=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= SEARCHWIN2000.COM | Security Administration Tip December 9, 2003
Essential tools and advice for the security-focused administrator. More tips: http://searchwin2000.techtarget.com/tips/?track=NL-122 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= FROM OUR SPONSOR: - Free Download: HFNetChkPro Security Patch Management http://searchWin2000.com/r/0,,22240,00.htm?track=NL-122&shavlik - Explore the Desktop Deployment Info Center today! http://searchwin2000.techtarget.com/infoCenter/0,294261,sid1,00.html?track=NL-122 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= IN THIS ISSUE | Table of Contents 1. SECURITY TIPS - Check your Windows port associations - Blocking worms - End the EFS wars - Ask Roberta Bragg: Can a recovery agent work on multiple PCs? 2. WHAT'S NEW! - Featured Topic: Top 10 tech tips of 2003 - Tip Contest: The clock is ticking! Submit your tip today! - Opinion: Drug lords don't have it this good - Article: Attacks evolving toward exploiting network services ____________________________________________________________________ *********************SPONSORED BY: Shavlik************************* Free Download: HFNetChkPro Security Patch Management Today is patch day! How much time will it take you to secure your systems? Not long, if you download the free version of HFNetChkPro. A fully functional, no time-out version helps automate patch delivery and testing. Save time on deployment and ensure that systems are fully protected. Download it: http://searchWin2000.com/r/0,,22240,00.htm?track=NL-122&shavlik ____________________________________________________________________ CHECK YOUR WINDOWS PORT ASSOCIATIONS | Tom Lancaster One vulnerable aspect of "Windows out of the box" is the UDP and TCP ports it uses to support file and print sharing, directory services and name resolution. Using these ports on any local area network for these purposes is tolerable. But for any link to the Internet, they definitely are not. One of my favorite security tools makes a compelling case for why you should never utilize either one. >> CLICK for the full tip: http://searchwin2000.techtarget.com/tip/0,289483,sid1_gci940062,00.html?track=NL-122 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= END THE EFS WARS | Serdar Yegulalp All versions of Windows 2000 support the Encrypted File System (EFS), an extension to NTFS that allows users to encrypt files on-disk. EFS uses system-level certificates to encrypt the data. However, the algorithms used in these encryption certificates vary with each version of Windows 2000 (including XP and Windows .NET Server 2003). Because of this, there can be problems decrypting EFS-stored files across versions of Windows. >> CLICK for the full tip: http://searchwin2000.techtarget.com/infoCenter/tip/0,294276,sid1_gci935154_tax294659,00.html?track=NL-122 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= BLOCKING WORMS | Tom Lancaster Once again, more than 500,000 users, by Symantec's estimate, failed to follow the trivial steps required to patch their computers. Again and again, these derelicts give hackers the tools they need to create mischief, but it affects us all, not just those who can't be bothered to patch their machines. This failure was the last straw for many companies. >> CLICK for the full tip: http://searchwin2000.techtarget.com/tip/1,289483,sid1_gci924328,00.html?track=NL-122 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= CAN A RECOVERY AGENT WORK ON MULTIPLE PCs? | Ask Roberta Bragg Dear Roberta, My organization has 12 users who travel frequently with standalone laptops. They never connect to a domain, and each laptop software configuration is different. However, they all use Windows XP Pro as the OS. Is there a way to setup a disaster recover agent (DRA) so that if a laptop dies out, I can remove the hard drive and install it in another computer as a second hard drive and use the DRA to recover encrypted data (ie: EFS)? >> CLICK to read Roberta Bragg's expert response: http://searchwin2000.techtarget.com/ateQuestionNResponse/0,289625,sid1_cid563093_tax285120,00.html?track=NL-122 Want more tips like this one? Then sign up to receive SearchWin2000.com's "Tips from our Experts" biweekly newsletter. Just one click will automatically activate your free subscription: http://searchWin2000.techtarget.com/OptIn/1,290894,sid1,00.html?track=NL-122&&&&cid=457574&em=&tid=3107&FE=1 ______________________________________________________________ *******SPONSORED BY: The Desktop Deployment Info Center********* Visit the new Desktop Deployment Info Center on SearchWin2000.com! You'll find tips, webcasts, expert advice and other key resources focused on all aspects of managing Windows desktops -- direct from SearchWin2000.com and Microsoft. Topics covered include desktop deployment and migration strategies, performance, disk management, hardware administration, application management, security -- and much more. Explore the Desktop Deployment Info Center today! http://searchwin2000.techtarget.com/infoCenter/0,294261,sid1,00.html?track=NL-122 __________________________________________________________________ WHAT'S NEW! =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= TOP 10 TECH TIPS OF 2003 | Featured Topic Are you awash in technical information, but can never seem to find exactly what you need? This week's Featured Topic spotlights the 10 most read SearchWin2000.com technical tips from the past year. From AD to .pst's, the topics of these tips enticed you to click. http://searchwin2000.techtarget.com/featuredTopic/0,290042,sid1_gci939636,00.html?track=NL-122 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= THE CLOCK IS TICKING! SUBMIT YOUR TIP TODAY! | Tip Contest If you want a shot at this month's awesome prize, an iRiver SlimX iMP-350 CD/MP3 player, you better get cracking! You have less than two weeks left to submit your Windows-related tip for a chance to win. Check out the prize and submit your tip today! >> CLICK here to submit and read more about this month's prize: http://searchwin2000.techtarget.com/tips/0,289484,sid1_tax5e1,00.html?track=NL-122 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= DRUG LORDS DON'T HAVE IT THIS GOOD | Opinion Microsoft's David Finn sounds like a beaten man. In a speech this week, the "digital integrity" executive admitted that virus writers and software counterfeiters are pretty much operating at will around the globe. Lawsuits and criminal prosecutions have done little to prevent such practices, which are costing enterprises -- and Microsoft -- billions in lost revenue. http://searchwin2000.techtarget.com/columnItem/0,294698,sid1_gci939955,00.html?track=NL-122 =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= ATTACKS EVOLVING TOWARD EXPLOITING NETWORK SERVICES | Article When surveying the vulnerability landscape this year, one sees a move toward attackers exploiting flaws in services and protocols rather than in applications themselves. Just a couple of years ago, the biggest targets were severe vulnerabilities in applications such as Microsoft's Internet Information Service Web server. This year however, more flaws in services like RPC-DCOM, were exploited by worms. http://searchwin2000.techtarget.com/originalContent/0,289142,sid1_gci940198,00.html?track=NL-122 _________________________________________________________________ ********************* SEARCHWIN2000 CONTACTS ********************** TIP MAILBOX, (mailto:[EMAIL PROTECTED]) >> Send feedback on tips and ideas for new tip content. ____________________________________________________________________ MARILYN COHODAS, Senior Site Editor (mailto:[EMAIL PROTECTED]) >> Send me your original articles and best practices. ____________________________________________________________________ CHRISTINE POLEWARCZYK, Site Editor (mailto:mailto:[EMAIL PROTECTED]) >> Send me your bloopers and Featured Topic ideas. ____________________________________________________________________ VANDANA SHARMA, Assistant Editor (mailto:[EMAIL PROTECTED]) >> Send me your tips and true IT bloopers. ____________________________________________________________________ DAVID GABEL, Executive Tech Editor (mailto:[EMAIL PROTECTED]) >> Send me your technical tips and tip ideas. ____________________________________________________________________ KEVIN NOLAN (mailto:[EMAIL PROTECTED]) >> Sponsor this or any other TechTarget newsletter. ____________________________________________________________________ ::::::::::::::::::::: ABOUT THIS NEWSLETTER :::::::::::::::::::::: This newsletter is published by TechTarget, the most targeted IT media. http://www.techtarget.com?track=NL-122 Copyright 2003 TechTarget. All rights reserved. ____________________________________________________________________ To unsubscribe from "Windows Security Administration Tips" reply to this e-mail with REMOVE in the Subject line. Please note, unsubscribe requests may take up to 24 hours to process; you may receive additional mailings during that time. A confirmation e-mail will be sent when your request has been successfully processed.
