Tuesday, June 29, 2004

VeriSign introduces e-mail, antiphishing services

Great News:New services from Internet infrastructure company VeriSign Inc. will help businesses fight unsolicited commercial ("spam") e-mail, computer viruses and a form of online fraud known as "phishing"

The company on Monday unveiled VeriSign Email Security Service, a managed e-mail service that intercepts, scans and filters e-mail traffic before passing it to customer e-mail servers. A separate program, called the Anti-Phishing Solution, helps companies detect and combat scams that target their customers, VeriSign said.

The new services will help organizations preserve the usefulness of e-mail communications and fight modern-day scourges like spam e-mail that are lowering worker productivity, said Chad Kinzelberg, a VeriSign vice president. VeriSign will use its high-end networking infrastructure and reputation as the largest certificate authority and manager of two of the Internet's Domain Name Service root servers to attract customers who want relief from spam and viruses, but demand "100 percent uptime"

To use the service, VeriSign customers will modify the mail exchange (or "MX") record for their e-mail domain to point to VeriSign's Email Security Service servers. MX records tell other e-mail servers using the SMTP (Simple Mail Transfer Protocol) what server to deliver e-mail to for that domain.

The new VeriSign Anti-Phishing Solution service takes a similar approach, with VeriSign repackaging data, expertise and technology already used in other services.

Phishing scams are online crimes that use spam e-mail to direct Internet users to Web sites resembling legitimate e-commerce sites, but are actually controlled by thieves. The sites ask users for sensitive information such as a password, social security number, bank account or credit card number, often under the guise of updating account information.

The Email Security Service is free for the first 30 days. After that, the service will cost between US$1 and $3 per user per month. Prices for the Anti-Phishing Solution vary depending on the consulting and technology services the customer selects, Kinzelberg said.

Both new services are available on July 12

VeriSign is working with Microsoft and plans to support the Sender ID specification that Microsoft submitted to the Internet Engineering Task Force last week. Sender ID combines Microsoft's Caller ID specification with Sender Policy Framework, a similar standard created by Meng Weng Wong, co-founder and chief technology officer at Pobox.com, an e-mail forwarding service.

VeriSign will also make its Verified Domains List freely accessible to antispam software and service providers in an effort to foster email authentication adoption and spam's eventual elimination, the company said Monday.

"We're in an arms race with spammers," Kinzelberg said. "It's a game of one-upmanship that's difficult to win. Once we know who's sending e-mail, it gets a lot easier."

Tuesday, June 22, 2004

New Internet Explorer holes causing alarm

The four flaws could allow hackers to run attack code on Windows systems

Four new holes have been discovered in the Internet Explorer Web browser that could allow malicious hackers to run attack code on Windows systems, even if those systems have installed the latest software patches from Microsoft Corp., security experts warned.

Some of the flaws are already being used to attack Windows users and include a glitch that allows attackers to fake or "spoof" the address of a Web page, as well as vulnerabilities that enable malicious pages from the Internet to be handled by Internet Explorer with very little scrutiny or security precautions.

A Microsoft spokeswoman acknowledged the reports and said the software company is looking into the attacks and is considering what steps to take, including the release of an emergency security patch to address the problems.

Word of the four vulnerabilities surfaced in security discussion newsgroups in recent weeks. Two of the vulnerabilities, allows attackers to load content from malicious Web pages while displaying the Web address of legitimate sites in the Web browser's address bar. Attackers could trick users into clicking on the bogus Web links using e-mail messages or by linking from other Web pages.

The vulnerability is very similar to another hole uncovered in December that allowed attackers to hide the real location of a Web page by including the characters %01 before the @ symbol in a URL. The new vulnerability allows attackers to hide the actual address of the Web page that's being loaded by prefacing the address with the characters ::/ with some Internet Explorer Web site addresses, according to security company Secunia.

"Conceptually, it's very similar to the %01 problem, and [the flaw] is in a related part of the Internet Explorer code," said Thor Larholm, senior security researcher at PivX Solutions LLC.

Another unpatched hole, called a "cross-zone scripting" vulnerability, allows attackers to trick Internet Explorer into loading insecure content using relaxed security precautions typically applied to files stored on the local hard drive or obtained from any trusted Web site

VoIP needs serious security review, say experts

Internet protocol-based voice networks may be the wave of the future, but they will require a whole new approach to security, warned telecoms experts at the VON Europe voice-over IP conference.

A wide-ranging program ranged from the nuts and bolts of connecting 3G and IP networks to a look at "disruptive" VoIP systems that could permanently change the way people use telephony. The most controversial presentation was from Niklas Zennstrom, CEO of peer-to-peer VoIP service Skype Technologies, who argued that traditional telcos are heading for oblivion.

And as if in response, BT announced just hours later its plans to turn its entire PSTN phone network into an IP work by 2009.

Monday, June 21, 2004

New gadgets take on 'Starbucks' security threat

'our worst fears'
'all had seen it commin'

The growth in popularity of both wireless technology and mobile computing has created a potent new threat for network administrators: unauthorized intrusions onto their networks by hackers and viruses that take advantage of loosely secured laptop PCs and public computer kiosks.

Malicious hackers and worms can slip past heavily fortified network perimeters by compromising computers in home offices, tunneling through virtual private network (VPN) sessions from compromised computers, or taking advantage of wide-open public wireless hotspots like those offered by coffee house giant Starbucks Corp.

Encrypt Sensitive Configuration Data with Java

When hackers break into your network, make sure they can't find out your secrets. It's a little more work to encrypt sensitive data, but the Java Cryptography Extension (JCE) makes it straightforward.

When application developers are developing, parameters are often hard-coded in the source code. These hard-coded parameters are often pulled out of the source code and put into property files or configuration files. System and network security policies may force a developer to address security concerns over the data that is stored in external files. So, how do you make sure that your sensitive external parameters are safe?

One way to solve this problem is to encrypt the data before it is written to the external file, then read and decrypt the data before using it in your application. The Java Cryptography Extension (JCE) provides an API that will let you do this.

Symmetric or "single key" encryption is a good choice for solving this type of problem. Single key encryption uses the same key to encrypt and decrypt data. DES and DESede are two single key encryption schemes. I will show you how to solve this problem using either of these encryption schemes with the JCE.

Read the full article ( author : javid Jamae )

Saturday, June 19, 2004

IBM offers new e-mail defense !!!

IBM on Friday unveiled an e-mail service meant to stop viruses and spam before they get inside a company's network.

The new E-mail Security Management Services technology, based on work done by e-mail security firm MessageLabs, monitors inbound and outbound messages outside a company's network to help prevent uncontrolled distribution of harmful and unwanted content, IBM said.

The managed service uses a combination of scanning and predictive technology to detect viruses, and an image filter to weed out lewd and otherwise unwanted pictures. Likely spam messages are quarantined before they can build up in a company's internal storage

Spam and viruses are taking a toll on businesses, clogging network resources, disrupting employees' work and even knocking companies completely offline. Last year's MyDoom, which propagated itself with millions of messages loaded with malicious software code ravaged a large number of computers around the world.

Pricing of the new product is determined according to a company's computing setup and other factors worked out with IBM. The service is available now worldwide.

Friday, June 18, 2004

New technical glitches dog Yahoo !!!

BEIJING, June 18
A number of Yahoo services have stumbled for the second time this week as the Internet giant worked to resolve a hardware problem.

In the latest glitch, users may have experienced a slow response from the company's servers for about three hours. Some people also reported that they were unable to log onto Yahoo's instant messaging program.

The company released a statement describing the problem as an "isolated hardware-related issue."

It was unrelated to Tuesday's incident in which Yahoo and several other websites were sluggish or entirely inaccessible for two hours.

Experts claims the problems were caused by a "sophisticated" attack.

Yahoo users also reported problems this week with its newly upgraded e-mail service.

Wednesday, June 16, 2004

Do-Not-Spam List Great For Spammers !!!

A national registry of consumer e-mail addresses would make things easier for spammers and could actually increase the total amount of spam, the Federal Trade Commission has concluded.

As part of the federal CAN-SPAM Act, which became law in January, the FTC was mandated to report on the feasibility of establishing a National Do Not E-Mail Registry, similar to the wildly successful Do-Not-Call registry. Today, the FTC published its report, which concluded the idea is a wash.

"We learned that when it comes down to it, consumers will be spammed if we do a registry and spammed if we do not," FTC Chairman Timothy Muris told reporters at a press conference today. "Spammers would ignore the law," Muris said. "Even worse, they'd use the registry as a source of valid -- and spammable -- addresses. It would be virtually impossible to stop them."

According to the report, a national registry would fail to reduce the amount of spam consumers receive, might increase it, and could not be enforced effectively.

Instead, the FTC recommended that private industry, including ISPs, e-mail marketers, e-mail service providers and software companies, should work together to form a standard for e-mail authentication that would prevent spammers from hiding their tracks and evading Internet service providers' anti-spam filters and law enforcement.

Microsoft Announces Windows XP SP2 Release Candidate 2

Microsoft announced the second release candidate (RC2) of Windows XP Service Pack 2 as it strives to meet its revised, end-of-summer delivery deadline.

The RC2 code that was made available Monday had been promised for release in mid-May, but the date shifted after Microsoft confirmed last month that the final release of Windows XP2 had slipped until the third quarter. The beta was first released in December and RC1 appeared in March. The Windows update was originally scheduled to ship during the first half of 2004.

In spite of the delay, solution providers expect a significant uptake of Windows XP SP2 due to the enhanced security settings, an improved Windows Firewall, new features and data execution improvements designed to reduce the attack surface of Windows and frustrate would-be hackers.

The update, the first significant update since Windows XP SP1 was released in September 2002, also boasts a new Windows Security Center as well as an attachment manager that guards against dangerous e-mail. It also promises several improvements to the more vulnerable Web browser, including an Internet Explorer pop-up blocker, information bar and download monitoring.

The update also incorporates a host of other new features including native Bluetooth support, a new wireless LAN client and upgrades to Windows Media Center Edition 2004, Windows Media Player 9.0b, DirectX and XP Tablet PC Edition 2005.

First Worm For Mobile Phones Detected

Russian antivirus firm Kaspersky Labs says the worm, named Cabir, infects mobile phones running the Symbian operating system. nokia phones beware !!!

Russian antivirus software maker Kaspersky Labs Ltd. says it has verified the first worm designed to infect mobile phones.
Named Cabir, the worm infects mobile phones running the Symbian operating system, Kaspersky said in an alert. Cabir appears to be a so-called "proof of concept" worm, and Kaspersky says it hasn't detected any signs that the worm is spreading.

According to Kaspersky, Cabir propagates as a Symbian operating system distribution file, or SIS file, but is disguised to appear as a Caribe Security Manager utility. The worm will display the word "Caribe" on the screen of infected phones.

Similar to old-fashioned boot-sector viruses, Cabir will activate each time the phone is started, scan to nearby Bluetooth-enabled phones, and then transmit a copy of itself to the first phone it reaches.

Virus researchers have long warned that more types of malicious software will be aimed at handheld devices and mobile phones as the operating systems in these devices increased in complexity.

Antivirus and security experts don't expect to see Cabir successfully spread in the wild because of the close proximity required for Bluetooth.

Kernel flaw makes Linux crash easily

A flaw in the Linux kernel allows a 20-line C program to crash most distributions using the 2.4 and 2.6 kernels running on x86 and x86-64 architectures, according to security researchers.
The problem means that anyone with an ordinary user account on a Linux machine can crash the entire server, according to Oyvind Saether, who discovered the bug along with Stian Skjelstad. Administrator access isn't required.

"Using this exploit to crash Linux systems requires the (ab)user to have shell access or other means of uploading and running the program (like cgi-bin and FTP access)," Saether wrote in an advisory on Friday. "This exploit has been reportedly used to take down several lame free-shell providers' servers."

Linux developers released a kernel patch to coincide with the advisory, available on Kernel.org. Major Linux vendors have also begun releasing their own versions of the fix, including Red Hat Inc.'s Fedora Project and Gentoo Linux.

The most recent updates to the Linux kernel, to be available in Version 2.6.7, fix the problem, according to Linus Torvalds. The new version is expected to be available today.

The bug is in the way the kernel handles floating point exceptions, developers said. While it is serious, two factors limit the danger: It can be exploited only by someone with a valid user account, and it doesn't allow the attacker to gain control of the system.

Death penalty worm spreading

A multilingual worm, Zafi-B, is rapidly spreading using peer-to-peer file sharing networks and e-mail according to anti-virus supplier Sophos.

The worm first appeared on 11 June, and uses a variety of languages, including Hungarian, English, Italians and Spanish.

The worm can display a message box in Hungarian calling for the death penalty and accommodation for the homeless.

"The Zafi-B worm has accounted for over 60% of the reports to Sophos' global network of monitoring stations over the past 24 hours, making it the most widespread email worm at the moment," said Graham Cluley, senior technology consultant for Sophos.

Sunday, June 13, 2004

Trend Micro antivirus to power Cisco routers

Cisco Systems Inc., the world's largest maker of equipment that directs Internet traffic, said it would integrate Trend Micro Inc.'s technology to block computer viruses and worms with its software in a bid to make corporate networks more secure.

Under the multiyear deal, Cisco will incorporate Trend Micro virus and worm technologies with its intrusion detection system software used on its routers and switches.

With its core switch and router markets maturing, Cisco has turned in recent years to other markets, including security, Internet voice transmission and home networking, to boost its growth prospects.

"If the network can automatically take some action to make sure it stays up despite being under attack, that's a good thing in the world of networking," IDC senior analyst Abner Germanow said. "This is a really big move."

Corporations spend about $20 billion a year globally on networking devices, according to IDC. Installing virus- and worm-detection software on routers and other gear is designed to take the onus off individual personal computer users, the biggest culprits for unwittingly spreading malicious code.

"It shows that security is starting to penetrate the basic infrastructure," Meta Group research analyst Peter Firstbrook said. "Going forward, you'll have fewer and fewer dedicated security boxes."

The current practice of installing a firewall and virus-scanning software on a PC is effective in stopping some of, but not nearly all, the increasingly potent worms and viruses circulating on the Internet, this new approach is to design routers that can automatically identify and stop malicious traffic in its tracks.

Security Pays Off as Hack Attacks Decline

Computer security experts say enterprise losses due to cybercrime declined steeply last year, according to a new survey. The results suggest that enterprises may be gaining the upper hand in the battle against hackers.

Financial losses due to cybercrime declined steeply last year, suggesting that enterprises are gaining ground in the battle against hackers.
Participants in a annual survey, conducted by the Computer Security Institute, said their financial losses from cybercrime totaled US$141.5 million for the past year, marking a steep drop from losses of $201.8 million reported by the previous year's respondents.
The findings, based on responses from 494 computer security practitioners in U.S. corporations, government agencies, financial and medical institutions, and universities, show that financial losses attributed to cybercrime have declined for the third year in a row.

The survey also indicates that denial-of-service attacks are now the most expensive problem for organizations ($26 million), moving past theft of intellectual property ($11.4 million), which previously was the most costly security issue. Insider network abuse ranked third, closely followed by unauthorized use of wireless networks.

chk out these: 1 2

Critical security flaw in Oracle SW

A US based security firm Integrity hired by the US anti-terror government department, Homeland Security (DHS) has warned of critical security vulnerabilities in Oracle software. Said an online report.

According to DHS serious problems can occur if a user tries to access the unpatched version of the database software using a Web browser. The report said unpatched version of databases were 'vulnerable to SQL injection attacks.'

DHS has warned that this vulnerability can harm the underlying operating system as well as data integrity.

Currently, the flaw has been found in Oracle E-Business Suite 11i and 11.5.1 through 11.5.8 and all releases of Oracle 11. Versions 11.5.9 onwards have not shown any such defect.

This looks like a critical problem as many key government departments as well as organizations worldwide use Oracle's products. However, the database giant has taken remedial action by releasing a patch for the same.

MS launches 'Protect your biz'

Microsoft Corporation India Pvt. Ltd. has announced the 'Protect Your Business' aimed at IT administrators in small, medium and large enterprises. Under this campaign, Microsoft will roll out various initiatives, which will help enterprises secure their IT environment by providing information, tools, guidelines, and updates on a regular basis. As a part of this program Microsoft also announced the immediate availability of the Security Guidance Kit (SGK).

The kit will serve as a resource pool providing third party tools, templates and how to guides for addressing common security concerns facing organizations today. Customers can order the Security Guidance Kit at: http://www.microsoft.com/india/security. The SGK will be delivered within three-four weeks of placing the order.

News : 1 2 3

Microsoft Files New Lawsuits Against Spammers

Microsoft filed eight lawsuits against spammers it accused of deceiving consumers and using false information to hide their identities. "These spammers sent millions of emails individually--some hundreds of millions--soliciting a variety of products including body enlargement pills, prescription drugs, dating services, university degree programs, and work-at-home and get-rich-quick scheme offers," a Microsoft release stated. This set of lawsuits is the most recent salvo in a legal effort that began last summer; since then, Microsoft has pursued more than 80 lawsuits against spammers around the globe, the company noted. I wish I could get excited about these suits but evidence mounts that spam is more of a problem now than ever before.

Half-Life 2 Thieves Arrested by Online Gamers !!!

Last fall, game-developer Valve shocked gaming enthusiasts when the company revealed that hackers had broken into its network and stolen all the source code for the eagerly awaited Half-Life 2, which was
originally set to ship last September. Now delayed until this fall, Half-Life 2 is still the subject of much anticipation. This week,
Valve announced that the thieves who stole the source code have been arrested. "Within a few days of the announcement of the break-in, the online gaming community had tracked down those involved," Valve CEO Gabe Newell said.
"It was extraordinary to watch how quickly and how cleverly gamers were able to unravel what are traditionally unsolvable problems for law enforcement related to this kind of cybercrime." Although the identities and nationalities of the thieves are currently unknown, multiple individuals were arrested.

Saturday, June 12, 2004

RSS Security Bulletin Feeds

TechNet is now providing an RSS (Really Simple Syndication) Feed for its Security Bulletins, with more RSS content for IT pros on the way in the months ahead. RSS feeds deliver new content to you on the topics you are interested in. All you need to take advantage of these feeds is a RSS client, such as one of the titles listed below.

Here's the FEED

Thursday, June 10, 2004

WEBCAST: Improve eBusiness with Identity & Access Management

With a growing user population and proliferation of web applications, a leading, multi-billion dollar, global food manufacturer needed a unified framework to provide fine-grained control over access to critical information and resources. To overcome this challenge, they implemented a rules-based web access management solution to centrally control and manage access to web resources while providing a better user experience for customers and partners through web single sign-on. Find out how web single sign-on and user privilege management, key elements of identity & access management, made customer and partner relationships more effective and profitable.

WEBCAST : Writing Secure Code - Threat Defense

MSDN Webcast: Writing Secure Code – Best Practices – Level 300

this session is for experienced developers, you will build upon existing knowledge of secure coding best practices to learn about analyzing, mitigating and modeling threats. The session will discuss established threat modeling methodologies and tools and show how they can be applied with other best practices to minimize vulnerabilities and limit damage from attacks.

More flaws foul security of open-source repository

// code under development //

Security researchers have found at least six more flaws in the open-software world's most popular program for maintaining code under development.

The security flaws underscore the advice of CVS Project leaders, who say development teams should not be placing source-code repositories directly on the Internet. Rather, the repositories should be accessible only on private local networks or through VPNs (virtual private networks), said Derek Robert Price, one of three maintainers of the CVS Project and the project's release manager.

Major open-source projects, including the Apache Foundation's Apache Web server and the GNOME and KDE Linux desktops, use the Concurrent Versions System to manage code under development. The software allows programmers to check in changed code, and it tracks the different versions of a program under development.

Earlier in may :
Flaws drill holes in open-source repository

Sunday, June 06, 2004

Threats and Countermeasures

This download contains guidelines for architecting, designing, building, reviewing, and configuring secure to build hack resilient ASP.NET Web applications across the application tiers, technology, and servers. Topics include Threats and Countermeasures; Threat Modeling; security review for architecture, design, code and deployment; Hosting web applications; CAS; securing web, application and database servers; ASP.NET, Enterprise Services (COM+), Web Services, Remoting, and data access (including ADO.NET and SQL Server).

Source URL.


Saturday, June 05, 2004

Apple talks up security

The Mac operating system, once thought of as invulnerable, has recently copped its share of criticism

When it comes to security, Apple Computer's report card reads like that of a gifted child: high marks for achievement, but needs to communicate better with others.

In general, the Mac operating system has seen far fewer bugs than its Windows counterpart. But some say a recent vulnerability demonstrates that the notoriously tight-lipped company must communicate more openly on security issues and move more quickly when it comes to plugging holes.

"I think there's room for improvement with their response speed on problems with their own code," said Chris Adams, a Mac user and system administrator for San Diego's Salk Institute for Biological Studies, a research centre that's played a part in training five Nobel Prise-winning scientists. "The general pattern is complete silence for months and then a terse announcement when the update is released."

Adams said Apple has done a pretty good job of updating the operating system to fill holes found in various Unix components. But what is needed, Adams and others contend, is more dialogue about what the company is doing with regard to security.

"At the very least, they need to communicate with the people who report these problems, so it's obvious that work is happening," Adams said in an email interview. "Depending on the problem, it may also be a good idea to announce a workaround if a fix won't be available quickly."

The issue of Apple's communication with the security industry came to the forefront last month. Researchers went public with a combination of vulnerabilities that, if exploited, could allow a Mac to be taken over by hackers. One of the researchers involved, a coder known as "lixlpixel," said he privately notified Apple of a problem in February but went public with his findings in May after not hearing back from the company.

Apple senior vice president Phil Schiller said the Mac's security is good and noted that the company is under more scrutiny now that the Mac is facing what he described as the first critical vulnerability since the release of Mac OS X three years ago.

According to Schiller, there was more to the critical issue Apple wound up addressing in May than just the flaw reported to the company several months earlier...

Microsoft's anti-spam plan

Microsoft's plan to reduce spam by forcing an email sender's machine to solve a puzzle may be defeated by the Internet's army of zombie PCs, say security experts

One of Microsoft's plans to fight the spam epidemic is unlikely to adversely affect spammers or reduce the quantity of spam, according to security experts.

Microsoft's chairman Bill Gates has been calling for the IT industry to work together and eradicate the spam problem. About six months ago he unveiled an initiative called Penny Black, which was a method for reducing a spammer's ability to send large volumes of unsolicited emails using Hotmail and MSN accounts. He suggested making the senders' computer process a complicated mathematical puzzle, which takes approximately 20 seconds, before each message is released. The puzzle's result is attached to the email's header, so that a receiving gateway can recognise emails that have been through the process and allow them to pass.

Security experts welcomed Gates' plan in principal because it made sense to try and throttle back a computer's resources enough to stop it sending out enormous volumes of spam. However, they fear that in practice this approach might be flawed, because most spam is sent from zombie PCs, computers that have been infected by a type of virus or Trojan horse. Infected machine may be owned by an innocent home user but they are controlled by organised criminals over the Internet.

Simon Perry, the vice president of security at Computer Associates, warned that if a consumer's machine was taken over by a Trojan that used Hotmail to send spam, it would cause serious problems.

"If the machine has been taken over by a Trojan, and assuming the Trojan is not using its own SMTP engine, 20 seconds could turn into 200,000 seconds," Perry said.

latr a servey of IT security professionals conducted at the Infosecurity show in London this week revealed that more than 80 percent of people do not think that Bill Gates' pledge to eliminate spam within two years is realistic.

'lets hope'

Windows gets 'strong' passwords as SecurID trials kick off

RSA Security and Microsoft have started beta testing a product designed to kill off the traditional password

Microsoft and RSA Security on Wednesday started beta testing a product designed to phase out the use of traditional passwords and replace them with automatically generated passwords from a SecurID token.

SecurID is one of the most popular two-factor authentication systems and is already used by many large enterprises. The token is about the size of a matchbox and generates a new six-digit code every minute.

Users are given an easy-to-remember PIN number to type in alongside the code displayed on the token. With an integrated SecurID system within Windows, enterprises should find easier and cheaper to ensure users do not use weak passwords or forget them.

George Anderson, IT security business development manager at services firm Computacenter, which is one of the participants in the beta trial, said the SecurID and Windows combination is a welcome relief.

The beta test programme is being rolled out to a small number of companies and is expected to last around a month. RSA Security expects the full commercial version to be available in shortly after the trial ends.

Jason Lewis, vice president of product management at RSA Security, said the technology complements RSA's core business, which is to authenticate remote users.

"We've been traditionally focused on security issues outside the firewall and although securing remote access is critical, the RSA SecurID for Microsoft Windows solution addresses a real threat to exposing an organisation's sensitive data within the enterprise," said Lewis.

The integration of SecurID and Windows was first announced at the RSA Security conference in San Francisco earlier this year. At the time, Microsoft's chairman Bill Gates said the development signalled the death of the traditional password.

Imposter !

" A new worm, Netsky-P, is on the prowl. By linking itself to boy wizard Harry Potter it has laid its trap most cunningly. Beware! "

Harry Potter fans beware, there is a computer virus out there that makes you look like Muggles.

Technology experts Sophos say the Netsky-P worm, which hides in an email, has been fuelled by its link to the hit books and movies.

Victims will receive an email with various files attached,
with names including " Harry Potter 1-6 book.txt.exe "
& " Harry Potter game.exe ". But when they open it hoping for the latest Potter gossip or something to play, it will instead cast a nasty spell over their machine.

Worm eyes up credit card details

Windows users are being warned about a virus that is "aggressively stealing" credit card numbers and passwords. The Korgo virus debuted on 22 May and since then has been steadily racking up victims.

Although the virus is not widespread, security firms are issuing warnings because it is proving so effective at stealing confidential data. Those infected by Korgo are being urged to change passwords and credit cards if they have been used online recently.
Korgo exploits the same vulnerability that the Sasser web worm used so effectively when it struck early last month.

" Like Sasser, the Korgo worm spreads around the net by itself. "

" The virus opens up a backdoor on PCs it infects which allows its creators to install a key logging program that activates when users fill in forms on websites. The key logger steals password and credit card information and sends it back to its creators, thought to be a virus writing group called the Hangup Team. "

According to Symantec, computers using un-patched Windows 2000 and Windows XP operating systems are susceptible to the worm's attack, which opens a back door to the Microsoft system through TCP ports 113 and 3067.

>> 1 2 3 4

Securing systems while they are booting

Boot time security is getting essential, I can imagine soon there might be viruses specially created that will attack the system while it is booting and thus bypass quite a few hurdles in it's way. There are quite a few steps that can be taken to save the computer from attacks while it is booting and policies are not yet implemented on computer. Roberta Bragg writes an article on “Boot Time Security”.

' via Tejas '

Microsoft bars Windows pirates

Many people using pirated copies of Windows XP will get no help from Microsoft to make their PC safer.

The software giant has decided that a forthcoming update to XP will not work with the most widely pirated versions of its operating system.

The upgrade, called Service Pack 2, closes security loopholes in XP and adds features that make it easier to keep machines safer from viruses.

SP2 is the long awaited upgrade for Windows XP that Microsoft hopes will make the software much more resilient to many of the ways that malicious hackers and virus writers have exploited it before now.

Also included are features that make it easier for users to manage their anti-virus software and firewall. It also forces users to make explicit choices about how secure they want their PC to be.

Other features include a blocker for adverts that pop-up when people browse the web and background utilities that warn when spyware is trying to install itself on their machine.

Once installed SP2 also changes the way that future updates are installed.

Instead of downloading the whole chunk of XP being updated, SP2 instead only downloads the parts that have changed.

This change should reduce future patch download times by up to 80%.

Check What's in SP2
" Pop-up ads blocked
Revamped firewall on by default
Outlook Express, Internet Explorer and Windows Messenger warn about attachments
Origins of downloaded files logged
Web graphics in e-mail no longer loaded by default
Some spyware blocked
Users regularly reminded about Windows Updates
Security Centre brings together information about anti-virus, updates and firewall
Protection against buffer over-runs
Windows Messenger Service turned off by default "

Friday, June 04, 2004

Catching a Virus Writer !

Like a sneeze in a crowded subway, it's hard to find the human source of the latest viral infection. On the Internet it's not much different. The people who write these nasty little programs and release them into the wild almost never get caught. Why? The answer is easy, but it's also a sort of technical nemesis: there's simply no way to track these people down.

" a virus writer today just needs to go out, connect to an open WiFi router, release a virus and walk out "

" There are simply too many ways to be anonymous on the Internet, and more so today than ever before. "

WiFi has exploded. Welcome to the truly anonymous Internet. There is no easier way to slip on and off the Internet now without being noticed than on an unsecured 802.11x wireless network in a coffee shop, under a tree in Central Park, at a library or even just leaked through the walls of the apartment next door.

There are a mind-boggling number of wireless access points now, and only the ubiquity of these devices is new: while four or five years ago I may have been the first on my block with WiFi, now there are so many devices I have to worry about interference.

More than that, there are a mind-boggling number of wireless access point that are not Secure by Default...

Authentication and Authorization

Designing the authentication and authorization mechanisms for a distributed Web application is a challenging task-there are many choices that you must make which will affect almost every component of the application you develop. Adopting a proper authentication and authorization design helps mitigate many of the top security risks. Implementing such a design during the early phases of your application development is far easier than trying to retrofit a solution to an existing or partially built application.

This module describes the authentication and authorization mechanisms that you have available when developing distributed ASP.NET Web applications. It also describes a process that you can use to help choose the most appropriate authentication and authorization mechanisms for your application.

Free Email Security Toolkit

White Paper
Learn How to Eliminate the Top 5 Email Security Threats

Are worries about spam and virus attacks to your enterprise email system keeping you up at night? See why spam and viruses are only the “tip of the iceberg” when it comes to email security threats. Learn how you can eliminate the top 5 security threats to your email system, including the silent killer -- directory harvest attacks. The good news is there’s an easy and effective way to arm your organization against all threats, even the latest spam and email attacks...

Web Seminar
How Chick-fil-A Eliminates Spam with Preemptive Email Security: A Case Study

A Real-world Chick-fil-A case study -- how you can reduce spam and viruses and improve email security and employee productivity. Learn how Chick-fil-A eased its spam problem after evaluating and selecting a managed service solution to protect its Exchange email system.

Web Seminar
Preemptive Email Security: How Enterprise Rent-A-Car Reduces Spam

Find out how Enterprise Rent-A-Car reduced spam and viruses, improved their email security, and increased productivity.

Preemptive Email Security and Management

Author: Peter Bowyer

This eBook will offer a preventive approach to eliminating spam and viruses, stopping directory harvest attacks, guarding content, and improving email performance.

Contents :

1.Stopping the bad guys before they reach your gateway
2.Evolving techniques for eliminating spam, email virus and worm threats

3.Protecting email from the silent killers: DoS and directory harvest attacks
4.Understanding the ins and outs of controlling email content
5.Improving email performance, visibility and reporting
6.The benefits of preemptive email security and management

Thursday, June 03, 2004

How to create an e-mail message with restricted permission

You can create e-mail messages with restricted permission using Information Rights Management only in Microsoft Office Professional Edition 2003 and Microsoft Office Outlook 2003.

Send an e-mail message with restricted permission.

1. On the File menu, point to New, and then click Mail Message.

2. Enter the recipient names in the To, Cc, or Bcc boxes

3. In the Subject box, type the subject of the message.

4. In the message body, type the message.

5. On the E-mail toolbar, click Permission.

6. Click Send.

More e-mail Customizations

White Paper : A Practical Guide for Better Security

A Practical Guide for Better Security
by WatchGuard Technologies, Inc.

Network security is as much about business advantage as it is about deterring threats. This guide contains an outline for a security plan that addresses your critical business concerns-customer confidence, data integrity, increased productivity and cost savings-and tells you how to start making security a business advantage by thoroughly targeting security vulnerabilities at their source: the people and their processes


ON iCommand

Automated Patch Management with ON iCommand
by Symantec Corporation

ON iCommand is much more than a best-of-breed patch management tool - it's a unique, comprehensive solution for lifecycle management of all your computers and devices, including enterprise-wide software management and provisioning.

In addition to automated patch deployment, ON iCommand provides push-based deployment of operating systems and applications, plus configuration tracking, network inventory, and software usage & license management.

ON iCommand allows administrators to manage a broad range of platforms - including Windows, Linux, Pocket PC, and UNIX - from a single unified console and database.

Download PDF

Undercover agents fight net piracy

He works undercover, has an online identity which he cannot reveal to anyone for fear of exposure and has to maintain anonymity or face threats to his personal security.

In the murky world of organised crime and piracy, the investigator known only as Mr X has the job of, in his own words, "cleaning the internet of some of the filth out there".
It may sound like the synopsis for the latest Hollywood spy thriller but Mr X has a much more down-to-earth name in real life and works for the Business Software Alliance.

He is one of a team of investigators employed by the BSA to patrol the internet and take action against online pirates.

Legal action against 9,142 companies
Handled 57,625 calls
Followed up 7,929 leads

eBOOK : Tips & Tricks Guide to Network Configuration Management

Tips and Tricks Guide to Network Configuration Management
by AlterPoint Inc.

Written by Networking Expert Don Jones, this eBook contains over 100 pages of detailed Tips and Tricks for Network Configuration Management. Topics include - Change Management Best Practices, Network Management Security, Network Management Troubleshooting, Change Management Techniques, Selecting and Deploying a Network Device Management Solution and Enterprise Network Device Management. In this eBook, top industry network managers reveal their secrets and "must do's" to successfully manage enterprise networks. You'll get step-by step advice on "What to do" and "How to do it," ensuring optimal performance of your enterprise networks.

It's a must-have resource guide for all Network Administrators.

Topics Covered in Each Volume

1. Change Management Best Practices
2. Network Management Security
3. Network Management Troubleshooting
4. Change Management Techniques
5. Selecting and Deploying a Network Device Management Solution
6. Enterprise Network Device Management

Read more


Yahoo Toolbar Combats Spyware

Yahoo Inc. on Thursday joined the fight against unwanted software that monitors users' Web surfing, alters their home pages and bombards them with ads.

The Sunnyvale, Calif., company announced a beta for its Web browser toolbar that includes an anti-spyware plug-in for finding and removing spyware and other unwanted programs.

The Anti-Spy beta for the Yahoo Toolbar also lets users manage various spyware and other downloaded software, including restoring programs accidentally removed, Yahoo said.

For the new toolbar beta, Yahoo is making use of anti-spyware software from PestPatrol Inc., which offers a commercial version of its anti-spyware applications.

Spyware increasingly has captured the attention of regulators and lawmakers. The Federal Trade Commission has begun a series of investigations into spyware abuses and has been holding public forums on the issue.

" well that was the good news, now read this : "

Yahoo Plays Favorites with Some Adware

When it comes to blocking intrusive Internet software, Yahoo Inc.'s new Anti-Spy gives adware the benefit of the doubt.

The beta version of the spyware-fighting toolbar add-on, which Yahoo released last week, doesn't default to detect adware—a category of software in which Yahoo's paid search division has a financial stake.

Instead, users who want to identify adware in their systems via Anti-Spy must check a box each time they conduct a scan.

Among the programs the Sunnyvale, Calif., company classifies as adware are controversial ones from Claria Corp. (formerly The Gator Corp.) and WhenU.com Inc., two common targets of spyware critics who say the companies trick users into accepting unwanted downloads and flood machines with pop-up ads.

With Claria, best known for its Gator eWallet application, Yahoo is also a business partner. Claria, based in Redwood City, Calif., delivers pop-up and other forms of advertising from its GAIN ad network through software downloaded onto users' machines.

Yahoo's Overture division, a leading provider of paid search listings, contributed 31 percent of Claria's 2003 revenues through a partnership in which it supplies paid listings to Claria's SearchScout service, according to Claria's April S-1 filing with the Securities and Exchange Commission.

" Earning an extra dine or two ??? "

Symantec DeepSight Analyzer

A secure and personalized incident management system

Symantec DeepSight Analyzer gives IT professionals the ability to track and manage incidents and attacks on their own networks. DeepSight Analyzer automatically correlates attacks from a multitude of IDS and Firewall products, giving IT professionals a comprehensive view of their environment. DeepSight Analyzer manages threats by comparing incidents on their network against the world's largest vulnerability database, tracking attacks to resolution, and generating statistical incident reports.

Secure Development: A polarised response

Thankfully these days assessing the security of an application prior to implementation is a normal process for most organisations. Organisations accept the view that the earlier in the implementation cycle that security issues are identified, the greater the return on investment (ROI). However with such a mature attitude to implementation, it is hard to understand why organisations are not applying the same principals to the software development cycle as a whole. In fact currently there are only a limited few that are following best practice recommendations in regard to secure development and reaping the financial rewards that increased development controls bring.

" Secure development is the process of authoring software in such a way as to embrace information security at every stage of the cycle. By addressing information security issues at the design and prototype stages, huge savings in development costs can be made. Additionally, projects can be delivered faster, and post implementation maintenance costs can be minimised. There are a number of ways that this can be undertaken, but the most common procedures involve phased security assessments and reviews that encompass knowledge share; design assessment; component, system, user interface and production testing and regular security health checks."

Click Here for the full article

Common Security Vulnerabilities in e-commerce Systems

This article discusses common attacks and vulnerabilities in e-commerce shopping cart systems, with reference to SecurityFocus vulnerability reports where relevant.

" The tremendous increase in online transactions has been accompanied by an equal rise in the number and type of attacks against the security of online payment systems. Some of these attacks have utilized vulnerabilities that have been published in reusable third-party components utilized by websites, such as shopping cart software. Other attacks have used vulnerabilities that are common in any web application, such as SQL injection or cross-site scripting. This article discusses these vulnerabilities with examples, either from the set of known vulnerabilities, or those discovered during the author's penetration testing assignments. The different types of vulnerabilities discussed here are SQL injection, cross-site scripting, information disclosure, path disclosure, price manipulation, and buffer overflows. "

" Successful exploitation of these vulnerabilities can lead to a wide range of results. Information and path disclosure vulnerabilities will typically act as initial stages leading to further exploitation. SQL injection or price manipulation attacks could cripple the website, compromise confidentiality, and in worst cases cause the e-commerce business to shut down completely."

Wednesday, June 02, 2004

In my Opinion

Security risks and threats are everywhere in every platform every network Never the less it’s as much responsibility of the user of a system as much it is of the developer in keeping a system secure. How many people even bother enabling the auto update feature or install any service packs of all the 100% of people using internet excluding the dev community, I would bet a majority still doesn’t use a firewall, if you ask why you don’t have firewall installed ?, answers would SHOCK YOU ( well it did to me ) here the response of a guy who gets firewalls and antivirus updates in cd’s like Digit, M@gnet ( he doesn’t subscribe to Developer IQ because it has less games ) and never bother even installing them.“ well I heard they are not 100% reliable ” ever heard or the term basic security Many of us don’t even bother update our antivirus or install service packs ??? and when our systems crash we blame the product, I see people wasting time over chatting would even try to update their Antivirus why again a SHOCK “ it eats bandwidth you know ”. Many educational institutes, from schools ( claiming computer education ) to engineering colleges have great labs or so they claim, not even have a free ANTI VIRUS packages and those who do, don't ever update them.

Another twisted tale is you get on to a system of any student ( or call him an aspiring young hacker ) he would have everything loads of cracks and even virus source codes from various sites but wouldn't have updates to his antivirus pack or neither would he ever bother.

Shifting back, No developer / firm would like their software to have Bugs or Vulnerabilities because they cant risk the competition and even if there’s a bug or any news is out about a software ( people still talk and talk and talk ) but they even don’t bother installing a patch that gets immediately Released to fix the bug. And they still talk “ oh that’s old news it seems it got fixed ” who’s going to fix yours. When it comes to free software (spyware) like KAZAA users stick on to it like glue and they never even bother or worry, even if it headlines the NEWS saying its a SPYWARE BEWARE !!!

Well it’s our negligence that hackers cash ! bugs are out and no sooner even patches are out and we don’t even bother installing them
if we as users do our part of keeping our own systems secure it would itself mount to a scope where the wide spread of viruses and worms can be limited in turn be helping ourselves rite…

Ending note “ Negligence is more dangerous than Ignorance ”

Clarke: Hold Developers Accountable for Software Insecurity

The federal government and private enterprise should band together and hold software developers responsible for the poor state of security of their applications, according to the White House's former top cyber-security official.

Speaking this week at the eWEEK Security Summit here, Richard Clarke, chairman of Good Harbor Consulting LLC, of Herndon, Va., and former chairman of the president's Critical Infrastructure Protection Board, said the inherent insecurity of most software produced today is a major factor in the troubles plaguing enterprises and home users.

Clarke Again ;)

According to Clarke, private industry should make sure that software security is an integral part of the evaluation process and that multiple levels of authentication are part of the e-commerce environment. It should also take an active, rather than passive, role in advocating comprehensive, rational cyber-security programs from government at the local, state and federal levels. Companies need to designate someone to be responsible for cyber-security.

"Bad guys are ahead at this stage of the cyber-security race. The expansion of wireless networks, handheld devices and high-speed connections is happening faster than vendors can patch and upgrade systems that were never designed for this range of services and worldwide access. Users still are demanding ease of access over security, and vendors are not requiring at least two levels of authentication for fear of losing business to competitors. New waves of technology, such as voice over IP and digital product tagging, will continue the expansion while security considerations will have to catch up. The upside is that private companies are committing budget dollars and personnel to cyber-security. I hope funding and resource allocation can get the race back to neck-and-neck status by next year."

Asia-Pacific leading in cyber-security

AUSTRALIA is taking a lead in global network security with advisers from 12 nations attending multilateral talks, hosted by AusCERT, on protecting critical information infrastructure.

The informal talks, held on Friday after four days of business, technical and policy discussions at AusCERT 2004, are believed to have laid the groundwork for increasing inter-government co-operation.
Participants included high-level IT advisers from the US, Britain, the Netherlands, Germany, Brazil, China, South Korea, Japan, Malaysia, Canada and New Zealand.

< India ??? " well i dint go ;) " >

Trend Micro Need for Internet Security

NEWS: Trend Micro has announced a new initiative for small and medium size businesses (SMB) in the Middle East. It has been found that many SMB organizations have a greater risk from dangerous virus attacks because they have little or no in-house IT support to provide up-to-date advice on protection. For this reason, Trend Micro, is offering SMB players across the region the chance to sample its range of specialist SMB applications with a free CD, containing its SMB product, for a 30-day eval.

News Links : 1 2

Microsoft's Yukon Gets Encryption Protection

Database administrators running SQL Server can look forward to a bit more free time and less worries about unauthorized access to sensitive data files, thanks to new database features announced by Microsoft Corp. at its TechEd 2004 conference on Tuesday in San Diego.

On the security front, Microsoft said it will embed native data encryption/decryption, password and key management support into the second beta version of SQL Server 2005 (code-named "Yukon") that is due later this year. Also at TechEd, the software giant said it is releasing the final version of Best Practices Analyzer (BPA) for SQL Server 2000.

Through the new security components, SQL Server 2005 customers will have the choice of encrypting and decrypting sensitive data through passwords, the x509 certificate key for authentication, or Windows certificate authority, according to Tom Rizzo, director of SQL Server product management for Redmond, Wash.-based Microsoft.


just came across IMsecure
a free download from zone labs :)
works with all IM's

Microsoft Enlists Agencies to Fight Piracy

Microsoft Corporation is stepping up its channel enforcement program, to weed out the issue of piracy emerging out of the channel community

The program is to make the channel aware of the repurcusions of selling and uploading pirated softwares in India. For this program, the vendor would work closely with enforcement agencies like Nasscom and BSA, and together address two issues: first is the hard disk loading problem and second is counterfeit.

Hacking Sparks Need for Complex Passwords !

As more Web sites demand passwords, scammers are getting more clever about stealing them. Hence the need for such "passwords-plus" systems.

"A password is a construct of the past that has run out of steam," said Joseph Atick, chief executive of Identix Inc., a Minnesota designer of fingerprint-based authentication. "The human mind-set is not used to dealing with so many different passwords and so many different PINs."

Software such as Symantec Corp.'s Norton Password Manager and Apple Computer Inc.'s Keychain help store passwords in secure, encrypted form. But if you compromise the master password, you're out of luck. Your entire collection is gone.

Many sites, meanwhile, will e-mail passwords insecurely—without encryption—if you forget. A site called BugMeNot.com even encourages users to share passwords for nonfinancial sites such as newspapers.


.NET Security and Cryptography

by Peter Thorsteinson and G. Gnana Arun Ganesh

Security and cryptography, while always an essential part of the computing industry, have seen their importance increase greatly in the last several years. Microsoft's .NET Framework provides developers with a powerful new set of tools to make their applications secure.

.NET Security and Cryptography is a practical and comprehensive guide to implementing both the security and the cryptography features found in the .NET platform. We
( Peter Thorsteinson and G. Gnana Arun Ganesh ) provide numerous clear and focused examples, in both C# and Visual Basic .NET, as well as detailed commentary on how the code works.

This book will allow developers to:

* Develop a solid basis in the theory of cryptography so they can understand how the security tools in the .NET Framework function

* Learn to use symmetric algorithms, asymmetric algorithms, and digital signatures

* Master both traditional encryption programming, as well as the new techniques of XML encryption and XML signatures

* Learn how these tools apply to ASP.NET and Web services security

Download the code (C# version)

Download the code (VB.NET version)

Download a sample chapter

Secret-Key Encryption Cryptography in Microsoft .NET

Cryptography is the art of secret writing. Modern cryptography is based on well-known mathematical formulas. Cryptography is an effective security control that can ensure the confidentiality and integrity of customer and other sensitive data. Although Cryptography is not the only solution for protecting critical information; it is one of the strongest available.

The .NET Framework provides implementations of many standard cryptographic algorithms. These algorithms are easy to use and have the safest possible default properties. Here I have presented only about the Secret-Key algorithm, the other types of algorithm available are Public-Key Algorithm, Digital Signature Algorithm (DSA), and Hash Algorithm etc.

Article on MSDN
Click here :)

Tuesday, June 01, 2004

Richard Clarke Talks Cybersecurity and JELL-O

When former White House counterterrorism and cybersecurity czar Richard Clarke testified before the independent commission investigating the 9/11 attacks that the US government could and should have done a better job preventing the attacks, he became a lightning rod for both praise and criticism. In the days following his testimony, Clarke's book Against All Enemies, quickly jumped to the top of the bestseller list.

Clarke retired after the February 2003 release of the US National Strategy to Secure Cyberspace, which signaled the transfer of responsibility for cybersecurity from the White House to the US Department of Homeland Security (DHS), which was still not fully operational at the time. He is now chairman of Good Harbor Consulting, a security consulting firm. He agreed to share his views about what those responsible for bettering network security are doing right—and wrong—with IEEE Security & Privacy shortly after his 9/11 testimony.

" You cannot straight-line the kind of problems we've had in cyberspace and say that's all that's ever going to happen. "

" I do think that in the area of privacy and password protection, the government is not doing its job. "

" Without systems that allow you to have real authentication and identity management, systems that contain files that have information about you—if they're only protected by passwords—aren't protected at all. How often do you find anybody using identity management authentication systems? Not very often. Even if you require an eight-digit password, you can run LOphtcrack and get into anybody's eight-digit password in a matter of minutes. What I say to people—and this stuns them—is that if all you have protecting your information is a password, you might as well publish it in TheNew York Times. "

His Exclusive Interview

SA websites fall to hacker attacks

In the biggest hacker attack in South Africa since 1 January 2004, hackers successfully defaced more than 73 local websites over the weekend, Reinhardt Buys of IT law firm Buys said on Monday.

01 June 2004

Monster Worldwide buys India's JobsAhead.com for $9.6 mn

Monster Worldwide Inc, the parent of job site Monster.com, has bought Indian Web site JobsAhead.com as a part of a global acquisition drive to boost revenue, a company official said

The deal, worth about 400 million rupees ($9.6 million), is Monster's fourth acquisition in less than three months and is the first buyout in India, Asia's third largest economy and home to booming software and telecoms industries.

"Acquisition is one of the major strategies to grow the company's topline,"
---Stuart McKelvey, Monster's group president for the Asia-Pacific

"The online opportunity for hiring in India is growing at 80-90 per cent each year."

Clinic 2806

S e c u r i t y - P o s t s
a             ----- Security Posts from Sudhakar's Blog

Clinic 2806: Microsoft® Security Guidance Training for Developers

Now this excellent course is avaiable online for free.
A must for all the .NET Developers who want to write secure code.

" This online clinic provides students with knowledge and skills essential for the creation of applications with enhanced security. Students will learn about the need for implementing security at every stage of the development process and best practices for applying security principles. Students will also learn how to use established threat modeling methodologies and tools with other best practices to minimize vulnerabilities and limit damage from attacks. Finally, students will learn how to implement security features to enhance security for Web applications and Web services that are built by using Microsoft ASP.NET."

Six "Golden Rules of Security"

While reading a course material on secutity I found these “Golden rules of security”

01. Authentication
Refers to the ability to verify that a user is who he/she says he/she is.

02. Authorization
Controls what resources an authenticated user can access.

03. Audit
      The ability to keep track of user actions for traceability and diagnosis of possible security weaknesses.

04. Privacy
      Ensures that user data can be viewed only by authorized users.

05. Integrity
      Making sure user data is complete, accurate, avaiable, and has not been manipulated.

06. Non-Repudiation
      Providing evidence that an action has occured so that a user cannot deny that he or she performed it.

There are some Key Security Concerns about security  which are similar to these also avaiable for refernce here.

The Antivirus Defense-in-Depth Guide

Microsoft's P & P has released a new book called
The Antivirus Defense-in-Depth Guide"

[Microsoft] :- “Microsoft Solutions for Security: The Antivirus Defense-in-Depth Guide provides an easy to understand overview of the assorted types of malware, their risks, characteristics, means of replication and payloads. The solution also details the considerations for implementing a comprehensive antivirus defense for your network, servers and clients which goes beyond simply installing antivirus software into the related tools which will help reduce your risk of infection. Lastly, the solution provides a comprehensive methodology for quickly and effectively responding to outbreaks or incidents when they occur.”

Version 1.0, released: May 19, 2004
Click Here to go to Download Page [805 KB]
Click Here to view Online

Myth of .Net Purity

there is an increasing amount of discussion around the topic of ".NET Purity" in development circles. When selling an application, the question often arises, "Is your application 100 percent .NET?" Or, "How much of your application is .NET?" There is an implied qualitative judgment behind these questions, and it's usually pejorative.

straight from the blog of Scott Hanselman

The Myth of .NET Purity, Reloaded

An updated version of my Myth of .NET Purity rant is up on MSDN. recommend you show it to your boss if you're being force to justify why your solution isn't 100% .NET.

Summary: Does a solution written for Microsoft .NET have to be 100% .NET? Scott Hanselman looks at how hybrid managed-unmanaged solutions are really the norm.

Here's a few choice quotes, IMHO:;-)

I've heard it said by many a CTO in many a technical briefing that,
"We're planning to port our whole system to .NET." Why spend 18 months converting your application, so you can arrive at the endpoint you're already at?

The .NET Framework Library itself isn't "pure .NET," as it uses every opportunity to take full advantage of the underlying platform primitives.

If Microsoft were to truly virtualize the machine, they would have marginalized their investment in the Windows platform.

Microsoft Not a Threat to US National Security

Microsoft's dominance of the desktop operating system market isn't a threat to U.S. national security, according to a new study by a team of researchers at the George Mason University, who said a worm or other malicious attack on Windows is unlikely to produce a catastrophic failure of the Internet.

The report is based on advanced network simulations by George Mason's Infrastructure Mapping Project. While it focuses on proprietary monopolies held by Microsoft on the desktop and Cisco in the router market, the study also suggests the growing importance of the security of open source products.

The findings contrast with those of a paper released last year by the Computer & Communications Industry Association, Cyberinsecurity: The Cost of Monopoly, which warned that "the identicality and flaw density in the Microsoft Windows monoculture present clear dangers to national security." The paper stirred controversy when one of its authors, Dan Geer, was fired as CTO of @stake, which does business with Microsoft.

Legal music sites break 100 mark !!!

The number of legal online music services world-wide has broken through the 100 barrier.

The global music industry made the announcement as it celebrated the first anniversary of its downloading education website,
pro-music.org.The website features a directory of all the legal services and explains the industry's legal standpoint on downloading music.

'Legitimate demand'
The chairman and chief executive of the International Federation for the Phonographic Industry told BBC News Online: "There are enough download services now to satisfy every legitimate demand for online music."
Click here to chk out all the 100 sites

" Hey btw, iTunes Radio is fun "

Cut Copy Paste ...

Interesting Posts from the blog of tejas

Electronic Crime increases by 43% this year

Hacker Intel "A survey of security and law enforcement executives indicates that e-crime in 2004 increased 43% over last year"

Three Different Shades of Ethical Hacking: Black, White and Gray

A nice article on Ethical Hacking by David M. It talks on different shades of Ethical hacking.

Email, Superstitions & SPAM

" a must READ for many of my friends ;) "

Google proposes Principles for a good software

Everybody is tired of spyware and adware and techno people are allways worried about keeping their systems clean from all the spyware and adware programs and use various kinds of software to keep their system clean from registry hacks, data mining cookies and trojans that gets installed while installing some other software. Just to create an awareness among users and software developers, Google has listed out a set of principles that the Software developers should follow in general.

Forensic MD5 Hard drive duplicator
Speed 3.5 Gigs/MinLogicube MD5

The Logicube website details the following:-“The Forensic MD5 system is designed specifically for the requirements of law enforcement, corporate security, and cyber crime investigation of forensic computer data. This hand-held IDE hard drive data capturing system is ideal for fast disk drive data seizure. Using its built-in CRC-32 engine, the MD5 allows for imaging speeds up to 3.3 GB/min. The system’s non-tampering drive capture ensures bit-for-bit accuracy, guaranteeing zero chance of alteration of the suspect and evidence drives. With it's lightweight portability, rugged construction and field tested capabilities, the MD5 is simply the best forensic hard drive data collection system for law enforcement, corporate security, and cyber crime investigation and prosecution.”

Top 12 Ways to Degunk Your PC by Joli Ballew -- Your PC, with its 80GB hard drive and 512MB of RAM, runs way too slow. Why? It's gunked up with pictures, movies, music, and attachments you've saved; you've saved stuff to the wrong places; and you have apps installed that you don't use. If you want to clean up your PC, and get it running as fast as it should, follow Joli Ballew and Jeff Duntemann's 12-step program for degunking your PC. Joli and Jeff are the authors of the bestselling Degunking Windows book, from Paraglyph Press.

" a basic guide - gud for beginners. "

Flexible keyboards :)