99-1320e816167d&displaylang=en
    
    Featured Thread: War-Dialing Attacks
       (Two messages in this thread)
       A reader writes that a war dialer is attacking his business phone
    system. When the dialer attacks, each phone line rings in turn. He has
    also observed that the company's modem lines are being probed and that
    probes of his cell phone are starting. He wants to know how to guard
    against these sorts of attacks. Lend a hand or read the responses:
    http://www.winnetmag.com/forums/messageview.cfm?catid=42&threadid=67308
    
    ==== Events Central ====
       (A complete Web and live events directory brought to you by Windows
    & .NET Magazine: http://list.winnetmag.com/cgi-bin3/DM/y/eely0CJgSH0CBw0BEtb0Ab )
    
    New--Microsoft Security Strategies Roadshow!
       We've teamed with Microsoft, Avanade, and Network Associates to
    bring you a full day of training to help you get your organization
    secure and keep it secure. You'll learn how to implement a
    patch-management strategy; lock down servers, workstations, and
    network infrastructure; and implement security policy management.
    Register now for this free, 20-city tour.
       http://list.winnetmag.com/cgi-bin3/DM/y/eely0CJgSH0CBw0BELe0Ay
    
    ==== New and Improved ====
       by Jason Bovberg, products@private
    
    Establish Hardware-Based Encryption
       Kanguru Solutions announced the Kanguru Encryptor, a security
    device that locks down and encrypts your hard disk so that it's
    inaccessible without an access key. The Encryptor uses a silicon-based
    real-time encryption/decryption processor that encrypts an entire hard
    disk's contents bit-by-bit, including the boot sector and the OS.
    Starting at $59.95, the Encryptor is available in two models--40-bit
    Data Encryption Standard (DES) and 128-bit Triple DES (3DES)
    encryption--and fits easily in a 5.25" bay. For more information about
    the Encryptor, contact Kangaru Solutions on the Web.
       http://www.kanguru.com
    
    Protect Your Email Systems
       BorderWare Technologies announced MXtreme Mail Firewall 3.0, an
    application-specific security appliance that protects your email
    systems from threats such as spam, viruses, Trojan horses, Internet
    worms, malformed messages, and Denial of Service (DoS) attacks.
    MXtreme Mail Firewall also provides secure remote access for Web mail
    and secure authenticated session proxies for Microsoft Outlook Web
    Access (OWA) and Lotus iNotes. For more information about MXtreme Mail
    Firewall 3.0, contact BorderWare Technologies at 877-814-7900 or on
    the Web.
       http://www.borderware.com
    
    Tell Us About a Hot Product and Get a T-Shirt!
       Have you used a product that changed your IT experience by saving
    you time or easing your daily burden? Tell us about the product, and
    we'll send you a Windows & .NET Magazine T-shirt if we write about the
    product in a future Windows & .NET Magazine What's Hot column. Send
    your product suggestions with information about how the product has
    helped you to whatshot@private
    
    ===================
    
    ==== Sponsored Links ====
    
    NetSupport
       Free Trial - Fast and Easy Network Management. - NetSupport DNA
       http://list.winnetmag.com/cgi-bin3/DM/y/eely0CJgSH0CBw0BFW60AP
    
    Surf Control
       SurfControl Web Filter manages Internet risk. Try it FREE for 30
     days.
       http://list.winnetmag.com/cgi-bin3/DM/y/eely0CJgSH0CBw0BFmf0AZ
    
    Aelita Software
       White Paper! Event Log Management: A Guide to a Stress-free Audit
       http://list.winnetmag.com/cgi-bin3/DM/y/eely0CJgSH0CBw0BFn10Ah
    
    ===================
    
    ==== Contact Us ====
    
    About the newsletter -- letters@private
    About technical questions -- http://www.winnetmag.com/forums
    About product news -- products@private
    About your subscription -- securityupdate@private
    About sponsoring Security UPDATE -- emedia_opps@private
    
    This email newsletter is brought to you by Windows & .NET Magazine,
    the leading publication for IT professionals deploying Windows and
    related technologies. Subscribe today.
       http://www.winnetmag.com/sub.cfm?code=wswi201x1z
    
    You received this email message because you asked to receive
    additional information about products and services from the Windows &
    .NET Magazine Network. To unsubscribe, send an email message to
    mailto:Security-UPDATE_Unsub@private Thank you!
    
    View the Windows & .NET Magazine privacy policy at
    http://www.winnetmag.com/AboutUs/Index.cfm?action=privacy
    
    Windows & .NET Magazine, a division of Penton Media, Inc.
    221 East 29th Street, Loveland, CO 80538
    Attention: Customer Service Department
    
    Copyright 2004, Penton Media, Inc. All rights reserved.
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Thu Feb 26 2004 - 02:26:20 PST