Thursday, October 21

Good WLAN Tips

ProtectmyID had a good writeup on WLAN security today. I think this is one of the writeups on this topic which contains the least amount of FUD and you can't go wrong with following its advice. However, I think a couple of improvements could be made.

First off I'd say that MAC filters these days are a waste of time as a MAC address can be easily spoofed. The time required to manage a MAC filter can be better spent elsewhere. If someone can crack your encryption, a MAC filter won't stop them in the least.

Next while I agree that WLANs are commonly used in most household, I think the first security precaution for a WLAN should be if you don't use it, disable it at the router.

Lastly, I'd like to emphasize what I think are the important points:

#1 enable encryption (WPA2 or WPA)
#2 change the password at the router

If you follow these 2 points, your home WLAN is relatively safe.

in reference to: Protecting Home Wireless Networks | ProtectMyID (view on Google Sidewiki)

Monday, October 11

The problem of 2^64 − 1

I was just looking at the securing coding practices at the CERT website and ran into a topic that has always been a pain point for me and that is the validation of pointers in C.

Growing up coding C, I was constantly exposed to the mantra of 'Check for NULL pointers'. Now it is hard to argue that NULL pointers are not bad, but I do think that when to check for them is not that straight forward.

Obviously, when trying to allocate memory one should verify that the memory was allocated and that NULL was not returned. What isn't so clear is when is there value to checking for NULL.  I've been in several organizations and dealt with developers that demand that all functions that accept a pointer,check that pointer for NULL. The argument being that we don't want the code to try to use an invalid pointer.  One issue I have with this broad approach is that it leads to horrendous code bloat.

Just look at one pointer that gets passed through a couple of wrappers to get to the actual code that will do something with it. For each function it passes through, we have said that it should be checked to insure that it is not NULL. So, for some number of times we have verified that the pointer is not one of 2^64-1 possible values.  Since at any given time a pointer has only one truly valid value [if its not referencing the data it should,its not valid], then it can be said that it has 2^64-2 invalid values.

So, what does checking for NULL over and over accomplish? It eliminates 1 out 2^64-2 possible invalid pointer values.

Friday, July 23

Microsoft Network Monitor

I recently received one of Microsoft's periodic download notification emails and one item in particular caught my eye as I had never heard of it before. It was a download of Microsoft's Network Monitor.

Now I've been dealing with networking in and out of work for many years and have always used Wireshark and will most likely continue to do so.  However, I will definitely be looking into Network Monitor more and would not be surprised if it became my tool of choice in some situations.

Wednesday, July 21

Accessing Network Connections on Windows XP

If you are dealing with issues with networking on a Windows machine one of the locations you are going to want to look at sooner or later is the Network Connections.  How you get there and what you see varies between Windows versions. From XP on it is mostly the same, so I figured a quick look at Network Connections on XP should provide most Windows users with a good starting point if they need to access their network settings.

Even within Windows XP there are several ways to get to Network Connections, so I'll the two most common ways to get there.

The first method is from the system task bar and it is the quickest way to bring up the Network Connections. However, depending on the system settings it may not always be accessible.

Wednesday, February 24

Expanding a Home Network

I've been working on a few different posts and haven't quite got the finishing touches on them, but I felt I should get this one out there.  In the past week, I have been asked to help out with expanding a home network using an old router at least four times.  With many ISPs providing routers, people are often finding themselves with an extra router.   So its only natural that they look to reusing an old router when trying to expand their wired or wireless network.

There are several approaches to adding a second router to a home network, in this post I'll look at the simplest and  probably the most common way.  Which is cascading a second router to operate as a WAP or switch.

 Whether you are using a wired or wireless router, the basic setup of the routers will be the same and can be done in five simple steps.