LabMice Link of the Day Archive

	LabMice Link of the Day Archive - September 2002
As we surf the web in our pursuit of additional content for LabMice, we occasionally stumble upon a really cool, humorous, unusual, or very useful link that we think should stand out from the hundreds we add every week. So we developed a small section on our front page to highlight these, and will archive the rest here.

This Month:

SQL Server 2000 Auditing
Microsoft has made each version of SQL Server more secure and easier to administer than the previous one. In August 2000, an independent testing facility found that SQL Server 2000 meets the US Department of Defense's C2 security requirements. If your company needs to meet C2 security standards or you need to audit usage of your SQL Server 2000 installation for other reasons, you'll find this discussion of auditing helpful. Source: Microsoft.com

Protecting Windows RPC Traffic
In security circles, Remote Procedure Calls (RPCs) are bad news. According to a study by Cisco, "The most vulnerable Internet service, ranked by the percentage of times that the service was visible and found to have a security problem" is RPC, with 93.4 percent of the systems exposing RPC reporting security problems. This article discusses some of the perceptions and the realities of RPC vulnerabilities on the Windows platform, and the use of Microsoft's ISA server to address some of these issues. Source: Microsoft.com

Remote Management of Win2K Servers: Three Secure Solutions
Remote management of servers presents several problems, the most obvious being that the traffic between the administrator and the server is travelling across the public Internet, available for others to sniff. This article will discuss three methods to make the remote management of Win2K servers more secure. Source: SecurityFocus.com

The Lone Ranger and the chip maker
An ex-Intel employee decided to fight back against what he saw as the chip giant's abusive and discriminatory employment practices, by sending six separate email messages to between 8,000 and 35,000 Intel employees over a two-year period. Intel claims his emails are a form of trespassing. He says they're a form of free speech. The court case could turn AOL Time Warner and Google into outlaws. Source: Red Herring

How a Bank Got E-Mail Scammed
It's one thing to fall for an e-mail scam. It's quite another to send $2.1 million of other peoples money. An "urgent business proposition" and requests for "urgent assistance" from a so-called Nigerian official were heeded by a Detroit bank secretary in the latest example of how the ubiquitous e-mail scam actually works. Source: Wired

Why .NET will conquer the world
.NET clearly bears a strong resemblance to Java. It offers many of the same features, while adding interesting additions of its own (code metadata, versioned assemblies, etc). Microsoft, however, is better positioned to create a cross-market software unification framework than Sun Microsystems ever was (or is). This will result in a rapid expansion in .NET's popularity which eats into Java's market share as it grows to take over the development world. Source: ZDNet

Yankee Group: Get the Lead Out in XP and .NET Migrations
It's no secret that many companies are holding off from migrating to the advanced features of Windows 2000, such as Active Directory, as well as to Windows XP on the client side. It also appears that companies will be slow on the uptake for migrating to Windows.NET as these server operating systems roll out. IT budgets are tight, and companies don't see the urgency to moving to new versions of Windows. However, companies that procrastinate on these migrations do so at their own peril, a Yankee Group analyst warned. Source: ENT Online

Detecting and Removing Trojans and Malicious Code from Win2K
The amount of malicious code directed at Windows systems seems to be increasing on a continual curve The purpose of this article is to recommend steps that an administrator can use to determine whether or not a Win2K system has been infected with malicious code or "malware" and, if so, to remove it. Source: SecurityFocus.com

Securing 802.11 Wireless Networks
Wireless networking has quickly become the most exciting networking technology of this decade. No longer limited to propeller heads and weekend data warriors, wireless networks have hit the mainstream. Anyone who's explored wireless security features, though, knows how little security such networks inherently provide. Many administrators assume that their wireless network signal is too remote or too contained (e.g., within a building) to be open to attack. This article describes how to use Win2K Routing and Remote Access and PPTP or IPSec to tighten security. Source: Windows & .NET Magazine

Best Practices for Preventing DNS/Denial of Service Attacks
A summary of 10 practices that protect networks from DOS attacks, from keeping an audit trail to critical reviews of existing configurations and processes. Source: Microsoft.com

Strategies & Issues: Thwarting Insider Attacks
Many organizations fail to adequately protect against internal threats-often with calamitous consequences. Here are some chilling numbers to help illustrate the problem: According to InterGov (www.intergov.org), an international organization that works with police agencies to combat cyber crime, insiders commit about 80 percent of all computer- and Internet-related crime, and these crimes cause an average loss of about $110,000 per corporate victim. Source: Network Magazine

Outlook Express becomes attack platform, of sorts
For years, hackers have exploited vulnerabilities in Outlook Express to infect users. Now, a newly discovered exploit may allow hackers to use Outlook Express's 'message fragmentation and re-assembly' (MFR) capability to bypass SMTP filters, and possibly even antivirus software. Source: The Register (Sept 12, 2002)

Wireless Spec No Security Elixir
Experts warn that 802.1x has unresolved problems and should not be considered a panacea for the security ills plaguing wireless LANs. Source: eWeek

XP Service Pack said to fix major flaw
Microsoft always urges users to update programs when it ships a Service Pack, but a little-known and easily exploited vulnerability in Windows XP makes SP1 especially important. The flaw could allow files on any PC running Windows XP to be deleted simply by clicking on a malicious URL, which could be distributed by e-mail as a URL, or posted in a newsgroup or on a Web page. Source: PCWorld

How to protect your network without security overkill
In this year's Computer Crime and Security Survey by the Computer Security Institute, 40% of respondents said their systems had been penetrated from outside the network. Under the avalanche of network security products and information available, the most important check list item doesn't cost a dime. It's time, said Mike Mychalczuk, senior product manager for NetIQ's security products group. Source: SearchWindowsManageability.com

Windows XP Service Pack 1
Microsoft released Service Pack 1 for Windows XP today, and it's available for download here In addition to the numerous bug fixes that are normally part of a service pack release, SP1 includes modifications designed to comply with the recently proposed antitrust settlement. For more information, see the SP 1 release notes.

Lead Windows developer bugged by security
Brian Valentine says he's not proud. One of his most notable works, the Windows 2000 operating system, has a security record that is nothing to boast about. In fact, it's downright dismal, many experts say. Source: IDG.net

Troubleshooting Service Pack Upgrades
Discover how service pack upgrades work, why hidden desktop applications don't always stay hidden, and problems with using port 443 for automatic updates. Source: Windows & .NET Magazine

Who Goes There? An Introduction to On-Access Virus Scanning, Part One
By now, most savvy computer users have anti-virus software (AV) installed on their machines and use it as part of their regular computing routine. However, most average users do not know how anti-virus software works. This two-part series will offer a brief overview of a particular type of anti-virus mechanism know as on-access virus scanners. Source: SecurityFocus.com

Firewall Follies
The complacency firewalls breed is ultimately more damaging than the computer pirates they keep out. Source: Wired

Keeping Your Windows Systems Updated
Although many of the updates that the XP Automatic Updates download are XP-specific, some are also beneficial for Win2K and NT computers on your network. David Chernicoff shares his perspective on why you need to check whether your systems are up-to-date. Source: Windows & .NET Magazine

Past Archives

2002

January	February	March
April	May	June
July	August	September
October	November	December

2001

January	February	March
April	May	June
July	August	September
October	November	December

2000

July	August	September
October	November	December

This site and its contents are Copyright 1999-2003 by LabMice.net. Microsoft, NT, BackOffice, MCSE, and Windows are registered trademarks of Microsoft Corporation. Microsoft Corporation in no way endorses or is affiliated with LabMice.net. The products referenced in this site are provided by parties other than LabMice.net. LabMice.net makes no representations regarding either the products or any information about the products. Any questions, complaints, or claims regarding the products must be directed to the appropriate manufacturer or vendor.

$LabMice.net - The Windows 2000\XP\.NET Resource Index$
Home \| About Us \| Search \|	Last Updated December 10, 2003