Today at the annual AusCERT Asia Pacific Information Technology Security Conference, Microsoft Corp. announced the extension of the Microsoft Security Cooperation Program (SCP) to include computer emergency response teams (CERTs), computer security incident response teams (CSIRTS), and other response and guidance organizations that represent a nation, region or population.
Urs
The National Institute of Standards and Technology is seeking comment on its draft guidelines for securing servers, released this week.
NIST Special Publication 800-123, "Guide to General Server Security," makes recommendations for securing server operating systems and software in addition to maintaining a secure configuration with patches and software upgrades, security testing, log monitoring and backups of data and operating system files.
http://www.gcn.com/online/vol1_no1/46239-1.html
Urs
Security researchers have developed a new type of malicious rootkit software that hides itself in an obscure part of a computer's microprocessor, hidden from current antivirus products.
Called a System Management Mode (SMM) rootkit, the software runs in a protected part of a computer's memory that can be locked and rendered invisible to the operating system, but which can give attackers a picture of what's happening in a computer's memory.
The proof-of-concept software will be demonstrated publicly for the first time at the Black Hat security conference in Las Vegas this August.
http://www.pcworld.com/businesscenter/article/145703/hackers_find_a_new_place_to_hide_rootkits.html
Urs
There s a lot of noise arround currently ongoig SQL injection attacks and even if that is quite an "old" topic, there are still a lot of unprotected servers out in the cloud. This has nothing to do with vulnerabilities in the products (Webserver, database server), but are resulting from unproper programming practices, configuration, etc.
Here is a list of good best practices, advice and guidance for IIS and SQL:
MSDN Guidance:
MSDN: How To: Protect From SQL Injection in ASP.NET
http://msdn.microsoft.com/en-us/library/ms998271.aspx
MSDN: SQL Injection
http://msdn.microsoft.com/en-us/library/ms161953.aspx
MSDN: Explained – SQL Injection
http://msdn.microsoft.com/en-us/library/bb671351.aspx
Recent blog entries:
Michael Howard’s SDL Blog: Giving SQL Injection the Respect it Deserves
http://blogs.msdn.com/sdl/archive/2008/05/15/giving-sql-injection-the-respect-it-deserves.aspx
Neil Carpenter's Blog: SQL Injection Mitigation: Using Parameterized Queries
http://blogs.technet.com/neilcar/archive/2008/05/21/sql-injection-mitigation-using-parameterized-queries.aspx
BILLS Blog: SQL Injection Attacks on IIS Web Servers
http://blogs.iis.net/bills/archive/2008/04/25/sql-injection-attacks-on-iis-web-servers.aspx
MSRC Blog: Questions about Web Server Attacks
http://blogs.technet.com/msrc/archive/2008/04/25/questions-about-web-server-attacks.aspx
Incident Response Focus on SQL Injection:
Neil Carpenter's Blog: Anatomy of a SQL Injection Incident
http://blogs.technet.com/neilcar/archive/2008/03/14/anatomy-of-a-sql-injection-incident.aspx
Neil Carpenter's Blog: Anatomy of a SQL Injection Incident, Part 2: Meat
http://blogs.technet.com/neilcar/archive/2008/03/15/anatomy-of-a-sql-injection-incident-part-2-meat.aspx
Urs
RSAT is the collection of Windows Server 2008 management tools which enable IT professionals to manage their Windows Server infrastructure from their PCs running Windows Vista with Service Pack 1.
Where to Install:
• Microsoft Remote Server Administration Tools for Windows Vista with SP1 (x86):
http://www.microsoft.com/downloads/details.aspx?FamilyId=9FF6E897-23CE-4A36-B7FC-D52065DE9960
• Microsoft Remote Server Administration Tools for Windows Vista with SP1(x64):
http://www.microsoft.com/downloads/details.aspx?FamilyId=D647A60B-63FD-4AC5-9243-BD3C497D2BC5
This is the list of Windows Server 2008 administration tools which are included in RSAT:
Role Administration Tools:
• Active Directory Certificate Services (AD CS) Tools
• Active Directory Domain Services (AD DS) Tools
• Active Directory Lightweight Directory Services (AD LDS) Tools
• DHCP Server Service Tools
• DNS Server Service Tools
• Shared Folders Tools
• Network Policy and Access Services Tools
• Terminal Services Tools
• Uniiversal Description, Discovery, and Integration (UDDI) Services Tools
Feature Administration Tools:
• BitLocker Drive Encryption Tools
• Failover Clustering Tools
• Group Policy Management Tools
• Network Load Balancing Tools
• SMTP Server Tools
• Storage Manager for SANs Tools
• Windows System Resource Manager Tools
The tools in the following list are fully supported managing Windows Server 2003 servers as well:
• Active Directory Domain Services (AD DS) Tools
• Active Directory Lightweight Directory Services (AD LDS) Tools
• Active Directory Certificate Services (AD CS) Tools
• DHCP Server Tools
• DNS Server Tools
• Group Policy Management Tools
• Network Load Balancing Tools
• Terminal Services Tools
• Universal Description, Discovery, and Integration (UDDI) Services Tools
Urs