OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: The SANS Institute (sanssans.org)
Date: Wed Mar 06 2002 - 10:07:55 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    To: Security Express (SD397643)
    From: Alan for the SANS NewsBites service
    Re: March 6 SANS NewsBites

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Hackers are currently scanning the entire Internet looking for Windows
    systems with unprotected shares. They have found thousands or perhaps
    tens of thousands of vulnerable systems and installed remote-control
    bots on those systems. If you have not checked your systems and your
    family's systems for open shares, now would be a very good time to
    find them and protect them.

                                       Alan

    **********************************************************************
                               SANS NEWSBITES
                    The SANS Weekly Security News Overview
    Volume 4, Number 10 March 6, 2002
    Editorial Team:
          Kathy Bradford, Dorothy Denning, Roland Grefer, Vicki Irwin,
                 Bill Murray, Stephen Northcutt, Alan Paller,
                 Marcus Ranum, Howard Schmidt, Eugene Schultz
    **********************************************************************

    TOP OF THE NEWS
    4 March 2002 Network Admin Who Destroyed Network Gets 41 Months Of
                  Jail Time
    27 February 2002 Warez Ringleader Pleads Guilty
    27 February 2002 Life Sentences Proposed for Reckless Hacking
    28 February 2002 Millions of Apache Web Servers Vulnerable To
                      PHP Attacks
    27 February 2002 Users Band Together To Establish Minimum Security
                      Benchmarks

    THE REST OF THE WEEK'S NEWS
    4 March 2002 OMB Security Report Could Launch Long-Needed Fixes
    4 March 2002 NIST Releases Draft Guidelines For Web Server Defense
    28 February 2002 Oracle Security: Less Than Claimed
    28 February 2002 Wall Street Execs Voice Concerns About Security
    28 February 2002 Hong Kong To Give Smart ID Cards To All Citizens
    27 February 2002 Microsoft Security Improvements Underway
    27 February 2002 How Will The Next Virus Work?
    27 February 2002 Federal CIOs Rate Security Higher Than E-Gov
    26 February 2002 New York State Pulls Sensitive Data From Web Sites
    25 February 2002 MP3 Files Can Contain Exploits
    25 February 2002 Security and Privacy Must Be Balanced

    TUTORIAL
    Managing the Threat of Denial of Service Attacks

    TRAINING OPPORTUNITIES IN THE NEXT 120 DAYS
    SANS 2002 Annual Conference, Courses, and Exposition, Orlando April
    1-7 (Late registration deadline for savings is March 12.)
    Large training programs in Boston, London, Washington, and
    Toronto. Smaller programs in Kansas City, Los Angeles, Detroit,
    Colorado Springs, Portland (OR), Phoenix, and Minneapolis. Details:
    http://www.sans.org

    ************ Sponsored by VeriSign - The Value of Trust **************

    Pinpoint the right security solution for your company - FREE Guide
    from VeriSign gives you the facts. Learn how to:
    - - Add the most powerful online encryption - 128-bit
    - - Quickly authenticate your site

    Get your FREE Guide now at:
    http://www.verisign.com/cgi-bin/go.cgi?a=n061174430057000

    ***********************************************************************

     --4 March 2002 Network Admin Who Destroyed Network Gets 41 Months
                     Of Jail Time
    Timothy Lloyd was sent to prison for nearly 3 and a half years and
    ordered to pay 2 million US dollars in restitution for planting a
    time bomb that destroyed the manufacturing software developed by
    his employer.
    http://www.nwfusion.com/news/2002/0304lloyd.html
    [Editor's (Schultz) Note: Cases such as this one and others with
    similar outcomes will eventually help turn the tide in the war against
    cybercrime. Perpetrators have for the most part not been forced to
    face consequences for their actions.]

     --27 February 2002 Warez Ringleader Pleads Guilty
    John Sankus of Philadelphia has pleaded guilty to one felony count of
    conspiracy to commit criminal copyright infringement. Law enforcement
    officials say that Sankus was the ringleader of one of the oldest
    groups trading illegally in copyrighted software.
    http://www.newsbytes.com/news/02/174822.html

     --27 February 2002 Life Sentences Proposed for Reckless Hacking
    A US House subcommittee voted unanimously to propose lifetime jail
    sentences for hackers who knowingly attempt "to cause death or serious
    bodily injury" through electronic means.
    http://www.wired.com/news/politics/0,1283,50708,00.html

     --28 February 2002 Millions of Apache Web Servers Vulnerable To
                         PHP Attacks
    Up to ten million Apache-based web sites are vulnerable to a
    buffer overflow attack that targets the popular PHP scripting
    language. Upgrading to the newest version of PHP (4.1.2) or patching
    older versions fixes the vulnerability.
    http://www.computerworld.com/cwi/community/story/0,3201,NAV65-663_STO68693,00.html

     --27 February 2002 Users Band Together To Establish Minimum Security
                         Benchmarks
    A consortium of 170 user organizations has published security
    benchmarks for Cisco routers, Windows 2002 systems and Solaris
    systems, along with free testing tools to measure whether systems
    meet the benchmarks. This is a critical step forward in the quest for
    "minimum standards of due care" in security.
    http://www.usatoday.com/life/cyber/tech/2002/02/27/security.htm

    *********************** Sponsored Links ****************************
    (1) Add it up and upgrade... StoneGate firewall 50% upgrade promotion.
    http://www.sans.org/cgi-bin/sanspromo/NB10

    (2) Manage or Eliminate NIS and NIS+ using Guardian Version 5.
    http://www.sans.org/cgi-bin/sanspromo/NB11

    (3) Stop Hackers DEAD with Continuous Intrusion Prevention provided
    by ActiveGuard(tm)
    http://www.sans.org/cgi-bin/sanspromo/NB12
    **********************************************************************

    THE REST OF THE WEEK'S NEWS

     --4 March 2002 OMB Security Report Could Launch Long-Needed Fixes
    Federal agency reports required by the Government Information Systems
    Reform Act (GISRA) show extensive security management weaknesses and
    point toward corrective action.
    http://www.fcw.com/fcw/articles/2002/0304/cov-start-03-04-02.asp
    [Editor's (Paller) Note: Federal CIOs now face a choice. They
    can focus their security efforts on getting more paper reports
    done so they can get a higher score next year, or they can use the
    senior management attention created by GISRA to establish continuous
    monitoring programs and competition among divisions to identify those
    that are best at securing their systems. I have been very impressed
    with the leadership being shown by the CIOs who have the foresight
    (and guts) to be part of the latter group.]

     --4 March 2002 NIST Releases Draft Guidelines For Web Server Defense
    The US National Institutes of Standards and Technologies (NIST)
    requested comments on a draft guide containing detailed configuration
    suggestions for web servers.
    http://www.fcw.com/fcw/articles/2002/0304/web-nist-03-04-02.asp

     --28 February 2002 Oracle Security: Less Than Claimed
    In a teleconference for its clients, security firm Counterpane
    Internet Security reminded them of the lingering vulnerabilities in
    the supposedly "unbreakable" product. The article author claims that
    Oracle has been "less than eager to disseminate useful information
    about these issues."
    http://www.theregister.co.uk/content/53/24244.html

     --28 February 2002 Wall Street Execs Voice Concerns About Security
    Executives from Morgan Stanley, Donaldson, Lufkin & Jenrette, and
    Salomon Smith Barney described their key cybersecurity concerns and
    what they thought could be done to improve protection.
    http://www.computerworld.com/cwi/community/story/0,3201,NAV65-663_STO68689,00.html

     --28 February 2002 Hong Kong To Give Smart ID Cards To All Citizens
    In a move designed to offer more protection against forgery and
    allow stronger verification of the cardholder's identity, Hong
    Kong's government has contracted for an initial batch of 1.2 million
    smart cards. This is the first step toward providing all 6.8 million
    citizens with smart cards that can verify identities and later be
    used for drivers licenses, secure transactions and more.
    http://www.newsbytes.com/news/02/174837.html

     --27 February 2002 Microsoft Security Improvements Underway
    The day to day activities of thousands of Microsoft software developers
    have changed, according to a Microsoft security spokesperson.
    http://seattlepi.nwsource.com/business/59941_flaws27.shtml

     --27 February 2002 How Will The Next Virus Work?
    This commentary reviews patterns developing in new viruses and worms:
    bypassing Outlook, using instant messaging, and more.
    http://zdnet.com.com/2100-1107-846099.html

     --27 February 2002 Federal CIOs Rate Security Higher Than E-Gov
    According to a survey, defending federal systems against cyberterrorism
    has passed the quest for electronic government as the highest priority
    for federal CIOs.
    http://www.gcn.com/vol1_no1/security/18039-1.html

     --26 February 2002 New York State Pulls Sensitive Data From Web Sites
    Information targeting locations of government offices, dams, and power
    stations is being removed from New York State web sites in an effort
    to avoid assisting terrorists who want to do damage.
    http://www.computerworld.com/storyba/0,4125,NAV47_STO68628,00.html

     --25 February 2002 MP3 Files Can Contain Exploits
    Features in media players from both Microsoft and RealNetworks allow
    attackers to package unwanted data as MP3 files and can, according to
    one security practitioner, allow security holes in Internet Explorer
    to be exploited from MP3 files.
    http://online.securityfocus.com/news/338

     --25 February 2002 Security and Privacy Must Be Balanced
    IT managers face a growing conflict between the need to implement
    new security measures while protecting employee privacy.
    http://www.computerworld.com/storyba/0,4125,NAV47_STO68593,00.html

    TUTORIAL

     --Managing the Threat of Denial of Service Attacks
    Although distributed denial of service attacks continue to plague
    systems across the globe, networks are not without defenses.
    CERT's paper shows how to build DDoS resilient networks and lays out
    the steps to follow when analyzing and responding to DDoS attacks.
    http://www.cert.org/archive/pdf/Managing_DoS.pdf
    An earlier report on trends in DDOS attacks is available at:
    http://www.cert.org/archive/pdf/DoS_trends.pdf

    ==end==

    Please feel free to share this with interested parties via email,
    but no posting is allowed on web sites). For a free subscription,
    (and for free posters) e-mail sanssans.org with the subject:
    Subscribe NewsBites

    To change your subscription, address, or other information, visit
    http://www.sans.org/sansurl and enter your SD number (from the
    headers.) You will receive your personal URL via email.

    You may also email <sanssans.org> with complete instructions and
    your SD number for subscribe, unsubscribe, change address, add other
    digests, or any other comments.

    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.0.6 (GNU/Linux)
    Comment: For info see http://www.gnupg.org

    iD8DBQE8hi0i+LUG5KFpTkYRAogTAJsH72ra+yTaE1U3D9OZRhhfXqxxtwCfaNxn
    zawqb5xAGVOKd+OWQCAii2c=
    =KHVT
    -----END PGP SIGNATURE-----