Forwarded with permission from: Security UPDATE <Security_UPDATE (at) list.windowsitpro.com> === CONTENTS =================================================== IN FOCUS: The High Risk of Using Open Networks NEWS AND FEATURES - Microsoft Adds Live Alerts for MSRC Blog - Yahoo! Mail Integrates PhishTank Data for Better Protection - New Worms Turn Windows Servers into Botnet Members - Recent Security Vulnerabilities GIVE AND TAKE - Security Matters Blog: Security Brief on Oracle's Latest Security Patches - FAQ: Pushing Out Management Packs - Tell Us About the Products You Love! - Share Your Security Tips PRODUCTS - Take Control of Endpoints RESOURCES AND EVENTS FEATURED WHITE PAPER ANNOUNCEMENTS === SPONSOR: ShoreTel ========================================== Enterprises Rate Important IP Telephony Features This comprehensive guide is invaluable for those evaluating VoIP and shows how organizations can reduce cost and improve operations to help you to plan and implement an IP phone system. Define system components - Identify network requirements - Learn important standards - Learn deployment options: http://list.windowsitpro.com/t?ctl=53976:57B62BBB09A692797E118E9A78FD9A84 === IN FOCUS: The High Risk of Using Open Networks ============= by Mark Joseph Edwards, News Editor, mark at ntsecurity / net Open networks are tempting, especially when you really need to send or receive messages or gather some data quickly while on the road. But don't let your guard down while using open networks (such as those at conferences, coffee shops, or hotels), or you might fall victim to an intruder. In fact, when using open networks, you should raise your guard as high as you can, which might mean deciding not to use a certain open network at all. The decision whether to use an open network comes down to two simple questions: Do you trust that you can get on and off the network safely; and do you feel confident that your system is secure enough to withstand potential zero-day exploits? A good example of how high the risk is happened at the 2006 ShmooCon conference. While using the conference's wireless network, a security researcher's Mac laptop fell victim to attack. Even though the researcher's laptop was secured as well as possible, the system was broken into using a zero-day exploit. Unfortunately, the presenter was not running any packet-capture tools at the time, so attempts to find out how the break-in happened were fruitless. Another case in point occurred only last week at the CanSecWest conference in Vancouver, B.C., Canada. At the conference, an interesting challenge was presented: Break into either of two MacBook Pros running OS X and win the computer. TippingPoint (a division of 3Com) offered a $10,000 cash prize to enhance the challenge further. Sure enough, someone broke into one of the MacBooks using a zero-day exploit against the Safari Web browser. The winning challenger, Shane Macaulay, worked with a friend, Dino Dai Zovi, who didn't attend the conference. Zovi provided the exploit, and Macaulay executed it at the conference by setting up a Mac server on the conference's wireless network. He then had one of the conference workers enter a specific URL into the MacBook's browser, which in turn connected to the server to launch the exploit. That's all that was required for the MacBook to become "owned." The point of the latter example is that the same thing could be accomplished by a bad guy lurking on a conference network or any other open network. It doesn't matter what OS you use, the risks are basically the same. Said otherwise, zero-day exploits exist for all OSs, and it's often incredibly difficult to defend against the unknown. If you feel you must use an open network, one way to help avoid falling victim--to some extent anyway--is to use a virtual machine (VM) configuration to perform whatever tasks you need to do. While a VM might not completely protect your system, at least when you restart the VM, its OS will come up clean, assuming of course that no one used a zero-day exploit to compromise the VM software or OS image. Another way to possibly protect your system is to use a bootable Live CD, which you might know is basically a CD-ROM with a bootable OS. If you're interested in finding a good Live CD, head over to FrozenTech (at the URL below) where you'll find dozens that you can choose from. http://list.windowsitpro.com/t?ctl=53972:57B62BBB09A692797E118E9A78FD9A84 While neither method I suggested is completely secure, at least both methods make it much more difficult for an intruder to "own" your computer. As an aside, since I mentioned OS X in this column, I want to also point out that Apple released a batch of 25 security patches last week. So if you manage OS X systems, be sure to update them. You can learn more about the patches at the Apple site at the URL below. http://list.windowsitpro.com/t?ctl=53969:57B62BBB09A692797E118E9A78FD9A84 === You can win $100 by voting for the products you find most useful in Windows IT Pro's Community Choice Awards! Give us your feedback to qualify to win one of twelve $100 Amazon.com gift certificates. Voting is open through May 21. Winners will be announced in the August 2007 issue of Windows IT Pro. Go to http://list.windowsitpro.com/t?ctl=5395F:57B62BBB09A692797E118E9A78FD9A84 === SPONSOR: nCipher =========================================== Best Practices for Microsoft PKI & Cert Mgt Please join us for this complimentary Webinar Thursday, May 10, 2007 11:00 AM EDT Speaker: Brian Komar, President, IdentIT Mr. Komar will provide a unique overview of the MS PKI and nCipher's integrated solutions, which will assist you in streamlining this process and reducing your total cost of ownership. You will learn to: - Design a PKI to address business needs and achieve regulatory compliance - Implement hardware security modules to increase private key protection - Apply tricks and trips for configuring your CA - Manage certificates with ILM 2007 http://list.windowsitpro.com/t?ctl=53971:57B62BBB09A692797E118E9A78FD9A84 === SECURITY NEWS AND FEATURES ================================= Microsoft Adds Live Alerts for MSRC Blog Microsoft is conducting a beta program for its new Windows Live Alerts service, and the company recently added Microsoft Security Response Center (MSRC) blog entries to the list of available content. http://list.windowsitpro.com/t?ctl=5396E:57B62BBB09A692797E118E9A78FD9A84 Yahoo! Mail Integrates PhishTank Data for Better Protection PhishTank is a community project that lets people submit links to potential phishing sites and vote on whether a site really is a phishing scam. http://list.windowsitpro.com/t?ctl=5396A:57B62BBB09A692797E118E9A78FD9A84 New Worms Turn Windows Servers into Botnet Members Three worms circulating the Internet take advantage of a vulnerability in the Windows DNS service to turn a system into a bot. Microsoft and security solution providers are working to integrate protection against the worms into their offerings. http://list.windowsitpro.com/t?ctl=5396D:57B62BBB09A692797E118E9A78FD9A84 Recent Security Vulnerabilities If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at http://list.windowsitpro.com/t?ctl=53962:57B62BBB09A692797E118E9A78FD9A84 === SPONSOR: Vizioncore ======================================== esxRanger Professional: Hot Backups for VI3 Still don't have a reliable disaster recovery plan in place? Vizioncore's esxRanger Professional supports a sophisticated, yet cost effective DR strategy for your VMware Infrastructure 3 environment. Restoring entire virtual machine images -- or just files -- is smooth & seamless. Visit http://list.windowsitpro.com/t?ctl=53975:57B62BBB09A692797E118E9A78FD9A84 for a trial download today. === GIVE AND TAKE ============================================== SECURITY MATTERS BLOG: Security Brief on Oracle's Latest Security Patches by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=53974:57B62BBB09A692797E118E9A78FD9A84 Oracle released its quarterly batch of security updates. Get links to information about several of the problems. http://list.windowsitpro.com/t?ctl=5396B:57B62BBB09A692797E118E9A78FD9A84 FAQ: Pushing Out Management Packs by John Savill, http://list.windowsitpro.com/t?ctl=53970:57B62BBB09A692797E118E9A78FD9A84 Q: How do I push management packs to System Center Operations Manager agents in System Center Configuration Manager 2007? Find the answer at http://list.windowsitpro.com/t?ctl=5396C:57B62BBB09A692797E118E9A78FD9A84 TELL US ABOUT THE PRODUCTS YOU LOVE! What products are you using that save you time or make your workload a little lighter? What hot product discoveries have you made that other IT pros need to know about? Let the world know about your experiences in Windows IT Pro's monthly What's Hot department. If we publish your story in What's Hot, we'll send you a Best Buy gift card! Send information about your favorite product and how it has helped you to whatshot@private SHARE YOUR SECURITY TIPS AND GET $100 Share your security-related tips, comments, or problems and solutions in Security Pro VIP's Reader to Reader column. Email your contributions to r2r@private If we print your submission, you'll get $100. We edit submissions for style, grammar, and length. === PRODUCTS =================================================== by Renee Munshi, products@private Take Control of Endpoints matrix42 introduced Empirum Security Suite, which protects workstations and laptops with a firewall, intrusion prevention system (IPS), application and file control, removable device control, and wireless control. Empirum Security Suite enforces a workstation's specific policies whether the computer is on or off the network. According to matrix42, Empirum operates at the kernel level, so after you configure it by using the central management console, a user (even one with administrator rights) can't disable or reconfigure it. Empirum has behavioral technology and defends against information theft via keylogging or spyware and other intrusion methods. For more information, go to http://list.windowsitpro.com/t?ctl=53979:57B62BBB09A692797E118E9A78FD9A84 === RESOURCES AND EVENTS ======================================= For more security-related resources, visit http://list.windowsitpro.com/t?ctl=5396F:57B62BBB09A692797E118E9A78FD9A84 Web seminar: Managing Change Risk on Critical Windows NT Infrastructure Why choose a change-control approach to solve what is traditionally considered a security problem? Come join us for a Web seminar on May 3 featuring Motorola CISO Bill Boni. Mr. Boni will discuss the problem of supporting legacy NT systems at Motorola and the solution requirements, evaluation criteria, and decision to adopt a change control approach. He'll also describe Motorola's vision for deploying change control on other critical systems across the company. http://list.windowsitpro.com/t?ctl=53963:57B62BBB09A692797E118E9A78FD9A84 Get Ready for Exchange & Office 2007 Roadshow--free! The successful Microsoft-partnered Get Ready for Exchange & Office 2007 Roadshow is coming to Stockholm! Three independent, respected technical speakers--Jim McBee, Mark Arnold, and Ben Schorr--will deliver tracks on securing, managing, and deploying Exchange and Office 2007 and using Exchange Server 2007 capabilities to improve your messaging environment. Register today for this free day-long event. Your delegate bag will include Microsoft Exchange Server 2007 and Office 2007 Beta 2 Software Kits. Venue: Berns Hotel, Stockholm Date: Monday, 14 May 2007 http://list.windowsitpro.com/t?ctl=53968:57B62BBB09A692797E118E9A78FD9A84 Did you know that 75 percent of corporate intellectual property resides in email? The challenges facing this vital business application range from spam to the costly impact of downtime and the need for effective, centralized email storage systems. Join us for a free Web seminar and learn the key features of a holistic approach to email security, availability, and control. Download this on-demand seminar now! http://list.windowsitpro.com/t?ctl=53960:57B62BBB09A692797E118E9A78FD9A84 === FEATURED WHITE PAPER ======================================= ESG's independent testing lab verified substantial gains in utilization, availability, and database manageability with the use of a unique approach to virtualization, as presented by Polyserve. Find out more about this powerful platform for your SQL Server deployments, and you can save your department up to 70 percent of TCO and streamline management. http://list.windowsitpro.com/t?ctl=53961:57B62BBB09A692797E118E9A78FD9A84 === ANNOUNCEMENTS ============================================== Introducing a Unique Security Resource Security Pro VIP is an online information center that delivers new articles every week on topics such as perimeter security, authentication, and system patches. Subscribers also receive tips, cautionary advice, direct access to our editors, and a host of other benefits! Order now at an exclusive charter rate and save up to $50! http://list.windowsitpro.com/t?ctl=53965:57B62BBB09A692797E118E9A78FD9A84 Introducing a Unique Exchange and Outlook Resource Exchange & Outlook Pro VIP is an online information center that delivers new articles every week on topics such as administration, migration, security, and performance. Subscribers also receive tips, cautionary advice, direct access to our editors, and a host of other benefits! Order now at an exclusive charter rate and save up to $50! http://list.windowsitpro.com/t?ctl=53964:57B62BBB09A692797E118E9A78FD9A84 ================================================================ Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and Security Pro VIP (second URL below). http://list.windowsitpro.com/t?ctl=53973:57B62BBB09A692797E118E9A78FD9A84 http://list.windowsitpro.com/t?ctl=53978:57B62BBB09A692797E118E9A78FD9A84 Subscribe to Security UPDATE at http://list.windowsitpro.com/t?ctl=53967:57B62BBB09A692797E118E9A78FD9A84 Be sure to add Security_UPDATE@private to your antispam software's list of allowed senders. To contact us: About Security UPDATE content -- letters@private About technical questions -- http://list.windowsitpro.com/t?ctl=53977:57B62BBB09A692797E118E9A78FD9A84 About your product news -- products@private About your subscription -- windowsitproupdate@private About sponsoring Security UPDATE -- salesopps@private View the Windows IT Pro privacy policy at http://list.windowsitpro.com/t?ctl=53966:57B62BBB09A692797E118E9A78FD9A84 Windows IT Pro, a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538 Attention: Customer Service Department Copyright 2007, Penton Media, Inc. All rights reserved. __________________________ Subscribe to InfoSec News http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Thu Apr 26 2007 - 01:35:34 PDT