Corporations are embracing a simpler, cheaper way of connecting remote workers to their networks, opening up new opportunities -- and competition -- for network security vendors.
At stake are gateways allowing secure access to corporate networks based on a browser security technology known as Secure Sockets Layer (SSL) encryption. Analysts and makers of SSL-based networking equipment say that large numbers of corporate users are starting to implement virtual private networks (VPNs) using SSL technology.
Microsoft has released patches for three flaws, the most serious of which could give attackers a back door into the company's security server product.
The most major flaw affects Microsoft's Internet Security and Acceleration Server 2000, which is included with Small Business Server 2000 and 2003 editions. The flaw lies in the way a filter in the server product's firewall processes data formatted in the real-time multimedia communications standard, known as International Telecommunications Union (ITU) H.323.
For the past 18 months we have seen a tremendous growth in honeypot technologies. Everything from OpenSource solutions such as Honeyd and Honeynets, to commercial offerings such as KFSensor are commonly available. However, as with any relatively new technology, there are still many challenges and problems. In this paper we take an overview of what several of these problems are, and look at possible approaches on how to solve them. By identifying these problems now, we can hope to make honeypots a stronger technology for the future.
Security company Symantec, developer of the popular Norton AntiVirus software, fixed a problem in its LiveUpdate feature last week--a vulnerability that could allow malicious users to gain unauthorized administrator access rights to an affected PC.
Multimedia applications such as voice over IP telephony and video conferencing could be vulnerable to security breaches because of flaws in the way a major telephony standard is being used.