[ISN] Enterprise Rollout and Management of Firefox

From: InfoSec News (alerts@private)
Date: Wed May 30 2007 - 22:09:42 PDT


Forwarded with permission from: Security UPDATE <Security_UPDATE (at) list.windowsitpro.com>

PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:

DR Planning Checklist for Microsoft Exchange
   http://list.windowsitpro.com/t?ctl=57FD0:57B62BBB09A69279C554079AB0312932

ESG Lab Validation Study: Polyserve DB Utility
   http://list.windowsitpro.com/t?ctl=57FD3:57B62BBB09A69279C554079AB0312932

Messaging Management
   http://list.windowsitpro.com/t?ctl=57FCE:57B62BBB09A69279C554079AB0312932


=== CONTENTS ===================================================

IN FOCUS: Enterprise Rollout and Management of Firefox

NEWS AND FEATURES
   - nCircle Reconfigures Itself with Acquisition of Cambia Security
   - New Microsoft Tool Strips Exploits Out of Office Documents
   - Recent Security Vulnerabilities

GIVE AND TAKE
   - Security Matters Blog: Yet Another Virus-Writing Class; Wordpress 
     and Opera Have Vulnerabilities
   - FAQ: Fix File Access Problems After Upgrading to Vista
   - From the Forum: Controlling Access to a Data Repository on a Cluster
   - Product Evaluations from the Real World
   - Share Your Security Tips

PRODUCTS
   - Internet Appliance Adds Reputation Scoring

RESOURCES AND EVENTS

FEATURED WHITE PAPER

ANNOUNCEMENTS


=== SPONSOR: CA XO Soft ========================================

DR Planning Checklist for Microsoft Exchange
   Join Paul Robichaux as he presents a disaster recovery planning 
checklist that you can use to help guide your Exchange 2000/2003/2007 
DR planning. Learn what you should do first, last, and in between to 
solidify your Exchange infrastructure and get the maximum degree of 
assurance for your disaster recovery operations. On-Demand Web Seminar.
   http://list.windowsitpro.com/t?ctl=57FD0:57B62BBB09A69279C554079AB0312932


=== IN FOCUS: Enterprise Rollout and Management of Firefox =====
   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

I'm sure many of you use Mozilla Firefox at least part of the time. 
Keeping the browser updated and configured in a secure manner on a few 
systems isn't a lot of work. On the other hand, trying to use Firefox 
with more than a dozen computers soon becomes a real chore. Installing 
Firefox on desktops one by one takes plenty of time. Checking desktops 
to make sure the latest updates are loaded is also time consuming, as 
is making sure that people don't reconfigure the browser to use 
settings and plug-ins that you don't want used. 

Did you know that rather than manually performing rollouts and 
management, you can use Windows Installer, Group Policy, and Active 
Directory (AD) to help automate these tasks? To push out Firefox with 
Windows Installer, you of course need to have properly prepared MSI 
package files, and to manage configurations, you need Firefox to 
interact with AD. I found a company that has a solution to both 
problems. 

FrontMotion maintains a Web-based tool, Firefox Packaging Service (at 
the URL below), that lets you package your choice of the last three 
releases of Firefox along with up to 10 plug-ins from a list of 17. The 
site will then build an MSI package that you can download to use for 
your rollout or upgrade process. Use of the service costs $150 per 
year, and that price gives you the ability to build packages as often 
as you need to. 
   http://list.windowsitpro.com/t?ctl=57FE3:57B62BBB09A69279C554079AB0312932

FrontMotion also makes available its free FrontMotion Firefox Community 
Edition (at the URL below), which is based on the latest version of 
Firefox and has the capability of interacting with AD and Group Policy. 
So you can choose to use Firefox Community Edition to build your 
package, or if you don't need AD integration, you can choose a standard 
version of Firefox.
   http://list.windowsitpro.com/t?ctl=57FE0:57B62BBB09A69279C554079AB0312932

Firefox Community Edition not only integrates with AD, it also gives 
you the ability to control the desktop icon as well as shell 
integration, similar to the way Microsoft Internet Explorer (IE) 
integrates with the shell. It also can be set to be the default 
browser, handles uninstallation if you need that, comes with Adobe 
Flash Player pre-installed, and more. 

So with Firefox Community Edition, you can easily use AD and Group 
Policy to handle rollout and configuration, and tools from other third 
parties accomplish similar tasks. Dion Liddell makes a tool called 
WetDog (at the URL below) that lets you control configuration of both 
Mozilla and Firefox by using Group Policy in AD. WetDog comes with an 
executable file that you put on your domain controllers (DCs) and 
insert into user logon scripts. 
   http://list.windowsitpro.com/t?ctl=57FE6:57B62BBB09A69279C554079AB0312932

Bob Templeton developed a tool, FFDeploy, that lets you build a package 
for rolling out Firefox. Development of the tool appears to have 
stopped back in 2005, but the tool is written in Visual Basic, so you 
could modify it if it doesn't suit your needs. 
   http://list.windowsitpro.com/t?ctl=57FE8:57B62BBB09A69279C554079AB0312932

And last but not least, Mark Sammons made a tool called FirefoxADM that 
helps you integrate and control Firefox by using Group Policy. 
   http://list.windowsitpro.com/t?ctl=57FDC:57B62BBB09A69279C554079AB0312932


=== SPONSOR: Polyserve =========================================

ESG Lab Validation Study: Polyserve DB Utility
   ESG's independent testing lab verified substantial gains in 
utilization, availability and database manageability with the use of a 
unique approach to virtualization, as presented by Polyserve. Find out 
more about this powerful platform for your SQL Server deployments - 
saving your department up to 70% of TCO and streamlining management.
   http://list.windowsitpro.com/t?ctl=57FD3:57B62BBB09A69279C554079AB0312932


=== SECURITY NEWS AND FEATURES =================================

nCircle Reconfigures Itself with Acquisition of Cambia Security
   Cambia CM, an agentless configuration auditing tool, will be 
integrated with nCircle products through consolidated reporting.
   http://list.windowsitpro.com/t?ctl=57FDB:57B62BBB09A69279C554079AB0312932

New Microsoft Tool Strips Exploits Out of Office Documents
   Microsoft released its new Microsoft Office Isolated Conversion 
Environment (MOICE), which converts Office 2003's binary format files 
into the more secure Office Open XML format used by Office 2007.
   http://list.windowsitpro.com/t?ctl=57FD9:57B62BBB09A69279C554079AB0312932

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at
   http://list.windowsitpro.com/t?ctl=57FD4:57B62BBB09A69279C554079AB0312932


=== SPONSOR: Symantec ==========================================

Messaging Management
   A secure mail and messaging infrastructure is fundamental to your 
business and any organization should plan for the appropriate message 
hygiene, availability, and control services from the start. This eBook 
introduces three fundamental mail and messaging management services - 
security, availability and control services - and how you can implement 
them in a Microsoft-centric mail and messaging environment. Download 
Now!
   http://list.windowsitpro.com/t?ctl=57FCE:57B62BBB09A69279C554079AB0312932


=== GIVE AND TAKE ==============================================

SECURITY MATTERS BLOG: Yet Another Virus-Writing Class; Wordpress and 
Opera Have Vulnerabilities
   by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=57FE2:57B62BBB09A69279C554079AB0312932

Another university is reportedly going to begin offering a virus-
writing class. What's the purpose of such a class? Also, have you 
upgraded to Wordpress 2.2 and Opera 9.21 yet? If not, your system 
running these applications is exposed to potentially dangerous security 
risks.
   http://list.windowsitpro.com/t?ctl=57FD2:57B62BBB09A69279C554079AB0312932

FAQ: Fix File Access Problems After Upgrading to Vista
   by John Savill, http://list.windowsitpro.com/t?ctl=57FDF:57B62BBB09A69279C554079AB0312932 

Q: For some reason, I can't access certain files on my Windows Vista 
machine following an upgrade. How can I get to them?

Find the answer at
   http://list.windowsitpro.com/t?ctl=57FDA:57B62BBB09A69279C554079AB0312932

FROM THE FORUM: Controlling Access to a Data Repository on a Cluster
   A forum participant is building a repository on a server cluster to 
store all of the company's secure documents. The company will have 
customers from various locations accessing the repository. He wonders 
how to control access so that no information is leaked to people not 
authorized to access the repository and its files.
   http://list.windowsitpro.com/t?ctl=57FCC:57B62BBB09A69279C554079AB0312932

PRODUCT EVALUATIONS FROM THE REAL WORLD
   Share your product experience with your peers. Have you discovered a 
great product that saves you time and money? Do you use something you 
wouldn't wish on anyone? Tell the world! If we publish your opinion, 
we'll send you a Best Buy gift card! Send information about a product 
you use and whether it helps or hinders you to 
whatshot@private

SHARE YOUR SECURITY TIPS AND GET $100
   Share your security-related tips, comments, or problems and 
solutions in Security Pro VIP's Reader to Reader column. Email your 
contributions to r2r@private If we print your submission, 
you'll get $100. We edit submissions for style, grammar, and length.


=== PRODUCTS ===================================================
   by Renee Munshi, products@private

Internet Appliance Adds Reputation Scoring
   Secure Computing announced SnapGear with TrustedSource, a new 
version of its Internet appliance for small-to-midsized businesses 
(SMBs). SnapGear provides networking, firewall, intrusion prevention, 
and VPN services. TrustedSource provides behavior-based reputation 
scores for IPs, domains, URLs, and email messages so that organizations 
can drop connections from malicious sources at the gateway. SnapGear 
with TrustedSource also delivers enhanced VoIP capabilities, VPN 
offloading, connection tracking snapshots, and improved performance. 
For a limited time, all SnapGear customers can receive a six-month 
trial license for SnapGear with TrustedSource for free. SnapGear 
appliances start at $249. For more information, go to
   http://list.windowsitpro.com/t?ctl=57FDD:57B62BBB09A69279C554079AB0312932


=== RESOURCES AND EVENTS =======================================
   For more security-related resources, visit
   http://list.windowsitpro.com/t?ctl=57FDE:57B62BBB09A69279C554079AB0312932

How do you manage security vulnerabilities? If you depend on 
vulnerability assessments to determine the state of your IT security 
systems, you can't afford to miss this Web seminar. Special research 
from Gartner indicates that deeper penetration testing is needed to 
augment your existing vulnerability management processes. Learn more 
today! 
   http://list.windowsitpro.com/t?ctl=57FCF:57B62BBB09A69279C554079AB0312932

Examine the threats of allowing unwanted or offensive content into your 
network and learn about the technologies and methodologies to defend 
against inappropriate content, spyware, IM, and P2P in this white paper 
report. 
   http://list.windowsitpro.com/t?ctl=57FCD:57B62BBB09A69279C554079AB0312932

IT Pro Connections--Amsterdam, 19-20 June, 2007, offers the deepest and 
most relevant education for Microsoft IT professionals, especially in 
this time of important new products and technologies. Now is the time 
for you to quickly come up to speed. Get prepared for the newest 
technologies and products through the real-world experience of our 
expert presenters. "Insider" details help you make sense of new 
technologies, apply them to your environment, and master them faster 
and more effectively. Immerse yourself in the latest Microsoft 
technologies--PowerShell, Exchange Server 2007, Vista, Longhorn, 
SharePoint Server and Communications Server, System Center Family, XP, 
Forefront, and more--with experts from Microsoft and world-renowned 
subject matter experts! Post-Conference Workshops 21 June 2007 
   http://list.windowsitpro.com/t?ctl=57FE5:57B62BBB09A69279C554079AB0312932


=== FEATURED WHITE PAPER =======================================

Before you undertake the expense and effort of a major upgrade, you 
want to know that the new platform will meet or exceed important 
business requirements. In his new white paper, SQL Server expert Kevin 
Kline shows the value and viability of SQL Server 2005 through the 
results of benchmarking tests. This paper also offers advice to help 
you assess the business value of an upgrade and ensure that you 
properly benchmark and load test your upgrade.  
   http://list.windowsitpro.com/t?ctl=57FD1:57B62BBB09A69279C554079AB0312932


=== ANNOUNCEMENTS ==============================================

Introducing a Unique Security Resource 
   Security Pro VIP is an online information center that delivers new 
articles every week on topics such as perimeter security, 
authentication, and system patches. Subscribers also receive tips, 
cautionary advice, direct access to our editors, and a host of other 
benefits! Order now at an exclusive charter rate and save up to $50! 
   http://list.windowsitpro.com/t?ctl=57FD6:57B62BBB09A69279C554079AB0312932

Introducing a Unique Exchange and Outlook Resource 
   Exchange & Outlook Pro VIP is an online information center that 
delivers new articles every week on messaging topics such as 
administration, migration, security, and performance. Subscribers also 
receive tips, cautionary advice, direct access to our editors, and a 
host of other benefits! Order now at an exclusive charter rate and save 
up to $50! 
   http://list.windowsitpro.com/t?ctl=57FD5:57B62BBB09A69279C554079AB0312932


================================================================

Security UDPATE is brought to you by the Windows IT Pro Web site's 
Security page (first URL below) and Security Pro VIP (second URL 
below).
   http://list.windowsitpro.com/t?ctl=57FE1:57B62BBB09A69279C554079AB0312932
   http://list.windowsitpro.com/t?ctl=57FE7:57B62BBB09A69279C554079AB0312932

Subscribe to Security UPDATE at
   http://list.windowsitpro.com/t?ctl=57FD8:57B62BBB09A69279C554079AB0312932

Be sure to add Security_UPDATE@private 
to your antispam software's list of allowed senders.

To contact us: 
   About Security UPDATE content -- letters@private
   About technical questions -- http://list.windowsitpro.com/t?ctl=57FE4:57B62BBB09A69279C554079AB0312932
   About your product news -- products@private
   About your subscription -- windowsitproupdate@private
   About sponsoring Security UPDATE -- salesopps@private

View the Windows IT Pro privacy policy at
   http://list.windowsitpro.com/t?ctl=57FD7:57B62BBB09A69279C554079AB0312932

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2007, Penton Media, Inc. All rights reserved.


_____________________________________________________
Attend Black Hat USA, July 28-August 2 in Las Vegas, 
the world's premier technical event for ICT security 
experts. Featuring 30 hands-on training courses and 
90 Briefings presentations with lots of new content 
and new tools. Network with 4,000 delegates from 
70 nations.   Visit product displays by 30 top
sponsors in a relaxed setting. Rates increase on 
June 1 so register today. http://www.blackhat.com



This archive was generated by hypermail 2.1.3 : Wed May 30 2007 - 22:22:10 PDT