Free information about Network security http://e-articles.info/e/s/s/Network-security/ en-us E-articles.info 2006 - 2009 The passive network analysis approach has several advantages:• The analyzer does not interact with the network to discover hosts and their related vulnerabilities. • Only the interface through which the user accesses the software to get reports is active.• Little to no testing is required to be certain there is no negative impact on the network or hosts... by Paula Oberman http://e-articles.info/e/a/title/Advantages-and-Disadvantages-of-passive-network-analysis/ http://e-articles.info/e/a/title/Advantages-and-Disadvantages-of-passive-network-analysis/ Sat, 24 Oct 2009 00:33:17 GMT A significant advantage of this agent approach is the scalability gained from its distributed nature. Since the number of agents deployed is only limited by the number of compatible hosts and licensing costs, it is theoretically possible to perform an audit of every machine without generating any network activity except to configure the agent and report results. Although the audit is not performed over the network, the communication between the agent and the server is not always minimal... by Paula Oberman http://e-articles.info/e/a/title/Advantages-and-Disadvantage-of-agent-technology/ http://e-articles.info/e/a/title/Advantages-and-Disadvantage-of-agent-technology/ Sat, 24 Oct 2009 01:41:22 GMT Some key advantages of active scanning:Highly scalable because scanning takes place from a central location or distributed locations of the security architect’s choice and does not require software installation on the targets.• The technology can provide a hacker’s view of the network and targets, so the vulnerability manager can have a realistic view of their risks in the production environment.• Potential to support any networked device, that is, not limited to a compatible platform for an agent... by Paula Oberman http://e-articles.info/e/a/title/Advantages-and-Disadvantages-of-active-scanning/ http://e-articles.info/e/a/title/Advantages-and-Disadvantages-of-active-scanning/ Sat, 24 Oct 2009 02:49:27 GMT The Internet has grown at a very rapid rate, and it only gets better by the day. Every device that's connected to the Internet (Let it be some high end Web Server, VoIP Switches, Your PC, that new sleeky looking iPhone you've fallen in love with or any other device you may imagine) needs to have some unique identity. Without an identity the device cannot communicate or receive any communication... by Shafraz Thawfeek http://e-articles.info/e/a/title/What-is-NAT-(Network-Address-Translation)/ http://e-articles.info/e/a/title/What-is-NAT-(Network-Address-Translation)/ Wed, 30 Sep 2009 03:57:32 GMT   Fiber Characteristics that Affect Latency   Fiber-optic communication is a method of transmitting information from one place to another by sending pulses of light through an optical fiber. This is important to note when discussing the variables that affect latency. Distance   The definition of zero network latency would be network transport at the speed of light... by Judy May http://e-articles.info/e/a/title/Characteristics-that-Affect-Network-Latency/ http://e-articles.info/e/a/title/Characteristics-that-Affect-Network-Latency/ Mon, 24 Aug 2009 04:23:37 GMT Communication in large business environments is crucial to the efficiency of teams’ activity. We all have our email clients such as Outlook or Thunderbird but sometimes we just need a quick yes/no answer to our questions and don’t want to waste time walking down and forth the entire work area. That’s where the need for a local messenger comes up... by Nikolai Fokin http://e-articles.info/e/a/title/3-Reasons-Why-Corporate-Messenger-Software-is-Safer-than-Free-Messenger/ http://e-articles.info/e/a/title/3-Reasons-Why-Corporate-Messenger-Software-is-Safer-than-Free-Messenger/ Wed, 19 Nov 2008 05:31:42 GMT We live in a data-centric world that consumes information at an amazingly fast pace. The information we process as individuals all starts out as data stored somewhere and, more importantly, is a requirement driven by an application that generates the information that we are presented with. Where did all these applications come from and why do they require such vast amounts of data? The support of the increasing data-centric nature of OLTP and data analysis application systems evolved through experiences in large database applications using centralized mainframe configurations... by Kematur Serr http://e-articles.info/e/a/title/The-Data-centric-World/ http://e-articles.info/e/a/title/The-Data-centric-World/ Sat, 08 Nov 2008 06:39:47 GMT Network video surveillance is a growing business that provides products that can help to guarantee your family, home or business are protected. Technology makes our lives a lot more comfortable and good, but even with all today’s high tech machinery, security remains a major issue for everyone; we are all, at some time, exposed to criminal activity. There are many different types of network cameras available on the market to serve for your security wishes... by Michiel Van Kets http://e-articles.info/e/a/title/Network-surveillance-Cameras/ http://e-articles.info/e/a/title/Network-surveillance-Cameras/ Wed, 09 Jul 2008 07:47:52 GMT Without network components, there is no network, and without consideration for these components, there is no security! The first step toward a secure network topology is to examine the devices and systems used to implement it. The following considerations and types of equipment are common to an organization: · Access devices · Security devices · Servers and systems · Organization and layout Access Devices The access device is the piece of network equipment that provides Internet access and intercommunication between networks and is the first element required for an Internet-accessible organization. Organizations may not need an access device, but if they want to communicate with other networks or to provide access from the outside to employees or Internet users, an access device is needed... by Randy Groegel http://e-articles.info/e/a/title/Network-Components/ http://e-articles.info/e/a/title/Network-Components/ Mon, 17 Sep 2007 08:55:57 GMT The threats to a network should be known in advance of the design. The threats outlined here are organized into three categories: · External attacks · Internal attacks · Physical attacks Understanding the threats posed to a network connected to the Internet has several key benefits. This knowledge allows the network designers to protect against attack and compromise of systems, limit the effects of vulnerabilities, and isolate their interactions... by Randy Groegel http://e-articles.info/e/a/title/Network-Threats/ http://e-articles.info/e/a/title/Network-Threats/ Mon, 17 Sep 2007 09:23:15 GMT Denial of service is the category of attacks that cause a loss of service, or an inability to function. They come in many forms and strike many different targets. The results can last for minutes, hours, or days and can impact network performance, data integrity, and system operation... by Marcel Baldwin http://e-articles.info/e/a/title/What-Is-Denial-of-Service-and-How-Denial-of-Service-Works/ http://e-articles.info/e/a/title/What-Is-Denial-of-Service-and-How-Denial-of-Service-Works/ Fri, 14 Sep 2007 10:31:20 GMT The term intrusion detection means many things to many people; however, for the sake of clarity we're going to define it as the act of detecting a hostile user or intruder who is attempting to gain unauthorized access. Assuming this definition, a number of popular methods are used to detect intruders—for example, inspecting system, Web, application, firewall, and router logs for hostile or unusual activity. Some system administrators will implement binary integrity checkers such as AIDE or Tripwire, in hopes of catching successful attackers when they deposit Trojan code on compromised servers... by Denis Norman http://e-articles.info/e/a/title/An-Introduction-to-Intrusion-Detection/ http://e-articles.info/e/a/title/An-Introduction-to-Intrusion-Detection/ Thu, 13 Sep 2007 11:39:25 GMT You should note two points above all others when reading this article. First, there is no "one size fits all" IDS solution on the market today, and I highly doubt there will be one anytime soon. The IDS product landscape is a diverse one... by Denis Norman http://e-articles.info/e/a/title/What-to-Look-for-When-Choosing-an-IDS/ http://e-articles.info/e/a/title/What-to-Look-for-When-Choosing-an-IDS/ Thu, 13 Sep 2007 12:47:30 GMT A wide range of technologies can be used to provide remote access. Some of the traditional technologies include Frame Relay, leased lines, ISDN, and dialup links. Newer technologies include DSL, cable modems, and wireless technologies such as 802... by Leon Tufallo http://e-articles.info/e/a/title/Remote-Access-Technologies/ http://e-articles.info/e/a/title/Remote-Access-Technologies/ Wed, 12 Sep 2007 13:55:35 GMT You can configure any Cisco router with Cisco IOS Release 11.0 or later and at least two serial interfaces as a Frame Relay switch. Two interfaces are needed because the switch is primarily a data communications equipment (DCE) device and requires two routers to serve as the data terminal equipment (DTE) devices... by Leon Tufallo http://e-articles.info/e/a/title/Creating-WANs-by-Using-a-Cisco-Router-as-a-Frame-Relay-Switch/ http://e-articles.info/e/a/title/Creating-WANs-by-Using-a-Cisco-Router-as-a-Frame-Relay-Switch/ Wed, 12 Sep 2007 14:23:40 GMT You can use any Cisco router with an auxiliary port, a rolled RJ-45 cable, an adapter marked "MODEM" (Cisco part number CAB-25AS-MMOD), and any modem that is V.34-capable or better to build this lab. If you have one of the following routers, you can also use a SCSI-II 68-pin async port, an eight-to-one octopus cable, and a 25-pin adapter to build this lab: Cisco 2509/2510 Cisco 2511/2512 Cisco 2600/3600 with SCSI-II 68-pin 16/32-port async port The part number for the octopus cable is CAB-OCTAL-KIT... by Leon Tufallo http://e-articles.info/e/a/title/Creating-Asynchronous,-ISDN,-PPP,-DDR,-Dial-Backup,-AAA,-and-Security-Labs/ http://e-articles.info/e/a/title/Creating-Asynchronous,-ISDN,-PPP,-DDR,-Dial-Backup,-AAA,-and-Security-Labs/ Wed, 12 Sep 2007 15:31:45 GMT The devices involved in a modem connection belong to one of two groups: data terminal equipment (DTE) or data communications equipment (DCE). NOTE Interestingly, the Electronic Industries Association (EIA) defines DCE as data communications equipment. However, the International Telecommunication Union-Telecommunications Standards Sector (ITU-TSS, or ITU-T) defines DCE as data circuit-terminating equipment... by Leon Tufallo http://e-articles.info/e/a/title/A-Typical-Modem-Connection/ http://e-articles.info/e/a/title/A-Typical-Modem-Connection/ Wed, 12 Sep 2007 16:39:50 GMT When you configure a router to use NAT, you configure one interface to the inside of your network and another to the outside of your network. Any packets that have a source address belonging to the "inside" portion of your network have an inside local address as the source address and an outside local address as the destination address. The packet resides on the "inside" portion of your network... by Leon Tufallo http://e-articles.info/e/a/title/How-to-configure-NAT/ http://e-articles.info/e/a/title/How-to-configure-NAT/ Wed, 12 Sep 2007 17:47:55 GMT Associating with others to exchange and shape ideas for the purpose of advancing your job search and career position is what job search networking is all about. Since most jobs go unannounced and are often filled before you even knew there was a job, if you are going to conduct a job search, rather than look for a job, start rebuilding old acquaintances and making new ones. You’ll find the answer to the cry where are all the jobs? just by going out and making new friends... by Robert Taub http://e-articles.info/e/a/title/Quick-Tips-on-Networking/ http://e-articles.info/e/a/title/Quick-Tips-on-Networking/ Wed, 12 Sep 2007 18:55:15 GMT One of the first items you need to consider when designing a Frame Relay network, or any type of regional WAN, is how the connectivity will be laid out. When you are considering your Frame Relay for your choice in WAN mediums, you can choose from three basic design approaches: Star topology A topology in which endpoints on a network are connected to a common central switch by point-to-point links. The star topology's advantages include simplified management and minimized tariff costs... by Leon Tufallo http://e-articles.info/e/a/title/Frame-Relay-Topologies/ http://e-articles.info/e/a/title/Frame-Relay-Topologies/ Tue, 11 Sep 2007 19:23:20 GMT NAT is a very versatile feature that can be used for the following purposes: You use private or unregistered IP addresses on your internal network, but you want to connect to the Internet. NAT provides the necessary translations of your internal local addresses to globally unique IP addresses before sending packets to the outside network. You must change your internal addresses, but you don't want to... by Leon Tufallo http://e-articles.info/e/a/title/When-to-Use-NAT/ http://e-articles.info/e/a/title/When-to-Use-NAT/ Mon, 10 Sep 2007 20:31:25 GMT Frame Relay is an industry-standard switched data link layer protocol operating at the physical and data link layers of the OSI model. It can handle multiple virtual circuits (VCs) between Frame Relay-capable devices. The fields of the Frame Relay frame are as follows: Flag Used to identify the beginning and end of a frame... by Leon Tufallo http://e-articles.info/e/a/title/What-is-Frame-Relay/ http://e-articles.info/e/a/title/What-is-Frame-Relay/ Sun, 09 Sep 2007 21:39:30 GMT One reason for Frame Relay's popularity is its capability to logically create multiple connection-oriented data link layer communication paths between two devices across a single physical interface. These VCs provide you with a bidirectional communications path that can exist between a single pair of equipment, commonly called a point-to-point connection, or between multiple pairs of equipment, also known as a partial or full mesh. Each of these VCs is identified by a unique data link connection identifier (DLCI) that differentiates the communications between different devices... by Leon Tufallo http://e-articles.info/e/a/title/Frame-Relay-Virtual-Circuits/ http://e-articles.info/e/a/title/Frame-Relay-Virtual-Circuits/ Sun, 09 Sep 2007 22:47:35 GMT Dialer rotary groups are designed to simplify configuration for multiple callers and multiple-destination environments by binding a single configuration to multiple physical interfaces. Synchronous, asynchronous, ISDN BRI, and ISDN PRI interfaces can make up a dialer rotary group. A physical interface that is configured as a member of a rotary group assumes configuration parameters for the group... by Leon Tufallo http://e-articles.info/e/a/title/Dialer-Profiles-and-Dialer-Rotary-Group-Configuration/ http://e-articles.info/e/a/title/Dialer-Profiles-and-Dialer-Rotary-Group-Configuration/ Fri, 07 Sep 2007 23:55:40 GMT In order to understand the methodology of a hacker or cracker, one must understand what a hacker or a cracker is. Internet enthusiasts have argued the difference between hackers and crackers for many years. To define the terms hacker and cracker, my bottom line would probably be this: - A hacker is a person intensely interested in the arcane and recondite workings of any computer operating system... by Andy Crowd http://e-articles.info/e/a/title/The-Difference-Between-Hackers-and-Crackers/ http://e-articles.info/e/a/title/The-Difference-Between-Hackers-and-Crackers/ Mon, 23 Jul 2007 01:23:45 GMT DDR consists of two portions: logical and physical. Network layer address, encapsulation, and dialer parameters are part of the logical portion of DDR. The interface that places and receives calls is the physical portion... by Leon Tufallo http://e-articles.info/e/a/title/DDR-and-Dialer-Profiles/ http://e-articles.info/e/a/title/DDR-and-Dialer-Profiles/ Sun, 22 Jul 2007 02:31:50 GMT Separation of networks often comes in the form of specialized network functionality such as network management, monitoring, and remote access. Access to these functions may merit separation from the remainder of the network infrastructure. Different broadcast domains and network numbers communicate among each other via routers and by adding extra network interfaces to servers and network equipment... by Randy Groegel http://e-articles.info/e/a/title/Network-Separation/ http://e-articles.info/e/a/title/Network-Separation/ Fri, 20 Jul 2007 03:39:55 GMT Although most people have succumbed to using the term hacked when they refer to an illegal intrusions, the term cracked might be more proper. Cracked refers to that condition in which the victim network has suffered an unauthorized intrusion. There are various degrees of this condition... by Andy Crowd http://e-articles.info/e/a/title/Hacking;-Cracking;-and-Other-Malicious-Behavior/ http://e-articles.info/e/a/title/Hacking;-Cracking;-and-Other-Malicious-Behavior/ Thu, 19 Jul 2007 04:47:15 GMT Passive OS fingerprinting is a technique that is gaining popularity in both the cracker world as well as in the security world. Passive OS fingerprinting allows a person to identify an operating system by analyzing its TCP/IP stack. This technique is as stealth as stealth can get because all you need is a packet sniffer and some time... by Andy Crowd http://e-articles.info/e/a/title/Passive-Operating-System-Identification-Fingerprinting/ http://e-articles.info/e/a/title/Passive-Operating-System-Identification-Fingerprinting/ Tue, 17 Jul 2007 05:55:20 GMT In this article, we will cover the exploits run by crackers. We will also look at the SANS 10 Most Critical Internet Security Threats list. Exploits Reconnaissance is vital in figuring out what is open and what is closed... by Andy Crowd http://e-articles.info/e/a/title/SANS-Top-10-and-Exploits-run-by-crackers/ http://e-articles.info/e/a/title/SANS-Top-10-and-Exploits-run-by-crackers/ Tue, 17 Jul 2007 06:23:25 GMT Isolation of networks affects the flow of network data, which services run on particular systems, and where they are located. It does not affect any of the internal or external network data from traveling across those same paths. Isolation is often used to enhance the security and efficiency of the network by isolating certain network traffic to certain physical wires and networks... by Randy Groegel http://e-articles.info/e/a/title/Network-Isolation/ http://e-articles.info/e/a/title/Network-Isolation/ Tue, 19 Jun 2007 07:31:30 GMT The motivation behind building VPNs is spread along different sectors of human nature, be it cost reduction or privacy of the communication. The common part lies in virtualization of communications by using modern means of secure data transfer. The basic advantage for VPN communication lies in a cost reduction for interconnecting remote sites... by Krelle Xijao http://e-articles.info/e/a/title/Why-to-Deploy-a-VPN/ http://e-articles.info/e/a/title/Why-to-Deploy-a-VPN/ Tue, 15 May 2007 08:39:35 GMT Once a sufficient number of network behavior statistics are gathered, a proper wireless IDS can start looking for the suspicious events indicating the possibility of malicious attack. These events might be manifested as the presence of certain frame types, frequency of frame transmission, frame structure and sequence number abnormalities, traffic flow deviations, and unexpected frequency use. Let's categorize the events a quality wireless IDS should be able to detect and issue a warning for... by Krelle Xijao http://e-articles.info/e/a/title/Suspicious-Events-on-WLAN/ http://e-articles.info/e/a/title/Suspicious-Events-on-WLAN/ Tue, 15 May 2007 09:47:40 GMT In the "good old days," Internet access was a privilege of the few and many used to try getting access by all means possible. A common way to achieve unauthorized access was wardialing, or calling through long lists of phone numbers using automated tools such as Tonelock for MS-DOS or BreakMachine / Sordial for UNIX in search of modem tones and then trying to log in by guessing a username - password pair. The term wardriving, as well as everything else "war + wireless" has originated from these BBS and wardialing days... by Hazrul Aaron http://e-articles.info/e/a/title/Reasons-why-Wirelwss-Networks-are-hacked/ http://e-articles.info/e/a/title/Reasons-why-Wirelwss-Networks-are-hacked/ Mon, 14 May 2007 10:55:45 GMT Knowing what kind of individual might launch an attack against your wireless network is just as important as being aware of his or her motivations. From the motivations already outlined, it is possible to split attackers of wireless networks into three main categories: Curious individuals who do it for both fun and the technical challenge. This category of attackers does not usually present a huge threat to your WLAN and might even do a service to the community by publicly exposing insecure wireless networks and raising public awareness of wireless security issues... by Hazrul Aaron http://e-articles.info/e/a/title/Wireless-Crackers:-Who-Are-They/ http://e-articles.info/e/a/title/Wireless-Crackers:-Who-Are-They/ Mon, 14 May 2007 11:23:50 GMT The first thing to start from when deploying and securing a corporate wireless network is a design of a proper wireless security policy. The best source of information on writing a detailed and formal wireless security policy is the Appendix of the Official CWSP Guide. We concentrate on what the wireless security policy must cover and some specific technical aspects it should reflect... by Hazrul Aaron http://e-articles.info/e/a/title/Wireless-Security-Policy/ http://e-articles.info/e/a/title/Wireless-Security-Policy/ Mon, 14 May 2007 12:31:55 GMT This brings us to the topic of enabling WEP, closed ESSIDs, and MAC filtering as protective measures. Such defenses are "bypassable", you know how to do it. However, there are still sound reasons to enable these safeguards... by Hazrul Aaron http://e-articles.info/e/a/title/The-Usefulness-of-WEP-Closed-ESSIDs-MAC-Filtering-and-SSH-Port-Forwarding/ http://e-articles.info/e/a/title/The-Usefulness-of-WEP-Closed-ESSIDs-MAC-Filtering-and-SSH-Port-Forwarding/ Wed, 09 May 2007 13:39:15 GMT Let's build on the more technical aspects of the discussed policy considerations. We'll start from physical layer security. The physical layer security of wireless networks encompasses avoiding a signal leaking beyond the defined network boundaries and eliminating all intentional and unintentional sources of interference... by Hazrul Aaron http://e-articles.info/e/a/title/Layer-1-Wireless-Security-Basics/ http://e-articles.info/e/a/title/Layer-1-Wireless-Security-Basics/ Tue, 08 May 2007 14:47:20 GMT Vulnerability analysis, sometimes called vulnerability scanning, is the act of determining which security holes and vulnerabilities may be applicable to the target network. In order to do this, we examine identified machines within the target network to identify all open ports and the operating systems and applications the hosts are running (including version number, patch level, and service pack). In addition, we compare this information with several Internet vulnerability databases to ascertain what current vulnerabilities and exploits may be applicable to the target network... by Abraham Humphrey http://e-articles.info/e/a/title/Network-Vulnerability-Analysis/ http://e-articles.info/e/a/title/Network-Vulnerability-Analysis/ Tue, 08 May 2007 15:55:25 GMT There is a general misconception that only large enterprises are at risk from cracking, wireless cracking included. This is a myth, but it is very prevalent. Large corporations are where the money and sensitive data are... by Hazrul Aaron http://e-articles.info/e/a/title/Wireless-attacks-at-Corporations-Small-Companies-and-Home-Users/ http://e-articles.info/e/a/title/Wireless-attacks-at-Corporations-Small-Companies-and-Home-Users/ Mon, 07 May 2007 16:23:30 GMT The basic idea of using asymmetric cryptography is distributing public keys while keeping the private keys private and using a person's public key to encrypt data sent to this particular individual. This is defined as secure message format. The distribution of public keys can be done in a hierarchical manner (using X... by Hazrul Aaron http://e-articles.info/e/a/title/Practical-Use-of-Asymmetric-Cryptography:-Key-distribution-Authentication-and-Digital-signatures/ http://e-articles.info/e/a/title/Practical-Use-of-Asymmetric-Cryptography:-Key-distribution-Authentication-and-Digital-signatures/ Mon, 07 May 2007 17:31:35 GMT We have to ensure the security of the gateway that separates our AP or bridge or wireless-connected VLAN from the wired side. Such gateways are nothing more (or less) than a flexible stateful or proxy firewall that treats the interface connected to the WLAN side as an interface connecting the LAN to an insecure public network. The only specific requirement for the gateway is a capability to forward VPN traffic if VPN is implemented on the WLAN... by Hazrul Aaron http://e-articles.info/e/a/title/Deploying-a-Linux-Based-Custom-Built-Hardened-Wireless-Gateway/ http://e-articles.info/e/a/title/Deploying-a-Linux-Based-Custom-Built-Hardened-Wireless-Gateway/ Wed, 02 May 2007 18:39:40 GMT One can set up a reasonably secure wireless or wired network without knowing which ciphers are used and how the passwords are encrypted. This, however, is not an approach endorsed by us and discussed here. Hacking is about understanding, not blindly following instructions; pressing the buttons without knowing what goes on behind the scenes is a path that leads nowhere... by Hazrul Aaron http://e-articles.info/e/a/title/Introduction-to-Applied-Cryptography-and-Steganography/ http://e-articles.info/e/a/title/Introduction-to-Applied-Cryptography-and-Steganography/ Fri, 20 Apr 2007 19:47:45 GMT Streaming algorithms were designed to avoid speed and throughput penalties due to the implementation of block symmetric ciphers in CFB and OFB modes when bit-by-bit data encryption is required. Streaming ciphers are based on generating identical keystreams on both encrypting and decrypting sides. The plaintext is XORed with these keystreams to encrypt and decrypt data... by Hazrul Aaron http://e-articles.info/e/a/title/Streaming-Ciphers-and-Wireless-Security/ http://e-articles.info/e/a/title/Streaming-Ciphers-and-Wireless-Security/ Fri, 20 Apr 2007 20:55:50 GMT Other widely used hash functions include 128-bit MD5 from RSA Data Security, Inc., which is a very fast and commonly implemented hash. MD5 is traditionally used to encrypt Linux user passwords (hashes start with the "$1$" character), authenticate routing protocols like RIPv2 and OSPF, create checksums of binaries in RPMs, and verify the integrity of Free/OpenBSD ports files... by Hazrul Aaron http://e-articles.info/e/a/title/Hash-Functions-Their-Performance-and-HMACs/ http://e-articles.info/e/a/title/Hash-Functions-Their-Performance-and-HMACs/ Thu, 19 Apr 2007 21:23:55 GMT The best way of knowing these signatures is trying out the tools in question and sniffing out their output: "Attack through defending, defend through attacking" (Dr. Mudge). The best source on wireless network intrusion tool detection and attack signatures we are aware of is Joshua Wright's "Layer 2 Analysis of WLAN Discovery Applications for Intrusion Detection" and "Detecting Wireless LAN MAC Address Spoofing" papers... by Krelle Xijao http://e-articles.info/e/a/title/Examples-and-Analysis-of-Common-Wireless-Attack-Signatures/ http://e-articles.info/e/a/title/Examples-and-Analysis-of-Common-Wireless-Attack-Signatures/ Mon, 16 Apr 2007 22:31:15 GMT How many IDS solutions that implement the recommendations and follow the guidelines we have already discussed are present on the modern wireless market? The answer is none. There are many wireless IDS solutions that look for illicit MAC addresses and ESSIDs on the monitored WLAN. Some of these solutions are even implemented as specialized hardware devices... by Krelle Xijao http://e-articles.info/e/a/title/Deploying-a-Wireless-IDS-Solution-for-Your-WLAN/ http://e-articles.info/e/a/title/Deploying-a-Wireless-IDS-Solution-for-Your-WLAN/ Mon, 16 Apr 2007 23:39:20 GMT Message authentication using HMACs works just fine, but how do we distribute symmetric cipher keys among the users? We can pass them around on floppies or fancy USB pen-drives with encrypted partitions on them, but what if many users live all over the world? What if the physical key distribution method takes time and the keys must be frequently changed? This is the case with the traditional WEP, which should be rotated every few minutes. Key-encrypting keys (KEKs) were offered as symmetric cipher keys used only to encrypt other symmetric cipher keys before they are distributed. Therefore, only the distribution of KEK is required... by Hazrul Aaron http://e-articles.info/e/a/title/Asymmetric-Cryptography/ http://e-articles.info/e/a/title/Asymmetric-Cryptography/ Sat, 14 Apr 2007 01:47:25 GMT It is hard to overemphasize the importance of penetration testing in the overall information security structure and the value of viewing your network through the cracker's eyes prior to further hardening procedures. There are a variety of issues specific to penetration testing on wireless networks. First of all, the penetration tester should be very familiar with RF theory and specific RF security problems (i... by Hazrul Aaron http://e-articles.info/e/a/title/Penetration-Testing-as-Your-First-Line-of-Defense/ http://e-articles.info/e/a/title/Penetration-Testing-as-Your-First-Line-of-Defense/ Wed, 11 Apr 2007 02:55:30 GMT The article devoted to the proprietary and standards-based improvements for currently vulnerable 802.11 safeguards. The most publicized 802... by Hazrul Aaron http://e-articles.info/e/a/title/Proprietary-Improvements-to-WEP-and-WEP-Usage/ http://e-articles.info/e/a/title/Proprietary-Improvements-to-WEP-and-WEP-Usage/ Thu, 05 Apr 2007 03:23:35 GMT Thus, the main hope of the international 802.11 community and network administrators lies with the 802.11i standard development... by Hazrul Aaron http://e-articles.info/e/a/title/802.11i-Wireless-Security-Standard-and-WPA/ http://e-articles.info/e/a/title/802.11i-Wireless-Security-Standard-and-WPA/ Mon, 26 Mar 2007 04:31:40 GMT Can symmetric cryptography meet the requirements of the Biba model, based on the data integrity checks and proper authentication? The answer is "yes," but in a very inefficient way. Recall the practical authentication example with the UNIX (well, Linux in our case) password encryption flaw when DES in ECB is used. Of course, any of the feedback modes or 128-bit block ciphers can be used instead of DES, with the obvious performance penalties... by Hazrul Aaron http://e-articles.info/e/a/title/Cryptographic-Hash-Functions/ http://e-articles.info/e/a/title/Cryptographic-Hash-Functions/ Sun, 25 Mar 2007 05:39:45 GMT The first question that beginners ask before assembling their kit is whether a laptop or a PDA should be used for wireless penetration testing of any kind. Our answer is to use both if you can. The main advantage of PDAs (apart from size) is decreased power consumption, letting you cover a significant territory while surveying the site... by Hazrul Aaron http://e-articles.info/e/a/title/PDAs-Versus-Laptops/ http://e-articles.info/e/a/title/PDAs-Versus-Laptops/ Fri, 23 Mar 2007 06:47:50 GMT This section takes a few steps to describe the basic principles of the AAA methodology, which is considered to be the fundamental structure behind the Remote Authentication Dial-In User Service (RADIUS). Additionally we briefly identify the functionality and principles of the RADIUS protocol. In the middle of the section we go through the steps required to install, configure, maintain, and monitor your RADIUS services... by Hazrul Aaron http://e-articles.info/e/a/title/RADIUS/ http://e-articles.info/e/a/title/RADIUS/ Wed, 21 Mar 2007 07:55:55 GMT The next point in our security policy checklist is network positioning and separation. If there is a single access point or wireless bridge on the network, its deployment is straightforward: Plug the IP address into the WAN interface of an appropriately configured firewalling device. Such a device can be a sophisticated commercial wireless gateway, a configured common OS-based firewall, or even a SOHO firewall such as Cisco PIX 501 or Nokia SonicWall... by Hazrul Aaron http://e-articles.info/e/a/title/Secure-Wireless-Network-Positioning-and-VLANs/ http://e-articles.info/e/a/title/Secure-Wireless-Network-Positioning-and-VLANs/ Sun, 17 Dec 2006 08:23:15 GMT