Full of I.T.

Kevin Remde's IT Pro WebLog

April-June 2006 – TechNet Event Resources

Kevin’s TechNet “Fuel”
Event Resources – April-June, 2006

 

Don’t forget to register and USE your Event DVD! 

 

E-mail Technical Questions: Kevin Remde – Kevin.Remde@microsoft.com

 

Kevin’s Blog “Full of I.T.” – Additional Resources and Discussion

http://blogs.technet.com/kevinremde

 

Feedback E-mail to my boss: Melanie Brunnermbrunne@microsoft.com

 

Future Live, In-Person Event Information

TechNet (for IT Pros): http://www.technetevents.com/kevinremde

MSDN (for Software Developers): http://www.MSDNEvents.com

Microsoft Across America: http://www.microsoft.com/acrossamerica

 

TechNet Events Bloggers – http://techneteventsbloggers.net

(Add your blog, or subscribe to IT Pro focused blog postings)

 

Microsoft Learning – Training Resources

http://www.microsoft.com/learning

http://www.microsoft.com/learning/books/ITPro

 

Microsoft TechNet

http://www.microsoft.com/technet

 

TechNet Community Site

http://www.microsoft.com/technet/community

 


Session I – Implementing Security for Wireless Networks

 

Wireless Network
Solution

Typical
Environment

Additional Infrastructure
Components Required?

Certificates Used
for Client Authentication

Passwords Used
for Client Authentication

Typical Data
Encryption Method

Wi-Fi Protected Access with Pre-Shared Keys (WPA-PSK)

 

Small Office/Home Office ( SOHO)

 

Small Office/Home Office ( SOHO)

 

NO

 

YES

Uses WPA encryption key to authenticate to network

 

WPA

 

Password-based wireless network security

 

Small to medium organization

 

Internet Authentication Services (IAS)

Certificate required for the IAS server

 

NO

However, a certificate is issued to validate the IAS server

 

YES

WPA or Dynamic WEP

 

Certificate-based wireless network security

 

Medium to large organization

 

Internet Authentication Services (IAS)

Certificate Services

 

YES

 

NO

Certificates used but may be modified to require passwords

 

WPA or Dynamic WEP

 

 

 

Securing Wireless LANs with Certificate Services

http://www.microsoft.com/technet/security/prodtech/windowsserver2003/pkiwire/swlan.mspx?mfr=true

 

“Securing Wireless LANs with PEAP and Passwords”

http://www.microsoft.com/technet/security/topics/cryptographyetc/peap_0.mspx

 

WPA Wireless Security for Home Networks

http://www.microsoft.com/windowsxp/using/networking/expert/bowman_03july28.mspx

 

“Advantages of Protected Extensible Authentication Protocol (PEAP)”

http://www.microsoft.com/technet/itsolutions/network/wifi/peap.mspx

 

Security of the WEP Algorithm

http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html

 

IEEE 802.11 Wireless LAN Security with Microsoft Windows XP – Document Download

http://www.microsoft.com/downloads/details.aspx?FamilyID=67fdeb48-74ec-4ee8-a650-334bb8ec38a9&DisplayLang=en

 

Tools for scanning for and dealing with rogue Wireless Access Points:

AirDefense Enterprise

http://www.asl-airdefense.co.uk/products/enterprise_overview.php

 

AirMagnet Enterprise

http://www.fetest.com/products/distributed/index.cfm?Prod=30

 

CAPICOM – Platform SDK Redistributable Tool Download:

http://www.microsoft.com/downloads/details.aspx?FamilyID=860ee43a-a843-462f-abb5-ff88ea5896f6&DisplayLang=en

 

PKI Enhancements in Windows XP Professional and Windows Server 2003

http://www.microsoft.com/technet/prodtechnol/winxppro/plan/pkienh.mspx

 

 

Session II – Responding to Computer Attacks

 

Howard, John D. “A Common Language for Computer Security Incidents” 1998.

http://www.cert.org/research/taxonomy_988667.pdf

 

The Bad Boys of Cyberspace

http://www.rider.edu/suler/psycyber/badboys.html

 

Great Security and Incidence Response Book Titles:

http://www.securitybooks.org/incident-response

 

CERT’s Virtual Training Environment (VTE)

http://www.sei.cmu.edu/products/courses/courses.html#VTE

https://www.vte.cert.org

 

Microsoft Security Response Center (MSRC)

http://www.microsoft.com/security/msrc

 

The Microsoft Security Response Center (MSRC) blog

http://blogs.technet.com/msrc/