http://www.jupiterevents.com/wifi/canada04/agenda.html#btrack
http://www.misti.com/virtprog/program.asp?id=OS04&type=workshop&workid=3%2F25%2F2004#3893
Hands-On WLAN Security Workshop
Wi-Fi Planet Conference, March 16th, Toronto
InfoSec World Conference, March 25th, Orlando

CoreCom's Lisa Phifer joins Diana Kelley in delivering WLAN Security Workshops at conferences in Toronto and Orlando in March. Through live WLAN vulnerability demonstrations and hands-on exercises, students can learn how to implement wireless security best practices, including WPA/TKIP, 802.1X, VPN tunnels and SSL portals.

http://www.misti.com/virtprog/program.asp?id=OS04&type=Session&workID=3%2F24%2F2004#3969
Using VPNs in Wireless Hotspots
InfoSec World Conference, March 24th, Orlando

If you're attending InfoSec World in Orlando, come hear Lisa Phifer discuss the role of WPA and 802.1X in wireless hotspots, emerging WISP techniques for subscriber authentication, and the benefits and pitfalls associated with using different kinds of VPNs to keep your data safe when visiting public hotspots.

http://www.jupiterevents.com/wifi/canada04/agenda2.html#b400
Road Warriors on Trojan Horses: Protecting wireless users in public spaces
Wi-Fi Planet Conference, March 17th, Toronto

Join Lisa Phifer, Tim Allwine, Rohit Khetrapal, and Rob Markovich as they discuss enterprise security requirements for public hotspot use and options for extending WLAN security from the enterprise to hotspots.

COMDEX Loop Columns

http://loop.interop.com
LOOP: The online voice of the IT community
Presented by COMDEX/Networld+Interop

CoreCom's Dave Piscitello is now the co-editor of LOOP, an on-line site that brings together industry leaders, IT professionals, analysts and your peers. Loop.interop.com delivers unfiltered information, current news and real-world experiences on the key issues facing the networking and communications industry today. Through member blogs, newsfeeds and editorial features, LOOP provides an active dialogue on the technology information you need to solve business problems and succeed.

http://loopfiles.interop.com/applicationprotection.htm
http://loop.comdex.com/comments/76_0_1_0_C/
Application protection: Where is it best applied?
Comdex LOOP, February 7, 2004

It seems as if there are as many different ways to add application protection to your security arsenal as there are colors in the spectrum. In this LOOP column, Dave Piscitello explains why application protection is important, and where organizations can add this critical layer.

http://loopfiles.interop.com/webappcode.htm
http://loop.comdex.com/more/A81_0_1_0_M/
Web application protection is part of your security perimeter
Comdex LOOP, February 23, 2004

Dave Piscitello explains why organizations must pay closer attention to the web application code they develop or deploy, and explains the value of considering the OWASP Top 10 Web Vulnerabilities in this LOOP column.

http://loopfiles.interop.com/blackorwhitehat.htm
Security Hats: Black and White, No Grayscale
Comdex LOOP, January 10, 2004

In this LOOP column, Dave Piscitello dismisses the notion that there are any colors but black and white when it comes to security hats, and explains why he believes that grayscale only obscures one's true color.

SearchMobileComputing Wireless-To-Go Columns

http://searchmobilecomputing.com/tip/1,289483,sid40_gci951410,00.html
Kensington Wi-Fi Finder Falls Short
searchMobileComputing, February 19, 2004

In her latest Wireless-To-Go column, Lisa Phifer considers tradeoffs between convenience, cost, distance, and granularity for this compact credit-card sized tool that lets you know when you're (very) near a standards-compliant 802.11b/g wireless LAN.

http://searchmobilecomputing.com/tip/0,289483,sid40_gci943351,00.html
http://searchmobilecomputing.com/tip/1,289483,sid40_gci943355,00.html
Understanding the Wireless Landscape
searchMobileComputing, January 5, 2004

Today there are many different wireless technologies, associated with a wide range of characteristics and supported applications. Getting a handle on this complex stew of acronyms can be a daunting task. In this tip, Lisa Phifer breaks wireless technologies into categories based on distance and intended use.

Webcasts

http://www.eseminars.ziffdavis.com/event_details/0,4171,e=153,00.asp
How To Cut Remote Access Costs Without Cutting Your Service Level
Ziff Davis eSeminars, February 11, 2004

In this vendor-sponsored ZD coffee talk, ZD's Aaron Goldberg and Expertcity's Jason Randall join Lisa Phifer to explore remote access cost factors and illustrate how GoToMyPC Corporate, a browser-based managed security service, can meet business needs at lower cost.

http://searchNetworking.com/r/0,,23134,00.htm?track=NL-82
On-Demand Webcast: Remote Worker Security Strategies
searchNetworking, January 15, 2004

Remote workers are no longer synonymous with company laptops. Today's mobile workers require secure corporate network access from business partner LANs, 3G WANs and Wi-Fi LANs. In this webcast, Lisa Phifer discusses how the shift from remote node to remote network is impacting traditional strategies for securing resources used by off-site workers. [Note: This Yahoo! webcast cannot be viewed if you block pop-ups.]

Dave Piscitello's Weblog

http://hhi.corecom.com/catBooks.htm#BlogID195
Field Guide to WLANs
Dave's Blog, January 14, 2004

Dave reviews Thomas Maufer's book, A Field Guide to Wireless LANs for Administrators and Power Users, published by Prentice-Hall.

http://hhi.corecom.com/catSecurity.htm#BlogID188
Certification or Experience? Are even both enough?
Dave's Blog, January 6, 2004

Dave answers a question he's constantly asked, "Should you hire a security consultant or engineer based on certification or experience?"

http://hhi.corecom.com/sipathiltonhead.htm
SIP comes to Hilton Head
Dave's Blog, December 18, 2004

Dave finally found time to install and use IP telephony in his office on Hilton Head Island. Read about his experience here.

Network Security Tools

http://isp-planet.com/technology/2004/security_toolkit_intro.html
http://www.isp-planet.com/technology/2004/security_toolkit_vulnerability.html
http://isp-planet.com/technology/2004/security_toolkit_analysis.html
Security Tools for the Budget-Conscious ISP
ISP-Planet, January 23 & 30, February 6, 2004

ISPs must take proactive steps to find and eliminate their own vulnerabilities, and must be prepared to react quickly and effectively when compromise occurs. Open source and shareware security tools can bridge the gap between need and budget. This 3-part article written by Lisa Phifer for ISP-Planet provides an overview of essential network and system security tools, what they do, and why ISPs need them.

Wireless Tips

http://searchnetworking.com/ateAnswers/0,289620,sid7_tax292553,00.html
http://searchmobilecomputing.com/ateAnswers/0,289620,sid40_tax294161,00.html

As a wireless site expert for searchNetworking and searchMobileComputing, Lisa Phifer answers reader questions and offers networking and security tips. Among the questions answered in February:

• What is the definition of 802.11 RTS Threshold?
• Which modulation types are used with 802.11g?
• When will the 802.11i standard be done?
• What are the pros and cons of ad hoc connections?
• Can I use my cellphone as a wireless modem?

-----------------------------------------------------------------

Cornerstone is an electronic publication of Core Competence, Inc. If you do not wish to receive future issues, please reply to this message or send email to cornerstone@corecom.com with the word "remove" in the subject line or message body.

For additional information about Core Competence, visit our web site http://www.corecom.com
For past issues, visit our CornerStone page http://www.corecom.com/html/cornerstone.html
Send us a subscribe message to receive future issues of CornerStone.