******* Vendor Corner ******* NetScreen Offers New Generation of Security Solutions Security requirements continue to grow at the same unrelenting pace as the Internet itself, driven not only by e-businesses and enterprises but also the emergence of new types of service providers. CONQWEST, a leading Internet Security Integrator, believe that NetScreen Technologies, the leading provider of ASIC-based Internet security appliances and systems that deliver high-performance firewall, VPN, and traffic shaping functions to e-businesses, enterprises and service providers, represent the new generation of security solution "With the introduction of the NetScreen-1000 Gigabit Security System, Netscreen has proven that it is on the leading edge of meeting new market requirements," says CONQWEST CEO, Michelle Drolet. Leading service providers, enterprises and e-businesses have already chosen NetScreen security solutions for their bulletproof security features, price-performance and ease of installation and maintenance. Visit CONQWEST at http://www.conqwest.com/sp/mkt1 to learn more about NetScreen security solutions and to download a white paper on e-Commerce and protecting your web site. ******* What's new with SecurityPortal.com ******* Acceptable Use Policy Only a few years ago, companies with an Internet connection were a rarity. Today, the reverse is true - virtually every company has access. However, in addition to all of the perfectly valid business benefits Internet connectivity brings, there are significant drawbacks. Many of these drawbacks come in the form of internet misuse - leading some managers to dub it, the "World Wide Waste." Employees don't gather around the proverbial water cooler to exchange gossip, news, and jokes as they once did. Today, they use e-mail. They have stock market tickers, updated news reports, and their favorite radio show running continuously. The amount of time employees spend in non-work related Internet use adds up quickly. (And these examples don't even begin to look at the non-business uses possible with the shadier side of the Internet including pornography and other less-than-appropriate content.) These problems squander employee time as well as expensive bandwidth, which add up to significant financial impact. Controlling issues such as these have thrust the typical IT department into unfamiliar territory. IT departments are perfectly comfortable with technology issues, not with more social issues such as inappropriate web surfing. While it is true that technology such as content filters and mail scanners can help with control, the real issue is mostly one of policy. Specifically, most companies employ Acceptable Use Policies to address the issue. Simply stated, corporate policies are formal statements senior management use to inform the rest of the company of their desires. More specifically, the acceptable use policy addresses exactly what is and is not appropriate use of company IT resources. Read the full story here <http://securityportal.com/cover/coverstory20000529.html> ******* Vendor Corner ******* Strategic Security Summit 2000 In just three days, one group will reset the strategic roadmap for doing business online - Safely. Security has become the great equalizer for all business online. If you are ultimately responsible for conducting business online globally, you need to join us at Strategic Security Summit 2000 (SSS2000) in Helsinki on June 26-28,2000. You will share best practices with industry leaders and discuss global policy, technology, and business strategy, across industries and around the world. Speakers include the CIO's from Microsoft and AOL, CEO of CyberSafe, leaders from Bank of America, Hewlett-Packard, and the ALA. To learn more about the event, and to register, visit our Web site at www.sss2000.com. ******* Top News ******* May 29, 2000 Welcome to SecurityPortal.com - The focal point for security on the Net Recent postings in our top news <http://www.securityportal.com/topnews> : May 29, 2000 Weekly Security Digests <http://securityportal.com/research/research.wd.html> - Posted every Monday: Axent(Raptor), BSD, Check Point, Linux, Microsoft and Solaris. The Digests report on issues covered in various mailing lists so you don't have to sort through them all. Advisories, Alerts, News and a Tip of the Week are also included. BSD Today: FreeBSD vs. OpenBSD as a firewall platform <http://www.bsdtoday.com/2000/May/Features165.html> - The first bridge that we had to cross was getting people to accept an open source firewall package. Everyone knows and trusts products like Checkpoint and Cisco's Pix firewall. A firewall is a key part of the security infrastructure. It is a stretch to ask management to trust a product, they may have never heard of, for such an important part of the network May 27, 2000 Resume Worm <http://securityportal.com/research/virus/profiles/w97mmelissabg.html> - W97M.Melissa.BG is a macro written in VBA (Visual Basic for Applications) for Microsoft Word. Although W97M.Melissa.BG could potentially be embedded within any Microsoft Word document, it is typically embedded within a 40.5KB file named Explorer.doc. As with any other Word Macro Virus, a user must manually trigger W97M.Melissa.BG by opening an infected document; in this case, Explorer.doc. When launched the virus replicates by sending an e-mail to all addresses in the infected users address book. The virus will also attempt a mass deletion of files on local and mapped harddrives. LinuxToday: TurboLinux Security Announcement <http://linuxtoday.com/news_story.php3?ltsn=2000-05-27-003-04-SC-TL> - The gpm-root program, included in the gpm package, contains a programming error whereby a call to setgid() fails, and defaults to the group of the gpm-root binary. The group for the gpm-root binary in the affected installations is root. Package: gpm-1.19.1 and earlier CNN: FBI warns of dangerous new e-mail virus <http://cnn.com/2000/TECH/computing/05/27/new.virus.resume/index.html> - A new and dangerous computer virus that spreads through e-mail systems struck Friday and drew a warning from the FBI. The virus, carried in an e-mail attachment supposedly containing a job applicant's resume, was sent to corporate computers in the United States May 26, 2000 CERT Advisory: Inconsistent Warning Messages in Netscape Navigator <http://www.cert.org/advisories/CA-2000-08.html> - A flaw exists in Netscape Navigator that could allow an attacker to masquerade as a legitimate web site if the attacker can compromise the validity of certain DNS information. This is different from the problem reported in CERT Advisory CA-2000-05, but it has a similar impact. If a user visits a web site in which the certificate name does not match the site name and proceeds with the connection despite the warning produced by Netscape, then subsequent connections to any sites that have the same certificate will not result in a warning message NAI: More information on Cybernet virus <http://vil.nai.com/villib/dispvirus.asp?virus_k=98659> - Virus contains subject line "You've GOT Mail !!!". This virus contains a date activated payload which will attempt to reformat systems running Windows 9x operating system. See also May 25 Top News ComputerUser: Secure Web-2-WAP File Transfers now Possible <http://currents.net/news/00/05/25/news3.html> - While it is possible to encrypt selected sections of the Web using a desktop PC with conventional browser and Internet access facilities, WAP microbrowsers are still where Web browsing was in the mid-1990s. Now StoragePoint.com says it has come up with a security system that supports secure Web-based file transfers with WAP-enabled mobile phones TechWeb: Microsoft Delays Outlook Security Update <http://www.techweb.com/wire/story/TWB20000525S0008> - Microsoft said new security features for its Outlook e-mail program will be delayed until next week. The Redmond, Wash., software maker said last week that it will offer the Outlook e-mail security update in the wake of the destructive "ILOVEYOU" virus that spread via the program. The patch was scheduled to be available this week for Outlook 98 and Outlook 2000 customers, but the company said it is withholding the update to add capabilities BBC: Watching while you surf <http://news.bbc.co.uk/hi/english/sci/tech/newsid_762000/762514.stm> - The UK is leading the world when it comes to high-tech spying on its citizens, say civil liberty and privacy groups CNet: Mitnick gains legal muscle in challenge of speaking ban <http://news.cnet.com/news/0-1005-200-1951220.html?tag=st.ne.1002.thed.ni> - Hacker celebrity Kevin Mitnick will get some free high-powered legal help as he prepares to challenge a condition of his prison release that effectively bars him from writing or speaking about the computer industry May 25, 2000 NetworkMagazine: Foiling the Internet Spooks <http://www.networkmagazine.com/magazine/current/0005global.htm> - A new security standard due in summer 2000 will dramatically improve end-user security-and just in time. With accusations that governments may be prying into Internet e-mail, network managers need a faster, more powerful encryption algorithm than ever before. VNUNet: Cirrus network gets big security boost <http://www.vnunet.com/News/1102280>- European payments system company Europay International said today it will use hardware security products to greatly enhance the security of financial transactions on its enhanced payments network, EPS-Net (European Payment Services). NandoTimes: Hackers disable NHL Web site <http://www.nandotimes.com/technology/story/0,1643,500208193-500291105-50158 3252-0,00.html> - NHL officials are trying to figure who disabled the league's official Web site. Tom Richardson, general manager of the NHL's Interactive Cyber Enterprises, said Wednesday it was uncertain if one or more hackers had gotten into the site, NHL.com. IDG: EU to streamline export controls on encryption <http://idg.net/ic_181945_1773_1-483.html> - The European Union will approve a more rational EU-wide system to ease the control on the export of dual-use goods including encryption technologies among the 15 member states by the end of this month, according to an EU official MSNBC: Love bug prompts security experts to poke at Microsoft's weak points <http://msnbc.com/news/411562.asp>- The world-wide attack of the "love bug" computer virus on May 4, and last week's less widespread replay, called attention to security problems in Outlook, Microsoft's e-mail program. The outbreaks highlighted the way Outlook can launch potentially dangerous software programs and spread them to the hundreds or thousands of other e-mail addresses in a computer's electronic address book - with just a single click of a mouse. In the case of the love bug, all it took was the simple act of opening an e-mail attachment CERT: MS Office 2000 UA ActiveX Control Incorrectly Marked "Safe for Scripting" <http://www.cert.org/advisories/CA-2000-07.html> - The Microsoft Office 2000 UA ActiveX control is incorrectly marked as "safe for scripting". This vulnerability may allow an intruder to disable macro warnings in Office products and, subsequently, execute arbitrary code. This vulnerability may be exploited by viewing an HTML document via a web page, newsgroup posting, or email message May 24, 2000 FCW: Experts lecture feds on cybersecurity <http://www.fcw.com/fcw/articles/2000/0522/web-cyber-05-24-00.asp> - Congressional funding to curtail cybercrime has been focused on law enforcement and existing programs, but the real solution will come from education, research and development programs, federal officials said Tuesday. ZDNet: BMC beefs up its 'patrol' of IT resources <http://www.zdnet.com/eweek/stories/general/0,11011,2574361,00.html> - BMC Software Inc. on Monday introduced several new tools in its merged product portfolio, reflecting integration work done with technologies acquired over the last 24 months. ZDNet: Beware of the security zealot <http://www.zdnet.com/zdnn/stories/comment/0,5859,2573856,00.html> - In a certain way, the "hunters" couldn't have been more different. Ex-hacker Chris Davis was responsible for cornering the Welsh teenage Curador - the 18-year-old computer security consultant turned computer criminal - who thought it was cool to snare credit cards from mom-and-pop Web sites and post them where all could see and admire his cunning. It took Davis two days to locate Curador's name, address and phone number. ABCNews: Pentagon Initiates DEF-CON-style Warnings for Computer Threats <http://abcnews.go.com/sections/tech/DailyNews/pentagon000523.html> - Following the "Love Bug" computer virus earlier this month, the Pentagon has now decided to post warnings when it is under an information warfare attack - much as it would if there was a more traditional military or terrorist threat. Wired: A DoubleClick Smokescreen? <http://wired.com/news/business/0,1367,36404,00.html> - DoubleClick is trying hard to convince watchdogs it has reformed its privacy-invading ways. Its recent announcement of a consumer privacy advisory board may be hollow, some say CNet: Swarm of Yahoo bugs raises security questions <http://news.cnet.com/news/0-1005-200-1933988.html?tag=st.ne.1002.thed.ni> - For the third time in recent months, Yahoo has acknowledged software glitches that have compromised the integrity of people's accounts. In the current instance, "My Yahoo" account holders found themselves shut out of their accounts, in some cases finding that other people had signed up successfully with their usernames Scenarios: Analyzing Future Computer Trends and Threats <http://securityportal.com/topnews/scenarios20000524.html> - Computer security plays out mostly as a game of "catch-up." The latest threat hits the servers, then the media, and everyone scrambles to react. A "plague of the week" syndrome is the motif for much of what happens in the IT community. For warfare generates chaos, and managing chaos is about as easy as building a house with bricks of Jell-O. Computer security specialists should then look to a profession where managing chaos is just another logistical challenge: the military. Generals, even in the midst of a war's chaos, ask two fundamental questions: "What are the enemy's capabilities?" and "What are their intentions?" NWFusion: Federal agencies urged to secure networks <http://www.nwfusion.com/news/2000/0523agencies.html?nf> - Agencies need to move quickly to secure their critical networks even without the immediate backing of Congress and the president, federal officials urged. It will take time before Congress can act on the president's recommendations for critical infrastructure protection (CIP) within the National Plan for Information Systems Protection, said Jeffery Hunker, director of transnational threats at the National Security Council, at the CIP 2000 Conference ZDNet: White House urges industry to handle online privacy <http://www.zdnet.com/zdnn/stories/newsbursts/0,7407,2575087,00.html?chkpt=p 1bn> - The Clinton administration said Tuesday it preferred to have industry find ways to protect online privacy rather than create new federal policing authority May 23, 2000 32BitsOnline: ILOVEYOU too, Microsoft. . . <http://www.32bitsonline.com/article.php3?file=issues/200005/iloveMS&page=1> - As the latest mutation of the "Iloveyou" email -- what -Virus? Trojan? Worm? Trojan worm? -- plugs up networks worldwide worse than Cheddar in Chihuahuas, and as an added feature, renames a few .JPG files along the way, Microsoft Outlook users and MCSE's big and small have little recourse except to give in to grave wailing and the gnashing of teeth. And scrub their Registry. And pray the thing doesn't get more virulent tomorrow. SecurityFocus: Focus On Linux: Intrusion Detection on Linux <http://www.securityfocus.com/focus/linux/articles/linux-ids.html> - This article focuses on several host-based intrusion detection systems that are available on Linux. In particular, I will cover some of the basics of installing setting up these packages, how they are useful, and in what circumstances they can be used. USAToday: Microsoft programs vulnerable to viruses <http://www.usatoday.com/life/cyber/tech/cth950.htm> - More than 45,000 viruses infect PCs running the Windows operating system worldwide. Several have caused billions of dollars in damage in the past 12 months. Hundreds more viruses appear each year, requiring armies of anti-virus programmers to isolate and kill the offending bugs. By contrast, perhaps 35 viruses have been written for the Macintosh and four or five for the Unix-based computers that run most Web sites, says Eugene Spafford, director of the Computer Operations, Audit and Security Technology lab at Purdue University. HeiseOnline: European Union sets free export of encryption products <http://www.heise.de/tp/english/inhalt/te/8179/1.html> - The European ministers of Foreign Affairs are expected to decide monday to lift all barriers to the export of encryption software to countries outside the European Union. Till now, companies wanting to export encryption products had to ask for permission. The authorities first investigated if the buyer was 'secure'. Intelligence services also investigated the products, which made it possible to copy the keys or demand weakening of the encryption standard as a condition for approval. Nandotimes: FTC seeks to oversee Web privacy <http://www.nandotimes.com/technology/story/body/0,1634,500207162-500289092- 501566171-0,00.html>- In a stark reversal of policy, the Federal Trade Commission asked Congress on Monday for authority to regulate how companies use personal information collected on their Web sites. The commission recommended that lawmakers pass legislation to bolster its ability to oversee online privacy, concluding that the industry has failed to safeguard consumer privacy through self-regulation. netAssets: SA police take on cybercrime <http://www.netassets.co.za/netassets/sitewide/content/direct/1,2275,621905- 5858-0,00.html> - A new police cybercrime unit will soon be launched to take on criminals operating in cyberspace. The criminal activities of hackers and cyberpunks are to come to an abrupt end when a new police cybercrime unit invades their space. The South African Cybercrime Unit is expected to be in operation as soon as possible, says Nasser Mohammed, the director of crime services at the South African Police Services (SAPS). AustralianIT: Laptops stolen from Parliament <http://australianit.com.au/common/storyPage/0,3811,715221%255E442,00.html> - FIVE laptop computers worth about $30,000 have been stolen from Parliament House in what appears to have been an inside job. The laptops could allow hackers access to the parliamentary network, a Senate committee heard today. They were taken over a short period of time from secured areas at parliament. IDG: Serious e-commerce requires security tuned at the application level <http://www.idg.net/ic_180104_1794_9-10000.html> - The smallest e-commerce Web site that offers personalized content and the biggest business-to-business online marketplace have one thing in common: the need to give specific users access to discrete portions of behind-the-scenes data Currents: Kyl Gears up for Another Cybercrime-Fighting Bill <http://www.computercurrents.com/news/00/05/23/news7.html> - In a bid to broaden federal law enforcers' cybercrime-fighting arsenals, Sens. John Kyl, R-Ariz., and Dianne Feinstein, D-Calif., are preparing to introduce legislation that would double the maximum jail term for hackers convicted under federal law Hardening Solaris - Secure installation of Bastion hosts <http://securityportal.com/topnews/solaris_hardening20000523.html> - This article presents a concise step-by-step approach to securely installing Solaris for use in a firewall DMZ or other sensitive environment, using the Yassp tool and ,with Solaris 8, the Sunscreen EFS firewall. SJ Mercury: FTC seeks New powers to boost Web Privacy <http://www.sjmercury.com/svtech/news/breaking/internet/docs/96597l.htm> - The U.S. Federal Trade Commission urged Congress on Monday to grant it new powers to protect consumers' online privacy, saying self-regulation by industry was falling "far short." ComputerUser.com: Magex Teams With AudioSoft on Online Music Tracker <http://www.currents.net/news/00/05/22/news3.html> - E-commerce company Magex has teamed up with AudioSoft, a digital copyright firm, to develop a digital watermark and security system for use with online music Cisco: Secure PIX Firewall FTP Vulnerabilities <http://www.cisco.com/warp/public/707/pixftp-pub.shtml> - The Cisco Secure PIX Firewall interprets FTP (File Transfer Protocol) commands out of context and inappropriately opens temporary access through the firewall. This is an interim notice describing two related vulnerabilities May 22, 2000 Wired: Hacker Rails Against New Worm <http://www.wired.com/news/technology/0,1282,36477,00.html> - A computer hacker from Australia has the sneaking suspicion that someone copied key aspects of a nondestructive worm he circulated last week, and turned it into the "NewLove" virus that panicked, among others, the FBI and Janet Reno. TheTimes: Security alert as thief grabs military laptop <http://www.the-times.co.uk/news/pages/sti/2000/05/21/stinwenws01039.html> - A SECURITY review was under way last night after a thief snatched an intelligence officer's laptop computer from a London railway station. The thief took the �2,000 machine after following a naval intelligence officer onto a train at Paddington. IT-Analysis: New Love virus fails to spread <http://www.it-analysis.com/00-05-22-3.html> - The FBI put its reputation on the line last week to warn computer users the world over about the impending threat of a new virus that threatened to take down corporate networks. Like the recent Love Bug, this too came as an e-mail attachment but thanks to its mutating capabilities it promised to infiltrate more e-mail boxes than the Love Bug, which gave itself away with the notable subject line. NWFusion: Outlook patch called overkill <http://www.nwfusion.com/news/2000/0522outlook.html?nf> - The patch for Outlook 98 and 2000 totally blocks attachments such as .bat, .exe, .vbs. and 35 other extensions. The patch also won't let programs access the Outlook Address Book. The ILOVEYOU virus and others used the address book to quickly spread their havoc. Scripting, however, remains activated unless a user manually blocks it Techweb: Virus Protection Is Available Online <http://www.techweb.com/wire/story/TWB20000522S0006> - From Chernobyl to Melissa to variations on Love, cyberspace is a breeding ground for dangerous bugs. Fortunately, there are plenty of places from which to download information, patches, and protective utilities -- and perhaps a vaccine against the next outbreak. ZDNetUK: XML and how to secure it <http://www.zdnet.co.uk/news/2000/20/ns-15500.html> - The eXtensible Markup Language (XML) is widely seen as the successor to HTML. It is considered so important that it has been described as the new Ascii of the Internet, allowing interaction between different hosts regardless of operating system. But what is it, and why is it so important? ******* What's new with SecurityPortal.com ******* Closed Group Discussion Alternatives One thing I have noticed over the last few years is the growth of private online communities. It does not seem too strange that an infrastructure such as the Internet, originally designed to encourage the open sharing of information, would be utilized to privately share information. The Internet has literally exploded in the last few years, and there are something like 100+ million people online now. Heck, many in the elder generations are even using it now and the attitude of the web has gone from alternative to mostly elevator muzzak. On a whole this has resulted in a large disparity in skill, attitude, netiquette (many people still do not know what that means, even "old timers") and usage. Many technical and professional people find it annoying that all these "commuters" (my term for people that simply surf the web, use e-mail and otherwise use the Internet in rather simplistic ways) are clogging up the networks, and generally making a nuisance of themselves. There are also many situations where people wish to share information, and have conversations that they feel are private or privileged, which they don't want other people to be able to listen to or participate in. So what software is available to create these private communication channels, and what all is needed to set them up? Well, there are about a million different ways to communicate over the Internet, some interactive, some store and forward, some covert, some are rather obvious. Which one you use should depend on your goals and requirements. Do you need the channel to be secret, or is knowledge of it's existence acceptable? Are you worried about people snooping (accidentally or otherwise) in on the conversation? Does the communication need to be in real time, is it one to one, one to many, is the network it moves over reliable? Are you worried about people sending fake or spoofed messages? Read the full story at <http://securityportal.com/closet/closet20000524.html> *******New From SecurityPR.com******** McAfee Outbreak Manager Stops Email-Based Viruses Like Love Bug and NewLove Before Outbreaks Can Start <http://www.nai.com/asp_set/about_nai/press/releases/pr_template.asp?PR=/Pre ssMedia/05252000-B.asp&Sel=763> - First Proactive Internet Virus Security Solution - Specifically Designed To Protect Against Email-Based Attacks. Jaws Technologies introduces first comprehensive security solution designed specifically for the ASP market <http://micro.newswire.ca/releases/May2000/24/c7683.html/15536-0> - Offering Online Data Backup and Recovery and Secure Network Storage, JAWS ASPvault Addresses Key Concerns of ASPs and Customers. WetStone & SM&A Release Linux Deleted File Recovery Tool <http://www.wetstonetech.com> - WetStone Technologies, Inc. and SM&A are announcing the release of Extractor, a Linux RedHat� deleted file recovery tool. The technology will assist law enforcement, government and commercial organizations in retreving maliciosly or accidentally deleted files within a Linux environment. The technology was initially invented to assist the N.Y. State Police Forensic Investigation Center (FIC) with the extraction of deleted data from a Linux RedHat computer system taken as evidence on a case. Enter your own Press Releases directly at SecurityPR.com. http://securitypr.com ******************************************* Tell us how we are doing. Send any other questions or comments to [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> . Michael McCrea SecurityPortal.com - the Focal Point for Security on the Net [EMAIL PROTECTED] -------------------------------------------------------------------------- Utk berhenti langganan, kirim email ke [EMAIL PROTECTED] Informasi arsip di http://www.linux.or.id/milis.php3 Pengelola dapat dihubungi lewat [EMAIL PROTECTED]
