PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE: Tap into the Potential Value of Compliance http://list.windowsitpro.com/t?ctl=345FB:7EB890 Clean Up Your Company's Email Act: Using Filters to Block Threats http://list.windowsitpro.com/t?ctl=345F0:7EB890 The Starter PKI Program http://list.windowsitpro.com/t?ctl=345F1:7EB890 === CONTENTS =================================================== IN FOCUS: AxMan, Malware Search, and Bugle NEWS AND FEATURES - Microsoft Testing Daily Malware Definition Updates - Security Guru Leaves Microsoft - The Balancing Act Between Security and Usability - Recent Security Vulnerabilities GIVE AND TAKE - Security Matters Blog: Build Your Own Firewall - FAQ: Displaying a File's Full Path in Windows Explorer - From the Forum: Authenticating Wireless Users - Share Your Security Tips PRODUCTS - Encrypt Your Removable Media - Wanted: Your Reviews of Products RESOURCES AND EVENTS FEATURED WHITE PAPER ANNOUNCEMENTS === SPONSOR: Quest Software ==================================== Tap into the Potential Value of Compliance If your compliance solutions only address compliance, you're not getting the most for your budget dollar. The new Quest Software white paper, "Leveraging Business Value from Compliance Efforts," offers expert tips for identifying compliance solutions with high business value. Read the white paper now. http://list.windowsitpro.com/t?ctl=345FB:7EB890 === IN FOCUS: AxMan, Malware Search, and Bugle ================= by Mark Joseph Edwards, News Editor, mark at ntsecurity / net If you read my Security Matters blog, you might remember me mentioning the Month of Browser Bugs, in which one new browser bug was to be posted to a Web site each day during the month of July. Well, July is over, but you can still read about all the browser bugs at the following URL: http://list.windowsitpro.com/t?ctl=34603:7EB890 The Month of Browser Bugs was driven by well-known security researcher H.D. Moore and some of his associates. Moore is probably best known as the developer of the Metasploit Toolkit. Moore has a couple other useful tools that you might not be aware of: AxMan and Malware Search. According to Moore, "[AxMan] was used to discover and debug almost every single ActiveX flaw published during the Month of Browser Bugs." AxMan is an ActiveX fuzzer that can find bugs in COM objects through Microsoft Internet Explorer (IE). In case you don't know, a fuzzer injects random data into a program or object in an effort to find flaws or vulnerabilities. Moore recently made the AxMan package freely available for download. There's also an online demo you can try: http://list.windowsitpro.com/t?ctl=34601:7EB890 Malware Search is a search tool that uses Google queries to look for the "fingerprints" of known malware on the Internet. A fingerprint includes the date and time the malware was received, the size of the code image, the address entry point, and the size of the code itself. The tool consists of a set of scripts written in Ruby and comes with a database of several dozen signatures. One of the scripts lets you generate a new fingerprint when a new malware file pops up on your network. To perform a malware search or download the tool, go to the following URL: http://list.windowsitpro.com/t?ctl=345FE:7EB890 Bugle, another new Web search tool by Emmanouel Kellinis, is essentially a list of search engine queries that look for possible security bugs in source code that has been indexed by Google. Bugle uses a "filetype" parameter along with function calls in the queries to specify the type of files to look in for the specific problematic function. For example, one query finds possible SQL injection vulnerabilities by looking for the function call "executequery request.getparameter" in .java files. Another query finds possible cross-site scripting problems in Active Server Pages (ASP) applications by looking for "response.write request.form" in .asp files. At the time of this writing, Google returned 452 results for the first example and 149 for the second example. Keep in mind that not every piece of code returned in the search results has vulnerabilities. The potential for a vulnerability typically depends on how the developer implemented the code, so you'll need to understand a bit about writing code in order to make a determination. Kellinis invites the public to develop other queries and submit them for inclusion in his list. If you like to hunt for vulnerabilities or are curious about whether an application you're interested in using might contain vulnerabilities, bookmark the site and use it when the need arises. http://list.windowsitpro.com/t?ctl=345F9:7EB890 === SPONSOR: St. Bernard Software ============================== Clean Up Your Company's Email Act: Using Filters to Block Threats Do you want to block unwanted or undesirable email? Download this free whitepaper to learn how to manage the content of information crossing your network. http://list.windowsitpro.com/t?ctl=345F0:7EB890 === SECURITY NEWS AND FEATURES ================================= Microsoft Testing Daily Malware Definition Updates Those who use Microsoft's anti-malware solution, Windows Defender, have probably noticed that Microsoft is currently testing its malware signature update pipeline by publishing updates each weekday instead of biweekly. Find out why in this news story. http://list.windowsitpro.com/t?ctl=345EB:7EB890 Security Guru Leaves Microsoft Amid the major shake-ups in management at Microsoft, one of the company's more notable security gurus, Jesper Johansson, announced that he's leaving the company to work for online retail giant Amazon. http://list.windowsitpro.com/t?ctl=345F4:7EB890 The Balancing Act Between Security and Usability If your network's security is too tight, your network is more difficult to use and manage. If it's too loose, your network is vulnerable to attacks. Apostolos Fotakelis explains how he achieves balance in this Reader to Reader article. http://list.windowsitpro.com/t?ctl=345EC:7EB890 Recent Security Vulnerabilities If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at http://list.windowsitpro.com/t?ctl=345F3:7EB890 === SPONSOR: Thawte ============================================ The Starter PKI Program Test the Starter PKI Program to benefit your company with timesaving convenience and secure multiple domains and host names. http://list.windowsitpro.com/t?ctl=345F1:7EB890 === GIVE AND TAKE ============================================== SECURITY MATTERS BLOG: Build Your Own Firewall by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=34600:7EB890 Have a spare system and a couple of NICs lying around? You can use them to build your own firewall without too much trouble. Get the link that shows you how in this blog entry. http://list.windowsitpro.com/t?ctl=345F5:7EB890 FAQ: Displaying a File's Full Path in Windows Explorer by John Savill, http://list.windowsitpro.com/t?ctl=345FD:7EB890 Q: How can I modify the registry to enable the option to display the full path in the Windows Explorer Address bar? Find the answer at http://list.windowsitpro.com/t?ctl=345E9:7EB890 FROM THE FORUM: Authenticating Wireless Users A forum participant wants to use Remote Authentication Dial-In User Service (RADIUS) and Protected Extensible Authentication Protocol (PEAP) to authenticate wireless users, but he's experiencing some problems. Help him out at: http://list.windowsitpro.com/t?ctl=345EA:7EB890 SHARE YOUR SECURITY TIPS AND GET $100 Share your security-related tips, comments, or problems and solutions in the Windows IT Security print newsletter's Reader to Reader column. Email your contributions to r2rwinitsec@private If we print your submission, you'll get $100. We edit submissions for style, grammar, and length. === PRODUCTS =================================================== by Renee Munshi, products@private Encrypt Your Removable Media Addonics Technologies offers Cipher UDD, an encryption/decryption hardware device for securing data on removable media. You plug the portable (4.63-inch x 5.4-inch x .98-inch) device into your computer via a USB 2.0 or eSATA connection. Cipher UDD has a standard Type II PC card slot that accommodates standard PC cards and ATA flash cards. For other form factors, Addonics provides an array of adapters that can be purchased separately or as a bundled solution. Cipher UDD works with most systems and OSs as long as the user has the Cipher key. The base model has 64-bit encryption and costs $79. A model providing 128-bit encryption is also available. For more information, go to http://list.windowsitpro.com/t?ctl=34605:7EB890 WANTED: your reviews of products you've tested and used in production. Send your experiences and ratings of products to whatshot@private and get a Best Buy gift certificate. === RESOURCES AND EVENTS ======================================= Windows Connections Conference Now in its seventh year, Windows Connections returns November 6-9, at Mandalay Bay in Las Vegas. Don't miss your chance to interact with industry experts and hear the latest information on Windows Server 2003, Windows 2000 Server, and Windows XP Professional! Register and attend sessions at Microsoft Exchange Connections FREE! http://list.windowsitpro.com/t?ctl=34604:7EB890 Gear up for TechX World Roadshow Hear first-hand from today's leading interoperability experts, vendors, and peers at this exclusive one-day event. You'll learn about managing OS interoperability, directory migration, data interoperability, and much more. Register for the early-bird special of $129 by August 31! http://list.windowsitpro.com/t?ctl=345FC:7EB890 Learn all you need to know about code-signing technology, including the goals and benefits of code signing, how code signing works, and the underlying cryptographic and security concepts and building blocks. http://list.windowsitpro.com/t?ctl=345F2:7EB890 Randy Franklin Smith outlines five evaluation points to consider when choosing your antispyware solution in this free podcast. Download it today! http://list.windowsitpro.com/t?ctl=345EE:7EB890 When your systems go down, your users' productivity grinds to a halt. User downtime is one of the fastest growing concerns among businesses. This free Web seminar teaches you how to keep your users continuously connected and your business up and running. Live event: Thursday, August 24 http://list.windowsitpro.com/t?ctl=345ED:7EB890 === FEATURED WHITE PAPER ======================================= Antivirus or patching software alone isn't enough to protect your valuable systems from spyware. Learn how an enterprise antispyware solution gives you an affordable--and most important, effective, solution to spyware. Download the free whitepaper today! http://list.windowsitpro.com/t?ctl=345EF:7EB890 === ANNOUNCEMENTS ============================================== Monthly Online Pass--only $5.95 per month! Includes instant online access to every article ever written in Windows IT Pro magazine, plus the latest digital issue. Order now: http://list.windowsitpro.com/t?ctl=345F6:7EB890 Save $40 off SQL Server Magazine Subscribe to SQL Server Magazine today and SAVE up to $40! Along with your 12 issues, you'll get FREE access to the entire SQL Server Magazine online article archive, which houses more than 2,300 helpful SQL Server articles. This is a limited-time offer, so order now: http://list.windowsitpro.com/t?ctl=345F7:7EB890 ================================================================ Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and the Windows IT Security newsletter (subscribe at the second URL below). http://list.windowsitpro.com/t?ctl=345FF:7EB890 http://list.windowsitpro.com/t?ctl=345F8:7EB890 Subscribe to Security UPDATE at http://list.windowsitpro.com/t?ctl=345FA:7EB890 Be sure to add Security_UPDATE@private to your antispam software's list of allowed senders. To contact us: About Security UPDATE content -- letters@private About technical questions -- http://list.windowsitpro.com/t?ctl=34602:7EB890 About your product news -- products@private About your subscription -- windowsitproupdate@private About sponsoring Security UPDATE -- salesopps@private View the Windows IT Pro privacy policy at http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy Windows IT Pro, a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538 Attention: Customer Service Department Copyright 2006, Penton Media, Inc. All rights reserved. _________________________________ Visit the InfoSec News store! http://www.shopinfosecnews.org
This archive was generated by hypermail 2.1.3 : Wed Aug 09 2006 - 22:35:32 PDT