**********************************************************
WINDOWS NT MAGAZINE SECURITY UPDATE
**Watching the Watchers**
The weekly Windows NT security update newsletter brought to you by
Windows NT Magazine and NTsecurity.net
http://www.winntmag.com/update/
**********************************************************

This week's issue sponsored by:

Free On-Line Seminar: Defending NT Servers
http://www.network-1.com/seminar

AXENT Technologies, Inc.
http://www.winntmag.com/jump.cfm?ID=5
(Below Security Roundup)

|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-
December 15, 1999 - In this issue:

1. IN FOCUS
     - You Have the Right to Surf Anonymously--Or Do You?

2. SECURITY RISKS
     - SQL Server 7.0 SA Password
     - NT Subject to Denial of Service
     - NT Help File Attack

3. ANNOUNCEMENTS
     - Free Trial Version of HP Optimize for Windows NT Servers
     - Answers To NT Frequently Asked Questions

4. SECURITY ROUNDUP
     - News: Most Cybercrime Goes Unpunished
     - News: Microsoft Releases Smart Card Toolkit
     - Feature: Practical Recommendations for Post-Y2K

5. NEW AND IMPROVED
     - Enterprise Firewall with Security-Compliant VPN
     - Monitor Data Before It Reaches the OS

6. HOT RELEASES
     - kforce.com
     - Toshiba Copiers and Fax
     - BindView

7. SECURITY TOOLKIT
     - Book Highlight: Maximum Security: A Hacker's Guide to  Protecting
Your Internet Site and Network, Second Edition
     - Tip: Restrict Write Access When Possible

8. HOT THREADS
     - Windows NT Magazine Online Forums:
        * Stop Users from Mapping Drives
     - Win2KSecAdvice Mailing List:
        * Most Secure Installation of Proxy Server 2.0?
        * Windows NT SP6a and C2 Evaluation
     - HowTo Mailing List:
        * XCOPY and Batch Files
        * Can We Break Password-Protected *.pst Files for  Outlook 98 or 97?

~~~~ SPONSOR: FREE ON-LINE SEMINAR: DEFENDING NT SERVERS ~~~~
Attend Network-1's free on-line seminar, "Defending NT Servers  in the
New e-Commerce Age", hosted by network security expert Dr. Bill
Hancock.  This 30-minute web-based seminar is a must for IT
professionals who are responsible for securing Windows NT  servers in
"electronically open" organizations.  Seminar attendees will  learn of
common exploits and vulnerabilities of Windows NT servers.
How to attend:
Just point your browser to http://www.network-1.com/seminar and
register. We will be offering the seminar at four convenient  days and
times.
Join Network-1 and Dr. Hancock at our on-line seminar and
get your business ready for the e-Commerce Age.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Want to sponsor Windows NT Magazine Security UPDATE? Contact  Vicki
Peterson (Western and International Advertising Sales Manager)  at 877-
217-1826 or vpeterson@winntmag.com, OR Tanya T. TateWik  (Eastern
Advertising Sales Manager) at 877-217-1823 or  ttatewik@winntmag.com.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

1. ========== IN FOCUS ==========

Hello everyone,

Your freedom--at what price? If you ask Canadian-based Zero  Knowledge
Systems (ZKS), the company will tell you that Freedom costs  $49.95.
Freedom is a relatively new way of anonymously surfing the  Internet,
and the technology is creating a stir on many fronts. For end  users,
Freedom is an application that you install on your workstation  to
redirect significant portions of your network traffic through a  complex
network of proxy servers over an encrypted transport. Freedom  prevents
discovery of the exact path that the traffic takes, as well as  your
real IP address.
   Freedom dynamically chains proxy servers together and forces  traffic
to hop between no less than three proxies before that traffic  reaches
its final destination. So what's the point? Anonymity. Freedom  is the
first product I've seen that stretches the boundaries of  anonymity to a
realistically acceptable level. Without the assistance of ZKS  and
Freedom server operators, a Web site can't trace users to their  origin,
and ZKS collects no substantial information on any user that  can
identify that user. The fact that a user can remain anonymous  has US
law enforcement concerned at local and federal levels. And I  suppose
the fact that ZKS is outside of US jurisdiction doesn't make US  law
officials feel any better about this new tool.
   Law enforcement officials worry that users will use Freedom  to
commit crimes such as sending abusive email, spreading child
pornography, or trading pirated software. And although  officials are
probably justified in that concern, their concern has little to  do with
the Freedom product in my opinion. For example, you might worry  about
getting mugged or shot, but that worry is no reflection on the  Smith
and Wesson gun company; it's a reflection of the shooter and  the people
responsible for properly raising that shooter in today's  society. So to
me, the law enforcement concerns are moot points. Law  enforcement
officials are barking up the wrong tree.
   I think Freedom provides a valuable service to the  community. So
many agencies are trying to chip away at our privacy in America  that I
think Freedom might force some kind of showdown. With so much  attention
focusing on the new Freedom network, it's likely that in the  near
future, the free world will have to draw more definitive legal  lines in
the sand regarding privacy.
   I've always thought that privacy was a commonsense issue  based on
mutual respect; that's how I think about any kind of weaponry,  no
matter how subtle--computers and networks included. But someone  else's
perceived need for information and control often outweighs  respect for
privacy.
   As a result, our First and Second Amendment rights in  America remain
under acute attack, all in the name of improving society. Were  it not
for the misconstrued ideals of these privacy violators, ZKS  probably
wouldn't have needed to create Freedom in the first place. How  ironic.
   So if you need anonymity on the Internet, check out the  Freedom
Network at http://www.zks.net. But be advised, Freedom  currently runs
only on Windows 9x. A Windows NT version, as well as Linux and  Mac
versions, are in the works. Until next time, have a great week.

Sincerely,
Mark Joseph Edwards, News Editor
mark@ntsecurity.net

2. ========== SECURITY RISKS =========
(contributed by Mark Joseph Edwards, http://www.ntsecurity.net)

* SQL SERVER 7.0 SA PASSWORD
Kevork Belian reported a situation where, under certain  circumstances,
an intruder might compromise a SQL Server 7.0's Systems  Administrator
(SA) password. Although the problem occurs largely because of
configuration issues, users need to ensure that their security  settings
are adequate to guard against such attacks.
    http://www.ntsecurity.net/go/load.asp?iD=/security/sql701.htm

* NT SUBJECT TO DENIAL OF SERVICE
When a system supplies a specific type of malformed argument to  a
resource enumeration request, the Windows NT Service Control  Manager
can fail. The primary effect of the failure is to cause named  pipes to
fail, which prevents many other system services from operating.  The
failure doesn't cause the machine to crash, so the operator  might not
realize that the machine is no longer in service. Microsoft has
released a patch for Intel and Alpha that corrects the problem.
    http://www.ntsecurity.net/go/load.asp?iD=/security/resenum1.htm
    http://www.microsoft.com/Downloads/Release.asp?ReleaseID=16382
    http://www.microsoft.com/Downloads/Release.asp?ReleaseID=16383

* NT HELP FILE ATTACK
Windows NT's built-in Help system has problems that might let  unwanted
programs execute on a given system. Because of the nature of  the Help
system, an intruder can change a topic action to run an  executable
program instead of displaying Help for the selected topic. When  a user
uses a Help system modified in this way, the system runs the  specified
executable under the context of the logged-on user.
   The solution is to secure all .hlp and .cnt files that the  Help
system uses. Restrict access to only those users that require  access,
and don't allow write access to any Help files unless  absolutely
necessary.
    http://www.ntsecurity.net/go/load.asp?iD=/security/nthelp1.htm

3. ========== ANNOUNCEMENTS ==========

* FREE TRIAL VERSION OF HP OPTIMIZE FOR WINDOWS NT SERVERS
Windows NT Magazine has partnered with Hewlett Packard (HP) to  bring
you, a valued subscriber to Security UPDATE, an exciting new
promotional offer. You'll have early access to a fully  functional, FREE
trial version of HP Optimize for Windows NT Servers. Get the  most out
of your systems and your IT investments through increased  system
productivity and utilization. HP Optimize helps you identify
performance bottlenecks and provides recommendations on  improving
system performance.  For more information and to get your FREE  trial
version, go to
http://itresourcecenter.hp.com/diag/bin/doc.pl/screen=optimizeMain.
Maximize your system performance today!

* ANSWERS TO NT FREQUENTLY ASKED QUESTIONS
Check out this technically rich FAQ site:
http://www.jsiinc.com/reghack.htm. Established by Jerold  Schulman, the
site includes more than 1800 fully searchable Windows NT tips,
techniques, and Registry hacks. With new listings added daily,  it's a
superior resource from one of the sharpest minds in the  industry.

4. ========== SECURITY ROUNDUP ==========

* NEWS: MOST CYBERCRIME GOES UNPUNISHED
According to a recent article by David Noack for Information  Security
Magazine, most cybercrime goes unpunished. And based on the  figures he
presents in this report, I have to agree. The report states  that of 419
cases of alleged computer fraud referred to federal prosecutors  in
1998, only 83 were prosecuted. The courts dismissed the  remainder for
lack of evidence.
    http://www.ntsecurity.net/go/2c.asp?f=/news.asp?IDF=191&TB=news

* NEWS: MICROSOFT RELEASES SMART CARD TOOLKIT
Lost in the Comdex rush was a small but important announcement.  On
November 15, Microsoft released the Windows Smart Card Toolkit.  This
toolkit lets developers create Windows-based OS installation  systems
using smart cards and applications that interact with smart  cards. The
toolkit is programmable in Visual Basic (VB). Read the rest of  C. Thi
Nguyen's Web Exclusive for Windows NT Magazine at the URL  below.
    http://www.ntsecurity.net/go/2c.asp?f=/news.asp?IDF=192&TB=news

* FEATURE: PRACTICAL RECOMMENDATIONS FOR POST-Y2K
Y2K is only weeks away. Are you sure you're ready? And what  about after
January 1--will your problems end there? It's hard to say. M.E.  Kabay
offers his opinion and advice regarding post-Y2K problems.  Kabay cites
several areas for consideration and discusses why those areas  need
acute attention.
    http://www.ntsecurity.net/go/2c.asp?f=/features.asp?IDF=141&TB=f

~~~~ SPONSOR: AXENT TECHNOLOGIES, INC. ~~~~
How To Test Your Firewall.
Your network's security is only as strong as your firewall
configuration.  In fact, misconfigured firewalls is the #1  cause of
security breaches.  AXENT's NetRecon(tm) proactively checks for
vulnerabilities from inside and outside your firewall -  providing
instant vulnerability path analysis and recommended solutions.   Test
your firewall before a hacker does.  Now until 12/30/99, you  can
download AXENT's FREE NetRecon eval and test your firewall at:
http://www.winntmag.com/jump.cfm?ID=5
AXENT is the leader in e-security solutions, securing 45 of
the Fortune 50.

5. ========== NEW AND IMPROVED ==========
(contributed by Carolyn Mascarenas, products@winntmag.com)

* ENTERPRISE FIREWALL WITH SECURITY-COMPLIANT VPN
Elron Software announced CommandView Firewall for NT 3.0, an  enterprise
firewall with full IPSecurity (IPSec)-compliant VPN technology  that
lets you create confidential communication channels over the  Internet.
You can set up VPNs between multiple sites using either  CommandView
Firewall at all sites or a combination of various firewall  products.
Encryption and authentication protocols provide added security.  The
product supports both manual keys and Internet Key Exchange  (IKE) and
provides interoperability with other IPSec-compliant VPNs.  Support for
the H.323 protocol lets you use videoconferencing software such  as
Microsoft NetMeeting. Pricing starts at $1495 for a 25-user  license.
Contact Elron Software, 800-406-5833.
   http://www.elronsoftware.com

* MONITOR DATA BEFORE IT REACHES THE OS
ThunderStore released X-Tra Secure, software that focuses on  the rights
assigned to files and data information resources rather than  the rights
assigned to users. If an application, user, or service accesses  any
data from an information resource, the software will check the  rights
tagged to the data and decide whether to block the data or pass  it
through. X-Tra Secure monitors what is accessing the data  (e.g., users,
applications, system services, processes) and how the data is  used
(e.g., read-only, write, print, save, central archive).
   X-Tra Secure works on Windows NT and Windows 9x systems. For
pricing, contact ThunderStore, info@ascit.com.
   http://www.thunderstore.com

6. ========== HOT RELEASES (ADVERTISEMENT) ==========

* KFORCE.COM
Real results by real people!***kforce.com*** Resumes read by  over 2,300
Career Specialists, Not another Job Board, But the Career  Resource
Center.  Search our Vast Database, use the Salary Calculator,  and
receive your own Career Development Coach.  Opportunity has a  new
address kforce.com
http://ad.doubleclick.net/clk;629716;3578931;w?http://www.kforce.com

* TOSHIBA COPIERS AND FAX
Toshiba leads 21st Century Technology with its new digital,
multifunctional and networking copier and fax systems. Visit
http://www.copiers.toshiba.com to check out our full product  line.
No matter what your business needs: Demand more, Demand  Toshiba.

* BINDVIEW
Stuck working on New Year's Eve? Come party online with  BindView,
Compaq and CMP's TechWeb. Prizes, chat rooms, movies, real-time  Y2K
updates and the world's hottest Half-Life Game server. Check  out the
details at: http://www.bindview.com/onlineparty/index.html

7. ========== SECURITY TOOLKIT ==========

* BOOK HIGHLIGHT: MAXIMUM SECURITY: A HACKER'S GUIDE TO  PROTECTING YOUR
INTERNET SITE AND NETWORK, SECOND EDITION
By Anonymous
Online Price: $39.95
Softcover; 829 pages
Published by SAMS Publishing, August 1998

Updated and revised, Maximum Security: A Hacker's Guide to  Protecting
Your Internet Site and Network reveals the newest strategies  that
hackers are using to breach security systems and the latest  security
technologies. This text is a much-debated handbook that  encompasses
every facet of Internet protection.

For Windows NT Magazine Security UPDATE readers only--Receive  an
additional 10 PERCENT off the online price by typing WINNTMAG  in the
referral field on the Shopping Basket Checkout page. To order  this
book, go to  http://www.fatbrain.com/shop/info/0672313413?from=SUT864.

* TIP: RESTRICT WRITE ACCESS WHEN POSSIBLE
(contributed by Mark Joseph Edwards, http://www.ntsecurity.net)

Often, users don't consider some types of files to be a risk to  their
systems. But history clearly shows us that a clever person will  find
problems in even the subtlest of places. When that happens, the  person
will use the vulnerability to try and take over the system.
   Take, for example, the Windows NT Help files problem  reported in
this issue. In general, people don't consider a Help file to be  a
security risk unless the information in the Help file was  sensitive. In
most cases, these files are accessible to everyone with all  permissions
enabled. But the vulnerability reported this week demonstrates  why you
need to properly lock down these files and others: We never  know when
someone will discover a problem.
   A good rule of thumb for file permissions is to grant only  read
access to files unless you're certain a file requires write  access.
Without write access, no one can modify your files with  malicious
intent.

8. ========== HOT THREADS ==========

* WINDOWS NT MAGAZINE ONLINE FORUMS

The following text is from a recent threaded discussion on the  Windows
NT Magazine online forums (http://www.winntmag.com/support).

December 13, 1999, 09:57 A.M.
Stop Users from Mapping Drives
I have a policy in place that prohibits users from mapping  drives,
among other things. However, some users are using winfile.exe  to map
with. Is there a way to stop this? It would be irritating to  have to
change all my network folder permissions to stop this.

Thread continues at
http://www.winntmag.com/support/Forums/Application/Index.cfm?CFApp=69&Messag
e_ID=81821

* WIN2KSECADVICE MAILING LIST
Each week we offer a quick recap of some of the highlights from  the
Win2KSecAdvice mailing list. The following threads are in the  spotlight
this week:

1. Most Secure Installation of Proxy Server 2.0?
http://www.ntsecurity.net/go/w.asp?A2=IND9912B&L=WIN2KSECADVICE&P=121
2. Windows NT 4.0 SP6a and C2 Evaluation
http://www.ntsecurity.net/go/w.asp?A2=IND9912A&L=WIN2KSECADVICE&P=2429

Follow this link to read all threads for Dec. Week 2:
   http://www.ntsecurity.net/go/win2ks-l.asp?s=win2ksec

* HOWTO MAILING LIST
Each week we offer a quick recap of some of the highlights from  the
"HowTo for Security" mailing list. The following threads are in  the
spotlight this week:

1. XCOPY and Batch Files
http://www.ntsecurity.net/go/L.asp?A2=IND9912B&L=HOWTO&P=3316
2. Can We Break Password-Protected *.pst Files for Outlook 98  or 97?
http://www.ntsecurity.net/go/L.asp?A2=IND9912B&L=HOWTO&P=2453

Follow this link to read all threads for Dec. Week 2:
   http://www.ntsecurity.net/go/l.asp?s=howto

|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-

WINDOWS NT MAGAZINE SECURITY UPDATE STAFF
News Editor - Mark Joseph Edwards (mje@winntmag.com)
Ad Sales Manager (Western and International) - Vicki Peterson
(vpeterson@winntmag.com)
Ad Sales Manager (Eastern) - Tanya T. TateWik  (ttatewik@winntmag.com)
Editor - Gayle Rodcay (gayle@winntmag.com)
New and Improved - Carolyn Mascarenas (products@winntmag.com)
Editor-at-Large - Jane Morrill (jane@winntmag.com)

|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-

Thank you for reading Windows NT Magazine Security UPDATE

To subscribe, go to http://www.winntmag.com/update or send  email to
listserv@listserv.ntsecurity.net with the words "subscribe
securityupdate anonymous" in the body of the message without  the quotes

To unsubscribe, send email to listserv@listserv.ntsecurity.net  with the
words "unsubscribe securityupdate" in the body of the message  without
the quotes.

To change your email address, you must first unsubscribe by  sending
email to listserv@listserv.ntsecurity.net with the words  "unsubscribe
securityupdate" in the body of the message without the quotes.  Then,
resubscribe by going to http://www.winntmag.com/update and  entering
your current contact information or by sending email to
listserv@listserv.ntsecurity.net with the words "subscribe
securityupdate anonymous" in the body of the message without  the
quotes.

========== GET UPDATED! ==========
Receive the latest information on the NT topics of your choice.
Subscribe to these other FREE email newsletters at
http://www.winntmag.com/sub.cfm?code=up99inxsup.

Windows NT Magazine UPDATE
Windows NT Magazine Thin-Client UPDATE
Windows NT Exchange Server UPDATE
Windows 2000 Pro UPDATE
ASP Review UPDATE
SQL Server Magazine UPDATE

|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-|-+-
Copyright 1999, Windows NT Magazine

Security UPDATE Newsletter is powered by LISTSERV software
http://www.lsoft.com/LISTSERV-powered.html