OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: The SANS Institute (sans+ZZ8768777450705738sans.org)
Date: Wed May 02 2001 - 14:05:18 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    To: Security Express (SD397643)
    From: Alan for the SANS NewsBites service
    Re: May 2 SANS NewsBites

    *************************

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Finally! The long-awaited Windows 2000 security guides are available in
    electronic format. Windows 2000 Security Step-by-Step (62 pp.) covers
    essential security steps to be taken before connecting a Windows 2000
    computer to the Internet. Windows 2000 Security Vulnerabilities and
    Solutions (275 pp.) covers the top ten security bugs in Windows 2000
    and many, many more. It is a guide and update service that provides
    periodic (generally monthly) summaries of Windows security threats and
    what to do about them. Both electronic documents are available at half
    price until May 20.
    Order them from: http://www.sansstore.org/

    The real-time SANS News Service is now operational (and it's free). It
    is very simple but provides an up-to-the-minute summary of the current
    news stories covering security and viruses. Runs on Windows desktops.
    Pick it up at: http://www.sans.org/snb/index.htm

                                   AP

    **********************************************************************

                                 SANS NEWSBITES

                     The SANS Weekly Security News Overview

    Volume 3, Number 18 May 2, 2001

    Editorial Team:
         Kathy Bradford, Crispin Cowan, Roland Grefer, Bill Murray,
       Stephen Northcutt, Alan Paller, Howard Schmidt, Eugene Schultz

    **********************************************************************

    TOP OF THE NEWS

    30 April 2001 Federal Web Sites Attacked
    26 & 27 April 2001 NIPC Warns of Potential for Increased Cyber Attacks
    27 April 2001 Cyber Vigilantism May be on the Rise
    27 April 2001 Wireless (In)Security
    26 April 2001 SDMI Researchers Won't Present Paper
    25 & 26 April 2001 Microsoft Support Server Gives Worm to Best
                        Customers
    23 April 2001 Ford Files Suit Against 2600 Enterprises in Redirect
                   Case

    THE REST OF THE WEEK'S NEWS
    27 April 2001 IBM Plans Intelligent Computer
    27 April 2001 Still More Egghead Controversy
    26 April 2001 FAA Security Awareness Outreach
    25 April 2001 DISA Official Urges User Accountability for Security
    24 & 27 April 2001 Software Guards Against Mass E-Mailing Viruses
    24 & 25 April 2001 Global Internet Fraud Web Site
    24 April 2001 Connecticut Teen Faces Cyber Intrusion Charges
    23 April 2001 Enhanced Security Can Reduce Accessibility: The Security
                   Manager's Journal
    23 April 2001 NIST Security Grants
    23 April 2001 GAO Report Suggests Citizens' Privacy is at Risk from
                   Data Sharing
    20 April 2001 BT Web Site Security Glitch
    19 April 2001 Cyber Sabotage Verdict Set Aside

    UPCOMING TRAINING PROGRAMS FOR SECURITY PROFESSIONALS

    Baltimore, May 13-20 - SANS 2001
    London, June 20-23 - SANS Parliament Square
    Washington, DC, July 30- Aug 4, SANS FIRE
    Plus Minneapolis, Honolulu, Dallas, Atlanta, Denver, Ottawa, San Juan,
    and Kuala Lumpur
    See: http://www.sans.org

    ************** This issue sponsored by PentaSafe, Inc. ***************

    WRITE YOUR INFORMATION SECURITY POLICIES IN A DAY!

    INSTANT, DEFINITIVE, UP-TO-DATE POLICIES!
    INFORMATION SECURITY POLICIES MADE EASY Version 7 is a compilation of
    1000+ already-written information security policies in both text and
    CD/ROM. Save thousands of dollars while developing security policy
    documents in minutes.

    Find out more at http://www.pentasafe.com/products/policyoverview.htm

    **********************************************************************

     --30 April 2001 Federal Web Sites Attacked
    Federal officials believe that Chinese hackers have defaced several
    government agency sites and completely disabled another. One affected
    agencies, the Department of Health and Human Services, added extra
    security to its web site before putting it back on line.
    http://www.cnn.com/2001/TECH/internet/04/30/china.hacking.ap/index.html

     --26 & 27 April 2001 NIPC Warns of Potential for Increased Cyber
                           Attacks
    The National Infrastructure Protection Center (NIPC) warned US
    businesses to prepare to defend against increased cyber attacks from
    China during the first week of May which encompasses May Day, Youth Day,
    and the anniversary of the accidental NATO bombing of the Chinese
    embassy in Belgrade.
    http://www.zdnet.com/zdnn/stories/news/0,4586,2712904,00.html
    http://www.cnn.com/2001/TECH/internet/04/26/hacker.warning/index.html
    http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO60022,00.html

     --27 April 2001 Cyber Vigilantism May be on the Rise
    A panel of security experts at the Infosecurity show warned that
    companies' reluctance to call in law enforcement to deal with cybercrime
    could lead to cyber vigilantism. One survey suggests that 70% of
    companies that have been victims of cyber attacks would employ counter
    measures. The debate emphasized the need for firms to get their security
    infrastructure robust enough to frustrate attackers in the first place.
    Businesses that "take matters into their own hands" run the risk of
    breaking laws and of striking back at the wrong target.
    http://www.theregister.co.uk/content/8/18553.html

     --27 April 2001 Wireless (In)Security
    Many wireless networks are apparently running no security, allowing
    anyone with relatively inexpensive equipment to drive by and check out
    network activity. Malicious eavesdroppers could steal passwords, access
    servers, commandeer web sites or shut down networks altogether. Virtual
    Private Network (VPN) software can secure wireless networks.
    http://www.msnbc.com/news/565275.asp?0nm=T18L

     --26 April 2001 SDMI Researchers Won't Present Paper
    Bowing to legal threats from the Recording Industry Association of
    America (RIAA) and two other groups, the team of researchers who cracked
    a watermarking content protection system will not present a paper
    detailing their methods.
    http://www.wired.com/news/politics/0,1283,43353,00.html

     --25 & 26 April 2001 Microsoft Support Server Gives Worm to Best
                           Customers
    A Microsoft technical support server exposed 26 of the company's largest
    customers to the FunLove worm last week. The server in question did
    not have antivirus software installed. Microsoft e-mailed all users of
    the Premier and Gold support network, and managers were phoning the 26
    companies who had downloaded files during the time the worm was loose
    on the server.
    http://news.cnet.com/news/0-1003-200-5728963.html?tag=prntfr
    http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO59982,00.html

     --23 April 2001 Ford Files Suit Against 2600 Enterprises in Redirect
                      Case
    Ford Motor Co. has filed a trademark-infringement lawsuit against 2600
    Enterprises that asks a judge to enjoin the organization from using a
    domain name which combines General Motor's name with an unsavory word
    and redirects users to Ford's web site.
    http://www.usatoday.com/life/cyber/tech/2001-04-23-ford-net-redirect.htm
    The other side of the story is presented at
    http://www.2600.com/news/display.shtml?id=297

    ****************** Also sponsored by Tripwire, Inc. ******************

    Worried about your web site's integrity? Rest easy with Tripwire.

    Concerned about your site being compromised? Tripwire for Web Pages is
    the answer. Know when data has been changed, instantly detect altered
    pages, replace them with customized pages and log all instances. Learn
    more at our free online seminar May 10 at 11:00 am PDT

    http://www.tripwire.com/products/register.cfml?semID=44

    **********************************************************************

    THE REST OF THE WEEK'S STORIES

     --27 April 2001 IBM Plans Intelligent Computer
    IBM plans to build a computer that will never go down; Project eLiza
    aims to create a computer that can correct system failures without the
    help of technicians. The new system may also be able to help
    automatically fend off hackers.
    http://www.cnn.com/2001/TECH/ptech/04/30/project.eliza.idg/index.html

     --27 April 2001 Still More Egghead Controversy
    The Register (a news service) may have turned up discrepancies between
    what Egghead told Visa and the information they made public regarding
    the December security breach.
    http://www.theregister.co.uk/content/8/18547.html
    [Editor's (Murray) Note: The Register or its reader appear to have been
    the victim of an error or even a hoax. If your bank was concerned, they
    would simply issue a new card. They do not need your permission or
    request to do that. Under no circumstances would they ask you to
    "cancel" your card.]

     --26 April 2001 FAA Security Awareness Outreach
    The Federal Aviation Administration's (FAA) CIO and information systems
    security director will travel to FAA facilities around the country to
    address information security awareness. The purpose of the outreach
    program is to educate personnel about the ways in which people,
    facilities, and data are at risk from cyber threats.
    http://www.fcw.com/fcw/articles/2001/0423/web-faa-04-26-01.asp

     --25 April 2001 DISA Official Urges User Accountability for Security
    Personnel who neglect security protocol should be held accountable, said
    the Defense Information Systems Agency (DISA) Vice Commander Maj. Gen.
    Dave Bryan who was speaking at a technology symposium. He noted that
    of the 245 successful attacks against Defense Department systems last
    year, 96% could have been prevented if personnel had adhered to
    protocol.
    http://www.gcn.com/vol1_no1/daily-updates/4028-1.html
    [Editors' Note: Recognition for good security should also be a tool in
    management's kit. Punishment can discourage bad behavior but it cannot
    teach good behavior.]

     --24 & 27 April 2001 Software Guards Against Mass E-Mailing Viruses
    The Defence Evaluation and Research Agency (DERA), an agency of the UK's
    Ministry of Defence (MoD), has developed behavior blocker software
    called "::Mail" that alerts users when a virus is trying to send out
    mass e-mailings and requires authorization before it completes the task.
    Experts note that turning off Visual Basic Scripting (VBS) would prevent
    many viruses from spreading. Critics say that the software won't stop
    the newest batch of viruses, and that users find the technique, which
    has been used before, to be a nuisance.
    http://news.bbc.co.uk/hi/english/sci/tech/newsid_1294000/1294473.stm
    http://www.zdnet.com/zdnn/stories/news/0,4586,2711638,00.html
    http://www.theregister.co.uk/content/8/18580.html
    [Editor's (Cowan) Note: You can get much more convenient protection from
    the "Just be friends" tool http://www.cigital.com/jbf/]

     --24 & 25 April 2001 Global Internet Fraud Web Site
    Thirteen countries, including the United States, the UK, Canada, Mexico,
    and Sweden have consolidated their on-line consumer fraud efforts in
    econsumer.gov. The web site will provide information about consumer
    protection as well as a means for consumers to file complaints to
    appropriate government officials in the country where the offending
    business is located. The Federal Trade Commission will maintain and
    control the site.
    http://news.cnet.com/news/0-1007-200-5715293.html?tag=prntfr
    http://www.infoworld.com/articles/hn/xml/01/04/25/010425hnborder.xml

     --24 April 2001 Connecticut Teen Faces Cyber Intrusion Charges
    A Connecticut teenager faces charges of breaking into the secure
    connection between the Air Mobility Command system at Scott Air Force
    Base and a US Dept. of Transportation system in Massachusetts early last
    year. He allegedly used a sniffer to intercept wire communications and
    destroyed files that noted his presence. Officials estimated the cost
    of the damage to be $66,000.
    http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO59921,00.html

     --23 April 2001 Enhanced Security Can Reduce Accessibility: The
                      Security Manager's Journal
    This week, the security manager writes about his experience with
    controlling administrative access to his company's production network.
    He found that his tightened security measures blocked certain ports,
    preventing some employees from accessing certain network functions.
    Instead of bringing the firewall vendor into the picture, the security
    manager chose to solve this problem by watching firewall traffic and
    capturing dropped packets to determine which ports to open.
    http://www.computerworld.com/cwi/community/story/0,3201,NAV65-
    663_STO59844,00.html
    [Editor's (Grefer) Note: What happened to the good old concept of
    monitoring/logging traffic patterns for a period of time before
    establishing more restrictive rule sets?]

     --23 April 2001 NIST Security Grants
    The National Institute of Standards and Technology (NIST) has $5 million
    to offer in grants to companies doing research and development in areas
    of security that will help protect the nation's critical infrastructure
    information systems. Proposals are due to NIST by June 15, 2001.
    http://www.fcw.com/fcw/articles/2001/0423/news-nist-04-23-01.asp
    http://csrc.nist.gov/grants/

     --23 April 2001 GAO Report Suggests Citizens' Privacy is at Risk from
                      Data Sharing
    A General Accounting Office (GAO) report says that information sharing
    between agencies could threaten citizens' privacy as linking data sets
    creates dossiers of information about private citizens, which could
    easily be abused. The GAO offered several solutions, including getting
    signed consent forms before joining citizens' data.
    http://www.computeruser.com/news/01/04/23/news3.html

     --20 April 2001 BT Web Site Security Glitch
    The British Telecommunications plc (BT) web site was taken down for
    about two hours after the company became aware of a security problem
    that allowed customers to see others' bills. One security analyst said
    that anyone who had registered for the bill-viewing feature could access
    others' bills if the appropriate customer reference numbers were
    available, and that BT's system does not include proper authentication.
    http://www.theregister.co.uk/content/8/18418.html

     --19 April 2001 Cyber Sabotage Verdict Set Aside
    The government is fighting to have a guilty verdict reinstated against
    a man prosecuted for computer sabotage. Tim Lloyd was found guilty of
    planting a malicious software program in a file server at the company
    where he worked; the program wreaked havoc, causing millions of dollars
    in loses and many layoffs. The judge set aside the decision after a
    juror said a TV news story might have affected her decision. Mr. Lloyd
    maintains his innocence.
    http://www.nwfusion.com/news/2001/0419sabotage.html

    ==end==

    Please feel free to share this with interested parties via email (not
    on bulletin boards). For a free subscription, (and for free posters)
    e-mail sanssans.org with the subject: Subscribe NewsBites

    To change your subscription, address, or other information, visit
    http://www.sans.org/sansurl and enter your SD number (from the headers.)
    You will receive your personal URL via email.

    You may also email <sanssans.org> with complete instructions and your
    SD number for subscribe, unsubscribe, change address, add other digests,
    or any other comments.

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.4 (BSD/OS)
    Comment: For info see http://www.gnupg.org

    iD8DBQE68Ec1+LUG5KFpTkYRAgnHAJ4lDwJLvf+KWyM/VNvRV8wIv2uh/QCeLQZP
    PLxolelhdCr+KWzWNEoXOwk=
    =CXDr
    -----END PGP SIGNATURE-----