Security UPDATE--Copying Files Securely Between Systems--October 12, 2005

1. In Focus: Copying Files Securely Between Systems

2. Security News and Features

- Recent Security Vulnerabilities

- Microsoft Releases 9 Security Bulletins in October

- Microsoft Announces New Products and New Consortium

- Microsoft Brings Antimalware Tech to Corporations

- Symantec to Acquire BindView

- 10 Network Security Assessment Tools You Can't Live Without

3. Security Toolkit

- Security Matters Blog

- FAQ

- Security Forum Featured Thread

4. New and Improved

- Freeze Workstation Configurations

==== Sponsor: CDW ====

CDW. The Technology You Need When You Need It.

It takes a lot to keep up with today's business. Starting with today's technology. Our account managers and product specialists can get you quick answers to any questions you might have. So visit us online and find out first hand how we make it happen. Every order, every visit, every time. No matter what you need in technology, you can count on CDW for the right technology, right away.

http://go.cdw.com/?id=403566

==== 1. In Focus: Copying Files Securely Between Systems

by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

If you need to copy files from one system to another over an unprotected network, you can do it in a few ways. For example, you can employ the RRAS component that comes with Windows Server 2003 and Windows 2000 Server to establish a VPN that uses PPTP; you can use Microsoft IIS and Secure Sockets Layer (SSL) connections along with a custom Web interface; or you can use Secure Shell (SSH). There are other ways to accomplish this task, but these are probably the most common solutions.

If you're interested in setting up RRAS and PPTP, you can find instructions in the Microsoft article "Step-by-Step Guide for Setting Up a PPTP-based Site-to-Site VPN Connection in a Test Lab" (URL below). This is a good solution, especially if you want to use the VPN for other tasks.

http://www.microsoft.com/downloads/details.aspx?FamilyID=7424168e-f745-4450-b671-aac2c79568eb&DisplayLang=en

Using IIS and SSL is simple enough, but it does require you to design a Web interface that meets your needs. For example, designing for downloading files is easy enough, but you'll need a script or ActiveX control for uploading files. This method also requires that you expose the IIS system to some extent, which you might not want to do.

The third method, using an SSH server, might be a better solution. SSH servers provide encrypted transports between clients and servers by using a variety of encryption methods, including Triple DES (3DES), Blowfish, CAST (named after its developers Carlisle Adams and Stafford Tavares), Advanced Encryption Standard (AES), and possibly others, depending on the software you use. Another benefit is that SSH can use public keys instead of passwords to authenticate a session. Plus, SSH servers offer cross-platform support--versions are available for just about every popular OS, including Linux and BSD, as well as Sun Microsystems and Apple platforms.

By using SSH, you can not only copy files securely, you can also open a secure Telnet session (using a special shell client) to a remote server, which might come in handy for remote administration. In addition, you can tunnel unencrypted services over SSH connections. For example, by using port forwarding, you can run SQL traffic, POP3 traffic, and many other types of service traffic over SSH connections.

Several commercial and open-source SSH servers are available for Windows. If you want a robust commercial solution, check out the products at SSH Communications Security (at the first URL below) or AttachmateWRQ (at the second URL below). If you want an open-source solution, consider OpenSSH for Windows (at the third URL below) or freeSSHd (at the fourth URL below). Both open-source solutions can run as a system service; freeSSHd offers a simple GUI interface, OpenSSH doesn't.

http://www.sshcommunications.com/products/tectia

http://www.wrq.com/products/reflection/ssh/

http://sshwindows.sourceforge.net

http://freesshd.com

If you run Windows 2003, a step-by-step tutorial is available to help you install OpenSSH for Windows. "Installing OpenSSH for Windows 2003 Server - How to get it working," by Steve Pillinger, senior computer officer at the School of Computer Science at the University of Birmingham in England, describes how to set up user accounts, assign user rights, set file permissions, and configure authentication.

http://www.cs.bham.ac.uk/~smp/projects/ssh-windows

If you run Win2K Server, you can use Beau Monday's step-by-step guide, "Configuring OpenSSH (Win32) for Public Key Authentication." His guide is equally detailed and includes information about how to configure PuTTY, which is an open-source SSH command-line client for Windows platforms. The PuTTY package also includes a PuTTY Secure Copy (PSCP) client. If you use Monday's guide, take note that his link to OpenSSH for Windows is broken. The project has relocated to SourceForge, and you can find it by using the second URL below.

http://bmonday.com/articles/653.aspx

http://sshwindows.sourceforge.net

I've used the PuTTY PSCP client quite a bit, and even though it's a good tool, I prefer a GUI because it saves me a whole lot of typing. With a GUI, you can copy files using simple drag-and-drop techniques, and you can typically navigate directories in a treeview similar to that of Windows Explorer. As an alternative to PuTTY, you might consider WinSCP (at the URL below) for file-copying tasks. WinSCP supports both Secure Copy (SCP) and Secure FTP (SFTP).

http://winscp.net/eng/index.php

==== Sponsor: Diskeeper ====

Speed up your systems--try Diskeeper 9 free

The secret to maximum computer speed is simple: Eliminate disk fragmentation entirely. Diskeeper 9, the Number One Automatic Defragmenter, features a high-speed defragmentation engine that runs in the background. It's so fast and so transparent that you can run it on active servers and PCs, keeping your systems defragmented while your users work. All you do is "Set It and Forget It", and fragmentation-related problems are gone for good. Don't settle for less performance than your servers and PCs can deliver. See the benefits for yourself--download your FREE evaluation version of Diskeeper 9 now!

http://www.diskeeper.com/diskeeper/diskeeper.asp?RId=1&SId=5&CId=13&ad=witpdk10&apid=PPS0001172

==== 2. Security News and Features ====

Recent Security Vulnerabilities

If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at

http://www.windowsitpro.com/departments/departmentid/752/752.html

Microsoft Releases 9 Security Bulletins in October

Microsoft released nine security bulletins yesterday. Eight of them relate to patches for Windows and one relates to a patch for Windows and Microsoft Exchange Server. Of the nine, Microsoft considers at least one to be critical.

http://www.windowsitpro.com/Article/ArticleID/48075

Microsoft Announces New Products and New Consortium

After acquiring antivirus, antispyware, and antispam solution makers, Microsoft has finally announced its new antimalware product plans along with a new security consortium.

http://www.windowsitpro.com/Article/ArticleID/48054

Microsoft Brings Antimalware Tech to Corporations

As promised, Microsoft will soon introduce a beta version of its antispyware and antivirus tools for managed corporate networks, giving enterprises the tools they need to remove malware on client PCs and file servers.

http://www.windowsitpro.com/Article/ArticleID/48040

Symantec to Acquire BindView

Further strengthening its position in the security market space, Symantec announced a deal to acquire BindView. The acquisition, which is expected to close in first quarter 2006, better positions Symantec to offer end-to-end security solutions for policy compliance and vulnerability management.

http://www.windowsitpro.com/Article/ArticleID/48038

10 Network Security Assessment Tools You Can't Live Without

Jerry Cochran describes his favorite penetration-testing tools, including Nmap and SNMPWalk, and encourages you to use them on your network--before the hackers do. After you read this article, tell us your network security assessment story and win a Windows IT Pro T-shirt. Just click in the Interact! box on the article Web page.

http://www.windowsitpro.com/Article/ArticleID/47648

==== Resources and Events ====

Discover SQL Server 2005 for the Enterprise. Are you prepared?

In this free half-day event, you'll learn how the top new features of SQL Server 2005 will help you create and manage large-scale, mission-critical enterprise database applications--making your job easier. Find out how to leverage SQL Server 2005's new capabilities to best support your business initiatives. Register today!

http://www.windowsitpro.com/roadshows/sqlserverdba/index.cfm?code=1012emailannc

Get the Most from Your Infrastructure by Consolidating Servers and Storage

Improved utilization of existing networking resources and server hardware enable allocation of scarce financial and time resources where they're needed most. In this free Web seminar, learn to optimize your existing infrastructure with the addition of server and storage consolidation software and techniques. You'll get the jumpstart you need to evaluate the suitability and potential of your computing environments for the added benefits that consolidation technology can provide.

http://www.windowsitpro.com/go/seminars/serverconsolidation?partnerref=1012emailannc

Deploy VoIP and FoIP Technologies

Voice over Internet Protocol (VoIP) is the future of telecommunications, and many companies are already enjoying the benefits of transporting voice over IP networks to significantly reduce telephone and facsimile costs. Join industry expert David Chernicoff for this free Web seminar to learn the ins and outs of boardless fax in IP environments, tips for rolling out fax and integrating fax with telephony technologies, and more!

http://www.windowsitpro.com/go/seminars/voip/?partnerref=1012emailannc

Exploit the Opportunities of a Wireless Fleet

With the endless array of mobile and wireless devices and applications, it's hard to decide what you can do with the devices beyond providing mobile email access. It's even tougher to know how to keep it all secure. Join industry guru Randy Franklin Smith in this free Web seminar and discover what you should do to leverage your mobile and wireless infrastructure, how to pick devices that are right for you, and more!

http://www.windowsitpro.com/go/seminars/mobileandwireless/?partnerref=101205emailannc

The Conference & Expo on Mobile and Wireless Security

The must-attend event for securing your wireless applications and networks, the Conference & Expo on Mobile and Wireless Security is designed to navigate you through today's high-threat landscape. Discover real-world security solutions from practitioners winning the battle against hackers, undisciplined users, and the occasional villainous virus.

Click here for details: http://www.misti.com/08/mws05fel1inf.html

Cut Your Windows XP Migration Time by 60% or More!

If your organization is considering--or has already begun migrating your operating system to Windows XP, then this Web seminar is for you. Sign up for this free event, and you'll learn how to efficiently migrate your applications into the Windows Installer (MSI) format, how to prepare them for error-free deployment, what steps you need to follow to package your applications quickly and correctly, and more!

http://www.windowsitpro.com/go/seminars/WindowsXP?partnerref=1012emailannc

==== Featured White Paper ====

Stopping Crimeware and Malware: How to Close the Vulnerability Window

Computer users can no longer wait for a new vaccine every time a new security threat appears. How do you defend your network in a world of smarter, faster, Internet-borne zero-day attacks? Find out about Intrusion Prevention that can detect and destroy unknown malware with virtually zero false positives.

http://www.windowsitpro.com/go/whitepapers/panda/stopcrimeware?code=1012emailannc

==== Hot Release ====

Meeting Enterprise Management Needs: The Integration of Microsoft SMS 2003 and Afaria

Learn about the capabilities offered by the integration of Microsoft SMS 2003 and Afaria. In this free white paper you'll learn about new functionality and benefits of Microsoft SMS specifically targeted to improving management of remote and mobile devices, challenges of managing frontline systems, how the combined solution creates value around the successful use of technology at the front lines of business and more.

http://www.windowsitpro.com/go/whitepapers/ianywhere/enterprisemgmt?code=sechot1012

==== 3. Security Toolkit ====

Security Matters Blog: Nematodes: Worms That Help Your Networks

by Mark Joseph Edwards, http://www.windowsitpro.com/securitymatters

Would you unleash a worm on your networks if that worm was designed to protect the networks instead of infiltrate them? Dave Aitel thinks you would, and that was the subject of his presentation at the latest Hack in the Box conference in Malaysia. Read more about it in this blog entry.

http://www.windowsitpro.com/Article/ArticleID/48045

FAQ

by John Savill, http://www.windowsitpro.com/windowsnt20002003faq

Q: Can I change the type of logging that Active Directory (AD) uses?

Find the answer at

http://www.windowsitpro.com/Article/ArticleID/47861

Security Forum Featured Thread: How to Automate Setting ACLs on Folders

Drew is trying to verify folder security on his file servers. He's running into many inconsistencies with folder permissions and wants to know if there's a script he can run to adjust the permissions. For example, all his users have a home directory on one of his file servers. He wants to set the ACL on each home directory folder to allow the user, administrators, and System account to have full control. Join the discussion at:

http://forums.windowsitpro.com/web/forum/messageview.aspx?catid=42&threadid=43779&enterthread=y

==== Announcements ====

(from Windows IT Pro and its partners)

Become a VIP Subscriber!

Get inside access to ALL the articles, tools, and helpful resources published in Windows IT Pro, SQL Server Magazine, Exchange and Outlook Administrator, Windows Scripting Solutions, and Windows IT Security--that's more than 26,000 articles at your fingertips. Your VIP subscription also includes a valuable 1-year print subscription to Windows IT Pro and two VIP CDs (that contain the entire article database). Sign up now:

https://store.pentontech.com/index.cfm?s=1&promocode=eu275auv

SQL Server Magazine Has Answers

You won't want to miss any of the fall issues! Subscribe now and discover the best tools to keep SQL Server tuned, the ins and outs of SQL Server 2005, ways ADO.NET 2.0 solves your problems, and much more. You'll also gain exclusive access to the entire SQL Server Magazine online article database (more than 2300 articles) and you'll SAVE 44% off the cover price. Click here:

https://store.pentontech.com/index.cfm?s=9&promocode=eu215aus

==== 4. New and Improved ====

by Renee Munshi, [email protected]

Freeze Workstation Configurations

Faronics Technologies announces the official release of Deep Freeze 5.5 Standard, Professional, and Enterprise editions. Deep Freeze protects original computer configurations. No matter what changes a user makes to a workstation, when he or she restarts the system, Deep Freeze eradicates all the changes and resets the computer to its original state. Deep Freeze 5.5's new features include enhanced compatibility when deployed as part of a master image, the ability to specify login information for executing custom scripts during scheduled maintenance periods, and enhanced password security. For more information, go to

http://www.faronics.com

Tell Us About a Hot Product and Get a T-Shirt!

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a T-shirt if we write about the product in a future Windows IT Pro What's Hot column. Send your product suggestions with information about how the product has helped you to

[email protected].

Editor's note: Share Your Security Discoveries and Get $100

Share your security-related discoveries, comments, or problems and solutions in the Windows IT Security print newsletter's Reader to Reader column. Email your contributions (500 words or less) to [email protected]. If we print your submission, you'll get $100. We edit submissions for style, grammar, and length.

==== Sponsored Links ====

Admins rush to install BLOG servers

How to run your own blog server. Free 5-user license.

http://netwinsite.com/surgeblog/

==== Contact Us ====

About the newsletter -- [email protected]

About technical questions -- http://www.windowsitpro.com/forums

About product news -- [email protected]

About your subscription -- [email protected]

About sponsoring Security UPDATE -- [email protected]