Security UPDATE--Transceiver Fingerprinting Improves Wireless Security--September 13, 2006


Save on the #1 Ranked Web Filtering Appliance

Top 10 Requirements for Effective Patch Management

Extending SMS to Handheld Devices



IN FOCUS: Transceiver Fingerprinting Improves Wireless Security


- New Unpatched Vulnerability Affects Microsoft Word 2000

- Cisco and Microsoft Team Up on Network Access Control

- BrowserShield Defends Browsers at Network Borders

- Recent Security Vulnerabilities


- Security Matters Blog: Browzar Bashing--Is It Warranted?

- FAQ: 64-Bit Version of Group Policy Management Console

- From the Forum: NTFS Permission in an Education Environment

- Share Your Security Tips


- Full-Featured Firewall-Routers

- Wanted: Your Reviews of Products




=== SPONSOR: St. Bernard Software


Save on the #1 Ranked Web Filtering Appliance

iPrism, the IDC-ranked #1 Web filtering appliance has an offer that's too good to pass up. Purchase a 3-year subscription to the most accurate database in the industry and get your iPrism appliance at no charge. Or, purchase an iPrism and a 3-year subscription and get an extra year free. Only iPrism gives you two ways to save big. This is a limited time offer so get a Quick Quote now!

=== IN FOCUS: Transceiver Fingerprinting Improves Wireless Security

by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

If you operate wireless networks, you know that media access control (MAC) address filtering is an unreliable way to prevent unwanted network access. The reasons are that it's relatively simple to spoof any MAC address and to collect MAC addresses from the airwaves.

One technique used to improve on MAC filtering is to develop a fingerprint of the wireless network driver, which can help identify the wireless hardware by manufacturer. This approach works because each manufacturer develops its own driver behavior. The characteristics of that behavior can be tracked, identified, stored, and later matched when a wireless device is detected by an intrusion detection system (IDS) or authentication system. Other techniques involve actively or passively discovering wireless device model numbers, chipset model numbers, and OS versions.

Jeyanthi Hall has explored a way to take wireless device fingerprinting even further. In her research, Hall discovered that each wireless network device has a unique frequency signal profile, which can be discovered as the device transmits over the airwaves. This holds true even for identical card models from the same manufacturer and even when those cards use exactly the same chipset.

Therefore, a fingerprint can be developed that will match one specific physical device. Hall thinks that, based on her research, the only way such a fingerprint can be spoofed is to physically recreate all the characteristics of the circuits in the original device. In order to accomplish that task, the original device would be required, which implies that someone must first steal it. But in the case of a stolen device, the fingerprint could be blocked, hopefully before someone replicates the exact circuitry.

In practical use, transceiver fingerprint identification could be used in wireless intrusion detection and prevention systems and in authentication systems. What's more, transceiver fingerprinting isn't limited to Wi-Fi devices. Since Bluetooth technology is also based on radio transmissions, similar techniques could be used to guard Bluetooth connectivity.

According to Hall's research (as published to date), transceiver fingerprinting is about 95 percent accurate. So there is room for error, which means that additional methods of protection might be necessary in some situations.

One important issue to keep in mind about any radio transmitter is that as a device ages, its radio signal profile changes. Therefore, in order to maintain fingerprint accuracy, the fingerprint must be updated continually. This of course creates processing overhead and could pose significant hurdles in large wireless network installations. Regardless, the hurdles aren't insurmountable.

Hall has published two detailed white papers (one that covers Wi-Fi and one that covers Bluetooth) that describe her research and its potential applications. If you're interested in this technology, which very well might make its way into wireless security solutions, then be sure to read the papers. They're available at the first two URLs below in PDF format. If you're interested in other wireless security-related work published by Hall, then visit her site at Carleton University at the third URL below.

=== SPONSOR: Patchlink


Top 10 Requirements for Effective Patch Management

Endless streams of security patches are a continuous strain on IT resources. Assessing, deploying, & tracking software patches across operating systems is even more difficult. Learn to distill the requirements for selecting an effective patch management solution. Download now!



New Unpatched Vulnerability Affects Microsoft Word 2000

Symantec reported the discovery of a new unpatched vulnerability that affects Microsoft Word 2000. The vulnerability could allow a remote intruder to install a Trojan horse that opens a back door on an affected system when a malicious document is opened. Exploits that take advantage of the vulnerability have been discovered circulating on the Internet.

Cisco and Microsoft Team Up on Network Access Control

Cisco and Microsoft announced that their respective technologies, Cisco Network Admission Control (NAC) and Microsoft Network Access Protection (NAP), will be interoperable. Both technologies are designed to prevent computers from accessing a network unless they meet specific "health" checks.

BrowserShield Defends Browsers at Network Borders

Microsoft developed a prototype defense tool, BrowserShield, that can defend unpatched browsers by filtering and rewriting incoming Web content at network borders.

Recent Security Vulnerabilities

If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at

=== SPONSOR: iAnywhere


Extending SMS to Handheld Devices

Join iAnywhere on Tuesday, September 26th, for a webcast on how to extend Microsoft SMS to handheld devices. In this session, we'll provide an overview of Afaria's management and security capabilities and focus on enhancing and extending SMS to a wide range of mobile devices.



SECURITY MATTERS BLOG: Browzar Bashing--Is It Warranted?

by Mark Joseph Edwards,

There's a lot of Browzar bashing going on, and most of it overlooks the obvious. Read my perspective on the bashing in this blog article

FAQ: 64-Bit Version of Group Policy Management Console

by John Savill,

Q: Where can I get the 64-bit version of Group Policy Management Console (GPMC)?

Find the answer at

FROM THE FORUM: NTFS Permission in an Education Environment

A forum participant is working on creating a way for teachers and students to share info while controlling what the students can see and do. He's running a Windows Server 2003 Release 2 (R2) domain and is aware of access-based enumeration. He's having difficulty getting the permissions set properly and needs some advice. Join the discussion at:


Share your security-related tips, comments, or problems and solutions in the Windows IT Security print newsletter's Reader to Reader column. Email your contributions to [email protected] If we print your submission, you'll get $100. We edit submissions for style, grammar, and length.



by Renee Munshi, [email protected]

Full-Featured Firewall-Routers

HotBrick Network Solutions offers the HSS 4000 and HSS 6000 firewall-routers. The HSS 4000 has 512MB of RAM, a 1.0GHz Pentium 4 processor, and four flex ports; the HSS 6000 has 1GB of RAM, a 2.8GHz Pentium 4 processor, and six flex ports. Both firewall-routers include internal hard drives and an optional hardware-based VPN accelerator (flexible software-based VPNs are standard). The HSS 4000 supports up to 1000 LAN users, while the HSS 6000 allows for an unlimited number of LAN users. You manage the firewall-routers from a Web interface over HTTP Secure (HTTPS), console port, and Secure Shell (SSH) connection. The Web-based content-filtering feature and the hard drive-based spam-filtering and antivirus options can also be managed from the interface. For more information, go to

WANTED: your reviews of products you've tested and used in production. Send your experiences and ratings of products to [email protected] and get a Best Buy gift certificate.



For more security-related resources, visit

Linux + Unix + Windows - TechX World

Pure-play IT shops are a nice idea, but the reality today is that we are all faced with interoperability issues. TechX World 2006 gives you access to leading experts in the field and will prepare you to master interoperability issues in your environment.

Tired of using separate products on your Microsoft Exchange server for antivirus, antispam, attachment filtering, disclaimers, content auditing/filtering? This webcast will address the latest threats to messaging security and spotlight Sunbelt's Messaging Ninja that enables system administrators to easily secure their messaging infrastructures and stop threats at the Exchange Server.

Can you distinguish between the facts and fiction of Linux? Get the straight answers about Linux, UNIX, and Windows - together and head-to-to head comparisons. Read articles and download free resources today! You can also test your Linux skills and enter to win a $150 MSN Music gift card!

Randy Franklin Smith outlines five evaluation points to consider when choosing your antispyware solution in this free podcast. Download it today!

Integrate fax services with business applications for major increases in ROI. Find out how fax technology can benefit your bottom line and improve business processes. Download the free ebook today!



Extend Microsoft Windows Rights Management Services (RMS) to support enterprise requirements for information protection, including proprietary business data. Download the free whitepaper today!



Special Invitation for VIP Access

Become a VIP subscriber and get continuous, inside access to ALL content published in Windows IT Pro magazine, SQL Server Magazine, Exchange and Outlook Administrator newsletter, Windows Scripting Solutions newsletter, and Windows IT Security newsletter. Subscribe now and SAVE $100:

Get the Windows IT Pro Utility Kit FREE

SAVE up to $30 off Windows IT Pro magazine and get an exclusive Windows IT Pro Utility Kit CD FREE with your paid order! In addition, you'll get unlimited access to the entire online article archive, which houses more than 9,000 helpful Windows IT articles. This is a limited-time offer, so order now:


Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and the Windows IT Security newsletter (subscribe at the second URL below).

Subscribe to Security UPDATE at

Unsubscribe by clicking

Be sure to add [email protected] to your antispam software's list of allowed senders.

To contact us: About Security UPDATE content -- [email protected]

About technical questions --

About your product news -- [email protected]

About your subscription -- [email protected]

About sponsoring Security UPDATE -- [email protected]

View the Windows IT Pro privacy policy at

Windows IT Pro, a division of Penton Media, Inc.

221 East 29th Street, Loveland, CO 80538

Attention: Customer Service Department

Copyright 2006, Penton Media, Inc. All rights reserved.

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.