Internet Security Update 0649
Internet Security Update 0649
Email Security Annual Review - Threat Report
In Focus: RSA Conference 2005 Highlights
RSA Conference 2005 took place last week in San Francisco with more
than 275 vendors and more than 200 conference sessions. The last I
heard, conference organizers were saying that 13,000 people attended,
but that count wasn't official. One thing I am sure about is that
with that many vendors and conference sessions, nobody saw
everything!
There were some interesting announcements at the conference, so if
you were not among the thousands who did attend, then here are a few
of the highlights from the show:
In his keynote address, Computer Associates (CA) Executive Vice
President Russell Artzt pointed out that business executives must now
pay very close attention to security concerns at all levels of the
company and be ready to thoroughly account for their decision-making
processes, primarily due to government regulations such as Sarbanes-
Oxley.
Cisco Systems announced a new phase of its Self-Defending Network
technology. The company said that the new Adaptive Threat Defense
phase addresses threats at multiple layers, simplifies architectural
designs, and provides enterprisewide containment and control.
RSA Security announced the Security Authentication Roadmap, in which
the company will provide a standards-based, enterprise-enabled
platform for overall credentials management using strong
authentication. The company also announced the RSA Authentication
Service, which will help provide consumers with "enterprise-class
protection" during their online activities; an RSA SecurID Appliance
that provides two-factor authentication for businesses with fewer
than 1,000 employees; and RSA SecurID SID700 and SID800 USB-enabled
authentication devices.
Microsoft Chairman Bill Gates announced in his keynote speech that
the company will launch new security initiatives that include various
software updates, such as a future release of Internet Explorer (IE)
7.0 for Windows XP systems, the scheduled March release of a beta
version of its unified Windows Update Service (WUS), Microsoft
Baseline Security Analyzer (MBSA) 2.0, the release to manufacturing
of Internet Security and Acceleration (ISA) Server Enterprise
Edition, and Rights Management Services (RMS) Service Pack 1 (SP1).
Gates also announced the formation of the Secure Software Forum in
partnership with several other companies and the worldwide expansion
of its Most Valuable Professional (MVP) program to help developers
communicate with each other about developing secure applications.
Shavlik Technologies announced several new products, including NetChk
Epicenter, a common GUI for NetChk applications that lets
administrators scan numerous systems and applications, view scan
results, and correct security problems. The company also announced
that it will release patch-management solutions for Unix and Linux
platformsincluding AIX, HP-UX, Red Hat Linux, and Solarissometime
in the second quarter of 2005. The company also announced NetChk
Spyware and NetChk Shares, which lets administrators discover shared
resources on one or more computers, remove shared resources, restrict
anonymous access, and test for weak passwords.
Identity management solution provider Abridean joined the BlackBerry
ISV Alliance Program, thereby forming a relationship with Research in
Motion (RIM). Abridean will help simplify and automate management of
Blackberry user accounts in BlackBerry Enterprise Server in
combination with other messaging and enterprise systems.
DesktopStandard released PolicyMaker Application Security, which
helps adminitrators enforce the practice of giving users the minimum
privileges that they need on Windows-based desktops and selectively
elevate privileges for users who need them.
Priva Technologies announced an upgrade to its Cleared Security
Platform, which uses multifactor authentication in a single-point,
end-to-end solution. The product now supports authentication for Web
services, Microsoft .NET technology, email signing, and public key
infrastructure (PKI).
Seaway Networks released a pretty slick product: the Trident NCA2000-
L7P Intrusion Prevention Accelerator Card. The Intrusion Detection
System/Intrusion Prevention System (IDS/IPS) card can be used to
convert servers into filtering appliances. The board provides 2Gbps
of full duplex data processing and pattern matching, including
processing of network layers 2-7.
Lyris Technologies improved the detection of phishing and other email-
related threats in its MailShield Server product with an upgrade to
the embedded Mailshell SpamCompiler engine. Lyris said that MailShield
Server is available for Windows and Solaris platforms, and a
MailShield Pro version for Windows can record all SMTP transactions
and provide a searchable audit trail of all incoming and outgoing
messages.
And last, but certainly not least, Intense School presented its Live
Online Professional Hacking class, led by Ralph Echemendia. The class
teaches participants how to think like an intruder so they can
protect themselves proactively rather than having to react
defensively to intrusions.
Security News and Features
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities.
The New Phish Report Network
Microsoft, eBay, PayPal, and Visa have teamed with WholeSecurity
to launch the Phish Report Network. The network will serve as a
worldwide antiphishing aggregation service.
Identity Web Services Framework Now Supports SAML 2.0
Liberty Alliance has released the second draft of its Identity Web
Services Framework (ID-WSF), which now includes support for the
Organization for the Advancement of Structured Information Standards
(OASIS) Security Assertion Markup Language (SAML) 2.0 specification.
Both ID-WSF and SAML provide methods of handling identity in
conjunction with the use of Web services.
Resources
Minimize the Likelihood of Downtime in Your Exchange Implementation.
In this free, on-demand Web seminar, discover how to ensure
continuous Exchange application availability. Learn how to take
preemptive, corrective action without resorting to a full system
failover. Or in extreme cases, discover solutions that perform a
graceful, automatic switchover to a secondary server, ensuring
continuous Exchange application availability.
Get Essential Security Tips in This Free eBook
Knowing where to find answers fast to secure your systems against
attack can often mean the difference between shutting the door to
various threats (e.g., malware, viruses, Trojans) and declaring
defeat. This free eBook provides you with quick answers to help you
make the most of your security.
Keeping Your Business Safe from Attack: Monitoring and Managing Your
Network
Get the information you need to securely implement a network based
around Microsoft products in the latest chapter of this eBook. Find
out how to secure your network against threats, and learn about
topics such as antivirus, VPNs, spyware, DMZs, content filtering,
Browser Helper Objects, patching, quarantining, intrusion detection,
and event notification.
Get the Entire eBook: "Content Security in the EnterpriseSpam and
Beyond"
This eBook explores how to reduce and eliminate the risks from
Internet applications such as email, Web browsing, and Instant
Messaging by limiting inappropriate use of these applications,
eliminating spam, protecting corporate information assets, and
ensuring that these vital resources are secure and available for
authorized business purposes.
Get Ready for SQL Server 2005 Roadshow in a City Near You
Get the facts about migrating to SQL Server 2005. SQL Server
experts will present real-world information about administration,
development, and business intelligence to help you implement a best-
practices migration to SQL Server 2005 and improve your database
computing environment. Receive a 1-year membership to PASS and 1-year
subscription to SQL Server Magazine.
Hot Release
Symantec ON iPatch Automated Patch Management
On its first "patch Tuesday" of 2005, Microsoft released three
software updates to fix security holes in its popular Windows
operating system. Symantec ON iPatch provides an automated patch
management solution that can handle today's growing number of
patches.
Add SonicWALL to Your List of Enterprise Antispyware Solutions
You can add SonicWALL to the list of enterprise antispyware
solutions. The company announced the addition of "dynamic spyware
detection and prevention capabilities" to its line of gateway
security offerings.
Security Forum Featured Thread: Possible IIS 6.0 and XMLHTTP Security
Issue
A forum participant has a client application that creates XML
documents that include both text and bin.base64 nodes. Posting is
done from the client application using the MSXML2.XMLHTTP.4.0
component to the Active Server Pages (ASP) server application on
Microsoft IIS 6.0. The request is loaded into an
MSML2.DOMDocument.4.0 object. Sometimes the loading fails and the
request is empty. The failure doesn't happen on an IIS 5.1 server.
Join the discussion.
Announcements
Try a Sample Issue of Exchange & Outlook Administrator!
If you haven't seen Exchange & Outlook Administrator, you're
missing out on key information to help you migrate, optimize,
administer, backup, recover, and secure Exchange and Outlook. Plus,
paid subscribers receive exclusive online library access to every
article we've ever published.
Nominate Yourself or a Friend for the MCP Hall of Fame
Are you a top-notch MCP who deserves to be a part of the first-
ever MCP Hall of Fame? Get the fame you deserve by nominating
yourself or a peer to become a part of this influential community of
certified professionals. You could win a VIP trip to Microsoft and
other valuable prizes.
New and Improved
A Second Factor of Authentication for Windows
Entrust announced Entrust IdentityGuard for Microsoft Windows,
which adds a second factor of authentication for users logging on to
Windows desktops. In addition to entering his or her username and
password, a user is asked to enter a set of numbers and or
characters. The user must find the correct characters on a grid
supplied by his or her organization on a wallet-sized plastic card,
in conjunction with a building-access card, or in electronic form for
portable devices accessing the corporate network. Entrust
IdentityGuard for Microsoft Windows will be available for beta in
first quarter 2005, with commercial availability in second quarter
2005.
