Kevin’s TechNet “Fuel”
Event Resources – April-June, 2006

Don’t forget to register and USE your Event DVD!

E-mail Technical Questions: Kevin Remde – Kevin.Remde@microsoft.com

Kevin’s Blog “Full of I.T.” – Additional Resources and Discussion

http://blogs.technet.com/kevinremde

Feedback E-mail to my boss: Melanie Brunner – mbrunne@microsoft.com

Future Live, In-Person Event Information

TechNet (for IT Pros): http://www.technetevents.com/kevinremde

MSDN (for Software Developers): http://www.MSDNEvents.com

Microsoft Across America: http://www.microsoft.com/acrossamerica

TechNet Events Bloggers – http://techneteventsbloggers.net

(Add your blog, or subscribe to IT Pro focused blog postings)

Microsoft Learning – Training Resources

http://www.microsoft.com/learning

http://www.microsoft.com/learning/books/ITPro

Microsoft TechNet

http://www.microsoft.com/technet

TechNet Community Site

http://www.microsoft.com/technet/community

Session I – Implementing Security for Wireless Networks

Wireless Network
Solution

Typical
Environment

Additional Infrastructure
Components Required?

Certificates Used
for Client Authentication

Passwords Used
for Client Authentication

Typical Data
Encryption Method

Wi-Fi Protected Access with Pre-Shared Keys (WPA-PSK)

Small Office/Home Office (SOHO)

Small Office/Home Office (SOHO)

NO

YES

Uses WPA encryption key to authenticate to network

WPA

Password-based wireless network security

Small to medium organization

Internet Authentication Services (IAS)

Certificate required for the IAS server

NO

However, a certificate is issued to validate the IAS server

YES

WPA or Dynamic WEP

Certificate-based wireless network security

Medium to large organization

Internet Authentication Services (IAS)

Certificate Services

YES

NO

Certificates used but may be modified to require passwords

WPA or Dynamic WEP

Securing Wireless LANs with Certificate Services

http://www.microsoft.com/technet/security/prodtech/windowsserver2003/pkiwire/swlan.mspx?mfr=true

“Securing Wireless LANs with PEAP and Passwords”

http://www.microsoft.com/technet/security/topics/cryptographyetc/peap_0.mspx

WPA Wireless Security for Home Networks

http://www.microsoft.com/windowsxp/using/networking/expert/bowman_03july28.mspx

“Advantages of Protected Extensible Authentication Protocol (PEAP)”

http://www.microsoft.com/technet/itsolutions/network/wifi/peap.mspx

Security of the WEP Algorithm

http://www.isaac.cs.berkeley.edu/isaac/wep-faq.html

IEEE 802.11 Wireless LAN Security with Microsoft Windows XP – Document Download

http://www.microsoft.com/downloads/details.aspx?FamilyID=67fdeb48-74ec-4ee8-a650-334bb8ec38a9&DisplayLang=en

Tools for scanning for and dealing with rogue Wireless Access Points:

AirDefense Enterprise

http://www.asl-airdefense.co.uk/products/enterprise_overview.php

AirMagnet Enterprise

http://www.fetest.com/products/distributed/index.cfm?Prod=30

CAPICOM – Platform SDK Redistributable Tool Download:

http://www.microsoft.com/downloads/details.aspx?FamilyID=860ee43a-a843-462f-abb5-ff88ea5896f6&DisplayLang=en

PKI Enhancements in Windows XP Professional and Windows Server 2003

http://www.microsoft.com/technet/prodtechnol/winxppro/plan/pkienh.mspx

Session II – Responding to Computer Attacks

Howard, John D. “A Common Language for Computer Security Incidents” 1998.

http://www.cert.org/research/taxonomy_988667.pdf

The Bad Boys of Cyberspace

http://www.rider.edu/suler/psycyber/badboys.html

Great Security and Incidence Response Book Titles:

http://www.securitybooks.org/incident-response

CERT’s Virtual Training Environment (VTE)

http://www.sei.cmu.edu/products/courses/courses.html#VTE

https://www.vte.cert.org

Microsoft Security Response Center (MSRC)

http://www.microsoft.com/security/msrc

The Microsoft Security Response Center (MSRC) blog

http://blogs.technet.com/msrc/

April-June 2006 – TechNet Event Resources