AOH :: ISN-3002.HTM

Transceiver Fingerprinting Improves Wireless Security

Transceiver Fingerprinting Improves Wireless Security
Transceiver Fingerprinting Improves Wireless Security


Save on the #1 Ranked Web Filtering Appliance 

Top 10 Requirements for Effective Patch Management 

Extending SMS to Handheld Devices 

=== CONTENTS ==================================================
IN FOCUS: Transceiver Fingerprinting Improves Wireless Security

   - New Unpatched Vulnerability Affects Microsoft Word 2000
   - Cisco and Microsoft Team Up on Network Access Control
   - BrowserShield Defends Browsers at Network Borders
   - Recent Security Vulnerabilities

   - Security Matters Blog: Browzar Bashing--Is It Warranted?
   - FAQ: 64-Bit Version of Group Policy Management Console
   - From the Forum: NTFS Permission in an Education Environment
   - Share Your Security Tips

   - Full-Featured Firewall-Routers
   - Wanted: Your Reviews of Products 




=== SPONSOR: St. Bernard Software =============================
Save on the #1 Ranked Web Filtering Appliance 
   iPrism, the IDC-ranked #1 Web filtering appliance has an offer 
that's too good to pass up. Purchase a 3-year subscription to the most 
accurate database in the industry and get your iPrism appliance at no 
charge. Or, purchase an iPrism and a 3-year subscription and get an 
extra year free. Only iPrism gives you two ways to save big. This is a 
limited time offer so get a Quick Quote now! 

=== IN FOCUS: Transceiver Fingerprinting Improves Wireless Security
   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

If you operate wireless networks, you know that media access control 
(MAC) address filtering is an unreliable way to prevent unwanted 
network access. The reasons are that it's relatively simple to spoof 
any MAC address and to collect MAC addresses from the airwaves. 

One technique used to improve on MAC filtering is to develop a 
fingerprint of the wireless network driver, which can help identify the 
wireless hardware by manufacturer. This approach works because each 
manufacturer develops its own driver behavior. The characteristics of 
that behavior can be tracked, identified, stored, and later matched 
when a wireless device is detected by an intrusion detection system 
(IDS) or authentication system. Other techniques involve actively or 
passively discovering wireless device model numbers, chipset model 
numbers, and OS versions. 

Jeyanthi Hall has explored a way to take wireless device fingerprinting 
even further. In her research, Hall discovered that each wireless 
network device has a unique frequency signal profile, which can be 
discovered as the device transmits over the airwaves. This holds true 
even for identical card models from the same manufacturer and even when 
those cards use exactly the same chipset. 

Therefore, a fingerprint can be developed that will match one specific 
physical device. Hall thinks that, based on her research, the only way 
such a fingerprint can be spoofed is to physically recreate all the 
characteristics of the circuits in the original device. In order to 
accomplish that task, the original device would be required, which 
implies that someone must first steal it. But in the case of a stolen 
device, the fingerprint could be blocked, hopefully before someone 
replicates the exact circuitry.

In practical use, transceiver fingerprint identification could be used 
in wireless intrusion detection and prevention systems and in 
authentication systems. What's more, transceiver fingerprinting isn't 
limited to Wi-Fi devices. Since Bluetooth technology is also based on 
radio transmissions, similar techniques could be used to guard 
Bluetooth connectivity. 

According to Hall's research (as published to date), transceiver 
fingerprinting is about 95 percent accurate. So there is room for 
error, which means that additional methods of protection might be 
necessary in some situations. 

One important issue to keep in mind about any radio transmitter is that 
as a device ages, its radio signal profile changes. Therefore, in order 
to maintain fingerprint accuracy, the fingerprint must be updated 
continually. This of course creates processing overhead and could pose 
significant hurdles in large wireless network installations. 
Regardless, the hurdles aren't insurmountable.

Hall has published two detailed white papers (one that covers Wi-Fi and 
one that covers Bluetooth) that describe her research and its potential 
applications. If you're interested in this technology, which very well 
might make its way into wireless security solutions, then be sure to 
read the papers. They're available at the first two URLs below in PDF 
format. If you're interested in other wireless security-related work 
published by Hall, then visit her site at Carleton University at the 
third URL below. 

=== SPONSOR: Patchlink ========================================
Top 10 Requirements for Effective Patch Management
   Endless streams of security patches are a continuous strain on IT 
resources. Assessing, deploying, & tracking software patches across 
operating systems is even more difficult. Learn to distill the 
requirements for selecting an effective patch management solution. 
Download now! 

=== SECURITY NEWS AND FEATURES ================================
New Unpatched Vulnerability Affects Microsoft Word 2000
   Symantec reported the discovery of a new unpatched vulnerability 
that affects Microsoft Word 2000. The vulnerability could allow a 
remote intruder to install a Trojan horse that opens a back door on an 
affected system when a malicious document is opened. Exploits that take 
advantage of the vulnerability have been discovered circulating on the 

Cisco and Microsoft Team Up on Network Access Control
   Cisco and Microsoft announced that their respective technologies, 
Cisco Network Admission Control (NAC) and Microsoft Network Access 
Protection (NAP), will be interoperable. Both technologies are designed 
to prevent computers from accessing a network unless they meet specific 
"health" checks. 

BrowserShield Defends Browsers at Network Borders
   Microsoft developed a prototype defense tool, BrowserShield, that 
can defend unpatched browsers by filtering and rewriting incoming Web 
content at network borders. 

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security 
Alerts, which inform you about recently discovered security 
vulnerabilities. You can also find information about these 
discoveries at 

=== SPONSOR: iAnywhere ========================================
Extending SMS to Handheld Devices 
   Join iAnywhere on Tuesday, September 26th, for a webcast on how to 
extend Microsoft SMS to handheld devices. In this session, we'll 
provide an overview of Afaria's management and security capabilities 
and focus on enhancing and extending SMS to a wide range of mobile 

=== GIVE AND TAKE =============================================
SECURITY MATTERS BLOG: Browzar Bashing--Is It Warranted?
by Mark Joseph Edwards, 

There's a lot of Browzar bashing going on, and most of it overlooks the 
obvious. Read my perspective on the bashing in this blog article 

FAQ: 64-Bit Version of Group Policy Management Console
by John Savill, 

Q: Where can I get the 64-bit version of Group Policy Management 
Console (GPMC)? 

Find the answer at 

FROM THE FORUM: NTFS Permission in an Education Environment 
   A forum participant is working on creating a way for teachers and 
students to share info while controlling what the students can see and 
do. He's running a Windows Server 2003 Release 2 (R2) domain and is 
aware of access-based enumeration. He's having difficulty getting the 
permissions set properly and needs some advice. Join the discussion at: 

   Share your security-related tips, comments, or problems and 
solutions in the Windows IT Security print newsletter's 
Reader to Reader column. Email your contributions to If we print your submission, you'll 
get $100. We edit submissions for style, grammar, and length.

=== PRODUCTS ================================================== by Renee Munshi, 

Full-Featured Firewall-Routers
   HotBrick Network Solutions offers the HSS 4000 and HSS 6000 
firewall-routers. The HSS 4000 has 512MB of RAM, a 1.0GHz Pentium 4 
processor, and four flex ports; the HSS 6000 has 1GB of RAM, a 2.8GHz 
Pentium 4 processor, and six flex ports. Both firewall-routers include 
internal hard drives and an optional hardware-based VPN accelerator 
(flexible software-based VPNs are standard). The HSS 4000 supports up 
to 1000 LAN users, while the HSS 6000 allows for an unlimited number of 
LAN users. You manage the firewall-routers from a Web interface over 
HTTP Secure (HTTPS), console port, and Secure Shell (SSH) connection. 
The Web-based content-filtering feature and the hard drive-based spam-
filtering and antivirus options can also be managed from the interface. 
For more information, go to 

WANTED: your reviews of products you've tested and used in 
production. Send your experiences and ratings of products to and get a Best Buy gift certificate. 

=== RESOURCES AND EVENTS ======================================For more security-related resources, visit 

Linux + Unix + Windows - TechX World 
Pure-play IT shops are a nice idea, but the reality today is that we 
are all faced with interoperability issues. TechX World 2006 gives you 
access to leading experts in the field and will prepare you to master 
interoperability issues in your environment. 

Tired of using separate products on your Microsoft Exchange server for 
antivirus, antispam, attachment filtering, disclaimers, content 
auditing/filtering? This webcast will address the latest threats to 
messaging security and spotlight Sunbelt's Messaging Ninja that enables 
system administrators to easily secure their messaging infrastructures 
and stop threats at the Exchange Server. 

Can you distinguish between the facts and fiction of Linux? Get the 
straight answers about Linux, UNIX, and Windows - together and head-to-
to head comparisons. Read articles and download free resources today! 
You can also test your Linux skills and enter to win a $150 MSN Music 
gift card! 

Randy Franklin Smith outlines five evaluation points to consider when 
choosing your antispyware solution in this free podcast. Download it 

Integrate fax services with business applications for major increases 
in ROI. Find out how fax technology can benefit your bottom line and 
improve business processes. Download the free ebook today! 

=== FEATURED WHITE PAPER ======================================
Extend Microsoft Windows Rights Management Services (RMS) to support 
enterprise requirements for information protection, including 
proprietary business data. Download the free whitepaper today! 

=== ANNOUNCEMENTS =============================================
Special Invitation for VIP Access 
   Become a VIP subscriber and get continuous, inside access to ALL 
content published in Windows IT Pro magazine, SQL Server Magazine, 
Exchange and Outlook Administrator newsletter, Windows Scripting 
Solutions newsletter, and Windows IT Security newsletter. Subscribe now 
and SAVE $100:

Get the Windows IT Pro Utility Kit FREE 
   SAVE up to $30 off Windows IT Pro magazine and get an exclusive 
Windows IT Pro Utility Kit CD FREE with your paid order! In addition, 
you'll get unlimited access to the entire online article archive, which 
houses more than 9,000 helpful Windows IT articles. This is a limited-
time offer, so order now:

Security UDPATE is brought to you by the Windows IT Pro Web site's 
Security page (first URL below) and the Windows IT Security newsletter 
(subscribe at the second URL below).

Subscribe to Security UPDATE at 

Be sure to add 
to your antispam software's list of allowed senders.

To contact us: 
About Security UPDATE content -- 
About technical questions -- 
About your product news -- 
About your subscription -- 
About sponsoring Security UPDATE -- 

View the Windows IT Pro privacy policy at 

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2006, Penton Media, Inc. All rights reserved.

HITBSecConf2006 - Malaysia 
The largest network security event in Asia 
32 internationally renowned speakers 
7 tracks of hands-on technical training sessions. 
Register now: 

Site design & layout copyright © 1986-2014 CodeGods