NETWORK WORLD NEWSLETTER: CURRID & COMPANY'S TECHNOLOGY EXECUTIVE 11/29/04
Dear [EMAIL PROTECTED], In this issue: * Your wireless AP could be at risk from unauthorized users * Links related to Technology Executive * Featured reader resource _______________________________________________________________ This newsletter is sponsored By BMC Software Linking IT Priorities to Business Objectives, an IDC whitepaper. Get insights from IDC on aligning business goals and IT priorities. IDC offers practical, actionable information on how Business Service Management can help you reduce operating costs, improve service levels, respond faster to business needs and protect delivery of business-critical. Click here to download this whitepaper now. http://www.fattail.com/redir/redirect.asp?CID=88775 _______________________________________________________________ Hold what the future holds Right there, in your hands, 70 of the world's most promising new technologies. Investment or deployment - you get the first shot. This is why executives, analysts, VCs and journalists come back time and again. To see. To touch. To harvest. Register Today http://www.fattail.com/redir/redirect.asp?CID=89236 _______________________________________________________________ Today's focus: Protect your wireless AP from war drivers By Michael Day If you haven't heard the name Nicholas Tombros before, you are not alone; I hadn't either. Tombros has the dubious honor of being the first spammer convicted under federal law and the first convicted war spammer in U.S. history. The term "war spammer" is a concatenation of two terms: war driver and spammer. A war driver is someone who drives around looking for unprotected wireless access points (AP) and uses them to connect to the Internet. A war spammer is someone who drives around looking for wireless APs that are unprotected and takes advantage of that free access to send out spam. Tombros' charges are covered under a provision of the CAN-SPAM Act that prohibits breaking into someone else's computer to send spam. No Trojans, no zombie PCs - he just used the public airwaves to connect to unsecured access points to send out his spam. The scene of these events was in a residential neighborhood in southern California, but it could happen anywhere. War drivers don't limit themselves to neighborhoods; they also cruise office parks, college campuses, and even parking lots and garages near large corporations, laptops at the ready. The dangers of this occurring at your organization are much greater than just being the unwitting accomplice to a spammer. There are software tools commonly available that would allow potential ne'er-do-wells to read your e-mail, access your network and everything on it, and even log everything you do on the Internet. And if your ISP found you to be the source of spam, it would most likely shut you off immediately and ask questions later. How serious is the problem? There is a group known as the WorldWide WarDrive (WWWD) that consists of volunteers armed with wireless-network-detection software and GPS receivers. Over the course of a week, the volunteers drive around mapping all the networks they can find and compile statistics that reveal where the wireless networks are and which ones are unprotected. Luckily, WWWD's members aren't malicious; they're just trying to get the message across to network managers about how serious a problem wireless security has become. This year's search, which ended June 19, was the fourth year the WWWD has done its survey. The volunteers were able to locate 228,537 APs, of which about 38% had basic encryption enabled. That's up from last year's survey, which revealed a 32% encryption rate, but it means there are still an alarmingly large number of unprotected APs still out there. So what can you do to avoid being a victim of a war driver/war spammer? The FBI provides the following advice: * Enable the Wireless Protected Access (WPA) or Wired Equivalent Privacy (WEP) encryption and other security options provided by the wireless access point's manufacturer and change the key periodically. * Change the default Service Set Identifier network name and make sure your wireless access points don't continually broadcast the SSID. The device's software should provide a way to do so. * If you haven't already done so, change your router administration account name and password. * Activate the Media Access Control (MAC) Address filtering feature of your router. * Make sure your computer has an up-to-date operating system with all the current patches and service packs, virus protection, and a personal firewall (preferably a software firewall and hardware-based router/firewall). The last recommendation is a good fit for both wired and wireless connections to the Internet and should be part of your company's standard operating procedure. Wireless networks are a boon to productivity, both at home and in the office, but along with the convenience comes the responsibility to secure your network. Not only will you be protecting your own assets, you just might be saving the rest of us from more spam. Michael Day is CTO at Currid & Company. You can write to him at <mailto:[EMAIL PROTECTED]> RELATED EDITORIAL LINKS WorldWide WarDrive http://www.worldwidewardrive.org/ FBI: Internet security in a wireless world http://www.fbi.gov/page2/nov04/warspammer111004.htm Plea deal in "war spamming" prosecution http://www.securityfocus.com/news/9453 Confessions of a war driver http://www.nwfusion.com/nltechexec857 _______________________________________________________________ To contact: Currid & Company Currid & Company <http://www.currid.com/> researches information technology and how it can change the rules of business. Analysts focus on emerging technologies and methods by which organizations can obtain the best results from these innovations. Currid & Company offers consulting services to computer industry and corporate clients to help define and fulfill the potential of these exciting technologies. To learn more about emerging technologies that affect your business and your life, visit Your Digital Minute <http://www.yourdigitalminute.com/> , brought to you by Currid & Company. _______________________________________________________________ This newsletter is sponsored By BMC Software Linking IT Priorities to Business Objectives, an IDC whitepaper. Get insights from IDC on aligning business goals and IT priorities. IDC offers practical, actionable information on how Business Service Management can help you reduce operating costs, improve service levels, respond faster to business needs and protect delivery of business-critical. Click here to download this whitepaper now. http://www.fattail.com/redir/redirect.asp?CID=88774 _______________________________________________________________ ARCHIVE LINKS Archive of the Technology Executive newsletter: http://www.nwfusion.com/newsletters/techexec/index.html _______________________________________________________________ Steps for consolidating SAN islands around multi-service directors This on-demand webcast "SAN Consolidation, Reduce Costs and Simplify Management" illustrates how SAN consolidation is the fundamental first step toward future architectures such as on-demand and real-time computing. http://www.fattail.com/redir/redirect.asp?CID=89237 _______________________________________________________________ FEATURED READER RESOURCE DOWNLOAD INDUSTRY WHITE PAPERS NOW NW Fusion's White Paper Library is your source for the latest industry white papers. Recent additions to the library include white papers on securing remote access, VOIP and productivity, domain name system best practices, WLAN security, IT documentation and much more. Click here to download: <http://www.nwfusion.com/vendorview/whitepapers.html> _______________________________________________________________ May We Send You a Free Print Subscription? You've got the technology snapshot of your choice delivered at your fingertips each day. Now, extend your knowledge by receiving 51 FREE issues to our print publication. Apply today at http://www.subscribenw.com/nl2 International subscribers click here: http://nww1.com/go/circ_promo.html _______________________________________________________________ SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World e-mail newsletters, go to: <http://www.nwwsubscribe.com/Changes.aspx> To unsubscribe from promotional e-mail go to: <http://www.nwwsubscribe.com/Preferences.aspx> To change your e-mail address, go to: <http://www.nwwsubscribe.com/ChangeMail.aspx> Subscription questions? Contact Customer Service by replying to this message. This message was sent to: [EMAIL PROTECTED] Please use this address when modifying your subscription. _______________________________________________________________ Have editorial comments? Write Jeff Caruso, Newsletter Editor, at: <mailto:[EMAIL PROTECTED]> Inquiries to: NL Customer Service, Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 For advertising information, write Kevin Normandeau, V.P. of Online Development, at: <mailto:[EMAIL PROTECTED]> Copyright Network World, Inc., 2004 ------------------------ This message was sent to: [EMAIL PROTECTED]
