[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Fwd: Ubuntu's Gutsy Leap Forward]



FYI...
hurf

PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:
Online Seminar: Data Security, Encryption & Recovery http://list.windowsitpro.com/t?ctl=6B374:8970ECC2EFC33C0EB2DFABB54BE9114E 

AD and PCI DSS in Heterogeneous Environments
  http://list.windowsitpro.com/t?ctl=6B381:8970ECC2EFC33C0EB2DFABB54BE9114E

Live Virtualization Webinar with Industry Analyst
  http://list.windowsitpro.com/t?ctl=6B372:8970ECC2EFC33C0EB2DFABB54BE9114E


=== CONTENTS ===================================================

IN FOCUS: Ubuntu's Gutsy Leap Forward

NEWS AND FEATURES
  - Webroot Says SMBs Struggling with Security
  - McAfee Expands Its Endpoint Security with SafeBoot Acquisition
  - Recent Security Vulnerabilities

GIVE AND TAKE
- Security Matters Blog: Tampering with Web Requests Using a Firefox Plug-in 
  - FAQ: Restrict User Access to Printers
  - From the Forum: Choosing a VPN and Proxy Server Solution
  - Share Your Security Tips

PRODUCTS
  - Keep an Eye on Your Computer Room
  - Product Evaluations from the Real World

RESOURCES AND EVENTS

FEATURED WHITE PAPER

ANNOUNCEMENTS


=== SPONSOR: Kroll Ontrack =====================================
Online Seminar: Data Security, Encryption & Recovery If you are responsible for protecting your organization's critical electronic data, attend this free online seminar to learn how data recovery can be achieved without compromising data security. Kroll Ontrack security and data recovery experts will help you answer questions, such as: 
  * How should I determine if data is worth recovering?
  * How can I ensure my data is safe during the data recovery process?
  * Can encrypted data be recovered?
* What questions should I ask a recovery service provider before sending my data? 
  Date: Wednesday, November 7, 2007
  Time: 1:00 PM Central Standard Time
  Register today--space is limited!
  http://list.windowsitpro.com/t?ctl=6B374:8970ECC2EFC33C0EB2DFABB54BE9114E


=== IN FOCUS: Ubuntu's Gutsy Leap Forward =============
  by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
You've heard it stated that Linux isn't ready for prime time desktops in enterprise environments, but is that really true? The way I see it, such blanket statements are essentially harmful misinformation because how any particular OS is suited to a network environment depends entirely on the particular network environment and the needs of the users. I've been experimenting with Linux for quite a long time and am more attracted to the free varieties as opposed to the ones from commercial companies because I don't want to pay to experiment. So my platforms of choice have typically been Debian or derivatives thereof. So far, my favorite desktop version of Linux is Ubuntu, which is based on Debian. I recently stopped by the Ubuntu Web site to see what's happening because the developers have pledged to release an update at least every six months. I was pleasantly surprised to see that just last week, Canonical (the company that sponsors Ubuntu development) released Ubuntu 7.10, code-named Gutsy Gibbon. I think the code name is fitting because based on the basic release notes, this latest version makes some considerable leaps in terms of security and overall manageability. Before I get to the security aspect, I want to point out that Ubuntu 7.10 now supports writing to NTFS partitions; previous versions supported only the ability to read NTFS partitions. The new version also supports fully automatic plug-and-play printer installations and provides improved thin-client support that offers better compression, automatic logon, and more. You can manage all clients, including client installations, configurations, and upgrades, from one system. Ubuntu 7.10 Desktop Edition now also includes Compiz Fusion, which adds jazzy 3D effects. Other slick features include fast user switching, desktop search, a plug-in finder and installer for Mozilla Firefox, and automated installation of "non-free" driver packages. That said, the security improvements are what really grabbed my attention. When you download Ubuntu, you can now choose an alternate installer that implements either full disk encryption or partition- based encryption. A new script has been added to the base installation that helps automate creation and storage of profiles for authentication. A third new feature of the base installation is the addition of AppArmor, which helps limit the resources that an application can access. AppArmor was maintained by Novell until last month, and now the open-source community has picked up the ball. Finally, Ubuntu comes prepackaged with OpenOffice, and you can get Ubuntu in several styles. Kubuntu uses the KDE desktop instead of the Gnome desktop. Xubuntu is a lighter weight version of Ubuntu that requires less memory, which is helpful for use on older systems. Edubuntu is tailored especially for educational environments and classroom use for children. So that's it in a nutshell. If you're curious about Linux, seriously consider taking a good look at Ubuntu (available at the URL below). As far as I can tell, it's one of the best Linux platforms available. http://list.windowsitpro.com/t?ctl=6B389:8970ECC2EFC33C0EB2DFABB54BE9114E 


=== SPONSOR: Centrify ==========================================

AD and PCI DSS in Heterogeneous Environments
Download this white paper that examines the compelling business and technical case for centralizing administration in Microsoft's Active Directory, outlines how Centrify DirectControl's integrated architecture enables you to extend Active Directory to your UNIX, Linux and Mac OS systems and applications, and describes how Active Directory and DirectControl address specific PCI DSS requirements. http://list.windowsitpro.com/t?ctl=6B381:8970ECC2EFC33C0EB2DFABB54BE9114E 


=== SECURITY NEWS AND FEATURES =================================

Webroot Says SMBs Struggling with Security
Webroot surveyed more than 1,800 small businesses in six countries and discovered that "most SMB IT groups do not have in-house security expertise nor policies to manage employees' personal use of work computers." 
  http://list.windowsitpro.com/t?ctl=6B37E:8970ECC2EFC33C0EB2DFABB54BE9114E

McAfee Expands Its Endpoint Security with SafeBoot Acquisition
McAfee announced that it will acquire security solution provider SafeBoot for $350 million in cash. The acquisition brings McAfee new abilities to provide authentication and encryption to endpoints. 
  http://list.windowsitpro.com/t?ctl=6B37D:8970ECC2EFC33C0EB2DFABB54BE9114E

Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at 
  http://list.windowsitpro.com/t?ctl=6B379:8970ECC2EFC33C0EB2DFABB54BE9114E


=== SPONSOR: Double-Take Software ==============================

Live Virtualization Webinar with Industry Analyst
A combination of perspectives on this webinar will offer interesting and valuable insights on virtual server technologies and disaster recovery. In addition to answering common questions about disaster recovery and virtualization, you will learn specifically about organizations that have successfully leveraged virtualized systems to reach the highest level of recoverability for critical workloads. 
  http://list.windowsitpro.com/t?ctl=6B372:8970ECC2EFC33C0EB2DFABB54BE9114E


=== GIVE AND TAKE ==============================================
SECURITY MATTERS BLOG: Tampering with Web Requests Using a Firefox Plug-in 
  by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=6B384:8970ECC2EFC33C0EB2DFABB54BE9114E
You probably know that it's easy to fiddle with Web form data and Web request headers. Intruders do it to find weak spots in your defenses, so maybe you should do it to test your own systems before the bad guys do. 
  http://list.windowsitpro.com/t?ctl=6B375:8970ECC2EFC33C0EB2DFABB54BE9114E
FAQ: Restrict User Access to Printers by John Savill, http://list.windowsitpro.com/t?ctl=6B382:8970ECC2EFC33C0EB2DFABB54BE9114E 
Q: How can I restrict the print servers that a user can map to?

Find the answer at
  http://list.windowsitpro.com/t?ctl=6B37F:8970ECC2EFC33C0EB2DFABB54BE9114E

FROM THE FORUM: Choosing a VPN and Proxy Server Solution
A forum participant writes that he's been tasked with implementing a hardware-based VPN solution. He'll also have to monitor Internet usage, police certain ports and URLs, and produce reports in a spreadsheet format. So far, he's looking at the Cisco ASA 5500 series appliance. He wonders if anyone has suggestions about other all-in-one devices that might suit his needs. 
  http://list.windowsitpro.com/t?ctl=6B371:8970ECC2EFC33C0EB2DFABB54BE9114E

SHARE YOUR SECURITY TIPS AND GET $100
Share your security-related tips, comments, or problems and solutions in Security Pro VIP's Reader to Reader column. Email your contributions to protected address. If we print your submission, you'll get $100. We edit submissions for style, grammar, and length. 


=== PRODUCTS ===================================================
  by Renee Munshi, protected address

Keep an Eye on Your Computer Room
AVTECH Software introduces Room Alert 26WO, a hardware and software solution that monitors a computer room or data center for physical conditions such as extreme temperature or humidity, power failure, flooding, smoke, and room entry. Room Alert 26WO has built-in sensors for most of these conditions and allows connection of digital and switch-based sensors through 26 built-in sensor ports and contact sets. It also includes a built-in UPS to get alerts out in the event of a power failure. Room Alert 26WO can be monitored via its built-in Web server, AVTECH PageR Enterprise software, or SNMP monitoring software. Alerts can be sent to individuals and groups and to a variety of devices. For more information, go to 
  http://list.windowsitpro.com/t?ctl=6B388:8970ECC2EFC33C0EB2DFABB54BE9114E

PRODUCT EVALUATIONS FROM THE REAL WORLD
Share your product experience with your peers. Have you discovered a great product that saves you time and money? Do you use something you wouldn't wish on anyone? Tell the world! If we publish your opinion, we'll send you a Best Buy gift card! Send information about a product you use and whether it helps or hinders you to protected address. 


=== RESOURCES AND EVENTS =======================================
  For more security-related resources, visit
  http://list.windowsitpro.com/t?ctl=6B380:8970ECC2EFC33C0EB2DFABB54BE9114E
PCI Requirements for Windows and Active Directory: Straight from a Certified Auditor The final PCI compliance deadline is December 31, 2007 ... are you ready? Is your organization still struggling to figure out how to prepare for a PCI audit? In this October 31, 2007 Web seminar, hear directly from a VISA Qualified Data Security Professional (QDSP) on what the PCI DSS requirements are, who needs to comply, what systems are involved, and what an auditor wants to see. Register now, don't miss this October 31 Web seminar. 
  http://list.windowsitpro.com/t?ctl=6B377:8970ECC2EFC33C0EB2DFABB54BE9114E

Improving Backup and Recovery
Don't miss this October 26, 2007 Web seminar exploring SAN copy and replication methodologies, in conjunction with backup and restore, delivering more efficient operations and dramatically improving overall business continuity. Join us on October 26 to learn current commonly used backup/restore methodologies, SAN copies and replication methodologies, requirements to enable different solution designs, and inherent strengths and weaknesses of various solution designs. 
  http://list.windowsitpro.com/t?ctl=6B373:8970ECC2EFC33C0EB2DFABB54BE9114E
With increasing concerns about host-based intrusion, IT professionals need to be equipped with effective security solutions. Attend this October 30, 2007 (12 p.m. EDT) Web seminar to discover how a multi- layer security solution for critical systems allows you to effectively protect critical assets, lower administration costs, ensure server integrity and compliance across heterogeneous platforms, and provide advanced exploit prevention techniques through simple, centralized policy management. 
  http://list.windowsitpro.com/t?ctl=6B376:8970ECC2EFC33C0EB2DFABB54BE9114E


=== FEATURED WHITE PAPER =======================================

Protecting Microsoft SQL Server
Your company relies on its databases; how are you protecting them? Imagine the data that would be lost if one container were damaged or corrupted. Imagine how the failure of one system could impair your ability to do business for hours, days--even permanently. This white paper discusses data protection strategies for Microsoft SQL Server, including options for database protection solutions and the advantages of these different solutions. View this white paper to ensure you don't lose valuable information that could drastically impair your business. 
  http://list.windowsitpro.com/t?ctl=6B378:8970ECC2EFC33C0EB2DFABB54BE9114E


=== ANNOUNCEMENTS ==============================================
Discover the New SQL Server Magazine Don't miss the relaunched SQL Server Magazine, coming this month! Besides a new look, we have even more coverage of administration and performance, development and Web apps, BI and Reporting Services, and SQL Server fundamentals. Subscribe now and save 58% off the cover price. http://list.windowsitpro.com/t?ctl=6B37A:8970ECC2EFC33C0EB2DFABB54BE9114E 

SQL Server Performance Tuning Articles and Tips
Check out the Net's largest site dedicated to SQL Server performance tuning. Get the most out of SQL Server with thousands of performance- tuning articles/tips/FAQs for SQL Server 2000 and 2005. To join the forums and chat with more than 18,000 advanced SQL Server DBAs and developers, click here: 
  http://list.windowsitpro.com/t?ctl=6B385:8970ECC2EFC33C0EB2DFABB54BE9114E


================================================================
Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and Security Pro VIP (second URL below). 
  http://list.windowsitpro.com/t?ctl=6B383:8970ECC2EFC33C0EB2DFABB54BE9114E
  http://list.windowsitpro.com/t?ctl=6B387:8970ECC2EFC33C0EB2DFABB54BE9114E

Subscribe to Security UPDATE at
  http://list.windowsitpro.com/t?ctl=6B37C:8970ECC2EFC33C0EB2DFABB54BE9114E

Unsubscribe by clicking
  http://list.windowsitpro.com/u?id=8970ECC2EFC33C0EB2DFABB54BE9114E
Be sure to add Security_protected address to your antispam software's list of allowed senders.
To contact us: About Security UPDATE content -- protected address 
  About technical questions -- http://list.windowsitpro.com/t?ctl=6B386:8970ECC2EFC33C0EB2DFABB54BE9114E
  About your product news -- protected address
  About your subscription -- protected address
  About sponsoring Security UPDATE -- protected address

View the Windows IT Pro privacy policy at
  http://list.windowsitpro.com/t?ctl=6B37B:8970ECC2EFC33C0EB2DFABB54BE9114E

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2007, Penton Media, Inc. All rights reserved.