SECURITY WIRE DIGEST, VOL. 1, NO. 8, NOV. 22, 1999

[mea culpa <jericho () DIMENSIONAL COM>]

From: infosecurity () emailch com


SECURITY WIRE DIGEST, VOL. 1, NO. 8, NOV. 22, 1999

Security Wire Digest is a weekly e-mail newsletter
brought to you by Information Security magazine, an
ICSA.net publication.

TO UNSUBSCRIBE, REFER TO THE INSTRUCTIONS AT THE END OF
THIS MESSAGE.

=====================================================

CONTENTS

**THANKSGIVING NOTICE**

1. INFOSEC WEEK IN REVIEW
*Enterprise Security Management a Hot Topic at CSI

2. INDUSTRY BRIEFS
*HP VirtualVault 4.0 Goes Mainstream
*eNABLE Supports Rainbow and RSA
*Celo Debuts CeloCom VPN Suite
*RSA Joins Trusted Computing Platform Alliance
*Entegrity Partners With Identrus
*Schlumberger Introduces Easyflex Corporate
*Identix BioLogon Available Online
*Tumbleweed Acquires Worldtalk

3. HAPPENINGS

4. SECURITY PERSPECTIVES
*Exposing Hacking With Hacking Exposed
By Ben Rothke

=====================================================
THIS ISSUE OF SECURITY WIRE DIGEST IS SPONSORED BY...
Agilent Technology SFProtect NT Security Scanner

SFProtect NT Security Scanner is the ONE software
solution that empowers you to find and fix NT
vulnerabilities with one single application. How?
SFProtect scans the NT operation system, IIS and SQL
version 6.5 and 7.0 for security vulnerabilities. Once
identified, problems can be fixed with SFProtect's unique
Intellifix feature. You can also get e-mail notification
of audit results, reports in HTML, remote operation
through a secure ODBC link and more.

Download your free trial version today:
http://www.agilent.com/comms/netsecurity9
=====================================================

**THANKSGIVING NOTICE**
Security Wire Digest will take a one-issue hiatus next
week due to U.S. Thanksgiving festivities. The next
Security Wire Digest will be delivered on Monday, Dec.
6.

=====================================================

1. INFOSEC WEEK IN REVIEW

*ENTERPRISE SECURITY ADMINISTRATION A HOT TOPIC AT CSI
Easing the burdens of security administration is on the
minds of lots of security practitioners these days. As
organizations introduce new technologies and services to
network infrastructures, security admins and managers are
faced with the complex task of not only finding and
fixing new vulnerabilities before they are exploited, but
identifying and responding to breaches after they've
already occurred.

Last week at CSI's annual security conference, a number
of vendors introduced new tools and enhancements to
existing products that respond to this need by
automating, centralizing and simplifying the task of
enterprise risk management and intrusion response.

BindView Development Corp. (http://www.bindview.corp)
announced version 2.0 of its HackerShield software, an
enterprise vulnerability scanner that allows operators to
find and close security holes in servers, workstations
and network devices across a heterogeneous network.
Available in December, version 2.0 is engineered with the
increasing number of security newbies in mind; while its
database of vulnerability scripts is as extensive as that
of other enterprise-class scanners, the tool deploys fast
and is easy to configure and use. It includes a handy
Scan Wizard that walks new users through the first-time
scanning process, and when a vulnerability or breach is
identified, it uses plain language to spell out the
degree of risk and appropriate response procedures.

BMC Software (http://www.bmc.com) rolled out an
enhancement to its CONTROL-SA security suite that extends
the reach of its centralized management offering.
CONTROL-SA/Links allows admins and managers to create
event definitions and automated rulesets for disparate
parts of the enterprise network. For instance, security
managers can integrate human resource applications within
the security administration process. If a new employee
joins the organization, CONTROL-SA/Links can be directed
to intercept certain HR transactions and automatically
initiate end-user rights for the new employee.

By year-end, newcomer e-Security
(http://www.esecurityinc.com) plans to introduce a
"Management Desk" to its Open e-Security Platform (OeSP)
to help operators respond to identified security
breaches. OeSP's competitive differentiator is that it
consolidates reports of security "exceptions" in
real-time from fragmented security products -- no matter
the product brand. When the central console receives
notice of an intrusion, the Management Desk will
automatically generate a step-by-step response outline
according to the organization's predefined security
policy, contact appropriate personnel and monitor
security response procedures.

Version 5.5 of Network Associates's (http://www.nai.com)
CyberCop vulnerability scanner also automates several
administrative tasks. Its AutoFix feature automatically
repairs more than 700 identified network, protocol and
application vulnerabilities, and its AutoUpdate feature
lets admins update the scanning engine and vulnerability
database on a regular, automatic basis.

Computer Associates (http://www.cai.com) announced an
access control enhancement to its eTrust family of
security tools. With the simultaneous release of eTrust
Access Control 5.0 for UNIX and eTrust Access Control 4.1
for NT, CA provides users with a centralized system for
creating, distributing and managing access. The tools
also operate within CA's flagship enterprise management
system, Unicenter TNG.

Finally, BullSoft (http://www.bullsoft.com) announced
that it has integrated storage management capabilities
into its OpenMaster secure e-infrastructure and
enterprise management software. The added capability
allows organizations to select and configure
best-of-breed Internet and enterprise-wide storage
resources, and manage all them from a centralized
OpenMaster console.OpenMaster storage management
configuration starts at $18,900, which includes core
services such as network monitoring, alarm management and
network discovery.

=====================================================

2. INDUSTRY BRIEFS

*HP VIRTUALVAULT 4.0 GOES MAINSTREAM
Hewlett-Packard last week announced major enhancements
and new pricing to its Praesidium VirtualVault 4.0
trusted Web-server platform. The latest version of
VirtualVault provides application-level protection for
such b-to-b applications as SAP, Oracle and Ariba; and
supports a broader range of enterprise server platforms,
including Sun, Microsoft, Compaq and IBM. Optional BMC
Software Patrol SafePassage for VirtualVault simplifies
the deployment of secure extranets. Entry-level price for
VirtualVault is now $17,500.
http://www.hp.com/security

*eNABLE SUPPORTS RAINBOW AND RSA
eNABLE Solutions and Rainbow Technologies will develop
an integrated solution that combines enRole, eNABLE's
e-business access management system, with iKey, Rainbow's
USB authentication device, providing end-users with
two-factor hardware authentication in a scalable
solution. In related news, eNABLE announced that it has
enhanced enRole to provide support for RSA ACE/Server
authentication management software from RSA Security.
http://www.enablesolutions.com
http://www.rainbow.com
http://www.rsasecurity.com

*CELO DEBUTS CELOCOM VPN SUITE
Fully integrated with Celo Communications's PKI
technology, the CeloCom VPN suite offers authentication,
encryption and full X.509 and LDAP compliance. The suite
can be integrated into existing networks and can
interoperate with other VPN products, certificate
management systems, smart cards and readers, and LDAP
directory services. The suite is comprised of four
CeloCom products: CeloCom Secure remote access, CeloCom
RVPN and CeloCom LVPN remote VPN clients, and CeloCom
GateKeeper remote access server.
http://www.celocom.com

*RSA JOINS TRUSTED COMPUTING PLATFORM ALLIANCE
RSA Security Inc. joined the Trusted Computing Platform
Alliance (TCPA), an industry group whose goal is to
establish a new hardware and software specification that
technology companies can use to offer more trusted and
secure personal computers for conducting e-business. RSA
Security will work alongside founding members Compaq, HP,
IBM, Intel and Microsoft to simplify the RSA deployment,
use and manageability of SecurID technologies by
enhancing and standardizing security at the level of the
platform hardware, BIOS and operating system.
http://www.rsasecurity.com

*ENTEGRITY PARTNERS WITH IDENTRUS
Secure e-business applications provider Entegrity
Solutions has announced an agreement with the Identrus
alliance to develop enterprise-ready solutions based on
the Identrus trust model that meet Identrus
specifications for global e-commerce interoperability and
security. Using cryptography and PKI technology,
Entegrity will work with Identrus-member financial
institutions and solution providers to "trust-enable"
standard, legacy and custom applications used for b-to-b
e-commerce. Identrus members now represent 11 global
financial institutions in more than 100 countries with
more than 8 million business relationships.
http://www.entegrity.com
http://www.identrus.com

*SCHLUMBERGER INTRODUCES EASYFLEX CORPORATE
In order to meet the growing security concerns of the
corporate market, Schlumberger has introduced Easyflex
Corporate, a new dual-interface contact/contactless smart
card that facilitates secure access to the real and
virtual desktop. The card controls physical access to
offices, buildings and parking lots through its
contactless interface, as well as logical access to
computers, servers and networks through its secure
contact interface.
http://www.smartcards.com

*IDENTIX BIOLOGON AVAILABLE ONLINE
Biometric security provider Identix last week made its
BioLogon network security fingerprint identification
software and hardware available as a new product at
Beyond.com's Web site. Visitors to Beyond.com can
download the BioLogon fingerprint identification suite,
and obtain biometric hardware readers in multiple
options.
http://www.beyond.com
http://www.identix.com

*TUMBLEWEED ACQUIRES WORLDTALK
Secure messaging provider Tumbleweed Communications
Corp. last week announced a definitive agreement to
acquire Worldtalk Corp. When combined with Worldtalk's
WorldSecure e-mail content filtering products,
Tumbleweed's Integrated Messaging Exchange (IME) will
enable customers to centrally define and enforce policies
that drive new traffic across IME. Worldtalk will become
a wholly owned subsidiary of Tumbleweed. The transaction
is expected to close in the first quarter of 2000. Terms
were not released.
http://www.tumbleweed.com
http://www.worldtalk.com

=====================================================

3. HAPPENINGS

Cards on the 'Net -- Smart Cards and ID Technology:
Unlocking the Commercial Potential of the Web
Tu-Th, Nov. 30-Dec. 2, San Francisco, Calif.
http://www.ctst.com

DECEMBER
IT Solutions & Information Assurance Conference
W, Dec. 1, Los Angeles, Calif.
W & Th, Dec. 8 & 9, Colorado Springs, Colo.
http://www.technologyforums.com

18th Annual Data Center Conference: Taking the Data
Center to E-business and Beyond
W-F, Dec. 1-3, Orlando, Fla.
http://www.gartner.com

15th Annual Computer Security
Applications Conference
M-F, Dec. 6-10, Phoenix, Ariz.
http://www.acsac.org

Web and Intranet Security
T-Th, Dec. 7-9 Orlando, Fla.
http://www.misti.com

Web and Intranet Security
T-Th, Dec. 7-9 Orlando, Fla.
http://www.misti.com

SANS Security San Francisco
S-Th, Dec. 11-16, San Francisco, Calif.
http://www.sans.org/sf99/sf99.htm

Extranet Security
M-W, Dec. 13-15 San Francisco, Calif.
http://www.unex.berkeley.edu/eng

=====================================================

4. SECURITY PERSPECTIVES

*EXPOSING HACKING WITH HACKING EXPOSED
By Ben Rothke

Do books about hacking create more hackers? Is corporate
America at risk due to such titles?

Many people in the computer industry feel that such
dissemination of information is a sure way to increase
computer malevolence. The question has been re-ignited
with the publication of Hacking Exposed: Network Security
Secrets and Solutions, by Stuart McClure, Joel Scambray
and George Kurtz, all formerly with Ernst & Young's
e-security group. Are such titles simply cookbooks for
those attempting to perform computer crimes? The
knee-jerk answer might be yes, but in reality, the answer
is a clear no.

As an example, will the reader of Adventures in the
Kitchen by Wolfgang Puck emerge as a gourmet chef, or
will the reader of Dr. Atkins's New Diet Revolution lose
weight by reading the book? While the written word is
powerful, and Hacking Exposed is indeed a powerful book,
there is no way for a book to instantaneously turn a
novice into a dangerous hacker.

While a preponderance of corporate systems are indeed
insecure, it is irresponsible and capricious to think
that the mere appearance of a book such as Hacking
Exposed will create a landslide of hacker activity. Such
an allegation is simply an attempt to transfer corporate
America's apathy towards information security, and apply
a quick blame to a much larger problem.

Anyone who views hacking as an exercise in reading a
book does not understand hacking, nor the nature of
securing computer systems. True, the book lists tools and
exercises that will make a hacking exercise easier. But
to perform a real hack is something that takes more than
the book has to offer. The authors state something to the
effect of, "hacking root is a state of mind." With such a
mantra, the true hacker will know that running a few
handy tools or scripts will only provide them with a
start to their hacking endeavor. When the tools fail,
where will they go on? If not their own fortitude, their
own quest for root, a quest that can not be found in any
book, then the hacking attempt will quickly end there.

Want to know a secret? Contrary to the movies and CNN
reports, hacking is a pretty boring exercise. Just as a
novice hunter will tire after a short while, so too will
a script kiddie wear down easily. For the novice hacker,
the appearance of a book about hacking will neither help
nor hinder his aspirations. Traversing through networks,
servers and myriad hosts is tedious at best for the
greenhorn. It is only the media and uninitiated who
attempt to glamorize such activities.

Hacking Exposed is an important title for those who are
interested in securing their systems, and know what the
innumerable vulnerabilities within their systems are.
Will such a title unleash a new wave of hackers? No.

Ben Rothke (brothke () ebnetworks com) is a network
security consultant with eB Networks Inc.

=====================================================
ADVERTISEMENT
ICSA.net announces a free Webcast, "An Overview of
Intrusion Detection Technologies," to air on Dec. 9,
1999. This one-hour seminar will explain intrusion
detection and vulnerability assessment in clear terms, as
well as announce the new ICSA Intrusion Detection Buyers'
Guide, an online resource for decision-makers. For
details, visit http://www.icsa.net.
=====================================================

Security Wire Digest and Information Security magazine
are published by ICSA.net, the world's leader in Internet
Security services.

Copyright (c) 1999. All rights reserved. No portion of
this newsletter may be redistributed or republished in
any format without the express consent of the publisher.
=====================================================

To SUBSCRIBE to Security Wire Digest, go to:
http://www.infosecuritymag.com/newsletter

To UNSUBSCRIBE to Security Wire Digest, go to:
http://custserv.emailch.com/removeme/unsub.cfm?j=11887&e=jericho () dimensional com

To CHANGE your e-mail address, go to:
http://polaris.emailch.com/infosecurity/questionnaire.cfm?e=jericho () dimensional com

.. email integration by EmailChannel, Inc.
For more information, send email to info () emailch com
or please visit http://www.emailch.com

ISN is sponsored by Security-Focus.COM