Something Non-IT just for relaxation + as a change

                                                                                                                                      Figure 1

‘Towser’ the Killer Cat (Guinness world record holder)

Name          : Towser     

Birth           : 21/Apr/1963                                                

Death          : 20/Mar/1987                                                            
                                                                                                                                                                        
Service       : 24 Years

Record       : Biggest mice killer in the world (28,899 mice)

Towser was a long-haired Tortoise shell breed female cat who holds the official Guinness world record for killing most number of mice. It is calculated that Towser has caught about 3 mice daily during her life time. The auditors for the Guinness book of records observed Towser's expertise over a number of days and her total kill count was estimated statistically. Towser was lived in Scotland and offered her generous service for Glenturret Distillery. Refer Figure 2         

                                 

                                                                            Figure 2 

Distilleries often keep cats on their premises because mice like to eat the barley that is used for making whiskey. And also it is reported that Towser had laid her victims out on the Still House floor each morning to be inspected by the stillman.

After the death of Towser, she was commemorated by Glenturret Distillery by putting up a bronze statue of her at visitor’s centre and her story was telecasted in BBC children’s program, ‘Blue Peter’. Refer Figure 3. Her paw prints also decorate the label on a bottle of Fairlie's light Highland Liqueur

                                                                            Figure 3

It can be guessed that all mice in Scotland must had celebrated the death of their enemy in grand scale.

References

[1] Glenturret Distillery, Wikipedia, viewed 12 Oct 2010, < http://en.wikipedia.org/wiki/Glenturret_Distillery>

[2] Puss Idol hunt for distillery cat, 2005, BBC News, viewed 12 Oct 2010,

[3] OMG Facts, viewed 12 Oct 2010, < http://www.omg-facts.com/search.php?type=article&text=towser >

‘Figure 1’[image] Puss Idol hunt for distillery cat, 2005, BBC News, viewed 12 Oct 2010, < http://news.bbc.co.uk/2/hi/uk_news/scotland/4596611.stm >

‘Figure 2’[image] Glenturret Distillery, Wikipedia, viewed 12 Oct 2010, < http://en.wikipedia.org/wiki/Glenturret_Distillery>

‘Figure 3’[image] viewed 12 Oct 2010, < http://www.cuillinn.com/Towser.jpg >

Please feel free to comment on this if you liked it. Refer previous post on how to comment a post

Did you know these???

Bluetooth

                                                                                                                                           Figure 1                   Bluetooth is an open wireless technology for transferring data over shorter distances (up to 100m). It creates Personal Area Networks (PANs). It was created by Sweden based telecom company Ericsson in 1994 which was originally used as a substitute for RS-232 (Serial) data cables. An adhoc group of up to 8 Bluetooth devices (1 master + 7 slaves) is called as a ‘Piconet’. Today Bluetooth is managed by ‘Bluetooth Special Interest Group’. [1, 2]

The aim of this mini article is to reveal the secret behind Bluetooth’s logo. The word Bluetooth is an anglicised version of ‘Blatand’ in Danish. It was the epithet of kink Herald I of Denmark and parts of Norway who lived in 10th century. He united Danish tribes into a single kingdom who were apart from each other. Same logic applies in Bluetooth in a way that uniting several communication protocols together forming a universal standard.

Bluetooth logo is a bind rune (aggregation of letters) merging two letters of Younger Futhark alphabet which were initials of King Herald (Hagall + Bjarkan). [1] Refer Figure 2.

Figure 2

References

[1] Bluetooth, Wikipedia, viewed 7 Sep 2010, < http://en.wikipedia.org/wiki/Bluetooth >

[2] Piconet, Wikipedia, viewed 7 Sep 2010, < http://en.wikipedia.org/wiki/Piconet >

[3] ‘Figure 1’[image] in admin, 2009, ‘B for communication’, DAVENG WRITES, viewed 7 Sep 2010, http://davengwrites.com/


Cisco & Tsunami

Cisco’s legacy wireless access points’ default SSID was ‘tsunami’. Refer Figure 1. From Cisco IOS Release 12.3(7)JA , there is no default SSID. [1, 2]

                                                                                Figure 1
References

[1] Cisco IOS Software Configuration Guide for Cisco Aironet Access Points, 12.2(15)JA, Cisco Systems, viewed 7 Sep 2010, < http://www.cisco.com/en/US/docs/wireless/access_point/12.2_15_JA/configuration/guide/s15ssid.html >

[2, Figure 1] Cisco IOS Software Configuration Guide for Cisco Aironet Access Points 12.3(7)JA, Cisco Systems, viewed 7 Sep 2010, < http://www.cisco.com/en/US/docs/wireless/access_point/12.3_7_JA/configuration/guide/s37ssid.html >

Systems Administrator's Song

A tribute to all Sys Admins out there !!!!



Do not forget to comment on your favourite posts as described in a previous post.

Wi-Fi Myth Busters Series – Episode 4

                                                                                                                                                                Figure 1

Myth # 8 : Wireless IDS is needed to prevent rogue access points.

It is true that IDS (Intrusion Detection Systems) can identify 802.11a/b/g rogue APs. But it is not smart when detecting non 802.11a/b/g rogue APs which uses 900MHz and/or FHSS. Apart from those legacy technologies, latest Bluetooth and MIMO (802.11n draft) also can be taken. Although some wireless IDS vendors produce products which can detect such non standard APs, it is hard to identify them comprehensively. IDS blocks rogue APs in DoS method (Denial of Service) too by de-authenticating/disassociation of RAPs and their associated stations. This method is not successful because Wi-Fi adapters can have its drivers configured to ignore disassociation requests.

Some other vendors shut down the wired switch port that the RAP is connected to. This is unsuccessful too as if RAP is configured with encryption and authentication (even WEP) will not allow wireless IDS to send message to wired portion of network.

             Figure 2

As a perfect solution, wired 802.11x authentication (EAPOL – EAP over LAN) which blocks access on every port can be taken. When 802.11x is configured, network access is denied until a device authenticates as a supplicant with an authenticator (mostly RADIUS). If a company has the above mentioned structure already, wireless devices can be integrated into it easily. And also 802.1x authentication negotiates an encrypted key which prevents intruders spoofing MAC addresses as they don’t have the secure key. So answer for this myth is clearly “No it is not.”

Read more about 802.11x here.

Myth # 9 : A wireless IDS is not necessary if other rogue AP prevention measures are in place.

Even though this myth was busted in previous point, still there are some needs to use IDS. Most administrators do not go for IDS as it is very expensive and only few people know what all the things an IDS can do. Actually IDS can provide troubleshooting and optimization features such as location tracking, remote packet captures and RF interference levels analysis. Those ways can be beneficial for an administrator to handle this Rogue Access Points pain centrally without going here and there gathering information. So in this way it is clear that IDS can do a better service in performance optimization and troubleshooting more than security.

References

Miller, B & Hill, G 2006, ‘Eleven Myths about 802.11 Wi-Fi Networks’, Expert Reference Series of White Papers , 18 August, pp. 7-8, Global Knowledge Training LLC., viewed 05 September 2010

‘Figure 1’ [image] in 2009, ‘The second day of the School on Low Cost Wireless’, school2009, viewed 05 September 2010, http://wireless.ictp.it/groups/school2009/wiki/8d8fe/Group_Two's_-_Day_Two.html

‘Figure 2’ [image], KBR Wireless, viewed 05 September 2010, http://kbrwireless.com/hardware/80211x.htm

The previous episode of this series has been posted on 24th Aug 2010 which can be found easily in here. If you enjoyed this article, please leave a comment as described in previous week.

Wi-Fi Myth Busters Series – Episode 3

                                                                                                                                 Figure 1                  Myth # 6 : Captive Portals are an effective ways to prevent unauthorized users

When WPA/WPA2 cannot be used, some organizations such as airports, hotels, shopping malls and universities tend to go for captive portals for authentication. It restricts access until a user authenticates through a web interface. Refer Figure 2. Actually, captive portals provide Layer 2 security which means it places authenticated users’ MAC addresses in a pool of authorized MAC addresses until users log off. So it can be considered as a dynamic MAC filter. But, how many utilities are there in market to spoof MAC addresses? So is it safe as people think?

Asiri’s Experience : When I was doing our rogue access point detection project, I could change MAC of my laptop easily using ‘ifconfig wlan0 hw ether 00:XX:XX:XX:XX:XX’ .

                                                                            Figure 2

As WPA/WPA2 is very common in most wireless devices, best solution is to go for it with a personal passphrase. Even though some security flaws are there with WPA, of course it is more secure than a captive portal.

Myth # 7 : Disabling SSID broadcast may protect network from intruders.

By disabling SSID broadcast, it stays hidden from users and whenever a user wants to connect, he has to enter parameters manually rather than auto detecting. When devices are connected to access point, they constantly probe for other networks with same SSID for roaming purposes. The response from AP’s are sent in clear text surprisingly and unfortunately.

Asiri’s Experience : I could reveal hidden SSID networks by using Kismet wireless sniffer within few seconds. Kismet is not the only tool which can be used for that task.

So moral of the story is SSID is hidden as long as network is dead.

References

Miller, B & Hill, G 2006, ‘Eleven Myths about 802.11 Wi-Fi Networks’, Expert Reference Series of White Papers , 18 August, pp. 5-6, Global Knowledge Training LLC., viewed 23 August 2010

‘Figure 1’ [image] in 2009, ‘The second day of the School on Low Cost Wireless’, school2009, viewed 23 Aug 2010, http://wireless.ictp.it/groups/school2009/wiki/8d8fe/Group_Two's_-_Day_Two.html

‘Figure 2’ [image],‘Captive Portal Guideline’, Wireless LAN service in UM, viewed 23 Aug 2010, http://ictoinfo.umac.mo/wireless/portal.html

The previous episode of this series has been posted on 16th Aug 2010 which can be found easily in here.

Please support to keep your favourite blog live and rich with contents !!!

It would be very helpful if you give your feedback for any post or about this blog using any of the following methods ;

1. - Post a comment by clicking on "x comments" link under each and every post
2. - Follow using your gmail account. Use the "Followers" panel at the right side of blog.
3. - Follow using Twitter. Use the "Twitter Updates" panel at the right side of blog
4. - Directly contact Asiri by email  support@asirirajapakse.com

Your feedback may help Asiri to post more valuable articles fine tuned as per your choices. Thank You for visiting Asiri's Blog.