DAILY BRIEF Number: DOB02-110 Date: 25 July 2002

http://www.ocipep.gc.ca/DOB/DOB02-110_e.html

NEWS

Possible Lessons for Ottawa from September 11
Ottawa's fire, police and ambulance branches rely on telephones for
inter-service communication. Steve Kanellakos, the city's manager of emergency
protective services, says that this is a problem and would like to see the three
services sharing a single communications centre with a common radio system.
(Source: Ottawa Citizen, 25 July 2002)
Click here for the source article


Comment: Recent media reports concerning the response of emergency personnel on
September 11 to the World Trade Center state that a lack of communications
between fire and police services may have led to the deaths of many
firefighters.


IN BRIEF

Web TV Users Rerouted to 911 Services
An e-mail with the subject line "NEAT" has led Web TV users to download a
program that re-sets their dial-up number to call 911 emergency services.
(Source: CNET News.com, 23 July 2002)
Click here for the source article


Asteroid Monitored for Potential Impact with Earth
Astronomers are monitoring a newly sighted two-kilometre-wide asteroid after
initial calculations suggested that there is a chance it could hit the Earth.
NASA's Near Earth Object program ranked the asteroid as "meriting careful
monitoring," but not concern. (Source: CBC News, 24 July 2002)
Click here for the source article


Survey: Major Cyber Attack Very Likely
A recent survey conducted by the Business Software Alliance concluded that
nearly half of the U.S. security professionals surveyed believe that a "major"
cyber attack will happen in the coming year. The survey indicates that only 19
percent of businesses in the U.S. have taken the necessary precautions for a
major Internet attack and that 45 percent were unprepared. (Source: CNET
News.com, 24 July 2002)
Click here for the source article


Comment: The report, "U.S. Business Cyber Security Study", can be viewed at:
http://www.bsa.org/security/resources/1


Public Safety Wireless Network Conference Report
The ninth annual LI NYC (Long Island/NYC) Emergency Management Conference
reviewed the events of 11 September 2001 in New York City. The subsequent report
highlights, among other themes, the ways in which increased interoperability of
wireless networks can save lives. The report can be viewed at:
http://www.pswn.gov/library/docs/lessons_WTC.doc

Scientist to Market "Hacker-Proof" Hard Disk
A Japanese scientific researcher claims that a new hard drive with two heads may
make it impossible for hackers to access and rewrite data on systems. (Source:
PC WORLD.COM, 22 July 2002)
Click here for the source article

Comment: The hard disk is not going to stop all types of web site defacements or
exploits. For example, Code Red did not access the hard-disk, it changed the web
sites' home pages in the system memory.


Pentagon Relinquishes Wireless Frequencies
The Pentagon has agreed to shift some military communications to other
frequencies, freeing up space for advanced mobile phones and other wireless
products. (Source: CNN.com, 24 July 2002)
Click here for the source article






CYBER UPDATES
See: What's New for the latest Alerts, Advisories and Information Products

Threats

Sophos reports on WM97/Pri-AE, which is a Word 97 Macro virus that propagates
via Outlook e-mail. It arrives with the subject line "Message From <username>"
and the message body "This document is very Important and you've GOT to read
this !!!". http://sophos.com/virusinfo/analyses/wm97priae.html


Trend Micro reports on WORM_URICK.A, which is a worm that propagates via Outlook
e-mail. It arrives with the subject line "A Windows Trick" and the attachment
"%Variable filename%".
http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=WORM_URICK.A


Computer Associates reports on Assilem.M, which is a Word97 and 2000 macro virus
that does not have an overly destructive payload. On the 23rd of any month, it
displays a Chinese message.
http://www3.ca.com/virusinfo/virus.asp?ID=12628

Vulnerabilities

SecurityFocus reports on a remotely exploitable vulnerability in PHP Interpreter
versions 3.0 thru 4.2.2 that could allow an attacker to cause a
denial-of-service. No known patch is available at this time.
http://online.securityfocus.com/bid/5280/discussion/


CERT/CC reports on a remotely exploitable buffer overflow vulnerability in Sun
iPlanet and ONE Web Servers' search engine versions 4.1 & 6.0 that could allow
an attacker to execute arbitrary code on the system. Follow the link for patch
information.
http://www.kb.cert.org/vuls/id/612843


SecurityFocus reports on a locally exploitable vulnerability in Sun PC NetLink
1.0, 1.1 and 1.2 that could allow an attacker to gain access to sensitive files.
View the "Solution" tab for a workaround.
http://online.securityfocus.com/bid/5281/discussion/
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F27807


Additional vulnerabilities were reported in the following products:


Pablo Software Solutions FTP Server 1.0 information disclosure vulnerability
(SecurityFocus).
http://online.securityfocus.com/bid/5283/discussion/

Tools

Nmap 2.99RC1 is a utility for port scanning of large networks, which also works
for single hosts.
http://www.insecure.org/nmap/


Tiny Honeypot (thp) 0.4.3-2 is a simple honey pot program based on iptables
redirects, an xinetd listener and perl.
http://alpinista.dyndns.org/thp/


Linux Security Auditing Tool (LSAT) 0.5.9 is a post-install security auditing
tool.
http://www.dimlight.org/~number9/lsat/


The Logging Project (formerly salt) 0.8 are tools that provide centralized,
secure and fault-tolerant logging.
http://condor.gmu.edu/~jason/logging/


Samhain 1.5.4 is a file system integrity checker that can be used as a
client/server application for centralized monitoring of networked hosts.
http://samhain.sourceforge.net/surround.html?main_q.html&2


MIME Defanger 2.16 is a flexible MIME e-mail scanner designed to protect Windows
clients from viruses and other harmful executables.
http://www.roaringpenguin.com/mimedefang/




CONTACT US

For additions to, or removals from the distribution list for this product, or to
report a change in contact information, please send to:
Email: [EMAIL PROTECTED]

For urgent matters or to report any incidents, please contact OCIPEP’s Emergency
Operations Centre at:

Phone: (613) 991-7000
Fax: (613) 996-0995
Secure Fax: (613) 991-7094
Email: [EMAIL PROTECTED]

For general information, please contact OCIPEP’s Communications Division at:

Phone: (613) 991-7035 or 1-800-830-3118
Fax: (613) 998-9589
Email: [EMAIL PROTECTED]
Web Site: www.ocipep-bpiepc.gc.ca

Disclaimer
The information in the OCIPEP Daily Brief has been drawn from a variety of
external sources. Although OCIPEP makes reasonable efforts to ensure the
accuracy, currency and reliability of the content, OCIPEP does not offer any
guarantee in that regard. The links provided are solely for the convenience of
OCIPEP Daily Brief users. OCIPEP is not responsible for the information found
through these links.







IWS INFOCON Mailing List
@ IWS - The Information Warfare Site
http://www.iwar.org.uk


Reply via email to