From: Chris McDonald (5/2/93) To: securitylist:;@WSMR-SIMTEL20.AR, CC: krvw@agarne.ims.disa.MIL Mail*Link¨ SMTP Information Systems Securit R#93-14 1. Monthly updates to the product test index and to the reports of viral infections in commercial/government material have been distributed. I am currently in a cycle of revising those product tests of programs which I consider to be valuable tools or which have a significant market share. It is my intention to update the test reports of F-PROT, VIRUSCAN, VirusDetective, Rival, Virex-PC and Virex in the near term (2-3 weeks). Last month I distributed a revision to CPAV (PT-36) and finalized reports on two other programs. 2. I received V-BASE from the ICSA last week. Advertised as the "accurate hypertext virus info database", V-BASE is in my opinion impressive. It is well-worth the $25.00. In the event you wanted a copy, contact ICSA at 202-364-8252. Dr. David Stang stresses that, if you reach Sylvia Moon, she is the Director of Operations--not his secretary! 3. The three editions of Risks Forum, prior to 30 Apr 93, had several postings on Clipper. Rather than add to the ensuing controversy, I offer only this deja vu observation. In the mid 1980s certain agencies used Presidential Executive Orders and Committee instructions to establish policies and procedures for unclassified sensitive Federal computer systems. When the dust had settled, Congress had intervened with the Computer Security Act of 1987. I cannot help but think that certain bureaucracies fail to use the lessons of history wisely. Risks Form is widely available on the Internet. 4. CERT advertisements are on the street for two seminars. a. Internet Security for System and Network Administrators, June 9 or 10 b. Internet Security for Managers, June 8 I can testify that 4a is an excellent seminar based on my personal attendance. If you need more details, cert@cert.org or 412-268-7090. 5. I received pre-publication notices on two books addressing network security. a. "Network Security Secrets", Dr. David Stang, $49.95 plus $5.00 shipping. Order from Special Products Dept, Network World, Inc., 161 Worcester Road, Framingham, MA 01701 b. "Secure Data Networking", Michael Purser, $56.00 plus shipping if ordering before July 31, 1993. Order from Artech House Publishers, 800-225-9977, ask for extension 4002 and provide title and ISBN 0-89006- 692-2. 6. Testing is complete on the program STOPLIGHT (PT-64). It turns out that it combines viral protection/access control programs already tested ( see F-PROT, PT-17, and AllSafe, PT-40). ------- ------------------ RFC822 Header Follows ------------------ Received: by internetqm.llnl.gov with SMTP;2 May 1993 16:51:17 -0800 Return-path: CMCDONALD@WSMR-SIMTEL20.ARMY.MIL Received: from icdc.llnl.gov by icdc.llnl.gov (PMDF #3384 ) id <01GXPGLGE2C0A23CKI@icdc.llnl.gov>; Sun, 2 May 1993 16:50:58 PST Received: from pierce.llnl.gov by icdc.llnl.gov (PMDF #3384 ) id <01GXPGKZ8V0GA23CIP@icdc.llnl.gov>; Sun, 2 May 1993 16:50:37 PST Received: by pierce.llnl.gov (4.1/LLNL-1.18/llnl.gov-05.92) id AA25006; Sun, 2 May 93 16:51:15 PDT Received: from WSMR-SIMTEL20.ARMY.MIL by pierce.llnl.gov (4.1/LLNL-1.18/llnl.gov-05.92) id AA24999; Sun, 2 May 93 16:51:11 PDT Date: 02 May 1993 17:35:09 -0700 (MDT) From: Chris McDonald Subject: Information Systems Security Update #93-14 Resent-to: BILL_ORVIS@QUICKMAIL.llnl.GOV To: securitylist:;@WSMR-SIMTEL20.ARMY.MIL Cc: krvw@agarne.ims.disa.MIL Resent-message-id: <01GXPGLGI30IA23CKI@icdc.llnl.gov> Message-id: <12873887316.15.CMCDONALD@WSMR-SIMTEL20.ARMY.MIL> X-Envelope-to: BILL_ORVIS@QUICKMAIL.llnl.gov X-VMS-To: IN%"securitylist:;@WSMR-SIMTEL20.ARMY.MIL" X-VMS-Cc: IN%"krvw@agarne.ims.disa.MIL" Content-transfer-encoding: 7BIT ======================================================================