From: Chris McDonald STEWS-IM-CM-S (2/16/93) To: /usr/cmcdonal/reviewlist:@wsmr-, Mail*Link¨ SMTP Information Systems Securit 93-6 1. The International Computer Security Association (ICSA) has created V-BASE, advertised as "the accurate database of virus info in hypertext". Dr. David Stang has clearly seized on the numerous discrepancies noted by a variety of researchers in Patricia Hoffman's VSUM. I am presently reviewing a demonstration copy of V-BASE which I received at the recent NCSA virus conference. Even without the review I have decided to no longer issue a monthly summary of VSUM. The effort had received a point of diminishing returns in my opinion. ICSA may be contacted at 202-364-8252 or by FAX at 202-364-1320. I have no affiliation or financial interest in ICSA. 2. The above mentioned NCSA conference was technically excellent. Presentations by David Stang on automated viral analysis, by Dr. Alan Solomon on the mechanisms of stealth and polymorphism, and by Fridrik Skulason on the Virus Construction Laboratory and other potential disasters were outstanding. Proceedings of the conference are available from NCSA, unfortunately Stang's and Skulason's prepared remarks do not appear. One of those cases where you had to be there! This was a rare occasion where subject matter experts could also speak entertainingly. 3. I received complimentary copies of two overseas publications which are extremely well done: (a) "Virus Bulletin" and (b) "Virus News International". The first can be ordered through NCSA; the second through Editorial Assistant, William Knox House, Britannic Way, Llandarcy, Swansea, SA10 6NL. I suggest you contact the respective POC for the cost of a subscription. I do not convert pounds very well, and the complimentary copies had order forms which varied from the cost shown in the copy. As a preview, the January 1993 edition of "Virus Bulletin" had an analysis of 20 different scanners based upon their detection capabilities; the January 1993 editon of "Virus News International" had a fascinating article on the arrest of virus writers in Britain as well as an interview with the virus author, Dark Avenger, who gave the world the Mutation Engine object module. 4. Peter Neumann one again addresses the issue of "Are Dependable Systems Feasible?" in the February 1993 edition of the "Communications of the ACM". It is sometimes difficult to known where Peter's sentiments lie on the question as evidenced by the personal nature of this particular column. I offer some of his observations in no particular order and encourage those interested to seek out the full source. "Unqualified successes are quite rare." "Experience is the best teacher, but once you have had the experience, you may not want to do it again (and again)." "We still do not sufficiently appreciate the real difficulties that lurk in the development, administration, and use of systems with critical requirements." "Technological solutions are often sought for problems whose solutions require reasonable human behavior more than sound technology." 5. The January/February 1993 edition of the USENIX Association Newsletter ";login:" has a four page article by Bjorn Satdeva "Communication: An Important Aspect of UNIX System Administration". For the administrator who believes that her or his job would be heaven if it were not for all those expletive deleted users, this is a must read! 6. The March 1993 edition of "Lan Magazine" has an article by Ray Kaplan and Joe Kovara "Why Get Defensive?" which summarizes two of their recent audio teleconferences on information security. The audience is clearly managers who might still need a wake-up call, or security professionals who have suffered a temporary brain loss. 7. New Security Product Announcement!!!! "A new phone device that imitates the call-waiting signal is now available for those times when you need an excuse to hang up on a motor mouth. Gotta Go, a $14.95 gadget that can be hooked to a single line phone, is available from Eclipse Products, Darien, Conn." ("Communications of the ACM", February 1993/Vol.36, No.2, page 14) ------------------ RFC822 Header Follows ------------------ Received: by internetqm.llnl.gov with SMTP;16 Feb 1993 08:38:21 U Return-path: cmcdonal <@WSMR-SIMTEL20.ARMY.MIL:cmcdonal@wsmr-emh03.army.mil> Received: from icdc.llnl.gov by icdc.llnl.gov (PMDF #3384 ) id <01GUS7GSFPF48ZDVVL@icdc.llnl.gov>; Tue, 16 Feb 1993 08:36:43 PST Received: from pierce.llnl.gov by icdc.llnl.gov (PMDF #3384 ) id <01GUS7G26PCW8ZDVVJ@icdc.llnl.gov>; Tue, 16 Feb 1993 08:36:11 PST Received: by pierce.llnl.gov (4.1/LLNL-1.18/llnl.gov-05.92) id AA14260; Tue, 16 Feb 93 08:36:40 PST Received: from WSMR-SIMTEL20.ARMY.MIL by pierce.llnl.gov (4.1/LLNL-1.18/llnl.gov-05.92) id AA14253; Tue, 16 Feb 93 08:36:35 PST Received: from wsmr-emh03.army.mil by WSMR-SIMTEL20.ARMY.MIL with TCP; Tue, 16 Feb 1993 09:34:43 -0700 (MST) Date: 16 Feb 1993 09:28:29 -0700 (MST) From: Chris McDonald STEWS-IM-CM-S Subject: Information Systems Security Update, #93-6 Resent-to: BILL_ORVIS@QUICKMAIL.llnl.GOV To: /usr/cmcdonal/reviewlist:@wsmr-emh03.army.mil Resent-message-id: <01GUS7GSJGGI8ZDVVL@icdc.llnl.gov> Message-id: <9302161636.AA14253@pierce.llnl.gov> X-Envelope-to: BILL_ORVIS@QUICKMAIL.llnl.gov X-VMS-To: IN%"/usr/cmcdonal/reviewlist:@wsmr-emh03.army.mil" Content-transfer-encoding: 7BIT ======================================================================