|
Vol. 14, #37 - Sep 7, 2009 - Issue #742
|
|
How Not To Get Scammed
|
| This issue of WServerNews is sponsored by |
|---|
 |
|---|
- Editors Corner
- How Not To Get Scammed
- Quotes Of The Week - both by famous Science Fiction writers
- Admin Toolbox
- Admin Tools We Think You Shouldn't Be Without
- Webinars & Seminars
- Protecting Desktops from Malware without Impacting User Productivity and
System Performance - 9/22
- Securing your Exchange Server with VIPRE Email Security - 9/15
- VIPRE Enterprise Product Demonstration - 9/22
- Kiss Your Antivirus Bloatware Goodbye: A Look at VIPRE Enterprise - 9/29
- Tech Briefing
- Roger Grimes: "We're Losing The War On Cybercrime"
- Windows 7's 64-Bit Troubles
- The 11 Most Influential Microprocessors Of All Time
- The Hypervisor War Rages On: A Look At The New Hyper-V R2
- Dual-Screen Laptop Provokes Lust, Derision
- Windows Server News
- Microsoft Promises Patch For Critical Web Server Bug, And 5 More
- Third Party News
- Get A MilSpec Vulnerability Scanner For Next To Nothing
- WServerNews Fave Links
- This Week's Links We Like. Tips, Hints And Fun Stuff.
- WServerNews - Product of the Week
- Save 500 IT Admin Hours and 40% on Web Filtering + Free T-shirt
|
|
Save 500 IT Admin Hours and 40% on Web Filtering + Free T-shirt
The iPrism Web Filter saves you 500 hours of IT Admin in the first
year over competing filters - proven by an independent TCO study.
For a limited time, you can get the TCO leader in Web Filtering for
up to 40% off.
Forget about the Nonsense from Websense and switch to a Security
Appliance that saves you the hassle. Find out how much you will
save today and get a free t-shirt for attending an online demo!
http://www.wservernews.com/090907-Switch
|
|
 |
Editors Corner |
|
How Not To Get Scammed
You all know that Symantec once a year does their State Of The Nation
regarding security called Internet Security Trends. The last one was
December 2008. One of their people has done a half-year interim
update on their predictions, and to see what other developments
have occurred. It's a good read.
In short, attackers take advantage of the economic crisis with scams
regarding home foreclosure, refinancing, economic stimulus packages,
unemployment, classified ads, and work-at-home schemes. Don't fall for
any of it and warn your end-users if you can.
Social networking is becoming very popular attack vector, so you might
want to block access to these sites if you haven't already. Web threats
continue to grow in complexity and sophistication, and new malware
variants explode onto the scene at an unprecedented rate. They are now
using modern marketing methods to get as many PCs infected as possible.
What you as a system admin need to be specifically careful of is that
cyber crime is now using deceptive methods that imitate traditional
business practices to penetrate your networks. A good example is an
employee receiving a known corporate document, but it has a malicious
payload. The full article is here:
http://www.wservernews.com/090907-Security-Trends
Quotes Of The Week - both by famous Science Fiction writers
"A society that gets rid of all its troublemakers goes downhill."
-- Robert A. Heinlein
"If pigs could vote, the man with the slop bucket would be elected
swineherd every time, no matter how much slaughtering he did on the side."
-- Orson Scott Card
Warm regards, and thank you for being a WServerNews subscriber. No trees
were killed in the sending of this message, but a large number of electrons
were terribly inconvenienced. Please tell your friends about us.
They can subscribe here:
http://www.wservernews.com/090907-Subscribe
PS: Did you know this newsletter has a sister publication for XP users
called WXPnews? You can subscribe here, and tell your friends:
http://www.wservernews.com/090907-WXPNews
PPS: And of course we also have our weekly VistaNews. It will soon be
renamed to Win7News! You can subscribe here, and tell your friends:
http://www.wservernews.com/090907-VistaNews
|
|
Join The 1,000 Sites A Month That Switch To VIPRE Enterprise
No more 2-day SEP Migration Classes! Sunbelt built VIPRE Enterprise; a
completely new technology combining corporate antivirus plus an enterprise
antispyware solution for total endpoint security designed by admins for
admins. And that means EASY DEPLOYMENT. Save your IT budget and don't renew
products from Symantec, McAfee and Trend Micro, Learn how VIPRE Enterprise
takes much less resources than the competition! It's clearly time to kiss
your antivirus bloatware goodbye! Competitive Upgrade price: $10/seat:
http://www.wservernews.com/090907-VIPRE-Enterprise
|
|
|
Webinars & Seminars |
|
Protecting Desktops from Malware without Impacting User Productivity and
System Performance - 9/22
Join Sunbelt Software and Mike Osterman, president and founder of Osterman
Research, Inc. for an informative seminar that examines the current malware
landscape and the economic and performance impact of malware infections on
your organization. Learn why a new approach to malware protection is required
to better protect your users and your data - all without the performance
and resource headaches of many traditional enterprise antivirus products.
Hosted at Microsoft in Bellevue, WA on Tuesday, September 22nd, Register here:
http://www.wservernews.com/090907-Protecting-Desktops
Securing your Exchange Server with VIPRE Email Security - 9/15
Tuesday, September 15, 2009, 2:00pm - 3:00pm EDT
Securing your Exchange Server is key to protecting your enterprise environment
from spam, viruses, phishing, and other messaging threats. In this webinar,
learn how the new version of VIPRE Email Security for Exchange (formerly
Ninja Email Security) can help protect your network and cut your Exchange
admin time in half with this powerful, policy-based email security product.
http://www.wservernews.com/090907-VIPRE-Email-Security
VIPRE Enterprise Product Demonstration - 9/22
Tuesday, September 22, 2009, 2:00pm - 2:30pm EDT
Want total malware protection without the bloat? Join us for a look at VIPRE
Enterprise and learn how Sunbelt started with a blank slate to design a new,
next-generation antivirus and antispyware technology to deal with today's
complex malware in the most comprehensive, highly efficient manner.
http://www.wservernews.com/090907-VIPRE-Demo
Kiss Your Antivirus Bloatware Goodbye: A Look at VIPRE Enterprise - 9/29
Tuesday, September 29, 2009, 2:00pm - 3:00pm EDT
Want total malware protection without the bloat? Join us for a look at VIPRE
Enterprise and learn how Sunbelt started with a blank slate to design a new,
next-generation antivirus and antispyware technology to deal with today's
complex malware in the most comprehensive, highly efficient manner.
http://www.wservernews.com/090907-Goodbye-Bloatware
|
|
Tech Briefing |
|
Roger Grimes: "We're Losing The War On Cybercrime"
Roger Grimes is InfoWorld's Security Columnist, and fairly well known.
He's got a gripe, which is that the big cyber criminals are not being
caught. He starts out with: "You may have read the reports: We have
captured Albert Gonzalez, one of the "world's biggest malicious hackers."
Big deal. I've been fighting cybercrime for more than 20 years, so you'll
have to excuse me if I'm a little jaded for thinking that this "huge"
hacker is but another small-time player in the big-time world of cybercrime.
In fact, I'm pretty sure that we still haven't captured a single major
player -- the Pablo Escobars." More at:
http://www.wservernews.com/090907-Cybercrime-War
Windows 7's 64-Bit Troubles
eWEEK has a very interesting story here. It starts with: "A move to Windows
7 was driven less by the new operating system's features and more by the
64-bit performance promise, but unexpected issues forced unwanted compromises.
"When the Windows 7 RTM became available for download via MSDN last month,
I hurried to move my primary work PC to the new operating system. The move
wasn't based on disappointment with my previous Vista Ultimate installation,
nor due to any overwhelming desire for new features in Windows 7. Instead,
I wanted to move from 32-bit to 64-bit so I could utilize all 4GB of RAM
in my Lenovo x61 laptop, and moving to Microsoft's latest and greatest
simply made sense from a timing perspective.
"With the move between operating systems and architectures, I knew a lot
could go wrong. I knew I could not perform a direct upgrade (as I was
switching architectures) and would have to reinstall all my applications
and move my data to the new system. I protected myself from any data and
productivity losses by taking a snapshot of my old OS with Acronis True
Image Home 2009, moving to a new, larger hard drive while keeping the old
Vista disk in reserve. But even with all of this careful planning, I missed
some obvious holes when it came to a few third-party software solutions
and XP mode. Read more at:
http://www.wservernews.com/090907-64Bit-Troubles
The 11 Most Influential Microprocessors Of All Time
From the brains of the Voyager space mission to the inspiration for modern
CPUs, here are the chips that built our modern technological culture. Click
on this link for the article at ComputerWorld if you want a blast from the
past:
http://www.wservernews.com/090907-Microprocessors
The Hypervisor War Rages On: A Look At The New Hyper-V R2
Peter Bruzzese compared Rev 1 and Rev 2 in a handy dandy grid that I
thought you would appreciate. Here it is:
http://www.wservernews.com/090907-Hypervisor-War
Dual-Screen Laptop Provokes Lust, Derision
An unknown company in Alaska is attracting attention with a $3K laptop it
plans to build that will apparently be the first to sport two 15.4-inch LCD
screens. Supposed to arrive in time for Christmas, the SpaceBook from
gScreen Computer Corp. has two identically sized LED backlit screens,
one sliding out from behind the other. Here is a picture:
http://www.wservernews.com/090907-Coming-Soonish
|
|
Windows Server News |
|
Microsoft Promises Patch For Critical Web Server Bug, And 5 More
ComputerWorld reported that Microsoft on September 1st said it is working
on a patch for a bug in its popular Web server software, but it's unlikely
the company will field a fix fast enough to make next week's regular release.
Late Tuesday, Microsoft issued a formal security advisory for a vulnerability
in three older editions of IIS, just hours after confirming that its security
team was poking into exploit code that went public Monday.
"Microsoft is currently working to develop a security update to address this
vulnerability," the company said in the advisory. The bug is in the file
transfer protocol (FTP) server included in IIS. The FTP server fails to
properly parse specially-crafted directory names, which hackers can leverage
to force a stack buffer overflow and then inject their own malicious code
onto the Web server. Here is the advisory:
http://www.wservernews.com/090907-Security-Advisory
Redmond will deliver five security updates next Patch Tuesday, all affecting
Windows and all ranked "critical," their highest threat rating. Unlike
some months when Redmond publishes its usual advance notification for
upcoming updates, this time 'mum was the word'. We'll have to see what
they come up with.
|
|
Third Party News |
|
Get A MilSpec Vulnerability Scanner For Next To Nothing
Sunbelt runs a 50% off special this month for our Network Security Inspector.
The normal price for Small Business (0-100 employees) is $795 per admin.
So now, for less than 400 bucks, you can get your hands on the scanner that
is used by more 'Three-Letter-Agencies' that I am allowed to mention here.
SNSI uses the latest Mitre Common Vulnerabilities and Exposures (CVE) list
of computer incidents. It also contains the latest SANS/FBI top 20
vulnerability list. SNSI also uses the latest CERT, CIAC Microsoft and
FedCIRC (Department of Homeland Security) advisories.
New Checks
S372 Xscreensaver Trusted Extensions regression vulnerability - Solaris
L1430 PulseAudio setuid immediate bindings weakness in /usr/bin - MDV
L1431 Dhcp improper handling of DHCP requests error - MDV
L1432 Pidgin XMPP file transfer weakness - MDV
L1433 PERL Compress::Raw::Zlib inflatevulnerability - MDV
L1434 Pango glyph_string_set_size arbitrary long string flaw - MDV
L1435 GIT infinite loop in GIT daemon due to unrecognized arguments - MDV
L1436 Ruby BigDecimal library context error - MDV
L1437 Squid buffer limits & malformed requests vulnerabilities - MDV
L1438 MySQL dispatch_command string vulnerabilities - MDV
L1439 Compface long declaration in .xbm file error - MDV
L1440 ISC BIND "ANY" record dynamic handling flaw - MDV
L1441 Firefox & XulRunner multiple vulnerabilities - July 2009 - MDV
L1442 Beagle Search Mozilla security vulnerabilities July 2009 - MDV
L1443 Devhelp multiple security vulnerabilities July 2009 - MDV
L1444 Epiphany multiple security vulnerabilities July 2009 - MDV
L1445 Gnome-Python multiple security vulnerabilities July 2009 - MDV
L1446 BlogRovR Mozilla security vulnerabilities July 2009 - MDV
L1447 Foxmarks multiple security vulnerabilities Jul 2009 - MDV
L1448 ScribeFire Blog Editor Mozilla vulnerabilities July 2009 - MDV
L1449 Thunderbird-beagle security vulnerabilities July 2009 - MDV
L1450 XulRunner multiple security vulnerabilities July 2009 - MDV
L1451 Yelp multiple security vulnerabilities July 2009 - MDV
L1452 OpenSC multiple security vulnerabilities July 2009 - MDV
L1453 Python-xpcom multiple security vulnerabilities July 2009 - MDV
L1454 Google-Gadgets Mozilla related security vulnerabilities - MDV
L1455 Firebird src/remote/server malformed request message flaw - MDV
L1457 Apache-mod_security multipart processor via form datapost - MDV
L1458 Mozilla Firefox multiple security vulnerabilities - MDV
L1459 Nagios statuswml.cgi shell metacharacter Ping & Traceroute errors - MDV
L1460 Mod_auth_mysql mod_auth_mysql multibyte escape flaw - MDV
L1461 OpenEXR IMF::PreviewImage overflows & decompression flaw - MDV
L1462 PhpMyAdmin SQL bookmark injection vulnerability - MDV
L1463 Ruby X.509 certificate verifying & decimal conversion errors - MDV
L1464 Wireshark CPHAP/PN-DCP dissector & Tektronix .rf5 flaws - MDV
L1465 APR runtime & Utility library crafted call weakness - MDV
L1466 Samba Multiple string format vulnerabilities Aug 2009 - MDV LowHigh
L1467 NSPR or NSS regex parser/NULL handling & MD2 errors - MDV
L1468 Firefox regular expression error & multiple Mozilla vulnerabilities - MDV
L1469 Xulrunner invalid URL/domain mismatch & regex vulnerabilities - MDV
L1470 Yelp invalid URL/domain mismatch & regex vulnerabilities - MDV
L1471 Beagle invalid URL/domain mismatch & regex vulnerabilities - MDV
L1472 Devhelp invalid URL/domain mismatch & regex vulnerabilities - MDV
L1473 Epiphany invalid URL/domain mismatch & regex vulnerabilities - MDV
L1474 Gnome-Python invalid URL/domain mismatch & regex vulnerabilities - MDV
L1475 BlogRovR invalid URL/domain mismatch & regex vulnerabilities - MDV
L1476 Foxmarks invalid URL/domain mismatch & regex vulnerabilities - MDV
L1477 ScribeFire invalid URL/domain mismatch & regex vulnerabilities - MDV
L1478 Mozilla-thunderbird-beagle invalid vulnerabilities - MDV
L1479 Subversion libsvn_delta large windows overflow error - MDV
L1480 Libxml2 stack consumption via large depth of declarations flaw - MDV
L1481 Fetchmail socket.c NULL handling flaw - MDV
L1482 Memcached length attribute multiple overflows - MDV
L1483 cURL "null prefix attack" in X.509 signatures - RHE
L1484 WxWidgets/GTK2 compat-wxGTK26 JPEG image decoder error - MDV
L1486 Wget \0 character handling in Common Name field flaw - MDV
L1487 Perl-Compress-Raw-Bzip2 crafted bzip2 stream OBO weakness - MDV
L1488 Libgadu large length contact description error - MDV
L1489 Java-1.6.0-openjdk multiple vulnerabilities Aug 2009 - MDV
L1490 GnuTLS NULL character handling in X.509 signatures - MDV
L1492 Expat xmltok_impl.c crafted XML weakness - MDV
L1493 Python xmltok_impl.c crafted XML weakness - MDV
L1501 WxWidgets/GTK2 xmltok_impl.c crafted XML weakness - MDV
L1502 Python-celementtree xmltok_impl.c crafted XML weakness - MDV
L1503 Audacity xmltok_impl.c crafted XML weakness - MDV
L1504 Thunderbird \0 character handling in Common Name field flaw - MDV
L1505 W3c-libwww xmltok_impl.c crafted XML weakness - MDV
L1506 Kompozer xmltok_impl.c crafted XML weakness - MDV
L1507 Davfs xmltok_impl.c crafted XML weakness - MDV
L1508 Neon \0 character & recursion during entity expansion flaws - MDV
L1509 SquirrelMail multiple cross-stie forgery errors Aug 2009 - MDV
L1511 PostFix e-mail append hard link flaw - MDV
M87 Opera Vulnerabilities - Mac OS X
N130 Cisco 1100/1200 Wireless Access Point Found Informational
N131 Unified Communication Manager Vulnerability
S115 Sockfs remote HTTP client may induce panic - Solaris 10
W1988 Open Office Word document processing Vulnerabilities
W2056 Anti-virus signature outdated - Norman
W2325 Sun Java System Web Server 7 jsp file reading vulnerability
W2682 IWA Credential Forwarding Protection Opt-In Informational
W3075 Opera Multiple Vulnerabilities / latest not installed.
W3342 IIS FTP Server NLST Handling - W2K/XP/W2K3
Updated Checks
H19 Kernel Vulnerability - HP-UX 11
H23 Csh/ksh/sh-posix - here document Unsafe Temporary Files - HP-UX 10^11
H114 OpenView NNM Vulnerabilities HP-UX 11
S190 Cluster 3.1/3.2 hangs in VLAN environments - Solaris 8 - 9
S302 Snoop SMB Traffic Display Vulnerability - Solaris 8 - 10
S466 Flash Player multiple vulnerabilities - Solaris 10
W1142 Anti-virus signature outdated - McAfee
W1986 Anti-virus signature outdated - Symantec
W1999 Anti-virus signature outdated - Trend Micro
W2067 Anti-virus signature outdated - F-Secure
W2070 Anti-virus signature outdated - CA eTrust
W3677 Office 2003 Web Components ActiveX errors - W2K/XP/W2K3
H131 OpenView NNM 7.01/7.51/7.53 vulnerabilities - HP-UX 11
M76 ClamXav / ClamAV signatures not the latest - Mac OS X
M80 Virex signature file out of date - Mac OS X
S33 ClamAV signatures not updated - Solaris
S419 Apache 1.3 mod_perl vulnerability - Solaris 8 - 10
S480 Symantec/Veritas NetBackup Vnetd Vulnerability - Solaris 8 - 10
W2012 Anti-virus signature outdated - Avast! 4
W2013 Anti-virus signature outdated - AVG 8 - W2K/XP/W2K3
Sunbelt Network Security Inspector version 2.0.2670.0 Definition Set 194
was released September 4, 2009. Sunbelt Software recommends you download
the new SNSI Vulnerability Update Definitions 194, scan, and patch your
machines today. To get the latest SNSI version, visit:
http://www.wservernews.com/090907-SNSI
|
|
WServerNews Fave Links |
|
This Week's Links We Like. Tips, Hints And Fun Stuff.
|
|
WServerNews - Product of the Week |
|
Save 500 IT Admin Hours and 40% on Web Filtering + Free T-shirt
The iPrism Web Filter saves you 500 hours of IT Admin in the first
year over competing filters - proven by an independent TCO study.
For a limited time, you can get the TCO leader in Web Filtering for
up to 40% off.
Forget about the Nonsense from Websense and switch to a Security
Appliance that saves you the hassle. Find out how much you will
save today and get a free t-shirt for attending an online demo!
http://www.wservernews.com/090907-Switch-to-iPrism
|
|
|
|
|
Email me: 