******* Vendor Corner ******* How to detect Denial of Service attacks in real-time: Protect yourself against Denial of Service (DoS) attacks with NetProwler and Intruder Alert by transparently monitoring traffic in real-time and reacting instantly. Until June 18, learn about DoS attacks with your FREE guide, "Everything You Need to Know About Intrusion Detection," at: http://www.axent.com/netprowler AXENT is the leading provider of e-security solutions for your business, delivering integrated products and expert services to 45 of the Fortune 50 companies. ******* What's new with SecurityPortal.com ******* Reflections on the Strange, Perplexing, Interminable, and Most Lamentable Phenomenon Known as the Viral Wars Viruses and other wildlife, so far, have been the product of mischievous "wanton boys," not nihilists. The weaponry's been conventional not nuclear. And, self-limited in destructive power, no virus yet has sought the annihilation of the Information Society or the Internet. Probably, virus designers don't want to destroy their own playground. Yet, we've not seen the worst. Ebola may be coming. In his paper, "I Don't Think I Really Love You," Michael Zalewski argues that the ILOVEYOU virus was far from lethal. (His paper is at http://lcamtuf.na.export.pl/worm.txt ) He envisions a "deadly harmful Internet worm." Such a nuclear-level worm would be portable (architecture independent) and invisible. It would exhibit independence from user interaction, be capable of learning weaknesses in defenses, be hard to kill, be polymorphic, and be targetable like a Cruise missile. Such a military-grade worm could wreck immense havoc on the Internet. But, why would the average cracker use this weapon? Again, what is the advantage in destroying one's own theatre of operations? Nothing. The most likely candidates for deployment would be terrorists. Read the full story here <http://securityportal.com/cover/coverstory20000619.html> ******* Vendor Corner ******* WRITE YOUR INFORMATION SECURITY POLICIES IN A DAY! INFORMATION SECURITY POLICIES MADE EASY is a kit, text and CD, of 1000+ already-written security policies by internationally-known consultant Charles Cresson Wood. ISPME has JUST BEEN UPDATED and is now available in Version 7! ISPME v7 is the most comprehensive collection of policies available covering the latest technology developments and infosec topics. Each of these policies is accompanied by commentary detailing policy intention, audience, and the circumstances where it applies. Save weeks of time and thousands of dollars developing policies for information security manuals, systems standards, etc. with no consultant fees. Go to - http://www.baselinesoft.com ******* Top News ******* June 19, 2000 Welcome to SecurityPortal.com - The focal point for security on the Net Recent postings in our top news http://www.securityportal.com/topnews: Jun 19, 2000 Weekly Security Roundups <http://securityportal.com/research/research.wd.html> - Consolidated reports that include advisories, bulletins, top mailing list topics and more on Axent, BSD, Check Point, Linux, Microsoft and Solaris. TrendMicro: VBS_STAGES.A Worm <http://www.antivirus.com/vinfo/virusencyclo/default5.asp?VName=VBS_STAGES.A > - This is a new Internet worm which spreads using multiple applications such as Microsoft Outlook, Pirch, mIRC, and to available mapped drives. Register: Sub7 vid Trojan can launch distributed attacks <http://www.theregister.co.uk/content/6/11424.html> - - Last week we expressed doubts about a report from security outfit NETSEC, claiming that they had found a new Trojan capable of launching DDoS attacks. As it turns out, the most recent build of Sub7 contains an undocumented feature which can indeed be used to ping the living hell out of Web servers, from numerous infected clients simultaneously, according to research just completed by security outfit iDefense. ZDNet: Japanese hacker arrested for break-in <http://www.zdnet.com/zdnn/stories/newsbursts/0,7407,2589803,00.html?chkpt=p 1bn> - Japanese authorities on the northern island of Hokkaido have arrested a man they say unlawfully penetrated through the firewall of a Web site, the fifth such arrest since a new anti-hacking law went into effect earlier this year. Jun 17, 2000 CNNfn: Hackers nail AOL <http://cnnfn.com/2000/06/16/technology/wires/aol_wg/> - America Online Inc. on Friday said vandals had broken into its AOL service and gained access to an undisclosed number of member accounts, highlighting the vulnerability of even the world's largest Internet service provider to the threat of hacker attacks Microsoft re-releases IIS Web Server Patch <http://securityportal.com/topnews/ms00-031upd.html> - MS00-031 discussed two IIS problems, known as the "Undelimited HTR Request" and "File Fragment Reading via .HTR" vulnerabilities. Microsoft recently discovered that the IIS 5.0 patch only eliminated the "Undelimited HTR Request" and have released a more comprehensive fix Jun 16, 2000 ZDNet: Digital signatures bill goes to Clinton <http://www.zdnet.com/zdnn/stories/news/0,4586,2589294,00.html> - A measure that gives electronic signatures and documents the same force in law as their paper counterparts won unanimous approval in the U.S. Senate Friday, two days after the House passed the bill PioneerPlanet: Hackers refine their head games <http://www.pioneerplanet.com/yhoo/mtc_docs/027786.htm> - St. Paul conventioneers root out weaknesses in computer systems -- and in themselves. The message on the simple black T-shirts sold by 20-year-old ``Overdose'' from Las Vegas says much of what you need to know about the three-day computer hacking contest at RootFest. LinuxToday: Red Hat Security Advisory: Updated Kerberos 5 packages are now available <http://linuxtoday.com/news_story.php3?ltsn=2000-06-16-001-04-SC-RH> - A number of possible buffer overruns were found in libraries included in the affected packages. A denial-of-service vulnerability was also found in the ksu program. ABCNews: Hacker Groups Attack Net Child Porn <http://www.abcnews.go.com/sections/tech/DailyNews/antiporn000616.html>- - Several hacker groups are dedicated to knocking child porn off the Net. These security experts track down criminals online, exposing their IP addresses and sometimes taking down sites. Zope: Zope security alert and 2.1.7 update <http://www.zope.org/Products/Zope/2.1.7/security_alert>- We have recently become aware of an important security issue that affects all released Zope versions including the recent 2.2 beta 1 release. The issue involves an inadequately protected method in one of the base classes in the DocumentTemplate package that could allow the contents of DTMLDocuments or DTMLMethods to be changed remotely or through DTML code without forcing proper user authorization. A Zope 2.1.7 release has been made that resolves this issue for Zope 2.1.x users. This release is available from Zope.org OpenBSD 2.7 Release <http://securityportal.com/topnews/openbsd2.7_20000615.html> - OpenBSD announces release 2.7 of the "Secure by Default" operating system for Internet servers and workstations. OpenBSD 2.7 significantly enhances the built-in strong cryptography with the OpenSSH suite to support the SSH 1 and 2 secure communication protocols and drivers for hardware accelerators for IPSec VPNs. TechWeb: Lawmakers Seek Balance In Privacy Legislation <http://www.techweb.com/wire/story/TWB20000615S0017> - Consumers are riled up about invasions of privacy over the Internet, but most don't even know the extent to which advertisers collect information about their surfing habits TechWeb: Hybrid Apps Catch Network, System Attacks <http://www.techweb.com/wire/story/TWB20000615S0010> - Growing cyber threats from inside and outside the firewall is spurring the rise of hybrid intrusion-detection systems (IDS) that detect network- and system-related attacks ZDNet: Business' new bogeyman: ID cybertheft <http://www.zdnet.com/zdnn/stories/news/0,4586,2588919,00.html> - In a white paper detailing how consumers can prevent identity theft in cyberspace, the Software and Information Industry Association, a trade group representing more than 1,000 high-tech companies, is offering businesses specific guidance on how to avoid becoming unwitting accomplices to fraud SJ Mercury: How loose is your laptop? <http://www.mercurycenter.com/svtech/news/top/docs/laptop061500.htm> - People used to guard business secrets and highly classified documents with their lives. Nowadays, even national security secrets are getting lost or left in homes, hotels, taxis and train stations Jun 15, 2000 ComputerUser: Ovum: E-Business Security Needs Revamping <http://www.computeruser.com/news/00/06/15/news14.html> E-commerce companies need to take a long, hard look at their e-security systems, a report out Wednesday said. The study even goes so far as to warn companies that their old security models need radical changes to adapt to the brave new e-world. The report, titled "E-Business Security: New Directions and Successful Strategies," from Ovum, said that the old security models tend to rely on perimeter security protecting the outer boundaries of the organization. Infoworld: Service-based security <http://www.infoworld.com/articles/hn/xml/00/06/14/000614hnsecurity.xml> - Athough virus and worm protection typically grab most of the attention in today's security landscape, a pair of security companies burst onto the scene this week hoping to prove that online vulnerability-scanning and services also have a huge role to play in safeguarding an organization's key assets. CRN: Experts Debate Who's Responsible For Internet Security <http://www.crn.com/dailies/digest/breakingnews.asp?ArticleID=17498> - When a group of security experts debated the question of who is responsible for Internet security, the possibilities ranged from software vendors to everyone. The panel discussion, held here on Tuesday in conjunction with NetSec2000, was sponsored by Palo Alto, Calif.-based Recourse Technologies Inc. and Sunnyvale, Calif.-based SonicWall Inc. FairfaxIT: NZ defence force downplays teen's 'secret' e-mails <http://www.it.fairfax.com.au/breaking/20000615/A8896-2000Jun15.html> - THE significance of New Zealand defence papers turning up in a British teenager's e-mail messages was last night being downplayed by the country's Defence Force. Claire McDonald, 15, of Devon, England, has been receiving e-mails for the past six months that she believed came from the Pentagon in the United States, One Network News reported last night. ComputerWorld: Denial-of-service victims share lessons learned <http://www.computerworld.com/home/print.nsf/(frames)/000615E8E2?OpenDocumen t&~f> - "When the attacker decided it was over, it was over," said Alex Wellen, a producer at ZDNet TV who spoke at a panel discussion at the NetSec 2000 computer security conference this week. Wellen and other panelists from Cisco Systems Inc. and Stanford University who have also weathered denial-of-service attacks offered lessons learned from the incidents and strategies for effective defense PlanetIT: Suspect To Be Charged In Love Bug Case <http://www.planetit.com/techcenters/docs/security/news/PIT20000615S0006> - The Philippine National Bureau of Investigation (NBI) will file criminal charges this week against a man suspected to have spread the crippling "Love Bug" computer virus, officials said Wednesday. Onel de Guzman, a 22-year old computer school dropout who lives in Manila, will be charged under provisions that govern credit card fraud because the country did not have laws for cybercrime until Wednesday, when an e-commerce law came into effect that cannot be used retroactively. ComputerUser: Lawmakers Grill Energy Dept. Officials about Missing Databases <http://www.computeruser.com/news/00/06/15/news2.html> - The disappearance of two computer hard drives containing nuclear secrets and other sensitive data from the Los Alamos National Laboratory was probably not the result of espionage, the Energy Department's security czar told a congressional panel. InfoWorld: House passes digital-signature bill <http://infoworld.com/articles/hn/xml/00/06/14/000614hnsignatures.xml> - By a huge majority, the U.S. House of Representatives approved a bill that will allow many electronic signatures to have the same legal standing as paper signatures CNet: House committee OKs anti-spam bill <http://news.cnet.com/news/0-1005-200-2077968.html?tag=st.ne.1002.bgif.ni>- Federal anti-spam legislation passed a key test Wednesday, as the House Commerce Committee voted to approve a bill limiting junk email Jun 14, 2000 Network Computing: Attacks Put Security Pros on the Most-Wanted List <http://www.networkcomputing.com/1111/1111ca.html>- Talk about job security. Network-security specialists are in high demand these days, especially given the recent denial-of-service attacks on high-profile Web sites. Secure systems and networks capable of withstanding the use and abuse from outside and inside an organization are the goal of businesses, as heterogeneous networks link remote staff to headquarters, the business to customers and everyone to the Internet InfoWorld: Raytheon eyes computer security <http://www.infoworld.com/articles/hn/xml/00/06/14/000614hnraytheon.xml> - Raytheon Systems Co., a unit of Raytheon Co., is entering the growing corporate market for computer-security products with high-end software called SilentRunner MSNBC: Web sites expose selves to attack <http://msnbc.com/news/420137.asp> - It's always nice when a Web site says "Hello". Unless, of course, the Web site should be doing something else. Many large e-commerce Web sites are susceptible to a bug that would allow someone to exploit the site's user input fields to run malicious JavaScript NAI Virus Alert: Winkiller <http://vil.nai.com/villib/dispvirus.asp?virus_k=98686> - This is a file deletion trojan which appears to have been distributed to several Hotmail email recipients and at least one web-based Internet group at Egroups.com New CERT Security Improvement Module: Securing Public Web Servers <http://www.cert.org/security-improvement/modules/m11.html> - The World Wide Web is one of the most important ways for your organization to publish information, interact with Internet users, and establish an e-commerce business presence. However, if you are not rigorous in securely configuring and operating a public Web site, you leave yourself and your organization vulnerable to a variety of security problems Wired: Love Bug Suspect Takes the Fall <http://wired.com/news/politics/0,1283,36960,00.html>- Hold on to your hats, Love Bug followers. Philippine investigators said Tuesday they're planning to file charges against a computer student suspected of releasing the worm that swept through thousands of hard drives around the world on May 4 ComputerUser: Making an Unbreakable Code <http://computeruser.com/articles/1906,2,1,1,0601,00.html> - In today's information society, ensuring the security and privacy of its advanced communications has become critically important. Cryptography is a crucial technology to protect these communications Jun 13, 2000 The Standard: FTC, Online Ad Firms Haggle Over Privacy <http://www.thestandard.net/article/display/0,1151,15947,00.html> - In the wake of last month's Federal Trade Commission recommendation that Congress pass basic online privacy laws, a group of Internet ad-server companies is continuing to hold secret talks with the FTC and the Commerce Department about a set of self-imposed privacy standards for the online-advertising industry in lieu of new privacy legislation Overseas Software <http://securityportal.com/topnews/overseas20000613.html> - Where do legitimate security concerns begin? And, where does xenophobia, the abnormal fear of foreigners, end? Should all software be written in the United States if it impacts major industries? The emerging truth arises from a clear reality. Information Technology (IT) is a worldwide system and culture; it cannot be imprisoned in any one nation state. Economic realities will cause foreign technology workers to come to America. The same factors will cause American companies to do projects in India, Thailand, Brazil, and so on. IT will continue to blur national boundaries beyond recognition. And, all the protesters and all the security managers concerned about globalization will not stop the trend CNN: Secret nuclear information missing from Los Alamos lab <http://www.cnn.com/2000/US/06/12/nuclear.secrets.02/index.html> - An investigation has been launched into the disappearance of nuclear weapons secrets and other highly sensitive classified information from Los Alamos National Laboratory, officials said Monday Time: Will Cyber Criminals Run The World? <http://www.time.com/time/magazine/articles/0,3266,47159,00.html> - World dominance isn't so easily won, but that hasn't stopped the spies and the nerds from waging a bitter war over encryption technology World dominance isn't so easily won, but that hasn't stopped the spies and the nerds from waging a bitter war over encryption technology Sunworld: Daemons on the Net <http://www.sunworld.com/sunworldonline/swol-06-2000/f_swol-06-unixsecurity. html>- SunWorld columnist Carole Fennelly defends the term hacker and offers a rebuttal to "Invisible Enemies," a recent article in Vanity Fair that which she calls "a sensationalist, good-versus-evil script filled with the sort of cheap stereotyping found in TV movies." RootPrompt: Cracked! part 5: Rebuilding <http://rootprompt.org/article.php3?article=536> - This is the fifth part of the story of a community network that was cracked and what was done to recover from it. The first part Cracked! Part1: Denial and truth details the report that leads to the discovery that the community network was indeed cracked and some of the initial reactions. The second article Cracked! Part 2: Watching and Waiting talks about how they learned more about the cracker and what they did next. The third Cracked! Part 3: Hunting the hunter talks about some of the efforts made to track down the cracker and some surprises. The fourth Cracked! Part 4: The Sniffer tells how they found the sniffer that the cracker was running on their network and what they did next. This article covers the rebuilding of the system to recover from the crack and fix some long standing problems. Future articles detail their conversations with the cracker on IRC, the hole they missed and the crackers revenge. CNN: Feds find dangerous cyberstalking hard to prevent <http://www.cnn.com/2000/TECH/computing/06/12/cyberstalkers.idg/index.html> - Legislators across the country have enacted new laws and updated old ones to prevent cyberstalking -- the Information Age crime in which victims are bombarded with threatening electronic messages while the stalker hides behind the Internet�s veil of anonymity Jun 12, 2000 Linux.com: An Overview of TCP and IP Spoofing <http://www.linux.com/security/newsitem.phtml?sid=11&aid=8999> - A spoofing attack involves forging one's source IP address. It is the act of using one machine to impersonate another. Most of the applications and tools in Unix systems, including Linux, rely on source IP address authentication, and many developers have used host-based access controls to secure their networks. The source IP address is a unique identifier, but it is not a reliable one. It can easily be spoofed. FCW: GSA fleshes out intrusion net plan <http://www.fcw.com/fcw/articles/2000/0612/news-fidnet-06-12-00.asp>- The General Services Administration is moving forward with its plans to build a governmentwide system to monitor agency networks for cyberattacks, but it is taking a slightly different tack than originally announced ZDnet: Congress to sign for digital signatures? <http://www.zdnet.com/zdnn/stories/news/0,4586,2585829,00.html> - The House as early as Tuesday could take a final vote on legislation that would give a big boost to online commerce by granting electronic contracts the same legal status as handwritten signatures ******* What's new with SecurityPortal.com ******* The Death of Unencrypted Connections? Over the last few years "hacker" tools have become much more widespread and available to malicious attackers. Combine this with the ease of getting operating systems - almost anything a corporation has short of a mainframe OS you can download from the Internet and run on your Intel PC. The cost of Sparc, PPC and Alpha platforms have also dropped substantially, allowing any mildly determined attacker to buy them and learn how they work intimately. Mix in modern computers which can run relatively powerful operating systems with moderate to high end hardware (PIII600 with 128 megs has quite a bit of horsepower). These allow you to install software like a network sniffer on a remote desktop machine, even one running a "low end" OS like Windows 95. Add to this a network protocol (TCP-IP) that was designed without security in mind and you have a recipe for disaster. Read the full story at <http://securityportal.com/closet/closet20000614.html> *******New From SecurityPR.com******** OpenBSD Announces Release 2.7 <http://securityportal.com/pr/pr.20000615192626.html> - OpenBSD announces release 2.7 of the "Secure by Default" operating system for Internet servers and workstations. OpenBSD 2.7 significantly enhances the built-in strong cryptography with the OpenSSH suite to support the SSH 1 and 2 secure communication protocols and drivers for hardware accelerators for IPSec VPNs. V-ONE and SkyTel Announce Commercial Release of Air SmartGate - Secure Wireless Messaging Solution For ReFLEX TM Protocol-Based Narrow Band PCS Networks <http://securityportal.com/pr/pr.20000614112435.html> - Nationwide Service To Be Provided Over The SkyTel Network. Announcing F-Secure SSH version 2.1 for Macintosh. <http://securityportal.com/pr/pr.20000613113304.html> - F-Secure SSH is a fast and easy solution for securing Internet connections. Strong encryption methods are used to provide data privacy and integrity. Enter your own Press Releases directly at SecurityPR.com. http://securitypr.com ******************************************* Tell us how we are doing. Send any other questions or comments to <mailto:[EMAIL PROTECTED]> . Michael McCrea SecurityPortal.com - the Focal Point for Security on the Net [EMAIL PROTECTED] -------------------------------------------------------------------------- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3 Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
