Go to the FreeLists Home Page Home Signup Help Login 		 



[networknewsletters] || [Date Prev] [05-2006 Date Index] [Date Next] || [Thread Prev] [05-2006 Thread Index] [Thread Next]

Death of the Frog

  • From: Educational CyberPlayGround <admin@xxxxxxxxxxxxxxx>
  • To: NetworkNewsletters@xxxxxxxxxxxxx
  • Date: Thu, 25 May 2006 11:23:56 -0400
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
Network Newsletters Mailing List ©1994
Subscribe - Unsubscribe - Email Preferences http://www.edu-cyberpg.com/Community/NetworkNewsletters.html

Educational CyberPlayGround Community Mailing Lists http://www.edu-cyberpg.com/Community/

Advertise Network Newsletters Guidelines
http://www.edu-cyberpg.com/Community/Subguidelines.html
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>


*********************************************************************
*********************************************************************
PLEASE ADD YOUR K12 SCHOOL OR SCHOOL DISTRICT
TO THE  MASTER DIRECTORY OF SCHOOLS ONLINE
http://www.edu-cyberpg.com/schools/

The registry is organized by state and by grade level.
The registry also includes sites for charter Schools, virtual schools,
school districts, state and regional education organizations, state
departments of education, state standards and state administrators.
*********************************************************************
*********************************************************************

1. In Focus: Death of the Frog

2. Security News and Features
   - Recent Security Vulnerabilities
   - Microsoft Swallows Whale Communications
   - SSL VPN Use Increasing
   - Reaping the Benefits of WPA and PEAP

3. Security Toolkit
   - Security Matters Blog
   - FAQ
   - Security Forum Featured Thread
   - Share Your Security Tips

4. New and Improved
   - Secure PDAs and Smart Phones

==== 1. In Focus: Death of the Frog ====
   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

Two weeks ago, I wrote about Blue Security's Blue Frog service, an
incredibly effective method for fighting spam. For each spam message a
Blue Frog user receives, Blue Frog sends one opt-out request to the
sender of that spam. The end result is that the spammer receives
millions of email messages, which probably overloads their network, but
that should be an expected cost of doing spam business--people should
have a right to opt out anytime they want to.

Blue Security said that since the inception of Blue Frog, six of the
top ten spammers had stopped sending spam to Blue Frog users. However,
one spammer took serious offense and launched a Denial of Service (DoS)
attack against the company that also affected other networks. All the
affected networks recovered.

That's the good news--now here's the bad news: Last week, Blue Security
announced that it closed down its Blue Frog service. In a message
posted to its Web site, the company said that the reason it ceased
operation is that "After recovering from the attack, we determined that
once we reactivated the Blue Community, spammers would resume their
attacks. We cannot take the responsibility for an ever-escalating cyber
war through our continued operations.... We have concluded we should
not take Blue Security to the full deployment stage we originally
planned to achieve, but we are proud of what we have accomplished thus
far as a young startup company."

It's true that Blue Frog might have caused spammers to launch continued
attacks that might have serious effects on other networks, and Blue
Security did seem to be considering others when making its decision to
close down the service. But I don't see this decision as being in the
best interest of the Internet community, including Blue Security,
because the news gets worse.

After Blue Security decided to discontinue Blue Frog, the spammers
attacked again! The second DoS attack rendered Blue Security's site
inaccessible even though Blue Security made considerable technological
efforts to thwart such attacks.

This second attack was probably meant to send another message.The
message I take from it is crystal clear but probably isn't what the
attackers intended: Kowtowing to spammers isn't the solution.

While closing up shop might seem like a reasonable choice, it's
essentially the equivalent of handing your network over to a bunch of
black hat intruders who continually break in. It gives the intruders
control they don't deserve to have.

I hope Blue Security changes its mind and brings back Blue Frog. If it
doesn't, I hope that somebody else takes up where Blue Security left
off, and quickly! Fighting back as a group has proved to be incredibly
effective, and I'd hate to see momentum lost.

====================


==== 2. Security News and Features ====

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at
   http://list.windowsitpro.com/t?ctl=2BDB0:4FB69

Microsoft Swallows Whale Communications
   In a move designed to expand its security offerings, Microsoft
announced a deal to acquire Israel-based Whale Communications.
Microsoft thinks Whale's Secure Sockets Layer (SSL) VPN and application
firewall technologies will complement its Windows Server and Internet
Security and Acceleration (ISA) Server offerings.
   http://list.windowsitpro.com/t?ctl=2BDB7:4FB69

SSL VPN Use Increasing
   A new study indicates that Secure Sockets Layer (SSL)-based VPNs are
growing in popularity and could potentially overtake IPsec VPNs as the
secure connectivity solution of choice.
   http://list.windowsitpro.com/t?ctl=2BDB6:4FB69

Reaping the Benefits of WPA and PEAP
   If you still use Wired Equivalent Privacy (WEP) technology to secure
your wireless networks, be aware that it has serious flaws. The Wi-Fi
Protected Access (WPA) standard and subsequent WPA2 standard overcome
these flaws by adding stronger authentication and encryption and should
be used whenever possible in preference to WEP. Learn how to use WPA
and Protected Extensible Authentication Protocol (PEAP) in this article
by John Howie.
   http://list.windowsitpro.com/t?ctl=2BDB9:4FB69

====================


==== Featured White Paper ====

How much are you spending on IT compliance? Streamline and automate the
compliance life cycle with this FREE white paper, and reduce your costs
today!
   http://list.windowsitpro.com/t?ctl=2BDAD:4FB69

====================

==== Hot Spot ====

Try it Free: Access & Control PCs from your USB
   NetOp Remote Control provides the most complete, scalable, and
secure remote control software available. Access PCs from your desktop,
PocketPC or USB! NEW On Demand option provides tiny, temporary,
download with no user installation or firewall configuration and NO per
session charges. Free evaluation & support.
   http://list.windowsitpro.com/t?ctl=2BDA7:4FB69

====================

==== 3. Security Toolkit ====

Security Matters Blog: Google Affects Information Security
   by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=2BDBB:4FB69

Certainly you've heard of "Google hacking," which is a way of using
Google searches to locate potential vulnerabilities. But how else might
Google affect information security? Find out more in this blog article.
   http://list.windowsitpro.com/t?ctl=2BDB5:4FB69

FAQ
   by John Savill, http://list.windowsitpro.com/t?ctl=2BDBA:4FB69

Q: How do I enable a quota using the Windows Server 2003 R2 File Server
Resource Manager (FSRM)?

Find the answer at http://list.windowsitpro.com/t?ctl=2BDB8:4FB69

Security Forum Featured Thread: Securing a Server
   A forum participant wants to know how to secure his Windows server
by using the built-in TCP/IP filtering and Windows Firewall. He also
wants to know what other steps he can take. Join the discussion at
   http://list.windowsitpro.com/t?ctl=2BDA8:4FB69

Share Your Security Tips and Get $100
   Share your security-related tips, comments, or problems and
solutions in the Windows IT Security print newsletter's
Reader to Reader column. Email your contributions to
r2rwinitsec@xxxxxxxxxxxxxxxxx If we print your submission, you'll
get $100. We edit submissions for style, grammar, and length.

====================



Copyright 2006, Penton Media, Inc. All rights reserved.

<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
Copyright statements to be included when reproducing
annotations from Network Newsletters


The single phrase below is the copyright notice to be used when
reproducing any portion of this report, in any format:


EDUCATIONAL CYBERPLAYGROUND http://www.edu-cyberpg.com
Network Newsletters copyright
http://www.edu-cyberpg.com/Community/NetworkNewsletters.html 

FREE EDUCATION VENDOR DIRECTORY LISTING
http://www.edu-cyberpg.com/Directory/

HOT LIST REGISTRY OF K12 SCHOOLS ONLINE
http://www.edu-cyberpg.com/Schools/
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>




[ Home | Signup | Help | Login | Archives | Lists ]

All trademarks and copyrights within the FreeLists archives are owned by their respective owners.
Everything else ©2007 Avenir Technologies, LLC.