Search results for: vulnerability

Interview with David W. Chapman, President and Principal Consultant for SecureNet Consulting

David W. Chapman Jr. is President and Principal consultant for SecureNet Consulting, LLC, an independent information security consulting firm in Beaverton, OR. SecureNet specializes in the design, implementation and monitoring of secure network infrastructures. David teaches Cisco’s PIX, Intrusion Detection and VPN courses to students across the country. David holds a number of industry certifications including, CISSP, CCSI, CSS-1, CCNP, CCDP. He is the co-editor of “Cisco Secure PIX Firewalls.” How long have you been … More

Managing Information Security Risks: The OCTAVE Approach

This book is a powerful documentation on CERT/CC’s Operationally Critical Threat, Asset, and Vulnerability Evaluation. It offers all the information you need to know while thinking about, or starting, the implementation of the OCTAVE into your organization. More

Secure Configuration of Servers Stops SQLSlammer and Others

Incidents like those caused by SQLSlammer, which exploited a vulnerability in SQL servers, highlight the importance of correctly configuring and maintaining these servers. In today’s Oxygen3 24h-365d, we are going to look at some basic protection measures, with a particular emphasis on those that provide Internet services. Internet servers -whether they offer Web services, FTP, e-mail, databases, etc.-, are normally constantly connected and can therefore receive requests from any user. As this exposure makes them … More

Interview with Ratmir Timashev, CEO of Aelita Software

Ratmir Timashev brings a rare combination of business savvy and technical knowledge to his role as CEO of Aelita Software, allowing him to create a vision for the company that is forward-looking, realistic, and in sync with customer needs. Timashev has extensive entrepreneurial experience. In 1993, he founded and served as CEO for Midwestern Commerce, the predecessor to Aelita. Timashev holds a Master’s Degree in Chemical Physics from The Ohio State University. Introduce Aelita Software … More

Interview with Steven Dabbs, CEO & President of ScannerX

Steven Dabbs, CEO & President of ScannerX, has more than 15 years experience in the Internet and real estate industries. He founded an early Internet web hosting company in 1993, which he sold to Interliant, Inc. in 1998. With Interliant he worked as a Vice President of Customer Care and Business Development. He was also Vice President of a Reg. D partnership with Johnstown American, a public company. Prior to this experience he was a … More

Weekly Virus Report – SQLSlammer, Netspree Worms and Winpao Trojan

The attack launched by SQLSlammer is considered to be the one that has had the biggest impact on the Internet over the last 18 months. This worm exploits a vulnerability in Microsoft SQL Server to launch denial of service attacks (DoS) against these corporate servers, blocking networks and communication services. The second worm in today’s report is Netspree, which can infect computers with any Windows operating system installed, although it only spreads through shared network … More

Sophos: Top 10 Viruses and Hoaxes in January 2003

This is the latest in a series of monthly charts counting down the ten most frequently occurring viruses and hoaxes as compiled by Sophos, a world leader in corporate anti-virus protection. For January 2003, the virus chart is as follows, with the most frequently occurring virus at number one: 1. W32/Avril-B (Avril variant) 16.8% NEW ENTRY 2. W32/Avril-A (Avril worm) 12.4% NEW ENTRY 3. W32/Klez-H (Klez variant) 12.1% TWELFTH MONTH IN TOP TEN 4. W32/Sobig-A … More

Interview with Donald L. Pipkin, Information Security Architect for the Internet Security Division of Hewlett-Packard

Who is Donald L. Pipkin? I am an Information Security Architect at Hewlett-Packard. I’ve been with HP eighteen years; most of that time I have spent in the area of information security. I help customers before a security incident by evaluating their security and, after there has been a security breach. I help them in recovering their systems. I design security into solutions which salesmen are presenting to customers. Today I spend most of my … More

ActiveState PureMessage Deals Blow to New and More Threatening Spamming Technique

Image Spam One Quarter of all Emails in Large Organizations Vancouver, BC – JANUARY 28, 2003 — ActiveState® Corp., the leader in enterprise email filtering software, has released new PureMessage(tm) technology to reliably catch a new and dangerous form of spam — image spam. Increasing in frequency by over 25% since November, image spam isn’t only a nuisance, it is a threat to every email box’s security. Using PureMessage, organizations are assured protection against productivity … More

Helkern – The Beginning of End As Anti-virus Experts Have Long Warned

Kaspersky Labs analyzes the consequences of the latest epidemic. The “Helkern” epidemic has become huge, not only in the number of infected severs (nearly 80,000), geographic coverage and its rate of spreading, but also in the consequences it has caused regarding the general functioning of the Internet. Never before has a malicious program threatened to tear apart the composite parts of the worldwide network and destroy communications between regions. “Helkern” has managed to: disrupt the … More

Slammer (Helkern) Worm Epidemic – Events Chronology

It is possible to state with certainty that “Helkern” appeared far before the 25th of January when anti-virus companies first brought it to the attention of the mass media. January 20, 2003 at 19:07 marked the first time data similar to “Helkern” worm copies were detected by Kaspersky Labs. The data was sent from a computer belonging to an U.S.-based Internet service provider. However this doesn’t mean that company’s employees created “Helkern” – most likely … More