Security UPDATE--OpenWRT Firmware for Wireless APs--October 4, 2006

This Linux-command-based solution has a small footprint but no GUI. Learn also about the Opera@USB portable Web browser, and get links to other security news and resources.

ITPro Today

October 3, 2006

11 Min Read
ITPro Today logo in a gray background | ITPro Today

PLEASE VISIT OUR SPONSORS, WHO BRING YOU SECURITY UPDATE FOR FREE:

Manage Vulnerabilities. Defend Against Threats.

http://findtechinfo.com/penton/nl/178

Rogue Applications and Media Devices

http://www.windowsitpro.com/go/whitepapers/securewave/rogueapps/?code=SECMid1004

Ten Steps to Achieving Business Compliance

http://www.windowsitpro.com/go/whitepapers/surfcontrol/tensteps/?code=SECHot1004

CONTENTS

===========================================

===========================

Manage Vulnerabilities. Defend Against Threats. Your IT and Security budgets are tight. This White Paper shows real-world case studies demonstrating the ROI potential of automated penetration testing. http://findtechinfo.com/penton/nl/178 === IN FOCUS: OpenWRT Firmware for Wireless APs

======

by Mark Joseph Edwards, News Editor, mark at ntsecurity / net Before I return to our discussion of alternative firmware, I want to let you know about another portable Web browser. Last week, I wrote about Mozilla Firefox - Portable Edition and Torpark (see the article at the URL below). As I described, both these browsers can help protect your sensitive data by keeping it on portable media, such as a flash drive. A reader wrote to let me know about another portable browser that I didn't know existed: Opera@USB. http://www.windowsitpro.com/Article/ArticleID/93664/93664.html As the name implies, Opera@USB is based on the popular Opera Web browser and is designed to be portable. Like Firefox Portable and Torpark, Opera@USB helps protect your privacy by not leaving traces of its existence or activity on the computer you use it on. Opera@USB is smaller than the other two browsers, weighing in at under 8MB. The current version is based on Opera 9 and installation is very simple: Just unzip the download package to a directory and fire up the browser. You can download a copy at http://www.opera-usb.com Two weeks ago, I wrote about DD-WRT (see the article at the URL below), alternative firmware for wireless access points (APs). One thing about DD-WRT that I didn't mention is that it's based on the code of another alternative firmware product, OpenWRT, which is our main topic of discussion this time. http://www.windowsitpro.com/Article/ArticleID/93587/93587.html The popular wireless router manufacturer Linksys developed a small Linux-based open source OS to drive its AP hardware. People took copies of this code and began tweaking it to fit their own needs. This trend gave rise to an alternative firmware product called Alchemy, which was also eventually published as open source. Alchemy led to a spinoff called OpenWRT, which in turn led to another spinoff called DD-WRT. Unlike DD-WRT, OpenWRT is completely command line based. The standard distribution package doesn't include a GUI. This fact has its pluses and minuses. On the minus side, using a GUI is easier than remembering all sorts of commands and their associated parameters. On the plus side, not having a GUI makes the code base smaller, which can be a big deal when a given router has only so much storage and memory capacity. If your router has limited space or you prefer using a Linux command line, OpenWRT (downloadable at the URL below) is a good choice. http://openwrt.org Like DD-WRT, OpenWRT supports quite a number of routers. You can check whether your particular model is supported by reviewing the hardware table, which includes some hardware that's been tested and found to not work with OpenWRT. http://toh.openwrt.org OpenWRT supports many security features that you might find useful, including a firewall based on ipchains, Wi-Fi Protected Access (WPA) encryption, Remote Authentication Dial-In User Service (RADIUS) authentication, and Dropbear Secure Shell (SSH) server. Add-on packages, such as OpenVPN (at the first URL below), are also available. If you need help configuring OpenVPN, visit the second and third URLs below. http://openvpn.net/beta/OpenWRT/ http://p3f.gmxhome.de/OpenWRT/Configure-OpenVPN.html http://martybugs.net/wireless/openwrt/openvpn.cgi Other useful add-on packages are listed at the URL below and include a mini Asterisk VoIP server, The Onion Router (TOR) server, a PPTP server, the Chillispot hotspot creation package, and handy shell tools such as Fyodor's Nmap and Dug Song's dsniff auditing and penetration testing suite. http://downloads.openwrt.org/whiterussian/packages As with any alternative firmware, be sure that it will work on your hardware and that you're relatively comfortable that you can configure it to your needs before you try to load it. Be sure to read the extensive OpenWRT documentation, and if you have questions, use the forum at the OpenWRT Web site. === SPONSOR: SecureWave

==============================

Rogue Applications and Media Devices Threats to your data don't just come from the outside -- they can come from internally as well, whether a result of malicious intent or unintentional negligence. Download this free whitepaper today to learn to effectively establish and enforce security policies for all applications and devices in use on your network. http://www.windowsitpro.com/go/whitepapers/securewave/rogueapps/?code=SECMid1004 === SECURITY NEWS AND FEATURES

=======================

============================

Ten Steps to Achieving Business Compliance Learn the 10 steps you need to take to achieve corporate compliance, including operational visibility in all communication data. As an extra step, stop network assaults so that you can use the Internet confidently, both on and off your corporate network. http://www.windowsitpro.com/go/whitepapers/surfcontrol/tensteps/?code=SECHot1004 === GIVE AND TAKE

====================================

=========================================

by Renee Munshi, [email protected] Encrypt Data in Flight and at Rest BitArmor Systems announced the availability of BitArmor Security Suite, software that encrypts data both while in flight and at rest whether on workstations or servers, portable media, or storage systems. BitArmor lets you set policies for data encryption, retention, and deletion and provides an architecture for managing encryption keys. BitArmor Security Suite is designed to accelerate industry-standard encryption algorithms to provide "wire-speed" encryption and to secure data without any changes to applications, networks, or storage devices. For more information, go to http://www.bitarmor.com WANTED: your reviews of products you've tested and used in production. Send your experiences and ratings of products to [email protected] and get a Best Buy gift certificate. === RESOURCES AND EVENTS

=============================

=============================

Examine the threats of allowing unwanted or offensive content into your network and learn about technologies and methodologies for defending against inappropriate content, spyware, IM, and P2P. http://www.windowsitpro.com/whitepapers/stbernard/internetaccess/index.cfm?code=1004featwp === ANNOUNCEMENTS

====================================

Monthly Online Pass--only $5.95 per month! Includes instant online access to every article ever written in Windows IT Pro, as well as the latest digital issue. Sign up now: https://store.pentontech.com/index.cfm?s=1&promocode=eu206Aum Save $40 off SQL Server Magazine Subscribe to SQL Server Magazine today and SAVE up to $40! Along with your 12 issues, you'll get FREE access to the entire SQL Server Magazine online article archive, which houses more than 2,300 helpful SQL Server articles. This is a limited-time offer, so order now: https://store.pentontech.com/index.cfm?s=9&promocode=eu216Aus

===========================================================

Security UDPATE is brought to you by the Windows IT Pro Web site's Security page (first URL below) and the Windows IT Security newsletter (subscribe at the second URL below).

http://www.windowsitpro.com/windowssecurity

https://store.pentontech.com/index.cfm?s=1&promocode=eu255xsb

Subscribe to Security UPDATE at http://www.windowsitpro.com/Email/Index.cfm?action=archive

Unsubscribe by clicking

http://list.windowsitpro.com/u?id=%%SUBSCRIBER_ID_TAG%%

Be sure to add [email protected] to your antispam software's list of allowed senders.

To contact us:

About Security UPDATE content -- [email protected]

About technical questions -- http://www.windowsitpro.com/forums

About your product news -- [email protected]

About your subscription -- [email protected]

About sponsoring Security UPDATE -- [email protected]

View the Windows IT Pro privacy policy at

http://www.windowsitpro.com/AboutUs/Index.cfm?action=privacy

Windows IT Pro, a division of Penton Media, Inc.

221 East 29th Street, Loveland, CO 80538

Attention: Customer Service Department

Copyright 2006, Penton Media, Inc. All rights reserved.

Sign up for the ITPro Today newsletter
Stay on top of the IT universe with commentary, news analysis, how-to's, and tips delivered to your inbox daily.

You May Also Like