FreeLists / networknewsletters / [ECP] NetworkNewsletters Headlines & Resources

[Educational CyberPlayGround <admin@xxxxxxxxxxxxxxx>]

¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤,¸¸,ø¤º
Please link to the Educational CyberPlayGround
http://www.edu-cyberpg.com

Add your K12 SCHOOL OR SCHOOL DISTRICT URL
http://www.edu-cyberpg.com/schools/

Please Share and Add Your Song
http://www.edu-cyberpg.com/ncfr/

Educational CyberPlayGround Network Newsletters Mailing List ©1994
¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤ø,¸¸,ø¤º°`°º¤,¸¸,ø¤º

Hey Network Newsletter Readers

Please do me a favor and check the
K12 Education Vendor Directory
http://www.edu-cyberpg.com/Directory/
I would appreciate suggestions from you.
What Network topic belongs in there.
I'd like to add some of your suggestions.

please reply directly to me not the list.

thanks,
<Karen>

-----------------------

1)
How To Spot Insider - Attack Risks In The IT Department
http://www.informationweek.com/news/showArticle.jhtml?articleID=196602853
Roger Duronio faces up to eight years in a federal prison when he steps
before a judge this week to be sentenced for sabotaging UBS
PaineWebber's IT systems in 2002. If you think there are no potential
Duronios in your organization, consider this a brief history lesson on
tech employees gone bad, and a refresher course on how to identify and
stop insider malcontents before they do some serious damage.
As a system administrator, Duronio, convicted this summer, placed a
"logic bomb" to knock out much of UBS's network, then made financial
bets that would pay off if the company's stock tanked as a result. A
former VP of IT at SourceMedia, Stevan Hoffacker, was arrested in
mid-November on charges he hacked into his former company's E-mail
system so he could warn people still working there that they were going
to be laid off. Prudential Insurance IT staffer Donald McNeese in 2002
stole records from a Prudential database containing information on about
60,000 employees and was caught trying to sell identities for credit
card fraud.
Nearly two-thirds of the 616 security pros surveyed this year by the
Computer Security Institute say insiders account for some portion of the
financial losses their organizations experience because of breaches.
Some 39% of respondents attribute more than 20% of their organizations'
financial losses to insider attacks, while 7% estimate that insiders
account for a whopping 80% of financial losses.

2)
Oracle and Bug Hunters Clash Over Flaw Reports
http://computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=viruses__worms_and_security_holes&articleId=276275
The long-standing tension between software vendors and independent
researchers who try to find security holes in products came into public
view late last month, when Oracle Corp. criticized bug hunters after it
came under fire for its security practices.
In a message posted Nov. 27 in a blog on Oracles Web site, Eric Maurice,
manager of security in the companys global technology business unit,
said Oracle wouldnt let external perceptions drive its software security
policies. Maurice reiterated Oracles commitment to strong security
practices but said it would continue to prioritize vulnerabilities based
on their criticality and not on who had discovered them.
He also blasted security researchers who disclose so-called zero-day
flaws before vendors make fixes available for them. We consider such
practices to be irresponsible, as they can result in needlessly exposing
customers to risk of attack, Maurice wrote.

3)
Intrusion Detection: Playing a New Role In Network Security
http://www.baselinemag.com/article2/0,1540,2069358,00.asp
Until 2003, the city operated its power grid, which supplies electricity
to its population of more than 104,000, via a supervisory control and
data acquisition (SCADA) network, a physically isolated local-area
network that mirrored the grid itself. Since it was isolated, Jarvis and
his team didn't have any intrusions or threats coming in or going out.
That soon changed: To predict how much power would be available for
consumption, the city needed to figure in weather conditions. That meant
Burbank had to tie the SCADA network to the municipal network, which
left the SCADA setup susceptible to attacks.
To handle security threats, Jarvis and his team spent about $100,000 on
a pair of Juniper Networks' NetScreen firewalls and two Intrusion
Detection and Prevention 100s to sit behind them. Those products allowed
Jarvis and his team to link the two networks, permitting the SCADA
network to access weather reports from the city grid while blocking
harmful traffic and attacks in real time.

4)
London top spot to lose your tech in a taxi
http://www.itwire.com.au/content/view/7980/53/
Londoners are the most likely people to lost their mobile phones, PDAs
and notebooks in a taxi, but the city also has the most honest cab
drivers, a new study reveals.

<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>
Educational CyberPlayGround Network Newsletters Mailing List

Subscribe - Unsubscribe - Set Preferences 
http://www.edu-cyberpg.com/Community/NetworkNewsletters.html
Copyright statements to be included when reproducing
annotations from the 
Educational CyberPlayGround Network Newsletter
The single phrase below is the copyright notice to be used when
reproducing any portion of this report, in any format:

> EDUCATIONAL CYBERPLAYGROUND 
> http://www.edu-cyberpg.com
> Network Newsletters copyright

Email Prefrences - Subscribe - Unsubscribe - Digest
http://www.edu-cyberpg.com/Community/NetworkNewsletters.html


Advertise Network Newsletters Guidelines
http://www.edu-cyberpg.com/Community/Subguidelines.html
<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>~~~~~<>