HNS Newsletter
Issue 193 - 22.12.2003.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week.


-------------------------------------------------------------------
FREE GUIDE-128-bit encryption
-------------------------------------------------------------------
Thawte is one of the few companies that offers 128 bit supercerts.
A supercerts will allow you to extend the highest allowed 128 bit 
encryption to all your clients even if they use browsers that are 
limited to 40 bit encryption.
-------------------------------------------------------------------
Download a guide to learn more.
http://ad.doubleclick.net/clk;6091071;8369141;h
-------------------------------------------------------------------


Table of contents:
 
1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Webcasts
6) Conferences
7) Security world
8) Virus news


[ Security news ]

 
----------------------------------------------------------------

LINUX IN THE SECURITY CROSSHAIRS
Compared to Windows, Linux has enjoyed a reputation as a stable 
and secure operating systems, thanks in large part to an 
enthusiastic open source community that plugs holes before 
they create problems.
http://www.net-security.org/news.php?id=4265


WILL VOIP BE WIRETAP-READY?
Widespread consumer Internet telephony could come with an 
easy-to-use government surveillance capability. 
http://www.net-security.org/news.php?id=4266


E-SHOT IN THE TERRORIST’S ARM
The potential growth areas of cyber crime include virus-writing, 
hacking and auction fraud. According to an expert on Net 
security, fraudsters can easily reprint credit cards using the 
numbers pillaged during manual swipes and use it for transactions 
that appear quite legitimate on the face of it.
http://www.net-security.org/news.php?id=4267


E-CRIME GUIDELINES GOOD FOR SECURITY SALES
NHTCU framework could drive sales of security products and 
services to SMEs.
http://www.net-security.org/news.php?id=4268


HACKING FOR DOLLARS
The lone computer geek—a bit rebellious, but with a heart of 
gold—is being eclipsed by the hardened professional criminal, 
who uses the Internet for spying, stealing and extortion.
http://www.net-security.org/news.php?id=4269


MIGRATING TO ASTARO SECURITY LINUX
Fed up with expensive, complicated firewalls, e-gaming company 
opts for open-source security solution.
http://www.net-security.org/news.php?id=4270


SPAM WARS PLAY OUT ACROSS INTERNET
Rules are simple: One side floods the market, other side 
hits delete.
http://www.net-security.org/news.php?id=4271


SCO: 'WE HAVE PROOF DOS ATTACK WAS REAL'
The editors of NewsForge.com received an email from the SCO 
Group's public relations agency, with the subject "DDOS ATTACK 
ON SCO WAS REAL." Read more to see what was inside.
http://www.net-security.org/news.php?id=4272


THE YEAR OF THE WORM
The year 2003 has clearly been the worst in virus history. At 
the same time, the entire computer virus phenomenon saw its 
20th birthday this year.
http://www.net-security.org/news.php?id=4273


CISCO RELEASES SECURITY PATCH FOR AIRONET
Aironet wireless access point users faced a rushed upgrade 
following a Cisco security alert two weeks ago.
http://www.net-security.org/news.php?id=4274


BUSH SET TO OK SPAM BILL - BUT CRITICS NOT CONVINCED
President Bush is expected to sign the "CAN-SPAM" bill Tuesday, 
creating the first federal law regulating spam, a move backers 
say would be a major step in the war against e-mail solicitations 
for pornography, Viagra, diet pills, get-rich-quick schemes and 
the like.
http://www.net-security.org/news.php?id=4275


DON'T LEAVE HOLES IN YOUR PATCHING POLICIES
With network device vulnerabilities being discovered all the time, 
should you be monitoring patch management yourself, or is 
outsourcing the best option?
http://www.net-security.org/news.php?id=4276


STOP! ID THIEF!
Identity theft is common—but keeping a watchful eye on your 
credit card accounts is now easy.
http://www.net-security.org/news.php?id=4277


SCO ATTACKS KEEP COMING BACK
More Internet attacks cut off access to the SCO Group's servers 
this past weekend and again on Monday, as the Unix software 
company struggled to stop the hackers.
http://www.net-security.org/news.php?id=4278


XMAS VIRUS ON THE CARDS
Users warned to beware emails bearing .gifs.
http://www.net-security.org/news.php?id=4279


FASTER, MORE SECURE WIFI
But 802.11g does beat 802.11b in terms of security. The older WiFi 
used a scheme called WEP to defy eavesdropping attempts - but in 
practice, even semi-skilled hackers can defeat it.
http://www.net-security.org/news.php?id=4281


SALES LEAP FOR CORPORATE SECURITY APPLIANCES
Sales of high-end security appliances have surged in the third 
quarter of 2003, as enterprises install them in their main networks, 
having seen lower-end devices prove themselves in branch offices, 
according to the latest figures from analyst firm IDC.
http://www.net-security.org/news.php?id=4282


MAINFRAME SECURITY: GOOD ENOUGH FOR THE 21ST CENTURY?
The mainframe is the hub of a network of connected devices, 
making it ever more vulnerable to attacks.
http://www.net-security.org/news.php?id=4283


UKRAINIAN HACKER TO BE EXTRADITED
A Thai court Tuesday approved the extradition of a Ukrainian man 
to the United States for alleged computer crimes, including the 
sale of counterfeit software that deprived American companies 
of millions of dollars.
http://www.net-security.org/news.php?id=4284


WINDOWS-STYLE SECURITY HELL STALKS MAC OS X?
YEAH, YOU WISH...
Since Apple released Mac OS X, even the PC industry trade 
publications have raved about its quality, design, and features.
http://www.net-security.org/news.php?id=4285


CYBER THREATS RISK NET'S FUTURE
The hunger in poor nations for going online is not without danger. 
With improved access, comes the threat of ever more internet 
security violations.
http://www.net-security.org/news.php?id=4286


APACHE AND SSL
When you want to transmit information through an untrusted channel 
(i.e. internet) and want to keep that information private, guarantee 
it's integrity and keep the authenticity then you need something 
like SSL.
http://www.net-security.org/news.php?id=4287


NESSUS, PART 2: SCANNING
This article, the second in the series, provides direction through 
the scanning process with Nessus, a powerful open source 
vulnerability scanner.
http://www.net-security.org/news.php?id=4288


TURN YOUR ANTIVIRUS STRATEGY INSIDE OUT
Computer viruses, worms, and hacker Trojan Horses are arriving 
with more frequency and with ever greater destructive power. 
Current systems are doing little to stem the tide. Something has 
to change, and the answer may lie in "fencing in."
http://www.net-security.org/news.php?id=4289


WINDOWS 98'S DEMISE LEAVES QUESTIONS ON SECURITY
Microsoft's plan to stop issuing security patches for the Windows 
98 next month could pose significant security challenges for 
organisations still running the operating system, experts 
have warned.
http://www.net-security.org/news.php?id=4290


PIVX DENIES MICROSOFT INVOLVED IN REMOVAL OF IE VULNS PAGE
Security solutions provider PivX Solutions has denied that Microsoft 
in any way influenced a decision to remove from its website a page 
which listed a fair number of unpatched vulnerabilities in Internet 
Explorer.
http://www.net-security.org/news.php?id=4291


A QUICK GUIDE TO LINUX BACKUP AND RECOVERY
IBM e-business architect Chris Walden is your guide through a 
nine-part developerWorks series on moving your operational skills 
from a Windows to a Linux environment. In this part, we take stock 
of what is on the system, and plan and implement regular backups 
with an eye to recovery as well as security.
http://www.net-security.org/news.php?id=4292


NASA SITES HIT BY ANTI-WAR HACKERS
NASA's Web sites have been attacked by anti-war hackers, says 
an online defacement archive.
http://www.net-security.org/news.php?id=4294


MICROSOFT WARNS: YOUR NEW PC IS ALREADY OUT OF DATE
Microsoft has warned consumers that the first thing they need to 
do when they open their new computers this Christmas is to protect 
and update them.
http://www.net-security.org/news.php?id=4295


FEDS UNITE ON SECURITY BENCHMARKS
A group of high-level IT officials in the federal government has 
begun collaborating on configuration benchmarks that government 
agencies could be required to use in future purchases of hardware 
and software.
http://www.net-security.org/news.php?id=4296


TRUSTWORTHY OPEN-SOURCE COMPUTING
Open-source software relies on the confidence we have that 
project leaders can detect and respond to security compromises. 
Here's why that needs to change.
http://www.net-security.org/news.php?id=4297


TWO MORE SCAM VICTIMS TELL THEIR TALES
At least two Australians have fallen foul of a money-for-nothing 
scam which offers victims 10 per cent of funds transferred into 
their bank account.
http://www.net-security.org/news.php?id=4298


VERISIGN ACQUIRES SECURITY SERVICE PROVIDER
VeriSign is buying managed security service provider Guardent.
http://www.net-security.org/news.php?id=4299


MICROSOFT UNLEASHES LEGAL ATTACK DOGS ON SPAMMERS
Microsoft is to hold a press conference today in New York with 
Eliot Spitzer, the city's attorney general, to promote a joint 
crackdown against spam.
http://www.net-security.org/news.php?id=4301


MICROSOFT GETS WINDOWS XP UPDATE READY
Microsoft is set to release a test version of the next update 
to Windows XP, which adds security features as well as 
improved support for Bluetooth and Wi-Fi networks.
http://www.net-security.org/news.php?id=4302


SECRET SERVICE AIRBRUSHES AERIAL PHOTOS
The White House and other government buildings get the 
Photoshop treatment when the agency tinkers with publicly
funded overhead images of Washington D.C.
http://www.net-security.org/news.php?id=4304


MITNICK CALLS FOR HACKERS' WAR STORIES
Kevin Mitnick is collating tales of hackers' 'art' into a book.
http://www.net-security.org/news.php?id=4305


LINUX 2.6.0 KERNEL RELEASED
Version 2.6.0 of the Linux kernel is ready for business. Readers 
of the linux-kernel mailing list learned that testing of the open
source operating system's new core ended late Wednesday, 
when Linus Torvalds sent an e-mail beginning with the cryptic 
phrase "The beaver is out of detox."
http://www.net-security.org/news.php?id=4306


TEEN HACKER BILLED FOR Ł21,000 DAMAGE
All because he wanted to download his tunes faster, the scamp...
http://www.net-security.org/news.php?id=4307


APPLE ISSUES PANTHER UPDATE; SECURITY FIXES TO FOLLOW
Apple Computer issued an update late Wednesday night for its 
Mac OS X, also known as Panther, and will come out with a 
security update for the operating system on Friday.
http://www.net-security.org/news.php?id=4308


THE MOST DESTRUCTIVE VIRUSES OF ALL TIME
With the SQL Slammer virus, more than 500,000 servers 
worldwide were infected, there was a general slowdown 
all over the Internet, and many corporations took their 
systems offline altogether.
http://www.net-security.org/news.php?id=4309

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

SARA Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=3142


osCommerce Malformed Session ID Cross Site Scripting 
Vulnerability
http://www.net-security.org/vuln.php?id=3141


Goahead Webserver Server Side Scripts Viewing Vulnerability
http://www.net-security.org/vuln.php?id=3140


ECW Shop Cross Site Scripting Vulnerability
http://www.net-security.org/vuln.php?id=3139


Invision Power Top Site List SQL Injection Vulnerability
http://www.net-security.org/vuln.php?id=3138


Invision Power Board SQL Injection Vulnerability
http://www.net-security.org/vuln.php?id=3137


lftp Multiple Buffer Overflow Vulnerabilities
http://www.net-security.org/vuln.php?id=3136


J2EE 1.4 Reference Implementation Database Component 
Remote Command Execution Vulnerability
http://www.net-security.org/vuln.php?id=3135


Multiple DUWare Product Vulnerabilities
http://www.net-security.org/vuln.php?id=3134


Aardvark Topsites 4.1.0 Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=3133


Cyrus IMSP Remote Root Compromise Vulnerability
http://www.net-security.org/vuln.php?id=3132


CGINews and CGIForum Weak Encryption and Information 
Disclosure Vulnerabilities
http://www.net-security.org/vuln.php?id=3131


DameWare Mini Remote Control Server Buffer Overflow 
Vulnerability
http://www.net-security.org/vuln.php?id=3130


osCommerce 2.2-MS1 SQL Injection Vulnerability
http://www.net-security.org/vuln.php?id=3129


Dark Age of Camelot Network Traffic Weak Encryption 
Vulnerability
http://www.net-security.org/vuln.php?id=3128


DCE RPC Vulnerabilities New Attack Vectors Analysis
http://www.net-security.org/vuln.php?id=3127


Yahoo E-mail Service Vulnerability
http://www.net-security.org/vuln.php?id=3126


Cyclonic Webmail 4 Multiple Vulnerabilities 
http://www.net-security.org/vuln.php?id=3125

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

Mandrake Linux Security Update Advisory - XFree86 (MDKSA-2003:118)
http://www.net-security.org/advisory.php?id=2830


Mandrake Linux Security Update Advisory - irssi (MDKSA-2003:117)
http://www.net-security.org/advisory.php?id=2829


Red Hat Security Advisory - Updated apache packages fix 
minor security vulnerability (RHSA-2003:405-00)
http://www.net-security.org/advisory.php?id=2828


SGI Security Advisory - SGI Advanced Linux Environment 
security update #7 (20031203-01-U)
http://www.net-security.org/advisory.php?id=2827


Gentoo Linux Security Announcement - net-ftp/lftp (200312-07)
http://www.net-security.org/advisory.php?id=2826


NetBSD Security Advisory - DNS negative cache poisoning (2003-018)
http://www.net-security.org/advisory.php?id=2825


OpenPKG Security Advisory - lftp (OpenPKG-SA-2003.053)
http://www.net-security.org/advisory.php?id=2824


OpenPKG Security Advisory - cvs (OpenPKG-SA-2003.052)
http://www.net-security.org/advisory.php?id=2823


Red Hat Security Advisory - Updated httpd packages fix 
Apache security (RHSA-2003:320-01)
http://www.net-security.org/advisory.php?id=2822


Cisco Security Advisory - Cisco FWSM Vulnerabilities 
(Revision 1.0 - 2003 December 15)
http://www.net-security.org/advisory.php?id=2821


Cisco Security Advisory - Cisco PIX Vulnerabilities 
(Revision 1.0 - 2003 December 15)
http://www.net-security.org/advisory.php?id=2820


Mandrake Linux Security Update Advisory - lftp (MDKSA-2003:116)
http://www.net-security.org/advisory.php?id=2819


Red Hat Security Advisory - Updated lftp packages fix 
security vulnerability (RHSA-2003:403-01)
http://www.net-security.org/advisory.php?id=2818


SUSE Security Announcement - lftp (SuSE-SA:2003:051)
http://www.net-security.org/advisory.php?id=2817


Gentoo Linux Security Announcement - net-irc/xchat (200312-06)
http://www.net-security.org/advisory.php?id=2816


Immunix Secured OS Security Advisory - lftp (IMNX-2003-73-002-01)
http://www.net-security.org/advisory.php?id=2815


SOT Linux Security Advisory - Updated cvs package 
for SOT Linux 2003 (SLSA-2003:57)
http://www.net-security.org/advisory.php?id=2814


SOT Linux Security Advisory - Updated XFree86 package 
for SOT Linux 2003 (SLSA-2003:56)
http://www.net-security.org/advisory.php?id=2813


SCO Security Advisory - UnixWare 7.1.1 : Bind: cache poisoning BIND 8
prior to 8.3.7 and BIND 8.4.x prior 8.4.2 (CSSA-2003-SCO.33.1)
http://www.net-security.org/advisory.php?id=2812


Slackware Security Advisory - lftp security update (SSA:2003-346-01)
http://www.net-security.org/advisory.php?id=2811

----------------------------------------------------------------




[ Articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to articles@net-security.org

----------------------------------------------------------------

INTERVIEW WITH JON EDNEY, AUTHOR OF "REAL 802.11 SECURITY"
Jon Edney specializes in wireless networking and is a key 
contributor to the development of IEEE 802.11 systems. 
In this interview he discusses various wireless security 
topics as well as his book.
http://www.net-security.org/article.php?id=619


NEW MOBILE ENCRYPTER ARRIVES AND MOBILE SNIFFER IS DISCONTINUED
The Airscanner Mobile Encrypter is an application that secures 
the user's data residing on the personal data assistant and 
provides the facility to lock the device in order to disallow its 
use by other users.
http://www.net-security.org/article.php?id=618


THE VIRUS THAT CAME FROM OUTER SPACE
An American website has published a warning of the possible 
appearance of a virus from outer space. Who, why, how? 
Read on...
http://www.net-security.org/article.php?id=617


"SOMBRIA:" A WITNESS TO POTENTIAL CYBER CRIMES
The second report of Sombria provides a more succinct and 
focused overview of the main events "witnessed" by the 
honeypot system during the months of August, September 
and October 2003.
http://www.net-security.org/article.php?id=616


PACKET SNIFFING ON LAYER 2 SWITCHED LOCAL AREA NETWORKS
This paper discusses several methods that result in packet sniffing 
on Layer 2 switched networks. Each of the sniffing methods will 
be explained in detail. The purpose of the paper is to show how 
sniffing can be accomplished on switched networks, and to 
understand how it can be prevented.
http://www.net-security.org/article.php?id=615

----------------------------------------------------------------




[ Webcasts ]


All webcasts are located at: 
http://www.net-security.org/webcasts.php


----------------------------------------------------------------

Security Enhancements for Internet Information Services 6.0
Organized by Microsoft on 6 January 2004, 9:30 AM PT
http://www.net-security.org/webcast.php?id=153


The Basics of WLAN Security
Organized by Funk Software on 6 January 2004, 1:00 PM EDT
http://www.net-security.org/webcast.php?id=148


Penetration Testing with CORE IMPACT
Organized by Core Security Technologies on 6 January 2004, 2:00 PM ET
http://www.net-security.org/webcast.php?id=150


Microsoft Executive Circle: Implementing more security products 
won’t make you more secure, better management will
Organized by Microsoft on 19 January 2004, 9:00 AM PT
http://www.net-security.org/webcast.php?id=152


Monthly Update from Microsoft’s VP for Security
Organized by Microsoft on 20 January 2004, 8:30 AM PT
http://www.net-security.org/webcast.php?id=151


Best Practices: Taking Proactive Measures Before The Next Exploit
Organized by eEye on 22 January 2004, 2:00 PM PST 
http://www.net-security.org/webcast.php?id=149

----------------------------------------------------------------




[ Conferences ]


All conferences are located at: 
http://www.net-security.org/conferences.php


----------------------------------------------------------------

Access Denied 2004
Organized by New Leaf Productions - 11 January-13 January 2004
http://www.net-security.org/conference.php?id=75


Spam Conference 2004
Organized by Gilberte Houbart - 16 January-16 January 2004
http://www.net-security.org/conference.php?id=80


Security Venture Fair
Organized by Infocast - 21 January-23 January 2004
http://www.net-security.org/conference.php?id=78


IT-Defense 2004
Organized by cirosec GmbH/dpunkt.Verlag - 28 January -
30 January 2004
http://www.net-security.org/conference.php?id=56


Infosecurity Italia 2004
Organized by Fiera Milano International - 13 February -
14 February 2004
http://www.net-security.org/conference.php?id=34


Southeast Cybercrime Summit 2004
Organized by ATLCCS - 2 March-5 March 2004
http://www.net-security.org/conference.php?id=77


InfoSec World Conference and Expo 2004
Organized by MIS Training Institute - 22 March-24 March 2004
http://www.net-security.org/conference.php?id=68


RSA Conference 2004 USA
Organized by RSA Security - 13 April-17 April 2004
http://www.net-security.org/conference.php?id=55


Infosecurity Europe 2004
Organized by Reed Exhibitions - 27 April-29 April 2004
http://www.net-security.org/conference.php?id=27


Dallascon Security Conference 2004
Organized by DallasCon - 1 May-2 May 2004
http://www.net-security.org/conference.php?id=73


16th Annual FIRST Conference
Organized by FIRST - 13 June-18 June 2004
http://www.net-security.org/conference.php?id=22


NetSec 2004
Organized by Computer Security Institute - 14 June-16 June 2004
http://www.net-security.org/conference.php?id=20


2004 USENIX Annual Technical Conference
Organized by USENIX Association - 27 June-2 July 2004
http://www.net-security.org/conference.php?id=66


DIMVA 2004
Organized by German Informatics Society - 6 July-7 July 2004
http://www.net-security.org/conference.php?id=47


13th USENIX Security Symposium
Organized by USENIX Association - 9 August-13 August 2004
http://www.net-security.org/conference.php?id=67

----------------------------------------------------------------




[ Security world ]


All press releases are located at:
http://www.net-security.org/press_main.php

Send your press releases to press@net-security.org

----------------------------------------------------------------

Security Software of Worldwide Reputation: 20 Years Utimaco Safeware
http://www.net-security.org/press.php?id=1900


Lightsource Technologies To Deliver Sigaba Secure Email and Sigaba 
Secure Instant Messaging Security Solutions to Australian Businesses
http://www.net-security.org/press.php?id=1899


TeliaSonera Expands F-Secure's Security as a Service Concept 
Also to Small and Medium Businesses
http://www.net-security.org/press.php?id=1898


New Worldwide Launch: Panda Webadmin AntiVirus, The 
Definitive Antivirus Solution For Small To Mid-Sized Companies
http://www.net-security.org/press.php?id=1897


Mirapoint Intros New 45-Series Appliances Designed To Increase 
The Reliability, Security, and Performance Of Message Networks
http://www.net-security.org/press.php?id=1896


Trapeze Networks Adds Key Network Topology and Voice 
Enhancements To Its Wireless LAN Mobility System
http://www.net-security.org/press.php?id=1895


Check Point Software Technologies to Acquire Zone Labs
http://www.net-security.org/press.php?id=1894


International Rice Research Institute Selects Application 
Security To Protect Sensitive Data At The Source
http://www.net-security.org/press.php?id=1893


Zone Labs And Enterasys Networks Announce Interoperability 
To Enforce Desktop Security Policies
http://www.net-security.org/press.php?id=1892


Kaspersky Labs Partners with Reflex Security to Deliver 
Anti-Virus and Anti-Spam Solutions
http://www.net-security.org/press.php?id=1891


Lockheed Martin Selects Forum Systems For Next 
Generation Information Security Platform 
http://www.net-security.org/press.php?id=1890

----------------------------------------------------------------




[ Virus News ]


All virus news are located at: 
http://www.net-security.org/viruses.php 


----------------------------------------------------------------

Weekly Virus Report - Sober, Wincap and Duster Worms
http://www.net-security.org/virus_news.php?id=338


Airscanner Mobile AntiVirus 2.5 for Windows Mobile 2003/2003 Released
http://www.net-security.org/virus_news.php?id=337


Kaspersky Anti-Virus for Windows Desktops Beta Testing
http://www.net-security.org/virus_news.php?id=336


Ranking of The Most Frequently Detected Viruses in 2003
http://www.net-security.org/virus_news.php?id=335

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:
 
Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


-------------------------------------------------------------------
FREE GUIDE-128-bit encryption
-------------------------------------------------------------------
Thawte is one of the few companies that offers 128 bit supercerts.
A supercerts will allow you to extend the highest allowed 128 bit 
encryption to all your clients even if they use browsers that are 
limited to 40 bit encryption.
-------------------------------------------------------------------
Download a guide to learn more.
http://ad.doubleclick.net/clk;6091071;8369141;h
-------------------------------------------------------------------