Skip to content
Tips for Tech

Tech Alert Briefing for 4/11/2002



New Vulnerabilities Discovered in Microsoft IIS Server

Microsoft released a Security Bulletin on April 10, 2002 detailing new cumulative patches intended to fixten new remote vulnerabilities recently discovered in its IIS web server versions 4.0, 5.0, and 5.1. These vulnerabilities vary in severity from mild to critical.

According to a report released by X-Force, a remote attacker may exploit one or more of these vulnerabilities to cause a target Web server to crash, execute arbitrary commands on the server, or gain complete control of a target IIS server.

It is recommended that all affected IIS customers apply the following Microsoft supplied patches immediately:

More Twists on Domain Name Scams

In a recent action a U.S. District Court shut down an operation that used deceptive messages and appealsto patriotism to sell fake ".usa" domain addresses. According to the FTC, the bogus businesses sold domain names ending with".usa ." The domains were sold through aggressive spam campaigns arriving via email with the subject line, "Be Patriotic! Register .USA Domains."

While this operation may have been shut down, variants on the domain name scams continue.We recently discovered that a group known as the Domain Support Group, operating out of NYC, is sending thousands of official looking faxes warning"URGENT NOTICE OF DOMAIN EXTENSION".This particular scam is quite deceptive, since the domain in question is similar to a domain name that you may have already registered, except that the extension is ".info" or ".net" or some other variation that is currently unregistered.

The fax contains detailed information about your company, including an official looking account number that is deceptively meant to appear as if you have a relationship with the company.If you call the number they have what sounds like ahigh volume call center, "boiler room", operating in the background.Operators attempt to complete a sales pitch to register the domain for 5 or 10 year period.Be on the lookout for this latest variation of Domain Name registration scam.

Denial of Service Attacks on the Rise

The CERT Coordination Center released a recent report on the current trends detailing the techniques and tools used to purport Internet attacks.Banks and other organizations whose businesses increasingly depend on the Internet face significant challenges in ensuring that their networks continue to operate safely and that their systems continue to provide critical services even in the face of an attack.

Distributed Denial of Service attacks are significantly on the rise. Other trends noted were an increase in:

  • Automation of the attack tools resulting in an increased speed of attack
  • Sophistication of the attack tools
  • Permeability of firewalls thereby making sites more vulnerable to an attack

CERT provides the following tips to help prevent a DOS attack:

  • Regularly review publicly available information on recent security vulnerabilities and incidents. It helps in configuring and updating your public Web server against new forms of attacks.
    • Regularly update your DOS detection tools to discover new patterns or events (resulting from new or updated attacks taking advantage of new vulnerabilities).
      • Update firewall-filtering mechanisms to deny new attacks.
        • Temporarily disable specific services that might be vulnerable.
          • Augment your alerting procedures.
            • Work with your Internet service provider to understand what precautions have been taken to guard against DOS attacks.
              • Get a configuration that uses multiple connections built from different network backbones. This will help switch public Web servers to another connection in the event of a DDOS attack.



              Previous Tech Alerts:
              04/09/02 New Virus Hoax Circulating Around Net
              03/22/02 MyLife.B Virus Makes Its Way Around the Net
              03/21/02 Microsoft Updates Its Warning on Critical Windows Vulnerability
              03/14/02 New Virus (W32/Fbound-C) Spreading Rapidly in the Wild
              03/08/02 Unauthorized E-Mail Scam Attempts to Steer Unwitting Customers to Fraudulent Bank Web Site
              03/06/02 Klez-E Worm and W32.Gibe Virus Warnings
              03/01/02 CERT Issues Warning on PHP Scripting Language Flaw
              02/27/02 CERT Issues Warning on Internet Explorer and Outlook Flaw
              02/22/02 SNMP Patches and Detection Tools Available
              02/20/02 Email Address Belonging to Legitimate Security Site Hijacked to Deliver Dangerous Yarner Worm
              02/15/02 Mass Mailing Email Worm Compromises Word 2000 Security Settings
              02/13/02 SNMP VULNERABILITY
              02/07/02 Bloodhound Mass Mailing Worm and Managing Risks in Wireless Networks
              02/04/02 Microsoft Issues Collection of Security Fixes for Windows 2000
              01/31/02 Copycat Virus Unleashed
              01/30/02 Netscape Browser Vulnerable to Cookie Theft
              01/28/02 "My Party" Mass Mailing Worm
              01/18/02 IT Contingency Planning Guide, Information Security Checklist and Solaris Vulnerability
              01/15/02 Trojan.StartPage Alters Web Browsers
              01/12/02 New Internet Worm Gigger Masquerades as Microsoft Outlook Upgrade
              01/08/02 Microsoft Universal Plug and Play Vulnerability
              12/20/01 Holiday Themed Computer Virus Unleashed

First published on 04/10/2002

Briefing type: 

Banker Tools View All

A collection of useful resources for various areas of the bank which have been developed by members of the BankersOnline staff or have been created and contributed by users of the BankersOnline site.

Banker Tools

Penalties View All

Search Briefings

Briefing Archives