CRIME FW: [Information_technology] Daily News 7/23/03

From: George Heuston (GeorgeH@private)
Date: Wed Jul 23 2003 - 10:12:33 PDT

  • Next message: Karol Kulaga: "CRIME Risks of public Internet terminals / web based nt password cracking goodness"

    -----Original Message-----
    From: InfraGard [mailto:infragard@private] 
    Sent: Wednesday, July 23, 2003 7:39 AM
    To: Information Technology
    Subject: [Information_technology] Daily News 7/23/03
    
    July 22, Associated Press
    Risks of public Internet terminals demonstrated. The risks and dangers
    of
    using public Internet terminals at cybercafes, libraries, airports and
    other
    establishments have been demonstrated by recent high-profile cases where
    software that logs individual keystrokes has been installed on public
    computers and used to record user names and password. Neel Mehta of
    Internet
    Security Systems Inc. said that while millions of individuals use public
    terminals without trouble, they should be cautious. "When you sit down
    at an
    Internet cafe, ask the owner or operator about the security measures in
    place," he said. Encrypting e-mail and Web sessions does nothing to
    combat
    keystroke loggers, which capture data before the scrambling occurs. Data
    cookies, files that help Web sites remember who you are, also contribute
    to
    the risk of identity theft. Unless you remember to log out, these files
    could let the next person using the public terminal to surf the Web as
    you.
    Browsers typically record recent Web sites visited so users won't have
    to
    retype addresses. But such addresses often have usernames and other
    sensitive information embedded. Secure public terminals should by
    default
    have provisions for automatically flushing cookies and Web addresses
    when a
    customer leaves, Internet security experts say. Source:
    http://www.washingtonpost.com/wp-dyn/articles/A29083-2003Jul22.html
    
    July 22, Medill News Service
    Changes in broadband laws stall. Lawmakers are asking the Federal
    Communications Commission (FCC) to issue a pending Triennial Review
    Order
    that will dictate whether broadband Internet is classified as an
    information
    service or a telecommunications service, which in turn determines how it
    can
    be regulated. Some cable operators are classified as information service
    providers and not as telecommunication services, they don't have to let
    the
    public or competitors use their pipelines. However, common
    telecommunication
    carriers--notably telephone companies that also sell DSL services--must
    share access. Lawmakers and panelists at a hearing of the House Energy
    and
    Commerce subcommittee Monday agreed there are two ways to give cable and
    DSL
    services an even playing field: place broadband cable services under the
    same regulations currently imposed on DSL providers; or deregulate DSL
    companies and let them compete freely in the marketplace. Regulating
    cable
    service providers, opponents say, would inhibit industry growth,
    competition, and capital investment. On the other hand, DSL providers
    entering a totally deregulated market could get crushed by their cable
    modem
    competitors, who control the vast majority of the market share as well
    as
    the infrastructure. Source:
    http://www.pcworld.com/news/article/0,aid,111692,00.asp
    
    
    Internet Security Systems - AlertCon: 2 out of 4
    https://gtoc.iss.net/
    Last Changed 22 July 2003
    
    Security Focus ThreatCon: 2 out of 4
    www.securityfocus.com
    Last Changed 22 July 2003
    
    Current Virus and Port Attacks
    Virus: #1 Virus in USA: WORM_KLEZ.H
    Source: http://wtc.trendmicro.com/wtc/wmap.html, Trend World Micro Virus
    Tracking Center [Infected Computers, North America, Past 24 hours, #1 in
    United States]
    
    Top 10 Target Ports: 137 (netbios-ns), 445 (microsoft-ds), 80 (www),
    1434
    (ms-sql-m), 4662 (eDonkey2000), 54846 (---), 113 (ident), 16058 (---),
    139
    (netbios-ssn), 12072 (---)
    Source: http://isc.incidents.org/top10.html; Internet Storm Center
    
    _______________________________________________
    Information_technology mailing list
    Information_technology@listserv
    



    This archive was generated by hypermail 2b30 : Wed Jul 23 2003 - 11:48:03 PDT