The latest tidbits on security news: 4

DOE has taken measures to beef up its cybersecurity mechanisms, such as keyword searches on outgoing e-mail messages and a pilot program to enhance intrusion detection, but some efforts are meeting stiff resistance from DOE employees, the report stated. DOE and lab personnel, for example, have complained about excessive reporting burdens spurred by DOE's use of a comprehensive intrusion incident reporting system. Attacking Windows NT home users begins with port scanning on TCP ports 135 and/or 139. Once the ports are open, the attackers will launch the typical Windows NT-based assaults, including simple password guessing, input validation attacks, and buffer overflow attacks. NT systems tend to be juicier targets than are Windows 9x systems simply because NT's remote control capabilities are far superior. Using programs such as netcat, NTRK remote, and RemotelyAnywhere, attackers can control an NT system with ease -- and then upload and kick off the same attacks from that system. Let's not forget about open proxy relays, often unwittingly left dangling by customers of those very same consumer-oriented services. With the growing focus on application-layer vulnerabilities, most attacks nowadays take the form of a maliciously malformed URL; it's point-and-shoot simply to bounce these off of a proxy if it isn't properly configured. We recently visited a site that had been compromised by just such a bullet, a single URL anonymously relayed by a misconfigured SOHO (small office/home office) proxy device out in the void. Does anyone remember the infamous Wingate and squid proxy-scanning tools that circulated the Net about a year ago? Try turning WinScan (one of the most popular Wingate scanners) loose on your favorite network and see what pops up. How many of those do you think were run by unwitting end-users who thought they were improving the security of the Internet? Or just browse to proxys4all.cgi.net and take your pick.