NETWORK WORLD NEWSLETTER: M. E. KABAY ON SECURITY 11/09/04 Today's focus: Beware of self-denial of service
Dear [EMAIL PROTECTED], In this issue: * Misconfigured software can cause denial of service * Links related to Security * Featured reader resource _______________________________________________________________ This newsletter is sponsored by Lucent Technologies FREE EMA ANALYST REPORT Enterprise Management Associates (EMA) describes how to optimize VoIP services with network and application performance management. EMA found that market leading VitalSuite(R) Performance Management Software from Lucent Technologies streamlines VoIP management and boosts bottom line profits. http://www.fattail.com/redir/redirect.asp?CID=88131 _______________________________________________________________ WHAT DO YOU KNOW ABOUT THE NEW DATA CENTER? Sign up for Network World's Data Center Newsletter in which Johna Till Johnson and the team at Nemertes Research will provide an ongoing assessment of current data center business drivers and future trends; concrete advice and guidance for IT executives seeking to consolidate data centers, improve disaster recovery, and deploy virtualization techniques. Click here to subscribe: http://www.fattail.com/redir/redirect.asp?CID=87887 _______________________________________________________________ Today's focus: Beware of self-denial of service By M. E. Kabay Denial of service is usually caused by people trying to cause problems or by misconfiguration of software. Mail bombing, distributed denial-of-service attacks, and list-subscription bombing are examples of the former. Mail storms caused by list administrators who allow automated out-of-office messages to be distributed by their list server are an example of the latter. Here's another example. I recently upgraded from Microsoft Outlook 2002 to Outlook 2003 on my main computer after trying the new version of Office 2003 that was installed on my university laptop. I found the new functionality in the much-reviled e-mail client helpful and worth the price of the upgrade. (NOTE: Dear Readers, PLEASE don't flood me with attacks on Outlook. I'm aware of security issues but I do keep the product up to date, run an excellent firewall, have automatically updated anti-virus, and find the product a good choice for my needs. I really don't have time for religious wars about e-mail clients.) I have been using Cloudmark's SpamNet service for over a year now and have been consistently pleased with its ability to snag junk mail efficiently. However, a couple of days ago I came back to my computer in the morning after having left Outlook loaded overnight and found my system doing such a huge amount of I/O that it was interfering with performance; everything was sluggish, including keyboard entry, mouse movements, menu response and so on. At first I thought my defragmentation program might still be running, although normally it would stop immediately at the first sign of user activity. It wasn't. What I did find was 8,000 messages in my spam folder in Outlook. The list included hundreds of copies of several spam messages. Now getting one spam message is bad enough; getting hundreds of copies of the same spam message stored in my OUTLOOK.PST file is not my idea of fun. SpamNet was in fact still deleting apparently nonexistent spam. Any time I switched to the inbox the I/O would resume. My best guess is that Version 3.0 is unable to recognize that a message has been deleted, and so it continues to delete spam repeatedly. Since I normally flush deleted messages from my inbox just before switching out of that folder, I didn't notice the repeated spam messages until I left Outlook unattended overnight. By that point, there were enough deleted spam messages in the inbox to cause significant I/O; flushing those deleted messages immediately stopped the excessive I/O. I went to the SpamNet support site and immediately found a thread in the user forum discussing this problem; some users had canceled their subscription for the product as a result of the bug. My own workaround is to disable the automatic scan; one can run the scan on demand instead of automatically. Then I immediately purge deleted messages from the inbox to prevent them from being caught again. According to CloudMark staff, the next update of SpamNet repairs this problem and it is due in mid-November. Until then, I'll have to exercise some self-discipline to prevent further self-denial of service. _______________________________________________________________ To contact: M. E. Kabay M. E. Kabay, Ph.D., CISSP, is Associate Professor in the Division of Business and Management at Norwich University in Northfield, Vt. Mich can be reached by e-mail <mailto:[EMAIL PROTECTED]> and his Web site <http://www2.norwich.edu/mkabay/index.htm>. A Master's degree in the management of information assurance in 18 months of study online from a real university - see <http://www3.norwich.edu/msia> _______________________________________________________________ This newsletter is sponsored by Cisco Systems Special Report: Bridging the Gap; Enterprise ROI IT professionals today don't indulge in the latest-greatest technology for their own sake; instead they concentrate efforts on projects that are most likely to help achieve business goals. Read about the challenges and opportunities when IT starts 'bridging the gap' and directly contributes to enterprise ROI. http://www.fattail.com/redir/redirect.asp?CID=87980 _______________________________________________________________ ARCHIVE LINKS Archive of the Security newsletter: http://www.nwfusion.com/newsletters/sec/index.html Breaking security news: http://www.nwfusion.com/topics/security.html _______________________________________________________________ FEATURED READER RESOURCE NEW! Website dedicated to Networking for Small Business now available The editors of NW Fusion and PC World have combined all their expert advice, authority, and know-how into a powerful new tool for small businesses, the new Networking for Small Business website. Get news, how-to's, product reviews, and expert advice specifically tailored to your small business needs. Find help with Security, Broadband, Networking, Hardware, Software, and Wireless & Mobile technology at: <http://www.networkingsmallbusiness.com/> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED]
