|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Stephen Entwisle (se
SECURITYFOCUS.COM)Date: Mon Mar 05 2001 - 11:49:36 CST
SecurityFocus.com Microsoft Newsletter #24
------------------------------------------
I. FRONT AND CENTER
1. Virus Protection For Small Enterprises
II. MICROSOFT VULNERABILITY SUMMARY
1. Microsoft Windows 2000 Domain Controller DoS Vulnerability
III. MICROSOFT FOCUS LIST SUMMARY
1. Auditing Software for 95/98/ME (Thread)
2. Running a script on account lockout (Thread)
3. Secure IIS5 SMTP mail relay (Thread)
4. Outlook Text Preview option (Thread)
5. Win2K Terminal Service as Web Server Admin Tool (Thread)
6. NT 4 Server with IIS 4 install checklist, revision one (Thread)
7. Removing critical files from %systemroot% (Thread)
8. Win2000 SP! (Thread)
9. VNCViewer (Thread)
10. iis unicode bug... (Thread)
11. l0phtcrack and Windows2000 (Thread)
12. Suspicious Email (Thread)
13. Some details in a recent NT hack we encountered (Thread)
14. NT 4 with IIS 4 install checklist (Thread)
15. NT/IIS hotfixes (Thread)
16. OT: P*rn Site Urls (Thread)
17. TO WHOM IT MAY CONSERN Registry entrys regarding Denial...(Thread)
18. FW: NT/IIS hot fix location (Thread)
19. SecurityFocus.com Microsoft Newsletter #23 (Thread)
20. TO WHOM IT MAY CONSERN Registry entrys regarding Denial... (Thread)
21. Possible FTP Site DDoS (Thread)
22. Details on a hacked NT server (possible kit?) (Thread)
IV. NEW PRODUCTS FOR MICROSOFT PLATFORMS
1. Ethenticator MS 3000
2. LogAlert
3. WebInspect
V. NEW TOOLS FOR MICROSOFT PLATFORMS
1. RazorBack 0.1.1
2. Zebedee 2.2.1
3. VCatch 3.5
4. ScoopLm
5. BeatLm
6. Advanced Password Generator 2.74
VI. SUBSCRIBE/UNSUBSCRIBE INFORMATION
I. FRONT AND CENTER
-------------------
Virus Protection For Small Enterprises
With the recent proliferation of .VBS exploits, virus protection for small
enterprises has become increasingly important. After the recent outbreak
of the VBS.plan virus at his company, SecurityFocus writer Chris Jackson
conducted a review of his organization's virus protection and
post-infection procedures. This article recounts the analysis of the virus
outbreak, including: how the outbreak occurred, what conditions
facilitated the outbreak, and what could be done to prevent future
outbreaks. It is hoped that this discussion will provide an understanding
of how small enterprises can protect themselves against virus outbreaks.
http://www.securityfocus.com/focus/virus/articles/smallent.html
II. BUGTRAQ SUMMARY
-------------------
1. Microsoft Windows 2000 Domain Controller DoS Vulnerability
BugTraq ID: 2394
Remote: Yes
Date Published: 2001-02-20
Relevant URL:
http://www.securityfocus.com/bid/2394
Summary:
Domain controllers in a Windows 2000 network handle user authentication
and various other required tasks.
Microsoft Windows 2000 domain controllers are subject to a denial of
service condition.
Unfortunately Windows 2000 domain controllers do not properly validate a
user request before attempting to process it. Submitting numerous
specially crafted invalid requests to a domain controller, could initiate
the domain controllers attempt to carry out the request. This constant
processing attempt will eventually exhaust nearly all available system
resources, preventing the domain controller from handling various
mandatory tasks.
A restart of the server is required in order to gain normal functionality.
Successful exploitation of this vulnerability could assist in further
attacks against the victim host.
III. MICROSOFT FOCUS LIST SUMMARY
---------------------------------
1. Auditing Software for 95/98/ME (Thread)
Relevant URL:
2. Running a script on account lockout (Thread)
Relevant URL:
3. Secure IIS5 SMTP mail relay (Thread)
Relevant URL:
4. Outlook Text Preview option (Thread)
Relevant URL:
contributionship.com">http://www.securityfocus.com/frames/index.html?content=%2ftemplates%2farchive.pike%3flist%3d88%26date%3d2001-03-04%26thread%3d019101c0a35d$795dcb90$0102a8c0contributionship.com
5. Win2K Terminal Service as Web Server Admin Tool (Thread)
Relevant URL:
6. NT 4 Server with IIS 4 install checklist, revision one (Thread)
Relevant URL:
7. Removing critical files from %systemroot% (Thread)
Relevant URL:
8. Win2000 SP! (Thread)
Relevant URL:
9. VNCViewer (Thread)
Relevant URL:
10. iis unicode bug... (Thread)
Relevant URL:
11. l0phtcrack and Windows2000 (Thread)
Relevant URL:
12. Suspicious Email (Thread)
Relevant URL:
13. Some details in a recent NT hack we encountered (Thread)
Relevant URL:
14. NT 4 with IIS 4 install checklist (Thread)
Relevant URL:
15. NT/IIS hotfixes (Thread)
Relevant URL:
16. OT: P*rn Site Urls (Thread)
Relevant URL:
17. TO WHOM IT MAY CONSERN Registry entrys regarding Denial of Service Attacks (Thread)
Relevant URL:
18. FW: NT/IIS hot fix location (Thread)
Relevant URL:
19. SecurityFocus.com Microsoft Newsletter #23 (Thread)
Relevant URL:
20. TO WHOM IT MAY CONSERN Registry entrys regarding Denial of Se rvice Attacks (Thread)
Relevant URL:
21. Possible FTP Site DDoS (Thread)
Relevant URL:
22. Details on a hacked NT server (possible kit?) (Thread)
Relevant URL:
IV.NEW PRODUCTS FOR MICROSOFT PLATFORMS
----------------------------------------
1. Ethenticator MS 3000
by Ethentica
Platforms: Windows NT
Relevant URL:
http://www.securityfocus.com/products/1385
Summary:
The Ethenticator's unique ability to grant access to networks and
protected websites without having to remember or type passwords makes it a
lifesaver while you're on the road with a thousand other things on your
mind. Its secure access features put your mind at ease, too, with reliable
protection from unauthorized use and data theft. The Ethenticator MS 3000
also eliminates the need to remember passwords and lets you instantly
access any web site on the Internet that requires your password, any
application or other text-based information secured by a password or user
name / password combination on your mobile computer.
2. LogAlert
Platforms: Windows 95/98 and Windows NT
by spiDYNAMICS
Relevant URL: http://www.securityfocus.com/products/1393
Summary:
LogAlert is a web application audit and assessment tool, which
automates
web log analysis for IT and security professionals. This security software
highlights and analyzes all suspicious behavior by categorizing the
sequence of suspicious activities and providing detailed reporting on any
intrusions that occur. Users can customize LogAlert reports for
administrators who can then access them on a secure Web site for
on-the-fly analysis. LogAlert handles all major Web servers, including
Netscape, Microsoft IIS and Apache.
3. WebInspect
Platforms; Windows 95/98 and Windows NT
by spiDYNAMICS
Relevant URL: http://www.securityfocus.com/products/1392
Summary
Webinspect is an Internet application security scanner, which operates as
a single-user, desktop application that can be used by various IT
professionals, including software developers, network administrators,
security managers, and CTO's. WebInspect enables customers to detect holes
in both standard and proprietary applications, as it crawls over your
entire website, scanning all known (and some unknown) security
vulnerabilities inside Web applications and servers.
V.NEW TOOLS FOR MICROSOFT PLATFORMS
------------------------------------
1. RazorBack 0.1.1
Platforms: Unix and Windows NT
by InterSect Alliance
Relevant URL: http://www.securityfocus.com/tools/1955
RazorBack is a log analysis program that interfaces with the SNORT open
source Intrusion Detection System to provide real time visual notification
when an intrusion signature has been detected on the network. RazorBack is
designed to work within the GNOME framework on Unix platforms.
2. Zebedee 2.2.1
Platforms: Unix, Windows 95/98 and Windows NT
by Neil Winton (zebedeewinton.org.uk)
Relevant URL: http://www.securityfocus.com/tools/795
Summary:
Zebedee is a simple program to establish an encrypted, compressed "tunnel"
for TCP/IP or UDP data transfer between two systems. This allows traffic
such as telnet, FTP, and X to be protected from snooping as well as
potentially gaining performance over low-bandwidth networks from
compression. The main goals for Zebedee are to provide full client and
server functionality under both UNIX and Windows 95/98/NT, to be easy to
install, use, and maintain with little or no configuration required, and
to use only algorithms that are either unpatented or for which the patent
has expired.
3. VCatch 3.5
Platforms: Windows 2000, Windows 95/98 and Windows NT
by CommonSearch
Relevant URL: http://www.securityfocus.com/tools/1953
VCatch is a virus protection software. When VCatch is active it will check
all the files sent or downloaded to your computer via Email and Web
applications. In the event that VCatch detects that a file is suspected to
be a virus, the software automatically deletes the file and notifies you.
4. ScoopLm
Platforms: Windows 2000 and Windows NT
by uritywww.securityfriday.com
Relevant URL: http://www.securityfocus.com/tools/1947
ScoopLm captures LM/NTLM authentication information (LanManager and
Windows NT challenge/response) on the network.
5. BeatLm
Platforms: Windows 2000 and Windows NT
by uritysecurityfriday.com
Relevant URL: http://www.securityfocus.com/tools/1946
BeatLm searches out the password from LM/NTLM authentication information
(LanManager and Windows NT challenge/response).
6. Advanced Password Generator 2.74
Platforms: Windows 2000, Windows 95/98 and Windows NT
by Segobit Software
Relevant URL: http://www.securityfocus.com/tools/1907
Advanced Password Generator is a application designed to generate
passwords of any length and character content. Advanced Password Generator
allow users to do choice random number generator, which built into this
application.This feature is used to generate an extremely random seed
value. Random number generators written in low-level language, and some of
random number generators, which built into this application, is impossible
to write in high-level language (Basic,Pascal,C++ and other). After
registration user can to obtain the application with the own additional
random number generator. Advanced Password Generator will create
alphabetic, numeric, alphanumeric or all keyboard characters password of
user-defined lengths.Password can be generated in lowercase or mixed
case.All passwords can be printed.
VI. SUBSCRIBE/UNSUBSCRIBE INFORMATION
-------------------------------------
1. How do I subscribe?
Send an e-mail message to LISTSERVSECURITYFOCUS.COM with a message body
of:
SUBSCRIBE FOCUS-MS Lastname, Firstname
You will receive a confirmation request message to which you will have
to respond.
2. How do I unsubscribe?
Send an e-mail message to LISTSERVSECURITYFOCUS.COM from the subscribed
address with a message body of:
UNSUBSCRIBE FOCUS-MS
If your e-mail address has changed email aleph1securityfocus.com and I
will manually remove you.
3. How do I disable mail delivery temporarily?
If you will are simply going in vacation you can turn off mail delivery
without unsubscribing by sending LISTSERV the command:
SET FOCUS-MS NOMAIL
To turn back on e-mail delivery use the command:
SET FOCUS-MS MAIL
4. Is the list available in a digest format?
Yes. The digest generated once a day.
5. How do I subscribe to the digest?
To subscribe to the digest join the list normally (see section 0.2.1)
and then send a message to LISTSERVSECURITYFOCUS.COM with with a message
body of:
SET FOCUS-MS DIGEST
6. How do I unsubscribe from the digest?
To turn the digest off send a message to LISTSERV with a message body
of:
SET FOCUS-MS NODIGEST
If you want to unsubscribe from the list completely follow the
instructions of section 0.2.2 next.
7. I seem to not be able to unsubscribe. What is going on?
You are probably subscribed from a different address than that from
which you are sending commands to LISTSERV from. Either send e-mail from
the appropiate address or e-mail the moderator to be unsubscribed
manually.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]