Forwarded From: phreakmoi <hackerelite@deathsdoor.com>
Major Security Flaws In Int'l Web Sites
From: http://www.currents.net/newstoday/98/11/03/news4.html
By Steve Gold, Newsbytes
NTA Monitor, a UK-based Internet security specialist firm, will next week
publish research that shows more than 50 percent of business e-mail sites
in 11 European countries and Japan have major flaws in their e-mail server
software.
According to Deri Jones, the firm's managing director, and a veteran of
the UK Internet scene, these sites have the confidentiality of their
Internet mail jeopardized because their mail servers are using software
packages with known security risks.
NTA says that the conclusion is backed up the results of what is the
largest international e-mail security tests carried out to date. Its
research, the firm says, highlights the lack of emphasis placed on keeping
Internet e-mail servers up-to-date and free of known security problems.
In particular, Jones said, the research demonstrates that many
organizations are not testing their security on a regular basis.
Newsbytes understands that the research involved over 16,000 unique
servers, which form 100 percent of the live e-mail servers for commercial
Internet domains in Belgium, Denmark, Finland, France, Germany, Ireland,
Japan, Netherlands, Norway, Spain, Sweden and the UK.
NTA Monitor says it ran live tests across the Internet using a subset of
its Regular Monitor security testing service, which is used by over 100
major European firms for annual, quarterly or monthly testing of corporate
Internet security.
The testing ran between June and October 1998 and aimed to discover how
prevalent the use of e-mail software products and versions with known
security risks was.
The survey discovered that an estimated 35 percent of all sites in all the
countries are using software versions with known security holes, while an
average of 42 percent of Unix based e-mail servers are insecure -- with
Japan the highest at 90 percent and Denmark and Finland the lowest at 23
and 29 percent, respectively.
According to the research, the UK and France are both worse than average
at 56 and 55 percent, respectively, while the large majority of Unix
e-mail vulnerabilities are due to the use of old versions of Sendmail with
known security holes -- many of which allow machines to be totally taken
over, NTA says.
According to NTA's report, Finland, Germany and Netherlands all had more
than 27 percent of their total mailers using the recent secure versions of
Sendmail, compared with 6 percent in Japan and 15 percent in Belgium
In addition to this, an average of 41 percent of NT-based mail servers are
using insecure software. Interestingly, NTA's research found that the UK
and Belgium are the lowest at 25 and 32 percent, respectively, while Japan
is at 50 percent -- and mail servers hosting domains for more than one
country are the worst at 60 percent.
One interesting fact that stands out from the report is that 18 percent of
sites are running Microsoft NT, with Belgium, Norway, Denmark, UK and
Netherlands being the top 5 users. The most widely used NT mailer,
meanwhile, was found to be NTMail.
According to NTA's research, the majority of NT e-mail server insecurity
is caused by the use of old or unpatched versions of Microsoft Exchange --
only version 5.5. with the correct patches is secure, the firm says.
Curiously, NTA notes that Irish e-mail servers are the least secure with
70 percent running old Exchange versions. The UK, however, is most secure
in Europe, although with 50 percent, that is not saying much, Newsbytes
notes.
According to Jones, in all the European countries, between 4 and 8 percent
of e-mail servers are protected by well-known firewall brand using mail
proxies -- Germany, Japan and Spain were the lowest at 4 percent, while
Sweden and Denmark were the highest at 9 and 8 percent, respectively.
Interestingly, NTA's research found that all the European countries had
virus checking usage at 3 percent or less, except Japan at 7 percent,
Norway at 5 percent and Ireland at 4 percent.
"It's quite astounding that security risks are still so high. In the
course of regular testing of our own customers we do see a gradual
improvement in the levels of security practice," said Jones, who added
that many organizations are shocked when they get their first proper test
results, when they see how many of their perimeter defenses, even if built
with strong products, have configuration and patch flaws.
"This survey confirms the fact that organizations may be spending in
excess of $15,000 per year on 24-hour Internet connectivity, but are
failing to spend 10 or 20 percent of that on security," he explained.
According to Jones, the variety of known risks within the range of old and
flawed versions of e-mail software packages found enable hackers to crash
systems, or to access confidential information within e-mail messages, and
even to take control of the machines altogether and launch further attacks
into data systems deep within corporate networks.
"The problems are particularly serious now that many more organizations
are running e-commerce; financial transactions are taking place online,
with large business risks if security is breached," he said.
According to Jones, the best advice anyone can give, is not to rush out to
buy more security gadgets, but first of all to get your Internet security
perimeter thoroughly tested.
"It'll be the best value 1,500 pounds ($2,600) of security you'll ever
spend," he said. Copies of the report can be purchased from NTA's Web
site at http://www.nta-monitor.com .
Article posted on 11/03/98
-o-
Subscribe: mail majordomo@repsec.com with "subscribe isn".
Today's ISN Sponsor: Repent Security Incorporated [www.repsec.com]
Received on Wed Nov 4 10:05:15 1998