Security World: July 2005

Sunday, July 31, 2005

[Vmyths.com news] NostradamISS saves America yet again

Vmyths.com "What's New" Newsletter
Truth About Computer Security Hysteria
{1 August 2005}

IN THIS ISSUE:
Top item of the week
Scandalabra
Weekly online polls & surveys
Other items of note
"Whisper" data collection
Humor control
Hysteria: this week in history
The editor's notepad

-----------------------------------------------
Want to unsubscribe from this mailing list? No sweat! You'll find easy instructions at the bottom of this email...
-----------------------------------------------

TOP ITEM OF THE WEEK
Vmyths editor Rob Rosenberger's wife, Denise, passed away on Friday, 29 July. Rob's upcoming speech in Springfield, VA has been postponed. This newsletter was still being prepared just a few hours before her death, so please understand if it contains typos or broken links. Those interested may send condolences and donations c/o Powell Funeral Home, 7th Ave. S., Wellman, IA 52356.

--------------- Today's sponsor ---------------
MEDIAWEAVE
FREE WHITEPAPER! The World Wide Web -- The 3rd Wave. The web is entering what one visionary calls the 3rd wave in the evolution of the world wide web, or "The Web For The Rest of Us." Discover how old-economy businesses are now harnessing new techniques and new technologies to leverage the web. The web has become a tool to grow one's business even if you're NOT selling anything online, or driving people into a store. Even traditional service industries like plumbers and lawyers are increasing revenues by utilizing the web in new ways. This opinion piece demonstrates how this is being done, and offers its vision for the FUTURE of the world wide web. Well worth your time to read, and it's FREE.
http://www.mediaweave.com/WhitePaper_landing.asp?Id=3&CampaignID=8
-----------------------------------------------

SCANDALABRA
ISS part 1 -- Many years ago, Internet Security Systems overlooked requests to upgrade their flagship product to detect antivirus vulnerabilities. Heaven knows we talked about this problem over the years in this very newsletter; check out http://www.adveis.org to see how far back this issue goes. Recently, though, ISS decided to "own" the PR for antivirus vulnerabilities. A CNET story reveals ISS mouthpiece Neel Mehta will huffed & puffed about it at this year's "Black Hat" conference. Well, at least ISS finally caught up to the other researchers... Follow http://Vmyths.com/mm/url/5/83.htm for the controversy.

ISS part 2 -- ISS, along with Cisco, filed a restraining order to stop a former ISS employee from delivering a lecture on how to attack Cisco routers. Follow http://Vmyths.com/mm/url/5/84.htm for that one. Let's make sure we get this straight! It's perfectly okay for ISS to blab about how to take over the Internet via antivirus software, but it's wrong for ISS to blab about how to take over the Internet via router software...

ISS part 3 -- ISS employee Michael Lynn resigned from his job hours before giving a forbidden lecture (see part 2, above). Why did he resign? Because he desperately wanted to SAVE AMERICA from your basic fate worse than death. What a martyr! He should tout that in job interviews. "Well, sir, for one thing, I single-handedly saved the lives of three hundred million humans and the national water supply and the national electric power grid and the national defense and the national economy and the national petroleum reserves and the national transportation systems and the national 911 system and the national telecommunications systems..." Follow http://Vmyths.com/mm/url/5/84.htm if you think we're making this up.

ISS part 4 -- ISS employee Michael Lynn resigned in an act of martyrdom, and ISS bragged yet again about the dire threat of antivirus vulnerabilities. Yet the firm's "AlertCon" threat status has remained at "normal" the whole time. Why didn't they ratchet it up a few notches to coincide with all the blabbermouth revelations at the Black Hat conference? See
http://Vmyths.com/rant.cfm?id=712&page=4
http://Vmyths.com/rant.cfm?id=493&page=4
http://Vmyths.com/rant.cfm?id=468&page=4
to understand why the ISS "AlertCon" status is arbitrary and/or prejudiced.

ISS part 5 -- "Mike Lynn, a former researcher at Internet Security Systems, said he was tipped off late Thursday night that the FBI was investigating him for violating trade secrets belonging to his former employer... Lynn's lawyer, Jennifer Granick, confirmed that the FBI told her it was investigating her client." In other words, only ISS may save the United States from your basic fate worse than death. Follow http://Vmyths.com/mm/url/5/86.htm for the story.

In related news, Sophos admitted their antivirus product line contains -- gasp! -- a buffer overflow vulnerability. Ironically, their customers won't fret for "the next two weeks" while Sophos tries to fix the exploitable portion of its software... Follow http://Vmyths.com/mm/url/5/85.htm for details.

In its defense, Sophos actually *published* an alert about the insecurity in their security software and they openly thanked the researcher who discovered it. Contrast this with Symantec and McAfee -- two firms that routinely leave customers in the dark re: antivirus product vulnerabilities... Read http://Vmyths.com/rant.cfm?id=562&page=4 to understand why only the antivirus industry can ignore blatant security flaws in their own products.

Got something for our "Scandalabra" section? Send it to Tips@Vmyths.com. All submissions will remain anonymous.

WEEKLY ONLINE POLLS & SURVEYS
Do you care if hackers can exploit a critical security vulnerability in your antivirus product? Visit http://Vmyths.com/resource.cfm?id=87&page=1 to take our polls or to see the results!

In unscientific poll #023, we asked: "Would you watch a weekly TV show on computer security?" We received a total of 189 votes. 32% gave an unconditional "no" while 42% gave an unconditional "yes." 8% would watch a computer security action show; 3% would watch a computer security reality show; 8% would watch a computer security news show; 4% would watch a computer security cartoon series; 1% would watch a computer security sitcom; and 2% would watch a computer security daytime soap opera... Follow http://Vmyths.com/mm/url/5/1023.htm to see the poll as a graph and follow http://Vmyths.com/mm/url/5/2023.htm to read the voters' comments. Read http://Vmyths.com/rant.cfm?id=559&page=4 for a rejected TV drama for computer security buffs.

OTHER ITEMS OF NOTE
Which is worse -- the recent deadly typhoon in Mumbai, India, or a computer virus? If you said "computer virus," you're right! Read http://Vmyths.com/rant.cfm?id=585&page=4 if you answered wrong.

Please forward computer virus alerts to HoaxFYI@Vmyths.com when you receive them -- your effort will help us detect changing trends in virus hysteria.

"WHISPER" DATA COLLECTION
Whisper is now collecting data on these and other controversial topics:
* How much did your company/school/agency pay for computer security
products & services?
* Copies of your company/school/agency's virus charts and reports
* The name of a Canadian teenager arrested for distributing the
Randex worm ($100 reward for authoritative documents)
* The name of a 37yr-old computer programmer in Madrid, Spain
identified by police as "J.A.S." for distributing a webcam trojan
* Which computer security firms supply offensive hacking/virus
technology to which countries?
See http://Vmyths.com/resource.cfm?id=89&page=1 for full details on the controversial data we're collecting.

Are you a whistleblower or industry insider? Got a scoop or some dirt on the computer security industry? Email it to Whisper@SecurityCritics.org, or call Rob Rosenberger at (319) 646-2800, or mail it to P.O. Box 50, Wellman, IA 52356. ALL sources will remain confidential.

HUMOR CONTROL
The "Irish E-publican Army" -- the most deadly faction within the Irish Republican Army -- announced it will abandon its armed cyber campaign and resume degaussing in a dramatic declaration designed to revive Northern Ireland's peace process. The IRA said all of its clandestine hacker units had been ordered to erase their hard disks and cease all activities, but it would not formally disband. "The leadership has formally ordered an end to the armed cyber campaign," the IRA said in an email...

Amazon.com announced they will offer a bulletin board system with racks of modems for secure ordering. "Too many of our customers are infected with keystroke loggers or are logging into spoof sites," spokesman S. Shankar Sastry said. "We launched this proprietary bulletin board system so customers can safely order products without using the Internet." Customers will need to purchase a special "Amazon.com terminal" with modem, ROM disk, and monochrome video display. In related news, Amazon.com will disable one-click ordering to protect customers. "We need to make it as hard as possible for customers to place orders in order to protect them from criminals..."

Oracle CEO Larry Ellison once declared his company's software "unbreakable," only to watch his firm admit their products are riddled with security flaws. Ellison recently took a new approach to security -- he re-categorized all products as antivirus software. "Hackers ignore vulnerabilities in antivirus utilities," Ellison declared, "so it's a win-win for Oracle. You'll never again here about a security flaw from us..."

Security firm (ISC)� has convinced 37 states to issue special "CISSP" vanity plates for computer security professionals. "Specially marked license plates are typically offered to firemen, military veterans, ham radio operators, and other people in the helping or security professions," (ISC)� general counsel Dorsey Morrow said. "When you see a CISSP license plate, you can rest assured that person is out there saving lives and protecting our freedoms every day..." Certified CISSPs can visit http://Vmyths.com/rant.cfm?id=720&page=4 for a list of states with vanity plates.

For the first time, leading U.S. Muslim scholars issued a religious edict to condemn cyber-terrorism and virus/worm creation. "Islam strictly condemns the use of violence against innocent computers," said the decree, or fatwa, released in Washington by the Fiqh Council of North America (FCNA), a group of U.S. Muslim scholars interpreting Islamic law. It is the first time Muslims in North America issued an anti-cyber-terrorism edict, although they had repeatedly condemned viruses & worms. The fatwa has been endorsed by major U.S. Muslim computer groups. In the edict, the 18-member FCNA said people who committed cyber-terrorism are "criminals," not "martyrs." All acts of cyber-terrorism targeting civilian computers are haram (forbidden) in Islam," and "it is haram for a Muslim to cooperate with any individual or group that is involved in any act of cyber-terrorism or violence," declared the fatwa...

Rep. Curt Weldon (R-PA) has submitted a bill authorizing both combat zone pay and imminent danger pay for military members assigned to information warfare units. "I'll be the first to admit these people work in the U.S.," Weldon said at a press conference, "but when you're fighting a cyber-insurgent on the Internet, the front line is everywhere." Weldon's bill, if passed, would also authorize a Purple Heart combat injury medal for civilian computer virus expert Patrick Nolan, who was wounded in January while downloading a top secret cyber-weapon (as we reported in our 1/3/05 newsletter)...

Al Qaeda's top cyber-terror expert is on school vacation. But don't worry: the notorious "Melhacker" will return in our next newsletter with incredulous exploits and vague threats of annihilation... Visit http://www.scezda.com to learn about the narcissistic idiot we love to make fun of.

The Vatican has announced that popes will no longer use their birth names, in order to protect them against the threat of identity theft. As soon as a pope is elected, he/she will choose a generic first name and a numeric last name-- oh waitaminit, popes already do that! Nevermind...

General John Jumper has approved a change to the U.S. Air Force "INFOCON" alarm condition. "The 'normal' state will be deleted on 1 October 2005," Jumper wrote in an email that was forwarded to "all usaf." The nation's top military flyer explained the Internet "poses a direct threat to national security" at all hours of the day and night, "therefore it can never be 'normal.'" Ironically, the general's email caused USAF mail servers in Iraq to overload and crash, which in turn caused the Air Force to declare an INFOCON "Bravo" alarm... See http://Vmyths.com/rant.cfm?id=46&page=4 for more on the Air Force's vaunted INFOCON alert system.

Order a gag gift for your favorite computer virus expert! We've got plenty to choose from. We took some of our best sayings and put them on merchandise. Visit http://Vmyths.com/resource.cfm?id=82&page=1 only if you have a sense of humor... Check out our "Senator Schumer" line of clothing if you really want to terrorize the security experts at your firm!

HYSTERIA: THIS WEEK IN HISTORY
This week in 2001: http://Vmyths.com/rant.cfm?id=360&page=4
Warning! A "Stealth Ogling Worm" has been discovered! If you are a woman between the ages of 17 and 23, still in high school or attending college, who freshens her lipstick in front of boys after eating at Taco Bell or KFC, but NOT at Pizza Hut...

THE EDITOR'S NOTEPAD
Waaaay back in 1999 -- you know: the previous millennium -- I called then-Symantec CTO Enrique Salem. "Hey, I can own every corporate server on Earth if it uses the current version of Norton AntiVirus." Salem asked his top researcher, Carey Nachenberg, to call me back. And so Nachenberg did. They fixed the vulnerabilities, and that was that.

McAfee. Trend Micro. Sophos. MimeSweeper. Command Software. Central Command. Blah blah blah. They fixed their vulnerabilities, and that was that. The Earth somehow survived.

Some time later I met up with MessageLabs flunky Alex Shipp at an antivirus industry conference. "I don't think you guys ever tried out my vulnerability tests, did you?" No, they hadn't. Shipp sent a follow-up email to say they found, and fixed, some serious vulnerabilities. And that was that.

My research proved its point and so I moved on to another project. A man named Andreas Marx later independently studied antivirus vulnerabilities. He arrived at the same basic conclusions. It's riddled with holes.

Now ISS wants the world to think they discovered something brand new? A threat so pervasive and scary, that they left their "AlertCon" threat status at its "normal" level until the afternoon of 29 July? Bah. ISS is *years* behind the power curve, folks.

I'll admit some antivirus vendors don't fix vulnerabilities as fast as I'd like. But why should I even bother to name the slowpokes? Customers simply do NOT care if hackers can turn their most trusted antivirus products against them ... and the hackers don't care either.

That's enough for this edition. My best to y'all. Please keep fighting the virus hysteria.

Rob Rosenberger, editor
http://Vmyths.com
Rob@Vmyths.com
(319) 646-2800

PS: Au revoir, my lovely bride...

--------------- Useful links ------------------

A-Z list of computer virus hoaxes
http://Vmyths.com/hoax.cfm

How to spot a hoax computer virus alert
http://Vmyths.com/resource.cfm?id=19&page=1

Reduce virus hoaxes inside your company
http://Vmyths.com/resource.cfm?id=20&page=1

False Authority Syndrome
http://Vmyths.com/fas/fas1.cfm

Hoaxes NOT related to computer security
http://Vmyths.com/hoax.cfm?id=16&page=3

Comedy vs. virus hysteria? Believe it!
http://Vmyths.com/resource.cfm?id=82&page=1

---
[This E-mail scanned for viruses by Declude Virus]

---
You are currently subscribed to VMyths.com Newsletter as: security.world@gmail.com. To unsubscribe send a blank email to mailto:leave-vmyths_enews-4389473W@lyris.mediaweave-news.com

Re: IP Routing

On 7/31/05, LeVA <leva@az.isten.hu> wrote:
> 2005. július 31. 21:43,
> Nelson Castillo <nelsoneci@gmail.com>
> -> Shafiuddin russel <russel_lf@yahoo.com>,debian-firewall@lists.debian.org:
> > Hi.
> >
> > PS:
> >
> > Once you get it to work, read a little about iptables and try to
> > protect yourself.
> > Check this out later:
> > http://cgi.afc.no-ip.info/svnwiki.cgi/default/firewalls This tip is
> > different, because 2 NICs are used.
>
> Hi!
>
> I've read that page, and it says that if I have dynamic ip I should use
> MASQUERADE rather than NAT. What is the difference between the two?

I read that the difference is that there is a little more overhead when
doing MASQUERADE, but only for the first packet of the connection.
The kernel will need to query the IP of the outgoing interface for
every packet of a new connection (or for every packet if you're using UDP,
I guess but I'm not sure). This is useful if you have a dynamic address,
but this doesn't make much sense if you have one or more static IPs.

You might find this thread useful:

http://lists.debian.org/debian-firewall/2001/12/msg00006.html

> What if I have a static IP, and I'm using MASQUERADE instead of NAT?

I guess it will just work... if you use MASQUERADE instead of SNAT.
But it's better to use SNAT.

The opposite is not true. If you have a dynamic IP and you use SNAT,
then you will have to run some scripts to update the SNAT IP whenever
your real IP changes.

Regards,
Nelson.-

--
Homepage : http://geocities.com/arhuaco

The first principle is that you must not fool yourself
and you are the easiest person to fool.
-- Richard Feynman.

Re: IP Routing

2005. július 31. 21:43,
Nelson Castillo <nelsoneci@gmail.com>
-> Shafiuddin russel <russel_lf@yahoo.com>,debian-firewall@lists.debian.org:
> Hi.
>
> PS:
>
> Once you get it to work, read a little about iptables and try to
> protect yourself.
> Check this out later:
> http://cgi.afc.no-ip.info/svnwiki.cgi/default/firewalls This tip is
> different, because 2 NICs are used.

Hi!

I've read that page, and it says that if I have dynamic ip I should use
MASQUERADE rather than NAT. What is the difference between the two? What if I
have a static ip, and I'm using MASQUERADE instead of NAT?

Thanks!

Daniel

--
LeVA

Re: IP Routing

Hi.

On 7/31/05, Shafiuddin russel <russel_lf@yahoo.com> wrote:
>
>
> Hello,
>
>
>
> I have debian linux machine with public IP 69.88.12.185. I wana route two
> different private network 192.168.0.0 and 192.168.1.0 through my PC to GW
> 69.88.12.161.
>
>
>
> I have done the following process but not succeeded.
>
>
>
> Step:1
>
>
>
> #Ifconfig eth0 69.88.12.185 netmask 255.255.255.244
>
> #ifconfig eth0:0 192.168.0.1 netmask 255.255.255.0
>
> #ifconfig eth0:1 192.168.1.1 netmask 255.255.255.0

You might want to add these configurations to /etc/network/interfaces

>
>
> Step:2
>
> #cat /etc/network/options
> ip_forward=yes
> spoofprotect=yes
> syncookies=no

It would be better to enable syncookies

>
>
>
> Step :3
>
> # cat /proc/sys/net/ipv4/ip_forward
> 1
> Step 4:
> # route add –net 192.168.0.0 netmask 255.255.255.0 gw 69.88.12.161
>
> # route add –net 192.168.1.0 netmask 255.255.255.0 gw 69.88.12.161
> # route add default gw 69.88.12.161
> pls help if possible. I will appreciated u kind assistance.
> Russel………..

You don't say it, but I think you actually want to give Internet access
to your local machines using your connection (which has IP 69.88.12.185)
using 192.168.0.1 and 192.168.1.1 as the gateways of the internal sub nets.

In this case, a "route add -net" is not what you need.

You need to do SNAT in step 4:

# iptables -t nat -A POSTROUTING -s 192.168.0.0/255.255.255.0 -o eth0
-j SNAT --to-source 69.88.12.185
# iptables -t nat -A POSTROUTING -s 192.168.1.0/255.255.255.0 -o eth0
-j SNAT --to-source 69.88.12.185

route add default gw 69.88.12.161

Once you're done, try to use /etc/network/interfaces to add some of your network
configuration.

Regards,
Nelson.

PS:

Once you get it to work, read a little about iptables and try to
protect yourself.
Check this out later: http://cgi.afc.no-ip.info/svnwiki.cgi/default/firewalls
This tip is different, because 2 NICs are used.

--
Homepage : http://geocities.com/arhuaco

The first principle is that you must not fool yourself
and you are the easiest person to fool.
-- Richard Feynman.

IP Routing

Hello,

I have debian linux machine with public IP 69.88.12.185. I wana route two different private network 192.168.0.0 and 192.168.1.0 through my PC to GW 69.88.12.161.

I have done the following process but not succeeded.

Step:1

#Ifconfig eth0 69.88.12.185 netmask 255.255.255.244

#ifconfig eth0:0 192.168.0.1 netmask 255.255.255.0

#ifconfig eth0:1 192.168.1.1 netmask 255.255.255.0

Step:2

#cat /etc/network/options

ip_forward=yes

spoofprotect=yes

syncookies=no

Step :3

#  cat  /proc/sys/net/ipv4/ip_forward

Step 4:

# route add –net 192.168.0.0 netmask 255.255.255.0 gw 69.88.12.161

# route add –net 192.168.1.0 netmask 255.255.255.0 gw 69.88.12.161

# route add default gw 69.88.12.161

pls help if possible. I will appreciated u kind assistance.

Russel………..

-----------------------------------------------------
Md. Shafiuddin Russel
LEARN Foundation
Contact: 0187529755, 0176199845
-----------------------------------------------------

Start your day with Yahoo! - make it your home page

firewall-wizards digest, Vol 1 #1644 - 5 msgs

Send firewall-wizards mailing list submissions to
firewall-wizards@honor.icsalabs.com

To subscribe or unsubscribe via the World Wide Web, visit
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
or, via email, send a message with subject or body 'help' to
firewall-wizards-request@honor.icsalabs.com

You can reach the person managing the list at
firewall-wizards-admin@honor.icsalabs.com

When replying, please edit your Subject line so it is more specific
than "Re: Contents of firewall-wizards digest..."

Today's Topics:

1. Re: Internet accessible screened subnet - use public orprivateIPs? (Dale W. Carder)
2. RE: Internet accessible screened subnet - use public
orprivateIPs? (Luis Bruno)
3. RE: Internet accessible screened subnet - use public
orprivateIPs? (Paul D. Robertson)

--__--__--

Message: 1
Date: Wed, 27 Jul 2005 19:22:11 -0500
From: "Dale W. Carder" <dwcarder@doit.wisc.edu>
To: lordchariot@earthlink.net
Cc: firewall-wizards@honor.icsalabs.com
Subject: Re: [fw-wiz] Internet accessible screened subnet - use public orprivateIPs?

Thus spake lordchariot@earthlink.net (lordchariot@earthlink.net) on Mon, Jul 25, 2005 at 08:12:58PM -0400:
>
> What about when IPv6 becomes predominant on the net?

I wouldn't worry about this too much for businesses in the US.

> Am I mistaken that there doesn't seem to be any concept of NAT in the IPv6
> specs?

The idea of ipng was to learn from our mistakes.

However, either 1) NAT for ipv6 will be created, 2) PI address space becomes
a reality, or 3) an elegant to deal with hosts w/ multiple addresses bound to
an interface. Any of those is a long ways off at this point.

You may be interested in reading:
http://www.ietf.org/internet-drafts/draft-ietf-v6ops-nap-01.txt

Dale

----------------------------------
Dale W. Carder - Network Engineer
University of Wisconsin at Madison

--__--__--

Message: 2
Date: Thu, 28 Jul 2005 14:12:49 +0100
Subject: RE: [fw-wiz] Internet accessible screened subnet - use public
orprivateIPs?
From: Luis Bruno <lbruno@republico.estv.ipv.pt>
To: firewall-wizards@honor.icsalabs.com

R. DuFresne wrote:
> On Mon, 25 Jul 2005 lordchariot@earthlink.net wrote:
> > What about when IPv6 becomes predominant on the net?
>
> NATs not the issue with IPv6, retirement will have happened for all
> here long before this happens by all appearances.

As a 23yo computer engineering student, I sure hope I'm not retired
when IPv6 becomes predominant. That would be disappointing.

Cheers,
--
Luis Bruno

--__--__--

Message: 3
Date: Sat, 30 Jul 2005 17:45:32 -0400 (EDT)
From: "Paul D. Robertson" <paul@compuwar.net>
To: Luis Bruno <lbruno@republico.estv.ipv.pt>
Cc: firewall-wizards@honor.icsalabs.com
Subject: RE: [fw-wiz] Internet accessible screened subnet - use public
orprivateIPs?

On Thu, 28 Jul 2005, Luis Bruno wrote:

> > NATs not the issue with IPv6, retirement will have happened for all
> > here long before this happens by all appearances.
>
> As a 23yo computer engineering student, I sure hope I'm not retired
> when IPv6 becomes predominant. That would be disappointing.

It's difficult to predict implementation of v6. One of the more
interesting theories on non-implementation I've heard recently is that at
least one of the major vendors is holding off on adoption because of some
patents filed in preparation for v6- so it may be that there's at least
some pressure to have a 20 year holding pattern.

Personally, I'm not all that sure that we'll see v6 implemented without a
major push from somewhere large (I'd thought the US DoD mandate would
carry it- but that hasn't seemed to happen.) If I were someone like AOL
or China, I'd be looking to go there to help "wall off" my lusers from the
big bad v4 'net with pre-approved v4-v6 proxies for some level of content.

Get a couple of good-sized prefixes and walling stuff off seems like it'd
be pretty easy. Space is relatively expensive though, so it's definately
not in the play range with "real" addresses outside of FreeNet6.

Paul
-----------------------------------------------------------------------------
Paul D. Robertson "My statements in this message are personal opinions
paul@compuwar.net which may have no basis whatsoever in fact."

--__--__--

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

End of firewall-wizards Digest

Hoax-Slayer: July Online Version Now Available

Hello,

This is just a note to let you know that the July issue of
the Hoax-Slayer Newsletter is now available for viewing online.
To access the online version of the newsletter, click the link
below:
http://www.hoax-slayer.com/current-issue.html
<a href="http://tinyurl.com/cz9mj">Current Issue</a>

Note:
The full plain-text version of the newsletter has already been
sent this month. This second email is to ensure that *all*
subscribers get to see the current issue. For details, see:
http://tinyurl.com/cwt43
<a href="http://tinyurl.com/cwt43">AOL users click here</a>

Best regards,
Brett

*************************************************************

<_________Information about Hoax-Slayer_________________________>

To UNSUBSCRIBE from: Hoax-Slayer Newsletter, just follow this link:

http://www.hoax-slayer.com/cgi-bin/mojo/mojo.cgi?f=u&l=hxez&e=security.world@gmail.com&p=8185

Click the link, or copy and paste the address into your browser.

Alternatively, you can visit the special Unsubscribe webpage via
the link below and follow the instructions:
<http://www.hoax-slayer.com/unsub.html>

To view the Hoax-Slayer Privacy Policy visit:
<http://www.hoax-slayer.com/privacy.html>

_______________________________________________________________

The Hoax_Slayer Newsletter is published by:
Brett M.Christensen
Queensland, Australia
All Rights Reserved
(c) Brett M. Christensen, 2005
<mailto:bchristensen@hoax-slayer.com>
***************************************************************

Friday, July 29, 2005

Ola, tudo bom?

Sou Ana Carolina, e por coincidência achei o seu email! Meu amigo me disse que esse era o seu email...
Não tenho certeza se é voce mesmo que estudou comigo no colégio e gostaria de fazer uma festa de reencontro do pessoal lá no FC. Seria legal reencontrar a turma toda, alguns morreram infelizmente, mas eu estou tentando entrar em contato com o maior numero de amigos possíveis daquela época, e estou te convidando para ir a esta festa, gostaria muito de reencontrá-lo.

Para não haver engano eu tenho uma foto minha, se me reconhecer por favor entre em contato, estou um pouco diferente do que aquela época, mais acho que da para se lembrar de mim.

Minha foto --> http://www.flogao.com.br/images/ana_fotosdiv579.src

Se não conseguir, tente clicando aqui.

Se não for voce realmente, por favor desconsidere este email, e desculpe pelo incomodo.

Nos veremos lá
Abraços, Ana Carolina.

Security Management Weekly - July 29, 2005

A weekly security news briefing from ASIS International

Learn more! ->

July 29, 2005

CORPORATE SECURITY

	1. "	Nebraska Introduces Online Consumer Vulnerability Survey" Identity Theft Survey Provides Tips for Avoiding Fraud

	2. "	Bank Hides Tellers, Money to Avoid Robberies"

	3. "	Lawyers' Delight: Old Web Material Doesn't Disappear" Web Archives Allow Businesses to See if Web Sites Illegally Made Use of Their Protected Material

	4. "	Coping With Catastrophe: The First 24 Hours" Companies Should Prepare for Emergencies in Advance by Creating Response Plan

	5. "	Criminal Databases & Pre-Employment Screening" Despite Risks, Security Directors Using Multi-State Criminal Records Databases to Evaluate Potential Employees

	6. "	The Enterprise Risk Management Imperative" Sarbanes-Oxley Act Could Increase Popularity of Enterprise Risk Management

	7. "	With IT, You Get Escrow" Technology Escrow Helps Businesses Protect Mission-Critical Software and Technologies

HOMELAND SECURITY		sponsored by

	8. "	Airport Seeks Immunity From Security Suits" If TSA Grants Blanket Immunity From Security Screener Lawsuits, Many Airports Could Switch to Private Screeners

	9. "	Stun Guns to Arrest Bombers a Huge Risk--UK Police" Stun Guns Could Set Off Suicide Bombs

	10. "	I.R.A. Renounces Use of Violence; Vows to Disarm"

	11. "	Terror Watch on Tappan Zee Bridge" Security of U.S. Bridges Being Overlooked, Experts Say

	12. "	Firetrucks Go High Tech" Sept. 11 Attacks Cause Rising Demand for Sophisticated Fire Trucks

CYBER SECURITY

	13. "	Security Experts Warn of Chinese Cyberattacks for Industrial Secrets" U.S. Companies Could Be Targeted

	14. "	Lost a BlackBerry? Data Could Open a Security Breach" Misplaced or Stolen BlackBerry Devices Pose Security Risk

	15. "	May I Have Your Identification, Please?" Several Email Authentication Technologies Could Become Industry Standard

"Nebraska Introduces Online Consumer Vulnerability Survey"
Business Wire (07/21/05)

A vulnerability survey recently released by Nebraska attorney general Jon Bruning will help Nebraska residents determine if they are at low, moderate, or high risk for becoming victims of identity theft or other fraud. The survey consists of 10 yes or no questions, and once completed, residents are provided with access to educational brochures. Bruning recommends several tips to help residents avoid fraud, such as determining how personal information will be used before releasing it; avoiding the disclosure of credit card numbers or bank account information over the phone with unknown callers; always using a secure browser for online purchases; photocopying all personal cards to ensure immediate access to necessary information in case of wallet loss or theft; analyzing each credit card statement and bank statement for unauthorized charges; avoiding sweepstakes, chain letters, and other scams; becoming educated about a company's product return and customer satisfaction policies; shredding documents that may contain valuable information; and regularly checking credit reports for mistakes.
(go to web site)

"Bank Hides Tellers, Money to Avoid Robberies"
Beacon Journal (07/24/05)

The Unizan Bank branch in downtown Canton, Ohio, was robbed five times between 1996 and 2001, but there has not been a single robbery attempt since the branch decided to remove all money from the bank and replace the bank's tellers with remote tellers who are viewed via a closed-circuit television screen. In comparison, the nearby National City Bank was robbed once from 1996 to 2001 and has been robbed twice more since 2001. The Unizan branch uses remote-teller devices instead of bank teller windows, with the devices allowing customers to communicate and interact with tellers who are located remotely--in this case, a basement, back office, or second-floor part of the building located up to 500 feet from the remote terminal. Potential bank robbers have no idea where the tellers actually are, and a system of pneumatic tubes allow for transactions involving cash, receipts, and checks. Nationwide, roughly 300 banks have purchased the remote tellers, which cost between $10,000 and $18,000 and are capable of conducting double the number of transactions as a bank counter. FBI Special Agent Robert Hawk explains that bank robberies run in cycles, with peaks every eight to 10 years. In 2004, there were 131 bank robberies in Ohio's northern counties, compared with just 42 so far this year. The number of robberies has declined this year because the arrest and conviction rate of robbers has been close to 72 percent, Hawk says.
(go to web site)

"Lawyers' Delight: Old Web Material Doesn't Disappear"
Wall Street Journal (07/27/05) P. A1 ; Kesmodel, David

Evidence in cases involving Web pages that improperly use trademarked or otherwise protected material owned by businesses is bolstered by the existence of Web archives such as the Wayback Machine and the Google Cache feature. The archives record the content of Web pages at regular intervals, so that even pages that have been deleted can be accessed, allowing businesses to see if the site has been used in an illegal manner at any point, not only at the current time. As a result, cases--including domain-name disputes--that were previously inconclusive because the site owner lied about the uses to which the Web page was being put, then deleted or altered the page to cover the evidence, are now easily resolved, with the archive providing the evidence of the page's former content. Although not exhaustive, the archives can nevertheless capture information on millions of Web pages, and will only delete content by request of an individual with verifiable authority over the site.
(go to web site)

"Coping With Catastrophe: The First 24 Hours"
Risk Management (07/05) Vol. 52, No. 7, P. 44 ; Davis, Brian A.; Walters, T. Danielle

Every company should prepare for a potential workplace emergency, as small problems can easily turn into a crisis if they are not prepared for or effectively dealt with from the beginning. Having a plan that spells out what the company will do in the event of an emergency and who will do it can help to limit the damage and speed up the recovery process. Companies should decide in advance who will be their primary liaison with emergency officials in the event of an emergency. These officials should be prepared to speak up if they feel that emergency responders are handling the situation unsafely, as a company can often be sued if emergency responders are hurt or killed if the cause of the incident is attributed to company negligence. A company should also work to control its legal exposure following a serious emergency, starting with immediately notifying insurers and legal counsel of the event. Damage from the event can also be minimized, by ensuring that the injured receive care, securing relevant evidence, retaining experienced defense counsel, and arranging to have the location where the emergency took place, along with the surrounding area, photographed. What a company does before a crisis happens can be important as well. Getting to know local authorities, creating a reputation for safety, and being a good corporate citizen can all go a long way to increase a company's chances of successfully making it through the first 24 hours after a crisis--or avoiding it altogether.
(go to web site)

"Criminal Databases & Pre-Employment Screening"
Security Technology & Design (07/05) Vol. 15, No. 7, P. 26 ; Rosen, Lester S.

Although multi-state criminal records databases can be a useful tool for security directors to use to evaluate a potential employee, there are limitations and legal risks involved in using them. Despite the risks, some security directors are turning to these databases because they cover a much wider geographical area than a traditional search conducted at county courthouses that are relevant to an applicant's history. However, multi-state databases are often inaccurate for a number of reasons. For instance, not all states provide criminal records to these types of databases, and those that do may not provide all the records that they have. A subject could also have a criminal record in the database under another name or a variation of his name. Multi-state criminal records databases also present certain legal pitfalls to companies that chose to use them. Some of these databases offer a grading system on a subject, such as a stoplight which may show green meaning cleared to hire and red meaning do not hire, which could be a violation of the federal Equal Employment Opportunity Law. Given their inaccuracies and the legal dilemmas that they present, multi-state criminal databases should not replace traditional searches, but should be used in conjunction with them.
(go to web site)

"The Enterprise Risk Management Imperative"
Business Finance (07/05) Vol. 11, No. 7, P. 54

Enterprise Risk Management (ERM) could be catapulted to the forefront of risk management strategies and decisions at a majority of companies seeking to employ the Sarbanes-Oxley Act and the Committee of Sponsoring Organizations of the Treadway Commission's (COSO's) ERM framework. Risk management professionals agree that there are numerous pressures forcing companies to take a second look at ERM, including Sarbanes-Oxley, further New York Stock Exchange requirements, ratings agencies, board audit committees, pending or possible litigation from stakeholders, and industry-specific regulations. The latest Business Finance Roundtable on the subject unveiled several benefits of ERM, though most will be difficult to quantify, including improved management of shareholder value and capital, improved risk appetite due to a better understanding of risks facing the firm, and the change of operations to maximize the benefits of each strategic decision. However, experts agree that the nature of ERM makes it difficult to apply to corporations because it has to be done incrementally, keep senior managers interested enough to provide resources for the ERM initiatives, and change corporate cultures, without really having guidance from a key catalyst or technology tailored enough to meet all of ERM's needs. On the other hand, Sarbanes-Oxley has laid the groundwork for ERM to be built on, though many roundtable experts are concerned that without an internal leader or merger and acquisition activity to spur further cultural change, many companies are likely to balk at implementing COSO's framework or another ERM strategy. ERM is expected to provide greater transparency for stock analysts, investors, and others, but risk managers and others have to be prepared to educate these stakeholders about the risks retained by the company, why they are retained, and what the results of taking those risks are expected to be. Meanwhile, insurance programs will have to be tailored under these new strategies to address risks that need to be insured against, though some panelists believe that risk managers should not worry about whether risks are insurable or uninsurable when conducting ERM analyses. On a side note, panelists discussed the emerging title of chief risk officer and its role in ERM, and ABD Insurance and Financial Services Senior Vice President of Risk Management John W. Schaefer noted that the title "indicates a failure in traditional risk managers to take care of their career. It's redundant and foolish to have a risk manager and a chief risk officer. If risk managers do their jobs correctly, it shouldn't be necessary to appoint a separate CRO."
(go to web site)

"With IT, You Get Escrow"
Security Management (07/05) Vol. 49, No. 5, P. 66 ; Johnson, Jeffrey

Technology escrow, a little-known but important way to secure mission-critical software, functions as an insurance policy for software source code, licensed mission-critical software, and other types of intellectual property. Technology escrow is an important part of technology licensing agreements, allowing the company that is licensing the technology to place the technology in an escrow account. A technology escrow agent creates the contract for the escrow arrangement, which typically allows the escrowed technology to be released to the company that licensed it if the developer of the technology is no longer able to support the technology. Scenarios in which the technology is no longer supported include if the vendor stops supporting an older product or declares bankruptcy. Without a technology escrow agreement, a company may be forced to go through the court system to obtain the ability to continue supporting the technology, and that process can take years. Companies can also use verification services to ensure that source code technology in the escrow account can be recompiled and executed. Companies can create a cross-functional internal team to perform a risk assessment to decide what technologies should be escrowed. Factors that define mission-critical software include whether the software is custom-made or unique; how large an investment the company has made in the software; what aspects of the business the software affects; the viability of the developer of the software; and how dependent the company is on the software.
(go to web site)

"Airport Seeks Immunity From Security Suits"
USA Today (07/26/05) ; Frank, Thomas

San Francisco International Airport, which uses private airport screeners, is requesting that it be given blanket immunity from potential lawsuits related to security failures by the airport screeners. "All we're asking is that we have the same protection with a private firm as an airport that has federal employees," says airport government affairs chief Peter Nardoza. The Transportation Security Administration says it will rule on the airport's request within 30 days. If the airport is granted blanket immunity, it could cause many airports around the country to jettison their government screeners and replace them with screeners from private firms, says the policy director of the Airports Council International, Stephen Van Beek. Some 100 lawsuits are still pending against the operators of the three airports used by the Sept. 11 hijackers.
(go to web site)

"Stun Guns to Arrest Bombers a Huge Risk--UK Police"
Reuters (07/29/05) ; Majendie, Paul

London's chief of police says that authorities' use of a stun gun to subdue suspected London bomber Yasin Hassan Omar represented "an incredible risk" because if Omar had been wearing bombs, the electric currents of the stun gun could have caused the bombs to explode. Metropolitan Police Commissioner Ian Blair also indicated that there was a policy against using stun guns on suicide bombers. Blair then addressed the controversy over authorities' "shoot-to-kill" policy, which resulted in the shooting death of an innocent Brazilian man. In defense of the policy, Blair says that the only way to stop a suicide bomber is to kill them or persuade them to undress in an open space, as all other options allow the bomb to go off.
(go to web site)

"I.R.A. Renounces Use of Violence; Vows to Disarm"
New York Times (07/29/05) P. A1 ; Lavery, Brian; Cowell, Alan

The Irish Republican Army (IRA) has announced that it will abandon the use of violence and has ordered all IRA units to lay down their arms. The announcement ends 36 years of violence against British rule that claimed the lives of 3,500 people. British Prime Minister Tony Blair expressed hope that the announcement means that politics will replace terrorism in Ireland. The White House reacted to the statement by calling upon the IRA to make good on its promise by demonstrating its commitment to "the rule of law and to the renunciation of all paramilitary and criminal activities." The IRA announcement came in the form of a DVD, with member Seana Walsh, who spent 21 years in prison, proclaiming on the DVD that "all IRA units have been ordered to dump arms." However, the DVD did not indicate that the IRA would be disbanding and it did not formally address the topic of the group's involvement in organized crime, except to say that the group's members "must not engage in any other activities whatsoever" other than "the development of purely political and democratic programs."
(go to web site)

"Terror Watch on Tappan Zee Bridge"
Journal News (NY) (07/24/05) ; Golding, Bruce

Terrorism experts say that the security of the nation's bridges is an issue of great importance, one that is being overlooked. The volume of traffic on bridges makes them inherently insecure, and they are natural targets for Al Qaeda, as an attack on a bridge would have a big impact on the economy. David Schanzer, director of the Center on Terrorism and Homeland Security at Duke University and the University of North Carolina, says that bridges--along with shopping malls, office buildings, and any other place with large numbers of people--are potential terrorist targets, though he claims that chemical plants are terrorists' most-coveted target. The catastrophic nature of a bridge attack--especially one captured on video and played on television--has great allure among terrorists, the experts state. Structural engineers and bridge experts explain that the roadway is the most vulnerable part of bridges because the force of an explosion can cause it to collapse, but fixing the damage from a roadway attack could be accomplished quickly. To successfully collapse the structure of a bridge would take a large amount of explosives, and computer simulations have shown that boat-attacks are generally less effective than attacks on the roadway. However, bridges do have "fracture critical members" that could cause a bridge to collapse if they fail, and a Web page from the U.S. Army Corps of Engineers shows how fracture critical structural elements can be found on bridges, citing examples of bridges in Maryland and Delaware. Factors that influence the vulnerability of a bridge include its physical condition, the type of construction used, and the type of bridge.
(go to web site)

"Firetrucks Go High Tech"
Wall Street Journal (07/25/05) P. B1 ; Martin, Timothy W.

Demand for firetrucks that can do more than just put out blazes has risen since the terrorist attacks on Sept. 11, 2001, which raised awareness of the need for better emergency response and led the Department of Homeland Security to set aside $2.2 billion in grant money for fire departments. Today's fire engines are increasingly complex; they can be outfitted with a wide array of high-tech options, from state-of-the-art communications and GPS navigation systems to medical equipment and decontamination showers. As engines have become more sophisticated, they have also become more expensive, with single rigs often going for more than $500,000 and sometimes even exceeding $1 million. About 5,500 trucks are sold in the United States each year, most of them manufactured by three main companies: Pierce of Oshkosh, Wis.; E-One of Ocala, Fla.; and KME Fire Apparatus of Nesquehoning, Pa. The National Fire Protection Association reports that about half of the firetrucks currently being used by U.S. fire departments are at least 15 years old, meaning they should soon be upgraded. Most departments seeking to acquire a new rig spend months choosing from an array of options before having their trucks custom-built by one of the major manufacturers. In addition to equipment and technology that increase the number of tasks a fire crew can handle at once, many trucks are also now outfitted with advanced safety features to prevent accidents and protect fire fighters in the event of a rollover.
(go to web site)

"Security Experts Warn of Chinese Cyberattacks for Industrial Secrets"
Agence France Presse (07/24/05) ; Lever, Rob

Concerns are growing that U.S. companies and possibly government agencies could be the target of Chinese hacker espionage efforts, security researchers say. Evidence, although usually hard to collect following cyberattacks, is strong against the country, according to the SANS Internet Storm Center. Unlike Russian hackers, Chinese hackers are after corporate secrets rather than credit card numbers or other financial data. Lurhq security researcher Joe Stewart says he reverse-engineered the recent Myfip PC worm and found a Chinese connection. He says it's "highly likely" the worm was used for espionage purposes, since "all the emails we traced back with this particular attachment came from a single address in China." Meanwhile, SecurityFocus says recent cyberattacks in Britain and the United States were likely searching for documents from federal agencies, and Britain's National Infrastructure Security Coordination Centre said recent "Trojan-laded emails" originating in the Far East were "targeting UK government and companies."
(go to web site)

"Lost a BlackBerry? Data Could Open a Security Breach"
Washington Post (07/25/05) P. A1 ; Noguchi, Yuki

BlackBerry devices, cell phones, computer memory sticks, and other mobile devices mean increased convenience for the mobile workforce, but also mean significantly higher security risk due to the frequency of misplaced or stolen devices. Pointsec Mobile Technologies surveyed cab companies in Chicago earlier this year and found that 160,000 portable devices are left in taxicabs every year, although up to 60 percent of them get returned to their owners. Companies are increasingly mitigating the risk of losing a portable device by adding extra layers of password protection and similar security measures, and prohibiting such devices from downloading corporate information. Also, some wireless providers are offering a service that remotely wipes clean a lost or stolen device to avoid breach of data. NTT DoCoMo, a Japanese cell phone carrier, offers a fingerprint scanner to authenticate users just to prevent unauthorized use. Meanwhile, a Symantec survey determined that 37 percent of smart phone users store corporate information on the device, and only 40 percent of such users work at companies with wireless security policies.
(go to web site)

"May I Have Your Identification, Please?"
SiliconValley.com (07/25/05) ; Lee, Dan

Several email authentication technologies will go before the Internet Engineering Task Force as candidates for an industry standard. DomainKeys Identified Mail (DKIM) is a joint venture between Yahoo! and Cisco Systems that marries the former's DomainKeys and the latter's Internet Identified Mail into a technology that enables a sender's company or service provider's mail service to assign scrambled digital signatures to outgoing emails that verify the address; the recipient confirms the address by checking that the sender has been registered as genuine through the domain name system. Meanwhile, the Microsoft-backed Sender ID specification checks the numerical IP address of the server sending the email against a published list of servers authorized to send messages by the domain owner. DKIM has experienced difficulty in recognizing messages that are part of email lists employed in discussion groups that may modify a message, while Sender ID cannot always identify email forwarded from one address to another. Experts classify an effective email authentication standard as one that is adopted by a large portion of the world's email senders, and Gartner analyst Arabella Hallawell believes DKIM will emerge as the leading standard because it faces fewer technical problems than Sender ID. However, Yahoo!, Cisco, and Microsoft each expect both technologies to find use. EarthLink's Tripp Cox says the level of industry collaboration surrounding these technologies is "unprecedented." "If we're going to make an impact on spam, it's crucial that the vast majority of Internet senders and receivers implement the technology," he argues.
(go to web site)

ASIS also offers a daily and a non-sponsored, special-content Professional Edition of
Security Newsbriefs. Please click to see a sample or to contact us for more information.

Unsubscribe | Change E-mail | Advertising Opportunities | Security Management Online | ASIS Online

Researcher at center of Cisco router-exploit controversy speaks out

All the week's news and views about Security, 07/29/05
_______________________________________________________________
This newsletter is sponsored by CipherTrust

E-mail security threats are more sophisticated than ever. Join
industry leaders CipherTrust and McAfee for an important webcast
featuring a keynote by Gartner VP Arabella Hallawell to learn
how corporations can respond. You will learn best practices for
both inbound and outbound e-mail security. Register now for
this August 4th webcast!
http://www.fattail.com/redir/redirect.asp?CID=108969
_______________________________________________________________
CYBERSLACKING - IT COSTS

To the tune of $178 billion annually, according to a recent
study. Employees, at work, are reading the news, checking
personal e-mail, conducting online banking, travel and shopping
more than you might realize. How much time?
Click here for more:
http://adserver.fattail.com/redir/redirect.asp?CID=108712
_______________________________________________________________

Network World's Security News Alert

Researcher at center of Cisco router-exploit controversy speaks
out, 07/28/05

Michael Lynn, the former Internet Security Systems researcher
who disclosed information about how unpatched Cisco routers
could be hacked, said he is seeking to settle with Cisco and ISS
over the controversy.
<http://www.networkworld.com/news/2005/072805-lynn.html?nl>

Kerio tunes mail server to fight spam

All the week's news and views about fighting spam, 07/29/05
_______________________________________________________________
This newsletter is sponsored by Tacit Networks
Network World Executive Guide: Staying Focused on the Moving
Target that is Storage

To the tune of $178 billion annually, according to a recent
study. Employees, at work, are reading the news, checking
personal e-mail, conducting online banking, travel and shopping
more than you might realize. How much time? Click here for more:
http://www.fattail.com/redir/redirect.asp?CID=108715
_______________________________________________________________

Network World's Anti-spam News Alert

Kerio tunes mail server to fight spam, 07/25/05

Kerio Technologies last week released a new version of its mail
server with a focus on mobile users, administration and helping
users battle the spam and viruses that plague e-mail today.
<http://www.networkworld.com/news/2005/072505-kerio.html?nl>

Weblog: Russian spammer murdered, 07/27/05

An infamous Russian spammer was found bludgeoned to death in his
apartment this week. Thirty-five-year-old Vardan Kushnir was
known for running the Center for American English, which should
have been...
<http://www.networkworld.com/weblogs/layer8/009607.html?nl>

Verizon joins managed security game, 07/25/05

Verizon is readying managed security services that exploit
technologies the carrier has been using to safeguard its own
network operations.
<http://www.networkworld.com/news/2005/072505vzmssp.html?nl>

The top 5: Today's most-read stories

1. 2005 Salary Survey
<http://www.networkworld.com/nlantispamnewsal4065>

2. Cisco nixes conference session on hacking IOS router code
<http://www.networkworld.com/nlantispamnewsal4066>

3. Verizon joins managed security game
<http://www.networkworld.com/nlantispamnewsal4067>

4. Schools battle personal data hacks
<http://www.networkworld.com/nlantispamnewsal4068>

5. VoIP security threats: Fact or fiction?
<http://www.networkworld.com/nlantispamnewsal4069>

Today's most forwarded story:

The ROI of VoIP
<http://www.networkworld.com/research/2005/071105-voip.html>
_______________________________________________________________
To contact:

Contact Online News Editor Jeff Caruso at
<mailto:jcaruso@nww.com>
_______________________________________________________________
This newsletter is sponsored by Tacit Networks
Network World Executive Guide: Staying Focused on the Moving
Target that is Storage

Spam/Phishing news page
Latest anti-spam news, analysis and newsletters
http://www.networkworld.com/topics/spam.html
_______________________________________________________________
FEATURED READER RESOURCE
SIX TIPS FOR GETTING WHAT YOU DESERVE

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

NetFlash: Cisco, ISS, Michael Lynn and Black Hat sign legal accord

NetFlash: Cisco, ISS, Michael Lynn and Black Hat sign legal
accord
07/29/05

In this issue:

* Cisco, ISS, Michael Lynn and Black Hat sign legal accord
* Researcher at center of Cisco router-exploit controversy
speaks out
* You work where?
* Senator crafts revamp of 1996 telecom law
* Windows Vista release slips to fourth quarter 2006
* Today on Layer 8
* Links related to NetFlash
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by Tacit Networks
Network World Executive Guide: Staying Focused on the Moving
Target that is Storage

http://www.fattail.com/redir/redirect.asp?CID=108719
_______________________________________________________________

NETFLASH: BREAKING NEWS FROM NETWORKWORLD.COM

By Jeff Caruso

The story so far: After the ISS researcher gave his
controversial presentation at the Black Hat conference - in
defiance of Cisco's wishes - he lost his job and stirred up all
sorts of legal questions. But then what happened? See the
stories below to find out more about Michael Lynn's point of
view and the legal agreement that was reached.
Cisco, ISS, Michael Lynn and Black Hat sign legal accord
<http://www.networkworld.com/nlnetflash4060>
Researcher at center of Cisco router-exploit controversy speaks
Out <http://www.networkworld.com/nlnetflash4061>

You work where?

Part of this week's You Issue is our series called "You work
where?" I wrote one of the articles (the middle one) on the guy
who runs IT for FreshDirect, which manufactures and distributes
groceries to people who order online. I also visited the plant,
saw the fascinating operation in action. Read the story, and
check out the others, on folks who work at the Churchill Downs
race track and the Make-A-Wish Foundation.
<http://www.networkworld.com/nlnetflash4062>

Senator crafts revamp of 1996 telecom law

A U.S. senator this week introduced legislation that some say is
a first step in reworking the Telecommunications Act of 1996.
<http://www.networkworld.com/nlnetflash4063>

Windows Vista release slips to fourth quarter 2006

Windows Vista won't be available for shipment until the last
quarter of 2006, a Microsoft executive let slip in a
presentation on Microsoft's campus Thursday.
<http://www.networkworld.com/nlnetflash4064>

Today on Layer 8, where we wish we were at Black Hat this week:

An update on the Cisco-Black Hat kerfuffle; IE7 beta nukes
Google toolbar; the latest news in the Microsoft/Google employee
fight; and BlackBerry to honor women in tech; all this today and
more at your home for not-just-networking news.
<http://www.networkworld.com/weblogs/layer8/?net&story=layer8>

The top 5: Today's most-read stories

1. 2005 Salary Survey
<http://www.networkworld.com/nlnetflash3929>

2. Cisco nixes conference session on hacking IOS router code
<http://www.networkworld.com/nlnetflash4046>

3. Verizon joins managed security game
<http://www.networkworld.com/nlnetflash3832>

4. Schools battle personal data hacks
<http://www.networkworld.com/nlnetflash3931>

5. VoIP security threats: Fact or fiction?
<http://www.networkworld.com/nlnetflash3833>

Today's most forwarded story:

The ROI of VoIP
<http://www.networkworld.com/research/2005/071105-voip.html>
_______________________________________________________________
To contact: Jeff Caruso

Jeff Caruso is managing editor of online news for Network World.
He oversees daily online news posting and newsletter editing,
and writes the NetFlash daily news summary, the High-Speed LANs
newsletter and the Voices of Networking newsletter. Contact him
at <mailto:jcaruso@nww.com>
_______________________________________________________________
This newsletter is sponsored by Tacit Networks
Network World Executive Guide: Staying Focused on the Moving
Target that is Storage

NetFlash breaking news:
http://www.networkworld.com/news/netflash.html
_______________________________________________________________
FEATURED READER RESOURCE
SIX TIPS FOR GETTING WHAT YOU DESERVE