[ISN] Security UPDATE--More About Wi-Fi Security--June 16, 2004
InfoSec News
isn at c4i.org
Thu Jun 17 10:34:40 EDT 2004
====================
==== This Issue Sponsored By ====
Free Security White Paper from Postini
http://list.winnetmag.com/cgi-bin3/DM/y/egKh0CJgSH0CBw0BJGU0Au
Windows & .NET Magazine
http://list.winnetmag.com/cgi-bin3/DM/y/egKh0CJgSH0CBw0BEuX0Ae
====================
1. In Focus: More About Wi-Fi Security
2. Security News and Features
- Recent Security Vulnerabilities
- News: New IE Flaws Might Allow Code Injection
3. Instant Poll
4. Security Toolkit
- FAQ
- Featured Thread
5. New and Improved
- Increased Control Over IP Network Access and Security
====================
==== Sponsor: Postini ====
How to Preemptively Eliminate the Top 5 Email Security Threats
Are worries about spam and virus attacks to your enterprise email
system keeping you up at night? See why spam and viruses are only the
"tip of the iceberg" when it comes to email security threats. Learn
how you can eliminate the top 5 security threats to your email system,
including the silent killer -- directory harvest attacks. The good
news is there's an easy and effective way to arm your organization
against all threats, even the latest spam and email attacks. Find out
how to completely and preemptively protect against major threats
including spam, viruses, directory harvest attacks (DHA),
denial-of-service (DoS) attacks, as well as internal policy
violations. Download this free white paper today!
http://list.winnetmag.com/cgi-bin3/DM/y/egKh0CJgSH0CBw0BJGU0Au
====================
==== 1. In Focus: More About Wi-Fi Security ====
by Mark Joseph Edwards, News Editor, mark at ntsecurity dot net
Last week, I wrote about problems with particular Linksys and NETGEAR
wireless Access Points (APs). I suggested that people might consider
putting their APs behind a firewall to better protect the systems from
access by outsiders who might approach the units from a WAN link. This
practice might protect wireless APs against any unknown
vulnerabilities that intruders might discover. Even if your APs have
built-in firewalls of their own, consider also using a firewall
external to them. The approach makes sense, but while cruising the
Internet last week, I came across an old, but interesting article,
"WiFi Security Checklist," at the Security Technique Web site that
made me realize that I had overlooked another potential problem that
you might want to consider.
http://www.securitytechnique.com/2003/11/wsc.html
As you know, wireless protocols are vulnerable to a variety of
attacks. APs' very nature makes them prone to granting access to users
outside your immediate working environment. And of course, once
someone has connected to one of your APs, he or she is part of your
network. This situation raises the question of how much of your
network is exposed to your APs. If you have no additional barriers in
place and your APs are essentially inside your trusted network, an
intruder will also be inside your trusted network after he or she
connects to one of your APs. I doubt that you want to leave that
gaping hole open.
So in addition to putting a firewall in between your APs and external
networks (whether they be the Internet, partner networks, remote
offices, or other networks), you should probably consider putting a
firewall behind your APs. In that sort of configuration, you could use
some sort of VPN in which wireless clients tunnel back into your
private network for access to network resources. That way, if an
intruder connects to one of your APs, he or she will have far less to
work with when trying to penetrate your overall network.
Or, if your environment uses Remote Authentication Dial-In User
Service (RADIUS), you might consider using RADIUS to pass routing
restrictions to your APs. For example, Randy Franklin Smith explains
in "A Secure Wireless Network Is Possible," Windows & .NET Magazine,
May 2004, that if a visiting business partner connects to your AP,
RADIUS could pass a routing restriction to the AP that allows him or
her access only to the Internet and not your internal network. If you
subscribe to the print magazine, you can read Smith's article on our
Web site.
http://www.winnetmag.com/article/articleid/42273/42273.html
====================
==== Sponsor: Windows & .NET Magazine ====
Get 2 Sample Issues of Windows & .NET Magazine!
Every issue of Windows & .NET Magazine includes intelligent,
impartial, and independent coverage of security, Active Directory,
Exchange, scripting, and much more. Our expert authors deliver how-to
articles and product evaluations that will help you do your job
better. Try two, no-risk sample issues today, and find out why 100,000
IT professionals rely on Windows & .NET Magazine each month!
http://list.winnetmag.com/cgi-bin3/DM/y/egKh0CJgSH0CBw0BEuX0Ae
====================
==== 2. Security News and Features ====
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these discoveries
at
http://www.winnetmag.com/departments/departmentid/752/752.html
News: New IE Flaws Might Allow Code Injection
On June 7, Jelmer Kuperus posted a message to the Full Disclosure
mailing list to report the existence of new vulnerabilities in
Microsoft Internet Explorer (IE) and exploits that take advantage of
those flaws. As a result, we might see Microsoft release at least one
new IE patch before its next scheduled security patch release date of
July 15.
http://www.winnetmag.com/article/articleid/42959/42959.html
====================
==== Announcements ====
(from Windows & .NET Magazine and its partners)
Security Patch Management Tools--Windows and Office Update Web Seminar
How are you evaluating, distributing, and installing software
patches? This free Webcast discusses the importance of patch
management and establishing a patch-management process by using
Windows and Office Update as a patch-management tool in your
environment. Register now!
http://list.winnetmag.com/cgi-bin3/DM/y/egKh0CJgSH0CBw0BJAa0A1
Windows Connections October 24-27, Orlando, Florida.
Save these dates for the Fall 2004 Windows Connections conference,
which will run concurrently with Microsoft Exchange Connections.
Register early and receive admission to both conferences for one low
price. Learn firsthand from Microsoft product architects and the best
third-party experts. Go online or call 800-505-1201 for more
information.
http://list.winnetmag.com/cgi-bin3/DM/y/egKh0CJgSH0CBw0KXQ0A3
Attend the Black Hat Briefings & Training USA Event - July 24-29, 2004
This is the world's premier technical IT security conference,
hosting 2,000 delegates from 30 nations. Featuring 27 hands-on
training courses and 10 conference tracks with presentations by
security experts and "underground" security specialists. Early-bird
registration deadline is July 1!
http://list.winnetmag.com/cgi-bin3/DM/y/egKh0CJgSH0CBw0pHV0AU
====================
==== Hot Release ====
Ultimate Windows Security Training
You've read his articles... Now come to his training! Mind-meld
with Windows security expert Randy Franklin Smith and learn his
secrets on AD, Group Policy, WiFi Security, VPNs, IPSec, Security Log,
EFS, IAS, Software Restrictions, Windows Firewall, etc. Download free
security log quick reference chart.
http://list.winnetmag.com/cgi-bin3/DM/y/egKh0CJgSH0CBw0BJGV0Av
====================
==== 3. Instant Poll ====
Results of Previous Poll
The voting has closed in the Windows & .NET Magazine Network
Security Web page nonscientific Instant Poll for the question, "Does
your company intend to implement Windows XP Service Pack 2 (SP2)?"
Here are the results from the 134 votes.
- 29% Yes, as soon as it's available
- 31% Yes, within 3 months of its release
- 7% Yes, within 6 months of its release
- 19% Yes, but we're not sure when
- 13% No
(Deviations from 100 percent are due to rounding.)
New Instant Poll
The next Instant Poll question is, "Where are your wireless Access
Points (APs)?" Go to the Security Web page and submit your vote for
- Inside the border firewall
- Outside the border firewall
- Between the border firewall and an internal firewall
http://www.winnetmag.com/windowssecurity
==== 4. Security Toolkit ====
FAQ: How Do I Install Microsoft Exchange Server 2003 Service Pack 1
(SP1)?
by John Savill, http://www.winnetmag.com/windowsnt20002003faq
A. Before you install Exchange 2003 SP1, read the release notes. They
contain a number of notices that could apply to your site and might
affect the order in which you upgrade servers. You also need to apply
the hotfix described by the Microsoft article "FIX: IIS 6.0
compression corruption causes access violations,"
http://support.microsoft.com/?kbid=831464 before you install the
service pack. After you have the SP1 installation files, run the
update.exe program as you would for any other service pack.
During the installation, the Information Store service, WWW service,
and other Exchange processes are stopped, which interrupts service to
users. Therefore, you should plan to perform the upgrade at a time
when users don't need to access Exchange.
A new version of the Exchange Server Deployment Tools is available
from the link below. You can use the deployment tools to assist you in
the upgrade process. The tools offer new features, including enhanced
support for consolidating sites in a mixed-mode environment (i.e., an
environment containing a mix of servers running any combination of
Exchange 2003, Exchange 2000 Server, and Exchange Server 5.5).
http://www.microsoft.com/downloads/details.aspx?familyid=271e51fd-fe7d-42ad-b621-45f974ed34c0&displaylang=en
Featured Thread: Extranet Security Setup
(One message in this thread)
A reader wants to create an Active Server Pages (ASP) extranet
application that will give his customers access to information such as
the work his company has done for them, the costs, and any scheduled
work. Each user should be able to view his or her own information but
not other customers' information. All the information is stored in one
database, so he's thinking about using views in SQL Server 2000 to
ensure that customers see only their own information. You can read the
reader's plans for his application and offer advice at
http://www.winnetmag.com/forums/messageview.cfm?catid=42&threadid=122017
====================
==== Events Central ====
(A complete Web and live events directory brought to you by Windows
& .NET Magazine: http://www.winnetmag.com/events )
New--Shrinking the Server Footprint: Blade Servers
In this free Web seminar, you'll learn how blade servers provide
native hot swappable support, simplified maintenance, modular
construction, and support for scalability. And we'll talk about why
you should be considering a blade server as the backbone of your next
hardware upgrade. Register now!
http://list.winnetmag.com/cgi-bin3/DM/y/egKh0CJgSH0CBw0BJAQ0Ak
====================
==== 5. New and Improved ====
by Jason Bovberg, products at winnetmag.com
Increased Control Over IP Network Access and Security
MetaInfo and Perfigo announced a joint marketing and integration
alliance in which the companies will provide and support integration
between MetaInfo's Meta IP SAFE DHCP and Perfigo's SecureSmart and
CleanMachines products. By integrating the companies' complementary
technologies, customers will be able to control and protect against
unauthenticated access, viruses, worms, and policy noncompliance at
the IP layer. While authenticating the machine's identity, the Meta IP
SAFE DHCP server simultaneously requests network security validation
and policy compliance checks from CleanMachines. CleanMachines
conducts administrator-defined network and device-based scans that can
find security vulnerabilities, such as viruses, outdated patches,
spyware, and worms. For more information about this partnership,
contact MetaInfo at 206-674-3700 or on the Web.
http://www.metainfo.com
Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving
you time or easing your daily burden? Tell us about the product, and
we'll send you a Windows & .NET Magazine T-shirt if we write about the
product in a future Windows & .NET Magazine What's Hot column. Send
your product suggestions with information about how the product has
helped you to whatshot at winnetmag.com.
====================
==== Sponsored Links ====
Argent
Comparison Paper: The Argent Guardian Easily Beats Out MOM
http://list.winnetmag.com/cgi-bin3/DM/y/egKh0CJgSH0CBw0BDWV0A6
Microsoft(R) TechNet
Microsoft(R) TechNet Webcasts: essential guidance, industry experts
http://list.winnetmag.com/cgi-bin3/DM/y/egKh0CJgSH0CBw0BG360A1
====================
Editor's note: Share Your Security Discoveries and Get $100
Share your security-related discoveries, comments, or problems and
solutions in the Security Administrator print newsletter's Reader to
Reader column. Email your contributions (500 words or less) to
r2rsecadmin at winnetmag.com. If we print your submission, you'll get
$100. We edit submissions for style, grammar, and length.
====================
==== Contact Us ====
About the newsletter -- letters at winnetmag.com
About technical questions -- http://www.winnetmag.com/forums
About product news -- products at winnetmag.com
About your subscription -- securityupdate at winnetmag.com
About sponsoring Security UPDATE -- emedia_opps at winnetmag.com
====================
==== Contact Our Sponsors ====
Primary Sponsor:
Postini -- http://www.postini.com -- 1-888-584-3150
Hot Release Sponsor:
Monterey Technology Group -- http://www.montereytechgroup.com --
1-864-587-9720
====================
This email newsletter is brought to you by Windows & .NET Magazine,
the leading publication for IT professionals deploying Windows and
related technologies. Subscribe today.
http://www.winnetmag.com/sub.cfm?code=wswi201x1z
You received this email message because you asked to receive
additional information about products and services from the Windows &
.NET Magazine Network. To unsubscribe, send an email message to
mailto:Security-UPDATE_Unsub at list.winnetmag.com. Thank you!
View the Windows & .NET Magazine privacy policy at
http://www.winnetmag.com/AboutUs/Index.cfm?action=privacy
Windows & .NET Magazine, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2004, Penton Media, Inc. All rights reserved.
More information about the ISN
mailing list