Reducing the Cost of IT Compliance: Streamlining the IT Compliance Life
Cycle
http://list.windowsitpro.com/t?ctl=3E6FA:886699
Protect Your Network - Threats Brought in By Remote Laptops
http://list.windowsitpro.com/t?ctl=3E70A:886699
Achieving Compliance: Best Practices for Outward Bound Internet Content
Protection
http://list.windowsitpro.com/t?ctl=3E6F5:886699
=== CONTENTS ===================================================
IN FOCUS: eVade-o-Matic Nearly Evades My Understanding
NEWS AND FEATURES
- IE 7.0 and Firefox 2.0 Both Have New Antiphishing Technologies
- IE 7.0 Vulnerable to Address Bar Spoofing
- Norman Data Defense Systems Introduces Automated Malware Forensics
- Recent Security Vulnerabilities
GIVE AND TAKE
- Security Matters Blog: Firefox 2.0 Badly Broken?
- FAQ: Using a Script to Check User or Group Existence
- From the Forum: Database Security Error
- Know Your IT Security Contest
- Your IT Pro Vote Counts!
PRODUCTS
- Easing Smart Card Administration
- Wanted: Your Reviews of Products
RESOURCES AND EVENTS
FEATURED WHITE PAPER
ANNOUNCEMENTS
=== SPONSOR: Scalable Software =================================
Reducing the Cost of IT Compliance: Streamlining the IT Compliance Life
Cycle
The average enterprise spends nearly $10 million annually on IT
compliance. Download this free whitepaper today to streamline the
compliance lifecycle, and dramatically reduce your company's costs!
http://list.windowsitpro.com/t?ctl=3E6FA:886699
=== IN FOCUS: eVade-o-Matic Nearly Evades My Understanding =====
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Metasploit is billed as a benevolent forensic tool to test security. In
summary, it's a toolkit that nearly anyone with a modest amount of
computer experience can use to exploit vulnerabilities to the maximum
extent. Just plug in a module, fill in some parameters, and presto,
instant exploitation.
The logo on the Metasploit home page (see URL below) paints a picture
that's the complete opposite of benevolence, in my mind anyway. The
logo contains the image of an obviously malicious intruder (who reminds
me of the Joker from the old "Batman" TV series) sitting at a keyboard
with any of a variety of "catchy" phrases emblazoned next to it. The
phrase cycles on each page reload and offers such pithiness as "Point.
Click. Root.," "The Best a Haxor Can Get," "Always hot exploits.
Always.," and "What would you like to Metasploit today?"
http://list.windowsitpro.com/t?ctl=3E70F:886699
About the only beneficial thing I can see about Metasploit is that if
it had to be developed at all, at least it's available to the public so
that white hats can use it.
Metasploit is about to take on an even more insidious tinge when the
eVade-o-Matic Module (VoMM, for short) is released. VoMM makes it
possible to completely evade signature-based security systems
(including signature-based intrusion detection systems--IDSs--and
antivirus platforms) by continually changing a piece of code. If code
morphs with each new use, an endless number of detection signatures
would be needed, which simply isn't practical. Therefore, VoMM and
similar technologies render signature-based security systems useless
for the most part.
According to information posted on the Info-Pull.com blog (see the URL
below), VoMM uses a number of techniques to morph code, including white
space randomization, string obfuscation and encoding, random comments
and comment placement, code block randomization, variable name and
function name randomization and obfuscation, and function pointer
reassignments. You can get a very detailed analysis of exactly what
VoMM does.
http://list.windowsitpro.com/t?ctl=3E6F3:886699
While these sorts of evasion techniques are by no means new to the
world of malware, what is new is the packaging of such techniques into
a tool like Metasploit, which anybody with one firing neuron can
download to immediately experience that warm and fuzzy "point, click,
root" feeling. Rest assured that VoMM will be used by just about every
"bad guy" on the planet. Why anyone would unleash this madness upon the
world nearly evades my understanding. Nearly.
=== SPONSOR: 8e6 Technologies ==================================
Protect Your Network - Threats Brought in By Remote Laptops
Learn how employee laptops indiscriminately harm company networks,
despite standard security gear, and gain valuable information on how to
protect your company against these threats - without throwing out the
laptops. Get the FREE white paper from 8e6 Technologies. Qualify Now!
http://list.windowsitpro.com/t?ctl=3E70A:886699
=== SECURITY NEWS AND FEATURES =================================
IE 7.0 and Firefox 2.0 Both Have New Antiphishing Technologies
Microsoft released the long-awaited Internet Explorer 7.0, and
Mozilla Foundation released its long-awaited Firefox 2.0. Both include
new antiphishing technology.
http://list.windowsitpro.com/t?ctl=3E6FF:886699
IE 7.0 Vulnerable to Address Bar Spoofing
Secunia reports that an anonymous person discovered that it's
possible to partially spoof the Internet Explorer (IE) 7.0 Address bar
in a pop-up window, which might lead to phishing attacks.
http://list.windowsitpro.com/t?ctl=3E701:886699
Norman Data Systems Introduces Automated Malware Forensics
Norman's new offerings bring malware analysis tools out of private
labs and into corporate networks.
http://list.windowsitpro.com/t?ctl=3E702:886699
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at
http://list.windowsitpro.com/t?ctl=3E6FD:886699
=== SPONSOR: Surf Control ======================================
Achieving Compliance: Best Practices for Outward Bound Internet Content
Protection
Achieve compliance in today's complex regulatory environment, while
managing threats to the inward- and outward-bound communications vital
to your business. Adopt a best-practices approach, such as the one
outlined in the international information security standard ISO/IEC
17799:2005. Download the whitepaper today and secure the
confidentiality, availability and integrity of your corporate
information!
http://list.windowsitpro.com/t?ctl=3E6F5:886699
=== GIVE AND TAKE ==============================================
SECURITY MATTERS BLOG: Firefox 2.0 Badly Broken?
by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=3E708:886699
I'm about to lose my patience with Firefox 2.0. It seems badly broken,
and I wonder if these symptoms are happening to anyone else. Read the
blog to learn about what I've found.
http://list.windowsitpro.com/t?ctl=3E700:886699
FAQ: Using a Script to Check User or Group Existence
by John Savill, http://list.windowsitpro.com/t?ctl=3E705:886699
Q: How can I use a script to check whether an Active Directory (AD)
user or group exists?
Find the answer at
http://list.windowsitpro.com/t?ctl=3E706:886699
FROM THE FORUM: Database Security Error
A forum participant uses SQL Server 2000 with SP4 and sees an error
in his logs that reads "Login failed for user 'RECOVER'." Does this
error have something to do with failed writes to audit files? If you
have an idea, join the discussion at:
http://list.windowsitpro.com/t?ctl=3E6F4:886699
KNOW YOUR IT SECURITY Contest
Share your security-related tips, comments, or solutions in 1000
words or less, and you could be one of 13 lucky winners of a Zune media
player. Tell us how you do patch management, share a security script,
or write about a security article you've read or a Webcast you've
viewed. Submit your entry between now and December 13. We'll select the
13 best entries, and the winners will receive a Zune media player--
plus, we'll publish the winning entries in the Windows IT Security
newsletter. Email your contributions to tipswinitsec@windowsitpro.com.
Prizes are courtesy of Microsoft Learning Paths for Security:
http://list.windowsitpro.com/t?ctl=3E703:886699
YOUR IT PRO VOTE COUNTS!
Vote for the next "IT Pro of the Month!" Take the time to reward
excellence to an IT pro who deserves it. The first 100 to cast their
vote will receive a one-year print subscription to Windows IT Pro
magazine--compliments of Microsoft. Voting only takes a few seconds, so
don't miss out. Cast your vote now:
http://list.windowsitpro.com/t?ctl=3E709:886699
=== PRODUCTS ===================================================
by Renee Munshi, products@windowsitpro.com
Easing Smart Card Administration
Gemalto announced integration of its .NET smart cards in Microsoft
Certificate Life Cycle Manager (CLM). Gemalto .NET cards run a
streamlined version of the .NET framework and provide cryptographic
capabilities and two-factor authentication. Support for Gemalto .NET
smart cards is integrated into Windows Vista or available from the
Microsoft Download Center for Windows 2000/XP/Server 2003. CLM
streamlines the provisioning, configuration, and management of digital
certificates and smart cards. Gemalto .NET smart cards for testing can
be ordered online at the first URL below, and CLM Beta 2 is available
for download at the second URL below.
http://list.windowsitpro.com/t?ctl=3E70B:886699
http://list.windowsitpro.com/t?ctl=3E70D:886699
WANTED: your reviews of products you've tested and used in
production. Send your experiences and ratings of products to
whatshot@windowsitpro.com and get a Best Buy gift certificate.
=== RESOURCES AND EVENTS =======================================
For more security-related resources, visit
http://list.windowsitpro.com/t?ctl=3E704:886699
Can disaster recovery planning create real value for your business
beyond mere survival? Justify your investments in DR planning, and get
real answers to your questions about how DR planning and implementation
affect the financial performance of your organization. Make cost-
effective decisions to positively impact your bottom line! Live event:
Tuesday, November 14
http://list.windowsitpro.com/t?ctl=3E6F8:886699
How do you manage security vulnerabilities? If you depend on
vulnerability assessments to determine the state of your IT security
systems, you won't want to miss this Web seminar. Special research from
Gartner indicates that deeper penetration is needed to augment your
existing vulnerability management processes. Learn more today!
http://list.windowsitpro.com/t?ctl=3E6F7:886699
Learn all you need to know about code-signing technology, including the
goals and benefits of code signing, how it works, and the underlying
cryptographic and security concepts and building blocks. Download this
complete eBook today--free!
http://list.windowsitpro.com/t?ctl=3E6FC:886699
Does your company have $500,000 to spend on one email discovery
request? Join us for this free Web seminar to learn how you can
implement an email archiving solution to optimize email management and
proactively take control of e-discovery--and save the IT search party
for when you really need it! On-demand Web Seminar
http://list.windowsitpro.com/t?ctl=3E6F6:886699
Total Cost of Ownership--TCO. It's every executive's favorite buzzword,
but what does it really mean and how does it affect you? In this
podcast, Ben Smith explains how your organization can use
virtualization technology to measurably improve the TCO for servers and
clients.
http://list.windowsitpro.com/t?ctl=3E6FB:886699
=== FEATURED WHITE PAPER =======================================
Is your email easily accessible, yet secure, in the event of an e-
discovery request? With the phenomenal growth in email volume and the
high cost of failing to comply with a discovery request, you can't
afford to lose any email. Download this free white paper and implement
a strong email retention and management system today!
http://list.windowsitpro.com/t?ctl=3E6F9:886699
=== ANNOUNCEMENTS ==============================================
Uncover Essential Windows Knowledge Through Excavator
Try out the ultimate vertical search tool--Windows Excavator.
Windows Excavator gives you fast, thorough third-party information
while filtering out unwanted content. Visit
http://list.windowsitpro.com/t?ctl=3E70E:886699 today!
Your Vote Counts!
Vote for the next "IT Pro of the Month!" Take the time to reward
excellence in an IT pro. The first 100 readers to cast a vote will
receive a one-year subscription to Windows IT Pro, compliments of
Microsoft. Voting takes only a few seconds, so don't miss out. Cast
your vote now:
http://list.windowsitpro.com/t?ctl=3E709:886699
================================================================
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and the Windows IT Security newsletter
(subscribe at the second URL below).
http://list.windowsitpro.com/t?ctl=3E707:886699
https://store.pentontech.com/index.cfm?s=1&promocode=eu255xsb
Subscribe to Security UPDATE at
http://list.windowsitpro.com/t?ctl=3E6FE:886699
Unsubscribe by clicking
http://list.windowsitpro.com/u?id=4160B336D0B60CB1D93704B7CD631E4D
Be sure to add Security_UPDATE@list.windowsitpro.com
to your antispam software's list of allowed senders.
To contact us:
About Security UPDATE content -- letters@windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=3E70C:886699
About your product news -- products@windowsitpro.com
About your subscription -- windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- salesopps@windowsitpro.com
View the Windows IT Pro privacy policy at
http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2006, Penton Media, Inc. All rights reserved.
No comments:
Post a Comment