Microsoft has released an update rollup package for Microsoft Windows XP that includes the hotfixes and updates that are described in the following list. More info: [url=http://support.microsoft.com/default.aspx?kbid=815485]http://support.microsoft.com/default.aspx?kbid=815485[/url]
Author: admini
Wireless Intrusion Detection Systems
Security issues ranging from misconfigured wireless access points (WAPs) to session hijacking to Denial of Service (DoS) can plague a WLAN.
Wireless networks are not only susceptible to TCP/IP-based attacks native to wired networks, they are also subject to a wide array of 802.11-specific threats.
The standard 802.11 encryption method, Wired Equivalent Privacy (WEP) is weak.
Rogue WAPs can also be introduced by users.
The point is that the threats are real, they can cause extensive damage, and they are becoming more prevalent as the 802.11 technology grows in popularity.
Without some sort of detection mechanism, it can be difficult to identify the threats to a WLAN.
Traditional wired based Intrusion detection systems (IDSs) attempt to identify computer system and network intrusions and misuse by gathering and analyzing data.
More recently, IDSs have been developed for use on wireless networks. These wireless IDSs can monitor and analyze user and system activities, recognize patterns of known attacks, identify abnormal network activity, and detect policy violations for WLANs.
Wireless IDSs gather all local wireless transmissions and generate alerts based either on predefined signatures or on anomalies in the traffic. A Wireless IDS is similar to a standard, wired IDS, but has additional deployment requirements as well as some unique features specific to WLAN intrusion and misuse detection.
A centralized wireless IDS is usually a combination of individual sensors which collect and forward all 802.11 data to a central management system, where the wireless IDS data is stored and processed.
[url=http://www.securityfocus.com/infocus/1742]http://www.securityfocus.com/infocus/1742[/url]
‘CEOs know nothing about security’
While cyberterrorism and other fad-threats haven’t turned out to be pose the risks which many experts had predicted, the number one source of tech threat remains inside a business itself – its staff and its internal processes, according to Arjen van Zanten of KPMG’s risk management business.
He claimed there still exists a cultural barrier between IT departments and the board. “The board of directors don’t understand anything about security,” he said.
Tom Scholtz, VP of research firm Meta Group, replied “but the heads of IT, and above all those in charge of security, aren’t up to the job of reassuring them”, in the course of a roundtable on the value of security.
Just a few years ago, IT security was considered a restriction on businesses. Like putting the brakes on a vehicle only has one result: it slows down how fast you can go. Today, luckily, it’s considered as a sign of confidence and people realise that using the brakes actually helps you go to faster.
More info: [url=http://www.silicon.com/software/security/0,39024655,39116753,00.htm]http://www.silicon.com/software/security/0,39024655,39116753,00.htm[/url]
CA to Reshuffle Security Lineup
This release will be followed in the coming months by new versions of a handful of other products, including eTrust Access Control, Audit, Directory, Single Sign-On and Web Access Control.
The new integrated suite structure holds appeal for large enterprises because of the improved level of granularity it delivers, customers say.
The entire suite will include support for a number of security industry standards, including Security Assertion Markup Language and Security Provisioning Markup Language.
More info:
[url=http://www.eweek.com/article2/0,4149,1369458,00.asp]http://www.eweek.com/article2/0,4149,1369458,00.asp[/url]
Symantec on alert after Net activity surge
It appears that some of Symantec’s concern has been driven by the recent re-appearance of a variety of Trojan that exploits a security flaw in Microsoft’s Internet Explorer that allows miscreants to insert malicious code into Windows PCs through Web and HTML content.
The payload delivered by the latest variety of Trojan to appear, Qhosts-1, manipulates the way PCs find Web sites on the Internet.
According to Weafer there was evidence of links between servers implicated in spamming activities and the Trojan, which he said may point to the possibility that Qhosts-1 has propagated more widely than previously thought possible through email-borne HTML content.
More info: [url=http://zdnet.com.com/2100-1105_2-5086013.html]http://zdnet.com.com/2100-1105_2-5086013.html[/url]
Mimail Worm Variations Launch Multi-Pronged Attack
All share enough characteristics, ranging from packaging their payloads in compressed .zip files to targeting specific Web sites for denial-of-service attacks, that convince analysts that one individual, or a group of attacks working together, are conducting the assault.
To compound the problem, the variants’ .zip files have been purposefully corrupted, said Dunham, so that they’re not correctly scanned by some anti-virus software.
“The Zip files are designed to choke up some anti-virus software, making the programs give up on the scanning and move on, letting the worm through,” he noted.
Organizations should aggressive update their anti-virus definitions, filter against the worms’ known file attachments, scan compressed files,