Network Security
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Historical
FWD: SANS NewsBites Vol. 2 Num. 25
- From: Paul Howell
- Date: Wed Jun 21 12:26:02 2000
------- Forwarded Message
Date: Wed, 21 Jun 2000 10:01:22 -0600 (MDT)
Message-Id: <2000062117313.QEM81142@server1.SANS.ORG>
From: The SANS Institute <sans@sans.org>
Subject: SANS NewsBites Vol. 2 Num. 25
Precedence: bulk
Errors-To: bounce@sans.org
************************************************************************
From: Alan for the SANS NewsBites service
Re: June 21 SANS NewsBites
*************************
Want to help?
Do you monitor primary news sources for security news several times a
day? If so, and if you would like to participate as a provider for
SANS' Digital Early Warning program, please email us at sansro@sans.org.
Subject DEW Line.
For people hoping to attend SANS Security DC 2000 in July The Intrusion
Detection Immersion Certification track is now full and the Firewalls
and Perimeter Protection track will be full in a day or so. There's
still space in the Hacker Exploits and Advanced Incident Handling
program, Windows Security, UNIX security, and Security Essentials
Certification tracks and in the individual one-day courses.
AP
************************************************************************
SANS NEWSBITES
The SANS Weekly Security News Overview
Volume 2, Number 25 June 21, 2000
Editorial Team:
Kathy Bradford, Crispin Cowan, Roland Grefer, Bill Murray,
Stephen Northcutt, Alan Paller, Howard Schmidt, Eugene Schultz
<sansro@sans.org>
************************************************************************
19 June 2000 FAA Security
14 June 2000 FAA Security Found Lacking
18 June 2000 Nuclear Laboratory Hard Drives Found
18 June 2000 Stages Worm
17 June 2000 Electronic Signatures Pass in House and Senate
17 June 2000 AOL Customer Account Data Compromised
16 June 2000 Domain Name Registrar Closes Hole
16 June 2000 Government Web Site Privacy
16 June 2000 Alternate Outlook Patch
16 June 2000 Board Will Advise Government on Info Security
15 June 2000 Hotmail Problems
15 June 2000 DoS Prevention: Discussion and Advice
14 June 2000 Deep Linking and Politics in Seattle
14 June 2000 ILOVEYOU Suspect to be Charged
14 June 2000 Philippine Cyber Crime Law
13 June 2000 Sites Should Take Steps to Protect Customer Data
************************************************************************
*Sponsored by Sunbelt Software - STAT: NT/2000 Vulnerability Scanner *
Plug NT /2000's over 850 holes before they plug you.
STAT comes with a responsive web-update service and your dedicated Pro
SWAT team. Built by anti-hackers for DOD sites.
Download a demo copy before you become a statistic.
http://www.sunbelt-software.com/product.cfm?id=899
************************************************************************
- -- 19 June 2000 FAA Security
The Federal Aviation Administration's (FAA's) Office of Information
Systems Security will require security examinations at each facility.
The article lists five layers of security to be tested.
http://www.fcw.com/fcw/articles/2000/0619/web-faabox-06-19-00.asp
- -- 14 June 2000 FAA Security Found Lacking
The Federal Aviation Administration (FAA) has allowed outside
contractors access to its critical computer systems without performing
background checks. The problem came to light when the agency completed
its Y2K fixes exceptionally quickly.
http://www.computeruser.com/news/00/06/14/news7.html
- -- 18 June 2000 Nuclear Laboratory Hard Drives Found
Two hard drives were found behind a copier in the same high security
area at Los Alamos National Laboratories from which they were reported
missing last week. The disks, which contain information about nuclear
weapons in arsenals in the US, China, Russia, France, and the UK, are
being examined for evidence of tampering.
http://www.msnbc.com/news/419700.asp?0m=T12Q
http://www.fcw.com/fcw/articles/2000/0612/web-disks-06-16-00.asp
http://news.cnet.com/news/0-1003-200-2093750.html
- -- 18 June 2000 Stages Worm
Yet another worm that exploits vulnerabilities in Outlook, Stages.worm
has been found in the wild, but does not appear to be widespread.
However, because it sends itself to up to 100 addresses each time, the
worm does have the potential to overwhelm servers.
http://www.msnbc.com/news/422554.asp?0m=N11Q
- -- 17 June 2000 Electronic Signatures Pass in House and Senate
Both the House of Representatives and the Senate this week passed a law
legalizing electronic signatures. Known as "E-Sign", the law would
allow customers to "opt-in" to conduct business using only electronic
documents. Certain documents must still be delivered on paper. If
enacted, E-Sign would take effect on October 1, 2000.
http://www.computeruser.com/news/00/06/17/news1.html
http://www.msnbc.com/news/420730.asp?0m=N19N
- -- 17 June 2000 AOL Customer Account Data Compromised
Crackers managed to trick AOL customer service representatives into
downloading a Trojan horse program. That error by the AOL staff gave
the crackers control of accounts enabling them to view sensitive AOL
subscriber information. The motive for the attack appears to have been
gaining control of desirable screen names.
http://www.washingtonpost.com/wp-dyn/articles/A9476-2000Jun16.html
http://www.zdnet.com/zdnn/stories/news/0,4586,2589679,00.html
- -- 16 June 2000 Domain Name Registrar Closes Hole
Register.com, a large domain name registrar, fixed a vulnerability that
could have given malicious crackers access to an important
administration tool. Once they access the tool, the crackers could
hijack web sites through a practice known as "redirecting". The web
site administrator who discovered the problem said that more
sophisticated crackers could have taken advantage of the vulnerability
to intercept e-mail.
http://news.cnet.com/news/0-1003-200-2093731.html
- -- 16 June 2000 Government Web Site Privacy
Federal lawmakers want to know if government web sites meet the same
privacy standards the Federal Trade Commission (FTC) recently proposed.
http://www.wired.com/news/politics/0,1283,37041,00.html
- -- 16 June 2000 Alternate Outlook Patch
A software company has developed a program that stops certain calls to
Outlook by monitoring the Virtual Basic Scripting Engine, thereby
stopping the spread of viruses like ILOVEYOU. The patch, called
JustBeFriends.dll, can be used in conjunction with Microsoft's update
for Outlook that was released several weeks ago.
http://www.fcw.com/fcw/articles/2000/0612/web-patch-06-16-00.asp
[Editors' Note: The product may be found at http://www.rstcorp.com/jbf/]
- -- 16 June 2000 Board Will Advise Government on Info Security
The Computer Systems Security and Privacy Advisory Board plans to
release a report recommending ways in which the government can
reorganize itself in addressing information privacy and security.
http://www.fcw.com/fcw/articles/2000/0612/web-org-06-16-00.asp
- -- 15 June 2000 Hotmail Problems
Some Hotmail customers were without e-mail service for 10 days; when
they were finally able to access their accounts, some discovered that
their data - addresses and saved messages - appeared to be erased. A
Hotmail spokesperson said that one of the servers was being repaired,
and that the data may possibly be restored.
http://www.wired.com/news/business/0,1367,37001,00.html
- -- 15 June 2000 DoS Prevention: Discussion and Advice
DoS victims offer tips for deterring attacks; all agree that installing
RFC2267 filtering would greatly reduce the threat.
http://www.computerworld.com/home/print.nsf/all/000615E8E2
[The industry consensus step-by-step guide on anti-smurphing and anti-
spoofing filter implementation may be found at:
http://www.sans.org/dosstep/index.htm]
[Editor's (Murray) Note: Application machines like switches, routers,
firewalls, and servers should not listen for control and signaling on
the same IP address where they listen for their traffic. Additional
cards, strong authentication, and SSH are very cheap.]
- -- 14 June 2000 Deep Linking and Politics in Seattle
The manager of a Senate candidate's web site deep-linked to a photo on
the site of her opponent, leading to accusations of hacking.
http://www.seattle-pi.com/local/cant14.shtml
- -- 14 June 2000 ILOVEYOU Suspect to be Charged
A man suspected of spreading the ILOVEYOU worm/virus will be charged
under laws governing credit card fraud. There were no cyber crime laws
in the Philippines at the time of the infestation.
http://www.zdnet.com/zdnn/stories/news/0,4586,2587617,00.html?chkpt=zdhpnews01
- -- 14 June 2000 Philippine Cyber Crime Law
Under newly enacted e-commerce legislation, people found guilty of
cracking and spreading viruses in the Philippines will be fined at least
$2,350 and could spend up to three years in prison. The law is not
retroactive; it cannot be used to charge the ILOVEYOU worm suspect.
http://www.usatoday.com/life/cyber/tech/cti095.htm
- -- 13 June 2000 Sites Should Take Steps to Protect Customer Data
While customers can guard against malicious JavaScripts by turning up
their security settings, web sites need to validate user input to
protect their customers and, in the long run, their business.
http://www.msnbc.com/news/420137.asp
****************** Also sponsored by Entegrity Solutions ***************
Introducing Entegrity Solutions NetCrusader/EJB (Enterprise JavaBeans)
Entegrity NetCrusader/EJB, the ONLY access management solution that
secures, manages, and administers EJB-based applications!
Contact Entegrity Solutions today for your FREE evaluation edition by
emailing sales@entegrity.com and enter "SANS" in the subject field when
responding.
== End ==
Please feel free to share this with interested parties via email (not
on bulletin boards). For a free subscription, (and for free posters)
e-mail sans@sans.org with the subject: Subscribe NewsBites
To change your subscription, address, or other information, visit
http://www.sans.org/sansurl and enter your SD number (from the headers.)
You will receive your personal URL via email.
You may also email <sans@sans.org> with complete instructions and your
SD number for subscribe, unsubscribe, change address, add other digests,
or any other comments.
------- End of Forwarded Message
|
