Security UPDATE--Look Before You Leap into IPv6 with Teredo--December 6, 2006

PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:

LinkScanner Pro - Stop zero-day Internet attacks

http://www.explabs.com/promotions/xern_lspro.asp?loc=wipmailstop

Free Whitepaper Kit: Top 10 Patch Management Tips

http://findtechinfo.com/penton/nl/177

Clean Up Your Company's Email Act: Using Filters to Block Threats

http://www.windowsitpro.com/go/whitepapers/stbernard/cleanup/?code=SECHot1206

CONTENTS

===========================================

IN FOCUS: Look Before You Leap into IPv6 with Teredo NEWS AND FEATURES - Loosened Copyright Restrictions Aid Security Researchers - Exploit Prevention Labs LinkScanner Takes Aim at McAfee SiteAdvisor - The Paros Proxy Server - Recent Security Vulnerabilities GIVE AND TAKE - Know Your IT Security Contest--Last Week to Enter - Security Matters Blog: EU Wants a Crackdown on Spam - FAQ: Security Assessment Tool - From the Forum: Forgotten Password on HP Laptop - Microsoft Learning Paths for Security: A More Secure Platform Through Identity and Access Management PRODUCTS - Speedy Antispyware Scanning in Vista - Wanted: Your Reviews of Products RESOURCES AND EVENTS FEATURED WHITE PAPER ANNOUNCEMENTS === SPONSOR: ByteCrusher

=============================

LinkScanner Pro - Stop zero-day Internet attacks LinkScanner Pro complements existing security products like a firewall or anti-virus by providing effective zero-day protection against web threats. Firewalls don't see these new threats because they use trusted browser connections. Anti-virus and anti-spyware programs only detect them after the damage has been done to the computer. LinkScanner provides real-time analysis of network traffic, web site content and behavior to protect users from a wide-range of online threats including malicious content, phishing, social engineering and targeted software exploits. Unlike products that use out-dated databases and questionable user feedback, LinkScanner's protection and site ratings are based on a current inspection of the web site and the data stream entering your computer. With LinkScanner, web surfing just became a whole lot safer. http://www.explabs.com/promotions/xern_lspro.asp?loc=wipmailstop === IN FOCUS: Look Before You Leap into IPv6 with Teredo

by Mark Joseph Edwards, News Editor, mark at ntsecurity / net We're told that the future of the Internet revolves around the IPv6 protocol. Meanwhile, the majority of computers on the Internet still use IPv4. The two protocols are different enough that key software packages that are designed for IPv4 are unable to properly handle IPv6 traffic. This is of course one of the major hurdles for IPv6 adoption. To help with this problem, Microsoft developed the open Teredo protocol, which tunnels IPv6 traffic over IPv4 networks when IPv6 clients are behind some sort of Network Address Translation (NAT) device that doesn't understand IPv6. If you're interested in the technical specifications for Teredo, you can read RFC 4380, "Teredo: Tunneling IPv6 over UDP through Network Address Translations (NATs)," at the URL below. http://www.rfc-editor.org/rfc/rfc4380.txt Because Teredo is an open specification, Teredo software packages are available for a variety of platforms, including Mac OS X, Linux, BSD, and Sun Microsystems Solaris. One such package is Miredo, at the URL below. http://www.simphalempin.com/dev/miredo For Windows, Teredo first appeared in service packs for Windows XP and Windows Server 2003. It's also a standard part of Windows Vista and will be a standard part of Longhorn when it's released. Teredo is a decent idea, however you should understand some security implications before you jump into using the technology. Last week, Symantec published a white paper titled "The Teredo Protocol: Tunneling Past Network Security and Other Security Implications," written by Dr. James Hoagland, principal security researcher with Symantec Advanced Threat Research. The white paper presents an examination of real and potential security problems. For example, Hoagland explains how worms that use network layer 3 or 4 could use Teredo to escape a contained IPv6 network and reach remote IPv6 networks. You recall that the Slammer worm was able to propagate itself by using only one UDP packet. Hoagland also writes that security devices such as intrusion detection and prevention systems (IDSs/IPSs) that are designed for IPv4 don't understand IPv6 traffic. Thus, the IPv4 devices can't enforce adequate security controls on IPv6 traffic encapsulated in IPv4 packets. Another problem is that Teredo might allow unwanted traffic into the IPv6 or IPv4 network. Other potential security problems relate to the possibilities of creating a Denial of Service (DoS) condition in both Teredo clients and servers and the ability for remote systems to traverse the NAT in ways that are probably undesirable. If you're interested in using Teredo, by all means download a copy of Symantec's white paper (at the URL below) and read it over carefully. It might save you many headaches and answer a lot of questions before they even arise as a result of oddities in your network. http://www.symantec.com/avcenter/reference/Teredo_Security.pdf Keep in mind that the white paper discusses Teredo in general and is based on the associated RFC. Hoagland said that Symantec intends to look specifically at Teredo in Windows Vista sometime in the future. So keep an eye out for that white paper to become available.

=

You still have one week (through December 13) to send us your security tips or stories and win a Zune media player. Email your contributions to [email protected]. To find out more about the Know Your IT Security contest, go to

http://www.windowsitpro.com/Article/ArticleID/93742

SPONSOR: PatchLink

=================================

Free Whitepaper Kit: Top 10 Patch Management Tips Stop the endless streams of security patches. Accurately "assess, deploy and track" software patches across Multiple OSs. FREE Whitepaper distills the top 10 requirements for selecting an effective patch management solution. Plus test drive the #1 Patch Management Solution. FREE 30-Day Trial. http://findtechinfo.com/penton/nl/177 === SECURITY NEWS AND FEATURES

=======================

Loosened Copyright Restrictions Aid Security Researchers A new exemption to the Digital Millennium Copyright Act (DMCA) lets researchers circumvent copyright protection systems on digital media, such as CD-ROMs, to test the security of those protection systems. http://www.windowsitpro.com/Article/ArticleID/94399 Exploit Prevention Labs LinkScanner Takes Aim at McAfee SiteAdvisor Both companies now have free and paid products that are designed to protect users from malicious content. http://www.windowsitpro.com/Article/ArticleID/94430 The Paros Proxy Server Proxy server Paros, a freeware Java application, helps you find your Web site's vulnerabilities and improve its security. http://www.windowsitpro.com/Article/ArticleID/94001 Recent Security Vulnerabilities If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at http://www.windowsitpro.com/departments/departmentid/752/752.html === SPONSOR: St. Bernard Software

====================

Clean Up Your Company's Email Act: Using Filters to Block Threats Do you want to block unwanted or undesirable email? Download this free whitepaper to learn how to manage the content of information crossing your network. http://www.windowsitpro.com/go/whitepapers/stbernard/cleanup/?code=SECHot1206 === GIVE AND TAKE

====================================

KNOW YOUR IT SECURITY Contest--LAST WEEK TO ENTER Share your security-related tips, comments, or solutions in 1000 words or less, and you could be one of 13 lucky winners of a Zune media player. Tell us how you do patch management, share a security script, or write about a security article you've read or a Webcast you've viewed. Submit your entry between now and December 13. We'll select the 13 best entries, and the winners will receive a Zune media player. Email your contributions to [email protected]. Prizes are courtesy of Microsoft Learning Paths for Security: http://www.microsoft.com/technet/security/learning SECURITY MATTERS BLOG: EU Wants a Crackdown on Spam by Mark Joseph Edwards, http://www.windowsitpro.com/securitymatters Spam is on the rise in Europe, and a crackdown is bound to ensue directly. The European Commission (EC) said that as much as 80 percent of all email in Europe is unsolicited. Read more about this issue and learn how one country has significantly reduced its spam problem. http://www.windowsitpro.com/Article/ArticleID/94397 FAQ: Security Assessment Tool by John Savill, http://www.windowsitpro.com/windowsnt20002003faq Q: How can I perform a high-level security assessment of my company's computing environment? Find the answer at http://www.windowsitpro.com/Article/ArticleID/92696 FROM THE FORUM: Forgotten Password on HP Laptop A forum participant writes that a user set a power-on password on an HP NX6110 notebook computer and can't remember the password, so the computer can't be booted. Does anyone knows of a way to reset the password without sending the computer back to HP? http://forums.windowsitpro.com/web/forum/messageview.aspx?catid=42&threadid=82847&enterthread=y MICROSOFT LEARNING PATHS FOR SECURITY: Deploying Microsoft Identity and Access Management Technologies Effective identity and access management is critical to information security and is one of the key components of the Core Infrastructure Optimization (IO). Use these resources at the Microsoft Learning Paths for Security Web site to learn more about the interdependent technologies and processes of deploying identity and access management solutions, including directory services, identity life-cycle management, access management, and more. http://www.microsoft.com/technet/security/learning === PRODUCTS

=========================================

by Renee Munshi, [email protected] Speedy Antispyware Scanning in Vista Max Secure Software announced Max Spyware Detector 2.0 for Windows Vista and described it as "the world's fastest antispyware software." Max Spyware Detector incorporates Max Secure Software's SmartScan technology, which uses a proprietary scanning algorithm that reduces scan time by up to 20 minutes on repetitive spyware scans. Max Spyware Detector will be free until March 2007. After that, Max Spyware Detector 2.0 will cost $29.95 for a one-year subscription. For more information, go to http://www.maxpcsecure.com/spywaredetector.htm WANTED: your reviews of products you've tested and used in production. Send your experiences and ratings of products to [email protected] and get a Best Buy gift certificate. === RESOURCES AND EVENTS

=============================

For more security-related resources, visit http://www.windowsitpro.com/go/securityresources Your business, like most today, relies upon its computing systems to store financial information, house proprietary data, and maintain communications channels. This increasing reliance also increases the dangers to your systems from security breaches, including viruses, spyware, spam, and hackers. Visit the Windows Protection Site at http://www.windowsitpro.com/go/protection for the latest tips on safeguarding your system. If you're not prepared for the next time spyware attacks your network, your business's financial health and reputation could be on the line. You can't afford to lose proprietary customer information--or your own trade secrets. Register today for this free Web seminar, and learn about emerging threats in the spyware landscape, including a discussion of rootkits, keyloggers, and other forms of malware. http://www.windowsitpro.com/go/seminars/webroot/spyware/?partnerref=1206emailannc Are you an Oracle professional who has cross-platform responsibilities, or do you need to transfer your skill set to SQL Server? If so, register for free to attend the Cross Platform Data online event January 30 and 31 and February 1, 2007. In a seminar featuring SQL Server/Oracle experts Andrew Sisson from Scalability Experts and Douglas McDowell from Solid Quality Learning, you'll learn key concepts about SQL Server 2005, including how to deploy SQL Server's BI capabilities on Oracle, proof points demonstrating that SQL Server is enterprise-ready, and how to successfully deploy Oracle on the Windows platform. http://events.unisfair.com/rt/sql/?code=1206emailannc Are you who you say you are? Really? Even on Linux? Really? If you're like most IT professionals, this type of identity crisis is a plague. Virtual TechX World--available December 14--makes your life (and the lives of your users) easier by equipping you with the latest interoperability insights and technology. Slots are filling quickly--register today! http://events.unisfair.com/rt/techx?code=1206emailannc Does your company have US$500,000 to spend on one email discovery request? Join us for this free Web seminar to learn how you can implement an email archiving solution to optimize email management and proactively take control of e-discovery--and save the IT search party for when you really need it! On-Demand Web Seminar http://www.windowsitpro.com/go/seminars/symantec/itsearchparty/?partnerref=1206emailannc === FEATURED WHITE PAPER

=============================

Securing multiple domains or host names? Learn how the Starter PKI program can save time and reduce costs, and provide you with a multiple digital certificate account. http://www.windowsitpro.com/go/whitepapers/thawte/pki?code=1206featwp BONUS: Register for any white paper from Windows IT Pro in the month of December, and be entered to win a Wii! Visit http://www.windowsitpro.com/whitepapers for more information and a complete white paper listing. === ANNOUNCEMENTS

====================================

Uncover Essential Windows Knowledge Through Excavator Try out the ultimate vertical search tool--Windows Excavator. Windows Excavator gives you fast, thorough third-party information while filtering out unwanted content. Visit http://www.winexcavator.com today! Vote for the Next "IT Pro of the Month!" Your vote counts! Take the time to reward excellence in an IT pro that deserves it. The first 100 readers to cast a vote will receive a one-year subscription to Windows IT Pro, compliments of Microsoft. Voting takes only a few seconds, so don't miss out. Cast your vote now: http://www.windowsitpro.com/go/itpromonth

===========================================================

Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and the Windows IT Security newsletter (subscribe at the second URL below).

http://www.windowsitpro.com/windowssecurity

https://store.pentontech.com/index.cfm?s=1&promocode=eu255xsb

Subscribe to Security UPDATE at

http://www.windowsitpro.com/Email/Index.cfm?action=archive

Unsubscribe by clicking

http://list.windowsitpro.com/u?id=%%SUBSCRIBER_ID_TAG%%

Be sure to add [email protected] to your antispam software's list of allowed senders.

To contact us:

About Security UPDATE content -- [email protected]

About technical questions -- http://www.windowsitpro.com/forums

About your product news -- [email protected]

About your subscription -- [email protected]

About sponsoring Security UPDATE -- [email protected]

View the Windows IT Pro privacy policy at

http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy

Windows IT Pro, a division of Penton Media, Inc.

221 East 29th Street, Loveland, CO 80538

Attention: Customer Service Department

Copyright 2006, Penton Media, Inc. All rights reserved.