Gibson struts out LeakTest
Gibson Research has released a free utility called LeakTest that acts as a Trojan horse simulator designed to try to slip through a firewall and connect to an Internet server. The product exposes a system's internal vulnerabilities, acting in a manner opposite of popular commercial personal firewalls that Gibson says put too much emphasis on inbound hacker attacks. Leak Test safeguards a system from Trojans slipping in and using its Internet connection without the user's knowledge. According to the Gibson Web site, LeakTest pretends to be an FTP client application that attempts to connect to a port on one of the grc.com servers, designed to work with LeakTest. It verifies the connection by receiving a short string of 13 random characters, then immediately disconnects.
Identrus secures bank transactions
Internet security provider Identrus has released a system that will secure online business-to-business transactions. ABN Amro, Bank of America, Deutsche Bank and HypoVereinsbank have brought Identrus aboard for to secure banking transactions through Identrus Certificate Authorities. Customers are identified by a smart card that legally binds them to the transaction. The cards provide security in transactions between banks and clients and also between companies using bank-run electronic marketplaces. These applications will secure e-marketplaces, messaging, document transfer, commercial insurance sales, CLS foreign exchange, and online bill payments and commercial Internet banking.
Baltimore secures Openwave products
Openwave WAP products, UP Browser, UP.Link Server and Secure Enterprise Proxy, will be secured by Baltimore Technologies, Certicom and Diversinet electronic authentication devices. The root keys provided by the vendors are compliant with the WAP Forum's Wireless Transport Layer Security (WTLS) Class II. In order to provide authentication during a secure transaction, a "root certificate" or "root key" stored in the microbrowser is used to verify a "server certificate" sent by a WAP gateway. A certificate is simply a short, electronic document that contains data about the certificate issuer and the company to which the certificate was issued. This document is then encrypted with a private encryption key used solely for the purposes of encrypting these certificates.
Monthly report keeps you up-to-date on cyber attacks
Pilot Network Services publishes a monthly report, helping companies spot and react to trends in cyber attacks and offers advice on how to combat them. Pilot, a subscription-based e-business service provider, released on Monday the November Cyber Barometer, a compilation of reports from Pilot security engineers who analyze trends in the more than 80 million monthly attacks they repel. Attacks are broken out by geographic region of origin and numbers and types for each. Comparisons and analysis is also offered.
To have your announcements included in Quick Takes, contact Michael S. Mimoso, News Editor.