PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE: Unwrap the Hidden Benefits of Compliance http://list.windowsitpro.com/t?ctl=375A3:7EB890 Improve Software Quality and Reduce Costs http://list.windowsitpro.com/t?ctl=375A8:7EB890 Filtering the Spectrum of Internet Threats: Defending Against Inappropriate Content, Spyware, IM, and P2P at the Perimeter http://list.windowsitpro.com/t?ctl=37597:7EB890 === CONTENTS =================================================== IN FOCUS: Browsing with Browzar NEWS AND FEATURES - Firefox 2.0 Beta 2 Released - Sunbelt Discontinues LanHound, Sells Customer Base - 9 Ways to Diagnose Windows 2003 IPsec Problems - Recent Security Vulnerabilities GIVE AND TAKE - Security Matters Blog: Microsoft Wants Your Help on Mobile Security - FAQ: Hide Domain List During Logon - From the Forum: NTFS Permissions for Users with Multiple Group Memberships - Share Your Security Tips - Microsoft Learning Paths for Security: A More Secure Platform Through Identity and Access Management PRODUCTS - Filter Fights Spyware - Wanted: Your Reviews of Products RESOURCES AND EVENTS FEATURED WHITE PAPER ANNOUNCEMENTS === SPONSOR: Quest Software ===================================== Unwrap the Hidden Benefits of Compliance If your compliance solutions only address compliance, you're not getting the most for your budget dollar. The new Quest Software white paper, "Leveraging Business Value from Compliance Efforts," offers expert tips for identifying compliance solutions with high business value. Read the white paper now. http://list.windowsitpro.com/t?ctl=375A3:7EB890 === IN FOCUS: Browsing with Browzar ============================ by Mark Joseph Edwards, News Editor, mark at ntsecurity / net There's a new Web browser in town and so far it looks pretty darn good, especially from a privacy perspective. However, there is a caveat, which I'll discuss in a moment. The new tool, called Browzar, is available free to anyone. The current version is only 264.4KB in size. That's not a misprint, it's really that small! Browzar is billed as "the first ever 'freedom' Internet browser" because of the way it works: It doesn't save a cache, history, cookies, favorites, or other telltale information. When you close Browzar, any information that was temporarily stored is automatically deleted, so you don't need to remember to do that manually. Using Browzar is incredibly simple to use because it's contained in a single executable file, and technically you don't even need to install Browzar onto a system. If your system allows you to, you could just go to the Browzar site, click the download link, and tell the system to open the file and run it. I took Browzar for a test drive and surfed many Web sites. So far, I haven't found any problems with compatibility. Browzar is currently available for Windows 98 Second Edition and later, and requires Microsoft IE 5.5 or later to be installed on the computer. Obviously, Browzar gains a lot of its functionality based on the capabilities of an already-installed copy of IE. When I tested the tool, I found that it supports NTLM authentication, JavaScript, and other features such as Adobe Systems' .pdf files and Flash. Components to support the last two features were installed on the system I used to test-drive Browzar. A quick test also revealed that Browzar's reliance on IE extends to IE's security settings. For example, if ActiveX controls and scripting are disabled in IE, then sites that rely on those technologies won't work in Browzar either. Browzar's use of IE's rendering engine raises the question of just how secure Browzar really is. Browzar being based on IE could be a major drawback because many security vulnerabilities that affect IE will also affect Browzar. So keep this mind if and when you use it. Browzar is best suited for situations in which you want to make sure nobody will be able to easily recover your browsing history and other sensitive information that you might have entered while surfing various sites. The only configuration settings available in Browzar are to have it check for updates (which is useful if you've copied it to any type of storage device) and to turn on or off the built-in pop-up blocker. The interface is clean and simple, providing only the typical address box along with the usual navigation buttons and a tiny search box at the top right of the screen, similar to that in Mozilla Firefox. The search box isn't configurable, so when you use it, your queries are sent to the Browzar site, which runs its own search engine. I noticed that a lot of the returned results are sponsored links. Of course, you're free to visit any search engine you want by entering its URL into the address box. You can get the Windows version now at the URL below. Versions are also planned for Mac OS X and Linux. http://list.windowsitpro.com/t?ctl=375AC:7EB890 Browzar will come in handy when you use shared computers, such as those found at libraries, hotels, conferences and conventions, coffee shops, and business partner and customer networks. Keep in mind that this newly released tool is still in beta development, so while it worked really well during my test, it does have bugs. For example, some people report that it doesn't delete all cached Web pages and others report that it sometimes might leave the last visited URL in IE's index.dat file. I confirmed the latter bug through my own tests but wasn't able to reproduce the first bug. === SPONSOR: Klocwork =========================================== Improve Software Quality and Reduce Costs New White Paper from Klocwork: Improve software quality and reduce life-cycle costs by incorporating Static Analysis tools into your routine development processes. Results: More maintainable code, more secure, reliable software and a more predictable development process. Download White Paper. http://list.windowsitpro.com/t?ctl=375A8:7EB890 === SECURITY NEWS AND FEATURES ================================= Firefox 2.0 Beta 2 Released Mozilla Foundation announced the availability of Firefox 2.0 Beta 2, which includes many enhancements, including a few that improve the browser's security. http://list.windowsitpro.com/t?ctl=375A0:7EB890 Sunbelt Discontinues LanHound, Sells Customer Base Sunbelt Software will cease development and distribution of LanHound, the company's network analyzer product. Network Instruments is offering Sunbelt's LanHound customers its Observer product as a replacement for LanHound. http://list.windowsitpro.com/t?ctl=3759E:7EB890 9 Ways to Diagnose Windows 2003 IPsec Problems You've implemented IPsec to protect traffic on your organization's LAN, and although you've followed all the technical documents carefully, you aren't convinced that the traffic on your network is actually protected from eavesdroppers. How can you reassure yourself that IPsec is truly encrypting your computers' network traffic? Orin Thomas shows you how in this article on our Web site. http://list.windowsitpro.com/t?ctl=37596:7EB890 Recent Security Vulnerabilities If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at http://list.windowsitpro.com/t?ctl=3759D:7EB890 === SPONSOR: St. Bernard Software ============================== Filtering the Spectrum of Internet Threats: Defending Against Inappropriate Content, Spyware, IM, and P2P at the Perimeter Examine the threats of allowing unwanted or offensive content into your network and learn about the technologies and methodologies to defend against inappropriate content, spyware, IM, and P2P. http://list.windowsitpro.com/t?ctl=37597:7EB890 === GIVE AND TAKE ============================================== SECURITY MATTERS BLOG: Microsoft Wants Your Help on Mobile Security by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=375A7:7EB890 Bill Canning, program manager for Microsoft Solutions for Security and Compliance, posted a message in the company's SecGuide blog asking for help in developing a solution to protect data on laptops against loss or theft. Read this blog item to find out how you can help. http://list.windowsitpro.com/t?ctl=3759F:7EB890 FAQ: Hide Domain List During Logon by John Savill, http://list.windowsitpro.com/t?ctl=375A5:7EB890 Q: How can I use Group Policy to hide the domain drop-down list in the Windows logon dialog box? Find the answer at http://list.windowsitpro.com/t?ctl=37594:7EB890 FROM THE FORUM: NTFS Permissions for Users with Multiple Group Memberships A forum participant has a particular folder to which one user in a particular group needs read and write access but the rest of the group should not have access. He wonders how best to arrange NTFS permissions to accomplish that. Join the discussion at: http://list.windowsitpro.com/t?ctl=37595:7EB890 SHARE YOUR SECURITY TIPS AND GET $100 Share your security-related tips, comments, or problems and solutions in the Windows IT Security print newsletter's Reader to Reader column. Email your contributions to r2rwinitsec@private If we print your submission, you'll get $100. We edit submissions for style, grammar, and length. MICROSOFT LEARNING PATHS FOR SECURITY: A More Secure Platform Through Identity and Access Management Take the either/or scenario out of asset accessibility and security. By automating management, IT departments can reduce operational costs while improving security. Use the resources listed on the Microsoft Learning Paths Web page to get in-depth information about identity and access management--the simplified, secure sharing of digital identities across security boundaries. Find out how to provide a secure environment for managing user identities, authentication methods, and access rights across an organization's internal and external users. http://list.windowsitpro.com/t?ctl=375A4:7EB890 === PRODUCTS =================================================== by Renee Munshi, products@private Filter Fights Spyware NullBound announced the NullBound Malware Prevention System, a filtering system that watches Internet traffic for incoming spyware and blocks the malware from entering your network. You can download NullBound Malware Prevention System for free from the NullBound Web site and receive free monthly updates. Or you can purchase a subscription (a one-year subscription starts at $400 for up to 49 users) and receive updates as soon as they're available. For more information, go to http://list.windowsitpro.com/t?ctl=375AD:7EB890 WANTED: your reviews of products you've tested and used in production. Send your experiences and ratings of products to whatshot@private and get a Best Buy gift certificate. === RESOURCES AND EVENTS ======================================= ORACLE AND SQL... BETTER TOGETHER? Attend the 2006 Cross Platform Data roadshows to learn about optimizing 64-bit database computing, business intelligence for SQL Server and Oracle, high-availability proof points for database computing, and implications of architectural differences between Oracle and SQL. Coming to 12 US cities in September and October. http://list.windowsitpro.com/t?ctl=3759C:7EB890 Connections Conference Now in its seventh year, Windows Connections returns November 6-9 to Mandalay Bay in Las Vegas. Don't miss your chance to interact with industry experts and hear the latest information on Windows Server 2003, Windows 2000 Server, and Windows XP Professional! Register, then attend sessions at Microsoft Exchange Connections FREE! http://list.windowsitpro.com/t?ctl=375AA:7EB890 Are you protected company-wide against spyware, keyloggers, adware, and backdoor Trojan horses? Test a state-of-the-art scanning engine that uses threat signatures from multiple sources to track down the culprits that antivirus solutions alone can't protect you from. Download your free 30-day trial of CounterSpy Enterprise today! http://list.windowsitpro.com/t?ctl=37599:7EB890 Ensure that you're being effective with your internal network security. Are your DIY options protecting you against worms, BotNets, Trojans and hackers? Make sure! On-Demand Web Seminar http://list.windowsitpro.com/t?ctl=37598:7EB890 Take an up-to-date look at secure, remote access to corporate applications and stay ahead of the curve when making decisions about near- and long-term IT infrastructure. On-Demand Web Seminar http://list.windowsitpro.com/t?ctl=3759B:7EB890 === FEATURED WHITE PAPER ======================================= Do you want to block unwanted or undesirable email? Download this free whitepaper to learn how to manage the content of information crossing your network. http://list.windowsitpro.com/t?ctl=3759A:7EB890 === ANNOUNCEMENTS ============================================== Uncover Essential Windows Knowledge Through Excavator Try out the ultimate vertical search tool--Windows Excavator. Windows Excavator gives you fast, thorough third-party information while filtering out unwanted content. Visit http://list.windowsitpro.com/t?ctl=375AB:7EB890 today! Discounted Offer for the Windows IT Pro Master CD Save 50% off the Windows IT Pro Master CD! Order now and get access to the entire Windows IT Pro article database on CD. Subscribe now: http://list.windowsitpro.com/t?ctl=375A1:7EB890 ================================================================ Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and the Windows IT Security newsletter (subscribe at the second URL below). http://list.windowsitpro.com/t?ctl=375A6:7EB890 https://store.pentontech.com/index.cfm?s=1&promocode=eu255xsb Subscribe to Security UPDATE at http://list.windowsitpro.com/t?ctl=375A2:7EB890 Be sure to add Security_UPDATE@private to your antispam software's list of allowed senders. To contact us: About Security UPDATE content -- letters@private About technical questions -- http://list.windowsitpro.com/t?ctl=375A9:7EB890 About your product news -- products@private About your subscription -- windowsitproupdate@private About sponsoring Security UPDATE -- salesopps@private View the Windows IT Pro privacy policy at http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy Windows IT Pro, a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538 Attention: Customer Service Department Copyright 2006, Penton Media, Inc. All rights reserved. _________________________________ HITBSecConf2006 - Malaysia The largest network security event in Asia 32 internationally renowned speakers 7 tracks of hands-on technical training sessions. Register now: http://conference.hitb.org/hitbsecconf2006kl/
This archive was generated by hypermail 2.1.3 : Wed Sep 06 2006 - 23:34:33 PDT