Hosted Security: A solution for small and medium-sized businesses
http://list.windowsitpro.com/t?ctl=6320C:4160B336D0B60CB14262C369C6592AE7
ALERT: "How a Hacker Launches a SQL Injection Attack!" White Paper
http://list.windowsitpro.com/t?ctl=63211:4160B336D0B60CB14262C369C6592AE7
Tell little, trust less & thwart hacker attacks.
http://list.windowsitpro.com/t?ctl=6321F:4160B336D0B60CB14262C369C6592AE7
=== CONTENTS ===================================================
IN FOCUS: 4 More Tools for Your Toolkit
NEWS AND FEATURES
- Ubuntu Team Servers Suffer Intrusion
- GFI to Expand MailArchiver Capabilities
- Recent Security Vulnerabilities
GIVE AND TAKE
- Security Matters Blog: Intel Invests in VMware; Security on a Chip
- FAQ: Exploring Windows Processes
- From the Forum: Vulnerability Scanners
- Share Your Security Tips
PRODUCTS
- Gateway Appliance Does Multiple Security Tasks
- Product Evaluations from the Real World
RESOURCES AND EVENTS
FEATURED WHITE PAPER
ANNOUNCEMENTS
=== SPONSOR: St. Bernard Software ==============================
Hosted Security: A solution for small and medium-sized businesses
Is effective security out of reach for your small or medium-sized
business? Imagine having a team of IT experts who only focus on
security as part of your staff. Download this white paper today and
find out how you can eliminate your company's security risks.
http://list.windowsitpro.com/t?ctl=6320C:4160B336D0B60CB14262C369C6592AE7
=== IN FOCUS: 4 More Tools for Your Toolkit =============
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Last week, I learned about four security tools that I hadn't come
across previously. The tools, available for free from MANDIANT and
Immunity, each make a worthwhile new addition to your security toolkit.
The first tool, Web Historian, developed by MANDIANT (formerly Red
Cliff Consulting), analyzes Web browsing history files from major
browsers including Microsoft Internet Explorer, Mozilla Firefox,
Netscape Navigator, Opera, and Apple Safari. You might already have
such a tool that analyzes browser history files (there are a few
available); however this is the only tool I know of that can analyze
the history files of such a wide range of browsers.
The second tool, First Response, also from MANDIANT, is an incident-
handling tool. The software includes an agent that can be loaded on
Windows 2000, Windows XP, and Windows Server 2003 systems to collect
information from a variety of sources, such as the registry, event
logs, file systems, and active processes. The tool uses a centralized
console to collect information from its agents, analyze the data, build
reports, and coordinate incident-response activity. In addition to
working over a network, the tool can collect information directly from
a local system that you have physical access to.
The third tool is MANDIANT's Red Curtain. It's a new malware analysis
tool that can inspect executables (including DLLs) to look for signs
that the code might be dangerous. Information gathered by the tool
includes signatures from development tools (commonly inserted by
compilers and packagers), packaging type information, whether the code
includes randomization, and more. The data is used to provide a
possible threat level score. Depending on the overall score, you might
decide to take a closer look at the file or quarantine it and move on
to other tasks.
All three of MANDIANT's tools are available at
http://list.windowsitpro.com/t?ctl=63220:4160B336D0B60CB14262C369C6592AE7
Red Curtain leads me to the fourth tool, Immunity Debugger. If you
happen to find a suspicious executable and want to take a deeper look
at what it does, then a debugger can be an essential tool.
Numerous debuggers are available today; however, unlike many other
debuggers, a key feature of Immunity Debugger is that it's written
specifically for security researchers. The tool includes both a GUI and
a command line interface and supports Python scripting. A lot of the
functionality of the debugger revolves around the Python subsystem,
which lets you extend the debugger to conduct a variety of activities
and lets you design custom routines that display data, accept user
input, and more. Several sample scripts come with the tool to get you
started. Another great feature of the tool is that it can latch onto a
process via its filename, window name, process identifier (PID),
process name, services, or TCP or UDP port. Overall, it's a powerful
tool.
You can learn more about Immunity Debugger and download a copy at the
URL below.
http://list.windowsitpro.com/t?ctl=6321B:4160B336D0B60CB14262C369C6592AE7
=== SPONSOR: SPI Dynamics ======================================
ALERT: "How a Hacker Launches a SQL Injection Attack!" White Paper
It's as simple as placing additional SQL commands into a Web Form
input box giving hackers complete access to all your backend systems!
Firewalls and IDS will not stop such attacks because SQL Injections are
NOT seen as intruders. Download this *FREE* white paper from SPI
Dynamics for a complete guide to protection!
http://list.windowsitpro.com/t?ctl=63211:4160B336D0B60CB14262C369C6592AE7
=== SECURITY NEWS AND FEATURES =================================
Ubuntu Team Servers Suffer Intrusion
Some of the regional servers used by Ubuntu advocate teams were
compromised and made to launch attacks against other systems. As a
result, five of the servers were taken offline while steps were taken
to secure them.
http://list.windowsitpro.com/t?ctl=6320D:4160B336D0B60CB14262C369C6592AE7
GFI to Expand MailArchiver Capabilities
GFI announced that it will acquire the technology assets of
XEmplifyIT, an email management company. The acquisition will allow GFI
to further empower its MailArchiver solution while at the same time
removing a competitor from the marketplace.
http://list.windowsitpro.com/t?ctl=6320E:4160B336D0B60CB14262C369C6592AE7
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at
http://list.windowsitpro.com/t?ctl=63212:4160B336D0B60CB14262C369C6592AE7
=== SPONSOR: Port80 Software ===================================
Tell little, trust less & thwart hacker attacks.
Over 70% of network attacks are Web-based. Reinforce your Microsoft
IIS Web servers with low-cost, high impact Port80 tools for Web site
anti-reconnaissance, redirecting problematic traffic, anti-image
leeching and to defend your .NET/PHP/CFM/JSP code easily. Get free
trial downloads & IIS security tips now!
http://list.windowsitpro.com/t?ctl=6321F:4160B336D0B60CB14262C369C6592AE7
=== GIVE AND TAKE ==============================================
SECURITY MATTERS BLOG: Intel Invests in VMware; Security on a Chip
by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=6321E:4160B336D0B60CB14262C369C6592AE7
Intel must see a bright future in VMware. The company recently anted a
cool $219 million investment for roughly 10 million shares of VMware
stock! In other partnering news, Intel and Symantec are reportedly
working to develop "security on a chip." Read the blog to get the
details.
http://list.windowsitpro.com/t?ctl=6320F:4160B336D0B60CB14262C369C6592AE7
FAQ: Exploring Windows Processes
by John Savill, http://list.windowsitpro.com/t?ctl=6321A:4160B336D0B60CB14262C369C6592AE7
Q: What is the Process Explorer utility?
Find the answer at
http://list.windowsitpro.com/t?ctl=63218:4160B336D0B60CB14262C369C6592AE7
FROM THE FORUM: Vulnerability Scanners
A forum participant is wondering which scanners other people have
used and what their experiences have been with these products. Join the
discussion at
http://list.windowsitpro.com/t?ctl=6320A:4160B336D0B60CB14262C369C6592AE7
SHARE YOUR SECURITY TIPS AND GET $100
Share your security-related tips, comments, or problems and
solutions in Security Pro VIP's Reader to Reader column. Email your
contributions to r2r@securityprovip.com. If we print your submission,
you'll get $100. We edit submissions for style, grammar, and length.
=== PRODUCTS ===================================================
by Renee Munshi, products@windowsitpro.com
Gateway Appliance Does Multiple Security Tasks
ContentWatch added three Internet gateway security appliances to its
ContentProtect Security Appliance family. The new plug-and-play
appliances combine content filtering, bandwidth management, IM and
peer-to-peer control, antivirus, and antispyware capabilities in one
box. The ContentProtect Security Appliance comes in three models: The
CP 100 can host up to 200 users, the CP 300 hosts 1,000, and the CP 350
hosts more than 5,000.
http://list.windowsitpro.com/t?ctl=63223:4160B336D0B60CB14262C369C6592AE7
PRODUCT EVALUATIONS FROM THE REAL WORLD
Share your product experience with your peers. Have you discovered a
great product that saves you time and money? Do you use something you
wouldn't wish on anyone? Tell the world! If we publish your opinion,
we'll send you a Best Buy gift card! Send information about a product
you use and whether it helps or hinders you to
whatshot@windowsitpro.com.
=== RESOURCES AND EVENTS =======================================
For more security-related resources, visit
http://list.windowsitpro.com/t?ctl=63219:4160B336D0B60CB14262C369C6592AE7
Microsoft TechEd IT Forum
TechEd IT Forum is Microsoft's premier European conference designed
to provide IT professionals with technical training, information, and
community resources to build, plan, deploy, and manage the secure
connected enterprise.
http://list.windowsitpro.com/t?ctl=6321C:4160B336D0B60CB14262C369C6592AE7
Online Backup as a Service
IT has never been short on buzz. The problem is that for each
innovation that's buzz worthy, there are two that are forgotten within
months. "Software as a Service" (SaaS), including online backup as a
service, is currently generating a lot of buzz. In this podcast, you'll
find out why storage as a software service is definitely worthy of the
buzz.
http://list.windowsitpro.com/t?ctl=63210:4160B336D0B60CB14262C369C6592AE7
Get the facts about Microsoft Unified Communications, including
Exchange Server 2007 and Office Communications Server 2007 during this
free virtual event on Sept. 19, 2007. Independent Exchange experts will
present practical, real-world information about deploying, managing,
and securing Exchange Server 2007 and Office Communications Server
2007.
http://list.windowsitpro.com/t?ctl=63215:4160B336D0B60CB14262C369C6592AE7
=== FEATURED WHITE PAPER =======================================
Increase customer confidence with the latest breakthrough in online
security: Extended Validation SSL. Extended Validation triggers a green
address bar in Microsoft Internet Explorer 7.0 that proves site
identity. Learn how to get the green bar and higher sales by reading
the technical white paper "Maximizing Site Visitor Trust Using Extended
Validation SSL."
http://list.windowsitpro.com/t?ctl=6320B:4160B336D0B60CB14262C369C6592AE7
=== ANNOUNCEMENTS ==============================================
Search Thousands of SQL Articles Online and on CD
A SQL Server Magazine Master CD subscription buys you portable,
lightning-fast access to the entire SQL Server article database on CD,
plus exclusive, up-to-the-minute access to the new articles we publish
on SQLMag.com every day. Order your subscription now!
http://list.windowsitpro.com/t?ctl=63214:4160B336D0B60CB14262C369C6592AE7
Save 1/2 Off Security Pro VIP
Security Pro VIP is an online resource that delivers new articles
every week to help you defend your network. Subscribers also receive
tips, cautionary advice, direct access to our editors for technical
Q&As, and a host of other benefits! Order now, and save up to 50
percent!
http://list.windowsitpro.com/t?ctl=63213:4160B336D0B60CB14262C369C6592AE7
================================================================
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and Security Pro VIP (second URL
below).
http://list.windowsitpro.com/t?ctl=6321D:4160B336D0B60CB14262C369C6592AE7
http://list.windowsitpro.com/t?ctl=63222:4160B336D0B60CB14262C369C6592AE7
Subscribe to Security UPDATE at
http://list.windowsitpro.com/t?ctl=63217:4160B336D0B60CB14262C369C6592AE7
Unsubscribe by clicking
http://list.windowsitpro.com/u?id=4160B336D0B60CB14262C369C6592AE7
Be sure to add Security_UPDATE@list.windowsitpro.com
to your antispam software's list of allowed senders.
To contact us:
About Security UPDATE content -- letters@windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=63221:4160B336D0B60CB14262C369C6592AE7
About your product news -- products@windowsitpro.com
About your subscription -- windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- salesopps@windowsitpro.com
View the Windows IT Pro privacy policy at
http://list.windowsitpro.com/t?ctl=63216:4160B336D0B60CB14262C369C6592AE7
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2007, Penton Media, Inc. All rights reserved.
No comments:
Post a Comment