Week In Security: Apache Flaw And Flap, NetSec


Here's a rundown of some of the events, announcements and other happenings in information security last week:

•Security experts urged administrators to patch their Apache Web servers after a group called Gobbles Security released an exploit for a software vulnerability that was publicized earlier in the week by Internet Security Systems. ISS' warning about the vulnerability in the default version of Apache HTTP Server drew complaints from some in the security community who said ISS released the warning before adequately notifying the Apache Software Foundation, which supports the open-source program. Upgraded versions of Apache are available at www.apache.org.

•Check Point Software Technologies announced a new Open Platform for Security (OPSEC) wireless initiative, which provides for interoperability between wireless solutions from various vendors with Check Point's VPN-1/FireWall-1 software. Initial "Secured by Check Point" mobile devices include HP iPaq PDAs and handhelds, IBM ThinkPad laptops, and Microsoft Windows-powered Pocket PC 2002 devices and Smartphones 2002. The Nokia 9200 Communicator series based on the Symbian operating system also will be interoperable with Check Point software.

•Several vendors showed off new products at the Computer Security Institute's annual NetSec conference here last week. Lumeta, Somerset, N.J., announced the availability of its Lumeta Discovery Suite 2.0. The software is based on the Internet Mapping technology originated at Bell Labs and captures network data at the IP layer to form the foundation for application modules that provide a view into network assets, connections and possible vulnerabilities.

Keynote speakers at the conference included George Vinson, California's special adviser on state security, who warned that intelligence reports indicate that another terrorist attack is likely this summer.

•Stonesoft unveiled version 2.0 of its StoneGate high-availability firewall and VPN solution, which features the ability to easily upgrade remote firewalls and support for static IP multicast routing. The product is slated for availability at the end of the month.

•Securify, Mountain View, Calif., named Paul McGowan to its newly created position of senior vice president of sales. McGowan comes from RedZone Security Systems, a start-up he founded last year.