HNS Newsletter
Issue 206 - 29.03.2004.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It 
covers weekly roundups of security events that were in the 
news the past week.


----------------------------------------------------------------
ETHICAL HACKING: SECURITY TESTING FOR PROFESSIONALS
----------------------------------------------------------------
This course teaches you a repeatable, documentable methodology 
that can be used in a professional security testing or penetration 
testing situation.

Get 400$ OFF when you mention Help Net Security!
http://www.net-security.org/v/infosec/
----------------------------------------------------------------


Table of contents:
 
1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Reviews
6) Webcasts
7) Conferences
8) Security world


[ Security news ]

 
----------------------------------------------------------------

MALWARE - IT'S GETTING WORSE
The recent MyDoom Worm successfully infected enough victims in 
order to shut down SCO's web site, followed by new variants that 
targeted Microsoft's web site. This paper isn't intended to discuss 
the motives of the author, instead it will help you understand how 
worms enter your network, how you can block them before they 
even reach your internal network, and how to act in case 
they get in.
http://www.net-security.org/news.php?id=4875


WITTY ATTACKS YOUR FIREWALL AND DESTROYS YOUR DATA
A new worm that, ironically, makes sport of Win-32 systems 
defended by BlackIce and RealSecure firewall products from 
Internet Security Systems (ISS) began circulating Saturday.
http://www.net-security.org/news.php?id=4876


WATCH OUT: IT'S VIRUS SEASON AGAIN
Virus writers seem to be trying every trick they can these days 
to infect our computers, but we can fight back. How? For 
starters, says Robert, try updating Windows frequently.
http://www.net-security.org/news.php?id=4877


RETOOLING E-AUTHENTICATION
Draft document recommends that agencies use commercial 
credentials.
http://www.net-security.org/news.php?id=4878


COMPUTER SECURITY 101
It's a jungle out on the Internet, with any number of 
cyberpredators salivating at the prospect of mauling 
your records. Here's how to stop them.
http://www.net-security.org/news.php?id=4879


ARE BIOMETRICS COMING TO A PC NEAR YOU?
Feds investigate adopting biometric 'passwords' to 
stop identity theft.
http://www.net-security.org/news.php?id=4880


SECURITY SPENDING GROWS
Identity management and regulatory compliance are key 
security headaches.
http://www.net-security.org/news.php?id=4883


MONITORING AND MANAGING LINUX SOFTWARE RAID
In this article the author provides an overview of the 
software RAID implementation in the Linux 2.4.X kernel.
http://www.net-security.org/news.php?id=4884


THE JOKE OF FEDERAL CYBERSECURITY OVERSIGHT
The standards for acceptable cybersecurity are known: it's 
time to start holding the people in charge accountable to them.
http://www.net-security.org/news.php?id=4885


YOUR OWN PEOPLE MAY BE THE PROBLEM
A recent independent audit of computer systems at five Internal 
Revenue Service field offices found dozens of security lapses.
http://www.net-security.org/news.php?id=4886


RIAA SITE DISABLED FOR FIVE DAYS
As the Recording Industry Association of America continues its 
push to shut down digital pirates, the industry group suffered 
its own defeat online.
http://www.net-security.org/news.php?id=4887


MONITORING NETWORK INTEGRITY WITH NMAP
Nmap performs all sorts of network scans, from simple ping scans 
to see what hosts on a network are "alive" to more advanced 
scans by protocol and packet type.
http://www.net-security.org/news.php?id=4888


FORENSIC ANALYSIS OF A LIVE LINUX SYSTEM
This article is the first of a two-part series that provides 
step-by-step instructions on forensics of a live Linux system 
that has been recently compromised.
http://www.net-security.org/news.php?id=4889


HOW SECURE IS OS X?
What is the big picture when it comes to Apple security? Is OS X 
safe enough to be a viable contender for running public Web sites 
and general enterprise applications?
http://www.net-security.org/news.php?id=4890


SECURITY VITAL TO SUCCESSFUL REMOTE WORKING
So what are the key dangers for remote working? And what can 
companies do to combat them?
http://www.net-security.org/news.php?id=4891


MPS REASSESS COMPUTER CRIME LAWS
UK legislation aimed at protecting computer users from hackers 
and spammers is to investigated by an influential group of MPs.
http://www.net-security.org/news.php?id=4892


ONE IN THREE FIRMS SUFFER HACKING ATTEMPTS
Survey reveals poor systems security among UK's biggest businesses.
http://www.net-security.org/news.php?id=4893


IE FLAW EXPOSES WEAKNESS IN YAHOO! FILTERING
Flaws in the filtering technology used by Web-based email services 
make it possible for hackers to smuggle viruses past defences.
http://www.net-security.org/news.php?id=4894


DETERMINING WHICH BIOMETRIC TECHNOLOGY IS RIGHT FOR YOU
Unless biometrics can meet your minimum requirements you should 
reject it.
http://www.net-security.org/news.php?id=4895


EU TO LOSE BILLIONS THROUGH SPAM AND VIRUSES
The surging tide of unsolicited emails and malware is set to cost 
European businesses dear.
http://www.net-security.org/news.php?id=4896


USE COMMON SENSE TO BEAT HACKERS
The arrest of a suspected hacker in England in connection with a 
cyber attack against a military website is welcome news.
http://www.net-security.org/news.php?id=4898


CONFIGURING WINDOWS FIREWALL IN WINDOWS XP SERVICE PACK 2
Windows Firewall provides a level of protection from malicious 
users and programs that rely on unsolicited incoming traffic 
to attack computers on a network. 
http://www.net-security.org/news.php?id=4899


HOTMAIL, YAHOO VULNERABLE TO SECURITY FLAW
Hole could let attackers run malicious code on PCs using IE to 
check Web-based email accounts.
http://www.net-security.org/news.php?id=4900


SERVER BREACH LIKELY TO DELAY GNOME
The Gnome Project said Tuesday that its servers have apparently 
been breached, potentially delaying the latest release of its 
desktop system for Linux.
http://www.net-security.org/news.php?id=4901


EUTELSAT DENIES ROGUE DIALLERS ACCUSATION
Angry victims of rogue diallers which ring expensive satellite 
numbers are blaming the wrong company, Eutelsat says.
http://www.net-security.org/news.php?id=4902


NETSKY.P WORM JAMS EMAIL SYSTEMS THIS MORNING
The new variant to the netsky worm is causing numerous 
problems this morning.
http://www.net-security.org/news.php?id=4903


INVESTING IN BLUE CHIP SECURITY
Internet banking is easy and reliable, but the banks are looking 
to a new technology that is smarter and more secure. Guy 
Clapperton says chipped bank cards are on the way.
http://www.net-security.org/news.php?id=4904


POINTSEC FOR PC RECEIVES COMMON CRITERIA CERTIFICATION
Pointsec for PC, a market leader in mobile data protection 
solutions, is the first in its field to achieve Assurance Level 4 
of the internationally-recognised Common Criteria Standard.
http://www.net-security.org/news.php?id=4905


INTERVIEW WITH THE KEYSTROKE CAPERIST
A former claims adjuster for a US insurance company is the first 
to be charged under federal wiretap law for the covert use of a 
hardware keystroke logger, after he was caught using the device 
while secretly helping consumer attorneys gather information to 
use against his own company.
http://www.net-security.org/news.php?id=4906


SECURITY BREACH DELAYS GNOME 2.6 RELEASE
An intrusion by a 'dumb cracker' may set back the release of the 
latest version of the open-source Gnome desktop environment.
http://www.net-security.org/news.php?id=4907


SECURITY PATCHES BY MODEM? FORGET IT!
Let's face it - there is no way for dial-up users on any major 
operating system to keep their computers up-to-date and 
patched. OK, maybe "no way" is an exaggeration. How about, 
"a difficult, burdensome, time-consuming, very prone to 
failure way?"
http://www.net-security.org/news.php?id=4908


USING KEY-BASED AUTHENTICATION OVER SSH
SSH, or secure shell, is a protocol by which users can remotely 
log in, administer, or transfer files between computers using an 
encrypted transport mechanism.
http://www.net-security.org/news.php?id=4909


PORT SCANNING AND NMAP 3.5
Inspired by the release of Nmap 3.5, the latest version of the 
award-winning network security tool, I've been exploring network 
security issues for a couple of weeks now.
http://www.net-security.org/news.php?id=4910


EU COMMISSIONER MAKES HIS VIEWS FELT ON EU NETWORK SECURITY
Mr Erkki Liikanen, Member of the European Commission, responsible 
for Enterprise and the Information Society, spoke on the subject 
of European Network Security at CeBIT Hannover.
http://www.net-security.org/news.php?id=4911

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

Ethereal Multiple Remote Overflow Vulnerabilities
http://www.net-security.org/vuln.php?id=3354


TrendMicro Interscan Viruswall Directory Traversal Vulnerability
http://www.net-security.org/vuln.php?id=3353


Dameware Weak File Encryption Key Clear Transfer Vulnerability
http://www.net-security.org/vuln.php?id=3352


Member Management System 2.1 Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=3351


News Manager Lite 2.5 & News Manager Lite Administration 
Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=3350


Invision Gallery SQL Injection Vulnerabilities
http://www.net-security.org/vuln.php?id=3349


Invision Power Top Site List SQL Injection Vulnerability
http://www.net-security.org/vuln.php?id=3348


Borland Interbase admin.ib Administrative Access Vulnerability
http://www.net-security.org/vuln.php?id=3347


Norton Internet Security Remote Command Execution Vulnerability
http://www.net-security.org/vuln.php?id=3346


Norton AntiSpam Remote Buffer Overrun Vulnerability
http://www.net-security.org/vuln.php?id=3345


Internet Security Systems PAM ICQ Server Response Processing 
Vulnerability
http://www.net-security.org/vuln.php?id=3344


Chrome 1.2.0.0 Buffer Overflow Vulnerability
http://www.net-security.org/vuln.php?id=3343


Error Manager v2.1 for PhpNuke Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=3342


RealNetworks Helix Server 9 Administration Server Buffer 
Overflow Vulnerability
http://www.net-security.org/vuln.php?id=3341


Vcard 2.8 Uninstall Script Vulnerability
http://www.net-security.org/vuln.php?id=3340

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

Debian Security Advisory - emil (DSA 468-1)
http://www.net-security.org/advisory.php?id=3112


Debian Security Advisory - ecartis (DSA 467-1)
http://www.net-security.org/advisory.php?id=3111


Mod_Survey Security Advisory - 2004-03-21, Script injection
http://www.net-security.org/advisory.php?id=3110


SOT Linux Security Advisory - Updated sysstat package for 
SOT Linux 2003 (SLSA-2004:10)
http://www.net-security.org/advisory.php?id=3109


SOT Linux Security Advisory - Updated mozilla package for 
SOT Linux 2003 (SLSA-2004:9)
http://www.net-security.org/advisory.php?id=3108


SOT Linux Security Advisory - Updated apache-ssl package 
for SOT Linux 2003 (SLSA-2004:8) 
http://www.net-security.org/advisory.php?id=3107

----------------------------------------------------------------




[ Articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to articles@net-security.org

----------------------------------------------------------------

VOIP - VULNERABILITY OVER INTERNET PROTOCOL
Just as the VoIP market is finally taking a cautious step towards 
delivering some of its long-overdue promise, the increasing 
priority of IT security may force it two steps back.
http://www.net-security.org/article.php?id=667

----------------------------------------------------------------




[ Reviews ]


All reviews are located at: 
http://www.net-security.org/reviews.php 


----------------------------------------------------------------

SIGNWISE PRO 2.51
Handhelds are steadily becoming a must have for a number of 
organizations and because all the services they provide, we tend 
to cram a lot of important data on them. Some security precautions 
should be considered and the program I'm covering today tends 
to provide secure signature based logon and encryption mechanisms.
http://www.net-security.org/review.php?id=128

----------------------------------------------------------------




[ Webcasts ]


All webcasts are located at: 
http://www.net-security.org/webcasts.php


----------------------------------------------------------------

Sophos Anti-Virus: Stopping viruses in the educational environment
Organized by Sophos on 30 March 2004, 1:00 PM PST
http://www.net-security.org/webcast.php?id=235


Security with the Visual Studio Tools for the Microsoft Office System
Organized by Microsoft on 5 May 2004, 11:00 AM PT
http://www.net-security.org/webcast.php?id=212

----------------------------------------------------------------




[ Conferences ]


All conferences are located at: 
http://www.net-security.org/conferences.php


----------------------------------------------------------------

cansecwest/core04 Conference
Organized by Dursec Ltd. - 21 April-23 April 2004
http://www.net-security.org/conference.php?id=85


Infosecurity Europe 2004
Organized by Reed Exhibitions - 27 April-29 April 2004
http://www.net-security.org/conference.php?id=27


Dallascon Security Conference 2004
Organized by DallasCon - 1 May-2 May 2004
http://www.net-security.org/conference.php?id=73


Computer Security Mexico 2004
Organized by Computer Security Department and UNAM-CERT 
- 27 May-28 May 2004
http://www.net-security.org/conference.php?id=87


RSA Conference 2004 Japan
Organized by RSA Conference 2004 Japan Executive Comittee 
- 31 May-1 June 2004
http://www.net-security.org/conference.php?id=82


Infosecurity Canada Conference & Exhibition 2004
Organized by Reed Exhibitions - 1 June-3 June 2004
http://www.net-security.org/conference.php?id=86


BCS Birmingham IT Security Conference 2004
Organized by British Computer Society - 8 June-8 June 2004
http://www.net-security.org/conference.php?id=81


16th Annual FIRST Conference
Organized by FIRST - 13 June-18 June 2004
http://www.net-security.org/conference.php?id=22


NetSec 2004
Organized by Computer Security Institute - 14 June-16 June 2004
http://www.net-security.org/conference.php?id=20


2004 USENIX Annual Technical Conference
Organized by USENIX Association - 27 June-2 July 2004
http://www.net-security.org/conference.php?id=66


DIMVA 2004
Organized by German Informatics Society - 6 July-7 July 2004
http://www.net-security.org/conference.php?id=47


13th USENIX Security Symposium
Organized by USENIX Association - 9 August-13 August 2004
http://www.net-security.org/conference.php?id=67


The 14th Virus Bulletin International Conference (VB2004)
Organized by Virus Bulletin - 29 September-1 October 2004
http://www.net-security.org/conference.php?id=83

----------------------------------------------------------------




[ Security world ]


All press releases are located at:
http://www.net-security.org/press_main.php

Send your press releases to press@net-security.org

----------------------------------------------------------------

Securify Lands $15 Million In Oversubscribed Round
http://www.net-security.org/press.php?id=2039


Memory Experts International Secures OEM Agreement 
With SAFLINK
http://www.net-security.org/press.php?id=2038


Meru Networks and iPolicy Networks to Provide Unified 
Security for WLANs
http://www.net-security.org/press.php?id=2037


Vigilar Adds Legra Systems' Switching Suite to its 
Best-Of-Breed Wireless LAN Solutions
http://www.net-security.org/press.php?id=2036


One In Three Large Businesses In The UK Had Their Websites 
Attacked By Hackers Last Year, Survey Shows
http://www.net-security.org/press.php?id=2035


Meta Group Confirms Proxy Appliances Warranted For 
Web Control in Most Organizations 
http://www.net-security.org/press.php?id=2034

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:
 
Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


----------------------------------------------------------------
ETHICAL HACKING: SECURITY TESTING FOR PROFESSIONALS
----------------------------------------------------------------
This course teaches you a repeatable, documentable methodology 
that can be used in a professional security testing or penetration 
testing situation.

Get 400$ OFF when you mention Help Net Security!
http://www.net-security.org/v/infosec/
----------------------------------------------------------------