|| Product Square || Balanced Life || Free Ad || Pro Services || Member Club || Contact  || Home  || Back ||
IT Security Everywhere IT Security News
(Please see more news in the Chinese Version) (courtesy of different news sources here) Last Update Dec 2000
	ZDNet > News > Summer of Hacking (courtesy of ZDNet)
Script kiddies: The Net's cybergangs 　 How To Eliminate The Ten Most Critical Internet Security Threats The Experts’ Consensus Version 1.30 November 17, 2000 Copyright 2000, The SANS Institute
	Files UNDELETE WORKS EVERYWHERE? Yes, Beware of this. (July 2000)
It's easy to restore a deleted file -- as long as it's in the Recycle Bin. But even after you've emptied the bin, chances are excellent that the operating system hasn't reused the space and that the file is recoverable. You should make sure that the deleted files are really gone, not recoverable by anyone. To do that, you have to overwrite the file, not just delete it. Ordinary deletion removes the file from the disk's directory and marks the sectors available for re-use. The operating system, however, is designed to use never-used space first, before reusing deleted files. You can find lots of file wiping or secure erasing programs.
	5 ways to guard against e-mail viruses
1. Don't use Outlook and Outlook Express. This may not be realistic advice in the real world, but you should at least use Love Bug as a reason to reevaluate what your shop standards are for e-mail clients. Viruses often target Outlook and/or Outlook Express; using other clients minimizes your exposure. Beware, though, that avoiding Outlook isn't unconditional protection. Love Bug required Outlook to replicate itself but was able to damage PCs in the absence of Outlook.  2. Make all users aware of the dangers of unsolicited attachments. E-mail viruses rely on users opening infected attachments. All e-mail users must understand the potential consequences of opening attachments from bad guys. As a further reminder of how dangerous attachments can be, consider creating an incoming mail rule in Outlook that directs all e-mails with attachments to an attachments-specific folder. I now use an Outlook rule that directs mail with attachments to a folder called BeCareful. Putting mail with attachments in this folder doesn't make it impossible to launch them, but it does help provide me with a constant reminder that e-mails with attachments should be treated with special care. 3. Use anti-virus software and keep it current. Anti-virus software isn't foolproof: early in Love Bug's life anti-virus software offered no protection against the virus because it hadn't yet been identified as a virus.  Despite a potential limitation on late-breaking viruses, good anti-virus protection is mandatory! Get an enterprise anti-virus subscription and keep it current. Also, virtually all anti-virus vendors offer e-mail services to update you with late-breaking virus news. (See URLs below.) 4. Be aware of the need for secondary virus fixes. Even after McAfee's  anti-virus software had removed infected files from my PC, I still had residual entries in my registry. To fix such spurious side effects, you'll often need to run adjunct software to fully rehabilitate infected PCs. Norton has published a free secondary fix called FIXLOVE.EXE on its Web site that worked for me. (See URL below.) 5. Disable the Windows Scripting Host. The Windows Scripting Host (WSH) is Windows' solution for a robust batch processor -- it is primarily a replacement for DOS BAT files. WSH not only provides a rich scripting language (using either VBScript or JavaScript), but it also exposes all of Windows COM objects. These COM objects provide the clever WSH programmer keys to your Windows kingdom. Unless you have a specific need for WSH (and you probably don't), disable this way: 1. Open the Control Panel. 2. Open the Add/Remove Programs applet. 3. Click the Windows Set-up tab. 4. Double-click Accessories. 5. Deselect Windows Scripting Host shown in the Accessories list. If it isn't already selected or present, it currently isn't installed on your system. 6. Click OK twice.
	DDOS Attacks (Mar 2000)
SLAMMER OR GLAMOUR FOR DOS HACKERS? (SEARCHWIN2000.COM) Respondents to a TechTarget.com poll showed little mercy toward those responsible for the recent denial-of-service attacks on several high-profile Web sites. In fact, some of the poll's participants were downright bloodthirsty.
	Develop methods to prevent DDOS Attacks (Mar 2000)
MICROSOFT STEPS UP BATTLE AGAINST WEB ATTACKS (VNUNET.COM) Microsoft has stepped up its research into denial-of-service attacks after the emergence of a new tool that threatens Windows servers. The software giant has awarded the University of California and the University of Virginia $125,000 and $225,000, respectively, to develop methods to prevent distributed denial-of-service (Ddos) attacks.
	Developing regulations on security policy (Mar 2000)
IBM CHIEF CALLS ON NET INDUSTRY TO POLICE ITSELF (TECHWEB)  IBM chief Louis Gerstner told a conference on the new economy at Boston College Monday that Internet industry leaders must take responsibility for developing regulations on privacy, security and trade policy, or risk the government doing it for them.
	Boom in business of IT security services (Mar 2000)
OUTSOURCED SECURITY ON THE RISE (INTERNETWEEK) Mar 7  Following the recent wave of cyber attacks, providers of managed security services are enjoying a boom in business fueled by the shortage of in-house IT security experts. The market for security consulting is expected to jump to $14.8 billion by 2003, up from $6.2 billion last year.
	Has your PC been hijacked? By Robert Lemos, ZDNet News UPDATED February 17, 2000 5:34 AM PT
Do you subscribe to a cable modem or DSL service? You're at risk. A growing awareness of the dangers of unsecured home PCs leads to a boom in firewall downloads. And broadband providers are finally getting the message, too. It's 3 a.m. Do you know who's on your computer? Security experts warn that network intruders -- once only a boogeyman for large corporations and government agencies -- are becoming an increasing threat to home users, especially those wired to the Internet via new broadband connections such as cable modem and DSL. "Home users don't have the right security tools nor the understanding about why they need them," said Eugene Spafford, computer science professor and security expert at Purdue University. "They are much more likely to be prone to attack, or their machines used in distributed, coordinated attacks." The case of Christian Crumlish For most users, installing a personal firewall can stop most such illicit use. Just ask Christian Crumlish of the importance of a good firewall. Spooked by last week's attacks, the Waterside Productions literary agent downloaded Zone Labs Inc.'s free firewall, ZoneAlarm 2.0, and installed the electronic gate onto his DSL-connected PC. Other personal firewall products include BlackICE Defender and Norton Internet Security 2000. "My system had slowed at seemingly random times in the past," said Crumlish. "But I never really thought I would find anything." Against expectations, Crumlish found three programs that, together, opened up his PC for use by cyber vandals. The programs -- run.exe, msr.exe.exe and kerne1.exe -- were the pieces to a backdoor app known as SubSeven. Whoever installed the programs has come back knocking at the trapdoor he left behind, Crumlish said. "I have detected three or four attempts to get into my system since I installed ZoneAlarm," said Crumlish, who added that without the urging of a friend, he would never had thought to put the firewall on his system. "Broadband providers are not telling their customers about the threats that they have to worry about," he said. In fact, more than 400,000 users have taken matters into their own hands and downloaded copies of ZoneAlarm since the attacks last week. Such incidences are quickly convincing broadband companies to change their tune. The attention to such security details could not come quick enough, said Gregor Freund, president of firewall maker Zone Labs. According to the company, attackers can directly access the hard drives of approximately 10 percent of home computers without having to circumvent security. "(Those users') computers are completely wide open," he said. Such attacks are almost ubiquitous, he added, pointing out that during a 10-minute interview, six attacks occurred on his own company's system. "We are a target, of course, but the bottom line is that people have to take responsibility for their own machines." Check http://www.onenet.com.hk/bal_life/it_security_vendors.htm for Personal Firewall products like ZoneAlarm, BlackICE Defender and Norton Internet Security 2000.
	Clinton: Web attacks no 'Pearl Harbor'  (Feb 15, 2000)
At his Internet security summit, the president says the attacks were a source of concern, 'but I don't think we should leave here with this vast sense of insecurity.' The participants in a White House meeting Tuesday between government officials and high-tech leaders in industry, academia and the public-policy sphere seemed to reach consensus on at least one aspect of Internet security: Cooperation is key. "It's important that we band together to solve this problem," said Peter Solvik, chief information officer for Cisco Systems The meeting was called last week when, during the course of three days, cyber vandals brought down a range of popular Web sites for hours at a time, including CNN.com, ZDNet (NYSE: ZDZ) and Yahoo! (Nasdaq: YHOO). $9 million to cyber-security initiatives Among other things, Clinton said the administration would immediately dedicate $9 million to jump-start select cyber-security initiatives within the president's 2001 budget. Those include programs focused on directing more people towards cyber-security careers, helping improve the security of federal government computers and creating a new Institute for Information Infrastructure Protection. In addition, Attorney General Janet Reno said she wants to meet with Tuesday's meeting participants again next week to discuss ways in which the Department of Justice can help put a halt to damaging hacks. Suggestions include crafting new laws that would penalize hackers more severely and beefed-up resources within the department. "What we really want is for every sector of the economy to be in the same position," he added. The trade organization would be involved in setting up formal parameters within which industry and government could share "non-proprietary information concerning threats, attacks and protective measures," focusing upon cyber attacks, vulnerabilities, counter-measures and superior information-security practices. Along with ITAA, the list of companies involved with the initiative include 3Com (Nasdaq: COMS), America Online (NYSE: AOL), AT&T (NYSE: T), Computer Associates (NYSE: CA), EDS, IBM (NYSE: IBM), MCI WorldCom (Nasdaq: WCOM), Microsoft (Nasdaq: MSFT), Merant, Oracle (Nasdaq: ORCL), RSA Data Security (Nasdaq: RSAS), Sun Microsystems (Nasdaq: SUNW) and Yahoo!