[ISN] Security UPDATE -- Safer Mobile Surfing -- February 9, 2005
isn at c4i.org
Fri Feb 11 03:38:51 EST 2005
This email newsletter comes to you free and is supported by the
following advertisers, which offer products and services in which you
might be interested. Please take a moment to visit these advertisers'
Web sites and show your support for Security UPDATE.
Evaluate ScriptLogic Cloak & Get A Free T-Shirt
An Evaluation of the Total Cost of Ownership of Email Security
1. In Focus: Safer Mobile Surfing
2. Security News and Features
- Recent Security Vulnerabilities
- February the 13th: Microsoft Issues Massive Number of Security Fixes
- Microsoft to Purchase Sybari Software
- Weakness in Windows XP SP2 Overflow Protection
- SOHO Firewall Appliances
3. Security Matters Blog
- Stop Users from Bypassing Group Policy
- Two More Months to Opt Out of Windows XP SP2
4. Instant Poll
5. Security Toolkit
- Security Forum Featured Thread
6. New and Improved
- Spam Firewall for Large Organizations
==== Sponsor: ScriptLogic ====
Evaluate Cloak & Get A Free T-Shirt
If you're a security-conscious administrator, ScriptLogic has a new
product that's a must-have, no matter how large or small your company
is. Cloak is an innovative software solution that enhances the NTFS by
providing increased security, more accurate audits, and a streamlined
experience for network users. When you install Cloak on the Windows
Server, users will only see the files and folders they have permission
to access. Not only does Cloak filter network requests on file servers,
it can also filter local activity, so it's ideal for Citrix Metaframe
and Terminal Servers too! Download a 30-day evaluation today and get a
free Cloak t-shirt. Go to
==== 1. In Focus: Safer Mobile Surfing ====
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
I'm sure you read lots of different security-related blogs and Web
sites. There are a bunch of them out there, and the number seems to
keep right on growing. I've got dozens of them in my RSS reader, and I
often find new ones that I want to read now and then.
One interesting blog that I found some time ago is called Secureme. Not
only is it informative, but the writing style is subtly humorous at
times too. When I look at the "avatars" of the blog writers at the
site, I'm not quite sure what's missing: a flashy mirrored disco ball
and colored lights, or Santa's workshop. When you go to the blog,
you'll see what I mean.
An interesting recent post at the blog ("No SSH server, no problem!"
January 13) covered two tools, The Onion Router (TOR) and Privoxy, both
of which can be used in a variety of situations, such as using them
together to better protect your Internet communications when you're on
the road. For example, if you're using a hotel's in-house network or a
public wireless network, you could use TOR and Privoxy to help protect
your network traffic.
TOR is a routing technology that encrypts and routes your Internet
traffic through a number of TOR servers before the traffic reaches its
destination. Privoxy is a proxy server that helps protect your Internet
privacy by removing or obscuring various content, such as your DNS
queries, browser type, OS type, and more. You can configure Privoxy to
communicate with TOR so that all your Web traffic is routed through the
I tried the two tools, and they seem to work all right. Setting up a
TOR client is incredibly simple. Just install it, run it, and make sure
there are open ports on your firewall to pass traffic. That's it!
Privoxy is equally simple, except that to make it work with TOR, you'll
need to add one line to the Privoxy configuration, which is explained
in the TOR documentation. You can learn more about TOR and Privoxy and
download copies at their respective Web sites.
Until next time, have a great week.
==== Sponsor: Postini ====
An Evaluation of the Total Cost of Ownership of Email Security
Quantifying the Total Cost of Ownership (TCO) of email security
solutions is a notoriously difficult task. Discover how Total Cost of
Ownership is much more than the initial acquisition cost of a solution,
and how you can save thousands of dollars each year without sacrificing
accuracy, control or effectiveness in protecting your email systems.
Download this free whitepaper now!
==== 2. Security News and Features ====
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these discoveries
February the 13th: Microsoft Issues Massive Number of Security Fixes
Yesterday, Microsoft issued a massive number of security bulletins
and fixes as part of its regularly scheduled monthly security update
release. The company released 12 security bulletins for various
products, including several Windows versions, Exchange Server, Office
XP, Windows Media Player, MSN Messenger, and SharePoint. Eight of the
bulletins are rated as "critical," the company's most serious rating.
Microsoft to Purchase Sybari Software
Microsoft announced yesterday that it has signed a definitive
agreement to acquire Sybari Software, a New York-based company that
develops antivirus, antispam, and content-filtering technologies. The
acquisition will include all of Sybari's staff and technologies.
Weakness in Windows XP SP2 Overflow Protection
Security company Positive Technologies released a white paper that
explains what it considers to be weaknesses in the heap overflow
protection and data execution protection in Windows XP Service Pack 2
(SP2). The two technologies are designed to help prevent intruders from
taking advantage of unchecked buffers to launch malicious code within
SOHO Firewall Appliances
Even if you have a home office or work for a small company, you
still need to protect your valuable data and network. Firewalls have
become a de facto standard for all organizations--large and small--as a
frontline perimeter-based defense against attackers who want to steal
your information, hijack your resources, and otherwise vandalize your
network. Jeff Fellinge looks at several solutions in this Buyer's
==== Resources and Events ====
InfoSec World 2005, April 4-6, 2005, Orlando, FL
InfoSec World 2005 is where connections are made. Expand your
knowledge with the hottest topics and get real-world strategies and
tested techniques for meeting your toughest information security
challenges. With a full spectrum of events, InfoSec World offers an
array of stimulating programs, presentations, activities, networking
opportunities and more!
Ensure Successful Token Authentication
What's more secure than password protection? Attend this free Web
seminar and learn how to protect your network and make your mobile and
remote users more secure with token authentication. Discover ways to
evaluate, test, and roll out token authentication to protect your
investment, while making a solid business case to justify the costs.
Windows Connections Conference Spring 2005
Mark your calendar for Windows Connections Spring 2005, April 17-20,
2005, at the Hyatt Regency in San Francisco. Sessions jam-packed with
tips and techniques you need to know to ensure success in today's
enterprise deployments. Get the complete brochure online or call 203-
268-3204 or 800-505-1201 for more information.
Configuring Blade Servers for Your Application Needs
Blade servers pack a lot of function into a small space, conserve
power and are flexible. In this free Web seminar, industry guru David
Chernicoff details the best use of 1P, 2P and 4P configurations using
single and multiple enclosures; integrating with NAS and SAN and
managing the entire enterprise from a single console. Register now and
take advantage of blade servers' power and flexibility.
==== 3. Security Matters Blog ====
by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=164A:4FB69
Check out these recent entries in the Security Matters blog:
Stop Users from Bypassing Group Policy
I read a really interesting thread on the Focus on Microsoft mailing
list. A list member said his users found a way to bypass Group Policy
so that they could install unauthorized software on their machines. The
users entered their logon credentials, then as soon as they were
authenticated to the domain, they unplugged the network cable so that
Group Policy Objects (GPOs) weren't downloaded to their machines.
However, there are ways to foil this strategy.
Two More Months to Opt Out of Windows XP SP2
According to Microsoft's TechNet Flash newsletter, "the mechanism to
temporarily disable delivery of Windows XP SP2 is available only for a
period of 240 days (8 months) from August 16, 2004. At the end of this
period (after April 12, 2005), Windows XP SP2 will be delivered to all
Windows XP and Windows XP Service Pack 1 systems."
==== 4. Instant Poll ====
Results of Previous Poll:
Is comment spam a problem on your company's blogs or Web forums?
The voting has closed in this Windows IT Pro Security Hot Topic
nonscientific Instant Poll. Here are the results from the 13 votes:
- 23% Yes it was, but we solved it by requiring registration
- 0% Yes, but we'll implement the new "rel" tag format to stop it
- 0% Yes, but we don't plan to do anything about it
- 77% No
New Instant Poll:
If your company uses Windows XP, do you use XP SP2?
Go to the Security Hot Topic and submit your vote for
- No, but we intend to
- No, and we don't intend to
==== 5. Security Toolkit ====
by John Savill, http://list.windowsitpro.com/t?ctl=1647:4FB69
Q: How can I view a list of all applications on my computer that start
Find the answer at http://list.windowsitpro.com/t?ctl=1642:4FB69
Security Forum Featured Thread: ISAPI Extension Access to DCOM
Nicola has an Internet Server API (ISAPI) DLL that connects to a
Distributed COM (DCOM) application server. The setup includes a
Microsoft IIS server configured with integrated security and anonymous
access disabled, a domain group to collect all the domain users that
should be able to use the procedures in the DLL, and DCOM configured
with an administrator account and launch/access permissions for the
domain group. The setup works if the domain group is included in the
local Administrators group, but Nicola doesn't want to put the domain
group in the local Administrators group and wonders if there's some
other configuration that will work. Join the discussion at
==== Announcements ====
(from Windows IT Pro and its partners)
Try a Sample Issue of Exchange & Outlook Administrator!
If you haven't seen Exchange & Outlook Administrator, you're missing
out on key information to help you migrate, optimize, administer,
backup, recover, and secure Exchange and Outlook. Plus, paid
subscribers receive exclusive online library access to every article
we've ever published. Order now!
==== 6. New and Improved ====
by Renee Munshi, products at windowsitpro.com
Spam Firewall for Large Organizations
Barracuda Networks offers Barracuda Spam Firewall 800, a spam and
virus appliance for large organizations and ISPs. Barracuda Spam
Firewall 800 supports 30,000 active users and can handle nearly 1.3
million messages per hour. It's designed for reliability, including
redundant hot-swap power supplies, RAID 5 disk storage, dual gigabit
Ethernet ports, and clustering capabilities. Barracuda Spam Firewall
800 is priced at $17,999 for the appliance and $3999 per year for a
subscription to the Energize Update service, which updates the
appliance hourly with new spam rules and virus definitions. Barracuda
also offers Spam Firewall models for smaller organizations. For more
Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving
you time or easing your daily burden? Tell us about the product, and
we'll send you a T-shirt if we write about the product in a future
Windows IT Pro What's Hot column. Send your product suggestions with
information about how the product has helped you to
whatshot at windowsitpro.com.
Editor's note: Share Your Security Discoveries and Get $100
Share your security-related discoveries, comments, or problems and
solutions in the Security Administrator print newsletter's Reader to
Reader column. Email your contributions (500 words or less) to
r2rsecadmin at windowsitpro.com. If we print your submission, you'll get
$100. We edit submissions for style, grammar, and length.
==== Sponsored Links ====
Argent versus MOM 2005
Experts Pick the Best Windows Monitoring Solution
See Active Directory in a whole new light. And get a free
==== Contact Us ====
About the newsletter -- letters at windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=164D:4FB69
About product news -- products at windowsitpro.com
About your subscription -- windowsitproupdate at windowsitpro.com
About sponsoring Security UPDATE -- emedia_opps at windowsitpro.com
This email newsletter is brought to you by Security Administrator, the
leading publication for IT professionals securing the Windows
enterprise from external intruders and controlling access for internal
users. Subscribe today.
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2005, Penton Media, Inc. All rights reserved.
More information about the ISN