Search This Blog

Monday, August 01, 2005

Router flaw sparks battle

All the week's news and views about Security, 08/01/05
_______________________________________________________________
This newsletter is sponsored by Avocent
Network World Executive Guide: Reviewing Trends and Insights for
SMB Executives

Life is different for IT professionals at small and mid-sized
businesses, which don't have the luxury of hiring legions of
network experts. Read how network executives are keeping a firm
footing on an ever-shifting product landscape. Learn about
trends and insights surrounding VoIP and VPNs; plus get
commentaries from leading experts on storage strategies for
smaller businesses.
http://www.fattail.com/redir/redirect.asp?CID=109160
_______________________________________________________________
FREE NETWORK WORLD PRINT SUBSCRIPTIONS - SIGN UP NOW!

Security is one of the most pressing issues in all of IT, and
you need to stay on top of it. Network World delivers the
hottest security news. Network IT Executives depend upon Network
World for the information they need to keep their networks
secure! SUBSCRIBE TODAT AT:
http://www.fattail.com/redir/redirect.asp?CID=109084
_______________________________________________________________

Network World's Security News Alert

Router flaw sparks battle, 08/01/05

Researcher Michael Lynn quit his job at Internet Security
Systems last week, then defied ISS and Cisco by revealing that
unpatched Cisco routers can be hacked by a buffer-overflow
exploit. Until then, corporate network managers were largely
unaware of the risk.
<http://www.networkworld.com/news/2005/080105-blackhat.html?nl>

Opinion: Privacy bill calls, 08/01/05

While not as far reaching as Gramm-Leach-Bliley or HIPAA, the
bill as proposed will have similar consequences, requiring
organizations that fit the mold to jump through hoops to comply.
As painful and expensive as that may be, it is required medicine
...
<http://www.networkworld.com/columnists/2005/080105edit.html?nl>

Opinion: Barracuda boxes spam, 08/01/05

New company uses appliance model to catch spam
<http://www.networkworld.com/nlsecuritynewsal4211>

Radio: Black Hat wrangling, 08/01/05

Network World Test Alliance member Rodney Thayer joins the
program from the Black Hat security conference in Las Vegas to
discuss the legal wrangling of researcher Michael Lynn. A former
ISS staffer, Lynn exposed a previously unknown exploit for Cisco
...
<http://www.networkworld.com/research/2005/0801radio.html?nl>

Windows x64 calls for 32-bit rewrites, 08/01/05

Companies looking to become early adopters of Microsoft's
Windows x64 Edition operating systems might find that their
favorite anti-virus software no longer works on their new
desktops.
<http://www.networkworld.com/nlsecuritynewsal4212>

Forum seeks to keep grids safe, 08/01/05

The Enterprise Grid Alliance, which includes several top vendors
trying to accelerate the use of grid computing by big
businesses, has published its first paper on the unique security
requirements of grids.
<http://www.networkworld.com/nlsecuritynewsal4213>

Black Hat event highlights RFID and VoIP security threats,
08/01/05

Conference attendees also get a lesson in de-perimeterization.
<http://www.networkworld.com/nlsecuritynewsal4214>

BellSouth software to safeguard DSL users, 08/01/05

The company's Internet Security offerings consist of three
products. One is designed to keep viruses, worms and Trojans off
customers' computers. Another detects and removes more than
60,000 spyware invasions. Also offered is firewall software to
...
<http://www.networkworld.com/news/2005/080105-bellsouth.html?nl>

Opinion: Time to dump that MasterCard?, 08/01/05

I no longer have a MasterCard (my bank switched me to Visa
earlier this year), but if I did, I would cancel and shred it. A
lot of people believe that credit card companies have little
real incentive to fix security problems because they are
insulated ...
<http://www.networkworld.com/nlsecuritynewsal4215>

Opinion: Out of the crossfire, into deployment, 08/01/05

When running a federation project, users (unlike analysts) don't
want to get caught in the crossfire. Keep the trust fabric
simple, working with current partners first and turning to
industry trust frameworks (such as the Federal E-Authentication
...
<http://www.networkworld.com/columnists/2005/080105blum.html?nl>

Opinion: Michael Lynn and Cisco: Stepping in front of the
freight train, 08/01/05

Lynn has done us all a great service. What we need are
whistle-blower laws for IT to protect people who step forward
like this. Unfortunately, when you're in the path of a freight
train as Lynn is, it doesn't matter what you know or not. You're
going ...
<http://www.networkworld.com/nlsecuritynewsal4216>

Firms should strictly control employee use of mobile devices,
08/01/05

Companies have done a pretty good job of addressing the most
pressing nearterm wireless security issues, which are mainly at
the network and authentication levels. They've paid a premium
for BlackBerry's Triple-DES and Fort Knox-like network ...
<http://www.networkworld.com/nlsecuritynewsal4217>

Firms should not strictly control employee use of mobile
devices, 08/01/05

Corporations trying to place excessive control over mobile
devices and the applications that run on them will miss out on
significant productivity increases that will accrue to the
bottom line.
<http://www.networkworld.com/nlsecuritynewsal4218>

The life and times of an RFID chip, 08/01/05

McCarran International Airport in Las Vegas, which handles more
than 68,000 pieces of luggage daily, is committed to buying 100
million RFID tags over the next five years, according to Samuel
Ingalls, assistant director of Aviation, Information ...
<http://www.networkworld.com/research/2005/080105-rfid.html?nl>

Opinion: Ramping up federal telework adoption, 08/01/05

There are renewed efforts underway to encourage the government
to put more teeth into its telework initiatives. Despite over a
decade of increasing adoption, telework remains the exception in
most federal agencies. Overall, the government lags well ...
<http://www.networkworld.com/nlsecuritynewsal4219>

Router flaw sparks battle, 08/01/05

Cisco and critics spar over what constitutes responsible
disclosure.
<http://www.networkworld.com/news/2005/080105-blackhat.html?nl>

Cisco vulnerability posted to Internet, 07/29/05

One day after a security researcher and organizers of the Black
Hat USA conference agreed not to post details of vulnerabilities
in Cisco's router software, the information has been published
on the Internet.
<http://www.networkworld.com/nlsecuritynewsal4220>

Layer8: The tale of Cisco, Black Hat and the rogue researcher,
07/29/05

What happens in Vegas stays in Vegas, unless you're giving an
unauthorized talk on unpatched Cisco router exploits, then it's
big, big news. That's what ISS researcher Michael Lynn
discovered...
<http://www.networkworld.com/weblogs/layer8/009635.html?nl>

The top 5: Today's most-read stories

1. Cisco vulnerability posted to Internet
<http://www.networkworld.com/nlsecuritynewsal4221>

2. Router flaw sparks battle
<http://www.networkworld.com/news/2005/080105-blackhat.html>

3. Researcher at center of Cisco router-exploit controversy
speaks out <http://www.networkworld.com/nlsecuritynewsal4223>

4. Black Hat event highlights RFID and VoIP security threats
<http://www.networkworld.com/news/2005/080105-blackhat-side.html>

5. Cisco nixes conference session on hacking IOS router code
<http://www.networkworld.com/nlsecuritynewsal4058>
_______________________________________________________________
To contact:

Senior Editor Ellen Messmer covers security for Network World.
Contact her at <mailto:emessmer@nww.com>.
_______________________________________________________________
This newsletter is sponsored by Avocent
Network World Executive Guide: Reviewing Trends and Insights for
SMB Executives

Life is different for IT professionals at small and mid-sized
businesses, which don't have the luxury of hiring legions of
network experts. Read how network executives are keeping a firm
footing on an ever-shifting product landscape. Learn about
trends and insights surrounding VoIP and VPNs; plus get
commentaries from leading experts on storage strategies for
smaller businesses.
http://www.fattail.com/redir/redirect.asp?CID=109159
_______________________________________________________________
ARCHIVE LINKS

Security research center
Latest security news, analysis, newsletters and resource links.
http://www.networkworld.com/topics/security.html
_______________________________________________________________
FEATURED READER RESOURCE
SIX TIPS FOR GETTING WHAT YOU DESERVE

Before you go in for your next annual review or promotion
interview, you would be wise to consider these tips for ensuring
you've got the right stuff to move ahead. Network executives
offer advice to help you gun for that next promotion and fatten
up your paycheck. Click here:
<http://www.networkworld.com/you/2005/072505-salary-side2.html>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2005

No comments: