Security UPDATE-- Two Security Add-ons--August 11, 2004

===============

To make sure that your copy of Security UPDATE isn't mistakenly blocked by antispam software, add [email protected] to your list of allowed senders and contacts.

==========

==== This Issue Sponsored By ====

Free Download! New Sitekeeper(R) 3.1

http://www.executive.com/sitekeeper/skland.asp?ad=wandnetnl29

Get a Free Authenex A-Key(TM) Security Token

http://www.authenex.com/campaign/campaign.asp?scid=305

==========

1. In Focus: Two Security Add-ons

2. Security News and Features

- Recent Security Vulnerabilities

- News: Two Guides: Windows XP Security and Wireless Authentication

- News: First SiteDigger and Now SSLDigger

- Feature: Time for a Windows Antivirus Solution

3. Security Matters Blog

- Get Paid to Hunt Security Bugs in Mozilla

- Updated Security Bulletin MS04-025

- Version 4 of Microsoft's Worm Removal Tool

4. Instant Poll

5. Security Toolkit

- FAQ

6. New and Improved

- Easy File and Email Protection

==========

==== Sponsor: Free Download! New Sitekeeper(R) 3.1 ====

Keeping track of your software licenses and staying up-to-date with the latest patches is a pain -- especially if you have to do it manually. But unless you stay on top of licenses and patches, you're opening your site up to legal action and security breaches. *** NEW Sitekeeper 3.1 is the simple, affordable way to automate your systems management. Sitekeeper handles hardware and software inventories, license compliance reports and software/patch installation with just a few clicks of your mouse. No special training or dedicated hardware needed—in fact, you can start managing within minutes of installation. It's systems management software -- simplified!

Try Sitekeeper FREE—click on

http://www.executive.com/sitekeeper/skland.asp?ad=wandnetnl29

==========

==== 1. In Focus: Two Security Add-ons ====

by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

If you typically log on to your system by using a regular user account, you probably sometimes need to have Power User or Administrator privileges in the domain to perform necessary actions. Sometimes gaining the required privileges can be cumbersome, depending on your needs. You can accomplish the temporary elevation of privileges by using the RunAs command manually, but there's a much quicker way.

Aaron Margosis wrote a useful add-on command script for Windows that can help you with running applications in a higher security context. His script MakeMeAdmin automates the process of using the RunAs command to elevate your privileges. The script performs three actions: Adds your current user account to the local Administrators group, launches a command shell and any other application you want to run, then removes your account from the local Administrators group.

You can read an explanation of scenarios in which MakeMeAdmin might come in handy at Margosis's Web log (blog) at the first URL below. You can download a copy of MakeMeAdmin (in a .zip file) at the second URL below. The .zip file also contains a second script, MakeMePU, which elevates your privileges to the Power Users group instead of the Administrators group.

http://blogs.msdn.com/aaron_margosis/archive/2004/07/24/193721.aspx

http://www.speakeasy.org/~aaronmar/NonAdmin/MakeMeAdmin.zip

Another useful tool developed by Margosis is PrivBar for Windows Explorer and Microsoft Internet Explorer (IE). PrivBar helps you see what security context a particular instance of Windows Explorer or IE is running under. When you install PrivBar, a toolbar is added to both those applications. The toolbar displays the domain and username as well as the group that the account belongs to. The toolbar is color-coded to grab your attention when you run an instance under a highly privileged account, such as an account in the Administrators group.

According to Margosis, "PrivBar shows you roughly what your privilege level is by checking the current process' token for membership in Administrators, Power Users, Users, or Guests. The circle on the bar will be red if you are in Administrators, yellow if you are Power User, green otherwise. If you are an admin, the bar's background will be yellow. Finally, if that instance is running with a restricted token (e.g., by using the RunAs dialog's "protect my computer" option, ...), the circle will be green with a red line through it. (... PrivBar uses the CheckTokenMembership API, so yes, it properly takes into account disabled or deny-only SIDs.)" You can read about the tool and see screen shots of it at the first URL below and download it at the second URL.

http://blogs.msdn.com/aaron_margosis/archive/2004/07/24/195350.aspx

http://www.speakeasy.org/~aaronmar/NonAdmin/PrivBar.zip

If you're a developer interested in the CheckTokenMembership API, you can learn more about it at the Microsoft Developer Network (MSDN) Web site.

http://msdn.microsoft.com/library/en-us/secauthz/security/checktokenmembership.asp

==========

==== Sponsor: Get a Free Authenex A-Key(TM) Security Token ====

The key to complete authentication and encryption security, the new Authenex A-Key offers multiple methods of authentication through USB interface or One-Time Password. The A-Key uses our ASAS(TM) server for strong Two-Factor authentication for network access and can be leveraged by our entire suite of e-security applications, including: Web Access Control, Endpoint Encryption to protect either files or the entire hard drive, Secure File Exchange, and Storage for Digital Certificates. One A-Key is all you need.

Click now for a FREE eval A-Key.

http://www.authenex.com/campaign/campaign.asp?scid=305

==========

==== 2. Security News and Features ====

Recent Security Vulnerabilities

If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at

http://www.winnetmag.com/departments/departmentid/752/752.html

News: Two Guides: Windows XP Security and Wireless Authentication

Microsoft recently published "Windows XP Security Guide," which offers both instruction and a set of tools (several documents, templates, and scripts) that can help you better secure Windows XP systems whether they are part of an Active Directory (AD) domain or are standalone. The company also published a second step-by-step guide (in Word format): "Obtaining and Installing a VeriSign WLAN Server Certificate for PEAP-MS-CHAP v2 Wireless Authentication." This guide explains how to obtain certificates from VeriSign by using a custom Web application built by VeriSign specifically for Internet Authentication Service (IAS) users. It also explains how to configure IAS to use the certificates for wireless connectivity authentication.

http://www.winnetmag.com/article/articleid/43474/43474.html

News: First SiteDigger and Now SSLDigger

We previously reported that Foundstone released a tool, SiteDigger, that helps you audit your Web site for potential vulnerabilities. The company recently released a new Web audit tool, SSLDigger, that helps you audit Secure Sockets Layer (SSL) ciphers that are enabled on your Web site.

http://www.winnetmag.com/article/articleid/43489/43489.html

Feature: Time for a Windows Antivirus Solution

Michael Otey thinks it's time for Microsoft to include an antivirus solution as part of the base Windows OS. Otey says that desktop security is simply too crucial a concern to Microsoft--and more important, to Microsoft's customers--to let a component that's so vital to a secure environment remain an optional add-on. As long as antivirus measures reside solely in the hands of third-party vendors, large numbers of Microsoft OS installations will remain vulnerable to hundreds if not thousands of exploits, not all of which can be prevented through patching. Read the rest of Otey's opinion in this article on our Web site.

http://www.winnetmag.com/article/articleid/43192/43192.html

==========

==== Announcements ====

(from Windows & .NET Magazine and its partners)

Get 2 Sample Issues of Windows & .NET Magazine (soon to be Windows IT Pro)!

In September, Windows & .NET Magazine will become Windows IT Pro! Act now to get our special charter issue that shows you how to plug DNS holes and select the best scripting editor, plus learn more about the business side of IT. And discover the top 10 PC trends we think you need to keep an eye on. Get two risk-free new and improved issues and a subscription at 40% off the cover price at

http://www.winnetmag.com/rd.cfm?code=fsep204hup

Get Equipped to Fight Against Spammers With Our Latest Email Security Toolkit II--Includes a White Paper, Web Seminar, and eBook

Take the next steps against the "silent killer" and learn how to prepare for directory harvest attacks. Plus, find out how to eliminate spam and viruses by learning spammers' new covert tactics designed to get past conventional spam content filters. Get the latest Email Security Toolkit now!

http://www.winnetmag.com/techxtraining/postini/index.cfm?code=0719emailannc

Free eBook--"The Expert's Guide for Exchange 2003: Preparing for, Moving to, and Supporting Exchange Server 2003"

This eBook will educate Exchange administrators and systems managers about how to best approach the migration and overall management of an Exchange 2003 environment. The book will focus on core issues such as configuration management, accounting, and monitoring performance with an eye toward migration, consolidation, security, and management.

http://www.WindowsITlibrary.com/ebooks/exchangeserver2003/index.cfm?code=0705emailannc

Take our Salary Survey, and Enter to Win $500!

We need your help! Windows & .NET Magazine is launching its 1st Windows IT Pro Industry Salary Survey, and we want to know all about you and what makes you happy as an IT professional. When you complete the survey (about 15 minutes of your time), you'll be entered in a drawing for one of two $500 American Express gift certificates. Look for the survey results—and how you stack up against your peers—in our December issue. To take the survey, go to:

http://www.techsurveys.com/winnet_reader_2004/survey.asp

==== 3. Security Matters Blog ====

by Mark Joseph Edwards, http://www.winnetmag.com/securitymatters

Check out these recent entries in the Security Matters blog:

Get Paid to Hunt Security Bugs in Mozilla

The Mozilla Foundation has launched a new Security Bug Bounty Program through which it will pay $500 to anyone who discovers what the foundation considers to be a critical security bug in its software.

Updated Security Bulletin MS04-025

Microsoft updated the security bulletin and patch "Cumulative Security Update for Internet Explorer (867801)," which corrects three critical problems in Microsoft Internet Explorer (IE).

Version 4 of Microsoft's Worm Removal Tool

Microsoft recently released Mydoom, Zindos, and Doomjuice Worm Removal Tool 4.0, which helps remove Mydoom.A, B, E, F, G, J, L, and O; Zindos.A; and Doomjuice.A and B variants.

==== 4. Instant Poll ====

Results of Previous Poll

The voting has closed in the Windows & .NET Magazine Network Security Web page nonscientific Instant Poll for the question, "Do you use search engines to look for vulnerabilities in the Web sites you manage?" Here are the results from the 51 votes.

- 20% Yes, I do so regularly

- 4% Yes, but only when I become aware of new Web vulnerabilities

- 37% No, but I plan to start

- 39% No, and I don't plan to start

New Instant Poll

The next Instant Poll question is, "Have you experienced any problems with Windows XP Service Pack 2 (SP2)?" Go to the Security Web page and submit your vote for

- Yes, some of our software is now broken

- Yes, problems with installation of third-party applications

- Yes, problems with installation of SP2 itself

- Yes, more than one of the problems mentioned above

- No

http://www.winnetmag.com/windowssecurity

==== 5. Security Toolkit ====

FAQ: What is the Group Policy Management Console (GPMC)?

by John Savill, http://www.winnetmag.com/windowsnt20002003faq

A. Group Policy offers many advantages over the old Windows NT 4.0 system policies; however, managing Group Policy Objects (GPOs) is often cumbersome. To view or modify GPOs, you can either create a custom Microsoft Management Console (MMC) snap-in that has a particular GPO loaded or, in the MMC Active Directory Users and Computers snap-in, right-click an organizational unit (OU) or a domain, select Properties, then select the Group Policy tab.

GPMC significantly improves on Microsoft's traditional methods for GPO management by providing a simple view of the environment that shows how OUs are linked to GPOs and the options associated with the OU or container to which a particular GPO applies. GPMC also provides the following useful features:

- the ability to back up and restore GPOs

- easy backup and restoration of filters

- the ability to create HTML-based reports that show all the settings in a GPO

- the ability to script certain Group Policy management actions

You must install GPMC on a Windows Server 2003 or Windows XP Service Pack 1 (SP1) system, although you can use GPMC to manage Windows 2000 Server domains in addition to Windows 2003 domains. You can download the latest version of GPMC--GPMC with SP1--at the URL below.

http://www.microsoft.com/downloads/details.aspx?familyid=0a6d4c24-8cbd-4b35-9272-dd3cbfc81887

When you attempt to access a container's Group Policy tab from the Active Directory Users and Computers snap-in after you install GPMC, you'll see a button that you can click to start GPMC. You can't edit GPOs from within GPMC; to edit a GPO when you're in GPMC, right-click the GPO and select Edit; a new MMC instance will open in which the GPO editor snap-in is loaded and the selected GPO is open and ready to be edited.

==========

==== Events Central ====

(A complete Web and live events directory brought to you by Windows & .NET Magazine: http://www.winnetmag.com/events )

Are You Using Best Practices When Managing Software Packaging and Pre-Deployment Preparation?

In this free Web seminar, you'll learn best practices for managing software packaging and pre-deployment preparation. Discover how your organization can benefit from managing the workflow of the pre-deployment process to cut time and costs. Plus, you'll learn about different business scenarios that show ROI improvements from accurate workflow management. Register now!

http://www.winnetmag.com/seminars/softwaredeployment/index.cfm?code=0809emailannc

==========

==== 6. New and Improved ====

by Jason Bovberg, [email protected]

Easy File and Email Protection

kcSystems launched Crypteze 1.1, software that provides file and email message encryption without the need to subscribe to a digital ID or certificate service. Crypteze generates digital IDs (private keys and X.509 certificates) for file encryption and secure email. Crypteze works in conjunction with Microsoft Outlook and Microsoft Outlook Express to provide secure email. Crypteze 1.1 costs $20. To download the product for a free 30-day trial period, contact kcSystems on the Web.

http://www.kcsystems.com

Tell Us About a Hot Product and Get a T-Shirt!

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected]

==========

==== Sponsored Links ====

Argent

Comparison Paper: The Argent Guardian Easily Beats Out MOM

http://ad.doubleclick.net/clk;6480843;8214395;q?http://www.argent.com/products/download_whitepaper.cgi?product=mom&&Source=WNTTextLink

CrossTec

Free Download--New - Launch NetOp Remote Control from a USB Drive

http://ad.doubleclick.net/clk;9571671;8214395;t?http://www.crossteccorp.com/html_ad/winnetmag.htm

==========

Editor's note: Share Your Security Discoveries and Get $100

Share your security-related discoveries, comments, or problems and solutions in the Security Administrator print newsletter's Reader to Reader column. Email your contributions (500 words or less) to [email protected] If we print your submission, you'll get $100. We edit submissions for style, grammar, and length.

==========

==== Contact Us ====

About the newsletter -- [email protected]

About technical questions -- http://www.winnetmag.com/forums

About product news -- [email protected]

About your subscription -- [email protected]

About sponsoring Security UPDATE -- [email protected]

==========

==== Contact Our Sponsors ====

Primary Sponsor:

Executive Software -- http://executive.com

Secondary Sponsor:

Authenex, Inc. -- http:// www.authenex.com -- 1-877-AUTHENEX

===============

This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today.

http://www.winnetmag.com/sub.cfm?code=wswi201x1z

View the Windows & .NET Magazine privacy policy at

http://www.winnetmag.com/AboutUs/Index.cfm?action=privacy

Windows & .NET Magazine, a division of Penton Media, Inc.

221 East 29th Street, Loveland, CO 80538

Attention: Customer Service Department

Copyright 2004, Penton Media, Inc. All rights reserved.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish