Without a security policy, the availability of your network can be compromised. The policy begins with assessing the risk to the network and building a team to respond. Continuation of the policy requires implementing a security change management practice and monitoring the network for security violations. Lastly, the review process modifies the existing policy and adapts to lessons learned.
Read More Cisco.
Several FTP server products running under Windows 98 (first edition) with the 'CONCON' kernel patch by Microsoft are vulnerable to a security weakness that allows remote attackers to cause the program crash, bringing down the whole operating system ("Blue screen of death").
Vulnerable systems include : BisonFTP version 4R1, Broker FTP Server version 5.9.5.0, G6 FTP Server version 2.15 (a.k.a. Bulletproof FTP Server) , GuildFTPD version 0.922, SurgeFTP version 2.0f, WarFTPD version 1.71, WFTPD version 3.00 R5
The focus of Internet security is to ensure private, authenticated communications between parties over the Internet or Intranets. Many of the security requirements are not that different from the requirements within a closed system complex. A closed system complex, however, may rely more heavily on physical security and better management of resources. Businesses can no longer afford to sit in glass houses isolated and secured by physical barriers alone.
The reawakened ``Code Red'' worm disturbed the Pentagon (news - web sites)'s computer networks on Wednesday, and the main U.S. computer monitoring center predicted it would infect as many systems as it did in its first incarnation in July. ``The worm is an ugly thing,'' U.S. Army Major Barry Venable said in a telephone interview from Colorado Springs, where the U.S. military monitors its networks.
Two vulnerabilities have been discovered in Cisco SN 5420 Storage Router software release up to and including 1.1(3). One of the vulnerabilities can cause Denial-of-Service attack. The other allows unrestricted low level access to the SN 5420.
There is no workaround for these vulnerabilities. It is possible to mitigate them by blocking access to ports 513 and 8023 on the network edge...
Posted on 2.8.2001
Cisco Security Advisory: Vulnerabilities in Cisco SN 5420 Storage Routers
Revision 1.0
For Public Release 2001 July 11 08:00 (UTC -0800)
A quick check over at www.incidents.org and the charts there tell the story. Code Red is awake and growing at a steady pace - something like a snowball rolling down a hill and picking up size as it goes.... it was at 115,568 infected sites when this article was posted. For comparison sake, SAN recorded a total of 280,391 infected servers during the ENTIRE last round of Code Red. It has accomplished in 15 hours what it days / weeks to do last time...
Alfred Huger, writing for SecurityFocus says "Well, for future referance, crow is for the most part terrible breakfast food. It seems that the end is actually nigh and all my sarcasm has come back to haunt me. Well, perhaps not.
CERT says the ``Code Red'' computer worm was active and scanning the Internet on Wednesday for new computer servers to infect, The Computer Emergency Response Team (CERT), which has monitored computer hackers and various viruses since 1988, reported ``evidence of exploitation and scanning associated with the Code Red worm, and our staff members are currently analyzing this activity.'' The statement gave the worm's status as of 8:30 a.m. EDT.
CERT.
The "Code Red" worm that was programmed to spread across the Internet on Tuesday night and Wednesday morning ( depending on the timezone you live in ) was believed to have caused only limited mischief because the managers of computer networks heeded warnings and downloaded a software patch, security experts said.
Early reports from the news media are indicating that the Code Red either failed to 'wake up' or else the patching that was carried out by Network Admins over the past two weeks appear to have muted the worm. Here are some sample news headlines for this morning:
Internet users are an hour away from finding out if front-page headlines in the mainstream press and televised warnings from government cyber-security officials will do the trick of getting network administrators to protect their computer systems from the Code Red worm.
With hundreds of thousands of Windows Web servers already hit by the Internet worm called Code Red, the one thing on which almost all experts agree is that the intruder's self-imposed nap, which was coded to begin on by the 28th day of the month, has not put the threat to rest.
