Comparing Approaches for Desktop Software Lockdown
http://list.windowsitpro.com/t?ctl=44C12:886699
Defending Against Inappropriate Content, Spyware, IM, and P2P at the
Perimeter
http://list.windowsitpro.com/t?ctl=44C0E:886699
Understanding and Leveraging Code Signing Technologies
http://list.windowsitpro.com/t?ctl=44C15:886699
=== CONTENTS ===================================================
IN FOCUS: So Long ORDB; So Long 2006
NEWS AND FEATURES
- ElcomSoft's Proactive Password Auditor Now Supports DEP, Vista,
and More
- Websense to Begin Offering Information Leak Prevention
- Train to Be a Certified Ethical Hacker
- Recent Security Vulnerabilities
GIVE AND TAKE
- Security Matters Blog: Stupid Security Tricks?
- FAQ: Windows Vista Security Guide
- Share Your Security Tips
PRODUCTS
- New Protection for OWA Users' Attachments
- Wanted: Your Reviews of Products
RESOURCES AND EVENTS
FEATURED WHITE PAPER
ANNOUNCEMENTS
=== SPONSOR: Bit9 ==============================================
Comparing Approaches for Desktop Software Lockdown
Prevent installation and execution of unauthorized software on the
computers on your network. Download this free whitepaper today for a
comparison of different techniques for detecting and preventing
unauthorized code. Protect against the emerging risks today!
http://list.windowsitpro.com/t?ctl=44C12:886699
=== IN FOCUS: So Long ORDB; So Long 2006 =======================
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Remember the days, years ago, when we could use just about any mail
server we wanted to send legitimate email? That ability was especially
helpful in certain instances, particularly when our regular mail server
went down or we found ourselves unable to reach our regular mail server
while traveling. The ability for anyone to use a given mail server of
course meant that the server was an open relay, and the days of open
relays are nearly gone, thanks to spammers.
Spammers' abuse of open relays quickly led to a new "best practice" of
administrators no longer leaving their mail servers wide open for use
by anyone (for the most part anyway). At the same time, people formed
groups that began tracking open relays with the intent of providing
lists of those servers to others who wanted to use them to help detect
potential spam.
One such group, Open Relay Database (ORDB), has been a long-standing
resource for administrators in their efforts to eliminate spam. But
alas, last week ORDB announced that it's shutting down.
The nonprofit organization--founded 5 1/2 years ago--provided a
valuable service to the Internet community by making its database
available via several methods, including simple and fast DNS queries.
When ORDB went live in 2001, private individuals and network
administrators at companies of all sizes around the world began to use
it as one of several methods of gauging whether a message might be
spam. The logic of using ORDB was simply that if a message passed
through an open relay, then it was likely spam because spammers abuse
open relays.
Community support for the integration of ORDB was significant.
Integration methods were made available for many popular mail servers
including Postfix, Sendmail, qmail, Exim, Lotus Domino, and Microsoft
Exchange Server. But although integration support was strong, the
operators of ORBD say that they think the usefulness of ORDB has
reached its end.
A message posted on the organization's Web site said that "the general
consensus within the team is that open relay [blacklists] are no longer
the most effective way of preventing spam from entering your network as
spammers have changed tactics in recent years, as have the anti-spam
community."
http://list.windowsitpro.com/t?ctl=44C29:886699
The ORDB mailing lists and the organization's DNS servers--the latter
of which provided the means to check whether a mail server was an open
relay--were shut down December 18. The ORDB team said that the Web site
itself will be taken down as of December 31.
So long, ORDB, and thanks for all your hard work.
While ORDB blacklisted only open relays, other blacklist services
continue to provide open relay databases and more. Such services can be
used to check for a variety of other conditions about a given email
message. For example, many blacklist operators now think that running a
mail server on a dynamic IP address is taboo, so some provide databases
of dynamic IP addresses in use around the world. The logic behind
blacklisting mail servers that use dynamic IP addresses is that bots
routinely turn the computers of dial-up users into prolific senders of
spam, building behemoth mail server networks for spammers.
Other types of data offered by blacklist providers can include lists of
open proxies, Web sites that host vulnerable mailer scripts, servers
and networks that are known to be used to send spam, hijacked networks
used to send spam, and more.
Quite some time ago, I wrote about the spam problem and mentioned a
useful report that shows which blacklists are most effective for Jeff
Makey. You can view his frequently updated report at the URL below.
Many of the blacklists in Makey's report have proven effective in my
own tests, and I think you'll find some of them effective for you too.
http://list.windowsitpro.com/t?ctl=44C26:886699
This is the last edition of Security Update for 2006. We've come a long
way since the newsletter began in late 1998. We've published more than
400 editions, brought you well over a thousand security-related news
stories, pointed you to several hundred feature articles by various
authors, and fielded countless email messages from you, our readers. We
look forward to bringing you even more in the year ahead. And with that
said, I wish you all a happy new year.
=== SPONSOR: St. Bernard Software ==============================
Defending Against Inappropriate Content, Spyware, IM, and P2P at the
Perimeter
Examine the threats of allowing unwanted or offensive content into
your network and learn about the technologies and methodologies to
defend against inappropriate content, spyware, IM, and P2P.
http://list.windowsitpro.com/t?ctl=44C0E:886699
=== SECURITY NEWS AND FEATURES =================================
ElcomSoft's Proactive Password Auditor Now Supports DEP, Vista, and
More
ElcomSoft released Proactive Password Auditor 1.7. The new version
works on systems that use Data Execution Prevention (DEP) and also
supports Windows Vista platforms. Other improvements in the new version
include a "Rainbow Attack" mode for NT LAN Manager (NTLM) and LM
authentication and full Unicode compliance.
http://list.windowsitpro.com/t?ctl=44C1B:886699
Websense to Begin Offering Information Leak Prevention
Websense is set to add information leak prevention technology to its
offerings with the acquisition of PortAuthority Technologies. Websense
said it will pay approximately $90 million in cash to acquire the
company.
http://list.windowsitpro.com/t?ctl=44C1A:886699
Train to Be a Certified Ethical Hacker
New Horizons launched its new Certified Ethical Hacker Program,
which aims to certify individuals in ethical hacking from a vendor-
neutral perspective.
http://list.windowsitpro.com/t?ctl=44C1C:886699
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at
http://list.windowsitpro.com/t?ctl=44C14:886699
=== SPONSOR: Thawte ============================================
Understanding and Leveraging Code Signing Technologies
Learn all you need to know about code signing technology, including
the goals and benefits of code signing, how code signing works and the
underlying cryptographic and security concepts and building blocks.
http://list.windowsitpro.com/t?ctl=44C15:886699
=== GIVE AND TAKE ==============================================
SECURITY MATTERS BLOG: Stupid Security Tricks?
by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=44C23:886699
I'm not sure whether this new trend is stupendous or just plain stupid.
You be the judge when you read about it in this blog article.
http://list.windowsitpro.com/t?ctl=44C1E:886699
FAQ: Windows Vista Security Guide
by John Savill, http://list.windowsitpro.com/t?ctl=44C21:886699
Q: What is the Windows Vista Security Guide?
Find the answer at
http://list.windowsitpro.com/t?ctl=44C1F:886699
SHARE YOUR SECURITY TIPS AND GET $100
Share your security-related tips, comments, or problems and
solutions in the Windows IT Security print newsletter's
Reader to Reader column. Email your contributions to
r2rwinitsec@windowsitpro.com. If we print your submission, you'll
get $100. We edit submissions for style, grammar, and length.
=== PRODUCTS ===================================================
by Renee Munshi, products@windowsitpro.com
New Protection for OWA Users' Attachments
Messageware announced the release of AttachView 8.0. AttachView
converts email attachments in Microsoft Outlook Web Access (OWA) into
secure Web pages so that users don't unintentionally leave them behind
in a computer's Web browser cache. Other new features are the ability
to block certain users and locations from printing attachments (so they
can't be accidentally left on a public printer) and a new design that
reduces bandwidth between Exchange Server systems, which should result
in a significant performance increase for larger corporations. For more
information, go to
http://list.windowsitpro.com/t?ctl=44C2A:886699
WANTED: your reviews of products you've tested and used in
production. Send your experiences and ratings of products to
whatshot@windowsitpro.com and get a Best Buy gift certificate.
=== RESOURCES AND EVENTS =======================================
For more security-related resources, visit
http://list.windowsitpro.com/t?ctl=44C20:886699
Find the buried treasure by uncovering the secrets to Web filtering.
Complete this quiz correctly and you could be a winner!
http://list.windowsitpro.com/t?ctl=44C1D:886699
Expert Ben Smith describes the benefits of using server virtualization
to make computers more efficient. Download the exclusive podcast today!
http://list.windowsitpro.com/t?ctl=44C10:886699
Do you have visibility and control over your software license use? Most
organizations face a number of serious challenges, including
understanding vendor licensing models, cost overruns, missed deadlines,
business opportunities, and lost user productivity. Learn to address
these challenges, and prepare for audits. Register for the free Web
seminar, available now!
http://list.windowsitpro.com/t?ctl=44C0D:886699
We're giving away a PS3--Register for any Web seminar before December
31 and you could win! Visit http://list.windowsitpro.com/t?ctl=44C27:886699
to see a full listing of on-demand Web seminars that you can register
for!
You know you need to manage your email data; how do you do it? What
steps are you taking? What additional measures should you enact? What
shouldn't you do? Get answers to these questions and get control of
your vital messaging data. Download the free eBook today!
http://list.windowsitpro.com/t?ctl=44C11:886699
Get a solid introduction to Data Protection Manager (DPM), now shipping
with Microsoft System Center. Download the full ebook today to learn
how to use DPM to augment tape-based backups.
http://list.windowsitpro.com/t?ctl=44C13:886699
=== FEATURED WHITE PAPER =======================================
Can you trust users to protect critical PC business data? One in 3
users write down their passwords--leaving data at risk, even with
encryption-only protection. True PC data protection requires
organizational control of your data. Download this free white paper
today to find out how to accomplish your PC data security goals without
inhibiting employee productivity.
http://list.windowsitpro.com/t?ctl=44C0F:886699
BONUS: Register for any white paper from Windows IT Pro in the month of
December, and be entered to win a Wii! Visit
http://list.windowsitpro.com/t?ctl=44C25:886699 for more information
and a complete white paper listing.
=== ANNOUNCEMENTS ==============================================
Holiday Offer--Save $40 off Windows IT Pro
Don't miss Windows IT Pro magazine in 2007! As a subscriber, you'll
have full access to must-have content covering Windows Vista
deployment, virtualization & disaster recovery, Active Directory
enhancements, Office 2007 launch, SharePoint fundamentals and much
more. Order now and save $40:
http://list.windowsitpro.com/t?ctl=44C16:886699
Make Your Mark on the IT Community!
Nominate yourself or a peer to become an "IT Pro of the Month." This
is your chance to get the recognition you deserve! Winners will receive
over $600 in IT resources and be featured in Windows IT Pro magazine
and the TechNet Flash email newsletter. It's easy to enter--accepting
January nominations now for a limited time! Submit your nomination
today:
http://list.windowsitpro.com/t?ctl=44C24:886699
================================================================
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and the Windows IT Security newsletter
(subscribe at the second URL below).
http://list.windowsitpro.com/t?ctl=44C22:886699
http://list.windowsitpro.com/t?ctl=44C17:886699
Subscribe to Security UPDATE at
http://list.windowsitpro.com/t?ctl=44C19:886699
Unsubscribe by clicking
http://list.windowsitpro.com/u?id=4160B336D0B60CB10F378C0CEE889B41
Be sure to add Security_UPDATE@list.windowsitpro.com
to your antispam software's list of allowed senders.
To contact us:
About Security UPDATE content -- letters@windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=44C28:886699
About your product news -- products@windowsitpro.com
About your subscription -- windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- salesopps@windowsitpro.com
View the Windows IT Pro privacy policy at
http://list.windowsitpro.com/t?ctl=44C18:886699
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2006, Penton Media, Inc. All rights reserved.