HNS Newsletter
Issue 181 - 29.09.2003.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week.


-------------------------------------------------------------------
FREE GUIDE-128-bit encryption
-------------------------------------------------------------------
Thawte is one of the few companies that offers 128 bit supercerts.
A supercerts will allow you to extend the highest allowed 128 bit 
encryption to all your clients even if they use browsers that are 
limited to 40 bit encryption.
-------------------------------------------------------------------
Download a guide to learn more.
http://ad.doubleclick.net/clk;6091071;8369141;h
-------------------------------------------------------------------


Table of contents:
 
1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Software
6) Webcasts
7) Conferences
8) Security world
9) Virus news


[ Security news ]

 
----------------------------------------------------------------

ACCUSED AOL PHISHER SPAMMED THE FBI
Fraudulent e-mail asked an FBI computer crime agent for his 
credit card number. Charges have been filed.
http://www.net-security.org/news.php?id=3628


IN WORM WAR, FEDS FIGHT THE CLOCK
Worms are appearing more frequently than ever, but patches are 
not keeping pace, federal officials warned.
http://www.net-security.org/news.php?id=3629


ANALYSIS OF SYMANTEC'S STANCE ON CENSORSHIP
According to a report in the Sydney Morning Herald, Chief Operating 
Officer of Symantec, John Schwarz, was quoted as "calling for laws 
to make it a criminal offense to share information and tools online 
which could be used by malicious hackers and virus writers".
http://www.net-security.org/news.php?id=3630


INTRUSION DETECTION TEAM DENIES TROJAN CLAIM
The Snort intrusion detection system does not have a back door 
for intruders, says the program's author.
http://www.net-security.org/news.php?id=3631


INTERVIEW WITH DAN VERTON
Dan Verton is the the author of "The Hacker Diaries: Confessions of 
Teenage Hackers" is a former intelligence officer in the U.S. Marine 
Corps.
http://www.net-security.org/news.php?id=3632


WEB SITE HACKERPROOFING 101
Many organizations put static information on their Web sites, 
leaving them vulnerable to attack. However, by simply and 
inexpensively moving this data to a CD-ROM or DVD, they 
can greatly reduce their vulnerability.
http://www.net-security.org/news.php?id=3633


INSIDE PRELUDE, AN OPEN SOURCE IDS
Prelude is a very promising and featureful IDS. It differs from 
other IDSes, being a hybrid system. Prelude operates both 
as a host and network IDS.
http://www.net-security.org/news.php?id=3635


BALTIMORE SELLS 'CROWN JEWELS'
Security company Baltimore Technologies today announced a 
"conditional agreement" to sell its core public key infrastructure 
(PKI) business to US firm beTRUSTed for $5 million in cash.
http://www.net-security.org/news.php?id=3636


LOST IN TRANSLATION
We spend money, increase administration, and take away 
functionality. Is it any wonder that security people are 
so misunderstood?
http://www.net-security.org/news.php?id=3637


AUTHENTICATING LINUX USERS WITH IBM DIRECTORY SERVER
This article describes how to use the IBM Directory Server to 
authenticate Linux users. The author explains step-by-step how 
to configure Directory Server, and Linux, to build a basic 
configuration to use Directory Server to authenticate Linux users.
http://www.net-security.org/news.php?id=3638


PARANOIA PROTECTION
The only secure computer, so the saying goes, is one that is 
not connected to anything -- including the power. It is an adage 
that, while not very helpful, does cast some light -- or should 
that be shadow -- on the perils of connecting a personal computer 
to the net.
http://www.net-security.org/news.php?id=3639


LINUX SECURITY: GOOD ENOUGH
It's really simple. Linux has OK security , Windows doesn't. "Any 
questions?" asks Linux Center Editor Steven J. Vaughan-Nichols.
http://www.net-security.org/news.php?id=3640


A NEWBIE'S GUIDE TO SETTING UP PF ON OPENBSD 3.X
Since PF replaced IPF on OpenBSD starting with OpenBSD 3.0, it 
has become a world-class firewalling solution.
http://www.net-security.org/news.php?id=3641


KANGURU JUMPS IN WITH SECURITY DEVICE
A new USB-based product called the Kanguru Wizard promises to 
perform magic when it comes to data security.
http://www.net-security.org/news.php?id=3643


US JURY CONVICTS MAN IN DMCA CASE
A federal jury has convicted a Florida man of violating the Digital 
Millennium Copyright Act, in the first jury-trial conviction under 
the controversial law, according to a U.S. attorney's office.
http://www.net-security.org/news.php?id=3644


'RELENTLESS' PACE OF HACK ATTACKS
The huge number of day-to-day attacks that websites suffer has 
been revealed with the aid of two fake banking sites.
http://www.net-security.org/news.php?id=3645


FEDERAL AGENCIES TACKLE SOFTWARE SECURITY
Five federal agencies, led by the U.S. Department of Energy, plan 
to discuss a new set of government contracting practices that hold 
software makers accountable for making their products more 
resistant to viruses and hackers.
http://www.net-security.org/news.php?id=3646


CYBER THREAT
Some fear computer attacks could cause or intensify physical terror.
http://www.net-security.org/news.php?id=3647


ORACLE, U.S. ENERGY DEPT BOOST SOFTWARE SECURITY
The U.S. Department of Energy said that Oracle Corp. will provide 
its database software with preconfigured secure settings, a move 
that could greatly decrease the agency's vulnerability to Internet
based attacks.
http://www.net-security.org/news.php?id=3648


FIT BEST PRACTICE WITH YOUR SECURITY SOFTWARE
Companies are increasingly considering their security as world 
events cast doubt on their ability to deal with natural disaster, 
human error or malicious attack.
http://www.net-security.org/news.php?id=3649


WANT TO SUE OVER BUGGY CODE?
Forget it. Microsoft and other software makers shield themselves 
with the "End User Agreement." What if no one agreed?
http://www.net-security.org/news.php?id=3650


TEST YOUR DATA RECOVERY PLAN
Too many companies think they have disaster recovery measures in 
place, when in reality no one really knows whether they will work or 
how to implement them.
http://www.net-security.org/news.php?id=3651


SPAM SLAYER: SPOTTING THE GOOD GUYS
Spam filters are getting smarter and more thorough, but work remains.
http://www.net-security.org/news.php?id=3652


POLICE HUNT DOWN OWNER OF FAKE BANKING WEB SITE
Police said Thursday that they were trying to track down the 
owner of an allegedly fraudulent Web site offering offshore 
banking services and using a name similar to a Hong Kong 
bank's former subsidiary.
http://www.net-security.org/news.php?id=3654


RIAA GOES AFTER THE WRONG GAL
The music biz withdraws a lawsuit against a 66-year-old sculptor 
who claims never to have even downloaded file-trading software. 
Some say similar cases may emerge, given the difficulties of tying 
IP addresses to particular individuals.
http://www.net-security.org/news.php?id=3655


SECURITY PROBLEMS COULD DESTROY MICROSOFT
Mitch Wagner shares his thoughts on security problems that keep 
affecting Windows.
http://www.net-security.org/news.php?id=3656


INTRUSION DETECTION TERMINOLOGY (PART TWO)
This terminology article starts with an explanation of the many 
different types of IDSs that exist today.
http://www.net-security.org/news.php?id=3657


VIRUS HITS FEDERAL VISA-CHECKING SYSTEM
A computer virus disrupted systems at the State Department for 
checking every visa applicant for terrorist or criminal history, 
leaving the U.S. government unable to issue visas for roughly 
nine hours.
http://www.net-security.org/news.php?id=3658


UECOMM'S AU NETWORK HIT BY ATTACKERS
Australian customers of broadband data services provider Uecomm 
were frustrated by two hours of intermittent service today, as 
malicious hackers flooded the network with spurious traffic.
http://www.net-security.org/news.php?id=3659


EBAY THIEF REVEALS TRICKS OF THE TRADE
‘Kenneth’ and friends claim $2 million stolen from Net users.
http://www.net-security.org/news.php?id=3660


AMD-HOSTED WLAN USED TO INFECT SECURITY HACK'S PC
AMD would like you to know that its mobile Athlon 64 goes very 
nicely with 802.11 wireless networking.
http://www.net-security.org/news.php?id=3661


PUTTING A STOP TO DATABASE PIRACY
The latest battle in the war against database piracy took place on 
Capitol Hill on Tuesday, as the Coalition Against Database Piracy 
testified before a joint House Judiciary and Energy and Commerce 
Subcommittee hearing on draft legislation to protect against 
database thievery.
http://www.net-security.org/news.php?id=3662


INCESSANT HACKING EXPOSED
Unprotected websites are attacked an average of 2,000 times a 
week, a new study has revealed.
http://www.net-security.org/news.php?id=3663


FREEING THE SHACKLES WITH SECURE REMOTE WORKING
Calum Macleod, European Director of Netilla Networks, highlights 
how the organisations are changing the way they work with 
secure remote access.
http://www.net-security.org/article.php?id=569


WAR DRIVE OF ATLANTA, CHICAGO AND SAN FRANCISCO
More than half of all access points still do not encrypt their 
traffic and 9 percent of all access points were determined to be 
unauthorized "rogues," according to a recent study of wireless 
LANs in the business districts of these cities.
http://www.net-security.org/news.php?id=3665


EXPLORING RSA ENCRYPTION IN OPENSSL
Using OpenSSL to explore some of the details of how RSA 
encryption works.
http://www.net-security.org/news.php?id=3666


WOMAN SENTENCED FOR INTERNET BANK THEFT
It used to be that bosses had to worry about who had the 
combination to the office safe. Now, it's who has the password 
to the internet banking account - as businessman John Bruderlin 
found after thousands of dollars disappeared.
http://www.net-security.org/news.php?id=3667


SMART CARDS TRACK COMMUTERS
Civil rights campaigners have expressed concerns about the new 
smart travelcards introduced for London commuters.
http://www.net-security.org/news.php?id=3668


BUGTRAQ ADMIN SAYS SUBMISSIONS NOT BEING DELAYED
Fears that postings to the Bugtraq security mailing list, which is 
owned by Symantec, are being deliberately delayed, have been 
dismissed by the list administrator, Dave Mirza Ahmad.
http://www.net-security.org/news.php?id=3669


WHO WRITES VIRUSES?
This year's deluge of worms may be the prelude to something 
more sinister.
http://www.net-security.org/news.php?id=3670


ATSTAKE FIRES EXECUTIVE OVER MICROSOFT CRITICISM
The chief technology officer for a technology firm that works 
closely with Microsoft Corp. lost his job after he helped write 
a study critical of the insecurity of Microsoft software.
http://www.net-security.org/news.php?id=3671


CAR SHOPPERS' CREDIT DETAILS EXPOSED IN BULK
At least 1,000 automobile shoppers who submitted online credit 
applications to any of 150 different automotive dealerships around 
the U.S. had their personal and financial details exposed on a 
publicly-accessible website.
http://www.net-security.org/news.php?id=3672


SIMPLIFY FOR SECURITY
It's been a bad month. We've learned of critical loopholes in 
recent versions of Windows and in even more versions of 
Microsoft Word.
http://www.net-security.org/news.php?id=3673


INTRUSION PREVENTION AND DETECTION
Organizations know they must protect themselves from the mysterious 
enemy that is a ‘hacker’ and viruses such as LoveLetter, but often 
there is a misguided belief that these external threats are the 
main risks to businesses.
http://www.net-security.org/news.php?id=3675

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

myServer 0.4.3 Directory Traversal Vulnerability
http://www.net-security.org/vuln.php?id=2965


Sbox Path Disclosure Vulnerability
http://www.net-security.org/vuln.php?id=2964


Cfengine2 cfservd Remote Stack Overflow Vulnerability
http://www.net-security.org/vuln.php?id=2963


Re-Boot Design ASP Forum SQL injection Vulnerability
http://www.net-security.org/vuln.php?id=2962


Thread-ITSQL Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=2961


Thread-IT Message Board Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=2960


Comment Board Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=2959


BRS WebWeaver Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=2958


TCLHttpd Server Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=2957


Gauntlet Firewall SQL-Gateway Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=2956


NULLhttpd Bad Request Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=2955


NULLhttpd Remote Resources Consumption Vulnerability
http://www.net-security.org/vuln.php?id=2954


MondoSoft MondoSearch File Creation Vulnerability
http://www.net-security.org/vuln.php?id=2953


ProFTPD ASCII File Remote Compromise Vulnerability
http://www.net-security.org/vuln.php?id=2952


WZFTPD Denial Of Service Vulnerability
http://www.net-security.org/vuln.php?id=2951


ColdFusion Cross Site Scripting Security Vulnerability
http://www.net-security.org/vuln.php?id=2950


SpeakFreely Malformed GIF Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=2949


SpeakFreely Spoofed Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=2948


Netup UTM Multiple Security Vulnerabilities
 http://www.net-security.org/vuln.php?id=2947


Xitami Open Source Web Server Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=2946


Powerslave Portalmanager Information Leakage Vulnerability
http://www.net-security.org/vuln.php?id=2945


myPHPnuke 1.8.8 SQL Injection Vulnerability
http://www.net-security.org/vuln.php?id=2944


Midnight Commander Uninitialized Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=2943

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

Debian Security Advisory - New marbles packages fix buffer overflow
http://www.net-security.org/advisory.php?id=2560


OpenPKG Security Advisory - proftpd (OpenPKG-SA-2003.043)
http://www.net-security.org/advisory.php?id=2559


OpenPKG Security Advisory - proftpd (OpenPKG-SA-2003.043)
http://www.net-security.org/advisory.php?id=2558


Conectiva Linux Security Announcement - php4 (CLA-2003:749)
http://www.net-security.org/advisory.php?id=2557


Guardian Digital Security Advisory - WebTool-userpass 
Passphrase disclosure vulnerability
http://www.net-security.org/advisory.php?id=2556


Turbolinux Security Announcement - Multiple PAM 
vulnerabilities in portable OpenSSH (24/Sep/2003)
http://www.net-security.org/advisory.php?id=2555


FreeBSD Security Advisory - denial of service due to 
ARP resource starvation
http://www.net-security.org/advisory.php?id=2554


SCO Security Advisory - OpenServer 5.0.7 OpenServer 5.0.6 
OpenServer 5.0.5: wu-ftpd fb_realpath() off-by-one bug 
(CSSA-2003-SCO.20)
http://www.net-security.org/advisory.php?id=2553


OpenPKG Security Advisory - openssh (OpenPKG-SA-2003.042)
http://www.net-security.org/advisory.php?id=2552


Slackware Security Advisory - WU-FTPD Security Advisory
http://www.net-security.org/advisory.php?id=2551


Slackware Security Advisory - ProFTPD Security Advisory
http://www.net-security.org/advisory.php?id=2550


Slackware Security Advisory - New OpenSSH packages
http://www.net-security.org/advisory.php?id=2549


Gentoo Linux Security Announcement - openssh (200309-14)
http://www.net-security.org/advisory.php?id=2548


Portable OpenSSH Security Advisory: sshpam.adv
http://www.net-security.org/advisory.php?id=2547


Apple Security Advisory - Mac OS X 10.2.8 Available 
(APPLE-SA-2003-09-22)
http://www.net-security.org/advisory.php?id=2546


Conectiva Linux Security Announcement - wu-ftpd (CLA-2003:748)
http://www.net-security.org/advisory.php?id=2545


Conectiva Linux Security Announcement - kde (CLA-2003:747)
http://www.net-security.org/advisory.php?id=2544


Debian Security Advisory - OpenSSH buffer management fix (DSA-383-2)
http://www.net-security.org/advisory.php?id=2543


Red Hat Security Advisory - Updated Perl packages 
fix security issues (RHSA-2003:256-01)
http://www.net-security.org/advisory.php?id=2542


Red Hat Security Advisory - Updated Apache and mod_ssl 
packages fix security vulnerabilities (RHSA-2003:243-01)
http://www.net-security.org/advisory.php?id=2541

----------------------------------------------------------------




[ Articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to articles@net-security.org

----------------------------------------------------------------

EXPLOITING THE MSRPC HEAP OVERFLOW – PART I
This little documentary chronicles the last moments of another 
beautiful moth, stuck somewhere between the two live electrical 
cords of security and freedom. In particular, this is my look at 
how to exploit the latest Microsoft RPCSS bug.
http://www.net-security.org/article.php?id=570


FREEING THE SHACKLES WITH SECURE REMOTE WORKING
Calum Macleod, European Director of Netilla Networks, highlights 
how the organisations are changing the way they work with 
secure remote access.
http://www.net-security.org/article.php?id=569


KNOW YOUR ENEMY: SEBEK2 - A KERNEL BASED DATA CAPTURE TOOL
Sebek is a piece of code the lives entirely in kernel space and 
records either some or all data accessed by users on the system. 
This paper is a detailed discussion of Sebek, how it works and 
its value.
http://www.net-security.org/article.php?id=568


CREATING TRUSTWORTHY ARCHIVES
The efficient and secure storage of business records is fundamental 
to the insurance industry. Since its conception, insurance services 
have needed to retain critical records to ensure the successful 
operation of their business.
http://www.net-security.org/article.php?id=567


DEFEATING THE STACK BASED BUFFER OVERFLOW PREVENTION 
MECHANISM OF MICROSOFT WINDOWS 2003 SERVER
This paper presents several methods of bypassing the protection 
mechanism built into Microsoft’s Windows 2003 Server that 
attempts to prevent the exploitation of stack based buffer 
overflows.
http://www.net-security.org/article.php?id=566

----------------------------------------------------------------




[ Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2


----------------------------------------------------------------

AUTAPF 1.0
AUTAPF is a UDP and TCP port forwarder (redirector). With this 
tool you can allow hosts of the Internet to connect to a local 
server behind a gateway computer.
http://www.net-security.org/software.php?id=516

----------------------------------------------------------------




[ Webcasts ]


All webcasts are located at: 
http://www.net-security.org/webcasts.php


----------------------------------------------------------------

Email Threats to Enterprise Security
Organized by ActiveState on 30 September 2003, 1:00 PM EST
http://www.net-security.org/webcast.php?id=54


Top 5 Ways to Make Your IDS Better
Organized by SANS on 1 October 2003, 1:00 PM EDT
http://www.net-security.org/webcast.php?id=6


Symantec Gateway Security
Organized by Symantec on 2 October 2003, 8:00 AM PT
http://www.net-security.org/webcast.php?id=56


Managed Security Services
Organized by eSecure Live on 2 October 2003, 3:00 PM ET
http://www.net-security.org/webcast.php?id=50


A Layered Approach to Wireless LAN Security & Management
Organized by AirDefense, Inc. on 7 October 2003, 2:00 PM EST
http://www.net-security.org/webcast.php?id=8


How to Get Your Network Hacked in 10 Easy Steps
Organized by Microsoft on 8 October 2003, 12:30 PM ET
http://www.net-security.org/webcast.php?id=36


Windows Server 2003 Security Improvements
Organized by Microsoft on 8 October 2003, 1:00 PM ET
http://www.net-security.org/webcast.php?id=37


How to Simplify Message-Level Exchange Recovery
Organized by Aelita Software on 9 October 2003, 1:00 PM ET
http://www.net-security.org/webcast.php?id=48


Identity Management
Organized by eSecure Live on 14 October 2003, 3:00 PM ET
http://www.net-security.org/webcast.php?id=51


Secure Wireless LANs with Windows Server 2003 PKI
Organized by Microsoft on 15 October 2003, 1:00 PM ET
http://www.net-security.org/webcast.php?id=38


Installing and Troubleshooting Microsoft SQL Server 
2000 Service Packs
Organized by Microsoft on 16 October 2003, 10:00 AM PT
http://www.net-security.org/webcast.php?id=28


Installing, Securing and Maintaining Wireless Networks
Organized by Microsoft on 17 October 2003, 12:30 PM ET
http://www.net-security.org/webcast.php?id=39


Network Threat Modeling
Organized by Microsoft on 22 October 2003, 11:00 AM ET
http://www.net-security.org/webcast.php?id=40


Using Microsoft Security Tools
Organized by Microsoft on 24 October 2003, 12:30 PM ET
http://www.net-security.org/webcast.php?id=41


Best of Breed
Organized by eSecure Live on 28 October 2003, 3:00 PM ET
http://www.net-security.org/webcast.php?id=52

----------------------------------------------------------------




[ Conferences ]


All conferences are located at: 
http://www.net-security.org/conferences.php


----------------------------------------------------------------

Wi-Fi Planet Conference & Expo Europe 2003
Organized by Jupitermedia Corp. - 29 September-30 September 2003
http://www.net-security.org/conference.php?id=39


SANS Los Angeles 2003
Organized by SANS - 29 September-4 October 2003
http://www.net-security.org/conference.php?id=41


InfowarCon 2003
Organized by Reed Exhibitions - 30 September-3 October 2003
http://www.net-security.org/conference.php?id=51


Black Hat Federal 2003 Briefings
Organized by Black Hat, Inc. - 1 October-2 October 2003
http://www.net-security.org/conference.php?id=4


6th Information Security Conference
Organized by Hewlett-Packard - 1 October-3 October 2003
http://www.net-security.org/conference.php?id=10


Biometrics 2003
Organized by Computers & Security Publication - 
1 October-1 October 2003
http://www.net-security.org/conference.php?id=16


Net Focus North America 2003
Organized by Baptie & Co - 7 October-8 October 2003
http://www.net-security.org/conference.php?id=59


Cyber Security in the Financial Services Sector Executive Summit
Organized by IMN - 9 October-10 October 2003
http://www.net-security.org/conference.php?id=35


SANS New York 2003
Organized by SANS - 9 October-14 October 2003
http://www.net-security.org/conference.php?id=44


Information Security Summit 2003
Organized by ISSA, ISACA, HTCIA and ASIS - 
14 October-15 October 2003
http://www.net-security.org/conference.php?id=11


WowGao Conference & Expo 2003
Organized by WowGao - 14 October-16 October 2003
http://www.net-security.org/conference.php?id=53


Net Focus UK 2003
Organized by Baptie & Co - 14 October-15 October 2003
http://www.net-security.org/conference.php?id=60


Security Decisions Conference
Organized by Information Security Magazine - 
15 October-17 October 2003
http://www.net-security.org/conference.php?id=42


Digital ID World 2003
Organized by Digital Identity World - 15 October-17 October 2003
http://www.net-security.org/conference.php?id=50

----------------------------------------------------------------




[ Security world ]


All press releases are located at:
http://www.net-security.org/press_main.php

Send your press releases to press@net-security.org

----------------------------------------------------------------

Kaspersky Labs Takes Advantage Of The Recent Microsoft Acquisition
http://www.net-security.org/press.php?id=1699


nCipher Announces Availability of Document Sealing Engine 
for Auditable Document Submission and Archival
http://www.net-security.org/press.php?id=1698


Network Associates' McAfee Personal Firewall Plus 5.0 Provides 
Consumers with the Latest Technology in 24/7 Home PC Protection
http://www.net-security.org/press.php?id=1697


Sophos Acquires Anti-Spam Specialist ActivesState
http://www.net-security.org/press.php?id=1696


Aventail Partners with Akaba, Foundstone, Qualys, Sanctum and 
VIGILANTe to Guarantee Security on Any Network and with Any 
Application
http://www.net-security.org/press.php?id=1695


Panda Software and HP Join Forces on The Internet
http://www.net-security.org/press.php?id=1694


Sygate Announces Sygate Security Portal
http://www.net-security.org/press.php?id=1693


GFI Releases Freeware Anti-Virus Version of GFI 
DownloadSecurity for ISA Server
http://www.net-security.org/press.php?id=1692


Ubizen Joins NetScreen Global Security Alliance
http://www.net-security.org/press.php?id=1691

----------------------------------------------------------------




[ Virus News ]


All virus news are located at: 
http://www.net-security.org/viruses.php 


----------------------------------------------------------------

Weekly Virus Report - Gaobot.M, Opaserv.Y and Colevo.A Worms
http://www.net-security.org/virus_news.php?id=311


Panda Software Reports the Appearance of Opaserv.Y Worm
http://www.net-security.org/virus_news.php?id=310

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:
 
Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


-------------------------------------------------------------------
FREE GUIDE-128-bit encryption
-------------------------------------------------------------------
Thawte is one of the few companies that offers 128 bit supercerts.
A supercerts will allow you to extend the highest allowed 128 bit 
encryption to all your clients even if they use browsers that are 
limited to 40 bit encryption.
-------------------------------------------------------------------
Download a guide to learn more.
http://ad.doubleclick.net/clk;6091071;8369141;h
-------------------------------------------------------------------