- 10 ways the Chinese Internet is different
- Hacker writes rootkit for Cisco's routers
- Verizon snares $678 million federal network deal
- Cisco loses $2 million order to Nortel
- HP buys EDS for $13.9 billion
Hacker writes Cisco rootkit; Microsoft launches online telescope. Listen now!
Wireless dangers at airports. Listen now!
Windows Server 2008 is not intended to be a "one size fits all" solution and Microsoft relies on third-party solutions to enhance and extend Windows Server 2008 to accommodate functions like auditing, backup and recovery. Here, we look specifically at audit and recovery capabilities for Active Directory and learn where Windows Server 2008 toolset leaves off, and where the right third-party solution can provide broader coverage and enhanced management capabilities.
Get the latest on storage technologies that allow IT professionals to better cope with new IT demands. Learn how storage technologies can help you successfully tackle e-Discover, regulatory compliance, green data center initiatives and the data explosion. Get all the details now.
Discover the benefits of paravirtualization in this informative webcast today. This server virtualization-themed webcast not only explores how to improve virtualized server performance, but provides real-world user examples, explains how to optimize workloads and discusses the future of server virtualization. Focus on only the themes that interest you or watch all six consecutively for a full picture of how you can lower your costs significantly through consolidation and virtualization. Register below to learn more and be entered to win an Archos 605 Portable Media Player.
Two "special needs" in bed together. What a laugh- Anonymous
Recently, I was helping a customer with a wireless rollout when the person in charge of security pulled a set of requirements out of his back pocket. The goal of this wireless network was to support guest users - people who had come into the building for a meeting or short project. The security requirements started with "disable Service Set Identifier advertisement" and "use 128-bit WEP." I rolled my eyes.
"What's the point of this?" I asked. "These are best practices," the security person replied, gesturing toward the thick stack of white papers, articles and Web postings he had downloaded off the Internet. After all, if 50 security people are writing the same thing, you begin to believe it's the right thing to do.
Unless, of course, it's not. And that's the problem with this type of advice. We have way too many people writing as wireless security experts and way too few actually thinking about wireless security. We also have way too few keeping up with the changes in the technology and how we use it. This problem isn't unique to wireless security - it extends to every aspect of how we do security and design networks.
What happens is that early thinking on how to build security becomes codified as law, largely by people who gather most of their knowledge by doing Google searches and writing white papers based on what other people already have said. SSID hiding is a great example. This was an interesting idea before the AirJack folks demonstrated how stupid it was - back in 2002. Nevertheless, people continue to pick up this same bit of lame advice and offer it as a primary requirement for secure wireless.
Yeah, SSID hiding does provide security - job security for your help desk staff, which will be continually explaining to people how to spell your SSID and enter Wired Equivalent Privacy (WEP ) keys. Let's not even get started on WEP. As Network World demonstrated last year, even brand-new wireless access points cannot be trusted to be free of defects. The solution is to abandon WEP and use a security technology that doesn't have the problems WEP does - 802.11i, also called WPA2.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com The Industry Standard IDG List Services |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
