Saturday, August 20, 2011

Who Owns Your Identity?

 on  with No comments 
In , ,  
The following is is the final paper written for my Internet Law class back in 2010.  Still relevant?

Social networking sites are becoming more and more a part of our lives. We use sites such as Facebook and MySpace to keep touch with friends and family all over the world. We update our statuses with what is going on in our lives, post or latest vacation pictures, and comment on the statuses and pictures of our friends. When there are no more updates to read or comment on, we can play games such as Mafia Wars and Farmville with our friends and family against complete strangers all over the world and in real time. Sites such as LinkedIn provide much of the same features, but with a more professional theme. Rather than friends and family, LinkedIn links us with our coworkers and other professionals in our industry. There are other sites such as Gawker and LiveJournal, known commonly as Blogs, where we submit longer and more informative posts on just about any topic imaginable. And then there are sites such as which let us look up friends from school that we haven't heard from in years.

Saturday, August 13, 2011

Which WIC

 on  with No comments 
In ,  
I've seen the question asked a number of times: which WIC modules should I buy for my routers?  If you have a fixed function router such as those in the 2500 line (except for the 2524 and 2525, but that's a different story) it's simple.  You don't.   If you have a modular router, such as the 1700, 2600, 3600, 2800 and other lines, you have a number of choices.  And if your router has an NM slot, then you have another set of options available. Here I'll present the most obvious options and weigh some of their pros and cons.


THis module provides one serial interface via a DB-60 connector.  If you're utilizing an NM-4A/S or NM-8A/S elsewhere or you have 1600 or 2500 series routers with built in serial interfaces, this WIC uses the same connector and this will allow you to standardize on a single cable for your lab.  I use WIC-1T's for this reason, I don't want the added expense of having to buy all the different cables.  These cables (DB-60 to DB-60) can be purchased from sites such as Monoprice for $5 per cable.

This module also presents you with the highest per interface cost.

WIC-2T or WIC-2A/S

For the purpose of a study lab, these WIC's are identical.  The only difference is the top end speed that they operate at, and in the lab that doesn't really matter.  These modules provide two serial interfaces via the Smart Serial connector.  A single WIC-2T or WIC-2A/S normally costs less than two WIC-1T modules.

However, if you're utilizing WIC-1T, NM-4A/S or NM-8A/S modules elsewhere in your lab, you'll probably have to stock DB-60 to Smart Serial cables as well as Smart Serial to Smart Serial and/or DB-60 to DB-60 cables.  Any cable with one or two Smart Serial connectors is going to cost more than a DB-60 to DB-60 cable.  And finally, some older models of routers cannot use these, such as the 1600 series routers.


These are the absolute cheapest modules you're going to come across that you can actually use in your lab.  Many times a router you pick up off of eBay will have one of theses with it, and they can be had for as little as $5 otherwise.  If you have the capability to make your own cables, you won't find a cheaper cable for your lab.  They use the same cable and connectors as standard Ethernet but utilize a different pin-out.

A lot of people claim to have found the T1 Crossover cables necessary to connect these modules dirt cheap, but I've never seen them priced reasonably.  So YMMV.  If you use this module, there is no way that I am aware of to connect it to any other type of serial interface.

NM-4A/S or NM-8A/S

These modules provide the highest port density per module, but not every router has an NM slot.  If you use 1700 or 1800 series routers for example, then you're out of luck.  If you have a router that does have an NM slot, then one of these will allow you to use that router as a pretty cost effective Frame Relay switch.  These modules use the DB-60 connector.

BRI-S/T, NM-4B-S/T, or other ISDN modules

You cannot connect these directly together, or directly to any other module.  If you already have an ISDN simulator then you can use them.  Otherwise, the ISDN simulator will run you at least $100, which would be better spent on routers or switches.


Saturday, August 6, 2011


 on  with No comments 
Here's another classic from the vault.  A paper on the relationship between TEMPEST and SIGINT that I wrote for a class.

TEMPEST is a codename used by the United States Military which originally referred to a classified program which studied emission security (or EMSEC) and attempted to develop technologies and standards to be used in combating these emissions. This work can be traced back to World War I where German troops were able to intercept and listen in to enemy voice transmissions from the ground due to poorly insulated cabling used by allied phone lines. Like many classified military projects, TEMPEST is based on a random dictionary word rather than being an actual acronym. Despite the origin of the word, many attempts at fitting the word into an acronym have been made, the most commonly used one being Transient Electromagnetic Pulse Surveillance Technology.

The first test standards were defined in “NAG1A” and “FS222” in the 1950’s. In 1970, a revision titled “National Communications Security Information Memorandum 5100: Compromising Emanations Laboratory Test Standard, Electromagnetics” was created, followed by “NAC-SIM 5100A” in 1981, which sets the requirements. National Communications Security Committee Directive 4 currently sets the standards for TEMPEST in the United States. Other nations and organizations have similar documents defining their standards and requirements. For example, the NATO standard is defined by “AMSG 720B.” One thing that these and other documents relating to the TEMPEST program have in common is that they are all classified.

Sensitive information systems require intensive metallic shielding to prevent emissions from escaping. Individual devices, interconnecting cables and even entire rooms or buildings must be properly shielded. Within this shielded environment, there is a red/black separation employed. Red equipment is used to process confidential data, while black equipment is used to process unclassified data. Red equipment must remain isolated from black equipment.

The TEMPEST standards define three categories of approved devices. Type 1 is the most secure, but is only available to the US government and contractors that it approves. Type 2 is less secure, but its use still requires government approval. Type 3 is approved for commercial use by entities outside of the government. There is also a newer standard, known as ZONE, which is less secure than Type 3 equipment, but is still effective and is much more affordable.

SIGINT, or signals intelligence, is claimed to be the exclusive domain of the National Security Agency (more commonly referred to as the NSA), by the NSA. It is the type of intelligence that deals specifically with transmissions from the voice communications, radars, weapons systems, and the like of enemies of the United States. The NSA states the mission of SIGNINT is limited to the gathering of information about foreign nations, groups or individuals, as well as terrorists that operate internationally. The NSA lists its customers of this intelligence as “all departments and levels of the United States Executive Branch” . While the NSA claims exclusivity to SIGINT, every branch of the government from the FBI to Navy SEALS whose role is driven by intelligence utilizes SIGINT in function if not in title.

SIGINT can also be preventing communications. For example, Egypt shut off all Internet access within its borders earlier this year. The global routing table, used to direct all traffic across the Internet, had nearly every route to Egypt removed . A month later, it was reported that satellite phone communications handled by Thuraya Satellite Telecommunications Co. were being jammed within Libya. This was in direct response to protest and unrest similar to that in Egypt . Similar is China’s attempts to continually censor the Internet and control what comes over the wire into its borders.

SIGINT is related to TEMPEST and EMSEC in that they fall on the opposite sides of a transmission. The organization sending and receiving the transmission utilizes TEMPEST/EMSEC techniques to secure the transmission, while the opposition uses SIGINT technologies in order to overhear the transmission. In Information Assurance, we work to preserve the confidentiality, integrity, and availability of data. TEMPEST/EMSEC is another method of ensuring the confidentiality of data. It is a counter to SIGINT, which attempts to violate the confidentiality of data. While these concepts began as government projects and most of what they’ve learned remains classified, the theory behind them can be applied anywhere that sensitive data is stored, processed or transmitted.