Greetings,

Well the biggest news this week is that all your problems are solved! However that may mean that some of you would be out of a job. So we decided not to solve ALL your problems, just part of one problem.

I am (hopefully you guessed) talking about ARM (or AusCERT Remote Monitoring).

ARM is designed to monitor your systems from an external perspective. For example, it can check that your mail server is still accessible and has the correct MX records, that your web page is up and has not been defaced, and that DNS records have not been changed.

While some of these may be checks that you may already run internally, ARM provides an external perspective. Best of all ARM is free to AusCERT members (and since this only goes out to AusCERT members - that means you). So why not point a web browser at ARM and give it a try - you normal AusCERT login details should already work.

In bulletin related news, the alert of the week goes to Symantec Backup Exec (AL-2008.0116). While not a remote code execution vulnerability, it still allows authentication bypass and remote DoS.

One other bulletin of note is the updated iPhone OS. Some of them are normal run-of-the-mill vulnerabilities some of them are a little more interesting. CVE-2008-4233, for example, potentially allows a malicious web page viewed in Safari to BOTH "initiate a phone call without user interaction" and to "block the user's ability to cancel dialing" (ESB-2008.1065)

Lastly (although I could go on), Cisco pushed a bulletin on the recently publicised cracking of TKIP (in WPA/wireless networking). This is a very good description about what is actually broken about WPA security. Combines with this embedded.com article answered quite a few questions about wireless networking that I had.

Hope you all have a good weekend.

Regards,
Richard