Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Information Security News: Alternative Firmware for Wireless APs: DD-WRT

Alternative Firmware for Wireless APs: DD-WRT

From: InfoSec News <alerts_at_infosecnews.org>
Date: Thu, 21 Sep 2006 00:46:19 -0500 (CDT)

PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:

Filtering the Spectrum of Internet Threats
   http://list.windowsitpro.com/t?ctl=390BB:7EB890

Extending SMS to Handheld Devices
   http://list.windowsitpro.com/t?ctl=390BC:7EB890

Ensure Instant Access to Files at Remote Servers/Offices
   http://list.windowsitpro.com/t?ctl=390D2:7EB890

=== CONTENTS ===================================================

IN FOCUS: Alternative Firmware for Wireless APs: DD-WRT

NEWS AND FEATURES
   - European Commission Clarifies Its Concerns Regarding Windows Vista
   - Spammers Step Up Use of Disposable Domains
   - Toolbox: Visio Connector for MBSA
   - Recent Security Vulnerabilities

GIVE AND TAKE
   - Security Matters Blog: New Tool: ASP Auditor
   - FAQ: Logging the ADS Process
   - INSTANT POLL: Your General-Purpose Account
   - Share Your Security Tips

PRODUCTS
   - Discover, Properly Store Sensitive Data
   - Wanted: Your Reviews of Products

RESOURCES AND EVENTS

FEATURED WHITE PAPER

ANNOUNCEMENTS

=== SPONSOR: St. Bernard Software ==============================

Filtering the Spectrum of Internet Threats
   Examine the threats of allowing unwanted or offensive content into
your network and learn about the technologies and methodologies to
defend against inappropriate content, spyware, IM, and P2P.
   http://list.windowsitpro.com/t?ctl=390BB:7EB890

=== IN FOCUS: Alternative Firmware for Wireless APs: DD-WRT ====
   by Mark Joseph Edwards, News Editor, mark at ntsecurity / net

You might recall that some time ago, I wrote about the possibility of
using alternative firmware in your wireless access points (APs). (See
the article at the URL below.) I asked whether you'd like to have more
information about such firmware. The positive response was tremendous,
so this week, I begin a series covering alternative AP firmware.
   http://list.windowsitpro.com/t?ctl=390C7:7EB890

You might want to use alternative firmware for many reasons, the most
popular of which is to gain functionality not present in your
particular APs. Using alternative firmware shouldn't be difficult for
an experienced administrator, but some words of caution are in order.

Make absolutely certain that the firmware you choose works on your
particular hardware. In some cases, you must examine the serial number
on an AP to know this. Follow the installation instructions precisely,
because any simple mistake could render your AP unrecoverable. Read any
related forums regarding your AP firmware of choice before loading the
firmware to learn about incompatibility problems with specific APs or
other possible gotchas. And finally, keep in mind that using
alternative firmware might void your manufacturer's warranty.

Any alternative firmware's support of a given router depends on the
chipset used in that router. That is to say, if the firmware is
designed to run on a particular chipset (such as a particular model
from Broadcom) and your router uses that chipset, then the firmware
might work on your router. But as I said earlier, check for specific
compatibility (including your AP's model number and serial number)
unless you want to experiment and can afford to risk rendering an AP
completely useless.

The first alternative AP firmware that I want to make you aware of is
DD-WRT, which is essentially a mini version of Linux designed
specifically to support wireless APs. Because DD-WRT is based on Linux,
many common tools available for Linux are either already integrated
into the standard firmware package or can be added after installation,
provided that your AP has enough free flash memory to store the tools
and enough RAM to run them.

DD-WRT works on a variety of APs, including some models from ALLNET,
Askey, ASUS, Belkin, Buffalo Technology, Linksys, Motorola, RAVO, and
Siemens. For a complete list, view the DD-WRT wiki page at the first
URL below and read the DD-WRT news for May 11 at the second URL.
   http://list.windowsitpro.com/t?ctl=390C2:7EB890
   http://list.windowsitpro.com/t?ctl=390D6:7EB890

One advantage of using DD-WRT is its support for Remote Authentication
Dial-In User Service (RADIUS) authentication. This feature lets you
consolidate Wi-Fi authentication to a centralized RADIUS server.

DD-WRT also comes with a Secure Shell (SSH) daemon, which can be very
helpful. For example, you can use a standard SSH client to connect to
the router to use its shell and available tools. If you travel and use
open wireless networks, you can also use the SSH daemon to tunnel
traffic securely when you're on the road. Doing so helps prevent snoops
from obtaining sensitive information. See James Strassburg's blog at
the URL below for a example of how to set up a secure tunnel by using
DD-WRT and PuTTY.
   http://list.windowsitpro.com/t?ctl=390BE:7EB890

Another useful feature of DD-WRT is the built-in PPTP client. You can
use the client to connect your AP router directly to any VPN that
supports PPTP. So for example, if you have remote offices with APs, you
can use DD-WRT on one or more of those APs to connect the remote
offices to your central office to access any necessary corporate
resources. At the same time, you can configure DD-WRT so that traffic
not destined for resources on the VPN goes directly to the Internet.

As you might expect, DD-WRT also supports SNMP for management and
monitoring. Other advantages include a built-in Samba client, a
firewall based on Linux ipchains, and Quality of Service (QoS) traffic-
shaping capabilities. And finally, one notable advantage of using DD-
WRT as opposed to some of the other alternative firmware packages is
its Web management interface. The interface is well-designed and very
easy to use, which of course makes administration easier.

=== SPONSOR: iAnywhere =========================================

Extending SMS to Handheld Devices
   Join iAnywhere on September 26th for a webcast on the Afaria SMS
Integration Suite. Recognizing the critical role that mobile and other
distributed technologies play in business today, iAnywhere and
Microsoft have partnered to make the combination of Afaria and Systems
Management Server 2003 the most comprehensive solution on the market
for managing frontline solutions.
   In this session, we'll provide an overview of Afaria's management
and security capabilities with a special focus on how it can be used to
enhance and extend SMS to a wide range of mobile devices.
   http://list.windowsitpro.com/t?ctl=390BC:7EB890

=== SECURITY NEWS AND FEATURES =================================

European Commission Clarifies Its Concerns Regarding Windows Vista
   On the heels of its previous troubles with the European Commission
(EC), Microsoft might again find itself facing difficulty over the
release of Windows Vista, this time regarding the bundling of security
software with the OS.
   http://list.windowsitpro.com/t?ctl=390C5:7EB890

Spammers Step Up Use of Disposable Domains
   According to trend research conducted by security software vendor
McAfee, spammers are cycling through new domains faster than in the
past. While this trend is certainly a boon for domain name registrars,
it is in fact a bane for recipients of email as well as mail system
administrators.
   http://list.windowsitpro.com/t?ctl=390CB:7EB890

Visio Connector for MBSA
   The Visio Connector for Microsoft Baseline Security Analyzer (MBSA)
lets you scan computers and access all MBSA commands and output
directly through Visio. In case you don't already know, Visio is a
drawing program that lets you use stencils to represent the devices in
your network as graphical objects.
   http://list.windowsitpro.com/t?ctl=390CC:7EB890

Recent Security Vulnerabilities
   If you subscribe to this newsletter, you also receive Security
Alerts, which inform you about recently discovered security
vulnerabilities. You can also find information about these
discoveries at
   http://list.windowsitpro.com/t?ctl=390C3:7EB890

=== SPONSOR: Availl ============================================

Ensure Instant Access to Files at Remote Servers/Offices
   Confused by WAFS, Wide Area Mirroring, DFS, WAN acceleration, or
Replication technologies? Do you have remote sites with common data or
file needs? Get a free software trial, and register for the free
seminar.
   http://list.windowsitpro.com/t?ctl=390D2:7EB890

=== GIVE AND TAKE ==============================================

SECURITY MATTERS BLOG: New Tool: ASP Auditor
   by Mark Joseph Edwards, http://list.windowsitpro.com/t?ctl=390D1:7EB890

   If you run servers that use ASP.NET, you might want to test the new
ASP Auditor tool (written in Perl by David Kierznowski) against those
servers. The tool checks for potential security problems. Link to the
tool and some sample output in this blog article on our Web site.
   http://list.windowsitpro.com/t?ctl=390C6:7EB890

FAQ: Logging the ADS Process
   by John Savill, http://list.windowsitpro.com/t?ctl=390CF:7EB890

Q: How do I enable logging for Automated Deployment Services (ADS)
deployments?

Find the answer at
   http://list.windowsitpro.com/t?ctl=390C8:7EB890

INSTANT POLL: Your General-Purpose Account
   Which account do you typically use to do your day-to-day work on
your Windows workstation/laptop/computer?
   - A plain user account
   - The built-in Administrator account
   - Another account with administrative privileges

Submit your vote at
   http://list.windowsitpro.com/t?ctl=390CD:7EB890

SHARE YOUR SECURITY TIPS AND GET $100
   Share your security-related tips, comments, or problems and
solutions in the Windows IT Security print newsletter's
Reader to Reader column. Email your contributions to
r2rwinitsec_at_windowsitpro.com. If we print your submission, you'll
get $100. We edit submissions for style, grammar, and length.

=== PRODUCTS ===================================================
   by Renee Munshi, products_at_windowsitpro.com

Discover, Properly Store Sensitive Data
   Abrevity announced availability of FileData Classifier 2.1 software,
which discovers files that might contain confidential or nonpublic
information, tags those files, and implements policies to migrate them
to the proper storage tiers. FileData Classifier 2.1 now includes
advanced pattern recognition, "target-based" data mining, heuristic
proximity searching, and other features that Abrevity says provide
faster, more accurate, and more scalable searching than other solutions
that use more conventional technologies. For more information, go to
   http://list.windowsitpro.com/t?ctl=390D5:7EB890

WANTED: your reviews of products you've tested and used in
production. Send your experiences and ratings of products to
whatshot_at_windowsitpro.com and get a Best Buy gift certificate.

=== RESOURCES AND EVENTS =======================================
   For more security-related resources, visit
   http://list.windowsitpro.com/t?ctl=390CE:7EB890

Windows Connections Conference
   Now in its seventh year, Windows Connections returns November 6-9,
to Mandalay Bay in Las Vegas. Don't miss your chance to interact with
industry experts and hear the latest information on Windows Server
2003, Windows 2000 Server, and Windows XP Professional! Register and
attend sessions at Microsoft Exchange Connections FREE!
   http://list.windowsitpro.com/t?ctl=390D4:7EB890

ORACLE AND SQL... BETTER TOGETHER?
   Learn about optimizing 64-bit database computing, business
intelligence for SQL Server and Oracle, high-availability proof points
for database computing, and the implications of architectural
differences between Oracle and SQL. Coming to 12 US cities in September
and October. Special price--sign up now for just $49!
   http://list.windowsitpro.com/t?ctl=390C4:7EB890

How will compliance regulations affect your IT infrastructure? Help
design your retention and retrieval, privacy, and security policies to
make sure that your organization is compliant. Download the free eBook
today!
   http://list.windowsitpro.com/t?ctl=390C1:7EB890

Total Cost of Ownership--TCO. It's every executive's favorite buzzword,
but what does it really mean and how does it affect you? In this
podcast, Ben Smith explains how your organization can use
virtualization technology to measurably improve the TCO for servers and
clients.
   http://list.windowsitpro.com/t?ctl=390C0:7EB890

When your systems go down, your users' productivity grinds to a halt.
User downtime is one of the fastest growing concerns among businesses.
This free Web seminar teaches you how to keep your users continuously
connected and your business up and running. View the on-demand Web
seminar now!
   http://list.windowsitpro.com/t?ctl=390BD:7EB890

=== FEATURED WHITE PAPER =======================================

The average enterprise spends nearly $10 million annually on IT
compliance. Download this free whitepaper today to learn how to
streamline the compliance lifecycle and dramatically reduce your
company's compliance costs!
   http://list.windowsitpro.com/t?ctl=390BF:7EB890

=== ANNOUNCEMENTS ==============================================

Discounted Offer for the Windows IT Pro Master CD
   Save 50% off the Windows IT Pro Master CD! Order now and get access
to the entire Windows IT Pro article database on CD. Subscribe now:
   http://list.windowsitpro.com/t?ctl=390C9:7EB890

Get the Windows IT Pro Utility Kit FREE
   SAVE up to $30 on Windows IT Pro and get an exclusive Windows IT Pro
Utility Kit CD FREE with your paid order! You'll also get unlimited
access to the entire online article archive, which houses more than
9000 helpful Windows IT articles. This is a limited-time offer, so
order now:
   https://store.pentontech.com/index.cfm?s=1&promocode=eu2069uw

================================================================

Security UDPATE is brought to you by the Windows IT Pro Web site's
Security page (first URL below) and the Windows IT Security newsletter
(subscribe at the second URL below).
   http://list.windowsitpro.com/t?ctl=390D0:7EB890
   https://store.pentontech.com/index.cfm?s=1&promocode=eu255xsb

Subscribe to Security UPDATE at
   http://list.windowsitpro.com/t?ctl=390CA:7EB890

Be sure to add Security_UPDATE_at_list.windowsitpro.com
to your antispam software's list of allowed senders.

To contact us:
   About Security UPDATE content -- letters_at_windowsitpro.com
   About technical questions -- http://list.windowsitpro.com/t?ctl=390D3:7EB890
   About your product news -- products_at_windowsitpro.com
   About your subscription -- windowsitproupdate_at_windowsitpro.com
   About sponsoring Security UPDATE -- salesopps_at_windowsitpro.com

View the Windows IT Pro privacy policy at
   http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy

Windows IT Pro, a division of Penton Media, Inc.
221 East 29th Street, Loveland, CO 80538
Attention: Customer Service Department

Copyright 2006, Penton Media, Inc. All rights reserved.

_________________________________
Visit the InfoSec News store!
http://www.shopinfosecnews.org
Received on Sep 20 2006

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]