LinuxPlanet Casts

Media from the Linux Moguls

Archive for the ‘topology’ Category

Pimp My Network | TechSNAP 27

without comments

post thumbnail

Facebook is fooled again, remote controlled voting machines, and Sony has another 93,000 accounts hacked, we’ll load you up on the details!

Then – We cover your best options for pimping your home network for speed!


Direct Download Links:

HD Video | Large Video | Mobile Video | WebM | MP3 Audio | OGG Audio | YouTube

Subscribe via RSS and iTunes:

Show Notes:

Facebook URL scanner easily fooled

  • Facebook has a malicious URL scanner that checks urls linked to in posts to make sure they do not contain content that could be harmful to users
  • The most simple content cloaking technique, displaying different content to different users (ie, look for the facebook bots user-agent string) and fool this system
  • In the example proof of concept attack, the url looks like a .jpg file, and will get a thumbnail in the facebook preview, but if you follow the link, you will be rickrolled
  • Proof of Concept

*

Sony Locks 93,000 Accounts After Hacking Attempt

  • Sony has suspended 93,000 accounts that were successfully accessed during a massive wave of failed login attempts.
  • This suggests that Sony does not have any automated systems for slowing, or blocking such brute force attacks.
  • The attack effected large numbers of users on both the PSN/SEN, and SOE
  • While Sony claims the the attackers must have had a list of username/password combinations from some other site that was attacked, the fact that 100s of thousands of accounts had attempts against them, and 93,000 succeeded, suggests one of a few hypothesises:
  • The attack used user data from the original sony hack (and/or users reset their passwords back to the same stolen passwords)
  • The flaw in the PSN password reset system that allowed attackers to reset other users’ passwords was more widespread that first though
  • Users were the victims of the multiple phishing attempts we saw around the the PSN compromise
  • Sony was compromised again
  • Additional Article
  • Sony CISO Statement

*

Diebold Voting machines susceptible to untraceable man in the middle attack

*

Feedback:

  • Dominic emails in:
    YOU’RE DOING IT WRONG

  • How to connect multiple switches

  • Q: When building physical network topology, say you have 5x 8 port switches, are you best to connect the router to port 1 of switch#1 then connect various other computers to the rest of the ports on switch#1 with the last port connecting to switch#2 which has one port to switch#3 and so on (essentially daisy chaining) or have one ‘master’ switch where each port of the switch connects to each of the other switches (2, 3, 4 and 5) then have the router and PCs plugged into those (I know its a bit overkill for a home network but its just in theory as I’ve had to deal with stuff like network loops and such before and wondering if there is any real advantage between the two methods).

  • A: The second setup you described is a proper ‘hierarchical networking model’, which usually consists of three layers. The first layer is the Access Layer, this is where individual computers are connected to the network, this is typically just a (relatively) low-end switch. The next layer, is the Distribution Layer, this is where a lot of routers and firewalls do their work, they usually also acts as the separation between departments, locations and regions. Typically computers in the same Access Layer can reach each other directly without going through a router. The top layer of the network is the Core Layer, this is the fastest part of the network, where data is exchanged between the different Distribution Layers. In your more limited setup, the ‘master’ switch would be the Core Layer, and exchange traffic between each of the different Access Layer switches. However, for your home this may not be the best setup. If all of the switches are 100mbit, then the links between the Core Layer switch, and the Access Layer switch can be a bottleneck. For example, if you had 2 pairs of clients communicating with each other on the same switch (so 4 machines, A<->B and C<->D), they could each communicate at 100mbit/second. However, if A and C are on Access Layer switch#2, and B and D are on Access Layer switch#3, then the bandwidth between #2 and #3 is limited to 100mbit total, and so each stream would only be able to use 50mbit/sec. However, if A and B are on one switch, and C and D are on another, then no data is exchange through the Core Layer at all. So a number of factors, especially your traffic patterns, must be considered when setting up your network topology. You do not have to worry about creating ‘loops’ or anything as long as each switch only has a single path to each other switch. Higher end switches (managed ones) will have ‘STP’ (Spanning Tree Protocol), which allows them to avoid loops even when they have multiple paths, while still adapts and using one of the extra paths if the preferred path is disconnected.

  • At my house, I have a 5 port gigabit switch, and 3 100mbit switches. My PC, Router/File Server, and Media center connect to the gigabit switch, the 4th port goes to the wireless AP, and the 5th to the switch in my bedroom. The remaining 100mbit switch (used for the machines in the rack in my living room) is fed off the wired ports for the wireless AP.

Round Up:

Written by chris

October 13th, 2011 at 9:11 pm