HNS Newsletter
Issue 197 - 26.01.2004.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week.


----------------------------------------------------------------
Get Thawte’s NEW Step-by-Step SSL Guide for Apache
----------------------------------------------------------------
In this guide you will find out how to test, purchase, install 
and use a Thawte Digital Certificate on you Apache web server. 

Throughout, best practices for set-up are highlighted to help 
you ensure efficient ongoing management of your encryption 
keys and digital certificates.

Get your copy of this new guide now:
http://ad.doubleclick.net/clk;6091061;8369142;h
----------------------------------------------------------------


Table of contents:
 
1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Webcasts
6) Conferences
7) Security world
8) Virus news


[ Security news ]

 
----------------------------------------------------------------

COMMENTARY: ADDITION OF IPSEC LOCKS DOWN 2.6 KERNEL
Enterprise administrators need not fear that 2.6 kernel developers 
have compromised security in exchange for enterprise benchmarks.
http://www.net-security.org/news.php?id=4427


CHECK POINT BEEFS UP NETWORK PROTECTION
Check Point Software Technologies takes its first step this week 
toward fulfilling its pledge to evolve beyond being firewall provider 
by introducing a family of security appliances designed to protect 
internal networks.
http://www.net-security.org/news.php?id=4428


SPAM FILTERS GRAB GOOD WITH BAD
The growing use of antispam filters that weed out messages 
containing words commonly used by junk e-mailers is forcing 
legitimate e-mail senders to choose their language carefully.
http://www.net-security.org/news.php?id=4429


VIRUSES PACK TRIPLE THREAT
Virus writers are merging spam, phishing and Trojan programs to 
develop more complex attacks on the unwary.
http://www.net-security.org/news.php?id=4430


SECURITY AS ONE OF THE LAYERS FOR OPEN SOURCE COMMODITIZATION
Key open source advocates point to databases, security and storage 
as the next big categories ripe for commoditization. 
http://www.net-security.org/news.php?id=4431


LIE-DETECTOR GLASSES OFFER PEEK AT FUTURE OF SECURITY
It may not be long before you hear airport security screeners ask, 
"Do you plan on hijacking this plane?"
http://www.net-security.org/news.php?id=4432


THE FUTURE OF SECURITY IS DARK
There's no need to imagine a worst-case scenario for Internet 
security in the year 2010. The worst-case scenario is unfolding 
right now.
http://www.net-security.org/news.php?id=4435


MSBLAST VIRUS WRITER FACES 15 YEARS BEHIND BARS
A virus writer accused of creating an MSBlast variant last year 
is to face a Romanian court this week and could be sentenced 
to 15 years in jail if convicted.
http://www.net-security.org/news.php?id=4436


TOP NETWORKING TECHNOLOGIES FOR 2004
VoIP will fundamentally change the economics of providing voice 
services to the consumer, as well as alter the fundamental 
economics upon which telephone companies are based. It will 
"increase competition in the consumer voice-services market 
via third-party access to provide voice services in addition to 
cable and other entry media into the home."
http://www.net-security.org/news.php?id=4437


POLICE IN INDIA TO MONITOR CYBERCAFES
Increasingly fearful that terrorists and other criminals are taking 
advantage of cybercafes, Bombay police want to require customers 
to show photo identification and give their home addresses.
http://www.net-security.org/news.php?id=4438


THE GIANT WOODEN HORSE DID IT!
Introducing a new legal defense to computer crime charges -- 
one that's all the more frightening because it could be true.
http://www.net-security.org/news.php?id=4439


HOW POLICE CRACK OPEN CRIMINAL MINDS
An officer who pioneered a database linking violent offences 
wonders why more forces don't use it.
http://www.net-security.org/news.php?id=4440


SENTENCING DATE SET IN NUCLEAR LAB HACK CASE
A sentencing date has been set for a UK teenager who admits 
breaking into the network of a US high-energy physics research 
lab.
http://www.net-security.org/news.php?id=4441


FLAW FOUND IN ANTI-VIRUS SOFTWARE
Products from three popular anti-virus software companies have 
been found to contain a programming flaw that allows a hacker 
to crash a user's desktop PC.
http://www.net-security.org/news.php?id=4442


2000-2003: THE AGE OF (IN)SECURITY
A series of increasingly virulent worms -- Code Red, Nimbda, Klez, 
Blaster, Slammer, SoBig -- infected millions of machines. Slammer 
also disabled ATMs, 911 call centers and other systems that 
weren't supposed to be connected to the Net.
http://www.net-security.org/news.php?id=4443


SECURITY IN MOTION
In his quest to discover why a company "embracing standards" 
left out a more secure standard, Senior Editor Scott Berinato 
gets angry.
http://www.net-security.org/news.php?id=4444


CRACK SANDIA TEAM HACKS - BUT ONLY IF ASKED
What does a hacker look like? It's not an easy question for 
Sandia National Laboratories scientists to answer - even 
when they're the ones doing the hacking.
http://www.net-security.org/news.php?id=4445


HOW YOUR MOBILE COULD BE SPYING ON YOU
In fact, the technology has arrived that allows anyone to 
track someone down without them having a clue they are 
under surveillance.
http://www.net-security.org/news.php?id=4446


WI-FI REMAINS A WORK IN PROGRESS
Regardless of the amount of Wi-Fi security infrastructure, 
end-users often are the weakest link, because they can be 
fooled or coerced into giving up user IDs, passwords and 
WEP keys. Consequently, organizations need to create and, 
more importantly, enforce security policies.
http://www.net-security.org/news.php?id=4448


BIOMETRICS: GET READY TO DESTROY ALL PASSWORDS
Street research carried out at Victoria Station earlier this year 
revealed that 90 per cent of people were willing to give their 
passwords to Infosecurity Europe researchers as part of a 
survey on identity theft - the researchers did not give any 
verification of their identity and their only tool was a clipboard.
http://www.net-security.org/news.php?id=4449


NEW WORM DRAWS SOBIG COMPARISONS
Computer security experts fear a new worm that began 
spreading rapidly across Australian e-mail networks on 
Sunday could be a rehearsal for a more concerted attack 
in coming weeks.
http://www.net-security.org/news.php?id=4450


HOW DO COMPUTER VIRUSES WORK?
In this article, we will discuss viruses -- both "traditional" 
viruses and the newer e-mail viruses -- so that you can 
learn how they work and also understand how to protect 
yourself.
http://www.net-security.org/news.php?id=4451


SECURE CODING PRINCIPLES 101
Writing secure code is the first step in producing applications 
that are secure and robust.
http://www.net-security.org/news.php?id=4452


MICROSOFT BASELINE SECURITY ANALYZER 1.2 IS HERE
Version 1.2 of MBSA includes a graphical and command line 
interface that can perform local or remote scans of Windows 
systems.
http://www.net-security.org/news.php?id=4453


CODE THAT CAN'T BE CRACKED
What's just a plot in movies is vital to a lot of companies. 
This firm stakes its existence on making encryption work.
http://www.net-security.org/news.php?id=4454


APACHE BASICS
In the first installment of his new Apache series, Russell 
discusses the basics of Apache — what role it plays and 
how to configure the essentials.
http://www.net-security.org/news.php?id=4455


SPAM BECOMES ART AS JUNK MAIL INSPIRES POETS
Branded almost universally an irritation or even an evil of 
the modern age, spam is finding support from an unusual 
quarter: poets.
http://www.net-security.org/news.php?id=4456


MORE DAMAGING VIRUSES TO COME
The email worm that popped up to say "hi" in Australia's 
inboxes would almost certainly be followed by a nastier 
mutation, security experts have warned.
http://www.net-security.org/news.php?id=4457


INSTANT MESSAGE SPAM IS GETTING MORE DISRUPTIVE
Marketers have never seen a medium they didn't want to 
exploit. So it is that spam has come to instant messaging - 
yielding IM spam, or spim. It's been around a few years, 
but only in the past few months has it reached the 
threshold of disruption.
http://www.net-security.org/news.php?id=4459


PRISON TIME FOR UNLUCKY PHISHER
An Ohio woman who used forged e-mails from "AOL security" 
to swindle America Online subscribers out of their credit card 
numbers was sentenced to 46 months in prison Tuesday, 
after a federal judge in Virginia rejected her plea for a 
reduced sentence.
http://www.net-security.org/news.php?id=4460


HACKERS HEAD FOR HOME
With corporate systems becoming increasingly tough to 
crack, hackers will focus on collecting the personal 
information of vulnerable home users in 2004, internet 
experts have warned.
http://www.net-security.org/news.php?id=4461


SECURITY EXPERTS GIVE E-VOTING THUMBS DOWN
Four computer security experts have warned proponents 
of Internet voting that such systems cannot be secured 
against fraud.
http://www.net-security.org/news.php?id=4462


IBM, SUSE LINUX ANNOUNCE SECURITY CERTIFICATIONS
IBM and Novell Inc.'s SuSE Linux used the annual LinuxWorld 
conference and expo here to make several announcements 
on Linux security assessment and assurance.
http://www.net-security.org/news.php?id=4463


WHAT CAN YOU LEARN FROM A HACKER SITE?
Finding up what the other side is up to can help keep your 
network secure - but make sure you don't get rumbled.
http://www.net-security.org/news.php?id=4464


RIAA STRIKES AGAIN AT TRADERS
The recording industry group files its largest round of lawsuits to 
date, identifying 532 computer users it believes are distributing 
copyright music online.
http://www.net-security.org/news.php?id=4465


DEREGULATION, SECURITY IDEOLOGIES CLASH
The Federal Communications Commission's efforts to reduce 
regulations of some Internet services have come under intense 
criticism from officials at law enforcement agencies who say 
that their ability to electronically monitor terrorists and other 
criminal suspects is threatened, according to government 
officials, industry lawyers and documents on file at the FCC.
http://www.net-security.org/news.php?id=4466


REVIEW OF WINDOWS SERVICES FOR UNIX 3.5
I did a review of Windows Services for UNIX 3.0 (SFU) a few 
months ago. I remember being frustrated with that release 
because it seemed to me that all Microsoft did was throw 
something together just to be able to say "Hey look, we 
have this".
http://www.net-security.org/news.php?id=4467


A VISIT FROM THE FBI
Scott Granneman had a little visit from the FBI recently, 
in response to one of his SecurityFocus columns.
http://www.net-security.org/news.php?id=4468


SPAM MIGHT BE YOUR BIGGEST HEADACHE, NOT YOUR BIGGEST THREAT
Spam is now the number one issue for the majority of IT managers, 
but by focusing solely on this issue are they in danger of missing 
the wider issues of email security?
http://www.net-security.org/article.php?id=632


FTC: ID THEFT ON THE RISE
Identity theft and fraud cost Americans at least $437 million last 
year, as scam artists made themselves at home on the Internet, 
according to federal statistics released on Thursday.
http://www.net-security.org/news.php?id=4470


SENATE SECURITY HOLE ENABLES PARTISAN SPYING
According to the Boston Globe, Republican staff members of the 
U.S. Senate Judiciary Committee exploited a security hole in the 
committee's servers for at least a year to access and share 
secret Democratic memos.
http://www.net-security.org/news.php?id=4471


SECURITY PROS QUESTION FLAW FIND
Two Internet software developers who said they have uncovered 
a way to cause entire networks of computers to freeze or shut 
down may have simply rediscovered an old network issue.
http://www.net-security.org/news.php?id=4472


NETWORK ASSOCIATES FIGHTS SPYWARE
Network Associates, the maker of McAfee antivirus software, 
is joining the fight against spyware, programs that track people's 
Internet habits, gather personal information and deliver it to 
advertisers.
http://www.net-security.org/news.php?id=4473


FBI JOINS HUNT FOR HALF-LIFE CODE
The FBI has joined efforts to track down those who took part 
of the computer code of one of the year's most highly anticipated 
games, Half-Life 2.
http://www.net-security.org/news.php?id=4474


CALIFORNIA 'DISEMPOWERED' BY FEDERAL SPAM LAW
Californians will have less protection against spammers under a new 
federal antispam law that recently superceded a stricter state law, 
state Attorney General Bill Lockyer said Thursday.
http://www.net-security.org/news.php?id=4475


EU ANTI-SPAM LAWS ARE OK
It's just over a month since new anti-spam legislation was 
introduced into the UK with almost universal condemnation that 
the new laws would have a limited effect in the fight against 
junk email.
http://www.net-security.org/news.php?id=4476


LINUX THREATENS US SECURITY, SCO TELLS CONGRESS
The SCO Group has confirmed that it sent a letter to all 535 
members of the US Congress which claimed that Linux and 
open-source software is a threat to the security and 
economy of the US.
http://www.net-security.org/news.php?id=4477


SSL TO BE ONE OF 2004’S BRIGHT SPOTS
Adoption of virtual private networks (VPNs) based on the browser
based SSL technology is shaping up to be one of the key trends 
of 2004, especially as enterprises mobilize their workforces.
http://www.net-security.org/news.php?id=4478


REMEMBERING SLAMMER ON ITS ANNIVERSARY
Security is tighter, but experts say fast-moving worms will 
crawl again.
http://www.net-security.org/news.php?id=4479

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

NetBus Pro Web Server Direcory Listing And Remote 
File Upload Vulnerability
http://www.net-security.org/vuln.php?id=3206


Freesco Public HTTP Server Cross Site Scripting Vulnerabillity
http://www.net-security.org/vuln.php?id=3205


GeoHttpServer Authentification Bypass Vulnerability & 
Denial Of Service Vulnerability
http://www.net-security.org/vuln.php?id=3204


Need For Speed Hot Pursuit 2 Client's Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=3203


Tbe - The Banner Engine Server-Side Script Execution Vulnerability
http://www.net-security.org/vuln.php?id=3202


Honeyd Remote Detection Via Simple Probe Packet
http://www.net-security.org/vuln.php?id=3201


WebcamXP v1.06.945 Cross Site Scripting Vulnerabillity
http://www.net-security.org/vuln.php?id=3200


DUWARE Products Admin Access and Arbitrary File 
Upload Vulnerability
http://www.net-security.org/vuln.php?id=3199


WebTrends Reporting Center Path Disclosure Vulnerability
http://www.net-security.org/vuln.php?id=3198 


2Wire-Gateway Cross Site Scripting And Directory 
Transversal Vulnerability In SSL Form
http://www.net-security.org/vuln.php?id=3197


OwnServer 1.0 Directory Transversal Vulnerability
http://www.net-security.org/vuln.php?id=3196


Microsoft Internet Explorer Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=3195


NETCam Webserver Directory Traversal Vulnerability
http://www.net-security.org/vuln.php?id=3194


Getware's Built-In Webserver Denial Of Service Vulnerability
http://www.net-security.org/vuln.php?id=3193


Goahead webserver Directories Management Bypassing Vulnerability
http://www.net-security.org/vuln.php?id=3192


Goahead Webserver Resources Consumption Vulnerability
http://www.net-security.org/vuln.php?id=3191


Yabb SE SQL Injection Vulnerability
http://www.net-security.org/vuln.php?id=3190


Networker 6.0 Possible Symlink Attack Vulnerability
http://www.net-security.org/vuln.php?id=3189


Pablo Sofware Solutions FTP Server Outside The FTP 
Root Directory File Detection Vulnerability
http://www.net-security.org/vuln.php?id=3188


Mambo OS v4.5/v4.6 Remote Command Execution Vulnerability
http://www.net-security.org/vuln.php?id=3187


Outpost Firewall Local SYSTEM Access Vulnerability
http://www.net-security.org/vuln.php?id=3186


Ultr@VNC Local SYSTEM Access Vulnerability 
http://www.net-security.org/vuln.php?id=3185

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

SGI Security Advisory - SGI ProPack v2.3: Kernel fixes 
and security update (20040102-01-U)
http://www.net-security.org/advisory.php?id=2911


Red Hat Security Advisory - Updated slocate packages 
fix vulnerability (RHSA-2004:040-01)
http://www.net-security.org/advisory.php?id=2910


Turbolinux Security Announcement - lftp and tcpdump (22/Jan/2004)
http://www.net-security.org/advisory.php?id=2909


Gentoo Linux Security Advisory - Honeyd remote detection 
vulnerability via a probe packet (GLSA 200401-02)
http://www.net-security.org/advisory.php?id=2908


Cisco Security Advisory - Voice Product Vulnerabilities 
on IBM Servers (Revision 1.0)
http://www.net-security.org/advisory.php?id=2907


Trustix Secure Linux Security Advisory - slocate (2004-0005)
http://www.net-security.org/advisory.php?id=2906


Red Hat Security Advisory - Updated mc packages resolve 
buffer overflow vulnerability (RHSA-2004:034-01)
http://www.net-security.org/advisory.php?id=2905


Debian Security Advisory - New slocate packages fix 
buffer overflow (DSA 428-1)
http://www.net-security.org/advisory.php?id=2904


Conectiva Linux Security Announcement - kdepim (CLA-2004:810)
http://www.net-security.org/advisory.php?id=2903


Conectiva Linux Security Announcement - screen (CLA-2004:809)
http://www.net-security.org/advisory.php?id=2902


Conectiva Linux Security Announcement - cvs (CLA-2004:808)
http://www.net-security.org/advisory.php?id=2901


Guardian Digital Security Advisory - 'tcpdump' multiple 
vulnerabilities (ESA-20040119-002)
http://www.net-security.org/advisory.php?id=2900


Debian Security Advisory - New Linux 2.4.17 packages fix local 
root exploit (mips+mipsel) (DSA 427-1)
http://www.net-security.org/advisory.php?id=2899


Debian Security Advisory - New netpbm-free packages fix 
insecure temporary file creation (DSA 426-1)
http://www.net-security.org/advisory.php?id=2898


Devian Security Advisory - New tcpdump packages fix 
multiple vulnerabilities (DSA 425-1)
http://www.net-security.org/advisory.php?id=2897


Debian Security Advisory - New mc packages fix buffer 
overflow (DSA 424-1) 
http://www.net-security.org/advisory.php?id=2896

----------------------------------------------------------------




[ Articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to articles@net-security.org

----------------------------------------------------------------

AN INTRODUCTION TO SQL INJECTION ATTACKS FOR 
ORACLE DEVELOPERS
This paper is intended for application developers, database 
administrators, and application auditors to highlight the 
risk of SQL injection attacks and demonstrate why web 
applications may be vulnerable.
http://www.net-security.org/article.php?id=633


SPAM MIGHT BE YOUR BIGGEST HEADACHE, NOT YOUR BIGGEST THREAT
Spam is now the number one issue for the majority of IT managers, 
but by focusing solely on this issue are they in danger of missing 
the wider issues of email security?
http://www.net-security.org/article.php?id=632


AN IT MANAGER’S INSIGHT INTO MOBILE SECURITY
No company are without laptops, PDAs or smart phones these days, 
so if you want to make sure your company does not become another 
statistic or victim of data theft here are a few golden rules you 
should follow.
http://www.net-security.org/article.php?id=631


ORACLE DATABASE LISTENER SECURITY GUIDE
This paper outlines the vulnerabilities in the Oracle TNS Listener 
and provides recommendations for properly securing it. Providing 
minimal security for the Listener is simple and should be done for 
all Oracle installations – development, test and production.
http://www.net-security.org/article.php?id=630


THE BIOMETRICS MYTH
There is a rather touching belief that biometrics – ranging from 
fingerprint recognition to iris scanning – are the perfect answer 
to user authentication in computer applications. Steve Bale, CEO 
ArmourSoft explains the underlying principles, weighs the very 
real disadvantages and reveals a much simpler approach that 
is available right now – at a fraction of the cost.
http://www.net-security.org/article.php?id=629

----------------------------------------------------------------




[ Webcasts ]


All webcasts are located at: 
http://www.net-security.org/webcasts.php


----------------------------------------------------------------

Tripwire for Network Devices: Overview and Product Demo
Organized by Tripwire on 27 January 2004, 11:00 AM PDT
http://www.net-security.org/webcast.php?id=176


ASP.NET Security Best Practices
Organized by Microsoft on 28 January 2004, 9:00 AM PT
http://www.net-security.org/webcast.php?id=172


Implementing Client Security on Windows 2000 and Windows XP
Organized by Microsoft on 28 January 2004, 1:00 PM PT
http://www.net-security.org/webcast.php?id=171


Helping You Avoid the Intellectual Property Litigation Trap
Organized by RSA Security on 28 January 2004, 1:30 PM ET
http://www.net-security.org/webcast.php?id=161


Creating a Single Sign-On Enterprise Security Portal
Organized by Microsoft on 17 February 2004, 1:00 PM  
http://www.net-security.org/webcast.php?id=173

----------------------------------------------------------------




[ Conferences ]


All conferences are located at: 
http://www.net-security.org/conferences.php


----------------------------------------------------------------

IT-Defense 2004
Organized by cirosec GmbH/dpunkt.Verlag - 28 January -
30 January 2004
http://www.net-security.org/conference.php?id=56


FAA IT/ISS Partnership Conference
Organized by FBC - 10 February-11 February 2004
http://www.net-security.org/conference.php?id=84


Infosecurity Italia 2004
Organized by Fiera Milano International - 13 February -
14 February 2004
http://www.net-security.org/conference.php?id=34


RSA Conference 2004 USA
Organized by RSA Security - 23 February-27 February 2004
http://www.net-security.org/conference.php?id=55


Southeast Cybercrime Summit 2004
Organized by ATLCCS - 2 March-5 March 2004
http://www.net-security.org/conference.php?id=77


InfoSec World Conference and Expo 2004
Organized by MIS Training Institute - 22 March-24 March 2004
http://www.net-security.org/conference.php?id=68


Infosecurity Europe 2004
Organized by Reed Exhibitions - 27 April-29 April 2004
http://www.net-security.org/conference.php?id=27


Dallascon Security Conference 2004
Organized by DallasCon - 1 May-2 May 2004
http://www.net-security.org/conference.php?id=73


RSA Conference 2004 Japan
Organized by RSA Conference 2004 Japan Executive Comittee - 
31 May-1 June 2004
http://www.net-security.org/conference.php?id=82


BCS Birmingham IT Security Conference 2004
Organized by British Computer Society - 8 June-8 June 2004
http://www.net-security.org/conference.php?id=81


16th Annual FIRST Conference
Organized by FIRST - 13 June-18 June 2004
http://www.net-security.org/conference.php?id=22


NetSec 2004
Organized by Computer Security Institute - 14 June -
16 June 2004
http://www.net-security.org/conference.php?id=20


2004 USENIX Annual Technical Conference
Organized by USENIX Association - 27 June-2 July 2004
http://www.net-security.org/conference.php?id=66


DIMVA 2004
Organized by German Informatics Society - 6 July-7 July 2004
http://www.net-security.org/conference.php?id=47


13th USENIX Security Symposium
Organized by USENIX Association - 9 August-13 August 2004 
http://www.net-security.org/conference.php?id=67

----------------------------------------------------------------




[ Security world ]


All press releases are located at:
http://www.net-security.org/press_main.php

Send your press releases to press@net-security.org

----------------------------------------------------------------

"Security Warrior" Released By O'Reilly
http://www.net-security.org/press.php?id=1938


Panda Software Introduces New Features In Its 
Antiviruses For Linux Mail Servers
http://www.net-security.org/press.php?id=1937


Macrovision Releases CDS-300 Featuring Windows Media DRM
http://www.net-security.org/press.php?id=1936


Sparda-Datenverarbeitung Implements Comprehensive 
E-Mail Security With Utimaco Safeware's Secure-Mail 
Gateway
http://www.net-security.org/press.php?id=1935


Norman Data Defense Systems Releases Norman Virus 
Control For Content Vectoring Protocol Based Firewalls 
Powered By Norman Sandbox
http://www.net-security.org/press.php?id=1934


Sophos Beats Rivals In Veritest Analysis
http://www.net-security.org/press.php?id=1933


Trapeze Networks Announces New President And 
Chief Executive Officer
http://www.net-security.org/press.php?id=1932


iS3 Launches Weblog, "OnSecurity," And Presents 
At Upcoming Security Venture Fair
http://www.net-security.org/press.php?id=1931


Panda Webadmin Antivirus Simplifies SME IT Protection
http://www.net-security.org/press.php?id=1930


eSoft USA Launches Secure Content Management 
(SCM) Solutions in India
http://www.net-security.org/press.php?id=1929


Cyberguard's Snapgear Launches Embedded Firewall 
Network Card For Distributed Security Control
http://www.net-security.org/press.php?id=1928


Norman Data Defense Systems Releases NVCNet 
For Terminal Server
http://www.net-security.org/press.php?id=1927


Diagonal Security Named As Kavado Premier Partner In The 
Uk Market Leader In Web Application Security Expands 
Reseller Network
http://www.net-security.org/press.php?id=1926


The Release Of Informer Evasion Gateway 1.0
http://www.net-security.org/press.php?id=1925


TippingPoint's UnityOne Intrusion Prevention System Wins 
NSS Gold Award in Comprehensive, Side-by-Side Vendor 
Comparison
http://www.net-security.org/press.php?id=1924


Mindreef Announces Availability of SOAPscope 3.0 Web 
Services Diagnostics System with Microsoft Visual 
Studio .Net Integration
http://www.net-security.org/press.php?id=1923


A Secure and Easy-to-Use Mail Transfer Agent for Unix 
O'Reilly Releases "Postfix: The Definitive Guide"
http://www.net-security.org/press.php?id=1922

----------------------------------------------------------------




[ Virus News ]


All virus news are located at: 
http://www.net-security.org/viruses.php 


----------------------------------------------------------------

Weekly virus report - Bagle.A, StartPage.AB and StartPage.AC
http://www.net-security.org/virus_news.php?id=348


Incidents Caused By The Bagle.A Worm Drop Off
http://www.net-security.org/virus_news.php?id=347


Bagle Worm Spreading Around The World
http://www.net-security.org/virus_news.php?id=346


New Bagle Worm Spreads Over Internet Disguised As 
Calculator, Warns Sophos
http://www.net-security.org/virus_news.php?id=345


Weekly virus report - Downloader.AC, Bookmark.C and 
Agent.A. Trojans and Exploit/URLSpoof
http://www.net-security.org/virus_news.php?id=344


Sophos Warns Of New Trojan 'Phishing' For Cash
http://www.net-security.org/virus_news.php?id=343


A New Modification Of Mimail Sent In Mass Spam Distribution
http://www.net-security.org/virus_news.php?id=342

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:
 
Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


----------------------------------------------------------------
Get Thawte’s NEW Step-by-Step SSL Guide for Apache
----------------------------------------------------------------
In this guide you will find out how to test, purchase, install 
and use a Thawte Digital Certificate on you Apache web server. 

Throughout, best practices for set-up are highlighted to help 
you ensure efficient ongoing management of your encryption 
keys and digital certificates.

Get your copy of this new guide now:
http://ad.doubleclick.net/clk;6091061;8369142;h
----------------------------------------------------------------