Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2004-03-26 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

ISS Default Misconfiguration, New Bagel.U, and a couple 'witty' notes

Published: 2004-03-26
Last Updated: 2004-03-28 16:09:55 UTC
by Dave Brookshire (Version: 1)
0 comment(s)
ISS Default Misconfiguration Problem

Today ISS notified its customers of a problem discovered in the default configuration of some versions of their RealSecure and BlackICE products. "This misconfiguration changes the default blocking and reporting behavior and may affect your level of protection. While the most current releases block most of the major threats (including Blaster, Nachi, Slammer, and Witty), ISS strongly recommends that customers update to this new release to provide maximum coverage for all threats."

http://www.iss.net/support/

New Bagel Variant: Bagel.U

New Bagel o' the Day: Bagel.U. This is the 21st variant classified. Noteworthy: unlike previous versions that used "tricky subject lines or enticing messages" this one arrives as an attachment to an otherwise empty message.

http://www.computerworld.com/securitytopics/security/virus/story/0,10801,91678,00.html
http://www.sarc.com/avcenter/venc/data/w32.beagle.u@mm.html

Witty Notes

A couple of article links that discuss security products being targeted, and the weakness of patch-based security.

http://www.computerworld.com/securitytopics/security/holes/story/0,10801,91688p2,00.html
http://news.com.com/2100-7355_3-5180482.html?tag=nefd_top
-------------------------------------------------------------------

Handler on duty: Dave Brookshire
Keywords:
0 comment(s)
Diary Archives