[ISN] Alternative Firmware for Wireless APs: Thibor

From: InfoSec News (alerts@private)
Date: Thu Oct 19 2006 - 03:18:20 PDT


PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:

Manage Vulnerabilities. Defend Against Threats.
   http://list.windowsitpro.com/t?ctl=3C978:7EB890

Ten Steps to Achieving Business Compliance
   http://list.windowsitpro.com/t?ctl=3C960:7EB890

ThreatSentry - Stop IIS Attacks and Bad Traffic
   http://list.windowsitpro.com/t?ctl=3C969:7EB890


=== CONTENTS ===================================================

IN FOCUS: Alternative Firmware for Wireless APs: Thibor

NEWS AND FEATURES
   - Oracle to Enhance Patch Documentation with CVSS
   - PhishTank Aims to Blow Scammers Out of the Water
   - BartPE
   - Recent Security Vulnerabilities

GIVE AND TAKE
   - Security Matters Blog: Tactile Passwords
   - FAQ: Change the MIIS Service Account
   - Know Your IT Security Contest
   - Make Your Mark on the IT Community!

PRODUCTS
   - Encrypt Files on the Network
   - Wanted: Your Reviews of Products 

RESOURCES AND EVENTS

FEATURED WHITE PAPER

ANNOUNCEMENTS


=== SPONSOR: Core Security =====================================

Manage Vulnerabilities. Defend Against Threats.
   Your IT and Security budgets are tight. This White Paper shows real-
world case studies demonstrating the ROI potential of automated 
penetration testing.
   http://list.windowsitpro.com/t?ctl=3C978:7EB890


=== IN FOCUS: Alternative Firmware for Wireless APs: Thibor ====
   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

So far, I've told you about three alternative firmware packages for 
wireless access points (APs): DD-WRT, OpenWRT, and Talisman. If you 
missed those stories, you can read them at our Web site at their 
respective URLs: 
   http://list.windowsitpro.com/t?ctl=3C96E:7EB890
   http://list.windowsitpro.com/t?ctl=3C970:7EB890
   http://list.windowsitpro.com/t?ctl=3C96A:7EB890

Continuing this series, this week, I give you a peek into Thibor. 
Unlike the previously discussed firmware, Thibor is designed 
specifically for the Linksys WRT54G, WRT54GL, WRT54GS, and WRTSL54GS 
routers. 

Like the other firmware packages, Thibor is based on the open source 
code published by Linksys. Thibor is actually a continuation of the 
firmware package HyperWRT, which started in 2004 and was, as far as I 
know, maintained until early 2005. When HyperWRT development apparently 
ceased, two other developers picked up the ball to continue independent 
development of HyperWRT forks. Eventually the two packages were merged 
into what became known as Thibor. 

Like DD-WRT, OpenWRT, and Talisman, Thibor includes enhancements to the 
core features available in the Linksys firmware. These include 
enhancements to the Quality of Service (QoS) traffic shaping, port 
forwarding, and port triggering subsystems, as well as access 
restrictions including the blocking of specific services. 

Added features include static DHCP leasing, a port redirector, a site 
survey tool, support for DDNS including the ZoneEdit tool, and Wake-on-
LAN capability. In terms of security, Thibor also includes the Dropbear 
Secure Shell (SSH) server and client as well as enhanced filtering that 
can block potentially unwanted content, such as Java applets, ActiveX 
controls, cookies, and P2P software such as BitTorrent, Kazaa, WinMX, 
Direct Connect (DC), and Gnucleus.

As you might expect, Thibor supports PPTP for VPNs and Wired Equivalent 
Privacy (WEP), Wi-Fi Protected Access (WPA), and WPA2 for communication 
encryption, and even supports a number of file systems including NTFS, 
FAT, FAT32, ReiserFS, Ext2, and Ext3. 

In the previous articles of this series, I said that the firmware 
packages include ipchains firewall software. However, reader Bonno 
Bloksma wrote to correct me. Iptables is a much improved successor to 
ipchains. The firmware packages I've mentioned to date, including 
Thibor, use iptables. Thanks, Bonno, for pointing out that mistake. 

Thibor not only includes iptables but can also be made to use Firewall 
Builder. Firewall Builder is a GUI-based tool that's designed to make 
creating iptable firewall policies easier. Firewall Builder creates a 
script that you copy to the router. The script then configures iptables 
with the behavior that you've defined. At the Firewall Builder site (at 
the URL below), you can also see some screenshots of the tool in 
action. 
   http://list.windowsitpro.com/t?ctl=3C97A:7EB890

Like DD-WRT and Talisman, Thibor (at the first URL below) includes an 
easy-to-use GUI. Although HyperWRT isn't being maintained anymore, the 
Web site (at the second URL below)is still active and has a Web-based 
forum where people can openly discuss problems, request features, and 
get help using the Thibor firmware. 
   http://list.windowsitpro.com/t?ctl=3C97C:7EB890
   http://list.windowsitpro.com/t?ctl=3C97B:7EB890

===

Top 10 topics at the upcoming TechX World roadshows:

1. Run Windows commands at the same time as UNIX commands. With SUA, 
applications can actually mix calling Windows APIs directly and calling 
into the UNIX APIs.
2. Get a single view of users across your various enterprise 
repositories.
3. Configure networked Linux systems to accept logins in a secured 
manner using Windows AD accounts.
4. Improve how you manage access across Windows Terminal Services, UNIX 
and Linux X Windows, legacy telnet, and even SSH.
5. Address problems with distributed identity management and enhance 
the security of the network by preventing unauthorized access.
6. Query an LDAP server from AD and manage AD with LDAP. Ensure 
tighter, more secure interoperability.
7. Set up transactional replication between SQL Server 2005 and Oracle.
8. Create reports that draw data from multiple heterogeneous data 
sources such as SQL Server and Oracle.
9. Use SSIS to extract and cleanse data from an Oracle database and 
then load that data to a SQL Server database.
10. Put virtualization tips & tricks to work immediately for security, 
availability, backup/recovery, and server utilization.

http://list.windowsitpro.com/t?ctl=3C974:7EB890


=== SPONSOR: SurfControl =======================================

Ten Steps to Achieving Business Compliance
   Learn the 10 steps you need to take to achieve corporate compliance, 
including operational visibility in all communication data. As an extra 
step, stop network assaults so that you can use the Internet 
confidently, both on and off your corporate network.
   http://list.windowsitpro.com/t?ctl=3C960:7EB890


=== SECURITY NEWS AND FEATURES =================================

Oracle to Enhance Patch Documentation with CVSS
   Oracle's next batch of critical patch updates, which are issued 
quarterly, are due out on October 17. Beginning with that release, the 
company will introduce enhanced documentation to better help system 
administrators and management understand the impact of a vulnerability 
that a given patch is designed to correct.
   http://list.windowsitpro.com/t?ctl=3C96C:7EB890

PhishTank Aims to Blow Scammers Out of the Water
   A new team has entered the battle to stop scammers. PhishTank aims 
to blow scammers completely out of the water by identifying, tracking, 
and blocking access to sites that are designed to steal people's 
personal information.
   http://list.windowsitpro.com/t?ctl=3C96F:7EB890

BartPE
   Work as a systems or security administrator long enough, and you'll 
undoubtedly need to access a downed Windows system. Several tools can 
help you access data from otherwise inaccessible systems. Jeff Fellinge 
steps you through the wonderfully easy-to-use utility called BartPE. 
   http://list.windowsitpro.com/t?ctl=3C968:7EB890

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at
   http://list.windowsitpro.com/t?ctl=3C966:7EB890


=== SPONSOR: Privacyware =======================================

ThreatSentry - Stop IIS Attacks and Bad Traffic
   Malicious or unauthorized traffic hammering your Web servers? 
ThreatSentry combines a state-of-the-art Application Firewall and 
advanced behavioral intrusion prevention components to block any 
activity falling outside of trusted parameters. Get enterprise-grade, 
multi-layered protection for Microsoft IIS at a small business price! 
Download free trial today.
   http://list.windowsitpro.com/t?ctl=3C969:7EB890


=== GIVE AND TAKE ==============================================

SECURITY MATTERS BLOG: Tactile Passwords
   by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=3C975:7EB890

Some folks in the UK have come up with a unique way to help prevent 
people from stealing your password while shoulder surfing. Check it out 
in this blog article. 
   http://list.windowsitpro.com/t?ctl=3C96B:7EB890

FAQ: Change the MIIS Service Account
   by John Savill, http://list.windowsitpro.com/t?ctl=3C973:7EB890 

Q: How can I change the Microsoft Identity Integration Server (MIIS) 
2003 service account?

Find the answer at
   http://list.windowsitpro.com/t?ctl=3C96D:7EB890

KNOW YOUR IT SECURITY Contest
   Sponsored by Microsoft Learning Paths for Security 
Share your security-related tips, comments, or solutions in 1000 words 
or less, and you could be one of 13 lucky winners of a Zune media 
player. Tell us how you do patch management, share a security script, 
or write about a security article you've read or a Webcast you've 
viewed. Submit your entry between now and December 13. We'll select the 
13 best entries, and the winners will receive a Zune media player--
plus, we'll publish the winning entries in the Windows IT Security 
newsletter. Email your contributions to tipswinitsec@private
   Prizes are courtesy of Microsoft Learning Paths for Security: 
   http://list.windowsitpro.com/t?ctl=3C971:7EB890

MAKE YOUR MARK ON THE IT COMMUNITY!
   Nominate yourself or a peer to become an "IT Pro of the Month." This 
is your chance to get the recognition you deserve and get notoriety in 
the IT community. IT Pro of the Month winners will be featured in 
Windows IT Pro magazine and the TechNet Flash email newsletter, and 
best of all will receive over $600 in IT resources. All you have to do 
is email us your name, title, photo, and answers to the following 
questions: How did your IT solution save your company money? In what 
ways has your solution made innovative use of technology? and How is 
your solution adaptable to other business environments? Email your 
entry to: ITProoftheMonth@private


=== PRODUCTS ===================================================
   by Renee Munshi, products@private

Encrypt Files on the Network
   PGP announced the availability of PGP NetShare, a new product which 
enables teams to manage and share encrypted network-based files. Like 
PGP's other applications--PGP Whole Disk Encryption, PGP Universal 
Server, PGP Universal Gateway Email, and PGP Desktop--PGP NetShare 
makes use of the PGP Encryption Platform, which provides one 
architecture for managing keys and enforcing policies for all the 
applications. PGP also announced new versions of its existing 
applications. For more information, go to
   http://list.windowsitpro.com/t?ctl=3C97D:7EB890

WANTED: your reviews of products you've tested and used in 
production. Send your experiences and ratings of products to 
whatshot@private and get a Best Buy gift certificate.


=== RESOURCES AND EVENTS =======================================
   For more security-related resources, visit
   http://list.windowsitpro.com/t?ctl=3C972:7EB890

Any unscheduled downtime--especially of Exchange systems--can quickly 
affect a company's bottom line. Learn essential skills for reducing 
downtime to minutes instead of hours.  
   http://list.windowsitpro.com/t?ctl=3C962:7EB890

You know you need to manage your email data; how do you do it? What 
steps are you taking? What additional measures should you enact? What 
shouldn't you do? Get answers to these questions and get control of 
your vital messaging data. Download the free eBook today! 
   http://list.windowsitpro.com/t?ctl=3C964:7EB890

Can disaster recovery planning create real value for your business 
beyond mere survival? Justify your investments in DR planning, and get 
real answers to your questions about how DR planning and implementation 
affect the financial performance of your organization. Make cost-
effective decisions to positively impact your bottom line! Live Event: 
Tuesday, November 14 
   http://list.windowsitpro.com/t?ctl=3C95F:7EB890

Join experts Douglas McDowell from Solid Quality Learning and Andrew 
Sisson from Scalability Experts, as well as Intel insiders and other 
database professionals, to learn the latest about SQL Server and Oracle 
database mirroring, BI, 64-bit database computing, and high 
availability. Coming to cities across the US this fall. Visit
   http://list.windowsitpro.com/t?ctl=3C965:7EB890

Streamline and automate upgrades to SQL Server 2005 and manage multiple 
databases in less time. Leverage the data management, business 
intelligence, and performance improvements that you receive with an 
upgrade to SQL Server 2005, and unlock the full potential of your 
servers. Live Event: Thursday, November 2 
   http://list.windowsitpro.com/t?ctl=3C961:7EB890


=== FEATURED WHITE PAPER =======================================

Prevent installation and execution of unauthorized software on the 
computers on your network. Download this free white paper today for a 
comparison of different techniques for detecting and preventing 
unauthorized code. Protect yourself against emerging risks today! 
   http://list.windowsitpro.com/t?ctl=3C963:7EB890 

Special Offer: Download any white paper from Windows IT Pro before 
October 31 and enter to win a Casio Exilim Card Camera! The more you 
download, the more chances to win! Visit 
http://list.windowsitpro.com/t?ctl=3C977:7EB890 for a full listing
of white papers and contest rules.


=== ANNOUNCEMENTS ==============================================

Monthly Online Pass--only $5.95 per month! 
   Includes instant online access to every article ever published in 
Windows IT Pro, as well as the latest digital issue. Sign up now: 
   https://store.pentontech.com/index.cfm?s=1&promocode=eu206Aum  

Get $40 off on Windows IT Pro  
   Subscribe to Windows IT Pro today and SAVE up to $40! Along with 
your 12 issues, you'll get FREE access to the entire Windows IT Pro 
online article archive, which houses more than 9,000 helpful IT 
articles. This is a limited-time offer, so order now:  
   https://store.pentontech.com/index.cfm?s=1&promocode=eu206Auw


================================================================

Security UDPATE is brought to you by the Windows IT Pro Web site's 
Security page (first URL below) and the Windows IT Security newsletter 
(subscribe at the second URL below).
   http://list.windowsitpro.com/t?ctl=3C976:7EB890
   https://store.pentontech.com/index.cfm?s=1&promocode=eu255xsb

Subscribe to Security UPDATE at
   http://list.windowsitpro.com/t?ctl=3C967:7EB890

Be sure to add Security_UPDATE@private 
to your antispam software's list of allowed senders.

To contact us: 
   About Security UPDATE content -- letters@private
   About technical questions -- http://list.windowsitpro.com/t?ctl=3C979:7EB890
   About your product news -- products@private
   About your subscription -- windowsitproupdate@private
   About sponsoring Security UPDATE -- salesopps@private

View the Windows IT Pro privacy policy at
   http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2006, Penton Media, Inc. All rights reserved.


_________________________________
Visit the InfoSec News store!
http://www.shopinfosecnews.org 



This archive was generated by hypermail 2.1.3 : Thu Oct 19 2006 - 03:28:48 PDT