Security UPDATE - 31 Mar 2004

Make sure to remove corporate data from old disks before you dispose of them. Also, get links to security news items and feature articles.

ITPro Today

March 30, 2004

11 Min Read
ITPro Today logo in a gray background | ITPro Today

===============

==========

* In Focus: Wiping Old Hard Disks Clean * Security News and Features - News: Scripting MBSA 1.2 - News: Windows 2003 AD Quotas - News: Cryptcat and Netcat; Secure Your Domain for 100 Years - News: Three Betas: XP SP2, LimitLogon, Mozilla 1.7 * New and Improved - Respond to Network Security Information in Real Time

==========

==== Sponsor: Symantec ON iPatch - First Enterprise Patch Management Solution ==== ON iPatch lets you proactively patch and secure thousands of computers simultaneously - including remote and mobile computers, no matter where they are located or connected - and rapidly recover from virus corruption, without the significant cost and time delay of sending IT staff to remote locations. ON iPatch proactively identifies and installs all missing patches and removes unauthorized files and applications. It provides an automated, unattended solution for a security audit of all your managed computers, and has the ability to place corrupted computers in "safe mode" and then execute remediation utilities off line in a 100% unattended manner. Click here for more information: http://sea.symantec.com/WindowsiPatch

==========

==== In Focus: Wiping Old Hard Disks Clean ==== by Mark Joseph Edwards, News Editor, mark at ntsecurity dot net A component that's typically changed during computer upgrades is the hard disk. Users run out of space and need a larger disk, particularly if their existing disks are somewhat old and therefore probably have less capacity. Swapping out disks or complete systems is common, but I wonder whether you wipe clean your old disks before sending them off for recycling or resale. If you do wipe the disks, are you sure that data can't be recovered from them? Some people might think that simply using Fdisk to destroy partitions is a good enough technique for eliminating data. After all, if the partitions are gone, who could recover the data, right? Wrong. Fdisk changes only partition tables--it doesn't touch the other sectors on the drive. So any data that users stored on those other sectors is still there, which means that someone with a little knowledge could recover that data. Simson Garfinkel wrote the article "Hard Disk Risk" about a year ago for CSO Magazine. In the article, Garfinkel talks about his adventures in purchasing old hard drives at resale shops and the data that he found on them. One drive was formerly used in an ATM machine and contained a year's worth of transaction records; another drive had more than 5000 credit card numbers; yet another had sensitive personal information about an individual Only 10 percent of the drives Garfinkel purchased were properly wiped of data. http://www.simson.net/clips/2003.CSO.04.hard_disk_risk.htm To wipe a disk clean, you need to overwrite all sectors on a drive in some fashion. Some disk-wiping tools can overwrite sectors numerous times to better ensure that the magnetic flux (which is the means by which data is recorded) is dramatically changed so that little if any flux remains to be used toward data recovery. Or you might decide that one overwrite process is enough for your needs. Garfinkel raises an interesting question: If you give your old hardware to resellers or other organizations, do you trust these organizations to satisfactorily delete your data? You might consider wiping your own drives before you release them from your control. To get the job done, you might use Autoclave, LSoft Technologies' Active@KillDisk, Stellar Information Systems' Stellar Wipe Safe Data Eraser, Heidi Computers' Eraser, or any number of other tools designed to destroy disk-based data. http://staff.washington.edu/jdlarios/autoclave http://www.killdisk.com http://www.stellarinfo.com/file-eraser.htm http://www.heidi.ie/eraser If you're interested in some facts as well as theory about how someone might recover data from your old drives and how disk-wiping technology can help prevent that from happening, be sure to read Peter Gutmann's extensive article on the subject. http://www.usenix.org/publications/library/proceedings/sec96/full_papers/gutmann/ Last week, I requested feedback about this newsletter. I've received numerous responses and want to thank those of you who did respond. However, I'd like to hear from even more of you! If you're so inclined, please email me your comments. If you missed last week's editorial, you can read it at the URL below. In essence, I welcomed any suggestions, comments, or critiques regarding this newsletter. Send your response to mark at ntsecurity dot net, and please prefix the subject line with "SECUPD" so that I can more easily identify responses to this request. http://www.winnetmag.com/article/articleid/42127/42127.html

==========

==== Sponsor: Symantec V2i Protector – Real-time Backup/Recovery ==== In the event of a security threat or disaster V2i Protector provides a real-time, disk-based backup and disaster recovery solution designed to capture a system's active state. Using V2i Protector, you can also quickly restore failed systems to a specified point-in-time by performing a full system restoration, a complete bare metal recovery or restore individual files and folders in minutes. V2i Protector creates exact backups of volumes/partitions through the use of snapshot technology. This captures all files and volumes, including system personalities and configurations. Click here to download an evaluation version today: http://sea.symantec.com/WindowsV2i

==========

==== Security News and Features ==== Recent Security Vulnerabilities If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at http://www.winnetmag.com/departments/departmentid/752/752.html News: Scripting MBSA 1.2 Updated sample scripts are now available for the Microsoft Baseline Security Analyzer (MBSA) 1.2. Microsoft published the updates on March 17. http://www.winnetmag.com/article/articleid/42116/42116.html Feature: Windows 2003 AD Quotas Windows Server 2003 has a new Active Directory (AD) quotas feature that lets you monitor and limit the number of objects a security principal (user, group, or computer) can create in a partition. This feature is similar to the built-in quota that Windows 2000 and later versions assign to authenticated users for creating computer objects except that the new Windows 2003 quotas apply to all object types. Robbie Allen explains the new feature in this article on our Web site. http://www.winnetmag.com/article/articleid/41898/41898.html News: Cryptcat and Netcat; Secure Your Domain for 100 Years You've probably heard of Netcat, a flexible network utility that can perform all sorts of functions. But have you heard of Cryptcat? The tool has been around for almost 4 years, but plenty of people don't know it exists. Network Solutions now lets you secure your domain name for 100 years in advance for $999. http://www.winnetmag.com/article/articleid/42131/42131.html News: Three Betas: XP SP2, LimitLogon, Mozilla 1.7 Microsoft released Windows XP Service Pack 2 (SP2) to public beta last week. Along with the beta, the company established 11 newsgroups in which users can discuss various aspects of the service pack. The ieXbeta.com Web site reports that Microsoft is now accepting applications for beta testers of an upcoming Windows Server 2003 Resource Kit tool, LimitLogon, which will let you limit the number of allowed concurrent sessions per user in an Active Directory (AD) domain. The tool requires Windows 2003 and Microsoft IIS 6.0. The Mozilla Organization released the Mozilla 1.7 public beta. The new version includes improved cookie controls, support for SMTP "MSN Authentication" in the mail client, performance improvements, and several other enhancements. http://www.winnetmag.com/article/articleid/42093/42093.html

==========

==== Sponsor: Virus Update from Panda Software ==== Are your traditional antivirus solutions really protecting your network? Panda Antivirus GateDefender is a dedicated hardware device installed at the Internet gateway to block viruses before they contaminate your network. It scans 7 different communication protocols, achieving optimum protection against external attacks. Panda Antivirus GateDefender 7100 (25-500 seats) & Panda Antivirus GateDefender 7200 (500 seats+) provide the highest scalability with native load balancing that transparently adapts to traffic volume. Visit "Panda's GateDefender Stands Guard!" at http://www.pandasecurity.com/gatedefender/ for more information.

==========

==== Announcements ==== (from Windows & .NET Magazine and its partners) Windows & .NET Magazine Connections Windows & .NET Magazine Connections features speakers from Microsoft and other top independent experts. Complete details about workshops, breakout sessions, and speakers are now online. All attendees will get a chance to win a Florida vacation. Keep your competitive edge by learning from the world's best experts. Go online now to register. http://www.winconnections.com Take Our Brief Survey! Does your company use third-party management tools to manage your Microsoft Windows network? If you do, Windows & .NET Magazine would like to hear from you about your preferences. Please respond to our short survey regarding Windows management tools and we'll enter you in a drawing to win one of two $50 Amazon.com gift certificates. http://www.zoomerang.com/survey.zgi?p=9VFBX43WXLCN

==========

==== Hot Release: Free Trial SSL Certificate from Thawte ==== Take your first step towards giving your online business a competitive advantage. Test-drive a Thawte SSL certificate – our easy online guide will show you how. Click here to get started: http://ad.doubleclick.net/clk;7681426;8993437;c

==========

=========

==== Contact Us ==== About the newsletter -- [email protected] About technical questions -- http://www.winnetmag.com/forums About product news -- [email protected] About your subscription -- [email protected] About sponsoring Security UPDATE -- [email protected]

==========

==== Contact Our Sponsors ==== Primary/Secondary Sponsor: Symantec -- http://www.symantec.com Hot Release Sponsor: Thawte -- http://www.thawte.com

===============

This email newsletter is brought to you by Windows & .NET Magazine, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today.

http://www.winnetmag.com/sub.cfm?code=wswi201x1z

View the Windows & .NET Magazine privacy policy at

http://www.winnetmag.com/AboutUs/Index.cfm?action=privacy

Windows & .NET Magazine, a division of Penton Media, Inc.

221 East 29th Street, Loveland, CO 80538

Attention: Customer Service Department

Copyright 2004, Penton Media, Inc. All rights reserved.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like