Kevin's song of the week... Broadway meets Redmond....
news://msnews.microsoft.com/%236r%23VdtTDHA.2116%40TK2MSFTNGP12.phx.gbl
------------------------
Well while many of us SBSers were patching our machines for 03-026, a
lot of network people were pulling all-nighters patching CISCO routers ~
http://jtracy.blogspot.com/
CERT Advisory CA-2003-15 Cisco IOS Interface Blocked by IPv4 Packet:
http://www.cert.org/advisories/CA-2003-15.html
Friday July 25th is System Admin Day
http://sysadminday.safeweb.be/
To all those who take care of computers, who deal with users, who report
to managers, pat yourself on the back for keeping everyone online and in
business.
--------------------------------------
<<<SECURITY PATCHES THIS WEEK>>>
THIS IS A BIG ONE GUYS AND GALS...HEADS UP
There's a biggie that we all need to apply to ANY computer
CERT Advisory CA-2003-16 Buffer Overflow in Microsoft RPC:
http://www.cert.org/advisories/CA-2003-16.html
<b>Who should read this bulletin:</b> Users running Microsoft ® Windows
®:
http://www.microsoft.com/technet/security/bulletin/MS03-026.asp?frame=true
The exploit for this is currently not released, but the people who found
the vulnerability are threatening to do so after people "have had a
chance to patch".
-------------------------------------
System administrators running Microsoft® Internet Security and
Acceleration (ISA) Server 2000:
http://www.microsoft.com/technet/security/bulletin/MS03-028.asp?frame=true
------------------------------------
Customers using Microsoft® Windows® XP:
http://www.microsoft.com/technet/security/bulletin/MS03-027.asp?frame=true
- - - - - - - - - -
Microsoft warns on trio of new flaws
Patch available for critical flaw in all current
versions of Windows. Microsoft has released a patch
for a critical flaw in Windows Exchange Server 2003,
Windows XP, 2000 and NT 4. The flaw involves the
Remote Procedure Call (RPC) protocol, which deals
with inter-computer communications. Microsoft warned
that, under certain circumstances, the RPC might not
check messages sent to the PC properly.
http://www.vnunet.com/News/1142394
http://www.wired.com/news/business/0,1367,59660,00.html
http://www.usatoday.com/tech/news/computersecurity/2003-07-16-microsoft-hole_x.htm
Microsoft's patches: Can you trust them?
http://news.zdnet.co.uk/story/0%2c%2ct269-s2137650%2c00.html
Twin flaws have security pros worried
http://news.com.com/2100-1009_3-1026910.html
http://www.gcn.com/vol1_no1/daily-updates/22796-1.html
http://www.theregister.co.uk/content/55/31797.html
------------------------------------
Copying a prior post from Wayne Small....
http://makeashorterlink.com/?C1E826555
I've been investigating this week how one of my customers was used as a
spam
relay host - even though they are not an open relay host. It's a
detailed
issue and according to a number of other sources is a new method the
spammers are using to "sell their products". I've written up an article
(rather than post something too long here) and posted it on
www.sbsfaq.com
if your interested.
I'd be interested to hear feedback on the people who have seen this
attack.
Regards,
Wayne Small [SBS-MVP]
MCSE+I MCSE 2000
Technical Director - Correct Solutions Pty Ltd
For all the answers on Small Business Server 2000 - check out
www.sbsfaq.com
....watch out guys....they are getting smarter....
--------------------------------------
SMB-Nation SBS Conference!
Visit the SMB Nation site at www.smbnation.com for details and online
registration. You may also register via telephone at: Domestic USA
1-800-461-1931, International 1-800-688-4890
FREE Advanced SBS Workshops in USA
Here is the current list of cities where SBS author Harry Brelsford will
be presenting a free 2-hour Advanced SBS Workshop. This is a lecture
format similar to a Microsoft TS2 event but in-depth SBS content. This
workshop has already been presented in 15 USA cities in 2003!
Lecture topics include SBS-specific security matters, advanced Microsoft
Exchange functionality, and advanced SBS administration. It is
recommended you bring a copy of "Small Business Server 2000 Best
Practices" to the event for reference (please purchase in advance from
book resellers as book copies will not be sold at event).
Advanced Small Business Server 2000 Workshops
(2-hours, 7pm-9pm, FREE)
AUGUST 2003
Chicago, IL 8-20-03
Cleveland, OH 8-21-03
Columbus, OH 8-22-03
Dayton, OH 8-23-03* (read important note below for this
event)
Indianapolis, IN 8-24-03
END OF TOUR!
* This is part of ComputerFest (www.computerfest.com) and will be
presented at 2pm (Saturday). Note that ComputerFest has a modest two-day
admission charge you will need to pay: $10.00. Details at:
http://www.computerfest.com/tickets-home.shtml
To register, send e-mail to rsvp@nethealthmon.com and
put a city name from the above list in the e-mail Subject line.
-----------------------------------
SBS UserGroup info
San Diego - August 13th:
http://www.sdsbsug.org/meetings.htm
Boston SBS User Group:
http://www.bostonusergroups.com/sbs/#Next Meeting
----------------------------------
SBS hands on lab
Instructor or Online....
http://microsoft.com/windowsserver2003/sbs/lab.mspx
Partners Hands on Lab Online
http://microsoft.granitepillar.com/partners/
----------------------------------
Windows sp4 included in SBS sp1a [if you already have SBS sp1, bypass
this and just load up SP4]
Download details: Small Business Server 2000 Service Pack 1a:
http://www.microsoft.com/downloads/details.aspx?FamilyID=f4fc58d0-1fac-4927-84d7-189fa1b690be&DisplayLang=en
-----------------------------------
SecurityFocus HOME Infocus: Forensic Log Parsing with Microsoft's
LogParser:
http://www.securityfocus.com/infocus/1712
----------------------------------
In other news.....
Guilty Plea in Kinko's Keystroke Caper
If you used a computer at a Kinko's in New York City last
year, or the year before, there's a good chance that JuJu
Jiang was watching. The 25-year-old Queens resident pleaded
guilty in federal court in New York last week to two counts
of computer fraud and one charge of unauthorized possession
of access codes for a scheme in which he planted a copy of
the commercial keyboard sniffing program Invisible KeyLogger
Stealth on computers at thirteen Kinko's stores sprinkled
around Manhattan.
http://www.securityfocus.com/news/6447
- - - - - - - - - -
RIAA nearing 1,000 subpoenas against file-sharing suspects
The music industry has won at least 871 federal subpoenas
against computer users suspected of illegally sharing music
files on the Internet, with roughly 75 new subpoenas being
approved each day, U.S. court officials said Friday.
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6335275.htm
http://www.cnn.com/2003/TECH/internet/07/19/downloading.music.ap/index.html
http://www.usatoday.com/tech/news/techpolicy/2003-07-18-riaa-suits_x.htm
- - - - - - - - - -
Money seen as biggest obstacle to effective IT security
Companies say they generally don't measure the ROI of
security. Inadequate funding remains the single largest
obstacle to implementing effective IT security measures
at most companies, according to the results of a recently
completed global survey by Ernst & Young International.
Even so, a majority of the companies surveyed said they
rarely or never calculate return on investment when
building a case for information security budgets.
http://www.computerworld.com/securitytopics/security/story/0,10801,83109,00.html
- - - - - - - - - -
Small.biz has crap security
Small firms are at risk of disclosing their financial
statements to unauthorised parties due to a lack of
IT security, KPMG says. A global study carried out
by KPMG found 87 per cent of those firms surveyed
had suffered security breaches in the past year.
According to KPMG, small businesses could be at
risk of disclosing financial information such as
balance sheets and profit and loss accounts to
parties outside their company.
http://www.theregister.co.uk/content/67/31821.html
- - - - - - - - - -
Spammers target Wi-Fi security
Unsecured connections could be used to hijack corporate
mail servers. Spammers are preparing to use weaknesses
in corporate wireless local area networks (Lans)
to send out floods of unsolicited email, a security
company chief has claimed.
http://www.vnunet.com/News/1142412
http://www.newsfactor.com/perl/story/21928.html
- - - - - - - - - -
Cisco Offers Patch for Network Software Flaw
Companies that operate key Internet backbones scrambled
to patch a serious software flaw in equipment that relays
much of the global network's traffic. The vulnerability,
in Cisco Systems Inc. routers and other switches, could
be used by hackers to cause outages. The problem has not
been exploited, according to Cisco, which released a free
patch to fix the flaw in its Internetworking Operating
System.
http://www.latimes.com/technology/la-fi-rup18.9jul18,1,1300237.story
http://www.theregister.co.uk/content/55/31828.html
Exploit of Cisco flaw posted; no outages reported
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6334128.htm
Code to exploit Cisco flaw may pose risk
http://news.com.com/2100-1002_3-1027326.html
http://www.usatoday.com/tech/news/computersecurity/2003-07-18-cisco-hack-already_x.htm
Internet Security Experts Escalate Warnings
http://www.washingtonpost.com/wp-dyn/articles/A10941-2003Jul18.html
http://www.msnbc.com/news/940968.asp
http://www.cnn.com/2003/TECH/internet/07/18/cisco.vulnerability.ap/index.html
http://www.theregister.co.uk/content/55/31825.html
http://computerworld.com/securitytopics/security/holes/story/0,10801,83208,00.html
Twin flaws threaten Net
http://news.zdnet.co.uk/story/0,,t269-s2137767,00.html
- - - - - - - - - -
MUSIC BIZ SUBPOENAS 150 USERS
The music industry has demanded that Verizon
Communications cough up 150 names in its attempt
to find those who are allegedly trading copyrighted
songs. The phone company is in the process of
complying with the subpoenas - just some of those
sent out by the Recording Industry Association of
America in the last weeks. "[Verizon] views the
current moment as a dangerous situation," said
Sarah Deutsch, vice president and associate general
counsel at Verizon, in an e-mail interview.
"[Verizon's] court battle continues, so even while
complying, we continue to fight."
http://www.nypost.com/business/795.htm
http://www.suntimes.com/output/news/cst-nws-depaul17.html
http://www.wired.com/news/business/0,1367,59663,00.html
Loyola releases two student names to RIAA
http://www.siliconvalley.com/mld/siliconvalley/news/editorial/6311463.htm
DirecTV dragnet snares innocent techies
http://www.securityfocus.com/news/6402
Congressman pocketed $18,000 for RIAA 'lobbying trip'
http://www.theregister.co.uk/content/6/31812.html
- - - - - - - - - -
If you are still allowing Bearshare/Kazaa inside your office..... print
out one of
these articles and read it ....very carefully......
Bill Would Put Net Song Swappers in Jail
Peer-to-peer users who swap copyrighted files could
be in danger of becoming federal felons, under a new
proposal backed by Democrats in the U.S. House of
Representatives. Their legislation, introduced
Wednesday, would punish an Internet user who shares
even a single file without permission from a copyright
holder with prison terms of up to five years and fines
of up to $250,000.
http://zdnet.com.com/2100-1105_2-1026715.html
http://www.washingtonpost.com/wp-dyn/articles/A4876-2003Jul17.html
http://www.msnbc.com/news/940397.asp
http://www.cnn.com/2003/TECH/internet/07/17/music.internet.reut/index.html
http://www.wired.com/news/digiwood/0,1412,59654,00.html
http://www.vnunet.com/News/1142402
http://www.theregister.co.uk/content/6/31800.html
until next time....see you on the wires...
--
"Don't lose sight of security. Security is a state of being, not a
state of budget. He with the most firewalls still does not win.
Put down that honeypot and keep up to date on your patches. Demand
better security from vendors and hold them responsible. Use what
you have, and make sure you know how to use it properly and
effectively."
~ Rain Forest Puppy
http://www.wiretrip.net/rfp/txt/evolution.txt