News

Wednesday, December 27, 2006

So Long ORDB; So Long 2006

PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:

Comparing Approaches for Desktop Software Lockdown

http://list.windowsitpro.com/t?ctl=44C12:886699

Defending Against Inappropriate Content, Spyware, IM, and P2P at the
Perimeter

http://list.windowsitpro.com/t?ctl=44C0E:886699

Understanding and Leveraging Code Signing Technologies

http://list.windowsitpro.com/t?ctl=44C15:886699


=== CONTENTS ===================================================

IN FOCUS: So Long ORDB; So Long 2006

NEWS AND FEATURES
- ElcomSoft's Proactive Password Auditor Now Supports DEP, Vista,
and More
- Websense to Begin Offering Information Leak Prevention
- Train to Be a Certified Ethical Hacker
- Recent Security Vulnerabilities

GIVE AND TAKE
- Security Matters Blog: Stupid Security Tricks?
- FAQ: Windows Vista Security Guide
- Share Your Security Tips

PRODUCTS
- New Protection for OWA Users' Attachments
- Wanted: Your Reviews of Products

RESOURCES AND EVENTS

FEATURED WHITE PAPER

ANNOUNCEMENTS


=== SPONSOR: Bit9 ==============================================

Comparing Approaches for Desktop Software Lockdown
Prevent installation and execution of unauthorized software on the
computers on your network. Download this free whitepaper today for a
comparison of different techniques for detecting and preventing
unauthorized code. Protect against the emerging risks today!

http://list.windowsitpro.com/t?ctl=44C12:886699


=== IN FOCUS: So Long ORDB; So Long 2006 =======================
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

Remember the days, years ago, when we could use just about any mail
server we wanted to send legitimate email? That ability was especially
helpful in certain instances, particularly when our regular mail server
went down or we found ourselves unable to reach our regular mail server
while traveling. The ability for anyone to use a given mail server of
course meant that the server was an open relay, and the days of open
relays are nearly gone, thanks to spammers.

Spammers' abuse of open relays quickly led to a new "best practice" of
administrators no longer leaving their mail servers wide open for use
by anyone (for the most part anyway). At the same time, people formed
groups that began tracking open relays with the intent of providing
lists of those servers to others who wanted to use them to help detect
potential spam.

One such group, Open Relay Database (ORDB), has been a long-standing
resource for administrators in their efforts to eliminate spam. But
alas, last week ORDB announced that it's shutting down.

The nonprofit organization--founded 5 1/2 years ago--provided a
valuable service to the Internet community by making its database
available via several methods, including simple and fast DNS queries.

When ORDB went live in 2001, private individuals and network
administrators at companies of all sizes around the world began to use
it as one of several methods of gauging whether a message might be
spam. The logic of using ORDB was simply that if a message passed
through an open relay, then it was likely spam because spammers abuse
open relays.

Community support for the integration of ORDB was significant.
Integration methods were made available for many popular mail servers
including Postfix, Sendmail, qmail, Exim, Lotus Domino, and Microsoft
Exchange Server. But although integration support was strong, the
operators of ORBD say that they think the usefulness of ORDB has
reached its end.

A message posted on the organization's Web site said that "the general
consensus within the team is that open relay [blacklists] are no longer
the most effective way of preventing spam from entering your network as
spammers have changed tactics in recent years, as have the anti-spam
community."

http://list.windowsitpro.com/t?ctl=44C29:886699

The ORDB mailing lists and the organization's DNS servers--the latter
of which provided the means to check whether a mail server was an open
relay--were shut down December 18. The ORDB team said that the Web site
itself will be taken down as of December 31.

So long, ORDB, and thanks for all your hard work.

While ORDB blacklisted only open relays, other blacklist services
continue to provide open relay databases and more. Such services can be
used to check for a variety of other conditions about a given email
message. For example, many blacklist operators now think that running a
mail server on a dynamic IP address is taboo, so some provide databases
of dynamic IP addresses in use around the world. The logic behind
blacklisting mail servers that use dynamic IP addresses is that bots
routinely turn the computers of dial-up users into prolific senders of
spam, building behemoth mail server networks for spammers.

Other types of data offered by blacklist providers can include lists of
open proxies, Web sites that host vulnerable mailer scripts, servers
and networks that are known to be used to send spam, hijacked networks
used to send spam, and more.

Quite some time ago, I wrote about the spam problem and mentioned a
useful report that shows which blacklists are most effective for Jeff
Makey. You can view his frequently updated report at the URL below.
Many of the blacklists in Makey's report have proven effective in my
own tests, and I think you'll find some of them effective for you too.

http://list.windowsitpro.com/t?ctl=44C26:886699

This is the last edition of Security Update for 2006. We've come a long
way since the newsletter began in late 1998. We've published more than
400 editions, brought you well over a thousand security-related news
stories, pointed you to several hundred feature articles by various
authors, and fielded countless email messages from you, our readers. We
look forward to bringing you even more in the year ahead. And with that
said, I wish you all a happy new year.


=== SPONSOR: St. Bernard Software ==============================

Defending Against Inappropriate Content, Spyware, IM, and P2P at the
Perimeter
Examine the threats of allowing unwanted or offensive content into
your network and learn about the technologies and methodologies to
defend against inappropriate content, spyware, IM, and P2P.

http://list.windowsitpro.com/t?ctl=44C0E:886699


=== SECURITY NEWS AND FEATURES =================================

ElcomSoft's Proactive Password Auditor Now Supports DEP, Vista, and
More
ElcomSoft released Proactive Password Auditor 1.7. The new version
works on systems that use Data Execution Prevention (DEP) and also
supports Windows Vista platforms. Other improvements in the new version
include a "Rainbow Attack" mode for NT LAN Manager (NTLM) and LM
authentication and full Unicode compliance.

http://list.windowsitpro.com/t?ctl=44C1B:886699

Websense to Begin Offering Information Leak Prevention
Websense is set to add information leak prevention technology to its
offerings with the acquisition of PortAuthority Technologies. Websense
said it will pay approximately $90 million in cash to acquire the
company.

http://list.windowsitpro.com/t?ctl=44C1A:886699

Train to Be a Certified Ethical Hacker
New Horizons launched its new Certified Ethical Hacker Program,
which aims to certify individuals in ethical hacking from a vendor-
neutral perspective.

http://list.windowsitpro.com/t?ctl=44C1C:886699

Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at

http://list.windowsitpro.com/t?ctl=44C14:886699


=== SPONSOR: Thawte ============================================

Understanding and Leveraging Code Signing Technologies
Learn all you need to know about code signing technology, including
the goals and benefits of code signing, how code signing works and the
underlying cryptographic and security concepts and building blocks.

http://list.windowsitpro.com/t?ctl=44C15:886699


=== GIVE AND TAKE ==============================================

SECURITY MATTERS BLOG: Stupid Security Tricks?
by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=44C23:886699

I'm not sure whether this new trend is stupendous or just plain stupid.
You be the judge when you read about it in this blog article.

http://list.windowsitpro.com/t?ctl=44C1E:886699

FAQ: Windows Vista Security Guide
by John Savill, http://list.windowsitpro.com/t?ctl=44C21:886699


Q: What is the Windows Vista Security Guide?

Find the answer at

http://list.windowsitpro.com/t?ctl=44C1F:886699

SHARE YOUR SECURITY TIPS AND GET $100
Share your security-related tips, comments, or problems and
solutions in the Windows IT Security print newsletter's
Reader to Reader column. Email your contributions to
r2rwinitsec@windowsitpro.com. If we print your submission, you'll
get $100. We edit submissions for style, grammar, and length.


=== PRODUCTS ===================================================
by Renee Munshi, products@windowsitpro.com

New Protection for OWA Users' Attachments
Messageware announced the release of AttachView 8.0. AttachView
converts email attachments in Microsoft Outlook Web Access (OWA) into
secure Web pages so that users don't unintentionally leave them behind
in a computer's Web browser cache. Other new features are the ability
to block certain users and locations from printing attachments (so they
can't be accidentally left on a public printer) and a new design that
reduces bandwidth between Exchange Server systems, which should result
in a significant performance increase for larger corporations. For more
information, go to

http://list.windowsitpro.com/t?ctl=44C2A:886699

WANTED: your reviews of products you've tested and used in
production. Send your experiences and ratings of products to
whatshot@windowsitpro.com and get a Best Buy gift certificate.


=== RESOURCES AND EVENTS =======================================
For more security-related resources, visit

http://list.windowsitpro.com/t?ctl=44C20:886699

Find the buried treasure by uncovering the secrets to Web filtering.
Complete this quiz correctly and you could be a winner!

http://list.windowsitpro.com/t?ctl=44C1D:886699

Expert Ben Smith describes the benefits of using server virtualization
to make computers more efficient. Download the exclusive podcast today!

http://list.windowsitpro.com/t?ctl=44C10:886699

Do you have visibility and control over your software license use? Most
organizations face a number of serious challenges, including
understanding vendor licensing models, cost overruns, missed deadlines,
business opportunities, and lost user productivity. Learn to address
these challenges, and prepare for audits. Register for the free Web
seminar, available now!

http://list.windowsitpro.com/t?ctl=44C0D:886699


We're giving away a PS3--Register for any Web seminar before December
31 and you could win! Visit http://list.windowsitpro.com/t?ctl=44C27:886699

to see a full listing of on-demand Web seminars that you can register
for!

You know you need to manage your email data; how do you do it? What
steps are you taking? What additional measures should you enact? What
shouldn't you do? Get answers to these questions and get control of
your vital messaging data. Download the free eBook today!

http://list.windowsitpro.com/t?ctl=44C11:886699

Get a solid introduction to Data Protection Manager (DPM), now shipping
with Microsoft System Center. Download the full ebook today to learn
how to use DPM to augment tape-based backups.

http://list.windowsitpro.com/t?ctl=44C13:886699


=== FEATURED WHITE PAPER =======================================

Can you trust users to protect critical PC business data? One in 3
users write down their passwords--leaving data at risk, even with
encryption-only protection. True PC data protection requires
organizational control of your data. Download this free white paper
today to find out how to accomplish your PC data security goals without
inhibiting employee productivity.

http://list.windowsitpro.com/t?ctl=44C0F:886699


BONUS: Register for any white paper from Windows IT Pro in the month of
December, and be entered to win a Wii! Visit

http://list.windowsitpro.com/t?ctl=44C25:886699 for more information
and a complete white paper listing.


=== ANNOUNCEMENTS ==============================================

Holiday Offer--Save $40 off Windows IT Pro
Don't miss Windows IT Pro magazine in 2007! As a subscriber, you'll
have full access to must-have content covering Windows Vista
deployment, virtualization & disaster recovery, Active Directory
enhancements, Office 2007 launch, SharePoint fundamentals and much
more. Order now and save $40:

http://list.windowsitpro.com/t?ctl=44C16:886699

Make Your Mark on the IT Community!
Nominate yourself or a peer to become an "IT Pro of the Month." This
is your chance to get the recognition you deserve! Winners will receive
over $600 in IT resources and be featured in Windows IT Pro magazine
and the TechNet Flash email newsletter. It's easy to enter--accepting
January nominations now for a limited time! Submit your nomination
today:

http://list.windowsitpro.com/t?ctl=44C24:886699


================================================================

Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and the Windows IT Security newsletter
(subscribe at the second URL below).

http://list.windowsitpro.com/t?ctl=44C22:886699

http://list.windowsitpro.com/t?ctl=44C17:886699

Subscribe to Security UPDATE at

http://list.windowsitpro.com/t?ctl=44C19:886699

Unsubscribe by clicking

http://list.windowsitpro.com/u?id=4160B336D0B60CB10F378C0CEE889B41

Be sure to add Security_UPDATE@list.windowsitpro.com
to your antispam software's list of allowed senders.

To contact us:
About Security UPDATE content -- letters@windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=44C28:886699

About your product news -- products@windowsitpro.com
About your subscription -- windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- salesopps@windowsitpro.com

View the Windows IT Pro privacy policy at

http://list.windowsitpro.com/t?ctl=44C18:886699

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2006, Penton Media, Inc. All rights reserved.

YOU ARE TO CONTACT MR. PATRICK DONKOR FOR THE CLAIM OF YOUR PRIZE FUND.

YOU ARE TO CONTACT MR. PATRICK DONKOR FOR THE CLAIM OF YOUR PRIZE FUND.
FROM:  THE PROMOTION CO-ORDINATOR OF STAATS LOTERIJ 
STAATS LOTERIJ PROMOTION CO-ORDINATOR  
 GOVERNMENT ACCREDITED LICENSED!!!
 INTERNATIONAL LOTTERY PROMOTION PROGRAM
 IS REGISTERED UNDER THE NETHERLANDS GAMING CONTROL LOTTERY 
 BOARD PROTECTION ACT OF;
 (Registration Z720633X).
       www.staatsloterij.nl         
 
                                        
Dear beneficiary,
We happily notify you of the draw of the Email Lottery Ballot - World Gaming Board Sweepstakes program held on Saturday - the 22nd of December, 2006 at our Lottery office complex in Den Haag.
 
Your email address attached to our Lottery payment order, had the following details:(i) Ticket Nr.: DZS-NED 338-691-BBT/2006; (ii) Lucky Nrs.: 11, 18, 25, 43, 56, 77, 89; (iii) Reference Nr.: MST/18436/DZS-NED;(iv) Batch Nr.:KNED-LOTT 5196 72X5G; which consequently won you this lottery in the 1st category. You have therefore been approved to claim a total sum of One Million Euro only, in cash, credited to your File Reference number as quoted above. This is from a total cash prize of Fifty Million Euro only, shared amongst the fifty winners in this category.
 
A total of 500,000 email addresses were entered for the Email Lottery Ballot - World Gaming Board Sweepstakes International. All email addresses entered for the game were submitted by our partners; International email service providers from over 140 countries that are listed, online and were thereafter randomly selected systematically through our Electronic Random Selection System (ERSS).
 
Microsoft Corporation, to encourage some individuals with websites and email addresses promoted this lottery which takes place at this time, of every three years.

The payment authority of your prize - One Million Euro only - already paid and insured in your name with our Paying bank will be issued to effect immediate / swift transfer in the mode you will prefer and nominate, upon satisfactory report on your identity verification and validation recommendation by our Claims Department. Email addresses registered with false names are not eligible to claiming this prize.

We are proud to inform you that, over 200 million Euros are won annually in more than 140 countries worldwide, as a result of our promotional programmes.

Due to the mixup of certain names, you are advised to keep your winning information confidential until your claim has been processed and your money paid to you. All winnings must be claimed not later than th of 15th of Jan, 2007. After this date, all unclaimed funds will be withdrawn.

To file for your claim, please contact our Claims Department:
 
FOREIGN TRANSFER MANAGER
MR. PATRICK DONKOR.
STAATS LOTERIJ CLAIMS DEPARTMENT.
Tel: +31-204-000-498.
Tel: +31-649-304-875.
Fax: +31-847-300-690.
Fax: + 31-847-251-895.
Email: staatlotclaim@aim.com
 
for your identity verification, while quoting: (i). Your full name(s) and Nationality;(ii). Reference Number and (iii). Batch Number:
 
Congratulations once more.

Faithfully yours,

Mrs. Rosemary Van Ken,
Lottery Coordinator. 
Online coordinator for STAATS LOTERIJ Sweepstakes International Lottery Promotion Program
 
    BELOW ARE THE SPONSORS OF THIS PROGRAM  
Executives:
Dr. P. Swier (CEO), Mr. Patrick Donkor (Manager Foreign Operations), Mr. Franklyn Van Der Weijden (Manager Domestic Banking Operations), Dr. James Williams (Director International Credit Department), Barr. Blenheim Mark (Legal Representative), Mrs. Lyudmyla Marchukova(Regional Manager), Mr. Stephen Boer (Chairman), Mr. Chris Moritz  (International Relation Officer).
  

CONTACT THE PAYING BANK

East-West Australia Lottery,
9701 Alexander Mall, Adelaide,
East-West Australia.
(EAST-West Australia Lottery is an affiliate of MCI Networks).
Santon Square, Complex 21, Netherlands.
 
From: Ms. VERA KALIHOFF.
e-mail : 
(Lottery Coordinator)
 
Sir/Madam,
 
CONGRATULATIONS!!!
 
We are pleased to inform you of the result of the East-West Australia Lottery (international program) held on the 27th December. 2006. Your e-mail address attached to ticket #: 34090322816 with prize # 43568000/12 drew €1,000,000.00 which was first in the 1st Category of the draws. You have been approved to receive €1,000,000.00 (One Million Euros).Because of claims mix-up and the limited time claims pay-outs, we will advice that you keep your winning information confidential until your prize (€1,000,000.00) has been remitted to you by our accredited paying bank. You must adhere to this instructions strictly to avoid loss of your cash prize – this program has been abused severally, so we are doing all we can to forestall further abuse by way of wrong claims. It's important to note that this draws were conducted formally under the watchful eyes of over 45,000 audiences. Winners are selected through an internet ballot system from 160,000 personal and
corporate e-mail addresses. The program sponsored/supported by MCI Networks in conjunction with South-West Australia lottery. Congratulate you once again. We hope you will use part cash prize to participate in our  next mega draws of €85million. Remember, all winning must be claimed not later than 10-days after you receive this notification. Failure to claim your cash prize after this date will result in prize forfeiture.  Please, in order to avoid unnecessary delays and complications remember to quote personal and winning numbers in correspondence with paying bank.
 Please contact the paying bank with your information for the immediate remittance of your funds.
Kindly send them the following:
(i). your names,
(ii) Contact telephone and fax numbers
(iii) Contact Address
(iv) Your winning numbers
(v) Quote amount won.
 
Contact the paying bank with the following:
Bank's Name: SNS BANK NV.
Contact person: Mr Jim Benson
SNS Bank, Amsterdam, Netherlands.
E-mail: custservices78@aim.com
Tel: (+31-626-413-226
Fax: (+31847-235-420.
 
Congratulations once again.
Yours in service,
Ms. VERA KALIHOFF
Lottery Coordinator.

Kaspersky Lab - General News: Analytical portal ConsumerSearch recognizes KasperskyR Anti-Virus 6.0 as 'Best antivirus software'

Kaspersky Lab - General News. Wednesday, December 27, 2006
******************************************************************

1. Analytical portal ConsumerSearch recognizes KasperskyR Anti-Virus 6.0 as 'Best antivirus software'
2. How to subscribe/unsubscribe
3. Security Rules

****

1. Analytical portal ConsumerSearch recognizes KasperskyR Anti-Virus 6.0 as 'Best antivirus software'

The well-known portal ConsumerSearch, which specializes in analyzing
reviews and tests, and provides objective information about products in
a variety of consumer goods categories from SUVs to copiers, has
released its summary review of the leading desktop antivirus products.

For its unique combination of superb effectiveness, reliability,
stability and a functional yet intuitive user interface, editors of
ConsumerSearch have designated Kaspersky Anti-Virus 6.0 'Best
antivirus software'.

According to the portal's experts, Kaspersky Anti-Virus 6.0 is
more effective than all other antivirus software developers, including
such popular products as Norton AntiVirus 2007 and McAfee VirusScan Plus
2007. ConsumerSearch reviewers also stated that Kaspersky Anti-Virus 6.0
demonstrates a higher performance than competitor products while
requiring significantly fewer system resources, resulting in higher
overall PC performance.

Furthermore, ConsumerSearch experts asserted that the Kaspersky Lab
product is better at detecting new threats and offers better
compatibility with software produced by different vendors than other
leading computer security products. In the review, the authors noted
that the Kaspersky Lab antivirus product frequently receives favorable
reviews from the world's leading experts on combating
cyberthreats.

A complete version of the antivirus product review can be found on the
ConsumerSearch portal at
http://www.consumersearch.com/www/software/antivirus-software/review.html
(http://www.consumersearch.com/www/software/antivirus-software/review.html).

**
1. Write to us at: webmaster@kaspersky.com


2. How to subscribe/unsubscribe

If you would like to subscribe to other Kaspersky Labs news blocks or
to unsubscribe from this news block, you can do so by visiting
http://www.kaspersky.com/subscribenow.html

3. Security Rules

Please note that Kaspersky Labs news messages are sent only in plain text format and never under any circumstances do they include file attachments. If you receive an email not meeting these strict guidelines, please do not open it under any circumstances. Instead, forward it to Kaspersky Labs technical support (support@kaspersky.com) so its contents can be examined.

If you experience any problems with this procedure, please contact us at:
webmaster@kaspersky.com

****

Best regards,

Kaspersky Labs

-----
10/1 1st Volokolamsky Proezd,
123060, Moscow,
Russia
tel/fax: +7 (495) 797 87 00
http://www.kaspersky.com
ftp://ftp.kaspersky.com
webmaster@kaspersky.com

Kaspersky Lab - General News: Kaspersky Lab releases its latest antivirus solution for Microsoft ISA Server

Kaspersky Lab - General News. Wednesday, December 27, 2006
******************************************************************

1. Kaspersky Lab releases its latest antivirus solution for Microsoft ISA Server
2. How to subscribe/unsubscribe
3. Security Rules

****

1. Kaspersky Lab releases its latest antivirus solution for Microsoft ISA Server

Kaspersky Lab, a leading developer of secure content management
solutions, presents a new version of its product that protects corporate
networks from viruses - KasperskyR Anti-Virus 5.6 for
Microsoft ISA Server 2004/2006 Standard Edition.

Kaspersky Anti-Virus for Microsoft ISA Server 2004/2006 Standard Edition
provides antivirus protection for all files transferred using the HTTP
and FTP protocols via Microsoft Internet Security and Acceleration
Server. The product acts as a filter that intercepts packets transferred
via the HTTP and FTP protocols, isolating controlled objects from this
data and analyzing them for the presence of viruses. The program
attempts to treat any infected objects, and blocks the object, if
necessary. This prevents any further transmission of the code,
completely blocking the penetration of infected HTTP and FTP objects
through Microsoft ISA Server.

Kaspersky Anti-Virus for Microsoft ISA Server 2004/2006 Standard Edition
comprises a wide range of functions. One of the most important features
of the solution is flexible configuration of virus scanning parameters.
Other features include monitoring of system operation statistics and
diagnostics with administrator-defined levels of detail.

System administrators can reduce server load by compiling lists of
trusted servers and lists of object types to be excluded from scanning
for different user groups.

The performance of the antivirus system has been greatly enhanced by
using a configurable mechanism for scanning queued objects in parallel.

Kaspersky Anti-Virus for Microsoft ISA Server 2004/2006 Standard Edition
is managed via the convenient and simple interface for the Microsoft
Management Console, which provides system administrators with full
control over the product's operation.

**
1. Write to us at: webmaster@kaspersky.com


2. How to subscribe/unsubscribe

If you would like to subscribe to other Kaspersky Labs news blocks or
to unsubscribe from this news block, you can do so by visiting
http://www.kaspersky.com/subscribenow.html

3. Security Rules

Please note that Kaspersky Labs news messages are sent only in plain text format and never under any circumstances do they include file attachments. If you receive an email not meeting these strict guidelines, please do not open it under any circumstances. Instead, forward it to Kaspersky Labs technical support (support@kaspersky.com) so its contents can be examined.

If you experience any problems with this procedure, please contact us at:
webmaster@kaspersky.com

****

Best regards,

Kaspersky Labs

-----
10/1 1st Volokolamsky Proezd,
123060, Moscow,
Russia
tel/fax: +7 (495) 797 87 00
http://www.kaspersky.com
ftp://ftp.kaspersky.com
webmaster@kaspersky.com

Friday, December 22, 2006

Inside Windows IT Security UPDATE

=== WHAT'S IN THE JANUARY 2007 ISSUE OF WINDOWS IT SECURITY ===

SUMMARY: Step-by-Step Network Access Control
Build a quarantine system for Windows XP SP2 VPN clients; learn
about a MOM version scaled and priced for SMBs; benefit from Synergy,
which lets you control multiple computers with one keyboard and mouse.

The following articles are free and open to registered users on the
Web:

COVER STORY:

Hands-On NAQC, by Orin Thomas
Here's a hands-on tutorial for implementing NAQC for XP VPN clients,
using strictly Microsoft-based tools so that you don't have to go out
and seek third-party products.

http://list.windowsitpro.com/t?ctl=4496A:886699

ACCESS DENIED, by Randy Franklin Smith:

Replacing a Buggy Microsoft Security Update
Every now and then, Microsoft releases a problematic security
update. You don't have to uninstall the buggy update before installing
its replacement.

http://list.windowsitpro.com/t?ctl=44969:886699

Querying DCs for Last Logon Date and Time
Use the free DumpSec tool or the MMC Active Directory Users and
Computers snap-in to find when a user last logged on.

http://list.windowsitpro.com/t?ctl=4496B:886699

Checking Audit Logs for Tampering
Four specific situations indicate that your audit logs might have
been altered.

http://list.windowsitpro.com/t?ctl=44966:886699

Restricting Administrator Access for Security Purposes
Not letting your users run as adminstrators doesn't make you as safe
as you think.

http://list.windowsitpro.com/t?ctl=44968:886699

===
Windows IT Pro offers expert advice every month on everything from
security to SharePoint to Vista. Get the latest on all the topics that
will help you do your job without any hiccups. Subscribe now and
receive a free gift with your paid order:

http://list.windowsitpro.com/t?ctl=4496D:886699
===

TOOLBOX, by Jeff Fellinge:

Synergy
This free tool lets you operate multiple computers and monitors from
a single keyboard and mouse--important when you want the speed,
compatibility, or redundancy provided by running various platforms on
physically separate computers.

http://list.windowsitpro.com/t?ctl=44967:886699

The remaining January 2007 content is available online only to Windows
IT Security newsletter subscribers. For a complete list of the articles
in this issue, click here:

http://list.windowsitpro.com/t?ctl=44963:886699


=== ANNOUNCEMENTS ==========================================

Sure, you know you've got compliance mechanisms in place. But do you
have ways to easily and efficiently prove that your mechanisms are
working? Join us for this free seminar to learn how you can demonstrate
regulatory compliance for multiple regulations with fewer headaches.
You'll also find out what "evidence" means to the auditor so you can
make sure you're collecting all the information you need!

http://list.windowsitpro.com/t?ctl=44960:886699

Maximize your investment in your VoIP network by using all of its
capabilities. Learn to integrate Fax for IP to reduce the TCO and
increase ROI for your investment. On-Demand Web Seminar:

http://list.windowsitpro.com/t?ctl=4495F:886699

Discover a wealth of information about how to protect and secure your
data in the event of a disaster. You may not be able to predict the
exact details of a disaster, but you can be prepared with a solid
response when one strikes. Disaster can strike anywhere--not just where
severe weather hits--so make sure you're ready when it does. Download
your free copy of this eBook today!

http://list.windowsitpro.com/t?ctl=44965:886699

Information is the "I" in "IT." Do you know where your information is?
Is it protected? Backed-up? Download this free podcast today to find
out the top 5 reasons you should be considering storage consolidation.

http://list.windowsitpro.com/t?ctl=44962:886699

Got information? Good! Now, can you use it? Get up to speed on database
design and hierarchy, including columns and datatypes, creating
databases, and using the Query Editor. Download your free copy today!

http://list.windowsitpro.com/t?ctl=44964:886699

=== FEATURED WHITE PAPER ===================================

The average enterprise spends nearly $10 million annually on IT
compliance. Download this free white paper today to learn how to
streamline the compliance lifecycle and dramatically reduce your
company's costs!

http://list.windowsitpro.com/t?ctl=44961:886699

Bonus: Register for any white paper from Windows IT Pro during December
and you could win a Nintendo Wii! View the full white paper listing at

http://list.windowsitpro.com/t?ctl=44972:886699 --and remember, the more you
download, the better your chances of winning.

=== ANNOUNCEMENTS ==============================================

Make Your Mark on the IT Community!
Nominate yourself or a peer to become an "IT Pro of the Month." This
is your chance to get the recognition you deserve! Winners will receive
over $600 in IT resources and be featured in Windows IT Pro magazine
and the TechNet Flash email newsletter. It's easy to enter--accepting
January nominations now for a limited time! Submit your nomination
today:

http://list.windowsitpro.com/t?ctl=44971:886699

================================================================

Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page and the Windows IT Security newsletter--

http://list.windowsitpro.com/t?ctl=44970:886699

Subscribe to Windows IT Pro

http://list.windowsitpro.com/t?ctl=4496C:886699

Subscribe to Security UPDATE at

http://list.windowsitpro.com/t?ctl=4496F:886699

Unsubscribe by clicking

http://list.windowsitpro.com/u?id=4160B336D0B60CB19D7ECBAE07B8B5A3

Be sure to add Security_UPDATE@list.windowsitpro.com
to your antispam software's list of allowed senders.

To contact us:
About Security UPDATE content -- letters@windowsitpro.com
About technical questions --

http://list.windowsitpro.com/t?ctl=44973:886699

About your product news -- products@windowsitpro.com
About your subscription -- windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- salesopps@windowsitpro.com

View the Windows IT Pro privacy policy at

http://list.windowsitpro.com/t?ctl=4496E:886699

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2006, Penton Media, Inc. All rights reserved.

Thursday, December 21, 2006

Open-source leader leaving Novell for Google : CNET NEWS.COM

CNET
News.com
December 21, 2006

Note: News.com's Dispatch will not be published Friday through January 1 due to Christmas and New Year's. Happy holidays!

Top headlines
Open-source leader leaving Novell for Google
Samba co-founder Jeremy Allison says he objects to Novell's patent pact with Microsoft, heads to search giant.
Thu Dec 21 13:03:00 PST 2006 | Read full story

EarthLink rolls out more citywide Wi-Fi
Internet service provider has announced that it has turned on citywide Wi-Fi in Milpitas, Calif., and New Orleans.
Thu Dec 21 13:05:00 PST 2006 | Read full story

Virginia is for longer data retention
Task force led by commonwealth's attorney general says ISPs should aid police by keeping e-mails, customer information.
Thu Dec 21 10:39:00 PST 2006 | Read full story

Year in review: Privacy and surveillance
In 2006, some politicians wanted to push for more privacy and others wanted more surveillance. Neither side won.
Thu Dec 21 10:00:00 PST 2006 | Read full story


Video of the day
Does iPod generation face hearing loss?
Listening constantly to MP3 players can be more hazardous than one may think.

Commentary
Virtual magnate talks China, censorship
Ailin Graef, aka Anshe Chung, may be Second Life's best-known resident. Here's part two of CNET News.com's interview with the in-world mogul. Read Full Story

News.com Extra
Literacy and text messaging
Also: Practice may not make perfect after all Read it now...
Toshiba's SED TV a no-show at electronics show
Long-awaited surface conduction electron emitter display TV won't be shown at CES, and that will set tongues wagging.
Thu Dec 21 10:59:00 PST 2006 | Read full story

Microsoft seeks patent covering Web feed readers
Just before announcing support for Web syndication format RSS, Redmond filed a pair of U.S. patent applications.
Thu Dec 21 13:52:00 PST 2006 | Read full story


Top 5 list: Most popular stories


Related Newsletters
CNET Shopper.com Clearance Center Newsletter
(Delivered Thursdays.)

Save money by buying refurbished and overstocked hardware and electronics. Don't miss out on this opportunity to save!



Latest news by section
Media 2.0
Digital Life
Cutting Edge
Business Tech
Access
Threats



Sign up for more free newsletters from CNET!

To manage your account settings or to remove yourself from all CNET communications, please visit our Subscription Center.

The e-mail address for your subscription is boy.blogger@gmail.com

Unsubscribe from this e-mail | FAQ | Advertise | Privacy Policy
Copyright 2006 CNET Networks, Inc. All rights reserved.
CNET Networks, Inc.
235 Second Street
San Francisco, CA 94105
U.S.A.

I decided to /donate the sum of $15,000,000.00( fifteen million dollars) to you

I decided to /donate the sum of $15,000,000.00( fifteen million dollars) to you for the good work of the lord, and also to help the motherless and less privilege and also for the assistance of the widows according to (JAMES 1:27).
My name is MRS Diana Filicia Bryant .I am a dying woman who have decided to
donate what I have to you in order to use it for the benificial of our nation and the rest of our citizenry.
i am a native of Russian Federation but my husband is from London .I was diagnosed for cancer about 2 years
ago, immediately after the death of my husband, Who had left me everything he worked for.

I have been touched By God to donate from what I have inherited from my late Husband to you for the good work of God
Please pray that the good Lord forgive me my sins. I have asked God To forgive me and I believe he has because He is a merciful God.I will be going in for an operation tomorrow morning. At the moment I cannot take any telephone calls right now

due to the way life is, because i dont have relatives are around me. and my health status. is pain fu i dont have children I have adjusted my WILL and my Executor is aware I have changed my will; you and he will arrange for the change of ownership of the funds as it is presently deposited in barclays bank, and lodged. the box in a coded Security company whose name is Ron basically on security and confidential purposes and would only be released to (you).

I wish you all the best and may the good Lord bless you abundantly, and Please use the funds well and always extend the good work to others. Contact my Executor sirbrown jeremy , with this specified email; sirbrown@myway.com with your full names contact telephone/fax number and your full address and tell him that I have WILLED ($15,000,000.00) to you and I have also notified him that I am WILLING that amount to you for a specific and good work. I know I don't know you but I have been directed to do this. Thanks and God bless.

NB: I will appreciate your utmost confidentiality in this matter until the task is accomplished as I don't want anything that will Jeopardize my last wish. Pls keep the faith My Prayer for you.Father, I ask You to bless my friends, relatives and
those I care deeply for, You Who are reading this right now. Show him/her a new
revelation of Your love and power. Holy Spirit, I ask You to minister to their spirit at this very moment. Where there is pain, give them Your peace and mercy. Where there is self-doubt, release a renewed confidence through Your grace. Where there is need,I ask you to fulfill their needs. Bless their homes, families, finances, their goings and their comings. In Jesus' precious name.
Amen.
Regards,

YOUR EMAIL RESPONSE SHOULD BE DIRECTED TO sirbrown jeremy, PROCESSING OFFICER Email: sirbrown@myway.com

FILICIA.





Maria Fenado

THE DESK OF THE MANAGING DIRECTOR INTERNATIONAL
PROMOTIONS/PRIZE AWARD DEPARTMENT
CALLE COLONE-28080 MADRID-SPAIN

AWARD NOTIFICATION/ FINAL NOTICE.

We are delighted to notify you of the result of the
Berma international programs held on 18 Dec,2006.
Your email address were attached to one of the ten
Winning Ticket numbers (4565-333-59-870).You have
therefore been approved fora lump sum pay outof 250,000.00
(Two Hundred FiftyThousand Euro)in cash credited to file
reference no EPSL /5868990XGTY-06
CONGRATULATIONS!!!

All participants were selected through a computer
Ballot system from our sponsor databases, including
Over 5,000 companies and 20,000 individual E-mail
Addresses and names submitted by our agents drawn
from Asia, Africa, Europe, North And South America,
Oceania and around the world. To file for your urgent
claim, please contact our affiliate agent.

CELIKEY INSURANCE COMPANY
Mr CARLOS CANCAN
TELL:0034-692-967-211
Email: fedincoy@netscape.net

It is part of our security protocol to avoid double
claiming and to minimize identification difficulties
advise you to keep this information confidential until
your claim is processed successfully and to avoid
Unwarranted abuse of this program by some participants
NOTE: All prize must be claimed before the 30 of Dec.
After this date,allfunds will be returned to the
MINISTERIO DE ECONOMIA Y HACIENDA as unclaimed Fund
In Order to avoid unnecessary delays and complications
Remember to quote your ticket,batch and ref numbers
in all correspondence. Furthermore, should there be
any change of address do inform our agents as soon as
possible.
Anybody under the age of 18 is automatically disqualified.

Yours sincerely,
Mis Maria Fenado
For Claims Officer
The Lotto Company, Spain

A force for change at Yahoo : CNET NEWS.COM

CNET
News.com
December 21, 2006

Note: News.com's Dispatch will not be published Friday through January 1 due to Christmas and New Year's. Happy holidays!

Top headlines
A force for change at Yahoo
CFO Susan Decker will take on a key advertising role next year as the suddenly wobbly company looks to get back on firm ground.
Thu Dec 21 04:00:00 PST 2006 | Read full story

Microsoft shares draft of Vista security hooks
Interfaces are meant to help security software makers create products that work with kernel protection features in Windows Vista.
Wed Dec 20 16:15:00 PST 2006 | Read full story

Year in review: Microsoft goes 'Live,' pushes Vista
The long slog to Windows Vista neared the finish line, and the company had to begin contemplating life without Bill Gates.
Thu Dec 21 04:00:00 PST 2006 | Read full story

IBM slows down light signals in chips
What's the best way for light to travel from point A to point B? The long way, says Big Blue.
Image: Optical signals delayed
Wed Dec 20 22:00:00 PST 2006 | Read full story


Video of the day
Does iPod generation face hearing loss?
Listening constantly to MP3 players can be more hazardous than one may think.

Commentary
Virtual magnate talks China, censorship
newsmaker Ailin Graef, aka Anshe Chung, may be Second Life's best-known resident. Here's part two of CNET News.com's interview with the in-world mogul. Read Full Story

News.com Extra
Japan's top robots of 2006
Also: Getting Howard Stern off NPR Read it now...
New York: Will pay for bacteria
Empire State has kicked in nearly $15 million to help build new ethanol plant that lets microbes do the dirty work.
Wed Dec 20 17:57:00 PST 2006 | Read full story

Sony has far to go in rootkit case
Label settled with two states but still must negotiate with others for secretly loading antipiracy software onto computers.
Wed Dec 20 15:16:00 PST 2006 | Read full story


Top 5 list: Most popular stories


Related Newsletters
CNET Shopper.com Weekly Newsletter
(Delivered Mondays.)

CNET Shopper.com brings you the hottest products, the best prices, and the latest gear. Stay on top of it all with this newsletter delivered to you weekly.



Latest news by section
Media 2.0
Digital Life
Cutting Edge
Business Tech
Access
Threats



Sign up for more free newsletters from CNET!

To manage your account settings or to remove yourself from all CNET communications, please visit our Subscription Center.

The e-mail address for your subscription is boy.blogger@gmail.com

Unsubscribe from this e-mail | FAQ | Advertise | Privacy Policy
Copyright 2006 CNET Networks, Inc. All rights reserved.
CNET Networks, Inc.
235 Second Street
San Francisco, CA 94105
U.S.A.

ubuntu-security-announce Digest, Vol 27, Issue 9

This summary is not available. Please click here to view the post.

Blog Archive