[ISN] Windows & .NET Magazine Security UPDATE--Fending Off Viruses and Spam--March 10, 2004

From: InfoSec News (isn@private)
Date: Wed Mar 10 2004 - 23:39:31 PST

  • Next message: InfoSec News: "[ISN] Israeli, 19, hacked into Pennsylvania police system, erased records: police"

    ====================
    
    ==== This Issue Sponsored By ====
    
    Symantec V2i Protector--Real-time Backup/Recovery
       http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BGE30A6
    
    Symantec ON iPatch--Enterprise Patch Management Solution
       http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BGFB0AN
    
    ====================
    
    * In Focus: Fending Off Viruses and Spam
    
    * Security News and Features
       - Feature: Email Security Suites
       - Feature: Using Windows Mobile 2003 to Access Exchange
       - Feature: Windows XP SP2 Beta Review
       - News: Hundreds of Windows XP Registry Tweaks
    
    * New and Improved
       - Enable Secure Remote Access
       - Policy-Based Remote-Access Security Solution
    
    ====================
    
    ==== Sponsor: Symantec V2i Protector–-Real-time Backup/Recovery ====
       In the event of a security threat or disaster V2i Protector
    provides a real-time, disk-based backup and disaster recovery solution
    designed to capture a system's active state, including all
    server/desktop files and configurations.
       Using V2i Protector, you can quickly restore failed systems to a
    specified point-in-time without taking hours to manually reinstall and
    restore data from tape backup or rebuilding from scratch. Perform a
    full system restoration, a complete bare metal restoration or restore
    individual files and folders in minutes.
       V2i Protector also creates exact backups of volumes/partitions
    through the use of snapshot technology. This captures all files and
    system personalities and configurations. Backups are created without
    disrupting data access or application usage.
       Click here to download an evaluation version today
       http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BGE30A6
    
    ====================
    
    ==== In Focus: Fending Off Viruses and Spam ====
       by Mark Joseph Edwards, News Editor, mark at ntsecurity dot net
    
    Last week, I wrote about three SMTP authentication solutions that
    might help curb junk email and the influx of viruses, worms, and
    Trojan horses. Sender Policy Framework (SPF) is already rolled out to
    more than 7500 networks; the other two solutions, DomainKeys and
    Caller ID for E-Mail, are still in the design and testing phases.
    However, it's possible that later this year, DomainKeys and Caller ID
    will become available to the public, so you might soon be able to
    begin implementing and testing them on your own networks.
    
    For the next 2 weeks, we're conducting a poll that asks which of the
    three solutions your company might implement. Please take a moment to
    respond to the poll, which you'll find on our Security Web page.
       http://www.winnetmag.com/windowssecurity
    
    In the meantime, a couple other options can help you eliminate junk
    mail and prevent malicious software (malware) from entering your
    network. One technique that many people use is disposable email
    addresses--in other words, using a free email address when you sign up
    for newsgroups and mailing lists and changing the address when it
    begins to receive a lot of unwanted email.
    
    Spammers harvest email addresses from Web sites, newsgroups, and
    mailing lists, so if your email address is posted in any of those
    formats or forums, it's likely to begin receiving junk mail. For
    example, you might think your participation in a private, members-only
    mailing list wouldn't lead to the exposure and misuse of your email
    address. But if someone archives that mailing list to a Web site
    (which is the case with numerous security-related mailing lists),
    eventually spammers will harvest the email addresses for their own
    use.
    
    Managing disposable email addresses might seem tedious at first. You
    must delete the old address, create a new one, and change your email
    address for any forum memberships, but those steps take only a few
    minutes and are probably far less time-consuming than filtering junk
    mail over long periods of time.
    
    Another technique some of you can use is called selective mail
    download. Email clients such as Eudora and Pegasus have such a
    feature; Microsoft Outlook and Mozilla don't (at least they didn't the
    last time I checked). Selective mail download is when a mail client
    downloads a list of the headers of all the messages waiting for the
    user on the mail server. The displayed list typically includes the To,
    From, Subject, Date, and Size parameters of each waiting message. The
    user can then choose which messages to download and which messages to
    delete. The user can also view a message's complete SMTP header as
    written by the mail servers.
    
    The selective mail download technique doesn't prevent you from having
    to work with junk mail, but it does let you filter out countless
    viruses, worms, Trojan horses, and junk messages before they make it
    to your email client. It also lightens the load on desktop antivirus
    and spam-filtering solutions.
    
    Check whether your email client software supports a selective mail
    download feature. If your client does, consider using the feature; if
    not, consider asking your email software vendor to add it.
    
    Microsoft Security Strategies
       Network security is at the forefront of everyone's minds. Microsoft
    has teamed with Avanade and Network Associates to bring you a full day
    of training to better help you secure your organization and keep it
    secure. The event is scheduled for April 8 in Phoenix.
       http://www.winnetmag.com/events/index.cfm?filter=event&fid=430
    
       If you haven't visited our Event Central Web site recently, check
    it out. You'll find information about this event and many others.
    Event Central provides a comprehensive listing of trade shows,
    conferences, and Web seminars targeted to the IT user.
       http://www.winnetmag.com/events
    
    ====================
    
    ==== Sponsor: Symantec ON iPatch - Enterprise Patch Management
    Solution ====
       ON iPatch allows you to proactively patch and secure thousands of
    computers simultaneously--including remote and mobile computers, no
    matter where they are located or connected--and rapidly recover from
    virus corruption, without the significant cost and time delay by
    sending IT staff to remote locations.
       As a result, ON iPatch allows you to cost effectively protect all
    your business-critical systems and minimize the substantial risk of
    lost revenue and downtime caused by future virus and worms.
       Click here to download an evaluation version today
       http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BGFB0AN
    
    ====================
    
    ==== Announcements ====
       (from Windows & .NET Magazine and its partners)
    
    Windows Scripting Solutions for the Systems Administrator
       You might not be a programmer, but that doesn't mean you can't
    easily learn to create and deploy timesaving, problem-solving scripts.
    Discover Windows Scripting Solutions, the monthly print publication
    that helps you tackle common problems and automate everyday tasks with
    simple tools, tricks, and scripts. Try a sample issue today!
       http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BFyu0A3
    
    Register Today for Microsoft Tech·Ed 2004
       Don't miss Tech·Ed 2004 -- May 23-28, 2004 in San Diego, CA -- the
    definitive Microsoft conference for building, deploying, securing and
    managing connected solutions. You'll find 11 conference tracks and
    over 400 sessions. Get answers to your technical questions, meet
    industry experts, evaluate new products, and take advantage of
    extensive networking opportunities. Register today.
       http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BGE40A7
    
    Free Web Seminar--Streamline User Provisioning and Password Management
       Analysts estimate that it costs as much as $50 every time a user
    calls the Help desk with a password-related problem. In this Web
    seminar, you'll discover the tangible benefits of automating,
    provisioning, and centralizing password management as well as how to
    reduce support costs and security breaches by leveraging Windows
    Server 2003 technology. Register today!
       http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BFH30A8
    
    ====================
    
    ==== Sponsor: Virus Update from Panda Software ====
       Are your traditional antivirus solutions really protecting your
    network? Panda Antivirus GateDefender is a dedicated hardware device
    installed at the Internet gateway to block viruses before they
    contaminate your network. It scans 7 different communication
    protocols, achieving optimum protection against external attacks.
    Panda Antivirus GateDefender 7100 (25-500 seats) & Panda Antivirus
    GateDefender 7200 (500 seats+) provide the highest scalability with
    native load balancing that transparently adapts to traffic volume.
       Visit "Panda's GateDefender Stands Guard!" at
       http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BEGa0Ar
    for more information.
    
    ====================
    
    ==== Security News and Features ====
    
    Recent Security Vulnerabilities
       If you subscribe to this newsletter, you also receive Security
    Alerts, which inform you about recently discovered security
    vulnerabilities. You can also find information about these discoveries
    at
       http://www.winnetmag.com/departments/departmentid/752/752.html
    
    Feature: Email Security Suites
       The enterprise is experiencing an email security crisis. Spam now
    constitutes more than 50 percent of all email, and one in every 30
    email messages contains a computer worm or virus. Apart from the real
    damage these scourges can do, they eat up CPU resources, deplete
    bandwidth, take up disk space, and waste our time. Protecting and
    reclaiming email servers from this onslaught should be a top priority
    for every network administrator. Check out products that can help in
    our Email Security Suites Buyer's Guide.
       http://www.winnetmag.com/article/articleid/41397/41397.html
    
    Feature: Using Windows Mobile 2003 to Access Exchange
       Last summer, Microsoft released Windows Mobile 2003, the successor
    to Pocket PC 2002. If you're considering implementing a Windows Mobile
    device as a PDA standard in your enterprise, you'll want to know about
    the new and updated Windows Mobile 2003 connectivity and email
    features and some improvements that will enhance the security of your
    mail system and your enterprise. Read all about how Windows Mobile
    2003 accesses Exchange Server in Joseph Neubauer's article.
       http://www.winnetmag.com/article/articleid/41347/41347.html
    
    Feature: Windows XP SP2 Beta Review
       In January, Microsoft issued a semipublic beta of its upcoming
    Windows XP Service Pack 2 (SP2), a major upgrade that's focused
    largely on security. The XP SP2 beta isn't complete, but it does
    provide an interesting look at the direction the company is taking
    with its so-called "Springboard" security technologies, which are
    designed to retroactively apply recent security thinking to older
    products. Sneak a peek into XP SP2 in Paul Thurrott's review.
       http://www.winsupersite.com/reviews/windowsxp_sp2_preview2.asp
    
    News: Hundreds of Windows XP Registry Tweaks
       The Daily Rotation Web site mirrors news from Geek News Central
    (GNC) and various other sites. Recently, when I was scanning headlines
    at Daily Rotation, I noticed that GNC had posted a link to the Kelly's
    Korner site, which has loads of information for Windows XP users. One
    resource I found interesting is the XP Tweaks section, in which you'll
    find hundreds of registry tweaks for all sorts of situations, many of
    which are tweaks that affect security in one way or another. If you
    use XP, you might want to check it out.
       http://www.kellys-korner-xp.com/xp_tweaks.htm
    
    ====================
    
    ==== Hot Release ====
    Assure On-line Compliance--an on-demand Webcast
       Is your organization up to speed on best practices in website
     management?
       Many organizations find that website management is a critical top
    and bottom line business issue, but surprisingly, on-line compliance
    is often overlooked. To view an on-demand Webcast "Assuring On-line
    Compliance with Industry Standards and Current Legislation" go to:
       http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BFQa0A3
    
    ====================
    
    ==== Instant Poll ====
    
    Results of Previous Poll
       The voting has closed in the Windows & .NET Magazine Network
    Security Web page nonscientific Instant Poll for the question, "Do you
    rely on bootable Windows or Linux disks for system recovery and
    analysis?" Here are the results from the 58 votes.
       - 33% Yes (Windows)
       - 36% Yes (Linux)
       - 19% No, but I plan to start
       - 12% No, and I don't plan to start
    
    New Instant Poll
       The next Instant Poll question is, "Does your company plan to
    implement a server-based mail-authentication solution?" Go to the
    Security Web page and submit your vote for
       - Yes, Sender Policy Framework
       - Yes, DomainKeys
       - Yes, Caller ID for E-Mail
       - Yes, two or more of the above
       - No
       http://www.winnetmag.com/windowssecurity
    
    ==== Security Toolkit ====
    
    Virus Center
       Panda Software and the Windows & .NET Magazine Network have teamed
    to bring you the Center for Virus Control. Visit the site often to
    remain informed about the latest threats to your system security.
       http://www.winnetmag.com/windowssecurity/panda
    
    Virus Alert: Netsky.D
       A new variant of the Netsky worm, Netsky.D, is spreading rapidly.
    The worm spreads by sending copies of itself through its own SMTP
    engine. Copies of the worm target email addresses harvested by
    scanning disk drives (C through Z) of an infected system and network.
    Netsky.D tries to disable other worms, such as MyDoom.A and MyDoom.B,
    and deletes various registry keys.
    http://www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=45205&sind=0
    
    Virus Alert: New Bagle Variants
       Several new variants of the Bagle virus, including Bagle.F,
    Bagle.G, Bagle.H, Bagle.I, Bagle.J, and Bagle.K, have emerged. They
    each spread through email and can reach a computer in an attached .zip
    file that's password protected and thus can't be scanned by some
    antivirus software.
    http://www.pandasoftware.com/virus_info/encyclopedia/overview.aspx?idvirus=45300&sind=0
    
    FAQ: How can I restore the contents of the Default Domain and Default
    Domain Controller Group Policy Objects (GPOs)?
       by John Savill, http://www.winnetmag.com/windowsnt20002003faq
    
    A. You shouldn't modify the Default Domain and Default Domain
    Controller GPOs. Instead, you should create new GPOs and link them to
    the relevant containers. However, if you've already modified a GPO and
    want to restore the default content, perform the steps outlined in
    this FAQ:
       http://www.winnetmag.com/article/articleid/41878/41878.html
    
    Featured Thread: Application Service Ports
       (Two messages in this thread)
       Christian writes that his company is in the process of setting up
    security for its new Web application. The Web application is developed
    in ASP.NET Framework and requests data from Microsoft SQL Server 2000,
    which generates the reports for the clients. His company needs to
    tighten security between the Web server in the demilitarized zone
    (DMZ) and the internal network on which the SQL Server system resides.
    Christian wants to know what service ports must be open for mixed-mode
    authentication for access between the Web server and SQL Server. Lend
    a hand or read the responses:
    http://www.winnetmag.com/forums/messageview.cfm?catid=42&threadid=117538
    
    ==== Event Central ====
       (A complete Web and live events directory brought to you by Windows
    & .NET Magazine: http://www.winnetmag.com/events )
    
    New--Microsoft Security Strategies Roadshow!
       We've teamed with Microsoft, Avanade, and Network Associates to
    bring you a full day of training to help you get your organization
    secure and keep it secure. You'll learn how to implement a
    patch-management strategy; lock down servers, workstations, and
    network infrastructure; and implement security policy management.
    Register now for this free, 20-city tour.
       http://list.winnetmag.com/cgi-bin3/DM/y/eex30CJgSH0CBw0BELe0A1
    
    ==== New and Improved ====
       by Jason Bovberg, products@private
    
    Enable Secure Remote Access
       AEP Systems announced the advanced edition of AEP SureWare A-Gate
    AG-600, a 19" rack-mount appliance for small and midsized enterprises
    that offers secure remote access to company applications and
    resources. SureWare A-Gate AG-600's A-Gate Anywhere component lets
    employees and partners access email and other Web-enabled or Windows
    Terminal Services applications from any PC running a standard browser.
    The appliance's A-Gate Central component gives road warriors and
    remote workers full access to client/server applications from a client
    PC. SureWare A-Gate AG-600 permits remote access for as many as 400
    online users and costs $8995. For more information, contact AEP
    Systems on the Web.
       http://www.aepsystems.com
    
    Policy-Based Remote-Access Security Solution
       OPSWAT and Shavlik Technologies signed an OEM and comarketing
    agreement, and OPSWAT released OPSTOP SecurePatch, an enterprise
    security solution that lets you create and enforce policies
    guaranteeing that only well-patched hosts can gain remote access to
    networks. To create a policy, you define an exact list of the required
    patches or use an automatically updated list (from Microsoft, for
    example). OPSTOP SecurePatch leverages Shavlik's HFNetChk scanning
    engine and Shavlik's HFNetChkPro patch-management solution. For more
    information about the partnership and the products, contact OPSWAT at
    415-543-1534. You can also reach the company on the Web.
       http://www.opswat.com
    
    Tell Us About a Hot Product and Get a T-Shirt!
       Have you used a product that changed your IT experience by saving
    you time or easing your daily burden? Tell us about the product, and
    we'll send you a Windows & .NET Magazine T-shirt if we write about the
    product in a future Windows & .NET Magazine What's Hot column. Send
    your product suggestions with information about how the product has
    helped you to whatshot@private
    
    ==== Contact Us ====
    
    About the newsletter -- letters@private
    About technical questions -- http://www.winnetmag.com/forums
    About product news -- products@private
    About your subscription -- securityupdate@private
    About sponsoring Security UPDATE -- emedia_opps@private
    Primary/Secondary Sponsor: Symantec -- http://www.symantec.com
    
    This email newsletter is brought to you by Windows & .NET Magazine,
    the leading publication for IT professionals deploying Windows and
    related technologies. Subscribe today.
       http://www.winnetmag.com/sub.cfm?code=wswi201x1z
    
    You received this email message because you asked to receive
    additional information about products and services from the Windows &
    .NET Magazine Network. To unsubscribe, send an email message to
    mailto:Security-UPDATE_Unsub@private Thank you!
    
    View the Windows & .NET Magazine privacy policy at
    http://www.winnetmag.com/AboutUs/Index.cfm?action=privacy
    
    Windows & .NET Magazine, a division of Penton Media, Inc.
    221 East 29th Street, Loveland, CO 80538
    Attention: Customer Service Department
    
    Copyright 2004, Penton Media, Inc. All rights reserved.
    
    
    
    
    -
    ISN is currently hosted by Attrition.org
    
    To unsubscribe email majordomo@private with 'unsubscribe isn'
    in the BODY of the mail.
    



    This archive was generated by hypermail 2b30 : Thu Mar 11 2004 - 01:48:47 PST