PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE: Save on the #1 Ranked Web Filtering Appliance http://list.windowsitpro.com/t?ctl=3838F:7EB890 Top 10 Requirements for Effective Patch Management http://list.windowsitpro.com/t?ctl=383A0:7EB890 Extending SMS to Handheld Devices http://list.windowsitpro.com/t?ctl=3838B:7EB890 === CONTENTS =================================================== IN FOCUS: Transceiver Fingerprinting Improves Wireless Security NEWS AND FEATURES - New Unpatched Vulnerability Affects Microsoft Word 2000 - Cisco and Microsoft Team Up on Network Access Control - BrowserShield Defends Browsers at Network Borders - Recent Security Vulnerabilities GIVE AND TAKE - Security Matters Blog: Browzar Bashing--Is It Warranted? - FAQ: 64-Bit Version of Group Policy Management Console - From the Forum: NTFS Permission in an Education Environment - Share Your Security Tips PRODUCTS - Full-Featured Firewall-Routers - Wanted: Your Reviews of Products RESOURCES AND EVENTS FEATURED WHITE PAPER ANNOUNCEMENTS === SPONSOR: St. Bernard Software ============================== Save on the #1 Ranked Web Filtering Appliance iPrism, the IDC-ranked #1 Web filtering appliance has an offer that's too good to pass up. Purchase a 3-year subscription to the most accurate database in the industry and get your iPrism appliance at no charge. Or, purchase an iPrism and a 3-year subscription and get an extra year free. Only iPrism gives you two ways to save big. This is a limited time offer so get a Quick Quote now! http://list.windowsitpro.com/t?ctl=3838F:7EB890 === IN FOCUS: Transceiver Fingerprinting Improves Wireless Security by Mark Joseph Edwards, News Editor, mark at ntsecurity / net If you operate wireless networks, you know that media access control (MAC) address filtering is an unreliable way to prevent unwanted network access. The reasons are that it's relatively simple to spoof any MAC address and to collect MAC addresses from the airwaves. One technique used to improve on MAC filtering is to develop a fingerprint of the wireless network driver, which can help identify the wireless hardware by manufacturer. This approach works because each manufacturer develops its own driver behavior. The characteristics of that behavior can be tracked, identified, stored, and later matched when a wireless device is detected by an intrusion detection system (IDS) or authentication system. Other techniques involve actively or passively discovering wireless device model numbers, chipset model numbers, and OS versions. Jeyanthi Hall has explored a way to take wireless device fingerprinting even further. In her research, Hall discovered that each wireless network device has a unique frequency signal profile, which can be discovered as the device transmits over the airwaves. This holds true even for identical card models from the same manufacturer and even when those cards use exactly the same chipset. Therefore, a fingerprint can be developed that will match one specific physical device. Hall thinks that, based on her research, the only way such a fingerprint can be spoofed is to physically recreate all the characteristics of the circuits in the original device. In order to accomplish that task, the original device would be required, which implies that someone must first steal it. But in the case of a stolen device, the fingerprint could be blocked, hopefully before someone replicates the exact circuitry. In practical use, transceiver fingerprint identification could be used in wireless intrusion detection and prevention systems and in authentication systems. What's more, transceiver fingerprinting isn't limited to Wi-Fi devices. Since Bluetooth technology is also based on radio transmissions, similar techniques could be used to guard Bluetooth connectivity. According to Hall's research (as published to date), transceiver fingerprinting is about 95 percent accurate. So there is room for error, which means that additional methods of protection might be necessary in some situations. One important issue to keep in mind about any radio transmitter is that as a device ages, its radio signal profile changes. Therefore, in order to maintain fingerprint accuracy, the fingerprint must be updated continually. This of course creates processing overhead and could pose significant hurdles in large wireless network installations. Regardless, the hurdles aren't insurmountable. Hall has published two detailed white papers (one that covers Wi-Fi and one that covers Bluetooth) that describe her research and its potential applications. If you're interested in this technology, which very well might make its way into wireless security solutions, then be sure to read the papers. They're available at the first two URLs below in PDF format. If you're interested in other wireless security-related work published by Hall, then visit her site at Carleton University at the third URL below. http://list.windowsitpro.com/t?ctl=38397:7EB890 http://list.windowsitpro.com/t?ctl=38398:7EB890 http://list.windowsitpro.com/t?ctl=383A1:7EB890 === SPONSOR: Patchlink ========================================= Top 10 Requirements for Effective Patch Management Endless streams of security patches are a continuous strain on IT resources. Assessing, deploying, & tracking software patches across operating systems is even more difficult. Learn to distill the requirements for selecting an effective patch management solution. Download now! http://list.windowsitpro.com/t?ctl=383A0:7EB890 === SECURITY NEWS AND FEATURES ================================= New Unpatched Vulnerability Affects Microsoft Word 2000 Symantec reported the discovery of a new unpatched vulnerability that affects Microsoft Word 2000. The vulnerability could allow a remote intruder to install a Trojan horse that opens a back door on an affected system when a malicious document is opened. Exploits that take advantage of the vulnerability have been discovered circulating on the Internet. http://list.windowsitpro.com/t?ctl=38393:7EB890 Cisco and Microsoft Team Up on Network Access Control Cisco and Microsoft announced that their respective technologies, Cisco Network Admission Control (NAC) and Microsoft Network Access Protection (NAP), will be interoperable. Both technologies are designed to prevent computers from accessing a network unless they meet specific "health" checks. http://list.windowsitpro.com/t?ctl=38392:7EB890 BrowserShield Defends Browsers at Network Borders Microsoft developed a prototype defense tool, BrowserShield, that can defend unpatched browsers by filtering and rewriting incoming Web content at network borders. http://list.windowsitpro.com/t?ctl=38394:7EB890 Recent Security Vulnerabilities If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at http://list.windowsitpro.com/t?ctl=38391:7EB890 === SPONSOR: iAnywhere ========================================= Extending SMS to Handheld Devices Join iAnywhere on Tuesday, September 26th, for a webcast on how to extend Microsoft SMS to handheld devices. In this session, we'll provide an overview of Afaria's management and security capabilities and focus on enhancing and extending SMS to a wide range of mobile devices. http://list.windowsitpro.com/t?ctl=3838B:7EB890 === GIVE AND TAKE ============================================== SECURITY MATTERS BLOG: Browzar Bashing--Is It Warranted? by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=3839E:7EB890 There's a lot of Browzar bashing going on, and most of it overlooks the obvious. Read my perspective on the bashing in this blog article http://list.windowsitpro.com/t?ctl=38395:7EB890 FAQ: 64-Bit Version of Group Policy Management Console by John Savill, http://list.windowsitpro.com/t?ctl=3839B:7EB890 Q: Where can I get the 64-bit version of Group Policy Management Console (GPMC)? Find the answer at http://list.windowsitpro.com/t?ctl=38396:7EB890 FROM THE FORUM: NTFS Permission in an Education Environment A forum participant is working on creating a way for teachers and students to share info while controlling what the students can see and do. He's running a Windows Server 2003 Release 2 (R2) domain and is aware of access-based enumeration. He's having difficulty getting the permissions set properly and needs some advice. Join the discussion at: http://list.windowsitpro.com/t?ctl=3838A:7EB890 SHARE YOUR SECURITY TIPS AND GET $100 Share your security-related tips, comments, or problems and solutions in the Windows IT Security print newsletter's Reader to Reader column. Email your contributions to r2rwinitsec@private If we print your submission, you'll get $100. We edit submissions for style, grammar, and length. === PRODUCTS =================================================== by Renee Munshi, products@private Full-Featured Firewall-Routers HotBrick Network Solutions offers the HSS 4000 and HSS 6000 firewall-routers. The HSS 4000 has 512MB of RAM, a 1.0GHz Pentium 4 processor, and four flex ports; the HSS 6000 has 1GB of RAM, a 2.8GHz Pentium 4 processor, and six flex ports. Both firewall-routers include internal hard drives and an optional hardware-based VPN accelerator (flexible software-based VPNs are standard). The HSS 4000 supports up to 1000 LAN users, while the HSS 6000 allows for an unlimited number of LAN users. You manage the firewall-routers from a Web interface over HTTP Secure (HTTPS), console port, and Secure Shell (SSH) connection. The Web-based content-filtering feature and the hard drive-based spam- filtering and antivirus options can also be managed from the interface. For more information, go to http://list.windowsitpro.com/t?ctl=383A3:7EB890 WANTED: your reviews of products you've tested and used in production. Send your experiences and ratings of products to whatshot@private and get a Best Buy gift certificate. === RESOURCES AND EVENTS ======================================= For more security-related resources, visit http://list.windowsitpro.com/t?ctl=3839A:7EB890 Linux + Unix + Windows - TechX World Pure-play IT shops are a nice idea, but the reality today is that we are all faced with interoperability issues. TechX World 2006 gives you access to leading experts in the field and will prepare you to master interoperability issues in your environment. http://list.windowsitpro.com/t?ctl=3839C:7EB890 Tired of using separate products on your Microsoft Exchange server for antivirus, antispam, attachment filtering, disclaimers, content auditing/filtering? This webcast will address the latest threats to messaging security and spotlight Sunbelt's Messaging Ninja that enables system administrators to easily secure their messaging infrastructures and stop threats at the Exchange Server. http://list.windowsitpro.com/t?ctl=38390:7EB890 Can you distinguish between the facts and fiction of Linux? Get the straight answers about Linux, UNIX, and Windows - together and head-to- to head comparisons. Read articles and download free resources today! You can also test your Linux skills and enter to win a $150 MSN Music gift card! http://list.windowsitpro.com/t?ctl=3839F:7EB890 Randy Franklin Smith outlines five evaluation points to consider when choosing your antispyware solution in this free podcast. Download it today! http://list.windowsitpro.com/t?ctl=3838D:7EB890 Integrate fax services with business applications for major increases in ROI. Find out how fax technology can benefit your bottom line and improve business processes. Download the free ebook today! http://list.windowsitpro.com/t?ctl=3838E:7EB890 === FEATURED WHITE PAPER ======================================= Extend Microsoft Windows Rights Management Services (RMS) to support enterprise requirements for information protection, including proprietary business data. Download the free whitepaper today! http://list.windowsitpro.com/t?ctl=3838C:7EB890 === ANNOUNCEMENTS ============================================== Special Invitation for VIP Access Become a VIP subscriber and get continuous, inside access to ALL content published in Windows IT Pro magazine, SQL Server Magazine, Exchange and Outlook Administrator newsletter, Windows Scripting Solutions newsletter, and Windows IT Security newsletter. Subscribe now and SAVE $100: https://store.pentontech.com/index.cfm?s=1&promocode=eu2769uv Get the Windows IT Pro Utility Kit FREE SAVE up to $30 off Windows IT Pro magazine and get an exclusive Windows IT Pro Utility Kit CD FREE with your paid order! In addition, you'll get unlimited access to the entire online article archive, which houses more than 9,000 helpful Windows IT articles. This is a limited- time offer, so order now: https://store.pentontech.com/index.cfm?s=1&promocode=eu2069uw ================================================================ Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and the Windows IT Security newsletter (subscribe at the second URL below). http://list.windowsitpro.com/t?ctl=3839D:7EB890 https://store.pentontech.com/index.cfm?s=1&promocode=eu255xsb Subscribe to Security UPDATE at http://list.windowsitpro.com/t?ctl=38399:7EB890 Be sure to add Security_UPDATE@private to your antispam software's list of allowed senders. To contact us: About Security UPDATE content -- letters@private About technical questions -- http://list.windowsitpro.com/t?ctl=383A2:7EB890 About your product news -- products@private About your subscription -- windowsitproupdate@private About sponsoring Security UPDATE -- salesopps@private View the Windows IT Pro privacy policy at http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy Windows IT Pro, a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538 Attention: Customer Service Department Copyright 2006, Penton Media, Inc. All rights reserved. _________________________________ HITBSecConf2006 - Malaysia The largest network security event in Asia 32 internationally renowned speakers 7 tracks of hands-on technical training sessions. Register now: http://conference.hitb.org/hitbsecconf2006kl/
This archive was generated by hypermail 2.1.3 : Wed Sep 13 2006 - 23:16:37 PDT