|
|
PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:
Tap into the Potential Value of Compliance
http://list.windowsitpro.com/t?ctl=345FB:7EB890
Clean Up Your Company's Email Act: Using Filters to Block Threats
http://list.windowsitpro.com/t?ctl=345F0:7EB890
The Starter PKI Program
http://list.windowsitpro.com/t?ctl=345F1:7EB890
=== CONTENTS ==================================================
IN FOCUS: AxMan, Malware Search, and Bugle
NEWS AND FEATURES
- Microsoft Testing Daily Malware Definition Updates
- Security Guru Leaves Microsoft
- The Balancing Act Between Security and Usability
- Recent Security Vulnerabilities
GIVE AND TAKE
- Security Matters Blog: Build Your Own Firewall
- FAQ: Displaying a File's Full Path in Windows Explorer
- From the Forum: Authenticating Wireless Users
- Share Your Security Tips
PRODUCTS
- Encrypt Your Removable Media
- Wanted: Your Reviews of Products
RESOURCES AND EVENTS
FEATURED WHITE PAPER
ANNOUNCEMENTS
=== SPONSOR: Quest Software ===================================
Tap into the Potential Value of Compliance
If your compliance solutions only address compliance, you're not
getting the most for your budget dollar. The new Quest Software white
paper, "Leveraging Business Value from Compliance Efforts," offers
expert tips for identifying compliance solutions with high business
value.
Read the white paper now.
http://list.windowsitpro.com/t?ctl=345FB:7EB890
=== IN FOCUS: AxMan, Malware Search, and Bugle ================ by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
If you read my Security Matters blog, you might remember me mentioning
the Month of Browser Bugs, in which one new browser bug was to be
posted to a Web site each day during the month of July. Well, July is
over, but you can still read about all the browser bugs at the
following URL:
http://list.windowsitpro.com/t?ctl=34603:7EB890
The Month of Browser Bugs was driven by well-known security researcher
H.D. Moore and some of his associates. Moore is probably best known as
the developer of the Metasploit Toolkit. Moore has a couple other
useful tools that you might not be aware of: AxMan and Malware Search.
According to Moore, "[AxMan] was used to discover and debug almost
every single ActiveX flaw published during the Month of Browser Bugs."
AxMan is an ActiveX fuzzer that can find bugs in COM objects through
Microsoft Internet Explorer (IE). In case you don't know, a fuzzer
injects random data into a program or object in an effort to find flaws
or vulnerabilities. Moore recently made the AxMan package freely
available for download. There's also an online demo you can try:
http://list.windowsitpro.com/t?ctl=34601:7EB890
Malware Search is a search tool that uses Google queries to look for
the "fingerprints" of known malware on the Internet. A fingerprint
includes the date and time the malware was received, the size of the
code image, the address entry point, and the size of the code itself.
The tool consists of a set of scripts written in Ruby and comes with a
database of several dozen signatures. One of the scripts lets you
generate a new fingerprint when a new malware file pops up on your
network. To perform a malware search or download the tool, go to the
following URL:
http://list.windowsitpro.com/t?ctl=345FE:7EB890
Bugle, another new Web search tool by Emmanouel Kellinis, is
essentially a list of search engine queries that look for possible
security bugs in source code that has been indexed by Google. Bugle
uses a "filetype" parameter along with function calls in the queries to
specify the type of files to look in for the specific problematic
function.
For example, one query finds possible SQL injection vulnerabilities by
looking for the function call "executequery request.getparameter" in
.java files. Another query finds possible cross-site scripting problems
in Active Server Pages (ASP) applications by looking for
"response.write request.form" in .asp files. At the time of this
writing, Google returned 452 results for the first example and 149 for
the second example.
Keep in mind that not every piece of code returned in the search
results has vulnerabilities. The potential for a vulnerability
typically depends on how the developer implemented the code, so you'll
need to understand a bit about writing code in order to make a
determination.
Kellinis invites the public to develop other queries and submit them
for inclusion in his list. If you like to hunt for vulnerabilities or
are curious about whether an application you're interested in using
might contain vulnerabilities, bookmark the site and use it when the
need arises.
http://list.windowsitpro.com/t?ctl=345F9:7EB890
=== SPONSOR: St. Bernard Software =============================
Clean Up Your Company's Email Act: Using Filters to Block Threats
Do you want to block unwanted or undesirable email? Download this
free whitepaper to learn how to manage the content of information
crossing your network.
http://list.windowsitpro.com/t?ctl=345F0:7EB890
=== SECURITY NEWS AND FEATURES ================================
Microsoft Testing Daily Malware Definition Updates
Those who use Microsoft's anti-malware solution, Windows Defender,
have probably noticed that Microsoft is currently testing its malware
signature update pipeline by publishing updates each weekday instead of
biweekly. Find out why in this news story.
http://list.windowsitpro.com/t?ctl=345EB:7EB890
Security Guru Leaves Microsoft
Amid the major shake-ups in management at Microsoft, one of the
company's more notable security gurus, Jesper Johansson, announced that
he's leaving the company to work for online retail giant Amazon.
http://list.windowsitpro.com/t?ctl=345F4:7EB890
The Balancing Act Between Security and Usability
If your network's security is too tight, your network is more
difficult to use and manage. If it's too loose, your network is
vulnerable to attacks. Apostolos Fotakelis explains how he achieves
balance in this Reader to Reader article.
http://list.windowsitpro.com/t?ctl=345EC:7EB890
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at
http://list.windowsitpro.com/t?ctl=345F3:7EB890
=== SPONSOR: Thawte ===========================================
The Starter PKI Program
Test the Starter PKI Program to benefit your company with timesaving
convenience and secure multiple domains and host names.
http://list.windowsitpro.com/t?ctl=345F1:7EB890
=== GIVE AND TAKE =============================================
SECURITY MATTERS BLOG: Build Your Own Firewall
by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=34600:7EB890
Have a spare system and a couple of NICs lying around? You can use them
to build your own firewall without too much trouble. Get the link that
shows you how in this blog entry.
http://list.windowsitpro.com/t?ctl=345F5:7EB890
FAQ: Displaying a File's Full Path in Windows Explorer
by John Savill, http://list.windowsitpro.com/t?ctl=345FD:7EB890
Q: How can I modify the registry to enable the option to display the
full path in the Windows Explorer Address bar?
Find the answer at
http://list.windowsitpro.com/t?ctl=345E9:7EB890
FROM THE FORUM: Authenticating Wireless Users
A forum participant wants to use Remote Authentication Dial-In User
Service (RADIUS) and Protected Extensible Authentication Protocol
(PEAP) to authenticate wireless users, but he's experiencing some
problems. Help him out at:
http://list.windowsitpro.com/t?ctl=345EA:7EB890
SHARE YOUR SECURITY TIPS AND GET $100
Share your security-related tips, comments, or problems and
solutions in the Windows IT Security print newsletter's
Reader to Reader column. Email your contributions to
r2rwinitsec@windowsitpro.com. If we print your submission, you'll
get $100. We edit submissions for style, grammar, and length.
=== PRODUCTS ================================================== by Renee Munshi, products@windowsitpro.com
Encrypt Your Removable Media
Addonics Technologies offers Cipher UDD, an encryption/decryption
hardware device for securing data on removable media. You plug the
portable (4.63-inch x 5.4-inch x .98-inch) device into your computer
via a USB 2.0 or eSATA connection. Cipher UDD has a standard Type II PC
card slot that accommodates standard PC cards and ATA flash cards. For
other form factors, Addonics provides an array of adapters that can be
purchased separately or as a bundled solution. Cipher UDD works with
most systems and OSs as long as the user has the Cipher key. The base
model has 64-bit encryption and costs $79. A model providing 128-bit
encryption is also available. For more information, go to
http://list.windowsitpro.com/t?ctl=34605:7EB890
WANTED: your reviews of products you've tested and used in
production. Send your experiences and ratings of products to
whatshot@windowsitpro.com and get a Best Buy gift certificate.
=== RESOURCES AND EVENTS ======================================
Windows Connections Conference
Now in its seventh year, Windows Connections returns November 6-9,
at Mandalay Bay in Las Vegas. Don't miss your chance to interact with
industry experts and hear the latest information on Windows Server
2003, Windows 2000 Server, and Windows XP Professional! Register and
attend sessions at Microsoft Exchange Connections FREE!
http://list.windowsitpro.com/t?ctl=34604:7EB890
Gear up for TechX World Roadshow
Hear first-hand from today's leading interoperability experts,
vendors, and peers at this exclusive one-day event. You'll learn about
managing OS interoperability, directory migration, data
interoperability, and much more. Register for the early-bird special of
$129 by August 31!
http://list.windowsitpro.com/t?ctl=345FC:7EB890
Learn all you need to know about code-signing technology, including the
goals and benefits of code signing, how code signing works, and the
underlying cryptographic and security concepts and building blocks.
http://list.windowsitpro.com/t?ctl=345F2:7EB890
Randy Franklin Smith outlines five evaluation points to consider when
choosing your antispyware solution in this free podcast. Download it
today!
http://list.windowsitpro.com/t?ctl=345EE:7EB890
When your systems go down, your users' productivity grinds to a halt.
User downtime is one of the fastest growing concerns among businesses.
This free Web seminar teaches you how to keep your users continuously
connected and your business up and running. Live event: Thursday,
August 24
http://list.windowsitpro.com/t?ctl=345ED:7EB890
=== FEATURED WHITE PAPER ======================================
Antivirus or patching software alone isn't enough to protect your
valuable systems from spyware. Learn how an enterprise antispyware
solution gives you an affordable--and most important, effective,
solution to spyware. Download the free whitepaper today!
http://list.windowsitpro.com/t?ctl=345EF:7EB890
=== ANNOUNCEMENTS =============================================
Monthly Online Pass--only $5.95 per month!
Includes instant online access to every article ever written in
Windows IT Pro magazine, plus the latest digital issue. Order now:
http://list.windowsitpro.com/t?ctl=345F6:7EB890
Save $40 off SQL Server Magazine
Subscribe to SQL Server Magazine today and SAVE up to $40! Along
with your 12 issues, you'll get FREE access to the entire SQL Server
Magazine online article archive, which houses more than 2,300 helpful
SQL Server articles. This is a limited-time offer, so order now:
http://list.windowsitpro.com/t?ctl=345F7:7EB890
===============================================================
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and the Windows IT Security newsletter
(subscribe at the second URL below).
http://list.windowsitpro.com/t?ctl=345FF:7EB890
http://list.windowsitpro.com/t?ctl=345F8:7EB890
Subscribe to Security UPDATE at
http://list.windowsitpro.com/t?ctl=345FA:7EB890
Be sure to add Security_UPDATE@list.windowsitpro.com
to your antispam software's list of allowed senders.
To contact us:
About Security UPDATE content -- letters@windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=34602:7EB890
About your product news -- products@windowsitpro.com
About your subscription -- windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- salesopps@windowsitpro.com
View the Windows IT Pro privacy policy at
http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2006, Penton Media, Inc. All rights reserved.
_________________________________
Visit the InfoSec News store!
http://www.shopinfosecnews.org