Not long ago a customer offered me a slightly used Linksys BEFW11S4 ver. 4 wireless router for free. He had replaced it with an 802.11g router (this is only a b) shortly after purchase and said if I knew anyone that wanted it I could have it. Well, it’s hard for me to let tech […]
I think I’ve wrapped up the series on arp spoofing and it’s implications for network security. I know there’s nothing earth shattering here, most network security types are well aware of the problems (and perhaps aware of more sophisticated solutions?). For some though, this series is likely an eye opener as there are myths that […]
So, let’s say we want to have an open wireless access point for some reason. (Maybe offering it to guests if you’re a business?) There are certainly a lot of BAD ways to give open wireless access. As we’ve seen in this series so far, it could be quite easy to hijack all connections in […]
So, if you haven’t already had enough cause to tighten your wireless security…. we’ve been talking about arp poisoning (spoofing) and the basic conclusion is that IF an attacking machine is on the same subnet as your machine (same IP address range), they can “own” all traffic from you machine to the gateway. It doesn’t […]
So, we’ve spent a couple articles talking about arp spoofing. It sounds really bad, it’s a frighteningly easy way to do a “mitm” or man in the middle attack and anyone using arp spoofing could capture ALL network traffic including passwords. There’s got to be an easy fix right? Um…. well. This is not something […]
When a machine has been arp spoofed, ALL network traffic from it is likely passing through a “hostile” machine. So, NO, https and ssh traffic is not immune, it is travelling through a hostile machine. However, it should be encrypted. There are a few exceptions though. SSH version 1 is a broken encryption scheme and […]
So…. what is arp spoofing (poisoning)…. and what are it’s implications? ARP spoofing involves tricking a machine into thinking that you’re machine is, yet another. Let’s put this in IP address terms. Let’s say that 192.168.0.1 is the default gatway on the network and 192.168.0.150 is our target. We are given another network address – […]
So, for those that have a little bit of knowledge about network hardware, you’ve probably heard this. “You can’t sniff switched networks”…. wrong…. let’s see what this is about. Older networking hardware was dominated by what’s called a hub. This was basically a “dumb” device that when it received data, it would retransmit the data […]
A while back I did a network security series and one of the points that I mentioned was that it’s important to know what is normal for your network. In other words, what machines are NORMALLY connected, what services are normally running, etc. Well, I’m about to start a serious look at something that makes […]
I haven’t had much time to look into this, but one of the mailservers I administer is typically configured to relay through mail.lig.bellsouth.net, with mail.averyjparker.com as a fallback. Sometime overnight, mail.averyjparker.com started getting heavy use and on checking this morning was getting all of the outbound traffic. So, I did a bit of investigation mail.lig.bellsouth.net […]
Bookmark this site now by pressing Ctrl+D
You are currently browsing the archives for the Networking category.
