Security UPDATE--SANS Updates Its Annual Top 20 List--November 22, 2006

PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:

Privacy. Compliance. International Data. Free WP

http://findinvestinfo.com/penton/nl/223

Reducing the Cost of IT Compliance: Streamlining the IT Compliance Life Cycle

http://www.windowsitpro.com/go/whitepapers/scalable/compliance?code=SECMid1122

Liquid Machines and Windows RMS: Rights Management for the Enterprise

http://www.windowsitpro.com/go/whitepapers/liquidmachines/rightsmgmt/?code=SECHot1122

CONTENTS

===========================================

IN FOCUS: SANS Updates Its Annual Top 20 List NEWS AND FEATURES - Microsoft Licenses Group Policy Conversion Tool to Ease Vista Migration - Forefront Client Beta Available; New Forefront Server Products Coming Soon - Web Application Security Report to Debut in January - Recent Security Vulnerabilities GIVE AND TAKE - Security Matters Blog: Windows Vista Security Guide Available - FAQ: Using FrontPage to Backup or Restore a SharePoint Site - From the Forum: Setting Up Security Groups - Know Your IT Security Contest - SharePoint Pro Online--LIVE! Event PRODUCTS - Manage USB Drives for Access and Storage - Wanted: Your Reviews of Products RESOURCES AND EVENTS FEATURED WHITE PAPER ANNOUNCEMENTS === SPONSOR: NetIQ

===================================

Privacy. Compliance. International Data. Free WP Is your multinational company feeling mounting pressure trying to meet worldwide compliance regulations that protect personally identifiable information or PII? The timely Free White Paper: Privacy, Compliance and International Data Flows presents action steps needed to avoid legal problems today. http://findinvestinfo.com/penton/nl/223 === IN FOCUS: SANS Updates Its Annual Top 20 List

====

by Mark Joseph Edwards, News Editor, mark at ntsecurity / net In the past, the SANS Institute published an annual list, Top 10 Vulnerabilities, that outlined the most serious vulnerabilities facing system administrators on a variety of platforms. The list was later expanded to the top 20 vulnerabilities. This year, SANS has changed the name of its list to the SANS Top-20 Internet Security Attack Targets. The list is divided into four categories--OSs, cross-platform applications, network devices, and security policy and personnel--along with a special section that discusses zero-day attacks. The OS category is almost entirely devoted to Windows. Areas that need special attention on Windows platforms include Internet Explorer (IE), Windows libraries (DLLs), services, overall system configuration, and Office. The cross-platform applications category is broad and includes common targets of attack such as Web applications, database software, P2P and IM applications, media players, DNS servers, backup software, and various types of management servers. As history shows, new targets of attack typically include emerging technologies, which are usually less mature and thus prone to include exploitable bugs. VoIP technology is a case in point. SANS points out that both VoIP servers and phones have become major targets, with no fewer than four vulnerabilities reported in the hugely popular Asterisk VoIP server platform, two vulnerabilities in Cisco Call Manager, and at least seven vulnerabilities in VoIP phones. Two long-standing information security problems have been the existence of excessive user rights and the use of unauthorized devices. Both these problems could be related to insufficient or nonexistent security policies. Such problems could give rise to situations in which users inadvertently open security holes into a network or introduce malware. The problem could also lead to the exposure or theft of sensitive company information. Phishing is of course a major problem and makes end users a major point of attack. Phishing attacks, like other forms of social engineering, are designed to glean sensitive information from unsuspecting users. Attacks can be very sophisticated and highly tailored and targeted. Last, but certainly not least, are the ever-present zero-day exploits that have plagued security administrators since computers came into mainstream use. Although historically, most zero-day attacks have targeted Windows platforms, other OSs aren't immune. The SANS list points to Windows and Apple OS X as the current major points of attack. However, zero-day exploits have also turned into attacks against various Linux platforms, Wi-Fi devices and their drivers, and other commonly used technologies. In fact, the Kernel Fun blog is currently hosting a "month of kernel bugs" that affect various platforms, including BSD and Linux. In some cases, no patch is available for the bugs posted, which of course puts millions of users and many businesses at serious risk. How fun is that? http://kernelfun.blogspot.com/index.html The SANS Top-20 Internet Security Attack Targets report is a good resource for security administrators to use as a means to gain insight into what others see as the most serious attack vectors. The report is free at the SANS Web site in HTML or PDF format, and administrators would do well to carefully review the report to make sure that they've got all their bases covered. http://www.sans.org/top20 === SPONSOR: Scalable Software

=======================

Reducing the Cost of IT Compliance: Streamlining the IT Compliance Life Cycle The average enterprise spends nearly $10 million annually on IT compliance. Download this free whitepaper today to streamline the compliance lifecycle, and dramatically reduce your company's costs! http://www.windowsitpro.com/go/whitepapers/scalable/compliance?code=SECMid1122 === SECURITY NEWS AND FEATURES

=======================

Microsoft Licenses Group Policy Conversion Tool to Ease Vista Migration The ADMX Migrator tool, developed by FullArmor, will be available for free to convert ADM templates to ADMX. http://www.windowsitpro.com/Article/ArticleID/94253 Forefront Client Beta Available; New Forefront Server Products Coming Soon Microsoft released the Forefront Client Security public beta and announced that Forefront Security for Exchange Server and Forefront Security for SharePoint will be available in December. http://www.windowsitpro.com/Article/ArticleID/94274 Web Application Security Report to Debut in January WhiteHat Security will soon begin offering a quarterly report on the vulnerabilities affecting enterprise Web sites. http://www.windowsitpro.com/Article/ArticleID/94277 Recent Security Vulnerabilities If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at http://www.windowsitpro.com/departments/departmentid/752/752.html === SPONSOR: Liquid Machines

=========================

Liquid Machines and Windows RMS: Rights Management for the Enterprise Extend Microsoft Windows Rights Management Services (RMS) to support enterprise requirements for information protection, including proprietary business data. http://www.windowsitpro.com/go/whitepapers/liquidmachines/rightsmgmt/?code=SECHot1122 === GIVE AND TAKE

====================================

SECURITY MATTERS BLOG: Windows Vista Security Guide Available by Mark Joseph Edwards, http://www.windowsitpro.com/securitymatters Microsoft published its official Windows Vista Security Guide. It's available at the TechNet Web site now. http://www.windowsitpro.com/Article/ArticleID/94259 FAQ: Using FrontPage to Backup or Restore a SharePoint Site Q: How can I use Microsoft FrontPage to back up or restore a Microsoft SharePoint site? Find the answer at http://www.windowsitpro.com/Article/ArticleID/93564 FROM THE FORUM: Setting Up Security Groups A reader has set up two security groups on a shared folder; one allows special modify access and the other allows modify access. With the security setting applied, users can create subfolders but can't rename files. Is there a solution for this? Join the discussion at http://forums.windowsitpro.com/web/forum/messageview.aspx?catid=42&threadid=50083&enterthread=y KNOW YOUR IT SECURITY Contest Share your security-related tips, comments, or solutions in 1000 words or less, and you could be one of 13 lucky winners of a Zune media player. Tell us how you do patch management, share a security script, or write about a security article you've read or a Webcast you've viewed. Submit your entry between now and December 13. We'll select the 13 best entries, and the winners will receive a Zune media player--plus, we'll publish the winning entries in the Windows IT Security newsletter. Email your contributions to [email protected]. Prizes are courtesy of Microsoft Learning Paths for Security: http://www.microsoft.com/technet/security/learning SharePoint Pro Online--LIVE! will be a premier virtual event for developers and administrators of SharePoint products and technologies. Brought to you by MSD2D and the Windows IT Media Community, this event will demonstrate, showcase, and exhibit the premier companies in the SharePoint market. The conference will bring industry experts to the desktops of attendees, educating them on various SharePoint topics. TO REGISTER: http://events.unisfair.com/rt/sharepoint?code=mix === PRODUCTS

=========================================

by Renee Munshi, [email protected] Manage USB Drives for Access and Storage RedCannon Security offers KeyPoint Alchemy, which turns USB flash drives from a variety of manufacturers into corporate storage and access devices. KeyPoint Alchemy, an appliance-based system with a Web-based management interface, automatically updates applications, content, authentication tokens, and security policies on USB drives. It offers complete USB device lifecycle management, including provisioning, password reset, and remote destruction. For more information, go to http://redcannon.com/products/alchemy.html WANTED: your reviews of products you've tested and used in production. Send your experiences and ratings of products to [email protected] and get a Best Buy gift certificate. === RESOURCES AND EVENTS

=============================

For more security-related resources, visit http://www.windowsitpro.com/go/securityresources Can you set up a single sign-on environment for Linux and Windows? After attending this free seminar from TechX World on December 14, you'll be able to! We'll discuss the different authentication mechanisms used by Windows and Linux and show how you can configure networked Linux systems to accept logons in a secure manner using Windows AD accounts. Register today! http://events.unisfair.com/rt/techx?code=1122emailannc Do you have visibility of and control over your software licenses? Most organizations face serious challenges, such as understanding vendor licensing models, cost overruns, missed deadlines and business opportunities, and lost user productivity. Learn to address these challenges and prepare for audits. Register for the free Web seminar, available now! http://www.windowsitpro.com/go/seminars/macrovision/softwarelicensing/?partnerref=1122emailannc BONUS: Register for any Web seminar--live or on-demand--during the month of November, and you could win a PS3! View a full list of eligible seminars at http://www.windowsitpro.com/events/Index.cfm?Filter=webSeminars&fID=1 Are you an Oracle professional who has cross-platform responsibilities, or do you need to transfer your skill set to SQL Server? If so, register for free to attend the Cross Platform Data online event January 30 and 31 and February 1, 2007. In a seminar featuring SQL Server/Oracle experts Andrew Sisson from Scalability Experts and Douglas McDowell from Solid Quality Learning, you'll learn key concepts about SQL Server 2005, including how to deploy SQL Server's BI capabilities on Oracle, proof points demonstrating that SQL Server is enterprise-ready, and how to successfully deploy Oracle on the Windows platform. http://events.unisfair.com/rt/sql/?code=1122emailannc After disaster strikes, does recovering your data feel like digging for buried treasure? Test your disaster recovery skills, and you could win! Each week we'll give away a USB flash drive to one lucky treasure hunter. You'll also be entered to win the full treasure chest, including Bose headphones! Test your skills now! http://popquiz.windowsitpro.com/symantectreasurehunt/default.aspx In this free podcast, Randy Franklin Smith outlines five evaluation points to consider when choosing your antispyware solution. Download it today! http://www.windowsitpro.com/go/podcasts/pctools/antispyware/?code=1122emailannc === FEATURED WHITE PAPER

=============================

When your email systems go down, do your employees stop communicating? Of course not--they find alternative methods, which might not be compliant with your messaging regulations. Download this free Executive Guide to discover the impact of email outages on compliance and learn methods for establishing continuity in your corporate messaging environment. http://www.windowsitpro.com/go/whitepapers/messageone/continuity/?code=1122featwp === ANNOUNCEMENTS

====================================

Special Invitation for VIP Access Become a VIP subscriber and get continuous, inside access to ALL the content published in Windows IT Pro, SQL Server Magazine, and the Exchange and Outlook Administrator, Windows Scripting Solutions, and Windows IT Security newsletters. Subscribe now and SAVE $100: https://store.pentontech.com/index.cfm?s=1&promocode=eu276buv Save $40 off SQL Server Magazine Subscribe to SQL Server Magazine today and SAVE $40! Along with your 12 issues, you'll get FREE access to the entire SQL Server Magazine online article archive, which houses more than 2,500 helpful SQL Server articles. This offer expires on November 30, 2006, so order now: https://store.pentontech.com/index.cfm?s=9&promocode=eu216bus

===========================================================

Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and the Windows IT Security newsletter (subscribe at the second URL below).

http://www.windowsitpro.com/windowssecurity

https://store.pentontech.com/index.cfm?s=1&promocode=eu255xsb

Subscribe to Security UPDATE at

http://www.windowsitpro.com/Email/Index.cfm?action=archive

Unsubscribe by clicking

http://list.windowsitpro.com/u?id=%%SUBSCRIBER_ID_TAG%%

Be sure to add [email protected] to your antispam software's list of allowed senders.

To contact us:

About Security UPDATE content -- [email protected]

About technical questions -- http://www.windowsitpro.com/forums

About your product news -- [email protected]

About your subscription -- [email protected]

About sponsoring Security UPDATE -- [email protected]

View the Windows IT Pro privacy policy at

http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy

Windows IT Pro, a division of Penton Media, Inc.

221 East 29th Street, Loveland, CO 80538

Attention: Customer Service Department

Copyright 2006, Penton Media, Inc. All rights reserved.