HNS Newsletter
Issue 254 - 28.02.2005.
http://net-security.org

This is a newsletter delivered to you by Help Net Security. It
covers weekly roundups of security events that were in the
news the past week.


----------------------------------------------------------------
REGISTER FOR INFOSECURITY EUROPE 2005
----------------------------------------------------------------
Infosecurity Europe is Europe's number one, dedicated Information
Security event. Now in its 10th anniversary year, Infosecurity
Europe continues to provide an unrivalled education programme,
new products & services, over 250 exhibitors and over 10,000
visitors from every segment of the industry.
----------------------------------------------------------------
Get all the information at: http://www.infosec.co.uk/hns
----------------------------------------------------------------


Table of contents:

1) Security news
2) Vulnerabilities
3) Advisories
4) Articles
5) Software
6) Webcasts
7) Conferences
8) Security World


[ Security news ]


----------------------------------------------------------------

UNDERSTANDING AND IMPLEMENTING ISA 2004 AS AN APPLICATION FIREWALL
ISA Server 2004 (ISA firewall) includes a number of technologies that
provide enhanced security performance for corporate network
infrastructures.
http://www.net-security.org/news.php?id=7192


HOW TO BUILD A SIMPLE WIRELESS AUTHENTICATED GATEWAY USING OPENBSD
Without spending a lot of money you to can build an authenticated
gateway solution to verify your WIFI users.
http://www.net-security.org/news.php?id=7193


DECISION TO SELL ANTIVIRUS PRODUCTS PLACES MICROSOFT IN QUANDARY
If Microsoft Corp. doesn't do more to stem Internet attacks, the
company risks further alienating customers unhappy with the multitude
of threats already facing its ubiquitous software.
http://www.net-security.org/news.php?id=7194


IT ADMINISTRATORS TOLD TO GET HACKING
Time to learn the tricks of the trade, says security expert.
http://www.net-security.org/news.php?id=7195


AUTOMATED PATCHING
Patch management is an essential administration task within todayÕs
busy IT networks with the constant threat of new security bugs. Some
companies will wait for an attack before taking necessary action to
protect themselves from further threat whilst others consider
patching as often as possible.
http://www.net-security.org/news.php?id=7196


PGP MOVING TO STRONGER SHA ALGORITHM
PGP Corporation is planning to migrate to a more secure version of
the Secure Hash Algorithm (SHA) in the upcoming releases of its PGP
Desktop and PGP Universal encryption solutions.
http://www.net-security.org/news.php?id=7197


SECURITY EXPERTS: HACKING ATTACKS RARELY MADE PUBLIC
A security breach that placed consumers at risk for identity theft
grabbed headlines this week but most hacking incidents go unreported
to police or the public, experts said on Thursday.
http://www.net-security.org/news.php?id=7198


SECURITY MOVING CLOSER TO OS, NETWORKS
RSA show highlights need for security companies to redefine roles.
http://www.net-security.org/news.php?id=7199


ONLINE DANGERS INCREASE
Online firms face growing crime menace.
http://www.net-security.org/news.php?id=7200


GARTNER: MICROSOFT SECURITY A 'MISSED OPPORTUNITY'
Analyst Gartner has criticised MicrosoftÕs latest security
announcements, made last week at the RSA conference, as a "missed
opportunity".
http://www.net-security.org/news.php?id=7201


SECURITY BREAKTHROUGH KILLS 'EVIL TWINS'
Delayed password disclosure protocol could thwart wireless hacks.
http://www.net-security.org/news.php?id=7202


CABIR MOBILE PHONE VIRUS HITS THE US
Bluetooth hijacker spreading slowly but surely.
http://www.net-security.org/news.php?id=7203


IS VARIABLE REPONSE THE KEY TO SECURE SYSTEMS?
Intrusion detection software (IDS) first made a serious impression on
the European security market in the late 1990s.
http://www.net-security.org/news.php?id=7204


SAFE AND SECURE - HP'S IPAQ HX2750
Corporate computing is about reliability, connectivity and security,
and HP's iPAQ hx2750 (also known as hx2755) covers all these bases.
http://www.net-security.org/news.php?id=7205


NOVELL APPLIANCE TAKES SECURITY TO THE EDGE
Novell has developed a Linux-based "perimeter security" hardware
appliance that protects companies against security threats such as
hackers, viruses, worms, spam and network intrusions.
http://www.net-security.org/news.php?id=7206


IS YOUR PERSONAL IDENTITY BEING HARVESTED?
The terms "farming" and "fishing" have taken on new meaning, and this
year's "bumper crop" might include the harvesting of your personal and
business identity.
http://www.net-security.org/news.php?id=7207


ENDING THE AGE OF THE PASSWORD
IT directors face the constant challenge of giving the business
enough flexibility to access IT however, wherever and whenever
end-users need to, while keeping out intruders.
http://www.net-security.org/news.php?id=7208


T-MOBILE - ANOTHER HIGH PROFILE COMPROMISE OF CUSTOMER DATA
The phone book, email addresses, and notes from celebrity Paris
HiltonÕs T-Mobile Sidekick were posted on the web, and rapidly
circulated by various online news websites / blogs with perhaps a
questionable disregard of privacy for Paris Hilton herself.
http://www.net-security.org/news.php?id=7209


NEW SOBER WORM MOVING FAST
Latest variant of Sober worm is spreading itself aggressively.
http://www.net-security.org/news.php?id=7210


WILL FIREFOX'S GROWING PROFILE MAKE IT A TARGET FOR ATTACKERS?
Do we live in a perfect world? No. Will additional Firefox
vulnerabilities appear over time? Absolutely. Is Firefox still
significantly safer than Internet Explorer? In my opinion, the answer
unequivocally is yes.
http://www.net-security.org/news.php?id=7211


SECURITY MANAGERS TAKE HEART
IT security is out of hand - too many security threats, too many
security products, too many devices, too much at risk.
http://www.net-security.org/news.php?id=7212


KEEP ONLINE DOCUMENTS SECURE
As companies look for better ways to secure online documents and
E-mail, whether to protect sensitive information or to comply with
government regulations, they're increasingly turning to a growing
class of security software known as enterprise digital-rights
management.
http://www.net-security.org/news.php?id=7213


EU OFFERS PRIVACY GUIDELINES FOR RFID
Commission offers assessment of privacy and data protection issues
related to RFID.
http://www.net-security.org/news.php?id=7214


HOW SERIOUS IS THAT SECURITY FLAW?
Microsoft and Symantec are backing a plan to create a severity
scoring system for software holes.
http://www.net-security.org/news.php?id=7215


VIRUS ALERT: DON'T OPEN FBI E-MAIL
Don't open those e-mail attachments that appear to be from the FBI.
They might contain a computer virus.
http://www.net-security.org/news.php?id=7216


TELECOM FRAUD: THE COST OF DOING NOTHING JUST WENT UP
In today's business environment, IT network security is vitally
important, with security breaches across voice and data networks
growing by the day.
http://www.net-security.org/news.php?id=7217


HP'S PROCURVE TIGHTENS NETWORK SECURITY
New routers and access controller module expected in April.
http://www.net-security.org/news.php?id=7218


FEDS PREPARE SECURITY TEST
The federal government and several international partners will hold a
cyber preparedness exercise in November, Homeland Security Department
officials said here at the RSA Conference.
http://www.net-security.org/news.php?id=7219


ID THEFT VICTIMS COULD LOSE TWICE
People who suffer losses as a result of the recent ChoicePoint
security breach are not likely to find a friend in the courts, even
if they can prove the company is negligent in protecting their data.
http://www.net-security.org/news.php?id=7220


MS AND SECURITY: GOOD EFFORT BUT NO CIGAR
The low-hanging fruit of millions of insecure Windows machines is
rapidly falling from the tree.
http://www.net-security.org/news.php?id=7221


MICROSOFT SETTLES WITH DUTCH SITE OVER ANTISPYWARE ROW
Microsoft to compensate and apologize for flagging the company's
homepage as malicious content.
http://www.net-security.org/news.php?id=7222


VENDORS AGREE VULNERABILITY SCORING SYSTEM
Leading IT suppliers are banding together to develop a system
designed to standardise the rating of security vulnerabilities.
http://www.net-security.org/news.php?id=7223


UK GETS OFFICIAL VIRUS ALERT SITE
A rapid alerting service that tells home computer users about serious
internet security problems is being launched by the UK government.
http://www.net-security.org/news.php?id=7224


HOW CELL PHONES GET HACKED
A cell phone virus turned up at an electronics store in Santa Monica
earlier this week.
http://www.net-security.org/news.php?id=7225


FEDS SQUARE OFF WITH ORGANIZED CYBER CRIME
Computer intruders are learning to play well with others, and that's
bad news for the Internet, according to a panel of law enforcement
officials and legal experts speaking at the RSA Conference in San
Francisco last week.
http://www.net-security.org/news.php?id=7226


SECURITY CONCERN CONSTANT BUT NOT CONSISTENT
Research from Netegrity has shown that security remains a key issue
for UK businesses, but its implementation in the face of current
corporate pressures, most notably access management and regulatory
compliance, is not consistent.
http://www.net-security.org/news.php?id=7227


ORACLE WRAPS TOP-NOTCH SECURITY AROUND LINUX
Oracle has tightened up the security of a number of its products to
allow customers to use them in critical national infrastructures,
including in conjunction with open source technology from Linux.
http://www.net-security.org/news.php?id=7228


WINDOWS FIREWALL HAS A BACKDOOR?
I was just poking around with the Windows Firewall on my system. When
I went to look at the exceptions, I was confronted with an entry that
I couldn't recognize, rk.exe.
http://www.net-security.org/news.php?id=7229


T-MOBILE VOICE MAIL COMPROMISED - HOW TO PROTECT YOURSELF
ItÕs very strange to listen to an MP3 recording of your own voice
mail.
http://www.net-security.org/news.php?id=7230


NO ENCRYPTION FOR E-PASSPORTS
Despite cries from security watchdogs, the United States plans to
roll out RFID-enabled passports without encrypting the personal data,
downplaying theft threats.
http://www.net-security.org/news.php?id=7231


GSA WORKS ON ID GUIDE
General Services Administration officials are developing a guidebook
to help federal agencies comply with the upcoming standards on
issuing secure credentials to their employees and contractors.
http://www.net-security.org/news.php?id=7232


REUTERS REVIEWS IT SECURITY
Need to integrate security with storage and business continuity.
http://www.net-security.org/news.php?id=7233


KEEPING YOUR ORGANIZATIONÕS SECURITY CURRENT
Although cyber security is critically important, there are those
people whose jobs are so demanding that security gets neglected.
http://www.net-security.org/news.php?id=7234


CHINA WALKS OUT OF WIRELESS LAN SECURITY TALKS
China walked out of a wireless standards meeting this week, accusing
the International Organization for Standardization of favoring the
IEEE's 802.11i ANSI-certified wireless LAN security scheme over its
own controverisal proposal, EE Times has learned.
http://www.net-security.org/news.php?id=7235


SPY FEARS SPOOK IBM-LENOVO DEAL
For years the Chinese government fretted that the US was using its
technology lead to spy on the country - but now the tables are
turned.
http://www.net-security.org/news.php?id=7236


FOUR PASSWORDS NEEDED TO FOIL HACKERS
CompTIA warned that people should use multiple passwords, because if
one is compromised or stolen they could become the victim of identity
theft or financial loss. And if the lost password is the same one used
at work, the organization warned that "the consequences for your
employer could be disastrous." 
http://www.net-security.org/news.php?id=7237


YOU ARE YOUR WORST SECURITY LIABILITY
While IT managers scramble to buy products to guard against external
threats, they're ignoring the enemy within: Their own errors in
setting up network security.
http://www.net-security.org/news.php?id=7238


COURTS QUESTION ANTI-PIRACY RULE
The US broadcast regulator has been told by appeal judges it has
"crossed the line" with an anti-piracy tag which stops programmes
being copied.
http://www.net-security.org/news.php?id=7239


CALIFORNIA WOMAN SUES CHOICEPOINT
A California woman has filed the first lawsuit against ChoicePoint
for fraud and negligence in the wake of the company's recent
disclosure that it sold personal information about more than 140,000
people to identity thieves.
http://www.net-security.org/news.php?id=7240


HILTON HACK UNDERSCORES MOBILE SECURITY LAPSES
Kevin Kissell, an architect at MIPS Technologies Inc., said he
wondered "whether the hackers accessed numbers stored in the phone Ñ
a default for most mobiles Ñ or on the SIM card." He also wondered
"whether the outcome might have been different if Ms. Hilton had
stored her numbers on the SIM."
http://www.net-security.org/news.php?id=7241


ID THEFT VICTIMS FACE LIFETIME OF VIGILANCE
Warren Lambert thought it was just another piece of junk mail until
he read the letter more closely and learned that con artists may have
obtained his Social Security number, name and address -- just what
they need to steal his identity and ruin his credit.
http://www.net-security.org/news.php?id=7242


MICROSOFT PATCHES "BLUE SCREEN OF DEATH" IN WINDOWS XP SP2
It may not be the second Tuesday of the month -- Microsoft's normal
day to release security bulletins and patches -- but the
Redmonddeveloper has posted a critical fix to Windows XP SP2.
http://www.net-security.org/news.php?id=7243

----------------------------------------------------------------




[ Vulnerabilities ]


All vulnerabilities are located here:
http://www.net-security.org/archive_vuln.php


----------------------------------------------------------------

phpMyAdmin 2.6.1 Remote File Inclusion and Cross Site Scripting
Vulnerability
http://www.net-security.org/vuln.php?id=4045


phpWebSite 0.10.0 Full Path Disclosure Vulnerability
http://www.net-security.org/vuln.php?id=4044


Sun Solaris kcms_configure Arbitrary File Corruption Vulnerability
http://www.net-security.org/vuln.php?id=4043


PunBB 1.2.1 register.php  SQL Injection Vulnerability
http://www.net-security.org/vuln.php?id=4042


CSGuestbook Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=4041


vbulletin 3.0.6  PHP Code Injection Vulnerability
http://www.net-security.org/vuln.php?id=4040


ADP Elite System Max 9000 Series Login Vulnerability
http://www.net-security.org/vuln.php?id=4039


iGeneric eShop 1.2 Information Disclosure and SQL Injection
Vulnerabilities
http://www.net-security.org/vuln.php?id=4038


phpBB Group phpBB Arbitrary File Disclosure Vulnerability
http://www.net-security.org/vuln.php?id=4037


Avaya IP Office Phone Manager Sensitive Information Cleartext
Vulnerability
http://www.net-security.org/vuln.php?id=4036


TrackerCam 5.12 Multiple Vulnerabilities
http://www.net-security.org/vuln.php?id=4035

----------------------------------------------------------------




[ Advisories ]


All advisories are located at:
http://www.net-security.org/archive_advi.php


----------------------------------------------------------------

Ubuntu Security Notice - gaim vulnerabilities (USN-85-1)
http://www.net-security.org/advisory.php?id=4562


SUSE Security Announcement - SUSE Security Summary Report
(SUSE-SR:2005:006)
http://www.net-security.org/advisory.php?id=4561


Debian Security Advisory - bsmtpd (DSA 690-1)
http://www.net-security.org/advisory.php?id=4560


SUSE Security Announcement - kernel (SUSE-SA:2005:010)
http://www.net-security.org/advisory.php?id=4559


Fedora Legacy Update Advisory - Updated kernel packages fix security
issues (FLSA:2336)
http://www.net-security.org/advisory.php?id=4558


HP Security Bulletin - HP-UX ftpd remote unauthorized access
(HPSBUX01119 SSRT4694 rev.0)
http://www.net-security.org/advisory.php?id=4557


Cisco Security Advisory - ACNS Denial of Service and Default Admin
Password Vulnerabilities
http://www.net-security.org/advisory.php?id=4556


Mandrakelinux Security Update Advisory - squid (MDKSA-2005:047)
http://www.net-security.org/advisory.php?id=4555


Mandrakelinux Security Update Advisory - uim (MDKSA-2005:046)
http://www.net-security.org/advisory.php?id=4554


SUSE Security Announcement - cyrus-imapd (SUSE-SA:2005:009)
http://www.net-security.org/advisory.php?id=4553


Turbolinux Security Announcement - nasm, xine-lib, mc (24/Feb/2005)
http://www.net-security.org/advisory.php?id=4552


Fedora Legacy Update Advisory - Updated vim packages fix security
issues (FLSA:2343)
http://www.net-security.org/advisory.php?id=4551


Fedora Legacy Update Advisory - Updated zlib package fixes security
issues (FLSA:2043)
http://www.net-security.org/advisory.php?id=4550


Fedora Legacy Update Advisory - Updated gdk-pixbuf packages fix
security flaws (FLSA:2005)
http://www.net-security.org/advisory.php?id=4549


Gentoo Linux Security Advisory - Cyrus IMAP Server: Multiple overflow
vulnerabilities (GLSA 200502-29)
http://www.net-security.org/advisory.php?id=4548


Debian Security Advisory - libapache-mod-python (DSA 689-1)
http://www.net-security.org/advisory.php?id=4547


Debian Security Advisory - squid (DSA 688-1)
http://www.net-security.org/advisory.php?id=4546


SUSE Security Announcement - squid (SUSE-SA:2005:008)
http://www.net-security.org/advisory.php?id=4545


Gentoo Linux Security Advisory - PuTTY: Remote code execution (GLSA
200502-28)
http://www.net-security.org/advisory.php?id=4544


Gentoo Linux Security Advisory - gFTP: Directory traversal
vulnerability (GLSA 200502-27)
http://www.net-security.org/advisory.php?id=4543


Fedora Legacy Update Advisory - GNOME VFS updates address extfs
vulnerability (FLSA:1944)
http://www.net-security.org/advisory.php?id=4542


Fedora Legacy Update Advisory - Updated sox packages fix buffer
overflows (FLSA:1945)
http://www.net-security.org/advisory.php?id=4541


Fedora Legacy Update Advisory - Updated cdrtools packages fix a
security issue (FLSA:2058)
http://www.net-security.org/advisory.php?id=4540


Debian Security Advisory - mailman ( DSA 674-3)
http://www.net-security.org/advisory.php?id=4539


Ubuntu Security Notice - squid vulnerabilities (USN-84-1)
http://www.net-security.org/advisory.php?id=4538

----------------------------------------------------------------




[ Articles ]


All articles are located at:
http://www.net-security.org/articles_main.php

Articles can be contributed to articles@net-security.org


----------------------------------------------------------------

TELECOM FRAUD: THE COST OF DOING NOTHING JUST WENT UP
In today's business environment, IT network security is vitally
important, with security breaches across voice and data networks
growing by the day.
http://www.net-security.org/article.php?id=770


AUTOMATED PATCHING: AN EASIER APPROACH TO MANAGING YOUR NETWORK
SECURITY
Patch management is an essential administration task within todayÕs
busy IT networks with the constant threat of new security bugs. Some
companies will wait for an attack before taking necessary action to
protect themselves from further threat whilst others consider
patching as often as possible.
http://www.net-security.org/article.php?id=769

----------------------------------------------------------------




[ Software ]


Windows software is located at:
http://net-security.org/software_main.php?cat=1

Linux software is located at:
http://net-security.org/software_main.php?cat=2

Pocket PC software is located at:
http://net-security.org/software_main.php?cat=3


----------------------------------------------------------------

CRYPT 2 (Mac OS X)
Crypt is a native MacOSX application for encrypting and decrypting
files with a password of your choice. 
http://www.net-security.org/software.php?id=619


DATA RESCUE 10.4.3 (Mac OS X)
Data Rescue is a data recovery tool that recovers your valuable data
during or after a hard disk crisis.
http://www.net-security.org/software.php?id=609


FIREWALL BUILDER 2.0.6 (Linux)
Firewall Builder consists of an object-oriented GUI and a set of
policy compilers for various firewall platforms.
http://www.net-security.org/software.php?id=230


FRAMESEER 1.0 (Mac OS X)
FrameSeer is a network packet capture application.
http://www.net-security.org/software.php?id=613


HENWEN 2.1 (Mac OS X)
HenWen is a network security package for Mac OS X that makes it easy
to configure and run Snort.
http://www.net-security.org/software.php?id=614


IMPASSE 1.2.5 (Mac OS X)
Impasse is the simplest and most flexible firewall configurator
available for Mac OS 10.2.
http://www.net-security.org/software.php?id=600


IPSECURITAS 2.0.6 (Mac OS X)
IPSecuritas lets you easily setup IPSec VPN connections to another
host or network over the Internet, while securing your data by
encryption and authentication.
http://www.net-security.org/software.php?id=599


ISTUMBLER 91 (Mac OS X)
iStumbler is a free, open source tool for finding AirPort networks,
Bluetooth devices and now mDNS services with your Mac.
http://www.net-security.org/software.php?id=620


JELLYFISSH 4.1.1 (Mac OS X)
JellyfiSSH is a simple bookmark manager for connecting to *NIX boxes
like BSD/Linux etc via Telnet or SSH 1 or 2.
http://www.net-security.org/software.php?id=605


KREMLIN 3.0 (Mac OS X)
Kremlin protects your data from intruders, keeps anybody out of your
private files, secure your documents and more.
http://www.net-security.org/software.php?id=606


LOGWATCH 6.0 (Linux)
Logwatch is a customizable log analysis system.
http://www.net-security.org/software.php?id=129


MACSTUMBLER 0.75b (Mac OS X)
MacStumbler is a utility to display information about nearby 802.11b
and 802.11g wireless access points.
http://www.net-security.org/software.php?id=618


NET TOOL BOX 3.0 (Mac OS X)
Net Tool Box is a multi-purpose network utility.
http://www.net-security.org/software.php?id=598


NETSHRED 3.6.1 (Mac OS X)
Protect your privacy with this easy to use Internet privacy software.
http://www.net-security.org/software.php?id=621


PASTOR 1.6 (Mac OS X)
Pastor is a tool to store all your passwords, website logins, program
serial numbers, etc. RC4-encrypted and password-protected.
http://www.net-security.org/software.php?id=617


POD SECRET 1.0.1 (Mac OS X)
Pod Secret allows one to store encrypted notes, medical vaccinations,
credit cards, bank numbers, etc.
http://www.net-security.org/software.php?id=607


RANDOM PASSWORD GENERATOR 1.6 (Mac OS X)
RPG is a password generator that addresses the need for random
passwords of specific lengths and constitutions.
http://www.net-security.org/software.php?id=612


ROOTKIT HUNTER 1.2.1 (Linux)
This scanning tool ensures you're clean of nasty tools.
http://www.net-security.org/software.php?id=531


ROOTKITREVEALER 1.0 (Windows)
RootkitRevealer is an advanced rootkit detection utility.
http://www.net-security.org/software.php?id=623


SECRETSERVICE 0.3 (Mac OS X)
SecretService enables you to encode text in all OS X aware
applications with just one click.
http://www.net-security.org/software.php?id=611


SECRETSHREDDER 0.4.2 (Mac OS X)
SecretShredder will clean your drive so that data never comes back.
http://www.net-security.org/software.php?id=610


STELLARDNS 0.3b (Mac OS X)
StellarDNS allows you to edit the configuration files associated with
DNS without knowing complicated syntax constructs or resorting to
command-line tools.
http://www.net-security.org/software.php?id=615


STELLARRADIUS 0.3 (Mac OS X)
Stellar RADIUS is designed to facilitate the editing of freeRADIUS
file formats and the functions necesary specifically for Apple's
Airport Base Stations.
http://www.net-security.org/software.php?id=616


SUNSHIELD 1.50 (Mac OS X)
sunShield is a GUI that enables a user to configure 'ipfw', a packet
filtering based firewall that sits in the kernel.
http://www.net-security.org/software.php?id=603


THREATSENTRY 2.0 (Windows)
ThreatSentry uses a complex automated learning process to
continuously collect, analyze and organize server events into an
evolving baseline of acceptable activity.
http://www.net-security.org/software.php?id=505


TINYCA 0.6.8 (Linux)
TinyCA is a simple graphical user interface to manage a small CA
(Certification Authority).
http://www.net-security.org/software.php?id=308


TRESOR 2.2.2 (Mac OS X)
Tresor is a file and folder encryption application for Macintosh.
http://www.net-security.org/software.php?id=622


VICTOR 1.1 (Mac OS X)
Victor is utility for additional security on your computer.
http://www.net-security.org/software.php?id=604


WAP MAP 1.0 (Mac OS X)
WAP Map is a wireless network mapping tool.
http://www.net-security.org/software.php?id=608


WEB CONFIDENTIAL 3.7.5 (Mac OS X)
Web Confidential gives you access to your passwords from within your
browser and from the Mac OS X Dock.
http://www.net-security.org/software.php?id=601


WEBSCARAB 20050222-220 (Windows)
WebScarab is a framework for analysing applications that communicate
using the HTTP and HTTPS protocols.
http://www.net-security.org/software.php?id=504


XML SECURITY LIBRARY 1.2.7 (Linux)
XML Security Library is a C library based on LibXML2 and OpenSSL.
http://www.net-security.org/software.php?id=197


XNMAP 2.2.1 (Mac OS X)
XNmap is a free Cocoa user interface to the nmap command line
program, written for Max OS X 10.3.
http://www.net-security.org/software.php?id=597


XWEPGEN 0.8 (Mac OS X)
xwepgen lets Mac OS X users use WEP passphrases from nearly all
non-Apple 802.11b software and hardware to connect to encrypted
wireless networks.
http://www.net-security.org/software.php?id=602

----------------------------------------------------------------




[ Webcasts ]


All webcasts are located at:
http://net-security.org/webcasts.php


----------------------------------------------------------------

Live Product Demonstration: Retina Enterprise Suite
Organized by eEye on 2 March 2005, 1:00 PM
http://www.net-security.org/webcast.php?id=360


Endpoint Security for Business Continuity: Protection from the Known
and Unknown
Organized by eEye on 2 March 2005, 3:00 PM
http://www.net-security.org/webcast.php?id=359


Live Product Demonstration: Retina Remediation Manager
Organized by eEye on 3 March 2005, 2:00 PM
http://www.net-security.org/webcast.php?id=361


Vulnerability Expert Forum US
Organized by eEye on 9 March 2005, 1:00 PM
http://www.net-security.org/webcast.php?id=277


Vulnerability Expert Forum Europe
Organized by eEye on 10 March 2005, 3:30 PM
http://www.net-security.org/webcast.php?id=258


Live Product Demonstration: SecureIIS Web Server Protection
Organized by eEye on 11 March 2005, 2:00 PM
http://www.net-security.org/webcast.php?id=362

----------------------------------------------------------------




[ Conferences ]


All conferences are located at:
http://net-security.org/conferences.php


----------------------------------------------------------------

Financial Cryptography and Security (FC 05) Ninth International
Conference
Organized by RSA Security - 28 February-3 March 2005
http://www.net-security.org/conference.php?id=110


International Workshop on Coding and Cryptography (WCC 2005)
Organized by Selmersenteret, INRIA - 14 March-18 March 2005
http://www.net-security.org/conference.php?id=111


Third IEEE International Information Assurance Workshop (IWIA'05)
Organized by IEEE Computer Society Task Force on Information
Assurance - 24 March-25 March 2005
http://www.net-security.org/conference.php?id=112


Black Hat Briefings & Training Europe 2005
Organized by Black Hat Briefings - 26 March-1 April 2005
http://www.net-security.org/conference.php?id=130


ECCE E-crime and Computer Evidence 2005
Organized by n-gate ltd. - 29 March-30 March 2005
http://www.net-security.org/conference.php?id=94


Indonesia Cryptology and Information Security Conference 2005
Organized by Lembaga Sandi Negara RI - 30 March-31 March 2005
http://www.net-security.org/conference.php?id=113


The 1st International Workshop on Systems and Network Security
(SNS2005)
Organized by University of Colorado at Colorado Springs - 4 April-8
April 2005
http://www.net-security.org/conference.php?id=114


Infosec World 2005
Organized by MIS Training Institute - 4 April-6 April 2005
http://www.net-security.org/conference.php?id=128


Black Hat Briefings & Training Asia 2005
Organized by Black Hat Briefings - 5 April-8 April 2005
http://www.net-security.org/conference.php?id=131


OWASP AppSec Europe 2005 Conference
Organized by OWASP - 9 April-10 August 2005
http://www.net-security.org/conference.php?id=132


4th Annual PKI R&D Workshop (PKI'05)
Organized by National Institute of Standards and Technology - 19
April-21 April 2005
http://www.net-security.org/conference.php?id=115


Infosecurity Europe 2005
Organized by Reed Exhibitions - 26 April-28 April 2005
http://www.net-security.org/conference.php?id=126


DallasCon 2005 Professional Cyber Defense Conference
Organized by DallasCon - 2 May-5 May 2005
http://www.net-security.org/conference.php?id=127


The International Conference on Computational Science & Its
Applications (ICCSA 05)
Organized by Institute of High Performance Computing - 9 May-12 May
2005
http://www.net-security.org/conference.php?id=116


The 18th International FLAIRS Conference
Organized by The American Association of Artificial Intelligence - 16
May-18 May 2005
http://www.net-security.org/conference.php?id=117

----------------------------------------------------------------




[ Security World ]


All press releases are located at:
http://www.net-security.org/press_main.php

Send your press releases to press@net-security.org


----------------------------------------------------------------

Vircom Joins the London Action Plan on Anti-spam Enforcement
http://www.net-security.org/press.php?id=2973


GFI Network Server Monitor 6 Checks Terminal Server And Linux
http://www.net-security.org/press.php?id=2972


CSC And Symantec Team To Offer End-To-End Managed Security Services
http://www.net-security.org/press.php?id=2971


Launch Of The New Panda Activescan
http://www.net-security.org/press.php?id=2970


Vircom Will Reveal Their Modus 4.1 E-Mail Security Solution at CeBIT
http://www.net-security.org/press.php?id=2969


Utimaco Doubles Its Growth Target to at Least 20 Percent After Record
Half-Year
http://www.net-security.org/press.php?id=2968


Information Security Forum Announces New Standard Of Good Practice
For 2005
http://www.net-security.org/press.php?id=2967


California State University, Fullerton, Launches Major Research
Project About Biometric Identity and Access Management
http://www.net-security.org/press.php?id=2966


FrontBridge Adds Fully-Managed Email Continuity Service Guaranteeing
Zero Email Downtime Or Productivity Loss During Network Outages
http://www.net-security.org/press.php?id=2965


DFN-CERT Secures E-Mail Lists of European IT Security Experts with
Zertificon Solutions
http://www.net-security.org/press.php?id=2964


T†V certifies the quality and excellent performance of ClientShield
with TruPreventª Technologies
http://www.net-security.org/press.php?id=2963


Eicon Networks Develops SSL-VPN For Secure Remote Working
http://www.net-security.org/press.php?id=2962


For Enhanced Network Security, Network Utilities Launches
Steel-Belted Radius v5.0 in the UK
http://www.net-security.org/press.php?id=2961

----------------------------------------------------------------

Questions, contributions, comments or ideas go to:

Help Net Security staff
staff@net-security.org
http://net-security.org

----------------------

Unsubscribe from this weekly digest on:
http://www.net-security.org/subscribe.php

The archive of the newsletter in TXT and PDF format is available 
http://www.net-security.org/newsletter_archive.php


----------------------------------------------------------------
REGISTER FOR INFOSECURITY EUROPE 2005
----------------------------------------------------------------
Infosecurity Europe is Europe's number one, dedicated Information
Security event. Now in its 10th anniversary year, Infosecurity
Europe continues to provide an unrivalled education programme,
new products & services, over 250 exhibitors and over 10,000
visitors from every segment of the industry.
----------------------------------------------------------------
Get all the information at: http://www.infosec.co.uk/hns
----------------------------------------------------------------