Archive for the Networking Category

Temporal Key Integrity Protocol (TKIP)

Posted August 17, 2009 at 10:44 am in Networking | No Comments

Recently my girlfriend and I moved into a new apartment on Milwaukee’s Lower East Side. We had been using an old Linksys router at our previous quarters but with the new apartment only having a single cable drop in the most inconvenient location possible, we decided to go wireless. I had never used a wireless router at home before so I had a lot of research ahead of me. We wanted speed, range, security, and as inexpensive as possible. We ended up purchasing the Linksys WRT54G2 router due to it being a middle-of-the-road wireless router. The WRT54G2 uses 802.11g, contains two internal antennas and has an output power rated at 18 dBm. These characteristics met our first two requirements but what was there for security? The router offers WPA2, WEP, Wireless MAC Filtering and can use security keys of 128 bits. This seemed like the standard suite and the router was within our price range.

Setting up the router was easy and once everything was in working order I decided to start tinkering with its configuration. Under the Wireless Security settings I noticed a few interesting options. The ‘Security Mode’ option allowed me to select Disabled, WPA Personal, WPA Enterprise, WPA2 Personal, WPA2 Enterprise, RADIUS, and WEP. If I selected WPA Personal I noticed that the ‘WPA Algorithm’ option would set itself to TKIP with no other option. If I chose to use WPA2 Personal I was given a choice of AES or “TKIP+AES”. Having only dabbled with cracking WEP networks before I was curious as to what TKIP was.

Continue reading..

Are you wearing your SOCKS?

Posted July 4, 2009 at 8:25 pm in Networking | No Comments

SOCKSA while ago we looked at using Tor and Privoxy to allow us to remain anonmyous while browsing the web. I briefly mentioned SOCKS while we were configuring our web browser to route traffic through the onion network. This prompted me to take a deeper look at SOCKS.

Continue reading..

Demilitarized Zone (DMZ)

Posted August 27, 2008 at 7:31 am in Networking | No Comments

The demilitarized zone (DMZ), also known as the perimeter network, is a physical or logical subnetwork that creates separation between an internal network and an external untrusted network (usually the Internet). The DMZ provides an additional layer of security to the internal network.

External services such as mail servers, DNS servers, FTP servers, and web servers are exposed within the DMZ. These types of servers are commonly targeted by attackers to gain access to the internal network if they reside within the internal network. By relocating them to the DMZ, the attacker will still not have breached the internal network even if they are able to compromise one of these servers.

This rationale may seem a bit confusing but many of these servers and services are not critical to business continuity. All of these servers will have redundancy and readily available backups. If these servers were within the internal network, an attacker essentially has free reign to any trade secrets, financial data, employee data, databases, etc. With these servers in the DMZ the assets essential to business continuity are protected within the internal network.

Any service that is provided to users in an external network should be located within the DMZ. A mail server in the DMZ should forward incoming mail from the external network to an internal mail server and the internal mail server will pass outgoing mail to the DMZ mail server. This creates separation of duties amongst the mail servers while providing an additional layer of security to the network.

There are two common ways to implement a DMZ architecture: single firewall and dual firewall.

Continue reading..

Page 1 of 212