Security UPDATE--Alternative Firmware for Wireless APs: Thibor--October 18, 2006

IN FOCUS: Alternative Firmware for Wireless APs: Thibor

NEWS AND FEATURES

- Oracle to Enhance Patch Documentation with CVSS

- PhishTank Aims to Blow Scammers Out of the Water

- BartPE

- Recent Security Vulnerabilities

GIVE AND TAKE

- Security Matters Blog: Tactile Passwords

- FAQ: Change the MIIS Service Account

- Know Your IT Security Contest

- Make Your Mark on the IT Community!

PRODUCTS

- Encrypt Files on the Network

- Wanted: Your Reviews of Products

RESOURCES AND EVENTS

FEATURED WHITE PAPER

ANNOUNCEMENTS

Manage Vulnerabilities. Defend Against Threats.

Your IT and Security budgets are tight. This White Paper shows real-world case studies demonstrating the ROI potential of automated penetration testing.

http://findtechinfo.com/penton/nl/178

=== IN FOCUS: Alternative Firmware for Wireless APs: Thibor ====

by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

So far, I've told you about three alternative firmware packages for wireless access points (APs): DD-WRT, OpenWRT, and Talisman. If you missed those stories, you can read them at our Web site at their respective URLs:

http://www.windowsitpro.com/Article/ArticleID/93587

http://www.windowsitpro.com/Article/ArticleID/93747

http://www.windowsitpro.com/Article/ArticleID/93839

Continuing this series, this week, I give you a peek into Thibor. Unlike the previously discussed firmware, Thibor is designed specifically for the Linksys WRT54G, WRT54GL, WRT54GS, and WRTSL54GS routers.

Like the other firmware packages, Thibor is based on the open source code published by Linksys. Thibor is actually a continuation of the firmware package HyperWRT, which started in 2004 and was, as far as I know, maintained until early 2005. When HyperWRT development apparently ceased, two other developers picked up the ball to continue independent development of HyperWRT forks. Eventually the two packages were merged into what became known as Thibor.

Like DD-WRT, OpenWRT, and Talisman, Thibor includes enhancements to the core features available in the Linksys firmware. These include enhancements to the Quality of Service (QoS) traffic shaping, port forwarding, and port triggering subsystems, as well as access restrictions including the blocking of specific services.

Added features include static DHCP leasing, a port redirector, a site survey tool, support for DDNS including the ZoneEdit tool, and Wake-on-LAN capability. In terms of security, Thibor also includes the Dropbear Secure Shell (SSH) server and client as well as enhanced filtering that can block potentially unwanted content, such as Java applets, ActiveX controls, cookies, and P2P software such as BitTorrent, Kazaa, WinMX, Direct Connect (DC), and Gnucleus.

As you might expect, Thibor supports PPTP for VPNs and Wired Equivalent Privacy (WEP), Wi-Fi Protected Access (WPA), and WPA2 for communication encryption, and even supports a number of file systems including NTFS, FAT, FAT32, ReiserFS, Ext2, and Ext3.

In the previous articles of this series, I said that the firmware packages include ipchains firewall software. However, reader Bonno Bloksma wrote to correct me. Iptables ia a much improved successor to ipchains. The firmware packages I've mentioned to date, including Thibor, use iptables. Thanks, Bonno, for pointing out that mistake.

Thibor not only includes iptables but can also be made to use Firewall Builder. Firewall Builder is a GUI-based tool that's designed to make creating iptable firewall policies easier. Firewall Builder creates a script that you copy to the router. The script then configures iptables with the behavior that you've defined. At the Firewall Builder site (at the URL below), you can also see some screenshots of the tool in action.

http://www.fwbuilder.org

Like DD-WRT and Talisman, Thibor (at the first URL below) includes an easy-to-use GUI. Although HyperWRT isn't being maintained anymore, the Web site (at the second URL below)is still active and has a Web-based forum where people can openly discuss problems, request features, and get help using the Thibor firmware.

http://www.thibor.co.uk

http://www.hyperwrt.org

===

Top 10 topics at the upcoming TechX World roadshows:

1. Run Windows commands at the same time as UNIX commands. With SUA, applications can actually mix calling Windows APIs directly and calling into the UNIX APIs.

2. Get a single view of users across your various enterprise repositories.

3. Configure networked Linux systems to accept logins in a secured manner using Windows AD accounts.

4. Improve how you manage access across Windows Terminal Services, UNIX and Linux X Windows, legacy telnet, and even SSH.

5. Address problems with distributed identity management and enhance the security of the network by preventing unauthorized access.

6. Query an LDAP server from AD and manage AD with LDAP. Ensure tighter, more secure interoperability.

7. Set up transactional replication between SQL Server 2005 and Oracle.

8. Create reports that draw data from multiple heterogeneous data sources such as SQL Server and Oracle.

9. Use SSIS to extract and cleanse data from an Oracle database and then load that data to a SQL Server database.

10. Put virtualization tips & tricks to work immediately for security, availability, backup/recovery, and server utilization.

http://www.techxworld.com/?code=1018security

Ten Steps to Achieving Business Compliance

Learn the 10 steps you need to take to achieve corporate compliance, including operational visibility in all communication data. As an extra step, stop network assaults so that you can use the Internet confidently, both on and off your corporate network.

http://www.windowsitpro.com/go/whitepapers/surfcontrol/tensteps/?code=SECMid1018

Oracle to Enhance Patch Documentation with CVSS

Oracle's next batch of critical patch updates, which are issued quarterly, are due out on October 17. Beginning with that release, the company will introduce enhanced documentation to better help system administrators and management understand the impact of a vulnerability that a given patch is designed to correct.

http://www.windowsitpro.com/Article/ArticleID/93861

PhishTank Aims to Blow Scammers Out of the Water

A new team has entered the battle to stop scammers. PhishTank aims to blow scammers completely out of the water by identifying, tracking, and blocking access to sites that are designed to steal people's personal information.

http://www.windowsitpro.com/Article/ArticleID/93811

BartPE

Work as a systems or security administrator long enough, and you'll undoubtedly need to access a downed Windows system. Several tools can help you access data from otherwise inaccessible systems. Jeff Fellinge steps you through the wonderfully easy-to-use utility called BartPE.

http://www.windowsitpro.com/Article/ArticleID/93304/

Recent Security Vulnerabilities

If you subscribe to this newsletter, you also receive Security Alerts, which inform you about recently discovered security vulnerabilities. You can also find information about these discoveries at

http://www.windowsitpro.com/departments/departmentid/752/752.html

ThreatSentry - Stop IIS Attacks and Bad Traffic

Malicious or unauthorized traffic hammering your Web servers? ThreatSentry combines a state-of-the-art Application Firewall and advanced behavioral intrusion prevention components to block any activity falling outside of trusted parameters. Get enterprise-grade, multi-layered protection for Microsoft IIS at a small business price! Download free trial today.

http://www.privacyware.com/intrusion_prevention.html

SECURITY MATTERS BLOG: Tactile Passwords

by Mark Joseph Edwards, http://www.windowsitpro.com/securitymatters

Some folks in the UK have come up with a unique way to help prevent people from stealing your password while shoulder surfing. Check it out in this blog article.

http://www.windowsitpro.com/Article/ArticleID/93800

FAQ: Change the MIIS Service Account

by John Savill, http://www.windowsitpro.com/windowsnt20002003faq

Q: How can I change the Microsoft Identity Integration Server (MIIS) 2003 service account?

Find the answer at

http://www.windowsitpro.com/Article/ArticleID/93795

KNOW YOUR IT SECURITY Contest

Sponsored by Microsoft Learning Paths for Security

Share your security-related tips, comments, or solutions in 1000 words or less, and you could be one of 13 lucky winners of a Zune media player. Tell us how you do patch management, share a security script, or write about a security article you've read or a Webcast you've viewed. Submit your entry between now and December 13. We'll select the 13 best entries, and the winners will receive a Zune media player--plus, we'll publish the winning entries in the Windows IT Security newsletter. Email your contributions to tipswinitsec@windowsitpro.com.

Prizes are courtesy of Microsoft Learning Paths for Security:

http://www.microsoft.com/technet/security/learning

MAKE YOUR MARK ON THE IT COMMUNITY!

Nominate yourself or a peer to become an "IT Pro of the Month." This is your chance to get the recognition you deserve and get notoriety in the IT community. IT Pro of the Month winners will be featured in Windows IT Pro magazine and the TechNet Flash email newsletter, and best of all will receive over $600 in IT resources. All you have to do is email us your name, title, photo, and answers to the following questions: How did your IT solution save your company money? In what ways has your solution made innovative use of technology? and How is your solution adaptable to other business environments? Email your entry to: ITProoftheMonth@windowsitpro.com

by Renee Munshi, products@windowsitpro.com

Encrypt Files on the Network

PGP announced the availability of PGP NetShare, a new product which enables teams to manage and share encrypted network-based files. Like PGP's other applications--PGP Whole Disk Encryption, PGP Universal Server, PGP Universal Gateway Email, and PGP Desktop--PGP NetShare makes use of the PGP Encryption Platform, which provides one architecture for managing keys and enforcing policies for all the applications. PGP also announced new versions of its existing applications. For more information, go to

http://www.pgp.com

WANTED: your reviews of products you've tested and used in production. Send your experiences and ratings of products to whatshot@windowsitpro.com and get a Best Buy gift certificate.

For more security-related resources, visit

http://www.windowsitpro.com/go/securityresources

Any unscheduled downtime--especially of Exchange systems--can quickly affect a company's bottom line. Learn essential skills for reducing downtime to minutes instead of hours.

http://www.windowsitpro.com/go/essential/lucid8/exchange/?code=1010emailannc

You know you need to manage your email data; how do you do it? What steps are you taking? What additional measures should you enact? What shouldn't you do? Get answers to these questions and get control of your vital messaging data. Download the free eBook today!

http://www.windowsitpro.com/go/ebooks/ilumin/discovery/?code=1018emailannc

Can disaster recovery planning create real value for your business beyond mere survival? Justify your investments in DR planning, and get real answers to your questions about how DR planning and implementation affect the financial performance of your organization. Make cost-effective decisions to positively impact your bottom line! Live Event: Tuesday, November 14

http://www.windowsitpro.com/go/seminars/xosoft/drplanning/?partnerref=1010emailannc

Join experts Douglas McDowell from Solid Quality Learning and Andrew Sisson from Scalability Experts, as well as Intel insiders and other database professionals, to learn the latest about SQL Server and Oracle database mirroring, BI, 64-bit database computing, and high availability. Coming to cities across the US this fall. Visit

http://www.windowsitpro.com/roadshows/sqloracle/?code=1018emailannc

Streamline and automate upgrades to SQL Server 2005 and manage multiple databases in less time. Leverage the data management, business intelligence, and performance improvements that you receive with an upgrade to SQL Server 2005, and unlock the full potential of your servers. Live Event: Thursday, November 2

http://www.sqlmag.com/go/seminars/polyserve/upgrade/?partnerref=1010emailannc

Prevent installation and execution of unauthorized software on the computers on your network. Download this free white paper today for a comparison of different techniques for detecting and preventing unauthorized code. Protect yourself against emerging risks today!

http://www.windowsitpro.com/go/whitepapers/bit9/lockdown/?code=1018emailannc

Special Offer: Download any white paper from Windows IT Pro before October 31 and enter to win a Casio Exilim Card Camera! The more you download, the more chances to win! Visit http://www.windowsitpro.com/whitepapers for a full listing of white papers and contest rules.

Monthly Online Pass--only $5.95 per month!

Includes instant online access to every article ever published in Windows IT Pro, as well as the latest digital issue. Sign up now:

https://store.pentontech.com/index.cfm?s=1&promocode=eu206Aum

Get $40 off on Windows IT Pro

Subscribe to Windows IT Pro today and SAVE up to $40! Along with your 12 issues, you'll get FREE access to the entire Windows IT Pro online article archive, which houses more than 9,000 helpful IT articles. This is a limited-time offer, so order now:

https://store.pentontech.com/index.cfm?s=1&promocode=eu206Auw