MS05-010 Correction

Quoting Dave Aitel directly from [Dailydave] LLSSRV Clarifications.


As stated in MS05-010, LLSSRV is not remotely exploitable on Windows 2000 Server SP3 and 4 without authentication. However, it is remotely exploitable in Windows 2000 Advanced Server SP 3 and 4 without authentication. More information at the Immunity Inc. web site:


http://www.immunitysec.com/downloads/llssrv_miss.pdf

It's the end of the world as we know it...

An article titled "How To Save The Internet" is an interesting read. Aside from the US centric bias it points out that the Internet as we know and love it today is essentially dysfunctional. Which brings us to the question of how to either save it, or move on to a better method of safely and securely connecting the world together. I have my own thoughts about some of the ideas raised in the article; some are silly, some are not feasible, but some merit some thought and attention. What do you think?



http://www.cio.com/archive/031505/security.html

DNS cache poisoning incidents

There have been widespread reports of DNS cache poisoning and users being redirected on a major scale to certain web sites. Symantec has released a hotfix addressing a DNS cache poisoning and redirection issue with their Gateway Security, Enterprise Firewall, and VelociRaptor products. Products other than Symantec's are also reported to be impacted. More information is available from the following URLs:



http://securityresponse.symantec.com/avcenter/security/Content/2005.03.15.html


http://www.techweb.com/wire/security/159900971

New Handler

I have the pleasure of introducing a new Incident Handler who has joined our ranks. His name is William Salusky. Welcome to the club William.




Adrien de Beaupré, handler of the day