PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:
Save on the #1 Ranked Web Filtering Appliance
How to Build a Real Time Enterprise. Free White Paper!
Improving Remote Access Security and Monitoring
=== CONTENTS ==================================================
IN FOCUS: Alternative Firmware for Wireless APs: Talisman
NEWS AND FEATURES
- Windows Shell Vulnerability Is Being Actively Exploited
- Microsoft Aims to Outmaneuver Pirates
- St. Bernard Reels in Singlefin
- Recent Security Vulnerabilities
GIVE AND TAKE
- Security Matters Blog: Toolkits Help Increase Number of Malicious
- FAQ: New Admin Template Format in Vista and Longhorn
- From the Forum: EFS Questions
- Microsoft Learning Paths for Security: Multiple-Layer Defense for
- Know Your IT Security Contest
- Flexible, Portable Data Safes
- Wanted: Your Reviews of Products
RESOURCES AND EVENTS
FEATURED WHITE PAPER
=== SPONSOR: St. Bernard Software =============================
Save on the #1 Ranked Web Filtering Appliance
iPrism, the IDC-ranked #1 Web filtering appliance has an offer
that's too good to pass up. Purchase a 3-year subscription to the most
accurate database in the industry and get your iPrism appliance at no
charge. Or, purchase an iPrism and a 3-year subscription and get an
extra year free. Only iPrism gives you two ways to save big. This is a
limited time offer so get a Quick Quote now!
=== IN FOCUS: Alternative Firmware for Wireless APs: Talisman = by Mark Joseph Edwards, News Editor, mark at ntsecurity / net
Last week I wrote about the alternative access point (AP) firmware
OpenWRT (first URL below). Before that, I wrote about DD-WRT (second
URL below). Both are good choices. If you recall, I mentioned that both
of these firmware packages descended from Alchemy, which in turn
descended from open source code published by Linksys.
This week I'll discuss Talisman, developed by Sveasoft, which is the
descendant of Alchemy, also by Sveasoft. Unlike OpenWRT and DD-WRT,
Talisman isn't free. Talisman has caused some controversy--mainly
because Sveasoft took open source code, improved and changed it, and is
selling the result. Also, as I understand it, some people think
Sveasoft didn't publish the modified code promptly enough to meet the
licensing requirement of the code released by Linksys. Of course this
sort of behavior is a sore spot among some open source proponents, but
in my opinion, it's not necessarily a bad reflection on Sveasoft. After
all, Talisman is very good software.
Talisman currently works on ASUS, Belkin, Buffalo Technology, and
Linksys APs and is available in four different versions: Micro,
Hotspot, Basic, and VPN. The latter three are still in development
stages, not officially released, but you can download beta versions.
Several other versions (in addition to these four) are either in the
planning or preliminary development stages.
The Micro version is for use in APs that have only 2MB of flash memory-
-most newer APs have more memory than that. Micro also supports only a
subset of the features available in Basic, which I'll discuss in a
The Hotspot version is designed to easily create public wireless
hotspots, which can be completely open or can be made to require logon
credentials. So when someone connects to the AP they'll be cable to
just click-through to the Internet, if your hotspot allows free public
access, or they'll be presented with your custom splash screen at which
they can log on, if you require that. Hotspot also includes support for
billing in case you want to charge for network access.
Talisman Basic includes support for Wi-Fi Protected Access (WPA) and
WPA2 encryption, Secure Shell (SSH), PPTP VPNs, Remote Authentication
Dial-In User Service (RADIUS) authentication, port triggering, Virtual
LANs (VLANs), VoIP, a firewall based on ipchains, Quality of Service
(QoS) bandwidth controls, and much more.
Like OpenWRT, the Talisman line includes an easy-to-use Web-based
interface for administration. And you can of course add tools and
packages such as a router advertisement daemon (RADVD), which helps
automatic configuration for IP version 6 (IPv6)-enabled systems. Other
add-ons include an SNMP daemon and a GeoIP package that facilitates IP
address-to-country cross-referencing that can be used with the QoS
feature to develop filters.
The Talisman VPN version might be very useful, especially if you need
to connect offices. It supports the Basic features plus IPsec with
Advanced Encryption Standard (AES), DES, and Triple DES (3DES)
encryption; MD5 and Secure Hash Algorithm 1 (SHA1) hashes; and a
special section in the Web administration interface designed to
configure IPsec tunnels.
Talisman is available via subscription for $20 per year. (You can also
download the previous version, Alchemy, for free.) For that price, you
get a copy of the firmware and access to the support forums. Because
Talisman is commercial software, it's locked to specific MAC addresses.
You must supply your routers' MAC addresses when downloading the
firmware, and the firmware will operate only on those particular
routers. You can enter up to five MAC address, so for $20 per year,
it's a good deal. For more information about or to purchase Talisman,
And while you're on the Web, stop by YouTube and view the video clip at
the link below. It's an amusing couple of minutes that promotes the
TechX World interoperability conference (produced by Windows IT Pro),
which is coming soon to a city near you.
=== SPONSOR: NetSuite =========================================
How to Build a Real Time Enterprise. Free White Paper!
The vast majority of businesses have information scattered
throughout the enterprise on paper, in siloed databases and in emails,
making real-time operations difficult to achieve. Learn the benefits
and explore the challenges mid-sized businesses face in their real-time
=== SECURITY NEWS AND FEATURES ================================
Windows Shell Vulnerability Is Being Actively Exploited
H.D. Moore discovered a vulnerability in the Windows Shell that
could allow a remote intruder to execute arbitrary code on an affected
system. The vulnerability is in the WebViewFolderIcon ActiveX control,
and an exploit has been published. A module for H.D. Moore's popular
penetration testing tool, Metasploit, has also been released. Exploits
using the module are taking place in the wild on the Internet.
Microsoft Aims to Outmaneuver Pirates
Microsoft hopes its new Software Protection Platform will help it
outmaneuver software pirates by changing product activation and online
validation and by introducing better detection for tampering and
hacking. The company said that Windows Vista and its upcoming Windows
Server "Longhorn" will be the first two products to ship with the new
St. Bernard Reels in Singlefin
St. Bernard, provider of security appliances and software, is adding
managed security and business services to its portfolio with the
acquisition of Singlefin. St. Bernard can now offer on-demand email
filtering, Web filtering, and instant messaging (IM) management as a
hosted or managed service to small and midsized enterprises.
Recent Security Vulnerabilities
If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
=== SPONSOR: SurfControl ======================================
Improving Remote Access Security and Monitoring
Are you vulnerable when your users access the internet outside of
the corporate network? Track and monitor remote access easily and
unobtrusively to make sure that your intellectual assets are secure.
Download the free whitepaper and find out more today!
=== GIVE AND TAKE =============================================
SECURITY MATTERS BLOG: Toolkits Help Increase Number of Malicious Web
by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=3BBBB:7EB890
The number of malicious Web sites is on the rise, and with toolkits
available to create them, it's really no wonder. According to Websense,
the number of malicious sites increased by 100 percent during the first
half of 2006. Read more about this trend in this blog article:
FAQ: New Admin Template Format in Vista and Longhorn
by John Savill, http://list.windowsitpro.com/t?ctl=3BBB6:7EB890
Q: Where can I find details about the new ADMX format that Windows
Vista and Longhorn Server use?
Find the answer at
FROM THE FORUM: EFS Questions
A forum participant wants to know if there is an easy way to get
Encrypting File System (EFS) to encrypt all the subfolders and files
within the selected folder. He also wonders whether data encrypted in
Windows 2000 using DESX can be decrypted in Windows XP, how to cause
EFS to use certificates from a US Department of Defense (DoD) Common
Access Card (CAC), and how to handle exporting a certificate for use on
another machine should that be necessary. Join the discussion at:
MICROSOFT LEARNING PATHS FOR SECURITY: Multiple-Layer Defense for
Multiple layers of defense help protect your business by decreasing
the likelihood that any single threat can compromise your network. Use
these resources to learn about a broad range of Microsoft security
solutions that can help protect your messaging environment: guarding
the perimeter with Microsoft Exchange Hosted Services, adding a buffer
and firewall protection with Microsoft ISA Server 2006, helping to
protect internal messages with Microsoft Antigen, and using Windows
Rights Management Services (RMS) to help safeguard sensitive emails and
KNOW YOUR IT SECURITY Contest
Sponsored by Microsoft Learning Paths for Security
Share your security-related tips, comments, or solutions in 1000 words
or less, and you could be one of 13 lucky winners of a Zune media
player. Tell us how you do patch management, share a security script,
or write about a security article you've read or a Webcast you've
viewed. Submit your entry between now and December 13. We'll select the
13 best entries, and the winners will receive a Zune media player--
plus, we'll publish the winning entries in the Windows IT Security
newsletter. Email your contributions to email@example.com.
Prizes are courtesy of Microsoft Learning Paths for Security:
=== PRODUCTS ================================================== by Renee Munshi, firstname.lastname@example.org
Flexible, Portable Data Safes
Steganos is releasing a new version of its encryption application,
Steganos Safe 2007. New features include the ability to use picture
sequences as passwords; support for Apple iPods, USB drives, and other
devices and media to store encrypted data or keys; and protection of
data in Microsoft Outlook. With Steganos Safe 2007, users can create as
many virtual drives as they want for storing encrypted data, and these
drives (called "safes") can be accessed from applications, Windows
Explorer, and Web browsers. Each safe can be up to 256GB in size, and
users can change the size of safes as necessary. Steganos Safe 2007
costs $49.95. For more information, go to
WANTED: your reviews of products you've tested and used in
production. Send your experiences and ratings of products to
email@example.com and get a Best Buy gift certificate.
=== RESOURCES AND EVENTS ====================================== For more security-related resources, visit
Windows Connections Conference
Come learn about Vista, Exchange, Office, SharePoint, and more in
Las Vegas, November 6-9, 2006 at Windows Connections and Microsoft
Exchange Connections. There will be exciting announcements from
Microsoft that no one should miss! There's no better conference value
in the US this fall.
As an IT pro today, chances are that you work in a "Windows Plus"
environment. Learn from and meet industry experts Gil Kirkpatrick, Mike
Otey, Dustin Puryear, and Randy Dyess in this full day of training on
managing Windows, Linux, UNIX, Apache, MySQL, and more. Join TechX
World--coming to Washington, DC on October 24, Chicago on October 26,
Dallas on October 31, and San Francisco on November 2.
Whether you're an outsourced IT provider, a member of an in-house IT
service staff, or simply provide remote support, this can't-miss Web
seminar will help you discover how the right technologies can expand
your services. You'll learn how to tap into a $30 billion market for IT
services and expand your geographic reach. Live Web seminar: Tuesday,
How do you manage vulnerabilities? If you depend on vulnerability
assessments to determine the state of your IT security systems, you
can't miss this Web seminar. Special research from Gartner indicates
that deeper penetration is needed to augment your vulnerability
management processes. Learn more today!
Do you have visibility of and control over your software licenses? Most
organizations face serious challenges, including understanding vendor
licensing models, cost overruns, missed deadlines and business
opportunities, and lost user productivity. Learn to address these
challenges and prepare for audits. Register for the free Web seminar,
=== FEATURED WHITE PAPER ======================================
One common set of controls can help you manage compliance across
multiple regulations and standards. Download this free IDC white paper
and find out how to map these controls and save time and money in
Special Offer: Download any white paper from Windows IT Pro before
October 31 and enter to win a Casio Exilim Card Camera! The more you
download, the more chances to win! Visit
http://list.windowsitpro.com/t?ctl=3BBBE:7EB890 for a full listing
of white papers and contest rules.
=== ANNOUNCEMENTS =============================================
Invitation for VIP Access
Become a VIP Monthly Pass subscriber and get instant online access
to every article published in our network. You'll get full Web access
to Windows IT Pro, SQL Server Magazine, and the Exchange and Outlook
Administrator, Windows Scripting Solutions, and Windows IT Security
newsletters--that's more than 26,000 articles at your fingertips. Sign
up now for only $29.95 per month:
Save $40 off on Windows IT Pro
Subscribe to Windows IT Pro today and SAVE up to $40! Along with
your 12 issues, you'll get FREE access to the entire Windows IT Pro
online article archive, which houses more than 9,000 helpful IT
articles. This is a limited-time offer, so order now:
Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and the Windows IT Security newsletter
(subscribe at the second URL below).
Subscribe to Security UPDATE at
Be sure to add Security_UPDATE@list.windowsitpro.com
to your antispam software's list of allowed senders.
To contact us:
About Security UPDATE content -- firstname.lastname@example.org
About technical questions -- http://list.windowsitpro.com/t?ctl=3BBC0:7EB890
About your product news -- email@example.com
About your subscription -- firstname.lastname@example.org
About sponsoring Security UPDATE -- email@example.com
Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department
Copyright 2006, Penton Media, Inc. All rights reserved.
Visit the InfoSec News store!