This email newsletter comes to you free and is supported by the
following advertisers, which offer products and services in which
you might be interested. Please take a moment to visit these
advertisers' Web sites and show your support for Security UPDATE.
1. In Focus: VM, VPS, and User Training
2. Security News and Features
- Recent Security Vulnerabilities
- Microsoft To Hold Five Security Summits
- Oracle Slip-Up Results in Leaked Exploit Information
- Geek Squad Gets Slapped with Restraining Order
3. Security Toolkit
- Security Matters Blog
- Instant Poll
- Share Your Security Tips
4. New and Improved
- Remove Malware Remotely
==== Sponsor: Symantec ===
A multi-tier approach to email security prevents unauthorized access
and can stop spam, viruses, and phishing attacks. Learn to implement
one today, and protect your network security and business systems!
==== 1. In Focus: VM, VPS, and User Training === by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Last week, I discussed how virtual machines (VMs) might become standard
on computers. As a brief recap, virtualization technology could provide
an effective way to ensure the integrity of desktop computers,
particularly because it makes restoring a compromised system quick and
easy: Simply shut down the VM and relaunch it.
If you consider implementing this type of solution, you should also
consider running different OSs on the under- and overlying systems.
Doing so will probably improve overall security more than if you, say,
run a Windows-based VM (typically called the guest OS) on top of
another Windows-based OS (typically called the host OS). Exploiting the
vulnerabilities of two OSs and their related applications is more
difficult than compromising one.
You could, for example, run some variety of Linux or BSD or possibly
Mac OS X or Solaris as the host OS and run Windows as a VM. This way,
if an intruder is able to compromise Windows, you can quickly clean up
that problem; in order to compromise the entire system, the intruder
would need to know which OS runs as the host underneath Windows and be
able to exploit that OS too. Of course, the downside of this approach
is that you'd have two OSs to maintain, plus the expense of licensing
the host OS if you don't use an open source OS.
Last week, I mentioned Microsoft Virtual Server 2005 R2, VMware, and
Parallels Workstation as virtualization solutions. Serenity Virtual
Station (SVISTA) from Serenity System International allows both Linux
and FreeBSD as host OSs and can run Windows, Linux, and Serenity's
eComStation as guest OSs.
Finally, another virtualization solution that I didn't mention last
week is called virtual private servers (VPSs). Don't mistake VPSs for
VMs--there are important differences. In short, VPS technology doesn't
let you mix different host and guest OSs. True VMs work at the hardware
level, whereas VPS technology works at the software level to create an
isolated environment that uses the OS. So for example, if you use VPS
technology on a Windows XP system, each VPS you create on that system
will be based on that single installed copy of XP.
If you think you might be interested in VPS technology, have a look at
Virtuozzo from SWsoft (first URL below), which runs on Windows and
Linux. If you use Solaris, you might know that it has VPS support built
in. Other VPS solutions are also available for Linux via the Linux-
Vserver Web site (at the second URL below) and BSD via BSD jails (which
you can learn about at the third URL below).
Virtualization technology goes a long way towards building better
security and can help protect users from themselves. Another way to
help end users improve company security is to train them.
Last week, CompTIA said that based on a recent survey of 574 companies,
human error was responsible for 60 percent of information security
breaches experienced over the last year. Yet only 36 percent of the
surveyed companies offer end-user training!
It is glaringly apparent that end users need training to help raise
their security awareness. I seriously doubt that any combination of
technologies could reasonably replace thorough education. Chances are
great that if more end users received security-related training,
security breaches could be significantly reduced. This of course saves
time and money and helps protect your business at all levels, including
its important public image.
Although some aspects of end-user training need to be tailored to fit
your particular business, many aspects can be generalized to fit nearly
any business that uses Microsoft products. I'll see if I can dig up
some useful training resources that might help you review or augment
your existing training or develop new training if you don't have any in
place. Look for this information in an upcoming edition of this
==== Sponsor: Macrovision ===
Strategically manage your organization's software licenses with a 5-
step program to help save time and cut costs by centralizing licensing
==== 2. Security News and Features ===
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
Microsoft To Hold Five Security Summits
Microsoft announced that it's hosting a series of one-day security
events in five US cities tailored for IT pros and developers. The
series, Security Matters--Microsoft Security Summits 2006, are intended
to teach people about key trends as well as how to prepare for those
trends and to offer an opportunity to discuss security issues with
experts from the company.
Oracle Slip-Up Results in Leaked Exploit Information
Vendors typically frown upon the premature publication of
vulnerability and exploit information, and usually the discoverer is
the source of the leak. But recently Oracle was the source of a leak
about a vulnerability, including a working exploit, in its popular
Oracle Database server product.
Geek Squad Gets Slapped with Restraining Order
You'd think that a megacorporation would know better than to use
unlicensed software. But if employee reports are true, then Best Buy's
Geek Squad committed a major faux pas that has landed the company in
some very hot water.
==== Resources and Events ===
Gain control of your messaging data with step-by-step instructions for
complying with the law, ensuring your systems are working properly, and
ultimately making your job easier.
Industry guru Randy Franklin Smith helps you identify what you should
do to leverage your mobile and wireless infrastructure, how to pick
devices that are right for you, and more!
Learn about the advantages of each alternative to traditional file
servers and tape storage solutions, and make the best choice for your
Learn to gather evidence of compliance across multiple systems and link
the data to regulatory and framework control objectives.
Learn how application packaging can cut your OS migration time while
maintaining error-free deployment.
==== Featured White Paper ===
Secure Your Online Data Transfer with SSL
Increase your customers' confidence and your business by securely
collecting sensitive information online. In this free white paper
you'll learn about the various applications of SSL certificates and how
to deploy them appropriately, along with details of how to test SSL on
your Web server.
==== Hot Spot ===
New Activeworx v3 - Affordable SIM from CrossTec
Activeworx Security Center v3 is a high-quality, low-cost, security
information and event management (SIM) software solution that collects,
normalizes and analyzes data from virtually any security device from
any vendor. ASC includes real-time correlation and analysis, immediate
alerts, built-in compliance reports and deep forensics. Free Eval.
==== 3. Security Toolkit ====
Security Matters Blog: A Deeper Look at Microsoft's InfoCard Identity
by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=276F2:4FB69
Microsoft Passport is essentially a flop. However, Microsoft's new
identity system, InfoCard, might actually take off. Find out more about
it by following the links in this blog article.
by John Savill, http://list.windowsitpro.com/t?ctl=276F1:4FB69
Q: Can you use the Microsoft File Server Migration Toolkit (FSMT) to
migrate shares between servers in different forests?
Find the answer at http://list.windowsitpro.com/t?ctl=276EF:4FB69
New Instant Poll
How do your remote employees access your file servers?
- VPN (IPsec, PPTP, L2TP, or SSL)
- Web-based file-access application
- Web Distributed Authoring and Versioning (WebDAV) server
See the article "WebDAV for Remote Access" at
Submit your vote at
Share Your Security Tips and Get $100
Share your security-related tips, comments, or problems and
solutions in the Windows IT Security print newsletter's
Reader to Reader column. Email your contributions to
firstname.lastname@example.org. If we print your submission, you'll
get $100. We edit submissions for style, grammar, and length.
==== Announcements === (from Windows IT Pro and its partners)
Exclusive Spring Savings
Subscribe to SQL Server Magazine and SAVE 58%! Along with your 12
issues, you'll get FREE access to the entire SQL Server Magazine online
article archive, which houses more than 2,300 helpful articles. This is
a limited-time offer, so order now:
Save 44% off the Windows IT Security Newsletter
For a limited time, order the Windows IT Security newsletter and
SAVE up to $80! You'll get 12 helpful issues loaded with endless
fundamentals on building and maintaining a secure enterprise, in-depth
product coverage of the best security tools available, and expert
advice on the best way to implement various security components.
==== 4. New and Improved === by Renee Munshi, email@example.com
Remove Malware Remotely
IS Decisions has released SweepDeployer, free software which lets
you remotely execute on an entire network (or a selection of systems)
one of the following malware removal solutions: Microsoft Malicious
Software Removal Tool, McAfee AVERT Stinger, or Trend Micro Damage
Cleanup Engine. The targeted systems need no agents or manual
intervention. You can also schedule SweepDeployer to automatically run
the selected tool at regular intervals. SweepDeployer is based on IS
Decisions RemoteExec technology. For more information, go to
Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving
you time or easing your daily burden? Tell us about the product, and
we'll send you a T-shirt if we write about the product in a future
Windows IT Pro What's Hot column. Send your product suggestions with
information about how the product has helped you to
==== Contact Us ====
About the newsletter -- firstname.lastname@example.org
About technical questions -- http://list.windowsitpro.com/t?ctl=276F5:4FB69
About product news -- email@example.com
About your subscription -- firstname.lastname@example.org
About sponsoring Security UPDATE -- email@example.com
This email newsletter is brought to you by Windows IT Security,
the leading publication for IT professionals securing the Windows
enterprise from external intruders and controlling access for
internal users. Subscribe today.
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2006, Penton Media, Inc. All rights reserved.
InfoSec News v2.0 - Coming Soon!