From: Chris McDonald (8/31/93) To: reviewslist:;@WSMR-SIMTEL20.ARM, CC: 71774.3216@compuserve.COM Mail*Link¨ SMTP Information Systems Securit # 93-21 1. The Workshop Proceedings of the Federal Criteria for Information Technology Security, June 2-3, 1993, are now available. With over 20,000 comments received it is evident that many individuals and organizations spent a considerable amount of time in reviewing the draft Criteria. In a somewhat surprising development a Common Criteria Editorial Board (CCEB) has been formed to develop a common criteria based on the input from the TCSEC, ITSEC, CTCPEC, the draft Federal Criteria, and the draft ISO standard on IT Security Criteria. "The Common Criteria drafts will undergo extensive external reviews, allowing those involved in the original Federal Criteria project (both originators and reviewers) to continually provide valuable data to this process." The proceedings are identified as "Version 1.0, July 30, 1993". 2. The subject of "firewalls" has become a HOT issue of late. CERT and NIST have published several papers and tutorials on the subject. The August 1993 edition of the IBM Internet Journal provides a readable introduction to the subject. It is written by Ted Doty and would be ideal for anyone knew to the firewall concept. The Internet "Firewalls" discussion mailing group is another source, although discussions of late have been less informative. 3. The August 1993 edition of "Virus Bulletin" has a review of CPAV, version 2.0 (reference PT-36). The reviewer is fair, but rather brutal. In a nice ironic touch the same edition has an interview with Jim Horsburgh, Managing Director of Central Point International. Finally, the edition has some interesting statistics on "reported virus infections" based upon information provided directly to "Virus Bulletin" as well as data supplied by the New Scotland Yard's Computer Crime Unit. Despite the furor over thousands of viruses identified and despite the advertising claims of several commercial vendors, the actual statistics continue to indicate that 7-8 viruses cause 70% to 75% of all reported infections within the UK. While it may be hazardous to extrapolate such data to the US, previous surveys in the States have essentially reflected the same general conclusion. The only difference appears to occur in the actual 7 or 8 viruses involved. 4. Product test reports have included these over the last two weeks: (a) PT-61, a revision to VDS PRO; (b) PT-63, TrashGuard; and (c) PT-71, MacRx. Since all product tests are now done on my own time as an intellectual hobby, I am somewhat ecletic on what I now complete. Whenever a vendor provides me an evaluation copy, I find it necessary to concentrate on that product. I will continue to publish a monthly listing of all product tests completed and in process. 5. Chris Johnson has released version 1.2.8 of Gatekeeper/Gatekeeper Aid (reference PT-53). I will update my test report this weekend. One may ftp the latest version from microlib.cc.utexas.edu in the path microlib/mac/ virus. Gatekeeper is FREEWARE. 6. Distribution of V-BASE has moved from ICSA to Norman Data Defense Systems Inc. If you were a registered user, or if you would like to become one, contact Robert Voorhis at (703) 573-8990 or norman@digex.com. 7. The Summer edition of "Computer Virus Developments Quarterly" is now available. The major theme is "protected mode boot-sector viruses" which is just not my cup of tea. The edition has a short article on four US BBSs which specialize in distributing viral code. I can verify that two of the four listed telephone numbers are legitimate, although the system administrators have placed certain restrictions on downloading. The two were known to me before the article. I will check out the other two. Since these updates go through secondary and tertiary distribution, I consider it inappropriate to publish the numbers in this forum. 8. From the September 14, 1993 edition of "PC Magazine" comes this groaner: Question: What do you get when you cross Lee Iacocca with Dracula? Answer: AUTOEXEC.BAT ------- ------------------ RFC822 Header Follows ------------------ Received: by internetqm.llnl.gov with SMTP;31 Aug 1993 20:27:41 -0800 Return-path: CMCDONALD@WSMR-SIMTEL20.ARMY.MIL Received: from icdc.llnl.gov by icdc.llnl.gov (PMDF #3384 ) id <01H2EPEKCXG0AW4K5Y@icdc.llnl.gov>; Tue, 31 Aug 1993 20:27:22 PDT Received: from pierce.llnl.gov by icdc.llnl.gov (PMDF #3384 ) id <01H2EPE431M8AW43MC@icdc.llnl.gov>; Tue, 31 Aug 1993 20:27:03 PDT Received: by pierce.llnl.gov (4.1/LLNL-1.18/llnl.gov-05.92) id AA24244; Tue, 31 Aug 93 20:27:56 PDT Received: from WSMR-SIMTEL20.ARMY.MIL by pierce.llnl.gov (4.1/LLNL-1.18/llnl.gov-05.92) id AA24235; Tue, 31 Aug 93 20:27:51 PDT Date: 31 Aug 1993 21:10:59 -0700 (MDT) From: Chris McDonald Subject: Information Systems Security Update, #93-21 Resent-to: BILL_ORVIS@QUICKMAIL.llnl.GOV To: reviewslist:;@WSMR-SIMTEL20.ARMY.MIL Cc: 71774.3216@compuserve.COM Resent-message-id: <01H2EPEKFLW2AW4K5Y@icdc.llnl.gov> Message-id: <12905646030.19.CMCDONALD@WSMR-SIMTEL20.ARMY.MIL> X-Envelope-to: BILL_ORVIS@QUICKMAIL.llnl.gov X-VMS-To: IN%"reviewslist:;@WSMR-SIMTEL20.ARMY.MIL" X-VMS-Cc: IN%"71774.3216@compuserve.COM" Content-transfer-encoding: 7BIT ======================================================================