Improving Backup & Recovery RPO RTO in a SAN
http://list.windowsitpro.com/t?ctl=6DE6D:4160B336D0B60CB1C77B2B1A9B51E4DE
Problems removing Admin Rights? Best practices
http://list.windowsitpro.com/t?ctl=6DE71:4160B336D0B60CB1C77B2B1A9B51E4DE
Comparing Email Management Systems that Protect Against Spam, Viruses,
Malware, & Phishing Attacks
http://list.windowsitpro.com/t?ctl=6DE73:4160B336D0B60CB1C77B2B1A9B51E4DE
=== CONTENTS ===================================================
IN FOCUS: Spammers Adopt New Tactics
NEWS AND FEATURES
- Manhattan DA Indicts 17 People and 1 Company for Cybercrimes
- Symantec Buys Enhanced Data Protection
- Macrovision Updates Faulty DRM Driver
- Recent Security Vulnerabilities
GIVE AND TAKE
- Security Matters Blog: Malicious Spammers and Politics
- FAQ: Can Distributed File System Replication Handle Permissions?
- From the Forum: USB Device Auditing Tools
- Share Your Security Tips
PRODUCTS
- Password Recovery for Office 2007
- Product Evaluations from the Real World
RESOURCES AND EVENTS
FEATURED WHITE PAPER
ANNOUNCEMENTS
=== SPONSOR: EqualLogic ========================================
Improving Backup & Recovery RPO RTO in a SAN
More and more companies are deploying storage area networks or SANs
as storage needs continue to proliferate. SANs offer many unique
capabilities that improve data protection, storage performance and
scaling, and reduction in storage management time. This web seminar
reviews best practices in deploying SQL Server in an intelligent iSCSI
SAN, and shows how this provides dramatic improvements in deploying,
optimizing, backing up, and recovering SQL.
http://list.windowsitpro.com/t?ctl=6DE6D:4160B336D0B60CB1C77B2B1A9B51E4DE
=== IN FOCUS: Spammers Adopt New Tactics =======================
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Got spam? Of course you do. For the life of me, I cannot understand the
minds of spammers. They're simply not mentally healthy individuals, as
evidenced by their escalating intrusions into our inboxes and Web
browsers.
So how bad is the problem now? According to statistics published by
Distributed Checksum Clearinghouse (at the URL below), the volume of
spam has nearly doubled since November 2006 and has at least tripled
since November 2005. I'm sure other entities that track such statistics
have data that indicates the same trend.
http://list.windowsitpro.com/t?ctl=6DE77:4160B336D0B60CB1C77B2B1A9B51E4DE
Recently, spammers have taken on new tactics to bypass various spam
filters used by Web sites and for email processing. A recent item on
Symantec's Security Response blog says that spammers are using Google
to redirect people to spammer Web sites. When I first heard the report,
it seemed surprising that Google could be taken advantage of by
spammers. But there's a simple explanation of how it can happen.
Due to certain parameters that can be passed as part of a URL, spammers
can mask the URL of a spam or malware Web site in an email message
(rendering URL blacklists useless!). The technique involves first
crafting a Google query that returns only the single page that spammers
hope someone will visit. The spammer then adds a variable to the end of
the Google query URL that causes Google to instantly redirect the
browser to the spammmer's Web page.
Fortunately, you can create a custom filter to catch the trick,
assuming of course that your spam filter system allows you to write
custom rules. Simply look for "google.com" and "&btnl=" in any URL
string. You can read more about the trick and the block at the URL
below.
http://list.windowsitpro.com/t?ctl=6DE6A:4160B336D0B60CB1C77B2B1A9B51E4DE
A recent item on McAfee's Avert Labs blog (at the URL below) tells how
Web spammers are using a distributed method of solving CAPTCHAs--those
images with numbers and letters that you have to read and then type
into a form field before submitting the form.
http://list.windowsitpro.com/t?ctl=6DE6C:4160B336D0B60CB1C77B2B1A9B51E4DE
In a nutshell, spammers are now capturing legitimate Web sites' CAPTCHA
images in real time and inserting them into their own Web pages that
offer some type of enticing free content. Visitors that want to gain
access to that free content must enter the CAPTCHA solution. What they
don't know is that the CAPTCHA came from another site. When the visitor
enters the solution, the spammer sends the solution to the originating
site thereby getting past the CAPTCHA spam filter.
Fortunately there's a way to defeat this type of spamming too: Don't
use images for CAPTCHAs. Instead, use a lengthy set of text-based
questions and answers, and randomize the HTML that wraps the questions
so that they can't be easily parsed by spammers' code.
On a semi-related note, if you're using DNS blacklists, you might be
interested in an entry I read at Al Iverson's DNSBL Resource blog.
Iverson set up a spam trap to determine which DNS blacklists are most
accurate. Based on his tests so far, Spamcop and Spamhaus operate the
best blacklists. Neither site mistakenly tagged any legitimate email as
spam. On the other hand, Iverson found that SORBS tagged about 10
percent of his legitimate email as spam. I'll add to Iverson's findings
that, based on my experience, SORBS blacklists entire class C networks
due to the violations of a few servers within those networks. You can
read Iverson's article at the URL below, wherein you'll find a link to
his statistics, which will give you a good idea of which blacklists to
consider using.
http://list.windowsitpro.com/t?ctl=6DE6E:4160B336D0B60CB1C77B2B1A9B51E4DE
=== SPONSOR: BeyondTrust =======================================
Problems removing Admin Rights? Best practices
Removing Admin Rights and applying the principle of least privilege
will decrease security breaches by malicious users and malware, and
reduce IT costs. However certain users require elevated rights in order
to run required applications, ActiveX controls and more.
Read this white paper to discover best practices for removing admin
rights.
http://list.windowsitpro.com/t?ctl=6DE71:4160B336D0B60CB1C77B2B1A9B51E4DE
=== SECURITY NEWS AND FEATURES =================================
Manhattan DA Indicts 17 People and 1 Company for Cybercrimes
The Manhattan District Attorney's office announced that it indicted
17 people and one corporation for trafficking in approximately 95,000
stolen credit card numbers, along with stealing identities and
committing various other forms of cybercrime.
http://list.windowsitpro.com/t?ctl=6DE7C:4160B336D0B60CB1C77B2B1A9B51E4DE
Symantec Buys Enhanced Data Protection
Symantec announced that it will acquire Vontu and add its products
to Symantec's existing security and storage products.
http://list.windowsitpro.com/t?ctl=6DE7B:4160B336D0B60CB1C77B2B1A9B51E4DE
Macrovision Updates Faulty DRM Driver
Macrovision released an updated driver that fixes a serious problem
with the company's Digital Rights Management technology. The
vulnerability, which affects Windows XP and Windows Server 2003
systems, could allow a local user to gain elevated privileges.
http://list.windowsitpro.com/t?ctl=6DE7D:4160B336D0B60CB1C77B2B1A9B51E4DE
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at
http://list.windowsitpro.com/t?ctl=6DE72:4160B336D0B60CB1C77B2B1A9B51E4DE
=== SPONSOR: Sunbelt Software ==================================
Comparing Email Management Systems that Protect Against Spam, Viruses,
Malware, & Phishing Attacks
As a system administrator, you're tasked with researching email
security tools to find out which one will work best for your company.
Sunbelt Software engaged Osterman Research to survey enterprises that
are using five of the leading email management systems that protect
against spam, viruses, malware and phishing attacks. Read this white
paper for the results of this survey and learn what email security
product takes 50% less time to manage and has a lower cost per user. A
must-read for any administrator researching email security tools for
Microsoft Exchange.
http://list.windowsitpro.com/t?ctl=6DE73:4160B336D0B60CB1C77B2B1A9B51E4DE
=== GIVE AND TAKE ==============================================
SECURITY MATTERS BLOG: Malicious Spammers and Politics
by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=6DE83:4160B336D0B60CB1C77B2B1A9B51E4DE
A recent spam campaign in support of presidential candidate Ron Paul
is actually intended to hurt rather than help his standing. Find out
how in this blog entry.
http://list.windowsitpro.com/t?ctl=6DE7E:4160B336D0B60CB1C77B2B1A9B51E4DE
FAQ: Can Distributed File System Replication Handle Permissions?
by John Savill, http://list.windowsitpro.com/t?ctl=6DE81:4160B336D0B60CB1C77B2B1A9B51E4DE
Q: Does Distributed File System Replication (DFSR) replicate NTFS
permissions?
Find the answer at
http://list.windowsitpro.com/t?ctl=6DE7F:4160B336D0B60CB1C77B2B1A9B51E4DE
FROM THE FORUM: USB Device Auditing Tools
A forum participant wonders whether anyone knows of any tools to
audit USB device access on a remote computer. He specifically needs to
audit what files have been copied or transferred to a USB drive.
http://list.windowsitpro.com/t?ctl=6DE6B:4160B336D0B60CB1C77B2B1A9B51E4DE
SHARE YOUR SECURITY TIPS AND GET $100
Share your security-related tips, comments, or problems and
solutions in Security Pro VIP's Reader to Reader column. Email your
contributions to r2r@securityprovip.com. If we print your submission,
you'll get $100. We edit submissions for style, grammar, and length.
=== PRODUCTS ===================================================
by Renee Munshi, products@windowsitpro.com
Password Recovery for Office 2007
ElcomSoft released Advanced Office Password Recovery (AOPR) 4.0,
which recovers passwords for all components of Microsoft Office, now
including Office 2007. AOPR first does a quick pass for easy-to-crack
passwords. Then, to decipher more complex passwords, AOPR 4.0 does
another pass that combines dictionary and brute-force attacks with
ElcomSoft's proprietary decryption algorithms. AOPR 4.0 is specially
designed to deal with Office 2007, which always uses strong AES
encryption. The Professional version of AOPR 4.0 runs on Windows
2000/XP/Vista and costs $199. For more information, go to
http://list.windowsitpro.com/t?ctl=6DE86:4160B336D0B60CB1C77B2B1A9B51E4DE
PRODUCT EVALUATIONS FROM THE REAL WORLD
Share your product experience with your peers. Have you discovered a
great product that saves you time and money? Do you use something you
wouldn't wish on anyone? Tell the world! If we publish your opinion,
we'll send you a Best Buy gift card! Send information about a product
you use and whether it helps or hinders you to
whatshot@windowsitpro.com.
=== RESOURCES AND EVENTS =======================================
For more security-related resources, visit
http://list.windowsitpro.com/t?ctl=6DE80:4160B336D0B60CB1C77B2B1A9B51E4DE
Does your business operate in multiple locations? Do stretched IT
resources short-change data protection for your remote sites? Keeping
data at remote office sites backed up and secure is a critical
component of business success. In this podcast, David Chernicoff
discusses the problems surrounding data backup to remote sites and
offers ideas and suggestions for successful remote backups. Register
now to get the knowledge you need to protect all your business data.
http://list.windowsitpro.com/t?ctl=6DE6F:4160B336D0B60CB1C77B2B1A9B51E4DE
Learn how to protect and secure your data in the event of a disaster.
It's impossible to anticipate every disaster your organization might
encounter, but you can be prepared with a solid response for when one
strikes. Disaster can strike anywhere, so make sure you're ready when
it does.
http://list.windowsitpro.com/t?ctl=6DE74:4160B336D0B60CB1C77B2B1A9B51E4DE
Create an environment for sustaining compliance.
Compliance is not a single-point-in-time project--mandates, systems,
and businesses change and evolve. This free essential guide discusses
compliance solutions that can reduce costs while improving compliance
and realizing business value from compliance efforts. Find a solution
that improves your security posture, ensures that you're complying with
multiple mandates, and generates reports that demonstrate your
compliance.
http://list.windowsitpro.com/t?ctl=6DE70:4160B336D0B60CB1C77B2B1A9B51E4DE
=== FEATURED WHITE PAPER =======================================
What email management system is the most effective and easily managed
and has virtually no downtime? Osterman Research surveyed organizations
that use one of the five leading email management systems to determine
which one was the best at managing antispam, antivirus, attachment
filtering, and antiphishing systems. Download this white paper to get
the results.
http://list.windowsitpro.com/t?ctl=6DE75:4160B336D0B60CB1C77B2B1A9B51E4DE
=== ANNOUNCEMENTS ==============================================
Discover the New SQL Server Magazine
Don't miss the relaunched SQL Server Magazine! Besides a new look,
we have even more coverage of administration and performance,
development and Web apps, BI and Reporting Services, and SQL Server
fundamentals. Subscribe now and save 58% off the cover price.
http://list.windowsitpro.com/t?ctl=6DE76:4160B336D0B60CB1C77B2B1A9B51E4DE
Packed with thousands of articles, bonus content, and loads of expert
advice, the Windows IT Pro Master CD is like having your very own team
of professional SQL Server consultants in your pocket. Get real-world
solutions lightning-fast--order the Windows IT Pro Master CD today.
Includes a one-year subscription to all online content at
WindowsITPro.com!
http://list.windowsitpro.com/t?ctl=6DE7A:4160B336D0B60CB1C77B2B1A9B51E4DE
================================================================
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and Security Pro VIP (second URL
below).
http://list.windowsitpro.com/t?ctl=6DE82:4160B336D0B60CB1C77B2B1A9B51E4DE
http://list.windowsitpro.com/t?ctl=6DE85:4160B336D0B60CB1C77B2B1A9B51E4DE
Subscribe to Security UPDATE at
http://list.windowsitpro.com/t?ctl=6DE79:4160B336D0B60CB1C77B2B1A9B51E4DE
Unsubscribe by clicking
http://list.windowsitpro.com/u?id=4160B336D0B60CB1C77B2B1A9B51E4DE
Be sure to add Security_UPDATE@list.windowsitpro.com
to your antispam software's list of allowed senders.
To contact us:
About Security UPDATE content -- letters@windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=6DE84:4160B336D0B60CB1C77B2B1A9B51E4DE
About your product news -- products@windowsitpro.com
About your subscription -- windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- salesopps@windowsitpro.com
View the Windows IT Pro privacy policy at
http://list.windowsitpro.com/t?ctl=6DE78:4160B336D0B60CB1C77B2B1A9B51E4DE
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2007, Penton Media, Inc. All rights reserved.
No comments:
Post a Comment