Testing All-in-one Firewalls; MySpace problems predate Keys hack

Security News Alert This newsletter is sponsored by IBM Internet Security Systems Take A Preemptive Approach to Security Vulnerabilities are lurking! The IBM Cyber Attacks On The Rise: IBM 2007 Midyear Report highlights and analyzes security susceptibilities and identifies advances in spam and phishing technologies. IBM offers an unparalleled commitment to excellence when it comes to preemptive security. Start your journey into IBM security solutions today. Download your complimentary copy now. Network World's Security News Alert, 11/12/07 Testing All-in-one Firewalls, 11/12/07: Are there unified threat management (UTM) firewalls with the chops to provide the perimeter security functions that an enterprise needs? After all, enterprises generally employ best-of-breed security products, not the all-in-one devices popular with the small and medium business set. In this test of 13 enterprise UTM products Network World Lab Alliance member Joel Snyder puts these products through their paces in eight categories. Overall, he finds that good enterprise firewalls are plentiful, but adding in UTM features like intrusion prevention and anti-virus scanning will yield very spotty performance. The overall top performers in this test are Juniper, Cisco and Check Point. MySpace problems began days before Alicia Keys hack, 11/10/07: The widely reported problems with pop singer Alicia Keys' MySpace profile have been cropping up on the social networking site for the past ten days and are likely to continue, a security expert said Friday. Hacker pleads guilty to creating botnets, 11/10/07: A hacker has pleaded guilty to infecting hundreds of thousands of computers with malware in order to steal money from Paypal accounts. He could spend 60 years in prison and face a $1.75 million fine. Executive Guide The Security Treadmill This Executive Guide offers interviews with leading, real-world security experts who tell you how to get inside users' heads, fight for a bigger security budget, and whether VoIP security issues are overstated or underrated, and much more. Review this informative guide today. Click Here for More Information Microsoft stands by its invite to arrested hacker, 11/09/07: Microsoft's security team took a bit of a chance a few weeks ago, when it invited Roberto Preatoni to give a talk at its Redmond campus. 17 charged in massive identity theft bust, 11/09/07: The operators of a New York business have been charged with running a massive identity-theft and money-laundering operation that raked in more than $35 million over a four-year period. Virus database tracks vendor performance, 11/09/07: A new online malware database details the latest virus outbreaks from around the world, and shows which antivirus tools were able to block the threats and which ones failed. Credit card transaction security fortified by new risk assessment system, 11/09/07: Researchers Friday announced a bulked-up vulnerability risk assessment system that they say will help ensure the security of credit card transactions. The Common Vulnerability Scoring System (CVSS) Version 2 was coauthored this year by researchers at the National Institute of Standards and Technology and Carnegie Mellon University in collaboration with 23 other organizations. NIST calls for a new security ‘hash’ algorithm, 11/09/07: The National Institute of Standards and Technology (NIST) this week opened a competition to develop a new cryptographic hash algorithm, a tool that converts a file, message or block of data to a short fingerprint for use in digital signatures, message authentication and other computer security applications. Such hash algorithms are ultimately one of the key security technologies for federal and public systems. DOJ cracks down on Internet pharmacy, 11/09/07: Six men face charges of illegally distributing drugs through an Internet pharmacy, and the U.S. Department of Justice is seeking forfeiture of more than $40 million in profit from the operation. LAN switch security: What hackers know about your switches with Cisco's Christopher Paggen: Contrary to popular belief, Ethernet switches are not inherently secure. Security vulnerabilities exist all over the place. Did you know that there are vulnerabilities in the control plane protocols like STP and CDP? There are holes in the data plane protocols too. Christopher Paggen is prepared to tell you how to avoid these problems. Paggen is a technical marketing engineer for Cisco focusing on high-end firewalls. Join us for a live chat Tuesday Nov. 13 from 2 p.m. to 3 p.m. EST, where you can ask him about configuring and securing switches, firewalls or anything else you want to talk about. The Network World IT Buyer's Guides provide comprehensive, detailed information on how to select, test, buy and deploy thousands of network and IT products. The new Network World IT Buyer's Guides offer even more features than before, here's just one that's worth checking out: Wireless LAN Security Editor's note: Starting the week of Nov. 19, subscribers to the HTML version of this newsletter will notice some enhancements to the layout that will provide you with easier and clearer access to a wider range of resources at Network World. We hope you enjoy the enhancements and we thank you for reading Network World newsletters.

MOST-READ STORIES: 1. MIT's amazing, foldable, stackable car 2. 5 cool wireless research projects 3. Networking's 50 greatest arguments 4. IPv6: Will matter to enterprises in five years 5. Antispam group targets transactions 6. 10 career killers to avoid 7. Major Russian crime hub suddenly dies 8. 10 questions about Microsoft Office 2007 9. Sprint, Clearwire kill joint WiMAX project 10. Hackers target Alicia Keys MySpace page FEATURED BUYER'S GUIDE: Unified Threat Management

Contact the author: Senior Editor Ellen Messmer covers security for Network World. E-mail Ellen. This newsletter is sponsored by IBM Internet Security Systems Take A Preemptive Approach to Security Vulnerabilities are lurking! The IBM Cyber Attacks On The Rise: IBM 2007 Midyear Report highlights and analyzes security susceptibilities and identifies advances in spam and phishing technologies. IBM offers an unparalleled commitment to excellence when it comes to preemptive security. Start your journey into IBM security solutions today. Download your complimentary copy now. BONUS FEATURE 90% of IT Managers are leaving their company at risk for a DNS ATTACK. Get the tools and resources you need to keep your DNS healthy and secure. Run a DNSreport on your domain today - 56 critical tests run in 8 seconds. Visit www.dnsreport.com to learn more. (apply coupon NWW2007NLA for a 25% membership discount) PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007