Infosec Zone recommends Sun Servers and parts from AnySystem. You can buy refurbished Sun Microsystems products including Sun Fire v880 and Sun Fire v480 at lowest prices.

As we all know, products can be poisoned in supply chain by Competitors, Anti Social Elements, hackers etc…hence product security clearance is mandatory / compulsory before installing into your network. COE Security has launched enterprise threat management certification programs: Enterprises : Insist your Vendors / Resellers to get their product (any product) certified before you purchase. Vendors / Resellers: Win Customer Trust and Increase Sales By COE Security Certification. For more details please visit : [url]http://www.coesecurity.com[/url] [quote]First Test Then Trust[/quote]

Microsoft has been awarded a patent for using human skin as a power conduit and data bus. Patent No. 6,754,472, which was published Tuesday, describes a method for transmitting power and data to devices worn on the body and for communication of data between those devices.

Denial of Service in Cisco IOS A Cisco Systems' device running Internetwork Operating System (IOS) and enabled for the Border Gateway Protocol (BGP) is vulnerable to a Denial of Service (DoS) attack from a malformed BGP packet. By sending a malformed BGP packet to the device, a potential attacker could cause the device to reload. Cisco Systems has released Security Advisory 50321, "Cisco IOS Malformed BGP Packet Causes Reload," to address this vulnerability and recommends that affected users immediately apply the appropriate patch listed in the bulletin. [url]http://secadministrator.com/articles/index.cfm?articleid=43035[/url] For complete details about this vulnerability, as well as links to patches, be sure to visit our Web site at the provided URL.

Multiple Vulnerabilities in ISC DHCP 3 Original release date: June 22, 2004 Last revised: -- Source: US-CERT Systems Affected * ISC DHCP versions 3.0.1rc12 and 3.0.1rc13 Overview Two vulnerabilities in the ISC DHCP allow a remote attacker to cause a denial of the DHCP service on a vulnerable system. It may be possible to exploit these vulnerabilities to execute arbitrary code on the system.

11th March 2004, Description: This information disclosure vulnerability allows a remote attacker to view the contents of a file without the user’s knowledge. It enables the remote attacker to send a specially crafted request to a user running MSN Messenger, and view confidential files, user names or passwords. This vulnerability may also be used by a malware to perform the said malicious actions. However, the remote attacker is unable to edit or change the affected system’s files. This vulnerability exists in Microsoft MSN Messenger versions 6.0 and 6.1 because of the method used by MSN Messenger to handle file requests. Additional information on this vulnerability is available at: [url]http://www.microsoft.com/technet/security/bulletin/ms04-010.mspx[/url]

11th March 2004, Description: This vulnerability allows automatic code execution, and can be used by a malware in combination with other exploits to perform different malicious actions, such as accessing files or executing arbitrary codes. An attacker is able to exploit this vulnerability via hosting malicious Web sites, or through creating specially crafted HTML-formatted email messages. This vulnerability exists in Microsoft Outlook 2002, which is included in Microsoft Office XP. It exists because of the incorrect parsing of a specially crafted mailto URL in Outlook 2002. Users are at risk only when Outlook 2002 is configured as the default mail reader on affected systems. For more information about this Windows vulnerability, please refer to the following Microsoft Web page: Microsoft Security Bulletin MS04-009 [url]http://www.microsoft.com/technet/security/bulletin/ms04-009.mspx[/url]

11th March 2004, Exploit of this denial of service (DoS) vulnerability enables an attacker to cause Windows Media Station Service or Windows Media Monitor Service to stop responding to new requests. It affects systems running on Windows 2000 Server. When a remote attacker sends specially crafted packets to either Windows Media Station Service or Windows Media Monitor Service, the service listening on a certain port is closed and is unable to function fully. This vulnerability exists because the process by which Windows Media Station Service and Windows Media Monitor Service validate TCP requests is able to cause both services to stop accepting new connection requests. Additional information on this vulnerability is available at: [url]http://www.microsoft.com/technet/security/bulletin/ms04-008.mspx[/url]

3rd March 2004, Impact: System access Where: From local network OS: ISS Proventia A Series ISS Proventia G Series ISS Proventia M Series Software: BlackICE PC Protection 3.x BlackICE Server Protection 3.x RealSecure Desktop Protector 3.x RealSecure Desktop Protector 7.x RealSecure Guard 3.x RealSecure Network 7.x RealSecure Sentry 3.x RealSecure Server Sensor 7.x Description: eEye Digital Security has discovered a vulnerability in multiple ISS products, which can be exploited by malicious people to compromise a vulnerable system.

3rd March 2004, The virus onslaught continued late Tuesday as new versions of Bagle and MyDoom hit the Internet. The latest versions appeared to serve as digital graffiti, with the code delivering secret messages to the anonymous authors of other "competing" worms. According to analysis by security firm F-Secure Corp., the Bagle.J and MyDoom.G worms contain hidden messages aimed at the author of the NetSky worm.