For more updates

[Replies] [Reply] [View by Thread] [Help]
[Back To CyberArmy Public Forum]

Lt FanTasY

Check Reds official Security News:
http://readyresponse.dynu.com/red-security/ltstnews.htm
which is updated once very 2 days :)

-+ Fantasy +-

On 2002-12-12 22:06:39, Darkstorm777 wrote
>********************
>Windows & .NET Magazine Security UPDATE--brought to you by Security
>Administrator, a print newsletter bringing you practical, how-to
>articles about securing your Windows .NET Server, Windows 2000, and
>Windows NT systems.
>http://www.secadministrator.com
>********************
>
>~~~~ THIS ISSUE SPONSORED BY ~~~~
>
>FREE eBook on W2K and AD Administration
>http://list.winnetmag.com/cgi-bin3/flo?y=eOtT0CJgSH0CBw06u60Ag
>
>FREE DOWNLOAD - Control PCs over the Internet
>http://list.winnetmag.com/cgi-bin3/flo?y=eOtT0CJgSH0CBw0pVP0AZ
>(below IN FOCUS)
>
>~~~~~~~~~~~~~~~~~~~~
>
>~~~~ SPONSOR: FREE EBOOK ON W2K AND AD ADMINISTRATION ~~~~
>Experience greater administrative control and security of Active
>Directory and Exchange with Aelita Enterprise Directory Manager. EDM's
>secure "Rules & Roles" enhances Exchange and Active Directory
>management allowing integration of Active Directory, Exchange 5.5 &
>2000, and HR applications. The result is secure, integrated workflow
>for employee identity management and provisioning. Start with your
>FREE eBook today!
>http://list.winnetmag.com/cgi-bin3/flo?y=eOtT0CJgSH0CBw06u60Ag
>~~~~~~~~~~~~~~~~~~~~
>
>December 11, 2002--In this issue:
>
>1. IN FOCUS
>- New Certification Standards for Firewalls
>
>2. SECURITY RISKS
>- DoS in Microsoft Outlook 2002
>- Cross-Domain Security Vulnerability in Microsoft IE
>
>3. ANNOUNCEMENTS
>- The Microsoft Mobility Tour Is Coming Soon to a City Near You!
>- Get the New Windows & .NET Magazine Network Super CD/VIP!
>
>4. SECURITY ROUNDUP
>- News: IMlogic and CypherGuard Team to Better Secure IM
>- News: GFI Offers WebMonitor for ISA Server 2000 as Freeware
>- Feature: Microsoft Addresses Inherent Security of Windows
>
>5. HOT RELEASE (ADVERTISEMENT)
>- ALERT: "Outsmart the Top 14 Web Application Hacks"
>
>6. INSTANT POLL
>- Results of Previous Poll: Using Open-Source Products
>- New Instant Poll: ICSA Firewall Certification
>
>7. SECURITY TOOLKIT
>- Virus Center
>- Virus Alert: W32/CIH.1106
>- FAQ: How Can I Hide Core Icons from the Windows XP Desktop?
>
>8. NEW AND IMPROVED
>- Control Spam with Firewall Appliance
>- Locate and Remove Infestations
>- Submit Top Product Ideas
>
>9. HOT THREADS
>- Windows & .NET Magazine Online Forums
>- Featured Thread: Netstat Output
>
>10. CONTACT US
>See this section for a list of ways to contact us.
>
>~~~~~~~~~~~~~~~~~~~~
>
>1. ==== IN FOCUS ====
>(contributed by Mark Joseph Edwards, News Editor,
>mark@ntsecurity.net)
>
>* NEW CERTIFICATION STANDARDS FOR FIREWALLS
>
>ICSA Labs (see the URL below), a division of TruSecure, offers
>firewall certification by testing firewalls against a defined set of
>criteria. Firewall products that meet the criteria can claim ISCA Labs
>Certification. In the past, ICSA Labs has used one set of criteria to
>certify all firewall products, whether those firewalls were designed
>for large corporations, small businesses, or residential users.
>http://www.icsalabs.org
>
>ICSA Labs has now developed "Modular Firewall Certification Criteria
>4.0." The criteria include a base set of requirements--plus three
>other sets of requirements that differ based on the firewall's target
>market. According to ICSA Labs, "Version 4.0 is the culmination of
>over a year and half of work with industry experts, end users and the
>Firewall Product Developers Consortium - an international forum of
>competing developers of firewall products that works toward common
>goals to benefit both members and end users. Version 4.0 reflects the
>different functional requirements in today's multi-segmented firewall
>market."
>
>The base criteria module--applicable to all firewalls--requires that
>firewalls adhere to specific logging requirements, provide certain
>administrative capabilities, and maintain security policy persistence.
>The firewalls must also pass functional tests to prove that their
>policies and administration features work as intended, that they
>prevent unauthorized access to administrative functions, that they
>aren't vulnerable to evolving sets of attacks, and that they don't
>introduce vulnerabilities through their integration into a network.
>The firewalls must also pass tests that demonstrate their resistance
>to trivial Denial of Service (DoS) attacks and their ability, if they
>fail, to fail in a way that stops all network traffic to protect the
>networks they guard. And, of course, the firewalls must also have
>thorough, accurate documentation in such areas as installation,
>administration, and maintenance.
>
>The other three criteria sets (corporate, business, and residential)
>have a few overlapping requirements, such as the default policy's
>allowed inbound and outbound protocols and remote administration
>capabilities. However, beyond those overlapping elements, the
>requirements differ significantly according to target market. As you
>might expect, the corporate firewall requirements are more stringent
>than those for business firewalls, and those for business firewalls
>more stringent that those for residential firewalls. The differences
>among the three modules lie mostly in the areas of logging,
>administration, and time/date persistence. Overall, the requirements
>for any type of firewall are stricter than the previous requirements
>ICSA Labs used. You can read about the exact criteria for each
>firewall type at the URL below.
>http://www.icsalabs.org/html/communities/firewalls/certification/criteria/criteria_4.0.shtml
>
>So far, the following companies and products have achieved ICSA Labs'
>4.0 certification for corporate firewalls: Nortel Networks' Alteon
>Switched Firewall, Novell's BorderManager, Check Point Software
>Technologies' Check Point FireWall-1 Next Generation Linux FP-3, Cisco
>Systems' PIX Firewall Family, CyberGuard Premium Firewall Appliance,
>Global Technology Associates' (GTA's) GTA Firewall Family, Intoto's
>iGateway, Fortinet's FortiGate-300, and NetScreen Technologies'
>NetScreen Family. Other companies are in the process of certifying
>their corporate firewalls under the new criteria.
>
>To date, ICSA Labs hasn't certified any level 4.0 business products
>and has certified only two level 4.0 residential products (both
>hardware-based)--Jungo's OpenRG and RIAS's GreatSpeed GS-1540G. For a
>list of all ICSA Labs certified firewalls, visit the URL below.
>http://www.icsalabs.org/html/communities/firewalls/newsite/cert.shtml
>
>In general, the new multilevel certification criteria make sense.
>Usually, a residential user's firewall doesn't need to meet the same
>overall requirements as a firewall that protects a large corporate
>network. For example, a residential firewall often doesn't need the
>same remote administration capabilities that a business or corporate
>firewall needs. ICSA Labs' new approach to certification should give
>developers more flexibility by providing a way to certify products
>that serve different target users.
>
>~~~~~~~~~~~~~~~~~~~~
>
>~~~~ SPONSOR: FREE DOWNLOAD - CONTROL PCS OVER THE INTERNET ~~~~
>Control, access and support PCs over the Internet, LANs, WANs, or
>modems - just as if you were in front of them. NetOp Remote Control,
>winner of PC Magazine's Editors' Choice, now offers professionals even
>more options like support for Linux, Solaris and Symbian as well as
>all Windows platforms; a new inventory feature; additional security
>options; and better integration with management suites such as SMS and
>HP Openview. Click for a fully-functional NetOp evaluation copy:
>http://list.winnetmag.com/cgi-bin3/flo?y=eOtT0CJgSH0CBw0pVP0AZ
>~~~~~~~~~~~~~~~~~~~~
>
>2. ==== SECURITY RISKS ====
>(contributed by Ken Pfeil, ken@winnetmag.com)
>
>* DoS IN MICROSOFT OUTLOOK 2002
>Richard Lawley discovered a Denial of Service (DoS) vulnerability
>in Microsoft Outlook 2002. This vulnerability stems from a fault in
>the way Outlook 2002 processes email header information. To crash a
>vulnerable client, an attacker can send a message that contains
>specific header information. The client will remain affected until you
>delete the message from the server. Microsoft has released Security
>Bulletin MS02-067 (E-mail Header Processing Flaw Could Cause Outlook
>2002 to Fail) to address this vulnerability and recommends that
>affected users apply the appropriate patch mentioned in the bulletin.
>http://www.secadministrator.com/articles/index.cfm?articleid=27503
>
>* CROSS-DOMAIN SECURITY VULNERABILITY IN MICROSOFT IE
>GreyMagic Software and Thor Larholm discovered that a new Microsoft
>Internet Explorer (IE) vulnerability can permit an attacker to perform
>any action on the vulnerable computer that the user can perform. The
>cause of this vulnerability is a flaw in the way IE handles
>cross-domain security checks. Microsoft has released Security Bulletin
>MS02-068 (Cumulative Patch for Internet Explorer) to address this
>vulnerability and recommends that affected users immediately apply the
>appropriate patch mentioned in the bulletin. This cumulative patch
>also addresses all previously discovered vulnerabilities in IE.
>http://www.secadministrator.com/articles/index.cfm?articleid=27504
>
>3. ==== ANNOUNCEMENTS ====
>(brought to you by Windows & .NET Magazine and its partners)
>
>* THE MICROSOFT MOBILITY TOUR IS COMING SOON TO A CITY NEAR YOU!
>Brought to you by Windows & .NET Magazine, this outstanding
>seven-city event will help support your growing mobile workforce.
>Industry guru Paul Thurrott discusses the coolest mobility hardware
>solutions around, demonstrates how to increase the productivity of
>your "road warriors" with the unique features of Windows XP and Office
>XP, and much more. There is no charge for these live events, but space
>is limited so register today!
>http://list.winnetmag.com/cgi-bin3/flo?y=eOtT0CJgSH0CBw06Kw0A4
>
>* GET THE NEW WINDOWS & .NET MAGAZINE NETWORK SUPER CD/VIP!
>Everyone can appreciate a bargain in today's economy. That's why
>we've introduced the Windows & .NET Magazine Super CD/VIP Web site.
>You get exclusive subscriber-only access to all our publications
>through our new VIP Web site. Plus, you get Super CDs delivered twice
>a year, and we'll even throw in a 1-year print subscription to the
>magazine! The Super CD/VIP is a $545 value for just $279. Subscribe
>today!
>http://list.winnetmag.com/cgi-bin3/flo?y=eOtT0CJgSH0CBw06oc0AL
>
>4. ==== SECURITY ROUNDUP ====
>
>* NEWS: IMLOGIC AND CYPHERGUARD TEAM TO BETTER SECURE IM
>IMlogic and CypherGuard announced that they've teamed to help
>secure Instant Messaging (IM) software. The companies will release a
>business suite that includes IMlogic's IM Manager and CypherGuard's
>encryption tools. The suite will provide auditing, archiving, and
>compliance capabilities along with strong encryption capabilities to
>secure messages and files that IM clients transmit. The new suite will
>work with MSN Messenger, Yahoo Messenger, ICQ, and AOL Instant
>Messenger.
>http://www.secadministrator.com/articles/index.cfm?articleid=27474
>
>* NEWS: GFI OFFERS WEBMONITOR FOR ISA SERVER 2000 AS FREEWARE
>GFI announced that it has released its WebMonitor product (formerly
>known as GFI Real Time Monitor for ISA Server) as freeware. WebMonitor
>works with Microsoft Internet Security and Acceleration (ISA) Server
>2000 to monitor all current and recent HTTP and FTP connections that
>are active through the server. Administrators can use WebMonitor to
>monitor users' Internet activities and bandwidth usage.
>http://www.secadministrator.com/articles/index.cfm?articleid=27475
>
>* FEATURE: MICROSOFT ADDRESSES INHERENT SECURITY OF WINDOWS
>At COMDEX Fall 2002, Paul Thurrott sat down with Mike Nash, vice
>president of Microsoft's Security Business Unit, to discuss various
>security concerns. Nash comments on the overall security of what he
>calls the Microsoft environment, which includes not just Windows, but
>all of Microsoft's core products, such as Visual Studio.NET and
>Microsoft Office. Read the article to learn what Nash had to say about
>Windows security.
>http://www.secadministrator.com/articles/index.cfm?articleid=27472
>
>5. ==== HOT RELEASE (ADVERTISEMENT) ====
>
>* ALERT: "OUTSMART THE TOP 14 WEB APPLICATION HACKS"
>Learn why 70% of today's successful hacks involve Web Application
>attacks such as: SQL Injection, XSS and Session Hijacking. All
>undetectable by Firewalls and IDS! FREE 15 Day Product Trial and
>Comprehensive Vulnerability Report
>http://list.winnetmag.com/cgi-bin3/flo?y=eOtT0CJgSH0CBw06u70Ah
>
>6. ==== INSTANT POLL ====
>
>* RESULTS OF PREVIOUS POLL: USING OPEN-SOURCE PRODUCTS
>The voting has closed in Windows & .NET Magazine's Security
>Administrator Channel nonscientific Instant Poll for the question, "Do
>you use open-source products on your network?" Here are the results
>(+/- 2 percent) from the 393 votes:
>- 74% Yes
>- 22% No
>-2% Not sure
>-2% We plan to
>
>* NEW INSTANT POLL: ICSA FIREWALL CERTIFICATION
>The next Instant Poll question is, "Do you consider ICSA Labs
>Certification as a factor when you select a firewall?" Go to the
>Security Administrator Channel home page and submit your vote for a)
>Yes, b) No, c) No, but we will.
>http://www.secadministrator.com
>
>7. ==== SECURITY TOOLKIT ====
>
>* VIRUS CENTER
>Panda Software and the Windows & .NET Magazine Network have teamed
>to bring you the Center for Virus Control. Visit the site often to
>remain informed about the latest threats to your system security.
>http://www.secadministrator.com/panda
>
>- Virus Alert: W32/CIH.1106
>W32/CIH.1106 is a virus that activates on the second day of any
>given month. The virus deletes BIOS information and contents of a
>system's installed hard drives. On Windows Me, Windows 98, and Win95
>systems, the virus infects executable files with an .exe extension.
>For complete details about the virus, visit our Web site at the URL
>below.
>http://63.88.172.127/panda/index.cfm?fuseaction=virus&virusid=1307
>
>* FAQ: HOW CAN I HIDE CORE ICONS FROM THE WINDOWS XP DESKTOP?
>( contributed by John Savill, http://www.windows2000faq.com )
>
>A. In earlier Windows versions, you could use a variety of registry
>changes or Microsoft's Tweak UI utility to hide core icons such as My
>Computer and Network Places from the desktop. With XP, Microsoft
>provides an interface in the core product that lets you accomplish the
>same task. To hide core icons from the desktop, perform the following
>steps:
>1. Start the Control Panel Display applet (go to Start, Control
>Panel, Display).
>2. Select the Desktop tab.
>3. Click Customize Desktop.
>4. Select the General tab.
>5. Under the "Desktop icons" section, clear the check boxes next to
>any icons that you don't want to appear on the desktop.
>
>8. ==== NEW AND IMPROVED ====
>(contributed by Sue Cooper, products@winnetmag.com)
>
>* CONTROL SPAM WITH FIREWALL APPLIANCE
>BorderWare Technologies announced MXtreme Mail Firewall, a line of
>three rack-mount devices (for small-, medium-, or large-volume sites)
>designed for deployment between your internal mail server and the
>Internet. MXtreme Mail Firewalls now offer spam filtering based on
>five layers of defense, including Statistical Token Analysis (STA),
>which derives common indicators of spam and incorporates adaptive
>local learning. Radius support lets Windows 2000 Active Directory (AD)
>and Windows NT domain controllers (DCs) authenticate remote users. For
>pricing or more information, contact BorderWare at 905-853-5550,
>877-814-7900, and sales@mxtreme.com.
>http://www.borderware.com
>
>* LOCATE AND REMOVE INFESTATIONS
>PestPatrol released PestPatrol 4.0, nonviral malicious code
>scanning software that protects your local and remote client systems
>without the need to install and manage software on every workstation.
>New features include intelligent reporting, generic keylogger
>detection and removal, automated spyware cookie detection and removal,
>diagnostic tools, and an expanded detection database of more than
>60,000 pests. PestPatrol 4.0 supports Windows XP, Windows 2000,
>Windows NT, Windows Me, and Windows 98. Contact vendor for pricing at
>717-243-6588 and info@pestpatrol.com.
>http://www.pestpatrol.com
>
>* SUBMIT TOP PRODUCT IDEAS
>Have you used a product that changed your IT experience by saving
>you time or easing your daily burden? Do you know of a terrific
>product that others should know about? Tell us! We want to write about
>the product in a future What's Hot column. Send your product
>suggestions to whatshot@winnetmag.com.
>
>9. ==== HOT THREADS ====
>
>* WINDOWS & .NET MAGAZINE ONLINE FORUMS
>http://www.winnetmag.com/forums
>
>Featured Thread: Netstat Output
>(Fourteen messages in this thread)
>
>A user writes that when he views the TCP and UDP ports by using the
>"netstat -a" command, he always finds an entry for a TCP port 1638
>with a foreign address for a Web site called "Ultimate Search." He
>wants to know why his computer is communicating with that site and how
>to close ports so that unwanted communications don't take place. Lend
>a hand or read the responses:
>http://www.winnetmag.com/forums/rd.cfm?cid=42&tid=49906
>
>10. ==== CONTACT US ====
>Here's how to reach us with your comments and questions:
>
>* ABOUT IN FOCUS -- mark@ntsecurity.net
>
>* ABOUT THE NEWSLETTER IN GENERAL -- letters@winnetmag.com (please
>mention the newsletter name in the subject line)
>
>* TECHNICAL QUESTIONS -- http://www.winnetmag.com/forums
>
>* PRODUCT NEWS -- products@winnetmag.com
>
>* QUESTIONS ABOUT YOUR SECURITY UPDATE SUBSCRIPTION? Customer
>Support -- securityupdate@winnetmag.com
>
>* WANT TO SPONSOR SECURITY UPDATE? emedia_opps@winnetmag.com
>
>********************
>
>This email newsletter is brought to you by Security Administrator,
>the print newsletter with independent, impartial advice for IT
>administrators securing a Windows 2000/Windows NT enterprise.
>Subscribe today!
>http://www.secadministrator.com/sub.cfm?code=saei25xxup
>
>Receive the latest information about the Windows and .NET topics of
>your choice. Subscribe to our other FREE email newsletters.
>http://www.winnetmag.com/email
>
>|-+-|-+-|-+-|-+-|-+-|
>
>Thank you for reading Security UPDATE.
>
>
>Lieutenant Darkstorm777
>C/O Database Administrator of Red-Library
>
>Contact
>
>

cMS:darkstorm777 >
Email: darkstorm777@chicago2600.net >
Webpage: >
- Red-Library >
- Chicago2600 >
>
IRC Servers >irc.cyberarmy.com >
- #readyresponse >
- #redlib >
>irc.chicago2600.net >
- #chicago2600 >
- #opers >
>

>
>Click to check out my Gallery at Renderosity here
>

Lt.KernelFantasy
C/O Web Site Management Division (#455)

Contact

Replies:

Security UPDATE, December 11, 2002 - Lt Darkstorm777 2002-12-12 22:06:39
- >For more updates - Lt FanTasY 2002-12-12 22:14:25 <

Guest:
Subject:
Message:	On 2002-12-12 22:14:25, FanTasY wrote >Check Reds official Security News: >http://readyresponse.dynu.com/red-security/ltstnews.htm >which is updated once very 2 days :) > >-+ Fantasy +- > > >On 2002-12-12 22:06:39, Darkstorm777 wrote >>****************** >>Windows & .NET Magazine Security UPDATE--brought to you by Security >>Administrator, a print newsletter bringing you practical, how-to >>articles about securing your Windows .NET Server, Windows 2000, and >>Windows NT systems. >>http://www.secadministrator.com >>****************** >> >>~~~~ THIS ISSUE SPONSORED BY ~~~~ >> >>FREE eBook on W2K and AD Administration >>http://list.winnetmag.com/cgi-bin3/flo?y=eOtT0CJgSH0CBw06u60Ag >> >>FREE DOWNLOAD - Control PCs over the Internet >>http://list.winnetmag.com/cgi-bin3/flo?y=eOtT0CJgSH0CBw0pVP0AZ >>(below IN FOCUS) >> >>~~~~~~~~~~~~~~~~~~~~ >> >>~~~~ SPONSOR: FREE EBOOK ON W2K AND AD ADMINISTRATION ~~~~ >>Experience greater administrative control and security of Active >>Directory and Exchange with Aelita Enterprise Directory Manager. EDM's >>secure "Rules & Roles" enhances Exchange and Active Directory >>management allowing integration of Active Directory, Exchange 5.5 & >>2000, and HR applications. The result is secure, integrated workflow >>for employee identity management and provisioning. Start with your >>FREE eBook today! >>http://list.winnetmag.com/cgi-bin3/flo?y=eOtT0CJgSH0CBw06u60Ag >>~~~~~~~~~~~~~~~~~~~~ >> >>December 11, 2002--In this issue: >> >>1. IN FOCUS >>- New Certification Standards for Firewalls >> >>2. SECURITY RISKS >>- DoS in Microsoft Outlook 2002 >>- Cross-Domain Security Vulnerability in Microsoft IE >> >>3. ANNOUNCEMENTS >>- The Microsoft Mobility Tour Is Coming Soon to a City Near You! >>- Get the New Windows & .NET Magazine Network Super CD/VIP! >> >>4. SECURITY ROUNDUP >>- News: IMlogic and CypherGuard Team to Better Secure IM >>- News: GFI Offers WebMonitor for ISA Server 2000 as Freeware >>- Feature: Microsoft Addresses Inherent Security of Windows >> >>5. HOT RELEASE (ADVERTISEMENT) >>- ALERT: "Outsmart the Top 14 Web Application Hacks" >> >>6. INSTANT POLL >>- Results of Previous Poll: Using Open-Source Products >>- New Instant Poll: ICSA Firewall Certification >> >>7. SECURITY TOOLKIT >>- Virus Center >>- Virus Alert: W32/CIH.1106 >>- FAQ: How Can I Hide Core Icons from the Windows XP Desktop? >> >>8. NEW AND IMPROVED >>- Control Spam with Firewall Appliance >>- Locate and Remove Infestations >>- Submit Top Product Ideas >> >>9. HOT THREADS >>- Windows & .NET Magazine Online Forums >>- Featured Thread: Netstat Output >> >>10. CONTACT US >>See this section for a list of ways to contact us. >> >>~~~~~~~~~~~~~~~~~~~~ >> >>1. ==== IN FOCUS ==== >>(contributed by Mark Joseph Edwards, News Editor, >>mark@ntsecurity.net) >> >>* NEW CERTIFICATION STANDARDS FOR FIREWALLS >> >>ICSA Labs (see the URL below), a division of TruSecure, offers >>firewall certification by testing firewalls against a defined set of >>criteria. Firewall products that meet the criteria can claim ISCA Labs >>Certification. In the past, ICSA Labs has used one set of criteria to >>certify all firewall products, whether those firewalls were designed >>for large corporations, small businesses, or residential users. >>http://www.icsalabs.org >> >>ICSA Labs has now developed "Modular Firewall Certification Criteria >>4.0." The criteria include a base set of requirements--plus three >>other sets of requirements that differ based on the firewall's target >>market. According to ICSA Labs, "Version 4.0 is the culmination of >>over a year and half of work with industry experts, end users and the >>Firewall Product Developers Consortium - an international forum of >>competing developers of firewall products that works toward common >>goals to benefit both members and end users. Version 4.0 reflects the >>different functional requirements in today's multi-segmented firewall >>market." >> >>The base criteria module--applicable to all firewalls--requires that >>firewalls adhere to specific logging requirements, provide certain >>administrative capabilities, and maintain security policy persistence. >>The firewalls must also pass functional tests to prove that their >>policies and administration features work as intended, that they >>prevent unauthorized access to administrative functions, that they >>aren't vulnerable to evolving sets of attacks, and that they don't >>introduce vulnerabilities through their integration into a network. >>The firewalls must also pass tests that demonstrate their resistance >>to trivial Denial of Service (DoS) attacks and their ability, if they >>fail, to fail in a way that stops all network traffic to protect the >>networks they guard. And, of course, the firewalls must also have >>thorough, accurate documentation in such areas as installation, >>administration, and maintenance. >> >>The other three criteria sets (corporate, business, and residential) >>have a few overlapping requirements, such as the default policy's >>allowed inbound and outbound protocols and remote administration >>capabilities. However, beyond those overlapping elements, the >>requirements differ significantly according to target market. As you >>might expect, the corporate firewall requirements are more stringent >>than those for business firewalls, and those for business firewalls >>more stringent that those for residential firewalls. The differences >>among the three modules lie mostly in the areas of logging, >>administration, and time/date persistence. Overall, the requirements >>for any type of firewall are stricter than the previous requirements >>ICSA Labs used. You can read about the exact criteria for each >>firewall type at the URL below. >>http://www.icsalabs.org/html/communities/firewalls/certification/criteria/criteria_4.0.shtml >> >>So far, the following companies and products have achieved ICSA Labs' >>4.0 certification for corporate firewalls: Nortel Networks' Alteon >>Switched Firewall, Novell's BorderManager, Check Point Software >>Technologies' Check Point FireWall-1 Next Generation Linux FP-3, Cisco >>Systems' PIX Firewall Family, CyberGuard Premium Firewall Appliance, >>Global Technology Associates' (GTA's) GTA Firewall Family, Intoto's >>iGateway, Fortinet's FortiGate-300, and NetScreen Technologies' >>NetScreen Family. Other companies are in the process of certifying >>their corporate firewalls under the new criteria. >> >>To date, ICSA Labs hasn't certified any level 4.0 business products >>and has certified only two level 4.0 residential products (both >>hardware-based)--Jungo's OpenRG and RIAS's GreatSpeed GS-1540G. For a >>list of all ICSA Labs certified firewalls, visit the URL below. >>http://www.icsalabs.org/html/communities/firewalls/newsite/cert.shtml >> >>In general, the new multilevel certification criteria make sense. >>Usually, a residential user's firewall doesn't need to meet the same >>overall requirements as a firewall that protects a large corporate >>network. For example, a residential firewall often doesn't need the >>same remote administration capabilities that a business or corporate >>firewall needs. ICSA Labs' new approach to certification should give >>developers more flexibility by providing a way to certify products >>that serve different target users. >> >>~~~~~~~~~~~~~~~~~~~~ >> >>~~~~ SPONSOR: FREE DOWNLOAD - CONTROL PCS OVER THE INTERNET ~~~~ >>Control, access and support PCs over the Internet, LANs, WANs, or >>modems - just as if you were in front of them. NetOp Remote Control, >>winner of PC Magazine's Editors' Choice, now offers professionals even >>more options like support for Linux, Solaris and Symbian as well as >>all Windows platforms; a new inventory feature; additional security >>options; and better integration with management suites such as SMS and >>HP Openview. Click for a fully-functional NetOp evaluation copy: >>http://list.winnetmag.com/cgi-bin3/flo?y=eOtT0CJgSH0CBw0pVP0AZ >>~~~~~~~~~~~~~~~~~~~~ >> >>2. ==== SECURITY RISKS ==== >>(contributed by Ken Pfeil, ken@winnetmag.com) >> >>* DoS IN MICROSOFT OUTLOOK 2002 >>Richard Lawley discovered a Denial of Service (DoS) vulnerability >>in Microsoft Outlook 2002. This vulnerability stems from a fault in >>the way Outlook 2002 processes email header information. To crash a >>vulnerable client, an attacker can send a message that contains >>specific header information. The client will remain affected until you >>delete the message from the server. Microsoft has released Security >>Bulletin MS02-067 (E-mail Header Processing Flaw Could Cause Outlook >>2002 to Fail) to address this vulnerability and recommends that >>affected users apply the appropriate patch mentioned in the bulletin. >>http://www.secadministrator.com/articles/index.cfm?articleid=27503 >> >>* CROSS-DOMAIN SECURITY VULNERABILITY IN MICROSOFT IE >>GreyMagic Software and Thor Larholm discovered that a new Microsoft >>Internet Explorer (IE) vulnerability can permit an attacker to perform >>any action on the vulnerable computer that the user can perform. The >>cause of this vulnerability is a flaw in the way IE handles >>cross-domain security checks. Microsoft has released Security Bulletin >>MS02-068 (Cumulative Patch for Internet Explorer) to address this >>vulnerability and recommends that affected users immediately apply the >>appropriate patch mentioned in the bulletin. This cumulative patch >>also addresses all previously discovered vulnerabilities in IE. >>http://www.secadministrator.com/articles/index.cfm?articleid=27504 >> >>3. ==== ANNOUNCEMENTS ==== >>(brought to you by Windows & .NET Magazine and its partners) >> >>* THE MICROSOFT MOBILITY TOUR IS COMING SOON TO A CITY NEAR YOU! >>Brought to you by Windows & .NET Magazine, this outstanding >>seven-city event will help support your growing mobile workforce. >>Industry guru Paul Thurrott discusses the coolest mobility hardware >>solutions around, demonstrates how to increase the productivity of >>your "road warriors" with the unique features of Windows XP and Office >>XP, and much more. There is no charge for these live events, but space >>is limited so register today! >>http://list.winnetmag.com/cgi-bin3/flo?y=eOtT0CJgSH0CBw06Kw0A4 >> >>* GET THE NEW WINDOWS & .NET MAGAZINE NETWORK SUPER CD/VIP! >>Everyone can appreciate a bargain in today's economy. That's why >>we've introduced the Windows & .NET Magazine Super CD/VIP Web site. >>You get exclusive subscriber-only access to all our publications >>through our new VIP Web site. Plus, you get Super CDs delivered twice >>a year, and we'll even throw in a 1-year print subscription to the >>magazine! The Super CD/VIP is a $545 value for just $279. Subscribe >>today! >>http://list.winnetmag.com/cgi-bin3/flo?y=eOtT0CJgSH0CBw06oc0AL >> >>4. ==== SECURITY ROUNDUP ==== >> >>* NEWS: IMLOGIC AND CYPHERGUARD TEAM TO BETTER SECURE IM >>IMlogic and CypherGuard announced that they've teamed to help >>secure Instant Messaging (IM) software. The companies will release a >>business suite that includes IMlogic's IM Manager and CypherGuard's >>encryption tools. The suite will provide auditing, archiving, and >>compliance capabilities along with strong encryption capabilities to >>secure messages and files that IM clients transmit. The new suite will >>work with MSN Messenger, Yahoo Messenger, ICQ, and AOL Instant >>Messenger. >>http://www.secadministrator.com/articles/index.cfm?articleid=27474 >> >>* NEWS: GFI OFFERS WEBMONITOR FOR ISA SERVER 2000 AS FREEWARE >>GFI announced that it has released its WebMonitor product (formerly >>known as GFI Real Time Monitor for ISA Server) as freeware. WebMonitor >>works with Microsoft Internet Security and Acceleration (ISA) Server >>2000 to monitor all current and recent HTTP and FTP connections that >>are active through the server. Administrators can use WebMonitor to >>monitor users' Internet activities and bandwidth usage. >>http://www.secadministrator.com/articles/index.cfm?articleid=27475 >> >>* FEATURE: MICROSOFT ADDRESSES INHERENT SECURITY OF WINDOWS >>At COMDEX Fall 2002, Paul Thurrott sat down with Mike Nash, vice >>president of Microsoft's Security Business Unit, to discuss various >>security concerns. Nash comments on the overall security of what he >>calls the Microsoft environment, which includes not just Windows, but >>all of Microsoft's core products, such as Visual Studio.NET and >>Microsoft Office. Read the article to learn what Nash had to say about >>Windows security. >>http://www.secadministrator.com/articles/index.cfm?articleid=27472 >> >>5. ==== HOT RELEASE (ADVERTISEMENT) ==== >> >>* ALERT: "OUTSMART THE TOP 14 WEB APPLICATION HACKS" >>Learn why 70% of today's successful hacks involve Web Application >>attacks such as: SQL Injection, XSS and Session Hijacking. All >>undetectable by Firewalls and IDS! FREE 15 Day Product Trial and >>Comprehensive Vulnerability Report >>http://list.winnetmag.com/cgi-bin3/flo?y=eOtT0CJgSH0CBw06u70Ah >> >>6. ==== INSTANT POLL ==== >> >>* RESULTS OF PREVIOUS POLL: USING OPEN-SOURCE PRODUCTS >>The voting has closed in Windows & .NET Magazine's Security >>Administrator Channel nonscientific Instant Poll for the question, "Do >>you use open-source products on your network?" Here are the results >>(+/- 2 percent) from the 393 votes: >>- 74% Yes >>- 22% No >>-2% Not sure >>-2% We plan to >> >>* NEW INSTANT POLL: ICSA FIREWALL CERTIFICATION >>The next Instant Poll question is, "Do you consider ICSA Labs >>Certification as a factor when you select a firewall?" Go to the >>Security Administrator Channel home page and submit your vote for a) >>Yes, b) No, c) No, but we will. >>http://www.secadministrator.com >> >>7. ==== SECURITY TOOLKIT ==== >> >>* VIRUS CENTER >>Panda Software and the Windows & .NET Magazine Network have teamed >>to bring you the Center for Virus Control. Visit the site often to >>remain informed about the latest threats to your system security. >>http://www.secadministrator.com/panda >> >>- Virus Alert: W32/CIH.1106 >>W32/CIH.1106 is a virus that activates on the second day of any >>given month. The virus deletes BIOS information and contents of a >>system's installed hard drives. On Windows Me, Windows 98, and Win95 >>systems, the virus infects executable files with an .exe extension. >>For complete details about the virus, visit our Web site at the URL >>below. >>http://63.88.172.127/panda/index.cfm?fuseaction=virus&virusid=1307 >> >>* FAQ: HOW CAN I HIDE CORE ICONS FROM THE WINDOWS XP DESKTOP? >>( contributed by John Savill, http://www.windows2000faq.com ) >> >>A. In earlier Windows versions, you could use a variety of registry >>changes or Microsoft's Tweak UI utility to hide core icons such as My >>Computer and Network Places from the desktop. With XP, Microsoft >>provides an interface in the core product that lets you accomplish the >>same task. To hide core icons from the desktop, perform the following >>steps: >>1. Start the Control Panel Display applet (go to Start, Control >>Panel, Display). >>2. Select the Desktop tab. >>3. Click Customize Desktop. >>4. Select the General tab. >>5. Under the "Desktop icons" section, clear the check boxes next to >>any icons that you don't want to appear on the desktop. >> >>8. ==== NEW AND IMPROVED ==== >>(contributed by Sue Cooper, products@winnetmag.com) >> >>* CONTROL SPAM WITH FIREWALL APPLIANCE >>BorderWare Technologies announced MXtreme Mail Firewall, a line of >>three rack-mount devices (for small-, medium-, or large-volume sites) >>designed for deployment between your internal mail server and the >>Internet. MXtreme Mail Firewalls now offer spam filtering based on >>five layers of defense, including Statistical Token Analysis (STA), >>which derives common indicators of spam and incorporates adaptive >>local learning. Radius support lets Windows 2000 Active Directory (AD) >>and Windows NT domain controllers (DCs) authenticate remote users. For >>pricing or more information, contact BorderWare at 905-853-5550, >>877-814-7900, and sales@mxtreme.com. >>http://www.borderware.com >> >>* LOCATE AND REMOVE INFESTATIONS >>PestPatrol released PestPatrol 4.0, nonviral malicious code >>scanning software that protects your local and remote client systems >>without the need to install and manage software on every workstation. >>New features include intelligent reporting, generic keylogger >>detection and removal, automated spyware cookie detection and removal, >>diagnostic tools, and an expanded detection database of more than >>60,000 pests. PestPatrol 4.0 supports Windows XP, Windows 2000, >>Windows NT, Windows Me, and Windows 98. Contact vendor for pricing at >>717-243-6588 and info@pestpatrol.com. >>http://www.pestpatrol.com >> >>* SUBMIT TOP PRODUCT IDEAS >>Have you used a product that changed your IT experience by saving >>you time or easing your daily burden? Do you know of a terrific >>product that others should know about? Tell us! We want to write about >>the product in a future What's Hot column. Send your product >>suggestions to whatshot@winnetmag.com. >> >>9. ==== HOT THREADS ==== >> >>* WINDOWS & .NET MAGAZINE ONLINE FORUMS >>http://www.winnetmag.com/forums >> >>Featured Thread: Netstat Output >>(Fourteen messages in this thread) >> >>A user writes that when he views the TCP and UDP ports by using the >>"netstat -a" command, he always finds an entry for a TCP port 1638 >>with a foreign address for a Web site called "Ultimate Search." He >>wants to know why his computer is communicating with that site and how >>to close ports so that unwanted communications don't take place. Lend >>a hand or read the responses: >>http://www.winnetmag.com/forums/rd.cfm?cid=42&tid=49906 >> >>10. ==== CONTACT US ==== >>Here's how to reach us with your comments and questions: >> >>* ABOUT IN FOCUS -- mark@ntsecurity.net >> >>* ABOUT THE NEWSLETTER IN GENERAL -- letters@winnetmag.com (please >>mention the newsletter name in the subject line) >> >>* TECHNICAL QUESTIONS -- http://www.winnetmag.com/forums >> >>* PRODUCT NEWS -- products@winnetmag.com >> >>* QUESTIONS ABOUT YOUR SECURITY UPDATE SUBSCRIPTION? Customer >>Support -- securityupdate@winnetmag.com >> >>* WANT TO SPONSOR SECURITY UPDATE? emedia_opps@winnetmag.com >> >>******************** >> >>This email newsletter is brought to you by Security Administrator, >>the print newsletter with independent, impartial advice for IT >>administrators securing a Windows 2000/Windows NT enterprise. >>Subscribe today! >>http://www.secadministrator.com/sub.cfm?code=saei25xxup >> >>Receive the latest information about the Windows and .NET topics of >>your choice. Subscribe to our other FREE email newsletters. >>http://www.winnetmag.com/email >> >>\|-+-\|-+-\|-+-\|-+-\|-+-\| >> >>Thank you for reading Security UPDATE. >> >> >>[img=http://www.chicago2600.net/lt.gif]CyberArmy Lt Badge[/img][url=http://www.cyberarmy.com/finger/darkstorm777][color=#FF0000][b]Lieutenant Darkstorm777[/b][/url][/color] >>[url=http://www.cyberarmy.com/brigades/441.html][color=#FF0000][i][b]C/O Database Administrator of Red-Library[/b][/i][/color][/url] >> >>[img=http://hisim.get-hosted.de/contact.gif]Contact Information[/img][color=#FF0000][b]Contact[/b][/color] >> >>[list] >>[][small]cMS:[url=http://www.cyberarmy.com/office/cMS/compose/darkstorm777?subject=forum-reply]darkstorm777[/url][/small] >>[][small]Email: [email]darkstorm777@chicago2600.net[/email][/small] >>[][small]Webpage:[/small] >>[list] >>[][small][url=http://library.red-division.org/]Red-Library[/url][/small] >>[][small][url=http://www.chicago2600.net]Chicago2600[/url][/small] >>[/list] >>[][small][b]IRC Servers[/b][/small] >>[small]irc.cyberarmy.com[/small] >>[list] >>[][small]#readyresponse[/small] >>[][small]#redlib[/small] >>[/list] >>[small]irc.chicago2600.net[/small] >>[list] >>[][small]#chicago2600[/small] >>[][small]#opers[/small] >>[/list] >>[/list] >> >>[small][url=http://www.renderosity.com/gallery.ez?ByArtist=Y&Artist=daemonknight]Click to check out my Gallery at Renderosity here[/url][/small] >> > > >[b][img=http://www.cyberarmy.com/includes/cbadges/ltcol.gif]Lieutenant Kernel[/img] Lt.Kernel[color=red]Fantasy[/b] >[i][b]C/O[/b] Web Site Management Division (#455)[/i] >[/color] >[b]Contact[/b][list] >[]cMS - [url=http://www.cyberarmy.com/office/cMS/compose/Fantasy][color=red]Fantasy[/color][/url] >[]E-Mail - [email=ciri@VirtuaX.be][color=red]Fantasy's mail[/color][/email] >[]MSN - [url=http://messenger.msn.com][color=red]ciribeertje@hotmail.com[/color][/url] >[]ICQ - [url=http://www.icq.com][color=red]39128200[/color][/url] >[/list]
Signature:
Optional Image Link:
http://

CyberArmy::Forum v0.6
Generated In 0.02119 seconds