- Email: [email protected]
Cisco-based networks get enhanced security
news AmeRiCa… Few Days WiLL Show You What We Can Do !!! It’s Our Turn >>> ZaCkEr is So Sorry For You.
The second VBS file the worm drops into the Windows system folder, ‘ZaCker.vbs’, registers it in the auto-run registry section. This means the file will be automatically executed upon the next Windows start-up. When executed this file attempts to delete all files in the Windows directory, overwrites autoexec.bat with a command destroying all data on the C drive and then it displays the following: I promiss We Will Rule The World Again… By The Way, You Are Captured By ZaCker !!!
Finally, the worm reboots the computer. Graham Cluley from Antivirus vendor Sophos said: “Although the Vote worm appears not to have become very widespread it does underline the increase in politically motivated viruses, spreading their messages via the internet.” He continued that firms: “Should ensure their anti-virus protection is up to date to prevent their computers becoming the next battleground for those with political agendas.”
Patches aren’t always sufficient There comes a time when there are more patches on a piece of software than there is original code. Perhaps at that stage we should consider changing that original software for something that’s intrinsically a bit more secure. 4
Mass-mailing worm w32. Nimda.A can spread through email, file sharing and website downloads onto vulnerable Internet Information Servers (IISs) and Internet Explorer (IE) and operating systems such as Windows 2000 and Windows XP that have IIS and IE embedded in their code. To protect against Nimda, Microsoft recommends installing numerous patches and service packs on virtually every PC and server running IIS and I.E., but perhaps security administrators should be considering alternatives to IIS, including Web applications from other vendors. Virus writers are going to continue to focus on vulnerable IIS systems until Microsoft has released a rewritten, thoroughly tested, new release of IIS.
PRODUCT NEWS
Cisco-based networks get enhanced security TrustWorks Systems has started to ship Trusted Security for managing Cisco IOS gateways and PIX firewalls from a central management platform that complements existing Cisco networks by enabling easy administration and scalability on an end-to-end basis. The solution secures access and communications between local, remote or roaming users and Cisco-protected networks, and extends that protection from the perimeter to the servers on which each
application runs to enable end-to-end protection. Trusted Security includes centrally managed remote and roaming user VPN/firewall agents with fast deployment capabilities and interoperability with PKI systems, authentication devices, open encryption standards, directories and cryptographic hardware tokens. For further information visit www.ala.com
Key hopping improves WLAN security NextComm has announced the launch of a new technology known as Key Hopping that is aimed at enhancing the security of wireless local area networks (WLANs). According to the company, which makes Wireless Local Area Network circuits, studies have shown that the current standard for security of wireless networks, Wireless Equivalent Privacy (WEP), is weak and a hacker sniffing a WLAN from a public location can piece together a WEP encryption key sequence in as short a time as 15 minutes. NextComm’s Key Hopping uses the ‘message direct, version 5’ MD5 algorithm giving the ability to change encryption keys rapidly (as often as every three seconds) so attackers don’t have time to accumulate enough information to piece together patterns and decipher the datastream. NextComm’s CEO Jerry Wang commented: “When
you’re talking about security, you’re really talking about two elements — the strength of the lock, and how difficult it is for the attacker to find the key. The way WEP uses the lock is inadequate because the key patterns generated are easily identified. With Key Hopping™, we use the MD5 algorithm and fast key management techniques to increase the complexity of the resulting key patterns. So, they can’t be analyzed as quickly — it would take years to crack.”
Automated and proactive threat detection offering Activis is introducing AlarmCenter SSA and SecureCenter SSA to manage Internet security using automated and proactive threat detection and monitoring technology. The Security Service Appliance (SSA) sits on the user’s network and analyzes, alerts and summarizes firewall log files. It does this using correlation techniques to detect threat events, analyze and escalate alarm events and remotely monitor firewall configurations. In addition, probes from two of the three Security Management Centres (SMCs), based in Germany, UK and USA, poll the firewall every 30 seconds to ensure it is ‘alive’. If both probes fail, alerts are then automatically raised. For further information visit www.activis.com
The second VBS file the worm drops into the Windows system folder, ‘ZaCker.vbs’, registers it in the auto-run registry section. This means the file will be automatically executed upon the next Windows start-up. When executed this file attempts to delete all files in the Windows directory, overwrites autoexec.bat with a command destroying all data on the C drive and then it displays the following: I promiss We Will Rule The World Again… By The Way, You Are Captured By ZaCker !!!
Finally, the worm reboots the computer. Graham Cluley from Antivirus vendor Sophos said: “Although the Vote worm appears not to have become very widespread it does underline the increase in politically motivated viruses, spreading their messages via the internet.” He continued that firms: “Should ensure their anti-virus protection is up to date to prevent their computers becoming the next battleground for those with political agendas.”
Patches aren’t always sufficient There comes a time when there are more patches on a piece of software than there is original code. Perhaps at that stage we should consider changing that original software for something that’s intrinsically a bit more secure. 4
Mass-mailing worm w32. Nimda.A can spread through email, file sharing and website downloads onto vulnerable Internet Information Servers (IISs) and Internet Explorer (IE) and operating systems such as Windows 2000 and Windows XP that have IIS and IE embedded in their code. To protect against Nimda, Microsoft recommends installing numerous patches and service packs on virtually every PC and server running IIS and I.E., but perhaps security administrators should be considering alternatives to IIS, including Web applications from other vendors. Virus writers are going to continue to focus on vulnerable IIS systems until Microsoft has released a rewritten, thoroughly tested, new release of IIS.
PRODUCT NEWS
Cisco-based networks get enhanced security TrustWorks Systems has started to ship Trusted Security for managing Cisco IOS gateways and PIX firewalls from a central management platform that complements existing Cisco networks by enabling easy administration and scalability on an end-to-end basis. The solution secures access and communications between local, remote or roaming users and Cisco-protected networks, and extends that protection from the perimeter to the servers on which each
application runs to enable end-to-end protection. Trusted Security includes centrally managed remote and roaming user VPN/firewall agents with fast deployment capabilities and interoperability with PKI systems, authentication devices, open encryption standards, directories and cryptographic hardware tokens. For further information visit www.ala.com
Key hopping improves WLAN security NextComm has announced the launch of a new technology known as Key Hopping that is aimed at enhancing the security of wireless local area networks (WLANs). According to the company, which makes Wireless Local Area Network circuits, studies have shown that the current standard for security of wireless networks, Wireless Equivalent Privacy (WEP), is weak and a hacker sniffing a WLAN from a public location can piece together a WEP encryption key sequence in as short a time as 15 minutes. NextComm’s Key Hopping uses the ‘message direct, version 5’ MD5 algorithm giving the ability to change encryption keys rapidly (as often as every three seconds) so attackers don’t have time to accumulate enough information to piece together patterns and decipher the datastream. NextComm’s CEO Jerry Wang commented: “When
you’re talking about security, you’re really talking about two elements — the strength of the lock, and how difficult it is for the attacker to find the key. The way WEP uses the lock is inadequate because the key patterns generated are easily identified. With Key Hopping™, we use the MD5 algorithm and fast key management techniques to increase the complexity of the resulting key patterns. So, they can’t be analyzed as quickly — it would take years to crack.”
Automated and proactive threat detection offering Activis is introducing AlarmCenter SSA and SecureCenter SSA to manage Internet security using automated and proactive threat detection and monitoring technology. The Security Service Appliance (SSA) sits on the user’s network and analyzes, alerts and summarizes firewall log files. It does this using correlation techniques to detect threat events, analyze and escalate alarm events and remotely monitor firewall configurations. In addition, probes from two of the three Security Management Centres (SMCs), based in Germany, UK and USA, poll the firewall every 30 seconds to ensure it is ‘alive’. If both probes fail, alerts are then automatically raised. For further information visit www.activis.com