BANKING TECHNOLOGY ADVISORY: information security, Internet banking, bank technology, core processing, ACH processing, debit cards, smart card, check imaging, ATMs, EBPP

<a href="http://adserve.bankersonline.com/cgi-bin/advertpro/blink.fpl?region=2&slot=1" target="_top"><img src="http://adserve.bankersonline.com/cgi-bin/advertpro/bimg.fpl?region=2&slot=1&keyword=NULL" border="0"></a>


Site Map Our Sponsors Home

February 22, 2002

Print Friendly!

Email This Article!

Safe Computing Guide
NIST Virus Info
Top Threat List
McAfee Anti-Virus
F-Secure
Trend Micro
Wells' Wild List
Stiller Research
Tracking Map
Virus News
Virus Myths/Hoaxes

Microsoft Releases SNMP Patches
Microsoft recently released patches (last updated Feb. 15, 2002) for its Windows 2000 and Windows XP operating systems in response to the latest round of vulnerabilities discovered surrounding SNMP. The Windows implementation of SNMP contained an unchecked buffer, which could enable an attacker to execute arbitrary code or cause a denial of service. All Windows platforms are affected except for Windows ME, which does not include SNMP as part of the default operating system installation. Patches for Windows 95/98/NT are still in the works.

Microsoft Security Bulletin and Patches

Free SNMP Vulnerability Detection Tools Released
The SANS Institute and the Center for Internet Security joined the National Security Agency (NSA) in releasing free software tools and benchmark guidelines that can be used to detect SNMP vulnerabilitities. These tools aid in detecting a wide range of SNMP vulnerabilities and can be used to beef up the security of Cisco routers. You may obtain the SNMP vulnerability testing tool and the CISCO benchmark data tools from the Center For Internet Security website.

Additional Resources on SNMP:

CERT (SNMP) Vulnerabilities Frequently Asked Questions (FAQ)
CERT� Advisory CA-2002-03 Multiple Vulnerabilities in Many Implementations of the Simple Network Management Protocol (SNMP) (released 2/12/02 - last updated 2/21/02)

National Cyber Security Alliance Unveils STAY SAFE Online Website
The National Cyber Security Alliance, a unique partnership between the federal government and leading private sector companies, has developed a new web site, http://www.staysafeonline.info, to help educate citizens on cyber security. The site contains tips on how to safeguard home or small business computers, as well as a number of additional security resources.

Previous Tech Alerts:
02/20/02 Email Address Belonging to Legitimate Security Site Hijacked to Deliver Dangerous Yarner Worm
02/15/02 Mass Mailing Email Worm Compromises Word 2000 Security Settings
02/13/02 SNMP VULNERABILITY
02/07/02 Bloodhound Mass Mailing Worm and Managing Risks in Wireless Networks
02/04/02 Microsoft Issues Collection of Security Fixes for Windows 2000
01/31/02 Copycat Virus Unleashed
01/30/02 Netscape Browser Vulnerable to Cookie Theft
01/28/02 "My Party" Mass Mailing Worm
01/18/02 IT Contingency Planning Guide, Information Security Checklist and Solaris Vulnerability
01/15/02 Trojan.StartPage Alters Web Browsers
01/12/02 New Internet Worm Gigger Masquerades as Microsoft Outlook Upgrade
01/08/02 Microsoft Universal Plug and Play Vulnerability
12/20/01 Holiday Themed Computer Virus Unleashed

Home | Compliance | Lending | Operations | Security | Marketing | Technology | eBanking

BOL Archives Privacy Policy Important Disclaimer Recommend This Site ! Contact Us

BankersOnline is a free service made possible by the generous support of our advertisers and sponsors. Advertisers and sponsors are not responsible for site content. Please help us keep BankersOnline FREE to all banking professionals. Support our advertisers and sponsors by clicking through to learn more about their products and services.