[ISN] Security UPDATE -- RSA Conference 2005 Highlights -- February 23, 2005

InfoSec News isn at c4i.org
Thu Feb 24 12:22:16 EST 2005


This email newsletter comes to you free and is supported by the 
following advertisers, which offer products and services in which you 
might be interested. Please take a moment to visit these advertisers' 
Web sites and show your support for Security UPDATE. 

Best Practices for Establishing and Enforcing a Security Policy in 
Your Business

The Email Security Annual Review & Threat Report


1. In Focus: RSA Conference 2005 Highlights

2. Security News and Features
   - Recent Security Vulnerabilities
   - The New Phish Report Network
   - Identity Web Services Framework Now Supports SAML 2.0

3. Security Matters Blog
   - McAfee Will Scan your Wi-Fi Config for Vulnerabilities
   - Add SonicWALL to Your List of Enterprise Antispyware Solutions

4. Instant Poll

5. Security Toolkit
   - Web Chat
   - FAQ
   - Security Forum Featured Thread

6. New and Improved
   - A Second Factor of Authentication for Windows


==== Sponsor: Microsoft ====

Best Practices for Establishing and Enforcing a Security Policy in 
Your Business
   With all the viruses, Trojans, spyware, malware, and malicious 
attacks out there, is your company as prepared as it can be to fend 
off these threats? This white paper will provide you with detailed 
information for establishing and enforcing a security policy so that 
you have a safety net to fall back on and can ensure that you're 
making the right decisions at a demanding time. Specifically, you'll 
go through the process of creating a security policy and creating an 
incident response plan to prepare your organization for the worst-
case scenario. Download this free white paper now!


==== 1. In Focus: RSA Conference 2005 Highlights ====
   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

RSA Conference 2005 took place last week in San Francisco with more 
than 275 vendors and more than 200 conference sessions. The last I 
heard, conference organizers were saying that 13,000 people attended, 
but that count wasn't official. One thing I am sure about is that 
with that many vendors and conference sessions, nobody saw 

There were some interesting announcements at the conference, so if 
you were not among the thousands who did attend, then here are a few 
of the highlights from the show: 

In his keynote address, Computer Associates (CA) Executive Vice 
President Russell Artzt pointed out that business executives must now 
pay very close attention to security concerns at all levels of the 
company and be ready to thoroughly account for their decision-making 
processes, primarily due to government regulations such as Sarbanes-

Cisco Systems announced a new phase of its Self-Defending Network 
technology. The company said that the new Adaptive Threat Defense 
phase addresses threats at multiple layers, simplifies architectural 
designs, and provides enterprisewide containment and control.

RSA Security announced the Security Authentication Roadmap, in which 
the company will provide a standards-based, enterprise-enabled 
platform for overall credentials management using strong 
authentication. The company also announced the RSA Authentication 
Service, which will help provide consumers with "enterprise-class 
protection" during their online activities; an RSA SecurID Appliance 
that provides two-factor authentication for businesses with fewer 
than 1,000 employees; and RSA SecurID SID700 and SID800 USB-enabled 
authentication devices. 

Microsoft Chairman Bill Gates announced in his keynote speech that 
the company will launch new security initiatives that include various 
software updates, such as a future release of Internet Explorer (IE) 
7.0 for Windows XP systems, the scheduled March release of a beta 
version of its unified Windows Update Service (WUS), Microsoft 
Baseline Security Analyzer (MBSA) 2.0, the release to manufacturing 
of Internet Security and Acceleration (ISA) Server 2004 Enterprise 
Edition, and Rights Management Services (RMS) Service Pack 1 (SP1). 
Gates also announced the formation of the Secure Software Forum in 
partnership with several other companies and the worldwide expansion 
of its Most Valuable Professional (MVP) program to help developers 
communicate with each other about developing secure applications. 

Shavlik Technologies announced several new products, including NetChk 
Epicenter, a common GUI for NetChk applications that lets 
administrators scan numerous systems and applications, view scan 
results, and correct security problems. The company also announced 
that it will release patch-management solutions for Unix and Linux 
platforms--including AIX, HP-UX, Red Hat Linux, and Solaris--sometime 
in the second quarter of 2005. The company also announced NetChk 
Spyware and NetChk Shares, which lets administrators discover shared 
resources on one or more computers, remove shared resources, restrict 
anonymous access, and test for weak passwords. 

Identity management solution provider Abridean joined the BlackBerry 
ISV Alliance Program, thereby forming a relationship with Research in 
Motion (RIM). Abridean will help simplify and automate management of 
Blackberry user accounts in BlackBerry Enterprise Server in 
combination with other messaging and enterprise systems.

DesktopStandard released PolicyMaker Application Security, which 
helps adminitrators enforce the practice of giving users the minimum 
privileges that they need on Windows-based desktops and selectively 
elevate privileges for users who need them.

Priva Technologies announced an upgrade to its Cleared Security 
Platform, which uses multifactor authentication in a single-point, 
end-to-end solution. The product now supports authentication for Web 
services, Microsoft .NET technology, email signing, and public key 
infrastructure (PKI). 

Seaway Networks released a pretty slick product: the Trident NCA2000-
L7P Intrusion Prevention Accelerator Card. The Intrusion Detection 
System/Intrusion Prevention System (IDS/IPS) card can be used to 
convert servers into filtering appliances. The board provides 2Gbps 
of full duplex data processing and pattern matching, including 
processing of network layers 2-7. 

Lyris Technologies improved the detection of phishing and other email-
related threats in its MailShield Server product with an upgrade to
the embedded Mailshell SpamCompiler engine. Lyris said that MailShield
Server is available for Windows and Solaris platforms, and a
MailShield Pro version for Windows can record all SMTP transactions
and provide a searchable audit trail of all incoming and outgoing

And last, but certainly not least, Intense School presented its Live 
Online Professional Hacking class, led by Ralph Echemendia. The class 
teaches participants how to think like an intruder so they can 
protect themselves proactively rather than having to react 
defensively to intrusions. 


==== Sponsor: Postini ====

The Email Security Annual Review & Threat Report
   This "must read" white paper for email administrators and security 
professionals features a comprehensive overview of changes in email 
threats and the regulatory environment in 2004, and previews issues 
and expectations for 2005. Review the latest statistical trends in 
spam, virus and email attacks, and get an overview of how 
organizations are responding to these threats; get a sneak preview 
from analysts and experts into emerging issues and concerns that may 
help inform email security strategies and implementations for 2005. 
Register now and get the key trend data on spam, virus and email 
attacks from 2004!


==== 2. Security News and Features ====

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at

The New Phish Report Network
   Microsoft, eBay, PayPal, and Visa have teamed with WholeSecurity 
to launch the Phish Report Network. The network will serve as a 
worldwide antiphishing aggregation service. 

Identity Web Services Framework Now Supports SAML 2.0
   Liberty Alliance has released the second draft of its Identity Web 
Services Framework (ID-WSF), which now includes support for the 
Organization for the Advancement of Structured Information Standards 
(OASIS) Security Assertion Markup Language (SAML) 2.0 specification. 
Both ID-WSF and SAML provide methods of handling identity in 
conjunction with the use of Web services.


==== Resources and Events ====

Minimize the Likelihood of Downtime in Your Exchange Implementation.
   In this free, on-demand Web seminar, discover how to ensure 
continuous Exchange application availability. Learn how to take 
preemptive, corrective action without resorting to a full system 
failover. Or in extreme cases, discover solutions that perform a 
graceful, automatic switchover to a secondary server, ensuring 
continuous Exchange application availability. View the archive today!

Get Essential Security Tips in This Free eBook
   Knowing where to find answers fast to secure your systems against 
attack can often mean the difference between shutting the door to 
various threats (e.g., malware, viruses, Trojans) and declaring 
defeat. This free eBook provides you with quick answers to help you 
make the most of your security. Get the entire eBook and start 
securing your systems!

Keeping Your Business Safe from Attack: Monitoring and Managing Your 
   Get the information you need to securely implement a network based 
around Microsoft products in the latest chapter of this eBook. Find 
out how to secure your network against threats, and learn about 
topics such as antivirus, VPNs, spyware, DMZs, content filtering, 
Browser Helper Objects, patching, quarantining, intrusion detection, 
and event notification. Get this eBook today!

Get the Entire eBook: "Content Security in the Enterprise--Spam and 
   This eBook explores how to reduce and eliminate the risks from 
Internet applications such as email, Web browsing, and Instant 
Messaging by limiting inappropriate use of these applications, 
eliminating spam, protecting corporate information assets, and 
ensuring that these vital resources are secure and available for 
authorized business purposes. Download this free eBook now!

Get Ready for SQL Server 2005 Roadshow in a City Near You
   Get the facts about migrating to SQL Server 2005. SQL Server 
experts will present real-world information about administration, 
development, and business intelligence to help you implement a best-
practices migration to SQL Server 2005 and improve your database 
computing environment. Receive a 1-year membership to PASS and 1-year 
subscription to SQL Server Magazine. Register now!


==== Hot Release ====

Symantec ON iPatch -- Automated Patch Management
   On its first "patch Tuesday" of 2005, Microsoft released three 
software updates to fix security holes in its popular Windows 
operating system. Symantec ON iPatch provides an automated patch 
management solution that can handle today's growing number of 
patches. To learn more visit us at:


==== 3. Security Matters Blog ====
   by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=2DD1:4FB69

Check out these recent entries in the Security Matters blog:

McAfee Will Scan your Wi-Fi Config for Vulnerabilities
   McAfee launched a new free service that uses a downloadable 
ActiveX control to scan your wireless networking configuration for 
vulnerabilities. The company's new Wi-FiScan Web page says that the 
service can suggest security measures to correct problems that it 
finds in your configuration. 

Add SonicWALL to Your List of Enterprise Antispyware Solutions
   You can add SonicWALL to the list of enterprise antispyware 
solutions. The company announced the addition of "dynamic spyware 
detection and prevention capabilities" to its line of gateway 
security offerings. 

==== 4. Instant Poll ====

Results of Previous Poll:
If your company uses Windows XP, do you use XP SP2?

   The voting has closed in this Windows IT Pro Security Hot Topic 
nonscientific Instant Poll. Here are the results from the 27 votes.
   - 63% Yes
   - 26% No, but we intend to
   - 11% No, and we don't intend to

New Instant Poll:
Do you think Microsoft should offer Internet Explorer (IE) 7.0 for 
Windows 2000 platforms?

   Go to the Security Hot Topic and submit your vote for 
   - Yes
   - No

==== 5. Security Toolkit ==== 

Web Chat: Group Policy
   Darren Mar-Elia will answer your questions about troubleshooting 
Group Policy in a chat February 24, 12:00 P.M. EST. Look for his 
article, "Troubleshooting Group Policy-Related Problems," in the 
February 2005 issue of Windows IT Pro magazine, and join the chat at 

   by John Savill, http://list.windowsitpro.com/t?ctl=2DCE:4FB69 

Q. What's the Microsoft Windows Malicious Software Removal Tool?

Find the answer at http://list.windowsitpro.com/t?ctl=2DCB:4FB69

Security Forum Featured Thread: Possible IIS 6.0 and XMLHTTP Security 
   A forum participant has a client application that creates XML 
documents that include both text and bin.base64 nodes. Posting is 
done from the client application using the MSXML2.XMLHTTP.4.0 
component to the Active Server Pages (ASP) server application on 
Microsoft IIS 6.0. The request is loaded into an 
MSML2.DOMDocument.4.0 object. Sometimes the loading fails and the 
request is empty. The failure doesn't happen on an IIS 5.1 server. 
Join the discussion at


==== Announcements ====
   (from Windows IT Pro and its partners)

Try a Sample Issue of Exchange & Outlook Administrator!
   If you haven't seen Exchange & Outlook Administrator, you're 
missing out on key information to help you migrate, optimize, 
administer, backup, recover, and secure Exchange and Outlook. Plus, 
paid subscribers receive exclusive online library access to every 
article we've ever published. Order now!

Nominate Yourself or a Friend for the MCP Hall of Fame
   Are you a top-notch MCP who deserves to be a part of the first-
ever MCP Hall of Fame? Get the fame you deserve by nominating 
yourself or a peer to become a part of this influential community of 
certified professionals. You could win a VIP trip to Microsoft and 
other valuable prizes. Enter now--it's easy:


==== 6. New and Improved ====
   by Renee Munshi, products at windowsitpro.com

A Second Factor of Authentication for Windows
   Entrust announced Entrust IdentityGuard for Microsoft Windows, 
which adds a second factor of authentication for users logging on to 
Windows desktops. In addition to entering his or her username and 
password, a user is asked to enter a set of numbers and or 
characters. The user must find the correct characters on a grid 
supplied by his or her organization on a wallet-sized plastic card, 
in conjunction with a building-access card, or in electronic form for 
portable devices accessing the corporate network. Entrust 
IdentityGuard for Microsoft Windows will be available for beta in 
first quarter 2005, with commercial availability in second quarter 
2005. For more information, go to

Tell Us About a Hot Product and Get a T-Shirt!
   Have you used a product that changed your IT experience by saving 
you time or easing your daily burden? Tell us about the product, and 
we'll send you a T-shirt if we write about the product in a future 
Windows IT Pro What's Hot column. Send your product suggestions with 
information about how the product has helped you to 
whatshot at windowsitpro.com.

Editor's note: Share Your Security Discoveries and Get $100
   Share your security-related discoveries, comments, or problems and 
solutions in the Security Administrator print newsletter's Reader to 
Reader column. Email your contributions (500 words or less) to 
r2rsecadmin at windowsitpro.com. If we print your submission, you'll get 
$100. We edit submissions for style, grammar, and length.


==== Sponsored Links ====

Automate Patch Management with Symantec ON iPatch

Quest Software
   See Active Directory in a whole new light. And get a free 

DynaComm i:scan from FutureSoft True Enterprise anti-spyware, network-
wide from a central console


==== Contact Us ==== 

About the newsletter -- letters at windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=2DD5:4FB69
About product news -- products at windowsitpro.com
About your subscription -- windowsitproupdate at windowsitpro.com
About sponsoring Security UPDATE -- emedia_opps at windowsitpro.com


This email newsletter is brought to you by Security Administrator, 
the leading publication for IT professionals securing the Windows 
enterprise from external intruders and controlling access for 
internal users. Subscribe today.

View the Windows IT Pro privacy policy at

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2005, Penton Media, Inc. All rights reserved.

More information about the ISN mailing list