[622] in Security FYI
[IS&T Security-FYI] Newsletter, September 28, 2007
daemon@ATHENA.MIT.EDU (Monique Yeaton)
Fri Sep 28 13:12:14 2007
Mime-Version: 1.0 (Apple Message framework v752.3)
Message-Id: <97471E6E-300A-406D-BF84-5905F3A7D905@mit.edu>
To: ist-security-fyi@mit.edu
From: Monique Yeaton <myeaton@mit.edu>
Date: Fri, 28 Sep 2007 13:09:46 -0400
Content-Type: multipart/mixed; boundary="===============1122323886=="
Errors-To: ist-security-fyi-bounces@mit.edu
--===============1122323886==
Content-Type: multipart/alternative; boundary=Apple-Mail-9-91305098
--Apple-Mail-9-91305098
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
charset=US-ASCII;
delsp=yes;
format=flowed
In this issue:
1. Kerberos Consortium Launched
2. TSM Vulnerabilities
3. National Cyber Security Awareness Month
-----------------------------------------------
1. Kerberos Consortium Launched
-----------------------------------------------
The Kerberos Consortium was launched on September 27, 2007 on an
ambitious mission to create a universal authentication platform to
protect the world's computer networks, according to the Kerberos web
site <www.kerberos.org/launch.html>. In the Consortium, vendors are
coming together to formalize the use of Kerberos for e-commerce and
mobile devices, among other things.
Kerberos was originally developed at MIT for Project Athena in the
1980's. Currently, its network authentication protocol is mostly
available in large corporate networks. The protocol's ability to
require strong mutual authentication can protect consumers doing
business on the Internet from phishing and other types of attacks.
What is Kerberos?
In short, Kerberos is a solution to network security problems. The
Kerberos protocol uses strong cryptography so that a client can prove
its identity to a server (and vice versa) across an insecure network
connection. After a client and server has used Kerberos to prove
their identity, they can also encrypt all of their communications to
assure privacy and data integrity as they go about their business.
Learn more about Kerberos here: <http://web.mit.edu/kerberos/>
-----------------------------
2. TSM Vulnerabilities
-----------------------------
This notice was sent out by MIT's TSM Systems Team earlier today. Two
vulnerabilities exist in TSM (Tivoli Storage Manager) 5.4.0 and
earlier. They affect the Web Client GUI, Client Acceptor Daemon (CAD)
managed scheduling, and server-initiated prompted scheduling.
The risks have the potential to crash the operating system due to a
buffer overrun in CAD and, under certain conditions, use of server-
initiated prompted scheduling can allow unauthorized access to the
client's data.
How it affects you at MIT:
- The TSM web client is not configured for use by default. If you use
the web client, you need to upgrade to TSM 5.4.1.2 to avoid having
your machine at risk.
- By default on Macintosh, scheduled backups use the CAD to initiate
the scheduler. Therefore, all Mac users that run scheduled backups
should upgrade to TSM 5.4.1.2. Regardless of your platform, if you
are using CAD for scheduled backups or you are not sure, the safest
path is to upgrade the TSM client.
- At MIT we use the 'client polling' method, which is not affected,
rather than the server-initiated prompted scheduling, so no one is
impacted.
- The TSM Servers are not affected.
MIT's Solution:
IS&T recommends all TSM clients update to Version 5.4.1.2 which
includes fixes for these security vulnerabilities. The MIT software
distribution web page <http://web.mit.edu/software> has been updated
with the new TSM client release for Linux, Macintosh and Windows. To
download other TSM clients, go to: <http://web.mit.edu/tsmsystems/
download.html>.
Until you have installed the upgrade:
- do not start up or use the CAD
- do not use the Web client
- use client-initiated traditional scheduling instead of CAD-managed
scheduling
If you have questions regarding this TSM alert, please contact <tsm-
systems@mit.edu>. If you need assistance upgrading to TSM 5.4.1.2,
please contact the Computing Help Desk at <computing-help@mit.edu> or
(617) 253-1101.
------------------------------------------------------------
3. National Cyber Security Awareness Month
------------------------------------------------------------
Every year, the month of October is dedicated to National Cyber
Security Awareness. Several universities around the country are
hosting events to discuss Internet security and to find ways to
protect ourselves and our children.
The widespread availability of computers and connections to the
Internet provides everyone with 24/7 access to information, credit
and financial services, and shopping. The Internet is also an
incredible tool for educators and students to communicate and learn.
Unfortunately, some individuals exploit the Internet through criminal
behavior and other harmful acts. Criminals can try to gain
unauthorized access to your computer and then use that access to
steal your identity, commit fraud, or even launch cyber attacks
against others.
However, there is no single cyber security practice or technological
solution that will prevent online crime. The National Cyber Security
Alliance (NCSA), which sponsors the month <www.staysafeonline.org>,
provides several security practices on its site that include Internet
habits as well as technology solutions.
To learn more about the events in October 2007, visit: <http://
www.staysafeonline.info/events/index.html>
=========================
Monique Yeaton
IT Security Awareness Consultant
MIT Information Services & Technology (IS&T)
(617) 253-2715
http://web.mit.edu/ist/security
--Apple-Mail-9-91305098
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
charset=ISO-8859-1
<HTML><BODY style=3D"word-wrap: break-word; -khtml-nbsp-mode: space; =
-khtml-line-break: after-white-space; "><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">In this =
issue:</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
12px/normal Arial; min-height: 14px; "><BR></DIV><DIV style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">1. Kerberos =
Consortium Launched</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">2. TSM =
Vulnerabilities</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">3. National Cyber =
Security Awareness Month</SPAN></FONT></DIV><DIV style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: =
normal normal normal 12px/normal Arial; min-height: 14px; =
"><BR></DIV><DIV style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; "><FONT class=3D"Apple-style-span" =
face=3D"Arial" size=3D"3"><SPAN class=3D"Apple-style-span" =
style=3D"font-size: =
12px;">-----------------------------------------------</SPAN></FONT></DIV>=
<DIV style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; "><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: =
12px;">1. Kerberos Consortium Launched</SPAN></FONT></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; "><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: =
12px;">-----------------------------------------------</SPAN></FONT></DIV>=
<DIV style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 12px/normal Arial; =
min-height: 14px; "><BR></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">The Kerberos =
Consortium was launched on September 27, 2007 on an ambitious mission to =
create a universal authentication platform to protect the world's =
computer networks, according to the Kerberos web site <<A =
href=3D"http://www.kerberos.org/launch.html">www.kerberos.org/launch.html<=
/A>>. In the Consortium, vendors are coming together to formalize the =
use of Kerberos for e-commerce and mobile devices, among other =
things.</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
12px/normal Arial; min-height: 14px; "><BR></DIV><DIV style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">Kerberos was =
originally developed at MIT for Project Athena in the 1980's. Currently, =
its network authentication protocol is mostly available in large =
corporate networks. The protocol's ability to require strong mutual =
authentication can protect consumers doing business on the Internet from =
phishing and other types of attacks.</SPAN></FONT></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 12px/normal Arial; =
min-height: 14px; "><BR></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">What is =
Kerberos?</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 12px/normal Arial; min-height: 14px; "><BR></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; "><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: =
12px;">In short, Kerberos is a solution to network security problems. =
The Kerberos protocol uses strong cryptography so that a client can =
prove its identity to a server (and vice versa) across an insecure =
network connection. After a client and server has used Kerberos to prove =
their identity, they can also encrypt all of their communications to =
assure privacy and data integrity as they go about their =
business.=A0</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 12px/normal Arial; min-height: 14px; "><BR></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; "><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: =
12px;">Learn more about Kerberos here: <<A =
href=3D"http://web.mit.edu/kerberos/">http://web.mit.edu/kerberos/</A>>=
</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
12px/normal Arial; min-height: 14px; "><BR></DIV><DIV style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: =
12px;">-----------------------------</SPAN></FONT></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; "><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: =
12px;">2. TSM Vulnerabilities</SPAN></FONT></DIV><DIV style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: =
12px;">-----------------------------</SPAN></FONT></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 12px/normal Arial; =
min-height: 14px; "><BR></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">This notice was =
sent out by MIT's TSM Systems Team earlier today.</SPAN></FONT><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: =
12px;">=A0</SPAN></FONT><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: =
12px;">Two vulnerabilities exist in TSM (Tivoli Storage Manager) 5.4.0 =
and earlier. They affect the Web Client GUI, Client Acceptor Daemon =
(CAD) managed scheduling, and server-initiated prompted =
scheduling.</SPAN></FONT><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: =
12px;">=A0</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 12px/normal Arial; min-height: 14px; "><BR></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; "><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: =
12px;">The risks have the potential to crash the operating system due to =
a buffer overrun in CAD and, under certain conditions, use of =
server-initiated prompted scheduling can allow unauthorized access to =
the client's data.</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 12px/normal Arial; min-height: 14px; "><BR></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; "><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: =
12px;">How it affects you at MIT:</SPAN></FONT></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 12px/normal Arial; =
min-height: 14px; "><BR></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">- The TSM web =
client is not configured for use by default. If you use the web client, =
you need to upgrade to TSM 5.4.1.2 to avoid having your machine at =
risk.</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
12px/normal Arial; min-height: 14px; "><BR></DIV><DIV style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">- By default on =
Macintosh, scheduled backups use the CAD to initiate the scheduler. =
Therefore, all Mac users that run scheduled backups should upgrade to =
TSM 5.4.1.2. Regardless of your platform, if you are using CAD for =
scheduled backups or you are not sure, the safest path is to upgrade the =
TSM client.</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 12px/normal Arial; min-height: 14px; "><BR></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; "><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: 12px;">- =
At MIT we use the 'client polling' method, which is not affected, rather =
than the server-initiated prompted scheduling, so no one is =
impacted.</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 12px/normal Arial; min-height: 14px; "><BR></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; "><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: 12px;">- =
The TSM Servers are not affected.</SPAN></FONT></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 12px/normal Arial; =
min-height: 14px; "><BR></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">MIT's =
Solution:</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 12px/normal Arial; min-height: 14px; "><BR></DIV><P =
style=3D"margin: 0.0px 0.0px 14.0px 0.0px"><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">IS&T =
recommends all TSM clients update to Version 5.4.1.2 which includes =
fixes for these security vulnerabilities. The MIT software distribution =
web page <</SPAN></FONT><A href=3D"http://web.mit.edu/software"><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;"><FONT =
class=3D"Apple-style-span" =
color=3D"#000BFF">http://web.mit.edu/software</FONT></SPAN></FONT></A><FON=
T class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">> has been =
updated with the new TSM client release for Linux, Macintosh and =
Windows. To download other TSM clients, go to: <</SPAN></FONT><A =
href=3D"http://web.mit.edu/tsmsystems/download.html"><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;"><FONT =
class=3D"Apple-style-span" =
color=3D"#000BFF">http://web.mit.edu/tsmsystems/download.html</FONT></SPAN=
></FONT></A><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: =
12px;">>.</SPAN></FONT></P><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">Until you have =
installed the upgrade:</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 12px/normal Arial; min-height: 14px; "><BR></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; "><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: 12px;">- =
do not start up or use the CAD</SPAN></FONT></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; "><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: 12px;">- =
do not use the Web client</SPAN></FONT></DIV><DIV style=3D"margin-top: =
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">- use =
client-initiated traditional scheduling instead of CAD-managed =
scheduling</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 12px/normal Arial; min-height: 14px; "><BR></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; "><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: =
12px;">If you have questions regarding this TSM alert, please contact =
<</SPAN></FONT><A href=3D"mailto:tsm-systems@mit.edu"><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;"><FONT =
class=3D"Apple-style-span" =
color=3D"#000BFF">tsm-systems@mit.edu</FONT></SPAN></FONT></A><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">>. If you need =
assistance upgrading to TSM 5.4.1.2, please contact the Computing Help =
Desk at <</SPAN></FONT><A href=3D"mailto:computing-help@mit.edu"><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;"><FONT =
class=3D"Apple-style-span" =
color=3D"#000BFF">computing-help@mit.edu</FONT></SPAN></FONT></A><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">> or (617) =
253-1101.</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 12px/normal Arial; min-height: 14px; "><BR></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; "><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: =
12px;">------------------------------------------------------------</SPAN>=
</FONT></DIV><DIV style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; "><FONT class=3D"Apple-style-span" =
face=3D"Arial" size=3D"3"><SPAN class=3D"Apple-style-span" =
style=3D"font-size: 12px;">3. National Cyber Security Awareness =
Month</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: =
12px;">------------------------------------------------------------</SPAN>=
</FONT></DIV><DIV style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
12px/normal Arial; min-height: 14px; "><BR></DIV><DIV style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">Every year, the =
month of October is dedicated to National Cyber Security Awareness. =
Several universities around the country are hosting events to discuss =
Internet security and to find ways to protect ourselves and our =
children.</SPAN></FONT><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: =
12px;">=A0</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; font: normal =
normal normal 12px/normal Arial; min-height: 14px; "><BR></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; "><FONT class=3D"Apple-style-span" face=3D"Arial" =
size=3D"3"><SPAN class=3D"Apple-style-span" style=3D"font-size: =
12px;">The widespread availability of computers and connections to the =
Internet provides everyone with 24/7 access to information, credit and =
financial services, and shopping. The Internet is also an incredible =
tool for educators and students to communicate and =
learn.</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
12px/normal Arial; min-height: 14px; "><BR></DIV><DIV style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">Unfortunately, =
some individuals exploit the Internet through criminal behavior and =
other harmful acts. Criminals can try to gain unauthorized access to =
your computer and then use that access to steal your identity, commit =
fraud, or even launch cyber attacks against =
others.</SPAN></FONT></DIV><DIV style=3D"margin-top: 0px; margin-right: =
0px; margin-bottom: 0px; margin-left: 0px; font: normal normal normal =
12px/normal Arial; min-height: 14px; "><BR></DIV><DIV style=3D"margin-top:=
0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">However, there is =
no single cyber security practice or technological solution that will =
prevent online crime. The National Cyber Security Alliance (NCSA), which =
sponsors the month <<A =
href=3D"http://www.staysafeonline.org">www.staysafeonline.org</A>>, =
provides several security practices on its site that include Internet =
habits as well as technology solutions.</SPAN></FONT></DIV><DIV =
style=3D"margin-top: 0px; margin-right: 0px; margin-bottom: 0px; =
margin-left: 0px; font: normal normal normal 12px/normal Arial; =
min-height: 14px; "><BR></DIV><DIV style=3D"margin-top: 0px; =
margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><FONT =
class=3D"Apple-style-span" face=3D"Arial" size=3D"3"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px;">To learn more =
about the events in October 2007, visit: <<A =
href=3D"http://www.staysafeonline.info/events/index.html">http://www.stays=
afeonline.info/events/index.html</A>></SPAN></FONT></DIV><BR><DIV> =
<SPAN class=3D"Apple-style-span" style=3D"border-collapse: separate; =
border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; =
font-size: 14px; font-style: normal; font-variant: normal; font-weight: =
normal; letter-spacing: normal; line-height: normal; text-align: auto; =
-khtml-text-decorations-in-effect: none; text-indent: 0px; =
-apple-text-size-adjust: auto; text-transform: none; orphans: 2; =
white-space: normal; widows: 2; word-spacing: 0px; "><SPAN =
class=3D"Apple-style-span" style=3D"border-collapse: separate; =
border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; =
font-size: 14px; font-style: normal; font-variant: normal; font-weight: =
normal; letter-spacing: normal; line-height: normal; text-align: auto; =
-khtml-text-decorations-in-effect: none; text-indent: 0px; =
-apple-text-size-adjust: auto; text-transform: none; orphans: 2; =
white-space: normal; widows: 2; word-spacing: 0px; "><SPAN =
class=3D"Apple-style-span" style=3D"border-collapse: separate; =
border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; =
font-size: 12px; font-style: normal; font-variant: normal; font-weight: =
normal; letter-spacing: normal; line-height: normal; text-align: auto; =
-khtml-text-decorations-in-effect: none; text-indent: 0px; =
-apple-text-size-adjust: auto; text-transform: none; orphans: 2; =
white-space: normal; widows: 2; word-spacing: 0px; "><SPAN =
class=3D"Apple-style-span" style=3D"border-collapse: separate; =
border-spacing: 0px 0px; color: rgb(0, 0, 0); font-family: Helvetica; =
font-size: 12px; font-style: normal; font-variant: normal; font-weight: =
normal; letter-spacing: normal; line-height: normal; text-align: auto; =
-khtml-text-decorations-in-effect: none; text-indent: 0px; =
-apple-text-size-adjust: auto; text-transform: none; orphans: 2; =
white-space: normal; widows: 2; word-spacing: 0px; "><DIV =
style=3D"font-size: 12px; "><SPAN class=3D"Apple-style-span" =
style=3D"font-size: 12px; "><SPAN class=3D"Apple-style-span" =
style=3D"font-size: 12px; =
">=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D</SPAN></SPAN></DIV><DIV style=3D"font-size: 12px; "><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px; "><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px; ">Monique =
Yeaton</SPAN></SPAN></DIV><DIV style=3D"font-size: 12px; "><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px; "><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px; ">IT Security =
Awareness Consultant</SPAN></SPAN></DIV><DIV style=3D"font-size: 12px; =
"><SPAN class=3D"Apple-style-span" style=3D"font-size: 12px; "><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 12px; ">MIT Information =
Services & Technology (IS&T)</SPAN></SPAN></DIV><DIV =
style=3D"font-size: 12px; "><SPAN class=3D"Apple-style-span" =
style=3D"font-size: 12px; "><SPAN class=3D"Apple-style-span" =
style=3D"font-size: 12px; ">(617) 253-2715</SPAN></SPAN></DIV><DIV =
style=3D"font-size: 12px; "><SPAN class=3D"Apple-style-span" =
style=3D"font-size: 12px; "><SPAN class=3D"Apple-style-span" =
style=3D"font-size: 12px; "><A =
href=3D"http://web.mit.edu/ist/security">http://web.mit.edu/ist/security</=
A></SPAN></SPAN></DIV><DIV style=3D"font-size: 12px; "><BR =
class=3D"khtml-block-placeholder"></DIV><BR =
class=3D"Apple-interchange-newline"></SPAN></SPAN></SPAN></SPAN> =
</DIV><BR></BODY></HTML>=
--Apple-Mail-9-91305098--
--===============1122323886==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
_______________________________________________
ist-security-fyi mailing list
ist-security-fyi@mit.edu
To Unsubscribe http://mailman.mit.edu/mailman/listinfo/ist-security-fyi
--===============1122323886==--
