This email newsletter comes to you free and is supported by the following advertisers, which offer products and services in which you might be interested. Please take a moment to visit these advertisers' Web sites and show your support for Security UPDATE.

Diskeeper - The Number One Automatic Defragmenter

http://www.executive.com/profile/submit-select.aspx?a=l&PId=95&ad=witpdk4

CrossTec

http://www.crossteccorp.com/netopfirewall/?utm_source=winitpro&utm_medium=email&utm_campaign=ndf

===============

1. In Focus: Keeping Private Information Private

2. Security News and Features

- Recent Security Vulnerabilities

- New Alliance Automates Attack Mitigation

- Bug Hunting for Mozilla Pays

- Attack Shield Worm Suppression

3. Security Toolkit

- Security Matters Blog

- FAQ

- Security Forum Featured Thread

4. New and Improved

- Isolating Internet Activity

==========

==== Sponsor: Executive Software ====

Diskeeper - The Number One Automatic Defragmenter

Keeping your systems up and running and available to the users is vital! Slow, crash-prone systems have a devastating effect on your organization's productivity. Disk fragmentation is a major cause of crashes, slowdowns and freeze-ups, and it must be kept in check. Fortunately, there is a solution: Diskeeper, the Number One Automatic Defragmenter. Automatic defragmentation boosts performance and reliability, reducing help desk traffic by heading off problems before they become emergencies. See for yourself—download a FREE 30-day fully- functional evaluation version of Diskeeper. Install it then just "Set It and Forget It", and watch as the problems caused by fragmentation simply disappear! See why over 16 million Diskeeper licenses have been sold—get your free evaluation version of Diskeeper 9 now!

http://www.executive.com/profile/submit-select.aspx?a=l&PId=95&ad=witpdk4

==========

==== 1. In Focus: Keeping Private Information Private ====

by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

You might have read the somewhat recent news stories about people's private information being either stolen or leaked from four different entities. One incident involved consumer data collector ChoicePoint, which somehow managed to divulge the personal information of more than 140,000 people. It took the company quite some time to determine how many people's data was actually leaked.

Another incident involved LexisNexis. Intruders managed to break in to the company's computer systems, where they gained access to roughly 32,000 people's private information. Intruders also broke in to the computer systems of Chico State University (California) and gained access to the private information of nearly 60,000 people. And a laptop went missing from the University of California, Berkeley. As you might suspect, the laptop contained private information--of more than 96,000 people.

These stories boggle the mind. In the first three incidents, the computers were accessed through the Internet. Crucial systems that, if breached, would affect thousands or even millions of people should under no circumstances be accessible via the Internet. There are other ways to provide necessary access to the information without adding the gigantic risk of a global open network. The Internet serves a fantastic and incredibly useful purpose. However, I don't think part of that purpose should include connecting every computing device on the planet. Intrusion incidents seem to make that notion very clear.

The incident at Berkeley points out a different problem that has a simple solution. Don't keep sensitive information, such as the private information of more than 96,000 people, on a system that can be stolen by anybody capable of lifting a few pounds of weight. Even though the stolen laptop was supposedly in a "secure" area, it went missing. This incident points out the need for people to consider exactly what they keep on mobile computers, why they think they need to keep the data on such devices, and the worst-case scenarios of the computer and data being lost.

People could argue that even a regular large server could be stolen. That's true. But someone is much more conspicuous walking out of a secure area with a big heavy computer box. On the contrary, anybody can hide a laptop in a briefcase or backpack or under a jacket. In addition, regular computers and rack-mounted systems can be bolted into place such that they can't easily be taken or their covers removed to gain access to their internal devices, such as hard drives.

==========

==== Sponsor: CrossTec====

FREE Download – The Next Generation of End-Point Security is Available Today. NEW NetOp Desktop Firewall's fast 100% driver-centric design offers a tiny footprint that protects machines even before Windows loads - without slowing them down. NetOp is also the only solution to provide process control as well as application control to give you the highest level of security. The NetOp Desktop Firewall utilizes real- time centralized management and control, intelligent network detection, stateful packet filtering, port blocking, protection from process hijacking, and much more. Try it FREE.

http://www.crossteccorp.com/netopfirewall/?utm_source=winitpro&utm_medium=email&utm_campaign=ndf

==========

==== 2. Security News and Features ====

Recent Security Vulnerabilities

If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at

http://www.windowsitpro.com/departments/departmentid/752/752.html

New Alliance Automates Attack Mitigation

A new alliance of network service providers, hosting companies, and educational institutions have joined together to automate attack mitigation. The Fingerprint Sharing Alliance, developed by Arbor Networks, is based on the company's Peakflow SP solution and lets alliance members share attack-fingerprint information to more quickly thwart attacks.

http://www.windowsitpro.com/Article/ArticleID/45868

Bug Hunting for Mozilla Pays

Mozilla Foundation's Bug Bounty Program pays researchers to find security problems in Mozilla software. This week, the company awarded $2500 to German bug hunter Michael Krax.

http://www.windowsitpro.com/Article/ArticleID/45889

Attack Shield Worm Suppression

Sana Security's Attack Shield Worm Suppression (WS) is a software- only solution to protect workstations from worms that spread via buffer-overflow attacks. The software operates only when an exploit makes a system call. So although it prevents exploits from using a buffer overflow for actions such as privilege escalation and file- system access, it won't protect against buffer overflows that cause a crash by corrupting memory. Read the rest of Adam Carheden's mini- review on our Web site.

http://www.windowsitpro.com/Article/ArticleID/45607

==========

==== Resources and Events ====

Meet the Risks of Instant Messaging Head On in This Free Web Seminar

Don't overlook IM in your compliance planning. Attend this free Web seminar and learn how to minimize IM's authentication and auditability risks and prevent security dangers. You'll also receive a list of the top requirements to consider when choosing a secure IM solution. Sign up now!

http://www.windowsitpro.com/seminars/instantmessaging/index.cfm?code=0406emailanncs

Get Ready for SQL Server 2005 Roadshow in a City Near You

Get the facts about migrating to SQL Server 2005. SQL Server experts will present real-world information about administration, development, and business intelligence to help you implement a best-practices migration to SQL Server 2005 and improve your database computing environment. Receive a 1-year membership to PASS and 1-year subscription to SQL Server Magazine. Register now!

http://www.windowsitpro.com/roadshows/sqlserverusa/index.cfm?code=0404emailanncs

Windows Connections 2005 Conference

April 17-20, 2005, Hyatt Regency, San Francisco. Microsoft and Windows experts present over 40 in-depth sessions with real-world solutions you can take back and apply today. Don't miss Mark Minasi's entertaining and insightful keynote presentation on "The State of Windows" and your chance to win a 7-night Caribbean cruise! 800-505- 1201.

http://www.winconnections.com

Overcoming "The Fiefdom Syndrome": How to Conquer the Turf Battles That Undermine Companies

Can your organization benefit by overcoming turf battles? Don't miss this opportunity to hear Robert J. Herbold, former COO of Microsoft and author of "The Fiefdom Syndrome," and Jim Davis, Senior VP, SAS. Join Business Finance in welcoming these thought leaders on Tuesday, April 19th at 11:00 a.m. EST. Register here:

http://bfmag.com/webcasts/4-19-05/index.html?ref=winit

Keeping Critical Applications Running in a Distributed Environment

Get up to speed fast with solid tactics you can use to fix problems you're likely to encounter as your network grows in geographic distribution and complexity, learn how to keep your network's critical applications running, and discover the best approaches for planning for future needs. Don't miss this exclusive opportunity--register now!

http://www.windowsitpro.com/seminars/windowsapplications/index.cfm?code=0406emailannc

==========

==== Hot Release ====

An Evaluation of the Total Cost of Ownership of Email Security Solutions

Quantifying the Total Cost of Ownership (TCO) of email security solutions is a notoriously difficult task. Discover how Total Cost of Ownership is much more than the initial acquisition cost of a solution, and how you can save thousands of dollars each year without sacrificing accuracy, control or effectiveness in protecting your email systems. Download this free whitepaper now!

http://www.windowsitpro.com/whitepapers/postini/emailsecuritycost/index.cfm?code=secnl_0406

==========

==== 3. Security Toolkit ====

Security Matters Blog

by Mark Joseph Edwards, http://www.windowsitpro.com/securitymatters

RookitRevealer Is Now a Moving Target

RookitRevealer is a new tool from Sysinternals that can help sniff out rootkits. Rootkit designers quickly started creating ways to hide their rootkits from RootkitRevealer, so last week, Sysinternals released a new version that uses random executable names to make the tool a moving target.

http://www.windowsitpro.com/Article/ArticleID/45857

FAQ

by John Savill, http://www.windowsitpro.com/windowsnt20002003faq

Q: How can I move users between forests?

Find the answer at

http://www.windowsitpro.com/Article/ArticleID/45856

Security Forum Featured Thread: File Permissions on an Archive Server

A forum participant has a Windows NT archive server on which files and folders are created, moved, and deleted regularly. He would like all the root folders on the server to automatically be created with read only permission for regular users, but he'd like the files and folders below the root folders to have full permission for regular users. Join the discussion at

http://www.windowsitpro.com/Forums/messageview.cfm?catid=42&threadid=131214

==========

==== Announcements ====

(from Windows IT Pro and its partners)

Check Out the New Windows IT Security Newsletter!

Security Administrator is now Windows IT Security. We've expanded our content to include even more fundamentals on building and maintaining a secure enterprise. Each issue also features product coverage of the best security tools available and expert advice on the best way to implement various security components. Plus, paid subscribers get online access to our entire security article database! Click here to try a sample issue today:

http://www.secadministrator.com/rd.cfm?code=fseu2554up

==========

==== 4. New and Improved ====

by Renee Munshi, products@windowsitpro.com

Isolating Internet Activity

GreenBorder Technologies announced the availability of GreenBorder, software that transparently isolates Internet activity performed through Microsoft Internet Explorer (IE) and Outlook from the desktop OS, user files, and the enterprise network. GreenBorder protects against damage, theft, and hijacking by Internet-delivered malicious code that uses HTTP or SMTP to break into the desktop. When users log off, GreenBorder automatically flushes the remnants of any Internet activity, including code, files, and cookies. GreenBorder Professional Edition has a desktop agent and a management server that provides centralized configuration, deployment, and reporting. GreenBorder Personal Edition will be available free for download beginning this month. For more information, go to

http://www.greenborder.com

Tell Us About a Hot Product and Get a T-Shirt!

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a T-shirt if we write about the product in a future Windows IT Pro What's Hot column. Send your product suggestions with information about how the product has helped you to

whatshot@windowsitpro.com.

Editor's note: Share Your Security Discoveries and Get $100

Share your security-related discoveries, comments, or problems and solutions in the Windows IT Security print newsletter's Reader to Reader column. Email your contributions (500 words or less) to r2rwinitsec@windowsitpro.com. If we print your submission, you'll get $100. We edit submissions for style, grammar, and length.

==========

==== Sponsored Links ====

Quest Software

Heading to Exchange from Notes or GroupWise? Get Expert Help!

http://ad.doubleclick.net/clk;14771969;8214395;x?http://wm.quest.com/WITPUpdateNotesMigratorforExchange32005

NetOp – Control PCs from a USB Drive

Securely access PCs from your desktop, web, CE, or thumb drive

http://ad.doubleclick.net/clk;15182371;8214395;h?http://www.crossteccorp.com/netopremote/?utm_source=winitpro&utm_medium=email&utm_campaign=v8_90

==========

==== Contact Us ====

About the newsletter -- letters@windowsitpro.com

About technical questions -- http://www.windowsitpro.com/forums

About product news -- products@windowsitpro.com

About your subscription -- windowsitproupdate@windowsitpro.com

About sponsoring Security UPDATE -- emedia_opps@windowsitpro.com

===============

This email newsletter is brought to you by Windows IT Security, the leading publication for IT professionals securing the Windows enterprise from external intruders and controlling access for internal users. Subscribe today.

http://www.secadministrator.com/rd.cfm?code=00ep254xeb

View the Windows IT Pro privacy policy at

http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy

Windows IT Pro, a division of Penton Media, Inc.

221 East 29th Street, Loveland, CO 80538

Attention: Customer Service Department

Copyright 2005, Penton Media, Inc. All rights reserved.