[prev in list] [next in list] [prev in thread] [next in thread] 

List:       isn
Subject:    [ISN] Security UPDATE, November 28, 2001
From:       InfoSec News <isn () c4i ! org>
Date:       2001-11-29 7:59:46
[Download RAW message or body]

********************

Windows 2000 Magazine Security UPDATE--brought to you by Security
Administrator, a print newsletter bringing you practical, how-to
articles about securing your Windows 2000 and NT systems.
   http://www.secadministrator.com

********************

~~~~ THIS ISSUE SPONSORED BY ~~~~

IBM Infrastructure
   http://lists.win2000mag.net/cgi-bin3/flo?y=eJIE0CJgSH0BVg0olx0Aa 

Lieberman & Associates New User Manager Pro!!
   http://lists.win2000mag.net/cgi-bin3/flo?y=eJIE0CJgSH0BVg0oly0Ab 
   (below IN FOCUS)

~~~~~~~~~~~~~~~~~~~~

~~~~ SPONSOR: IBM INFRASTRUCTURE ~~~~
   Not worried about hackers? You should be. Because they can put your 
e-business out of business. If your customers don't feel comfortable 
dealing with you online, they'll work with someone else. With IBM 
infrastructure, you'll have the security your company needs to operate 
effectively and to keep your clients comfortable. Your networks and 
servers are the backbone of your company. It's time you treated them 
that way. In today's ever-changing e-environment, keeping network 
security tight is something that can't be ignored. So is keeping your 
clients happy. Find out more from our latest security white paper 
today.
   Download at: http://lists.win2000mag.net/cgi-bin3/flo?y=eJIE0CJgSH0BVg0olx0Aa 

********************

November 28, 2001--In this issue:

1. IN FOCUS
     - Everything Is Fallible in Its Own Way

2. ANNOUNCEMENTS
     - Zero-Cost Conference for IT Professionals!
     - Get the First Issue of WebSphere Professional Free!

3. SECURITY ROUNDUP
     - News: New Cyclone Programming Language: Bugs Be Gone!

4. HOT RELEASE (ADVERTISEMENT)
     - Sponsored by VeriSign -- The Value of Trust

5. INSTANT POLL
     - Results of Previous Poll: Regulating Software Security
     - Instant Poll: Personal Firewalls

6. SECURITY TOOLKIT
     - Virus Center
          - Virus Alert: W32/Badtrans.B
     - FAQ: Why Does an EAP-TLS Resumed Session Generate Error 691?

7. NEW AND IMPROVED
     - Secure PDAs
     - Test the Vulnerability of Your Email System

8. HOT THREADS
     - Windows 2000 Magazine Online Forums
         - Featured Thread: IE 5.0 Update Files
     - HowTo Mailing List:
         - Featured Thread: Security Patch Distribution

9. CONTACT US
   See this section for a list of ways to contact us.

~~~~~~~~~~~~~~~~~~~~

1. ==== IN FOCUS ====

Hello everyone,

In the November 14, 2001 Security UPDATE, I mentioned a story about 
TruSecure's PC Firewall Certification program. TruSecure awarded 
certification to three firewalls: ZoneAlarm Pro, Tiny Personal Firewall 
for Windows 2000, and Norton Personal Firewall for Windows. You can 
read more about this story at the URL below.
   http://www.secadministrator.com/articles/index.cfm?articleid=23173

Shortly after we published that story, I received email from a reader 
who wrote that a group of researchers has discovered a weakness in 
ZoneAlarm: The firewall might not protect a system against attack under 
certain circumstances. Users can reproduce the problem, and the 
firewall-maker, Zone Labs, is aware of the problem. No patch is 
available yet, but help is on the way

I spoke with Zone Labs CEO and founder, Gregor Freund, who says the 
company expects to make a patch available within the next 2 weeks. 
Freund said that the company hasn't finished its research yet, so it 
isn't certain which legacy versions of the firewall the problem 
affects, but that the current version (2.6.362) is definitely 
vulnerable.

A glitch in multilevel communication is causing the vulnerability. 
ZoneAlarm uses high-level filtering to govern activity at the 
application level, and low-level, stateful-inspection filtering to 
handle activity at the lower layers of the network. The two filtering 
levels communicate with each other, and a bug in the related code might 
cause a monitoring oversight. Freund said that Zone Labs hopes to make 
the patch available before any exploit details become public knowledge. 
ZoneAlarm users can expect to see a pop-up notice when the patch 
becomes available. 
   http://www.zonealarm.com

Consumers need to be aware that even the most well-intentioned product 
makers and certification agencies are fallible, and users shouldn't 
adopt the opinion that these organizations' security solutions are 
totally secure.

We're conducting a new poll this week. If you use a personal firewall, 
we'd like to know  which one? ZoneAlarm, Tiny Personal Firewall, Norton 
Personal Firewall, Sygate, or another? Please stop by the Security 
Administrator home page and answer the poll!
   http://www.secadministrator.com 

Until next time, have a great week.

Mark Joseph Edwards, News Editor, mark@ntsecurity.net

********************

~~~~ SPONSOR: LIEBERMAN & ASSOCIATES NEW USER MANAGER PRO!! ~~~~
   Need to manage the registry security on thousands of machines? Want 
to do it in just a few clicks? With the updated User Manager Pro you 
can rapidly scan and report on all your subnets where you have 
administrative access. Scan machines for blank administrator password 
vulnerability. Award winning. Microsoft Gold Certified. Visit our web 
site and download a FREE TRIAL, full featured, 5 licenses:
   http://lists.win2000mag.net/cgi-bin3/flo?y=eJIE0CJgSH0BVg0oly0Ab 

2. ==== ANNOUNCEMENTS ====

* ZERO-COST CONFERENCE FOR IT PROFESSIONALS!
   IT-FREE is a no-cost information-technology conference delivering 30 
compelling educational sessions and CEO keynotes from AOL, Compaq, 
Genuity, Oracle, and RealNetworks. Whether you're replacing your IT 
infrastructure, assessing security needs, or simply unable to travel to 
more distant events, IT-FREE's conference program will inform and 
enlighten. Register today. 
   http://www.itfree.org

* GET THE FIRST ISSUE OF WEBSPHERE PROFESSIONAL FREE!
   WebSphere Professional magazine launches this winter, and you won't 
want to miss it! This solution-packed publication will help you plan 
effective development and deployment strategies, solve real problems 
encountered in enterprise-level Web application development and 
deployment, save time and money by acquiring the best tools and 
adopting the best practices, and so much more! Sign up to receive the 
FREE premiere issue of WebSphere Professional at the following URL.
   http://www.webspherepro.com

3. ==== SECURITY ROUNDUP ====

* NEW CYCLONE PROGRAMMING LANGUAGE: BUGS BE GONE!
   Cornell University and AT&T Labs are developing Cyclone, a new 
computer-programming language similar to C, but which makes introducing 
bugs into the code much more difficult. The developers claim that 
Cyclone's data representation and calling conventions are interoperable 
with C-like programming styles, which will simplify porting code to 
Cyclone.
   http://lists.win2000mag.net/cgi-bin3/flo?y=eJIE0CJgSH0BVg0olz0Ac

4. ==== HOT RELEASE (ADVERTISEMENT) ====

* SPONSORED BY VERISIGN -- THE VALUE OF TRUST
   Secure your servers with 128-bit SSL encryption! Grab your copy of 
VeriSign's FREE Guide, "Securing Your Web site for Business," and learn 
about using SSL to encrypt e-commerce transactions. Get it now!
   http://www.verisign.com/cgi-bin/go.cgi?a=n094456100057000 

5. ==== INSTANT POLL ====

* RESULTS OF PREVIOUS POLL: REGULATING SOFTWARE SECURITY
   The voting has closed in Windows 2000 Magazine's Security 
Administrator Channel nonscientific Instant Poll for the question, 
"Do faulty PC products increase the risk against national security--
should we regulate product-makers to help curb that risk?" a) Yes, b) 
No, or c) I'm not sure. Here are the results 
(+/-2 percent) from the 626 votes:
  72% a) Yes.
  22% b) No.
   6% c) I'm not sure.

* INSTANT POLL: PERSONAL FIREWALLS
   The current Instant Poll question is, "If you use a personal 
firewall, which one do you use?" a) ZoneAlarm, b) Tiny Personal 
Firewall, c) Norton Personal Firewall, d) Other. Go to the Security 
Administrator Channel home page and submit your vote.
   http://www.secadministrator.com 

6. ==== SECURITY TOOLKIT ====

* VIRUS CENTER
   Panda Software and the Windows 2000 Magazine Network have teamed to 
bring you the Center for Virus Control. Visit the site often to remain 
informed about the latest threats to your system security.
   http://www.secadministrator.com/panda

Virus Alert: W32/Badtrans.B
   Badtrans.B is a worm that spreads rapidly through email by using a 
file attachment whose name varies randomly. As with W32/Aliz, 
W32/Badtrans.B exploits a security problem in Internet Explorer (IE) 
5.01 and 5.5. The problem in IE lets Microsoft Outlook's preview pane 
activate the file. When the attachment executes, the worm copies itself 
to the Windows system directory and attempts to obtain data from the 
system. Learn more about this worm at the URL below. 
   http://63.88.172.96/panda/index.cfm?fuseaction=virus&virusid=1123

* FAQ: WHY DOES AN EAP-TLS RESUMED SESSION GENERATE ERROR 691?
   ( contributed by John Savill, http://www.windows2000faq.com )

A. Extensible Authentication Protocol-Transport Layer Security (EAP-
TLS) is a Point-to-Point Protocol (PPP) extension supporting additional 
authentication methods within PPP. TLS provides mutual authentication, 
integrity-protected cipher-suite negotiation, and key exchange between 
two endpoints.
   When you try to reconnect an EAP-TLS connection, the session 
sometimes stops working and returns error 691 Access was denied because 
the username and/or password was invalid on the domain. To work around 
the problem, wait at least 2 minutes before you try to reconnect. Note: 
If you're using smart cards for remote-access authentication in Windows 
2000, you must use the EAP-TLS authentication method. 
   http://www.windows2000faq.com

7. ==== NEW AND IMPROVED ====
   (contributed by Scott Firestone, IV, products@win2000mag.com)

* SECURE PDAS
   Trust Digital released PDASecure Policy Editor, software that works 
in conjunction with the company's PDASecure Enterprise security 
software. You can install PDASecure Policy Editor on a server in a 
network and install PDASecure Enterprise on each PDA. You can then use 
the software to push security policies to every PDA device. The 
software supports Pocket PC, the Palm OS, and PDAs running Microsoft 
Windows CE. For pricing, contact Trust Digital at 703-246-9198.
   http://www.trustdigital.com

* TEST THE VULNERABILITY OF YOUR EMAIL SYSTEM
   GFI announced the Email Security Testing Zone, a Web site that lets 
companies check the vulnerability of their email system. An 
organization can instantly discover whether its system is secure 
against current and future email threats, such as email messages 
containing infected attachments and malformed MIME headers, and HTML 
email messages with embedded scripts. Users submit their names and 
email addresses at GFI's Email Security Testing Zone, and GFI sends the 
users harmless tests to check their email system's vulnerability. 
Contact GFI at 919-388-3373 or 888-243-4329.
   http://www.gfi.com

8. ==== HOT THREADS ====

* WINDOWS 2000 MAGAZINE ONLINE FORUMS
   http://www.win2000mag.net/forums 

Featured Thread: IE 5.0 Update Files
   (Six messages in this thread)

Chris said he's updating Internet Explorer (IE) 5.0 with Service Pack 2 
(SP2) to close holes the Nimda worm exploits. However, he finds that 
the ie5setup.exe program is only an installer that pulls actual update 
files from a site on the Internet. This method is slow, and he wonders 
whether a way exists to download a copy of the entire update to a file 
or set of files so that he can more easily install it across his 
network. Can you help? Read the responses or lend a hand at the 
following URL:
   http://www.secadministrator.com/forums/thread.cfm?thread_id=79499

* HOWTO MAILING LIST
   http://www.secadministrator.com/listserv/page_listserv.asp?s=howto
Featured Thread: Security Patch Distribution
   (Four messages in this thread)

Chris wonders what methods people use to distribute Microsoft's security 
patches. He also wonders whether System Management Services (SMS) is 
capable of distributing patches. Can you help? Read the responses or 
lend a hand at the following URL:
  
http://63.88.172.96/listserv/page_listserv.asp?a2=ind0111d&l=howto&p=965

9. ==== CONTACT US ====
   Here's how to reach us with your comments and questions:

* ABOUT IN FOCUS -- mark@ntsecurity.net

* ABOUT THE NEWSLETTER IN GENERAL -- mlibbey@win2000mag.com (please
  mention the newsletter name in the subject line)

* TECHNICAL QUESTIONS -- http://www.win2000mag.net/forums

* PRODUCT NEWS -- products@win2000mag.com

* QUESTIONS ABOUT YOUR SECURITY UPDATE SUBSCRIPTION? Email Customer
  Support -- securityupdate@win2000mag.com

* WANT TO SPONSOR SECURITY UPDATE? emedia_opps@win2000mag.com

********************

   Receive the latest information about the Windows and .NET topics of 
   your choice. Subscribe to our other FREE email newsletters.
   http://www.win2000mag.net/email

|-+-+-+-+-+-+-+-+-+-| 

Thank you for reading Security UPDATE.


-
ISN is currently hosted by Attrition.org

To unsubscribe email majordomo@attrition.org with 'unsubscribe isn' in the BODY
of the mail.

[prev in list] [next in list] [prev in thread] [next in thread]