[ISN] Handheld Security Admin
isn at c4i.org
Thu Mar 16 05:05:06 EST 2006
This email newsletter comes to you free and is supported by the
following advertisers, which offer products and services in which
you might be interested. Please take a moment to visit these
advertisers' Web sites and show your support for Security UPDATE.
1. In Focus: Handheld Security Admin
2. Security News and Features
- Recent Security Vulnerabilities
- Cisco Moving into Physical Security Arena
- Firefox 2.0 to Gain Security Improvements
- Crank Up Security with MBSA 2.0
3. Security Toolkit
- Security Matters Blog
- Security Forum Featured Thread
- Share Your Security Tips
4. New and Improved
- Better Security Event Reporting
==== Sponsor: GuardianEdge Technologies ====
Encrypt and Manage Data on Any Platform
Sensitive data is everywhere: in email and on hard drives, removable
storage devices, and PDAs. Encryption is the only way to protect that
data from criminals and competitors while complying with regulators.
But encrypting data on all those devices and managing them efficiently
is a major challenge. Encryption Anywhere solves the problem with a
single management tool that plugs directly into Microsoft Active
Directory letting you distribute and manage encrypted Microsoft clients
without changing your current processes. Click here to find out how you
can protect corporate data and prevent identity theft.
==== 1. In Focus: Handheld Security Admin ====
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Laptops are great tools. They've allowed security administrators to
take their tools on the road and freed them from relying on access to a
storage server. For some security consultants, it might be nearly
impossible to get any work done without a laptop.
One downside of laptops is that sometimes they can be bulky to carry
around. Plus when you need to use a laptop, you must take it out of the
bag, find a place to set it (on your lap if necessary), and start it
up. Then when you're done, you must reverse the whole process. A task
that will take you 5 minutes on the computer winds up taking 10 minutes
Now, new mobile devices are poised to improve our situation once again.
New handheld devices are powerful, flexible, and relatively easy to
use. They can run a full-blown OS (as opposed to a scaled down, limited
version), provide plenty of storage, are lightweight, and are ready to
use almost instantly nearly any time and any place.
New devices are coming to market. One that you might have already heard
about is Microsoft's Ultra-Mobile PC (UMPC), code-named The Origami
UMPC runs Windows XP Tablet PC Edition, has a 7-inch display with a
minimum of 800 x 480 dpi resolution, includes network connectivity, has
a 40GB hard drive, and weighs about 2 pounds. UMPC won't fit in your
pocket, but it would fit in some purses, and you'll be able to hold it
in your hand to get work done when necessary. Microsoft's UMPC will
cost under $1000.
Some might think that UMPC is just another tablet PC. While that might
be true in the most basic sense, tablet PCs have significant advantages
over laptops, most notably the ease of use. One thing missing from UMPC
is a keyboard. I must have a keyboard, even though I like handhelds'
touch screens. A demo at Intel's site (first URL below) shows an ultra-
mobile device that does have a keyboard (second URL below). I want this
Another new device is the DualCor cPC. This device weighs only 1.1
pounds and features two processors and two OSs: Windows XP Tablet PC
Edition and Windows Mobile. The device also has a 40GB hard drive and
5-inch display with 800 x 480 dpi resolution. The price is $1500
retail, with discounts for volume purchases.
Another handheld computer comes from OQO. The OQO model 01+ has a 30GB
drive, weighs only 14 ounces, and is small enough to put in your
pocket. The screen size is 5 inches. The model 01+ has a mini-keyboard
that slides out from under the display. Hold on to your hats for the
price: the Windows Tablet PC Edition sells for $2099 retail!
For a decent comparison of several handheld computers, including some
that I didn't have room to mention here and some that don't run Windows
Tablet PC Edition, visit the handtops.com Web site at the URL below.
==== Sponsor: Scalable Software ====
How much are you spending on IT compliance? Streamline and automate the
compliance life cycle with this FREE white paper, and reduce your costs
==== 2. Security News and Features ====
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
Cisco Moving into Physical Security Arena
With its latest acquisition, Cisco aims to bring its customers IP-
enabled physical security. The company announced an agreement to
acquire privately held SyPixx Networks, a company founded in 2002 to
deliver video surveillance systems.
Firefox 2.0 to Gain Security Improvements
An alpha release of Firefox 2.0 is due out in the next few days,
according to meeting minutes posted at Mozilla Foundation. A few
important new security features will be included in the 2.0 version.
Read about them in this news story.
Crank Up Security with MBSA 2.0
The latest version of Microsoft's popular no-cost MBSA tool is more
than a simple update; it includes new features and has been designed to
integrate seamlessly with other update tools such as Windows Server
Update Services (WSUS) and the Systems Management Server (SMS)
Inventory Tool for Microsoft Updates (ITMU). Get the details at
==== Resources and Events ====
Windows Connections Conference, April 9-12, 2006
Don't miss the essential Windows technology conference.
When disaster strikes your servers, whether they are dedicated to
Windows, SQL, or Exchange, you need answers. Make sure that if an
emergency occurs, you're prepared. Get the full eBook and get started
on your recovery plan today!
Learn to gather evidence of compliance across multiple systems and link
the data to regulatory and framework control objectives. On-demand Web
Make sure your email server is secure. Learn everything from basic
techniques to defense-in-depth strategies, including network-level
access control lists, Web authentication, firewall protocol inspection,
and perimeter filtering. Live Web seminar Thursday, March 23.
Use Windows Server 2003 R2 as a platform for SQL Server 2005 to support
large-database requirements, including clustering and multiple
processors. Register for this free Web seminar today!
==== Featured White Paper ====
Use scripted deployments to ensure that all your Exchange servers are
configured and deployed with exactly the same options and to maintain a
record of your installation configurations. Learn how today!
==== Hot Spot ====
A multi-tier approach to email security prevents unauthorized access
and can stop spam, viruses, and phishing attacks. Learn to implement
one today, and protect your network security and business systems!
==== 3. Security Toolkit ====
Security Matters Blog: L0phtcrack Retired
by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=23D98:4FB69
After years as a password-cracking staple, L0phtcrack is apparently
being put out to pasture--discontinued. However, there are
alternatives, including Cain & Abel, LCP, Ophcrack 2, and the Openwall
Project's John the Ripper. Find links to these alternatives in this
by John Savill, http://list.windowsitpro.com/t?ctl=23D97:4FB69
Q: Can you use the Microsoft File Server Migration Toolkit (FSMT) to
migrate shares between servers in different forests?
Find the answer at http://list.windowsitpro.com/t?ctl=23D96:4FB69
Security Forum Featured Thread: Audit Tools
Know of any good tools to audit a Windows Server 2003 domain
environment, including password reports? If so, join the discussion at
Share Your Security Tips and Get $100
Share your security-related tips, comments, or problems and
solutions in the Windows IT Security print newsletter's Reader to
Reader column. Email your contributions (500 words or less) to
r2rwinitsec at windowsitpro.com. If we print your submission, you'll
get $100. We edit submissions for style, grammar, and length.
==== Announcements ====
(from Windows IT Pro and its partners)
Windows IT Pro Magazine Article Library--access available
Sign up for a Monthly Online Pass and get INSTANT access to all
articles, tools, and helpful resources published on WindowsITPro.com,
including exclusive subscriber-only content. You'll get 24/7 access to
the full Windows IT article library (which includes more than 9,000
articles) as well as the latest digital issue of Windows IT Pro
delivered right to your inbox. Sign up now:
Windows IT Pro Magazine--SAVE 58%
Windows IT Pro is a must-have in 2006! Subscribe now and plug into
the largest independent Windows IT community in the world. Along with
loads of how-to articles, time-saving advice, and expert tips and
solutions, you'll gain exclusive access to the entire online Windows IT
Pro article library FREE. This is a limited-time offer, so order now:
==== 4. New and Improved ====
by Renee Munshi, products at windowsitpro.com
Better Security Event Reporting
Astaro released Astaro Report Manager 4.2, which lets you collect
and report on data from Astaro Security Gateway appliances and security
gateways from other vendors such as Check Point and Cisco. New features
include a Java-based console that provides information about critical
security events in real time, a new forensics analysis tool that helps
you search log data on multiple devices, and new reports designed to
meet federal regulatory requirements. Pricing starts at $295 for
systems running Astaro Security Gateway Software and at $395 for Astaro
Security Gateway appliances. For more information, go to
Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving
you time or easing your daily burden? Tell us about the product, and
we'll send you a T-shirt if we write about the product in a future
Windows IT Pro What's Hot column. Send your product suggestions with
information about how the product has helped you to
whatshot at windowsitpro.com.
==== Contact Us ====
About the newsletter -- letters at windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=23D9B:4FB69
About product news -- products at windowsitpro.com
About your subscription -- windowsitproupdate at windowsitpro.com
About sponsoring Security UPDATE -- salesopps at windowsitpro.com
This email newsletter is brought to you by Windows IT Security,
the leading publication for IT professionals securing the Windows
enterprise from external intruders and controlling access for
internal users. Subscribe today.
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2006, Penton Media, Inc. All rights reserved.
More information about the ISN