Recently, I have been trying to figure out how to keep the laptops in our office from grabbing an ip address on the wireless connection when they are plugged into the local lan, thus grabbing two ip addresses, not to mention the security implications. Now, one would think this would’ve been something that would have been thought of early on and included in the operating system, or, at the very least, something you could do with group policy on a domain controller. Nope, at least, as far as I have been able to tell. I’m still a little hopeful that I might be able to figure out some registry keys to change, once I find a better registry monitor than the one I have, maybe I will figure it out.
It is very easy on most laptops to turn off the wireless connection, such as hitting the function key and F2 on Dell laptop, but who wants to rely on users pressing a key or key combinations every time they login to our network, so, an it has to automatically happen when you dock your laptop or plug in an Ethernet cable. Below I am outlining what I did to make it happen on several different laptops, the ones we actually use in the office. Good thing wireless networks don’t get too finicky and work with most Telephone Systems International. Click on the image to see the larger size.
Dell laptops with a Dell wireless adapter in them are very easy to disable when connected to a wired network, on the adapter there is a setting called “Disable Upon Wired Connect”, all you have to do is go into device manager, find the network adapter and double click it and go to the advanced tab. Enable this setting and it will turn off the wireless card when connected to your lan.
Unluckily for us, most of our Dell laptops have an Intel wireless adapter, such as the PRO 2200BG, and they do not have this feature. You need to install the Dell Quickset utility, get it here, enter your model and search for quickset, and then go into the location profiles setting:
Next you need to go into the General Mobility Settings and select Modify Settings:
Lots of people searching around for anonymous proxies to use, either for work or school, to allow them to get past their network settings that block certain sites, such as MySpace or Youtube. Schools have to block out certain types of sites by law, such as porn and hate sites, and they usually add sites that occupy children’s time, like MySpace, to keep them doing their school work and not horsing around on the Internet. Now, this is usually a good policy, but if you are down with your work, or actually need to visit a MySpace to find something, your hosed, and that is where proxies, often called MySpace unblockers or YouTube unblockers, come in.
It is very simple, in your Internet Explorer browser, click on Tools at the top in the menu, the on Internet Options, then click the Connections tab, then, at the bottom click Lan settings. On that page you will see at the bottom the proxy server section, copy the ip address from the list below that you want to use, paste it into the Address: box, then get the port number that is listed after the ip address you selected below, and type it into the Port: box, these numbers are usually 8080, 80 or 3128. Click ok and you are good to go.
A little warning: Always be careful what you click on when you go looking for free proxy sites, or MySpace Unblockers, most sites are just trying to make a quick buck and some may load you up with malware, some will automatically forward you to an advertiser, they probably get paid per click, and some will bombard you with popups. This is not a safe field to be searching in, so bookmark this page, as we are malware and popup free and we want return traffic, so nothing malicious will happen here, guaranteed.
I scraped this list off of this site, Proxy 4 Free, so, if a MySpace unblocker or Youtube unblocker quits working, visit that site, as they check and test the proxies very often, looks like daily, and this site appears to be okay, can’t guarantee any of the links though.
IP Address | Port | Type in what Country
188.8.131.52 | 8080 | transparent in China
184.108.40.206 | 3128 | transparent in Australia
220.127.116.11 | 8080 | high anonymity South Korea
18.104.22.168 | 3128 | transparent in Greece
22.214.171.124 | 80 | transparent in Australia
126.96.36.199 | 8080 | transparent in India
188.8.131.52 | 3128 | transparent in Slovak Republic
184.108.40.206 | 3128 | transparent in Australia
220.127.116.11 | 3128 | transparent in Brazil
18.104.22.168 | 80 | anonymous in China
22.214.171.124 | 8080 | transparent in Thailand
126.96.36.199 | 8080 | transparent in Germany
188.8.131.52 | 80 | transparent in China
184.108.40.206 | 8080 | transparent in India
220.127.116.11 | 80 | transparent in China
18.104.22.168 | 80 | transparent in Denmark
22.214.171.124 | 3128 | transparent in Australia
126.96.36.199 | 80 | high anonymity China
188.8.131.52 | 8080 | anonymous in China
184.108.40.206 | 3128 | transparent in Brazil
220.127.116.11 | 8080 | transparent in Pakistan
18.104.22.168 | 80 | transparent in China
22.214.171.124 | 8080 | transparent in Turkey
126.96.36.199 | 80 | transparent in Turkey
188.8.131.52 | 3128 | transparent in Brazil
184.108.40.206 | 80 | anonymous in South Africa
220.127.116.11 | 3128 | transparent in Australia
18.104.22.168 | 80 | anonymous in Russian Federation
22.214.171.124 | 8080 | anonymous in China
126.96.36.199 | 3128 | transparent in Australia
188.8.131.52 | 8080 | anonymous in United States
184.108.40.206 | 80 | transparent in Spain
220.127.116.11 | 8080 | transparent in Turkey
18.104.22.168 | 8080 | transparent in Singapore
22.214.171.124 | 3128 | transparent in Australia
126.96.36.199 | 3128 | transparent in United States
188.8.131.52 | 8080 | transparent in Turkey
184.108.40.206 | 80 | transparent in Kuwait
220.127.116.11 | 3128 | transparent in Lebanon
18.104.22.168 | 8080 | transparent in China
22.214.171.124 | 3128 | transparent in Philippines
126.96.36.199 | 3128 | transparent in Brazil
188.8.131.52 | 80 | high anonymity in Vietnam
184.108.40.206 | 8080 | transparent in Germany
220.127.116.11 | 8080 | high anonymity China
18.104.22.168 | 80 | anonymous in China
22.214.171.124 | 80 | transparent in Denmark
126.96.36.199 | 80 | high anonymity in Vietnam
188.8.131.52 | 3128 | transparent in Brazil
184.108.40.206 | 80 | anonymous in South Korea
220.127.116.11 | 3128 | transparent in Malaysia
18.104.22.168 | 80 | transparent in Australia
22.214.171.124 | 80 | transparent in Australia
126.96.36.199 | 3128 | transparent in Malaysia
188.8.131.52 | 3128 | transparent in Czech Republic
TechCrunch has an interesting post on a new network monitoring tool that gives a visual representation of your network traffic. NetQOS was created by the people from NetPerformance.com which is run by network performance management experts, with a wide variety of content and contributions from highly regarded network professionals and industry analysts. This is interesting, it is just unfortunate that it is not available to anyone yet, and they have no plans to release it, but ask that you contact them if you think this will fill a need.
NetQoS has a little something to bring video game-style drama to the hum drum task of monitoring your system traffic. Their program, Netcosm monitors the traffic flowing across your routers and remasters that data into entertaining clashes of good and evil data packets like the one you see above. The only question is whether your system admin with find it more entertaining to see your system get ?Slash dotted? than do anything about it. Source: Watch Your Network Play Space Invaders
From their FAQ,
SuperAgent captures and analyzes data in 5 minute increments. This representation takes that 5 minute analysis and recreates traffic that symbolizes what happened within that 5 minute timeframe. Each 5 minute segment takes only 10 or 15 seconds to represent, so Netcosm loops through the last 3 hours of gathered data and represents it in a space-like setting.
NetQoS SuperAgent is the end-to-end performance monitoring product of the NetQoS Performance Center product suite. SuperAgent analyzes end-to-end application response time passively from every network location to the data center, giving IT organizations visibility into how well the network infrastructure is delivering applications to end users across the enterprise. SuperAgent enables IT organizations to solve problems faster, validate the impact of change, and report the quality of service by:
- Isolating response time delays to the network, server, or application
- Launching automatic investigations into problems
- Measuring the impact of infrastructure changes and reporting service level quality for internal users and external service providers
So, this announcement at TechCrunch was just to get some network professionals interested and see if they can get in any interest in releasing it as a tool. Bah. Why get us excited about something and then not give it to us? I would like to see what my network traffic looks like, but I probably won’t be hanging around waiting on it. A video demonstration is posted below.
Categories: Networking Tags:
One of the great things about having a blog is I can do whatever I want with it, this post is on learning IP subnetting and I have found a good video to go with it, so I am bumping it up to today and adding the IP subnetting video, one of the many training videos from Cisco, will and possibly some more info later.
If you’ve ever struggled to learn IP subnetting, here is a detailed bookmark for you. Essentially, subnets are smaller networks inside of a larger one, breaking up IP networks helps avoid wasting IP addresses and this little guide will make it seem easy. Wish I had this when I first started to learn networking and Cisco routers, would’ve made it much easier. Years later, I had a teacher give me some of the same advice and I thought, where have you been.
IP subnetting is a fundamental subject that’s critical for any IP network engineer to understand, yet students have traditionally had a difficult time grasping it. Over the years, I’ve watched students needlessly struggle through school and in practice when dealing with subnetting because it was never explained to them in an easy-to-understand way. I’ve helped countless individuals learn what subnetting is all about using my own graphical approach and calculator shortcuts, and I’ve put all that experience into this article. Source: Techrepublic
Check out this great quick reference from the article.
Just read this great article on how Skype and other peer to peer applications are using UDP hole punching to get around firewalls and allowing them to establish direct connections between clients, which speeds up their applications as nothing really has to go through the main servers. They still can, if this type of connection does not work, such as on busy networks, but it really slows things down on the client and on Skype’s servers.
But anyone who has used the popular internet telephony software Skype knows that it works as smoothly behind a NAT firewall as it does if the PC is connected directly to the internet. The reason for this is that the inventors of Skype and similar software have come up with a solution.
The trick used by VoIP software consists of persuading the firewall that a connection has been established, to which it should allocate subsequent incoming data packets. The fact that audio data for VoIP is sent using the connectionless UDP protocol acts to Skype’s advantage. In contrast to TCP, which includes additional connection information in each packet, with UDP, a firewall sees only the addresses and ports of the source and destination systems. If, for an incoming UDP packet, these match an NAT table entry, it will pass the packet on to an internal computer with a clear conscience.
Network administrators who do not appreciate this sort of hole in their firewall and are worried about abuse, are left with only one option – they have to block outgoing UDP traffic, or limit it to essential individual cases. UDP is not required for normal internet communication anyway – the web, e-mail and suchlike all use TCP. Streaming protocols may, however, encounter problems, as they often use UDP because of the reduced overhead. Source: heise Security
The easiest way to stop this is to block all or limit all outgoing UDP traffic. Read the article, it has some good information and examples on how you can do this yourself.
In a news release, Nortel says they are committed to leadership in 4G mobile broadband and will revolutionize wireless economics with launch of MIMO-powered mobile WiMax. The technology uses mulitple antennas, multiple in, multiple out, and using this technology, they will be able to deliver video-grade content for as little as one-tenth the cost of 3G networks. It will be able to deliver three times the speed and double the subscriber capacity with greater range and building penetration, and will deliver sppeds that rival broadband internet technologies, such as cable or dsl.
Their WiMax solution is based on OFDM-MIMO, and together, the transmission strengths of OFDM (orthogonal frequency division multiplexing) and advanced antenna capabilities of MIMO (multiple input, multiple output) will allow more users to be packed into available spectrum at speeds more than 10 times faster than current commercially deployed UMTS networks and four to five times faster than HSDPA. Nortel is the only company to provide OFDM-MIMO in its mobile WiMax solution, currently.
“The power of WiMAX for high-bandwidth applications opens a whole new world of mobility, that provides new capabilities and processes for businesses and new revenue-generating services for operators,” said Godfrey Chua, research manager, Wireless and Mobile Infrastructure, IDC. “WiMAX has the potential to revolutionize entertainment, provide communication capabilities that haven’t even been considered yet, and bring the true Internet experience to the mobile realm.”
In addition to introducing the Mobile WiMAX portfolio, Nortel also announced its collaboration with chipset maker Runcom to fuel the WiMAX business advantages by delivering MIMO chipsets that will enable the WiMAX ecosystem of network technologies and devices.
Nortel’s WiMAX solutions are being trialed with carriers around the world, in Asia, Europe and the Americas – and have been deployed by Netago Wireless with the Special Areas Board of Alberta in Canada and Craig Wireless in Greece.
Nortel’s WiMAX solution offers flexible operations and is designed to operate in the 1.5, 2.3, 2.5 and 3.5 GHz frequencies. The solution is based on field-proven, next-generation platforms and leverages the Company’s leadership in supplying carrier wireless solutions, including CDMA, GSM and WCDMA core technologies. The solution is comprised of new MIMO base station transceivers, access service network gateways, connectivity services networks, mobile subscriber stations and network management systems. Source: Nortel
Nortel is demonstrating the new solution at the WiMAX World USA 2006 trade show in Boston, today through to October 12 at booth 323.
Here are some great articles on networking news, security tactics, new ethernet white papers, internetworking white papers and network security news, advice and technical information. Get the latest on hardening the network, controlling network access and the best security strategies, technologies and products.
Categories: Networking Tags: