[ISN] Security UPDATE -- A Peek into the Future of Wi-Fi Security -- September 7, 2005

InfoSec News isn at c4i.org
Thu Sep 8 02:39:00 EDT 2005


This email newsletter comes to you free and is supported by the 
following advertisers, which offer products and services in which 
you might be interested. Please take a moment to visit these 
advertisers' Web sites and show your support for Security UPDATE. 

Download Free Patch & Spyware Management Software Now!

Gone in 30 Days: Exchange, Retention, and Regulatory Compliance


1. In Focus: A Peek into the Future of Wi-Fi Security 

2. Security News and Features
   - Recent Security Vulnerabilities
   - Another IE Flaw Surfaces 
   - Long Registry Keys Can Help Hide Malware 

3. Security Toolkit
   - Security Matters Blog
   - FAQ
   - Security Forum Featured Thread

4. New and Improved
   - Desktop Spyware Protection for SMBs


==== Sponsor: Shavlik Technologies====

Download Free Patch & Spyware Management Software Now!
   Is your network really secure? Take your automated network security 
to the next level with new Shavlik NetChk Protect - Patch & Spyware 
Management in one easy-to-use GUI. Shavlik NetChk Protect is an 
agentless solution that is designed for the enterprise and boasts fast, 
accurate detection/remediation and prevents spyware installation, 
maximizing your defense against such threats- Remediate Spyware and 
Install Patches in 30 minutes or Less with Shavlik NetChk Protect for a 
Complete Security Solution.
   To download free software visit:


==== 1. In Focus: A Peek into the Future of Wi-Fi Security ====
   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

Today, Wi-Fi networks are secured by using a number of methods. Those 
methods protect Access Points (APs) and clients from a wide variety of 
attacks: connection hijacking, unauthorized connections to legitimate 
APs, Denial of Service (DoS) attacks, address spoofing, attempts at 
network bridging, rogue APs, man-in-the-middle attacks, and the list 
goes on. 

Any sort of wireless communication is more difficult to defend than a 
wired network. One main reason is that radio waves propagate. Unless 
your network has extremely sophisticated transmitters, antennas, and 
wave propagation limiters, controlling the extent to which your waves 
are traveling is very difficult. If intruders can pick up your Wi-Fi 
signals, they have some amount of access to the communication taking 
place. But encryption helps protect the data being transmitted, and AP 
and client security systems help prevent intrusion and service 

A number of security solutions are designed specifically to protect 
wireless networks, and they work reasonably well, but there is still 
room for improvement. In the near future, we'll see enhancements and 
features added to many of those solutions, and we'll undoubtedly see 
new solutions come to the marketplace. 

At the recent Intel Developer Forum, Justin Rattner, Intel senior 
fellow and director of Intel's Corporate Technology Group, demonstrated 
some interesting new wireless networking technology that could help 
improve security. The technology involves wireless devices that can 
become aware of a person's physical location, similar to GPS technology 
but without the need for orbiting satellites. The company said that its 
client location technology is currently accurate to within a 1-meter 

In essence, an AP uses the new technology to determine a client's 
location by timing the transmission of data to and from the client. 
Because the rate of travel can be known, the distance between APs and 
clients can be calculated. 

AP antennas can play a significant role in the refinement of client 
location systems because the antennas can be designed to transmit 
signals within a specific area in a given direction. A specially 
designed AP antenna could allow an AP to determine where a client is 
located relative to the AP's position. I suspect that Intel's 
technology takes advantage of a somewhat unique antenna design as 
compared to typical AP antennas in use today. 

The security of wireless networks could be greatly improved by using 
client location awareness. In practice, an AP could be configured to 
allow connections only from devices that are within 30 feet. Similarly, 
wireless Intrusion Detection Systems (IDSs) could be set to detect any 
client systems attempting communication from farther away than a 
predefined distance from the AP. 

Of course the application of such technology isn't limited to enhanced 
security. During his demonstration, Rattner showed how he could be 
tracked in an on-stage mock-up of a home. As he moved from place to 
place, wireless transmission of a video broadcast was switched to the 
screen closest to him. However, to security administrators, this peek 
into the near future is most interesting because of the significant 
implications for improved network security. 


==== Sponsor: Sherpa Software ====

Gone in 30 Days: Exchange, Retention, and Regulatory Compliance
   The advent of Sarbanes-Oxley, Gramm-Leach-Bliley, and assorted 
market-specific regulations means that you may be legally required to 
have an email compliance and retention policy. Download this free 
whitepaper now to learn general retention and compliance issues, gain 
an understanding of Microsoft Exchange Server's built-in archiving and 
compliance features and guidance on first steps to take when starting 
an archiving regime. Plus - discover how to analyze trends and usage 
across your messaging store; implement retention policies in Exchange 
mailboxes, PST files (network/local), public folders and more.


==== 2. Security News and Features ====

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at

Another IE Flaw Surfaces 
   Tom Ferris reported a new flaw in Microsoft Internet Explorer (IE) 
6.0 on fully patched Windows XP Service Pack 2 (SP2) systems. While 
Ferris offered few details about the problem on his Web site, the 
vulnerability reportedly could allow a remote intruder to install 
remote code and completely take over an affected system.

Long Registry Keys Can Help Hide Malware 
   Last week, an interesting discovery was made regarding the Windows 
registry. Apparently, long keys can't be viewed or deleted by using 
regedit or many third-party tools designed to detect malware. Registry 
keys that exceed 254 characters in length are basically invisible 
unless the tool being used to read the registry is designed to 
accommodate longer keys.


==== Resources and Events ====

Avoid the 5 Major Compliance Pitfalls
   Based on real-world examples, this Web seminar will help C-level 
executives, as well as IT directors and managers, avoid common mistakes 
and give their organization a head start toward ensuring a successful 
compliance implementation. Register today and find out how you can 
avoid the mistakes of others, improve IT security, and reduce the cost 
of continually maintaining and demonstrating compliance.

Consolidate Your SQL Server Infrastructure
   Shared data clustering is the breakthrough consolidation solution 
for Microsoft Windows servers. In this free Web seminar, learn how 
shared data clustering technology can reduce capital expenditures by at 
least 50 percent, improve management efficiency, reduce operational 
expense, ensure high availability across all SQL Server instances, and 
more. Find out how you can reduce the Total Cost of Ownership (TCO) for 
SQL Server cluster deployments by as much as 60 percent over three 
years. Sign up today!

Discover SQL Server 2005 for the Enterprise. Are you prepared?
   In this free, half-day event you'll learn how the top new features 
of SQL Server 2005 will help you create and manage large-scale, 
mission-critical, enterprise database applications--making your job 
easier. Find out how to leverage SQL Server 2005's new capabilities to 
best support your business initiatives. Register today!

Roll Back Data to Any Point in Time, Not Just to the Last Snapshot or 
   Have you ever lost data that was saved right after your last backup? 
Most of us have. Continuous, or real-time, backup systems provide real-
time protection, but are they right for you? In this free Web seminar, 
you'll learn about the design principles that underlie continuous data 
protection solutions, how to integrate them with your existing backup 
infrastructure, and how best to apply continuous protection 
technologies to your Windows-based servers.

Get Ready for SQL Server 2005 Roadshow in Europe
   Back By Popular Demand - Get the facts about migrating to SQL Server 
2005! SQL Server experts will present real-world information about 
administration, development, and business intelligence to help you 
implement a best-practices migration to SQL Server 2005 and improve 
your database-computing environment. Receive a one-year membership to 
PASS and one-year subscription to SQL Server Magazine. Register now!


==== Featured White Paper ====

Is Your Exchange Server 2003 Environment Well Cared For?
   Get the bare and necessary facts you should know to maintain your 
Exchange Server 2003 environment, including critical strategies for 
predicting and responding to failures. Plus, you'll receive useful 
information about implementing proactive measures, such as preventive 
database maintenance, to ensure that your investment is well protected.


==== 3. Security Toolkit ==== 

Security Matters Blog: Bam! Google Hacking Just Got Kicked Up a Notch 
   by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=12DE2:4FB69

If Emeril Lagasse were a hacker, he'd probably be using the new Google 
mining toolset, Massive Enumeration Tool (MET). Written in the Python 
scripting language, MET is a collection of scripts designed to mine 
data from the gigantic databases stored by Google's search engine.

   by John Savill, http://list.windowsitpro.com/t?ctl=12DE1:4FB69 

Q: How can I set the default domain user profile?

Find the answer at

Security Forum Featured Thread: Rights Required to Allow Changing 
Directory Ownership
   A forum participant writes that he's trying to use xcacls.vbs to 
allow his Help desk staff to change the owner on a user's home 
directory when it's initially created. The command-line options he uses 
(listed in the Security Forum post) work fine under his account, which 
has Domain Admin rights, but the Help desk technicians receive an error 
when they run the command with the same options. He's tried giving the 
Help desk technicians "Take ownership" and "Restore files" rights on 
the file server, but that doesn't fix the problem. If you can help, 
join the discussion at


==== Announcements ====
   (from Windows IT Pro and its partners)

Stay Up-to-Date with the Windows IT Security Newsletter
   Every issue of Windows IT Security features coverage of the best 
security tools available and expert advice on the best way to implement 
security. Our expanded content includes even more fundamentals on 
building and maintaining a secure enterprise. In addition, paid 
subscribers get access to our entire online security article database 
(more than 1900 articles)! Subscribe today:

VIP Monthly Online Pass = Quick Security Answers!
   Sign up today for your VIP Monthly Online Pass and get 24/7 access 
to the entire Windows IT Security online article database, including 
exclusive subscriber-only content. That's a database of more than 1900 
security articles to help you get all the answers you need, when you 
need them. Sign up now:


==== 4. New and Improved ====
   by Renee Munshi, products at windowsitpro.com

Desktop Spyware Protection for SMBs
   St. Bernard Software offers SpyEXPERT, an antispyware software 
solution for desktop computers specifically designed to meet the needs 
of small-to-midsized businesses (SMBs). SpyEXPERT provides a 
centralized management console that administrators can use to scan and 
clean spyware from desktops. The console includes scheduling and 
reporting functions. SpyEXPERT's comprehensive database is continually 
updated through a variety of collaborative techniques. For more 
information, go to

Tell Us About a Hot Product and Get a T-Shirt!
   Have you used a product that changed your IT experience by saving 
you time or easing your daily burden? Tell us about the product, and 
we'll send you a T-shirt if we write about the product in a future 
Windows IT Pro What's Hot column. Send your product suggestions with 
information about how the product has helped you to 
   whatshot at windowsitpro.com.

Editor's note: Share Your Security Discoveries and Get $100
   Share your security-related discoveries, comments, or problems and 
solutions in the Windows IT Security print newsletter's Reader to 
Reader column. Email your contributions (500 words or less) to 
r2rwinitsec at windowsitpro.com. If we print your submission, you'll 
get $100. We edit submissions for style, grammar, and length.


==== Sponsored Links ====

Argent versus MOM 2005
   Download Argent Versus Microsoft Operations Manager 2005


==== Contact Us ==== 

About the newsletter -- letters at windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=12DE4:4FB69
About product news -- products at windowsitpro.com
About your subscription -- windowsitproupdate at windowsitpro.com
About sponsoring Security UPDATE -- salesopps at windowsitpro.com


This email newsletter is brought to you by Windows IT Security, 
the leading publication for IT professionals securing the Windows 
enterprise from external intruders and controlling access for 
internal users. Subscribe today.

View the Windows IT Pro privacy policy at

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2005, Penton Media, Inc. All rights reserved.

More information about the ISN mailing list