Security UPDATE--Add VMware Player to Your Security Toolkit--October 26, 2005

1. In Focus: Add VMware Player to Your Security Toolkit

2. Security News and Features

- Recent Security Vulnerabilities

- Exchange Server 2003 SP2 Improves Security

- Multiple Vulnerabilities in Oracle Products

- Buffer Overflow Vulnerability in Snort and Sourcefire

- Secure Your Wireless Network

3. Security Toolkit

- Security Matters Blog

- FAQ

- Security Forum Featured Thread

4. New and Improved

- Secure IM for Mobile Users

==== Sponsor: CDW ====

CDW. The Technology You Need When You Need It.

It takes a lot to keep up with today's business. Starting with today's technology. Our account managers and product specialists can get you quick answers to any questions you might have. So visit us online and find out first hand how we make it happen. Every order, every visit, every time. No matter what you need in technology, you can count on CDW for the right technology, right away.

http://go.cdw.com/?id=403566

==== 1. In Focus: Add VMware Player to Your Security Toolkit

by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

VMware is a tool that lets you run various OSs as virtual machines (VMs) on a single computer. The Windows IT Pro Web site has many articles about VMware, which you can find listed at

http://www.windowsitpro.com/search/index.cfm?Action=Search&sortby=date&qs=vmware

I've been testing VMware Workstation lately, and last week I woke up to a pleasant surprise. While doing a little early morning blog surfing, I came across a blog I hadn't read before called Wubble. As it turns out, the blog author, Philip Langdale, works at VMware.

In a blog entry, "VMs for Everyone!" (at the first URL below), I learned that during the VMworld 2005 conference in Las Vegas (Oct. 18-20), VMware released a new standalone tool, VMware Player (at the second URL below). If you've used VMware Workstation, the VMware servers, or VMware ACE (Assured Computing Environment), then you know how incredibly useful VMware is. The new Player (which will also ship with the upcoming VMware Workstation 5.5) is equally useful for two particular reasons. First, it lets you run existing VMs created by other VMware tools and supports VMs created with Microsoft Virtual Server as well as Symantec LiveState Recovery snapshots. Second, it's free.

http://intr.overt.org/blog/?p=10

http://www.vmware.com/products/player

As with many free tools, VMware Player has some limitations. For example, you can't create new VMs and you can't add new hardware to a VM. You can learn about other limitations in VMware's comparison chart.

http://www.vmware.com/products/player/comparison.html

Even with some limitations, VMware Player is a great offering. As you might suspect, you can use it to run Windows, Linux, Novell NetWare, Sun Microsystems Solaris, and FreeBSD as guest OSs. Another nice thing is that if you don't have a VM to run in VMware Player or don't want to create one, you can download one from VMware's Web site. Available are VMs for Novell Linux Desktop, Novell SUSE Linux Enterprise Server, and Red Hat Enterprise Linux, plus several other VMs provided by various application vendors. VMware also provides a VM based on Ubuntu Linux that's configured as a Browser Appliance and designed to let you surf the Internet while protecting your underlying OS from malware.

http://www.vmware.com/vmtn/vm/

If you've run a honeypot or a honeymonkey or had to test various software and tools, you probably know (or can imagine) how using a VM can be of great benefit. For example, you can build your honeypot on any supported OS and run it inside a VM. Then if the honeypot is compromised, it's not a problem--just shut down the VM and restart it again, and any changes made by an intruder are gone. The same goes for running a honeymonkey or testing spyware and other forms of malware. Plus, you can run Linux-based security tools on a Windows desktop by loading them into a Linux-based VM. With VMware Player, you can extend your use to other systems quickly and easily--and that's what makes VMware Player a great addition for your security toolkit. Check it out.

==== Sponsor: Bindview ====

Learn To Sort Through Sarbanes-Oxley, HIPAA And More Legislation Quicker And Easier! In this free white paper, get the tips you've been looking for to save time and money in achieving IT security and regulatory compliance. Find out how you can simplify these manually intensive, compliance-related tasks that reduce IT efficiency. Turn these mandates into automated and cost effective solutions--Download your copy today!

http://www.windowsitpro.com/Whitepapers/bindview/regulatorycompliance/index.cfm?code=secmid1026

==== 2. Security News and Features ====

Recent Security Vulnerabilities

If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at

http://www.windowsitpro.com/departments/departmentid/752/752.html

Exchange Server 2003 SP2 Improves Security

Microsoft released Exchange Server 2003 Service Pack 2 (SP2), which includes a number of new features, including some security enhancements. Learn about the new features in a news story on our Web site (at the first URL below), in Paul Robichaux's article "Exchange Server 2003 SP2 Ships" (at the second URL below), and in Tony Redmond's article "Exploring Exchange 2003 Service Pack 2" (at the third URL below).

http://www.windowsitpro.com/Article/ArticleID/48146

http://www.windowsitpro.com/Article/ArticleID/48185

http://www.windowsitpro.com/Article/ArticleID/47792

Multiple Vulnerabilities in Oracle Products

Multiple high-risk vulnerabilities exist in Oracle9i Database Server, Oracle Database Server 10g, and many other Oracle products. They consist of one buffer overflow condition and numerous possible SQL injection attacks, many of which could be exploited by an intruder to gain complete control of the products. Oracle released a Critical Patch Update (at the URL below) to correct many (but not all) of the problems.

http://www.oracle.com/technology/deploy/security/pdf/cpuoct2005.html

Buffer Overflow Vulnerability in Snort and Sourcefire

Internet Security Systems (ISS) X-Force discovered a buffer overflow vulnerability in Snort, which according to ISS also affects Sourcefire--the commercial version of Snort. The vulnerability exists in the Back Orifice preprocessor; systems that don't use Back Orifice aren't affected. Snort 2.4.3 was released to correct the problem. For more details about the problem in Snort, read the announcement on the Snort.org Web site (first URL below) and ISS's advisory at the second URL below. At the time of this writing, no information was available about updates to Sourcefire.

http://www.snort.org/pub-bin/snortnews.cgi#99

http://xforce.iss.net/xforce/alerts/id/207

Secure Your Wireless Network

Along with the benefits of wireless networks comes a need to keep them secure. John Howie gives you a look at some practical steps you can take to secure your wireless networks, methods to automate configuration-setting deployment, and tools you can use to probe for unsecured and unauthorized wireless networks.

http://www.windowsitpro.com/Article/ArticleID/47860

==== Resources and Events ====

Get Ready for the SQL Server 2005 Roadshow in Europe--Get the facts about migrating to SQL Server 2005!

SQL Server experts will present real-world information about administration, development, and business intelligence to help you implement a best-practices migration to SQL Server 2005 and improve your database-computing environment. Receive a one-year membership to PASS and one-year subscription to SQL Server Magazine. Register now.

http://www.windowsitpro.com/roadshows/sqlservereurope/index.cfm?code=1026emailannc

Exploit the Opportunities of a Wireless Fleet

With the endless array of mobile and wireless devices and applications, it's hard to decide what you can do with the devices beyond providing mobile email access. It's even tougher to know how to keep it all secure. Join industry guru Randy Franklin Smith in this free Web seminar and discover what you should do to leverage your mobile and wireless infrastructure, how to pick devices that are right for you, and more!

http://www.windowsitpro.com/go/seminars/mobileandwireless/?partnerref=1026emailannc

Get the Most from Your Infrastructure by Consolidating Servers and Storage

Improved utilization of existing networking resources and server hardware let you allocate money and time where they're needed most. In this free Web seminar, learn to optimize your existing infrastructure with the addition of server and storage consolidation software and techniques. You'll get the jumpstart you need to evaluate the suitability and potential of your computing environments for the added benefits that consolidation technology can provide.

http://www.windowsitpro.com/go/seminars/serverconsolidation?partnerref=1026emailannc

Deploy VoIP and FoIP Technologies--Win a Starbucks Gift Card

Voice over Internet Protocol (VoIP) is the future of telecommunications and many companies are already enjoying the benefits of using voice over IP networks to significantly reduce telephone and facsimile costs. Join industry expert David Chernicoff for this free Web seminar to learn the ins and outs of boardless fax in IP environments, tips for rolling out fax and integrating fax with telephony technologies, and more. Attend, and you could win a Starbucks gift card!

http://www.windowsitpro.com/go/seminars/voip/?partnerref=1026emailannc

What Does It Mean to Be Compliant?

We've all heard about legal and regulatory requirements, but there are other types of compliance that might also affect you--specifically email compliance. In this free Web seminar, you'll get insights into compliance and policy issues that you need to know about, as well as suggestions on what to look for when implementing your compliance strategy and more! Register today!

http://www.windowsitpro.com/go/seminars/compliance/?partnerref=1026emailannc

All High Availability Solutions Are Not Created Equal--How Does Yours Measure Up?

In this free, on-demand Web seminar you'll get the tools you need to ensure your systems don't go down. You'll learn what solutions help you take preemptive, corrective action without resorting to a full system failover, that perform a nondisruptive, automatic switchover to a secondary server in extreme cases.

http://www.windowsitpro.com/seminars/truehighavailability/index.cfm?code=1026emailannc

==== Featured White Paper ====

Dashboard Development and Deployment--A Methodology for Success

Business information carries little value unless it reaches the right person at the right time. This free white paper tells you what you need to know to remain competitive while improving the speed and quality of decision-making. Learn how a well-designed dashboard can provide critical information to decision makers, enable them to monitor the health of your organization and bring immediate ROI to your business.

http://www.windowsitpro.com/go/whitepapers/noetix/dashboard?code=1026emailannc

==== Hot Release ====

Audit your Network for Security Weaknesses

Are you confident your network is secure? Get a free network security check from Qualys and find out the necessary fixes to proactively guard your network. No software downloads required.

Make sure your network is secure. Get a Free Trial today!

http://www.qualys.com/POS/confidence/form/?lsid=6539

==== 3. Security Toolkit ====

Security Matters Blog: New Linksys Wireless Adapter Puts a Wi-Fi Scanner in Your Pocket

by Mark Joseph Edwards, http://www.windowsitpro.com/securitymatters

The new Linksys Wireless-G USB Network Adapter with Wi-Fi Finder is a really slick and innovative product. It has a built-in wireless scanner to detect available networks, and it works as a standalone unit so you can detect 802.11b/g networks before you power up your laptop. Having one of these is sort of like having NetStumbler in a device the size of a pack of gum! Check it out in this blog entry.

http://www.windowsitpro.com/Article/ArticleID/48138

FAQ

by John Savill, http://www.windowsitpro.com/windowsnt20002003faq

Q: How can I redirect Microsoft Outlook profiles during cross-Administrator group mailbox migrations?

Find the answer at

http://www.windowsitpro.com/Article/ArticleID/48124

Security Forum Featured Thread: Automate Setting ACLs on Folders

A forum participant wants to know how to configure a Linksys router, which is connected to a Zyxel DSL modem, so that it will work with a proxy server to filter unwanted sites. The writer has built a similar configuration before, but now an application keeps presenting a connection error. Join the discussion at:

http://forums.windowsitpro.com/web/forum/messageview.aspx?catid=42&threadid=44033&enterthread=y

==== Announcements ====

(from Windows IT Pro and its partners)

Become a VIP Subscriber!

Get inside access to ALL the articles, tools, and helpful resources published in Windows IT Pro, SQL Server Magazine, Exchange and Outlook Administrator, Windows Scripting Solutions, and Windows IT Security--that's more than 26,000 articles at your fingertips. Your VIP subscription also includes a valuable one-year print subscription to Windows IT Pro and two VIP CDs (includes the entire article database on CD). Sign up now:

https://store.pentontech.com/index.cfm?s=1&promocode=eu275auv

The Windows IT Security Newsletter

We've expanded our content to include even more fundamentals on building and maintaining a secure enterprise. Each issue features in-depth product coverage of the best security tools available, including expert advice on the best way to implement various security components. Plus, paid subscribers now get online access to our entire online security article database (more than 1900 articles). Order now:

https://store.pentontech.com/index.cfm?s=1&promocode=eu255aue

==== 4. New and Improved ====

by Renee Munshi, [email protected]

Secure IM for Mobile Users

Akonix Systems announced L7 Remote User Agent, which provides IM security and logging capabilities for mobile employees. When deployed on a laptop, L7 Remote User Agent monitors IM use and ensures that all IM activity is secured and logged by Akonix L7 Enterprise, minimizing risks of attack or noncompliance through unsecured IM access. L7 Remote User Agent supports all public IMs--AOL's AIM, Yahoo! Messenger, MSN Messenger, ICQ, and Google Talk--and Windows Server 2003/XP/2000. For more information, go to

http://www.akonix.com

Tell Us About a Hot Product and Get a T-Shirt!

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a T-shirt if we write about the product in a future Windows IT Pro What's Hot column. Send your product suggestions with information about how the product has helped you to

[email protected].

Editor's note: Share Your Security Discoveries and Get $100

Share your security-related discoveries, comments, or problems and solutions in the Windows IT Security print newsletter's Reader to Reader column. Email your contributions (500 words or less) to [email protected]. If we print your submission, you'll get $100. We edit submissions for style, grammar, and length.

==== Contact Us ====

About the newsletter -- [email protected]

About technical questions -- http://www.windowsitpro.com/forums

About product news -- [email protected]

About your subscription -- [email protected]

About sponsoring Security UPDATE -- [email protected]