| This Month:
The
worm that ate the Internet?
Three computer-science
researchers recently published a paper entitled
"How
to Own the Internet in Your Spare Time,"
that describes new types of worms that have the
ability to infect Web servers, browsers and other
software so quickly that the Internet could be
taken down in a matter of minutes. The authors say
they tested the paper's thesis in a lab simulation
designed to subvert 10 million Internet hosts over
low-speed and high-speed lines. Supplied with its
own hit list of IP addresses and vulnerabilities
gained through previous scanning, the theoretical
worm could infect more than 9 million servers in
about 15 minutes. A similar theoretical worm they
coined the Flash worm, blasted out from a 622M
bit/sec link, would take even less time to
"own" the Internet. Source: Network
World Fusion
Understanding
and Troubleshooting DNS in Windows 2000
Microsoft has released a free training course
titled "Understanding and Troubleshooting DNS
in Windows 2000" that is available for
download as a compressed file that contains a CD
ISO image and instructions about how to create a CD
from the image. This course provides in-depth
discussion of Domain Name Service (DNS) as implemented
in Windows 2000, with emphasis on best
practices for installing, maintaining, and
troubleshooting the DNS Client service and DNS
Server service in Windows 2000 networking and
Active Directory directory service
environments. Source: Microsoft.com
SANS:
'The Golden Age of Hacking rolls on'
Over the last eight months major new hacker tools
have been released, ending a lull in activity among
hackers that followed the Sept. 11 terrorist
attacks and the enactment of legislation that
enhanced law enforcement's ability to prosecute
people who break code and wreak havoc on networks
by exploiting software vulnerabilities. Source: IDG.net
Managing
USB 2.0 Devices
David Chernicoff discovers an answer to a problem
that readers are having with Windows XP Service
Pack 1 (SP1) upgrade and USB 2.0 port
identification--Device Manager gives them weird
information about their USB 2.0 ports. Source: Windows
& .NET Magazine
Tough
Migration Moves:
Migrating from Novell Directory Services to Active
Directory is hard work. This article explains how
to assess your current situation, formulate an
action plan and specify features for third-party
help. Source: MCPMag
The
Ever-Morphing Mrxsmb
Microsoft has released 12 redirector bug fixes for
mrxsmb.sys since April. Find out what they are and
how to patch them. Source: Windows & .NET
Magazine
Group
Policy XPerience:
You can do more
with Group Policy in Windows XP than in Windows
2000 Professional. Here©s a guide to the changes.
Source: MCPMag.com
Polymorphic
Macro Viruses, Part One
Polymorphic viruses change their code in
fundamental ways, such as changing the encryption
routine or the sequence of instructions, in order
to avoid detection by anti-virus scanners. This
article is the first of a two-part series that will
offer a brief overview of the use of polymorphic
strategies in macro viruses. Source: SecurityFocus
Proactive
job review defense
Many readers will face some type of job review in
the next few months. Two years ago, review time was
spent discussing your big raise to keep you at the
company. Reviews today are much less fun, and often
spent discussing how to keep your job during the
next layoff. Source: ITWorld
Bogus
Checklist
Leave it to the [market research firm] Gartner to
come up with vague and contradictory predictions
for the years ahead. The latest laundry list of
technology predictions leaves a lot to be desired.
When will this nonsense end? Source: PCMagazine
Get
a Free Windows 2000 Security Resource Kit
The Security Resource Kit contains the Security
Operations Guide for Windows 2000 Server, Microsoft
Baseline Security Analyzer, security-related white
papers, and more. Source: Microsoft.com
Using
SMS 2.0 to Deploy Microsoft Office XP
This white paper supplements the Office XP
documentation and the SMS 2.0 software
distribution documentation by providing information
specifically targeted at deploying Office XP
to SMS 2.0 clients in your organization.
Source: Microsoft
Is
Linux Really More Secure Than Windows?
Ramen, Slapper, Scalper and Mighty may sound like
Santa's new team of reindeer, but they are
creatures far lower down the evolutionary ladder --
and much less welcome. These are worms that have
infiltrated Linux servers in recent months,
commandeering the servers for use in distributed
denial-of-service attacks. Linux enthusiasts who
once believed they were less vulnerable to attack
than Microsoft users have begun to wonder whether
they were overly optimistic. But it is a mistake to
think that one operating environment is inherently
more risky than another.
Source: OS Opinion
Troubleshooting
Microsoft Exchange 2000 Server Performance
This technical article introduces the tools,
concepts, and recommendations you need in order to
troubleshoot Microsoft© Exchange 2000 Server
performance. It also provides information on how to
monitor the health of your Exchange 2000 servers
and how to establish a baseline of normal server
performance to measure against when troubleshooting
performance. Source: Microsoft.com
Windows
XP Home Edition - A bad choice gets worse
XP Home Edition is clearly not designed for
corporate or even serious small business/academic
use, but it's still finding inroads into these
environments because it's cheaper than XP
Professional. Being aware of XP Home Edition's many
shortcomings can help consultants and
administrators steer management away from
purchasing decisions that are penny wise and pound
foolish. Source: PCMagazine
Securing
End Users from Attack
From malicious code to social engineers, corporate
end users face a gamut of threats that endanger the
network. Secure your users to secure your
enterprise. Source: CommWeb
Microsoft
Operations Manager 2000 Deployment Checklist
These checklists can be used as an aid for
deploying Microsoft© Operations Manager 2000 (MOM)
in a specific operational scenario. This scenario
is derived from current MOM installations in the
user community. Their purpose is to give you a
logical, and in some cases, required, sequence of
steps for successfully installing and configuring
MOM elements in a single pass. Source: Microsoft
6
Myths About Security Policies
In the course of working on the new policies, Al
Berg learned the truth about his assumptions, which
he now calls the "Six Myths of Infosecurity
Policies." In this article, Al outlines these
myths and provides practical advice on how to write policies that work
in the real world. Source: InfoSecurityMag
Government
releases top 20 vulnerability 'hit list'
The U.S. General Services Administration, unveiled
a target list of the top 20 Internet security
vulnerabilities, along with products and programs
designed to help companies destroy those flaws.
Source: ComputerWorld
One
Patch to Rule Them All
A recent XP security hole begs the question, do we
really want Microsoft to release individual fixes
for every bug? Source: SecurityFocus.com
The
Latest Batch of SP3 Fixes
Paula Sharick provides a summary of five new Win2K
SP3 bug fixes, including a fix for a DHCP
reservation problem, a workaround you can use to
force a domain controller (DC) to immediately
replicate an account you disable, an update that
corrects a blue screen that occurs when you close a
file on a network share, a solution for a Win2K
Server Terminal Services client printing problem,
and a code fix that eliminates Perflib error
messages in the Application Event Log. Source: Windows
& .NET Magazine
Systems
Management Server 2003 Reviewer's Guide
Designed especially for technology reviewers, this
guide offers a number of evaluation materials for
the beta version of Microsoft Systems Management
Server 2003. The content describes the goals of the
Systems Management Server 2003 product and the new
features and architecture that meet those goals.
The document concludes with detailed step-by-step
instructions for evaluating the key features of
Systems Management Server 2003.
Past Archives
|
