Security UPDATE--A Peek into the Future of Wi-Fi Security--September 7, 2005

1. In Focus: A Peek into the Future of Wi-Fi Security

2. Security News and Features

- Recent Security Vulnerabilities

- Another IE Flaw Surfaces

- Long Registry Keys Can Help Hide Malware

3. Security Toolkit

- Security Matters Blog

- FAQ

- Security Forum Featured Thread

4. New and Improved

- Desktop Spyware Protection for SMBs

==== Sponsor: Shavlik Technologies====

Download Free Patch & Spyware Management Software Now!

Is your network really secure? Take your automated network security to the next level with new Shavlik NetChk Protect - Patch & Spyware Management in one easy-to-use GUI. Shavlik NetChk Protect is an agentless solution that is designed for the enterprise and boasts fast, accurate detection/remediation and prevents spyware installation, maximizing your defense against such threats- Remediate Spyware and Install Patches in 30 minutes or Less with Shavlik NetChk Protect for a Complete Security Solution.

To download free software visit:

http://www.shavlik.com/netchk-protect.html

==== 1. In Focus: A Peek into the Future of Wi-Fi Security ====

by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

Today, Wi-Fi networks are secured by using a number of methods. Those methods protect Access Points (APs) and clients from a wide variety of attacks: connection hijacking, unauthorized connections to legitimate APs, Denial of Service (DoS) attacks, address spoofing, attempts at network bridging, rogue APs, man-in-the-middle attacks, and the list goes on.

Any sort of wireless communication is more difficult to defend than a wired network. One main reason is that radio waves propagate. Unless your network has extremely sophisticated transmitters, antennas, and wave propagation limiters, controlling the extent to which your waves are traveling is very difficult. If intruders can pick up your Wi-Fi signals, they have some amount of access to the communication taking place. But encryption helps protect the data being transmitted, and AP and client security systems help prevent intrusion and service disruption.

A number of security solutions are designed specifically to protect wireless networks, and they work reasonably well, but there is still room for improvement. In the near future, we'll see enhancements and features added to many of those solutions, and we'll undoubtedly see new solutions come to the marketplace.

At the recent Intel Developer Forum, Justin Rattner, Intel senior fellow and director of Intel's Corporate Technology Group, demonstrated some interesting new wireless networking technology that could help improve security. The technology involves wireless devices that can become aware of a person's physical location, similar to GPS technology but without the need for orbiting satellites. The company said that its client location technology is currently accurate to within a 1-meter radius.

In essence, an AP uses the new technology to determine a client's location by timing the transmission of data to and from the client. Because the rate of travel can be known, the distance between APs and clients can be calculated.

AP antennas can play a significant role in the refinement of client location systems because the antennas can be designed to transmit signals within a specific area in a given direction. A specially designed AP antenna could allow an AP to determine where a client is located relative to the AP's position. I suspect that Intel's technology takes advantage of a somewhat unique antenna design as compared to typical AP antennas in use today.

The security of wireless networks could be greatly improved by using client location awareness. In practice, an AP could be configured to allow connections only from devices that are within 30 feet. Similarly, wireless Intrusion Detection Systems (IDSs) could be set to detect any client systems attempting communication from farther away than a predefined distance from the AP.

Of course the application of such technology isn't limited to enhanced security. During his demonstration, Rattner showed how he could be tracked in an on-stage mock-up of a home. As he moved from place to place, wireless transmission of a video broadcast was switched to the screen closest to him. However, to security administrators, this peek into the near future is most interesting because of the significant implications for improved network security.

==== Sponsor: Sherpa Software ====

Gone in 30 Days: Exchange, Retention, and Regulatory Compliance

The advent of Sarbanes-Oxley, Gramm-Leach-Bliley, and assorted market-specific regulations means that you may be legally required to have an email compliance and retention policy. Download this free whitepaper now to learn general retention and compliance issues, gain an understanding of Microsoft Exchange Server's built-in archiving and compliance features and guidance on first steps to take when starting an archiving regime. Plus - discover how to analyze trends and usage across your messaging store; implement retention policies in Exchange mailboxes, PST files (network/local), public folders and more.

http://www.windowsitpro.com/whitepapers/sherpa/exchangecompliance/index.cfm?code=SecMid_907

==== 2. Security News and Features ====

Recent Security Vulnerabilities

If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at

http://www.windowsitpro.com/departments/departmentid/752/752.html

Another IE Flaw Surfaces

Tom Ferris reported a new flaw in Microsoft Internet Explorer (IE) 6.0 on fully patched Windows XP Service Pack 2 (SP2) systems. While Ferris offered few details about the problem on his Web site, the vulnerability reportedly could allow a remote intruder to install remote code and completely take over an affected system.

http://www.windowsitpro.com/Article/ArticleID/47546

Long Registry Keys Can Help Hide Malware

Last week, an interesting discovery was made regarding the Windows registry. Apparently, long keys can't be viewed or deleted by using regedit or many third-party tools designed to detect malware. Registry keys that exceed 254 characters in length are basically invisible unless the tool being used to read the registry is designed to accommodate longer keys.

http://www.windowsitpro.com/Article/ArticleID/47536

==== Resources and Events ====

Avoid the 5 Major Compliance Pitfalls

Based on real-world examples, this Web seminar will help C-level executives, as well as IT directors and managers, avoid common mistakes and give their organization a head start toward ensuring a successful compliance implementation. Register today and find out how you can avoid the mistakes of others, improve IT security, and reduce the cost of continually maintaining and demonstrating compliance.

http://www.windowsitpro.com/seminars/compliance/index.cfm?code=0907emailannc

Consolidate Your SQL Server Infrastructure

Shared data clustering is the breakthrough consolidation solution for Microsoft Windows servers. In this free Web seminar, learn how shared data clustering technology can reduce capital expenditures by at least 50 percent, improve management efficiency, reduce operational expense, ensure high availability across all SQL Server instances, and more. Find out how you can reduce the Total Cost of Ownership (TCO) for SQL Server cluster deployments by as much as 60 percent over three years. Sign up today!

http://www.windowsitpro.com/seminars/shareddataclustering/index.cfm?code=0907emailannc

Discover SQL Server 2005 for the Enterprise. Are you prepared?

In this free, half-day event you'll learn how the top new features of SQL Server 2005 will help you create and manage large-scale, mission-critical, enterprise database applications--making your job easier. Find out how to leverage SQL Server 2005's new capabilities to best support your business initiatives. Register today!

http://www.windowsitpro.com/roadshows/sqlserverdba/index.cfm?code=0907emailannc

Roll Back Data to Any Point in Time, Not Just to the Last Snapshot or Backup

Have you ever lost data that was saved right after your last backup? Most of us have. Continuous, or real-time, backup systems provide real-time protection, but are they right for you? In this free Web seminar, you'll learn about the design principles that underlie continuous data protection solutions, how to integrate them with your existing backup infrastructure, and how best to apply continuous protection technologies to your Windows-based servers.

http://www.windowsitpro.com/seminars/continuousbackup/index.cfm?code=0907emailannc

Get Ready for SQL Server 2005 Roadshow in Europe

Back By Popular Demand - Get the facts about migrating to SQL Server 2005! SQL Server experts will present real-world information about administration, development, and business intelligence to help you implement a best-practices migration to SQL Server 2005 and improve your database-computing environment. Receive a one-year membership to PASS and one-year subscription to SQL Server Magazine. Register now!

http://www.windowsitpro.com/roadshows/sqlservereurope/index.cfm?code=0907emailannc

==== Featured White Paper ====

Is Your Exchange Server 2003 Environment Well Cared For?

Get the bare and necessary facts you should know to maintain your Exchange Server 2003 environment, including critical strategies for predicting and responding to failures. Plus, you'll receive useful information about implementing proactive measures, such as preventive database maintenance, to ensure that your investment is well protected.

http://www.windowsitpro.com/Whitepapers/lucid8/exchangecare/index.cfm?code=0907emailannc

==== 3. Security Toolkit ====

Security Matters Blog: Bam! Google Hacking Just Got Kicked Up a Notch

by Mark Joseph Edwards, http://www.windowsitpro.com/securitymatters

If Emeril Lagasse were a hacker, he'd probably be using the new Google mining toolset, Massive Enumeration Tool (MET). Written in the Python scripting language, MET is a collection of scripts designed to mine data from the gigantic databases stored by Google's search engine.

http://www.windowsitpro.com/Article/ArticleID/47551

FAQ

by John Savill, http://www.windowsitpro.com/windowsnt20002003faq

Q: How can I set the default domain user profile?

Find the answer at

http://www.windowsitpro.com/Article/ArticleID/47534

Security Forum Featured Thread: Rights Required to Allow Changing Directory Ownership

A forum participant writes that he's trying to use xcacls.vbs to allow his Help desk staff to change the owner on a user's home directory when it's initially created. The command-line options he uses (listed in the Security Forum post) work fine under his account, which has Domain Admin rights, but the Help desk technicians receive an error when they run the command with the same options. He's tried giving the Help desk technicians "Take ownership" and "Restore files" rights on the file server, but that doesn't fix the problem. If you can help, join the discussion at

http://forums.windowsitpro.com/web/forum/messageview.aspx?catid=42&threadid=43085&enterthread=y

==== Announcements ====

(from Windows IT Pro and its partners)

Stay Up-to-Date with the Windows IT Security Newsletter

Every issue of Windows IT Security features coverage of the best security tools available and expert advice on the best way to implement security. Our expanded content includes even more fundamentals on building and maintaining a secure enterprise. In addition, paid subscribers get access to our entire online security article database (more than 1900 articles)! Subscribe today:

https://store.pentontech.com/index.cfm?s=1&promocode=eu2559us

VIP Monthly Online Pass = Quick Security Answers!

Sign up today for your VIP Monthly Online Pass and get 24/7 access to the entire Windows IT Security online article database, including exclusive subscriber-only content. That's a database of more than 1900 security articles to help you get all the answers you need, when you need them. Sign up now:

https://store.pentontech.com/index.cfm?s=1&promocode=eu2559um

==== 4. New and Improved ====

by Renee Munshi, [email protected]

Desktop Spyware Protection for SMBs St. Bernard Software offers SpyEXPERT, an antispyware software solution for desktop computers specifically designed to meet the needs of small-to-midsized businesses (SMBs). SpyEXPERT provides a centralized management console that administrators can use to scan and clean spyware from desktops. The console includes scheduling and reporting functions. SpyEXPERT's comprehensive database is continually updated through a variety of collaborative techniques. For more information, go to

http://www.stbernard.com

Tell Us About a Hot Product and Get a T-Shirt!

Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a T-shirt if we write about the product in a future Windows IT Pro What's Hot column. Send your product suggestions with information about how the product has helped you to

[email protected].

Editor's note: Share Your Security Discoveries and Get $100

Share your security-related discoveries, comments, or problems and solutions in the Windows IT Security print newsletter's Reader to Reader column. Email your contributions (500 words or less) to [email protected]. If we print your submission, you'll get $100. We edit submissions for style, grammar, and length.

==== Sponsored Links ====

Argent versus MOM 2005

Download Argent Versus Microsoft Operations Manager 2005

http://a.windowsitpro.com/RealMedia/ads/click_lx.ads/www.windowsitpro.com/TextLink/1112745096/x14/Penton/WN_Argent_Sept05_NLSplink116195/1x1.gif/1

==== Contact Us ====

About the newsletter -- [email protected]

About technical questions -- http://www.windowsitpro.com/forums

About product news -- [email protected]

About your subscription -- [email protected]

About sponsoring Security UPDATE -- [email protected]