Verizon Routing Millions of IP Addresses for Cybercrime Gangs

Posted on January 13, 2016 by mea

Because spammers can’t easily obtain new IP addresses through legitimate means, they frequently resort to stealing IP address blocks that are dormant and aren’t being utilized by the rightful owners. There is a thriving black market in IP addresses; spammers don’t care whether the source of their IP addresses is legitimate or even legal. A cybercriminal that can steal a large IP address block (for example, a /16 or 65,536 IP addresses) can generate thousands of dollars per month.

Source: Verizon Routing Millions of IP Addresses for Cybercrime Gangs

Wi-Fi Alliance® introduces low power, long range Wi-Fi HaLow™

Posted on January 11, 2016 by mea

Wi-Fi HaLow extends Wi-Fi into the 900 MHz band, enabling the low power connectivity necessary for applications including sensor and wearables. Wi-Fi HaLow’s range is nearly twice that of today’s Wi-Fi, and will not only be capable of transmitting signals further, but also providing a more robust connection in challenging environments where the ability to more easily penetrate walls or other barriers is an important consideration.

Source: Wi-Fi Alliance® introduces low power, long range Wi-Fi HaLow™ | Wi-Fi Alliance

How new ‘white space’ rules could lead to an urban super-Wi-Fi

Posted on August 15, 2015 by mea

The UHF spectrum, which ranges from 400 to 700 MHz, is superior to the higher-frequency signals used for existing Wi-Fi hotspots, the researchers said, as these signals carry for miles and are not blocked by walls or trees.

Source: How new ‘white space’ rules could lead to an urban super-Wi-Fi | Computerworld

It should be noted that carriers such as AT&T and related associations such as the National Association of Broadcasters objected to the FCC rules in the run up to the commission’s August meeting, citing concerns that new unlicensed uses in the 600 MHz band would create interference.

I wonder what AT&T’s true motivation for their objection.

IPv4 address stock dwindles as North American database runs dry

Posted on July 2, 2015 by mea

The move does not mean that there are no IPv4 addresses left, but that requests will have to be smaller to be accommodated or applicants will have to wait for blocks of address space to be returned.

Source: IPv4 address stock dwindles as North American database runs dry – IT News from V3.co.uk

The dwindling amount of IPv4 addresses means that their worth is increasing, something the UK government is hoping to cash in on by selling off around 17 million unused addresses that could be worth millions of pounds.

Introducing s2n, a New Open Source TLS Implementation

Posted on July 1, 2015 by mea

In order to simplify our TLS implementation and as part of our support for strong encryption for everyone, we are pleased to announce availability of a new Open Source implementation of the TLS protocol: s2n. s2n is a library that has been designed to be small, fast, with simplicity as a priority. s2n avoids implementing rarely used options and extensions, and today is just more than 6,000 lines of code. As a result of this, we’ve found that it is easier to review s2n; we have already completed three external security evaluations and penetration tests on s2n, a practice we will be continuing.

Source: Introducing s2n, a New Open Source TLS Implementation – AWS Security Blog

If you are interested in using or contributing to s2n, the source code, documentation, commits and enhancements are all publically available under the terms of the Apache Software License 2.0 from the s2n GitHub repository.

Scientists Have Broken One of the Biggest Limits in Fibre Optic Networks

Posted on June 28, 2015 by mea

Essentially what the UC San Diego researchers did was to develop a system (frequency comb) that acts a bit like a concert conductor, which is the person responsible for tuning multiple instruments in an orchestra to the same pitch at the beginning of a concert.

The engineers then used this comb to synchronize the frequency variations of the different streams of optical information (optical carriers), which can compensate in advance for the crosstalk interference (this will be familiar to those who have been reading about FTTC / VDSL2 Vectoring technology on copper cables) that can occur between multiple communication channels within the fibre optic cable. The frequency comb also ensures that the crosstalk interference is reversible.

Source: Scientists Have Broken One of the Biggest Limits in Fibre Optic Networks – ISPreview UK

DEF CON SOHOpelessly Broken Router Hacking Contest

Posted on May 26, 2015 by mea

Young said the routers largely lacked any form of authentication happening on the server, instead the routers were doing password authentication on the browser. Compromising password hashes weren’t much a barrier for the contestants, and for hackers in the wild as well.

Source: DEF CON SOHOpelessly Broken Router Hacking Contest | Threatpost | The first stop for security news

Young said he would download the firmware from the respective vendor, extract it using tools such as Firmware Mod Kit to explore its design and eventually learn which files house administrative passwords and how the web server logic works with the router. Some models such as Netgear, TrendNet and others will return the password when submitted with the proper request.

This is why admin access to a SOHO router should only be accessible from the LAN side and not the WAN side. Making admin changes should happen rarely. One of the biggest things a malicious actor can do is point DNS requests to their malicious server allowing them to divert all LAN traffic to wherever they want. Devices typically get a DNS address when they obtain an IP address from the router via DHCP.

Kicking the SOHO router seems to be a hot topic today. From: The Moose is loose: Linux-based worm turns routers into social network bots | Ars Technica

The malware, dubbed “Linux/Moose” by Olivier Bilodeau and Thomas Dupuy of the security firm ESET Canada Research, exploits routers open to connections from the Internet via Telnet by performing brute-force login attempts using default or common administrative credentials. Once connected, the worm installs itself on the targeted device.

How microwaves could help you surf the Internet at the speed of light

Posted on May 19, 2015 by mea

The drawback with microwave is low bandwidth. To get around that, their solution would rely on the microwave network between cities for web and data traffic for which minimal latency is important. Other things for which latency isn’t as critical, like video consumption (which is currently 78% of web traffic), could continue to use existing infrastructure, so congestion wouldn’t be an issue. Traditional fiber would be used to bring data to users up to 100km away from the microwave endpoints; even at that distance, the latency introduced by fiber would be minimal.

Source: How microwaves could help you surf the Internet at the speed of light | ITworld

A New Vulnerability Allows DoS Attacks on iOS Devices

Posted on April 23, 2015 by mea

Basically, by generating a specially crafted SSL certificate, attackers can regenerate a bug and cause apps that perform SSL communication to crash at will. With our finding, we rushed to create a script that exploits the bug over a network interface. As SSL is a security best practice and is utilized in almost all apps in the Apple app store, the attack surface is very wide.

via “No iOS Zone” – A New Vulnerability Allows DoS Attacks on iOS Devices ».

This exploit only crashes a device making it unusable. There is no mention of making end to end encrypted communications vulnerable. By moving outside the range of the access point the IOS device automatically connected to should break the connection bringing the phone back to normal.

Devices with wifi left on will try and connect themselves to any open access point. While this shouldn’t be a problem attacks like this can happen. I would classify this attack more of an irritant than anything serious.

Innovation boosts Wi-Fi bandwidth tenfold

Posted on April 21, 2015 by mea

Experts say that recent advances in LED technology have made it possible to modulate the LED light more rapidly, opening the possibility of using light for wireless transmission in a “free space” optical communication system.

“In addition to improving the experience for users, the two big advantages of this system are that it uses inexpensive components, and it integrates with existing WiFi systems,” said Thinh Nguyen, an OSU associate professor of electrical and computer engineering. Nguyen worked with Alan Wang, an assistant professor of electrical and computer engineering, to build the first prototype.

via Innovation boosts Wi-Fi bandwidth tenfold.

The electromagnetic spectrum with wifi can be flakey and interconnecting access points using this spectrum can fail frequently and cause significant bandwidth problems. Integrating led tech into devices may take time to develop some kind of standard but using this for point to point wireless communication could prove very useful in certain use cases.

Bucktown Bell

Cut to the chase.

Category Archives: Networking