What we can learn from Microsoft's troubles is that there is no standard formula for writing secure code, and not all software vulnerabilities can be prevented in the same way. New types of vulnerabilities can arise at any time, and engineers must always be aware of the security risks that can plague their past, present, and future code. No software can ever be perfect, but proactive and continuous education about classes of vulnerabilities can help reduce the risk of unnecessary software bugs. Mark Maiffret Chief Hacking Officer eEye Digital Security NEWS AND ARTICLES Top The following articles represent the opinions of their respective authors. They do not necessarily represent the opinions of eEye Digital Security. Newsbytes: Will Microsoft's Trustworthy Computing Sell? "A shift in corporate strategy by Microsoft to emphasize security in its products could bomb with consumers and hurt the market for third-party security products and services, experts said today". http://www.newsbytes.com/news/02/173745.html Computer World: Coming Retractions "Department of Corrections: A few weeks back, I wrote about how virus problems at the U.S. District Court's offices...". http://computerworld.com/storyba/0,4125,NAV47_STO67120,00.html Report: Key Government Computers Remain Vulnerable "Government computers that handle trillions of dollars in tax refunds and Social Security benefits remain vulnerable to cyber attacks". http://cnn.com/2002/TECH/internet/02/05/security.government.reut/ READER Q&A Top Q: I have a very slow modem connection, and when running a scan with Retina my audits do not always finish completely. Is there something I can do to make Retina work better in my environment? A: On a slower modem connection, users may experience delays that can result in network data transmit timeouts. If this applies to you, you can change Retina's 'Speed' setting to a lower speed to get better scan results. Adjust the Speed option under Tools -> Options. >> Have a question you would like answered? Send it to editor@eEye.com, and win an eEye t-shirt if we select your question for an upcoming newsletter. ANNOUNCEMENTS Top Retina® Wins Network World's Blue Ribbon Award In its February issue, Network World wrote: "In our testing, we reviewed products from eEye Digital Security, Nessus, Symantec, Internet Security Systems, NetIQ, Network Associates, PatchLink and Harris. "We evaluated how each identified our network vulnerabilities; what resources it required to run and then scale to a larger network; its reporting tools; what it offered as security recommendations and autofix features; and installation and ease of use. "eEye Digital Security's Retina is the Blue Ribbon Award winner...Retina won for speed and quick-fix features..." The full review can be found at http://www.nwfusion.com/reviews/2002/0204bgrev.html Custom Filters Available for Iris™ The filters are available to all Iris users free of charge, and allow users to easily configure Iris to only capture specific network traffic. The five filters currently available are: SNMP, UPNP, AOL Instant Messenger, Nimda, and CodeRed. Once downloaded, the filters should be placed in the Iris folder, and they will appear in Iris' Filters menu. Download the filters here: http://www.eeye.com/html/Products/Iris/AddOn.html eEye Alert: ISS BlackICE Kernel Overflow Exploitable A few days ago there were posts on several security mailing lists stating that BlackICE was vulnerable to a Denial of Service attack that could result in the BlackICE service crashing and/or blue-screening the remote system. We at eEye have found that the vulnerability indeed exists and is exploitable, thereby allowing an attacker to remotely compromise users of BlackICE. http://www.eeye.com/html/Research/Advisories/AL20020208.html ETCETERA Top The Year of the Bug NIPC has put together a list of last year's software vulnerabilities, complete with vendor, operating system, common name, and risk level. Not exactly a bedtime story, but we thought some of you might find it interesting. See the complete CyberNotes PDF here: http://www.nipc.gov/cybernotes/2001/cyberissue2001-26.pdf PCWorld.com: A History of Hacking An oldie but a goodie. "From phone phreaks to web attacks, hacking has been a part of computing for 40 years". http://www.pcworld.com/features/article/0,aid,45764,00.asp RECOMMEND THIS NEWSLETTER To recommend this newsletter to a friend, click on the following link: http://www.eeye.com/html/forms/recommend.html?u=www.eeye.com/html/Newsletter/Versa/VE20020213.html COMMENTS The eEye newsletter staff welcomes any comments, questions or suggestions from our readers. We hope that you will not hesitate to contact us with any feedback you may have. Send all feedback to editor@eEye.com. Also, feel free to discuss any of the topics mentioned in this newsletter in our online forums. LEGAL STUFF Permission is hereby granted for the redistribution of this newsletter electronically. It is not to be edited in any way without the express consent of eEye. If you wish to reprint the whole or any part of this newsletter in any other medium excluding electronic medium, please e-mail editor@eEye.com for permission. DISCLAIMER The information within this newsletter may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties with regard to this information. In no event shall the author be liable for any damages whatsoever arising out of or in connection with the use or spread of this information. Any use of this information is at the user's own risk. SUBSCRIPTION INFORMATION You are receiving this newsletter in response to your request on the eEye.com website or because you are a valued eEye customer. If you are receiving this newsletter in error or wish to be removed from the mailing list, please go to http://www.eeye.com/html/forms/unsubscribe.asp?list=Versa. If you received this newsletter from another source and would like to subscribe, go to http://www.eeye.com/html/forms/subscribe.asp?list=Versa.