In Focus: Mobile Computing Security Through Obscurity
I wonder if part of your job as security administrator or manager
includes handling mobile phone security? Someone at your company
should be tending to that responsibility, especially if employees are
storing company information on their phones.
Last week, Kaspersky Labs announced the discovery of the first virus
to infect mobile phones. The virus, which Kaspersky named Cabir,
affects mobile phones that use the Symbian OS. The virus is relatively
harmless--its only purpose is to propagate itself, and it does so only
to other phones that have Bluetooth enabled and are broadcasting their
presence. However, Denis Zenkin, head of Corporate Communications at
Kaspersky Labs, said that sooner or later, more malicious forms of
mobile phone malware that will possibly destroy or steal data will
begin to spread.
Since Cabir spreads to mobile phones that broadcast their presence via
Bluetooth wireless technology, you might want to configure Symbian to
use Bluetooth in an invisible mode that doesn't broadcast the phone's
presence. Configure other mobile phone OSs too to prevent any future
attacks against them. Using invisible mode is similar to configuring
wireless Access Points (APs) to not broadcast their SSID. If an AP
broadcasts its SSID, intruders can detect it and use it as a starting
point for penetrating your network. Bluetooth invisible mode is also
similar to using a firewall, which makes your internal networks
invisible to connected networks.
These security measures are probably common sense for you, but they
might not be for mobile phone users in your organization. You could
explain the security needs to users by comparing their
Bluetooth-broadcasting mobile phone to a wallet or purse left lying on
a car seat while they're out of the car. The wallet or purse is
essentially begging somebody to break into the car and steal it. A
little security through obscurity might save a lot of frustration
sooner or later. Some people might disagree, but I think you can gain
a fair amount of security by obscuring the presence of anything,
whether it be a wallet, purse, or wireless network.
Of course, you can gain plenty of security by adding device
protection, such as antivirus software for mobile phones, which is
available from many antivirus software vendors. And, as I mentioned
earlier, you might also consider some configuration changes to your
mobile phone OS, particularly disabling Bluetooth broadcasts to make
the devices somewhat invisible.
If you're interested in other problems with Bluetooth and mobile
phones, you might want to read about a few other related
vulnerabilities, which are mentioned in a recent Integralis press
release.
News: Audit Reveals Spyware Infestation
An April audit conducted by EarthLink and Webroot Software scoured
420,761 computer systems. The audit discovered more than 11.3 million
instances of spyware and Trojan horse programs installed on the
computers.
News: Secure SMS and Your Passwords
Microsoft released two new security-related articles that cover
Systems Management Server (SMS) environments and user password
management. The SMS article, "Scenarios and Procedures for Microsoft
Systems Management Server 2003: Security," details security
fundamentals, how to secure SMS, and how to maintain SMS security. The
password article, "Mind Those Passwords!" addresses the problems many
users face in managing numerous passwords.
Attend the Black Hat Briefings & Training USA Event - July 24-29.
This is the world's premier technical IT security conference,
hosting 2,000 delegates from 30 nations. Featuring 27 hands-on
training courses and 10 conference tracks with presentations by
security experts and "underground" security specialists. The
early-bird registration deadline is July 1!
The Conference on Securing and Auditing Windows Technologies, July
20-21
New.. The Conference on Securing and Auditing Windows
Technologies will be held July 20-21, at the Fairmont Copley
Plaza in Boston, MA. In vendor-neutral sessions on today's hottest
topics, you'll get practical strategies for mitigating risk and
safeguarding your systems.
FAQ: How Can I Enable the Security Tab at the Exchange Organization Level?
A. By default, the Security tab isn't displayed on an Exchange
organization's properties page. To display the tab, perform these
steps:
1. Start the registry editor (regedit.exe).
2. Navigate to the
HKEY_CURRENT_USER\Software\Microsoft\Exchange\EXAdmin subkey.
3. From the Edit menu, select New and click DWORD Value.
4. Enter the name ShowSecurityPage and press Enter.
5. Double-click the new value and set it to 1. Click OK.
6. Close the registry editor.
The Security tab will now be displayed on the Exchange organization's
properties page. On the Security tab, you can turn off the Send As and
Receive As deny settings to grant Exchange administrators full access
to all mailboxes in the organization. Using the Security tab to allow
full access is a simpler way to grant administrators access to users'
mailboxes than the technique described in the FAQ "How can I configure
Microsoft Exchange Server 2003 administrators so that they can access
all users' mailboxes?" at the URL below. However, keep in mind that
the Security tab lets you grant access only to all mailboxes or none.
Featured Thread: Port Filtering on Windows 2000 Server
(One message in this thread)
Jeff writes that he needs to tighten security on a Windows 2000
Advanced Server Web server. He wants to allow most UDP traffic, except
through ports 161 and 445. He doesn't want to use the OS's IP
filtering because it only lets you define allowed ports, not blocked
ports, which means that he'd have to manually create a long list of
allowed ports. Do you know an easy way to accomplish this task? Lend a
hand or read the responses.
We're Bringing the Experts Directly to You with 2 New IT Pro Workshop
Series About Security And Exchange
Don't miss two intense workshops designed to give you simple and
free tools to better secure your networks and Exchange servers.
Discover how to prevent hackers from attacking your network and how to
perform a security checkup on your Exchange Server deployment. Get a
free 12-month subscription to Windows & .NET Magazine and enter to win
an Xbox. Register now!
New and Improved
Monitor Your System and Applications
Anfibia Software announced Watchman 6.0, an application-monitoring
and system-protection tool. Watchman's new GUI offers file protection,
application-usage logging, and access-control management. You can stop
unwanted applications and protect documents from tampering. The
software works on Windows 2003/XP/2000/Me/NT 4.0/98 systems, and
single licenses start at $45. You can download a fully functional
evaluation version from the company Web site.
© 2008; SpywareUninstaller.com Group Project; All Rights Reserved.