Wireless Network Security Basics 

You've just bought a wireless router so you can use your laptop all over the house. You get it all setup and surprise, surprise it works. Now that should be the end of it right? Wrong. The default setup for wireless networks is setup to get the network up and running but does nothing to protect your network. 

The default setup will let anybody with a wireless network card with in range to connect to your network. If your isp charges you for going over your monthly download limit on your internet access and some one is using your internet access to download tons of stuff, you will get stuck with the bill! Not to mention they could access your files on your computer. More....

Cisco warns of IP PBX security hole
IBM hardware is affected
 
By Phil Hochmuth,   Network World 

Cisco this week released a security bulletin warning of a vulnerability in its IP telephony software running on IBM server hardware. 

he network vendor warned that a default installation of certain Cisco IP telephony software modules on could cause the IBM Director Agent on the servers to run in an insecure state, where TCP/UPD ports are left open, which could result in a system takeover or denial-of-service attack, the company says. 
IBM Director Agent is software that lets users manage IBM servers remotely. The glitch in the Cisco software install leaves port 14247 open on the machine, allowing a Director Server/Console user to gain administrative privileges to the server-based IP PBX without authentication. The vulnerability could also be exploited to launch an application that forces the IBM server CPU to run at 100% utilization, forcing a reboot, according to Cisco. More.... 

An IT Manager’s Insight into Mobile Security 

Security Park

Mobile security is a hot issue, but who is listening? Who really cares? The mere word of security sends most people running. Investing in preventative IT security has never been a very popular topic. Most board directors clam-up and switch off at the words “Your company could be at risk if you don’t invest in XXX technology”. It’s a hard sell for IT managers and it often takes a competitor or themselves to become a victim of crime before they sit up and listen. Users too are very lazy and complacent when it comes to IT security – they don’t value the information they carry around with them and most are just too busy to worry about anything further to complicate their lives. This was made very clear in the Mobile Usage Survey conducted by Infosecurity and Pointsec which found that a third of users don’t both protecting their mobile device with password even though they store highly confidential company and personal information on them including all their other passwords, Pin numbers and bank details.
Surprised by these figures? I doubt it! If you’re an IT manager you’d have been there. In-fact you’re users have probably lost more laptops than you can remember? Surveys show that any large organisation lose between 3-5% of their laptops every year. More....  

Help! I've been Web-jacked!
Spyware can be a problem for even the most savvy Internet users.
By Deborah Radcliff
Network World
On Dec. 22, an Internet investigator got a tip that child pornography was being housed on an adult Web site. When he visited the site to verify the information, he didn't find any illegal images. But what he did find was a Trojan horse that disabled the ActiveX security controls on his browser and took control of it. 
"I heard my hard drive churning and clicked on my task manager and saw three executable programs were installing themselves," says Chris Brandon of Brandon Internet Services. "I knew I was in trouble when I couldn't get my task manager to cancel the programs." 
By the time he checked his registry, the Trojan had installed dozens of programs that replaced the default Web page with its own, and loaded its own IP addresses in his favorite places, short cuts and safe zones. When he tried to erase the programs and reboot the machine, the virus reinstalled. 
This program is a perfect example of spyware gone amok. More.... 

Vulnerabilities

Advisories