The Hidden Security Risks of P2P Traffic

For years enterprises have been trying to control peer-to-peer (P2P) technologies inside their networks, and for good reason. The efficiency with which P2P technology move large files have made P2P networks key enablers of the Internet grey market by acting as the distribution mechanism of choice for pirated movies, music or applications…read more at ThreatPostThe Hidden Security Risks of P2P Traffic.

Network Access Denied error when reaching a share you once had access to

If you share a folder, you should only give permission to users who need access.

Never share a folder to Everyone.

But let’s say, that you once had access to a folder or a device such as a shared printer and now when you travel across your network, you get an ‘Access Denied’ error.   You were prompted for the username and password when you first logged in but you changed it or it was changed by someone else.

(Of course the first thing you should do is check permissions on the device if you can. )

Second, if you remembered the login credentials,  you may need to delete the credentials in order to receive a prompt from the device so you can enter the new username or password.  So how do you remove remembered credentials?

  • On Windows 7, click on the orb and type Credential Manager.  You’ll see the Credential Manager in your list.  Click on it.   Select the device you are logging into and either delete it or change the password to the correct password.

You can backup your vault with its saved passwords and information.  You must store this info in a safe place.   You will be prompted to hit CTRL-ALT-DEL prior to finishing the backup and you will be asked for a password to protect the backup.

Dibbler can help small businesses with IPv6

What is Dibbler?  “Dibbler is a portable DHCPv6 implementation. Is supports stateful (i.e. IPv6 address granting) as well as stateless (i.e. option granting) autoconfiguration for IPv6. Linux 2.4/2.6/3.0, Windows XP/2003/Vista/Win7 (experimental for NT4/2000), Mac OS X, FreeBSD, NetBSD and OpenBSD.” Sourceforge

How can it help?  If you have a non compliant IPv6 router or operate in a small business environment.

Where can I get it?  Sourceforge – Read the documentation before implementing this software on any network.

 

Testing IPv6 Teredo – A comprehensive list

Instead of trying to impress everyone with bits, bytes and binary, we’re trying to put these tips in layman terms for young IT professionals (quick start guides).

If you have installed your Teredo drivers and IPv6, you should receive a 2001: IP address on your Tunnel adapter if you do an ipconfig at a command prompt.   You can assign your self an ipv6 address based on this scheme if you are behind a router (home wireless or other) That is not IPv6 compliant.  How?

Teredo is a protocol that works behind NATed devices – (by the way, NAT is going away…yes going away.  Stateful firewalls and the security of IPv6 won’t require NAT anymore after you are 100% compliant)

It breaks down like this.  Your router gives you an IPv4 address with its DHCP server.  The IPv6 address you want is an  IP address a 128 bit address instead of 32 bits.   To see newer IPv6 websites, you’ll need Teredo to get you there (both IPv4 and IPv6).   So how does an IPv6 address break down?

Prefix     –    Teredo Server IPv4     –    Flags      –    UDP Port        –   Your IP address(Teredo Client)
2001:0:           4136:e378:                       63bf:              8000:                     c0a8:0405   <- is 192.168.4.135 (Example)

So the first part doesn’t change (Prefix/Teredo Server/Flags/UDP Port) but where do you get the Teredo Client address?

You can take your ip address (IPv4) and put it into a conversion utility and  after the conversion, you but the hex number  to where the Teredo Client goes (above).

Is it working after you put it (The ip address)  into your network adapter statically?

Note:You won’t need a gateway or DNS in the IPv6 section – however you will need an IPv6 DNS server address that has an IPv4 numbering scheme to put in your router?

WhatIsMyIPv6.com test your 4, 6 or both

        

test-ipv6.com runs a comprehensive test where you can see results of test

          

ipv6-test.com checks for IPv6 Connection Test
ipv6-test.com Speed Test
ipv6-test.com Ping Test
ipv6-test.com PMUTD  (Determines possible MTU problems)

              

Wireshark IPv6 picture load from IPv4 and IPv6

Test your IPv6 speed to Japan

Global Eye Candy Chart

Arin’s wiki page on IPv6 Troubleshooting

Feel free to use Twitter, Facebook or the links below if this has helped you!   Please leave comments and suggestions that will help home users or businesses.

Pssst…need more help?  http://www.ipv6actnow.org/

Installing Teredo and Troubleshooting

IPv6 can be more efficient and your speed on the internet could improve.

You’ve been riding the internet on a protocol (language) called TCP/IP.   This protocol allowed over 4 billion devices to route and move your data packets across the internet under a numbering scheme called IPv4.  Now there is no more room on the largest network in the word for anymore devices.   Our consumerization and need for technology has grown so exponentially that years ago, more than a decade, we decided on a new numbering scheme.  In hopes everyone would slowly develop devices and operating systems to comply with this, the individuals who came up with the scheme knew mankind would procrastinate and plans were made to make room for what humankind desired.  We  use the same protocol but now every new device has to have a new address in order to be efficient and fast.

The transition phase we are in is too confusing for the average person and even IT guys.   Everyone around the web is talking about how efficient IPv6 is and how easy it is to use.  There are writings and boasting of how writers understand the numbering scheme and how binary and hexadecimal work but no real help.  Ironically no one is really telling just how to get to IPv6 and how to be what IT guys call IPv6 native (using one set of numbers).

You see as sites such as Google’s IPv6 site http://ipv6.google.com go on line, the IPv4 guys can’t get there unless they use what we call a tunnel or tunnel broker.

As many ISPs brag about transitioning to IPv6, many ISPs are lost or don’t fully understand.   Older routers provided by the ISPs are in place and home owners have wireless routers that aren’t IPv6 compliant.   These devices will have to be replaced for true native IPv6 compliance and routers across the U.S. and the globe will have to be replaced.   Corporations will have to replace devices in their networks and in their server rooms over a period of time.

So how can you get to newer servers that are going online for now?  You can use the Teredo drivers provided in Windows and the IPv6 under your network adapters.   Your best bet is to upgrade to a modern operating system such as Windows 7 or Windows 8.  (We’ll do an Apple and Linux story later this weekend).

Here’s the steps you will need to take to insure you have IPv6 for now if your ISP is not ready.

  • First test your connection for IPv6 by going to test-ipv6.com or ipv6-test.com (you very well may have Windows 7, a wireless router, and an ISP that are compliant – congratulations!)
  • If you fail the test, first make sure IPv6 is enabled under your network adapters by clicking the network icon on your taskbar, opening the network center and click on adapters.  Right click on your connected adapter (no X on the adapter) and select properties.  Ensure IPv6 is checked.
  • Next open the Device Manager by right clicking Computer and selecting Manage – next click the device manager – On the top menu bar, select View and Show Hidden Devices – Expand the Network Adapters and look for 6to4 and Teredo (Microsoft drivers)
  • If you don’t have these, you can click on the computer’s name at the top of the device manager tree and select add a legacy device – manually (not automatically) install the devices under the vendor Microsoft.  If your devices have an exclamation point, make sure there are no duplicates in the Device Manager tree (if so delete all of them and add them back – follow up by rebooting).  IF you have an exclamation point on the devices, delete and add them again followed by rebooting your computer.
  • Once you have the drivers in place and IPv6 checked, go to a command prompt and type ipconfig.  You should have a 2001: number.
  • If not, reboot your computer.   Once you reboot, go to a command prompt and look again for 2001: number – Still have problems?  Try these steps-
  • If there is no IPv6 Tunneling when an IPConfig is ran
    ·        Make sure IPv6 is checked
    • (Windows 7 Professional)
    • Run “gpedit.msc” from the Start Menu by typing it into the search bar or “Run” bar.
      • Navigate to Computer Configuration -> Administrative Templates -> Network -> TCPIP Settings -> IPv6 Transition Technologies
      • Double click the “Teredo Default Qualified” setting, change it from “Not Configured” to “Enabled”, and click OK, then close gpedit.msc.
      • The setting should take effect rather quickly, but you can do “gpupdate /force” to force a refresh.
    • In the start menu search bar type REGEDIT.  Navigate to the following:  HKEY_LOCAL_MACHINE\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP6\PARAMETERS.
      In the right pane, right click Disabled Componets and select edit.  Set the DWord value to 0.
    Device Manager followup -
    ·        Make sure three drivers are loaded (Device Manager under Networking after you select Show Hidden Devices)
    o   6to4
    o   Teredo
    Note: If not, you need to go to the computer’s name at the top of the tree and right click add legacy hardware.  Manually – Select Microsoft and the two drivers above
    Next   Open a Command prompt as an Administrator (in the search text box, type cmd and right click on cmd and  select Run as Administrator)
    This will add a Microsoft Tunnel – type the following -
    netsh interface teredo set state client teredo.ipv6.microsoft.com 60 34567
    netsh int ipv6 show teredo  (This should show a connection that is good) If not reboot and once signed in, go back to the command prompt and open as an administrator and follow these steps -
    Adding a route   (You may have to add a route if this fails) Type the following -
    Netsh interface IPv6 show interface        <- Look for the first MTU of 1280 this will be the teredo and also make note of the idx number of the interface
    Netsh interface IPv6 show route
    Use these commands add a route
    Example (netsh interface ipv6 add route ::/0 interface=14)
    netsh interface ipv6 add route ::/0 interface= put in your interface id here such as 14 or 16 or 20
    Reboot your computer  – you should now with any luck at all have an IPv6 address.   You now need to open your network properties in (remember this assumes you do not have an IPv6 compliant wireless router) the Network and Sharing Center and configure a static IPv6 address – Do Not configure a gateway.
    You should be able to go to http://ipv6.google.com or to ping ipv6.google.com
    If you played around too much, you may want to try going to a command prompt as an administrator and resetting your IPv6 route by typing -

    netsh int ipv6 reset
    Reseting Unicast Address, OK!
    Reseting Route, OK!
    Restart the computer to complete this action.

    These steps will be updated as we tweak them out.

AlternateStreamView – View/Copy/Delete NTFS Alternate Data Streams

 

But what is an Alternate File Stream?

The Dangers of Alternate Data Streams – Files Hidden Inside of other Files

An article I wrote at Brighthub explains what these are.

How can you find them?

AlternateStreamView is a small utility that allows you to scan your NTFS drive, and find all hidden alternate streams stored in the file system. After scanning and finding the alternate streams, you can extract these streams into the specified folder, delete unwanted streams, or save the streams list into text/html/csv/xml file…..AlternateStreamView – View/Copy/Delete NTFS Alternate Data Streams.

Can Your Digital Images Withstand A Court Challenge? | DFI News

While the transition from film to digital happened with little fanfare, the vastly different steps, processes, limitations, and vulnerabilities involved when creating a digital photograph hasn’t been widely recognized…Can Your Digital Images Withstand A Court Challenge? | DFI News.

ISO/IEC 17025:2005 Accreditation of the Digital Forensics Discipline | DFI News

Over the past several years, digital forensic related training and education has expanded rapidly in both the public and private sectors. Concurrently, many public (and some private) laboratories now routinely examine digital media. An all encompassing definition of the discipline is:

ISO/IEC 17025:2005 Accreditation of the Digital Forensics Discipline | DFI News.

Excellent website (shared by addthis)