To: Security Express (SD397643)
From: Alan for the SANS NewsBites service
Re: January 23 SANS NewsBites

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hawaii anyone? You can get a head start on your GIAC certifications
this year by attending SANS Aloha IV at the Hyatt Waikiki in Honolulu
beginning on January 28. With plane fares at an all time low, and
all four of SANS top rated certification courses (Security Essentials,
Intrusion Detection, Firewalls and Perimeter Protection, and Windows
Security) being taught by the masters (Northcutt, Cole, Brenton,
and Fossen), how can your bosses say no?
See http://www.sans.org/Aloha4.htm

                                  Alan

**********************************************************************

                           SANS NEWSBITES

                The SANS Weekly Security News Overview

Volume 4, Number 4 January 23, 2002

Editorial Team:
      Kathy Bradford, Dorothy Denning, Roland Grefer, Vicki Irwin,
             Bill Murray, Stephen Northcutt, Alan Paller,
             Marcus Ranum, Howard Schmidt, Eugene Schultz

**********************************************************************

TOP OF THE NEWS
18 January 2002 China Institutes Strong Internet Content Regulations
18 January 2002 Distributed Computing Case Plea Agreement
16 & 17 January 2002 Gates on Trustworthy Computing Initiative
15 January 2002 Windows Patch Site Out Of Commission

THE REST OF THE WEEK'S NEWS
18 January 2002 FTC Settles with Eli Lilly in Customer Privacy Case
18 January 2002 Database Security
18 January 2002 SSA Digital Certificate Enabled Online Submissions
17 January 2002 FBI: al Qaeda Might be Looking at Facilities' Sites
17 January 2002 Purported al-Qaeda Files Used Weak Encryption
17 & 18 January 2002 Response to Trustworthy Computing Initiative
                      Message
16 January 2002 NIPC is Considering Reorganization Models
15 & 16 January 2002 Windows Media Player Flaw Can Defeat IE P3P
                      Protections
15 January 2002 ICANN Reluctant to Sign Server Performance Contracts
14 January 2002 Cyber Forensics
v14 January 2002 File Sharing Programs Can Expose Personal Data
14 January 2002 Microsoft Shuts On-Line Store to Investigate Alleged
                 Script Hole
14 January 2002 Older Versions of ICQ At Risk for Buffer Overflow
13 January 2002 MoD Laptops Missing

UPCOMING TRAINING OPPORTUNITIES
***** SANS 2002 (our largest conference) (12 tracks plus a free
           technical conference for all who attend the tracks),
           Orlando, April 1-7
*** SANS Aloha IV (4 tracks), Honolulu, Jan 28-Feb 2
**** SANS Computer Security Bootcamp (7 trks), Monterey, CA, Feb 9-14
* SANS San Diego ISO (1 track), Feb 25-Mar 1
* SANS Tysons Corner ISO (1 track), March 3-7
* SANS Seattle (1 track), March 4-9
** SANS Lone Star (3 tracks), San Antonio, March 11-16
* SANS Kansas City(1 track), March 18-23
* SANS Securing IIS (1 day), Los Angeles, March 20
** SANS Arizona (2 tracks), Phoenix, March 23-27 ~ (Featuring
            Forensics & Auditing)
* SANS Securing IIS (1 day), Phoenix, March 28
*** SANS Parliament Square 2002 (4 tracks), London, April 22-27
See www.sans.org for details

************* This issue sponsored by Websense *******************

Choosing Internet filtering software isn't always easy, is it?

Guess again. With Websense Enterprise, the leading solution, you get
installation and administration that's a breeze. Combine that with
integrations with Microsoft, Cisco, Check Point and others and you'll
see why 15,000+ organizations are using Websense worldwide. If only
ALL your decisions were this simple.

Try a free, fully-functional 30-day trial.
http://www.websense.com?id=10204

*******************************************************************

TOP OF THE NEWS
 --18 January 2002 China Institutes Strong Internet Content
                    Regulations
New regulations in China require ISPs to screen e-mail for subversive
political content and hold them responsible for website, chat-room
and bulletin board content. In addition, software manufacturers have
to guarantee that their products do not contain backdoors.
http://www.wired.com/news/politics/0,1283,49855,00.html
[Editor's (Grefer) Note: A similar move in terms of liability for
content offered within the borders of Germany (independent of where
the sites/pages are hosted) has been finalized and published as new
legislation. While this does not sit well with ISPs, they have not
yet found a legal way of fighting this new law.]

 --18 January 2002 Distributed Computing Case Plea Agreement
David McOwen, the former DeKalb Technical College system administrator
charged with computer theft and trespass under Georgia's computer
crime law for installing distributed computing clients on college
computers, has agreed to a plea bargain. McOwen will pay $2,100 in
restitution, perform 80 hours of community service and will be on
one year of probation.
http://www.securityfocus.com/news/311
http://www.theregister.co.uk/content/4/23737.html
[Editor's (Murray) Note: The ethical lesson here is that when you
set out to do good, be sure that you do it with your own resources,
not those of your employer.]

 --16 & 17 January 2002 Gates on Trustworthy Computing Initiative
Bill Gates sent all Microsoft employees an e-mail describing the
Trustworthy Computing Initiative which stresses reliability, security
and privacy.
Text of e-mail:
http://www.wired.com/news/business/0,1367,49826,00.html
http://www.msnbc.com/news/689243.asp?0dm=T215T
http://zdnet.com.com/2100-1104-817017.html

 --15 January 2002 Windows Patch Site Out Of Commission
A DNS problem prevented Windows users from downloading critical
security patches from the Windows Update site.
http://www.eweek.com/article/0,3658,s%253D700%2526a%253D21231,00.asp

**************** Also sponsored by NFR Security, Inc. **************

Your firewalls are being bypassed. Your employees are doing things
they shouldn't.

Protecting your network and hosts isn't just a matter of knowingwho is
there, you must know what they're doing and if it could be damaging.NFR
Security can help - now with both best-of-breed host and network
intrusion detection.

Click here for a FREE white paper on Coverage in Intrusion Detection
Systems

http://www.nfr.com/forum/papers.html

*********************************************************************

THE REST OF THE WEEK'S NEWS

 --18 January 2002 FTC Settles with Eli Lilly in Customer Privacy Case
The Federal Trade Commission (FTC) has settled a privacy case against
Eli Lilly and Company. The drug manufacturer had inadvertently exposed
the names of almost 700 subscribers to its Prozac.com reminder service.
The company will not pay a fine, but is required to develop a data
security program.
http://www.computerworld.com/storyba/0,4125,NAV47_STO67517,00.html

 --18 January 2002 Database Security
A list of the top ten database security issues compiled from the
results of a poll of managers using Protegrity Inc.'s Secure data
privacy management products includes suggestions for alleviating some
of the problems.
http://www.searchsecurity.com/originalContent/0,289142,sid14_gci797222,00.html

 --18 January 2002 SSA Digital Certificate Enabled Online Submissions
Washington State will be the first to participate in the Social
Security Administration's (SSA) digital certificate program for state
wage reports submitted on-line.
http://www.gcn.com/vol1_no1/daily-updates/17765-1.html

 --17 January 2002 FBI: Al Qaeda Might be Looking at Facilities' Sites
An FBI alert to law enforcement agencies warned of unconfirmed reports
that al Qaeda operatives may have been searching certain web sites,
some of which contain information about nuclear plant and other
facilities. The alert was issued to urge authorities to consider
carefully the content they make available on their web sites.
http://www.cnn.com/2002/TECH/internet/01/17/fbi.alert/index.html

 --17 January 2002 Purported al-Qaeda Files Used Weak Encryption
Files on computers which allegedly belonged to al-Qaeda operatives
in Afghanistan were protected with a 40-bit data Encryption Standard
(DES), which until last year was the strongest encryption permitted to
be exported from the United States. A former NATO encryption expert
says the more stringent export controls should not be restored.
http://www.newscientist.com/news/news.jsp?id=ns99991804

 --17 & 18 January 2002 Response to Trustworthy Computing Initiative
                         Message
While some security experts find Gates' message welcome, others
are skeptical.
http://www.wired.com/news/business/0,1367,49809,00.html

http://news.com.com/2100-1001-817849.html
http://www.cnn.com/2002/TECH/industry/01/18/microsoft.security.reut/index.html
http://zdnet.com.com/2100-1107-818138.html
 
 --16 January 2002 NIPC is Considering Reorganization Models
National Infrastructure Protection Center (NIPC) director Ronald Dick
says he has been speaking with the Centers for Disease Control (CDC)
and the National Communications System (NCS) in an effort to find a
good organizational model for gathering and disseminating critical
infrastructure threat information.
http://www.computerworld.com/storyba/0,4125,NAV47_STO67424,00.html

 --15 & 16 January 2002 Windows Media Player Flaw Can Defeat IE
                         P3P Protections
A security hole in Windows Media Player (WMP) can defeat the Platform
for Privacy Preferences (P3P) which are built into Internet Explorer
(IE) 6. The WMP unique ID number can be grabbed by a malicious
JavaScript on a website and used as a "supercookie" capable of tracking
users' Internet activities. Microsoft issued a patch available for
the problem in May. Computer privacy and security consultant and
Richard Smith posted information about the vulnerability on BugTraq.
http://zdnet.com.com/2100-1105-814626.html
http://www.theregister.co.uk/content/55/23700.html

 --15 January 2002 ICANN Reluctant to Sign Server Performance
                    Contracts
Organizations that oversee some of the Internet's top level domains
want ICANN (the Internet Corporation for Assigned Names and Numbers)
to guarantee root server stability, but ICANN has not signed such a
contract because the liability risk involved is enormous. Some of
the organizations are threatening to withhold ICANN fees if their
concerns are not addressed.
http://news.bbc.co.uk/hi/english/sci/tech/newsid_1761000/1761362.stm

 --14 January 2002 Cyber Forensics
This article describes three cases in which cyber forensic
investigations helped solve crimes: the Russian credit card thieves
eventually nabbed in an FBI sting, the University of Washington
denial-of-service zombies and a case in which a former employee stole
intellectual property.
http://www.computerworld.com/storyba/0,4125,NAV47_STO67299,00.html

 --14 January 2002 File Sharing Programs Can Expose Personal Data
Users of file-sharing programs should be careful about which files
and directories they make available to the network so as not to
accidentally share private information.
http://www.msnbc.com/news/686184.asp?0dm=C235T

 --14 January 2002 Microsoft Shuts On-Line Store to Investigate
                    Alleged Script Hole
Microsoft shut down its Developers Store web site last week to
investigate a potential vulnerability. The alleged script problem
could allow access to customer information. The software developer who
posted his findings at a security web site says he e-mailed Microsoft
about the problem first but received no reply.
http://www.computerworld.com/storyba/0,4125,NAV47_STO67382,00.html

 --14 January 2002 Older Versions of ICQ At Risk for Buffer Overflow
People using ICQ messaging software that is older than version 2001b on
Windows operating systems are vulnerable to a buffer overflow exploit.
An AOL spokesman encouraged users to update their software and said
the company is taking server-side measures to address the problem.
http://zdnet.com.com/2100-1105-813806.html

 --13 January 2002 MoD Laptops Missing
Of the 1354 missing UK government computers, nearly 600 alone are
from the Ministry of Defense (MoD). A spokesman said that not all
computers contain classified information. The MoD also reported 27
hacking incidents during the last three years.
http://news.bbc.co.uk/hi/english/uk/newsid_1757000/1757792.stm

==end==

Please feel free to share this with interested parties via email (not
on bulletin boards). For a free subscription, (and for free posters)
e-mail sanssans.org with the subject: Subscribe NewsBites

To change your subscription, address, or other information, visit
http://www.sans.org/sansurl and enter your SD number (from the
headers.) You will receive your personal URL via email.

You may also email <sanssans.org> with complete instructions and
your SD number for subscribe, unsubscribe, change address, add other
digests, or any other comments.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE8TvaP+LUG5KFpTkYRAv7JAJ9YY/KvNGazeVJqqD5xjjx1gJTtCACffuyf
armB53Ig623mM72XgNealPc=
=HcYI
-----END PGP SIGNATURE-----

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]