SoCalITProAssociation Newsletter
Volume 2 Number 10
Southern California Information Technology Professional Association October 1, 2004
Welcome Members, Visitors and Friends!
Inside this Issue:
Microsoft warns of 22 new security flaws
Randy Hudson warns of problem with SP2
Meeting Announcement: October 14, 2004
Previous Meeting...
Opinions and Commentary Department:
Reader Feedback
Final Notes…
Email the Editor
And Now, The News...
Microsoft warns of 22 new security flaws
The following is plagiarized directly from ZDNet without permission...but I thought you should know as soon as possible:
Microsoft on Tuesday published 10 software security advisories, warning Windows users and corporate administrators of 22 new flaws that affect the company's products.
The advisories, and patches published with the bulletins, range from an "important" flaw affecting only Microsoft Windows NT Server to a collection of eight security holes, including three rated "critical," that leave Internet Explorer open to attack. Microsoft's highest severity rating for software flaws is its "critical" ranking, while "important" is considered slightly less severe.
One flaw, in Microsoft Excel, even affects Apple Computer's Mac OS X.
The abundance of flaws could leave corporate PCs vulnerable to attack if administrators are not able to patch quickly.
Top
Randy Hudson warns of problem with SP2
According to Randy, before installing XP SP2, you mus disable all virtual DVDs, or access to them will be lost.
Top
Meeting Announcement: Thursday, September 14, 2004
Article by Dick Porter
Disaster Recovery/Avoidance by Raptor Networks Technology
Disaster Recovery, or how data gets lost...
Disaster Avoidance, or not to lose it in the first place...
Presented by Edwin Hoffman, Chief Development Officer & co-Founder. Featured product: Ether-Raptor ER=1010.
ehoffman@raptor-networks.com.
http://www.raptor-networks.com
Server-Based Computing by triCerat
A lot of people are interested in the possibilities of server-based computing and how it can help them reduce administration costs by centralizing software deployments and upgrades. However, while server-based computing can simplify application administration and user management, to be most effective it needs to be done well, and if it's not done well then your user base will be cranky and assume that the problem lies with server-based computing. In this session, you'll learn both tactical planning tips and how triCerat tools can help make your server farm as effective and stable as possible: not just from Day One, but from Day Zero.
Presented by Christa Anderson, a Windows Server and Terminal Services MVP, who is the senior technologist for triCerat, Inc and an internationally known authority on server-based computing. Author of Windows Terminal Services, The Definitive Guide to MetaFrame XP, and co-author of the best selling Mastering Windows 2003 Server, she is also a senior contributing editor to Windows IT Pro Magazine and a regular speaker at industry events. Christa is a member of the Culminus speaker's bureau and a member of the Culminus Taskforce on Building Security Awareness. You can reach her at canderson@tricerat.com.
http://www.tricerat.com
MCT Corner:
This month's topic is the new Active Directory Restore Feature, presented by Pat Utley, MCT; and will be presented at 6:30 pm courtesy of QuickStart Intelligence.
Door prizes and software.
As always please RSVP on the http://www.SoCalITPro.org website. The link is on the lower left hand side of the home page.
Top
At the Previous Meeting...
First, Dr. Jayant Shukla, President and CTO of Trlokom, Inc., http://www.Trlokom.com, discussed Endpoint Security for Enterprise Networks. Dr. Shukla defined enterprise network security in terms of defending the network perimiter, securing servers, securing remote nodes, securing the network against internal attacks, securing against application vulnerability, and securing the confidentiality of enterprise data. He pointed out that the old approach of simply securing the LAN behind a perimeter firewall no longer work, because virus attacks come in through email, and the corporate road warriors connect directly to the internal net through VPN, spreading infections throughout. Sometimes, users install some purportedly useful freeware, unwittingly releasing a hidden trojan.
The modern approach is to use client-based security on every system, constant monitoring of the entire network, and superior management tools to manage clients, both within the LAN, and remotely.
Of course, as end-point security evolves, so do the hackers. The end-point is your weakest link. You should consider that your mobile end-points are always in a hostile environment, and it must be remembered that the next security breach is only a matter of time.
So what should you look for when considering the purchase of security software for your network?
· What aspects are covered or not covered (Perimeter, wireless, end-point etc.)
· Scalability
· Weakest link (the end-point)
· Policy management
· Product management (Installation, upgrades, policy pushes etc.)
· Compatibility with existing infrastructure
Trlokom's product, OmniVPN™, offers a host-based, site-to-site VPN and perimeter firewall, with IDS/IPS, remote VPN clients, centralized management, network monitoring and traffic shaping. It can centrally manage firewall policies, VPN and secure LAN policies, and application policies. Exerting control over applications at the end host, it prevents the spread of worm, trojans and other viruses, controls unauthorized applications, and detects compromised machines. OmniVPN's control over network traffic and the applications that generate it provide ironclad security. Wireless LANs are also secured automatically. It can scale to secure several hundred-thousand nodes.
OmniVPN's software updates are centrally managed, and the timing and order of updates are controllable. Out of sync nodes are automatically upgraded when they re-join the network. For the endpoint host, Trlokom offers their Katana client software. Stripped down for small business and home use, Katana has a firewall and VPN client, but lacks advanced management features. These products seem quite reasonable, with OmniVPN™ priced at only $200/gateway, and Katana at $50/client.
OmniVPN™ is a complete solution, offering strong end point security,
network monitoring, traffic shaping, interoperability with other leading VPN gateways,
and centralized management of policies and software. For further details, go to http://www.Trlokom.com!
Next Patti Kivel, pkivel@mxlogic.com of MXLogic, Inc., http://www.mxlogic.com, gave us an intriguing view of a real-time SPAM defense. The way it works, is that MXLogic becomes the last hop outside your corporate environment, filtering spam from all email before it enters your network, which means you spend nothing on hardware, software, and almost nothing on configuration (that will take up a few minutes of your Admin's time). Furthermore, MXLogic will protect you against DoS attacks, and directory harvest attacks. All you really need to do is to point your MX records to MXLogic (and through them to your ISP) to provide filtering. And MXLogic has never had downtime!
FYI: MXLogic believes that forty-five to sixty percent of all inbound email is unwanted cra...uh...spam. Spam saps 1.4% of worker productivity, which means that one of every seventy-two workers is temporarily useless. By 2005, it is expected that there will be an average of 35,000,000,000 per day, 80% of which will be spam. By the way, make sure your users turn off the Preview Pane in their email clients. A web-bug is a device that, if the preview pane is on, will automatically report your email address back to its sender. Nasty, huh?
MXLogic uses advanced heuristic algorithms to detect spam in a Scan & Forward system. They will store everything for seven days by default. They will maintain statistics for two months. Their false positive rate is approximately 0.004%. While MXLogic provides the service, your local administrator has full control of the filtering process. Because the service is outside your perimeter, it reduces the loss or waste of your prescious bandwidth. What about the realtime delay in delivery? Only 300 milliseconds! A third of a second? You don't really need to worry about that. It'll take you longer just to click on the mail and open it. And, oh, they also filter out viruses, too!
So, how much would you expect to pay for this inestimably valuable front door to your email service? Thousands? Millions? How about $1.95 per user per month! That's all? Well there is a $30 per month minimum charge, but Leaping Lizards! that's cheap! So I guess now you'll be wantin' ta see that ol' URL again, so's y'all can click on it, an order the service today...http://www.mxlogic.com.
Top
Opinions and Commentary Department: Wireless Access Points--Which one to choose?
After the meeting, last month, our Vice President, Randy Hudson, expressed displeasure over the performance of the wireless access point in use during our monthly meetings. He was unable to link through it. So I asked him what Wireless Access Point would he consider to be the best, or at least, which would he recommend. Randy's first choice would be the Cisco WAP, although it is quite expensive, and is rather difficult to configure. I asked what might be his second choice. Randy responded that either the Netgear or Linksys models would be in second place, although he has a slight preference for the Netgear unit, mentioning that it has a slightly greater range.
Do you have an opinion on this? Hello! Are you there?
Top
Reader Feedback
'Aaa Mahn, wha'chu got to say? I don' hear no rumbling in the ranks...
--Editor
Top
Final Notes…
> Nogginfest 2004 Our December meeting is usually an open house where members can meet with vendors of interest to us. As of this writing, we have very few vendors for this year's event, and we would appreciate your input as to corporations or products you would like to see at Nogginfest. Please
> If you any ideas for an article that you might like to write for this Newsletter, or about any third-party software that you would like to share with our members, please submit your article to the Editor, contact information below. Please use the Rich Text Format (.rtf file) for your article, and in the subject line of your email, put the word, Newsletter, so I don't accidently delete your email. (I tend to delete emails from people I don't know unless the subject line clearly indicates something important.)
See you at the meeting on Thursday, October 14, 2004, enjoy!
Robert Holtzman,
Editor
rholtzman@socalitpro.org
Top
SoCal IT Pro/OCNTUG Newsletter
Volume 2 No. 10 10/01/2004
**30**