Newsletters: Newsbites

SANS NewsBites is a semiweekly high-level executive summary of the most important news articles that have been published on computer security during the last week. Each news item is very briefly summarized and includes a reference on the web for detailed information, if possible.

Spend five minutes per week to keep up with the high-level perspective of all the latest security news. New issues are delivered free every Tuesday and Friday.

Volume III - Issue #18

May 02, 2001


Finally! The long-awaited Windows 2000 security guides are available in
electronic format. Windows 2000 Security Step-by-Step (62 pp.) covers
essential security steps to be taken before connecting a Windows 2000
computer to the Internet. Windows 2000 Security Vulnerabilities and
Solutions (275 pp.) covers the top ten security bugs in Windows 2000
and many, many more. It is a guide and update service that provides
periodic (generally monthly) summaries of Windows security threats and
what to do about them. Both electronic documents are available at half
price until May 20.

Order them from: http://www.sansstore.org/


The real-time SANS News Service is now operational (and it's free). It
is very simple but provides an up-to-the-minute summary of the current
news stories covering security and viruses. Runs on Windows desktops.
Pick it up at: http://www.sans.org/snb/index.htm

AP

TOP OF THE NEWS

30 April 2001 Federal Web Sites Attacked
26 & 27 April 2001 NIPC Warns of Potential for Increased Cyber Attacks
27 April 2001 Cyber Vigilantism May be on the Rise
27 April 2001 Wireless (In)Security
26 April 2001 SDMI Researchers Won't Present Paper
25 & 26 April 2001 Microsoft Support Server Gives Worm to Best Customers
23 April 2001 Ford Files Suit Against 2600 Enterprises in Redirect Case

THE REST OF THE WEEK'S NEWS

27 April 2001 IBM Plans Intelligent Computer
27 April 2001 Still More Egghead Controversy
26 April 2001 FAA Security Awareness Outreach
25 April 2001 DISA Official Urges User Accountability for Security
24 & 27 April 2001 Software Guards Against Mass E-Mailing Viruses
24 & 25 April 2001 Global Internet Fraud Web Site
24 April 2001 Connecticut Teen Faces Cyber Intrusion Charges
23 April 2001 Enhanced Security Can Reduce Accessibility: The Security Manager's Journal
23 April 2001 NIST Security Grants
23 April 2001 GAO Report Suggests Citizens' Privacy is at Risk from Data Sharing
20 April 2001 BT Web Site Security Glitch
19 April 2001 Cyber Sabotage Verdict Set Aside


************** This issue sponsored by PentaSafe, Inc. ***************
WRITE YOUR INFORMATION SECURITY POLICIES IN A DAY!
INSTANT, DEFINITIVE, UP-TO-DATE POLICIES!
INFORMATION SECURITY POLICIES MADE EASY Version 7 is a compilation of
1000+ already-written information security policies in both text and
CD/ROM. Save thousands of dollars while developing security policy
documents in minutes.

Find out more at http://www.pentasafe.com/products/policyoverview.htm
**********************************************************************

TOP OF THE NEWS

30 April 2001 Federal Web Sites Attacked

Federal officials believe that Chinese hackers have defaced several government agency sites and completely disabled another. One affected agencies, the Department of Health and Human Services, added extra security to its web site before putting it back on line.
-http://www.cnn.com/2001/TECH/internet/04/30/china.hacking.ap/index.html

26 & 27 April 2001 NIPC Warns of Potential for Increased Cyber Attacks

The National Infrastructure Protection Center (NIPC) warned US businesses to prepare to defend against increased cyber attacks from China during the first week of May which encompasses May Day, Youth Day, and the anniversary of the accidental NATO bombing of the Chinese embassy in Belgrade.
-http://www.zdnet.com/zdnn/stories/news/0,4586,2712904,00.html
-http://www.cnn.com/2001/TECH/internet/04/26/hacker.warning/index.html
-http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO60022,00.html

27 April 2001 Cyber Vigilantism May be on the Rise

A panel of security experts at the Infosecurity show warned that companies' reluctance to call in law enforcement to deal with cybercrime could lead to cyber vigilantism. One survey suggests that 70% of companies that have been victims of cyber attacks would employ counter measures. The debate emphasized the need for firms to get their security infrastructure robust enough to frustrate attackers in the first place. Businesses that "take matters into their own hands" run the risk of breaking laws and of striking back at the wrong target.
-http://www.theregister.co.uk/content/8/18553.html

27 April 2001 Wireless (In)Security

Many wireless networks are apparently running no security, allowing anyone with relatively inexpensive equipment to drive by and check out network activity. Malicious eavesdroppers could steal passwords, access servers, commandeer web sites or shut down networks altogether. Virtual Private Network (VPN) software can secure wireless networks.
-http://www.msnbc.com/news/565275.asp?0nm=T18L

26 April 2001 SDMI Researchers Won't Present Paper

Bowing to legal threats from the Recording Industry Association of America (RIAA) and two other groups, the team of researchers who cracked a watermarking content protection system will not present a paper detailing their methods.
-http://www.wired.com/news/politics/0,1283,43353,00.html

25 & 26 April 2001 Microsoft Support Server Gives Worm to Best Customers

A Microsoft technical support server exposed 26 of the company's largest customers to the FunLove worm last week. The server in question did not have antivirus software installed. Microsoft e-mailed all users of the Premier and Gold support network, and managers were phoning the 26 companies who had downloaded files during the time the worm was loose on the server.
-http://news.cnet.com/news/0-1003-200-5728963.html?tag=prntfr
-http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO59982,00.html

23 April 2001 Ford Files Suit Against 2600 Enterprises in Redirect Case

Ford Motor Co. has filed a trademark-infringement lawsuit against 2600 Enterprises that asks a judge to enjoin the organization from using a domain name which combines General Motor's name with an unsavory word and redirects users to Ford's web site.
-http://www.usatoday.com/life/cyber/tech/2001-04-23-ford-net-redirect.htm
The other side of the story is presented at
-http://www.2600.com/news/display.shtml?id=297


****************** Also sponsored by Tripwire, Inc. ******************
Worried about your web site's integrity? Rest easy with Tripwire.
Concerned about your site being compromised? Tripwire for Web Pages is
the answer. Know when data has been changed, instantly detect altered
pages, replace them with customized pages and log all instances. Learn
more at our free online seminar May 10 at 11:00 am PDT
http://www.tripwire.com/products/register.cfml?semclass=44
**********************************************************************

THE REST OF THE WEEK'S NEWS

27 April 2001 IBM Plans Intelligent Computer

IBM plans to build a computer that will never go down; Project eLiza aims to create a computer that can correct system failures without the help of technicians. The new system may also be able to help automatically fend off hackers.
-http://www.cnn.com/2001/TECH/ptech/04/30/project.eliza.idg/index.html

27 April 2001 Still More Egghead Controversy

The Register (a news service) may have turned up discrepancies between what Egghead told Visa and the information they made public regarding the December security breach.
-http://www.theregister.co.uk/content/8/18547.html
[Editor's (Murray) Note: The Register or its reader appear to have been the victim of an error or even a hoax. If your bank was concerned, they would simply issue a new card. They do not need your permission or request to do that. Under no circumstances would they ask you to "cancel" your card. ]

26 April 2001 FAA Security Awareness Outreach

The Federal Aviation Administration's (FAA) CIO and information systems security director will travel to FAA facilities around the country to address information security awareness. The purpose of the outreach program is to educate personnel about the ways in which people, facilities, and data are at risk from cyber threats.
-http://www.fcw.com/fcw/articles/2001/0423/web-faa-04-26-01.asp

25 April 2001 DISA Official Urges User Accountability for Security

Personnel who neglect security protocol should be held accountable, said the Defense Information Systems Agency (DISA) Vice Commander Maj. Gen. Dave Bryan who was speaking at a technology symposium. He noted that of the 245 successful attacks against Defense Department systems last year, 96% could have been prevented if personnel had adhered to protocol.
-http://www.gcn.com/vol1_no1/daily-updates/4028-1.html
[Editors' Note: Recognition for good security should also be a tool in management's kit. Punishment can discourage bad behavior but it cannot teach good behavior. ]

24 & 27 April 2001 Software Guards Against Mass E-Mailing Viruses

The Defence Evaluation and Research Agency (DERA), an agency of the UK's Ministry of Defence (MoD), has developed behavior blocker software called "::Mail" that alerts users when a virus is trying to send out mass e-mailings and requires authorization before it completes the task. Experts note that turning off Visual Basic Scripting (VBS) would prevent many viruses from spreading. Critics say that the software won't stop the newest batch of viruses, and that users find the technique, which has been used before, to be a nuisance.
-http://news.bbc.co.uk/hi/english/sci/tech/newsid_1294000/1294473.stm
-http://www.zdnet.com/zdnn/stories/news/0,4586,2711638,00.html
-http://www.theregister.co.uk/content/8/18580.html
[Editor's (Cowan) Note: You can get much more convenient protection from the "Just be friends" tool
-http://www.cigital.com/jbf/]

24 & 25 April 2001 Global Internet Fraud Web Site

Thirteen countries, including the United States, the UK, Canada, Mexico, and Sweden have consolidated their on-line consumer fraud efforts in econsumer.gov. The web site will provide information about consumer protection as well as a means for consumers to file complaints to appropriate government officials in the country where the offending business is located. The Federal Trade Commission will maintain and control the site.
-http://news.cnet.com/news/0-1007-200-5715293.html?tag=prntfr
-http://www.infoworld.com/articles/hn/xml/01/04/25/010425hnborder.xml

24 April 2001 Connecticut Teen Faces Cyber Intrusion Charges

A Connecticut teenager faces charges of breaking into the secure connection between the Air Mobility Command system at Scott Air Force Base and a US Dept. of Transportation system in Massachusetts early last year. He allegedly used a sniffer to intercept wire communications and destroyed files that noted his presence. Officials estimated the cost of the damage to be $66,000.
-http://www.computerworld.com/cwi/stories/0,1199,NAV47_STO59921,00.html

23 April 2001 Enhanced Security Can Reduce Accessibility: The Security Manager's Journal

This week, the security manager writes about his experience with controlling administrative access to his company's production network. He found that his tightened security measures blocked certain ports, preventing some employees from accessing certain network functions. Instead of bringing the firewall vendor into the picture, the security manager chose to solve this problem by watching firewall traffic and capturing dropped packets to determine which ports to open.
-http://www.computerworld.com/cwi/community/story/0,3201,NAV65-
663_STO59844,00.html
[Editor's (Grefer) Note: What happened to the good old concept of monitoring/logging traffic patterns for a period of time before establishing more restrictive rule sets? ]

23 April 2001 NIST Security Grants

The National Institute of Standards and Technology (NIST) has $5 million to offer in grants to companies doing research and development in areas of security that will help protect the nation's critical infrastructure information systems. Proposals are due to NIST by June 15, 2001.
-http://www.fcw.com/fcw/articles/2001/0423/news-nist-04-23-01.asp
-http://csrc.nist.gov/grants/

23 April 2001 GAO Report Suggests Citizens' Privacy is at Risk from Data Sharing

A General Accounting Office (GAO) report says that information sharing between agencies could threaten citizens' privacy as linking data sets creates dossiers of information about private citizens, which could easily be abused. The GAO offered several solutions, including getting signed consent forms before joining citizens' data.
-http://www.computeruser.com/news/01/04/23/news3.html

20 April 2001 BT Web Site Security Glitch

The British Telecommunications plc (BT) web site was taken down for about two hours after the company became aware of a security problem that allowed customers to see others' bills. One security analyst said that anyone who had registered for the bill-viewing feature could access others' bills if the appropriate customer reference numbers were available, and that BT's system does not include proper authentication.
-http://www.theregister.co.uk/content/8/18418.html

19 April 2001 Cyber Sabotage Verdict Set Aside

The government is fighting to have a guilty verdict reinstated against a man prosecuted for computer sabotage. Tim Lloyd was found guilty of planting a malicious software program in a file server at the company where he worked; the program wreaked havoc, causing millions of dollars in loses and many layoffs. The judge set aside the decision after a juror said a TV news story might have affected her decision. Mr. Lloyd maintains his innocence.
-http://www.nwfusion.com/news/2001/0419sabotage.html


==end==
Please feel free to share this with interested parties via email (not
on bulletin boards). For a free subscription, (and for free posters)
e-mail sans@sans.org with the subject: Subscribe NewsBites


Editorial Team:
Kathy Bradford, Crispin Cowan, Roland Grefer, Bill Murray,
Stephen Northcutt, Alan Paller, Howard Schmidt, Eugene Schultz