PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:
St. Bernard Software
IN FOCUS: More About OS Haste; BATV
NEWS AND FEATURES
- Security Vendor Claims Microsoft Is Shutting Out Competition
- Microsoft Closes Acquisition and Offers Whale of a Deal
- Sam Spade on the Spam Case - Recent Security Vulnerabilities
GIVE AND TAKE
- Security Matters Blog: Firefox 18.104.22.168 Now Available
- FAQ: Iterating a DC's Sites
- Take the Windows IT Pro Salary Survey
- "Securing Access at the Application Layer: Keeping Remote and Mobile Users Fully Functional" On-Demand Web Seminar
- Share Your Security Tips
- Authenticate Your OWA Users
- Tell Us About a Hot Product
RESOURCES AND EVENTS
FEATURED WHITE PAPER
=== SPONSOR: CrossTec
Are you spending too much time monitoring security logs?
Research shows that IT Security Managers can spend over four hours a day monitoring various security event logs and chasing after alerts. Activeworx saves you valuable time because it consolidates and manages logs from multiple vendors and devices. Activeworx Security Center is a cost-effective security information management solution that provides real-time security device log monitoring with correlated alerts, audit and compliance reports, and tools for advanced, in-depth forensic analysis. Activeworx reduces the time it takes to analyze event data from multiple sources and produces real-time reports that pinpoint network security breaches and vulnerabilities. These in-depth reports provide the details necessary for regulatory compliance reporting for Sarbanes-Oxley, HIPAA, and the Gramm-Leach-Bliley Act. Try Activeworx for free - fast install and free support.
=== IN FOCUS: More About OS Haste; BATV
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
I received another reader perspective on OS release frequency that I'll share with you this week, then I'll briefly share some information about Bounce Address Tag Validation that I think will interest you.
The reader pointed out that many companies upgrade OSs at the same time they upgrade hardware. The reasons he cited for doing so are that sometimes it's more cost-effective to buy the OS through an OEM (typically along with the new hardware) and that many companies lack the centralized management required to upgrade OSs on old hardware in an efficient manner. A shorter OS release cycle doesn't matter that much to companies who synchronize hardware and OS upgrades.
His points make good sense, especially given that Windows Vista will require more powerful hardware than many people have available in their network environments. So some companies that want to take full advantage of Vista will no doubt upgrade to new hardware and Vista at the same time.
Last week, I learned about a new email technology called Bounce Address Tag Validation (BATV), which is designed to prevent SMTP bounce abuse. Spammers sometimes use SMTP bounce to deliver email messages to their targets. To do so, a spammer addresses a message to any fake address and sets the From address to the real intended recipient. Then the spammer sends the email message to a third-party mail server. That mail server sees that the message isn't destined for a known user at a known domain hosted by the mail server and bounces the message back to the From address, thereby unwittingly delivering the spam message for the spammer.
Malicious attackers also abuse SMTP bouncing, but they send a huge volume of email so that the victim mail server or its network bandwidth is overwhelmed.
BATV is designed to prevent these attacks. It uses a specially encoded From address that can be authenticated. Because a mail header, which includes the From field, is sent before the message body, a mail server can authenticate a message from its header before accepting or rejecting the bulk of the message. Screening out bad messages effectively reduces the load on a mail server and the overall network bandwidth.
Another great advantage of BATV is that because each mail server would perform its own From address encoding, BATV can be implemented on a per-server basis without any restrictive dependencies, such as third-party databases, peer-to-peer data sharing, or recurring service access fees.
BATV is an Internet Engineering Task Force (IETF) draft proposal that began in late 2004. You can read the proposal, which of course includes the technical specifications, at the IETF Web site at the URL below. If you're interested in the technology, check with your mail server software provider to see if it supports BATV.
=== SPONSOR: St. Bernard Software
Examine the threats of allowing unwanted or offensive content into your network and learn about the technologies and methodologies to defend against inappropriate content, spyware, IM, and P2P.
=== SECURITY NEWS AND FEATURES
Security Vendor Claims Microsoft Is Shutting Out Competition
Security solution provider Agnitum claims that Microsoft's kernel patch protection will shut out competing products unless competitors resort to hacker tactics.
Microsoft Closes Acquisition and Offers Whale of a Deal
Microsoft closed its acquisition of Whale Communications, which is now a wholly owned subsidiary. Microsoft is offering a significant discount on the newly acquired Whale security products.
Sam Spade on the Spam Case
Whether you're investigating a possible phishing scam or determining whether the email clogging your corporate mailboxes is legitimate or spam, you can turn to the classic Sam Spade tool. Jeff Fellinge gives an overview in this article on our Web site.
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at
=== SPONSOR: Core Security
Manage Vulnerabilities. Defend Against Threats. Free White Paper.
Your IT and Security budgets are tight. This Yankee Group White Paper shows real-world case studies demonstrating the ROI potential using automated penetration testing.
=== GIVE AND TAKE
SECURITY MATTERS BLOG: Firefox 22.214.171.124 Now Available
by Mark Joseph Edwards, http://www.windowsitpro.com/securitymatters
FAQ: Iterating a DC's Sites
by John Savill, http://www.windowsitpro.com/windowsnt20002003faq
Q: How can I determine which sites a domain controller (DC) covers?
Find the answer at
TAKE THE WINDOWS IT PRO SALARY SURVEY
We need your help! Windows IT Pro is launching its third Windows IT Pro Industry Salary Survey, and we want to find out all about you and what makes you a satisfied IT pro. When you complete the survey (about 10 minutes of your time), you'll be entered in a drawing for one of five $100 American Express gift certificates. Look for the survey results--and how you stack up against your peers--in our December issue. To take the survey, go to
"Securing Access at the Application Layer: Keeping Remote and Mobile Users Fully Functional" on-demand Web seminar, with speakers Randy Franklin Smith and Judah Aspler. Register at
SHARE YOUR SECURITY TIPS AND GET $100
Share your security-related tips, comments, or problems and solutions in the Windows IT Security print newsletter's Reader to Reader column. Email your contributions to [email protected] If we print your submission, you'll get $100. We edit submissions for style, grammar, and length.
by Renee Munshi, [email protected]
Authenticate Your OWA Users
VASCO Data Security International has launched DIGIPASS easy pack, an authentication solution that works with Microsoft Outlook Web Access (OWA). With DIGIPASS easy pack, users log on to their Web mail account by entering a PIN and a one-time password generated by the provided DIGIPASS GO 3 device. DIGIPASS easy pack is designed to be affordable and easy to manage for small to midsized businesses (SMBs). It contains 10 DIGIPASS GO 3 devices and the most recent version of VASCO's VACMAN Middleware software and includes a year of maintenance support. You can also purchase additional DIGIPASS GO 3 devices. For more information, go to http://www.digipasseasypack.com
Tell Us About a Hot Product and Get a Best Buy Gift Card!
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Best Buy Gift Card if we write about the product in a Windows IT Pro What's Hot column. Send your product suggestion with information about how the product has helped you to [email protected]
=== RESOURCES AND EVENTS
Cross-Platform Data Roadshow
Oracle professionals will cover key concepts about Oracle and SQL Server in enterprise database computing. This event provides invaluable information about the benefits of 64-bit computing on the Windows platform, SQL Server BI for Oracle, high-availability proof points for SQL and Oracle, and much more.
Are you protected company-wide against spyware, keyloggers, adware, and backdoor Trojans? Test the state-of-the-art scanning engine that uses threat signatures from multiple sources to track down the culprits that antivirus solutions alone can't protect you against. Download your free 30-day trial of CounterSpy Enterprise today!
How will compliance regulations affect your IT infrastructure? Help design your retention and retrieval, privacy, and security policies to make sure that your organization is compliant. Download the full ebook today!
Take an up-to-date look at secure, remote access to corporate applications and stay ahead of the curve when making decisions about near- and long-term IT infrastructure. On-demand Web seminar.
Learn the key requirements of an effective internal network security solution and whether your approach protects you against worms, BotNets, Trojan horses, and hackers. On-demand Web seminar.
=== FEATURED WHITE PAPER
Secure Your Online Data Transfer with SSL
Increase your customers' confidence and your business by securely collecting sensitive information online. In this free white paper, you'll learn about the various applications of SSL certificates and their appropriate deployment, along with details of how to test SSL on your Web server.
Uncover Essential Windows Knowledge Through Excavator
Try out the ultimate vertical search tool--Windows Excavator. Windows Excavator gives you fast and thorough third-party information while filtering out unwanted content. Visit http://www.winexcavator.com today!
Save $40 off Windows IT Pro Magazine
Subscribe to Windows IT Pro magazine today and SAVE up to $40! Along with your 12 issues, you'll get FREE access to the entire Windows IT Pro online article archive, which houses more than 9,000 helpful IT articles. This is a limited-time offer, so order now:
Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and the Windows IT Security newsletter (subscribe at the second URL below).
Subscribe to Security UPDATE at
Unsubscribe by clicking
Be sure to add [email protected] to your antispam software's list of allowed senders.
To contact us:
About Security UPDATE content -- [email protected]
About technical questions -- http://www.windowsitpro.com/forums
About your product news -- [email protected]
About your subscription -- [email protected]
About sponsoring Security UPDATE -- [email protected]
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2006, Penton Media, Inc. All rights reserved.