DAILY BRIEF Number: DOB02-110 Date: 25 July 2002 http://www.ocipep.gc.ca/DOB/DOB02-110_e.html
NEWS Possible Lessons for Ottawa from September 11 Ottawa's fire, police and ambulance branches rely on telephones for inter-service communication. Steve Kanellakos, the city's manager of emergency protective services, says that this is a problem and would like to see the three services sharing a single communications centre with a common radio system. (Source: Ottawa Citizen, 25 July 2002) Click here for the source article Comment: Recent media reports concerning the response of emergency personnel on September 11 to the World Trade Center state that a lack of communications between fire and police services may have led to the deaths of many firefighters. IN BRIEF Web TV Users Rerouted to 911 Services An e-mail with the subject line "NEAT" has led Web TV users to download a program that re-sets their dial-up number to call 911 emergency services. (Source: CNET News.com, 23 July 2002) Click here for the source article Asteroid Monitored for Potential Impact with Earth Astronomers are monitoring a newly sighted two-kilometre-wide asteroid after initial calculations suggested that there is a chance it could hit the Earth. NASA's Near Earth Object program ranked the asteroid as "meriting careful monitoring," but not concern. (Source: CBC News, 24 July 2002) Click here for the source article Survey: Major Cyber Attack Very Likely A recent survey conducted by the Business Software Alliance concluded that nearly half of the U.S. security professionals surveyed believe that a "major" cyber attack will happen in the coming year. The survey indicates that only 19 percent of businesses in the U.S. have taken the necessary precautions for a major Internet attack and that 45 percent were unprepared. (Source: CNET News.com, 24 July 2002) Click here for the source article Comment: The report, "U.S. Business Cyber Security Study", can be viewed at: http://www.bsa.org/security/resources/1 Public Safety Wireless Network Conference Report The ninth annual LI NYC (Long Island/NYC) Emergency Management Conference reviewed the events of 11 September 2001 in New York City. The subsequent report highlights, among other themes, the ways in which increased interoperability of wireless networks can save lives. The report can be viewed at: http://www.pswn.gov/library/docs/lessons_WTC.doc Scientist to Market "Hacker-Proof" Hard Disk A Japanese scientific researcher claims that a new hard drive with two heads may make it impossible for hackers to access and rewrite data on systems. (Source: PC WORLD.COM, 22 July 2002) Click here for the source article Comment: The hard disk is not going to stop all types of web site defacements or exploits. For example, Code Red did not access the hard-disk, it changed the web sites' home pages in the system memory. Pentagon Relinquishes Wireless Frequencies The Pentagon has agreed to shift some military communications to other frequencies, freeing up space for advanced mobile phones and other wireless products. (Source: CNN.com, 24 July 2002) Click here for the source article CYBER UPDATES See: What's New for the latest Alerts, Advisories and Information Products Threats Sophos reports on WM97/Pri-AE, which is a Word 97 Macro virus that propagates via Outlook e-mail. It arrives with the subject line "Message From <username>" and the message body "This document is very Important and you've GOT to read this !!!". http://sophos.com/virusinfo/analyses/wm97priae.html Trend Micro reports on WORM_URICK.A, which is a worm that propagates via Outlook e-mail. It arrives with the subject line "A Windows Trick" and the attachment "%Variable filename%". http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_URICK.A Computer Associates reports on Assilem.M, which is a Word97 and 2000 macro virus that does not have an overly destructive payload. On the 23rd of any month, it displays a Chinese message. http://www3.ca.com/virusinfo/virus.asp?ID=12628 Vulnerabilities SecurityFocus reports on a remotely exploitable vulnerability in PHP Interpreter versions 3.0 thru 4.2.2 that could allow an attacker to cause a denial-of-service. No known patch is available at this time. http://online.securityfocus.com/bid/5280/discussion/ CERT/CC reports on a remotely exploitable buffer overflow vulnerability in Sun iPlanet and ONE Web Servers' search engine versions 4.1 & 6.0 that could allow an attacker to execute arbitrary code on the system. Follow the link for patch information. http://www.kb.cert.org/vuls/id/612843 SecurityFocus reports on a locally exploitable vulnerability in Sun PC NetLink 1.0, 1.1 and 1.2 that could allow an attacker to gain access to sensitive files. View the "Solution" tab for a workaround. http://online.securityfocus.com/bid/5281/discussion/ http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F27807 Additional vulnerabilities were reported in the following products: Pablo Software Solutions FTP Server 1.0 information disclosure vulnerability (SecurityFocus). http://online.securityfocus.com/bid/5283/discussion/ Tools Nmap 2.99RC1 is a utility for port scanning of large networks, which also works for single hosts. http://www.insecure.org/nmap/ Tiny Honeypot (thp) 0.4.3-2 is a simple honey pot program based on iptables redirects, an xinetd listener and perl. http://alpinista.dyndns.org/thp/ Linux Security Auditing Tool (LSAT) 0.5.9 is a post-install security auditing tool. http://www.dimlight.org/~number9/lsat/ The Logging Project (formerly salt) 0.8 are tools that provide centralized, secure and fault-tolerant logging. http://condor.gmu.edu/~jason/logging/ Samhain 1.5.4 is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. http://samhain.sourceforge.net/surround.html?main_q.html&2 MIME Defanger 2.16 is a flexible MIME e-mail scanner designed to protect Windows clients from viruses and other harmful executables. http://www.roaringpenguin.com/mimedefang/ CONTACT US For additions to, or removals from the distribution list for this product, or to report a change in contact information, please send to: Email: [EMAIL PROTECTED] For urgent matters or to report any incidents, please contact OCIPEP’s Emergency Operations Centre at: Phone: (613) 991-7000 Fax: (613) 996-0995 Secure Fax: (613) 991-7094 Email: [EMAIL PROTECTED] For general information, please contact OCIPEP’s Communications Division at: Phone: (613) 991-7035 or 1-800-830-3118 Fax: (613) 998-9589 Email: [EMAIL PROTECTED] Web Site: www.ocipep-bpiepc.gc.ca Disclaimer The information in the OCIPEP Daily Brief has been drawn from a variety of external sources. Although OCIPEP makes reasonable efforts to ensure the accuracy, currency and reliability of the content, OCIPEP does not offer any guarantee in that regard. The links provided are solely for the convenience of OCIPEP Daily Brief users. OCIPEP is not responsible for the information found through these links. IWS INFOCON Mailing List @ IWS - The Information Warfare Site http://www.iwar.org.uk
