[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 313/06 - New NISCC Technical Notes, General Advice documentation, and NISCC Monthly Bulletin

   UNIRAS (UK Govt CERT) Briefing Notice - 313/06 dated 27.04.06  Time: 13:00  
  UNIRAS is part of NISCC (National Infrastructure Security Co-ordination Centre)
  UNIRAS material is also available from its website at www.uniras.gov.uk and
         Information about NISCC is available from www.niscc.gov.uk

New NISCC Technical Notes, General Advice documentation, and NISCC Monthly Bulletin

Two new Technical Notes on Egress and Ingress Filtering, and Security considerations 
of IPv6 are available on the NISCC website.

A new document on Secure web applications under the General Advice section of the
NISCC website is now available.

The NISCC Monthly Bulletin for March 2006 is also available on the NISCC website.

NISCC Technical Notes:

1. Egress and Ingress Filtering
Technical Note Id. 00294, 20 April 2006, (TN0106)
This NISCC Technical Note supplements NISCC Technical Note 10/04, "Understanding Firewalls". 
Its purpose is to assist those thinking about implementing or changing packet filtering 
devices at their network boundaries. 
URL: http://www.niscc.gov.uk/niscc/docs/re-20060420-00294.pdf?lang=en

2. Security considerations of IPv6 
Technical Note Id. 00307, 24 April 2006, (TN0206)
IPv6 is an extremely complicated protocol suite, with a large number of Internet RFCs linked 
to it, and as such there are many different areas which have security implications. This 
document attempts to summarise current thoughts on the security of IPv6 and linked protocols and technologies. 
URL: http://www.niscc.gov.uk/niscc/docs/re-20060424-00307.pdf?lang=en

General Advice:

1. Secure web applications. This document aims to provide insight into the secure development and installation of web applications
by exposing the pitfalls of web application design and addressing how to stop future attackers.

URL: http://www.uniras.gov.uk/niscc/docs/secureWebApps.pdf

NISCC Monthly Bulletin Contents:

Threats & Attacks
1. Israel jails spyware-for-hire couple
2. US man faces IRC Trojan charges
3. Phishing fraudsters offer cash reward
4. Kits help phishing sites proliferate
5. AOL files suit against suspected phishers
6. Zombie PCs menace mankind

CIIP, Legal & International Issues
7. Tougher hacking laws get support
8. UK companies failing to manage application
9. Viruses plague British businesses
10. Banks told to adopt stronger authentication
11. Banks strike back at ID cheats
12. Banks set up text and email fraud alerts
13. US government failing on cybersecurity
14. Security flaws could cripple missile defence
15. Internet blows CIA agents' cover
16. Enterprises: cybercrime costs us dear
17. China creates own Internet domains
18. Korea to fight web attacks from China

Viruses, Vulnerabilities & Incidents
19. DNS recursion leads to nastier DoS attacks
20. Open source players unite for patch testing
21. Trojan targets basic Java phones

URL: http://www.niscc.gov.uk/niscc/docs/re-20060331-00306.pdf?lang=en


For additional information or assistance, please contact the HELP Desk by 
telephone or Not Protectively Marked information may be sent via 
EMail to: uniras@xxxxxxxxxxxx

Office Hours:
Mon - Fri: 08:30 - 17:00 Hrs
Tel: +44 (0) 870 487 0748 Ext 4511
Fax: +44 (0) 870 487 0749

Outside of Office Hours:
On Call Duty Officer:
Tel: +44 (0) 870 487 0748 and follow the prompts

UNIRAS wishes to acknowledge the contributions of NISCC Media Team for the 
information contained in this Briefing. 
This Briefing contains the information released by the original author. Some 
of the information may have changed since it was released. If the vulnerability 
affects you, it may be prudent to retrieve the advisory from the site of the
original source to ensure that you receive the most current information concerning 
that problem.

Reference to any specific commercial product, process, or service by trade 
name, trademark manufacturer, or otherwise, does not constitute or imply 
its endorsement, recommendation, or favouring by UNIRAS or NISCC.  The views 
and opinions of authors expressed within this notice shall not be used for 
advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors 
or omissions contained within this briefing notice. In particular, they shall 
not be liable for any loss or damage whatsoever, arising from or in connection 
with the usage of information contained within this notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams (FIRST) 
and has contacts with other international Incident Response Teams (IRTs) in 
order to foster cooperation and coordination in incident prevention, to prompt 
rapid reaction to incidents, and to promote information sharing amongst its 
members and the community at large. 
<End of UNIRAS Briefing>

This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 

This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email