====================

==== This Issue Sponsored By ====

Exchange & Outlook Administrator

http://www.exchangeadmin.com/rd.cfm?code=fsep234xup

====================

1. In Focus: Linux vs. BSD

2. Announcements

- Get 2 Sample Issues of Windows & .NET Magazine!

- New Web Seminar: Email Is a Service--Manage It Like One

- Event Central--a Comprehensive Resource for the Latest Events in Your Field

3. Security News and Features

- Recent Security Vulnerabilities

- News: Microsoft Issues January Security Patches

- Feature: Not Ready for an Antispam Solution?

- Feature: Malicious Hackers and Spam, Part 2

4. Security Toolkit

- Virus Center

- FAQ: How Can I Enable Advanced File System and Sharing Security for a Windows XP Machine in a Workgroup?

- Featured Thread: Vulnerabilities in NTP Protocol?

5. Event

- Free Web Seminar--The Costs of Spam

6. New and Improved

- Content Security and Antispam

- Policy Compliance and Assessment

- Tell Us About a Hot Product and Get a T-Shirt

7. Contact Us

See this section for a list of ways to contact us.

====================

==== Sponsor: Exchange & Outlook Administrator ====

Try a Sample Issue of Exchange & Outlook Administrator!

If you haven't seen Exchange & Outlook Administrator, you're missing out on key information that will go a long way towards preventing serious messaging problems and down time. Request a sample issue today, and discover tools you won't find anywhere else to help you migrate, optimize, administer, and secure Exchange and Outlook. Order now!

http://www.exchangeadmin.com/rd.cfm?code=fsep234xup

====================

==== 1. In Focus: Linux vs. BSD ====

by Mark Joseph Edwards, News Editor, mark@ntsecurity.net

Many of you operate networks that involve a mix of OSs, or maybe you're considering adding systems that run on other platforms. Windows and the many Linux varieties are the dominant platforms of the day, but a few other OSs--varieties of Berkeley Software Distribution (BSD) UNIX, Apple Computer's Mac OS X (which is based on BSD), and IBM AIX, HP-UX, and Sun Microsystems' OSs--are dear to the hearts of many computer users.

Many respectable varieties of Linux exist, such as SUSE LINUX (recently purchased by Novell), Red Hat Enterprise Linux, MandrakeSoft's Mandrake Linux, and Debian GNU/Linux. Multiple varieties of BSD also exist, including NetBSD, FreeBSD, OpenBSD, and Wind River's BSD/OS. Did you know that even though BSD and Linux are both UNIX variants, they have fundamental differences?

Last week, Richard Bejtlich in his TaoSecurity Weblog (see the first URL below) discussed Matt Fuller's rant "BSD vs Linux" (see the second URL below), which explains some of the history and background of BSD and Linux. The backgrounds of the two OSs are different, yet both were developed as open-source projects.

http://taosecurity.blogspot.com

http://www.over-yonder.net/~fullermd/rants/bsd4linux/bsd4linux1.php

Fuller gives a brief background on a variety of points about BSD and Linux, including their respective base systems, OS add-on mechanisms, update releases, and upgrading. In summary, Fuller's opinion is that BSD is developed in a more controlled fashion than most Linux varieties and uses more effective methods for updates, upgrades, and add-ons.

Many security professionals prefer BSD because of the attention it pays to the overall security of the OS. For example, NetBSD historically has been considered a well-secured OS, much more so than most of the Linux varieties. OpenBSD and FreeBSD also focus intensely on security. In fact, the OpenBSD home page boasts, "Only one remote hole in the default install, in more than 7 years!" in big, bold, red letters. That's an impressive record.

If you're deciding among OSs, consider BSD. Among the Linux varieties, SUSE is considered to be one of the most secure. And don't overlook the fact that Windows Server 2003 is a great improvement over its predecessors. Microsoft's effort to improve overall out-of-the-box security shows, so you might consider upgrading from Windows NT or Windows 2000 to Windows 2003.

==== 2. Announcements ====

(from Windows & .NET Magazine and its partners)

Get 2 Sample Issues of Windows & .NET Magazine!

Every issue of Windows & .NET Magazine includes intelligent, impartial, and independent coverage of security, Active Directory, Exchange Server, and more. Our expert authors deliver content you simply can't find anywhere else. Try two, no-risk sample issues today, and find out why 100,000 IT professionals read Windows & .NET Magazine each month!

http://www.winnetmag.com/rd.cfm?code=fsep204xup

New Web Seminar: Email Is a Service--Manage It Like One

True end-to-end management of the messaging infrastructure requires an integrated, service-oriented approach. This free Web seminar introduces service-driven management and best practices for managing and monitoring the key elements crucial to ensuring email health and performance, including Exchange Server, Active Directory, network, and storage. Sign up today!

http://www.winnetmag.com/seminars/emailservice/index.cfm?code=adzt

Event Central--a Comprehensive Resource for the Latest Events in Your Field

Looking for one place to find the latest Web seminars, roadshows, and conferences? Event Central has every topic you're looking for. Stay current on the latest developments in your field. Visit Event Central and find answers now!

http://www.winnetmag.com/events

====================

==== Sponsor: Virus Update from Panda Software ====

Are your traditional antivirus solutions really protecting your network? Panda Antivirus GateDefender is a dedicated hardware device installed at the Internet gateway to block viruses before they contaminate your network. It scans 7 different communication protocols, achieving optimum protection against external attacks. Panda Antivirus GateDefender 7100 (25-500 seats) & Panda Antivirus GateDefender 7200 (500 seats+) provide the highest scalability with native load balancing that transparently adapts to traffic volume.

Visit "Panda's GateDefender Stands Guard!" at http://www.pandasecurity.com/gatedefender/ for more information.

====================

==== 3. Security News and Features ====

Recent Security Vulnerabilities

If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at

http://www.winnetmag.com/departments/departmentid/752/752.html

News: Microsoft Issues January Security Patches

Microsoft issued three security patches on January 13, once again making good on its promise to provide regularly scheduled security updates rather than randomly releasing patches as they're finished. The patches apply to Microsoft Exchange Server 2003, Microsoft Internet Security and Acceleration (ISA) Server 2000, and Windows, but only the ISA Server 2000 patch is rated critical. In addition, the company has reissued a security patch for various Windows versions; Microsoft describes this patch as "important."

http://www.winnetmag.com/article/articleid/41463/41463.html

Feature: Not Ready for an Antispam Solution?

The Help desk is receiving escalating incidents of people receiving email advertisements that aren't addressed to them, and users are complaining about receiving pornography and other offensive ads. You propose that the company implement an antispam solution, but the decision makers say no. Joseph Neubauer outlines five reasons why companies don't deploy antispam software, so you can be ready to counter those arguments.

http://www.winnetmag.com/article/articleid/41025/41025.html

Feature: Malicious Hackers and Spam, Part 2

As you might recall, in "Malicious Hackers and Spam, Part 1," one of Alan Sugano's clients was experiencing backup problems and poor Exchange Server performance. He discovered that a spammer was using the client's server to relay spam. Although the server wasn't an open relay, the spammer was somehow authenticating to the server to send messages. In Part 2, Sugano tells how the spammer managed to send messages through the server, how he stopped the spam, what he found after some forensic analysis, and what he recommends to prevent the same thing from happening to your network.

Part 1: http://www.winnetmag.com/article/articleid/41094/41094.html

Part 2: http://www.winnetmag.com/article/articleid/41456/41456.html

==== 4. Security Toolkit ====

Virus Center

Panda Software and the Windows & .NET Magazine Network have teamed to bring you the Center for Virus Control. Visit the site often to remain informed about the latest threats to your system security.

http://www.winnetmag.com/windowssecurity/panda

FAQ: How Can I Enable Advanced File System and Sharing Security for a Windows XP Machine in a Workgroup?

by John Savill, http://www.winnetmag.com/windowsnt20002003faq

A. When an XP machine belongs to a domain with shared resources, a Security tab appears on the Properties dialog box for the file, folder, or share. You can use this tab to assign advanced sharing permissions. However, this tab is missing for XP machines that belong to a workgroup.

A new feature in XP effectively logs all remote logons in a workgroup as Guest, regardless of the account and password credentials that the remote computer passes. (This approach obviates the need for machines in a workgroup to replicate local accounts, which is the method Windows 2000 uses to enable transparent sharing.) XP locks down the permissions of the Everyone group (to which Guest belongs) to cut down on the security problems that exist in Win2K as a result of enabling the Guest account. Because all machines in a workgroup are effectively Guest connections, the advanced security features aren't very useful, which is why Microsoft disabled them in XP.

If you want to enable advanced file system and sharing security, you must disable the ForceGuest registry setting by performing the following steps:

1. Start a registry editor (e.g., regedit.exe).

2. Navigate to the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa registry subkey.

3. Double-click ForceGuest, set it to 0, then click OK.

4. Restart the computer for the change to take effect.

If you disable the Guest account but enable the ForceGuest setting, remote connections will fail, regardless of the username and password the user passes in--even if the credentials are valid.

Featured Thread: Vulnerabilities in NTP Protocol?

(Three messages in this thread)

Will writes that he has a secured network with no outside access of any kind. He'd like to have the domain controller (DC) on this network sync with a Spectracom NTP 9188 Ethernet Time Server on his other network. He's planning to let the DC on the secured network access only the time server and further restricting the connection to let only the Network Time Protocol (NTP) through the ports in either direction. Will wants to know whether a virus or malicious code could get through if only NTP is allowed. Lend a hand or read the responses:

http://www.winnetmag.com/forums/messageview.cfm?catid=42&threadid=66639

==== 5. Event ====

Free Web Seminar--The Costs of Spam

In this free Web seminar, learn how to identify and measure the costs and savings of spam activities by investigating the impacts that spam has on bandwidth, storage, and server-processing costs. Discover the impact of implementing antispam solutions and how other IT pros like you found rapid time-to-value solution. Bring back cost-saving information to your CEO. Register today!

http://www.winnetmag.com/seminars/spamcosts

==== 6. New and Improved ====

by Jason Bovberg, products@winnetmag.com

Content Security and Antispam

Aladdin Knowledge Systems announced the availability of eSafe 4.0, content-security software that features a new antispam module. Designed to eliminate false positives, eSafe 4.0 offers 17 methods for detecting and managing spam. In addition to gateway protection, the new version offers unique URL matching, an updateable database with smart spam signatures gathered from thousands of spam-collecting mailboxes covering nearly 3 million different spam messages, the option to off-load spam management to individuals instead of IT teams, and advanced heuristics. For detailed information about eSafe 4.0, including pricing, contact Aladdin Knowledge Systems on the Web.

http://www.ealaddin.com/esafe

Policy Compliance and Assessment

Symantec announced the release of Symantec Enterprise Security Manager (ESM) 6.0, a policy-compliance solution that performs more than 2000 security and vulnerability checks to measure whether systems and applications are properly configured. The software also discovers unpatched vulnerabilities so that you can contain and remediate them. ESM 6.0 includes preconfigured industry best-practice security policies and application modules to protect you against potential security risks within the enterprise environment. For detailed information about ESM 6.0, including pricing, contact Symantec on the Web.

http://www.symantec.com

Tell Us About a Hot Product and Get a T-Shirt!

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a Windows & .NET Magazine T-shirt if we write about the product in a future Windows & .NET Magazine What's Hot column. Send your product suggestions with information about how the product has helped you to whatshot@winnetmag.com.

===================

==== Sponsored Link ====

Argent

Comparison Paper: The Argent Guardian Easily Beats Out MOM http://ad.doubleclick.net/clk;6480843;8214395;q?http://www.argent.com/products/download_whitepaper.cgi?product=mom&&Source=WNTTextLink

===================

==== 7. Contact Us ====

About the newsletter -- letters@winnetmag.com

About technical questions -- http://www.winnetmag.com/forums

About product news -- products@winnetmag.com

About your subscription -- securityupdate@winnetmag.com

About sponsoring Security UPDATE -- emedia_opps@winnetmag.com

This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today.

Copyright 2004, Penton Media, Inc. All rights reserved.