Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: ISS Default Misconfiguration, New Bagel.U, and a couple 'witty' notes SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms:

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
ISS Default Misconfiguration, New Bagel.U, and a couple 'witty' notes
ISS Default Misconfiguration Problem

Today ISS notified its customers of a problem discovered in the default configuration of some versions of their RealSecure and BlackICE products. "This misconfiguration changes the default blocking and reporting behavior and may affect your level of protection. While the most current releases block most of the major threats (including Blaster, Nachi, Slammer, and Witty), ISS strongly recommends that customers update to this new release to provide maximum coverage for all threats."

New Bagel Variant: Bagel.U

New Bagel o' the Day: Bagel.U. This is the 21st variant classified. Noteworthy: unlike previous versions that used "tricky subject lines or enticing messages" this one arrives as an attachment to an otherwise empty message.,10801,91678,00.html

Witty Notes

A couple of article links that discuss security products being targeted, and the weakness of patch-based security.,10801,91688p2,00.html

Handler on duty: Dave Brookshire

17 Posts
Mar 28th 2004

Sign Up for Free or Log In to start participating in the conversation!