AOH :: ISN-2813.HTM

More About OS Haste; BATV

More About OS Haste; BATV
More About OS Haste; BATV



St. Bernard Software 

Core Security 

=== CONTENTS ==================================================
IN FOCUS: More About OS Haste; BATV

   - Security Vendor Claims Microsoft Is Shutting Out Competition
   - Microsoft Closes Acquisition and Offers Whale of a Deal
   - Sam Spade on the Spam Case 
   - Recent Security Vulnerabilities

   - Security Matters Blog: Firefox Now Available 
   - FAQ: Iterating a DC's Sites
   - Take the Windows IT Pro Salary Survey
   - "Securing Access at the Application Layer: Keeping Remote and 
Mobile Users Fully Functional" On-Demand Web Seminar
   - Share Your Security Tips

   - Authenticate Your OWA Users
   - Tell Us About a Hot Product




=== SPONSOR: CrossTec =========================================
Are you spending too much time monitoring security logs?
   Research shows that IT Security Managers can spend over four hours a 
day monitoring various security event logs and chasing after alerts. 
Activeworx saves you valuable time because it consolidates and manages 
logs from multiple vendors and devices. Activeworx Security Center is a 
cost-effective security information management solution that provides 
real-time security device log monitoring with correlated alerts, audit 
and compliance reports, and tools for advanced, in-depth forensic 
analysis. Activeworx reduces the time it takes to analyze event data 
from multiple sources and produces real-time reports that pinpoint 
network security breaches and vulnerabilities. These in-depth reports 
provide the details necessary for regulatory compliance reporting for 
Sarbanes-Oxley, HIPAA, and the Gramm-Leach-Bliley Act. Try Activeworx 
for free - fast install and free support. 

=== IN FOCUS: More About OS Haste; BATV =======================   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

I received another reader perspective on OS release frequency that I'll 
share with you this week, then I'll briefly share some information 
about Bounce Address Tag Validation that I think will interest you. 

The reader pointed out that many companies upgrade OSs at the same time 
they upgrade hardware. The reasons he cited for doing so are that 
sometimes it's more cost-effective to buy the OS through an OEM 
(typically along with the new hardware) and that many companies lack 
the centralized management required to upgrade OSs on old hardware in 
an efficient manner. A shorter OS release cycle doesn't matter that 
much to companies who synchronize hardware and OS upgrades. 

His points make good sense, especially given that Windows Vista will 
require more powerful hardware than many people have available in their 
network environments. So some companies that want to take full 
advantage of Vista will no doubt upgrade to new hardware and Vista at 
the same time. 

Last week, I learned about a new email technology called Bounce Address 
Tag Validation (BATV), which is designed to prevent SMTP bounce abuse. 
Spammers sometimes use SMTP bounce to deliver email messages to their 
targets. To do so, a spammer addresses a message to any fake address 
and sets the From address to the real intended recipient. Then the 
spammer sends the email message to a third-party mail server. That mail 
server sees that the message isn't destined for a known user at a known 
domain hosted by the mail server and bounces the message back to the 
>From address, thereby unwittingly delivering the spam message for the 

Malicious attackers also abuse SMTP bouncing, but they send a huge 
volume of email so that the victim mail server or its network bandwidth 
is overwhelmed.

BATV is designed to prevent these attacks. It uses a specially encoded 
>From address that can be authenticated. Because a mail header, which 
includes the From field, is sent before the message body, a mail server 
can authenticate a message from its header before accepting or 
rejecting the bulk of the message. Screening out bad messages 
effectively reduces the load on a mail server and the overall network 

Another great advantage of BATV is that because each mail server would 
perform its own From address encoding, BATV can be implemented on a 
per-server basis without any restrictive dependencies, such as third-
party databases, peer-to-peer data sharing, or recurring service access 

BATV is an Internet Engineering Task Force (IETF) draft proposal that 
began in late 2004. You can read the proposal, which of course includes 
the technical specifications, at the IETF Web site at the URL below. If 
you're interested in the technology, check with your mail server 
software provider to see if it supports BATV. 

=== SPONSOR: St. Bernard Software =============================
Examine the threats of allowing unwanted or offensive content into your 
network and learn about the technologies and methodologies to defend 
against inappropriate content, spyware, IM, and P2P. 

=== SECURITY NEWS AND FEATURES ================================
Security Vendor Claims Microsoft Is Shutting Out Competition
   Security solution provider Agnitum claims that Microsoft's kernel 
patch protection will shut out competing products unless competitors 
resort to hacker tactics. 

Microsoft Closes Acquisition and Offers Whale of a Deal
   Microsoft closed its acquisition of Whale Communications, which is 
now a wholly owned subsidiary. Microsoft is offering a significant 
discount on the newly acquired Whale security products. 

Sam Spade on the Spam Case
   Whether you're investigating a possible phishing scam or determining 
whether the email clogging your corporate mailboxes is legitimate or 
spam, you can turn to the classic Sam Spade tool. Jeff Fellinge gives 
an overview in this article on our Web site. 

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at 

=== SPONSOR: Core Security ====================================
Manage Vulnerabilities. Defend Against Threats. Free White Paper.
   Your IT and Security budgets are tight. This Yankee Group White 
Paper shows real-world case studies demonstrating the ROI potential 
using automated penetration testing. 

=== GIVE AND TAKE =============================================
SECURITY MATTERS BLOG: Firefox Now Available 
by Mark Joseph Edwards, 

Mozilla Foundation released an update to Firefox. The new version 
corrects a dozen security vulnerabilities, seven of which are critical. 
Some of the problems include privilege escalation, JavaScript engine 
vulnerabilities, and possible code execution. 

FAQ: Iterating a DC's Sites
by John Savill, 

Q: How can I determine which sites a domain controller (DC) covers?

Find the answer at 

   We need your help! Windows IT Pro is launching its third Windows IT 
Pro Industry Salary Survey, and we want to find out all about you and 
what makes you a satisfied IT pro. When you complete the survey (about 
10 minutes of your time), you'll be entered in a drawing for one of 
five $100 American Express gift certificates. Look for the survey 
results--and how you stack up against your peers--in our December 
issue. To take the survey, go to 

"Securing Access at the Application Layer: Keeping Remote and Mobile 
Users Fully Functional" on-demand Web seminar, with speakers Randy 
Franklin Smith and Judah Aspler. Register at 

   Share your security-related tips, comments, or problems and 
solutions in the Windows IT Security print newsletter's 
Reader to Reader column. Email your contributions to If we print your submission, you'll 
get $100. We edit submissions for style, grammar, and length.

=== PRODUCTS ================================================== by Renee Munshi, 

Authenticate Your OWA Users
   VASCO Data Security International has launched DIGIPASS easy pack, 
an authentication solution that works with Microsoft Outlook Web Access 
(OWA). With DIGIPASS easy pack, users log on to their Web mail account 
by entering a PIN and a one-time password generated by the provided 
DIGIPASS GO 3 device. DIGIPASS easy pack is designed to be affordable 
and easy to manage for small to midsized businesses (SMBs). It contains 
10 DIGIPASS GO 3 devices and the most recent version of VASCO's VACMAN 
Middleware software and includes a year of maintenance support. You can 
also purchase additional DIGIPASS GO 3 devices. For more information, 
go to 

Tell Us About a Hot Product and Get a Best Buy Gift Card!
   Have you used a product that changed your IT experience by saving 
you time or easing your daily burden? Tell us about the product, and 
we'll send you a Best Buy Gift Card if we write about the product in a 
Windows IT Pro What's Hot column. Send your product suggestion with 
information about how the product has helped you to 

=== RESOURCES AND EVENTS ======================================
Cross-Platform Data Roadshow 
   Oracle professionals will cover key concepts about Oracle and SQL 
Server in enterprise database computing. This event provides invaluable 
information about the benefits of 64-bit computing on the Windows 
platform, SQL Server BI for Oracle, high-availability proof points for 
SQL and Oracle, and much more. 

Are you protected company-wide against spyware, keyloggers, adware, and 
backdoor Trojans? Test the state-of-the-art scanning engine that uses 
threat signatures from multiple sources to track down the culprits that 
antivirus solutions alone can't protect you against. Download your free 
30-day trial of CounterSpy Enterprise today! 

How will compliance regulations affect your IT infrastructure? Help 
design your retention and retrieval, privacy, and security policies to 
make sure that your organization is compliant. Download the full ebook 

Take an up-to-date look at secure, remote access to corporate 
applications and stay ahead of the curve when making decisions about 
near- and long-term IT infrastructure. On-demand Web seminar. 

Learn the key requirements of an effective internal network security 
solution and whether your approach protects you against worms, BotNets, 
Trojan horses, and hackers. On-demand Web seminar. 

=== FEATURED WHITE PAPER ======================================
Secure Your Online Data Transfer with SSL
   Increase your customers' confidence and your business by securely 
collecting sensitive information online. In this free white paper, 
you'll learn about the various applications of SSL certificates and 
their appropriate deployment, along with details of how to test SSL on 
your Web server. 

=== ANNOUNCEMENTS =============================================
Uncover Essential Windows Knowledge Through Excavator 
   Try out the ultimate vertical search tool--Windows Excavator. 
Windows Excavator gives you fast and thorough third-party information 
while filtering out unwanted content. 
Visit today! 

Save $40 off Windows IT Pro Magazine 
   Subscribe to Windows IT Pro magazine today and SAVE up to $40! Along 
with your 12 issues, you'll get FREE access to the entire Windows IT 
Pro online article archive, which houses more than 9,000 helpful IT 
articles. This is a limited-time offer, so order now: 

Security UDPATE is brought to you by the Windows IT Pro Web site's 
Security page (first URL below) and the Windows IT Security newsletter 
(subscribe at the second URL below). 

Subscribe to Security UPDATE at 

Be sure to add 
to your antispam software's list of allowed senders.

To contact us: 
About Security UPDATE content -- 
About technical questions -- 
About your product news -- 
About your subscription -- 
About sponsoring Security UPDATE -- 

View the Windows IT Pro privacy policy at 

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2006, Penton Media, Inc. All rights reserved.

Attend the Black Hat Briefings and
Training, Las Vegas July 29 - August 3
2,500+ international security experts from 40 nations,
10 tracks, no vendor pitches. 

Site design & layout copyright © 1986-2015 CodeGods