NewsLine 2000: Tips, Tricks and Information | ||
 | ||
|
NETWORK SECURITY TESTING |
THE PROBLEM
As your computer network becomes more complex it becomes harder to stay on top of potential security threats. Computer networks are growing larger, more dynamic and more complex and so the security threat increases exponentially.
THE SOLUTION
Axent NetRecon helps to secure your organization's e-business by eliminating common security vulnerabilities before an intruder is given the opportunity to exploit them and attack.
THIS MEANS...
You know what your security weaknesses are and how you can harden your systems against attack.
You can re-check your security system after any change - no need to bring in the consultants each time, or run the risk of having security loop-holes.
You can constantly check that changes by remote operators or users have not introduced security weaknesses - and plug them if they have.
DETAILS
Step 1: Assessing your network's vulnerabilities:
NetRecon is a network vulnerability assessment tool that discovers, analyses and reports holes in network security.
NetRecon does this by conducting an external assessment of network security by scanning and probing systems on the network. NetRecon re-enacts common intrusion or attack scenarios to identify and report network vulnerabilities, while suggesting corrective actions.
Move beyond simple serial vulnerability detection and reporting with risk assessment based on the holistic/whole view of your network. One weak link in the network may contribute to the highest risk vulnerabilities. NetRecon differs from other scanners by offering a unique, patent pending Progressive Scanning technology that challenges your network and systems like a sophisticated tiger team - executing checks in parallel and sharing information obtained during the scan to search for deeper weaknesses. In addition, it learns as it goes, adapting the penetration strategy based on previous results.
Step 2: Getting to the root cause:
Why is NetRecon different? Because it not only discovers and reports vulnerabilities, it goes far beyond that by correlating these vulnerabilities in order to demonstrate the root cause of more serious vulnerabilities.
It is the only solution that provides root cause analysis with a unique path analysis feature to illustrate the exact sequence of steps taken to uncover vulnerability.
Unlike other tools that simply offer explanations of symptoms of problems, NetRecon provides a systematic understanding of the causes of your vulnerabilities.
Through NetRecon's unique path analysis, you can trace the steps leading up to a vulnerability or exploit, leading you to the root cause of the problem. With NetRecon, you don't get mounds of data on symptoms of the problem. You get the real cause of the problem. And fast.
"NetRecon makes the job of the enterprise security managers easier by automating a large piece of the risk analysis process. Sophisticated vulnerability scanning capabilities and aggressive pricing leads me to believe that AXENT has hit a home run with NetRecon." - Steven Foote, vice president of Hurwitz Group
See http://www.c2000.com/products/sec_recn.htm for more information
WEB PAGE WALLPAPER |
Yep, you can make your desktop any web page, either a static file you've saved to your hard disk, or even a live web site out on the net (though I'm not so keen on recommending that).
Firstly, setting up:
1) Right-click the desktop
2) Select properties
3) Select the WEB tab
4) Check "Show Web Content on my Active Desktop"
Now, it will probably select your default home page as the first page displayed, but you can Browse your hard disk or the internet for a different selection.
But, how about this, you could also save a Word file in HTML format to your hard disk and use that. So, you could make a page of handy hints, useful phone numbers, quick reference sheets, to-do list, almost anything. Save it as HTML format and then under the WEB tab browse to the file you've just saved.
See http://www.c2000.com/mswindow for more information
CONFIGURING EXCHANGE DIRECTORY REPLICATION |
Directory Replication for Exchange brings all your connected site up to date for local directory changes. The principal benefit being of course that local address books at each Exchange site are shared and current at all the Exchange sites.
Clearly Replication implies a "trust" relationship with the remote site, but usually this is only done within geographically spread company sites anyway.
1) You must have a connecter, be it Exchange, X.400, RAS or whatever. This must be in place before you can setup directory replication.
2) Start the Exchange Administrator
3) Select the site you are configuring, then Configuration, then Directory Replication
4) Select from the File menu, New Other, Directory Replication Connector
5) In the first dialog, select the remote site name, click OK
6) In the General tab, enter any admin notes.
7) On the Schedule tab you can setup the schedule for replication. You can select specific intervals or "Always" which replicates as changes happen (if you have the bandwidth).
8) That's it, replication is setup and running. However, the first time you set this it can take some time before replication is complete. Yet it is hard to know how the replication is proceeding - patience is the answer - it will complete. I setup replication between 5 sites across Europe a while ago and replication of the thousands of addresses took nearly a day to complete.
See http://www.c2000.com/mswindow for more information
DOUBLE-CLICK TO CREATE A NEW MESSAGE IN OUTLOOK |
Here’s a neat one, just double click in any blank area of the Inbox and a new message will automatically open.
You can do the same thing in blank areas for Contacts, Tasks and Notes.
See http://www.c2000.com/mswindow for more information
GETTING RID OF THAT DARN LETTER ASSISTANT |
You've tried hard, but you still get irritated by that stupid wizard popping up every time your write "Dear Sir", up it comes, "Do you want help writing a letter?" - What does it think I am, a complete moron?
Anyway, here's what you do to get rid of it. Open up the Office Assistant (hit F1). Right-click on the assistant and select Options. Uncheck the box "Using Features more effectively".
See http://www.c2000.com/mswindow for more information
WINZIP SOLUTIONS FOR SCO UNIX |
SCO have for a while been shipping a "Skunkware CD-ROM" which has a whole range of useful (and obscure) addon tools for SCO systems. Two parts of which are "zip" and "unzip" packages which are completely compatible with the DOS and Windows versions of the Zip program.
See http://www.c2000.com/uniplex for more information
RUN A KEYTAPE WHEN UNIPLEX STARTS |
This slightly "geeky" method allows you to run a keytape as Uniplex starts. Not something you would set for day to day operation but a tool you use when using Uniplex for custom solutions. The keytape you invoke could do almost anything, load files, add editing, do cut and paste operations - all manner of things.
To run a keytape on startup use:
uniplex -F "F185:'tape_name':F11:F185" document_name
See http://www.c2000.com/uniplex for more information
CREATING CARTOONS AND LINE DRAWINGS FROM PHOTO'S |
Want to create your own line drawing or cartoon style pictures from photographs?
OK, here are some different methods for experimenting, some will provide better success than others depending quite what the initial image looks like and final result required.
Let's start with some basic tools
You could just try reducing colours to black and white as your first step but that probably won't help!
Try the Image, Edge and Trace Contour, or Image, Edge, Find All. (This usually results in the white on black, just use Colours, Negative to get it the right way round).
Try it in colour first, then going to black and white, or go to black and white first.
You could also try either sharpening or (surprisingly) softening the image before you do the traces. This can clean up the edges and give better definition.
You can also try the Colours, Posterise function - to give you a very limited colour palette before you do the trace edges. You may find stretching the histogram before the posterise helps as well.
See http://www.justkiss.com/psp for more information
UNDERSTANDING MICROSOFT'S OCTOBER 26TH INCIDENT |
On October 26, 2000, Microsoft issued a press release confirming that its development unit was successfully penetrated by hackers. The development unit servers house the source code for Microsoft's Windows and Office applications.
About the attack
The Microsoft system was cracked using two combined methods. Firstly, a Microsoft employee's family computer was infected with a worm called "QAZ". QAZ is e-mail borne and has backdoor capabilities. The worm initially appears as an email attachment. When the attachment is executed, the worm splits into a two-part program. The first part replicates the worm, spreading it through all shared drives on the network, searching for the directory containing the Windows "Notepad" application. Once Notepad is found, the worm overwrites the program with the second part of the worm, which provides a "backdoor" to the affected network. This backdoor enables an unauthorized user to create and run files on the victim machine. When an unsuspecting user runs the infected version of Notepad, the worm establishes an Internet connection and sends a notification to an address in China containing the IP addresses of infected machines.
Microsoft believe the QAZ attack on the employee's PC gave the hackers passwords to the corporate computers.
Microsoft says that according to logfiles the attack began on October 14th and lasted until October 25. They also say that the attackers had access to the source code in the development unit for only a matter of minutes.
Concerns Arising from the Attack
There were many concerns voiced about the impact of the attack on Microsoft and Microsoft customers, especially given the early suspicions that the attackers had accessed the source code for future Windows operating system versions and Office applications. Such access could allow attackers to modify operating system or applications code to enable attacks. It could also allow the attackers to analyze the code for unpublished security vulnerabilities, hence enabling attacks.
Considerable concern was also voiced that Microsoft would be vulnerable to such a well-publicized attack as the QAZ Trojan. Most commercial virus scanning products have signatures to detect and deal with the problem. This problem only serves to highlight the complexity of securing a large distributed corporate network. One security error in one computer system at the periphery of the network was sufficient to enable a major attack with devastating consequences.
What security measures would have helped and how?
The power of hindsight!
Virus scanning is cheap, simple and extremely important. Keeping up to date with virus detection signatures is vital. When possible, it's advisable to back virus scanning with email virus filtering, in which incoming messages are filtered for macro viruses.
When one is responsible, as is Microsoft, for protecting source code, it is wise to utilize a file integrity checker (such as Axent Intruder Alert) in order to be able to prove that changes were not made to products.
Good system logging and log review mechanisms are absolutely essential when attempting to diagnose security attacks. They are especially important when trying to establish the exact footprint of an attack.
Programs which give early warning of abnormal patterns of system activity (such as NetProwler) helps you minimise damage due to attacks.
Dependable, well-configured firewalls are essential for protecting networks. In the Microsoft scenario, such a firewall would have blocked the backdoor established by the worm. But note, the firewall needs to be applied both to the corporate network and employees working from home.
See http://www.c2000.com/papers for more information
USE THAT WINDOWS KEY |
Mostly you will use the Windows key for calling up the Start menu. Just by pressing it on its own the start menu is displayed. But there are some other tricks you can make it do too:
Windows + E Calls up Explorer
Windows + M Minimises all windows
Windows + F Starts Find
Windows + R Opens the Run dialog
Windows + D Goes to the desktop
Windows + F1 Open Windowds Help
See http://www.c2000.com/mswindow for more information
WARNING: POLITICALLY INCORRECT JOKE COMING |
In the end it was a bit like giving my wife my credit card and then going shopping with her: hours of boredom interspersed by moments of sheer panic!
See http://www.c2000.com/fun for more information
|
 |
|
|
|
Centreline 2000 - Uniplex, Unix, Windows and Internet FREEPOST, PO BOX 2000, Pershore, Worcs, WR10 1BR Tel: (UK) 08000 772000 - Fax: (UK) 08000 772001 |
|
|
|
|
|
URL: www.c2000.com/papers/nw_000317.htm © 1995-2000 Centreline 2000 Last Updated: 06/08/2001 |
|
|
|
|
|
|
|
|
|
