Cornerstone Issue 97: February, 2010
Welcome to Issue 97 of Cornerstone, a subscription-only electronic
newsletter issued periodically by Core Competence.
Cornerstone reports on a wide range of networking topics and
activities involving Core Competence. A brief abstract explains
what you will find if you choose to visit each URL.
http://bit.ly/cfeqFU
Testing security is critical to safeguard business data and comply with
regulatory mandates. Here, Lisa Phifer reviews Motorola's new AirDefense
Wireless Vulnerability Assessment (VA) Tool, an add-on module that lets
your WIPS to perform centrally initiated, remotely executed TCP/IP scans.
http://bit.ly/aiaZpz
From stolen devices and phishing attacks to buggy apps and human blunders,
2009 was another banner year for data breaches. In an effort to do better
this year, we recount some of the worst data breaches reported in 2009.
http://bit.ly/7UtPwX
Each January in Las Vegas, the Consumer Electronics Show (CES) offers a
peek at next year's hottest high-tech gadgetry. As CES 2010 attendees
gazed longingly at Internet-connected 3D TVs, automobiles, and e-Readers,
we couldn't help but ponder their security implications.
http://searchnetworking.techtarget.com/tip/0,289483,sid7_gci1380693,00.html
As enterprise networks incorporate more wireless access and backhaul
links, traffic flows and loads will change, and new mobile applications
will introduce quality of service challenges. In this tip, we discuss
network infrastructure updates to help wireless integration go smoothly.
http://searchnetworking.techtarget.com/tip/0,289483,sid7_gci1381454,00.html
In the final tip of this series, we look at integrating wired and
wireless network management systems so that they are user-aware,
provide end-to-end visibility, and bridge the gaps that often
exist between these two worlds.
http://searchnetworking.techtarget.com/tip/0,289483,sid7_gci1379320_tax3b9,00.html
At its core, 802.11n is a high-throughput amendment, but data rates
depend upon AP configuration; reaching 600 Mbps requires 4x4 MIMO,
a double-wide 40 MHz channel, and the new Short Guard Interval to
reduce time between transmissions. In this tip, we discuss more
typical data rates and throughputs for contemporary 802.11n APs.
http://searchnetworking.techtarget.com/tip/0,289483,sid7_gci1378328,00.html
Companies are being challenged to do more with less and quantify
anticipated return on investment. One area where WLANs are readily
able to demonstrate rapid payback is their ability to avoid the cost
and complexity of in-building Ethernet.
http://bit.ly/4AflR7
Over the holidays, a fair number of workers received shiny new phones
or spent vacation time downloading apps from mobile marketplaces. In
this tip, Lisa explores "app-store" security implications and steps
that employers can take to manage associated business risk.
http://www.wi-fiplanet.com/news/article.php/3861756
This news coverage for Wi-Fi Planet offers our take on the most
important wireless product news to emerge from this year's Consumer
Electronics Show in Las Vegas.
http://www.wi-fiplanet.com/news/article.php/3857821
In this news coverage, we look at how Aruba is expanding AirWave's
reach to deliver unified management of Wi-Fi, Ethernet, and mobile
devices, all under one roof.
http://bit.ly/8BkQnR
Financial-services providers are subject to extensive regulations
that govern how customer data must be safeguarded. In this tip, Lisa
Phifer explains how providers can establish a solid foundation for
compliance by adopting 10 wireless network security best practices.
http://bit.ly/8ZV4Jd
Joanie Wexler talks to CoreCom's Lisa Phifer about the security
implications of Wi-Fi Direct, an upcoming softAP-based Personal
Area Network specification from the Wi-Fi Alliance.
http://bit.ly/8kkoJH
Joanie Wexler references Lisa's iPod Touch VoIP How-To in her January
column on ways to use this approach to decrease cellular voice bills.
http://bit.ly/89t7xu
The fact that Twitter employs a banned password list rather than
enforcing a password policy at time of registration is an example of
laziness and flawed thinking. Dave discusses why...
http://bit.ly/9qowaS
ICANN's policy department has launched a podcast series, ICANN Start.
Producer Scott Pinzon invited Dave to help launch the series with a
podcast on DNS redirection, DNS response modification, wildcarding
and synthesis and why all these harm the Internet.
http://bit.ly/9bNjaK
ICANN coordinates the Internet's unique identifier systems and
participates in the global operation of the Domain Name System. An
important aspect is to ensure the security and stability of these
systems. Dave discusses ICANN's plan to meet this obligation in
the February 2010 issue of ;login magazine.
http://bit.ly/cmJZa4
In "I can't read this WHOIS output!" Dave notes how people are growing
accustomed to using their local languages or scripts when they visit
web pages and use Internet applications. He explains how Whois, an
application that provides contact and DNS information associated with
Domain Names, largely continues to use US-ASCII7 characters.
-----------------------------------------------------------------
Cornerstone is an electronic publication of Core Competence, Inc.
If you do not wish to receive future issues, please reply to this
message or send email to
cornerstone@corecom.com
with the word "remove" in the subject line or message body.
For additional information about Core Competence, visit our web site http://www.corecom.com
To be notified about Lisa Phifer's articles as they are published,
follow her news on Twitter: http://twitter.com/lisaphifer
To receive Dave Piscitello's blog as an RSS feed, subscribe here:
http://securityskeptic.typepad.com
eSecurity Planet Articles
Review: Motorola AirDefense Wireless VA Tool
eSecurityPlanet, February 18, 2010
Top Ten Data Breaches of 2009
eSecurityPlanet, February 8, 2010
Top Ten eSecurity Tips from CES 2010
eSecurityPlanet, January 21, 2010
searchNetworking Tips
Preparing your wired network for wireless network integration
searchNetworking, February 4, 2010
Integrated NMS works across wireless/wired infrastructures
searchNetworking, February 12, 2010
How to reach maximum 802.11n speed and throughput
searchNetworking, January 21, 2010
Wireless or Ethernet LAN? An apples-to-apples cost comparison
searchNetworking, January 7, 2010
Mobile/Wireless Articles
Smartphone insecurity: There's an app for that
searchMobileComputing, January 12, 2010
Reflecting on the Best of CES 2010
Wi-Fi Planet, January 29, 2010
News: AirWave Unifies Wireless, Wired and Mobile Control
Wi-Fi Planet, January 11, 2010
Best practices to secure wireless networks
searchFinancialSecurity, January 14, 2010
In The News
Acceptable use policies needed for soft APs
NetworkWorld, February 23, 2010
Milking the iPod Touch for savings
Network World, January 19, 2010
Dave Piscitello's Blog: Security Skeptic
Twitter: do more than list banned passwords
Security Skeptic, January 5, 2010
Podcast on DNS Redirection and Wildcarding
Security Skeptic, February 17, 2010
;login article: ICANN's Security Stability and Resiliency Plan
Security Skeptic, February 12, 2010
Podcast on Internationalized Whois
Security Skeptic, February 25, 2010
For past issues, visit our CornerStone page http://www.corecom.com/html/cornerstone.html
Send us a subscribe message to receive future issues of CornerStone.