CONTENTS


Introduction

Eighth Layer News

Not in The Fine(?) Manual

Industry News

Recommended Web Sites

Subscription Details


==========================================


Introduction


May's newsletter was going to cover the decision to

experiment with entirely free software at Eighth Layer

Limited. However this was curtailed somewhat by hardware

problems.


The address book used for the circulation list of this

newsletter has been restored from back-up. I have updated

it with most of the changes made in the last month.

Apologies - especially to anyone who has been lost.


Please excuse the short edition - but I decided to put this

one out on discovering how widespread various Outlook

viruses have become that don't require you to open an

attachment.


Apologies to our readers without Outlook


Simon


==========================================


Eighth Layer News


Our test PC was steadily being turned into a free software

based replacement for my desktop machine until, whilst

doing a back-up (timing!) it decided life was all too much.


Still, it is more or less back together now - so I'll

hopefully write about our free software experiences next

month.


==========================================


Not in the Fine(?) Manual


************************************


E-mail Security


Whilst Eighth Layer only saw a couple of copies of a

certain e-mail, and none were e-mail directly to us - the

'ILOVEYOU' e-mail certainly attracted publicity.


The response of the BugTraq mailing list was interesting -

they commented that since it didn't use any new exploit

it wasn't of significant interest to their readers (all

avid IT security types). They did however circulate a full

description of the e-mail's behaviour, and relevant

counter measures.


The 'ILOVEYOU' virus utilised Windows Scripting Host (WSH).

This is a toolkit for Windows that lets you write scripts

to automate various tasks. It is available as an add-on

for Windows 95, and bundled with Windows 98. If you don't

need it, then removing it would secure you against a

similar attack. If you don't know what it is, you probably

don't need it.


The 'ILOVEYOU' virus didn't exploit the ability of the

Outlook family of e-mail programs to execute code when an

e-mail is opened, rather it required the user to double

click on an attachment.


More virulent viruses that exploit this feature in Outlook

will almost certainly appear soon as the mechanism has

been extensively discussed and documented by IT security

experts and Microsoft.


As we have discussed before - Outlook readers should ensure

that mail is read in the 'Restricted Sites Zone', and

customise the 'Restricted Sites Zone' so it doesn't run

ANY active content (Microsoft default 'high security'

level isn't good enough).


The following patch may also be of interest.


Microsoft security update

http://www.microsoft.com/msdownload/iebuild/scriptlet/en/scriptlet.htm


So when the next generation of Outlook viruses strike - be

ahead of the Pentagon and the House of Commons. Apologies

to avid readers who have spotted me repeating myself on

this.


************************************


RUVPN - A Under-used tool for home or remote site working?


"Remote User Virtual Private Networking" is a very long way

of saying "making your home PC look like it is plugged

into the company network" - read your company e-mail,

access files on company servers, run company applications.


Typically, companies have used their own dial-up solutions,

but with more companies having an Internet connection, and

more free ISP's springing up all over the place, running

your own dial-in solution is looking an ever more

expensive option - especially for occasional use by IT

staff, or by International Sales staff.


What does it cost ?


Well, Microsoft bundle a solution (PPTP) with Windows 95,

98 and NT so it may cost the effort of getting it set up.


You will need a server on the corporate network - some

firewalls offer this service, otherwise for the Microsoft

solution you'll need an NT or Linux server. You may be able

to use an existing server depending on what it is doing,

and the security requirements you have.


Windows 2000, and Linux (among others) include even more

advanced features in this area, although these are rather

more complex to set up.


Do I need it ?


Well you do if the idea of cheap (possibly free) access to

the corporate network from home sounds attractive - it

really depends on what applications you are trying to use.

A good firewall will allow you to carefully control what

applications can connect through to your corporate

network, but the RUVPN approach allows you to identify

employees easily and allow them access to the appropriate

services, without over-complicating the rules on what is

and isn't allowed from the Internet to your corporate

network.


==========================================


Industry News


Lots of security announcements - and committees explaining

what they are going to do to solve Internet security

problems.


Someone even arrested the alleged author of the 'ILOVEYOU'

virus. This seems a particularly futile effort and I

suspect sets the stage for government action on security,

lots of high-profile news stories and limited useful action.


==========================================


Recommended Web Sites


************************************


http://antivirus.cai.com/


Despite some rather cynical comments on CA in the past from

myself - they are currently supplying a free antivirus

product. I haven't read all the details of the licence

agreement, and it isn't the fastest antivirus product in

the world, but it is free.


I believe Tesco's include antivirus software if you buy the

home shopping CD (0.50) from checkouts, where as if you

get the free CD from the Internet you don't get the

antivirus software.


Anyone still have an excuse?


==========================================


Subscription Details


Eighth Layer News subscription is still done the old

fashion way by hand.


The newsletter is free, and you are welcome to pass it on

to colleagues, ut please do encourage them to subscribe,

so I know who I'm writing for.



To subscribe or unsubscribe e-mail Simon@wretched.demon.co.uk


Copyright Eighth Layer Limited 2000. Remember copyright

allows exclusions or study, and personal use, I'll only

get upset if you make more money out of my ramblings than I

do. Archive copies are kept on the website

http://www.eighth-layer.com/