News

Wednesday, April 25, 2007

The High Risk of Using Open Networks

PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:

Enterprises Rate Important IP Telephony Features

http://list.windowsitpro.com/t?ctl=53976:4160B336D0B60CB16A11AA4E3753D4C7

Best Practices for Microsoft PKI & Cert Mgt

http://list.windowsitpro.com/t?ctl=53971:4160B336D0B60CB16A11AA4E3753D4C7

esxRanger Professional: Hot Backups for VI3

http://list.windowsitpro.com/t?ctl=53975:4160B336D0B60CB16A11AA4E3753D4C7


=== CONTENTS ===================================================

IN FOCUS: The High Risk of Using Open Networks

NEWS AND FEATURES
- Microsoft Adds Live Alerts for MSRC Blog
- Yahoo! Mail Integrates PhishTank Data for Better Protection
- New Worms Turn Windows Servers into Botnet Members
- Recent Security Vulnerabilities

GIVE AND TAKE
- Security Matters Blog: Security Brief on Oracle's Latest Security
Patches
- FAQ: Pushing Out Management Packs
- Tell Us About the Products You Love!
- Share Your Security Tips

PRODUCTS
- Take Control of Endpoints

RESOURCES AND EVENTS

FEATURED WHITE PAPER

ANNOUNCEMENTS


=== SPONSOR: ShoreTel ==========================================

Enterprises Rate Important IP Telephony Features
This comprehensive guide is invaluable for those evaluating VoIP and
shows how organizations can reduce cost and improve operations to help
you to plan and implement an IP phone system. Define system components
- Identify network requirements - Learn important standards - Learn
deployment options:

http://list.windowsitpro.com/t?ctl=53976:4160B336D0B60CB16A11AA4E3753D4C7


=== IN FOCUS: The High Risk of Using Open Networks =============
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

Open networks are tempting, especially when you really need to send or
receive messages or gather some data quickly while on the road. But
don't let your guard down while using open networks (such as those at
conferences, coffee shops, or hotels), or you might fall victim to an
intruder. In fact, when using open networks, you should raise your
guard as high as you can, which might mean deciding not to use a
certain open network at all.

The decision whether to use an open network comes down to two simple
questions: Do you trust that you can get on and off the network safely;
and do you feel confident that your system is secure enough to
withstand potential zero-day exploits?

A good example of how high the risk is happened at the 2006 ShmooCon
conference. While using the conference's wireless network, a security
researcher's Mac laptop fell victim to attack. Even though the
researcher's laptop was secured as well as possible, the system was
broken into using a zero-day exploit. Unfortunately, the presenter was
not running any packet-capture tools at the time, so attempts to find
out how the break-in happened were fruitless.

Another case in point occurred only last week at the CanSecWest
conference in Vancouver, B.C., Canada. At the conference, an
interesting challenge was presented: Break into either of two MacBook
Pros running OS X and win the computer. TippingPoint (a division of
3Com) offered a $10,000 cash prize to enhance the challenge further.

Sure enough, someone broke into one of the MacBooks using a zero-day
exploit against the Safari Web browser. The winning challenger, Shane
Macaulay, worked with a friend, Dino Dai Zovi, who didn't attend the
conference. Zovi provided the exploit, and Macaulay executed it at
the conference by setting up a Mac server on the conference's wireless
network. He then had one of the conference workers enter a specific URL
into the MacBook's browser, which in turn connected to the server to
launch the exploit. That's all that was required for the MacBook to
become "owned."

The point of the latter example is that the same thing could be
accomplished by a bad guy lurking on a conference network or any other
open network. It doesn't matter what OS you use, the risks are
basically the same. Said otherwise, zero-day exploits exist for all
OSs, and it's often incredibly difficult to defend against the unknown.

If you feel you must use an open network, one way to help avoid falling
victim--to some extent anyway--is to use a virtual machine (VM)
configuration to perform whatever tasks you need to do. While a VM
might not completely protect your system, at least when you restart the
VM, its OS will come up clean, assuming of course that no one used a
zero-day exploit to compromise the VM software or OS image.

Another way to possibly protect your system is to use a bootable Live
CD, which you might know is basically a CD-ROM with a bootable OS. If
you're interested in finding a good Live CD, head over to FrozenTech
(at the URL below) where you'll find dozens that you can choose from.

http://list.windowsitpro.com/t?ctl=53972:4160B336D0B60CB16A11AA4E3753D4C7

While neither method I suggested is completely secure, at least both
methods make it much more difficult for an intruder to "own" your
computer.

As an aside, since I mentioned OS X in this column, I want to also
point out that Apple released a batch of 25 security patches last week.
So if you manage OS X systems, be sure to update them. You can learn
more about the patches at the Apple site at the URL below.

http://list.windowsitpro.com/t?ctl=53969:4160B336D0B60CB16A11AA4E3753D4C7

===

You can win $100 by voting for the products you find most useful in
Windows IT Pro's Community Choice Awards! Give us your feedback to
qualify to win one of twelve $100 Amazon.com gift certificates. Voting
is open through May 21. Winners will be announced in the August 2007
issue of Windows IT Pro. Go to

http://list.windowsitpro.com/t?ctl=5395F:4160B336D0B60CB16A11AA4E3753D4C7


=== SPONSOR: nCipher ===========================================

Best Practices for Microsoft PKI & Cert Mgt

Please join us for this complimentary Webinar
Thursday, May 10, 2007 11:00 AM EDT
Speaker: Brian Komar, President, IdentIT

Mr. Komar will provide a unique overview of the MS PKI and nCipher's
integrated solutions, which will assist you in streamlining this
process and reducing your total cost of ownership.

You will learn to:
- Design a PKI to address business needs and achieve regulatory
compliance
- Implement hardware security modules to increase private key
protection
- Apply tricks and trips for configuring your CA
- Manage certificates with ILM 2007

http://list.windowsitpro.com/t?ctl=53971:4160B336D0B60CB16A11AA4E3753D4C7


=== SECURITY NEWS AND FEATURES =================================

Microsoft Adds Live Alerts for MSRC Blog
Microsoft is conducting a beta program for its new Windows Live
Alerts service, and the company recently added Microsoft Security
Response Center (MSRC) blog entries to the list of available content.

http://list.windowsitpro.com/t?ctl=5396E:4160B336D0B60CB16A11AA4E3753D4C7

Yahoo! Mail Integrates PhishTank Data for Better Protection
PhishTank is a community project that lets people submit links to
potential phishing sites and vote on whether a site really is a
phishing scam.

http://list.windowsitpro.com/t?ctl=5396A:4160B336D0B60CB16A11AA4E3753D4C7

New Worms Turn Windows Servers into Botnet Members
Three worms circulating the Internet take advantage of a
vulnerability in the Windows DNS service to turn a system into a bot.
Microsoft and security solution providers are working to integrate
protection against the worms into their offerings.

http://list.windowsitpro.com/t?ctl=5396D:4160B336D0B60CB16A11AA4E3753D4C7

Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at

http://list.windowsitpro.com/t?ctl=53962:4160B336D0B60CB16A11AA4E3753D4C7


=== SPONSOR: Vizioncore ========================================

esxRanger Professional: Hot Backups for VI3
Still don't have a reliable disaster recovery plan in place?
Vizioncore's esxRanger Professional supports a sophisticated, yet cost
effective DR strategy for your VMware Infrastructure 3 environment.
Restoring entire virtual machine images -- or just files -- is smooth &
seamless. Visit http://list.windowsitpro.com/t?ctl=53975:4160B336D0B60CB16A11AA4E3753D4C7
for a trial download today.


=== GIVE AND TAKE ==============================================

SECURITY MATTERS BLOG: Security Brief on Oracle's Latest Security
Patches
by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=53974:4160B336D0B60CB16A11AA4E3753D4C7

Oracle released its quarterly batch of security updates. Get links to
information about several of the problems.

http://list.windowsitpro.com/t?ctl=5396B:4160B336D0B60CB16A11AA4E3753D4C7

FAQ: Pushing Out Management Packs
by John Savill, http://list.windowsitpro.com/t?ctl=53970:4160B336D0B60CB16A11AA4E3753D4C7


Q: How do I push management packs to System Center Operations Manager
agents in System Center Configuration Manager 2007?

Find the answer at

http://list.windowsitpro.com/t?ctl=5396C:4160B336D0B60CB16A11AA4E3753D4C7

TELL US ABOUT THE PRODUCTS YOU LOVE!
What products are you using that save you time or make your workload
a little lighter? What hot product discoveries have you made that other
IT pros need to know about? Let the world know about your experiences
in Windows IT Pro's monthly What's Hot department. If we publish your
story in What's Hot, we'll send you a Best Buy gift card! Send
information about your favorite product and how it has helped you to
whatshot@windowsitpro.com.

SHARE YOUR SECURITY TIPS AND GET $100
Share your security-related tips, comments, or problems and
solutions in Security Pro VIP's Reader to Reader column. Email your
contributions to r2r@securityprovip.com. If we print your submission,
you'll get $100. We edit submissions for style, grammar, and length.


=== PRODUCTS ===================================================
by Renee Munshi, products@windowsitpro.com

Take Control of Endpoints
matrix42 introduced Empirum Security Suite, which protects
workstations and laptops with a firewall, intrusion prevention system
(IPS), application and file control, removable device control, and
wireless control. Empirum Security Suite enforces a workstation's
specific policies whether the computer is on or off the network.
According to matrix42, Empirum operates at the kernel level, so after
you configure it by using the central management console, a user (even
one with administrator rights) can't disable or reconfigure it. Empirum
has behavioral technology and defends against information theft via
keylogging or spyware and other intrusion methods. For more
information, go to

http://list.windowsitpro.com/t?ctl=53979:4160B336D0B60CB16A11AA4E3753D4C7


=== RESOURCES AND EVENTS =======================================
For more security-related resources, visit

http://list.windowsitpro.com/t?ctl=5396F:4160B336D0B60CB16A11AA4E3753D4C7

Web seminar: Managing Change Risk on Critical Windows NT Infrastructure
Why choose a change-control approach to solve what is traditionally
considered a security problem? Come join us for a Web seminar on May 3
featuring Motorola CISO Bill Boni. Mr. Boni will discuss the problem of
supporting legacy NT systems at Motorola and the solution requirements,
evaluation criteria, and decision to adopt a change control approach.
He'll also describe Motorola's vision for deploying change control on
other critical systems across the company.

http://list.windowsitpro.com/t?ctl=53963:4160B336D0B60CB16A11AA4E3753D4C7


Get Ready for Exchange & Office 2007 Roadshow--free!
The successful Microsoft-partnered Get Ready for Exchange & Office
2007 Roadshow is coming to Stockholm! Three independent, respected
technical speakers--Jim McBee, Mark Arnold, and Ben Schorr--will
deliver tracks on securing, managing, and deploying Exchange and Office
2007 and using Exchange Server 2007 capabilities to improve your
messaging environment. Register today for this free day-long event.
Your delegate bag will include Microsoft Exchange Server 2007 and
Office 2007 Beta 2 Software Kits.
Venue: Berns Hotel, Stockholm
Date: Monday, 14 May 2007

http://list.windowsitpro.com/t?ctl=53968:4160B336D0B60CB16A11AA4E3753D4C7

Did you know that 75 percent of corporate intellectual property resides
in email? The challenges facing this vital business application range
from spam to the costly impact of downtime and the need for effective,
centralized email storage systems. Join us for a free Web seminar and
learn the key features of a holistic approach to email security,
availability, and control. Download this on-demand seminar now!

http://list.windowsitpro.com/t?ctl=53960:4160B336D0B60CB16A11AA4E3753D4C7


=== FEATURED WHITE PAPER =======================================

ESG's independent testing lab verified substantial gains in
utilization, availability, and database manageability with the use of a
unique approach to virtualization, as presented by Polyserve. Find out
more about this powerful platform for your SQL Server deployments, and
you can save your department up to 70 percent of TCO and streamline
management.

http://list.windowsitpro.com/t?ctl=53961:4160B336D0B60CB16A11AA4E3753D4C7


=== ANNOUNCEMENTS ==============================================

Introducing a Unique Security Resource
Security Pro VIP is an online information center that delivers new
articles every week on topics such as perimeter security,
authentication, and system patches. Subscribers also receive tips,
cautionary advice, direct access to our editors, and a host of other
benefits! Order now at an exclusive charter rate and save up to $50!

http://list.windowsitpro.com/t?ctl=53965:4160B336D0B60CB16A11AA4E3753D4C7

Introducing a Unique Exchange and Outlook Resource
Exchange & Outlook Pro VIP is an online information center that
delivers new articles every week on topics such as administration,
migration, security, and performance. Subscribers also receive tips,
cautionary advice, direct access to our editors, and a host of other
benefits! Order now at an exclusive charter rate and save up to $50!

http://list.windowsitpro.com/t?ctl=53964:4160B336D0B60CB16A11AA4E3753D4C7


================================================================

Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and Security Pro VIP (second URL
below).

http://list.windowsitpro.com/t?ctl=53973:4160B336D0B60CB16A11AA4E3753D4C7

http://list.windowsitpro.com/t?ctl=53978:4160B336D0B60CB16A11AA4E3753D4C7

Subscribe to Security UPDATE at

http://list.windowsitpro.com/t?ctl=53967:4160B336D0B60CB16A11AA4E3753D4C7

Unsubscribe by clicking

http://list.windowsitpro.com/u?id=4160B336D0B60CB16A11AA4E3753D4C7

Be sure to add Security_UPDATE@list.windowsitpro.com
to your antispam software's list of allowed senders.

To contact us:
About Security UPDATE content -- letters@windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=53977:4160B336D0B60CB16A11AA4E3753D4C7

About your product news -- products@windowsitpro.com
About your subscription -- windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- salesopps@windowsitpro.com

View the Windows IT Pro privacy policy at

http://list.windowsitpro.com/t?ctl=53966:4160B336D0B60CB16A11AA4E3753D4C7

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2007, Penton Media, Inc. All rights reserved.

No comments:

Blog Archive