[ISN] Windows & .NET Magazine Security UPDATE--Wiping Old Hard Disks Clean--March 31, 2004

From: InfoSec News (isn@private)
Date: Fri Apr 02 2004 - 04:23:03 PST

  • Next message: InfoSec News: "[ISN] Secunia Weekly Summary - Issue: 2004-14"

    ====================
    
    ==== This Issue Sponsored By ====
    
    Symantec ON iPatch - First Enterprise Patch Management Solution
       http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0BGbT0AO
    
    Symantec V2i Protector - Real-time Backup/Recovery
       http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0BGbS0AN
    
    ====================
    
    * In Focus: Wiping Old Hard Disks Clean
    
    * Security News and Features
       - News: Scripting MBSA 1.2
       - News: Windows 2003 AD Quotas
       - News: Cryptcat and Netcat; Secure Your Domain for 100 Years
       - News: Three Betas: XP SP2, LimitLogon, Mozilla 1.7
    
    * New and Improved
       - Respond to Network Security Information in Real Time
    
    ====================
    
    ==== Sponsor: Symantec ON iPatch - First Enterprise Patch Management
    Solution ====
       ON iPatch lets you proactively patch and secure thousands of
    computers simultaneously - including remote and mobile computers, no
    matter where they are located or connected - and rapidly recover from
    virus corruption, without the significant cost and time delay of
    sending IT staff to remote locations.
       ON iPatch proactively identifies and installs all missing patches
    and removes unauthorized files and applications. It provides an
    automated, unattended solution for a security audit of all your
    managed computers, and has the ability to place corrupted computers in
    "safe mode" and then execute remediation utilities off line in a 100%
    unattended manner.
       Click here for more information:
       http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0BGbT0AO
    
    ====================
    
    ==== In Focus: Wiping Old Hard Disks Clean ====
       by Mark Joseph Edwards, News Editor, mark at ntsecurity dot net
    
    A component that's typically changed during computer upgrades is the
    hard disk. Users run out of space and need a larger disk, particularly
    if their existing disks are somewhat old and therefore probably have
    less capacity.
    
    Swapping out disks or complete systems is common, but I wonder whether
    you wipe clean your old disks before sending them off for recycling or
    resale. If you do wipe the disks, are you sure that data can't be
    recovered from them?
    
    Some people might think that simply using Fdisk to destroy partitions
    is a good enough technique for eliminating data. After all, if the
    partitions are gone, who could recover the data, right? Wrong. Fdisk
    changes only partition tables--it doesn't touch the other sectors on
    the drive. So any data that users stored on those other sectors is
    still there, which means that someone with a little knowledge could
    recover that data.
    
    Simson Garfinkel wrote the article "Hard Disk Risk" about a year ago
    for CSO Magazine. In the article, Garfinkel talks about his adventures
    in purchasing old hard drives at resale shops and the data that he
    found on them. One drive was formerly used in an ATM machine and
    contained a year's worth of transaction records; another drive had
    more than 5000 credit card numbers; yet another had sensitive personal
    information about an individual Only 10 percent of the drives
    Garfinkel purchased were properly wiped of data.
       http://www.simson.net/clips/2003.CSO.04.hard_disk_risk.htm
    
    To wipe a disk clean, you need to overwrite all sectors on a drive in
    some fashion. Some disk-wiping tools can overwrite sectors numerous
    times to better ensure that the magnetic flux (which is the means by
    which data is recorded) is dramatically changed so that little if any
    flux remains to be used toward data recovery. Or you might decide that
    one overwrite process is enough for your needs.
    
    Garfinkel raises an interesting question: If you give your old
    hardware to resellers or other organizations, do you trust these
    organizations to satisfactorily delete your data? You might consider
    wiping your own drives before you release them from your control. To
    get the job done, you might use Autoclave, LSoft Technologies'
    Active@KillDisk, Stellar Information Systems' Stellar Wipe Safe Data
    Eraser, Heidi Computers' Eraser, or any number of other tools designed
    to destroy disk-based data.
       http://staff.washington.edu/jdlarios/autoclave
       http://www.killdisk.com
       http://www.stellarinfo.com/file-eraser.htm
       http://www.heidi.ie/eraser
    
    If you're interested in some facts as well as theory about how someone
    might recover data from your old drives and how disk-wiping technology
    can help prevent that from happening, be sure to read Peter Gutmann's
    extensive article on the subject.
    http://www.usenix.org/publications/library/proceedings/sec96/full_papers/gutmann/
    
    Last week, I requested feedback about this newsletter. I've received
    numerous responses and want to thank those of you who did respond.
    However, I'd like to hear from even more of you! If you're so
    inclined, please email me your comments. If you missed last week's
    editorial, you can read it at the URL below. In essence, I welcomed
    any suggestions, comments, or critiques regarding this newsletter.
    Send your response to mark at ntsecurity dot net, and please prefix
    the subject line with "SECUPD" so that I can more easily identify
    responses to this request.
       http://www.winnetmag.com/article/articleid/42127/42127.html
    
    ====================
    
    ==== Sponsor: Symantec V2i Protector – Real-time Backup/Recovery ====
       In the event of a security threat or disaster V2i Protector
    provides a real-time, disk-based backup and disaster recovery solution
    designed to capture a system's active state.  Using V2i Protector, you
    can also quickly restore failed systems to a specified point-in-time
    by performing a full system restoration, a complete bare metal
    recovery or restore individual files and folders in minutes.
       V2i Protector creates exact backups of volumes/partitions through
    the use of snapshot technology. This captures all files and volumes,
    including system personalities and configurations.
       Click here to download an evaluation version today:
       http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0BGbS0AN
    
    ====================
    
    ==== Security News and Features ====
    
    Recent Security Vulnerabilities
       If you subscribe to this newsletter, you also receive Security
    Alerts, which inform you about recently discovered security
    vulnerabilities. You can also find information about these discoveries
    at
       http://www.winnetmag.com/departments/departmentid/752/752.html
    
    News: Scripting MBSA 1.2
       Updated sample scripts are now available for the Microsoft Baseline
    Security Analyzer (MBSA) 1.2. Microsoft published the updates on March
    17.
       http://www.winnetmag.com/article/articleid/42116/42116.html
    
    Feature: Windows 2003 AD Quotas
       Windows Server 2003 has a new Active Directory (AD) quotas feature
    that lets you monitor and limit the number of objects a security
    principal (user, group, or computer) can create in a partition. This
    feature is similar to the built-in quota that Windows 2000 and later
    versions assign to authenticated users for creating computer objects
    except that the new Windows 2003 quotas apply to all object types.
    Robbie Allen explains the new feature in this article on our Web site.
       http://www.winnetmag.com/article/articleid/41898/41898.html
    
    News: Cryptcat and Netcat; Secure Your Domain for 100 Years
       You've probably heard of Netcat, a flexible network utility that
    can perform all sorts of functions. But have you heard of Cryptcat?
    The tool has been around for almost 4 years, but plenty of people
    don't know it exists. Network Solutions now lets you secure your
    domain name for 100 years in advance for $999.
       http://www.winnetmag.com/article/articleid/42131/42131.html
    
    News: Three Betas: XP SP2, LimitLogon, Mozilla 1.7
       Microsoft released Windows XP Service Pack 2 (SP2) to public beta
    last week. Along with the beta, the company established 11 newsgroups
    in which users can discuss various aspects of the service pack. The
    ieXbeta.com Web site reports that Microsoft is now accepting
    applications for beta testers of an upcoming Windows Server 2003
    Resource Kit tool, LimitLogon, which will let you limit the number of
    allowed concurrent sessions per user in an Active Directory (AD)
    domain. The tool requires Windows 2003 and Microsoft IIS 6.0. The
    Mozilla Organization released the Mozilla 1.7 public beta. The new
    version includes improved cookie controls, support for SMTP "MSN
    Authentication" in the mail client, performance improvements, and
    several other enhancements.
       http://www.winnetmag.com/article/articleid/42093/42093.html
    
    ====================
    
    ==== Sponsor: Virus Update from Panda Software ====
       Are your traditional antivirus solutions really protecting your
    network? Panda Antivirus GateDefender is a dedicated hardware device
    installed at the Internet gateway to block viruses before they
    contaminate your network. It scans 7 different communication
    protocols, achieving optimum protection against external attacks.
    Panda Antivirus GateDefender 7100 (25-500 seats) & Panda Antivirus
    GateDefender 7200 (500 seats+) provide the highest scalability with
    native load balancing that transparently adapts to traffic volume.
       Visit "Panda's GateDefender Stands Guard!" at
    http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0BEGa0A7
    for more information.
    
    ====================
    
    ==== Announcements ====
       (from Windows & .NET Magazine and its partners)
    
    Windows & .NET Magazine Connections
       Windows & .NET Magazine Connections features speakers from
    Microsoft and other top independent experts. Complete details about
    workshops, breakout sessions, and speakers are now online. All
    attendees will get a chance to win a Florida vacation. Keep your
    competitive edge by learning from the world's best experts. Go online
    now to register.
       http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0KXQ0A8
    
    Take Our Brief Survey!
       Does your company use third-party management tools to manage your
    Microsoft Windows network? If you do, Windows & .NET Magazine would
    like to hear from you about your preferences. Please respond to our
    short survey regarding Windows management tools and we'll enter you in
    a drawing to win one of two $50 Amazon.com gift certificates.
       http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0BGAr0AL
    
    ====================
    
    ==== Hot Release: Free Trial SSL Certificate from Thawte ====
       Take your first step towards giving your online business a
    competitive advantage. Test-drive a Thawte SSL certificate - our easy
    online guide will show you how.
       Click here to get started:
       http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0BGmP0AV
    
    ====================
    
    ==== Security Toolkit ====
    
    Virus Center
       Panda Software and the Windows & .NET Magazine Network have teamed
    to bring you the Center for Virus Control. Visit the site often to
    remain informed about the latest threats to your system security.
       http://www.winnetmag.com/windowssecurity/panda
    
    FAQ: Can I Move Microsoft Exchange Server Systems Between
    Administrative Groups?
       by John Savill, http://www.winnetmag.com/windowsnt20002003faq
    
    A. No, even in a native Exchange Server 2003 organization, you can't
    move servers between administrative groups. However, if you're running
    Exchange in native mode, you can move mailboxes between administrative
    groups. To work around the inability to move Exchange servers between
    administrative groups, you can delete a server in one group and
    recreate it from scratch in another by performing the following steps:
    
       1. Remove all resources and mailboxes from the server you want to
    move (in native mode, you can move the mailboxes to another server
    temporarily or use Exmerge to export the mailboxes).
       2. Remove the server from the administrative group (i.e., uninstall
     Exchange).
       3. Rebuild the server and select the new administrative group.
       4. If Exchange is in native mode, move the mailboxes from the
    temporary Exchange server back to the original server. If you used
    Exmerge, import the mailboxes and relink them to the Active Directory
    (AD) accounts.
    
    Featured Thread: pcAnywhere with ISA Server
       (Four messages in this thread)
       Yushi writes that a client has requested that Yushi set up
    pcAnywhere on the client's server so that the client can remotely
    administer a database. The server is running Small Business Server
    (SBS) 2000 and Internet Security and Acceleration (ISA) Server. Yushi
    wants to know how to configure ISA Server to allow access to
    pcAnywhere. Lend a hand or read the responses:
    http://www.winnetmag.com/forums/messageview.cfm?catid=42&threadid=118332
    
    ==== Events Central ====
       (A complete Web and live events directory brought to you by Windows
    & .NET Magazine: http://www.winnetmag.com/events )
    
    New Web Seminar
       Preemptive Email Security: How Enterprise Rent-A-Car Eliminates
     Spam
       Get the inside scoop on how Enterprise Rent-A-Car eliminated spam
    and viruses, improved their email security, and increased
    productivity. Don't miss this opportunity to educate yourself and
    become a smarter customer when it comes to choosing an antispam
    solution that best fits your organization's needs. Sign up for this
    free Web seminar today!
    http://list.winnetmag.com/cgi-bin3/DM/y/efG60CJgSH0CBw0BGhc0Aj
    
    ==== New and Improved ====
       by Jason Bovberg, products@private
    
    Respond to Network Security Information in Real Time
       eEye Digital Security and e-Security announced an enterprise
    threat-management solution. The eEye Retina Network Security Scanner
    scans every machine on a corporate network for vulnerabilities and
    immediately makes that information available to the e-Security ESM
    real-time management console, so you have accurate and timely
    information available to help you prioritize resources for
    vulnerability remediation. For more information about this
    partnership, contact eEye or e-Security on the Web.
       http://www.eeye.com
       http://www.esecurity.net
    
    Tell Us About a Hot Product and Get a T-Shirt!
       Have you used a product that changed your IT experience by saving
    you time or easing your daily burden? Tell us about the product, and
    we'll send you a Windows & .NET Magazine T-shirt if we write about the
    product in a future Windows & .NET Magazine What's Hot column. Send
    your product suggestions with information about how the product has
    helped you to whatshot@private
    
    ===================
    
    ==== Contact Us ====
    
    About the newsletter -- letters@private
    About technical questions -- http://www.winnetmag.com/forums
    About product news -- products@private
    About your subscription -- securityupdate@private
    About sponsoring Security UPDATE -- emedia_opps@private
    
    ====================
    
    ==== Contact Our Sponsors ====
    
    Primary/Secondary Sponsor:
       Symantec -- http://www.symantec.com
    
    Hot Release Sponsor:
       Thawte -- http://www.thawte.com
    
    ====================
    
    This email newsletter is brought to you by Windows & .NET Magazine,
    the leading publication for IT professionals deploying Windows and
    related technologies. Subscribe today.
       http://www.winnetmag.com/sub.cfm?code=wswi201x1z
    
    You received this email message because you asked to receive
    additional information about products and services from the Windows &
    .NET Magazine Network. To unsubscribe, send an email message to
    mailto:Security-UPDATE_Unsub@private Thank you!
    
    View the Windows & .NET Magazine privacy policy at
    http://www.winnetmag.com/AboutUs/Index.cfm?action=privacy
    
    Windows & .NET Magazine, a division of Penton Media, Inc.
    221 East 29th Street, Loveland, CO 80538
    Attention: Customer Service Department
    
    Copyright 2004, Penton Media, Inc. All rights reserved.
    
    
    
    _______________________________________________
    isn mailing list
    isn@private
    http://www.attrition.org/mailman/listinfo/isn
    



    This archive was generated by hypermail 2b30 : Fri Apr 02 2004 - 08:26:17 PST