Cornerstone Issue 51: June 21, 2003
Welcome to Issue 51 of Cornerstone, an electronic newsletter
issued periodically by Core Competence.
Cornerstone reports on a wide range of networking topics and
activities involving Core Competence. A brief abstract explains
what you will find if you choose to visit each URL.
http://www.jupiterevents.com/80211/spring03/agenda.html#ctrack
CoreCom's Lisa Phifer joins Diana Kelley in delivering a full-day Hands
On WLAN Security Workshop on June 25th at the 802.11-Planet Conference.
In this workshop, we demonstrate WLAN vulnerabilities using shareware
and commercial discovery, analysis and intrusion detection tools. We
review WLAN security best practices and guide students through live
exercises, where they learn to configure and use measures like WEP,
802.1X access control, VPN tunneling and SSL portals.
http://www.jupiterevents.com/80211/spring03/agenda2.html#c230
If you'll be attending Boston 802.11-Planet, stop in and say hello
to Lisa as she moderates these Security Track panels on June 26th:
http://webevents.broadcast.com/techtarget/sMobileComp/052803/
As PDAs become better connected, enterprise administrators are being
forced to expand the Intranet perimeter to include handheld devices.
In this on-demand webcast, organized by searchMobileComputing and
sponsored by Intel, Lisa Phifer reviews threats and available counter
measures for securing wireless PDAs.
http://webevents.broadcast.com/techtarget/Security/031003/
In this on-demand webcast, sponsored by Security Decisions 2003, Lisa
Phifer explains the risks that threaten the security of every 802.11
wireless LAN, how often serious WLAN intrusions actually occur, and
recommends techniques to find and fix vulnerabilities. After tuning in,
test your knowledge by taking the accompanying
WLAN security quiz.
http://hhi.corecom.com/weblogindex.htm
Dave's writing down security rants, commentary, and article ideas that
don't quite merit 1000 words on more than the backs of napkins these
days. In his new weblog, Dave Piscitello also identifies and abstracts
URLs of useful security, web hosting, and other network subject matter.
http://www.intruvert.com/perspectives/index.htm
IntruVert's latest IDS Perspectives newsletter includes interviews with
Core Competence's David Piscitello and Forrester Research's Michael
Rasmussen, who share their tips on how to secure IDS project funding.
http://isp-planet.com/technology/mssp/2003/mssp1a.html
Lisa Phifer's biennial MSSP survey finds that as industry consolidation
continues apace, service providers are offering a greater variety of
services. Part 1 provides an overview of the MSSP market and providers
participating in this year's survey. Parts 2 thru 5 dig into the Managed
Firewall, VPN, IDS, Filtering, AV, and Scanning services available from
participating providers.
http://searchnetworking.com/tip/1,289483,sid7_gci900415,00.html
According to In-Stat/MDR, three-quarters of the PDAs sold by 2007 will
have embedded wireless. But PDAs without built-in wireless don't have
to miss the party. Add-ons are available to bring your PDA on-line
right now. In this tip, Lisa Phifer describes the wireless network
options that are available (GPRS, Bluetooth, 802.11), where each is
useful, and how to pick the right one for your organization.
http://searchnetworking.com/tip/1,289483,sid7_gci902693,00.html
Lisa's last article identified several PDAs that now ship with
embedded wireless - for example, HP's iPAQ H2200 (Bluetooth), Palm's
Tungsten C (Wi-Fi), and RIM's BlackBerry 6710 (GPRS). PDAs with
embedded wireless are on the rise, but there are many wireless
adapters that can be added to your PDA. If you're buying a new PDA,
which kind of hardware adapter should you choose? This tip looks at
PCMCIA, CF, SDIO, and other PDA adapters that support wireless.
http://searchnetworking.com/ateAnswers/0,289620,sid7_tax292553,00.html
As a searchNetworking expert on wireless LANs, Lisa Phifer answers
questions posed each week by readers. Among the reader questions
tackled by Lisa in May:
http://www.corecom.com/external/livesecurity/saferwlan.htm
Applying the right tools greatly simplifies the process of assessing
your WLAN security policy and implementation. In this LiveSecurity column,
Dave Piscitello discusses several Windows-based, free-, share-, and
commercial-ware tools you can use to perform site surveys, and to
discover and audit WLAN activity.
http://searchnetworking.com/tip/1,289483,sid7_gci905077,00.html
Administrators worried about airlink security and crypto-crackers
will soon have an option to banish WEP from their WLANs. The Wi-Fi
Alliance recently announced the first batch of products to pass Wi-Fi
Protected Access (WPA) certification, and many vendors plan to ship
WPA upgrades this summer. In this tip, Lisa discusses the benefits of
WPA, and details current and future offerings.
-----------------------------------------------------------------
Cornerstone is an electronic publication of Core Competence, Inc.
If you do not wish to receive future issues, please reply to this
message or send email to
cornerstone@corecom.com
with the word "remove" in the subject line or message body.
For additional information about Core Competence, visit our web site http://www.corecom.com
CONFERENCES
Hands-On WLAN Security Workshop
802.11-Planet Conference, June 25th, Boston
http://www.jupiterevents.com/80211/spring03/agenda2.html#c400
WLAN Security Panel Sessions
802.11-Planet Conference, June 26th, Boston
Thursday, 2:30pm
What Companies Really Need: Security Stories From The Field
Panelists: Joseph M. Bruno, Bob Martin
Thursday, 4:00pm
How Secure Is Secure Enough?
Panelists: Sigmund Fidyke, Thomas Hardjono, Tom Henderson
-----------------------------------------------------------------------
WEBCASTS
Securing Wireless PDAs
searchMobileComputing, May, 2003
Locking down your WLAN: Part 1 - Identifying the threats
searchSecurity, June, 2003
NETWORK SECURITY
Dave Piscitello's Blog
http://www.intruvert.com/perspectives/pdf/IDS_Perspectives_vol3.pdf
A Business Case for IDS?
IntruVert IDS Perspectives, Issue 1, Volume 3
http://isp-planet.com/technology/mssp/2003/mssp2a.html
http://isp-planet.com/technology/mssp/2003/mssp3a.html
http://isp-planet.com/technology/mssp/2003/mssp4a.html
http://isp-planet.com/technology/mssp/2003/mssp5a.html
2003 Managed Security Service Provider Survey
ISP-Planet, May 9th - June 6th, 2003
WIRELESS LANS
Wireless Options For Your PDA
searchNetworking, May 13, 2003
Wireless Adapters For Your PDA
seachNetworking, May 27, 2003
searchNetworking Wireless LAN Q&A
April, 2002
- Ad hoc connections
- Electromagnetic radiation concerns and wireless
- Becoming a Wi-Fi service provider
- Why microwave ovens can affect WLANs
- Why two antennas are better than one
- How does a wireless IPsec client obtain an IP address
- Wireless strategy for webcams
WIRELESS SECURITY
Tools and Tactics for Safer WLAN Deployment
WatchGuard LiveSecurity, February 28, 2003
Upgrading to Wi-Fi Protected Access
searchNetworking, June 6, 2003
For past issues, visit our CornerStone page http://www.corecom.com/html/cornerstone.html
Send us a subscribe message to receive future issues of CornerStone.