http://www.wireless-security-conference.com/program.htm
Wireless Security Conference and Expo
April 19-21, 2005, Boston, MA

If you're looking for a solid overview of 802.11 security threats and countermeasures, join us on April 19th in Boston, where Lisa Phifer (Core Competence) and Diana Kelley (Burton Group) will be presenting a half-day tutorial at the Wireless Security Conference.

http://www.misti.com/northamerica.asp?disp=showconf&id=MWS05
The Conference on Mobile and Wireless Security
April 26-30, 2005, Las Vegas, NV

Ready to roll up your sleeves and start pen-testing your own WLAN's defenses? Join Lisa and Diana on April 26th in Las Vegas, where they'll be teaching a full-day hands-on workshop, "Stopping WLAN Attacks Using Proactive Assessment."

WLAN Advice

http://www.corecom.com/external/livesecurity/smallwlan.htm
Expanding Your Small Business Wireless LAN
WatchGuard LiveSecurity, 21 Jan 2005

A single, properly located 802.11 b/g access point can serve about 20 employees over an unobstructed span of 100 to 200 feet indoors. So what do you do when your office outgrows your one and only AP? In this WatchGuard LiveSecurity article, Dave Piscitello explains when and how to grow your small business WLAN.

http://searchmobilecomputing.com/tip/0,289483,sid40_gci1057803,00.html
Understanding WLAN signal strength
searchMobileComputing, February 17, 2005

From a security perspective, WLAN signal travels way too far, but from a performance perspective, received signal often falls far short of user needs and expectations. APs that reach hundreds of feet in open space can have trouble being heard through obstructions in homes and offices. In this WLAN advisor column, Lisa Phifer discusses how to predict and measure signal strength.

http://searchmobilecomputing.com/tip/0,289483,sid40_gci1068451,00.html
Going the distance with MIMO
searchMobileComputing, March 16, 2005

The IEEE 802.11n task group is now developing a next-generation WLAN standard based on MIMO -- multiple input, multiple output -- that promises to deliver higher throughput over longer distances. In this WLAN advisor column, Lisa Phifer explores the principal behind MIMO and discusses several early MIMO product offerings.

Enterprise Security

http://www.smallbizpipeline.com/showArticle.jhtml?articleID=159901002
Legislation Won't Stall The Spyware Juggernaut
CMP Security Pipeline, March 16, 2005

Spyware is such an epidemic that legislators are drafting bills to prohibit its distribution, stem abusive practices and protect user privacy. Unfortunately, these laws are flawed and could cause more harm than good. In this column, Dave Piscitello explores anti-spyware legislation to show why spyware is a technology problem that requires a technology solution.

http://www.isp-planet.com/technology/2005/beyond_passwords_1a.html
Beyond Passwords: Stronger Authentication
ISP-Planet, April 4, 2005

Plain old password authentication provides a weak foundation for authorization and access control. In this ISP-Planet article, Lisa Phifer explains how ISPs are reducing their own risk —- and growing customer confidence —- by employing stronger authentication methods.

http://www.isp-planet.com/technology/2005/beyond_passwords_2a.html
Beyond Passwords: Implementing The Vision
ISP-Planet, April 5, 2005

Organizations that want to implement stronger authentication have a dizzying array of alternatives and products to choose from. In part two of this series, Lisa explains five authentication options: digital certificates, one-time passwords, hardware tokens, smart cards, and biometrics.

White Papers and Case Studies

http://searchNetworking.com/r/0,,39504,00.htm?track=NL-259&ad=509364
The Building Blocks of a Manageable, Scalable and Secure WLAN
Bluesocket, February 1, 2005

As WLANs become pervasive in corporate networks, utilization and dependence will grow. Businesses can't afford to shift mission-critical activities onto wireless unless those networks can provide robust, non-stop access under heavy load. This paper, developed by Lisa Phifer for Bluesocket, describes Bluesocket's innovative approach to providing seamless secure mobility and automatic policy synchronization without depending on a central point or requiring change to existing networks, devices, or user behavior.

http://www.aventail.com/customers/case_studies/default.asp
OECD SSL VPN Case Study
Aventail Corporation, 2005

From Reyjavik to Wellington, governments are now using SSL VPN technology to obtain key economic and social information from the OECD, a unique forum for cooperation between representatives from 30 market economies. When the OECD recently extended OLISnet, its secure extranet, it sought advice from Core Competence. Read more about the OECD's requirements and deployed solution in this customer case study published by Aventail.

Blog News

http://hhi.corecom.com/arc20050201.htm
Dave Piscitello's Blog
February 2005

In February blog postings, Dave Piscitello looks at referrer spam, homeland insecurity, democratizing surveillance, Wi-Fi antennae and range extenders, and VPN statistics.

http://hhi.corecom.com/arc20050301.htm
Dave Piscitello's Blog
March 2005

Dave's March postings consider new phishing deception techniques, spyware, recovering ZIP file and NT/XP administrator passwords, and The Patriot Act. If you enjoy Dave's blog, add http://hhi.corecom.com/feed.xml to your news feeds or subscribe by email.

-----------------------------------------------------------------

Cornerstone is an electronic publication of Core Competence, Inc. If you do not wish to receive future issues, please reply to this message or send email to cornerstone@corecom.com with the word "remove" in the subject line or message body.

For additional information about Core Competence, visit our web site http://www.corecom.com
For past issues, visit our CornerStone page http://www.corecom.com/html/cornerstone.html
Send us a subscribe message to receive future issues of CornerStone.