InfoWorld
Lead with Knowledge
HOME/ SITEMAP
SUBJECT INDEXES
ABOUT US
WHITE PAPERS

Learn to secure your PCs from new and unknown hacker attacks.

Free IDC White Paper - Discover Secure File Sharing for the Enterpriseattacks.

SEARCH:  
Home  //  Article
Print Article    Email Article
Window Manager
Brian Livingston
To secure your PC, arm yourself with security alerts from vendors and industry groups

IT SEEMS THAT EVERY week brings us a new security threat to our Windows PCs and networks. The latest one, which became an issue just last week, involves a "digitally signed" Java program that affects Compaq computers and possibly others. The applet is intended to allow Compaq to update software over the Internet, but it can be directed by a rogue Web page to execute other instructions instead.

This problem, and others like it, are well covered in the news pages of InfoWorld, so that is not the focus of this column. Instead, I want to share with you some resources that can keep you informed about threats before they affect your PC or your network.

One of the best sources of information from Microsoft is its Security Notification Service. This free e-mail bulletin is sent to subscribers whenever Microsoft determines that an issue affects any Microsoft products. It is especially worthwhile for Windows NT administrators and serious users of Microsoft Office.

Microsoft maintains an archive of current and previous security bulletins going back almost three years. Its "Security Advisor" page is one of the first places where Microsoft releases its comments on threats like the Melissa virus and the ExploreZip worm.

For a list of recent advisories, go to www.microsoft.com/security. Click "Security Bulletins," then "Current" or "Archive" to go back through the list. To subscribe to the Security Notification Service, go to www.microsoft.com/security/services/bulletin.asp.

The alerts that Microsoft posts on these pages often provide software patches to close security holes.

For example, a recent bulletin recommends a patch to cure Word 97's bad habit of running macros (without any warning) from templates -- even when the template is on a malicious Web site.

Microsoft's security bulletins, of course, aren't the last word on high-tech threats. The alerts reflect only Microsoft's point of view. In the article, "What Customers Should Know About BackOrifice 2000," for instance, Microsoft says BackOrifice is similar to the Melissa virus in that "neither exploited any security vulnerabilities in Microsoft products."

The programmers who released BackOrifice -- a program that allows an intruder to access your network from the Internet with the same privileges you have -- might disagree. Still, Microsoft's notification service is a valuable improvement over simply denying that any problems exist at all.

The security bulletins that Microsoft publishes on its Web pages raise the question: Should this information be shouted about or kept quiet?

After all, many of the security holes described on the Microsoft site are said to have never been used by hackers in real life. Won't talking about these flaws make them more likely to be taken advantage of?

This question seems to have been decided squarely in favor of full disclosure. The Microsoft site, for example, describes in detail the L0phtCrack tool, a program that decrypts network passwords, sometimes in minutes. The Microsoft page even includes a convenient link so readers can download the utility for themselves: www.l0pht.com. (The first two characters of the domain name are lower-case "L" and zero.)

Although L0phtCrack can be misused in the wrong hands, it can also be a good friend to a network administrator who needs to test a network for weak user passwords. An earlier version of the product won a Golden Guardian award last year from InfoWorld security columnists Stuart McClure and Joel Scambray. (See Security Watch, www.infoworld.com/printlinks.)

The Web site of L0phtCrack's parent, L0pht Heavy Industries of Boston, is itself a great security-alert service. Its archive of warnings includes a withering criticism of security flaws in Microsoft's original Point to Point Tunneling Protocol (PPTP). Many of these problems are corrected, the site says, in Microsoft's Dial-Up Networking 1.3 upgrade for Windows 95/98 and Windows NT.

Another invaluable alert service is provided by the CERT Coordination Center, an outgrowth of the old Computer Emergency Response Team created by the U.S. government in 1988. CERT/CC, housed at Carnegie Mellon University, sends e-mail advisories whenever a virus threat or newly discovered security hole unnerves the Internet community. Go to www.cert.org, then click "Subscribe to our mailing list" for more information.

Perhaps equally important, the center helps to debunk virus hoaxes -- some of which are hilarious -- that run rampant on the Net. See the "Hoax" section of www.cert.org/other _sources/viruses.html.

These are a fraction of the Windows security alerts available. Send me your favorites. Use "alerts" as the subject of your e-mail.




RELATED SUBJECTS

Security

MORE >
SUBSCRIBE TO:    E-mail Newsletters  InfoWorld Mobile InfoWorld Magazine
Home  //  Article Print Article    Email Article
Back to Top
 ADVERTISEMENT
 

SPONSORED LINKS

FREE Storage Policy Management paper from BMC Software!
Download the J.D. Edwards CRM white paper. Visit jdedwards.com/crmpaper
Introducing Primus Quick Resolve. Click to download a fact sheet.
Download the J.D. Edwards CRM white paper. Visit jdedwards.com/crmpaper
Gateway: Your Reliable IT Provider of Business Technology Solutions

SUBSCRIBE
E-mail Newsletters
InfoWorld Mobile
Print Magazine

Web-based training
ABOUT INFOWORLD  |  SITE MAP  |  EMPLOYMENT  |  PRIVACY  |   CONTACT US

Copyright 2001 InfoWorld Media Group, Inc.