Category: networking

  • Speedy hosts blocklists

    One of the ways to block your machine from connecting to “unwanted” hosts (however you define this criteria) is to list the DNS name of the host in the hosts file of your system and associate it with a different IP address than the real one. While this solution has some limitations (for example: it…

  • GFI LanGuard review

    Disclaimer: I never worked as a professional network admin and all my experience was gathered in small testing environments. Also, I received a 12 month evaluation key from GFI for the purpose of writing this review, however aside from the key, I didn’t receive any form of compensation from anyone for writing this review. As…

  • WPA2 is still hard

    Some time ago I found out that you have to install some not-so-well-documented updates (which are not delivered automatically by Windows Update) to use WPA2 to encrypt the traffic of your wireless network (and it is advised to use WPA2, since all the prior standards have known weaknesses). However I was unpleasantly surprised that support…

  • Detecting malicious hosts with p0f

    Lately I’ve posting a little malicious hosts, and here is the latest installment of the series: The basic idea is: infected computers (“bots” or “zombies”) can be be used to perform network actions on behalf of their “masters”. Some of these actions are usually done by “server class” machines. Two examples for such actions are: sending…

  • I saw/read about SSLstrip – should I be afraid?

    A friend of mine said that  he saw the SSLstrip presentation from BlackHat DC 2009 and asked me if he should be afraid. Here is the advice that I gave: you shouldn’t be afraid. Fear is a bad motivator because it wants to force you to act quickly. A much better concern is informed concern.…

  • Yet an other alternative for “Reverse IP”

    Nitpicker’s corner: so the title it not 100% correct, since I’m focusing more on the question “what websites are hosted on this server” rather than “what DNS names is this server known under”. Here are some possible ways to answer this question: Do an actual reverse DNS lookup. The problem is that there isn’t actually…

  • “Official” DDoS tools

    There are quite a few people who perform computer attacks while claiming political reasons. The Arbor Network blog discusses a recent example: a group of people asking you to download and run their tool it “help israel” (this could maybe be called “political-engineering”, and is quite curious, because people are being told that the downloaded…

  • New packetlife contest

    The January contest for PacketLife is up. As usual, I have absolutely no idea on how to approach it :-), but I’m very curious about the solution.

  • Congestion Control in Computer Networks

    Here is a short presentation I’ve done about congestion control in computer networks. Some thoughts: Things usually are simpler than they look. For example the TCP congestion control algorithm. Still, they can be very powerful (this is similar with DES for example – which I’ve had to reimplement for “educational purposes”, and found that, at…

  • Curious network infrastructure

    I was doing a traceroute to 208.67.222.222 (resolver1.opendns.com) to see if I can figure out the reason for the initial startup delay and observed the following curious thing (this is on a DSL line from Romtelecom marketed under the “ClickNet” brand here in Romania): 1 13 ms 13 ms 13 ms … computer’s public ip…