- Email: [email protected]
Anti-virus software gets shot in the arm
Computers & Security, Vol. 16, No. 2
The certificates available at domain name registration are not client certificates for end users but server certificates intended to establish a business as a trusted entity on the Web. A server using a certificate can securely authenticate itself to customers, trading partners and other users on the Internet. LAN Times, March 31, 1997, p. 14.
E-mail attacks can clog systems, Sharon Machlis. An ‘E-mail bomb’ attack on Congress that sent hundreds of threatening messages around Capitol Hill turned out to be little more than a nuisance. However, Winn Schwartau warned that the Internet is inherently vulnerable to hackers who bring down systems by bombarding them with so much data that legitimate transactions grind to a halt. Surviving denial of service on the Internet is becoming increasingly crucial. Schwartau outlined a potential defence that combines detection modules, dynamic reaction tools and an ‘alternative control channel’ to go around a clogged TCP/IP connection that is under attack. Meanwhile, hacker sites on the Web offer anonymous mail bombing services. The Internet is susceptible to various data-flood attacks because information and control are on the same channel. Schwartau suggest using ‘smart’ detection modules that recognize if too many electronic mail messages or pings are coming in, reaction modules that set filtering based on activity being detected and an alternative channel between customers and their service providers to deal with an attack. The recent E-mail threats in Washington, DC claimed that a group of cyberpunks would wipe out all files on the congressional computer systems. Computetworld, February 24, 1997, p. 6. Anti-virus software gets shot in the arm, Sharon Machlis. Hackers are creating so many macro viruses
these days, it’s getting tough for screening software to keep up. So after years of touting ‘signature screening’ as protection against malicious code, Symantec Corp. is raising the ante. The company will ship software that lets information systems managers block access to files that contain any macro viruses that aren’t on a company’s approved macro list. The Macro Protection system will prevent users from opening a document or spreadsheet that contains non-approved macros. This means users could be barred from opening documents that are electronically mailed from their customers, even if they include benign viruses. The Macro Virus Protection system seeks to let in
only approved macros instead of simply screening out known viruses. Such a system offers substantially more protection because it allows IS professionals to check each macro virus before they allow it on the system. Symantec may develop software that allows access to files in non-approved macros by disabling the macros. Computer-world, February 24, 1997, p. 24. Do you know the security code? Mike Quinn. With the problems like computer and chip theft, viruses and fraud constantly making headlines, it is vital that we address the issues affecting the security of our information. Computacenter recently produced a survey of hackers and their views. It showed that one in four thinks the system operator is at fault for leaving gaping holes in IT systems through which they can enter. Company safeguards are regarded as inadequate by 75% of hackers. Common criticisms include bad system design, use of default settings, out-of-date security systems and lack of encryption techniques and firewalls. On 3 January 1997 the UK’s Department of Trade and Industry introduced BS 7799, the Code of Practice for Information Security Management which will come into force at the end of this year. BS 7799 provides a common basis for companies to develop, implement and measure effective security management practice, and aims to provide confidence in inter-company trading. A key recommendation of the standard is the development and upkeep of a business continuity plan. Companies often underestimate the importance of securing both hardware and software and totally undervalue the data stored on them until it is too late. Unfortunately, it usually takes extreme situations to make people pay attention. Computer Weekly, May 8, 1997, p. 34. Plan ahead for firewalls, A Berg. Installing an applications-proxy firewall on your IAN can be a tricky business, especially if your network is already connected to the Internet. It is important to configure the firewall to allow inbound and outbound access to users who need it. The key to successful implementation of this type is planning. Before installing the gateway, you need to make several decisions such as whether to change your IP addressing scheme and use a dual Domain Name Service (DNS) server system. You also need to get your desktop systems in order and implement added security policies. Because applications proxies make all traffic leaving your network appear to be originating from a single IP
129
The certificates available at domain name registration are not client certificates for end users but server certificates intended to establish a business as a trusted entity on the Web. A server using a certificate can securely authenticate itself to customers, trading partners and other users on the Internet. LAN Times, March 31, 1997, p. 14.
E-mail attacks can clog systems, Sharon Machlis. An ‘E-mail bomb’ attack on Congress that sent hundreds of threatening messages around Capitol Hill turned out to be little more than a nuisance. However, Winn Schwartau warned that the Internet is inherently vulnerable to hackers who bring down systems by bombarding them with so much data that legitimate transactions grind to a halt. Surviving denial of service on the Internet is becoming increasingly crucial. Schwartau outlined a potential defence that combines detection modules, dynamic reaction tools and an ‘alternative control channel’ to go around a clogged TCP/IP connection that is under attack. Meanwhile, hacker sites on the Web offer anonymous mail bombing services. The Internet is susceptible to various data-flood attacks because information and control are on the same channel. Schwartau suggest using ‘smart’ detection modules that recognize if too many electronic mail messages or pings are coming in, reaction modules that set filtering based on activity being detected and an alternative channel between customers and their service providers to deal with an attack. The recent E-mail threats in Washington, DC claimed that a group of cyberpunks would wipe out all files on the congressional computer systems. Computetworld, February 24, 1997, p. 6. Anti-virus software gets shot in the arm, Sharon Machlis. Hackers are creating so many macro viruses
these days, it’s getting tough for screening software to keep up. So after years of touting ‘signature screening’ as protection against malicious code, Symantec Corp. is raising the ante. The company will ship software that lets information systems managers block access to files that contain any macro viruses that aren’t on a company’s approved macro list. The Macro Protection system will prevent users from opening a document or spreadsheet that contains non-approved macros. This means users could be barred from opening documents that are electronically mailed from their customers, even if they include benign viruses. The Macro Virus Protection system seeks to let in
only approved macros instead of simply screening out known viruses. Such a system offers substantially more protection because it allows IS professionals to check each macro virus before they allow it on the system. Symantec may develop software that allows access to files in non-approved macros by disabling the macros. Computer-world, February 24, 1997, p. 24. Do you know the security code? Mike Quinn. With the problems like computer and chip theft, viruses and fraud constantly making headlines, it is vital that we address the issues affecting the security of our information. Computacenter recently produced a survey of hackers and their views. It showed that one in four thinks the system operator is at fault for leaving gaping holes in IT systems through which they can enter. Company safeguards are regarded as inadequate by 75% of hackers. Common criticisms include bad system design, use of default settings, out-of-date security systems and lack of encryption techniques and firewalls. On 3 January 1997 the UK’s Department of Trade and Industry introduced BS 7799, the Code of Practice for Information Security Management which will come into force at the end of this year. BS 7799 provides a common basis for companies to develop, implement and measure effective security management practice, and aims to provide confidence in inter-company trading. A key recommendation of the standard is the development and upkeep of a business continuity plan. Companies often underestimate the importance of securing both hardware and software and totally undervalue the data stored on them until it is too late. Unfortunately, it usually takes extreme situations to make people pay attention. Computer Weekly, May 8, 1997, p. 34. Plan ahead for firewalls, A Berg. Installing an applications-proxy firewall on your IAN can be a tricky business, especially if your network is already connected to the Internet. It is important to configure the firewall to allow inbound and outbound access to users who need it. The key to successful implementation of this type is planning. Before installing the gateway, you need to make several decisions such as whether to change your IP addressing scheme and use a dual Domain Name Service (DNS) server system. You also need to get your desktop systems in order and implement added security policies. Because applications proxies make all traffic leaving your network appear to be originating from a single IP
129