HNS Newsletter
Issue 183 - 13.10.2003.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week.


----------------------------------------------------------------
GET THAWTE’S NEW STEP-BY-STEP SSL GUIDE FOR MSIIS
----------------------------------------------------------------
In this guide you will find out how to test, purchase, install 
and use a Thawte Digital Certificate on you MSIIS web server. 
Throughout, best practices for set-up are highlighted to help 
you ensure efficient ongoing management of your encryption 
keys and digital certificates.
----------------------------------------------------------------
Get you copy of this new guide now:
http://ad.doubleclick.net/clk;6091068;8369143;p
----------------------------------------------------------------


Table of contents:
 
1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Reviews
6) Webcasts
7) Conferences
8) Security world
9) Virus news


[ Security news ]

 
----------------------------------------------------------------

IM MENACE QUADRUPLES
Attacks against firms via instant messaging services are rising 
rapidly, according to experts.
http://www.net-security.org/news.php?id=3732


FAME, INFAME, ALL THE SAME
Blowing the lid off the altruistic computer security town-crier 
angle.
http://www.net-security.org/news.php?id=3733


DHS LAUNCHES CYBERSECURITY MONITORING PROJECT
System will analyze attacks, virus and worm outbreaks in real time.
http://www.net-security.org/news.php?id=3734


FRONT LINE SECURITY - SCREEN SAVERS
Activating a password-protected screensaver on users' desktops 
often provides more protection from unauthorized access than by 
issuing them with strong network login passwords, according to 
TruSecure.
http://www.net-security.org/news.php?id=3735


ORGANISED CRIME TARGETS ALL IT STAFF
Employees persuaded to infiltrate IT systems, warns High Tech 
Crime Unit.
http://www.net-security.org/news.php?id=3736


STUDENTS TOIL AS SPYWARE HUNTERS
A pair of high school seniors team up to track down the creators 
behind Xupiter, a particularly agressive spyware invading thousands 
of computers. They are donating many hours of their time to help 
bring them to court.
http://www.net-security.org/news.php?id=3737


CONFESSIONS OF A HACKER
By the age of 20, Benjamin Breuninger's life was a mess. Estranged 
from his mother and stepfather, a dropout with no job and months 
behind on his rent, he often went a day or more without eating.
http://www.net-security.org/news.php?id=3738


HACKERS STEAL ENTIRE HALF-LIFE 2 CODE
The entire source code for the much-anticipated Half-Life 2 has 
been leaked to the Internet, according to a security expert.
http://www.net-security.org/news.php?id=3739


SMART CARDS GET REALLY SMART
Researchers at the University of Pennsylvania have developed 
smart credit cards with embedded microchips.
http://www.net-security.org/news.php?id=3740


DEMYSTIFYING THOSE MICROSOFT VULNERABILITIES
Microsoft issues patches for vulnerabilities in its software at the 
rate of about one a week - the 40 weeks of 2003 have seen 
exactly the same number of advisories though some weeks 
have been more "patchy" than others.
http://www.net-security.org/news.php?id=3741


TIME TO RECALL E-VOTE MACHINES?
Recent reports claim the software in Diebold electronic voting 
machines is insecure. But the policies and procedures for using 
the system in California's recall election raise concerns that 
the software isn't the only problem.
http://www.net-security.org/news.php?id=3744


RISE OF WIRELESS VPNS COULD IMPROVE PC SECURITY
The development of wireless technology and virtual private 
networks offers the possibility of major changes to network 
architecture.
http://www.net-security.org/news.php?id=3745


SECURITY WORRIES PROMPT P2P UPGRADE
Earthstation 5 has released a new edition of its file-swapping 
software, responding to reports that running older versions 
could let hackers delete critical files on a users' computer.
http://www.net-security.org/news.php?id=3746


LINUX VS. WINDOWS VIRUSES: A REBUTTAL
The single biggest security issue facing Linux users at the moment 
is the misconception perpetuated by highly vocal advocates that 
Linux is somehow impenetrable to security-based attacks, and 
in particular, viruses and other malware.
http://www.net-security.org/news.php?id=3747


EX-VIEWSONIC EMPLOYEE PLEADS GUILTY TO HACK
A former network administrator for computer-monitor maker 
ViewSonic pleaded guilty Monday to illegally accessing a company 
server and deleting critical data two weeks after the firm had 
fired him, the U.S. Department of Justice said in a statement.
http://www.net-security.org/news.php?id=3748


HACKER ATTACK LEFT PORT IN CHAOS
Busiest US port hit after Dorset teenager allegedly launched 
electronic sabotage against chatroom user.
http://www.net-security.org/news.php?id=3749


E-VOTING: DEMOCRATIC OR DANGEROUS?
California goes to the polls on Tuesday to select its governor in 
an election where many will cast their votes not by putting a 
cross on a ballot paper, or by punching holes in a piece of card, 
but on computerised electronic voting machines.
http://www.net-security.org/news.php?id=3750


SECURITY: A FEDERAL CASE
The department of energy has done something unusual for a 
federal agency. It has become an example of excellent cyber
security practice.
http://www.net-security.org/news.php?id=3751


FIRED @STAKE CTO DAN GEER TALKS
Geer defends decision to involve CCIA in security report's release.
http://www.net-security.org/news.php?id=3752


FBI SLAMMED OVER HANDLING OF HACKER CASE
The Justice Department said Monday the FBI didn't follow proper 
procedure when it notified reporters their notes might be 
subpoenaed in the case against Adrian Lamo.
http://www.net-security.org/news.php?id=3753


VIRUS TERROR LINKS PROBED
Britain's task force against high-tech crime is investigating 
possible links between virus writers and extremist groups.
http://www.net-security.org/news.php?id=3754


SHIFT KEY BREAKS CD COPY LOCKS
A Princeton University student has published instructions for 
disabling the new anticopying measures being tested on CDs 
by BMG--and they're as simple as holding down a computer's 
Shift key.
http://www.net-security.org/news.php?id=3755


EXPECT TERRORIST ATTACKS ON GLOBAL FINANCIAL SYSTEM
A successful terrorist attack on America's financial infrastructure 
could bring the US and global economies to a standstill, and the 
real surprise is that it hasn't been attempted yet.
http://www.net-security.org/news.php?id=3756


BOSSES ARE THE WEAKEST LINK
Security best practice? I'll phone a friend.
http://www.net-security.org/news.php?id=3757


BUILD AN INTERNET SERVER ON A SHOESTRING
If you're thinking about setting up an Internet server but don't 
have much money, this article is for you. It describes how to 
build and deploy a Web server for under $250.00, using a 
broadband connection, Red Hat Linux and other free software
and a very small budget.
http://www.net-security.org/news.php?id=3758


COMPANIES STILL GET IT WRONG ON SECURITY
Hardware and software vendors are guilty of hyping external IT 
security threats while failing to warn companies sufficiently 
about internal risks, according to a survey of senior executives 
by the Economist Intelligence Unit in association with AT&T.
http://www.net-security.org/news.php?id=3759


UK LAW: TWO YEARS FOR FILE SWAPPING?
UK file swappers face up to two years' imprisonment under new
copyright regulations under the provisions of a European directive, 
that are expected to take effect in the UK this month.
http://www.net-security.org/news.php?id=3761


ACCUSED PORT HACKER SAYS LOG FILES WERE 'EDITED'
A teenager accused of launching an attack on one of the US's 
biggest ports has claimed flaws in Windows allowed the real 
attacker to frame him.
http://www.net-security.org/news.php?id=3762


MORE ENTERPRISES PLANNING SECURE WLAN ROLLOUTS
IT administrators have pretty much conceded that wireless local 
area networks are an inevitability for the enterprise.
http://www.net-security.org/news.php?id=3764


A HARVEST OF SECURITY CERTIFICATIONS
Emmett Dulaney provides a bountiful (and alphabetical!) list 
of security certifications.
http://www.net-security.org/news.php?id=3765


CLOAKING DEVICE MADE FOR SPAMMERS
Once looked down upon, the junk e-mail business is now luring 
money-grubbing crackers. One of the first fruits of the new 
cracker-spammer union is "invisible" websites that can't be 
traced.
http://www.net-security.org/news.php?id=3767


HOUSE VOTES TO LOCK OUT P2P THREAT
The U.S. House of Representatives voted on Wednesday to 
require the government to set up its computers so they are 
not exposed to security risks associated with peer-to-peer 
networks.
http://www.net-security.org/news.php?id=3768


WHAT TO DO BEFORE THE RIAA KNOCKS
You don't want to be subpoenaed, but if you are served, be 
prepared.
http://www.net-security.org/news.php?id=3769


11,000 IP ADDRESSES FOUND ON ACCUSED HACKER'S PC
Police found a file containing more than 11,000 vulnerable servers 
on the PC owned by a teenager accused of attacking a US port 
with a massive DDoS attack, a court heard today.
http://www.net-security.org/news.php?id=3770


NO 'BIG BANG' SECURITY FIX - MICROSOFT
Microsoft says any changes it makes to improve security will 
be evolutionary rather than having an instant effect.
http://www.net-security.org/news.php?id=3771


UPDATED TOP 20 VULNERABILITIES LIST BY SANS
The Top Twenty is a consensus list of vulnerabilities that require 
immediate remediation. It is the result of a process that brought 
together dozens of leading security experts.
http://www.net-security.org/news.php?id=3772


DISGRUNTLED PHILLIES FAN ARRESTED IN HACKING
Federal officers arrested a disgruntled Philadelphia Phillies fan in 
California on charges of hacking into computers and sending 
thousands of spam e-mails to sports writers at two Philadelphia 
newspapers.
http://www.net-security.org/news.php?id=3773


IBM UNVEILS WIRELESS IDS SERVICE
Citing the "explosion" of wireless hotspots in public spaces, homes 
and businesses, IBM Corp. on Wednesday unveiled a new managed 
IDS (intrusion detection service) targeted at wireless networks.
http://www.net-security.org/news.php?id=3774


TECHNOLOGY HELPS TO REMEMBER PASSWORDS
The software kicks in when the user visits a specific web site - 
the sign-on page for your online bank, for example - and fills in 
your user name and password and will even click the Submit 
button for you.
http://www.net-security.org/news.php?id=3776


HACKER BUSTED FOR IDENTITY THEFT
Teen tricked surfers into downloading a key-logging tool.
http://www.net-security.org/news.php?id=3777


PRINCETON STUDENT SUED OVER PAPER ON CD COPYING
Three days after a Princeton graduate student posted a paper on 
his Web site detailing how to defeat the copy-protection software 
on a new music CD by pressing a single computer key, the maker 
of the software said on Thursday it would sue him.
http://www.net-security.org/news.php?id=3778


SNOOP SOFTWARE GAINS POWER AND RAISES PRIVACY CONCERNS
Mr. Eaton is the founder of TrueActive, which makes a computer 
program that buyers can install on a target computer and monitor 
everything that the machine's user does on the PC.
http://www.net-security.org/news.php?id=3779


EXPERT UNDERMINES HACKING SUSPECT'S DEFENCE
An expert witness has undermined the hacking suspect's claim that 
he was framed for an Internet attack on a major US port.
http://www.net-security.org/news.php?id=3780


PUBLIC FIRMS MAY BE FORCED TO DISCLOSE COMPUTER SECURITY STEPS
Companies that sell stock to the public may be required to disclose 
what they are doing to protect their computer systems, Homeland 
Security Secretary Tom Ridge said Thursday.
http://www.net-security.org/news.php?id=3781


IT MANAGERS BECOME CYBER SECURITY GUARDS
After the spate of critical updates and warnings over computer 
viruses issued in August and September, IT managers themselves 
may feel that they are on the verge of crashing.
http://www.net-security.org/news.php?id=3782


EBAY LAPTOP FRAUD CASE WIDENS
In what prosecutors say is the nation's marquee cyber fraud case, a 
federal grand jury has handed up a new indictment against a Utah 
man for allegedly bilking hundreds of would-be eBay laptop computer 
buyers.
http://www.net-security.org/news.php?id=3783


BALLMER: HOW WE'LL HELP CUSTOMER SECURITY
In a speech at Microsoft's worldwide partner conference last night, 
CEO Steve Ballmer outlined new initiatives in the company's security
efforts, including “improved patch management processes…and 
technologies”, global education programmes and tools for securing 
systems.
http://www.net-security.org/news.php?id=3784


WEB SITE WELCOMES HACKERS
Two Spanish security experts are inviting computer buffs to 
participate in a competition to deface a Web site on a production 
server.
http://www.net-security.org/news.php?id=3785


BUILDING AN ADVANCED MAIL SERVER, PART 2
Today we are going to add a web interface to our new mail server 
using SquirrelMail and Apache. 
http://www.net-security.org/news.php?id=3787

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

OpenOffice Desktop Denial of Service Vulnerability
http://www.net-security.org/vuln.php?id=2999


Microsoft Windows Server 2003 "Shell Folders" Directory 
Traversal Vulnerability
http://www.net-security.org/vuln.php?id=2998


Hummingbird CyberDocs DocsFusion Server SQL Injection 
Vulnerability
http://www.net-security.org/vuln.php?id=2997


Hummingbird CyberDocs DocsFusion Server Webroot 
Disclosure Vulnerability
http://www.net-security.org/vuln.php?id=2996


Hummingbird CyberDocs DocsFusion Server Source 
Code Reading Vulnerability
http://www.net-security.org/vuln.php?id=2995


Hummingbird CyberDocs DocsFusion Server Multiple 
Cross Site Scripting Vulnerabilities
http://www.net-security.org/vuln.php?id=2994


PeopleSoft People Tools Information Disclosure Vulnerability
http://www.net-security.org/vuln.php?id=2993


PeopleSoft People Tools Data Upload Vulnerabilities
 http://www.net-security.org/vuln.php?id=2992


HPUX dtprintinfo Buffer Overflow Vulnerability
 http://www.net-security.org/vuln.php?id=2991


Adobe SVG Viewer Cross Domain and Zone Access Vulnerability
http://www.net-security.org/vuln.php?id=2990


Adobe SVG Viewer Local and Remote File Reading Vulnerability
http://www.net-security.org/vuln.php?id=2989


Adobe SVG Viewer Active Scripting Bypass Vulnerability
http://www.net-security.org/vuln.php?id=2988


Slocate Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=2987


JBoss 3.2.1 Remote Command Injection Vulnerability
http://www.net-security.org/vuln.php?id=2986


GuppY 2.4p3 Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=2985


SNAP Innovation PrimeBase Database 4.2 Poor Default 
File Permissions Vulnerability
http://www.net-security.org/vuln.php?id=2984


Easy File Sharing Web Server Multiple Vulnerabilities
 http://www.net-security.org/vuln.php?id=2983


Cobalt RaQ Control Panel Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=2982


Divine OpenMarket Content Server Cross Site Scripting 
Vulnerability
http://www.net-security.org/vuln.php?id=2981


Fortigate Firewall Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=2980


Conexant Access Runner DSL Console Login Bypass 
Vulnerability
http://www.net-security.org/vuln.php?id=2979


PHP-Nuke v 6.7 File Upload Vulnerability 
http://www.net-security.org/vuln.php?id=2978

----------------------------------------------------------------


----------------------------------------------------------------
HNS BOOK GIVEAWAY
----------------------------------------------------------------
Get some free knowledge on Linux security, Internet security, 
wireless security or Google. Enter our book giveaway right 
away and try out your luck. You just may win an O'Reilly book!
----------------------------------------------------------------
http://www.net-security.org/news.php?id=3788
----------------------------------------------------------------



[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

HP Security Bulletin - Tru64 - HP-UX sendmail buffer 
overflow (SSRT3531 revised)
http://www.net-security.org/advisory.php?id=2622


HP Security Bulletin - Tru64 Potential Security Vulnerability 
with dtmailpr (SSRT3589)
http://www.net-security.org/advisory.php?id=2621


NetBSD Security Advisory - OpenSSL multiple vulnerabilities 
(2003-017)
http://www.net-security.org/advisory.php?id=2620


NetBSD Security Advisory - Sendmail - another 
prescan() bug (2003-016)
http://www.net-security.org/advisory.php?id=2619


NetBSD Security Advisory - Remote and local vulnerabilities 
in XFree86 font libraries (2003-015)
http://www.net-security.org/advisory.php?id=2618


Mandrake Linux Security Update Advisory - sane 
(MDKSA-2003:099)
http://www.net-security.org/advisory.php?id=2617


Red Hat Security Advisory - Updated MySQL packages 
fix vulnerability (RHSA-2003:281-01)
http://www.net-security.org/advisory.php?id=2616


Turbolinux Security Announcement - Multiple vulnerabilities 
in pine (08/Oct/2003)
http://www.net-security.org/advisory.php?id=2615


Red Hat Security Advisory - Updated SANE packages 
fix remote vulnerabilities (RHSA-2003:278-01)
http://www.net-security.org/advisory.php?id=2614


Turbolinux Security Announcement - MySQL Buffer 
overflow (07/Oct/2003)
http://www.net-security.org/advisory.php?id=2613


Conectiva Security Announcement - mplayer (CLA-2003:760)
http://www.net-security.org/advisory.php?id=2612


Apple Security Advisory - Mac OS X 10.2.8 Revised 
(APPLE-SA-2003-10-03)
http://www.net-security.org/advisory.php?id=2611


Microsoft Security Bulletin MS03-040 - Cumulative Patch 
for Internet Explorer (828750)
http://www.net-security.org/advisory.php?id=2610


FreeBSD Security Advisory - OpenSSH PAM challenge/authentication 
error (FreeBSD-SA-03:15.openssh)
http://www.net-security.org/advisory.php?id=2609


FreeBSD Security Advisory - OpenSSL vulnerabilities in ASN.1 
parsing (FreeBSD-SA-03:18.openssl)
http://www.net-security.org/advisory.php?id=2608


SOT Linux Security Advisory - Updated openssl package 
for SOT Linux 2003
http://www.net-security.org/advisory.php?id=2607


SCO Security Advisory - OpenLinux: OpenSSH: multiple 
buffer handling problems (CSSA-2003-027.0)
http://www.net-security.org/advisory.php?id=2606


SCO Security Advisory - OpenLinux: Updated stunnel 
packages fix signal vulnerability (CSSA-2003-026.0)
http://www.net-security.org/advisory.php?id=2605


SCO Security Advisory - OpenLinux: wget: Buffer overflow 
(CSSA-2003-025.0)
http://www.net-security.org/advisory.php?id=2604


SCO Security Advisory - OpenLinux: wu-ftpd fb_realpath() 
off-by-one bug (CSSA-2003-024.0)
http://www.net-security.org/advisory.php?id=2603


Red Hat Security Advisory - Updated Perl packages fix 
security issues (RHSA-2003:256-02)
http://www.net-security.org/advisory.php?id=2602


Gentoo Linux Security Announcement - cfengine (200310-2)
http://www.net-security.org/advisory.php?id=2601

----------------------------------------------------------------




[ Articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to articles@net-security.org

----------------------------------------------------------------

SECURITY FOR CABLE MODEM, DSL, AND OTHER REMOTE 
USER INTERNET CONNECTIONS
While modern Internet connection services are a boon to 
telecommuting and other off-premises applications, it is 
critical that they are safely deployed and maintained through 
prudent protection and security testing practices.
http://www.net-security.org/article.php?id=574


INTERVIEW WITH JAMIE CAMERON
The author of "Managing Linux Systems with Webmin" discusses 
the book and the development of Webmin.
http://www.net-security.org/article.php?id=575


RSA SECURITY SUPPORTS MICROSOFT SECURITY INITIATIVES
RSA Security offered support for Microsoft Corp.'s newly 
announced enhanced security initiatives, including a commitment 
to continued product development and industry education on the 
impact of information security threats on individuals and businesses.
http://www.net-security.org/article.php?id=576


IS YOUR SITE BEING HACKED WITHOUT YOUR KNOWLEDGE?
Hackers manage to successfully break into systems much more 
often than you might realise. Just ask any member of a penetration 
testing team. These people hack for a living, with the explicit 
permission of the companies whose systems they are targeting, 
in order to highlight weaknesses.
http://www.net-security.org/article.php?id=577

----------------------------------------------------------------




[ Reviews ]


All reviews are located at: 
http://www.net-security.org/reviews.php 


----------------------------------------------------------------

RED HAT LINUX 9 UNLEASHED
To be honest, I don't like books that try to cover all about one 
complex system such as a new version of Red Hat, although I 
must admit I did enjoy this book. The beauty behind this book 
is that the authors have put many small, but valuable tips on 
configuring services or utilities.
http://www.net-security.org/review.php?id=106

----------------------------------------------------------------




[ Webcasts ]


All webcasts are located at: 
http://www.net-security.org/webcasts.php


----------------------------------------------------------------

An Introduction to Apache 2.0
Organized by Covalent on 14 October 2003, 11:00 AM PDT
http://www.net-security.org/webcast.php?id=63


Secure Environments for Small and Mid-sized Businesses - 
Module 4: Managing and Optimizing an SMB Secured Environment
Organized by Network Associates on 14 October 2003, 11:00 AM PT
http://www.net-security.org/webcast.php?id=67


The Basics of WLAN Security
Organized by Funk Software on 14 October 2003, 1:00 PM EDT
http://www.net-security.org/webcast.php?id=61


Identity Management
Organized by eSecure Live on 14 October 2003, 3:00 PM ET
http://www.net-security.org/webcast.php?id=51


Secure Wireless LANs with Windows Server 2003 PKI
Organized by Microsoft on 15 October 2003, 1:00 PM ET
http://www.net-security.org/webcast.php?id=38


Wireless LAN Technology - Implications for Financial 
Service Providers
Organized by AirDefense on 15 October 2003, 2:00 PM ET
http://www.net-security.org/webcast.php?id=58


Installing and Troubleshooting Microsoft SQL Server 2000 
Service Packs
Organized by Microsoft on 16 October 2003, 10:00 AM PT
http://www.net-security.org/webcast.php?id=28


Staying One Step Ahead of Attackers with Symantec 
DeepSight Threat Management System
Organized by Symantec on 16 October 2003, 11:00 AM PT
http://www.net-security.org/webcast.php?id=69


An Introduction to Threat Intelligence
Organized by LURHQ Corp on 16 October 2003, 2:00 PM EST
http://www.net-security.org/webcast.php?id=64


Industry Expert Advice for Effective Network Management 
Strategies (Module Four)
Organized by Network Associates on 17 October 2003, 10:00 AM PT
http://www.net-security.org/webcast.php?id=68


Installing, Securing and Maintaining Wireless Networks
Organized by Microsoft on 17 October 2003, 12:30 PM ET
http://www.net-security.org/webcast.php?id=39


Network Threat Modeling
Organized by Microsoft on 22 October 2003, 11:00 AM ET
http://www.net-security.org/webcast.php?id=40


Using Microsoft Security Tools
Organized by Microsoft on 24 October 2003, 12:30 PM ET
http://www.net-security.org/webcast.php?id=41


Best of Breed
Organized by eSecure Live on 28 October 2003, 3:00 PM ET
http://www.net-security.org/webcast.php?id=52


Enterprise Storage: Best Practices
Organized by ShoutStream on 29 October 2003, 3:00 PM ET
http://www.net-security.org/webcast.php?id=66

----------------------------------------------------------------




[ Conferences ]


All conferences are located at: 
http://www.net-security.org/conferences.php


----------------------------------------------------------------

Information Security Summit 2003
Organized by ISSA, ISACA, HTCIA and ASIS - 14 October-
15 October 2003
http://www.net-security.org/conference.php?id=11


WowGao Conference & Expo 2003
Organized by WowGao - 14 October-16 October 2003
http://www.net-security.org/conference.php?id=53


Net Focus UK 2003
Organized by Baptie & Co - 14 October-15 October 2003
http://www.net-security.org/conference.php?id=60


Security Decisions Conference
Organized by Information Security Magazine - 15 October-
17 October 2003
http://www.net-security.org/conference.php?id=42


Digital ID World 2003
Organized by Digital Identity World - 15 October-17 October 2003
http://www.net-security.org/conference.php?id=50


BindView Insight User Conference 2003
Organized by BindView - 15 October-17 October 2003
http://www.net-security.org/conference.php?id=54


Applied Cryptography and Network Security (ACNS) 2003
Organized by MiAn (ONETS) Pte Ltd. - 16 October-19 October 2003
http://www.net-security.org/conference.php?id=18


G-CON 2
Organized by G-CON - 17 October-19 October 2003
http://www.net-security.org/conference.php?id=69


SecurIT Summit 2003
Organized by Marcus Evans Ltd - 20 October-22 October 2003
http://www.net-security.org/conference.php?id=2


Infosecurity China 2003
Organized by Reed Exhibition Companies - 21 October-23 October 2003
http://www.net-security.org/conference.php?id=32


St. Louis e-Security/HIPAA Security and Privacy Conference 2003
Organized by Data Connectors - 23 October-24 October 2003
http://www.net-security.org/conference.php?id=36


SANS Amsterdam 2003
Organized by SANS - 27 October-1 November 2003
http://www.net-security.org/conference.php?id=63


Storage Networking World 2003 Orlando
Organized by Miller Systems - 27 October-30 October 2003
http://www.net-security.org/conference.php?id=71


The 5th Wireless Internet Data & Enterprise Applications Conference
Organized by UCLA - 29 October-30 October 2003 
http://www.net-security.org/conference.php?id=65

----------------------------------------------------------------




[ Security world ]


All press releases are located at:
http://www.net-security.org/press_main.php

Send your press releases to press@net-security.org

----------------------------------------------------------------

Check Point Introduces VPN-1 Edge Appliance Family for 
Securing Remote Sites and Deploying Large Scale VPNs
http://www.net-security.org/press.php?id=1738


GFI Products Ready for Microsoft Exchange Server 2003
http://www.net-security.org/press.php?id=1737


Nexus Anti-Virus Breakthrough Fights ‘Insider’ Attacks
http://www.net-security.org/press.php?id=1736


Panda Software Announces the Availability of the New 
Titanium Antivirus 2004 Beta Version
http://www.net-security.org/press.php?id=1735


Evidian Announces AccessMaster NG - A New Generation 
Software Suite to Secure The Extended Enterprise
http://www.net-security.org/press.php?id=1734


Panda Software and Arrakis Team up in The Fight 
Against Computer Viruses
http://www.net-security.org/press.php?id=1733


Forum Systems Joins the RSA Secured Partner Program
http://www.net-security.org/press.php?id=1732


Rep. Adam Putnam Discusses Critical Infrastucture 
Security Initiatives at (ISC)2 Annual Meeting
http://www.net-security.org/press.php?id=1731


Sigaba Enhances Next Generation Secure E-mail Solution
http://www.net-security.org/press.php?id=1730


Vexira Antivirus Selected To Protect 15,000 Email 
Users From Computer Viruses
http://www.net-security.org/press.php?id=1729


Iserv Selects Cobion's OrangeBox Web for Content 
Filtering Service - iGuard
http://www.net-security.org/press.php?id=1728


Pointsec Signs Agreement with Dutch Government Organisation 
- Sells 5,000 Plus Licenses for Pointsec for PC
http://www.net-security.org/press.php?id=1727


Zix Corporation Introduces Advanced Secure Communications 
Exchange Portal
http://www.net-security.org/press.php?id=1726


Online Banking, Receiving and Paying Bills Online Can 
Protect Against Identity Theft
http://www.net-security.org/press.php?id=1725


Excedent Launches Webmail.us To Serve Small 
Business Email Needs
http://www.net-security.org/press.php?id=1724


New nCipher netHSM Strengthens Market Leadership 
in Cryptographic Hardware Security
http://www.net-security.org/press.php?id=1723


F-Secure's Security Solutions to Czech Telecom's Customers
http://www.net-security.org/press.php?id=1722


NetScreen To Acquire Neoteris, SSL VPN Market Leader
http://www.net-security.org/press.php?id=1721


Anonymizer Launches Revolutionary New Privacy Manager – 
the Internet Users’ Equivalent to the FTC’s “Do Not Call” List
http://www.net-security.org/press.php?id=1720

----------------------------------------------------------------




[ Virus News ]


All virus news are located at: 
http://www.net-security.org/viruses.php 


----------------------------------------------------------------

Weekly Virus Report - IRCBot.D, Ruledor.A and Pup.A 
Trojans, Gaobot and Give Worms
http://www.net-security.org/virus_news.php?id=318


Court Interpreters Strike After Pay Rise Delayed by Computer Virus
http://www.net-security.org/virus_news.php?id=317

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:
 
Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


----------------------------------------------------------------
GET THAWTE’S NEW STEP-BY-STEP SSL GUIDE FOR MSIIS
----------------------------------------------------------------
In this guide you will find out how to test, purchase, install 
and use a Thawte Digital Certificate on you MSIIS web server. 
Throughout, best practices for set-up are highlighted to help 
you ensure efficient ongoing management of your encryption 
keys and digital certificates.
----------------------------------------------------------------
Get you copy of this new guide now:
http://ad.doubleclick.net/clk;6091068;8369143;p
----------------------------------------------------------------