> News > Full Story
WLAN standard gets IEEE nod
IEEE (Institute of Electrical and Electronics Engineers) approved
802.11g which is a new standard for WLANs (Wireless Local
Area Networks) operating in the 2.4 GHz band. This move can
boost the speed of existing WLANs from 11 Mbps to a maximum
of 54 Mbps. The new standard is backward-compatible with existing
802.11b WLANs which have an installed base of 11 million users
Products based on the 802.11g standard will compete with WLAN
products based on the 802.11a standard which are also set
to enter the marketplace. The 802.11a standard operates in
unlicensed spectrum band. 802.11g users may encounter interference
in the 2.4 GHz band because it is also used by Bluetooth short-range
wireless devices and products based on 802.11b.
The proliferation of wireless standards should mean price
breaks for products operating under the 802.11b standard,
which has already attained economies of scale. Chipset manufacturers
have already formulated plans to produce chipsets that will
operate at speeds of 54 Mbps.
announces Mobile IP functionality
Systems announced the availability of a new mobile IP functionality
called Cisco Mobile Networks in the Cisco IOS Software. The
mobile IP specifications have been laid down by the IETF (Internet
Engineering Task Force). It enables an IP device to roam across
networks and geographies and remain constantly connected to
the network or the Internet. The IP address of the mobile
user does not change in different locations. The connection
speed can be so good that the user may feel like he/she is
working from the home location.
Mobile IP allows a router along with its entire network of
connected IP devices to roam across network boundaries and
connection types. This provides potential revenue opportunities
for wireless service providers. Mobile IP let providers expand
services into markets like emergency management services,
railroads and shipping systems, and automobiles.
in a component of a GUI (Graphical User Interface) that ships
with several commercial Unix systems could let a malicious
attacker take administrative control of an affected host system.
This has been discovered by CERT, Coordination Center at Carnegie
Mellon University in Pittsburgh. The affected software is
included in several versions of HP's HP-UX, IBM's AIX, Sun
Microsystems' Solaris, and Compaq's Tru64 Unix.
The vulnerability exists in a function used by the CDE (Common
Desktop Environment) subprocess control service. The CDE is
an integrated GUI that runs on Unix and Linux systems and
is responsible for accepting requests from clients in order
to execute commands and run applications remotely.
The vulnerability in the CDE allows an error in the way the
requests from remote clients are validated. Crackers can manipulate
data and cause a buffer overflow.
Patches that address the problem are available from some of
the vendors. The other vendors have only acknowledged the
problem and are investigating the vulnerability, according
to the CERT advisory. CERT advises users to limit or block
access to the subprocess control service from untrusted networks
until patches are available.
previous versions of NetWare, licensing was based on the number
of servers in which NetWare is installed. With the new scheme,
NetWare 6 buyers can install as many servers as they want,
since licensing is based on the number of users registered
with Novell's NDS (Novell Directory Services) or eDirectory.
According to Rob Seely, NetWare Product Manager, Novell, the
new licensing model could mean savings
for companies, depending on the hardware configuration. In
particular, it will make it cheaper for
smaller organizations to get started with NetWare.
Also, because licenses are no longer tagged to
servers, it would make for easier software auditing, he said.
The list price for NetWare 6 is US$158 per new user license,
and US$98 per user upgrade license. The new licensing model,
however, applies only to NetWare 6 users. Users of older versions
of NetWare cannot convert from server to user-based licensing.
This means that organizations who are upgrading in part will
have to juggle with both forms of licensing schemes during
the transition period.
its friendlier licensing model, NetWare 6 has also been touted
for its ease-of-use, rich features and scalability.
Inevitably, however, it will face torrid competition from
Microsoft's Windows 2000, which Microsoft released last year
in three overlapping flavors to cater for different-sized
organizational implementation scales.
So will the one-sized only NetWare 6 be swamped by multi-flavored
Windows 2000? Seely does not think so. "With one product-group
only, Novell is making it easier for itself to stay focused,"
He added that NetWare 6 will line up well against even the
largest network operating systems because it is scalable to
the "largest" enterprises. He cited NetWare 6's
enhanced client-interoperability, where organizations can
use a variety of desktops as long as it supports a Web browser;
and its scalability, where it supports up to 32 processors,
8 TB hard disk volumes and a billion directory objects, as
key factors. "We have made NetWare 6 bigger, but at the
same time, we have made it easier to implement and use,"
And at the very high-end enterprise segments targeted by Windows
2000 Datacenter Server, which requires hardware vendors to
certify their hardware against a set of Microsoft-set criteria,
he said Novell has adopted a similar certification approach
for approved Novell hardware vendors.
Besides its new-found muscle, NetWare 6 also comes with several
snazzy networking components.
This includes iFolder, which lets users access their files
remotely from any Internet-enabled device; iPrint,
which lets users print documents on any Internet-connected
printer; and NetWare WebAccess, which provides access to files,
printers, e-mail, calendar,
and address books via a browser and a customisable
Also new is its ability to run the software in a corporate
network without installing the software on client PCs.
Ong Boon Kiat is the Senior Sub-editor, Network Computing-Asian
Edition, and can be reached at firstname.lastname@example.org
new with NetWare 6
iPrint, IPP (Internet printing protocol) support
iFolder, a file-synchronisation program
iManage, a framework to manage NetWare from the Web and
NFAP (native file access pack), gives Windows, Mac and NFS
clients access to the NetWare file system using native protocols
A two-node clustering license
NetWare Web Access, a mini-version of the NetWare Portal
services that allows easy access to iFolder, iPrint, address
book and e-mail
Apache and Netscape Web servers
Tomcat Java servlet engine
that security hole in IE
has provided a patch for a security hole in Internet Explorer
(IE) versions 5.5 and 6. The hole can expose cookie data to
malicious hackers. The vulnerability was first publicized
by Online Solutions Ltd, a Finnish security firm. The firm
alerted Microsoft about the vulnerability but released the
existence and details of the exploit before Microsoft could
issue a patch. Microsoft posted an advisory and recommended
that users disable active scripts in IE to prevent their cookie
data from being stolen. However, disabling active scripts
also renders some websites unusable.
The vulnerability lies in the ability of a malicious hacker
to write an intentionally malformed URL in a Web page address.
The action allows a hacker to see the cookies deposited by
other websites on the user's hard drive. While proper security
practice wouldn't allow sensitive information to be stored
in those cookies, some websites place credit card and other
personal information in the cookies. A malformed Web address
link in a HTML e-mail will also expose cookie data.
Microsoft has now issued a patch that shuts the ability of
one website to grab information left by another website. The
patch also addresses three previously undisclosed problems.
The first two involve how IE handles cookies across domains.
The third vulnerability is a new variant of a vulnerability
discussed in Microsoft Security Bulletin MS01-051 that affects
how IE handles URLs that include dotless IP addresses. IE
would treat the site as an intranet site, and open pages on
the site in the Intranet Zone rather than the correct zone.
This would allow the site to run with fewer security restrictions
than appropriate. This vulnerability does not affect IE 6.
The patch for this vulnerability can be downloaded from www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms01-055.asp
Ethernet switch market down 8 percent
worldwide Ethernet switch market dropped in the third quarter
but its decline slowed from previous quarters. This data was
published in a survey by market research company Dell'Oro
Group. Revenue from Ethernet switch sales was just over $2.5
billion, down 8 percent from about $2.75 billion in the second
quarter. The latest figure shows a 22 percent decline from
the third quarter of 2000, when sales totaled almost $3.24
billion. The figure includes revenue for all types of Ethernet
switches like 10 Mbps and 100 Mbps LAN devices, and 1 Gbps
switches that may be used in corporate campuses or metropolitan
service-provider networks. It also includes switches with
routing capability and content-aware functions for optimal
Since the Ethernet switch market is spread across companies
in various business verticals, the demand has fallen less
dramatically than some other network equipment sectors. However,
Dell'Oro does not expect steady growth in Ethernet switch
sales until late 2002.
Cisco remains dominant in the market, maintaining its 58 percent
market share, but its revenue took a 10 percent hit. Second
place Enterasys Networks gained one percentage point in market
share to take 7 percent of the market to match Nortel Networks'
Data Systems announced HiCommand, a software framework for
simplifying tasks performed by storage-system administrators.
HiCommand provides a single, integrated, Web-based user interface
controlling all Hitachi Freedom Storage systems. It also includes
APIs (Application Program Interfaces) designed to simplify
the integration of storage management functions with products
developed by ISVs (Independent Software Vendors).
The software has graphical displays to show logical groups
of storage resources in customer installation and tools for
controlling the connectivity of physical and logical storage
components. Administrators can use the HiCommand interface
to control Hitachi Freedom Storage software products like
Hitachi TrueCopy and ShadowImage.
Hitachi Data Systems make the HiCommand APIs widely available.
The open APIs enable ISVs to tightly integrate their applications
with HiCommand. This leads to an increase in customer operations
for deploying storage virtualization tools and other software
to reduce management costs.