Date: 13 Apr 1994 21:35:58 -0600 (MDT) From: Chris McDonald Subject: Information Systems Security Update, # 94-07 To: orvis@icdc.llnl.gov Content-transfer-encoding: 7BIT [To]: cmcdonal@wsmr-emh34.army.mil Apparently-To: orvis@icdc.llnl.gov # 94-07 1. Kent Marsh has an interesting offer for registered users of NightWatch II (reference Product Test 56). One may upgrade to version 2.5 and receive a free copy of CryptoMactic (a regular $129.95) for $39.95. The latter program has received some excellent reviews. The offer expires on April 30, 1994. 2. Peter Neumann has a concise overview of password modes of attack in the April edition, "Communications of the ACM". He proposes to discuss smart-card technology and nonreusable one-time authenticators in his next "Inside RISKS" column. As conventional passwords come under increasing scrutiny, I still remain intrigued with one-time password authentication schemes in software. While I have experimented with and have an appreciation for smart-cards and hardware-based authentication devices, I remain skeptical that we can afford them in the necessary quantities. 3. SRI International has distributed two technical reports on the Next- generation Intrusion Detection Expert System (NIDES): (a) SAFEGUARD FINAL REPORT: Detecting Unusual Program Behavior Using the NIDES Statistical Component, Final Report, December 2, 1993; and (b) The NIDES Statistical Component Description and Justification, Annual Report, A010, March 7, 1994. The first report discusses the use of NIDES to detect unauthorized use of applications or application classes. This represents a departure from the traditional NIDES monitoring of computer users. Both documents contain loads of technical details, so be prepared to be challenged. 4. The Spring 1994 edition of "2600" has an interesting Marketplace advertisement from American Eagle Publications, the publisher of Mark Ludwig's books and the Computer Virus Development Quarterly. For $99.95 plus $7.00 express shipping one may allegedly buy the "ultimate CD-ROM" which contains "thousands of fully functional computer viruses, virus construction toolkits, and virus related info". If you subscribe to CVDQ, you already receive such material but not in the quantity of a CD-ROM. While I am a subscriber, I have not received any direct marketing announcement for the CD-ROM. This is curious since in the past subscribers have generally received advance notices on new publications and materials with discounts available. 5. "Computing Systems", the Journal of the USENIX Association, has a special issue guest-edited by Matt Bishop on security (Volume 7, Number 1, Winter 1994).