Forwarded with permission from: Security UPDATE <Security_UPDATE (at) list.windowsitpro.com> PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE: Hosted Security: A solution for small and medium-sized businesses http://list.windowsitpro.com/t?ctl=6320C:57B62BBB09A69279C3BEA5A858C67D49 ALERT: "How a Hacker Launches a SQL Injection Attack!" White Paper http://list.windowsitpro.com/t?ctl=63211:57B62BBB09A69279C3BEA5A858C67D49 Tell little, trust less & thwart hacker attacks. http://list.windowsitpro.com/t?ctl=6321F:57B62BBB09A69279C3BEA5A858C67D49 === CONTENTS =================================================== IN FOCUS: 4 More Tools for Your Toolkit NEWS AND FEATURES - Ubuntu Team Servers Suffer Intrusion - GFI to Expand MailArchiver Capabilities - Recent Security Vulnerabilities GIVE AND TAKE - Security Matters Blog: Intel Invests in VMware; Security on a Chip - FAQ: Exploring Windows Processes - From the Forum: Vulnerability Scanners - Share Your Security Tips PRODUCTS - Gateway Appliance Does Multiple Security Tasks - Product Evaluations from the Real World RESOURCES AND EVENTS FEATURED WHITE PAPER ANNOUNCEMENTS === SPONSOR: St. Bernard Software ============================== Hosted Security: A solution for small and medium-sized businesses Is effective security out of reach for your small or medium-sized business? Imagine having a team of IT experts who only focus on security as part of your staff. Download this white paper today and find out how you can eliminate your company's security risks. http://list.windowsitpro.com/t?ctl=6320C:57B62BBB09A69279C3BEA5A858C67D49 === IN FOCUS: 4 More Tools for Your Toolkit ============= by Mark Joseph Edwards, News Editor, mark at ntsecurity / net Last week, I learned about four security tools that I hadn't come across previously. The tools, available for free from MANDIANT and Immunity, each make a worthwhile new addition to your security toolkit. The first tool, Web Historian, developed by MANDIANT (formerly Red Cliff Consulting), analyzes Web browsing history files from major browsers including Microsoft Internet Explorer, Mozilla Firefox, Netscape Navigator, Opera, and Apple Safari. You might already have such a tool that analyzes browser history files (there are a few available); however this is the only tool I know of that can analyze the history files of such a wide range of browsers. The second tool, First Response, also from MANDIANT, is an incident- handling tool. The software includes an agent that can be loaded on Windows 2000, Windows XP, and Windows Server 2003 systems to collect information from a variety of sources, such as the registry, event logs, file systems, and active processes. The tool uses a centralized console to collect information from its agents, analyze the data, build reports, and coordinate incident-response activity. In addition to working over a network, the tool can collect information directly from a local system that you have physical access to. The third tool is MANDIANT's Red Curtain. It's a new malware analysis tool that can inspect executables (including DLLs) to look for signs that the code might be dangerous. Information gathered by the tool includes signatures from development tools (commonly inserted by compilers and packagers), packaging type information, whether the code includes randomization, and more. The data is used to provide a possible threat level score. Depending on the overall score, you might decide to take a closer look at the file or quarantine it and move on to other tasks. All three of MANDIANT's tools are available at http://list.windowsitpro.com/t?ctl=63220:57B62BBB09A69279C3BEA5A858C67D49 Red Curtain leads me to the fourth tool, Immunity Debugger. If you happen to find a suspicious executable and want to take a deeper look at what it does, then a debugger can be an essential tool. Numerous debuggers are available today; however, unlike many other debuggers, a key feature of Immunity Debugger is that it's written specifically for security researchers. The tool includes both a GUI and a command line interface and supports Python scripting. A lot of the functionality of the debugger revolves around the Python subsystem, which lets you extend the debugger to conduct a variety of activities and lets you design custom routines that display data, accept user input, and more. Several sample scripts come with the tool to get you started. Another great feature of the tool is that it can latch onto a process via its filename, window name, process identifier (PID), process name, services, or TCP or UDP port. Overall, it's a powerful tool. You can learn more about Immunity Debugger and download a copy at the URL below. http://list.windowsitpro.com/t?ctl=6321B:57B62BBB09A69279C3BEA5A858C67D49 === SPONSOR: SPI Dynamics ====================================== ALERT: "How a Hacker Launches a SQL Injection Attack!" White Paper It's as simple as placing additional SQL commands into a Web Form input box giving hackers complete access to all your backend systems! Firewalls and IDS will not stop such attacks because SQL Injections are NOT seen as intruders. Download this *FREE* white paper from SPI Dynamics for a complete guide to protection! http://list.windowsitpro.com/t?ctl=63211:57B62BBB09A69279C3BEA5A858C67D49 === SECURITY NEWS AND FEATURES ================================= Ubuntu Team Servers Suffer Intrusion Some of the regional servers used by Ubuntu advocate teams were compromised and made to launch attacks against other systems. As a result, five of the servers were taken offline while steps were taken to secure them. http://list.windowsitpro.com/t?ctl=6320D:57B62BBB09A69279C3BEA5A858C67D49 GFI to Expand MailArchiver Capabilities GFI announced that it will acquire the technology assets of XEmplifyIT, an email management company. The acquisition will allow GFI to further empower its MailArchiver solution while at the same time removing a competitor from the marketplace. http://list.windowsitpro.com/t?ctl=6320E:57B62BBB09A69279C3BEA5A858C67D49 Recent Security Vulnerabilities If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at http://list.windowsitpro.com/t?ctl=63212:57B62BBB09A69279C3BEA5A858C67D49 === SPONSOR: Port80 Software =================================== Tell little, trust less & thwart hacker attacks. Over 70% of network attacks are Web-based. Reinforce your Microsoft IIS Web servers with low-cost, high impact Port80 tools for Web site anti-reconnaissance, redirecting problematic traffic, anti-image leeching and to defend your .NET/PHP/CFM/JSP code easily. Get free trial downloads & IIS security tips now! http://list.windowsitpro.com/t?ctl=6321F:57B62BBB09A69279C3BEA5A858C67D49 === GIVE AND TAKE ============================================== SECURITY MATTERS BLOG: Intel Invests in VMware; Security on a Chip by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=6321E:57B62BBB09A69279C3BEA5A858C67D49 Intel must see a bright future in VMware. The company recently anted a cool $219 million investment for roughly 10 million shares of VMware stock! In other partnering news, Intel and Symantec are reportedly working to develop "security on a chip." Read the blog to get the details. http://list.windowsitpro.com/t?ctl=6320F:57B62BBB09A69279C3BEA5A858C67D49 FAQ: Exploring Windows Processes by John Savill, http://list.windowsitpro.com/t?ctl=6321A:57B62BBB09A69279C3BEA5A858C67D49 Q: What is the Process Explorer utility? Find the answer at http://list.windowsitpro.com/t?ctl=63218:57B62BBB09A69279C3BEA5A858C67D49 FROM THE FORUM: Vulnerability Scanners A forum participant is wondering which scanners other people have used and what their experiences have been with these products. Join the discussion at http://list.windowsitpro.com/t?ctl=6320A:57B62BBB09A69279C3BEA5A858C67D49 SHARE YOUR SECURITY TIPS AND GET $100 Share your security-related tips, comments, or problems and solutions in Security Pro VIP's Reader to Reader column. Email your contributions to r2r@private If we print your submission, you'll get $100. We edit submissions for style, grammar, and length. === PRODUCTS =================================================== by Renee Munshi, products@private Gateway Appliance Does Multiple Security Tasks ContentWatch added three Internet gateway security appliances to its ContentProtect Security Appliance family. The new plug-and-play appliances combine content filtering, bandwidth management, IM and peer-to-peer control, antivirus, and antispyware capabilities in one box. The ContentProtect Security Appliance comes in three models: The CP 100 can host up to 200 users, the CP 300 hosts 1,000, and the CP 350 hosts more than 5,000. http://list.windowsitpro.com/t?ctl=63223:57B62BBB09A69279C3BEA5A858C67D49 PRODUCT EVALUATIONS FROM THE REAL WORLD Share your product experience with your peers. Have you discovered a great product that saves you time and money? Do you use something you wouldn't wish on anyone? Tell the world! If we publish your opinion, we'll send you a Best Buy gift card! Send information about a product you use and whether it helps or hinders you to whatshot@private === RESOURCES AND EVENTS ======================================= For more security-related resources, visit http://list.windowsitpro.com/t?ctl=63219:57B62BBB09A69279C3BEA5A858C67D49 Microsoft TechEd IT Forum TechEd IT Forum is Microsoft's premier European conference designed to provide IT professionals with technical training, information, and community resources to build, plan, deploy, and manage the secure connected enterprise. http://list.windowsitpro.com/t?ctl=6321C:57B62BBB09A69279C3BEA5A858C67D49 Online Backup as a Service IT has never been short on buzz. The problem is that for each innovation that's buzz worthy, there are two that are forgotten within months. "Software as a Service" (SaaS), including online backup as a service, is currently generating a lot of buzz. In this podcast, you'll find out why storage as a software service is definitely worthy of the buzz. http://list.windowsitpro.com/t?ctl=63210:57B62BBB09A69279C3BEA5A858C67D49 Get the facts about Microsoft Unified Communications, including Exchange Server 2007 and Office Communications Server 2007 during this free virtual event on Sept. 19, 2007. Independent Exchange experts will present practical, real-world information about deploying, managing, and securing Exchange Server 2007 and Office Communications Server 2007. http://list.windowsitpro.com/t?ctl=63215:57B62BBB09A69279C3BEA5A858C67D49 === FEATURED WHITE PAPER ======================================= Increase customer confidence with the latest breakthrough in online security: Extended Validation SSL. Extended Validation triggers a green address bar in Microsoft Internet Explorer 7.0 that proves site identity. Learn how to get the green bar and higher sales by reading the technical white paper "Maximizing Site Visitor Trust Using Extended Validation SSL." http://list.windowsitpro.com/t?ctl=6320B:57B62BBB09A69279C3BEA5A858C67D49 === ANNOUNCEMENTS ============================================== Search Thousands of SQL Articles Online and on CD A SQL Server Magazine Master CD subscription buys you portable, lightning-fast access to the entire SQL Server article database on CD, plus exclusive, up-to-the-minute access to the new articles we publish on SQLMag.com every day. Order your subscription now! http://list.windowsitpro.com/t?ctl=63214:57B62BBB09A69279C3BEA5A858C67D49 Save 1/2 Off Security Pro VIP Security Pro VIP is an online resource that delivers new articles every week to help you defend your network. Subscribers also receive tips, cautionary advice, direct access to our editors for technical Q&As, and a host of other benefits! Order now, and save up to 50 percent! http://list.windowsitpro.com/t?ctl=63213:57B62BBB09A69279C3BEA5A858C67D49 ================================================================ Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and Security Pro VIP (second URL below). http://list.windowsitpro.com/t?ctl=6321D:57B62BBB09A69279C3BEA5A858C67D49 http://list.windowsitpro.com/t?ctl=63222:57B62BBB09A69279C3BEA5A858C67D49 Subscribe to Security UPDATE at http://list.windowsitpro.com/t?ctl=63217:57B62BBB09A69279C3BEA5A858C67D49 Be sure to add Security_UPDATE@private to your antispam software's list of allowed senders. To contact us: About Security UPDATE content -- letters@private About technical questions -- http://list.windowsitpro.com/t?ctl=63221:57B62BBB09A69279C3BEA5A858C67D49 About your product news -- products@private About your subscription -- windowsitproupdate@private About sponsoring Security UPDATE -- salesopps@private View the Windows IT Pro privacy policy at http://list.windowsitpro.com/t?ctl=63216:57B62BBB09A69279C3BEA5A858C67D49 Windows IT Pro, a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538 Attention: Customer Service Department Copyright 2007, Penton Media, Inc. All rights reserved. ____________________________________ Attend HITBSecConf2007 - Malaysia Taking place September 3-6 2007 featuring seven tracks of technical training and a dual-track security conference with keynote speakers Lance Spitzner and Mikko Hypponen! - Book your seats today! http://conference.hitb.org/hitbsecconf2007kl/
This archive was generated by hypermail 2.1.3 : Thu Aug 23 2007 - 00:43:01 PDT