Networking

W32.Sircam.Worm@mm arrives with a random subject line, which will be a file name of a document in the users computer. The worm tends to target office documents such as Excel and Word and will attached that document to an email, which is sent to everyone in the user's address book.

The worm is particularly dangerous because it cannot be identified by the subject line and message, therefore filtering for subject lines and attachments is ineffective, according to Symantec's David Banes.

eEye who discovered the original Code Red worm which has been wreaking havoc worldwide this week said late Friday that it has identified a variant of the worm which is harder to track.

Here is the advisory from the guys over at SSH regarding the vuln in the ssh 3.0.0

Dear Secure Shell Community,

More than 100,000 infected servers are programmed to flood the Whitehouse.gov address with data, potentially slowing parts of the Net to a crawl. An analysis of the fast-spreading "Code Red" computer worm reveals that infected computers are programmed to attack the White House Web site with a denial-of-service attack Thursday evening, potentially slowing parts of the Internet to a crawl.

PricewaterhouseCoopers will audit the security of the Commonwealth Bank of Australia's NetBank online banking operations after allegations part of its online banking system was open to compromise. A bank spokesman said today it was taking seriously media comments from what it identified as a former information technology employee of bookkeeping software maker Reckon that the bank's QuickLine small business banking software, used by about 50,000 bank customers, was open to exploits.

Reckon makes QuickBooks, software that is used in the QuickLine application supported by NetBank.

This article is a link to the contents of DNS Security Chapter of the O'Reilly DNS book. Why should you care about DNS security? Why go to the trouble of securing a service that mostly maps names to addresses? Let us tell you a story. In July 1997, during two periods of several days, users around the Internet who typed www.internic.net into their web browsers thinking they were going to the InterNIC's web site instead ended up at a web site belonging to the AlterNIC.

Raytheon Company announced today that its SilentRunner(TM) software has been verified once again as a one-of-a- kind network analysis system by the U.S. Patent and Trademark Office. With the awarding of the patent, SilentRunner stands alone in the field of network security with its Discovery, Visualization and Analysis system that allows administrators to virtually "fly through" their company's network in 3-D to look for unusual usage patterns which may signal a breach of security.

A Finnish university project to test the security of communications protocols has revealed serious vulnerabilities in several implementations of the Lightweight Directory Access Protocol (LDAP) affecting products such as Lotus Development Corp.'s Domino and Microsoft Corp.'s Exchange servers.

The vulnerabilities, which could result in denial-of-service attacks and unauthorized privileged access, were discovered in LDAP-enabled products from nine vendors, according to an advisory posted this morning by the CERT Coordination Center at Carnegie Mellon University in Pittsburgh.

Hardening BSD is definitely trickier than hardening a Linux based workstation being that the top 3 distributions of BSD, Net, Open, Free, have done an excellent job of strengthening the systems on their own. Using FreeBSD at home while I write this, I'll try to focus in on it, but in general (and I may get flamed from the OpenBSD advocates or even NetBSD advocates) you could follow suit between the three. (Dare I say it)

Companies have been concerned for years that they might get hacked. Now, they're also worried about getting whacked. Whacking is wireless hacking, usually done by a person who's in the right place at the right time with the right kind of radio transceiver. By whacking, an intruder can tap into private communications going across almost any wireless network.