UCL Computer Security Newsletter - July 2008

The purpose of this newsletter is to keep all security reps and other
interested parties informed about what is happening around UCL
regarding computer security. Further information from the Computer
Security Team is always available at http://www.ucl.ac.uk/cert.

1. Web vulnerability scanning software

Thanks to everyone who helped evaluate the web vulnerabliity scanning software.
There were a lot of respondents, so apologies if I did not get a chance to test
your servers. We have now made a decision and are in the process of purchasing
Cenzic Hailstorm ARC Enterprise. This seems to be the best product, especially
with regards to the presentation of the results. It provides a web interface
and allows us to set up user accounts so that server administrators can log on
and view the reports, and even schedule scans of their own servers themselves.
Once we have the full version of the software up and running, this will be
offered as a service to departments.

2. DNS vulnerability

A vulnerability was recently announced that affects most implementations of DNS
- in both clients and servers. Most vendors have already patched the flaw. The
technical details of the vulnerability have not been released yet, so vulnerable
servers shouldn't be at imminent risk of being exploited. However, the issue is
serious and vulnerable servers should be patched as soon as possible if they
have not been already. Most clients will have been patched automatically
through the normal update process.

3. General

Please note all correspondence from the UCL Computer Security Team is
digitally signed either with personal PGP keys or the CERT team key
(public keys available from http://www.ucl.ac.uk/cert/contacts.html).

This newsletter and previous ones are available at
http://www.ucl.ac.uk/cert/cst-newsletters/index.html.

We welcome feedback on the content and organisation of documents on
our web page.