2 Days Left to Save $400 on SANS Cyber Defense Initiative 2014, Wash DC

SANS NewsBites - Volume: IV, Issue: 6

*************************************************************************
SANS NewsBites                     February 06, 2002                    Volume: IV, Issue: 6
*************************************************************************
TOP OF THE NEWS

  1 February 2002 Passenger Security Screening System
  1 February 2002 Microsoft Coding Moratorium
  31 January 2002 Lawrence Livermore Bans Wireless LANs
  4 February 2002 Improving 802.11b Security

THE REST OF THE WEEK'S NEWS

  5 February 2002 Diekman Sentenced to 21 Months
  1 February 2002 Pirates Plead Guilty
  30 January & 1 February 2002 Windows 2000 Security Fixes Bundled
  31 January & 1 February 2002 WEF Site Down
  31 January 2002 Windows 2000 and NT 4.0 Trust Vulnerability
  30 & 31 January 2002 SEC's Phony Site Gets Over 150,000 Hits
  30 January 2002 Corley Will Continue to Fight DMCA
  29 January 2002 Navigator Flaw Exposes Cookies
  29 January 2002 Alleged Hacker-Extortionist Held
  29 January 2002 EPIC Wants States to Investigate Microsoft's Passport
  28 January 2002 Myparty Worm
  28 January 2002 Security Manager's Journal: Addressing Virus Protection
  28 January 2002 Cyberattack Study
  24 January 2002 Study Says Most CIOs Not Prepared for Disasters


******************* Sponsored by Tripwire, Inc. **********************
Worried about the integrity of your data? Rest easy with Tripwire.
Tripwire data integrity assurance solutions tell you if, when, and
how data or business processes have been changed on your system. This
leads to less time consuming & labor intensive assessment and recovery
processes.
Attend a free online seminar to find out more!
http://www.tripwire.com/products/register.cfml?semclass=65
**********************************************************************


TOP OF THE NEWS

New Guide For Windows 2000 PRO
The US National Institute for Standards and Technology released a security guide for Windows 2000 Professional desktop systems in configurations used by office workers, at home users, or road-warriors. NIST is inviting comments and suggestions on the guide.
-http://csrc.nist.gov/itsec/guidance_W2Kpro.html


1 February 2002 Passenger Security Screening System
The U.S. government plans to test an airline security system that uses data mining and predictive software to generate passenger profiles. Critics of the system are concerned that it could erode civil liberties.
-http://www.cnn.com/2002/TECH/internet/02/01/rec.airlines.database.reut/index.htm
l

-http://www.computerworld.com/storyba/0,4125,NAV47_STO67962,00.html


1 February 2002 Microsoft Coding Moratorium
As part of its new Trustworthy Computing Initiative, Microsoft will not write any new code for one month; instead, the company will use the time to debug its old code.
-http://www.gcn.com/vol1_no1/daily-updates/17874-1.html
[Editor's (Murray) Note: I am all in favor of MS cleaning up its execution. However, its strategy needs to be cleaned up too. ]


31 January 2002 Lawrence Livermore Bans Wireless LANs
Lawrence Livermore National Laboratory, a national defense technology research lab in California, has banned the use of wireless local area networks (LANs) due to security concerns. A lab spokesman said that Los Alamos National Laboratory might introduce a wireless network ban as well.
-http://cgi.zdnet.com/slink?169109
[Editor's (Murray) Note: Yesterday I received an ad for a wireless access point for $130-, down 50% from a year ago. Connectivity trumps security every time. A ban cannot succeed. The only way to successfully exclude wireless is to close the network. Get used to it. ]


4 February 2002 Improving 802.11b Security
Wireless networking standards 802.11a and 802.11b are both popular and vulnerable. A new security algorithm, called Temporal Key Integrity Protocol is being tested. It generates a new encryption key for every ten kilobytes of data transmitted.
-http://www.pcworld.com/news/article/0,aid,82563,00.asp



************************ SPONSORED LINKS *****************************
(1) Solutionary, Inc. FREE WHITE PAPER: A Technical Summary of eV3
and ActiveGuard
http://www.sans.org/cgi-bin/sanspromo/NB3
(2) Looking to implement real time incident response in your security
environment?
http://www.sans.org/cgi-bin/sanspromo/NB2
(3) FREE Web Seminar: "Palm Tightens Grip On Network Security"
http://www.sans.org/cgi-bin/sanspromo/NB1
***********************************************************************


THE REST OF THE WEEK'S NEWS

5 February 2002 Diekman Sentenced to 21 Months
Jason Allen Diekman, who went by the names 'Shadow Knight' and 'Dark Lord,' was ordered to spend 21 months in federal prison and to pay nearly $88,000 in restitution. On February 4. He had hacked into NASA computers and also used stolen credit cards to buy goods over the Internet.
-http://www.latimes.com/news/local/la-000009016feb05.story


1 February 2002 Pirates Plead Guilty
Two men who pleaded guilty to charges stemming from their involvement in an Internet piracy group face up to five years in prison and $250,000 in fines. As part of their plea agreement, the two men revealed details about how group members hid the illegal software.
-http://www.gcn.com/vol1_no1/daily-updates/17875-1.html


30 January & 1 February 2002 Windows 2000 Security Fixes Bundled
Microsoft has released the Windows 2000 Security Rollup package, a collection of all the company's post-Service Pack 2 security patches; the package requires Service Pack 2 to be installed on the system. Users who have older versions of Internet Explorer should upgrade to version 6.0 before installing the security package.
-http://news.com.com/2100-1001-826495.html
-http://www.gcn.com/vol1_no1/daily-updates/17860-1.html


31 January & 1 February 2002 WEF Site Down
The World Economic Forum's (WEF) web site crashed late last week. Activists claim they targeted the site in a "virtual sit-in" denial-of-service attack. Last year, a hacker stole personal information, including credit card numbers, belonging to WEF participants.
-http://www.wired.com/news/politics/0,1283,50159,00.html
-http://www.cnn.com/2002/TECH/internet/02/01/worldforum.techtrouble.ap/index.html
-http://www.computerworld.com/storyba/0,4125,NAV47_STO67982,00.html


31 January 2002 Windows 2000 and NT 4.0 Trust Vulnerability
A flaw in the trust relationships in the Windows 2000 and NT 4.0 environments' network domains could allow people to increase their access levels.
-http://www.computerworld.com/storyba/0,4125,NAV47_STO67865,00.html


30 & 31 January 2002 SEC's Phony Site Gets Over 150,000 Hits
The Securities and Exchange Commission (SEC) used on-line investment scam tactics, including preying on people's fears and offering huge returns on investment with no risk, on a phony site designed to educate consumers about investment fraud. People who actually tried to invest were greeted with a warning message. The site received more than 150,00 hits in a three-day period; the SEC says it has planted other phony sites on the Internet in an effort to fight back against investment fraud.
-http://news.com.com/2100-1017-826434.html
-http://www.wired.com/news/business/0,1367,50125,00.html
-http://www.computerworld.com/storyba/0,4125,NAV47_STO67866,00.html
[Editor's (Ranum) Note: Educating people by telling them "YOU ARE STUPID!" is an interesting tactic. I guess it's impossible to deliver a cattle-prod like shock over the Internet effectively. ]


30 January 2002 Corley Will Continue to Fight DMCA
Eric Corley, who has been barred from posting a DVD descrambling program under the Digital Millennium Copyright Act (DMCA) has vowed to continue to fight the controversial law. In November 2001, a three-judge panel ruled that free speech provisions did not protect Corley's posting of the program. Corley's attorneys have requested a rehearing by the full 2nd Circuit Court of Appeals in New York; if that proves unsuccessful, they intend to take the case to the Supreme Court.
-http://news.com.com/2100-1023-826710.html


29 January 2002 Navigator Flaw Exposes Cookies
A security hole in Netscape Navigator allows web page operators to look at site visitors' cookies. The flaw affects Navigator versions 6 through 6.2 and Mozilla versions 0.9.6 and earlier. Netscape is encouraging all its affected users to upgrade their web browsers.
-http://www.computerworld.com/storyba/0,4125,NAV47_STO67803,00.html


29 January 2002 Alleged Hacker-Extortionist Held
A Russian hacker, identified as Nikolai, allegedly extorted $10,000 from a U.S. bank; he had threatened to expose account information he had stolen from a database on a server belonging to a company that provides online banking and bill payment services to financial institutions. Nikolai is being detained in Siberia.
-http://www.theregister.co.uk/content/55/23861.html


29 January 2002 EPIC Wants States to Investigate Microsoft's Passport
The Electronic Privacy Information Center (EPIC) is asking the states' attorneys general to protect consumers from Microsoft's "unfair and deceptive trade practices" that accompany the passport online identity service. EPIC claims that in addition to profiling users' web habits, Passport does not do an adequate job of protecting users' credit card information. Microsoft refutes the claims.
-http://www.computerworld.com/storyba/0,4125,NAV47_STO67802,00.html
-http://zdnet.com.com/2100-1106-825340.html


28 January 2002 Myparty Worm
The Myparty worm arrives as an attachment that appears to be an innocuous web site link. However, those who click on the link will become infected with the worm, which sends itself out through to everyone in the machine's address book and leaves a backdoor in the infected system. It infects computers between January 25 and January 29, and won't infect machines running Russian versions of Windows, leading to speculation that Myparty is of Russian origin.
-http://news.com.com/2100-1001-823959.html
-http://www.msnbc.com/news/695292.asp?0dm=T236T
-http://www.computerworld.com/storyba/0,4125,NAV47_STO67773,00.html


28 January 2002 Security Manager's Journal: Addressing Virus Protection
The security manager discusses ideas protecting his computer network at the various points of entry used by viruses: external media, e-mail, web mail, downloads and unpatched operating systems.
-http://www.computerworld.com/cwi/community/story/0,3201,NAV65-663_STO67720,00.ht
ml



28 January 2002 Cyberattack Study
A managed security services company study of cyberattacks on its customers networks in the second half of 2001 found that nearly 40% of the attacks targeted a specific company or computer system. In addition, more attacks originate in the United States than in any other country; Israel tops the list in attacks launched per capita. Code Red and Nimda were not included in the study.
-http://www.washingtonpost.com/wp-dyn/articles/A46836-2002Jan27.html
-http://zdnet.com.com/2100-1105-824448.html


24 January 2002 Study Says Most CIOs Not Prepared for Disasters
The results of a survey conducted by the Gartner consultancy and the Society for Information Management (SIM) indicate that while 88% of CIOs have back-up power supplies and 70% have back-up plans for network, software and other such failures, only about one-third have established business continuity plans that address the possibility of physical attacks.
-http://www.eweek.com/article/0,3658,s%3D701%2526a%3D21681,00.asp


==end==
Please feel free to share this with interested parties via email (not
on bulletin boards). For a free subscription, (and for free posters)
e-mail sans@sans.org with the subject: Subscribe NewsBites


Editorial Team:
Kathy Bradford, Dorothy Denning, Roland Grefer, Vicki Irwin,
Bill Murray, Stephen Northcutt, Alan Paller,
Marcus Ranum, Howard Schmidt, Eugene Schultz