Posts by Category

Buttons

Pure New Zealand

This site is driven by Blosxom

T
his site was written in vi

SDF is driven by NetBSD

Subscribe to this sites RSS/XML feed

This site has a Tableless Stylesheet

Email me

Aug 13, 2006

AirTight Wireless Security

I've been looking at the cool stuff from AirTight.

With all the interest in wireless technologies (it seems only a few years ago that Apple demo'd the AirCard in a clamshell iBook) it seems security has been a bit of an after-thought. Fine for consumers but not quite ready for an organisation to truly trust.

AirTight's SpectraGuard product is pretty much the best-of-breed when it comes to locking down your WLAN. Using a combination of server and sensor arrays you can monitor all WLAN activity within your vacinity - in fact depending on the landscape and structure-density the sensors are so good you will pickup activity 1 to 2km's away. Within minutes of entering the AirTight system we were able to spot 50 Access Points and 600 Wireless PC's.

In terms of the management console you can see the wireless name, mac address, ssid, type of security, channel, protocol, vendor and location (the sensors can triangulate location and superimpose onto a map). For each object you can view extended properties, locate, quarantine, ban, authorise/deauthorise and troubleshoot (which uses ethereal/pcap).

You can also view suspect events (rogue ap's, suspected netstumbler activity, honeypots etc) and generate all sorts of security/audit reports.

From a security perspective you can lock down your own network to participating ssid's, vendors and protocol lists (immediately reducing your profile). You can also block/disrupt/interrupt/degrade wireless connections - only a few channels per sensor; you can't wipeout wireless connectivity blockwide unless you have a lot of sensors (its nice to know that you can actively fight back against war-drivers that park up outside your building and try launching probes/attacks on your WLAN).

The interface is nice, simple and intuitive with a sensible out-of-the-box configuration. Once configured you can quite happily leave it to do its thing (eg its not high-maintenance).

Once these things start to work with Bluetooth, wireless USB and RFID you'd be able to do some pretty interesting things. Its actually pretty amazing to think that these sorts of technologies are even available given the sorts of things I suspect they'll be capable of doing in the very near future.

Time to pull out the tin-foil hat.

[/tech/network] | [permalink] | [2006.08.13-20:56.00]

The Coming Conflagration + More

Something to look forward to perhaps - The Coming Conflagration. Fingers crossed that John is wrong.

Wonderful - a series of Infographics by the International Network Archive. Providing some interesting data on topics such as the global arms-race, movie, fast-food and transportation.

Genius - 3D maze using CSS and DOM. Now someone just needs to turn it into Doom.

One of those things everyone should know how to do - Rsync Incremental Snapshot Backups via SSH.

On a related note - Flash - useful for Sun Solaris systems - Using Flash Archive in the Solaris Operating System for Disaster Recovery. Handy for taking system snapshots.

Interesting - Basic Introduction to OpenBSD - possibly one of the most secure out of the box OS's available.

The first font to get the movie treatment - Helvitica: The Movie.

Thrill Power Overload - Dave Bishops Blog. Dave worked on 2000AD for quite awhile and is writing a historical overview of the comic on his blog. I didn't realise he was a Kiwi according to his Wikipedia profile . We're everywhere.

Excellent - Insecure.org has updated their list of the Top 100 Security Tools.

Interesting - ZoneCD: The Secure Way to Share Your Internet Connection. Some really good tips on securing wireless and also providing a safe/secure public wifi access facility.

[/links/2006] | [permalink] | [2006.08.13-20:52.00]

A very modern war . . . orders by PowerPoint

Definitely one of those WTF moments -

* PowerPoint Corrupts the Point Absolutely

[Army Lt. General David] McKiernan had another, smaller but nagging issue: He couldn’t get Franks to issue clear orders that stated explicitly what he wanted done, how he wanted to do it, and why. Rather, Franks passed along PowerPoint briefing slides that he had shown to Rumsfeld: "It’s quite frustrating the way this works, but the way we do things nowadays is combatant commanders brief their products in PowerPoint up in Washington to OSD and Secretary of Defense…In lieu of an order, or a frag [fragmentary order], or plan, you get a bunch of PowerPoint slides…[T]hat is frustrating, because nobody wants to plan against PowerPoint slides."

Only posted in the humour section because if you didn't laugh you'd have to cry.

[/humour] | [permalink] | [2006.08.13-09:59.00]