HNS Newsletter
Issue 162 - 19.05.2003.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week. Visit Help Net Security for the latest 
security news - http://net-security.org.


-----------------------------------------------------------------
SECURITY INCIDENT ALERT
-----------------------------------------------------------------
Check your Web servers, FTP servers, Mail servers , DNS servers,
firewalls, IDS systems, switchers and routers for over 900 up to 
date vulnerabilities. Secure your critical assets today!

FREE System Security Test and Detailed Report
http://www.net-security.org/lm/ads/ads.pl?banner=scannerx1
-----------------------------------------------------------------


Table of contents:
 
1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Reviews
6) Security world
7) Software
8) Virus news


[ Security news ]

 
----------------------------------------------------------------

SMART DISK TO PROTECT LAPTOPS
A new hard disk with an integrated smartcard reader protects files 
on lost or stolen laptops.
http://www.net-security.org/news.php?id=2609


RECYLED CREDIT CARD NUMBERS POSE FRAUD RISK
The use of recycled credit card numbers by UK banks could 
create loopholes for fraud.
http://www.net-security.org/news.php?id=2610


TENABLE'S SOFTWARE TRACKS ATTACKS TO NETWORK SECURITY
For the average person, network security goes on in back rooms 
where overworked techies study blinking lights and speak in code. 
The relevance of that world to the daily life of a banker is minimal 
- except when the system is attacked.
http://www.net-security.org/news.php?id=2611


BEFORE FRIDAY COMES SPAMDAY
Nearly half of all e-mail messages sent are spam, according to 
research conducted by the British ISP BT Openworld and antivirus 
firm Brightmail, and the spammers' favorite day to stuff your 
mailbox is Thursday.
http://www.net-security.org/news.php?id=2612


IRAN STEPS UP NET CENSORSHIP
Iran has tightened controls on the internet, ordering thousands 
of websites to be blocked.
http://www.net-security.org/news.php?id=2615


INTERNET IDENTIFICATION
We wonder just how many people are familiar with the term 
"official personal authentication system."
http://www.net-security.org/news.php?id=2616


THE INFOSEC MATRIX
This sci-fi film has a lesson for security pros--we'll never 
control our systems if we neglect the human element.
http://www.net-security.org/news.php?id=2617


SNEAKY VIRUS SPREADING RAPIDLY
A new computer virus is spreading across the internet via e-mail 
and file-sharing programs, computer security experts have warned.
http://www.net-security.org/news.php?id=2618


U.S. INFORMATION SECURITY LAW, PART 3
This is the third part of a four-part series looking at U.S. 
information security laws and the way those laws affect 
security professionals. In this installment, we will look at 
the basics of the criminal information security law.
http://www.net-security.org/news.php?id=2619


ON VIRUS WRITERS
Unemployed virus writers take heart: the recording industry 
is hiring cyber miscreants to attack its own customers. And 
we thought you'd never amount to anything.
http://www.net-security.org/news.php?id=2620


CHECK POINT STOPS ATTACKS AT APP LEVEL
Check Point Software Technologies Ltd. is making a major 
move into the application security and intrusion prevention 
markets with a new set of capabilities for its widely deployed 
FireWall-1 and VPN-1 boxes.
http://www.net-security.org/news.php?id=2621


BUSINESSES 'UNAWARE OF BASIC ON-LINE SECURITY'
Businesses and other organisations were paying dearly because 
they did not bother with basic security to protect their on-line 
dealings, a conference was told today.
http://www.net-security.org/news.php?id=2622


A FIREWALL FOR ALL OCCASIONS
Packet filters, proxies, stateful inspection--which type of 
firewall is right for you?
http://www.net-security.org/news.php?id=2623


ANTIFORENSICS: THE LOOMING ARMS RACE
The anticipated release of a Windows-based "antiforensics" 
tool will likely heat up a simmering arms race between 
cybersleuths and digital bad guys.
http://www.net-security.org/news.php?id=2624


OASIS MEMBERS FORM WEB APPLICATION SECURITY 
TECHNICAL COMMITTEE
A newly formed OASIS Web Application Security Technical Committee 
will attempt to unite industry consensus and provide standards for 
classifying and responding to web security vulnerabilities.
http://www.net-security.org/news.php?id=2626


SPAM ATTEMPTS TO SCAM BANK OF AMERICA CUSTOMERS
Customers of another bank are being targeted by e-mail scammers 
attempting to steal account information and other personal data.
http://www.net-security.org/news.php?id=2627


SYMANTEC RELEASES NORTON SECURITY FOR MAC
Symantec has released Norton Internet Security 3.0 for Macintosh. 
The software suite, scheduled to be available in June, now includes 
a parental control feature that blocks Web sites that are 
inappropriate for viewing by children.
http://www.net-security.org/news.php?id=2628


LINUX PRODUCTIVITY MAGAZINE - TRIPWIRE
This issue of Linux Productivity Magazine is devoted to Tripwire, 
which can alert you quickly when there's an intrusion. So kick 
back, relax, enjoy, and remember that if you're an Open Source 
user, this is your magazine.
http://www.net-security.org/news.php?id=2629


COMPUTERBILD DISCLOSES SECURITY LOOPHOLE AT EBAY
A loophole remains open in the security system of the eBay 
online auction house according to reports by Europe’s largest 
computer magazine Computerbild.
http://www.net-security.org/news.php?id=2630


TAIWAN BRACES FOR CHINESE HACKER ONSLAUGHT
Taiwan has stepped up its cyber security measures for fear of 
an impending attack by a China-based hacker group.
http://www.net-security.org/news.php?id=2631


HACKING 2003 - THE NEW AGENDA
Bank robbers rarely choose a target at random when planning a 
heist. They usually have intimate knowledge of their target, 
scope it out and plan the attack. We see a similar approach 
now being used on the Internet.
http://www.net-security.org/news.php?id=2632


IMPROVING ORACLE SECURITY
Logical Apps offers granular security for Oracle databases.
http://www.net-security.org/news.php?id=2633


BEWARE OF THE NEW BREED OF HACKERS
Bank robbers rarely choose a target at random when planning a 
heist. They usually have intimate knowledge of their target, scope 
it out and plan the attack. We see a similar approach now being 
used on the Internet.
http://www.net-security.org/news.php?id=2634


NEW ATTACK SHEDS LIGHT ON VIRTUAL MACHINE SECURITY FLAWS
A student researcher has come up with an attack that uses light 
to thwart the security of Java and .Net virtual machines.
http://www.net-security.org/news.php?id=2635


RIAA APOLOGIZES FOR THREATENING LETTER
The Recording Industry Association of America apologized Monday 
to Penn State University for sending an incorrect legal notice of 
alleged Internet copyright violations.
http://www.net-security.org/news.php?id=2638


DNSSEC: SECURITY FOR ESSENTIAL NETWORK SERVICES
How can DNSSEC be implemented to prevent potential future 
catastrophic attack, and why has it not been widely deployed by 
the Internet community to date? What are the largest DNS security 
holes and how can you protect your network?
http://www.net-security.org/news.php?id=2639


IS YOUR WIRELESS NETWORK AIRTIGHT?
I'm sitting with my ThinkPad in a Starbucks near Akasaka. The cafe 
isn't advertised as a WLAN hot spot, so I'm pleasantly surprised to 
find myself enjoying high-speed Internet access courtesy of some 
nearby wireless network...
http://www.net-security.org/news.php?id=2640


IN SEARCH OF THE IT PATCH MASTER
"There's a false sense of security" once a patch is installed on a 
network, says Steve Larsen, CEO of BigFix. Over a six- to 12-month 
period, about 20 percent of machines will become unpatched.
http://www.net-security.org/news.php?id=2641


IS PALLADIUM GETTING A BAD RAP?
Privacy experts warn that Microsoft's Next Generation Secure 
Computing Base, also known as Palladium, could enable content 
providers to enforce draconian copyright protections. But a 
Microsoft representative says don't believe the hype.
http://www.net-security.org/news.php?id=2642


PUZZLES COULD BLOCK MASS COMPUTER ATTACKS
Setting computers a puzzle could thwart a type of mass computer 
attack increasingly being used to target websites, say US computer 
researchers.
http://www.net-security.org/news.php?id=2643


CREDIT CARD SCAM RAISES AWARENESS OF IDENTITY THEFT
"Identity theft is a major issue." That's the word from Clay Cone, 
spokesman for First National Bank of Florida, following a recent 
incident in which an attacker had tapped into the database of 
an unidentified merchant and retrieved an undisclosed number 
of Visa card numbers.
http://www.net-security.org/news.php?id=2644


WIPING OUT THE DATA THAT WON'T DIE
The undead cause you problems. Not the ones from horror movies, 
but the files on your hard drive that you only think you zapped.
http://www.net-security.org/news.php?id=2645


FTC FORUM: INTERNET USERS WANT CHEAP PRIVACY
Internet users want to keep their personal information private, 
but they want privacy tools to be cheap, easy to use and 
nearly invisible.
http://www.net-security.org/news.php?id=2646


WHEN BAD THINGS HAPPEN TO GOOD COMPANIES
If you don't have a clear cyberincident response plan in 
place, you risk losing millions of dollars.
http://www.net-security.org/news.php?id=2647


HACKERS BIGGER THREAT THAN ROGUE STAFF
Survey of financial firms finds 90 per cent of security 
breaches come from outside.
http://www.net-security.org/news.php?id=2649


SMALL FIRMS 'SHUN' PC SECURITY
Britain's small businesses are taking risks with the security 
of their computer networks, say experts.
http://www.net-security.org/news.php?id=2650


EXPIRED DOMAINS EXPOSE EBAY SECURITY GLITCH
eBay's security was called into question twice this week 
as separate sources reported loopholes in the "log-in" 
system that allowed hackers to gain access to users' 
accounts.
http://www.net-security.org/news.php?id=2651


WIRELESS CAMERAS: SECURITY OR SNOOPING?
Wireless surveillance cameras could intrude on consumer 
privacy, data protection and civil liberty, according to 
experts.
http://www.net-security.org/news.php?id=2652


SECURING APACHE: STEP-BY-STEP
This article shows in a step-by-step fashion, how to install 
and configure the Apache 1.3.x Web server in order to 
mitigate or avoid successful break-in when new 
vulnerabilities in this software are found.
http://www.net-security.org/news.php?id=2653


FEDS PRIME NEW ANTISPAM WEAPON
Federal and state law enforcement agencies pledged to take an 
aggressive new approach to fighting spam: identifying "open 
relay" mail servers that serve as conduits for massive quantities 
of junk e-mail.
http://www.net-security.org/news.php?id=2654


ADMINISTER LINUX ON THE FLY
The /proc filesystem is one of Linux's great features, and this 
article gives you a thorough grounding in some of its most 
useful aspects.
http://www.net-security.org/news.php?id=2655


IM SECURE(ITY)
Most IM systems in use today were designed with scalability 
in mind, rather than security.
http://www.net-security.org/news.php?id=2656


LATEST ADDITION TO HACKER TOOLKITS - A LIGHT BULB
Java and .Net virtual machines can be prised open with a little 
ingenuity and hacking tools as crude as a light bulb, according 
to a pair of Princeton University researchers.
http://www.net-security.org/news.php?id=2657


SECURITY SPENDING RISING FOR DATA CENTERS, SURVEYS SHOW
As the director of global security at Hewitt Associates LLC, 
Dan Josephites is taking a multifaceted approach to bolstering 
defenses at his company, which is the nation’s largest human 
resources outsourcer.
http://www.net-security.org/news.php?id=2658

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

Venturi Wireless Client 2.1 Acts as an Open Relay
http://www.net-security.org/vuln.php?id=2688


Multiple IMAP clients Buffer Overflow Vulnerabilities
http://www.net-security.org/vuln.php?id=2687


php-proxima Remote File Access Vulnerability
http://www.net-security.org/vuln.php?id=2686


Inktomi Traffic-Server Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=2685


Cisco ACL Vulnerability When Using VPN Crypto Engine Accelerator
http://www.net-security.org/vuln.php?id=2684


BEA WebLogic Server and Express 7.x Passwords 
Disclosure Vulnerability
http://www.net-security.org/vuln.php?id=2683


cdrtools Format String Vulnerability
http://www.net-security.org/vuln.php?id=2682


Snitz Forum 3.3.03 Remote Command Execution Vulnerability
http://www.net-security.org/vuln.php?id=2681


Neoteris IVE Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=2680


Apple AirPort Administrative Password Obfuscation Vulnerability
http://www.net-security.org/vuln.php?id=2679


PHP-Nuke SQL Injection Vulnerability
http://www.net-security.org/vuln.php?id=2678


Opera 7.11 java.util.zip.* Vulnerability
http://www.net-security.org/vuln.php?id=2677


Drag and Zip Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=2676

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

Gentoo Linux Security Announcement - cdrtools
http://www.net-security.org/advisory.php?id=2037


Gentoo Linux Security Announcement - ut2003-demo
http://www.net-security.org/advisory.php?id=2036


Immunix Secured OS Security Advisory - fileutils
http://www.net-security.org/advisory.php?id=2035


Guardian Digital Security Advisory - kernel several bug 
and security-related fixes
http://www.net-security.org/advisory.php?id=2034


Guardian Digital Security Advisory - gnupg key validation bug
http://www.net-security.org/advisory.php?id=2033


Guardian Digital Security Advisory - sudo heap corruption 
vulnerability
http://www.net-security.org/advisory.php?id=2032


Gentoo Linux Security Announcement - gnupg
http://www.net-security.org/advisory.php?id=2031


Red Hat Security Advisory - Updated lv packages fix vulnerability
http://www.net-security.org/advisory.php?id=2030


Debian Security Advisory - New sendmail packages fix 
insecure temporary file creation
http://www.net-security.org/advisory.php?id=2029


Debian Security Advisory - New mysql packages fix 
multiple vulnerabilities
http://www.net-security.org/advisory.php?id=2028


Debian Security Advisory - New lv packages fix local 
privilege escalation
http://www.net-security.org/advisory.php?id=2027


Mandrake Linux Security Update Advisory - cdrecord
http://www.net-security.org/advisory.php?id=2026


Cisco Security Advisory - Cisco IOS Software Processing 
of SAA Packets
http://www.net-security.org/advisory.php?id=2025


Red Hat Security Advisory - Updated tcpdump packages 
fix privilege dropping error
http://www.net-security.org/advisory.php?id=2024


Mandrake Linux Security Update Advisory - MySQL
http://www.net-security.org/advisory.php?id=2023


Mandrake Linux Security Update Advisory - xinetd
http://www.net-security.org/advisory.php?id=2022


SGI Security Advisory - Multiple Security Vulnerabilities 
in OpenSSL
http://www.net-security.org/advisory.php?id=2021


Conectiva Linux Security Announcement - evolution
http://www.net-security.org/advisory.php?id=2020


Red Hat Security Advisory - Updated 2.4 kernel fixes 
security vulnerabilities and various bugs
http://www.net-security.org/advisory.php?id=2019


Gentoo Linux Security Announcement - kopete
http://www.net-security.org/advisory.php?id=2018


Mandrake Linux Update Advisory - Updated drakxtools 
packages fix bugs in drakbackup
http://www.net-security.org/advisory.php?id=2017


SCO Security Advisory - OpenLinux: mgetty caller ID 
buffer overflow and spool perm vulnerabilities
http://www.net-security.org/advisory.php?id=2016


Red Hat Security Advisory - Updated xinetd packages 
fix a denial-of-service attack and other bugs
http://www.net-security.org/advisory.php?id=2015


Red Hat Security Advisory - Updated KDE packages 
fix security issues
http://www.net-security.org/advisory.php?id=2014


Gentoo Linux Security Announcement - shadow
http://www.net-security.org/advisory.php?id=2013


SCO Security Advisory - OpenLinux: kernel kmod/ptrace 
root exploit
http://www.net-security.org/advisory.php?id=2012


Red Hat Bug Fix Advisory - Updated redhat-config-network 
package available
http://www.net-security.org/advisory.php?id=2011

----------------------------------------------------------------




[ Featured articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to staff@net-security.org


----------------------------------------------------------------

TRUSTIX SECURE LINUX 2.0 BETA 2 RELEASED
Trustix team announced that Trustix Secure Linux 2.0 beta 2 (aka 
Hurricane) is available for download. As this is a beta release, it is 
not intended for usage on production servers, but rather for 
testing it and sending your feedback to Trustix.
http://www.net-security.org/article.php?id=488


LINUX SECURITY: PUBLIC KEY AND SYMMETRIC KEY ENCRYPTION
This is an excerpt from "A Practical Guide to Red Hat Linux 8" which 
gives you information on encryption.
http://www.net-security.org/article.php?id=489


HANDBOOK FOR COMPUTER SECURITY INCIDENT RESPONSE TEAMS
The document is aimed at aiding the planning, creation and 
development of CSIRTs: teams trained specifically to deal 
with IT security incidents.
http://www.net-security.org/article.php?id=490


INTERVIEW WITH MARK KOMARINSKI
The author of the Training Course for Red Hat Linux and Senior 
Linux System Administrator for Harvard Medical School talks about 
his work and general Linux issues.
http://www.net-security.org/article.php?id=491

----------------------------------------------------------------




[ Reviews ]


All reviews are located at: 
http://www.net-security.org/reviews.php 


----------------------------------------------------------------

INSIDE THE SECURITY MIND: MAKING THE TOUGH DECISIONS
We are all at risk. This is the state of things and it will not 
change. What can change is our way of thinking about security 
issues and the way we approach them. Security is a complex 
process with dynamic details and in order to make efficient 
security decisions you need a security mind, and that's exactly 
what the author helps you develop with this book.
http://www.net-security.org/review.php?id=63


DEPLOYING LICENSE-FREE WIRELESS WIDE-AREA NETWORKS
Don't expect this book to describe wireless network installations. 
I'm just saying that the book doesn't cover actual case studies or, 
as I expected, usage of Cisco Systems wireless hardware in the 
process of finalizing the wide area wireless networks. The book 
does just what the title says, covers the planning and deploying 
parts related to broadband wireless wide area networks.
http://www.net-security.org/review.php?id=64


UNIX: VISUAL QUICKSTART GUIDE 2/E
There's a myriad of online documentation and books out there that 
can help you get into UNIX. This book is different as it concentrates 
on teaching using a lot of screenshots which makes it one of the 
best resources for beginners. What does it offer exactly? Read on 
to find out.
http://www.net-security.org/review.php?id=65

----------------------------------------------------------------




[ Security world ]


All press releases are located at:
http://www.net-security.org/press_main.php


----------------------------------------------------------------

Macrovision Launches SafeDisc Copy-Protection for Mac OS X
http://www.net-security.org/press.php?id=1420


BOScom Launches First Fully Secure IP Telephony Gateways 
with Dynamic IP to PSTN Switching
http://www.net-security.org/press.php?id=1419


Meetinghouse and Intersil Enter into Licensing Agreement for 
AEGIS Authentication API Supporting WPA and Cisco CCX 
Wireless LAN Security
http://www.net-security.org/press.php?id=1418


Trustix Answers Small Business Needs With Launch of First 
Linux-based Small Office Server
http://www.net-security.org/press.php?id=1417


Panda Antivirus Titanium: Awarded “Recommended Product” 
from BIT Portugal
http://www.net-security.org/press.php?id=1416


Trend Micro "Suite-ins" Antivirus Offer to Small and 
Medium Businesses
http://www.net-security.org/press.php?id=1415


ActivCard and Giesecke & Devrient Team to Deliver 
Comprehensive Java Card
http://www.net-security.org/press.php?id=1414


Neoteris Instant Virtual Extranet Grants Secure Access To 
Documents, Files, And Applications For Legal Professionals
http://www.net-security.org/press.php?id=1413


Virus-Infected E-mails Received By SMEs Continue 
To Rise, Reveals VIA NET.WORKS UK
http://www.net-security.org/press.php?id=1412


Software602 Selects BitDefender Antivirus for LAN SUITE 2003
http://www.net-security.org/press.php?id=1411


Verifone and Multepay Partner to Offer Electronic 
Top-Up Services To UK Retailers
http://www.net-security.org/press.php?id=1410

----------------------------------------------------------------




[ Security Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2


----------------------------------------------------------------

BITDEFENDER ANTI FIZZER
This is a removal tool for the Fizzer worm. In addition to e-mail, 
"Fizzer" spreads via the KaZaA P2P file-sharing network, and 
employs sneaky and dangerous tactics such as a 'key logger' 
and a trojan program that allows remote management of 
infected computers.
http://www.net-security.org/software.php?id=488

----------------------------------------------------------------




[ Virus News ]


All virus news are located at: 
http://www.net-security.org/viruses.php 


----------------------------------------------------------------

Weekly Virus Report - Fizzer Worm and Lovgate Variants
http://www.net-security.org/virus_news.php?id=235


Flaw in Fizzer's Code Provides Vital Hint of Infection
http://www.net-security.org/virus_news.php?id=234


The Second Coming Of the "Lovgate" Worm
http://www.net-security.org/virus_news.php?id=233


Fizzer E-mail Worm is Spreading at an Alarming Rate
http://www.net-security.org/virus_news.php?id=232


Panda Software Receives Reports of Incidents Caused by Fizzer
http://www.net-security.org/virus_news.php?id=231


Fizzer Worm Attacks Via E-mail and KaZaA
http://www.net-security.org/virus_news.php?id=230

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:
 
Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Subscribe to this weekly digest on:
http://www.net-security.org/subscribe.php

Unsubscribe by sending the e-mail address you are subscribed
with to: info@net-security.org with UNSUBSCRIBE in the message body.

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


-----------------------------------------------------------------
SECURITY INCIDENT ALERT
-----------------------------------------------------------------
Check your Web servers, FTP servers, Mail servers , DNS servers,
firewalls, IDS systems, switchers and routers for over 900 up to 
date vulnerabilities. Secure your critical assets today!

FREE System Security Test and Detailed Report
http://www.net-security.org/lm/ads/ads.pl?banner=scannerx1
-----------------------------------------------------------------