Cornerstone Issue 53: August 16, 2003
Welcome to Issue 53 of Cornerstone, an electronic newsletter
issued periodically by Core Competence.
Cornerstone reports on a wide range of networking topics and
activities involving Core Competence. A brief abstract explains
what you will find if you choose to visit each URL.
http://searchNetworking.com/r/0,,17104,00.htm?vowlan
According to In-Stat/MDR, the voice over WLAN (VoWLAN) market is growing
more slowly than expected. Only 30,000 VoWLAN handsets were shipped last
year, primarily 802.11b-enabled phones sold to verticals like healthcare
and retail. But In-Stat still expects this market to take off, surging
from $16.5M in 2002 to $507M in 2007. In her latest WLAN Advisor column,
Lisa Phifer considers why.
http://www.wsta.org/publications/articles/0803_article06.html
New, enterprise-class 802.11 WLAN or Wi-Fi switches, also called mobility
exchanges, offer many of the same centralized, integrated solutions for
WLAN deployment available on wired LANs. In his brief for WSTA Ticker,
Dave Piscitello explains why he finds that WLAN switches are
"something old, something new,...."
http://infosecuritymag.techtarget.com/ss/0,295796,sid6_iss21_art83,00.html
Given the demand for secure, easy, anytime/anywhere remote access for
travelers and home office workers, recent interest in SSL/TLS-based VPNs
isn't surprising. Vendors promise to deliver secure access, but are SSL VPNs
as secure and reliable as IPSec? Where do these VPNs fit into your network
security policies, and which user communities can they best serve? Check
out this cover story for InfoSec Magazine.
http://searchsecurity.com/tip/1,289483,sid14_gci911324,00.html
To reap the benefits of wireless, companies must take steps to reduce
associated risks to acceptable levels. The most effective way to accomplish
this is to let policy, not technology, govern secure WLAN implementation.
In this searchSecurity Executive Briefing, Lisa Phifer explains how.
http://searchNetworking.com/r/0,,17105,00.htm?wlan
Many WLAN administrators are familiar with NetStumbler, a free discovery tool
that sniffs out nearby 802.11 Access Points (APs). Unauthorized "rogue" APs
get a lot of press, but are not the only threat. In this tip, Lisa Phifer
discusses tools and techniques to spot other kinds of WLAN intrusions.
http://www.misti.com/
Lisa Phifer joins Diana Kelley in delivering a full-day Hands-On WLAN
Security Workshop at the Mobile and Wireless Security Expo in Chicago.
In this workshop, we demonstrate WLAN vulnerabilities using shareware and
commercial discovery, sniffer, and IDS tools, review best practices and
guide students through live exercises, where they configure and use
measures like WEP, 802.1X access control, VPN tunneling and SSL portals.
http://www.corecom.com/external/livesecurity/tcpfoundation.htm
TCP is known as a reliable delivery or reliable transport protocol: its job
is to make certain that the information you send -- whether mail to a friend,
or an online banking transaction -- is delivered to your friend, or the bank,
undamaged and without loss, in a timely manner, and in the order submitted.
Dave Piscitello provides an overview of TCP in this foundations column.
http://www.issa.org/cgi/journallibrary.cgi?download=2003_August/J0308007.pdf
Public instant messaging services are designed for the residential Internet
user. The implications of permitting public IMs in a business LAN
environment should be reviewed by security-minded organizations. In this
column, Dave identifies the risks associated with permitting public IMs and
offers methods for blocking their use at firewalls. (ISSA library content
is available only to ISSA members.)
-----------------------------------------------------------------
Cornerstone is an electronic publication of Core Competence, Inc.
If you do not wish to receive future issues, please reply to this
message or send email to
cornerstone@corecom.com
with the word "remove" in the subject line or message body.
For additional information about Core Competence, visit our web site http://www.corecom.com
WIRELESS LANS
The Buzz over VoWLAN
searchNetworking, August 12, 2003
Enterprise-Grade Solutions for WLAN Integration
WSTA Ticker, August, 2003
VIRTUAL PRIVATE NETWORKING
VPNs: Tunnel Visions
Information Security Magazine, August 2003
WIRELESS SECURITY
Policy-driven WLAN security
searchSecurity, June 26, 2003
Signs of WLAN Intrusion
searchNetworking, July 22, 2003
Hands-On WLAN Security Workshop
Friday, September 26, 2003, 8:30 AM - 4:30 PM
Mobile and Wireless Security 2003, Chicago
INTERNET PROTOCOLS
Foundations: What Is TCP?
WatchGuard LiveSecurity, June 2, 2003
Blocking Public Instant Messengers
ISSA Journal, August 2003
For past issues, visit our CornerStone page http://www.corecom.com/html/cornerstone.html
Send us a subscribe message to receive future issues of CornerStone.