[ISN] Security UPDATE--More About Wi-Fi Security--June 16, 2004

From: InfoSec News (isn@private)
Date: Thu Jun 17 2004 - 07:34:40 PDT

  • Next message: InfoSec News: "[ISN] Thieves Steal Computers at Hong Kong Fair"

    ==== This Issue Sponsored By ====
    Free Security White Paper from Postini
    Windows & .NET Magazine
    1. In Focus: More About Wi-Fi Security
    2. Security News and Features
       - Recent Security Vulnerabilities
       - News: New IE Flaws Might Allow Code Injection
    3. Instant Poll
    4. Security Toolkit
       - FAQ
       - Featured Thread
    5. New and Improved
       - Increased Control Over IP Network Access and Security
    ==== Sponsor: Postini ====
       How to Preemptively Eliminate the Top 5 Email Security Threats
       Are worries about spam and virus attacks to your enterprise email
    system keeping you up at night? See why spam and viruses are only the
    "tip of the iceberg" when it comes to email security threats. Learn
    how you can eliminate the top 5 security threats to your email system,
    including the silent killer -- directory harvest attacks. The good
    news is there's an easy and effective way to arm your organization
    against all threats, even the latest spam and email attacks. Find out
    how to completely and preemptively protect against major threats
    including spam, viruses, directory harvest attacks (DHA),
    denial-of-service (DoS) attacks, as well as internal policy
    violations. Download this free white paper today!
    ==== 1. In Focus: More About Wi-Fi Security ====
       by Mark Joseph Edwards, News Editor, mark at ntsecurity dot net
    Last week, I wrote about problems with particular Linksys and NETGEAR
    wireless Access Points (APs). I suggested that people might consider
    putting their APs behind a firewall to better protect the systems from
    access by outsiders who might approach the units from a WAN link. This
    practice might protect wireless APs against any unknown
    vulnerabilities that intruders might discover. Even if your APs have
    built-in firewalls of their own, consider also using a firewall
    external to them. The approach makes sense, but while cruising the
    Internet last week, I came across an old, but interesting article,
    "WiFi Security Checklist," at the Security Technique Web site that
    made me realize that I had overlooked another potential problem that
    you might want to consider.
    As you know, wireless protocols are vulnerable to a variety of
    attacks. APs' very nature makes them prone to granting access to users
    outside your immediate working environment. And of course, once
    someone has connected to one of your APs, he or she is part of your
    network. This situation raises the question of how much of your
    network is exposed to your APs. If you have no additional barriers in
    place and your APs are essentially inside your trusted network, an
    intruder will also be inside your trusted network after he or she
    connects to one of your APs. I doubt that you want to leave that
    gaping hole open.
    So in addition to putting a firewall in between your APs and external
    networks (whether they be the Internet, partner networks, remote
    offices, or other networks), you should probably consider putting a
    firewall behind your APs. In that sort of configuration, you could use
    some sort of VPN in which wireless clients tunnel back into your
    private network for access to network resources. That way, if an
    intruder connects to one of your APs, he or she will have far less to
    work with when trying to penetrate your overall network.
    Or, if your environment uses Remote Authentication Dial-In User
    Service (RADIUS), you might consider using RADIUS to pass routing
    restrictions to your APs. For example, Randy Franklin Smith explains
    in "A Secure Wireless Network Is Possible," Windows & .NET Magazine,
    May 2004, that if a visiting business partner connects to your AP,
    RADIUS could pass a routing restriction to the AP that allows him or
    her access only to the Internet and not your internal network. If you
    subscribe to the print magazine, you can read Smith's article on our
    Web site.
    ==== Sponsor: Windows & .NET Magazine ====
       Get 2 Sample Issues of Windows & .NET Magazine!
       Every issue of Windows & .NET Magazine includes intelligent,
    impartial, and independent coverage of security, Active Directory,
    Exchange, scripting, and much more. Our expert authors deliver how-to
    articles and product evaluations that will help you do your job
    better. Try two, no-risk sample issues today, and find out why 100,000
    IT professionals rely on Windows & .NET Magazine each month!
    ==== 2. Security News and Features ====
    Recent Security Vulnerabilities
       If you subscribe to this newsletter, you also receive Security
    Alerts, which inform you about recently discovered security
    vulnerabilities. You can also find information about these discoveries
    News: New IE Flaws Might Allow Code Injection
       On June 7, Jelmer Kuperus posted a message to the Full Disclosure
    mailing list to report the existence of new vulnerabilities in
    Microsoft Internet Explorer (IE) and exploits that take advantage of
    those flaws. As a result, we might see Microsoft release at least one
    new IE patch before its next scheduled security patch release date of
    July 15.
    ==== Announcements ====
       (from Windows & .NET Magazine and its partners)
    Security Patch Management Tools--Windows and Office Update Web Seminar
       How are you evaluating, distributing, and installing software
    patches? This free Webcast discusses the importance of patch
    management and establishing a patch-management process by using
    Windows and Office Update as a patch-management tool in your
    environment. Register now!
    Windows Connections October 24-27, Orlando, Florida.
       Save these dates for the Fall 2004 Windows Connections conference,
    which will run concurrently with Microsoft Exchange Connections.
    Register early and receive admission to both conferences for one low
    price. Learn firsthand from Microsoft product architects and the best
    third-party experts. Go online or call 800-505-1201 for more
    Attend the Black Hat Briefings & Training USA Event - July 24-29, 2004
       This is the world's premier technical IT security conference,
    hosting 2,000 delegates from 30 nations. Featuring 27 hands-on
    training courses and 10 conference tracks with presentations by
    security experts and "underground" security specialists. Early-bird
    registration deadline is July 1!
    ==== Hot Release ====
       Ultimate Windows Security Training
       You've read his articles... Now come to his training! Mind-meld
    with Windows security expert Randy Franklin Smith and learn his
    secrets on AD, Group Policy, WiFi Security, VPNs, IPSec, Security Log,
    EFS, IAS, Software Restrictions, Windows Firewall, etc. Download free
    security log quick reference chart.
    ==== 3. Instant Poll ====
    Results of Previous Poll
       The voting has closed in the Windows & .NET Magazine Network
    Security Web page nonscientific Instant Poll for the question, "Does
    your company intend to implement Windows XP Service Pack 2 (SP2)?"
    Here are the results from the 134 votes.
       - 29% Yes, as soon as it's available
       - 31% Yes, within 3 months of its release
       -  7% Yes, within 6 months of its release
       - 19% Yes, but we're not sure when
       - 13% No
    (Deviations from 100 percent are due to rounding.)
    New Instant Poll
       The next Instant Poll question is, "Where are your wireless Access
    Points (APs)?" Go to the Security Web page and submit your vote for
       - Inside the border firewall
       - Outside the border firewall
       - Between the border firewall and an internal firewall
    ==== 4. Security Toolkit ====
    FAQ: How Do I Install Microsoft Exchange Server 2003 Service Pack 1
       by John Savill, http://www.winnetmag.com/windowsnt20002003faq
    A. Before you install Exchange 2003 SP1, read the release notes. They
    contain a number of notices that could apply to your site and might
    affect the order in which you upgrade servers. You also need to apply
    the hotfix described by the Microsoft article "FIX: IIS 6.0
    compression corruption causes access violations,"
    http://support.microsoft.com/?kbid=831464 before you install the
    service pack. After you have the SP1 installation files, run the
    update.exe program as you would for any other service pack.
    During the installation, the Information Store service, WWW service,
    and other Exchange processes are stopped, which interrupts service to
    users. Therefore, you should plan to perform the upgrade at a time
    when users don't need to access Exchange.
    A new version of the Exchange Server Deployment Tools is available
    from the link below. You can use the deployment tools to assist you in
    the upgrade process. The tools offer new features, including enhanced
    support for consolidating sites in a mixed-mode environment (i.e., an
    environment containing a mix of servers running any combination of
    Exchange 2003, Exchange 2000 Server, and Exchange Server 5.5).
    Featured Thread: Extranet Security Setup
       (One message in this thread)
       A reader wants to create an Active Server Pages (ASP) extranet
    application that will give his customers access to information such as
    the work his company has done for them, the costs, and any scheduled
    work. Each user should be able to view his or her own information but
    not other customers' information. All the information is stored in one
    database, so he's thinking about using views in SQL Server 2000 to
    ensure that customers see only their own information. You can read the
    reader's plans for his application and offer advice at
    ==== Events Central ====
       (A complete Web and live events directory brought to you by Windows
    & .NET Magazine: http://www.winnetmag.com/events )
    New--Shrinking the Server Footprint: Blade Servers
       In this free Web seminar, you'll learn how blade servers provide
    native hot swappable support, simplified maintenance, modular
    construction, and support for scalability. And we'll talk about why
    you should be considering a blade server as the backbone of your next
    hardware upgrade. Register now!
    ==== 5. New and Improved ====
       by Jason Bovberg, products@private
    Increased Control Over IP Network Access and Security
       MetaInfo and Perfigo announced a joint marketing and integration
    alliance in which the companies will provide and support integration
    between MetaInfo's Meta IP SAFE DHCP and Perfigo's SecureSmart and
    CleanMachines products. By integrating the companies' complementary
    technologies, customers will be able to control and protect against
    unauthenticated access, viruses, worms, and policy noncompliance at
    the IP layer. While authenticating the machine's identity, the Meta IP
    SAFE DHCP server simultaneously requests network security validation
    and policy compliance checks from CleanMachines. CleanMachines
    conducts administrator-defined network and device-based scans that can
    find security vulnerabilities, such as viruses, outdated patches,
    spyware, and worms. For more information about this partnership,
    contact MetaInfo at 206-674-3700 or on the Web.
    Tell Us About a Hot Product and Get a T-Shirt!
       Have you used a product that changed your IT experience by saving
    you time or easing your daily burden? Tell us about the product, and
    we'll send you a Windows & .NET Magazine T-shirt if we write about the
    product in a future Windows & .NET Magazine What's Hot column. Send
    your product suggestions with information about how the product has
    helped you to whatshot@private
    ==== Sponsored Links ====
       Comparison Paper: The Argent Guardian Easily Beats Out MOM
    Microsoft(R) TechNet
       Microsoft(R) TechNet Webcasts: essential guidance, industry experts
    Editor's note: Share Your Security Discoveries and Get $100
       Share your security-related discoveries, comments, or problems and
    solutions in the Security Administrator print newsletter's Reader to
    Reader column. Email your contributions (500 words or less) to
    r2rsecadmin@private If we print your submission, you'll get
    $100. We edit submissions for style, grammar, and length.
    ==== Contact Us ====
    About the newsletter -- letters@private
    About technical questions -- http://www.winnetmag.com/forums
    About product news -- products@private
    About your subscription -- securityupdate@private
    About sponsoring Security UPDATE -- emedia_opps@private
    ==== Contact Our Sponsors ====
    Primary Sponsor:
       Postini -- http://www.postini.com -- 1-888-584-3150
    Hot Release Sponsor:
       Monterey Technology Group -- http://www.montereytechgroup.com --
    This email newsletter is brought to you by Windows & .NET Magazine,
    the leading publication for IT professionals deploying Windows and
    related technologies. Subscribe today.
    You received this email message because you asked to receive
    additional information about products and services from the Windows &
    .NET Magazine Network. To unsubscribe, send an email message to
    mailto:Security-UPDATE_Unsub@private Thank you!
    View the Windows & .NET Magazine privacy policy at
    Windows & .NET Magazine, a division of Penton Media, Inc.
    221 East 29th Street, Loveland, CO 80538
    Attention: Customer Service Department
    Copyright 2004, Penton Media, Inc. All rights reserved.
    ISN mailing list
    Sponsored by: OSVDB.org - For 15 cents a day, you could help feed an InfoSec junkie!
    (Broke? Spend 15 minutes a day on the project!)

    This archive was generated by hypermail 2b30 : Thu Jun 17 2004 - 11:36:34 PDT