Go to the FreeLists Home Page Home Signup Help Login 		 



[networknewsletters] || [Date Prev] [10-2005 Date Index] [Date Next] || [Thread Prev] [10-2005 Thread Index] [Thread Next]

Network Newsletters Headlines

  • From: Educational CyberPlayGround <admin@xxxxxxxxxxxxxxx>
  • To: NetworkNewsletters@xxxxxxxxxxxxx
  • Date: Thu, 20 Oct 2005 16:57:28 -0400
**************************************************************
Network Newsletters Mailing List ©1994
Subscribe - Unsubscribe - Email Preferences
http://www.edu-cyberpg.com/Community/NetworkNewsletters.html

Educational CyberPlayGround Community Mailing Lists http://www.edu-cyberpg.com/Community/
Advertise Network Newsletters Guidlines
http://www.edu-cyberpg.com/Community/Subguidelines.html
**************************************************************


*********************************************************************
TOP HEADLINE STORIES Every Hour
http://www.edu-cyberpg.com/News/

Don't Wait for Email
*********************************************************************

Davidson: Lessons of warfare for IT security
http://www.fcw.com/article91127-10-17-05-Web
By Mary Ann Davidson
Oct. 17, 2005

As a security professional, I research the latest issues, threats and
hacking techniques. For pleasure, however, I read mostly military
history, which shapes my view of information security. As a result, I
offer the following lessons from military history for federal agency
information technology security professionals.

Most security professionals attempt to implement programs to defend
all access points because intruders need to find only one way in. But
because agency resources are finite, boundaries typically exceed
resources. To best apply limited resources to maximize defense
success, carefully select your turf.

Risk management approaches to security must move beyond identifying
and defending the most important assets to include an analysis of a
network's strategic points where intruders could attack.
<snip>


Sourcefire discloses buffer-overflow vulnerability in Snort
Wed, 19 Oct 2005
http://www.networkworld.com/news/2005/101805-snort.html
By Ellen Messmer
NetworkWorld.com
10/18/05

Sourcefire, which oversees the open-source intrusion-detection system
Snort and makes commercial products based on it, Tuesday disclosed a
major vulnerability in Snort along with corrective measures to
mitigate the risk.

Snort versions 2.4.0 and higher are subject to a buffer-overflow
vulnerability that would let an attacker execute code remotely on a
Snort sensor when the Back Orifice preprocessor is running, resulting
in complete compromise of Snort. The Back Orifice preprocessor is the
Snort functionality for detecting any activity associated with the
malicious back-door code Back Orifice.

Jennifer Steffens, Sourcefire's director of product management, said
there are two ways Sourcefire is advising Snort users and Sourcefire
customers to eliminate the problem. Details about the vulnerability
and mitigation instructions from Sourcefire are here [1].
<snip>



SECURITY IN THE NEWS
updated on October 19, 2005
This report is available on the web at
http://www.thei3p.org/news/today.html


CYBERCRIME-HACKING
Email spammers face jail under new Nigerian law:
        C-Net (Reuters), 2005-10-19


POLITICS-LEGISLATION
Nominet votes for Argentinian solution to net ownership:
        The Register, 2005-10-19


TECHNOLOGY
New Plans To Safeguard LANs:
        NewsFactor, 2005-10-19
Criminal IT: Unlocking the power of computer crime evidence:
        Silicon.com, 2005-10-19


VULNERABILITIES & EXPLOITS
Sourcefire discloses buffer-overflow vulnerability in Snort:
        NetworkWorld, 2005-10-18


BEST PRACTICES & RISK MANAGEMENT
Banks making 'token' gesture at security:
        Silicon.com, 2005-10-18
CIOs still excluded from the boardroom:
        Silicon.com, 2005-10-19
Should security companies be regulated?:
        Silicon.com, 2005-10-19
Report: Build antifraud measures into health IT:
        Government Health IT, 2005-10-18


CIVIL & CONSUMER ISSUES
Cities Unleash Free Wi-Fi:
        Wired News, 2005-10-19
Bird flu fever hits eBay:
        The Register, 2005-10-18

<snip> 

<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
Copyright statements to be included when reproducing
annotations from Network Newsletters

The single phrase below is the copyright notice to be used when
reproducing any portion of this report, in any format:
EDUCATIONAL CYBERPLAYGROUND http://www.edu-cyberpg.com
Network Newsletters copyright
http://www.edu-cyberpg.com/Community/NetworkNewsletters.html 

FREE EDUCATION VENDOR DIRECTORY LISTING
http://www.edu-cyberpg.com/Directory/

HOT LIST REGISTRY OF K12 SCHOOLS ONLINE
http://www.edu-cyberpg.com/Schools/
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>




[ Home | Signup | Help | Login | Archives | Lists ]

All trademarks and copyrights within the FreeLists archives are owned by their respective owners.
Everything else ©2007 Avenir Technologies, LLC.