HNS Newsletter
Issue 167 - 23.06.2003.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week. Visit Help Net Security for the latest 
security news - http://net-security.org.


----------------------------------------------------------------
Need to Secure Multiple Domain or Host Names?
----------------------------------------------------------------
Securing multiple domain or host names need not burden you with 
unwanted administrative hassles. Learn more about how the 
cost-effective Thawte Starter PKI program can streamline 
management of your digital certificates.
----------------------------------------------------------------
Click here to download our Free guide:
http://gothawte.com/rd746.html
----------------------------------------------------------------


Table of contents:
 
1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Reviews
6) Security world
7) Security software
8) Virus news


[ Security news ]

 
----------------------------------------------------------------

SECURITY STARTUP'S CREED: YOU CAN'T HACK WHAT YOU CAN'T SEE
Security software startup Trusted Network Technologies Inc. 
is expected to come out of hiding this week. But it hopes its 
customers will appreciate the ability to make their networks 
and critical information systems more clandestine.
http://www.net-security.org/news.php?id=2886


DEVICES TACKLE MULTIPLE SECURITY JOBS
As IT staffs continue to look for ways to stretch their security 
budgets, vendors are readying new products that combine 
multiple security functions in a single offering.
http://www.net-security.org/news.php?id=2887


BAD RAPS FOR NON-HACKS
A few odd cases show that you don't have be a digital desparado 
to be accused of a cybercrime... particularly if you embarrass 
the wrong bureaucrats.
http://www.net-security.org/news.php?id=2888


INDIA GEARS UP TO FIGHT HACKERS
India's first internet security centre is due to become 
operational in July.
http://www.net-security.org/news.php?id=2889


ENCRYPTION IS FOR DATA AT REST, NOT JUST IN TRANSIT
Everybody knows that it is easier to hit a stationary target than 
a fast-moving target. Yet an enormous amount of resources are 
being used to encrypt data in motion, while the bigger risk is in 
data at rest.
http://www.net-security.org/news.php?id=2890


PENETRATION TEST FOR WEB APPLICATIONS - PART ONE
This article provides the penetration tester with an overview 
of Web applications - how they work, how they interact with 
users, and most importantly how developers can expose data 
and systems with poorly written and secured Web application 
front-ends.
http://www.net-security.org/news.php?id=2891


SECURITY GROUP IN THE HOT SEAT
The Homeland Security Department had the right idea when it 
created the National Cyber Security Division earlier this month, 
government and industry officials say, but many observers are 
withholding judgment until they see what the new division 
accomplishes.
http://www.net-security.org/news.php?id=2896


PORT KNOCKING
An introduction to how trusted users can manipulate firewall 
rules to transmit information across closed ports.
http://www.net-security.org/news.php?id=2897


HACKER TIPS CERT'S HAND ON LINUX/PDF FLAW
Confidential vulnerability information managed by the CERT 
Coordination Center has again been leaked to the public, 
following a flurry of such leaks in March.
http://www.net-security.org/news.php?id=2898


EXPERT ASSESSES THE STATE OF CYBER SECURITY AT CMU
Computer users beware: As the bad guys disrupt traffic on the 
information highway, cyber security becomes an increasing concern.
http://www.net-security.org/news.php?id=2899


INFO WITH A BELL AND CHAIN - PIRACY AND PRIVACY ISSUES
Stopping piracy and increasing privacy makes sense. But what 
will we lose by locking up our songs, movies, books, files and 
e-mails?
http://www.net-security.org/news.php?id=2900


A LITTLE-KNOWN SECURITY THREAT
Are your employees giving away confidential security information?
http://www.net-security.org/news.php?id=2901


DENIAL OF SERVICE ATTACKS
Last year nearly 40% of all business on the web experienced a DoS 
attack. While the migration from private to public networks might 
have made global reach of business possible, it has also exposed 
the networks to a large variety of security threats.
http://www.net-security.org/news.php?id=2902


WHERE DOES SECURITY FIT INTO THE ORGANIZATIONAL CHART?
CSOs offer plenty of opinions, but consensus is hard to come by.
http://www.net-security.org/news.php?id=2903


ANTI-SPAM PROPOSALS GET TOUGHER
A bipartisan group of legislators and some citizen groups, 
concerned that current legislative proposals to combat e-mail 
spam are inadequate, are engaged in a push for tougher 
alternatives.
http://www.net-security.org/news.php?id=2904


SECURITY MARKET EVOLUTION
Information technology security is no longer a small niche 
component of the network infrastructure market and an 
afterthought to IT projects.
http://www.net-security.org/news.php?id=2905


MICROSOFT TAKES SPAM FIGHT TO COURT
Intensifying its campaign against spammers, Microsoft announced 
Tuesday that it has taken legal action in the company's home 
state of Washington and in the United Kingdom.
http://www.net-security.org/news.php?id=2907


CISCO BEEFS UP SECURITY TRAINING
Cisco announced the expansion of its security certification and 
training program to reflect the latest advances in Cisco security 
technology and industry expectations for IT professionals.
http://www.net-security.org/news.php?id=2908


IMPROVED WI-FI SECURITY IS NOT FOR EVERYONE YET
Wireless local area network security is about to improve 
dramatically, but it will take time before some organizations 
can reap the rewards.
http://www.net-security.org/news.php?id=2909


PKI - INVISIBLY PROTECTING YOUR DIGITAL ASSETS
You may already be using PKI without knowing it if you have 
relied on certificates or "certs" to identify a web server or to 
confirm the identity of external websites. It is a critical 
technology for the Internet and is used in applications 
as diverse as e-commerce and VPNs.
http://www.net-security.org/news.php?id=2910


SECURITY VS. ACCESSIBILITY - A FINE BALANCE
For companies that need to share information with partners, 
suppliers and customers via the Internet, it is also crucial that 
they simultaneously lock down and protect vital corporate data 
and intellectual property.
http://www.net-security.org/news.php?id=2911


THE MAN WHO KEEPS THE PEACE - LINUS TORVALDS
Linus Torvalds, father of the Linux operating system, reveals 
how he keeps the revolution from becoming a jihad.
http://www.net-security.org/news.php?id=2912


DOES PRIVACY PAY?
The flat economy has forced companies across America to require 
any new investments to deliver hard economic returns within short 
timeframes. Do privacy-related investments generate these kinds 
of returns? In many cases, absolutely not.
http://www.net-security.org/news.php?id=2913


PASSWORD-PROTECT YOUR SENSITIVE FILES AND FOLDERS
Keep files private in XP and Me by compressing their folders; the 
last word on killing Messenger in XP Home.
http://www.net-security.org/news.php?id=2914


CYBERSECURITY STARTS IN THE OFFICE
When the office networks crash and work comes to a halt, there's 
probably an irresponsible co-worker somewhere in the building to 
blame. That's the sentiment many employees expressed in a 
survey on individual cybersecurity competence released today.
http://www.net-security.org/news.php?id=2915


'ALTERNATIVE' SECURITY CONFERENCE SET TO RETURN
The Ruxcon security conference, which drew 300 attendees from 
all over Australia to the University of Technology, Sydney (UTS) 
campus in April, will return in 2004.
http://www.net-security.org/news.php?id=2916


GOVERNMENT TO UNVEIL INTERNET DEFENCE PLANS
What to do if terrorists target the internet?
http://www.net-security.org/news.php?id=2918


A DAY IN THE LIFE OF A VIRUS RESEARCHER
Yaneza and his fellow researchers analyze and describe the latest 
malicious code to hit the Internet. But they don't study malware 
for the sake of knowledge; they bust their butts to get information 
out to Trend Micro's end users as fast and accurately as possible.
http://www.net-security.org/news.php?id=2919


DESTROY 'PIRATE' PCS, SAYS POLITICIAN
A US senator wants to develop new technology which would 
remotely destroy the computers of people who illegally 
download music tracks.
http://www.net-security.org/news.php?id=2920


GUESS INC. AGREES TO TIGHTEN WEB SECURITY
Clothing marketer Guess Inc. will tighten security for its Web site 
to resolve federal charges that it failed to protect customer credit 
card information from computer hackers.
http://www.net-security.org/news.php?id=2921


REVIEW: WINDOWS SERVICES FOR UNIX
Everyone knows what Microsoft does by now. What some people 
do not know is that Microsoft releases a system integration 
software named Windows services for UNIX.
http://www.net-security.org/news.php?id=2922


STREAMLINED COMMUNICATIONS CALLED KEY TO HOMELAND SECURITY
Streamlined and secure information management is a critical element 
for the U.S. Northern Command in providing homeland defense of 
North America when it assumes its full operational role Oct. 1.
http://www.net-security.org/news.php?id=2923


HP TO SHIP ANTISPAM SOFTWARE ON NEW PCS
Saying it wants to protect children from inappropriate material 
and give customers a more "positive" computing experience, 
Hewlett Packard will bundle antispam software with its new 
desktop PCs.
http://www.net-security.org/news.php?id=2924


NETSEC SCOOPS UP DEFCOM
London-based security consultancy Defcom Information Security 
has been bought out of administration by US managed security 
services firm NetSec. Financial terms of the deal, announced 
today, were not disclosed.
http://www.net-security.org/news.php?id=2925


TRACKING DOWN THE PHANTOM HOST
This article explains techniques on how to locate a problem host 
when you are not sure where it is physically located.
http://www.net-security.org/news.php?id=2926


SECURITY RESEARCHERS NIBBLE AT BLUETOOTH
On Tuesday the organization responsible for the Bluetooth wireless 
standard unveiled version 1.2. But for real evidence that that the 
technology is finally gaining acceptance turn to the conference 
program for this summer's DefCon convention.
http://www.net-security.org/news.php?id=2927


RSA GETS INTO FINGERPRINTS
RSA Security is to add biometric recognition technology to its 
popular line of two-factor authentication products.
http://www.net-security.org/news.php?id=2929


TOUGH TIMES BRING OUT THE BEST IN IT
The 2003 ImageTrak survey shows HP is favourite with UK customers.
http://www.net-security.org/news.php?id=2930


MYSQL GETS SECURITY SCANNER
Application Security Inc. is rolling out a security scanner for 
MySQL, the open-source database from MySQL AB, and for 
Web applications.
http://www.net-security.org/news.php?id=2931


FINANCIAL INSTITUTIONS' HACKING RATE HIGH
More than a third of financial institutions worldwide were hacked 
in the past year, according to a security survey.
http://www.net-security.org/news.php?id=2932


BEST FIREWALLS FOR THE ENTERPRISE
How important is a firewall's throughput? According to Check Point 
Technologies' Mark Kraynak, price performance -- the amount of 
throughput an enterprise gets versus the dollars it spends -- is 
more important than top-end throughput.
http://www.net-security.org/news.php?id=2933


IDENTITY CRISIS
Amidst terrorism threats and world turmoil, you'd think that 
support for security would be at an all-time high. You'd be 
wrong.
http://www.net-security.org/news.php?id=2934


GEEK CHALLENGE - A HACK-PROOF NETWORK
It's a task that would challenge even the sharpest of computer 
geeks: set up a hacker-proof computer network for 190,000 
government workers across the country fighting terrorism.
http://www.net-security.org/news.php?id=2935


MICROSOFT READIES KIT FOR SECURITY INITIATIVE
Microsoft at the Microsoft Professional Developers Conference 
in Los Angeles in October plans to release a preliminary software 
development kit for its Next-Generation Secure Computing Base 
(NGSCB) security technology, also known as Palladium.
http://www.net-security.org/news.php?id=2936


HACKERS MASQUERADE AS BEST BUY TO STEAL CREDIT-CARD DETAILS
An email purporting to be from the electronics chain is directing 
would-be victims to a fake Best Buy Web site.
http://www.net-security.org/news.php?id=2937


VERISIGN ANNOUNCES ANTI-FRAUD SERVICE
VeriSign Inc. is launching a new service to thwart online fraud 
with support voiced from at least one major credit card company.
http://www.net-security.org/news.php?id=2938

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

Progress 4GL Compiler Datatype Overflow Vulnerability
http://www.net-security.org/vuln.php?id=2772


SurfControl Web Filter for Microsoft ISA Server Vulnerability
http://www.net-security.org/vuln.php?id=2771


Kerio MailServer Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=2770


Internet Explorer Local Zone Custom HTTP ErrorsScript 
Injection Vulnerability
http://www.net-security.org/vuln.php?id=2769


Portmon File Arbitrary Read And Write Access Vulnerability
http://www.net-security.org/vuln.php?id=2768


MidHosting FTP Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=2767


Cajun P13x/P33x Switch Family Firmware 3.x Denial 
of Service Vulnerability
http://www.net-security.org/vuln.php?id=2766


phpMyAdmin Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=2765


Mailtraq Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=2764


Xoops and E-xoops CMS Module "tutorials" Directory 
Traversal Vulnerability
http://www.net-security.org/vuln.php?id=2763


Dantz Retrospect Client 5.0.540 for Mac OS X 
Permissions Vulnerability
http://www.net-security.org/vuln.php?id=2762


Snitz Forums Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=2761


LedNews v0.7 Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=2760

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

HP Security Alert - HP-UX pcltotiff
http://www.net-security.org/advisory.php?id=2148


Debian Security Advisory - New osh packages fix buffer overflows
http://www.net-security.org/advisory.php?id=2147


Red Hat Security Advisory - Updated Netscape packages 
are now available
http://www.net-security.org/advisory.php?id=2146


Debian Security Advisory - New webfs packages fix buffer overflow
http://www.net-security.org/advisory.php?id=2145


Debian Security Advisory - New xbl packages fix buffer overflows
http://www.net-security.org/advisory.php?id=2144


Debian Security Advisory - New orville-write packages 
fix buffer overflows
http://www.net-security.org/advisory.php?id=2143


Debian Security Advisory - New eldav packages fix 
insecure temporary file creation
http://www.net-security.org/advisory.php?id=2142


Red Hat Security Advisory - Updated Xpdf packages 
fix security vulnerability
http://www.net-security.org/advisory.php?id=2141


Slackware Security Advisory - 2.4.21 kernels available
http://www.net-security.org/advisory.php?id=2140


Debian Security Advisory - New ethereal packages fix 
multiple vulnerabilities
http://www.net-security.org/advisory.php?id=2139


Debian Security Advisory - New jnethack packages fix 
buffer overflow, incorrect permissions
http://www.net-security.org/advisory.php?id=2138


SGI Security Advisory - Perl "Safe.pm" vulnerability
http://www.net-security.org/advisory.php?id=2137


SGI Security Advisory - MIPSPro Compiler Predictable 
Temp File vulnerability
http://www.net-security.org/advisory.php?id=2136


Mandrake Linux Security Update Advisory - BitchX
http://www.net-security.org/advisory.php?id=2135


Debian Security Advisory - New noweb packages fix 
insecure temporary file creation
http://www.net-security.org/advisory.php?id=2134


Debian Security Advisory - New typespeed packages 
fix buffer overflow
http://www.net-security.org/advisory.php?id=2133


Mandrake Linux Security Update Advisory - gzip
http://www.net-security.org/advisory.php?id=2132


Mandrake Linux Security Update Advisory - ethereal
http://www.net-security.org/advisory.php?id=2131


Conectiva Linux Security Announcement - apache
http://www.net-security.org/advisory.php?id=2130


Gentoo Linux Security Announcement - cups
http://www.net-security.org/advisory.php?id=2129


Gentoo Linux Security Announcement - ghostscript
http://www.net-security.org/advisory.php?id=2128


Gentoo Linux Security Announcement - kon2
http://www.net-security.org/advisory.php?id=2127


Gentoo Linux Security Announcement - man
http://www.net-security.org/advisory.php?id=2126


Gentoo Linux Security Announcement - gzip
http://www.net-security.org/advisory.php?id=2125


Gentoo Linux Security Announcement - lprng
http://www.net-security.org/advisory.php?id=2124


Debian Security Advisory - New mikmod packages fix 
buffer overflow
http://www.net-security.org/advisory.php?id=2123


Debian Security Advisory - New mikmod packages fix 
buffer overflow
http://www.net-security.org/advisory.php?id=2122

----------------------------------------------------------------




[ Featured articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to staff@net-security.org


----------------------------------------------------------------

SYBARI RELEASES ANTIGEN 7.0 FOR DOMINO
Sybari Software, Inc., today announced that Antigen 7.0 for 
Lotus Domino is shipping and available. According to the media 
release, this new version of Antigen for Domino will further 
strengthen Antigen's global appeal as the antivirus solution 
of choice for Domino/Notes administrators that need to 
support multiple operating systems and maintain virus-free 
messaging and collaboration environments.
http://www.net-security.org/article.php?id=508


FIREBOX SOHO 6 WIRELESS SECURITY PRODUCT LINE ANNOUNCED
WatchGuard Technologies, Inc., today announced the new Firebox 
SOHO 6 Wireless product line. Featuring an integrated 802.11b 
Wireless Access Point, 4-port LAN 10/100 switch and remote 
management capabilities, the SOHO 6 Wireless line includes 
three models to fit the diverse requirements of small businesses, 
remote offices and telecommuters.
http://www.net-security.org/article.php?id=509


BUILDING AND IMPLEMENTING A SUCCESSFUL 
INFORMATION SECURITY POLICY
The purpose of this paper is to outline the strategies and 
managing processes behind implementing a successful Security 
Policy. Additionally, I will give recommendations for the creation 
of a Security Awareness Program, where the main objective will 
be to provide staff members with a better, if not much improved 
understanding of the issues stated in a security policy.
http://www.net-security.org/article.php?id=510


BASIC SECURITY MEASURES FOR FREEBSD
This document will describe the basic security measures that 
should be applied to a FreeBSD 4.x workstation. Mostly all of 
these measures should be applied in a server environment too 
with some extra measures (CGI/PHP security for webservers, 
SQL security for databases, etc.)
http://www.net-security.org/article.php?id=511


WHY MANAGED SECURITY SERVICES ARE SO POPULAR 
IN FINANCIAL INSTITUTIONS
'Managed Security Services' seems to be one of the new buzzwords 
in the ICT sector. When signing up with a Managed Security Service 
Provider (MSSP), this company will take over the real-time 
monitoring, management and support of your security devices 
on a 24x7x365 basis.
http://www.net-security.org/article.php?id=512

----------------------------------------------------------------




[ Reviews ]


All reviews are located at: 
http://www.net-security.org/reviews.php 


----------------------------------------------------------------

REVIEW - TREND MICRO OFFICESCAN CORPORATE EDITION
Michael Oliveri takes a look at Trend Micro OfficeScan Corporate 
Edition Version 3.54 and gives his take on this product. Is it right 
for your needs? Read on to find out.
http://www.net-security.org/review.php?id=78


INTRUSION DETECTION WITH SNORT
When taking a look at the most used security tools, one of the 
most popular and praised ones is surely Snort. This heavily used 
product is an open source Network Intrusion Detection System 
and is available to anyone without any cost. The book I'm taking 
a look today is a guide through the Snort installation and usage 
the complete web server environment comprising of Apache, 
MySQL, PHP and ACID.
http://www.net-security.org/review.php?id=79


GUERRILLA ORACLE: THE SUCCINCT WINDOWS PERSPECTIVE
Are you frustrated by your attempts to learn Oracle or improve your 
Oracle skills because of the sheer amount of technical documentation 
you have to wade through? This tutorial walks you step-by step 
through the process, showing you exactly what you need to know 
to install, create, and support a successful Oracle8i or 9i 
environment with Web capabilities.
http://www.net-security.org/review.php?id=80

----------------------------------------------------------------




[ Security world ]


All press releases are located at:
http://www.net-security.org/press_main.php


----------------------------------------------------------------

Neoteris Moves Headquarters To Larger Facility To 
Accommodate Rapid Company Growth
http://www.net-security.org/press.php?id=1480


Scalable Networks Ensures Security at Martin Brokers
http://www.net-security.org/press.php?id=1479


International Information Systems Security Certification 
Consortium (ISC)2 Announces Associate Program
http://www.net-security.org/press.php?id=1478


Panda Antivirus for Exchange Server 2003 Protects 
Completely and Effectively the Exchange Mail Servers
http://www.net-security.org/press.php?id=1477


Anti-Spam Tests Show Spam Can Be Stopped: 
SpamSquelcher Also Delivers Dramatic Cost Reductions
http://www.net-security.org/press.php?id=1476


Meetinghouse Joins the Wi-Fi Alliance
http://www.net-security.org/press.php?id=1475


Intrusion Inc. Sets New Benchmark for Network 
IDS Simplicity and Manageability
http://www.net-security.org/press.php?id=1474


Security Guide for ISPs Providing Windows-based 
Shared Hosting Services"
http://www.net-security.org/press.php?id=1473


NetScreen Extends Certifications To Include Important 
Worldwide Government Evaluation Standard
http://www.net-security.org/press.php?id=1472


Central Command Offers Existing RAV Antivirus Customers 
A Twenty Five Percent Discount To Upgrade To Vexira 
Antivirus Solutions
http://www.net-security.org/press.php?id=1471


Ibas and HP Join Forces - Leading the Way in Reliable 
Erasing of Sensitive Data
http://www.net-security.org/press.php?id=1470


Finnish Parliament switches to F-Secure Anti-Virus
http://www.net-security.org/press.php?id=1469

----------------------------------------------------------------




[ Security Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2


----------------------------------------------------------------

PHP HTML FILTER 0.1.0
Kses is an HTML filter written in PHP. It filters all HTML elements 
and attributes that are not allowed - no matter how strange or 
tricky the HTML code is. This is helpful to stop XSS (Cross-site 
Scripting) security holes.
http://www.net-security.org/software.php?id=496


SUSSEN 0.3
Sussen is a client for the Nessus Security Scanner. It is easy to 
use; you can perform a vulnerability assessment with just a few 
mouse clicks. It has a Glade-based user interface, Druids for 
common tasks, GConf support, and Anjuta project support.
http://www.net-security.org/software.php?id=497


INITSCRIPTS-VPN 1.0-1
This is a "plugin" for Red Hat Linux systems that allows you to 
easily create secure, encrypted tunnels between routers. It 
uses SSH for the encryption and PPP for the tunnel.
http://www.net-security.org/software.php?id=498

----------------------------------------------------------------




[ Virus News ]


All virus news are located at: 
http://www.net-security.org/viruses.php 


----------------------------------------------------------------

Eset Releases Version 2.0 of their NOD32 Anti Virus Product
http://www.net-security.org/virus_news.php?id=259


Fortnight Worm Exploits Old Security Vulnerability
http://www.net-security.org/virus_news.php?id=258


Weekly Virus Report - Danvee, Sobig.D and Mofei.B Worms
http://www.net-security.org/virus_news.php?id=257


Panda Software Warns Users of Sobig.D Worm
http://www.net-security.org/virus_news.php?id=256

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:
 
Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Subscribe to this weekly digest on:
http://www.net-security.org/subscribe.php

Unsubscribe by sending the e-mail address you are subscribed
with to: info@net-security.org with UNSUBSCRIBE in the message body.

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


----------------------------------------------------------------
Need to Secure Multiple Domain or Host Names?
----------------------------------------------------------------
Securing multiple domain or host names need not burden you with 
unwanted administrative hassles. Learn more about how the 
cost-effective Thawte Starter PKI program can streamline 
management of your digital certificates.
----------------------------------------------------------------
Click here to download our Free guide:
http://gothawte.com/rd746.html
----------------------------------------------------------------