|
News for
042099
|
contributed by Brent Huston
Brent Huston returns with an article in the Buffer Overflow section on how
IT staff members may not be seeing the whole security picture. And
describes how IT managers need to realize that there is no 'magic bullet'
to information security.
Buffer
Overflow
|
|
contributed by Silicosis
Instead of billing for time spent Network-1 has started a new plan that
will bill customers $5995 for a penetration test of up to three Internet
connections and one Class C. This new package is to be offered to the
federal government under the GSA schedule. (Interesting quote from
Network-1 "We don't use hackers". Ummmm, yeah sure. Just how the hell do
you know? Oh, you did a background check. Yeah, OK, sure.)
It will be interesting to see how this sort of commodity pricing will
effect the security industry. This gives consumers the false impression
that all penetration tests are the same and that they should only be
compared by price. We think this will have one of two effects if a full
blown price war happens; people will get smart and the cheap guys will go
out of business, or, people really won't do due diligence in security
research and the cheap guys will get rich while the true security people
stay in a niche market amongst those in the know.
Federal
Computer Week
Network-1
|
|
contributed by Dildog
Want to know if someone is breaking into your PC? Intruder Alert '99
claims to protect your personal computer from unwanted attacks and allows
you to "track down your Intruder's ISP" and even gives you a map of the
location. While this page is a little light on technical details this
application looks like nothing more than a glorified port activity logger.
We wonder how they handle spoofed addresses?
Intruder
Alert
|
|
contributed by Code Kid
Which is worse, the Melissa Virus or Network Associates VirusScan 4.0.2
designed to discover and kill the pesky macro? Network Associates has
acknowledged conflicts between VirusScan 4.0.2 Service Pack 1 and
Microsoft Outlook 98 and Novell's Client32.
MSNBC
In a recent hearing in front of the House Subcommittee on Technology Rep.
Anthony Weiner pressured FBI Infowar Chief Michael Vatis on exactly how
the FBI was able to track down David L. Smith the alleged creator of the
Melissa Virus. Rep. Weiner is asking questions that we think everyone
would like the answer to. Unfortunately the FBI isn't all that forthcoming
in its answers.
ZD
Net
|
|
contributed by kingbong
The Rand Corporation has released a paper that claims terrorists will use
the internet in the future to purse campaigns of terror and for increased
communications amongst themselves. The report prepared for the Air Force
recommends that they stop modernizing computers and communications links
as this will give terrorists opportunities that did not exists before.
(This is like saying you shouldn't build a window because someone might
break it.)
Wired
Countering
the New Terrorism
|
|
contributed by Space Rogue
A $2.8 Billion system is to be used by the FAA to monitor airline
passengers. Traveler information will be run through the FAAs secret
algorithm and matched against a terrorist profile. If passengers fit the
profile, or are chosen at random, increased security will be given to
their luggage. While some airlines (NorthWest) have already voluntarily
implemented computer-assisted passenger screening programs (CAPS), the FAA
may make it mandatory for all airlines. (Hmmm, maybe I won't go to DefCon
after all.)
Wired
|
|
contributed by obscure_
Interesting article that links high pressure IT jobs such as programmers
and engineers with increased drug use. With money to burn from the high
salaries many high-tech employees look to drugs as an outlet for their
work a day pressures.
The
Independent
|
|
contributed by Anonymous
Russians on the Prowl
There seems to be a increase in cracks of US military sites originating
from Russia. With the recent anti-US stance of President Boris Yelstin in
regards to the NATO bombings of Kosovo many Russian crackers are not
fearful of prosecution by US authorities. Some recent cracks include the
Commander of Naval Forces in Guam (www.guam.navy.mil), the Military
District of Washington (mdw-www.army.mil), the Joint Tactical Unmanned
Aerial Vehicle Project (www.jtuav.redstone.army.mil) and the Department
of Navy Acquisition Reform (www.acq-ref.navy.mil). We where able to grab a
mirror of yesterdays crack of the Anniston Army Depot (www-anad.army.mil).
Defaced Pages Archive
|
|
|
