[ISN] Security UPDATE--Patrolling Wireless Networks--May 12, 2004

From: InfoSec News (isn@private)
Date: Thu May 13 2004 - 02:48:35 PDT

  • Next message: InfoSec News: "[ISN] Crackers declare cyberwar on USA"

    ====================
    
    ==== This Issue Sponsored By ====
    
    CipherTrust
       http://list.winnetmag.com/cgi-bin3/DM/y/efqP0CJgSH0CBw0BHFc0AK
    
    Exchange & Outlook Administrator
       http://list.winnetmag.com/cgi-bin3/DM/y/efqP0CJgSH0CBw0BEf10Ax
    
    ====================
    
    1. In Focus: Patrolling Wireless Networks
    
    2. Security News and Features
       - Recent Security Vulnerabilities
       - News: Time to Patch Quicktime, iTunes, Mac OS X, and Panther
       - Update: Problems with Microsoft's Patch MS04-011
    
    3. Security Toolkit
       - FAQ
       - Featured Thread
    
    4. New and Improved
       - Firewall Gets Faster and Easier
    
    ====================
    
    ==== Sponsor: CipherTrust ====
       Corporations are experiencing spam levels in excess of 60% of their
    total email volume. The effect of this volume on productivity,
    bandwidth and storage is significant and costly. But these are not the
    only effects. Spam now presents a serious threat to security with
    implications for network integrity and legal liability. In this white
    paper, you'll learn about the security threat presented by spam, as
    well as valuable insight into spammer methods and techniques, all from
    the experts in anti-spam and email security at CipherTrust. Take
    action now to secure your networks against spam!
       http://list.winnetmag.com/cgi-bin3/DM/y/efqP0CJgSH0CBw0BHFc0AK
    
    ====================
    
    ==== 1. In Focus: Patrolling Wireless Networks ====
       by Mark Joseph Edwards, News Editor, mark at ntsecurity dot net
    
    The Sasser worm basically fizzled, and I think that so far, its
    variants are little more than a nuisance. But that could change in the
    future. We'll have to wait and see. In any event, it's a certainty
    that someone with misconnected neurons will unleash yet another worm
    on the unsuspecting public before people have had time to install the
    most recent patches and fix any problems with them. Gee, I can hardly
    wait. In the meantime, other matters need attending to. For example,
    what's the state of your wireless security?
    
    If you subscribe to "Windows & .NET Magazine," you've probably
    received the May issue, which includes "A Secure Wireless Network Is
    Possible," an informative article by Randy Franklin Smith. Subscribers
    can also read the article at the URL below. In the article, Smith
    points out that, "Wireless networks can be secure if you use the right
    technologies. To add a secure wireless network to an existing Windows
    network, all you need to do is install one or more 802.1x-compliant
    wireless Access Points (APs) and one computer running Windows Server
    2003. The Windows 2003 server will facilitate 802.1x authentication
    between your wireless clients and your existing Windows network. Your
    users will be able to gain access to your wireless network simply by
    using their existing Windows user accounts."
       http://www.winnetmag.com/windows/article/articleid/42273/42273.html
    
    If you have wireless equipment and Windows Server 2003, consider
    implementing the suggestions in the article. Also consider what might
    happen if someone plugs in a wireless AP without your knowledge or
    someone (inadvertently or not) configures his or her wireless network
    card to operate in ad-hoc mode. In either case, your network would
    suddenly gain a security hole that you might not want to leave open.
    Another problem arises when unwanted wireless clients come within
    broadcast range of your wireless gear.
    
    Solutions are available to monitor the airwaves against unwanted
    access points and unknown wireless clients, a few of which are
    AirDefense, AirMagnet, and Red-M's Red-Detect. These are
    hardware-based solutions that can quickly identify broadcasting APs
    and clients, help prevent unwanted wireless connectivity, detect
    various types of wireless network attacks, and more.
    
    I'm in the process of reviewing these three products for an upcoming
    edition of "Windows & .NET Magazine." I wonder if you use one of these
    solutions or maybe another solution? If so, I'm interesting in
    learning what you think about it and what your experiences have been
    to date. Please send me an email with your detailed thoughts about
    these products or whichever solution you might use. And please prefix
    your message subject with "WIFI:" so that I can more easily find your
    responses among the junk mail.
    
    ====================
    
    ==== Sponsor: Exchange & Outlook Administrator ====
       Try a Sample Issue of Exchange & Outlook Administrator!
       If you haven't seen Exchange & Outlook Administrator, you're
    missing out on key information that will go a long way towards
    preventing serious messaging problems and downtime. Request a sample
    issue today, and discover tools you won't find anywhere else to help
    you migrate, optimize, administer, and secure Exchange and Outlook.
    Order now!
       http://list.winnetmag.com/cgi-bin3/DM/y/efqP0CJgSH0CBw0BEf10Ax
    
    ====================
    
    ==== 2. Security News and Features ====
    
    Recent Security Vulnerabilities
       If you subscribe to this newsletter, you also receive Security
    Alerts, which inform you about recently discovered security
    vulnerabilities. You can also find information about these discoveries
    at
       http://www.winnetmag.com/departments/departmentid/752/752.html
    
    News: Time to Patch Quicktime, iTunes, Mac OS X, and Panther
       If you use Quicktime or iTunes software on Windows or Apple systems
    or manage Apple desktops or servers, you might want to load the latest
    patches.
       http://www.winnetmag.com/article/articleid/42586/42586.html
    
    Update: Problems with Microsoft's Patch MS04-011
       Last week, I wrote about the Microsoft article "Your computer stops
    responding, you cannot log on to Windows, or your CPU usage for the
    System process approaches 100 percent after you install the security
    update that is described in Microsoft Security Bulletin MS04-011,"
    http://support.microsoft.com/?kbid=841382 , released April 28.
       Another Microsoft article, "MS04-011: Security Update for Microsoft
    Windows," http://support.microsoft.com/?kbid=835732 , was also
    released on April 28 and provides links to six articles (including
    article 841382) that pertain to problems administrators might
    encounter while trying to implement the MS04-011 patch.
       http://www.winnetmag.com/article/articleid/42505/42505.html
    
    ====================
    
    ==== Announcements ====
       (from Windows & .NET Magazine and its partners)
    
    New--Small Servers for Small Businesses Web Seminar
      Today a small business can be as agile as a large business by
    understanding which technology can be leveraged to create a
    centralized server environment. In this free Web seminar, you'll learn
    about the perils of peer-to-peer file sharing, backup and recovery,
    migration from desktop to servers, and Small Business Server basics.
    Register now!
       http://list.winnetmag.com/cgi-bin3/DM/y/efqP0CJgSH0CBw0BH1G0AV
    
    Get 2 Free Sample Issues of SQL Server Magazine!
       SQL Server Magazine is a useful resource loaded with relevant
    information covering database modeling and design, performance tuning,
    security, ADO.NET, ASP.NET, XML, and the latest topics that SQL Server
    developers, administrators, and business-intelligence architects need
    to know. Try two (no-risk) sample issues today, and discover the
    timesaving qualities the magazine has to offer. Order now:
       http://list.winnetmag.com/cgi-bin3/DM/y/efqP0CJgSH0CBw0BH6l0AD
    
    Get Your Free Email Security Toolkit--Includes a Free Web Seminar,
    eBook, and White Paper!
       You'll learn how to eliminate the top 5 email security threats
    including spam and viruses. Plus, get an inside look at how Enterprise
    Rent-A-Car reduced spam and viruses, improved its email security, and
    increased productivity. Don't miss your chance to get a free eBook,
    Web seminar, and white paper. Get your Email Security Toolkit now!
       http://list.winnetmag.com/cgi-bin3/DM/y/efqP0CJgSH0CBw0BH1H0AW
    
    ==== 3. Security Toolkit ====
    
    FAQ: Granting Necessary Permissions to AD for SMS 2003 Advanced
    Security Mode
       by John Savill, http://www.winnetmag.com/windowsnt20002003faq
    
    Q: How can I avoid errors when I create Active Directory (AD)
    containers on a server that runs Microsoft Systems Management Server
    (SMS) 2003 in Advanced Security Mode?
    
    A. SMS 2003's Advanced Security Mode removes the requirement for
    multiple accounts and instead relies on the Local System and Computer
    accounts for all security-related actions (such as interacting with
    the file system and updating AD). The Computer account therefore needs
    permission to parts of AD when AD integration is enabled--specifically
    the System partition of the domain namespace. To grant this
    permission, perform the following steps:
    
       1. Start the Microsoft Management Console (MMC) Active Directory
    Users and Computers snap-in (click Start, Programs, Administrative
    Tools, Active Directory Users and Computers).
       2. Click View, Advanced Features.
       3. Select the System branch from the treeview pane.
       4. Right-click the system container and select Properties.
       5. On the Security tab, click Advanced.
       6. Click Add.
       7. Click Object Types and ensure that only the Computers check box
    is selected. Click OK.
       8. In the "Enter the object name to select" text box, enter the
    name of the SMS site server. (Alternatively, you can click Advanced,
    then click Find Now and select the computer.) Click OK.
       9. The set of permissions is displayed. Ensure that in the "Apply
    onto:" list box, only "This object and all child objects" is selected.
      10. Under Permissions, select the "Full Control" check box under the
    Allow column. Click OK.
      11. Click OK to close the main System Properties dialog box.
    
    You must also ensure that the computer account of the SMS site server
    that uses Advanced Security Mode is a member of the local
    Administrators group. To add the account, run the command:
    
       net localgroup Administrators <domain name>
          \<site server computer name>$ /add
    
    Featured Thread: Exchange--Outbound SMTP Fails
       (One message in this thread)
    
    A reader writes that his company's Microsoft Exchange 2000 Server is
    directly connected to the firewall; however, the company wants to
    route all Internet traffic through the Microsoft ISA Server system,
    which is configured to allow outbound and inbound SMTP traffic. The
    Exchange server is a Network Address Translation (NAT) secure client.
    The company has no problems with DNS resolution or inbound SMTP, but
    outbound SMTP doesn't work at all. Email messages sit queued in the
    Exchange SMTP connector.
    
    The reader looked at the ISA log files and saw that outbound SMTP
    sessions have a status of 13301, which means that the firewall policy
    denied the connection requests. He then installed the firewall client
    on his Exchange server and could send messages through the firewall.
    But as far as he knows, a firewall client can only function when a
    user is logged on to the system on which the client is installed and
    he wants to know if that's true or if there's a way around that. Lend
    a hand or read the responses:
    http://www.winnetmag.com/forums/messageview.cfm?catid=42&threadid=120712
    
    ====================
    
    ==== Events Central ====
       (A complete Web and live events directory brought to you by Windows
    & .NET Magazine: http://www.winnetmag.com/events )
    
    New--From Chaos to Control: Using Service Management to Reclaim Your
    Life
       Take control of your workday! If you're supporting 24 x 7
    operations by working around the clock instead of 9 to 5, learn how
    you can benefit from a sound service management strategy. In this free
    Web seminar, you'll learn practical steps for implementing service
    management for your key Windows systems and applications. Register
    now!
       http://list.winnetmag.com/cgi-bin3/DM/y/efqP0CJgSH0CBw0BH1I0AX
    
    ====================
    
    ==== 4. New and Improved ====
       by Jason Bovberg, products@private
    
    Firewall Gets Faster and Easier
       Agnitum announced Outpost Firewall Pro 2.1, a new version of the
    company's firewall software that boasts enhanced speed and ease of
    use. Users now have increased control over filtering rules and can
    more easily customize the product. Agnitum has also simplified the
    upgrade process and hidden advanced features to ease operation for
    novice users. Visual alerts inform you about events that need your
    immediate attention; automatic news and plug-in announcements keep you
    up-to-date about the latest security news and updates from Agnitum.
    Outpost Firewall Pro 2.1 costs $39.95. For more information, or to
    download an evaluation copy, contact Agnitum at info@private or on
    the Web.
       http://www.agnitum.com
    
    Tell Us About a Hot Product and Get a T-Shirt!
       Have you used a product that changed your IT experience by saving
    you time or easing your daily burden? Tell us about the product, and
    we'll send you a Windows & .NET Magazine T-shirt if we write about the
    product in a future Windows & .NET Magazine What's Hot column. Send
    your product suggestions with information about how the product has
    helped you to whatshot@private
    
    ====================
    
    ==== Sponsored Links ====
    
    Argent
       Comparison Paper: The Argent Guardian Easily Beats Out MOM
       http://list.winnetmag.com/cgi-bin3/DM/y/efqP0CJgSH0CBw0BDWV0AK
    
    Microsoft(R) TechNet
       Microsoft(R) TechNet Webcasts: essential guidance, industry experts
       http://list.winnetmag.com/cgi-bin3/DM/y/efqP0CJgSH0CBw0BG360AF
    
    ====================
    
    ==== Contact Us ====
    
    About the newsletter -- letters@private
    About technical questions -- http://www.winnetmag.com/forums
    About product news -- products@private
    About your subscription -- securityupdate@private
    About sponsoring Security UPDATE -- emedia_opps@private
    
    ====================
    
    ==== Contact Our Sponsors ====
    
    Primary Sponsor:
       CipherTrust -- http://www.ciphertrust.com -- 1-877-448-8625
    
    ====================
    
    This email newsletter is brought to you by Windows & .NET Magazine,
    the leading publication for IT professionals deploying Windows and
    related technologies. Subscribe today.
       http://www.winnetmag.com/sub.cfm?code=wswi201x1z
    
    You received this email message because you asked to receive
    additional information about products and services from the Windows &
    .NET Magazine Network. To unsubscribe, send an email message to
    mailto:Security-UPDATE_Unsub@private Thank you!
    
    View the Windows & .NET Magazine privacy policy at
    http://www.winnetmag.com/AboutUs/Index.cfm?action=privacy
    
    Windows & .NET Magazine, a division of Penton Media, Inc.
    221 East 29th Street, Loveland, CO 80538
    Attention: Customer Service Department
    
    Copyright 2004, Penton Media, Inc. All rights reserved.
    
    
    
    
    _________________________________________
    ISN mailing list
    Sponsored by: OSVDB.org
    



    This archive was generated by hypermail 2b30 : Thu May 13 2004 - 03:44:52 PDT