Mark your calendars

I'm going to be presenting at the Iowa Association for Communication Technology annual conference on April 1 in Cedar Rapids. It's a joint conference with the Iowa Distance Learning Association. My co-worker Aaron Howard and I will be covering the evolution of our campus wireless network over the last 5 years, as well as the security and usability implications of various wireless security methods in the chaotic campus network environment.

Poor Red Hat Billing Security

My yearly subscription for my Red Hat workstation was due, but I no longer hold the card that I used to set it up, so the auto-renewal didn’t go through.  That’s all fine, and expected, but here’s what Red Hat wants me to do:

The credit card information is not going through. Please fax the following to XXX-XXX-XXXX so we can verify the credit card details:

- Cardholder
- Credit card number
- Expiration date
- Billing address (this must match the one on file with the credit card company)

Please reply if you have any questions and have a good day!

Uh, in the age of phishing, I’m not faxing(!) my credit card info to a random phone number that I got in my e-mail.  This message isn’t even PGP signed.  I replied back and told them I’d be happy to re-enter my info in an SSL-secured form available via their site, if they provide one, but there’s no way I’m faxing my credit card info anywhere.

802.1x no longer good enough

This article from George Ou is an alarming way to start the morning.  It details the new attacks on the WEP protocol, which is known to be broken, but was generally assumed to be “good enough” when rotated often.  Unfortunately, that is no longer the case, so we need to look at moving to the next generation of encryption on our Wireless LAN ASAP.  In an educational setting such as ours, however, this is a little trickier, I’ve got about 750 clients spread around campus, and I can’t get that many users to turn on a dime.  To make them even grumpier, this is going to “break” a lot of older wireless hardware which is sure to bring the college students out with their pitchforks and torches.  In other words, I’m already having a bad day…

Symantec Antivirus update

Symantec has updated their Corporate AntiVirus product to make it compatible with Windows XP SP2, so far, no problems for me on the 4 boxes I've installed Service Pack 2 on. If you're running version 9 of SAV, get the patch here. You'll also probably want to patch your existing SAV 9 .msi file so that you don't need to patch new installations in the future, just use the msiexec command listed here

Patch Day

Today is a Microsoft Patch Day, the second Tuesday of the month. My co-worker, our "Senior Systems Administrator", is gone to Russia until June 1, leaving me, the vanilla "Systems Administrator" in charge of patching all the miscellaneous Windows servers in our racks. I'm really hoping that today just brings a patch for Windows Media Player, or something equally inane, because I really don't want to have to patch all these boxes by myself...

Wireless Hacker

I hacked my first wireless network today, but don't worry, I had my white hat on. One of the neighbors had left their wi-fi network wide-open to anyone and everyone, and didn't even bother to change the default password. It took me 15 seconds to gain control of their access point, but once I did, I merely changed their wireless channel. If you have a wireless access point, please set it to something other than channel 6, as that's the default channel of almost every brand of access point, which leads to a lot of access points (4 in range of the house here) that are speaking on the same channel, which is a bad idea. It's too bad I couldn't easily identify which house the network belonged to, or I'd have set their password for them, and let them know that they need to secure their network better, but I don't really have any easy way to track that down.


I'm using the Nessus scanner to detect machines on campus that are vulnerable to last weeks ASN flaw in Windows. I tried last week, but the only plugin available then required registry access, which isn't very helpful on campus. There's a new plugin available now, however, that checks via an NTLM login. What we've discovered, is several machines that were updated via WindowsUpdate weren't really updated after all. Their registries think that the patch was installed, but the actual file wasn't replaced, so we're back to manually installing the patch on those machines.