Security Web Digest: GFI Releases Freeware Mail Server Antivirus Protection

GFI MailSecurity for Exchange/SMTP 8 scans inbound and outboud mail. UK Banks accused of lax security CSX networks attacked German government orders anonymous browser service "JAP" to log sessions O'


GFI this week released a freeware version of GFI MailSecurity for Exchange/SMTP 8, its email content security solution. The freeware version scans inbound and outbound mail using a single anti-virus engine, and can be used as additional protection by companies who do not yet perform virus scanning at mail sever level or at the gateway, and by those who run just one anti-virus engine. "The freeware version will help administrators who do not have the budget to implement scanning at the gateway or at mail server level, or who cannot invest in a multiple virus engine solution," said Nick Galea, GFI CEO.

UK banks have been blasted for a "complacent" attitude towards some aspects of IT security. According to NTA Monitors Vertical Market Security Report 2003, 94 percent of financial organizations tested had basic router flaws that could cause major disruption to online banking services. NTA Monitor also found that many firms firewalls performed worse than in previous tests, with 31 percent containing at least ten flaws which left them open to a "considerable risk of malicious attack."

The Slammer worm penetrated a private computer network at Ohios Davis-Besse nuclear power plant in January and disabled a safety monitoring system for nearly five hours, despite a belief by plant personnel that the network was protected by a firewall, SecurityFocus has learned. CSX Transportations (CSXT) information technology systems experienced significant slowdowns this week after a computer virus infected the network. The cause was believed to be a worm virus similar to those that have infected the systems of other major companies and agencies in recent days. Slashdot rounds up the aftereffects of the worm.


The popular Java Anonymous Proxy (JAP) has been back-doored by court order. The service is currently logging access attempts to a particular, and unnamed, Web site and reporting the IP addresses of those who attempt to contact it to the German police. After taking the service down for a few days with the explanation that the interruption was "due to a hardware failure," the operators then required users to install an "upgraded version" (ie. a back-doored version) of the app to continue using the service. Jap is a collaborative effort of Dresden University of Technology, Free University Berlin and the Independent Centre for Privacy Protection Schleswig-Holstein, Germany (ICPP).

OReilly & Associates this week announced a new book examining the gargantua of the Internet, "Amazon Hacks". Written by Paul Bausch, the book deconstructs the inner workings of the popular site, and provides readers a resource for improved use. The hacks include creating shorter URLs and fine-tuning your recommendations.