Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.
Security UPDATE--Two More Portable Anonymous Web Browsers--September 27, 2006
If you want to protect your privacy, but you don't like Browzar, here are a couple other Web browsers, based on Firefox, that you can try. Plus, get links to security news items and resources.
ITPro Today
September 26, 2006
11 Min Read
PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:
Patch and Spyware Management: An Integrated Approach to Network Security
http://www.windowsitpro.com/go/whitepapers/shavlik/adwareconsole/?code=SECTop0927
How to Build a Real Time Enterprise. Free White Paper!
http://findtechinfo.com/penton/nl/161
Reducing the Cost of IT Compliance: Streamlining the IT Compliance Life Cycle
http://www.windowsitpro.com/go/whitepapers/scalable/compliance?code=SECHot0927
CONTENTS
===========================================
IN FOCUS: Two More Portable Anonymous Web Browsers NEWS AND FEATURES - Two IE Vulnerabilities Allow Unwanted Code Execution - EMC Forms New Security Division - Recent Security Vulnerabilities GIVE AND TAKE - Security Matters Blog: New Tool: WindowsZones - FAQ: Join Vista to a Domain - Microsoft Learning Paths for Security: Identity and Access Management - KNOW YOUR IT SECURITY Contest PRODUCTS - Keep an Eye on Your Files - Wanted: Your Reviews of Products RESOURCES AND EVENTS FEATURED WHITE PAPER ANNOUNCEMENTS === SPONSOR: Shavlik
=================================
Patch and Spyware Management: An Integrated Approach to Network Security Manage threats and vulnerabilities from adware and spyware in one console as a comprehensive approach to maximizing network security. http://www.windowsitpro.com/go/whitepapers/shavlik/adwareconsole/?code=SECTop0927 === IN FOCUS: Two More Portable Anonymous Web Browsers
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net A few weeks ago after I wrote about Browzar (see the article at the URL below), a few people wrote to criticize the tool. That's to be expected, and I do respect their opinions even though they differ from mine. Since then, I've been looking around for other browsers that can help protect privacy above and beyond the typical browser features of being able to manually clear history and cache data. So far I've found two tools that fit the bill. http://www.windowsitpro.com/Article/ArticleID/93415/93415.html The first tool, PortableApps.com's Mozilla Firefox - Portable Edition (at the URL below) is based on Mozilla Foundation's Firefox code but was independently developed by John T. Haller. First released in June 2004, Firefox Portable seems to be kept up to date, including the addition of any necessary security fixes soon after vulnerabilities are found. http://portableapps.com/support/firefox_portable Firefox Portable is designed specifically to be copied onto portable media. You can install it on a small USB flash drive (or CD-ROM) and use it on nearly any PC that doesn't have its USB ports or CD-ROM drive locked down. Like regular Firefox, the portable version lets you install extensions and themes, but unlike Firefox, Firefox Portable helps prevent storage of usage information. Your download history is deleted when you shut the browser down cleanly (but not, for example, when you terminate the FirefoxPortable.exe process manually), URL history and form data storage are disabled by default, and no disk cache is used by default. However, you can configure Firefox Portable to write such data to the portable media (if the media is writeable) and use cache if you like. I tested Firefox Portable, and it works just fine. The self-extracting executable dumps all the required files into one directory tree that you select. The installed size is about 16.5MB. Note that Firefox Portable won't run if another instance of Firefox is already running. The second tool I found is Torpark (at the URL below). Developed by Hacktivismo, which "[operates] under the aegis of the [infamous] Cult of the Dead Cow (cDc)," Torpark is relatively new and based on the Firefox Portable code. It includes a very interesting added benefit in that it uses the The Onion Router (Tor) network. http://torpark.nfshost.com/ In case you aren't aware of it, Tor (at the URL below) is software that builds a network of relatively anonymous servers by chaining them together automatically to encrypt and route traffic to and from its destination. At its core, a Tor client acts as a Sockets (Socks) proxy. http://tor.eff.org According to the developers, "Torpark comes pre-configured, requires no installation, can run off a USB memory stick, and leaves no tracks behind in the browser or computer." Sounds pretty good, right? There is however one drawback: Tor can be very slow at times. Tor volunteer server operators can regulate how much bandwidth they devote to their Tor server, and it seems that many Tor server operators allocate only a small amount. But if you really need anonymous Web surfing ability, some lag time is probably worth it. I tested Torpark and it's really easy to use. The installation process is the same as for Portable Firefox except that Torpark also installs the Tor client. The installed size is about 27MB. The custom Web interface includes all the regular Firefox controls along with two additional buttons: one to enable or disable use of the Tor network (so you can use Torpark without Tor to just browse without encryption) and another to flush the Tor circuit. The latter feature causes Tor to chain together a new set of Tor servers to use as your path out to the Internet. Flushing the circuit doesn't always result in a faster circuit, but at times it might, so the feature is helpful. I'll also point out for the Browzar detractors that neither Firefox Portable nor Torpark include any spyware or adware. Both let you customize the search tool just like Firefox does. === SPONSOR: NetSuite
=================================
How to Build a Real Time Enterprise. Free White Paper! The vast majority of businesses have information scattered throughout the enterprise on paper, in siloed databases and in emails, making real-time operations difficult to achieve. Learn the benefits and explore the challenges mid-sized businesses face in their real-time enterprise efforts. http://findtechinfo.com/penton/nl/161 === SECURITY NEWS AND FEATURES
=======================
Two IE Vulnerabilities Allow Unwanted Code Execution Two new vulnerabilities were recently discovered in Microsoft Internet Explorer (IE). One allows intruders to install shell code and take subsequent actions, including installing malware. http://www.windowsitpro.com/Article/ArticleID/93584 The other, located in the DirectAnimation ActiveX control, also lets unwanted code be run on an affected system. http://www.windowsitpro.com/Article/ArticleID/93532 EMC Forms New Security Division EMC has completed the acquisition of RSA Security and has acquired Network Intelligence. EMC will form a new security division based on the RSA brand. Former chief executive officer at RSA, Art Coviello, will lead the division as president and will serve as an executive vice president at EMC. Network Intelligence will become a business unit of the new division. http://www.windowsitpro.com/Article/ArticleID/93581 Other Recent Security Vulnerabilities If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at http://www.windowsitpro.com/departments/departmentid/752/752.html === SPONSOR: Scalable Software
=======================
Reducing the Cost of IT Compliance: Streamlining the IT Compliance Life Cycle The average enterprise spends nearly $10 million annually on IT compliance. Download this free whitepaper today to streamline the compliance lifecycle, and dramatically reduce your company's costs! http://www.windowsitpro.com/go/whitepapers/scalable/compliance?code=SECHot0927 === GIVE AND TAKE
====================================
SECURITY MATTERS BLOG: New Tool: WindowsZones by Mark Joseph Edwards, http://www.windowsitpro.com/securitymatters WindowsZones is a new tool that claims to be able to protect Internet applications against zero-day exploits and to move those applications between security zones on the fly. http://www.windowsitpro.com/Article/ArticleID/93602 FAQ: Join Vista to a Domain by John Savill, http://www.windowsitpro.com/windowsnt20002003faq Q: How do I join my Windows Vista machine to a domain? Find the answer at http://www.windowsitpro.com/Article/ArticleID/93565 MICROSOFT LEARNING PATHS FOR SECURITY: Identity and Access Management Use the resources listed on the Microsoft Learning Paths Web page to get in-depth information about identity and access management. Find out how to provide a secure environment for managing user identities, authentication methods, and access rights across an organization's internal and external users. http://www.microsoft.com/technet/security/learning KNOW YOUR IT SECURITY Contest Sponsored by Microsoft Learning Paths for Security Share your security-related tips, comments, or solutions in 500 words or less, and you could be one of 13 lucky winners of a Windows Mobile phone. Tell us how you do patch management, share a security script, write about a security article you've read or a Web cast you've viewed. Submit your entry between now and December 13. We'll select the 13 best entries, and the winners will receive a Windows Mobile phone--plus, we'll publish the winning entries in the Windows IT Security newsletter. Email your contributions to [email protected]. Prizes are courtesy of Microsoft Learning Paths for Security: http://www.microsoft.com/technet/security/learning === PRODUCTS
=========================================
by Renee Munshi, [email protected] Keep an Eye on Your Files IS Decisions announces FileAudit 3.0, which lets you track accesses of and changes to Windows files. New features in FileAudit 3.0 include a redesigned GUI, which you can use from the FileAudit console or from Windows Explorer; the ability to display access history in printable reports that you can schedule to run automatically, the ability to schedule archiving of access events occurring on one or more systems to a database; and the ability to filter events (e.g., by type, user, timeframe). Pricing starts at $125 per audited system. For more information, go to http://www.isdecisions.com/en/software/fileaudit WANTED: your reviews of products you've tested and used in production. Send your experiences and ratings of products to [email protected] and get a Best Buy gift certificate. === RESOURCES AND EVENTS
=============================
For more security-related resources, visit http://www.windowsitpro.com/go/securityresources Exchange & Office 2007 Roadshow Coming to EMEA! Get the facts about deploying Exchange and Office 2007! You'll come away with a clear understanding of how to implement a best-practices migration to Exchange Server 2007 and how you and your end users can get the most out of Office 2007, and you'll learn more about Windows Vista. http://www.windowsitpro.com/roadshows/exchange2007europe/?code=epromo081406 Enterprises on average store identity information in 63 places. Learn about provisioning, synchronization, single sign-on, identity and access management, LDAP, and directory interop solutions from independent expert Gil Kirkpatrick at TechX World in Washington DC, Chicago, Dallas, and San Francisco next month. Three other content tracks cover OS interoperability, data integration/interoperability, and virtualization. http://www.techxworld.com/?code=0927emailannc Whether you're an outsourced-IT provider, part of an in-house IT service staff, or simply provide remote support, this can't-miss Web seminar will help you discover how the right technologies can expand your services. You'll learn how to tap into a $30 billion market for IT services and expand your geographic reach. Live Web seminar: Tuesday, October 17 http://www.windowsitpro.com/go/seminars/logmein/remote/?partnerref=0927emailannc Dramatically simplify Exchange troubleshooting with an in-depth look at built-in troubleshooting tools and third-party applications. Join us as we analyze a typical troubleshooting process, address the problems faced while using standard tools, and learn how automated troubleshooting can address these challenges. View this free Web seminar now! http://www.windowsitpro.com/go/seminars/zenprise/simplifyexchange/?partnerref=0927emailannc Mark Joseph Edwards discusses emerging spyware threats, including rootkits, keyloggers, and distribution methods. On-demand Web seminar http://www.windowsitpro.com/go/seminars/webroot/spyware/?partnerref=0927emailannc === FEATURED WHITE PAPER
=============================
Branch offices need flexibility and autonomy in implementing IT solutions; corporate requirements require centralized management, security, and compliance initiatives. Learn to resolve these conflicts and reduce your operational costs for branch offices with limited IT resources. Download the free white paper today! http://www.windowsitpro.com/go/whitepapers/microsoft/branchoffice/?code=0927featwp === ANNOUNCEMENTS
====================================
Special Invitation for VIP Access Become a VIP subscriber and get continuous, inside access to ALL the content published in Windows IT Pro, SQL Server Magazine, and the Exchange and Outlook Administrator, Windows Scripting Solutions, and Windows IT Security newsletters. Subscribe now and SAVE $100: https://store.pentontech.com/index.cfm?s=1&promocode=eu2769uv Get the Windows IT Pro Utility Kit FREE SAVE up to $30 on Windows IT Pro and get an exclusive Windows IT Pro Utility Kit CD FREE with your paid order! You'll also get unlimited access to the entire online article archive, which houses more than 9000 helpful Windows IT articles. This is a limited-time offer, so order now: https://store.pentontech.com/index.cfm?s=1&promocode=eu2069uw
===========================================================
Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and the Windows IT Security newsletter (subscribe at the second URL below).
http://www.windowsitpro.com/windowssecurity
https://store.pentontech.com/index.cfm?s=1&promocode=eu255xsb
Subscribe to Security UPDATE at
http://www.windowsitpro.com/Email/Index.cfm?action=archive
Unsubscribe by clicking
http://list.windowsitpro.com/u?id=%%SUBSCRIBER_ID_TAG%%
Be sure to add [email protected] to your antispam software's list of allowed senders.
To contact us:
About Security UPDATE content -- [email protected]
About technical questions -- http://www.windowsitpro.com/forums
About your product news -- [email protected]
About your subscription -- [email protected]
About sponsoring Security UPDATE -- [email protected]
View the Windows IT Pro privacy policy at
http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2006, Penton Media, Inc. All rights reserved.
About the Author
You May Also Like
.jpg?width=700&auto=webp&quality=80&disable=upscale)
