Security UPDATE--RSA Conference 2005 Highlights--February 23, 2005

1. In Focus: RSA Conference 2005 Highlights

2. Security News and Features

- Recent Security Vulnerabilities

- The New Phish Report Network

- Identity Web Services Framework Now Supports SAML 2.0

3. Security Matters Blog

- McAfee Will Scan your Wi-Fi Config for Vulnerabilities

- Add SonicWALL to Your List of Enterprise Antispyware Solutions

4. Instant Poll

5. Security Toolkit

- Web Chat

- FAQ

- Security Forum Featured Thread

6. New and Improved

- A Second Factor of Authentication for Windows

==== Sponsor: Microsoft ====

Best Practices for Establishing and Enforcing a Security Policy in Your Business

With all the viruses, Trojans, spyware, malware, and malicious attacks out there, is your company as prepared as it can be to fend off these threats? This white paper will provide you with detailed information for establishing and enforcing a security policy so that you have a safety net to fall back on and can ensure that you're making the right decisions at a demanding time. Specifically, you'll go through the process of creating a security policy and creating an incident response plan to prepare your organization for the worst-case scenario. Download this free white paper now!

http://www.windowsitpro.com/whitepapers/microsoft/bestpractices/index.cfm?code=secnl

==== 1. In Focus: RSA Conference 2005 Highlights ====

by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

RSA Conference 2005 took place last week in San Francisco with more than 275 vendors and more than 200 conference sessions. The last I heard, conference organizers were saying that 13,000 people attended, but that count wasn't official. One thing I am sure about is that with that many vendors and conference sessions, nobody saw everything!

There were some interesting announcements at the conference, so if you were not among the thousands who did attend, then here are a few of the highlights from the show:

In his keynote address, Computer Associates (CA) Executive Vice President Russell Artzt pointed out that business executives must now pay very close attention to security concerns at all levels of the company and be ready to thoroughly account for their decision-making processes, primarily due to government regulations such as Sarbanes-Oxley.

Cisco Systems announced a new phase of its Self-Defending Network technology. The company said that the new Adaptive Threat Defense phase addresses threats at multiple layers, simplifies architectural designs, and provides enterprisewide containment and control.

http://newsroom.cisco.com/dlls/2005/prod_021505.html?CMP=ILC-001

RSA Security announced the Security Authentication Roadmap, in which the company will provide a standards-based, enterprise-enabled platform for overall credentials management using strong authentication. The company also announced the RSA Authentication Service, which will help provide consumers with "enterprise-class protection" during their online activities; an RSA SecurID Appliance that provides two-factor authentication for businesses with fewer than 1,000 employees; and RSA SecurID SID700 and SID800 USB-enabled authentication devices.

http://www.rsasecurity.com

Microsoft Chairman Bill Gates announced in his keynote speech that the company will launch new security initiatives that include various software updates, such as a future release of Internet Explorer (IE) 7.0 for Windows XP systems, the scheduled March release of a beta version of its unified Windows Update Service (WUS), Microsoft Baseline Security Analyzer (MBSA) 2.0, the release to manufacturing of Internet Security and Acceleration (ISA) Server 2004 Enterprise Edition, and Rights Management Services (RMS) Service Pack 1 (SP1). Gates also announced the formation of the Secure Software Forum in partnership with several other companies and the worldwide expansion of its Most Valuable Professional (MVP) program to help developers communicate with each other about developing secure applications.

http://www.windowsitpro.com/Article/ArticleID/45427

Shavlik Technologies announced several new products, including NetChk Epicenter, a common GUI for NetChk applications that lets administrators scan numerous systems and applications, view scan results, and correct security problems. The company also announced that it will release patch-management solutions for Unix and Linux platforms--including AIX, HP-UX, Red Hat Linux, and Solaris--sometime in the second quarter of 2005. The company also announced NetChk Spyware and NetChk Shares, which lets administrators discover shared resources on one or more computers, remove shared resources, restrict anonymous access, and test for weak passwords.

http://www.shavlik.com

Identity management solution provider Abridean joined the BlackBerry ISV Alliance Program, thereby forming a relationship with Research in Motion (RIM). Abridean will help simplify and automate management of Blackberry user accounts in BlackBerry Enterprise Server in combination with other messaging and enterprise systems.

http://www.abridean.com

http://www.rim.com

DesktopStandard released PolicyMaker Application Security, which helps adminitrators enforce the practice of giving users the minimum privileges that they need on Windows-based desktops and selectively elevate privileges for users who need them.

http://www.desktopstandard.com

Priva Technologies announced an upgrade to its Cleared Security Platform, which uses multifactor authentication in a single-point, end-to-end solution. The product now supports authentication for Web services, Microsoft .NET technology, email signing, and public key infrastructure (PKI).

http://www.priva-tech.com

Seaway Networks released a pretty slick product: the Trident NCA2000-L7P Intrusion Prevention Accelerator Card. The Intrusion Detection System/Intrusion Prevention System (IDS/IPS) card can be used to convert servers into filtering appliances. The board provides 2Gbps of full duplex data processing and pattern matching, including processing of network layers 2-7.

http://www.seawaynetworks.com

Lyris Technologies improved the detection of phishing and other email-related threats in its MailShield Server product with an upgrade to the embedded Mailshell SpamCompiler engine. Lyris said that MailShield Server is available for Windows and Solaris platforms, and a MailShield Pro version for Windows can record all SMTP transactions and provide a searchable audit trail of all incoming and outgoing messages.

http://www.lyris.com

http://www.mailshield.com

http://www.mailshell.com

And last, but certainly not least, Intense School presented its Live Online Professional Hacking class, led by Ralph Echemendia. The class teaches participants how to think like an intruder so they can protect themselves proactively rather than having to react defensively to intrusions.

http://www.intenseschool.com

==== Sponsor: Postini ====

The Email Security Annual Review & Threat Report

This "must read" white paper for email administrators and security professionals features a comprehensive overview of changes in email threats and the regulatory environment in 2004, and previews issues and expectations for 2005. Review the latest statistical trends in spam, virus and email attacks, and get an overview of how organizations are responding to these threats; get a sneak preview from analysts and experts into emerging issues and concerns that may help inform email security strategies and implementations for 2005. Register now and get the key trend data on spam, virus and email attacks from 2004!

http://www.windowsitpro.com/whitepapers/postini/annualreview/index.cfm?code=secnl

==== 2. Security News and Features ====

Recent Security Vulnerabilities

If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at

http://www.windowsitpro.com/departments/departmentid/752/752.html

The New Phish Report Network

Microsoft, eBay, PayPal, and Visa have teamed with WholeSecurity to launch the Phish Report Network. The network will serve as a worldwide antiphishing aggregation service.

http://www.windowsitpro.com/Article/ArticleID/45444

Identity Web Services Framework Now Supports SAML 2.0

Liberty Alliance has released the second draft of its Identity Web Services Framework (ID-WSF), which now includes support for the Organization for the Advancement of Structured Information Standards (OASIS) Security Assertion Markup Language (SAML) 2.0 specification. Both ID-WSF and SAML provide methods of handling identity in conjunction with the use of Web services.

http://www.windowsitpro.com/Article/ArticleID/45415

==== Resources and Events ====

Minimize the Likelihood of Downtime in Your Exchange Implementation.

In this free, on-demand Web seminar, discover how to ensure continuous Exchange application availability. Learn how to take preemptive, corrective action without resorting to a full system failover. Or in extreme cases, discover solutions that perform a graceful, automatic switchover to a secondary server, ensuring continuous Exchange application availability. View the archive today!

http://www.windowsitpro.com/seminars/highavailability/index.cfm?code=0223emailannc

Get Essential Security Tips in This Free eBook

Knowing where to find answers fast to secure your systems against attack can often mean the difference between shutting the door to various threats (e.g., malware, viruses, Trojans) and declaring defeat. This free eBook provides you with quick answers to help you make the most of your security. Get the entire eBook and start securing your systems!

http://www.windowsitlibrary.com/ebooks/systemsecurity/index.cfm?code=0223emailannc

Keeping Your Business Safe from Attack: Monitoring and Managing Your Network

Get the information you need to securely implement a network based around Microsoft products in the latest chapter of this eBook. Find out how to secure your network against threats, and learn about topics such as antivirus, VPNs, spyware, DMZs, content filtering, Browser Helper Objects, patching, quarantining, intrusion detection, and event notification. Get this eBook today!

http://www.windowsitlibrary.com/ebooks/networksecurity/index.cfm?code=0223emailannc

Get the Entire eBook: "Content Security in the Enterprise--Spam and Beyond"

This eBook explores how to reduce and eliminate the risks from Internet applications such as email, Web browsing, and Instant Messaging by limiting inappropriate use of these applications, eliminating spam, protecting corporate information assets, and ensuring that these vital resources are secure and available for authorized business purposes. Download this free eBook now!

http://www.WindowsITlibrary.com/ebooks/spam/index.cfm?code=0223emailannc

Get Ready for SQL Server 2005 Roadshow in a City Near You

Get the facts about migrating to SQL Server 2005. SQL Server experts will present real-world information about administration, development, and business intelligence to help you implement a best-practices migration to SQL Server 2005 and improve your database computing environment. Receive a 1-year membership to PASS and 1-year subscription to SQL Server Magazine. Register now!

http://www.windowsitpro.com/roadshows/sqlserverusa/index.cfm?code=0221emailannc

==== Hot Release ====

Symantec ON iPatch -- Automated Patch Management

On its first "patch Tuesday" of 2005, Microsoft released three software updates to fix security holes in its popular Windows operating system. Symantec ON iPatch provides an automated patch management solution that can handle today's growing number of patches. To learn more visit us at:

http://sea.symantec.com/IPWITPNL223

==== 3. Security Matters Blog ====

by Mark Joseph Edwards, http://www.windowsitpro.com/securitymatters

Check out these recent entries in the Security Matters blog:

McAfee Will Scan your Wi-Fi Config for Vulnerabilities

McAfee launched a new free service that uses a downloadable ActiveX control to scan your wireless networking configuration for vulnerabilities. The company's new Wi-FiScan Web page says that the service can suggest security measures to correct problems that it finds in your configuration.

http://www.windowsitpro.com/Article/ArticleID/45416

Add SonicWALL to Your List of Enterprise Antispyware Solutions

You can add SonicWALL to the list of enterprise antispyware solutions. The company announced the addition of "dynamic spyware detection and prevention capabilities" to its line of gateway security offerings.

http://www.windowsitpro.com/Article/ArticleID/45420

==== 4. Instant Poll ====

Results of Previous Poll:

If your company uses Windows XP, do you use XP SP2?

The voting has closed in this Windows IT Pro Security Hot Topic nonscientific Instant Poll. Here are the results from the 27 votes.

- 63% Yes

- 26% No, but we intend to

- 11% No, and we don't intend to

New Instant Poll:

Do you think Microsoft should offer Internet Explorer (IE) 7.0 for Windows 2000 platforms?

Go to the Security Hot Topic and submit your vote for

- Yes

- No

http://www.windowsitpro.com/windowssecurity#poll

==== 5. Security Toolkit ====

Web Chat: Group Policy

Darren Mar-Elia will answer your questions about troubleshooting Group Policy in a chat February 24, 12:00 P.M. EST. Look for his article, "Troubleshooting Group Policy-Related Problems," in the February 2005 issue of Windows IT Pro magazine, and join the chat at

http://www.windowsitpro.com/Article/ArticleID/45101/45101.html.

FAQ

by John Savill, http://www.windowsitpro.com/windowsnt20002003faq

Q. What's the Microsoft Windows Malicious Software Removal Tool?

Find the answer at http://www.windowsitpro.com/Article/ArticleID/45410

Security Forum Featured Thread: Possible IIS 6.0 and XMLHTTP Security Issue

A forum participant has a client application that creates XML documents that include both text and bin.base64 nodes. Posting is done from the client application using the MSXML2.XMLHTTP.4.0 component to the Active Server Pages (ASP) server application on Microsoft IIS 6.0. The request is loaded into an MSML2.DOMDocument.4.0 object. Sometimes the loading fails and the request is empty. The failure doesn't happen on an IIS 5.1 server. Join the discussion at

http://www.windowsitpro.com/Forums/messageview.cfm?catid=42&threadid=130174

==== Announcements ====

(from Windows IT Pro and its partners)

Try a Sample Issue of Exchange & Outlook Administrator!

If you haven't seen Exchange & Outlook Administrator, you're missing out on key information to help you migrate, optimize, administer, backup, recover, and secure Exchange and Outlook. Plus, paid subscribers receive exclusive online library access to every article we've ever published. Order now!

http://www.exchangeadmin.com/rd.cfm?code=fsep2352up

Nominate Yourself or a Friend for the MCP Hall of Fame

Are you a top-notch MCP who deserves to be a part of the first-ever MCP Hall of Fame? Get the fame you deserve by nominating yourself or a peer to become a part of this influential community of certified professionals. You could win a VIP trip to Microsoft and other valuable prizes. Enter now--it's easy:

http://www.windowsitpro.com/mcphalloffame/index.cfm?code=221emailannc

==== 6. New and Improved ====

by Renee Munshi, [email protected]

A Second Factor of Authentication for Windows

Entrust announced Entrust IdentityGuard for Microsoft Windows, which adds a second factor of authentication for users logging on to Windows desktops. In addition to entering his or her username and password, a user is asked to enter a set of numbers and or characters. The user must find the correct characters on a grid supplied by his or her organization on a wallet-sized plastic card, in conjunction with a building-access card, or in electronic form for portable devices accessing the corporate network. Entrust IdentityGuard for Microsoft Windows will be available for beta in first quarter 2005, with commercial availability in second quarter 2005. For more information, go to

http://www.entrust.com/identityguard/index.htm

Tell Us About a Hot Product and Get a T-Shirt!

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a T-shirt if we write about the product in a future Windows IT Pro What's Hot column. Send your product suggestions with information about how the product has helped you to [email protected].

Editor's note: Share Your Security Discoveries and Get $100

Share your security-related discoveries, comments, or problems and solutions in the Security Administrator print newsletter's Reader to Reader column. Email your contributions (500 words or less) to [email protected]. If we print your submission, you'll get $100. We edit submissions for style, grammar, and length.

==== Sponsored Links ====

Automate Patch Management with Symantec ON iPatch

http://ad.doubleclick.net/clk;14346614;8214395;i?http://sea.symantec.com/IPWITPSL221

Quest Software

See Active Directory in a whole new light. And get a free flashlight! http://ad.doubleclick.net/clk;13695556;8214395;t?http://wm.quest.com/WITPUpdatelinkSpotADflash205

DynaComm i:scan from FutureSoft True Enterprise anti-spyware, network-wide from a central console

http://ad.doubleclick.net/clk;14346738;8214395;p?http://www.dciseries.com/products/iscan/

==== Contact Us ====

About the newsletter -- [email protected]

About technical questions -- http://www.windowsitpro.com/forums

About product news -- [email protected]

About your subscription -- [email protected]

About sponsoring Security UPDATE -- [email protected]