Off the Wire

Off The Wire Archive

News items for April 2002

eSecurityOnline vs. Solaris
eSecurityOnline today released several security advisories mainly related to Sun Solaris problems. Problems included are from denial of service to roor compromise. [more]
Tuesday, 30 April 2002, 12:26 PM CET


Hack Yourself for Top Security
Learn how to become the best protector of your own security with ExtremeTech/syscheck. [more]
Tuesday, 30 April 2002, 10:21 AM CET


Network Forensics: Tapping the Internet
Simson Garfinkel examines the current crop of network monitoring tools and the ethical issues invloved in scanning network traffic. [more]
Tuesday, 30 April 2002, 10:12 AM CET


Worms: who's the deadliest of them all?
The latest fast-spreading versions of the Klez worm have so far infected 7.2 percent of PCs worldwide. [more]
Tuesday, 30 April 2002, 10:09 AM CET


MS security cop patrols a tough beat
Microsoft's chief security strategist aims to keep security at the forefront of the software giant's agenda, but observers want action not words. [more]
Monday, 29 April 2002, 5:45 PM CET


XP Updates Start to P.O. Users
Windows XP's pop-up patches allow users to play games and access file-trading systems. But experts are worried the bulky updates may compromise security patches. [more]
Monday, 29 April 2002, 3:20 PM CET


Better security needs scare tactics
IT managers need to scare senior executives into adopting information security awareness programmes, but initiate a range of innovative marketing campaigns to sell it to the end user. [more]
Monday, 29 April 2002, 3:03 PM CET


'Blended' attacks pose serious security threat
Attacks that target different areas of your network are a major danger, and a strong defence is essential. [more]
Monday, 29 April 2002, 1:50 PM CET


WLANS to Get More Secure
ReefEdge is readying a wireless solution for carriers that want to offer WLAN services and IT managers who want assurances data is secure. [more]
Monday, 29 April 2002, 1:49 PM CET


EU to harmonise cybercrime laws
The Commission of the EU has adopted a proposal for a Council framework decision that seeks to harmonize the EU's legal response to so-called cybercrimes. [more]
Monday, 29 April 2002, 1:42 PM CET


Employees seen as computer saboteurs
Digital cameras, MP3 players and handheld computers could be the tools that disgruntled employees use to sabotage computer systems or steal vital data, warn security experts. [more]
Monday, 29 April 2002, 10:58 AM CET


Crackers favour war dialling and weak passwords
During a debate at InfoSecurity Europe, hacker KP said that when he broke into a network he did so 90% of the time through an unprotected modem, often through war dialling. [more]
Monday, 29 April 2002, 10:56 AM CET


Future Tech: Hack-Proof Chatting
Discover magazine outlines the first successful laser photon communication utilizing Quantum Cryptography. [more]
Monday, 29 April 2002, 10:53 AM CET


Sudo Password Prompt Vulnerability
Sudo - A popular utility for allowing users to execute commands as other users contains a vulnerability which may be exploited to execute arbitrary commands. [more]
Friday, 26 April 2002, 1:40 PM CET


Dr. Damn cleans house for file-swappers
The record companies had their Napster, and the stream of file-swapping companies that followed. The file-swapping companies now have their "Dr. Damn." [more]
Friday, 26 April 2002, 12:13 PM CET


Building a secure kiosk with Embedded Linux
Patrick Glennon relates his experiences in creating a small Linux-based system for a client that required robust, easy-to-use, low-cost kiosks for conducting surveys at hotels. [more]
Friday, 26 April 2002, 12:10 PM CET


RIAA wants tax dollars to combat piracy
The RIAA is calling for additional federal funding to combat piracy, saying that the number of arrests and convictions for copyright crimes has skyrocketed over the course of a year. [more]
Friday, 26 April 2002, 12:08 PM CET


Set up a Linux firewall with ease using Firestarter
Firestarter provides a clean, powerful interface for quickly creating a firewall and getting it started. [more]
Friday, 26 April 2002, 11:11 AM CET


FAA hacked by patriots
Hackers were able to penetrate a Federal Aviation Administration system earlier this week and download unpublished information on airport passenger screening activities. [more]
Friday, 26 April 2002, 11:08 AM CET


Klez worm could compromise sensitive data
The initially innocuous Klez worm is turning nasty as vandals tweak both the mode of attack and the payload. [more]
Thursday, 25 April 2002, 1:33 PM CET


Teaching the Rules of the Road
Bad system administrators affect more than their own computers - they make the entire Internet a little less safe. [more]
Thursday, 25 April 2002, 10:55 AM CET


Setting up a FreeBSD firewall with an IPSec uplink
This article shares steps for setting up an IPSec tunnel for securing a 802.11b wireless uplink. The article also covers basic NAT and IPFW for use with this setup. [more]
Thursday, 25 April 2002, 10:52 AM CET


Upgrading to Solaris 8
Solaris 8 is inarguably the best Solaris release generally available, but it may not be right for everyone. [more]
Thursday, 25 April 2002, 10:49 AM CET


An IPsec tunnel implementation for Linux
I started this project because I was using a number of IPIP tunnels to connect a number of private networks over the Internet, and I needed encryption for a few resons. [more]
Thursday, 25 April 2002, 10:47 AM CET


Check Point Boosts Firewall Performance
Check Point Software Technologies Inc. detailed a new firewall performance enhancement module for use with its firewall and virtual private network products. [more]
Thursday, 25 April 2002, 10:41 AM CET


Security exhibitors set up insecure WLANs
Wireless networking insecurity was a key theme of the InfoSecurity show with a number of suppliers coming out with surveys on just how vulnerable world+dog is to drive by hackers. [more]
Wednesday, 24 April 2002, 3:58 PM CET


RSA Security says it will cut 200 jobs
Computer security provider RSA Security Inc. on Wednesday said it will cut about 200 jobs in order to reduce operating expenses. [more]
Wednesday, 24 April 2002, 3:57 PM CET


Using GnuPG
GnuPG is the open source equivalent to PGP. Using GPG is very easy and straightforward. It is a text-based command line tool, but there are frontends to GPG that make it even easier to use. [more]
Wednesday, 24 April 2002, 12:07 PM CET


IE-6 privacy solution backfires
Privacy functionality in IE6 makes it possible to launch several attacks against the browser, and against Outlook and Outlook Express, security researcher Thor Larholm has discovered. [more]
Wednesday, 24 April 2002, 12:03 PM CET


Why the Klez worm just won't go away
Every time a virus or worm - like Klez - wreaks havoc across the globe, it's inevitably followed by copycat variants. So how can you protect yourself against these viral descendants? [more]
Wednesday, 24 April 2002, 12:01 PM CET


Keeping e-mail encryption alive
"PGP has been around for 10 years and has endured incredible obstacles and hardships," Zimmermann said. "Powerful forces have been arrayed to stop PGP and yet those obstacles were overcome." [more]
Tuesday, 23 April 2002, 6:49 AM CET


Wireless LAN Security: A Short History
If you're holding back on an 802.11 deployment because of security concerns, you're not alone. Research indicates that the perceived insecurity of wireless networks is a major inhibitor to further market growth. [more]
Tuesday, 23 April 2002, 6:47 AM CET


Keep your files safe with these encryption tools
Worried someone might read your confidential files? Your data is vulnerable. So what can you do? Use encryption software and digital file shredders. [more]
Tuesday, 23 April 2002, 3:42 AM CET


OpenSSH Security Advisory - local root exploit
A buffer overflow exists in OpenSSH's sshd if sshd has been compiled with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing has been enabled in the sshd_config file. [more]
Tuesday, 23 April 2002, 2:32 AM CET


'Mannheim' to harden Army defense
The Army last week concluded the first exercise of an initiative designed to improve the service's ability to defend its networks against attacks. [more]
Tuesday, 23 April 2002, 2:15 AM CET


Closing the Spycam Sniffer Loophole
Those cheap wireless video cameras hawked by annoying pop-up ads can be intercepted by anyone with a few hundred dollars and a voyeristic bent. There's no federal law against it, but there should be. [more]
Tuesday, 23 April 2002, 2:13 AM CET


CA, Ernst & Young team on security consulting
Hoping to increase its market share among Fortune 1000 companies, Computer Associates International Inc. announced a partnership with Ernst & Young LLP that will see the companies work together on security and risk management issues. [more]
Tuesday, 23 April 2002, 2:11 AM CET


How teens still hack million-dollar security systems
More than 26,000 computer intrusion incidents were reported to CERT in the first three months of this year, surpassing the total for all of 2000. [more]
Monday, 22 April 2002, 3:04 PM CET


A bad year for privacy
At the Computers, Freedom and Privacy conference tech activists take on the latest incursions on individual privacy from government and industry. [more]
Monday, 22 April 2002, 3:02 PM CET


U.S. Army to Centralize Network Security Scanning
The U.S. Army announced a major new initiative designed to help the service get its arms around vulnerability analysis and automated patch management for more than 1.5 million workstations around the world. [more]
Monday, 22 April 2002, 2:59 PM CET


Interpol warns firms over security 'vacuum'
The chairman of Interpol's European Working Party on IT Crime has warned that a "vacuum of knowledge" surrounding IT security means companies are exposing themselves to unnecessary risk. [more]
Monday, 22 April 2002, 12:50 PM CET


Symantec preps Linux firewall for IBM iSeries
Symantec is working with IBM to deliver a hardened firewall which will run within an iSeries Linux partition and provide protection for the iSeries or other connected servers on corporate networks. [more]
Monday, 22 April 2002, 12:48 PM CET


Interview with Heiko Zuerker, author of Devil-Linux
PortaZero's Gabrile D'Angelo interviewed Heiko Zuerker and asked him some questions regarding the Devil-Linux backstage. [more]
Monday, 22 April 2002, 12:46 PM CET


Apache and SSL
This article summarizes the basic concepts of how SSL and TLS work and how Apache implements these protocols so that one can transmit information securely over HTTP. [more]
Monday, 22 April 2002, 12:42 PM CET


Hacking Through the Wireless Jungle
With a WLAN card and a sniffer, it is not difficult for a hacker to find a company's wireless network from a position outside the building. [more]
Sunday, 21 April 2002, 3:20 PM CET


Microsoft defends Baseline Security Analyzer
Responding to escalating criticism on their Microsoft Baseline Security Analyzer, Microsoft says users finding difficulty with the this tool may be misinterpreting the results of the freeware product's findings. [more]
Sunday, 21 April 2002, 3:19 PM CET


Corporate hacks go unreported
The reporting of hacking attacks must become the norm if cyber crime is to be tackled, according to a US Department of Justice computer crime boss. [more]
Sunday, 21 April 2002, 3:16 PM CET


Book review - IP Routing
Most network administrators know something about routing, but many feel they don't know enough about it. The purpose of the newly published IP Routing is to fill the knowledge gaps that administrators may have. [more]
Sunday, 21 April 2002, 3:09 PM CET


Announcement of OpenSSL 0.9.6d and 0.9.7
The OpenSSL developers team is pleased to announce the upcoming release of OpenSSL 0.9.7. OpenSSL 0.9.7 contains several changes and enhancements in many fields. [more]
Sunday, 21 April 2002, 3:08 PM CET


Middle East conflict spills over into cyberspace
The political crisis in the Middle East has spawned an increase in defacement attacks on Israeli Web servers. Israel was the victim of 10 of 15 significant web defacements in the Middle East over the last 14 days. [more]
Sunday, 21 April 2002, 3:06 PM CET


Sun Names Chief Security Officer
Sun Microsystems Wednesday said it appointed security expert Whitfield Diffie to its newly created position of chief security officer (CSO). [more]
Sunday, 21 April 2002, 3:04 PM CET


Indian hacker turns cyber cop
Ankit Fadia is one of the many "ethical hackers" now employed by businesses all over the world to protect against attacks. He is a 16 year old and he recently wrote a book called Ethical Hacking. [more]
Sunday, 21 April 2002, 3:03 PM CET


Security flaw in Microsoft Office for Mac
Microsoft acknowledged on Tuesday that its popular Office applications for the Macintosh have a critical security flaw that leaves users' systems open to attack by worms and online vandals. [more]
Sunday, 21 April 2002, 2:59 PM CET


Spotlight

Patching: The least understood line of defense

Posted on 29 August 2014.  |  How many end users, indeed how many IT pros, truly get patching? Sure, many of us see Windows install updates when we shut down our PC and think all is well. Itís not.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Tue, Sep 2nd
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //