Ethereals changing name to the snappy "wireshark ".
Sounds like good news to me for the very trivial reason that I always used to go looking for Ethereal at www.ethereal.org only to find that it wasn't there ;op
Recently in Networking Category
Post about using ToR to launch attacks (or in this case vulnerability scanners). Using this it appears that you can be more or less anonymous on the Internet, at a network level anyway. Only the entry point to the ToR network will know the origin of your traffic. Of course if you get to the site and put in identifiable information about yourself, that would somewhat defeat the purpose ;op
Of course it would be probably be possible to reconstruct traffic if you could grab the whole ToR network... but unless you're wanted by governmental agencies.. that shouldn't be a problem!
One thing though. I wonder whether we'll see cases of uninformed courts trying to press charges against the exit points of networks like ToR as they will be what turns up in the logs of destination web servers....
There's a great interview with Marcus Ranum over at Securityfocus. It's obvious from the responses that he's been around in network security for a while and knows what's what..
Also there's a couple of great quotes...
in response to "If a standard protocol is broken or insecure, what is the best solution? Maybe supporting only some features or adding a crypto layer?"
If it's broken, adding crypto just makes it broken and hidden. is a classic...
also there's some interesting thoughts on de-perimeterisation and advocacy of data-level protection as the solution to all evils
Ping Tunnel - Send TCP traffic over ICMP
Another great example of why once you allow one protocol/port through your firewall, it's pretty easy to get any other traffic through... This one's interesting, in that it levereges ICMP...
Breaking Firewalls with OpenSSH and PuTTY
This is a good walkthough on using SSH to tunnel other protocols through firewalls.
Usually though, I find that the protocols which are left open on firewalls these days are HTTP and sometimes SMTP....
Of course HTTP is all you need as things like SSL VPNS can be used to tunnel arbitrary protocols.... over HTTPS... while I think of it, there's a handy free one called SSL explorer
Over at RouterGod there's a very informative series of articles about various Cisco topics. They're in the News Archives section and they've got an..... interesting way of presenting the information ...
