Sorry! This is just a test… if this were a real post, something cool would follow here.

Share

There are five configurations a network administrator should apply to a newly provisioned switch or router. Although application of these configurations may seem like common sense, 90% of devices I see are missing at least one of these settings, and about 75% are missing two or more.

The guide also includes CLI commands for configuring each setting on Cisco and HP Networking platforms.

You can read this entire article at Network Computing “5 Basic Switch Settings You Must Know“  .

# # #

Share

I’m in the process of updating WordPress versions, so some plugins and pages may be broken for a short period of time.

Thanks for puttin’ up with my mess!

-jj

Share

It’s Tuesday, January 24th, which means there are just 4 days left to vote for your top blogs and podcasts finalists for the Security Bloggers Network Awards, to be presented at RSA Conference USA 2012.

If you’re a member blogger of the SBN, then you’re eligible to vote. Finalists were selected from a panel of outstanding judges (kept secret until after the nominations and finalists were announced).

2012 SBN Awards Judges (they selected finalists)

• Kelly Jackson Higgins
• Bill Brenner
• Larry Walsh
• and guest judge: Wendy Nather

SBN Bloggers and Podcasters can vote until 1/27 at https://www.surveymonkey.com/s/2012securityblogger.

I’ll tell you that I skipped answering a few, because there were categories with blogs that I wasn’t familiar with and didn’t feel comfortable answering. It’s okay to skip any you’re not sure about; it will let you continue on voting.

The nominations are listed below. Winners will be announced at the SBN Blogger Awards ceremony during the RSA Conference next month in San Francisco.

Good luck to everyone!

The nominations for the 2012 Social Security Bloggers Awards:

Best Corporate Security Blog:

• Fortinet Security Blog http://blog.fortinet.com/
• Denim Group http://blog.denimgroup.com/
• Trend Micro Cloud Security Blog http://cloudsecurity.trendmicro.com/
• Veracode Security Blog http://www.veracode.com/blog/
• Kaspersky Lab Blog https://www.securelist.com/en/
• Sophos Naked Security Blog http://nakedsecurity.sophos.com/

Best Security Podcast:

• Threat Post http://threatpost.com/en_us/podcast
• The Network Security Podcast http://netsecpodcast.com/
• Eurotrash Security Podcast http://www.eurotrashsecurity.eu/index.php/Main_Page
• Pauldotcom http://pauldotcom.com/
• Exotic Liability http://www.exoticliability.com/
• The Southern Fried Security Podcast http://www.southernfriedsecurity.com/

The Most Educational Security Blog:

• Cognitive Dissidents http://blog.cognitivedissidents.com/
• Tao Security http://taosecurity.blogspot.com/
• F-Secure blog http://www.f-secure.com/weblog/
• The New School Security Blog http://newschoolsecurity.com/
• AppSecInc Blog http://blog.appsecinc.com/
• Evil Bytes/John Sawyer http://www.darkreading.com/blog/archives/evil-bytes/index.html

The Most Entertaining Security Blog:

• Rational Survivability http://www.rationalsurvivability.com/blog/
• Andrew Hay’s Blog http://www.andrewhay.ca/
• Uncommon Sense Security/Jack Daniel http://blog.uncommonsensesecurity.com/
• New School Of Information Security/Adam Shostack http://newschoolsecurity.com/
• Naked Security http://nakedsecurity.sophos.com/
• Securosis Blog http://securosis.com/blog

The Blog That Best Represents The Security Industry:

• Krebs On Security http://krebsonsecurity.com/
• Uncommon Sense Security http://blog.uncommonsensesecurity.com/
• SANS Internet Storm Center http://isc.sans.org/
• Securosis blog https://securosis.com/blog

The Single Best Blog Post or Podcast Of The Year:

• Martin McKeay, Curing the Credit Card Cancer http://www.mckeay.net/2011/11/28/curing-the-credit-card-cancer/
• Veracode Blog http://www.veracode.com/blog/2011/08/musings-on-custers-last-stand/
• Moxie Marlinspike’s ThoughtCrime Labs http://blog.thoughtcrime.org/authenticity-is-broken-in-ssl-but-your-app-ha
• Idoneous Security http://idoneous-security.blogspot.com/2011/12/what-your-analyst-wishes-you-knew.html

The First Two Members Of The Security Bloggers Hall Of Fame: (please pick 2)

• Adam Shostack (Emergent Chaos, New School of Security)
• Brian Krebs (Washington Post, Krebs on Security)
• Rich Bejtlich, Tao Security
• Chris Hoff, Rational Survivability
• Graham Cluley, Naked Security
• Bruce Schneier, Schneier On Security

# # #

Share

Lately, I’ve been forced to dispel a volume of wireless myths, both in way of technology and vendors. I’m not sure if it’s a full moon, or some other astrological occurrence, but it’s gotten a little crazy recently. So, I thought I’d take a few blog posts to address some wireless myths, in brief, to keep in the back of your head as you explore wireless solutions and upgrades in your environment.

Here’s a thought on why more APs aren’t always better.

The other day someone said “that’s fine, if that happens, we can just add more APs, they’re pretty cheap.” As I looked over the predictive wireless survey (APs and predicted coverage mapped out on a floor plan), I realized there were already quite a few APs in the general area he was referring to. “Well, here’s what we need to watch out for…” I replied, and here’s what we discussed…

More APs isn’t necessarily better. For this to make sense, we first need a very basic understanding of the duplex and collision avoidance properties of wireless (see Understanding collisions and duplex in wireless). With that overview, we learn that that wireless things can’t listen and talk at the same time, and that multiple wireless things can’t transmit at the same time, because that results in collisions.

If you could visualize RF in the air, and see the little packet-carrying waves passing by, you’d start to realize that everything wireless is talking, and all at different intervals. Most notably, always-on wireless devices tend to be a bit chatty, whereas laptops, tablets, Kindles and other things running on battery tend to hibernate a bit, and send only occasional messages when they’re not in use.

The actual APs, however, are constantly sending messages. They’re sending management messages to clients, coordinating air time with request-to-send and clear-to-send packets. They’re broadcasting beacons and wireless network information so new people can connect. Some may be negotiating channel and power settings. All-in-all, they’re filling the air with little tidbids of AP-talk all day, every day. Knowing this, you can probably start to see why more APs in a given area might not be beneficial.

With too many APs constantly talking in a single area, we start to infringe on the time that clients can use to transmit and receive wireless data.

If we go back to our analogy of the classroom and the professor (from  Understanding collisions and duplex in wireless), we can modify it slightly pretend we have 10 professors in the room; maybe we’re having a panel discussion to re-evaluate Einstein’s principles of general relativity. If the professors all start talking a lot, then that leaves less time for the students to interact and engage. To better prove our point, we’ll say the professors are native German-speaking fellows, so when conversing with one another, they switch to German to facilitate faster conversation. The students are all English-speaking, so they’re not benefiting from anything the professors are discussing amongst themselves; they just sit back, raise their hands, and wait for the chatter to die down so they can speak. If you’re measuring the success of the class by how many questions get asked and answered (think wireless bandwidth from clients) then too many chatty professors makes for a fruitless day.

In a wireless environment, a similar occurrence happens when too many APs are in one area. As a rule of thumb, we generally say at any given point in space, if a client were there, it should only be able to see a maximum of 5 APs. Two to four is more normal; five is on the high end of the spectrum, but may be needed in the case of traditional microcell solutions that require channel staggering and AP density to support client density.

Each vendor will have a general rule of thumb for AP counts also, based on unobstructed square footage. For example, a vendor may generalize that they recommend one AP per 2,000 sq ft. Keep in mind, these are always just extremely rough starting points, because actual AP count and placement depends on user density, RF environment and building materials. What you won’t (or shouldn’t) see is a vendor recommending extremely high AP density, regardless of how much they may want to sell you ‘extra’ APs.

And, that’s why more APs aren’t always better

# # #

Share

There are enough people writing about SOPA (Stop Online Piracy Act) and PIPA (Protect IP Act), and I don’t intend to add unnecessary commentary to the anti-SOPA movement. And yes, I am anti-SOPA.

Instead, I encourage you to check out this post by EFF, see how you can contribute to the effort, if you are also against the SOPA act. https://www.eff.org/deeplinks/2012/01/thank-you-internet-and-fight-continues 

Thanks to all these efforts, the NY Times reports that at least 10 representatives have withdrawn their support, as of 9pm Eastern January 18th. Read the full article here: http://www.nytimes.com/2012/01/19/technology/web-protests-piracy-bill-and-2-key-senators-change-course.html?_r=1

Note these websites (and many many many more) that participated in the SOPA Blackout today:

• Google, www.google.com  (gathered 4.5 petition signatures)
• Wikipedia, www.wikipedia.com (offers direct links to contact your representatives)
• Wired, www.wired.com
• FireBoing Boing, www.boingboing.com
• Reddit, www.reddit.com

Thank you all for helping raise awareness!

# # #

Share

For whatever reason, we all seem to live with the delusion that wireless networking works like a wired connection, but over the air. And, in that world, we also have leprechauns. The truth is the layer 1 (physical) properties of wireless and RF are completely different; polar opposites in some cases. And, in comparison to our long-loved wired technologies and standards, RF is inherently flawed in design, in many ways. I’ll address that another day. For now, let’s talk about the duplex properties of wireless. And by talk about them, I mean, discuss the lack of.

Wireless is half-duplex. Yep, let that sink in for just a minute before you keep reading. What it means is, something can talk, and it can listen, but it can’t do both at the same time. As an extension of that behavior, wireless has some unique anti-collision standards, specifically designed to address the screwy nature of RF. In a wired network, we can use collision detection, but in the air, our wireless stuff has no way to detect a collision, so the best they can do is make darn sure there isn’t a collision to detect, and so in wireless we have collision avoidance technologies employed.

The collision avoidance technologies in wireless bend over backwards to make sure things (ie wireless devices and APs) aren’t talking over one another.

Imagine standing in a classroom of 50 students, with one person, the professor, on a podium at the front. The students need to speak to the professor, and the professor needs to hear each student with a question, but it must happen in turn. Comparable to how this happens over wireless medium, we have two ways to do this;

• a) students can raise their hands, and the professor acknowledges each, and calls on him or her to speak, or
• b) the students can look around the room, speak up when it’s quiet, and stop speaking if someone else starts at the same time.

The former is how RTS/CTS (request to send and clear to send) technologies work. The latter is comparable to CSMA/CA (carrier sense multiple access, with collision avoidance). Both are used in contemporary wireless LANs.

This is a short and rather crude explanation of the duplex and collision avoidance properties of wireless, but it should come in handy when seeking to understand complications with RF transmissions. I know most of you don’t care about the acronyms and IEEE standards, so here’s your brief explanation without the nitty gritty details .

# # #

Share

Well, it’s finally “real”. Until now, this book has existed only as a flurry of emails, phone calls and Word documents immersed in a sea of highlighting. Today, Low Tech Hacking materializes in ink and paper.

Ladies and gentlemen, I present to you Low Tech Hacking, now shipping!

You can order your copy at Amazon for about $30, links are below. If you pre-ordered a copy, yours should be on the way today.

Low Tech Hacking

• Low Tech Hacking at Amazon

• Low Tech Hacking at Syngress

As most of you probably know, although I’ve written numerous articles, white papers and guides, this is my first contribution in authoring a book.

You’ll find my work in the introduction, with an overview of each chapter, and in Chapter 4 Low Tech Wireless Hacking, offering nearly 50 pages of juicy wireless hacking fun.

I am so honored to have worked on this piece with such great people, especially our lead author and friend, Jack Wiles. I can’t say enough good things about my experience with Jack and the team at Syngress/Elsevier Publishing.

In reviewing and editing other chapters, I enjoyed the great content from our co-authors, Terry Gudaitis, Russ Rogers and Sean Lowther. I learned a lot myself reading the book, and hope you do too!

Go ahead, order your copy today, and remember we LOVE feedback, so please return to Amazon to write a review once you’ve read the book. If you do write a review on Amazon, I think Jack and I can work out some prize for your efforts. We’ll have to figure out what that is… suggestions?

P.S. I really hope you enjoy it!
-JJ

Low Tech Hacking
ISBN: 1597496650

Table of Contents
Chapter 1: Social Engineering: The ultimate low tech hacking threat
Chapter 2: Low tech vulnerabilities: Physical security
Chapter 3: More about locks and ways to low tech hack them
Chapter 4: Low tech wireless hacking
Chapter 5: Low tech targeting and surveillance: How much could they find out about you?
Chapter 6: Low tech hacking for the penetration tester
Chapter 7: Low tech hacking and the law: Where can you go for help?
Chapter 7: Information security awareness training: Your most valuable countermeasure to employee risk

Chapter 4: Low tech wireless hacking

• Wireless 101: The electromagnetic spectrum
• 802.11 and Bluetooth low tech hacks
• DoS and availability
• Backdoors and cracks
• Going rogue
• Assault by defaults
• Bypassing specific security tools

 

# # # 

Share

The subtitle reads These books that lead you to believe that you can achieve success by simply working smarter and not harder are lying.

Finally! Someone has written a great, succinct post that embodies my feelings of all the assertions that we should ”work smarter, not harder” and reduce our output to an “X-hour work week.” That’s complete crap.

In the past few years, I’ve caught (yes, that’s how I feel about it) several of our manufacturer partners with these sorts of books, and to be honest, it angered me. I’m a huge proponent for balancing life and work, but these particular individuals were habitually unresponsive and difficult to work with, as it was. I can only imagine if they reduced working from their usual 30 hours to – oh let’s say 4. “No way, buddy” I thought, “Put that book down and get your shit done.” If you don’t like your job, then get another job, but don’t punish your coworkers, your employer, your customers and partners by trying to minimize the amount of time you have to put in each week.

What a great little reminder, on this day-after-Christmas. Hop over to Inc Magazine Online and read this short and sweet post “Why You Should Work Smarter, and Harder” by Matthew Swyers, of The Trademark Company.

# # #

Share

With HP’s newer v2 modules for the HP 5400 series chassis switches, we’ve received a lot of calls from customers who experienced a conflict when adding newer modules to a switch. More information is forthcoming to help pick apart the differences between HP’s original modules and the newer v2 series. For now, this Minimum Software Version table should serve as an easy reference to tell what minimum firmware you need to support a specific module.

How do you know if a module isn’t compatible with your firmware? It’s usually pretty simple; the module won’t work. You’ll see an error color or flashing in the Module Indicator LEDs. In the switch CLI, the commands #show modules and #log –r will likely uncover more details.

Related Resources

• Currently available modules for the HP 5400 and 8200 chassis
• Lookup for software and manuals for HP 5400 (type “5400″ in the search box)
• Direct link to current code for the HP 5400 series

Minimum Software Versions
for HP Series 3500, 3500yl, 5400zl, 6200yl, 6600 and 8200zl Switches and Hardware Features

• Current as of 2011-12-07
• V2 series modules shown in Purple
• V1 modules on the list are shown in Orange
• Switches are shown in Grey

Transceivers and Optics

For minimum software requirements for supported transceivers,
1. Go to http://www.hp.com/networking/support.
2. In the search box, type J4858 (for 100Mb and Gig), or J8436 (for 10Gig).

3. Select any of the products that display in the dropdown list.
4. Select Product support information. Then click on Manuals and find the Transceiver Support Matrix.

# # #

Updates

Share