Week in Security: .Net Virus, New Products And Partner Programs


Here's a rundown of some of the events, announcements and other happenings in information security last week:

•Virus researchers said someone has written a virus that targets Microsoft's .Net Web services software. The "proof of concept" virus, which hasn't been released, is dubbed W32/Donut and targets executable files used in the .Net framework.

Researchers also reported a proof of concept virus that infects Macromedia Flash animation files. They said SWF/LFM.926 posed a low risk.

•Secure Computing, San Jose, Calif., unveiled a new firewall and VPN product, the Sidewinder Appliance. The product is built on Dell Computers' rack-dense PowerEdge server platform. Dell will customize the hardware configuration, preinstall the software and arrange for delivery to customers. The appliance is available with Secure's 24x7 "live answer" support. Prices range from $5,900 to $23,900.

•Check Point Software Technologies, Redwood City, Calif., said it expanded its OPSEC (Open Platform for Security) initiative to include security assessment tools and services. Security assessment vendors joining the new initiative include Akaba, BindView, Lumeta, NetIQ, eSec, Intranode, Qualys, Veritect and Vigilante. Under the new program, assessment tools and services will leverage the OPSEC framework to automatically alert Check Point VPN-1/Firewall-1 administrators of potential network vulnerabilities.

•Atlanta-based Marshal Software unveiled its Partner Advisory Council for 2002: Karen Moore, president, Content Security Solution, Liberty Township, Ohio; Joe Gruenling, president, Titan Technologies, Los Angeles; Michael Maragh, president, MDM Systems Consulting, Burlington, Ontario; and Chas Arnold, vice president, Dynasis Integrated Systems, Roswell, Ga.

•RSA Security officially re-launched its SecurWorld Partner Program. The retooled program defines three tiers of partnership based on level of commitment and expanded benefits.

•Privacy Council, Richardson, Texas, said it was making available a free compact policy generator for companies dealing with P3P (Platform for Privacy Preferences) issues introduced by Microsoft's Internet Explorer 6. The generator, called the Free P3P Solution, is available at www.privacycouncil.com. IE 6 incorporates the P3P industry specification. P3P-enabled sites provide information on how they handle personal information in a standard format.

•Riptech, Alexandria, Va., said it will introduce a managed security and professional services program this week that addresses the specific needs of power and energy companies. The program, offered to members of the American Gas Association and Edison Electric Institute, includes regular security assessments, infrastructure security and ongoing monitoring of critical systems.

•Tumbleweed Communication, Redwood City, Calif., unveiled Secure Guardian OneChannel, a software suite that the company said offers businesses the ability to develop a single, secure online channel to communicate with customers and partners. Pricing for the product is based on CPUs and starts at $40,000 for a suite of four CPUs.

•PestPatrol, Carlisle, Pa., revealed an authorized reseller program for solution providers selling its line of software products, which include a toolkit that detects and removes attack tools and spyware installed on systems by malicious hackers.