Niche Konsult Limited's Newsletter
September 2007 Edition
This email message is being sent to all individuals who have expressed interest
in Niche Konsult or Niche Konsult partner products and solutions in accordance with
Niche Konsult’s
privacy policy. You may opt out of future mails by sending a mail
to newsletter@nichekonsult.com
with “Unsubscribe” in the Subject line.
View in Browser
Privacy Policy
Feature Story: BlackBerry and GFI
- Complimentary Solutions
History
It is eight years since the Canadian company Research in Motion (RIM)
introduced BlackBerry. The original BlackBerry devices were equivalent to the black
and white television sets of bygone days, but today’s BlackBerry supports up to
65,000 colours.
Attraction
A major attraction of BlackBerry is its ability to push email to the
user without any action on the part of the user, for this reason many companies use it to provide roaming employees access
to email.
In addition to wireless email, it provides full two way wireless synchronization
of Microsoft Exchange Server, Lotus Domino and Novell GroupWise calendars, contacts,
notes, instant messaging, SMS and MMS plus full web browsing and access to corporate
applications.
And since emails are stored on the device, emails remain accessible even if network
coverage is non-existent.
The flavours
Three flavours of BlackBerry exist:
BlackBerry Enterprise Server or BES for short
BlackBerry Web Client or BWC for short
BlackBerry Internet Server or BIS for short
The first as the name implies is aimed at enterprises running their own mail servers,
and the last two at what RIM prefers to call the ‘prosumer’ short for professional
consumer.
BlackBerry Enterprise Server
Companies interested in the tightest possible integration
between BlackBerry and their system usually opt for BES. With BES, a direct link
is created between the BlackBerry device and the enterprise’s mail servers such
that emails are sent to the client the moment the mail server receives them.
BES versions exist for Microsoft Exchange Server, Lotus Domino and Novell GroupWise.
BlackBerry Web Client
The BWC on the other hand costs far less than the BES and
is not as fast either since it acts as an email redirector by retrieving emails
from the end-users various email accounts (maximum of ten) before forwarding them
to the client some 15 minutes after such mails hit the ISPs mail server.
The BWC has a webmail interface, hence the web in its name, meaning in effect that
mails may be accessed, replied or deleted on the BlackBerry device, and on any other
computer including non-BlackBerry devices. It is older than the BIS. However, the
maximum mailbox size was limited to a little above 20 MB.
BlackBerry Internet Server
Just like the BWC, the BWC costs much less than the BES
and equally acts as an email redirector, retrieving mails from up to 10 different
POP3 email accounts but has no webmail interface. The BIS is the latest entrant
into the Blackberry family, it replaces BWC and has no mailbox limit.
How it works
BlackBerry utilises client/server architecture with the handheld
device sold by network operators like Globacom, MTN acting as the client that receives
the pushed email and either the operator’s mail server or the company’s mail server
as the server that pushes the email to the client.
Statistics
November 2004 - 2 million users
May 2005 - 3 million users
December
2005 - 4.3 million users
March 2006 - 5 million+ users
October 2006 - 6.2 million
users
April 2007 - 8 million users
Supported networks
BlackBerry devices can be used on both GSM and CDMA
networks.
Blackberry on Non-BlackBerry devices
RIM has licensed some BlackBerry functionality
to other handset manufacturers, however not all handset manufacturers incorporate
the full set of the licensed functionality. With such handsets, BlackBerry Connect
is usually installed to enable features such as push email and calendar. However,
as the saying goes, nothing is as BlackBerry as a Blackberry.
GFI EndPointSecurity and BlackBerry
GFI EndPointSecurity is a security solution
that helps you maintain data integrity by preventing the unauthorized transfer of
content to and from a number of portable storage devices including:
• USB ports
(e.g., Flash and Memory Card Readers, Pen drives)
• FireWire Ports (e.g., digital
cameras, FireWire card readers)
• Wireless data connections (e.g., Bluetooth dongles,
infrared )
• Optical drives such as CD, DVD and MO (magneto optical) drives both
internal and external
• Other drives such as zip drives and tape derives
With GFI EndPointSecurity, Pocket PCs e.g., HP IPAQ and Sony CLIE, Blackberry devices
e.g., 8100, 7270 and SmartPhones e.g., Motorola i930 and Palm Treo can also be centrally
managed and controlled.
Thus, if your corporate policy falls into either that which does not permit the
use of BlackBerrys or permits the use by some only, GFI EndPointSecurity is the
tool you need to provide full or read-only privileges or to allow or deny access.
For more information, please visit
GFI EndPointSecurity Webinar
GFI FAXmaker and BlackBerry
GFI FAXmaker is a network fax server for Microsoft Exchange Serer 5.5, 2000, 2003
and 2007; Lotus Domino and SMTP/POP servers which seamlessly integrates with any
of the aforementioned mail servers to enable users to send and receive faxes from
their mail client such as Outlook or Outlook Web Access just as they do email.
With GFI FAXmaker’s Email2Fax Gateway, the email clients of handhelds like the BlackBerry
and PocketPC (2003 upwards) can be used to send and receive faxes as well as fax
reports as well. Blackberry devices also have a built-in PDF viewer that seamlessly
integrates with GFI FAXmaker’s PDF capabilities.
Since GFI FAXmaker delivers faxes to the user’s inbox in TIF-fax-format or Adobe
PDF format, users can check their faxes in PDF format and can even forward such
faxes to anybody including those who have an email address but do not operate a
fax line! GFI FAXmaker also allows for easy integration with document archival systems
or workflow software/procedures.
For more information, please visit
http://www.gfi.com/faxmaker/faxfeatures.htm and
http://kbase.gfi.com/showarticle.asp?id=KBID002420
GFI MailEssentials and BlackBerry
With GFI MailEssentials (a server based anti-spam and anti-phishing utility) installed
on your enterprise mail server or as a relay to your mailserver, mails marked as
spam can be configured not to be pushed to BlackBerry servers/clients. For more
information, please visit
http://kbase.gfi.com/showarticle.asp?id=KBID002696
GFI Network Server Monitor and BlackBerry
GFI Network Server Monitor is a network and server monitoring tool that allows administrators
to monitor the network for failures or irregularities automatically and reacts to
network and server failures to ensure maximum network uptime.
Since GFI Network Server Monitor ships with a remote web monitor, administrators
can remotely connect to GFI Network Server Monitor to view the status of checks
via Internet Explorer over the network or the internet. Through the remote web monitor
the administrator can examine the status of his network from virtually anywhere,
both within and outside the company building.
By default, the remote web monitor supports two views, the “normal view” and the
“mobile view”, while the normal view displays information in a layout suitable for
viewing on small displays such as are found on SmartPhones and BlackBerry devices.
For more information, please visit
http://www.gfi.com/news/en/nsm55launch.htm
Need to do some more research on BlackBerry?
The following links could be useful:
MTNNigeria
GloMobile
BlackBerry ( the official site)
Note:
Some portions of the above article were sourced from Wikipedia, the Official BlackBerry
Site and others from MTNNigeria and Globacom websites
Database Security – Making the Case
Between August and September 2007, a number of high profile database breaches were
in the news including that of
Monster.com the online job site,
TJX and the
Oklahoma State
Law Enforcement Telecommunications System.
Databases are the crown jewel of any organization containing data of inestimable
value. For this reason, protection is a must. Unfortunately, many IT departments
don’t even know how many databases they have installed on their networks. The first
step in protecting anything is to know that it exists at all, tools such as
GFI LANguard Network Security Scanner 8,
MySQL Network Scanner,
Microsoft SQL Server tool or
Microsoft Baseline Security Analyzer can be used to audit your
network for databases such as SQL Server 2005, MSDE, SQL Server Express which may
be installed and running on your network without the IT Department’s knowledge.
The next step is to ensure that only the latest version of the relevant database
software is running on your network. This can be done with the tools such as
GFI LANguard Network Security Scanner 8,
Microsoft Baseline Security Analyzer. Other relevant steps to take include
hardening the system of configuration of servers housing the databases and sanitizing
user input.
I found an article aptly titled
Database Security (Common-sense Principles) which should give system administrators
ahead start with respect to improvement in database security, and also another article
which attempted to quantify the
Cost of a Security Breach.
Email Security– Nigerian Online Shoppers become victims of targeted attacks
Graphcard is an online payment processor that enables anyone anywhere in the world
to pay for goods and services online without having a credit card. Graphcard’s system
comprises customer who want to shop online, resellers who enable customers to keep
their accounts liquid by selling virtual prepaid cards from Graphcard and merchants
from whom the customers buy.
Customers, resellers and merchants all need to setup member accounts and these accounts
are used to purchase Graphcard funds which are freely convertible into online debit
cards.
In recent times, Graphcard members in Nigeria have been the subject
of targeted email attacks. They have been receiving bogus emails with a virus attachment
named Reseller_Security_anti_virus.exe, the email requests that they download a
file to cleanup their computer.
The software once downloaded logs keystrokes and sends them to the sponsor of the
malware enabling them to capture both the Graphcard and email logins and passwords
of Graphcard members.
Who says that Nigerians cannot be the subject of targeted cyber-attacks. To learn
more about Graphcard’s unique selling proposition, please visit
http://www.graphcard.com, and to learn more about the threat from targeted email
attacks and how to protect your network, please visit
http://www.gfi.com/whitepapers/cyber-attacks.pdf
Email Security - Microsoft Excel and Zip attachment spam
Also during August, one of our security partners, GFI noticed a marked rise in Microsoft
Excel (doubtless in consequence of the Microsoft Security Bulletin MS07-044), and
Zip attachments in place of
image and PDf spam and in consequence produced a new whitepaper that exhaustively
analyzes this new trend. The whitepaper can be accessed at
http://www.gfi.com/whitepapers/attachment-spam.pdf.
Email Security - Niche Konsult now offers Managed Email Anti-Spam/Anti-virus Security
In partnership with Netcore Solutions, Niche
Konsult now offers Managed Email Anti-Spam/Anti-virus security solutions. To learn
more about the service, please download this
PDF file.
General Security - Microsoft Malware Protection Centre Launched
Until recently, Microsoft was not a strong player in the antivirus/malware security
market, but with a number of acquisitions and product launches such as the Windows
Defender, the ForeFront range and Windows OneCare to mention but a few, the
Microsoft Malware Protection Center is definitely worth checking out.
General Security - Microsoft hackers Blog Launched
While Microsoft has been represented at hacker conferences and a lot of hacking
is done at Microsoft internally, Microsoft has not done much to publicize its activities
in that direction, It seems that all of that is about to change with the launch
of http://blogs.msdn.com/hackers/
Instant Messaging Security – Yahoo/MSN Messenger Flaws
A flaw was discovered in the Yahoo Messenger camera invitation facility which can
be exploited to execute code on vulnerable computers. As an interim measure, TCP
port 5900 should be blocked until updates to version 8.1.0.146 are applied. Also
users running MSN Messenger 6 and 7 are susceptible to a zero-day buffer overflow
vulnerability, the solution is to upgrade to version 8.1 as no upgrade is available
for the earlier versions.
Web Security - Free Cross Site Scripting Web vulnerability Scanner
Grab a free edition of the popular Acunetix Web Vulnerability Scanning for scanning
cross-site scripting vulnerabilities on your website/web application at
http://www.acunetix.com/news/free-edition-xss.htm
View this
flash video to help you get your first scan just right.
Windows Security -Guest Operating System insecurity can affect host operating system security
Vulnerabilities affecting a Virtual PC or a Virtual Server can allow an administrator
one guest operating system to attack either or both the host OS and any other guest
OSes. This is the lesson from
MS07-049, for more information, on Virtual Machine vulnerabilities see this
Microsoft Security Research Centre (MSRC) article.
Tips and Tricks
1. If you have ever had to troubleshoot a Windows XP system that just won’t boot,
you’ll consider the following
Eight Commands a real time server.
2. Interested in early bird preparation for certification in Windows Server 2008?
Well Microsoft is offering self-paced Official E-learning courses from now till
November 15, 2007 at a discount to help you build your skills and prepare for the same. All you
need is to use the
promo code 1W815 and you’ll get 15% off
3. Interested in early bird preparation for certification in Exchange Server 2007?
Well Microsoft is offering self-paced Official E-learning courses from now till
November 15, 2007 at a discount to help you build your skills and prepare for the same. All you
need is to use the promo code 1E810
and you’ll get 10% off
4. If you need to fight some of those pesky rootkits, then you might want to try
the McAfee Rootkit Detective
5. Grab your copy of the
Wireless Notebook Presenter Mouse 8000. It is a laser pointer, media remote
and highlighter.
About Niche Konsult
Niche Konsult is an information technology security firm with expertise in
content, messaging, network and web application security.
Niche Konsult provides software and solutions that help individuals, small
and medium size businesses, large companies and governments optimize and secure
their information technology infrastructure. For more information, please visit
http://www.nichekonsult.com.
Having trouble viewing this Niche Konsult Newsletter? Visit http://www.nichekonsult.com/Company/Newsletters/09_17_07.aspx
or copy it into your browser. If you no longer wish to receive these emails
simply click on the following link: Remove Me.
You're receiving this message because you've either subscribed to receive
timely security news and product/company updates from Niche Konsult or have
indicated interest in Niche Konsult partner solutions in the past.
Newsletter Reminder
We hope that you have found this issue to be informative and useful.
Subscription is entirely free (although 'opt-in' only). Please feel free to pass
this copy on to your friends and colleagues. If your friends or colleagues wish
to receive the newsletter directly, they should simply send an email to: newsletter@nichekonsult.com with a
title of 'Subscribe'.
Niche Konsult
43 Cotonou Crescent
Wuse Zone 6
Abuja
© 2007 Niche Konsult. All rights reserved worldwide. Reproduction in whole or
in part of any text, photograph or illustration without permission of the
publisher is prohibited.
