HNS Newsletter
Issue 164 - 02.06.2003.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week. Visit Help Net Security for the latest 
security news - http://net-security.org.


-------------------------------------------------------------------
FREE GUIDE-128-BIT ENCRYPTION
-------------------------------------------------------------------
Thawte is one of the few companies that offers 128 bit supercerts.
A supercerts will allow you to extend the highest allowed 128 bit 
encryption to all your clients even if they use browsers that are 
limited to 40 bit encryption.
-------------------------------------------------------------------
Download a guide to learn more.
http://gothawte.com/rd745.html
-------------------------------------------------------------------


Table of contents:
 
1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Reviews
6) Security world
7) Software
8) Virus news


[ Security news ]

 
----------------------------------------------------------------

CYBER-CRIME CRACKDOWN
The newly minted Australian High Tech Crime Centre could collect 
its first when a 17-year-old faces the Adelaide Youth Court charged 
with a single count of illicitly receiving $4890 from an ANZ 
customer's internet banking account.
http://www.net-security.org/news.php?id=2715


PGP HINTS AT SECURE INSTANT MESSAGING
The chief executive of PGP Corporation, Phillip Dunkelberger, has 
hinted the company will release a secure instant messaging 
application following the re-launch of the brand in June last year.
http://www.net-security.org/news.php?id=2716


CYBER INSURANCE BETWEEN THE LINES
Your company may already have insurance against computer attacks 
and electronic sabotage, without even knowing it.
http://www.net-security.org/news.php?id=2717


GEEKY LEGAL BEAGLES NAIL SPAMMERS
A team of tech-savvy lawyers is gunning for spammers and software 
companies that commit fraud and foist incomprehensible software 
licenses on consumers. New York State Attorney General Eliot 
Spitzer uses old laws in new ways to fight for consumers' rights.
http://www.net-security.org/news.php?id=2718


INTRODUCING NEW WIRELESS SECURITY
Emerging standards plug holes, strengthen encryption.
http://www.net-security.org/news.php?id=2719


TREND MICRO BUG PREYS ON "P"
Trend Micro's antispam software recently took issue with 
the letter "P."
http://www.net-security.org/news.php?id=2720


THE TOP 10 WIRELESS LAN POLICY VIOLATIONS
With a broad base of customers that includes more than 50 Blue Chip 
companies and large government agencies, AirDefense collected data 
to compile the 10 most common wireless LAN policy violations.
http://www.net-security.org/news.php?id=2722


GIDIS TRUSTED LINUX: A MLS LINUX VERSION
GIDIS Trusted Linux is a security enhanced version of Linux 
which descends from Lisex.
http://www.net-security.org/news.php?id=2723


FEDS TO OPEN CYBER-SECURITY OPS CENTER
Officials at the department of Homeland Security plan to announce 
this week the establishment of a national cyber-security center, 
which brings all the department's information security assets under 
one umbrella, according to people briefed on the plan.
http://www.net-security.org/news.php?id=2724


WHICH IS BUGGIER - WINDOWS OR LINUX?
Which operating system - Windows or Linux - deserves the dubious 
title, "Most Prone to Bugs and Security Problems"?
http://www.net-security.org/news.php?id=2725


HACKERS INSPIRED BY IRAQ WAR
The war in Iraq appears to have prompted a jump in the number of 
attacks disrupting internet sites to record levels.
http://www.net-security.org/news.php?id=2728


OVER 70 PERCENT OF BUSINESSES ARE HACKED
A survey has found that three-quarters of businesses in Asia have 
suffered from network intrusions in the past, says market research 
firm IDC.
http://www.net-security.org/news.php?id=2729


CONDUCTING A SECURITY AUDIT: AN INTRODUCTORY OVERVIEW
This article will offer a brief overview of security audits: what they 
are, why they are important, and how they are conducted.
http://www.net-security.org/news.php?id=2730


SOFTWARE TRACKS DOWN STOLEN PCS
Pilfering a PC may become less appealing, if software makers Phoenix 
Technologies and Softex have their way.
http://www.net-security.org/news.php?id=2731


YOU CAN CATCH MORE SPIES WITH HONEY
Honeypots and honeynets can take the sting out of hacker attacks.
http://www.net-security.org/news.php?id=2732


ADVENTURES WITH KERBEROS, CVS, AND GSS-API
Jennifer Vesperman, author of the upcoming Essential CVS, recently 
tried to make her CVS installation use Kerberos authentication. She 
describes how she went about integrating the two in this article.
http://www.net-security.org/news.php?id=2733


SETTING UP SUSE FOR WIRELESS NETWORKING
I was excited to set up my copy of SuSE Linux Professional 8.2 on a 
machine I'm planning to use for testing. Everything went smoothly 
except for installation of the Orinoco Silver PC Card network 
adapter. Several hours and unsuccessful tacks later, I can claim 
victory, and maybe save you time if you tackle the same task.
http://www.net-security.org/news.php?id=2734


BUILD A CROSS-PLATFORM TEST NETWORK
This tutorial shows how to combine Samba and GRUB to build a 
compact, highly adaptable, cross-platform test network, capable 
of booting and networking a large number of operating systems on 
a small number of machines.
http://www.net-security.org/news.php?id=2735


ARM ADDING HARDWARE-BASED SECURITY TO ITS CORES
Chip designer ARM Ltd. Tuesday said it will add extensions to its 
processor core next year that incorporate hardware-based 
security technologies.
http://www.net-security.org/news.php?id=2736


POLICE PROVIDE PR HELP
UK's National High Tech Crime Unit wants more firms to report 
computer crimes, offering in return help with negative publicity.
http://www.net-security.org/news.php?id=2737


SYMANTEC TO PROVIDE US DOD WITH THREAT INFO
A deal between Symantec and the U.S. Department of Defense will 
provide the U.S. government with intelligence gathered from 
Symantec's DeepSight threat and vulnerability alert services.
http://www.net-security.org/news.php?id=2738


ISS ADDS 'VIRTUAL' PATCHING
The upgrade aims to ease IT security.
http://www.net-security.org/news.php?id=2739


AIRTRAF SECURITY
One of the things to pay attention to with wireless security is the 
usefulness of a site survey. Here, Victor Marks talks about 
conducting such a survey without having to buy a horrendously 
expensive software package, and getting immediate feedback 
and the most effectiveness.
http://www.net-security.org/news.php?id=2740


MICROSOFT XP SECURITY UPDATE FLAWED
Microsoft has withdrawn a security update for Windows XP after 
discovering that it switched off Internet connections for some of 
the 600,000 users who downloaded and installed it.
http://www.net-security.org/news.php?id=2741


WIRELESS, WEB SERVICES DOMINATE SECURITY INTERESTS
In a new weekly tally of white-paper downloads from the ITPapers 
service, wireless networks and Web services dominate.
http://www.net-security.org/news.php?id=2742


THE DANGERS OF NEGLECTING IDENTITY MANAGEMENT
Many Global 2000 companies are suffering from serious security 
vulnerabilities and operational inefficiencies because of a lack of 
secure identity management, according to a new study by Stanford 
University and Hong Kong University of Science and Technology.
http://www.net-security.org/news.php?id=2743


OMB SAYS FED SECURITY SYSTEMS IMPROVING
Agencies making progress in identifying vulnerabilities but increased 
reviews have also revealed new threats.
http://www.net-security.org/news.php?id=2744


WEB APP FIREWALLS TOUGHEN UP
With a pressing need to do more to protect Web applications from 
attack, IT staff can turn to a new class of specialized firewalls 
that do a great deal to protect Web servers, Web applications, 
and connected internal servers and databases from attack.
http://www.net-security.org/news.php?id=2745


'HACKING THE XBOX' - CULT CLASSIC OR CRIME?
"Only technology that allows you to hack copyright is covered by 
the DMCA, not information. If [Huang] were providing a box, then 
that would be actionable, but information on how to do it is not."
http://www.net-security.org/news.php?id=2748


'TOO MUCH CYBER SECURITY' AT CIA
While other government agencies struggle with their cyber security 
practices, the Central Intelligence Agency apparently suffers from 
the opposite problem: too much security - according to a recent 
study of the agency's use of information technology.
http://www.net-security.org/news.php?id=2749


PGP ENCRYPTION PROVES POWERFUL
If the police and FBI can't crack the code, is the technology 
too strong?
http://www.net-security.org/news.php?id=2750


MALWARE MYTHS AND MISINFORMATION PART 2
This article is the second of a three-part series looking at some 
of the myths and misconceptions that undermine anti-virus 
protection.
http://www.net-security.org/news.php?id=2751


APPLE TAKES AIM AT MUSIC PIRACY
Updated ITunes software disables certain sharing features.
http://www.net-security.org/news.php?id=2752


TAKING THE OFFENSIVE ON IDENTITY THEFT
Catch Me If You Can wasn't just a hit at the movies this winter. 
It's also the modus operandi of a growing band of street criminals 
and their hacker allies who trade in consumer credit card 
information, Social Security numbers and other confidential data 
that are stored inside organizations and wash across millions of 
Web sites every day.
http://www.net-security.org/news.php?id=2753


NEW HEAD AT MICROSOFT SECURITY RESPONSE CENTER
Steve Lipner, Microsoft's director of security engineering strategy,
has handed over responsibility for the MSRC to Kevin Kean, an 
industry veteran who joined Microsoft as group product manager 
for management and communications products in 1996, Microsoft 
said in a statement.
http://www.net-security.org/news.php?id=2754


CENTRINO, VPN GROUND SOME PCS
Some laptop computer owners have discovered an annoying quirk 
with their machines: Whenever users install certain Nortel security 
software, their computers' screens turn blue and the laptops cease 
to work.
http://www.net-security.org/news.php?id=2755


ENLISTING THE YOUNG AS WHITE-HAT HACKERS
On a Wednesday evening, in an office suite appointed with Pentium 
II's and little else, 10 teenagers were doing Andrew Robinson's 
bidding. Fortified by pizza and soda, they studied a computer 
system's weaknesses, looking for ways to break in and steal 
information.
http://www.net-security.org/news.php?id=2758


SECURITY DATA PROJECT TO COMBAT TERRORISM
Potential IT suppliers must apply for clearance for 
top-secret initiative.
http://www.net-security.org/news.php?id=2759


MICROSOFT PATCHES MORE SECURITY HOLES
Microsoft on Wednesday issued a pair of security alerts addressing 
potential flaws that could make its software vulnerable to attackers.
http://www.net-security.org/news.php?id=2760


PALM ADDS VOIP AND SECURITY TO TUNGSTEN C
Palm said it will team with Meetinghouse Data Communications to 
make its Aegis WLAN security software available for Tungsten C 
devices later this summer.
http://www.net-security.org/news.php?id=2761


CISCO DISCUSSIONS: WIRELESS SECURITY AND NETWORK MANAGEMENT
Cisco's Networking Professional Connection offers a broad range 
of Cisco IT specific discussions. These technical questions and 
answers provide lot of practical information on wireless and 
security topics.
http://www.net-security.org/news.php?id=2762


REDMOND ACCUSED OF MISLEADING CUSTOMERS
Security researcher Marc Maiffret of eEye digital Security has 
accused Microsoft of misleading customers in its advisory issued 
on Wednesday about a vulnerability in Windows Media Services.
http://www.net-security.org/news.php?id=2763


BUSINESSES CUT SECURITY LOSSES
Greater use of security hardware and software products helped 
businesses substantially reduce losses due to security incidents, 
a new survey says.
http://www.net-security.org/news.php?id=2765


CALIFORNIA SUPREMES HEAR DECSS CASE
The Golden State's high court ponders computer code as speech, 
against warnings that California's economic security is at risk from 
evil programmers.
http://www.net-security.org/news.php?id=2766


LAMO HACKS CINGULAR CLAIMS SITE
Adrian Lamo, the hacker who in the past has exploited security 
holes at The New York Times and Yahoo, finds a breach at a site 
where he had access to the records of millions Cingular wireless 
customers.
http://www.net-security.org/news.php?id=2767


TOP FIVE OPEN SOURCE PACKAGES FOR SYSTEM ADMINISTRATORS
This is the final installment of a five-part series in which I 
introduce my current list of the most useful and widely applicable 
open source administrative tools. In general, these tools can make 
your job easier no matter what Unix operating system your 
computers run.
http://www.net-security.org/news.php?id=2768


UNIVERSITY DEFENDS VIRUS-WRITING CLASS
Safeguards will prevent malicious software from causing problems 
on the Internet, the school says.
http://www.net-security.org/news.php?id=2769


DOING IT ALL WITH OPENSSH, PART 1
This is an introduction to doing it all with the secure shell.
http://www.net-security.org/news.php?id=2770

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

Apache Portable Runtime Denial of Service and Arbitrary 
Code Execution Vulnerabilities
http://www.net-security.org/vuln.php?id=2718


Activity Monitor 2002 Remote Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=2717


Bandmin 1.4 Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=2716


Remote PC Access Server 2.2 Vulnerability
http://www.net-security.org/vuln.php?id=2715


Microsoft Internet Information Services 5.0 Denial of 
Service Vulnerability
http://www.net-security.org/vuln.php?id=2714


Sun-One Application Server Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=2713


Quake 3 Engine /con/con Client Crashing Vulnerability
http://www.net-security.org/vuln.php?id=2712


Axis Network Camera HTTP Authentication Bypass Vulnerability
http://www.net-security.org/vuln.php?id=2711


BRS WebWeaver POST and HEAD Overflow Vulnerabilities
http://www.net-security.org/vuln.php?id=2710


PalmVNC 1.40 Plaintext Records Vulnerability
http://www.net-security.org/vuln.php?id=2709


AnalogX Proxy Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=2708


D-Link 704P Router Malformed URL Vulnerability
http://www.net-security.org/vuln.php?id=2707


FastTrack Network Vulnerability
http://www.net-security.org/vuln.php?id=2706


TextPortal Default Password Vulnerability
http://www.net-security.org/vuln.php?id=2705


Ultimate PHP Board v1.9 Remote Command Execution Vulnerability
http://www.net-security.org/vuln.php?id=2704


iisPROTECT Arbitrary Command Execution Vulnerability
http://www.net-security.org/vuln.php?id=2703


Nessus NASL Scripting Engine Vulnerabilities
http://www.net-security.org/vuln.php?id=2702


Prishtina FTP Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=2701

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

Gentoo Linux Security Announcement - maelstrom
http://www.net-security.org/advisory.php?id=2072


Mandrake Linux Security Update Advisory - cups
http://www.net-security.org/advisory.php?id=2071


Slackware Security Advisory - CUPS DoS vulnerability fixed
http://www.net-security.org/advisory.php?id=2070


Microsoft Security Bulletin MS03-019 - Flaw in ISAPI Extension 
for Windows Media Services Could Cause Denial of Service
http://www.net-security.org/advisory.php?id=2069


Microsoft Security Bulletin MS03-018 - Cumulative Patch 
for Internet Information Service
http://www.net-security.org/advisory.php?id=2068


Microsoft Security Bulletin MS03-007 - Unchecked Buffer In 
Windows Component Could Cause Server Compromise (revised)
http://www.net-security.org/advisory.php?id=2067


Microsoft Security Bulletin MS03-013 - Buffer Overrun in Windows 
Kernel Message Handling could Lead to Elevated Privileges (revised)
http://www.net-security.org/advisory.php?id=2066


Debian Security Advisory - New gps packages fix multiple 
vulnerabilities
http://www.net-security.org/advisory.php?id=2065


Red Hat Security Advisory - Updated httpd packages fix 
Apache security vulnerabilities
http://www.net-security.org/advisory.php?id=2064


SCO Security Advisory - OpenServer 5.0.5 OpenServer 5.0.6: 
Buffer overflows and other security vulnerabilities in Squid
http://www.net-security.org/advisory.php?id=2063


Conectiva Linux Security Announcement - netpbm
http://www.net-security.org/advisory.php?id=2062


Conectiva Linux Security Announcement - BitchX
http://www.net-security.org/advisory.php?id=2061


Red Hat Security Advisory - Updated CUPS packages 
fix denial of service attack
http://www.net-security.org/advisory.php?id=2060


SuSE Security Announcement - glibc
http://www.net-security.org/advisory.php?id=2059


Gentoo Linux Security Announcement - nessus
http://www.net-security.org/advisory.php?id=2058


Gentoo Linux Security Announcement - heimdal
http://www.net-security.org/advisory.php?id=2057

----------------------------------------------------------------




[ Featured articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to staff@net-security.org


----------------------------------------------------------------

INTERVIEW WITH IVAN ARCE, CTO OF CORE SECURITY TECHNOLOGIES
Ivan Arce, Chief Technology Officer of Core Security Technologies, 
sets the technical direction for the company and is responsible for 
overseeing the development, testing and deployment of all 
Core products.
http://www.net-security.org/article.php?id=499


GEARING UP FOR JULY 1, 2003 - SENATE BILL 1386 - HOW DOES 
IT AFFECT YOU?
On July 1, 2003, Senate bill 1386 becomes Civil Code 1798.82. In a 
nutshell, the law states that any person or company doing business 
in the state of California is responsible for notifying California 
residents of security breaches to their non-encrypted information.
http://www.net-security.org/article.php?id=500


KEY ITERATIONS AND CRYPTOGRAPHIC SALTS
The following document discusses the use of key iterations and 
cryptographic salts to stop dictionary attacks in password based 
encryption (symmetric cryptography).
http://www.net-security.org/article.php?id=496


RSA SECURITY 2003 IT SECURITY SURVEY PRESENTED
The Emmes Group, a San Francisco-based strategy consulting and 
market research firm, conducted an in-depth market research survey 
at the RSA 2003 Conference in San Francisco. The survey results 
indicate that the majority of respondents plan security purchases 
within one year.
http://www.net-security.org/article.php?id=497


APACHE 2.0.46 RELEASED - SECURITY AND BUGFIX RELEASE
The Apache Software Foundation and the Apache HTTP Server 
Project are pleased to announce the ninth public release of the 
Apache 2.0 HTTP Server. This Announcement notes the significant 
changes in 2.0.46 as compared to 2.0.45.
http://www.net-security.org/article.php?id=498

----------------------------------------------------------------




[ Reviews ]


All reviews are located at: 
http://www.net-security.org/reviews.php 


----------------------------------------------------------------

THE WINDOWS XP/2000 ANSWER BOOK: A COMPLETE RESOURCE 
FROM THE DESKTOP TO THE ENTERPRISE
The examples in this book are organized very well for easy access. 
This is a perfect reference guide both for system administrators 
and home users that want to solve problems without wasting time 
searching for the answers. It is a massive book, but you should 
have it on your bookshelf.
http://www.net-security.org/review.php?id=69


THE COMPLETE WIRELESS INTERNET AND MOBILE BUSINESS 
PROGRAMMING TRAINING COURSE
As technology is progressing rapidly, topics like mobile business 
and mobile commerce receive a lot of attention. Wireless 
technologies allow organizations to reach new markets, so a 
number of companies are seeing the possibilities and potentials 
of mobile platforms as an important part of the e-commerce 
sphere. Today we take a look at the PTG training course 
dealing with mobile business and programming.
http://www.net-security.org/review.php?id=70


RED HAT LINUX SURVIVAL GUIDE
Red Hat Linux is by far the most popular Linux distribution and 
therefore many books cover it in great detail. This time I went 
through a book that's not massive in size as others but it still 
covers a lot of material. Brought to you by the official Red Hat 
Press, it says to deliver practical advice to get you up and 
running in no time. Should you get this book? Read on to find out.
http://www.net-security.org/review.php?id=71

----------------------------------------------------------------




[ Security world ]


All press releases are located at:
http://www.net-security.org/press_main.php


----------------------------------------------------------------

Juniper Networks Delivers New Levels Of Network Security 
Integration And Scalability
http://www.net-security.org/press.php?id=1438


Tanners Celebrates Siemens Solution 1
http://www.net-security.org/press.php?id=1437


Panda Software Zaps Fizzer The Fastest
http://www.net-security.org/press.php?id=1436


Zix Corporation Provides St. Agnes HealthCare of the Ascension 
Health Network with Organization-wide e-Messaging Protection 
Services
http://www.net-security.org/press.php?id=1435


Sophos CEO Says: "I Won't Hire Virus Writing Students"
http://www.net-security.org/press.php?id=1434


Airscanner Mobile AntiVirus Pro Worldwide Product Launch
http://www.net-security.org/press.php?id=1433


Secure Operating Environment for Server-based Computing
http://www.net-security.org/press.php?id=1432


NetScreen and Trend Micro to Deliver Tighter Integration 
of Network Security Solutions
http://www.net-security.org/press.php?id=1431


NetScreen Announces New Appliance for Enterprise 
Remote Sites and Telecommuters
http://www.net-security.org/press.php?id=1430

----------------------------------------------------------------




[ Security Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2


----------------------------------------------------------------

MSULOGIN 0.9.1
sulogin is the single user mode login program used to force the 
console user to login under a root account before a shell is 
started. Unlike other implementations of sulogin, this one 
supports having multiple root accounts on a system.
http://www.net-security.org/software.php?id=491


SECURESERV 0.9.1
SecureServ is a advanced IRC Trojan detector, much like a Virus 
Scanner, but aimed for IRC networks. Using Several different 
methods, including, but not limited to Version checks, Behavior 
analysis, and general pattern matching, it aims to detect Trojans 
and Virus's as well as FloodBots that connect to your IRC network.
http://www.net-security.org/software.php?id=492


NIKTOOGLE 1.0
Niktoogle is one extra tool in the security pro's arsenal, primarily 
used during the fingerprinting phase of a security audit.
http://www.net-security.org/software.php?id=493


RATSCAN 1.2
RatScan is a graphically driven interface for SecureSoftware's RATS.
RatScan allows you to use the powerful code auditing features of 
RATS but with a familiarity and ease of a point and click working 
environment. Simply select the programming language and level 
of analysis you desire and open the file or project directory.
http://www.net-security.org/software.php?id=494

----------------------------------------------------------------




[ Virus News ]


All virus news are located at: 
http://www.net-security.org/viruses.php 


----------------------------------------------------------------

Central Command: Top 12 Viruses For May 2003
http://www.net-security.org/virus_news.php?id=246


Virus Writing Serves No Educational Purpose
http://www.net-security.org/virus_news.php?id=245


Weeky Virus Report - Naco.B, Holar.H and Auric Worms
http://www.net-security.org/virus_news.php?id=244


Sophos: Top 10 Viruses and Hoaxes in May 2003
http://www.net-security.org/virus_news.php?id=243


Panda Software Reports the Appearance of Holar.H Worm
http://www.net-security.org/virus_news.php?id=242


AVIEN Reaction on Computer Viruses University Course
http://www.net-security.org/virus_news.php?id=241

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:
 
Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Subscribe to this weekly digest on:
http://www.net-security.org/subscribe.php

Unsubscribe by sending the e-mail address you are subscribed
with to: info@net-security.org with UNSUBSCRIBE in the message body.

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


-------------------------------------------------------------------
FREE GUIDE-128-BIT ENCRYPTION
-------------------------------------------------------------------
Thawte is one of the few companies that offers 128 bit supercerts.
A supercerts will allow you to extend the highest allowed 128 bit 
encryption to all your clients even if they use browsers that are 
limited to 40 bit encryption.
-------------------------------------------------------------------
Download a guide to learn more.
http://gothawte.com/rd745.html
-------------------------------------------------------------------