[ISN] Inside Security Administrator UPDATE--August 27, 2004

From: InfoSec News (isn@private)
Date: Sun Aug 29 2004 - 23:30:22 PDT


==== This Issue Sponsored By ====

Windows Scripting Solutions
   http://list.winnetmag.com/cgi-bin3/DM/y/ehF20CJgSH0CBw0BFyu0AG

Get Your Free Email Security Toolkit from Postini
   http://list.winnetmag.com/cgi-bin3/DM/y/ehF20CJgSH0CBw0BKqm0A4

====================
1. New Additions to the Online Article Archive

     September 2003 Issue
     - Focus: Preparing for Windows Server 2003
     - Features
     - Access Denied
     - NT Gatekeeper

2. What's New in the Latest Issue

     September 2004 Issue
     - Focus: Windows XP SP2 Makes Internet Exploring Safer
     - Feature: Safer Internet Exploring

==== Sponsor: Windows Scripting Solutions ====

   Try a Sample Issue of Windows Scripting Solutions
   Windows Scripting Solutions is the monthly newsletter from Windows
& .NET Magazine that shows you how to automate time-consuming,
administrative tasks by using our simple downloadable code and
scripting techniques. Sign up for a sample issue right now, and find
out how you can save both time and money. Click here!
   http://list.winnetmag.com/cgi-bin3/DM/y/ehF20CJgSH0CBw0BFyu0AG

====================

Security Administrator is a monthly, paid, print newsletter loaded
with news and tips to help you manage, optimize, and secure your
Web-enabled enterprise. Nonsubscribers can access all the newsletter
content in the online article archive from the premiere issue of
Security Administrator (February 2001) through the print issue
released 1 year ago and featured below.

In addition to receiving the monthly print newsletter, subscribers can
access all the newsletter content, including the most recent issue, at
the Security Administrator Web site.
   http://www.winnetmag.com/windowssecurity

Subscribe today and access all the issues online!
   https://secure.pentontech.com/nt/security/index.cfm?promocode=00wi25xxhm

====================

==== 1. New Additions to the Online Article Archive ====

September 2003 Issue
   To access this issue of Security Administrator, go to the following
URL:
   http://www.winnetmag.com/windowssecurity/issues/issueid/661/index.html

Focus: Preparing for Windows Server 2003
   Learn about changes Microsoft made to its latest server OS to make
it more secure out of the box. Other features describe how to
configure ISA Server clients, block pop-up ads, understand event ID
560, and much more.

Features

Configuring ISA Server Clients
   ISA Server's Web Proxy Autodiscovery capability and Firewall Client
software make setup a breeze for intranet clients that use ISA Server
to get to the Internet.
   --Leon Braginski
   http://www.winnetmag.com/windowssecurity/article/articleid/39675/39675.html

Netcat
   Discover the varied uses of this handy port-scanning and
file-transfer tool.
   --Jeff Fellinge
   http://www.winnetmag.com/windowssecurity/article/articleid/39680/39680.html

Windows Server 2003: Secure by Default
   These 10 changes to default security mechanisms and OS
configuration standards help make Windows 2003 more secure out of the
box.
   --Joe Rudich
   http://www.winnetmag.com/windowssecurity/article/articleid/39808/39808.html

Access Denied

Detecting PPTP Attacks on Remote Access Servers
   Learn how to determine if an attacker is trying to access your RAS
server by guessing usernames and passwords.
   --Randy Franklin Smith
   http://www.winnetmag.com/windowssecurity/article/articleid/39685/39685.html

Restricting the Programs Users Can Run
   Software restriction policies provide more control than APPSEC
does.
   --Randy Franklin Smith
   http://www.winnetmag.com/windowssecurity/article/articleid/39684/39684.html

Understanding Event ID 560
   Learn how to distinguish between password changes and password
resets.
   --Randy Franklin Smith
   http://www.winnetmag.com/windowssecurity/article/articleid/39686/39686.html

Using Passwords with Kerberos
   Although more resistant to cracking than NTLM, Kerberos is still
vulnerable in the absence of strong passwords.
   --Randy Franklin Smith
   http://www.winnetmag.com/windowssecurity/article/articleid/39683/39683.html

NT Gatekeeper

Granting the Bypass Traverse Checking Advanced User Right
   Learn the pros and cons of letting users bypass directory traversal
access checks.
   --Jan De Clercq
   http://www.winnetmag.com/windowssecurity/article/articleid/39678/39678.html

Using NewSID to Acquire Unique SIDs
   Learn how to use the NewSID tool to fix a security identity
uniqueness problem.
   --Jan De Clercq
   http://www.winnetmag.com/windowssecurity/article/articleid/39676/39676.html

Using PuList to Determine SID Processes
   The PuList command-line tool can display the identity of every
process running on your NT 4.0 system.
   --Jan De Clercq
   http://www.winnetmag.com/windowssecurity/article/articleid/39679/39679.html

====================

==== Announcements ====
   (brought to you by Windows & .NET Magazine and its partners)

Do You Find Monitoring Windows Servers a Daunting Task?
   In this free eBook, we'll examine four main types of monitoring
crucial to any network: performance, capacity, availability, and
security. For each area, you'll find out the most important events and
conditions to monitor to maximize performance, manage capacity, ensure
availability, and stay on top of security. Download this free eBook
today!
   http://list.winnetmag.com/cgi-bin3/DM/y/ehF20CJgSH0CBw0BKgv0A3

Achieving Service Management May Be Your Destination, but Do You Have
the Road Map That Will Take You There?
   During this expert panel discussion, you'll get real-world
perspectives about how to make the move from the traditional
systems-management practice of monitoring individual IT elements to
mapping the interdependencies and managing the elements as a single
complete service. Register now for this free Web seminar!
   http://list.winnetmag.com/cgi-bin3/DM/y/ehF20CJgSH0CBw0BKgw0A4

==== Sponsor: Get Your Free Email Security Toolkit from Postini ====

   Get Equipped to Fight Against Spammers With Our Latest Email
Security Toolkit II – Includes White Papers, Web Seminar, eBook
   Take the next steps against the "silent killer" and learn how to
prepare for directory harvest attacks. Plus, find out how to eliminate
spam and viruses by learning spammers’ new covert tactics designed to
get past conventional spam content filters. You'll discover real-world
examples of new attacks and threats so you can learn what you must do
to protect your organization. Get the latest Email Security Toolkit
now!
   http://list.winnetmag.com/cgi-bin3/DM/y/ehF20CJgSH0CBw0BKqm0A4

====================

==== 2. What's New in the Latest Issue ====

September 2004 Issue

Focus: Windows XP SP2 Makes Internet Exploring Safer
   New service pack adds security enhancements to IE; use packet
filtering to add an extra layer of network protection; learn about
LogParser's Strings field.

The following article is available at no charge to nonsubscribers for
a limited time:

Feature

Safer Internet Exploring
   In XP SP2, Microsoft Internet Explorer (IE) includes important
security enhancements such as an add-on manager, a pop-up blocking
mechanism, and Local Machine security zone lockdown.
   --Jan De Clercq
   http://list.winnetmag.com/cgi-bin3/DM/y/ehF20CJgSH0CBw0BKqn0A5

Subscribers have access to the entire contents of the September 2004
issue. For a list of the other articles available in this issue, visit
the URL below.
   http://www.winnetmag.com/windowssecurity/issues/issueid/727/index.html

====================

==== Events Central ====
 (brought to you by Windows & .NET Magazine)

New Web Seminar! Email Security and Compliance for Financial Services:
What You Need to Know to Safeguard Your Organization
   Are you a financial services company bogged down with email
management? In this free Web seminar, learn how to make a case to
purchase a reliable email security management solution to help you
enforce email security, safeguard the privacy of your messages, and
reduce potential liability or risk associated with email
communications. Register now!
   http://list.winnetmag.com/cgi-bin3/DM/y/ehF20CJgSH0CBw0BKgx0A5

====================

==== Contact Us ====

About the newsletter -- letters@private
About technical questions -- http://www.winnetmag.com/forums
About product news -- products@private
About your subscription -- securityupdate@private
About sponsoring UPDATE -- emedia_opps@private

====================

   This email newsletter is brought to you by Security Administrator,
the print newsletter with independent, impartial advice for IT
administrators securing Windows and related technologies. Subscribe
today.
   https://secure.pentontech.com/nt/security/index.cfm?promocode=00wi25xxhm

You received this email message because you requested to receive
additional information about products and services from the Windows &
.NET Magazine Network. To unsubscribe, send an
email message to mailto: Security-UPDATE_Unsub@private
Thank you!

View the Windows & .NET Magazine Privacy policy at
http://www.winnetmag.com/AboutUs/Index.cfm?action=privacy

Windows & .NET Magazine a division of Penton Media Inc.
221 East 29th Street, Loveland, CO 80538,
Attention: Customer Service Department

Copyright 2004, Penton Media, Inc.  All Rights Reserved.



_________________________________________
Open Source Vulnerability Database (OSVDB) Everything is Vulnerable - http://www.osvdb.org/



This archive was generated by hypermail 2.1.3 : Mon Aug 30 2004 - 00:56:15 PDT