PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE: Manage Vulnerabilities. Defend Against Threats. http://list.windowsitpro.com/t?ctl=3C978:7EB890 Ten Steps to Achieving Business Compliance http://list.windowsitpro.com/t?ctl=3C960:7EB890 ThreatSentry - Stop IIS Attacks and Bad Traffic http://list.windowsitpro.com/t?ctl=3C969:7EB890 === CONTENTS =================================================== IN FOCUS: Alternative Firmware for Wireless APs: Thibor NEWS AND FEATURES - Oracle to Enhance Patch Documentation with CVSS - PhishTank Aims to Blow Scammers Out of the Water - BartPE - Recent Security Vulnerabilities GIVE AND TAKE - Security Matters Blog: Tactile Passwords - FAQ: Change the MIIS Service Account - Know Your IT Security Contest - Make Your Mark on the IT Community! PRODUCTS - Encrypt Files on the Network - Wanted: Your Reviews of Products RESOURCES AND EVENTS FEATURED WHITE PAPER ANNOUNCEMENTS === SPONSOR: Core Security ===================================== Manage Vulnerabilities. Defend Against Threats. Your IT and Security budgets are tight. This White Paper shows real- world case studies demonstrating the ROI potential of automated penetration testing. http://list.windowsitpro.com/t?ctl=3C978:7EB890 === IN FOCUS: Alternative Firmware for Wireless APs: Thibor ==== by Mark Joseph Edwards, News Editor, mark at ntsecurity / net So far, I've told you about three alternative firmware packages for wireless access points (APs): DD-WRT, OpenWRT, and Talisman. If you missed those stories, you can read them at our Web site at their respective URLs: http://list.windowsitpro.com/t?ctl=3C96E:7EB890 http://list.windowsitpro.com/t?ctl=3C970:7EB890 http://list.windowsitpro.com/t?ctl=3C96A:7EB890 Continuing this series, this week, I give you a peek into Thibor. Unlike the previously discussed firmware, Thibor is designed specifically for the Linksys WRT54G, WRT54GL, WRT54GS, and WRTSL54GS routers. Like the other firmware packages, Thibor is based on the open source code published by Linksys. Thibor is actually a continuation of the firmware package HyperWRT, which started in 2004 and was, as far as I know, maintained until early 2005. When HyperWRT development apparently ceased, two other developers picked up the ball to continue independent development of HyperWRT forks. Eventually the two packages were merged into what became known as Thibor. Like DD-WRT, OpenWRT, and Talisman, Thibor includes enhancements to the core features available in the Linksys firmware. These include enhancements to the Quality of Service (QoS) traffic shaping, port forwarding, and port triggering subsystems, as well as access restrictions including the blocking of specific services. Added features include static DHCP leasing, a port redirector, a site survey tool, support for DDNS including the ZoneEdit tool, and Wake-on- LAN capability. In terms of security, Thibor also includes the Dropbear Secure Shell (SSH) server and client as well as enhanced filtering that can block potentially unwanted content, such as Java applets, ActiveX controls, cookies, and P2P software such as BitTorrent, Kazaa, WinMX, Direct Connect (DC), and Gnucleus. As you might expect, Thibor supports PPTP for VPNs and Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), and WPA2 for communication encryption, and even supports a number of file systems including NTFS, FAT, FAT32, ReiserFS, Ext2, and Ext3. In the previous articles of this series, I said that the firmware packages include ipchains firewall software. However, reader Bonno Bloksma wrote to correct me. Iptables is a much improved successor to ipchains. The firmware packages I've mentioned to date, including Thibor, use iptables. Thanks, Bonno, for pointing out that mistake. Thibor not only includes iptables but can also be made to use Firewall Builder. Firewall Builder is a GUI-based tool that's designed to make creating iptable firewall policies easier. Firewall Builder creates a script that you copy to the router. The script then configures iptables with the behavior that you've defined. At the Firewall Builder site (at the URL below), you can also see some screenshots of the tool in action. http://list.windowsitpro.com/t?ctl=3C97A:7EB890 Like DD-WRT and Talisman, Thibor (at the first URL below) includes an easy-to-use GUI. Although HyperWRT isn't being maintained anymore, the Web site (at the second URL below)is still active and has a Web-based forum where people can openly discuss problems, request features, and get help using the Thibor firmware. http://list.windowsitpro.com/t?ctl=3C97C:7EB890 http://list.windowsitpro.com/t?ctl=3C97B:7EB890 === Top 10 topics at the upcoming TechX World roadshows: 1. Run Windows commands at the same time as UNIX commands. With SUA, applications can actually mix calling Windows APIs directly and calling into the UNIX APIs. 2. Get a single view of users across your various enterprise repositories. 3. Configure networked Linux systems to accept logins in a secured manner using Windows AD accounts. 4. Improve how you manage access across Windows Terminal Services, UNIX and Linux X Windows, legacy telnet, and even SSH. 5. Address problems with distributed identity management and enhance the security of the network by preventing unauthorized access. 6. Query an LDAP server from AD and manage AD with LDAP. Ensure tighter, more secure interoperability. 7. Set up transactional replication between SQL Server 2005 and Oracle. 8. Create reports that draw data from multiple heterogeneous data sources such as SQL Server and Oracle. 9. Use SSIS to extract and cleanse data from an Oracle database and then load that data to a SQL Server database. 10. Put virtualization tips & tricks to work immediately for security, availability, backup/recovery, and server utilization. http://list.windowsitpro.com/t?ctl=3C974:7EB890 === SPONSOR: SurfControl ======================================= Ten Steps to Achieving Business Compliance Learn the 10 steps you need to take to achieve corporate compliance, including operational visibility in all communication data. As an extra step, stop network assaults so that you can use the Internet confidently, both on and off your corporate network. http://list.windowsitpro.com/t?ctl=3C960:7EB890 === SECURITY NEWS AND FEATURES ================================= Oracle to Enhance Patch Documentation with CVSS Oracle's next batch of critical patch updates, which are issued quarterly, are due out on October 17. Beginning with that release, the company will introduce enhanced documentation to better help system administrators and management understand the impact of a vulnerability that a given patch is designed to correct. http://list.windowsitpro.com/t?ctl=3C96C:7EB890 PhishTank Aims to Blow Scammers Out of the Water A new team has entered the battle to stop scammers. PhishTank aims to blow scammers completely out of the water by identifying, tracking, and blocking access to sites that are designed to steal people's personal information. http://list.windowsitpro.com/t?ctl=3C96F:7EB890 BartPE Work as a systems or security administrator long enough, and you'll undoubtedly need to access a downed Windows system. Several tools can help you access data from otherwise inaccessible systems. Jeff Fellinge steps you through the wonderfully easy-to-use utility called BartPE. http://list.windowsitpro.com/t?ctl=3C968:7EB890 Recent Security Vulnerabilities If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at http://list.windowsitpro.com/t?ctl=3C966:7EB890 === SPONSOR: Privacyware ======================================= ThreatSentry - Stop IIS Attacks and Bad Traffic Malicious or unauthorized traffic hammering your Web servers? ThreatSentry combines a state-of-the-art Application Firewall and advanced behavioral intrusion prevention components to block any activity falling outside of trusted parameters. Get enterprise-grade, multi-layered protection for Microsoft IIS at a small business price! Download free trial today. http://list.windowsitpro.com/t?ctl=3C969:7EB890 === GIVE AND TAKE ============================================== SECURITY MATTERS BLOG: Tactile Passwords by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=3C975:7EB890 Some folks in the UK have come up with a unique way to help prevent people from stealing your password while shoulder surfing. Check it out in this blog article. http://list.windowsitpro.com/t?ctl=3C96B:7EB890 FAQ: Change the MIIS Service Account by John Savill, http://list.windowsitpro.com/t?ctl=3C973:7EB890 Q: How can I change the Microsoft Identity Integration Server (MIIS) 2003 service account? Find the answer at http://list.windowsitpro.com/t?ctl=3C96D:7EB890 KNOW YOUR IT SECURITY Contest Sponsored by Microsoft Learning Paths for Security Share your security-related tips, comments, or solutions in 1000 words or less, and you could be one of 13 lucky winners of a Zune media player. Tell us how you do patch management, share a security script, or write about a security article you've read or a Webcast you've viewed. Submit your entry between now and December 13. We'll select the 13 best entries, and the winners will receive a Zune media player-- plus, we'll publish the winning entries in the Windows IT Security newsletter. Email your contributions to tipswinitsec@private Prizes are courtesy of Microsoft Learning Paths for Security: http://list.windowsitpro.com/t?ctl=3C971:7EB890 MAKE YOUR MARK ON THE IT COMMUNITY! Nominate yourself or a peer to become an "IT Pro of the Month." This is your chance to get the recognition you deserve and get notoriety in the IT community. IT Pro of the Month winners will be featured in Windows IT Pro magazine and the TechNet Flash email newsletter, and best of all will receive over $600 in IT resources. All you have to do is email us your name, title, photo, and answers to the following questions: How did your IT solution save your company money? In what ways has your solution made innovative use of technology? and How is your solution adaptable to other business environments? Email your entry to: ITProoftheMonth@private === PRODUCTS =================================================== by Renee Munshi, products@private Encrypt Files on the Network PGP announced the availability of PGP NetShare, a new product which enables teams to manage and share encrypted network-based files. Like PGP's other applications--PGP Whole Disk Encryption, PGP Universal Server, PGP Universal Gateway Email, and PGP Desktop--PGP NetShare makes use of the PGP Encryption Platform, which provides one architecture for managing keys and enforcing policies for all the applications. PGP also announced new versions of its existing applications. For more information, go to http://list.windowsitpro.com/t?ctl=3C97D:7EB890 WANTED: your reviews of products you've tested and used in production. Send your experiences and ratings of products to whatshot@private and get a Best Buy gift certificate. === RESOURCES AND EVENTS ======================================= For more security-related resources, visit http://list.windowsitpro.com/t?ctl=3C972:7EB890 Any unscheduled downtime--especially of Exchange systems--can quickly affect a company's bottom line. Learn essential skills for reducing downtime to minutes instead of hours. http://list.windowsitpro.com/t?ctl=3C962:7EB890 You know you need to manage your email data; how do you do it? What steps are you taking? What additional measures should you enact? What shouldn't you do? Get answers to these questions and get control of your vital messaging data. Download the free eBook today! http://list.windowsitpro.com/t?ctl=3C964:7EB890 Can disaster recovery planning create real value for your business beyond mere survival? Justify your investments in DR planning, and get real answers to your questions about how DR planning and implementation affect the financial performance of your organization. Make cost- effective decisions to positively impact your bottom line! Live Event: Tuesday, November 14 http://list.windowsitpro.com/t?ctl=3C95F:7EB890 Join experts Douglas McDowell from Solid Quality Learning and Andrew Sisson from Scalability Experts, as well as Intel insiders and other database professionals, to learn the latest about SQL Server and Oracle database mirroring, BI, 64-bit database computing, and high availability. Coming to cities across the US this fall. Visit http://list.windowsitpro.com/t?ctl=3C965:7EB890 Streamline and automate upgrades to SQL Server 2005 and manage multiple databases in less time. Leverage the data management, business intelligence, and performance improvements that you receive with an upgrade to SQL Server 2005, and unlock the full potential of your servers. Live Event: Thursday, November 2 http://list.windowsitpro.com/t?ctl=3C961:7EB890 === FEATURED WHITE PAPER ======================================= Prevent installation and execution of unauthorized software on the computers on your network. Download this free white paper today for a comparison of different techniques for detecting and preventing unauthorized code. Protect yourself against emerging risks today! http://list.windowsitpro.com/t?ctl=3C963:7EB890 Special Offer: Download any white paper from Windows IT Pro before October 31 and enter to win a Casio Exilim Card Camera! The more you download, the more chances to win! Visit http://list.windowsitpro.com/t?ctl=3C977:7EB890 for a full listing of white papers and contest rules. === ANNOUNCEMENTS ============================================== Monthly Online Pass--only $5.95 per month! Includes instant online access to every article ever published in Windows IT Pro, as well as the latest digital issue. Sign up now: https://store.pentontech.com/index.cfm?s=1&promocode=eu206Aum Get $40 off on Windows IT Pro Subscribe to Windows IT Pro today and SAVE up to $40! Along with your 12 issues, you'll get FREE access to the entire Windows IT Pro online article archive, which houses more than 9,000 helpful IT articles. This is a limited-time offer, so order now: https://store.pentontech.com/index.cfm?s=1&promocode=eu206Auw ================================================================ Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and the Windows IT Security newsletter (subscribe at the second URL below). http://list.windowsitpro.com/t?ctl=3C976:7EB890 https://store.pentontech.com/index.cfm?s=1&promocode=eu255xsb Subscribe to Security UPDATE at http://list.windowsitpro.com/t?ctl=3C967:7EB890 Be sure to add Security_UPDATE@private to your antispam software's list of allowed senders. To contact us: About Security UPDATE content -- letters@private About technical questions -- http://list.windowsitpro.com/t?ctl=3C979:7EB890 About your product news -- products@private About your subscription -- windowsitproupdate@private About sponsoring Security UPDATE -- salesopps@private View the Windows IT Pro privacy policy at http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy Windows IT Pro, a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538 Attention: Customer Service Department Copyright 2006, Penton Media, Inc. All rights reserved. _________________________________ Visit the InfoSec News store! http://www.shopinfosecnews.org
This archive was generated by hypermail 2.1.3 : Thu Oct 19 2006 - 03:28:48 PDT