Security UPDATE on Safer Mobile Surfing 0292500
Security UPDATE on Safer Mobile Surfing 0292500
Safer Mobile Surfing
I'm sure you read lots of different security-related blogs and Web
sites. There are a bunch of them out there, and the number seems to
keep right on growing. I've got dozens of them in my RSS reader, and I
often find new ones that I want to read now and then.
One interesting blog that I found some time ago is called Secureme. Not
only is it informative, but the writing style is subtly humorous at
times too. When I look at the "avatars" of the blog writers at the
site, I'm not quite sure what's missing: a flashy mirrored disco ball
and colored lights, or Santa's workshop. When you go to the blog,
you'll see what I me.
An interesting recent post at the blog ("No SSH server, no problem!"
January 13) covered two tools, The Onion Router (TOR) and Privoxy, both
of which can be used in a variety of situations, such as using them
together to better protect your Internet communications when you're on
the road. For example, if you're using a hotel's in-house network or a
public wireless network, you could use TOR and Privoxy to help protect
your network traffic.
TOR is a routing technology that encrypts and routes your Internet
traffic through a number of TOR servers before the traffic reaches its
destination. Privoxy is a proxy server that helps protect your Internet
privacy by removing or obscuring various content, such as your DNS
queries, browser type, OS type, and more. You can configure Privoxy to
communicate with TOR so that all your Web traffic is routed through the
TOR network.
I tried the two tools, and they seem to work all right. Setting up a
TOR client is incredibly simple. Just install it, run it, and make sure
there are open ports on your firewall to pass traffic. That's it!
Privoxy is equally simple, except that to make it work with TOR, you'll
need to add one line to the Privoxy configuration, which is explained
in the TOR documentation. You can learn more about TOR and Privoxy and
download copies at their respective Web sites.
Until next time, have a great week.
Security News and Features
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities.
February the 13th: Microsoft Issues Massive Number of Security Fixes
Yesterday, Microsoft issued a massive number of security bulletins
and fixes as part of its regularly scheduled monthly security update
release. The company released 12 security bulletins for various
products, including several Windows versions, Exchange Server, Office
XP, Windows Media Player, MSN Messenger, and SharePoint. Eight of the
bulletins are rated as "critical," the company's most serious rating.
Microsoft to Purchase Sybari Software
Microsoft announced yesterday that it has signed a definitive
agreement to acquire Sybari Software, a New York-based company that
develops antivirus, antispam, and content-filtering technologies. The
acquisition will include all of Sybari's staff and technologies.
Weakness in Windows XP SP2 Overflow Protection
Security company Positive Technologies released a white paper that
explains what it considers to be weaknesses in the heap overflow
protection and data execution protection in Windows XP Service Pack 2
(SP2). The two technologies are designed to help prevent intruders from
taking advantage of unchecked buffers to launch malicious code within
the OS.
SOHO Firewall Appliances
Even if you have a home office or work for a small company, you
still need to protect your valuable data and network. Firewalls have
become a de facto standard for all organizations--large and small--as a
frontline perimeter-based defense against attackers who want to steal
your information, hijack your resources, and otherwise vandalize your
network. Jeff Fellinge looks at several solutions in this Buyer's
Guide.
Resources and Events
InfoSec World 2005, April 4-6, 2005, Orlando, FL
InfoSec World 2005 is where connections are made. Expand your
knowledge with the hottest topics and get real-world strategies and
tested techniques for meeting your toughest information security
challenges. With a full spectrum of events, InfoSec World offers an
array of stimulating programs, presentations, activities, networking
opportunities and more!
Ensure Successful Token Authentication
What's more secure than password protection? Attend this free Web
seminar and learn how to protect your network and make your mobile and
remote users more secure with token authentication. Discover ways to
evaluate, test, and roll out token authentication to protect your
investment, while making a solid business case to justify the costs.
Register now!
Windows Connections Conference Spring 2005
Mark your calendar for Windows Connections Spring 2005, April 17-20,
2005, at the Hyatt Regency in San Francisco. Sessions jam-packed with
tips and techniques you need to know to ensure success in today's
enterprise deployments. Get the complete brochure online or call 203-
268-3204 or 800-505-1201 for more information.
Configuring Blade Servers for Your Application Needs
Blade servers pack a lot of function into a small space, conserve
power and are flexible. In this free Web seminar, industry guru David
Chernicoff details the best use of 1P, 2P and 4P configurations using
single and multiple enclosures; integrating with NAS and SAN and
managing the entire enterprise from a single console. Register now and
take advantage of blade servers' power and flexibility.
Security Matters Blog
Check out these recent entries in the Security Matters blog:
Stop Users from Bypassing Group Policy
I read a really interesting thread on the Focus on Microsoft mailing
list. A list member said his users found a way to bypass Group Policy
so that they could install unauthorized software on their machines. The
users entered their logon credentials, then as soon as they were
authenticated to the domain, they unplugged the network cable so that
Group Policy Objects (GPOs) weren't downloaded to their machines.
However, there are ways to foil this strategy.
Two More Months to Opt Out of Windows XP SP2
According to Microsoft's TechNet Flash newsletter, "the mechanism to
temporarily disable delivery of Windows XP SP2 is available only for a
period of 240 days (8 months) from August 16, 2004. At the end of this
period (after April 12, 2005), Windows XP SP2 will be delivered to all
Windows XP and Windows XP Service Pack 1 systems."
Instant Poll
Results of Previous Poll:
Is comment spam a problem on your company's blogs or Web forums?
The voting has closed in this Windows IT Pro Security Hot Topic
nonscientific Instant Poll. Here are the results from the 13 votes:
- 23% Yes it was, but we solved it by requiring registration
- 0% Yes, but we'll implement the new "rel" tag format to stop it
- 0% Yes, but we don't plan to do anything about it
- 77% No
New Instant Poll:
If your company uses Windows XP, do you use XP SP2?
Go to the Security Hot Topic and submit your vote for
- Yes
- No, but we intend to
- No, and we don't intend to
Security Toolkit
Security Forum Featured Thread: ISAPI Extension Access to DCOM
Application Server
Nicola has an Internet Server API (ISAPI) DLL that connects to a
Distributed COM (DCOM) application server. The setup includes a
Microsoft IIS server configured with integrated security and anonymous
access disabled, a domain group to collect all the domain users that
should be able to use the procedures in the DLL, and DCOM configured
with an administrator account and launch/access permissions for the
domain group. The setup works if the domain group is included in the
local Administrators group, but Nicola doesn't want to put the domain
group in the local Administrators group and wonders if there's some
other configuration that will work. Join the discussion at
New and Improved
Spam Firewall for Large Organizations
Barracuda Networks offers Barracuda Spam Firewall 800, a spam and
virus appliance for large organizations and ISPs. Barracuda Spam
Firewall 800 supports 30,000 active users and can handle nearly 1.3
million messages per hour. It's designed for reliability, including
redundant hot-swap power supplies, RAID 5 disk storage, dual gigabit
Ethernet ports, and clustering capabilities. Barracuda Spam Firewall
800 is priced at $17,999 for the appliance and $3999 per year for a
subscription to the Energize Update service, which updates the
appliance hourly with new spam rules and virus definitions. Barracuda
also offers Spam Firewall models for smaller organizations.
..Mark Edwards
|
