Category: Routers-Modem-Firewalls

On November 15, 2018, Norton ConnectSafe service is being retired or discontinued meaning the service will no longer be available or supported. You may continue to use ConnectSafe until November 15, 2018.
AntivirusmacbookModemsNetworkingRouters

Your Internet May Be Going Down Because Norton ConnectSafe Is Retiring

Hello, World! Your Internet connection may be going down this November 15, 2018 onward if your devices are connected to the internet via Norton ConnectSafe’s DNS IP addresses and you do not have a secondary DNS in place. The announcement is currently displayed at https://connectsafe.norton.com/configureRouter.html with a link to this FAQ that hopefully will answer most of your questions.

The DNS IP Addresses you need to check for and change from are any pair among the following:

  • 199.85.126.10
  • 199.85.127.10
  • 199.85.126.20
  • 199.85.127.20
  • 199.85.126.30
  • 199.85.127.30

If you changed your DNS, you probably know already which one you want to go to next. If you have no idea and need some time to investigate, you can either remove the DNS settings that you have in your device (computer or mobile device) and therefore default to your Internet Service Provider’s DNS settings or you can temporarily follow this How-To Geek article that offers step by step instructions on how to change your DNS to OpenDNS’ or Google’s if you trust these two tech companies.

Alright, you are now in the know, friend!

Advertisements
Wi-Fi Protected Access II (WPA2) Vulnerability Paper
AntivirusMalwareModemsNetworkingRouters

Wi-Fi Protected Access II (WPA2) Vulnerability – All Your Wi-Fi Devices Might Need A Security Patch

UPDATE3: On a website dedicated to the “Key Reinstallation Attacks,” https://www.krackattacks.com/, the researcher who brought attention to this vulnerability describes what it is, presents a demo of the attack against an Android device as client, and suggests practical steps in a rich Q&A article.

UPDATE2: More companies have updates available. Microsoft also has released an update for client devices. (Source: Pileum Corporation)

If you have a Meraki access point, they have released a patch to address this issue. See below link for more information.
If you have an Aerohive access point, they have released a patch to address this issue. See below link.
SonicWALL has announced that their firewalls and access points are not vulnerable to the flaws in WPA2.
Cisco has released patches for some of their products that are affected. You can check for those products and updates as they are released here:
Microsoft has released a patch that provides additional protection on the client workstation. We recommend that this be installed on all workstations immediately.

UPDATE1: Several Wi-Fi AP manufacturers have started developing and releasing Updates. Please check the CERT website below for updates. One of the most recent ones is Meraki access point.

In a research paper titled “Key Reinstallation Attacks: Forcing Nonce Reuse in WPA,” Leuven, Belgium researchers Mathy Vanhoef and Frank Piessens just proved that WPA2 handshake traffic can be manipulated to induce nonce and session key reuse. Here is an overview of the announcement from CERT:

Wi-Fi Protected Access II (WPA2) handshake traffic can be manipulated to induce nonce and session key reuse, resulting in key reinstallation by a wireless access point (AP) or client. An attacker within range of an affected AP and client may leverage these vulnerabilities to conduct attacks that are dependent on the data confidentiality protocols being used. Attacks may include arbitrary packet decryption and injection, TCP connection hijacking, HTTP content injection, or the replay of unicast and group-addressed frames.

The simplest solution is to install updates provided by your Wi-Fi device vendor.

More on this here:

Find Your historical DNS record
NetworkingRouters-Modem-FirewallsWeb DevelopmentWordPressWPEngine

How To Find My Old DNS Information Or DNS History

Ever been stuck in a situation where you cannot remember what your last DNS* information was? This may happen while migrating a site from one hosting provider to another, a domain from one registrar to another**, or any of the possible playing around you could find yourself doing with your DNS.

You may easily remember your CNAME records, but trying to find what your SOA, NS, A, AAA, MX, or TXT records*** were in the past can be a tricky exercise unless you are familiar with some really cool tools online like DNSTrails. I just used this tool a few minutes ago and it saved me from a lot of frustration as I wanted to temporarily revert my DNS records to what I just had deleted from my domain registrar.

I am sure there other tools out there, but this one just served me well, so I thought to share the insight with you!

Oh, also, if you ever want to temporarily make your computer point to a specific DNS setting for a specific domain, here are some useful resources:

  1. The Host File Trick on Mac and PC by WPEngine
  2. Editing the Host File on Mac OS X Leopard by WordPress

Finally, just for the sake of completion. Another site I really like is MX Toolbox, this online tool will help you check the propagation status of your DNS, MX, and other Records.

 

——

*DNS means Domain Name System

** Yep! That is actually possible! Just ask your current registrar how to migrate your domain
*** CNAME stands for canonical name and serves to make a domain an alias of another domain, MX stands for mail exchange and lists the mail servers that are to be used for a domain, NS stands for name server and tells which Name Server is authoritative for a given domain, SOA stands for State Of Authority and keeps up with when the domain was last updated and other similar information, A stands for address and is the IP of a given domain, AAAA is an IPv6 address records corresponding to a 128-bit IPv6 address while other addresses are mapped for 32-bit IPv4 addresses, TXT is a way for the domain administrator to enter any text into the DNS record. More on this at PCNames.

NetworkingRouters-Modem-Firewalls

RDP to Your Server Behind SonicWall or TP-Link Router

You just completed the installation of your new server. You now have a router in place, probably one of Dell’s SonicWall firewall routers or maybe a TP-Link router. But then you realize that you would like to be able to work from your hotel room or from the coffee store in the neighborhood. But how do you get to your server from outside while there is a firewall in the way?

Thankfully, there is a way to do just that. Well, actually a ton of ways, but we are here going to talk about just one of them: Remote Desktop Connection (or Microsoft Remote Desktop if you are working from a Mac), especially, about the setup to be able to use that program.

This tool enables you to take advantage of terminal services on Windows Servers. You will need to setup your modem and then your router to create a path from the outside world to your server.

Finally now, the moment of truth:
1) I do not think I can explain the setup of Remote Desktop Connection or even Microsoft Remote Desktop better than Microsoft themselves: http://windows.microsoft.com/en-us/windows/connect-using-remote-desktop-connection#connect-using-remote-desktop-connection=windows-7

2) The people at Dell have also explained the setup of the SonicWall better than I ever could this this knowledge base article: https://support.software.dell.com/kb/sw7501

3) Those at TP-Link did their part too: http://www.tp-link.com/en/faq-381.html

So, there you have it. Now you are an expert at how this whole thing works. Don’t thank me if you actually have. Thank the people at Microsoft, Dell, and TP-Link… and the God who created them!

Summary routing from remote desktop to server.

Summary routing from remote desktop to server. Image source: https://support.software.dell.com