Clustering A new event log event has been created to address certain situations in which the Cluster service account becomes excessively restricted by domain policy. Data access components XmlLite is new with Windows Server 2003 SP2. XmlLite is a fast, low-level, native XML parser with a small memory footprint. Distributed…
Author: admini
McAfee maps malware risk domains
The survey – which aims to provide a guide book of the net’s most dangerous top level domains – also looked at generic top level domains. Some web activities, like registering at a site or downloading a file, are significantly more risky when done at certain domains.
http://www.theregister.co.uk/2007/03/12/malware_atlas/
A New Spin on Honeynets
Low-interaction honeypots find the what, when, and how of an attack: “They are there to capture automated attacks and malware,” and don’t really interact with the attacker, he says.
High-interaction honeynets let the attacker exploit and interact with the machines more actively, thus capturing more details about the attack and attacker.
Not only do they incur overhead for IT — you need staff to manage them and their flow of information — but they are also limited to known vulnerabilities, for instance. “Honeynets are great collecting tools, but unfortunately the majority of the time they don’t provide information on a vulnerability that was not already public. Arbor, like other organizations that dabble in this type of attack analysis, uses a combination of darknets and honeynets to track malicious traffic for its ISP customers in its Atlas service.
“No one knows it’s a honeypot — it looks like an enterprise server.” That’s especially useful when attackers are targeting a specific organization’s IP addresses, he says. If they try to log onto a honeypot, they are doing something outside your corporate policy.” And the insider threat may be the sweet spot for honeynets in the enterprise, where the practice has not had much widespread use due to the overhead associated with the all the data they gather, as well as worries about asking for trouble by putting one up.
He says the Big Brother argument doesn’t fly here: “Corporations are well within their rights to deploy honeynets to secure their own networks and identify anyone doing things outside the corporate policy.”
http://www.darkreading.com/document.asp?doc_id=119081&WT.svl=news1_1
ID theft forecast: Gloomy today, worse tomorrow
“Hackers are exploiting Internet auctions, money transfers like Western Union and PayPal, the ability to impersonate lottery and sweepstake contests, and other types of imaginative scams,” said Litan. “They’re going after the weakest links, the consumers using social engineering tactics, and the U.S.’s payment systems at retail and businesses.” “Banks eat the fraud there,” at least for now, said Litan.
A Massachusetts state lawmaker, however, has proposed a bill that would hold retailers financially responsible for breaches. “The retailers are already paying for fraud” in the form of higher interchange charges, Litan said. She offered up examples of how that might be done, including more sophisticated authentication on debit cards and payment processors relying on identity scoring systems that were able to spot thieves using indicators like physical location.
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9012483&source=NLT_AM&nlid=1
Homeland Security plays real reasonable on Real ID
At a press conference to set out the rules, DHS chief Michael Chertoff, played the Honest Joe card: “It’s very simple and it’s really a matter of common sense.
Applicants for driver’s licenses will need to bring documents to their state Department of Motor Vehicles offices to validate or prove five things: who they are, what their date of birth is, what their legal status is in the United States, their social security number and their address.
There are no solid plans to encrypt the barcode, meaning for example that bars might have access to patrons’ home addresses.
Inviting comment in its recommendations, the DHS said it “leans toward” scrambling the data, but said that cost might outweigh any privacy benefits. The history of such systems, such as the National DNA Database in the UK, suggest they are susceptible to mission creep; civil libertarians point out that once established, the only way for a database to go is bigger.
http://www.theregister.co.uk/2007/03/03/real_id_recommendations/
Microsoft Hit By U.S. DOT Ban On Windows Vista, Explorer 7, and Office 2007
In a memo to his staff, the DOT’s CIO Daniel Mintz says he has placed “an indefinite moratorium” on the upgrades as “there appears to be no compelling technical or business case for upgrading to these new Microsoft software products.
Among the concerns cited by Mintz are compatibility with software applications currently in use at the department, the cost of an upgrade, and DOT’s move to a new headquarters in Washington later this year.
“Microsoft Vista, Office 2007, and Internet Explorer [7] may be acquired for testing purposes only, though only on approval by the DOT chief information officer,” Mintz writes.
In an interview Friday, DOT chief technology officer Tim Schmidt confirmed that the ban is still in effect. The DOT’s ban on Vista, Internet Explorer 7, and Office 2007 applies to 15,000 computer users at DOT proper who are currently running the Windows XP Professional operating system.
The memo indicates that a similar ban is in effect at the Federal Aviation Administration, which has 45,000 desktop users.
http://www.informationweek.com/news/showArticle.jhtml?articleID=197700789