Security Becoming Increasingly Difficult

Security Becoming Increasingly Difficult
Security Becoming Increasingly Difficult

Forwarded with permission from: Security UPDATE 


KVM Over IP for the Distributed IT Environment 

Federal Rules of Civil Procedure and Email Discovery 

Ensuring Protection and Availability for Microsoft Exchange 

=== CONTENTS ==================================================
IN FOCUS:  Security Becoming Increasingly Difficult

   - Digital Monsters Unleashed at
   - Skype Taken Down by Its Own Doing
   - China and USA Tops in Malware Storage Sites?
   - NetNation Opens Shop in USA, Offers New Domain Security Features
   - Recent Security Vulnerabilities

   - Security Matters Blog: When Honors Aren't Really Honors
   - FAQ: No More WINS in Windows 2008
   - From the Forum: Restricting Remote Logons to One User 
   - Share Your Security Tips

   - Processor Adds Security Features
   - Product Evaluations from the Real World




=== SPONSOR: Lantronix ========================================
KVM Over IP for the Distributed IT Environment
   Keyboard/video/mouse (KVM) switches are a valuable server management 
tool. This paper presents the complexities of managing the distributed 
data center and highlights the advantages of using a KVM over IP 
solution that delivers flexible, scalable and affordable CAT5-based 
remote access. 

=== IN FOCUS: Security Becoming Increasingly Difficult ========   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

In the news last week were three interesting stories that offer clear 
indications that keeping an enterprise secure is becoming more 
difficult as services and exploits evolve. You can link to these 
stories by going to the SECURITY NEWS AND FEATURES section below.

If you read the story "Digital Monsters Unleashed at," 
you'll learn that intruders have switched tactics. Instead of 
specifically targeting a single vulnerability, the trend has moved 
towards targeting a list of vulnerabilities on a specific platform. 
Like MPack, which I wrote about (at the URL below) back in June, the 
exploit foisted upon unsuspecting visitors was packaged in 
an innocuous-looking ad on multiple pages and worked by determining the 
visitor's OS and browser type, then delivering corresponding exploit 

The exploit took advantage of one of the most dangerous 
weaknesses in security: The failure to install patches or new versions 
of various applications and subsystems. Because many 
visitors' systems were not up-to-date, the attack was highly 
successful. So far, reports indicate that hundreds of thousands of 
people had all sorts of private information stolen. The stolen 
information is already being used to exploit even more people. The 
entire ordeal clearly points to the need to keep systems as up-to-date 
as possible at all times, because even users who are very security 
savvy and know how to avoid email scams and suspicious Web sites might 
still fall victim by simply opening an email message that appears 
legitimate or by landing on a well-known Web site. 

In the second story, "Skype Taken Down By Its Own Doing," you'll learn 
how engineering oversights can readily lead to situations where a 
company's own developers take down the company's entire product 
infrastructure. Because the engineers at Skype didn't run through 
enough "what if" scenarios, the Skype VoIP peer-to-peer (P2P) network 
was rendered mostly useless for a significant amount of time. Skype's 
entire existence and income flow is based upon its P2P network. So if 
that network fails, the company is at risk of failing as an enterprise. 

This particular incident points out that security is not just for 
security administrators and end users and that secure software 
development must include an analysis of any and all potential points of 
failure--otherwise a company might wind up instigating a Denial of 
Service (DoS) attack against itself unwittingly.

The third story, "China and US Tops in Malware Storage Sites?" ties 
into the first story. Cyveillence reports that servers in China and the 
US host more malware binaries than any other countries in the world. 
The company also reports that US-based Web sites are used more often 
than sites in any other country to launch malware attacks against 
unsuspecting users. 

Even though intruders might be based overseas, they know full well that 
online activity is widespread and still growing rapidly in the US and 
that the rush to use the Internet has far outrun the population's 
general awareness of the dangers involved. 

The figures from Cyveillence, which you can learn more about in the 
news story, clearly point out why those of you who work as security 
administrators in the US need to be far more diligent than your 
colleagues in other nations. 

=== SPONSOR: Lucid8 ===========================================
Federal Rules of Civil Procedure and Email Discovery
   Email is increasingly used in court and regulatory proceedings from 
e-discovery for civil lawsuits to providing the grounds for prosecuting 
criminal cases. In fact, the ePolicy Institute found that 21% of 
companies have been required to produce employee email in legal cases. 
As a result, the ability to extract content from message stores quickly 
and efficiently is becoming increasingly important. Exchange 
administrators need an enhanced tool set, one that can provide simple 
as well as advanced searching capabilities and also allow for granular 
extraction of data while imposing a minimum of disruption on IT staff 
and end users. This white paper discusses the key issues involved in 
proper data retention and retrieval. 

=== SECURITY NEWS AND FEATURES ================================
Digital Monsters Unleashed at
   Hundreds of thousands of people who went to looking for 
jobs or new recruits got more than they bargained for when wily 
criminals used the site to silently install Trojans on unsuspecting 
users' computers. 

Skype Taken Down by Its Own Doing
   Millions of Skype users found themselves unable to connect to the 
VoIP network due to shortcomings in the company's P2P network 
management algorithm. 

China and US Tops in Malware Storage Sites?
   A new report from Cyveillance suggests that 60 percent of all 
malware binary storage sites are hosted in China or the United States--
the two countries with the largest online populations. 

NetNation Opens Shop in US, Offers New Domain Security Features
   Canadian-based NetNation recently opened shop in the US and launched 
a new set of domain security features that help protect against 
unauthorized changes. 

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at 

=== SPONSOR: Double-Take Software =============================
Ensuring Protection and Availability for Microsoft Exchange 
   Microsoft Exchange is integral to an organization's day-to-day 
operation. For many companies, an hour of Exchange downtime can cost 
hundreds of thousands of dollars in lost productivity. This paper 
discusses new ways to maintain Exchange uptime by using data 
protection, failover, and application availability. When recoverability 
matters, depend on Double-Take Software to protect and recover business 
critical data and applications. 

=== GIVE AND TAKE =============================================
SECURITY MATTERS BLOG: When Honors Aren't Really Honors
by Mark Joseph Edwards, 

Sometimes honors bestow a lot of clout. Other times, honors are 
entirely worthless. If you download software because it has a "top 
rating," you might be surprised to learn that honorable mentions are 
often handed out blindly, so beware! 

FAQ: No More WINS in Windows 2008
by John Savill, 

Q: What is GlobalNames in Windows Server 2008?

Find the answer at 

FROM THE FORUM: Restricting Remote Logons to One User
   A forum participant is using a Windows 2000 Server and Windows 
Server 2003 domain environment and wants to know if he can create a 
policy, script, or registry tweak that makes it impossible for more 
than one user to log on to a remote server at the same time. Join the 
discussion at 

=== PRODUCTS ================================================== by Renee Munshi, 

Processor Adds Security Features
   Intel's new generation of vPro processor technology (formerly 
codenamed Weybridge) adds several security features. Intel Trusted 
Execution Technology (TXT--formerly codenamed LaGrande), used with 
Intel Virtualization Technology for Directed I/O, isolates assigned 
memory to keep data in each virtual partition protected from 
unauthorized access by software in another partition. Improved System 
Defense Filters can identify more threats in the network traffic flow. 
And an embedded trust agent lets Cisco customers manage systems, even 
if they're powered off or the OS is down, without lowering the security 
on 802.1x networks and Cisco Self-Defending Network products. For more 
information, go to 

   Share your product experience with your peers. Have you discovered a 
great product that saves you time and money? Do you use something you 
wouldn't wish on anyone? Tell the world! If we publish your opinion, 
we'll send you a Best Buy gift card! Send information about a product 
you use and whether it helps or hinders you to 

=== RESOURCES AND EVENTS ======================================   For more security-related resources, visit 

Keeping Exchange Running--The High Availability Imperative
   If there's a "killer app," it's email. Business communications rely 
on it, and increasingly mobile users and clients lower the tolerance 
for email downtime. Attend this Web seminar and hear from Paul 
Robichaux, who will share information to help you meet your 
enterprise's HA needs. Tune in for useful tips and a guide to resources 
available for disaster recovery planning. Bring your questions to the 
lively Q&A session after the presentation. Register now for this 
September 26, 2007, live Web seminar. 

Effective performance management and financial planning can help you 
drive better performance for your business. Come to this one-day launch 
event in New York City and learn how companies like yours--and 
Microsoft itself--are benefiting from an integrated monitoring, 
analysis, and financial planning application. 

File Area Networks: Your First Look at FAN Technology
   Regain control over the burgeoning file data in your enterprise. 
Learn how FANs can help you centralize file consolidation, migration, 
replication, and failover. Download this eBook and start streamlining 
your file management today! 

=== FEATURED WHITE PAPER ======================================
The Web Isn't Fun Anymore: How Websense Technology Protects Against 
Internet-Based Threats
   With its wealth of information, the Internet has become integrated 
into our personal lives as well as being a necessary business tool. 
However, it has a dark side. This white paper examines technologies 
that will help guard against Internet-based threats. 

=== ANNOUNCEMENTS =============================================
Search Thousands of SQL Articles Online and on CD 
   A SQL Server Magazine Master CD subscription buys you portable, 
lightning-fast access to the entire SQL Server article database on CD, 
plus exclusive, up-to-the-minute access to the new articles we publish 
on every day. Order your subscription now! 

Save 1/2 Off Security Pro VIP 
   Security Pro VIP is an online resource that delivers new articles 
every week to help you defend your network. Subscribers also receive 
tips, cautionary advice, direct access to our editors for technical 
Q&As, and a host of other benefits! Order now, and save up to 50 

Security UDPATE is brought to you by the Windows IT Pro Web site's 
Security page (first URL below) and Security Pro VIP (second URL 

Subscribe to Security UPDATE at 

Be sure to add 
to your antispam software's list of allowed senders.

To contact us: 
About Security UPDATE content -- 
About technical questions -- 
About your product news -- 
About your subscription -- 
About sponsoring Security UPDATE -- 

View the Windows IT Pro privacy policy at 

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2007, Penton Media, Inc. All rights reserved.

Attend HITBSecConf2007 - Malaysia 
Taking place September 3-6 2007 featuring seven tracks of technical 
training and a dual-track security conference with keynote speakers 
Lance Spitzner and Mikko Hypponen!  -  Book your seats today! 

Site design & layout copyright © 1986-2015 CodeGods