******* Vendor Corner ******* ********************************************** Sold-Out SANS2000 Courses Repeated in San Jose ********************************************** www.sans.org/sj00.htm On May 8-13, the highest-rated courses from SANS2000 will be repeated in San Jose, CA. � Hacker Exploits: Step-by-Step � Incident Handling: Step-by-Step � The Intrusion Detection Immersion Curriculum, and � Firewalls and Perimeter Protection. � Windows NT Security: Step-by-Step Courses are taught by SANS' highest-rated instructors, and attendees may sit for an optional certification in each track. Plus "Information Assurance Kick Start" for people new to information security. Program includes optional evening courses, birds-of-a-feather sessions, the SANS party and other networking opportunities. www.sans.org/sj00.htm ******* What's new with SecurityPortal.com ******* Biometric Authentication Historically, usernames and passwords are the most common form of authenticating computer users. They are also both the worst management headache for IT staff and the biggest network security hole in existence. Many help desks handle more password related calls than any other category. Users routinely share their passwords with one another. We have passwords on yellow sticky notes on the monitor and under the keyboard. If you don't find the password there, try the Rolodex� under "P" for Password. Security industry observers frequently predict the use of biometric authentication systems will solve these problems. Those predictions are only beginning to come to fruition. Recent advances in technology coupled with a significant price drop make biometric authentication systems a viable alternative. As with most security solutions, proper implementation is critical. Deciding on the right type of biometric system requires an understanding of the underlying technologies. Read the full story here <http://securityportal.com/direct.cgi?/cover/coverstory20000424.html> Weekly Security Digests are updated Monday mornings by 3am EST. You can find them here. <http://securityportal.com/direct.cgi?/research/center.cgi?Category=wd> ******* Vendor Corner ******* How to detect Denial of Service attacks in real-time: Protect yourself against Denial of Service (DoS) attacks with NetProwler and Intruder Alert by transparently monitoring traffic in real-time and reacting instantly. Until February 16, learn about DoS attacks with your FREE guide, "Everything You Need to Know About Intrusion Detection," at: http://www.axent.com/netprowler AXENT is the leading provider of e-security solutions for your business, delivering integrated products and expert services to 45 of the Fortune 50 companies. ******* Top News ******* April 24, 2000 Welcome to SecurityPortal.com - The focal point for security on the Net Recent postings in our top news <http://www.securityportal.com/framesettopnews.html> : Apr 24, 2000 Weekly Linux Security Roundup <http://securityportal.com/direct.cgi?/topnews/weekly/linux20000424.html> - New release of Emacs being readied to solve problems in PTY handling.Vulnerabilities found in WU-IMAPD, Real Networks server, Qpopper, xfs,LCDproc 0.4, Red Hat, and SuSE. Weekly Microsoft Security Roundup <http://securityportal.com/direct.cgi?/topnews/weekly/microsoft20000424.html > - A substitute for reading through the mailing lists. Patches for Windows 2000. IPSEC, Windows 2000 and the HighEncryptionPack. Hacker Script Attempts To Exploit Microsoft Backdoor. More security holes discovered Weekly Check Point Security Roundup <http://securityportal.com/direct.cgi?/topnews/weekly/checkpoint20000424.htm l> - Check Point and Ramp Networks partner up. How to blocking Hotline. pcAnywhere Exploits? The best performance and bandwidth reporting utilities, and network intrusion detection software. Wondering which port numbers are which? Weekly Axent Security Roundup <http://securityportal.com/direct.cgi?/topnews/weekly/axent20000424.html> - Release status of the Axent Raptor Firewall 6.5 for Windows. Restricting machines by MAC address. Raptor licensing continues to confuse. Hiding URLs and dotless quad IP. Quick fix for licensing problems Apr 22, 2000 GNIT Vulnerability Scanning Engine for NT and Windows 2000 <http://security.ellicit.org/> A vulnerability scanner for Windows that detects most common problems and produces a nicely HTML formatted report. Free. Apr 21, 2000 Wired: Navy Intranet a Security Threat? <http://www.wired.com/news/politics/0,1283,35713,00.html>- The U.S. Navy�s plan to build the world�s biggest Intranet could create a big security threat and a boondoggle to boot, according to the country�s largest federal employees union. VNUNet: Turning up the heat on firewalls <http://www.vnunet.com/Features/602442> - A firewall puts up a barrier that controls the flow of traffic between hosts, networks and domains. The safest firewall would block all traffic, but that defeats the purpose of the connection. Strict control over selected traffic is needed, according to a logical security policy. A firewall can also conceal the topology of your internal network and network addresses from public view. Linux.com: CYA for System Administrators <http://oreilly.linux.com/pub/a/linux/2000/04/19/enterprise/CYA.html> - Things to keep in mind in our litigious society. In the last Linux in the Enterprise column, Linux Tools For Network Analysis, I mentioned some things to consider when you�re using network scanning systems on your company�s network. Doing the wrong thing in the cause of making your network "more secure" can land an unlucky administrator in a duel with the legal system. This is more likely when your actions come as a surprise or are viewed in a bad light by others who question your authority or motives to be doing what you�re doing. With all the sound and fury in media about evil hackers, it�s a good idea to consider how to protect yourself ahead of time. Wired: Like Mafia Son, Like Mafia Dad <http://www.wired.com/news/politics/0,1283,35836,00.html> - Turns out the Canadian police tapped into some rather incriminating telephone calls placed by the 15-year-old cracker�s dad, who allegedly took out a contract on a business colleague. Lieutenant Lenny Lechman said Mafiaboy�s 45-year-old father was arrested last week and charged with conspiring to commit bodily harm. ZDnet: RealNetworks server attack released <http://www.zdnet.com/zdnn/stories/news/0,4586,2553736,00.html> - A group of South American computer security researchers earlier today released a program, called realdie.exe, that can knock virtually any RealNetworks video server offline ComputerUser: Judge Blocks Hackers Appearance at Conference <http://www.currents.net/news/00/04/21/news1.html> - An information technology conference in Salt Lake City this week had to go on without convicted hacker Kevin Mitnick after a judge ruled his participation in a panel discussion on computer security would violate terms of his probation Cisco Advisory: IOS Software TELNET Option Handling Vulnerability <http://www.cisco.com/warp/public/707/iostelnetopt-pub.shtml> - A defect in multiple Cisco IOS software versions will cause a Cisco router to reload unexpectedly when the router is tested for security vulnerabilities by security scanning software programs. The defect can be exploited repeatedly to produce a consistent denial of service (DoS) attack Trend Micro: new Trojan TROJ_HACKTACK_2K <http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=TROJ_HACKTAC K_2K> - This is a new Backdoor Trojan, which can be used by a hacker to remotely control an infected computer. The hacker can do this because the Trojan sends out vital system information and compromises the security of the computer and the network it is in ZDNet: No plan for personal cybersecurity <http://www.zdnet.com/zdnn/stories/news/0,4586,2553485,00.html?chkpt=zdhpnew s01> - Speaking at ZDNet�s Town Hall meeting, a top White House advisor said he �found it extraordinary� that there was no plan for securing private PCs against malicious hackers Presenting the Big Picture in Security <http://securityportal.com/direct.cgi?/research/security101/bigpicture200004 21.html> - When explaining security issues, it is easy to lose track of the bottom line in protecting data and resources. Presenting all the details during employee security awareness training may miss the big picture about securing your organization InfoSecurityMag: The Process of Security <http://www.infosecuritymag.com/apr2000/cryptorhythms.htm> - Security doesn�t have to be perfect. But risks do have to be manageable. The problem is, users don�t understand the risks, and products alone can�t solve security problems. Apr 20, 2000 NewsBytes: Company Secrets Leak Through Employee E-Mail - Report <http://www.newsbytes.com/pubNews/00/147649.html>- As if corporate computer security managers didn�t have enough to worry about from disgruntled former employees, a new study finds a marked increase in the number of employees who acknowledge receiving confidential information via e-mail from employees at other companies. InfoSecurityMag: Privacy, Please <http://www.infosecuritymag.com/apr2000/logoff.htm> - Online services need to realize that possession of customer information does not imply permission to do with it what they want. - "PRIVACY" is a word that tends to get misused a lot by Internet security professionals. Just look at the RFCs, the closest thing the Internet has to a set of standards. The word privacy appears in 282 RFCs-but rarely do the RFC authors use the word privacy the same way that it�s used by the majority of computer users. EcommerceTimes: Teen Hacker Arrest Masks True Net Peril <http://www.ecommercetimes.com/news/viewpoint2000/view-000420-1.shtml>- This past weekend, a Canadian teen who calls himself "Mafiaboy" was arrested in the Montreal area and charged with at least one of the February denial-of-service (DoS) hacker attacks that blocked access to such popular Web sites as Yahoo!, Amazon and eBay. BellLabs: Bell Labs Free Linux Software Foils the Most Common Computer Security Attack <http://www.bell-labs.com/news/2000/april/20/1.html> - Bell Labs announced today that it is releasing free Linux software that foils the most common form of computer security attack. Lucent�s Libsafe software prevents electronic intruders from overflowing an application program�s buffer memory to gain unauthorized access to a computer. SCMP: PSINet hit by denial-of-service attack <http://www.technologypost.com/internet/Daily/20000420194747504.asp?Section= Main>- A denial-of-service attack on PSINet Hong Kong on Wednesday disabled the Internet service provider�s Web-hosting servers for most of the day, leaving many of its dotcom customers without e-mail and Web sites ZDNet: DoS attacks - What really happened <http://www.zdnet.com/zdnn/stories/news/0,4586,2553035,00.html> - More details are emerging about last February�s massive denial of service attack, and they continue to paint a dramatic picture of how helpless the Net�s biggest Web sites really were. A 15-year-old Canadian computer vandal was charged with toppling CNN.com this week, allowing security experts a bit more freedom to speak about the incident SQL: Friend and Foe <http://securityportal.com/direct.cgi?/research/sqlfriend20000420.html> - SQL, the lingua franca for databases, converts data into information and knowledge. A skeleton key to the most widely used databases, Standard Query Language may protect or may breach security. Its double-edged nature arises from SQL�s ease of use, its power to uncover hidden relationships among data, and its occasionally neglected security features Cisco Advisory: Catalyst Enable Password Bypass Vulnerability <http://www.cisco.com/warp/public/707/catos-enable-bypass-pub.shtml> - Cisco Catalyst software permits unauthorized access to the enable mode in the 5.4(1) release. Once initial access is granted, access can be obtained for the higher level "enable" mode without a password. This problem is resolved in version 5.4(2). Customers with vulnerable releases are urged to upgrade as soon as possible PR Newswire: AtomicTangerine launches venture consulting firm with heavy focus on security <http://web.lexis-nexis.com/more/cahners-chicago/11407/5742841/3> - "AtomicTangerine, a major strategic spin-off from SRI International, is redefining e-services as a venture consulting firm that combines emerging technologies with a business model and a strategy that bases a portion of its compensation on client results" FCW: NSF launching grants for cybercorps <http://www.fcw.com/fcw/articles/2000/0417/web-cyber-04-19-00.asp>- The National Science Foundation is expected to release applications next month for grants that would fund the Federal Cyber Services program designed to train the next generation of digital defenders ZDNet: Security experts - Give 'Mafiaboy' a break <http://www.zdnet.com/zdnn/stories/news/0,4586,2552944,00.html?chkpt=zdhpnew s01> - Security professionals and hackers that break into networks for a living urged compassion in the case of �Mafiaboy,� the 15-year-old Internet vandal accused of bringing down CNN.com during February�s denial-of-service attacks Cnet: Canadian police arrest suspect in major Web attacks <http://news.cnet.com/news/0-1005-200-1717149.html?tag=st.ne.1002.thed.1005- 200-1717149> - Canadian police today said an arrest has been made in connection with a number of debilitating attacks on some of the Internet�s most popular Web sites earlier this year. A 15-year-old boy known online as "Mafiaboy" has been accused of launching the attacks that began last February. Canadian officials would not name the boy, because Canadian law prevents releasing the names of juvenile suspects. Apr 19, 2000 LinuxToday: Mandrake Security Updates: imwheel and gpm <http://63.236.72.248/stories/20452.html> - A security bug was found in gpm-root, the bug can be exploited to provide local users with root access. A security bug was found in imwheel; the bug can be exploited to provide local users with root access. Version 0.9.8 fixes this problem CNNfn: What price cyber security <http://www.cnnfn.com/2000/04/19/technology/v_cyber/> - Security experts say billions of dollars are being spent to safeguard material on the Internet, and a lot of that money is wasted. Small users have little protection if their information is taken from a database, but they can guard what they put out into cyberspace, particularly in their e-mail. CNN�s Charles Molineaux takes a look at cyber security ABC: Juniper Develops Anti-Hacker Chip <http://www.abcnews.go.com/sections/tech/CNET/cnet_chip000418.html> - Juniper today said it is shipping a new processor that can scan all the data flowing through a network without slowing down the traffic. The chip, now built into Juniper�s family of networking equipment, could prevent the hacker attacks that crippled many of the top Web sites in February, according to Juniper chief executive Scott Kriens Wired: Domain War Motive a Guess <http://www.wired.com/news/business/0,1367,35708,00.html>- Was the recent rash of domain-name hijackings really part of a Balkan info-war? That is the most intriguing question lingering in the aftermath of an especially hard-hitting campaign of domain-name takeovers that blasted registrar Network Solutions last week CNet: Netscape tests patches for security hole <http://news.cnet.com/news/0-1005-200-1717169.html?tag=st.ne.1002.thed.1005- 200-1717169>- Netscape is testing patches for a newly discovered security hole in its Communicator Web browser that could expose private files ZDNet: Hacker charged in DOS attacks <http://www.zdnet.com/zdnn/stories/news/0,4586,2552353,00.html> - The Royal Canadian Mounted Police have charged someone in connection with February�s massive denial of service attacks against Internet sites Currents: FBI Laptop Stolen <http://www.currents.net/newstoday/00/04/19/news2.html> - The State Department may have had some explaining to do Tuesday, as it emerged late Monday that a laptop containing top secret FBI information had disappeared from a supposedly secure conference room at the State Department�s Bureau of Intelligence in Washington ZDNet: Top U.S. priority: Protect that data <http://www.zdnet.com/zdnn/stories/news/0,4586,2552199,00.html> - Summers said he had no doubt that in 10 years information security would be an absolutely central priority in terms of management of business risk InfoWorld: Government to implement measures to combat Trojan horses <http://www.infoworld.com/articles/en/xml/00/04/18/000418entrojan.xml>- THE federal government intends to make finding Trojan horses and trap doors on computer systems a "research priority," as the risk is one that some companies may be facing as a result of hasty Y2K problem repair work TrendMicro: PE_CIH Virus <http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=PE_CIH> - On April 26th, PE_CIH will once again activate and may cause damage to many computers. At this point we can only hope that people have upgraded to an up-to-date Antivirus software package that detects and cleans PE_CIH before it can activate. When PE_CIH activated in 1999 it caused damage to several hundred thousand systems, leaving many users with an unbootable computer NewsBytes: Administration, Industry Confer On Cybersecurity <http://www.newsbytes.com/pubNews/00/147521.html>- Maintaining the stance that industry, not government, must take the lead in guarding against hacker attacks and other electronic intrusions, Clinton Administration officials urged corporate leaders to beef up their cybersecurity efforts at a government-industry summit today Apr 18, 2000 CRN: Hacker Script Attempts To Exploit Microsoft Backdoor <http://www.crn.com/dailies/digest/breakingnews.asp?ArticleID=15872>- The Test Center found a Perl script on the Web that appears to have been authored by the same individual who originally reported the flaw to Microsoft. However in attempting to execute the Perl script, Test Center Engineers ran into syntax errors in the script as well as un-resolved external references Sendmail.net: Q and A with Wietse Venema <http://sendmail.net/?feed=interviewvenema> - When you name a program SATAN, you can expect your intentions to be misread. Wietse Venema discovered this firsthand when he and colleague Dan Farmer released the Security Administrator Tool for Analyzing Networks, reporting software designed to let administrators test their own networks for vulnerabilities, but immediately misconstrued as a toy for budding crackers. Bruce Schneier - Crypto-Gram <http://www.counterpane.com/crypto-gram-0004.html>- A free monthly newsletter providing summaries, analyses, insights, and commentaries on computer security and cryptography. LinuxPlanet: The Ultimate Anti-Virus Software: Linux <http://www.linuxplanet.com/linuxplanet/reviews/1739/1/> - Solving the Security Issues in Windows: Replace It! Currents: Former Employee Steals Internet Radio Stations <http://www.currents.net/newstoday/00/04/18/news2.html> - Three Internet-only radio stations have gone off the air after they were actually removed from the computer server they were hosted on by a disgruntled former employee Currents: Site Employs Biometrics for E-Prescription Security <http://www.currents.net/newstoday/00/04/18/news6.html> - DrugEmporium.com, the online subsidiary of Drug Emporium [NASDAQ:DEMP], the national chemist chain, has licensed biometrics technology from BioNetrix to allow it to authenticate the identities of doctors ordering patient prescriptions over the Internet from the online pharmacy Tele.com: ASPs to Insurers: 'Cover Me' <http://web.lexis-nexis.com/more/cahners-chicago/11407/5732422/7> - New liability insurance policies take aim at cyber-risks ZDNet: Microsoft - More security holes <http://www.zdnet.com/zdnn/stories/news/0,4586,2551396,00.html?chkpt=zdhpnew s01> - For a company that prides itself on the quality of its software development prowess, Microsoft Corp. has encountered a rough patch of late, racking up two security holes as well as committing a major faux pas in the space of less than a week Keep Your Paws Off My Data <http://securityportal.com/direct.cgi?/research/security101/pawsoff20000418. html> - This article talks about ways to Keep your personal data safe. From a Security 101 perspective Silicon: Security industry hits out at ethical hackers <http://www.silicon.com/public/door?REQUNIQ=956018642&6004REQEVENT=&REQINT1= 37026&REQSTR1=newsnow>- UK security vendors have reacted angrily to the news that a group of the world�s most experienced hackers have joined forces to launch their own company Apr 17, 2000 Open Source - Why it's Good for Security <http://securityportal.com/direct.cgi?/topnews/os20000417.html> - The argument that open source operating systems are less secure hangs on the faulty premise that attackers can�t find vulnerabilities in closed source O/S�s CNN: Ireland to lower encryption export restrictions <http://cnn.com/2000/TECH/computing/04/17/irish.encrypt.idg/index.html> - The government of Ireland has relaxed regulations for exporting mass market encryption products, the Department of Enterprise, Trade and Employment announced Friday. The simplified licensing procedure, known as a General Authorization, means Irish companies are no longer required to obtain export licences for individual products or for individual countries, said Mary Harney, the Minister of Enterprise, Trade and Employment in a statement InfoWorld: Novell delivers multiple-level security authentication <http://www.infoworld.com/articles/en/xml/00/04/17/000417ennovsecurity.xml> - NMAS lets network managers establish multiple levels of security into the network through a combination of password authentication, digital certificates, tokens, smart cards, or biometric devices SaltLakeTribune: Bennett Aims to Protect U.S. From New Cyber-Threat -- Hackers <http://www.sltrib.com/04172000/utah/41965.htm> - First, U.S. Sen. Bob Bennett leaped over tall bureaucracies as a Y2K czar, making sure the nation�s millennial odometer cranked over smoothly. Now the Utah Republican is donning the cape of cyber-crime-fighting master. RootPrompt: Digital Certificates and Encryption <http://rootprompt.org/article.php3?article=354> - On the Internet, information you send from one computer to another passes through numerous systems before it reaches its destination. Normally, the users of these intermediary systems don�t monitor the Internet traffic routed through them, but someone who�s determined can intercept and eavesdrop on your private conversations or credit card exchanges. Worse still, they might replace your information with their own and send it back on its way. SecurityFocus: Wide Open Source <http://www.securityfocus.com/commentary/19> - Is Open Source really more secure than closed? Elias Levy says there�s a little security in obscurity. One of the great rallying cries from the Open Source community is the assertion that Open Source Software (OSS) is, by its very nature, less likely to contain security vulnerabilities, including back doors, than closed source software. The reality is far more complex and nuanced. LinuxToday: Eric S. Raymond: Designed for Insecurity -- reprised <http://linuxtoday.com/stories/20251.html> - The status of the back door I discussed in Microsoft: Designed For Insecurity is now uncertain. Since the problem was reported on 14 April by BugTraq and the Wall Street Journal, one of the people involved in discovering it has retracted his report. There is now dispute over whether this problem was due to a genuine back door or a server misconfiguration. PA: HACKERS HIT BACK AT HEAVY METAL BAND<http://www.pa.press.net/news/technology/POP_Metallica%2c%20Napster_1026 27.html>- Web music enthusiasts, apparently enraged at Metallicas legal action against Napster, temporarily shut down the bands official web site Cert: Tech Tips <http://www.cert.org/tech_tips/index.html> - Our tech tips provide basic information on a variety of Internet security issues Slashdot: QNX Crypt Cracked <http://slashdot.org/articles/00/04/16/1324233.shtml> - The Crypt algorithm for the QNX operating system was just cracked. QNX runs on banks computers, ATM�s, Medical Equipment ******* What's new with SecurityPortal.com ******* Instant Messenger, or Instant Security Risk? The growth of online communication tools has been phenomenal, especially those that allow real time conversations and file transfers. 'Chat rooms' on AOL are hugely popular, as is IRC (Internet Relay Chat). Some IRC networks have tens of thousands of users logged in, and there are hundreds of IRC networks. I will cover several of these programs, including ICQ, AIM, Napster and Scour. The first two, ICQ and AIM, are primarily messaging oriented, with file transfer capabilities. The second two, Napster and Scour, are file transfer oriented with messaging capabilities. These programs allow users to easily communicate with other users using the same software, AIM cannot talk to Napster, and so on. There are a large number of concerns with these products, security and privacy-wise. Read the full story at <http://securityportal.com/direct.cgi?/closet/closet20000419.html> Tell us how we are doing. Send any other questions or comments to [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> . Michael McCrea SecurityPortal.com - the Focal Point for Security on the Net [EMAIL PROTECTED] -------------------------------------------------------------------------- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3 Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
