Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Information Security News: Browsing with Browzar

Browsing with Browzar

From: InfoSec News <alerts_at_infosecnews.org>
Date: Thu, 7 Sep 2006 01:25:12 -0500 (CDT)

PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:

Unwrap the Hidden Benefits of Compliance
   http://list.windowsitpro.com/t?ctl=375A3:7EB890

Improve Software Quality and Reduce Costs
   http://list.windowsitpro.com/t?ctl=375A8:7EB890

Filtering the Spectrum of Internet Threats: Defending Against
Inappropriate Content, Spyware, IM, and P2P at the Perimeter
   http://list.windowsitpro.com/t?ctl=37597:7EB890

=== CONTENTS ===================================================

IN FOCUS: Browsing with Browzar

NEWS AND FEATURES
   - Firefox 2.0 Beta 2 Released
   - Sunbelt Discontinues LanHound, Sells Customer Base
   - 9 Ways to Diagnose Windows 2003 IPsec Problems
   - Recent Security Vulnerabilities

GIVE AND TAKE
   - Security Matters Blog: Microsoft Wants Your Help on Mobile
Security
   - FAQ: Hide Domain List During Logon
   - From the Forum: NTFS Permissions for Users with Multiple Group
Memberships
   - Share Your Security Tips
   - Microsoft Learning Paths for Security: A More Secure Platform
Through Identity and Access Management

PRODUCTS
   - Filter Fights Spyware
   - Wanted: Your Reviews of Products

RESOURCES AND EVENTS

FEATURED WHITE PAPER

ANNOUNCEMENTS

=== SPONSOR: Quest Software =====================================

Unwrap the Hidden Benefits of Compliance
   If your compliance solutions only address compliance, you're not
getting the most for your budget dollar. The new Quest Software white
paper, "Leveraging Business Value from Compliance Efforts," offers
expert tips for identifying compliance solutions with high business
value.
   Read the white paper now.
   http://list.windowsitpro.com/t?ctl=375A3:7EB890

=== IN FOCUS: Browsing with Browzar ============================
   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

There's a new Web browser in town and so far it looks pretty darn good,
especially from a privacy perspective. However, there is a caveat,
which I'll discuss in a moment. The new tool, called Browzar, is
available free to anyone. The current version is only 264.4KB in size.
That's not a misprint, it's really that small!

Browzar is billed as "the first ever 'freedom' Internet browser"
because of the way it works: It doesn't save a cache, history, cookies,
favorites, or other telltale information. When you close Browzar, any
information that was temporarily stored is automatically deleted, so
you don't need to remember to do that manually.

Using Browzar is incredibly simple to use because it's contained in a
single executable file, and technically you don't even need to install
Browzar onto a system. If your system allows you to, you could just go
to the Browzar site, click the download link, and tell the system to
open the file and run it.

I took Browzar for a test drive and surfed many Web sites. So far, I
haven't found any problems with compatibility. Browzar is currently
available for Windows 98 Second Edition and later, and requires
Microsoft IE 5.5 or later to be installed on the computer.

Obviously, Browzar gains a lot of its functionality based on the
capabilities of an already-installed copy of IE. When I tested the
tool, I found that it supports NTLM authentication, JavaScript, and
other features such as Adobe Systems' .pdf files and Flash. Components
to support the last two features were installed on the system I used to
test-drive Browzar.

A quick test also revealed that Browzar's reliance on IE extends to
IE's security settings. For example, if ActiveX controls and scripting
are disabled in IE, then sites that rely on those technologies won't
work in Browzar either.

Browzar's use of IE's rendering engine raises the question of just how
secure Browzar really is. Browzar being based on IE could be a major
drawback because many security vulnerabilities that affect IE will also
affect Browzar. So keep this mind if and when you use it. Browzar is
best suited for situations in which you want to make sure nobody will
be able to easily recover your browsing history and other sensitive
information that you might have entered while surfing various sites.

The only configuration settings available in Browzar are to have it
check for updates (which is useful if you've copied it to any type of
storage device) and to turn on or off the built-in pop-up blocker. The
interface is clean and simple, providing only the typical address box
along with the usual navigation buttons and a tiny search box at the
top right of the screen, similar to that in Mozilla Firefox. The search
box isn't configurable, so when you use it, your queries are sent to
the Browzar site, which runs its own search engine. I noticed that a
lot of the returned results are sponsored links. Of course, you're free
to visit any search engine you want by entering its URL into the
address box.

You can get the Windows version now at the URL below. Versions are also
planned for Mac OS X and Linux.
   http://list.windowsitpro.com/t?ctl=375AC:7EB890

Browzar will come in handy when you use shared computers, such as those
found at libraries, hotels, conferences and conventions, coffee shops,
and business partner and customer networks. Keep in mind that this
newly released tool is still in beta development, so while it worked
really well during my test, it does have bugs. For example, some people
report that it doesn't delete all cached Web pages and others report
that it sometimes might leave the last visited URL in IE's index.dat
file. I confirmed the latter bug through my own tests but wasn't able
to reproduce the first bug.

=== SPONSOR: Klocwork ===========================================

Improve Software Quality and Reduce Costs
   New White Paper from Klocwork: Improve software quality and reduce
life-cycle costs by incorporating Static Analysis tools into your
routine development processes. Results: More maintainable code, more
secure, reliable software and a more predictable development process.
Download White Paper.
   http://list.windowsitpro.com/t?ctl=375A8:7EB890

=== SECURITY NEWS AND FEATURES =================================

Firefox 2.0 Beta 2 Released
   Mozilla Foundation announced the availability of Firefox 2.0 Beta 2,
which includes many enhancements, including a few that improve the
browser's security.
   http://list.windowsitpro.com/t?ctl=375A0:7EB890

Sunbelt Discontinues LanHound, Sells Customer Base
   Sunbelt Software will cease development and distribution of
LanHound, the company's network analyzer product. Network Instruments
is offering Sunbelt's LanHound customers its Observer product as a
replacement for LanHound.
   http://list.windowsitpro.com/t?ctl=3759E:7EB890

9 Ways to Diagnose Windows 2003 IPsec Problems
   You've implemented IPsec to protect traffic on your organization's
LAN, and although you've followed all the technical documents
carefully, you aren't convinced that the traffic on your network is
actually protected from eavesdroppers. How can you reassure yourself
that IPsec is truly encrypting your computers' network traffic? Orin
Thomas shows you how in this article on our Web site.
   http://list.windowsitpro.com/t?ctl=37596:7EB890

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at
   http://list.windowsitpro.com/t?ctl=3759D:7EB890

=== SPONSOR: St. Bernard Software ==============================

Filtering the Spectrum of Internet Threats: Defending Against
Inappropriate Content, Spyware, IM, and P2P at the Perimeter
   Examine the threats of allowing unwanted or offensive content into
your network and learn about the technologies and methodologies to
defend against inappropriate content, spyware, IM, and P2P.
   http://list.windowsitpro.com/t?ctl=37597:7EB890

=== GIVE AND TAKE ==============================================

SECURITY MATTERS BLOG: Microsoft Wants Your Help on Mobile Security
   by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=375A7:7EB890

Bill Canning, program manager for Microsoft Solutions for Security and
Compliance, posted a message in the company's SecGuide blog asking for
help in developing a solution to protect data on laptops against loss
or theft. Read this blog item to find out how you can help.
   http://list.windowsitpro.com/t?ctl=3759F:7EB890

FAQ: Hide Domain List During Logon
   by John Savill, http://list.windowsitpro.com/t?ctl=375A5:7EB890

Q: How can I use Group Policy to hide the domain drop-down list in the
Windows logon dialog box?

Find the answer at
   http://list.windowsitpro.com/t?ctl=37594:7EB890

FROM THE FORUM: NTFS Permissions for Users with Multiple Group
Memberships
   A forum participant has a particular folder to which one user in a
particular group needs read and write access but the rest of the group
should not have access. He wonders how best to arrange NTFS permissions
to accomplish that. Join the discussion at:
   http://list.windowsitpro.com/t?ctl=37595:7EB890

SHARE YOUR SECURITY TIPS AND GET $100
   Share your security-related tips, comments, or problems and
solutions in the Windows IT Security print newsletter's
Reader to Reader column. Email your contributions to
r2rwinitsec_at_windowsitpro.com. If we print your submission, you'll
get $100. We edit submissions for style, grammar, and length.

MICROSOFT LEARNING PATHS FOR SECURITY: A More Secure Platform Through
Identity and Access Management
   Take the either/or scenario out of asset accessibility and security.
By automating management, IT departments can reduce operational costs
while improving security. Use the resources listed on the Microsoft
Learning Paths Web page to get in-depth information about identity and
access management--the simplified, secure sharing of digital identities
across security boundaries. Find out how to provide a secure
environment for managing user identities, authentication methods, and
access rights across an organization's internal and external users.
   http://list.windowsitpro.com/t?ctl=375A4:7EB890

=== PRODUCTS ===================================================
   by Renee Munshi, products_at_windowsitpro.com

Filter Fights Spyware
   NullBound announced the NullBound Malware Prevention System, a
filtering system that watches Internet traffic for incoming spyware and
blocks the malware from entering your network. You can download
NullBound Malware Prevention System for free from the NullBound Web
site and receive free monthly updates. Or you can purchase a
subscription (a one-year subscription starts at $400 for up to 49
users) and receive updates as soon as they're available. For more
information, go to
   http://list.windowsitpro.com/t?ctl=375AD:7EB890

WANTED: your reviews of products you've tested and used in
production. Send your experiences and ratings of products to
whatshot_at_windowsitpro.com and get a Best Buy gift certificate.

=== RESOURCES AND EVENTS =======================================

ORACLE AND SQL... BETTER TOGETHER?
   Attend the 2006 Cross Platform Data roadshows to learn about
optimizing 64-bit database computing, business intelligence for SQL
Server and Oracle, high-availability proof points for database
computing, and implications of architectural differences between Oracle
and SQL. Coming to 12 US cities in September and October.
   http://list.windowsitpro.com/t?ctl=3759C:7EB890 Connections Conference
 
Now in its seventh year, Windows Connections returns November 6-9 to
Mandalay Bay in Las Vegas. Don't miss your chance to interact with
industry experts and hear the latest information on Windows Server
2003, Windows 2000 Server, and Windows XP Professional! Register, then
attend sessions at Microsoft Exchange Connections FREE!
   http://list.windowsitpro.com/t?ctl=375AA:7EB890

Are you protected company-wide against spyware, keyloggers, adware, and
backdoor Trojan horses? Test a state-of-the-art scanning engine that
uses threat signatures from multiple sources to track down the culprits
that antivirus solutions alone can't protect you from. Download your
free 30-day trial of CounterSpy Enterprise today!
   http://list.windowsitpro.com/t?ctl=37599:7EB890

Ensure that you're being effective with your internal network security.
Are your DIY options protecting you against worms, BotNets, Trojans and
hackers? Make sure! On-Demand Web Seminar
   http://list.windowsitpro.com/t?ctl=37598:7EB890

Take an up-to-date look at secure, remote access to corporate
applications and stay ahead of the curve when making decisions about
near- and long-term IT infrastructure. On-Demand Web Seminar
   http://list.windowsitpro.com/t?ctl=3759B:7EB890

=== FEATURED WHITE PAPER =======================================

Do you want to block unwanted or undesirable email? Download this free
whitepaper to learn how to manage the content of information crossing
your network.
   http://list.windowsitpro.com/t?ctl=3759A:7EB890

=== ANNOUNCEMENTS ==============================================

Uncover Essential Windows Knowledge Through Excavator
   Try out the ultimate vertical search tool--Windows Excavator.
Windows Excavator gives you fast, thorough third-party information
while filtering out unwanted content. Visit
   http://list.windowsitpro.com/t?ctl=375AB:7EB890 today!

Discounted Offer for the Windows IT Pro Master CD
   Save 50% off the Windows IT Pro Master CD! Order now and get access
to the entire Windows IT Pro article database on CD. Subscribe now:
   http://list.windowsitpro.com/t?ctl=375A1:7EB890

================================================================

Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and the Windows IT Security newsletter
(subscribe at the second URL below).
   http://list.windowsitpro.com/t?ctl=375A6:7EB890
   https://store.pentontech.com/index.cfm?s=1&promocode=eu255xsb

Subscribe to Security UPDATE at
   http://list.windowsitpro.com/t?ctl=375A2:7EB890

Be sure to add Security_UPDATE_at_list.windowsitpro.com
to your antispam software's list of allowed senders.

To contact us:
   About Security UPDATE content -- letters_at_windowsitpro.com
   About technical questions -- http://list.windowsitpro.com/t?ctl=375A9:7EB890
   About your product news -- products_at_windowsitpro.com
   About your subscription -- windowsitproupdate_at_windowsitpro.com
   About sponsoring Security UPDATE -- salesopps_at_windowsitpro.com

View the Windows IT Pro privacy policy at
   http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2006, Penton Media, Inc. All rights reserved.

_________________________________
HITBSecConf2006 - Malaysia
The largest network security event in Asia
32 internationally renowned speakers
7 tracks of hands-on technical training sessions.
Register now: http://conference.hitb.org/hitbsecconf2006kl/
Received on Sep 06 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]