A Penton Media Property
February 6, 2008
If you want to view this on the web go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160764-0-0-0-1-2-207
----------------------------------------
ADVERTISEMENT
Double-Take Software
Enhancing SQL Reporting Services with Double-Take
Many Uses for Real-Time Replication with SQL Reporting - Because the
type of information stored in SQL databases is critical to the continued
success of a company, this makes real-time replication of critical data
and automated failover for application availability an imperative
process. These same real-time replication capabilities can also be used
in other ways. Many IT organizations use them to reduce or even
eliminate the impact of scheduled and ad-hoc reporting on their
production databases when using Microsoft SQL Reporting Services. This
white paper discusses strategies and issues for Microsoft SQL Reporting
Services.
http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160765-0-0-0-1-2-207
----------------------------------------
IN FOCUS
--Is ClamAV Vulnerable to a Corporate Attack?
Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Software vulnerabilities caused by faulty code pop up every day, and
most of them are fixed in a reasonably quick fashion. But there's
another type of software vulnerability that's going unpatched. That
vulnerability has to do with intellectual property and patent claims.
As you might know, Microsoft claimed that various open-source software
packages, such as Linux and OpenOffice.org, violate as many as 235 of
the company's patents. You can read more about Microsoft's claims at
http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160766-0-0-0-1-2-207
(http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160767-0-0-0-1-2-207.
To date, none of Microsoft's claims have been backed up by evidence, so
some Linux vendors think it's all a bunch of smoke and mirrors designed
to frighten people away from using Linux.
Recently, Trend Micro has gone after Barracuda Networks -- an avid
supporter of open-source projects -- because it includes the open-source
ClamAV (www.clamwin.com/ (http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160768-0-0-0-1-2-207) in its security
appliances. In case, you've been living in a cave for the last five
years, ClamAV is a hugely popular antimalware solution. More than one
million people download its signature updates each day, if that gives
you any idea as to how widespread its use has become. Many of those
downloads come from a plethora of Windows users running a ported version
of ClamAV.
Trend Micro's argument is that ClamAV violates at least one of Trend
Micro's patents that centers on scanning for viruses at a gateway.
Because Barracuda Networks uses ClamAV, Trend Micro decided to file a
lawsuit against the company. Trend Micro hasn't openly stated why it
didn't go after the developers of ClamAV directly, but it doesn't take a
rocket scientist to figure out that because ClamAV is a free,
open-source product, there's no money to be gained by suing the
developers of ClamAV. Suing Barracuda Networks could kill two birds with
one stone: Trend Micro might collect a ton of cash in a settlement, and
the payment of a big settlement could, hypothetically, put Barracuda
Networks out of business, thereby eliminating one of Trend Micro's
competitors.
Interestingly enough, Sourcefire acquired ClamAV in December of 2007.
Sourcefire is the company behind the hugely popular Snort Intrusion
Detection and Prevention system. Why Trend Micro hasn't confronted
Sourcefire regarding ClamAV is yet another mystery. Trend Micro's legal
approach might have something to do with the terms of the General Public
License (GPL).
Mysteries aside, Barracuda Networks isn't waiting for the other shoe to
drop. The company is going after Trend Micro's patent claims and hopes
to have the patent negated. To do so, Barracuda Networks will need
evidence of a prior work that existed before Trend Micro filed for its
patent. Right now, it seems that Barracuda Networks is looking to get
its hands on a copy of MIMESweeper 1.0 because the company thinks that
the software could possibly represent a prior work.
I'm no legal expert, so I have no idea which company's argument is
stronger. If you're interesting in a pretty good amount of information
about the battle, read Groklaw's article at
www.groklaw.net/article.php?story=20080125135544713
(http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160769-0-0-0-1-2-207, which
explains some of the finer points of the battle. But before you do that,
head over to Barracuda Networks' Web site and read its summary of the
allegations, which offers some good background information, at
www.barracudanetworks.com/ns/legal/
(http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160770-0-0-0-1-2-207.
----------------------------------------
ADVERTISEMENT
BeyondTrust
Problems removing Admin Rights? Best practices
Removing Admin Rights and applying the principle of least privilege
will decrease security breaches by malicious users and malware, and
reduce IT costs. However certain users require elevated rights in order
to run required applications, ActiveX controls and more.
Read this white paper to discover best practices for removing admin
rights.
http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160771-0-0-0-1-2-207
----------------------------------------
SECURITY NEWS AND FEATURES
--2 Ways to Prevent Rogue Devices from Stealing Your Data
This comparison of two endpoint-security products, written by Eric B.
Rux, will give you a good idea of this increasingly important market and
help you take back control of all your vulnerable entry points.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160772-0-0-0-1-2-207
--Fortify Offers to Help Secure Electronic Voting Machines
Fortify Software said that it will offer a free copy of its Static Code
Analysis software to every Secretary of State in the United States to
help locate vulnerabilities in electronic voting system code.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160773-0-0-0-1-2-207
--PayPal Wins Bid for Fraud Sciences
eBay's PayPal company announced that it intends to acquire Fraud
Sciences, the maker of antifraud technologies.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160774-0-0-0-1-2-207
--Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security Alerts,
which inform you about recently discovered security vulnerabilities. You
can also find information about these
discoveries at
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160775-0-0-0-1-2-207
GIVE AND TAKE
--SECURITY MATTERS BLOG: Two Upcoming Security Conferences
by Mark Joseph Edwards, http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160776-0-0-0-1-2-207
ChicagoCon 2008 and Source 2008 will both be held during the next
several months. ChicagoCon 2008 will offer training courses, and Source
2008 will host a variety of lectures by various security gurus.
To view the full article go to:
http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160777-0-0-0-1-2-207
--FAQ: Windows XP Network Access Protection (NAP) Client
by John Savill, http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160778-0-0-0-1-2-207
Q: Where do I get the Windows XP Network Access Protection (NAP) client?
Find the answer at
www.windowsitpro.com/Article/ArticleID/98185
(http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160779-0-0-0-1-2-207)
--FROM THE FORUM: Can Antivirus Software Be Setup through Group Policy?
A forum participant wants to know if anyone is aware of an antivirus
software solution that can be set up in a domain computer through Group
Policy. Lend at hand at
forums.windowsitpro.com/web/forum/messageview.aspx?catid=42&threadid=88982&enterthread=y
(http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160780-0-0-0-1-2-207)
--SHARE YOUR SECURITY TIPS AND GET $100
Share your security-related tips, comments, or problems and
solutions in Security Pro VIP's Reader to Reader column. Email your
contributions to r2r@securityprovip.com (mailto:r2r@securityprovip.com).
If we print your submission, you'll get $100. We edit submissions for
style, grammar, and length.
PRODUCTS
--Managed Service from Merged Companies Protects Email
Webroot Software announced the release of Webroot E-Mail Security SaaS
(Software as a Service) for small-to-midsized businesses (SMBs). Webroot
E-mail Security SaaS is the first solution resulting from Webroot's
November 2007 merger with SaaS provider Email Systems. Webroot E-Mail
Security SaaS uses up to five different antivirus and two different spam
filtering engines. The service provides an encryption mechanism based on
Transport Layer Security (TLS). It also provides content control that
lets you set rules to control where messages are sent and how they're
filtered, image filtering that can delete or quarantine pornographic
images, and message archiving. For more information, go to
www.webroot.com (http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160781-0-0-0-1-2-207)
RESOURCES AND EVENTS
A new hybrid approach to assuring secure content management (SCM)
combines the best of current approaches. Learn why this new approach
will be the only way to deliver enough functionality and scalability to
solve the SCM challenges organizations face. Download this free white
paper and discover a unique approach that can improve SCM while lowering
costs.
www.windowsitpro.com/go/wp/stbernard/scm/?code=013008er
(http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160782-0-0-0-1-2-207)
Ensure that your company has the business intelligence (BI) and
Enterprise Project Management (EPM) tools to meet the current and future
needs of your business. Successful small companies rarely remain small.
Businesses grow from sole proprietorships to multiple locations. They
might even expand to incorporate international operations or public
ownership. Regardless of the stage of growth, there is always a need to
access, report on, and analyze data from different sources. This white
paper reviews the stages of business growth and provides examples of how
forward-thinking emerging companies leverage BI and EPM solutions to
manage expansion and address complex reporting and compliance issues.
www.windowsitpro.com/go/wp/oracle/epm/?code=013008er
(http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160783-0-0-0-1-2-207)
Attend Black Hat DC on February 18-21. This Washington, DC, version of
the world's premier technical event for ICT security experts focuses on
wireless security and features lots of new content.
www.blackhat.com
FEATURED WHITE PAPER
Take back control of unauthorized applications in your organization.
Learn why it's important to control unauthorized applications and read
about the various approaches you can use. Employees who install and use
applications such as IM, VoIP, games, and peer-to-peer file-sharing
applications cause businesses serious concern. Read this white paper to
learn how to integrate blocking of unauthorized applications into your
existing anti-malware detection and management infrastructure.
www.windowsitpro.com/go/wp/sophos/control/?code=013008er
(http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160784-0-0-0-1-2-207)
ANNOUNCEMENTS
Check out all the info-packed publications offered by Windows IT Pro!
If you're receiving the HTML version of this email newsletter, click
"Our Publications" in the menu bar. Otherwise, you can click on the link
below:
store.pentontech.com/index.cfm?s=1&cid=18000306&promotionid=18003253&code=
(http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160785-0-0-0-1-2-207)
CONTACT US
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and Security Pro VIP (second URL
below).
http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160786-0-0-0-1-2-207
http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160787-0-0-0-1-2-207
You are subscribed to this newsletter as boy.blogger@gmail.com
Manage your Security UPDATE subscription at
http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160788-0-0-0-1-2-207.
Be sure to add Security_UPDATE@email.windowsitpro.com
to your spam filter's list of allowed senders.
To contact us:
About Security UPDATE content -- mailto:letters@windowsitpro.com
About technical questions -- http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160790-0-0-0-1-2-207
About your product news -- mailto:products@windowsitpro.com
About your subscription -- mailto:windowsitproupdate@windowsitpro.com
About sponsoring Security UPDATE -- mailto:salesopps@windowsitpro.com
View the Windows IT Pro privacy policy at
http://ct.email.windowsitpro.com/rd/cts?d=33-2082-803-202-62923-160791-0-0-0-1-2-207
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2008, Penton Media, Inc. All rights reserved.
No comments:
Post a Comment