|
[networknewsletters]
||
[Date Prev]
[04-2007 Date Index]
[Date Next]
||
[Thread Prev]
[04-2007 Thread Index]
[Thread Next]
[ECP] In Focus: The High Risk of Using Open Networks
- From: Educational CyberPlayGround <admin@xxxxxxxxxxxxxxx>
- To: NetworkNewsletters@xxxxxxxxxxxxx
- Date: Thu, 26 Apr 2007 13:21:37 -0400
¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤,¸¸,ø¤º
Please link to the Educational CyberPlayGround
http://www.edu-cyberpg.com
Add your K12 SCHOOL OR SCHOOL DISTRICT URL
http://www.edu-cyberpg.com/schools/
Please Share and Add Your Song
http://www.edu-cyberpg.com/ncfr/
Educational CyberPlayGround Network Newsletters Mailing List ©1994
¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤,¸¸,ø¤º
=== CONTENTS ===================================================
IN FOCUS: The High Risk of Using Open Networks
NEWS AND FEATURES
- Microsoft Adds Live Alerts for MSRC Blog
- Yahoo! Mail Integrates PhishTank Data for Better Protection
- New Worms Turn Windows Servers into Botnet Members
- Recent Security Vulnerabilities
GIVE AND TAKE
- Security Matters Blog: Security Brief on Oracle's Latest Security
Patches
- FAQ: Pushing Out Management Packs
- Tell Us About the Products You Love!
- Share Your Security Tips
PRODUCTS
- Take Control of Endpoints
RESOURCES AND EVENTS
FEATURED WHITE PAPER
=== IN FOCUS: The High Risk of Using Open Networks =============
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Open networks are tempting, especially when you really need to send or
receive messages or gather some data quickly while on the road. But
don't let your guard down while using open networks (such as those at
conferences, coffee shops, or hotels), or you might fall victim to an
intruder. In fact, when using open networks, you should raise your
guard as high as you can, which might mean deciding not to use a
certain open network at all.
The decision whether to use an open network comes down to two simple
questions: Do you trust that you can get on and off the network safely;
and do you feel confident that your system is secure enough to
withstand potential zero-day exploits?
A good example of how high the risk is happened at the 2006 ShmooCon
conference. While using the conference's wireless network, a security
researcher's Mac laptop fell victim to attack. Even though the
researcher's laptop was secured as well as possible, the system was
broken into using a zero-day exploit. Unfortunately, the presenter was
not running any packet-capture tools at the time, so attempts to find
out how the break-in happened were fruitless.
Another case in point occurred only last week at the CanSecWest
conference in Vancouver, B.C., Canada. At the conference, an
interesting challenge was presented: Break into either of two MacBook
Pros running OS X and win the computer. TippingPoint (a division of
3Com) offered a $10,000 cash prize to enhance the challenge further.
Sure enough, someone broke into one of the MacBooks using a zero-day
exploit against the Safari Web browser. The winning challenger, Shane
Macaulay, worked with a friend, Dino Dai Zovi, who didn't attend the
conference. Zovi provided the exploit, and Macaulay executed it at
the conference by setting up a Mac server on the conference's wireless
network. He then had one of the conference workers enter a specific URL
into the MacBook's browser, which in turn connected to the server to
launch the exploit. That's all that was required for the MacBook to
become "owned."
The point of the latter example is that the same thing could be
accomplished by a bad guy lurking on a conference network or any other
open network. It doesn't matter what OS you use, the risks are
basically the same. Said otherwise, zero-day exploits exist for all
OSs, and it's often incredibly difficult to defend against the unknown.
If you feel you must use an open network, one way to help avoid falling
victim--to some extent anyway--is to use a virtual machine (VM)
configuration to perform whatever tasks you need to do. While a VM
might not completely protect your system, at least when you restart the
VM, its OS will come up clean, assuming of course that no one used a
zero-day exploit to compromise the VM software or OS image.
Another way to possibly protect your system is to use a bootable Live
CD, which you might know is basically a CD-ROM with a bootable OS. If
you're interested in finding a good Live CD, head over to FrozenTech
(at the URL below) where you'll find dozens that you can choose from.
http://list.windowsitpro.com/t?ctl=53972:57B62BBB09A692797E118E9A78FD9A84
While neither method I suggested is completely secure, at least both
methods make it much more difficult for an intruder to "own" your
computer.
As an aside, since I mentioned OS X in this column, I want to also
point out that Apple released a batch of 25 security patches last week.
So if you manage OS X systems, be sure to update them. You can learn
more about the patches at the Apple site at the URL below.
http://list.windowsitpro.com/t?ctl=53969:57B62BBB09A692797E118E9A78FD9A84
=== SECURITY NEWS AND FEATURES =================================
Microsoft Adds Live Alerts for MSRC Blog
Microsoft is conducting a beta program for its new Windows Live
Alerts service, and the company recently added Microsoft Security
Response Center (MSRC) blog entries to the list of available content.
http://list.windowsitpro.com/t?ctl=5396E:57B62BBB09A692797E118E9A78FD9A84
Yahoo! Mail Integrates PhishTank Data for Better Protection
PhishTank is a community project that lets people submit links to
potential phishing sites and vote on whether a site really is a
phishing scam.
http://list.windowsitpro.com/t?ctl=5396A:57B62BBB09A692797E118E9A78FD9A84
New Worms Turn Windows Servers into Botnet Members
Three worms circulating the Internet take advantage of a
vulnerability in the Windows DNS service to turn a system into a bot.
Microsoft and security solution providers are working to integrate
protection against the worms into their offerings.
http://list.windowsitpro.com/t?ctl=5396D:57B62BBB09A692797E118E9A78FD9A84
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at
http://list.windowsitpro.com/t?ctl=53962:57B62BBB09A692797E118E9A78FD9A84
=== GIVE AND TAKE ==============================================
SECURITY MATTERS BLOG: Security Brief on Oracle's Latest Security
Patches
by Mark Joseph Edwards,
http://list.windowsitpro.com/t?ctl=53974:57B62BBB09A692797E118E9A78FD9A84
Oracle released its quarterly batch of security updates. Get links to
information about several of the problems.
http://list.windowsitpro.com/t?ctl=5396B:57B62BBB09A692797E118E9A78FD9A84
FAQ: Pushing Out Management Packs
by John Savill,
http://list.windowsitpro.com/t?ctl=53970:57B62BBB09A692797E118E9A78FD9A84
Q: How do I push management packs to System Center Operations Manager
agents in System Center Configuration Manager 2007?
Find the answer at
http://list.windowsitpro.com/t?ctl=5396C:57B62BBB09A692797E118E9A78FD9A84
TELL US ABOUT THE PRODUCTS YOU LOVE!
What products are you using that save you time or make your workload
a little lighter? What hot product discoveries have you made that other
IT pros need to know about? Let the world know about your experiences
in Windows IT Pro's monthly What's Hot department. If we publish your
story in What's Hot, we'll send you a Best Buy gift card! Send
information about your favorite product and how it has helped you to
whatshot@xxxxxxxxxxxxxxxxx
SHARE YOUR SECURITY TIPS AND GET $100
Share your security-related tips, comments, or problems and
solutions in Security Pro VIP's Reader to Reader column. Email your
contributions to r2r@xxxxxxxxxxxxxxxxxxx If we print your submission,
you'll get $100. We edit submissions for style, grammar, and length.
=== PRODUCTS ===================================================
by Renee Munshi, products@xxxxxxxxxxxxxxxx
Take Control of Endpoints
matrix42 introduced Empirum Security Suite, which protects
workstations and laptops with a firewall, intrusion prevention system
(IPS), application and file control, removable device control, and
wireless control. Empirum Security Suite enforces a workstation's
specific policies whether the computer is on or off the network.
According to matrix42, Empirum operates at the kernel level, so after
you configure it by using the central management console, a user (even
one with administrator rights) can't disable or reconfigure it. Empirum
has behavioral technology and defends against information theft via
keylogging or spyware and other intrusion methods. For more
information, go to
http://list.windowsitpro.com/t?ctl=53979:57B62BBB09A692797E118E9A78FD9A84
=== RESOURCES AND EVENTS =======================================
For more security-related resources, visit
http://list.windowsitpro.com/t?ctl=5396F:57B62BBB09A692797E118E9A78FD9A84
Web seminar: Managing Change Risk on Critical Windows NT Infrastructure
Why choose a change-control approach to solve what is traditionally
considered a security problem? Come join us for a Web seminar on May 3
featuring Motorola CISO Bill Boni. Mr. Boni will discuss the problem of
supporting legacy NT systems at Motorola and the solution requirements,
evaluation criteria, and decision to adopt a change control approach.
He'll also describe Motorola's vision for deploying change control on
other critical systems across the company.
http://list.windowsitpro.com/t?ctl=53963:57B62BBB09A692797E118E9A78FD9A84
Get Ready for Exchange & Office 2007 Roadshow--free!
The successful Microsoft-partnered Get Ready for Exchange & Office
2007 Roadshow is coming to Stockholm! Three independent, respected
technical speakers--Jim McBee, Mark Arnold, and Ben Schorr--will
deliver tracks on securing, managing, and deploying Exchange and Office
2007 and using Exchange Server 2007 capabilities to improve your
messaging environment. Register today for this free day-long event.
Your delegate bag will include Microsoft Exchange Server 2007 and
Office 2007 Beta 2 Software Kits.
Venue: Berns Hotel, Stockholm
Date: Monday, 14 May 2007
http://list.windowsitpro.com/t?ctl=53968:57B62BBB09A692797E118E9A78FD9A84
Did you know that 75 percent of corporate intellectual property resides
in email? The challenges facing this vital business application range
from spam to the costly impact of downtime and the need for effective,
centralized email storage systems. Join us for a free Web seminar and
learn the key features of a holistic approach to email security,
availability, and control. Download this on-demand seminar now!
http://list.windowsitpro.com/t?ctl=53960:57B62BBB09A692797E118E9A78FD9A84
=== FEATURED WHITE PAPER =======================================
ESG's independent testing lab verified substantial gains in
utilization, availability, and database manageability with the use of a
unique approach to virtualization, as presented by Polyserve. Find out
more about this powerful platform for your SQL Server deployments, and
you can save your department up to 70 percent of TCO and streamline
management.
http://list.windowsitpro.com/t?ctl=53961:57B62BBB09A692797E118E9A78FD9A84
Copyright 2007, Penton Media, Inc. All rights reserved.
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
Educational CyberPlayGround Network Newsletters Mailing List
Subscribe - Unsubscribe - Set Preferences
http://www.edu-cyberpg.com/Community/NetworkNewsletters.html
Copyright statements to be included when reproducing
annotations from the
Educational CyberPlayGround Network Newsletter
The single phrase below is the copyright notice to be used when
reproducing any portion of this report, in any format:
EDUCATIONAL CYBERPLAYGROUND
http://www.edu-cyberpg.com
Network Newsletters copyright
Email Prefrences - Subscribe - Unsubscribe - Digest
http://www.edu-cyberpg.com/Community/NetworkNewsletters.html
Advertise Network Newsletters Guidelines
http://www.edu-cyberpg.com/Community/Subguidelines.html
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
|
|
