QODS ec

Tuesday, June 29, 2004

SEC: SANS NetworkBits -- June 25, 2004 -- Vol. 1, Num. 11

***********************************************************************
SANS NetworkBits June 25, 2004 Vol. 1, Num. 11
***********************************************************************

NEWS

-- Most Americans and Canadians Clueless About VoIP
-- NYC Seeks Contractors for Massive Wireless Network
-- Wi-Fi Launches Battle Between Airlines and Airports
-- Established Telcos and Cablecos Will Lead with VoIP
-- Intel to Provide Chinese Cities with WiMax

STANDARDS

-- IEEE to Vote on 802.11i Final Specification
-- WiMax: Making Strides
-- U.S.A.: Justice Dept. Asks for VoIP Regulations
-- Metro Ethernet to Get New Set of Standards

VULNERABILITIES

-- Verizon Has Problems with 911 Calls

PRODUCTS

-- Cisco Launches NAC Support Products
-- Juniper Launches J-Series WAN Routers
-- New WAN Monitoring Tools Launched

TELECOM NEWS

-- BT Extends ADSL Trials
-- Ireland Gov't Wants 3G Phone Registry
-- Alliance Works Toward Mobile/Fixed-Line Convergence

ISP NEWS

-- China Asks ISPs for Show of Patriotism
-- AOL France Loses Lawsuit
-- Telstra Announces Major Network Upgrade
-- WAIA Says Telstra Undermining ISPs

TUTORIAL

-- Securing Public-Access WiFi
-- How Do You Know if Your Network is Working?

WHITE PAPER

-- Security and Vulnerability Analysis of an Ethernet-based attack on Cisco

OPINION

-- Get to Know Your ISP
-- The Good Old Days
-- SSL VPNs: Complexity for a Simpler Life

HOW'S BUSINESS

STOCK QUOTES

******************* Sponsored by SANS SCHOOL STORE ********************

Check out our School Store for recently released books on Business Law,
Solaris Securing Solaris, Computer Security Incident Handling and
exclusive books and merchandise. Also, check out our section on
recommended books written by SANS faculty, PDF samples on our
Step-By-Step Guides, and current specials on Oracle Security, 7-Pack
Guides, and T-shirts. For more information go to
https://store.sans.org/

***********************************************************************
This Week's Featured Security Training Program:

Just two weeks until SANS' largest Summer Conference:

SANSFIRE 2004
Monterey, CA, July 5-13,2004

SANSFIRE offers you 14 immersion training tracks in one of the most
beautiful and romantic places in America. Phenomenal training for
auditors who want to master the challenges of security auditors, for
managers who want to build a great security program, for security
beginners who want to get a fast start, and, of course, the only place
to go for technologists who want to master the most current methods for
protecting systems and networks. SANSFIRE also offers lots of evening
programs, extra one-day classes ranging from security business law to
cyberwarrior training, and vendor exhibits, too.

Register soon to get a seat at your choice of courses.
http://www.sans.org/sansfire2004

***********************************************************************

NEWS

-- Most Americans and Canadians Clueless About VoIP
(21 June 2004)
A survey conducted by Ipsos-Insight, a marketing research firm,
concluded that VoIP providers need to educate consumers in Canada and
the United States about the benefits of broadband telephony. In the
U.S., more than fifty percent of the respondents have no idea what VoIP
is; of the Canadian respondents, only twenty-five percent had any
knowledge of VoIP. According to Lynne Bartos, Ipsos-Insight vice
president, the confusion over VoIP is partly the fault of the providers.
She states that "Providers are throwing around competing and conflicting
terminology and marketing campaigns when all consumers want at this
point are the basics."
http://www.theregister.co.uk/2004/06/21/voip_research/

-- NYC Seeks Contractors for Massive Wireless Network
(21 June 2004)
The city of New York is in the first steps of building a public safety
wireless network, which, according to Gino Menchini, commissioner of New
York City's Department of Information Technology & Telecommunications,
is "the most challenging and most comprehensive" wireless project he
knows about. The network, when completed, will allow the city's police
department, fire department and emergency medical service access to
essential information such as a building's floor plans or fingerprint
databases using their mobile phones. Menchini expects to award
contracts to several contractors for three-month pilot projects some
time in the near future.
http://www.computerweekly.com/articles/article.asp?liArticleID=131436

-- Wi-Fi Launches Battle Between Airlines and Airports
(18 June 2004)
A battle is brewing between airlines and airports over the unlicensed
wireless spectrum used for a variety of applications. The Wi-Fi network
at Logan International Airport in Boston will shortly go airport-wide,
at which time airlines and their passengers will have to pay to use the
network. According to Barbara Platt, a spokeswoman for the
Massachusetts Port Authority, airlines have no choice but to pay since
they use WiFi networks to support key applications such as bag tracking.
The Industrial Telecommunications Association (ITA), whose members
include airport Wi-Fi users such as United, filed with the Federal
Communications Commission in March seeking a declaratory ruling against
the airports' attempts to regulate the unlicensed spectrum.
http://www.computerworld.com/printthis/2004/0,4814,93945,00.html

-- Established Telcos and Cablecos Will Lead with VoIP
(14 June 2004)
Published research maintains that thirty percent of homes in the U.S.
and the U.K. could be using Voice over Internet Protocol (VoIP).
Researchers at Mercer Management Consulting predict that it will be an
uphill battle for small start ups such as Vonage and Skype to compete
with established telcos and cablecos which already have a significant
client base.
http://www.theregister.co.uk/2004/06/14/voip_research_mercer/

-- Intel to Provide Chinese Cities with WiMax
(11 June 2004)
An agreement to develop wireless broadband networks for two Chinese
cities has been signed by the Chinese government and Intel. The two
cities, Dalian, in the north-east with a population of 5.9 million, and
Chengdu, in the south-western region with a population of ten million,
are to have networks using WiMax wireless technology based on the 802.16
standard and its derivatives.
http://news.zdnet.co.uk/communications/wireless/0,39020348,39157442,00.htm

************************** SPONSORED LINKS ****************************
Privacy notice: These links may redirect to non-SANS web pages.

(1) Are you wondering what all needs to be done once a computer
incident happens? Get guidance from
http://www.sans.org/info.php?id=492

(2) Looking for a way to secure your network communications?
Have a look at:
http://www.sans.org/info.php?id=493

(3) Are you interested in the legal implications of computer security?
Check out:
http://www.sans.org/info.php?id=494

***********************************************************************

STANDARDS

-- IEEE to Vote on 802.11i Final Specification
(23 June 2004)
An update to the current standard for Wi-Fi security, the final
specification for 802.11i is to be voted on by the IEEE standards board.
The update will add the Advanced Encryption Standard (AES) security
protocol to the 802.11 standard for wireless LANS. AES has been
designated the security standard for wireless networks that carry
government information by the National Institute of Standards and
Technology. Starting in September the Wi-Fi Alliance will begin
certifying products for 802.11i compliance.
http://www.nwfusion.com/news/2004/0623ieee.html

-- WiMax: Making Strides
(17 June 2004)
Broadband to homes and businesses has so far resisted going wireless due
to the cost, complexity and proprietary systems. WiMax, an emerging
standard-based set of technologies may change that. The WiMax Forum,
an industry group promoting the adoption of 802.16, will begin
certifying interoperable products by year-end. Vendors and service
providers believe that with a standard, the development costs of WiMax
will be less and allow for better competition.
http://www.computerworld.com.au/index.php?id=396423516&eid=-255
Related Article: Regional Broadband Telcos Taken By Storm
http://www.computerworld.com.au/index.php?id=540850864&eid=-255
Related Article: Intel and Proxim get serious about WiMax
http://www.computerworld.com.au/index.php/id;1457932256;fp;4;fpid;78268965

-- U.S.A.: Justice Dept. Asks for VoIP Regulations
(16 June 2004)
Speaking before the Senate Commerce Committee, Justice Department Deputy
Assistant Attorney General Laura Parsky asserted that if the government
decided to exempt Internet-based phone calls (Voice over Internet
Protocol (VoIP)) from traditional telephone regulations, it would result
in making it harder to monitor these calls and hinder the anti-terrorist
efforts. She also asserted that a bill sponsored by Sen. John Sununu
(R-N.H.) might exempt VoIP calls from a 1994 wiretap law covering calls
and other advanced phone services. "I am here to underscore how very
important it is that this type of telephone service not become a haven
for criminals, terrorists and spies," maintains Parsky. However,
despite her impassioned pleas, the members of the Committee informed the
Justice Department they needed to show the existence of a problem before
new regulations could be imposed on it. Senator Ron Wyden (D-Oregon)
stated, "You [the Justice Department] are looking for a remedy for a
problem that has not been documented."
http://www.cnn.com/2004/TECH/internet/06/16/telecoms.voip.reut/index.html

-- Metro Ethernet to Get New Set of Standards
(16 June 2004)
Ethernet, the predominant technology used to connect computers on a
corporate network, can also allow carriers to connect multiple corporate
networks together in a metropolitan area network. In an effort to make
it possible for carriers to offer Ethernet services over their existing
networks, the International Telecommunications Union (ITU) has
introduced a new set of standards. According to Stephen Trowbridge,
vice chairman of the study group working on the ITU standard, "It can't
matter whether you have a Nortel box on one end and an Alcatel or Lucent
box on the other. Carriers need standards."
http://zdnet.com.com/2100-1104_2-5235847.html
Related Article: Cisco Expands Metro Ethernet Offering
http://zdnet.com.com/2100-1103_2-5143601.html

VULNERABILITIES

-- Verizon Has Problems with 911 Calls
(17 June 2004)
According to Jeffrey Nelson, spokesman for Verizon Wireless, the
interruption of calls to 911 emergency services is a recently discovered
glitch in technology used to pinpoint a caller's location. The glitch
only occurs in certain locations where it is challenging for Global
Positioning Systems (GPS) satellites to communicate with mobile
networks, states Fran Malnati, executive director for regulatory matters
at Verizon Wireless. Verizon is working on solving the problem.
http://www.computerworld.com/managementtopics/outsourcing/isptelecom/story/0,10801,93883,00.html

PRODUCTS

-- Cisco Launches NAC Support Products
(21 June 2004)
Cisco Systems Inc.'s Network Admission Control (NAC) program, announced
in November 2003, now has several new routing products and software to
support it. Cisco's 830 to 7200 series routers running the company's
Internetwork Operating System Version 12.3(8)T or higher now support the
NAC program. Among the new products is the Cisco Trust Agent Version
1.0 which has been integrated with the Cisco Security Agent, a software
client for several server and desktop operating systems. The product
collects information from other security software clients, including
antivirus clients, and relays that information to Cisco devices on the
network. According to Zeus Kerravala, vice president, enterprise
infrastructures research and consulting at The Yankee Group, "Cisco's
NAC architecture could eventually be the foundation for industry-wide
technology standards for integrated network security."
http://www.infoworld.com/article/04/06/21/HNciscocontrol_1.html
Related Article: Cisco set to unleash security plan
http://www.computerworld.com.au/index.php?id=506276580&eid=-255

-- Juniper Launches J-Series WAN Routers
(21 June 2004)
Juniper Networks, who in April acquired NetScreen resellers, a
specialist security appliance manufacturer, has launched four new
products, the J-Series, intended to fit in with NetScreen's old channel.
The new products include three WAN routers and a combined firewall and
Digital Subscriber Line (DSL) router. According to Benjamin Ellis,
Juniper's head of product marketing, the new J-Series WAN routers use
Juniper's JUNOS operating system. The J-Series, intended for
mission-critical networks, is intended to take on Cisco's dominant
position in the WAN routing CPE market.
http://www.vnunet.com/news/1156023

-- New WAN Monitoring Tools Launched
(21 June 2004)
There are few comprehensive monitoring tools for wide-area networks
(WANs), especially at the application level. However, NetQoS Inc. is
adding two appliances, SuperAgent and Reporter Analyzer to those few
tools. SuperAgent watches TCP and other traffic and measures response
time based on real end-user traffic, as well as allowing bulk import of
subnets via text files. The second appliance, the Report Analyzer, has
several unique features including its ability to send e-mail alerts when
users reach specified thresholds. Both products produce attractive
reports complete with appropriate graphs.
http://www.fcw.com/fcw/articles/2004/0621/tec-review-06-21-04.asp

TELECOM NEWS

-- BT Extends ADSL Trials
(18 June 2004)
British Telecom (BT) has expanded its Asymmetric Digital Subscriber Line
(ADSL) long-distance broadband trial to include two rural districts in
Scotland, Fort William and Dingwall. The two Scottish districts will
join Milton Keynes, a British district. According to a BT spokesman,
"Milton Keynes will give us the data we need but, because the aim is to
see if ADSL can be used by remote areas, it was decided to add [Fort
William and Dingwall] to the trials. The Milton Keynes trail started on
June 1, 2004; Scottish trials will begin on July 1, 2004). Testing will
go until the end of September.
http://www.networkitweek.co.uk/news/1155988

-- Ireland Gov't Wants 3G Phone Registry
(16 June 2004)
Dermot Ahern, Irish minister for communications, announced earlier this
month, a government plan to establish a National Register for
third-generation (3G) mobile phones in an effort to fight their use by
pedophiles. While he acknowledged that it was too late to track a
Global System for Mobile Communications (GSM) second-generation (2G)
phone or a General Packet Radio Service (GPRS) phone, he pointed out
that since the 3G phones will not be available until the end of the
year, it will be possible to set up the registry prior to their
availability on the market. All three generations of mobile phones have
always-on Internet access, however, the 3G mobile phones do it at a
higher data rate, 384 Kbps. Joan Keating, chair of the Irish Cellular
Industry Association and head of corporate communications at Ireland's
largest mobile network, Vodafone Ireland, asserts, "Current phones have
the capacity to do everything a 3G phone can; 3G just does it faster."
Privacy advocates and other critics of the National Register question
both the effectiveness of such a registry as well as the real motivation
for its creation.
http://www.wired.com/news/privacy/0,1848,63780,00.html

-- Alliance Works Toward Mobile/Fixed-Line Convergence
(14 June 2004)
The Fixed-to-Mobile Convergence Alliance, a group of global telcos, is
working to develop next-generation voice services that would consist of
a convergence of mobile and fixed-line services to allow for the routing
of voice traffic through the cheapest available local infrastructure.
While acknowledging the benefits of fixed-mobile convergence, Angel
Dobardziev, senior analyst Ovum, points out that implementing such
services will not be easy. He notes, "Different networks and different
operators employ different standards and technologies, so getting to the
stage where they can transfer calls between each other's infrastructures
seamlessly is problematic."
http://www.networkitweek.co.uk/news/1155878

ISP NEWS

-- China Asks ISPs for Show of Patriotism
(21 June 2004)
Internet service providers (ISPs) in China are being asked by the China
Internet Association, a government-run industry group, to show their
patriotism by signing a "self-discipline pact" promising to not spread
information "threatening the national security, social stability or
containing superstitious or erotic content." The Chinese government
already requires internet firms to monitor their on-line content and to
halt any content critical of the central government.
http://australianit.news.com.au/articles/0,7204,9909126%5E15306%5E%5Enbv%5E,00.html

-- AOL France Loses Lawsuit
(21 June 2004)
Judges of the French court in Nanterre have ruled against AOL France in
a lawsuit filed by the French consumer association UFC Que Choisir
maintaining that several clauses in AOL's subscriber contracts were
"abusive" or "illegal." Judges have given AOL France one month to
remove 31 clauses from its consumer contracts or face a fine of EUR
1,000 a day. In addition, the company has to pay Que Choisir EUR 30,000
in damages and legal costs. AOL France is appealing the decision.
According to a Que Choisir lawyer, the AOL lawsuit was part of a study
into getting contracts cleaned up. They have also filed suit against
Free, Neuf Telecom, Tiscali and Wanadoo.
http://networks.silicon.com/broadband/0,39024661,39121550,00.htm

-- Telstra Announces Major Network Upgrade
(22 June 2004)
Telstra's chief executive, Ziggy Switkowski, announced the company's
plan to take its first step in its plan to replace its aging copper
network with fibre-optic lines by issuing a USD 300 contract in about a
week. The contract may go to a single contractor or be split between
Alcatel, Siemens and Marconi. According to Switkowski, "The details on
how we are going to get from where we are today to a future that is
progressively going to be all fibre" will be introduced next month at a
major presentation to investors given by Ted Pretty, Telstra's
technology, innovation and products group managing director.
http://australianit.news.com.au/articles/0,7204,9915241%5E15326%5E%5Enbv%5E15306-15318,00.html

-- WAIA Says Telstra Undermining ISPs
(18 June 2004)
An Internet association, the Western Australia Internet Association
(WAIA) has issued a statement placing the blame for the drop in new
accounts for Internet services providers on Telstra's broadband price
cut in February. The statement asserted ISPs are "afraid of being
driven out of the market by the Telstra's anti-competitive behaviour."
Charles Warner of Concept Networks, who has had his new accounts drop
from 60-70 per week to about 10, has charged Telstra with abusing its
power of advertising to profitable, lower usage customers which are
essential to an ISP to subsidize their high usage customers.
http://www.zdnet.com.au/news/business/0,39023166,39150786,00.htm

TUTORIAL

-- Securing Public-Access WiFi
The Wireless Wizards, T.K. "Ranga" Rengarajan, Pronto Networks, Dan
Simone, Trapeze Networks, and Chantry Networks answer the questions;
What is the best approach to securing public access WiFi? And what is
needed to accomplish this?
http://www.nwfusion.com/columnists/2004/0621wizards.html

-- How Do You Know if Your Network is Working?
The tutorial examines the need for formal industry standards for
measuring and verifying IT network performance and how that impacts the
assessment of the networks performance (UNE-P).
http://www.nwfusion.com/columnists/2004/062104johnson.html

WHITE PAPER

-- Security and Vulnerability Analysis of an Ethernet-based attack on Cisco
By Robert L. Foxworth
Foxworth examines the July 2003 Denial of Service attack on Cisco
routers and develops a test regimen utilizing two Cisco routers from the
2500-series class, IP-based network traffic devices, a hardware-based
Ethernet traffic generator, Ethernet packet capturing devices and
support devices with the goal of developing additional information about
the type and behavior of the vulnerability. The paper consists of a
narrative, details and other reference and supporting information.
http://www.sans.org/rr/papers/index.php?id=1407

OPINION

-- Get to Know Your ISP
This article examines the question to what extent should your ISP be
able to decide which on-line content you can see and can't see.
http://networks.silicon.com/webwatch/0,39024667,39121207,00.htm

-- The Good Old Days
The opinion piece looks at the Court of Appeals ruling against the
Federal Communications Commission which resulted in states having the
authority to regulate unbundled network element pricing (UNE-P)
http://www.nwfusion.com/columnists/2004/062104johnson.html

-- SSL VPNs: Complexity for a Simpler Life
The paper looks into the complexity of Secure Sockets Layer VPNs and the
difficulties with their installation, despite how easy vendors make it
look.
http://www.nwfusion.com/columnists/2004/062104tolly.html

HOW'S BUSINESS

-- ALCATEL

Vimpelcom To Get Alcatel Equipment Worth $6 Mln For Nets
http://www.gateway2russia.com/st/art_243985.php

Alcatel President And COO Philippe Germond To Visit Taiwan
http://www.digitimes.com/NewsShow/Article.asp?datePublish=2004/06/21&pages=A6&seq=35

Thomson Acquires Alcatel Shareholding in Nextream
http://www.tmcnet.com/usubmit/2004/Jun/1049764.htm

Alcatel Expands Vodafone Ireland's 3G Network
http://www.3gnewsroom.com/3g_news/jun_04/news_4603.shtml

Neuf Says Oui to Alcatel
http://www.lightreading.com/document.asp?site=lightreading&doc_id=54646

Alcatel Powers The Launch Of Sony Network Services' StreamMan
http://www.edubourse.com/finance/actualites.php?idActus=14838

Alcatel Wins PanAmSat Contract for Galaxy 17
http://www.edubourse.com/finance/actualites.php?idActus=14799

-- CISCO

Nortel Stock Rallies on Talk of Cisco Bid
http://www.cbronline.com/currentnews/7ffb421e1f2b06d580256eba0032e32f

Cisco to Purchase Procket Networks
http://www.dvhardware.net/article2711.html

Crane lifts Cisco resellers with 5i partnership
http://www.vnunet.com/news/1156056

Cisco, Trend Micro Extend Network Security Ties
http://www.asiacomputerweekly.com/acw_ViewArt.cfm?Magid=1&Artid=24106&Catid=2&subcat=14

Cisco Set To Cash In On Net Calls
Internet telephony expected to yield $1 billion in sales

-- NORTEL

Nortel Stock Rallies on Talk of Cisco Bid
http://www.cbronline.com/currentnews/7ffb421e1f2b06d580256eba0032e32f

UTS Selects Nortel To Build Advanced Broadband Network
http://www.americasnetwork.com/americasnetwork/article/articleDetail.jsp?id=99431

Nortel Leads Telephony Sales
http://www.vnunet.com/news/1156031

Nortel Urges Users To Develop A Taste For SIP
http://www.vnunet.com/news/1156051

Nokia, Nortel May Bag BSNL Deal
http://www.americasnetwork.com/americasnetwork/article/articleDetail.jsp?id=99435

-- SYMANTEC

Symantec Hits Counterfeit Biz For $3.2m
http://www.theregister.co.uk/2004/06/21/symantec_pirates/

Symantec Puts SMB Security In A Box
http://www.arnnet.com.au/index.php/id;680477900;fp;16;fpid;0

Interview: Symantec's John Thompson Talks About Big Picture Security
http://www.infoworld.com/article/04/06/16/HNjwtqa_1.html

-- MISCELANEOUS

Juniper Expects More Demand For Web Security Products
http://www.americasnetwork.com/americasnetwork/article/articleDetail.jsp?id=99434

Network Associates updates IPS products
http://www.cpilive.net/news_ver2/inside.asp?wherefrom=search&newsitem=621200461855AMRESELLER+WORLD+ME.htm&channel=RESELLER+WORLD+ME

Network Associates announces new intrusion prevention solutions
http://www.integratedmar.com/ecl-usa/story.cfm?item=18400

STOCK QUOTES

15.04 Alcatel UP 0.16
23.68 Cisco DOWN 0.29
23.16 Juniper DOWN 0.19
17.66 Network Assoc. DOWN 0.06
04.77 Nortel DOWN 0.02
41.74 Symantec UP 0.44
26.49 Tipping Pt. UP 0.76

==end==

NetworkBits Editorial Board:
Aminah Grefer, Roland Grefer, Steve Lewis, Stephen Northcutt, Arrigo Triulzi

To submit comments, additional news items or other information you would
like to share with us, please send an email to NetworkBits@sans.org.

Please feel free to share this with interested parties via email, but
no posting is allowed on web sites. For a free subscription, (and for
free posters) or to update a current subscription, visit
http://portal.sans.org/

An archive of past issues of the NetworkBits newsletter is available at
http://www.sans.org/newsletters/networkbits

The NetworkBits newsletter is also available as a RSS feed at
http://www.sans.org/newsletters/networkbits/rss

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (Darwin)

iD8DBQFA24gq+LUG5KFpTkYRAkw1AJ9S4XfxBxKeMQpv4KBwTWPaqnpF4QCggaoy
HigsQFZZ08NJz+XDOnc/tKM=
=Xo2T
-----END PGP SIGNATURE-----

0 Comments:

Post a Comment

<< Home


Get Firefox!