PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:
Save on the #1 Ranked Web Filtering Appliance
How to Build a Real Time Enterprise. Free White Paper!
Improving Remote Access Security and Monitoring
IN FOCUS: Alternative Firmware for Wireless APs: Talisman
NEWS AND FEATURES
- Windows Shell Vulnerability Is Being Actively Exploited
- Microsoft Aims to Outmaneuver Pirates
- St. Bernard Reels in Singlefin
- Recent Security Vulnerabilities
GIVE AND TAKE
- Security Matters Blog: Toolkits Help Increase Number of Malicious Web Sites
- FAQ: New Admin Template Format in Vista and Longhorn
- From the Forum: EFS Questions
- Microsoft Learning Paths for Security: Multiple-Layer Defense for Secure Messaging
- Know Your IT Security Contest
- Flexible, Portable Data Safes
- Wanted: Your Reviews of Products
RESOURCES AND EVENTS
FEATURED WHITE PAPER
=== SPONSOR: St. Bernard Software
Save on the #1 Ranked Web Filtering Appliance
iPrism, the IDC-ranked #1 Web filtering appliance has an offer that's too good to pass up. Purchase a 3-year subscription to the most accurate database in the industry and get your iPrism appliance at no charge. Or, purchase an iPrism and a 3-year subscription and get an extra year free. Only iPrism gives you two ways to save big. This is a limited time offer so get a Quick Quote now!
=== IN FOCUS: Alternative Firmware for Wireless APs: Talisman ==
by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Last week I wrote about the alternative access point (AP) firmware OpenWRT (first URL below). Before that, I wrote about DD-WRT (second URL below). Both are good choices. If you recall, I mentioned that both of these firmware packages descended from Alchemy, which in turn descended from open source code published by Linksys.
This week I'll discuss Talisman, developed by Sveasoft, which is the descendant of Alchemy, also by Sveasoft. Unlike OpenWRT and DD-WRT, Talisman isn't free. Talisman has caused some controversy--mainly because Sveasoft took open source code, improved and changed it, and is selling the result. Also, as I understand it, some people think Sveasoft didn't publish the modified code promptly enough to meet the licensing requirement of the code released by Linksys. Of course this sort of behavior is a sore spot among some open source proponents, but in my opinion, it's not necessarily a bad reflection on Sveasoft. After all, Talisman is very good software.
Talisman currently works on ASUS, Belkin, Buffalo Technology, and Linksys APs and is available in four different versions: Micro, Hotspot, Basic, and VPN. The latter three are still in development stages, not officially released, but you can download beta versions. Several other versions (in addition to these four) are either in the planning or preliminary development stages.
The Micro version is for use in APs that have only 2MB of flash memory--most newer APs have more memory than that. Micro also supports only a subset of the features available in Basic, which I'll discuss in a moment.
The Hotspot version is designed to easily create public wireless hotspots, which can be completely open or can be made to require logon credentials. So when someone connects to the AP they'll be cable to just click-through to the Internet, if your hotspot allows free public access, or they'll be presented with your custom splash screen at which they can log on, if you require that. Hotspot also includes support for billing in case you want to charge for network access.
Talisman Basic includes support for Wi-Fi Protected Access (WPA) and WPA2 encryption, Secure Shell (SSH), PPTP VPNs, Remote Authentication Dial-In User Service (RADIUS) authentication, port triggering, Virtual LANs (VLANs), VoIP, a firewall based on ipchains, Quality of Service (QoS) bandwidth controls, and much more.
Like OpenWRT, the Talisman line includes an easy-to-use Web-based interface for administration. And you can of course add tools and packages such as a router advertisement daemon (RADVD), which helps automatic configuration for IP version 6 (IPv6)-enabled systems. Other add-ons include an SNMP daemon and a GeoIP package that facilitates IP address-to-country cross-referencing that can be used with the QoS feature to develop filters.
The Talisman VPN version might be very useful, especially if you need to connect offices. It supports the Basic features plus IPsec with Advanced Encryption Standard (AES), DES, and Triple DES (3DES) encryption; MD5 and Secure Hash Algorithm 1 (SHA1) hashes; and a special section in the Web administration interface designed to configure IPsec tunnels.
Talisman is available via subscription for $20 per year. (You can also download the previous version, Alchemy, for free.) For that price, you get a copy of the firmware and access to the support forums. Because Talisman is commercial software, it's locked to specific MAC addresses. You must supply your routers' MAC addresses when downloading the firmware, and the firmware will operate only on those particular routers. You can enter up to five MAC address, so for $20 per year, it's a good deal. For more information about or to purchase Talisman, go to
And while you're on the Web, stop by YouTube and view the video clip at the link below. It's an amusing couple of minutes that promotes the TechX World interoperability conference (produced by Windows IT Pro), which is coming soon to a city near you.
=== SPONSOR: NetSuite
How to Build a Real Time Enterprise. Free White Paper!
The vast majority of businesses have information scattered throughout the enterprise on paper, in siloed databases and in emails, making real-time operations difficult to achieve. Learn the benefits and explore the challenges mid-sized businesses face in their real-time enterprise efforts.
=== SECURITY NEWS AND FEATURES
Windows Shell Vulnerability Is Being Actively Exploited
H.D. Moore discovered a vulnerability in the Windows Shell that could allow a remote intruder to execute arbitrary code on an affected system. The vulnerability is in the WebViewFolderIcon ActiveX control, and an exploit has been published. A module for H.D. Moore's popular penetration testing tool, Metasploit, has also been released. Exploits using the module are taking place in the wild on the Internet.
Microsoft Aims to Outmaneuver Pirates
Microsoft hopes its new Software Protection Platform will help it outmaneuver software pirates by changing product activation and online validation and by introducing better detection for tampering and hacking. The company said that Windows Vista and its upcoming Windows Server "Longhorn" will be the first two products to ship with the new technologies.
St. Bernard Reels in Singlefin
St. Bernard, provider of security appliances and software, is adding managed security and business services to its portfolio with the acquisition of Singlefin. St. Bernard can now offer on-demand email filtering, Web filtering, and instant messaging (IM) management as a hosted or managed service to small and midsized enterprises.
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at
=== SPONSOR: SurfControl
Improving Remote Access Security and Monitoring
Are you vulnerable when your users access the internet outside of the corporate network? Track and monitor remote access easily and unobtrusively to make sure that your intellectual assets are secure. Download the free whitepaper and find out more today!
=== GIVE AND TAKE
SECURITY MATTERS BLOG: Toolkits Help Increase Number of Malicious Web Sites
by Mark Joseph Edwards, http://www.windowsitpro.com/securitymatters
The number of malicious Web sites is on the rise, and with toolkits available to create them, it's really no wonder. According to Websense, the number of malicious sites increased by 100 percent during the first half of 2006. Read more about this trend in this blog article:
FAQ: New Admin Template Format in Vista and Longhorn
by John Savill, http://www.windowsitpro.com/windowsnt20002003faq
Q: Where can I find details about the new ADMX format that Windows Vista and Longhorn Server use?
Find the answer at
FROM THE FORUM: EFS Questions
A forum participant wants to know if there is an easy way to get Encrypting File System (EFS) to encrypt all the subfolders and files within the selected folder. He also wonders whether data encrypted in Windows 2000 using DESX can be decrypted in Windows XP, how to cause EFS to use certificates from a US Department of Defense (DoD) Common Access Card (CAC), and how to handle exporting a certificate for use on another machine should that be necessary. Join the discussion at:
MICROSOFT LEARNING PATHS FOR SECURITY: Multiple-Layer Defense for Secure Messaging
Multiple layers of defense help protect your business by decreasing the likelihood that any single threat can compromise your network. Use these resources to learn about a broad range of Microsoft security solutions that can help protect your messaging environment: guarding the perimeter with Microsoft Exchange Hosted Services, adding a buffer and firewall protection with Microsoft ISA Server 2006, helping to protect internal messages with Microsoft Antigen, and using Windows Rights Management Services (RMS) to help safeguard sensitive emails and documents.
KNOW YOUR IT SECURITY Contest
Sponsored by Microsoft Learning Paths for Security
Share your security-related tips, comments, or solutions in 1000 words or less, and you could be one of 13 lucky winners of a Zune media player. Tell us how you do patch management, share a security script, or write about a security article you've read or a Webcast you've viewed. Submit your entry between now and December 13. We'll select the 13 best entries, and the winners will receive a Zune media player--plus, we'll publish the winning entries in the Windows IT Security newsletter. Email your contributions to [email protected]
Prizes are courtesy of Microsoft Learning Paths for Security:
by Renee Munshi, [email protected]
Flexible, Portable Data Safes
Steganos is releasing a new version of its encryption application, Steganos Safe 2007. New features include the ability to use picture sequences as passwords; support for Apple iPods, USB drives, and other devices and media to store encrypted data or keys; and protection of data in Microsoft Outlook. With Steganos Safe 2007, users can create as many virtual drives as they want for storing encrypted data, and these drives (called "safes") can be accessed from applications, Windows Explorer, and Web browsers. Each safe can be up to 256GB in size, and users can change the size of safes as necessary. Steganos Safe 2007 costs $49.95. For more information, go to
WANTED: your reviews of products you've tested and used in production. Send your experiences and ratings of products to [email protected] and get a Best Buy gift certificate.
=== RESOURCES AND EVENTS
For more security-related resources, visit
Windows Connections Conference
Come learn about Vista, Exchange, Office, SharePoint, and more in Las Vegas, November 6-9, 2006 at Windows Connections and Microsoft Exchange Connections. There will be exciting announcements from Microsoft that no one should miss! There's no better conference value in the US this fall.
As an IT pro today, chances are that you work in a "Windows Plus" environment. Learn from and meet industry experts Gil Kirkpatrick, Mike Otey, Dustin Puryear, and Randy Dyess in this full day of training on managing Windows, Linux, UNIX, Apache, MySQL, and more. Join TechX World--coming to Washington, DC on October 24, Chicago on October 26, Dallas on October 31, and San Francisco on November 2.
Whether you're an outsourced IT provider, a member of an in-house IT service staff, or simply provide remote support, this can't-miss Web seminar will help you discover how the right technologies can expand your services. You'll learn how to tap into a $30 billion market for IT services and expand your geographic reach. Live Web seminar: Tuesday, October 17
How do you manage vulnerabilities? If you depend on vulnerability assessments to determine the state of your IT security systems, you can't miss this Web seminar. Special research from Gartner indicates that deeper penetration is needed to augment your vulnerability management processes. Learn more today!
Do you have visibility of and control over your software licenses? Most organizations face serious challenges, including understanding vendor licensing models, cost overruns, missed deadlines and business opportunities, and lost user productivity. Learn to address these challenges and prepare for audits. Register for the free Web seminar, available now!
=== FEATURED WHITE PAPER
One common set of controls can help you manage compliance across multiple regulations and standards. Download this free IDC white paper and find out how to map these controls and save time and money in demonstrating compliance.
Special Offer: Download any white paper from Windows IT Pro before October 31 and enter to win a Casio Exilim Card Camera! The more you download, the more chances to win! Visit
http://www.windowsitpro.com/whitepapers for a full listing of white papers and contest rules.
Invitation for VIP Access
Become a VIP Monthly Pass subscriber and get instant online access to every article published in our network. You'll get full Web access to Windows IT Pro, SQL Server Magazine, and the Exchange and Outlook Administrator, Windows Scripting Solutions, and Windows IT Security newsletters--that's more than 26,000 articles at your fingertips. Sign up now for only $29.95 per month:
Save $40 off on Windows IT Pro
Subscribe to Windows IT Pro today and SAVE up to $40! Along with your 12 issues, you'll get FREE access to the entire Windows IT Pro online article archive, which houses more than 9,000 helpful IT articles. This is a limited-time offer, so order now:
Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and the Windows IT Security newsletter (subscribe at the second URL below).
Subscribe to Security UPDATE at
Unsubscribe by clicking
Be sure to add [email protected] to your antispam software's list of allowed senders.
To contact us:
About Security UPDATE content -- [email protected]
About technical questions -- http://www.windowsitpro.com/forums
About your product news -- [email protected]
About your subscription -- [email protected]
About sponsoring Security UPDATE -- [email protected]
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2006, Penton Media, Inc. All rights reserved.