[ISN] Security UPDATE -- Tweaking Wi-Fi APs for Better Security -- September 21, 2005

InfoSec News isn at c4i.org
Thu Sep 22 01:32:50 EDT 2005


This email newsletter comes to you free and is supported by the 
following advertisers, which offer products and services in which 
you might be interested. Please take a moment to visit these 
advertisers' Web sites and show your support for Security UPDATE. 

Download Free: Patch & Spyware Management in one easy-to-use GUI

The Impact of Disk Defragmentation


1. In Focus: Tweaking Wi-Fi APs for Better Security

2. Security News and Features
   - Recent Security Vulnerabilities
   - Update Rollup 1 for Windows 2000 SP4 Re-released
   - Critical Bug in Firefox, Mozilla, and Netscape Browser
   - Take a Closer Look at EFS

3. Instant Poll

4. Security Toolkit
   - Security Matters Blog
   - FAQ

5. New and Improved
   - Management and Security Appliance


==== Sponsor: Shavlik ====

Download Free: Patch & Spyware Management in one easy-to-use GUI.
   Is your network really secure? The first step to securing your 
network is to remove spyware, adware, and malware. Next, patch your 
systems to stop re-infestation. Introducing Shavlik NetChk Protect--
Patch & Spyware Management in one easy-to-use GUI. Shavlik NetChk 
Protect is an automated solution designed for the enterprise that 
boasts accurate detection/remediation and prevents spyware 
installation, maximizing network security against such threats. 
Remediate spyware and install patches with Shavlik NetChk Protect for a 
complete security solution.
   To download free software visit:


==== 1. In Focus: Tweaking Wi-Fi APs for Better Security ====
   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

Security has become even more important due to the spread of wireless 
networking. As a result, we've seen several new wireless security 
companies spring to life and subsequently grow by leaps and bounds. 
These companies make specialized solutions that consist of proprietary 
hardware and software that guard wireless networks against a wide range 
of potential intrusions. 

Even if you have one or more of these specialized tools in place, you 
can improve your wireless security, particularly by adjusting the 
operation of your Access Points (APs). For example, you can manage AP 
transmission output power and shape the pattern and direction of signal 

Although I don't know of any APs that ship from the manufacturer with 
built-in configuration settings that let you adjust transmission power 
levels, they might exist. If so, you could turn down the transmission 
power output level to reduce the distance that the signals will 
propagate. This helps limit the vicinity in which potential intruders 
can operate. 

If your AP doesn't include such a feature, you could possibly install 
third-party firmware for your AP that does provide such support. 
Several third-party firmware solutions are available for hardware based 
on Broadcom chipsets, such as Cisco Systems, Linksys, Buffalo 
Technology, ASUS, Motorola, Siemens, U.S. Robotics, and NETGEAR APs. 

Last week I downloaded a third-party firmware package, installed it to 
an AP, and configured it according to my needs in under 30 minutes. 
Like most AP firmware, the third-party solution has an intuitive 
interface, so I didn't need to read any detailed documentation to make 
it work right. 

As a result of installing the third-party firmware, I was able to 
configure that AP to reduce transmission output from 20 milliwatts (mW) 
to about 3 mW, which is all that I need for that particular office 
space. As a result, any would-be intruders would have to be physically 
in the office before they could get a usable connection to that 
wireless network. The end result is stronger security for only a few 

Using third-party firmware offers other benefits. For example, the 
firmware I installed supports a custom desktop client that interacts 
with the AP. Using that client, I can see all the AP's connections; 
view all broadcasting clients on the wireless network, including those 
not connected to that AP; measure bandwidth usage; and more. 

Other benefits include the ability to run Secure Shell (SSH) server 
directly on the AP for remote access and administration. Doing so means 
that I don't have to expose a Web interface. I could also establish a 
PPTP VPN server, Quality of Service (QoS) and bandwidth management 
parameters, and virtual LANs; quickly block peer-to-peer (P2P) clients; 
configure IPv6; use a remote syslog server; force the use of Wi-Fi 
Protected Access (WPA) and WPA2 authentication; and even configure a 
way for guests to easily use the wireless network to surf the Internet 
when visiting the office. Third-party firmware also offers many other 
features that I don't have room to discuss here.

The bottom line is that third-party firmware is easy to install and 
use, doesn't require any specialized skills or knowledge for everyday 
use, is incredibly cheap to obtain and administer, and strengthens your 
overall wireless security. If you do have advanced skills, you can 
easily add on to third-party firmware solutions to extend the 
capabilities even further. For example, you could add a mini-Web 
server, a controlled access public hotspot interface, Voice over IP 
(VoIP) capabilities, Remote Authentication Dial-In User Service 
(RADIUS) authentication, and more. 

If you're interested in more information about third-party AP firmware, 
please send me a quick email message (even an anonymous message is all 
right) to express your interest. Use "AP Firmware" as the subject of 
your email so that I can quickly locate your message in my inbox. If 
there's enough interest, I could write about how to decide which 
firmware might be best for your needs, where to find it, how to quickly 
and easily get it working for better security in your environment, and 
how to extend its functionality even further. 


==== Sponsor: Diskeeper ====

The Impact of Disk Defragmentation
   Nearly every IT professional has a fragmentation horror story--in 
which fragmentation severely degraded performance such that systems 
were unusable. In this free white paper, learn what impact 
fragmentation has on users and system activities and discover how 
quickly fragmentation accumulates as a result of these activities. Plus 
get the recommendations you need to manage the frequency of 
defragmentation across your infrastructure.


==== 2. Security News and Features ====

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at

Update Rollup 1 for Windows 2000 SP4 Re-released
   Microsoft didn't release any security bulletins this month as part 
of its regular release schedule. Microsoft had previously indicated 
that it would release one security bulletin, but the company discovered 
problems in the patch and decided not to release it until it meets 
quality control standards. However, the company did re-release Update 
Rollup 1 for Windows 2000 Service Pack 4 (SP4) to address numerous 

Critical Bug in Firefox, Mozilla, and Netscape Browsers
   Last week, Tom Ferris reported a buffer overflow vulnerability in 
Mozilla Firefox Web browsers. The vulnerability exists due to faulty 
processing of URLs and could lead to the execution of remote code. 
Netscape and other Mozilla browsers are also affected by the problem 
because they share the same code base as Firefox. 

Take a Closer Look at EFS
   Contrary to popular opinion, Microsoft's Encryption File System 
(EFS) is a reliable, easy-to-use, and secure encryption solution, and 
it can trump even the network administrator's rights. EFS is great for 
protecting confidential files on the network and on often-stolen laptop 
computers. In this article, Roger Grimes discusses the basics of EFS, 
talks about its purpose and functionality, and discusses basic 
administrative tasks and pitfalls.


==== Resources and Events ====

Cut Your Windows XP Migration Time by 60% or More!
   If your organization is considering--or has already begun migrating 
your operating system to Windows XP, then this Web seminar is for you. 
Sign up for this free event and you'll learn how to efficiently migrate 
your applications into the Windows Installer (MSI) format, to prepare 
them for error-free deployment, what steps you need to follow to 
package your applications quickly and correctly, and more!

Discover SQL Server 2005 for the Enterprise. Are you prepared?
   In this free half-day event, you'll learn how the top new features 
of SQL Server 2005 will help you create and manage large-scale, 
mission-critical enterprise database applications--making your job 
easier. Find out how to leverage SQL Server 2005's new capabilities to 
best support your business initiatives. Register today!

Get Ready for the SQL Server 2005 Roadshow in Europe
   Back By Popular Demand--Get the facts about migrating to SQL Server 2005!
   SQL Server experts will present real-world information about 
administration, development, and business intelligence to help you 
implement a best-practices migration to SQL Server 2005 and improve 
your database-computing environment. Receive a one-year membership to 
PASS and a one-year subscription to SQL Server Magazine. Register now.

Are You Walking the Tightrope Between Recovery and Continuity?
   There's a big difference between the ability to quickly recover lost 
or damaged data and the ability to keep your messaging operations 
running normally before, during, and after an outage. In this free Web 
seminar, you'll learn what the technical differences are between 
recovery and continuity, when each is important, and what you can do to 
make sure that you're hitting the right balance between them.

High Risk Internet Access: Are You in Control?
   Defending against Internet criminals, spyware and phishing and 
addressing the points of risk that Internet-enabled applications expose 
your organization to can seem like an epic battle with Medusa. So how 
do you take control of these valuable resources? This free Web seminar 
will give you the tools you need to help you analyze the impact 
Internet-based threats have on your organization and tools to aid you 
in the construction of acceptable use policies (AUPs).


==== 3. Instant Poll ====

Results of Previous Poll: Does your company use an encryption product 
to protect files and folders on Windows systems?
   The voting has closed in this Windows IT Pro Security Hot Topic 
nonscientific Instant Poll. Here are the results from the 12 votes.
   - 17% Yes, we use Microsoft Windows Encrypting File System (EFS).
   - 33% Yes, we use a third-party product.
   - 0% We haven't used encryption in the past, but we're considering 
it now.
   - 50% No, we don't see any need to encrypt data.

New Instant Poll: Have you, your company, or someone you know been a 
victim of online fraud?
   Go to the Security Hot Topic and submit your vote for 
   - Yes
   - No
   - Not sure


==== Featured White Paper ====

Software Packaging Workflow Best Practices
   Managing desktop software configurations doesn't have to be a manual 
process, resulting in unplanned costs, deployment delays, and client 
confusion. In this free white paper, you'll learn how to manage the 
software package preparation process and increase your desktop 
reliability, user satisfaction, and IT cost effectiveness. Download 
your copy now and discover the value of standardizing the software 
packaging process.


==== Hot Release ====

Consolidate Your SQL Server Infrastructure
   Shared data clustering is the breakthrough consolidation solution 
for Microsoft Windows servers. Find out how you can reduce the overall 
Total Cost of Ownership (TCO) for SQL Server cluster deployments by as 
much as 60 percent over three years! Download your free copy now.


==== 4. Security Toolkit ==== 

Security Matters Blog: Your Inbox Is Open to the World
   by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=14280:4FB69

Heard of Mailinator? Get a mailbox at this throw-away service and 
anybody can read your inbox. But that's OK. A Mailinator mailbox 
address is just to give out to someone from whom you want to receive 
one message--someone you suspect might follow up with spam. You get the 
desired message, then Mailinator deletes your temporary account. 

   by John Savill, http://list.windowsitpro.com/t?ctl=1427F:4FB69 

Q: How can I use a script to generate a list of all IP addresses on a 

Find the answer at


==== Announcements ====
   (from Windows IT Pro and its partners)

Get All the Exchange Tips You Need
   If you haven't subscribed to Exchange & Outlook Administrator, 
you're missing out on key information that will go a long way toward 
preventing serious messaging problems and downtime. Order now and 
discover tools and solutions you won't find anywhere else to help you 
migrate, optimize, administer, back up, recover, and secure Exchange 
and Outlook. Subscribe today:

Windows IT Pro Has What IT Professionals Need
   Get Windows IT Pro and get answers. Subscribe today and get an 
entire year for just $39.95--that's 44% off the cover price! You'll 
also gain exclusive access to the entire Windows IT Pro article 
database (over 9000 articles) and get the Top Windows Tips handbook 
(over 50 helpful tips) FREE. This is a limited-time, risk-free offer, 
so click here now:


==== 5. New and Improved ====
   by Renee Munshi, products at windowsitpro.com

Management and Security Appliance
   KACE announced KBOX IT Management Suite 2.0, a server appliance for 
midsized businesses that manages and monitors inventory, distribution, 
patching, security, compliance, messaging, licensing, and performance 
for the systems on their networks. When you add the KBOX Security 
Enforcement and Audit Module, the KBOX appliance scans for and reports 
on known security vulnerabilities based on the Open Vulnerability and 
Assessment Language (OVAL) standard, which covers almost 1000 
vulnerabilities and is sponsored by the United States Computer 
Emergency Readiness Team (US-CERT) and the Department of Homeland 
Security. KBOX also lets you deploy security policies with support for 
automatic remediation, repair, and if necessary, network node isolation 
(quarantine). For more information, go to

Tell Us About a Hot Product and Get a T-Shirt!
   Have you used a product that changed your IT experience by saving 
you time or easing your daily burden? Tell us about the product, and 
we'll send you a T-shirt if we write about the product in a future 
Windows IT Pro What's Hot column. Send your product suggestions with 
information about how the product has helped you to 
   whatshot at windowsitpro.com.

Editor's note: Share Your Security Discoveries and Get $100
   Share your security-related discoveries, comments, or problems and 
solutions in the Windows IT Security print newsletter's Reader to 
Reader column. Email your contributions (500 words or less) to 
r2rwinitsec at windowsitpro.com. If we print your submission, you'll 
get $100. We edit submissions for style, grammar, and length.


==== Sponsored Links ====

Argent Versus MOM 2005
   Download Argent Versus Microsoft Operations Manager 2005

Is Your Office Truly Fax Integrated?
   Download this free whitepaper from Faxback and find out!


==== Contact Us ==== 

About the newsletter -- letters at windowsitpro.com
About technical questions -- http://list.windowsitpro.com/t?ctl=14282:4FB69
About product news -- products at windowsitpro.com
About your subscription -- windowsitproupdate at windowsitpro.com
About sponsoring Security UPDATE -- salesopps at windowsitpro.com


This email newsletter is brought to you by Windows IT Security, 
the leading publication for IT professionals securing the Windows 
enterprise from external intruders and controlling access for 
internal users. Subscribe today.

View the Windows IT Pro privacy policy at

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2005, Penton Media, Inc. All rights reserved.

More information about the ISN mailing list