Sunday, April 11, 2021

Application Layer Gateways - Part I

This is the first in a series of posts about Application Layer Gateways. But first you have to understand Network Address Translation (NAT).

NAT is what makes your router such a good firewall.

Basically it makes all of your Internet requests look as if they originated from the router, hiding your various devices. But more than that, it only allows incoming packets that are responsive to outgoing packets.

Here's how wikipedia explains it:

[T]he port numbers are changed so that the combination of IP address (within the IP header) and port number (within the Transport Layer header) on the returned packet can be unambiguously mapped to the corresponding private network destination.

By Yangliy at English Wikibooks - Transferred from en.wikibooks to Commons., Public Domain, https://commons.wikimedia.org/w/index.php?curid=61795882

In plain English, every time something is sent out from your network, the router keeps a record of it and will only allow incoming traffic that is responsive to that.

This has 2 benefits. First, the Internet can't see your internal network. All traffic looks like it originated from your router. Second, any non-responsive traffic, e.g. from hackers, is simply disregarded.

Part II will dig another layer deeper.

Sunday, April 04, 2021

Risks of Remote Work

I follow KnowBe4's blog. Recently they covered a white paper by Cybersecurity Insiders.


It raised several issues that I've been worried about since the pandemic hit and everybody went home.

KnowBe4 called out the following key findings:
  • Almost three-quarters of organizations are concerned about the security risks introduced by users working from home; despite these challenges, 86% are likely to continue supporting remote work in the future.
  • Key security challenges cited include user awareness and training (57%), home/public WiFi network security (52%), and sensitive data leaving the perimeter (46%).
  • The applications that organizations are most concerned with securing include, file sharing (68%), the web (47%), video conferencing (45%), and messaging (35%).
  • More than half of organizations see remote work environments having an impact on their compliance posture (70%). GDPR tops the list of compliance mandates (51%).
  • Organizations prioritize human-centric visibility into remote employee activity (34%), followed by next-generation anti-virus and endpoint detection and response (23%), improved network analysis and next-gen firewalls (22%), and Zero Trust Network Access (19%).
How is your organization going to mitigate concerns about continuing remote work?

How is your organization going to mitigate WiFi network security and data exfiltration?

How is your organization going to mitigate file sharing, video conferencing, and messaging?

Keep me posted.

Sunday, March 28, 2021

More Internet Speed Tests

Several years ago, I stumbled across Google's Internet speed test. That prompted me to look at several other Internet speed testing tools. The post is here.

This article on CNET prompted me to look again. CNET had a couple of tools I hadn't heard of before so I ran them against my previous set of tools.


At my house I have a 200Mbps Xfinity connection. I was using my ThinkPad X390 with an Intel(R) Wireless-AC 9560 160MHz Wi-Fi adapter. Intel says that adapter can deliver 1.73Gbps so that probably wasn't a limiting factor.
TestDownload
*Ookla196Mbps
*fast.com200Mbps
*Google Fiber205Mbps
*Google181Mbps
speedof.me215Mbps
testmy.net186Mbps
* were in my earlier test

Conclusion: Mox nix!

The results were much more sensitive to other traffic than the accuracy of the various tests. In my initial tests of speedof.me and testmy.net, they were both around 125Mbps. I retested them and they both came in over 155Mbps. A third test gave the above results.

A more extreme demonstration of interference was at my daughter's house who has a 1Gbps Xfinity connection.

TestDownload
Ookla330Mbps
fast.com150Mbps
Google Fiber91Mbps
Google50Mbps
speedof.me54Mbps
testmy.net83Mbps

I didn't have the opportunity to rerun the tests at this location. In hindsight, there were streaming applications running outside of my control during the testing.

Sunday, March 21, 2021

FastStone Image Viewer

My previous post covered how to restore Windows Photo Viewer. While that worked, I kinda got frustrated that I kept having to do that.

I fell back to my trusty Google search and came up with some alternatives to Windows Photo Viewer.

The article that seemed most on point to me was on Skylum.

#4 on their list was FastStone Image Viewer but it was #1 for me.

I always like portable applications and FastStone has one for their Image Viewer.

I put the portable version in my OneDrive/Software folder so it's available on all my PCs.


Oh, it's free.

Sunday, March 14, 2021

Windows Photo Viewer

I've been accused of being a Luddite and maybe I am.

But maybe I just like simple applications that just work.

Windows 7 and 8 had a really nice application, Windows Photo Viewer. It had useful and intuitive keyboard and cursor commands.

Windows 10 displaced (not REplaced) Windows Photo Viewer with Photos. To me, it's not as intuitive as Windows Photo Viewer.

The good news is that Windows Photo Viewer is still there. And if you got to Windows 10 by an upgrade in place from Windows 7 or 8, getting Windows Photo Viewer back is easy.

CNET has a good article on how to do this but it's easy.

[S]imply open up Settings and go to System > Default apps. Under "Photo viewer," you should see your current default photo viewer (probably the new Photos app). Click this to see a list of options for a new default photo viewer. Assuming you upgraded to Windows 10 from a previous version of Windows, you should see Windows Photo Viewer as an option.

Choose Windows Photo Viewer and exit the Settings menu, and you're done -- photos will now open up in Windows Photo Viewer.


If you got to Windows 10 with a clean install, it's a little trickier.

But this article in TenForums will walk you through it.

The tl;dr of this is to download this .reg file. Run it. Follow the procedure above to reset the default app.

Sunday, March 07, 2021

Chillin' With an iPhone - Part 6

So I'm a year into using an iPhone X coming from an Essential PH-1. I've posted several times about my experiences - 1, 2, 3, 4, 5.

I still have a few items to close the loop on.

Battery Life - My iPhone's battery life is really incredible. I tend to check the battery at 10PM. Most days the % of battery remaining is around 60%. If I've taken a lot of video or listened to a lot of podcasts, it will dip down into the 50% range. I checked the battery capacity recently and it is still 86%.


Face ID - I mentioned that the face unlock of my Lenovo Tab M8 inspired me to look at the iPhone X's Face ID. That was before the COVID-19 pandemic drove facemask usage. Now I miss the Touch ID of the iPhone 6.

Gboard - I am a huge user of Google services. Consequently, I tend to use the Gboard keyboard. But Apple has crippled Gboard. I like to use handsfree voice to text while I'm driving. When using Gboard's voice to text, Gboard has to launch what looks like a separate app. The delay is unacceptable. And the Apple keyboard's voice to text is really good.

Wireless Charging - I've had a couple of Android phones that used wireless charging but the Essential PH-1 didn't. It was nice to return to wireless charging. This is the wireless charger I use. I use this for my wife's iPhone SE (2020).

Old Stuff - I still wish iOS would give me more control over sounds, e.g. Google Hangouts ringtone and texttone, the camera shutter sound, the iMessage sent sound, etc. I do really like the intensity of the vibration. The Essential PH-1 struggled with being too subtle.

But I do still have an Essential PH-1 completely up to speed on Lineage OS.

Sunday, February 28, 2021

QR Code Generator

10+ years ago, I put a QR code on the back of my business card. Let's just say I was ahead of the times.
Then Apple included QR code recognition into their iPhone camera app.

And then the COVID pandemic caused QR codes to pop up in restaurants with links to "touch free" menus.

QR codes can contain a variety of information. You can create your own here.

But for URLs, it's even easier than that.

Google has included a QR code generator in the latest versions of Chrome. I just noticed the new icon in Chrome's address bar.

Here's what it generates.


Point your smartphone camera at that and see what happens.