ProtectmyID had a good writeup on WLAN security today. I think this is one of the writeups on this topic which contains the least amount of FUD and you can't go wrong with following its advice. However, I think a couple of improvements could be made.
First off I'd say that MAC filters these days are a waste of time as a MAC address can be easily spoofed. The time required to manage a MAC filter can be better spent elsewhere. If someone can crack your encryption, a MAC filter won't stop them in the least.
Next while I agree that WLANs are commonly used in most household, I think the first security precaution for a WLAN should be if you don't use it, disable it at the router.
Lastly, I'd like to emphasize what I think are the important points:
#1 enable encryption (WPA2 or WPA)
#2 change the password at the router
If you follow these 2 points, your home WLAN is relatively safe.
Thursday, October 21
Good WLAN Tips
Monday, October 11
The problem of 2^64 − 1
I was just looking at the securing coding practices at the CERT website and ran into a topic that has always been a pain point for me and that is the validation of pointers in C.
Growing up coding C, I was constantly exposed to the mantra of 'Check for NULL pointers'. Now it is hard to argue that NULL pointers are not bad, but I do think that when to check for them is not that straight forward.
Obviously, when trying to allocate memory one should verify that the memory was allocated and that NULL was not returned. What isn't so clear is when is there value to checking for NULL. I've been in several organizations and dealt with developers that demand that all functions that accept a pointer,check that pointer for NULL. The argument being that we don't want the code to try to use an invalid pointer. One issue I have with this broad approach is that it leads to horrendous code bloat.
Just look at one pointer that gets passed through a couple of wrappers to get to the actual code that will do something with it. For each function it passes through, we have said that it should be checked to insure that it is not NULL. So, for some number of times we have verified that the pointer is not one of 2^64-1 possible values. Since at any given time a pointer has only one truly valid value [if its not referencing the data it should,its not valid], then it can be said that it has 2^64-2 invalid values.
So, what does checking for NULL over and over accomplish? It eliminates 1 out 2^64-2 possible invalid pointer values.
Growing up coding C, I was constantly exposed to the mantra of 'Check for NULL pointers'. Now it is hard to argue that NULL pointers are not bad, but I do think that when to check for them is not that straight forward.
Obviously, when trying to allocate memory one should verify that the memory was allocated and that NULL was not returned. What isn't so clear is when is there value to checking for NULL. I've been in several organizations and dealt with developers that demand that all functions that accept a pointer,check that pointer for NULL. The argument being that we don't want the code to try to use an invalid pointer. One issue I have with this broad approach is that it leads to horrendous code bloat.
Just look at one pointer that gets passed through a couple of wrappers to get to the actual code that will do something with it. For each function it passes through, we have said that it should be checked to insure that it is not NULL. So, for some number of times we have verified that the pointer is not one of 2^64-1 possible values. Since at any given time a pointer has only one truly valid value [if its not referencing the data it should,its not valid], then it can be said that it has 2^64-2 invalid values.
So, what does checking for NULL over and over accomplish? It eliminates 1 out 2^64-2 possible invalid pointer values.
Friday, July 23
Microsoft Network Monitor
I recently received one of Microsoft's periodic download notification emails and one item in particular caught my eye as I had never heard of it before. It was a download of Microsoft's Network Monitor.
Now I've been dealing with networking in and out of work for many years and have always used Wireshark and will most likely continue to do so. However, I will definitely be looking into Network Monitor more and would not be surprised if it became my tool of choice in some situations.
Now I've been dealing with networking in and out of work for many years and have always used Wireshark and will most likely continue to do so. However, I will definitely be looking into Network Monitor more and would not be surprised if it became my tool of choice in some situations.
Wednesday, July 21
Accessing Network Connections on Windows XP
If you are dealing with issues with networking on a Windows machine one of the locations you are going to want to look at sooner or later is the Network Connections. How you get there and what you see varies between Windows versions. From XP on it is mostly the same, so I figured a quick look at Network Connections on XP should provide most Windows users with a good starting point if they need to access their network settings.
Even within Windows XP there are several ways to get to Network Connections, so I'll the two most common ways to get there.
The first method is from the system task bar and it is the quickest way to bring up the Network Connections. However, depending on the system settings it may not always be accessible.
Even within Windows XP there are several ways to get to Network Connections, so I'll the two most common ways to get there.
The first method is from the system task bar and it is the quickest way to bring up the Network Connections. However, depending on the system settings it may not always be accessible.
Wednesday, February 24
Expanding a Home Network
I've been working on a few different posts and haven't quite got the finishing touches on them, but I felt I should get this one out there. In the past week, I have been asked to help out with expanding a home network using an old router at least four times. With many ISPs providing routers, people are often finding themselves with an extra router. So its only natural that they look to reusing an old router when trying to expand their wired or wireless network.
There are several approaches to adding a second router to a home network, in this post I'll look at the simplest and probably the most common way. Which is cascading a second router to operate as a WAP or switch.
Whether you are using a wired or wireless router, the basic setup of the routers will be the same and can be done in five simple steps.
There are several approaches to adding a second router to a home network, in this post I'll look at the simplest and probably the most common way. Which is cascading a second router to operate as a WAP or switch.
Whether you are using a wired or wireless router, the basic setup of the routers will be the same and can be done in five simple steps.
Friday, February 12
Using the Windows Command Window
For example I have run into many situations where someone does not know how to copy the text from the command window. When helping someone in an online forum having the person copy and paste the information from a command window helps insure that the information that is posted is correct. Because of that, I figured a quick overview of working with the command might be useful.
Thursday, February 11
Sharing a Keyboard & Mouse
You've most likely heard of KVM (Keyboard/Video/Mouse) devices that let you share a single keyboard, monitor, and mouse between multiple machines, Synergy is a software KM solution. It allows you to share a keyboard and mouse between multiple computers, but still take advantage of having the display real-estate that multiple monitors offer.
Monday, February 8
Setting MTU on Windows
The first questions that I imagine comes to the mind of many people is what is MTU and why should I care about it. I expect a more or less formal definition is not that useful when it comes to answering these questions.
The MTU can be thought of the largest amount of information, in bytes, that can be sent in a single message between two systems on a network, including those systems on the internet. But still why should we care, the information can be sent in multiple messages, and in reality systems almost always send multiple messages. The answer is that the MTU value that is used affects how efficient a system is when it transfers information to another system.
Maximum Transmission Unit [MTU]
The largest possible unit of data that can be sent on a particular network implementation
The MTU can be thought of the largest amount of information, in bytes, that can be sent in a single message between two systems on a network, including those systems on the internet. But still why should we care, the information can be sent in multiple messages, and in reality systems almost always send multiple messages. The answer is that the MTU value that is used affects how efficient a system is when it transfers information to another system.
Running Ping from Windows
The ping command is one of the simplest commands that can be used for diagnosing networking problems, but it is also one I would be hard pressed to do without. The primary use of the command is to send a network message to another system asking that system to respond back. By doing this you can easily verify that the remote system can be reached from your system and get a gauge of the general transfer speed between the two systems.
Saturday, February 6
Networking Terms
Over the past couple of years I've been pulling together a list of terms that frequently get tossed about when dealing with networking issues and trying to provide a definition that is easy for most folks to follow. This list is by no means exhaustive and was meant all along to be a living document, growing and being revised as time goes by.
You can find this glossary of terms over in the forums at www.cybertechhelp.com. Please feel free to post any comments here or at CTH. My hope is to continue to improve it as time allows.
You can find this glossary of terms over in the forums at www.cybertechhelp.com. Please feel free to post any comments here or at CTH. My hope is to continue to improve it as time allows.
Friday, February 5
Using ipconfig & Wntipcfg.exe
In Windows, ipconfig is used to display basic network related configuration information, such as IP address, DNS servers, and DHCP settings. It is a command line utility and as such it must be run through XP's command window. There are two basic ways to do this:
Either,
1) Go to the Start menu and select Run...
In the the Run dialog enter cmd /k ipconfig
Or
2) Open a command window and then run ipconfig in the window
In the Run dialog enter cmd, this will open a command window that can be used to run ipconfig.
Running ipconfig with no options will provide just the basic information, while running it with the /all option provides more detailed information on the network adapters in the system and their configuration.
ipconfig also has a /release and a /renew option. They are only of use if DHCP is enabled and are used to release the currently assigned IP address and to request an assignment of a new IP address. It is normal that a request for a new IP address results in the same IP address being assigned.
Note: For versions of windows earlier than XP, use command instead of cmd
Note: A GUI based version of ipconfig exists on Windows 95/98/ME and is called winipconfig.
Note: Windows NT/XP/2000 do not come with a GUI version, but it can be downloaded from this page.
Either,
1) Go to the Start menu and select Run...
In the the Run dialog enter cmd /k ipconfig
Or
2) Open a command window and then run ipconfig in the window
In the Run dialog enter cmd, this will open a command window that can be used to run ipconfig.
Running ipconfig with no options will provide just the basic information, while running it with the /all option provides more detailed information on the network adapters in the system and their configuration.
ipconfig also has a /release and a /renew option. They are only of use if DHCP is enabled and are used to release the currently assigned IP address and to request an assignment of a new IP address. It is normal that a request for a new IP address results in the same IP address being assigned.
Note: For versions of windows earlier than XP, use command instead of cmd
Note: A GUI based version of ipconfig exists on Windows 95/98/ME and is called winipconfig.
Note: Windows NT/XP/2000 do not come with a GUI version, but it can be downloaded from this page.
Subscribe to:
Posts (Atom)
