Yesterday I had a bit of a realization. I had just been looking at a wireless router/firewall setup and was thinking about the firewalling rules (which seemed to be geared at the WIRELESS lan… i.e. blocking that activity on the Wireless segment.) You know, traditionally firewalls have had the attitude of defending the internal network from the outside. Of course, these days firewalls sometimes protect the internal network from a WLAN (Wireless segment as well.) But, I put a few events together and started looking for a new feature in a firewall.
Category: Networking
-
Debian development server compromise
Sans also brings this story about the Debian development server being compromised. Investigation is ongoing. The machine was gluck.debian.org and hosted CVS among other things (ddtp, lintian, people, popcon, planet, ports, release). It has been taken offline currently for a reinstall, other systems have been locked down until they can patch the vulnerability that they suspect was exploited. More details will be announced.
-
Anonymized Botnet?
Sans has a story on botnet traffic spotted coming from the TOR network. Now, I had to refresh my memory on what TOR is, but it’s an anonymizing network, essentially a computer running TOR, would collect a list of TOR client machines on the internet and then connections to other pcs are routed through encrypted connections through several different pcs, which masks the origination of the data request. Of course, this doesn’t mean that botnets are actively making use of TOR, it could just be an inadvertant…. “route all my traffic through TOR” computer got a bug….
-
GDrive rumors and screenshot – Platypus
I saw this ZDNet post today with a tantalizing glimpse of Gdrive. It comes originally from cocaman.ch where he found a login page for something called Google Platypus, which is essentially a remotely used file storage. Now, from the page there are a couple of items that can be gleaned. Currently it’s something that’s in use internally (by the Googler’s…) Also, there is a download client for Windows/Mac/Linux that is used to synchronize files somehow. The benefits of it as it is advertised in the screenshot….
-
Mozilla Firefox use above 15% in the US…
and Internet Explorer use has dropped below 80% in the US. Currently 12.93% of online users browse with Firefox. Almost 40% of German web-browsers use Firefox to view the web. It’s nice to see Firefox’s share gaining. I, personally wouldn’t mind seeing SEVERAL competing, standards-compliant browsers with significant share’s. (Opera has moved above 1%.) I think (and hope) the day will come when it doesn’t matter a bit what browser you use (as long as it’s standards compliant.) Hopefully we’re moving towards that.
-
Windows XP and IPP printers
I really like printers with their own built in print server. They can be plugged into the network and some operating systems can just find them. Unfortunately most of the time Windows doesn’t just find an IPP printer. One tool that can be handy for such a time as this is a free tool like softperfect network scanner or you could substitute your own tool in to find where the printer is on the network. If you’re lucky enough to have designed the network or setup the printer yourself, you may know. But, in my job I may have information on some parts of a customers network, but many times I’m called in after the fact and get the “I need that network printer to work on this desktop” kind of assignment.
-
The great firewall of China
The great firewall of China may be just an illusion in technical terms. This article describes the details of how things work…. Basically when “banned content” is detected, both ends of the connection are sent a flood of tcp reset packets. Which (if both sides are designed to pay attention to) means that the two computers “hang up” assuming the other side reset the connection. But, while most current PC operating systems obey the reset packets…. it’s not something that is imperative. (You might think of this as a targeted/surgical denial of service attack using TCP reset packets…) The article goes a bit deeper though….
-
Intelliadmin – free disable usb storage tool
For Windows system administrators that have sweated over the perils of usb drives and memory sticks…. Intelliadmin has a tool for you. It’s a small utility that will allow to remotely disable usb drives over the LAN. It won’t affect usb mice/keyboards – just usb storage. So, if your network security policy doesn’t like USB storage you can easily use this to make sure those devices don’t work on plugin.
-
Ubuntu-server 6.06 LTS plus vmware server and other vmware server notes
What follows are some notes taken on vmware server. Most are related to an install on ubuntu-server (NO GUI INSTALLED)…. the main point of this is to have the host system take as FEW resources away from the guests as possible.
This requires a few x libraries – but not full blown X gui.
-
Legal wi-fi jamming
I’ve heard rumors of how the 802.11 pre-n wireless networking hardware really KILLS nearby 802.11 wireless b/g networks. Today George Ou has some details. I really think this is a serious problem with the equipment coming out as it will force people to move to another wireless standard. (Somehow, this is all starting to make sense now – wait – maybe it ISN’T a problem “from a certain point of view”.) Anyway – it sounds like it’s really problematic to troubleshoot because it only kills the other networks when transmitting, so symptoms of the problem would be sporadic network drops. (Ouch wireless is going to be getting tricker ESPECIALLY in high density areas.)