[ISN] Death of the Frog

From: InfoSec News (isn@private)
Date: Thu May 25 2006 - 00:41:15 PDT


This email newsletter comes to you free and is supported by the 
following advertisers, which offer products and services in which 
you might be interested. Please take a moment to visit these 
advertisers' Web sites and show your support for Security UPDATE. 

SPI Dynamics




1. In Focus: Death of the Frog

2. Security News and Features
   - Recent Security Vulnerabilities
   - Microsoft Swallows Whale Communications
   - SSL VPN Use Increasing
   - Reaping the Benefits of WPA and PEAP

3. Security Toolkit
   - Security Matters Blog
   - FAQ
   - Security Forum Featured Thread
   - Share Your Security Tips

4. New and Improved
   - Secure PDAs and Smart Phones 


==== Sponsor: SPI Dynamics ====

ALERT: "How a Hacker Launches a SQL Injection Attack!"--White Paper
It's as simple as placing additional SQL commands into a Web Form input 
box giving hackers complete access to all your backend systems! 
Firewalls and IDS will not stop such attacks because SQL Injections are 
NOT seen as intruders. Download this *FREE* white paper from SPI 
Dynamics for a complete guide to protection!


==== 1. In Focus: Death of the Frog ====
   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

Two weeks ago, I wrote about Blue Security's Blue Frog service, an 
incredibly effective method for fighting spam. For each spam message a 
Blue Frog user receives, Blue Frog sends one opt-out request to the 
sender of that spam. The end result is that the spammer receives 
millions of email messages, which probably overloads their network, but 
that should be an expected cost of doing spam business--people should 
have a right to opt out anytime they want to. 

Blue Security said that since the inception of Blue Frog, six of the 
top ten spammers had stopped sending spam to Blue Frog users. However, 
one spammer took serious offense and launched a Denial of Service (DoS) 
attack against the company that also affected other networks. All the 
affected networks recovered.

That's the good news--now here's the bad news: Last week, Blue Security 
announced that it closed down its Blue Frog service. In a message 
posted to its Web site, the company said that the reason it ceased 
operation is that "After recovering from the attack, we determined that 
once we reactivated the Blue Community, spammers would resume their 
attacks. We cannot take the responsibility for an ever-escalating cyber 
war through our continued operations.... We have concluded we should 
not take Blue Security to the full deployment stage we originally 
planned to achieve, but we are proud of what we have accomplished thus 
far as a young startup company."

It's true that Blue Frog might have caused spammers to launch continued 
attacks that might have serious effects on other networks, and Blue 
Security did seem to be considering others when making its decision to 
close down the service. But I don't see this decision as being in the 
best interest of the Internet community, including Blue Security, 
because the news gets worse.

After Blue Security decided to discontinue Blue Frog, the spammers 
attacked again! The second DoS attack rendered Blue Security's site 
inaccessible even though Blue Security made considerable technological 
efforts to thwart such attacks.

This second attack was probably meant to send another message.The 
message I take from it is crystal clear but probably isn't what the 
attackers intended: Kowtowing to spammers isn't the solution. 

While closing up shop might seem like a reasonable choice, it's 
essentially the equivalent of handing your network over to a bunch of 
black hat intruders who continually break in. It gives the intruders 
control they don't deserve to have.

I hope Blue Security changes its mind and brings back Blue Frog. If it 
doesn't, I hope that somebody else takes up where Blue Security left 
off, and quickly! Fighting back as a group has proved to be incredibly 
effective, and I'd hate to see momentum lost.


==== Sponsor: Insight ====

Virtual machines can host any number of operating systems on a single 
physical host. Learn about these features of virtualization as well as 
many more in this free whitepaper.


==== 2. Security News and Features ====

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at

Microsoft Swallows Whale Communications
   In a move designed to expand its security offerings, Microsoft 
announced a deal to acquire Israel-based Whale Communications. 
Microsoft thinks Whale's Secure Sockets Layer (SSL) VPN and application 
firewall technologies will complement its Windows Server and Internet 
Security and Acceleration (ISA) Server offerings. 

SSL VPN Use Increasing
   A new study indicates that Secure Sockets Layer (SSL)-based VPNs are 
growing in popularity and could potentially overtake IPsec VPNs as the 
secure connectivity solution of choice. 

Reaping the Benefits of WPA and PEAP
   If you still use Wired Equivalent Privacy (WEP) technology to secure 
your wireless networks, be aware that it has serious flaws. The Wi-Fi 
Protected Access (WPA) standard and subsequent WPA2 standard overcome 
these flaws by adding stronger authentication and encryption and should 
be used whenever possible in preference to WEP. Learn how to use WPA 
and Protected Extensible Authentication Protocol (PEAP) in this article 
by John Howie.


==== Resources and Events ====

Consolidate Windows Event Log and Unix Syslog to save money and ensure 
continuous compliance. Also identify 50 critical events you should be 
monitoring for! Live Web Seminar: Tuesday, June 6

Win a new iPod (for Mac or PC)
   Download a Windows IT Pro podcast on Windows IT Pro Radio by your 
favorite author, editor, or industry figure. You'll automatically be 
entered to win!

Industry expert Mike Otey explains how to design high availability 
options for your SQL Server 2005 environment. He'll also cover Windows 
clustering, database mirroring, and online operations. Live Event: 
Wednesday, May 31, 2006; 12:00 EDT

Learn to gather evidence of compliance across multiple systems and link 
the data to regulatory and framework control objectives. On-demand Web 

Learn all you need to know about code signing technology, including the 
goals and benefits of code signing, how code signing works, and the 
underlying cryptographic and security concepts and building blocks.


==== Featured White Paper ====

How much are you spending on IT compliance? Streamline and automate the 
compliance life cycle with this FREE white paper, and reduce your costs 


==== Hot Spot ====

Try it Free: Access & Control PCs from your USB
   NetOp Remote Control provides the most complete, scalable, and 
secure remote control software available. Access PCs from your desktop, 
PocketPC or USB! NEW On Demand option provides tiny, temporary, 
download with no user installation or firewall configuration and NO per 
session charges. Free evaluation & support.


==== 3. Security Toolkit ==== 

Security Matters Blog: Google Affects Information Security
   by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=2BDBB:4FB69

Certainly you've heard of "Google hacking," which is a way of using 
Google searches to locate potential vulnerabilities. But how else might 
Google affect information security? Find out more in this blog article.

   by John Savill, http://list.windowsitpro.com/t?ctl=2BDBA:4FB69 

Q: How do I enable a quota using the Windows Server 2003 R2 File Server 
Resource Manager (FSRM)?

Find the answer at http://list.windowsitpro.com/t?ctl=2BDB8:4FB69

Security Forum Featured Thread: Securing a Server
   A forum participant wants to know how to secure his Windows server 
by using the built-in TCP/IP filtering and Windows Firewall. He also 
wants to know what other steps he can take. Join the discussion at 

Share Your Security Tips and Get $100
   Share your security-related tips, comments, or problems and 
solutions in the Windows IT Security print newsletter's 
Reader to Reader column. Email your contributions to 
r2rwinitsec@private If we print your submission, you'll 
get $100. We edit submissions for style, grammar, and length.


==== Announcements ====
   (from Windows IT Pro and its partners)

May Exclusive--Get $100 off the Windows IT Security Newsletter
   For a limited time, order the Windows IT Security newsletter and 
SAVE up to $100! In addition to 12 helpful issues loaded with solutions 
you won't find anywhere else, you'll get FREE access to the entire 
Windows IT Security online article database. Subscribe now:

Memorial Day Special--Save 58% off Windows IT Pro
   Subscribe to Windows IT Pro today and SAVE 58%! Along with your 12 
issues, you'll get FREE access to the entire Windows IT Pro online 
article archive, which houses more than 9,000 helpful articles. This is 
a limited-time offer, so order now:


==== 4. New and Improved ====
   by Renee Munshi, products@private

Secure PDAs and Smart Phones
   Utimaco Safeware has extended its encryption and authentication 
software, SafeGuard PDA, to work with Windows Mobile 5.0 and with 
Integrated Information & Communication Systems' (IICS's) certgate Smart 
Card MMC (Multimedia Card). With SafeGuard PDA 4.10, PDA users can log 
on to their PDAs by inserting a small smart card into their PDA and 
entering a PIN. SafeGuard PDA 4.10 also automatically encrypts data on 
Windows Mobile 2003-based devices at runtime. SafeGuard PDA 4.10 is 
available for Windows Mobile 2003, Windows Mobile 5.0, Symbian OS, and 
Palm OS, so companies that use different mobile platforms can now 
implement one security solution to protect their different PDAs and 
smart phones. For more information, go to

Tell Us About a Hot Product and Get a T-Shirt!
   Have you used a product that changed your IT experience by saving 
you time or easing your daily burden? Tell us about the product, and 
we'll send you a T-shirt if we write about the product in a future 
Windows IT Pro What's Hot column. Send your product suggestions with 
information about how the product has helped you to 


==== Contact Us ==== 

About the newsletter -- letters@private
About technical questions -- http://list.windowsitpro.com/t?ctl=2BDBE:4FB69
About product news -- products@private
About your subscription -- windowsitproupdate@private
About sponsoring Security UPDATE -- salesopps@private


This email newsletter is brought to you by Windows IT Security, 
the leading publication for IT professionals securing the Windows 
enterprise from external intruders and controlling access for 
internal users. Subscribe today.

View the Windows IT Pro privacy policy at

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2006, Penton Media, Inc. All rights reserved.

Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches.

This archive was generated by hypermail 2.1.3 : Thu May 25 2006 - 00:51:56 PDT