[ISN] Security UPDATE -- Windows 2000 Support; IE; Spyware Study -- February 2, 2005

InfoSec News isn at c4i.org
Thu Feb 3 01:16:17 EST 2005


This email newsletter comes to you free and is supported by the 
following advertisers, which offer products and services in which you 
might be interested. Please take a moment to visit these advertisers' 
Web sites and show your support for Security UPDATE. 

Service Account Manager for your Data Center

Email Encryption and Compliance: The Answer to an Email Admin's Worst 


1. In Focus:  Windows 2000 Support; IE; Spyware Study

2. Security News and Features
   - Recent Security Vulnerabilities
   - MCI to Acquire NetSec
   - SonicWALL Extends Managed Security Services Partner Program
   - Microsoft to Require Legitimate Windows for Downloads
   - IronPort C30

3. Security Matters Blog
   - New Updates for Ethereal and Snort
   - Need Help Automating Configuration of Routers and Firewalls?

4. Security Toolkit
   - FAQ
   - Security Forum Featured Thread

5. New and Improved
   - Speedier Authentication


==== Sponsor: Lieberman Software ====

Service Account Manager for your Data Center
   Most organizations don't update all their service accounts 
regularly. Reason: it's too hard to do reliably with the built-in tools 
Microsoft provides (scripts don't make it much better). Lieberman 
Software's product: "Service Account Manager" has been reliably 
handling the most complex service account management issues of major 
corporations and government agencies since 1998. Complex issues such as 
service dependencies, logon cache, rights and memberships are handled 
easily. Try it for free on 10 systems for 30 days by going to our web 
site. Or, contact us for an on-line demo.


==== 1. In Focus: Windows 2000 Support; IE; Spyware Study ====
   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

As you know, Microsoft's blanket support for Windows NT Server has 
ended. The company will cease to provide online support of the product 
on January 1, 2007. However, Microsoft has released updates that apply 
to Windows NT components. For example, the company included an update 
for Microsoft Internet Explorer (IE) 6.0 Service Pack 1 (SP1) for 
Windows NT systems in its monthly security update release for January. 
You can read more about Windows NT support at the following URL: 

Microsoft recently announced that it will end standard support, 
including nonsecurity hotfixes, for Windows 2000 Server on June 30. 
Paid mainstream support will be available beginning on that date, paid 
extended support can be obtained until June 30, 2010. Security hotfixes 
will continue to be available, free for everybody, until March 31, 

The company also recently said that it will release no new version of 
IE until the next version of Windows, code-named Longhorn, becomes 
available. Longhorn is currently scheduled for some time in 2006, but 
there are no guarantees that it will in fact be released then. Those of 
you who want an enhanced version of IE with better security, similar to 
the one in Windows XP SP2, will have to use third-party browser 
enhancements to bolster IE's functionality. 

As you know, Microsoft recently released a beta version of an 
antispyware solution that's based on the technology of GIANT Company 
Software, which Microsoft recently purchased. You can download a copy 
at the Microsoft Security at Home Web site. 

My December 2, 2004 commentary, "A Flurry of Enterprise Spyware 
Solutions," provides a comprehensive list of the available and upcoming 
enterprise antispyware solutions.

Just before I wrote that article, I found a useful study of various 
antispyware packages, but I failed to bookmark the site and lost track 
of it for a while. I recently came across the site again, and I think 
you'll find it very interesting. The site, Spyware Warrior, has a blog, 
forums, lists of products to avoid that contain spyware, and the study, 
by Eric L. Howes, that offers lots of valuable information about how 
various antispyware solutions perform. 

Howes says that the GIANT/Microsoft solution is among the best at 
detecting and removing various forms of spyware--good news for people 
who want to use a Microsoft solution. Howes' report explains his 
methodology and contains loads of data and test results gathered during 
various phases of testing in October 2004. Among his findings are that 
no one antispyware solution removes all forms of spyware, that even the 
best performers miss a quarter of spyware-related files and registry 
entries, and that prevention is preferable to removal. 


==== Sponsor: Postini ====

Email Encryption and Compliance: The Answer to an Email Admin's Worst 
   New regulations, legal liability issues and evolving threats have 
recently bumped the issue of secure email transmission to the top of IT 
security managers' "To Do" list. In this free white paper you'll learn 
how simple and cost effective is it to implement TLS-based secure email 
transmission. Download this whitepaper now to find out how to support 
the dual goals of securing email transmission while preserving the 
administrator's ability to filter out spam, viruses and prevent email 
content policy violations.


==== 2. Security News and Features ====

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these discoveries 

MCI to Acquire NetSec
   MCI will acquire NetSec for approximately $105 million in cash. A 
joint press release says that MCI will combine its network intelligence 
with NetSec's managed security services and premise-based intelligence 
to create an expanded suite of offerings targeted at businesses and 

SonicWALL Extends Managed Security Services Partner Program
   SonicWALL announced changes to its Managed Security Services Partner 
(MSSP) program that will give resellers a boost in establishing and 
building their managed services infrastructures.

Microsoft to Require Legitimate Windows for Downloads
   by Paul Thurrott
   Microsoft announced a roadmap for moving to a future in which 
Windows users must prove that their OSs aren't pirated before they can 
download any software from Microsoft.com or Windows Update. The plan, 
dubbed Windows Genuine Advantage, is being phased in over time, 
although Microsoft will continue to let even pirated Windows versions 
download critical security patches through Automatic Updates. 

IronPort C30
   By David Chenicoff
   IronPort Systems' IronPort C30 is a midrange email-security 
appliance for small-to-midsized businesses (SMBs). The appliance 
supports spam detection, virus protection, and content filtering, but 
what sets it apart are two advanced features: IronPort Reputation 
Filters and IronPort Virus Outbreak Filters. 


==== Resources and Events ====

Free eBook! Keeping Your Business Safe from Attack: Passwords and 
   Master password and permissions basics with our newest free eBook 
and discover how to prevent most vulnerabilities and exploits with 
Microsoft's new tools. Firewalls, antivirus software, Intrusion 
Detection Systems (IDS), and Intrusion Prevention Systems (IPS) can all 
fail--but a strong permissions and authentication defense is priceless. 
Get the latest chapter now!

Encryption and Certificate Services eBook
   In this new eBook, get the information you need to best deploy 
Windows Public Key Infrastructure (PKI) services in your IT 
environment. This free book explains the key components, concepts, and 
standards behind PKI and provides insight into how to put a Windows-
rooted PKI into operation and how to keep it operational. Get the eBook 

Fax Servers: Integrate. Automate. Communicate
   Join industry expert David Chernicoff in this free Web seminar to 
learn the best way to integrate and automate fax from messaging systems 
such as Microsoft Exchange Server and Outlook; improve document 
handling and delivery; and more. You'll receive a complimentary 30-day 
software evaluation, whitepaper, and Starbuck's gift card just for 
attending! Register now.

Is Your Messaging Infrastructure Ready for Tomorrow's Risks?
   Join industry security expert Randy Franklin Smith as he reveals the 
hottest security trends in the industry. Find out how SPIM, spyware, 
phishing, and malware evolve and become the latest threats for 
industrial espionage. You'll learn which kinds of attacks companies are 
reporting in increased numbers and the commonly held misconceptions 
about Microsoft security patches. You'll also discover how secure 
content management solutions (SCMs) can help your company defend 
against business and network integrity threats. Register now and ensure 
enterprisewide protection!


==== 3. Security Matters Blog ====
   by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=85B:4FB69

Check out these recent entries in the Security Matters blog:

New Updates for Ethereal and Snort
   Two popular open-source security tools, Ethereal and Snort, were 
recently updated. The latest version of Ethereal is 0.10.9, and the 
latest version of Snort is 2.3.0 . If you use these tools, be sure to 
check out the latest versions, which undoubtedly contain bug fixes and 

Need Help Automating Configuration of Routers and Firewalls?
   I found a really slick tool that can help you automate 
configurations for Cisco routers, Cisco PIX firewalls, and Linux 
iptables and ip routes. It's called NetSPoC, which I believe is short 
for Network Security Policy Compiler. 

==== 4. Security Toolkit ==== 

   by John Savill, http://list.windowsitpro.com/t?ctl=858:4FB69 

Q: Does Windows XP Service Pack 2 (SP2) have an updated Sysprep tool?

Find the answer at

Security Forum Featured Thread: Modifying Directory ACLs
   A reader writes that he accidentally modified the ACL of a directory 
on his disk and now he can't change it back. He said he has full access 
to the parent object and doesn't know why this isn't enough authority 
to change the ACL again. Have the answer? Join the discussion at


==== Announcements ====
   (from Windows IT Pro and its partners)

Try a Sample Issue of Exchange & Outlook Administrator!
   If you haven't seen Exchange & Outlook Administrator, you're missing 
out on key information to help you migrate, optimize, administer, 
backup, recover, and secure Exchange and Outlook. Plus, paid 
subscribers receive exclusive online library access to every article 
we've ever published. Order now!

Nominate Yourself or a Friend for the MCP Hall of Fame
   Are you a top-notch MCP who deserves to be a part of the first-ever 
MCP Hall of Fame? Get the fame you deserve by nominating yourself or a 
peer to become a part of this influential community of certified 
professionals. You could win a VIP trip to Microsoft and other valuable 
prizes. Enter now--it's easy:


==== 5. New and Improved ====
   by Renee Munshi, products at windowsitpro.com

Speedier Authentication
   I/O Software offers SecureSuite XS 4.51, authentication management 
software that works with biometrics, smart cards, and tokens. 
SecureSuite XS's applications provide secure system logon, password 
bank/single sign-on, file encryption, and application locking. 
SecureSuite XS 4.51 integrates data compression, caching, and other 
optimizations to improve client-server authentication time and overall 
performance on WANs. The new release also adds to the number of 
authentication devices supported by SecureSuite XS. SecureSuite XS 
supports Windows Server 2003, Windows XP,and Windows 2000 and can be 
deployed as a standalone workstation product or in a client-server 
environment, using Active Directory (AD). For more information, go to

Tell Us About a Hot Product and Get a T-Shirt!
   Have you used a product that changed your IT experience by saving 
you time or easing your daily burden? Tell us about the product, and 
we'll send you a T-shirt if we write about the product in a future 
Windows IT Pro What's Hot column. Send your product suggestions with 
information about how the product has helped you to 
whatshot at windowsitpro.com.

Editor's note: Share Your Security Discoveries and Get $100
   Share your security-related discoveries, comments, or problems and 
solutions in the Security Administrator print newsletter's Reader to 
Reader column. Email your contributions (500 words or less) to 
r2rsecadmin at windowsitpro.com. If we print your submission, you'll get 
$100. We edit submissions for style, grammar, and length.


==== Sponsored Links ====

Argent versus MOM 2005
   Experts Pick the Best Windows Monitoring Solution


==== Contact Us ==== 

About the newsletter -- letters at windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=85D:4FB69
About product news -- products at windowsitpro.com
About your subscription -- windowsitproupdate at windowsitpro.com
About sponsoring Security UPDATE -- emedia_opps at windowsitpro.com


This email newsletter is brought to you by Security Administrator, the 
leading publication for IT professionals securing the Windows 
enterprise from external intruders and controlling access for internal 
users. Subscribe today.

View the Windows IT Pro privacy policy at

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2005, Penton Media, Inc. All rights reserved.

More information about the ISN mailing list