Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
[ISN] Windows & .NET Magazine Security UPDATE - November 12, 2003
From: InfoSec News (isnc4i.org)
Date: Thu Nov 13 2003 - 07:50:49 CST
==== This Issue Sponsored By ====
Protocom Development Systems
VeriSign - The Value of Trust
1. In Focus: Is It Time for Security Bug Bounties?
- Order Windows & .NET Magazine and the Article Archive CD at One Low
- We Need Your Feedback
3. Security News and Features
- Recent Security Vulnerabilities
- News: Microsoft Funds Bounty Hunters to Track Down Malicious Coders
- Buyer's Guide: Single Sign-On Products
- News: NetScreen Announces Deep Inspection Firewall
4. Instant Poll
- Results of Previous Poll: Work Responsibilities
- New Instant Poll: Security Bug Bounty
5. Security Toolkit
- Virus Center
- FAQ: When does Windows Installer use elevated privileges?
- Featured Thread: Encrypting AD
- Check Out 4 New Upcoming Web Seminars
7. New and Improved
- Firewall Appliances Offer Integrated Security
- Cobion Adds Sophos Virus Detection
- Tell Us About a Hot Product and Get a T-Shirt
8. Contact Us
See this section for a list of ways to contact us.
==== Sponsor: Protocom Development Systems ====
Single sign-on does exist, even for heterogeneous environments, with
SecureLogin Single Sign-On or SecureLogin Password Management Suite.
Increase security while enhancing the end-user experience. It is
possible. SecureLogin was named TechEd Best of Show in the security
category. Request your evaluation copy of SecureLogin Single Sign-On.
==== 1. In Focus: Is It Time for Security Bug Bounties? ====
by Mark Joseph Edwards, News Editor, mailto:markntsecurity.net
A few weeks ago, I wrote about the Microsoft Most Valuable Professional
(MVP) program in which some MVPs will be allowed restricted access to parts
of Microsoft's code. I expressed doubts that such code access would have
any significant effect on the security of Windows platforms.
One reader pointed out that many MVPs are talented people who do
occasionally find security problems in Microsoft code. I have no idea who
participates in the MVP program. I do know that a vast pool of proven
programmers who understand security regularly discover bugs in code even
without being able to examine source code. So I, along with others, wonder
what could such people achieve if they could view source code.
You might have heard the news by now that Microsoft has put a $250,000
bounty on the heads of the person or people who unleashed the MSBlaster and
Sobig worms onto the public. The bounty money is part of a $5 million fund
Microsoft has launched to aid the capture of future malicious code writers.
You can link to the story from the Security News and Features section
I expect most of you think it sounds reasonable to offer a reward, and I
agree. However, I wonder why the company doesn't create a similar or larger
fund to reward those who capture and correct bugs in its software? A bug
bounty would benefit the public as much, or perhaps even more than the
capture of a few contemptuous criminals. What better way to convert
potential perpetrators (and keep honest people honest) than by putting them
indirectly on the payroll by offering them bounty money to seek out
security bugs in the world's most widely used code base? Microsoft's
reputation and public image, its products, and public safety around the
world would benefit. Many people have expressed similar sentiments in
various online forums, but will such an idea ever become a reality through
Microsoft--or any other software company? We'll have to wait and see.
We're conducting a new poll this week that asks the question, "Regarding
Microsoft's $5 million bounty to capture and convict malicious coders,
could the money be better spent?" Stop by the Windows & .NET Magazine
Security Hot Topic home page and offer your answer.
==== Sponsor: VeriSign - The Value of Trust ====
Secure all your Web servers now - with a proven 5-part strategy. The
FREE Server Security Guide shows you how:
* DEPLOY THE LATEST ENCRYPTION and authentication techniques
* DELIVER TRANSPARENT PROTECTION with the strongest security without
disrupting users. And more. Get your FREE Guide now:
==== 2. Announcements ====
(from Windows & .NET Magazine and its partners)
Order Windows & .NET Magazine and the Article Archive CD at One Low Rate!
What's better than Windows & .NET Magazine? Try Windows & .NET Magazine
and the Windows & .NET Magazine Article Archive CD at one super low
rate. Read Windows & .NET Magazine in the office. Take the Article
Archive CD with you on the road. Subscribe now!
We Need Your Feedback
In order to improve our security-related content in our Microsoft
Security Watch newsletter, we need your opinion about what issues are of
greatest importance to you and your organization. It only takes a few
minutes to respond and complete the survey at
==== Sponsor: Virus Update from Panda Software ====
Check for the latest anti-virus information and tools, including weekly
virus reports, virus forecasts, and virus prevention tips, at Panda
Software's Center for Virus Control.
Viruses routinely infect "fully protected" networks. Is total protection
possible? Find answers in the free guide HOW TO KEEP YOUR COMPANY 100%
VIRUS FREE from Panda Software. Learn how viruses enter networks, what
they do, and the most effective weapons to combat them. Protect your
network effectively and permanently - download today!
==== 3. Security News and Features ====
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security Alerts,
which inform you about recently discovered security vulnerabilities. You
can also find information about these discoveries at
News: Microsoft Funds Bounty Hunters to Track Down Malicious Coders
Microsoft announced that it has created a new program, the Anti-Virus
Reward Program, and funded it with $5 million to pay for information
leading to the arrest and conviction of virus spreaders. The company
said the new program is "an old fashioned criminal justice tactic to
help solve a modern day problem."
Buyer's Guide: Single Sign-On Products
In many organizations, users struggle with having to sign on multiple
times to access different applications, Web portals, and servers. As the
number of mandatory unique sign-ons grows, the burden on users to
remember numerous usernames and passwords increases. Unfortunately,
reducing the need for multiple sign-ons isn't a simple task. Here are
some products that help ease authentication.
News: NetScreen Announces Deep Inspection Firewall
NetScreen Technologies announced a new type of firewall, which the
company has named the Deep Inspection firewall. The firewall provides
application-level intrusion protection along with stateful inspection
==== 4. Instant Poll ====
Results of Previous Poll: Work Responsibilities
The voting has closed in the Windows & .NET Magazine Network Security
Hot Topic nonscientific Instant Poll for the question, "Which of the
following options best describes your work-related responsibilities?"
Here are the results from the 52 votes.
- 17% Administration only
- 4% Administration and auditing
- 52% Administration, auditing, and network monitoring
- 10% Networking monitoring and auditing
- 17% Development
New Instant Poll: Security Bug Bounty
The next Instant Poll question is, "Regarding Microsoft's $5 million
bounty to capture and convict malicious coders, could the money be
better spent?" Go to the Security Hot Topic home page and submit your
- Yes, by paying non-Microsoft security researchers to find bugs
- Yes, by paying Microsoft programmers to find bugs
- Yes, by paying both non-Microsoft researchers and Microsoft
- No, it's exactly the thing to do
==== 5. Security Toolkit ====
Panda Software and the Windows & .NET Magazine Network have teamed to
bring you the Center for Virus Control. Visit the site often to remain
informed about the latest threats to your system security.
FAQ: When does Windows Installer use elevated privileges?
by John Savill, http://www.winnetmag.com/windowsnt20002003faq
A. You can use a tool such as Group Policy to perform a managed
installation of a Windows Installer file, or you can manually install a
Windows Installer file. Some applications that you install with a Windows
Installer file require elevated privileges to access file system areas or
registry keys. When you use a tool such as Group Policy to install a
Windows Installer file that deploys an application to a user's system, the
application runs with elevated privileges (e.g., system permissions) that
replace the user's limited permissions. However, when a user uses a Windows
Installer file to install an application manually, the installation is
limited by the user's current privilege level, which might cause some
installations to fail.
You can configure a system to run all Windows Installer installations,
including manual installations, with elevated privileges. However, keep in
mind that doing so carries the risk that a skilled user could use the
elevated privileges to access areas of the system that would otherwise be
protected. For information about how to configure all Windows Installer
installations to use elevated privileges, see the FAQ "How can I configure
all Windows Installer installations to run with elevated privileges?"
If you enable a Group Policy Object (GPO) to let all installations run with
elevated privileges, be aware that if you install an application on a
per-machine basis (i.e., all users on that machine can use it), any repair
operations performed for that application will run with elevated
privileges, even if you remove the GPO. If, however, you install an
application on a per-user basis, then remove the GPO, any attempts to
repair that application might fail because the elevated privileges no
Featured Thread: Encrypting AD
(Four messages in this thread)
Chris wants to know whether he can encrypt the Windows 2000 Active
Directory (AD) components, namely the C:\winnt\ntds folder and its
contents (ntds.dit and log files), and the C:\winnt\sysvol folder and
its contents. He has just implemented the Encrypting File System (EFS)
to encrypt Microsoft SQL Server, and he'd like to do the same for the AD
folders. If applying EFS isn't possible, can he secure the contents of
AD some other way? Lend a hand or read the responses:
==== 6. Event ====
Check Out 4 New Upcoming Web Seminars
Sign up today for these upcoming Web seminars: Access Control for the
Web (NEW!), Assess IM Risks on Your Network, Five Keys to Choosing the
Right Patch Management Solution, and The Secret Costs of Spam ... What
You Don't Know Can Hurt You. Don't miss these free events!
==== 7. New and Improved ====
by Jason Bovberg, productswinnetmag.com
Firewall Appliances Offer Integrated Security
Symantec announced the Symantec Gateway Security 5400 Series, the
company's new line of firewall appliances. The appliances offer
customers a ready-to-deploy network security solution designed to
protect against various types of malicious threats, including blended
Internet threats such as Blaster, Slammer, and Sobig. The solutions
provide comprehensive gateway-level protection by integrating
intrusion-prevention, intrusion-detection, antivirus, content-filtering,
VPN, and antispam technologies in one device. The Symantec Gateway
Security 5400 Series comes in three models--the 5420, 5440, and
5460--starting at an estimated retail price of $3995. For more
information about the firewall appliances, contact Symantec on the Web.
Cobion Adds Sophos Virus Detection
Cobion announced that it will add the Sophos virus-detection engine as a
plugin to its email-security product, OrangeBox Mail 2.0. OrangeBox Mail
2.0 checks all incoming and outgoing email messages and filters spam.
Sophos's virus-detection technology checks all incoming, outgoing, and
internal mail messages for viruses before the messages arrive at the
user's mailbox or are sent out to the Internet. The software refuses and
quarantines any attachments that contain viruses. For more information
about OrangeBox Mail 2.0 and Sophos, contact Cobion and Sophos on the
Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving you
time or easing your daily burden? Tell us about the product, and we'll
send you a Windows & .NET Magazine T-shirt if we write about the product
in a future Windows & .NET Magazine What's Hot column. Send your product
suggestions with information about how the product has helped you to
==== Sponsored Links ====
Comparison Paper: The Argent Guardian Easily Beats Out MOM
Check out our free web seminar on The Costs of Spam - Nov. 18!
==== 8. Contact Us ====
About the newsletter -- letterswinnetmag.com
About technical questions -- http://www.winnetmag.com/forums
About product news -- productswinnetmag.com
About your subscription -- securityupdatewinnetmag.com
About sponsoring Security UPDATE -- emedia_oppswinnetmag.com
This email newsletter is brought to you by Security Administrator, the
print newsletter with independent, impartial advice for IT administrators
securing Windows and related technologies. Subscribe today.
Copyright 2003, Penton Media, Inc.
ISN is currently hosted by Attrition.org
To unsubscribe email majordomoattrition.org with 'unsubscribe isn'
in the BODY of the mail.