Sunday, July 25, 2021

There Is No Cloud

I post fairly regularly about the "cloud." I have mixed opinions depending on the size and capability of your organization.

But recently I was following a story of Google changing their desktop Drive solution, AGAIN.

As frustrating as that will be to Google Drive users, that's not the story I want to tell.

Often the comments on a tech story are as interesting and valuable as the story itself and this was no exception.

It's just another reminder that The Cloud is just someone else's computer. And if they decide to change the rules around using their computer, then you either have to suck it up and accept it, or to try and pull back in all your data yourself. Neither of which is usually an easy or pleasant experience...
Good advice.

Turns out, there's even a t-shirt for this!


Get yours now!

Sunday, July 18, 2021

I'm STUNed

My router (Asus RT-AC68R) has a nice traffic monitor screen. I check it regularly. One day I noticed that an iPhone had a large amount of traffic attributed to STUN.


Off I went to figure out what STUN was.

It turns out that STUN stands for Session Traversal Utilities for NAT. Interestingly, STUN messages are sent in the lower overhead User Datagram Protocol (UDP) packets, not Transmission Control Protocol (TCP).

Still, what on the iPhone was using STUN?


Here's Apple's chart of port usage that calls out STUN.

Check off that we've learned something today.

Sunday, July 11, 2021

Nearby Share

One iOS feature that I really like is AirDrop. A recent article (archive.is) in Winaero explained a similar Windows 10 feature called Nearby Share.
Nearby Share in Windows 10 allows transferring files between files within the same network. It is a great and somewhat underrated feature that will let you ditch third-party sharing apps and slow USB thumb drives. Being integrated into the OS, Nearby Share ensures the best compatibility with almost any Windows 10 device.
I would add that it is pretty much unknown, even by a geek like me.

You need relatively recent version of Windows 10, e.g. 1803 or later. You also need Bluetooth enabled and having the 2 PCs on the same Wi-Fi network increases the speed of transfer.

To use Nearby Share, on both systems go to Settings > System > Shared Experiences and turn on Nearby Sharing.

To share a file, right click on a file in Windows Explorer and chose "Share".


You'll get a dialog showing the receiving system. Click on it.


You'll get this notification on the sending system.


On the receiving system, you'll get this notification.


Nice!



Sunday, July 04, 2021

Application Layer Gateways - Part III

In Part II, I discussed how certain applications are allowed to "tweak" the router so that traffic to different incoming ports is allowed.
This post is the final part of this discussion (at least for now).

Again, I will reference Steve Gibson's Security Now podcast, this time episode 804.

In this episode, Steve describes how a NAT slipstreaming attack allows a remote attacker to trick the NAT into creating NAT traversal mappings to ANY device on the internal network,

This isn't good.

Armis discovered that routers' Application Layer Gateways (ALGs) have even more issues.
WebRTC TURN (Traversal Using Relay around NAT) connections can be established by browsers over TCP to any destination port. The browsers restricted-ports list was not consulted by this logic, and was therefore bypassed.

These TURN connections are used by H.323, a VoIP protocol similar to SIP.

So what to do? I repeat the recommendation at the end of Part II. In your router, turn off as many of the ALG passthroughs that you can.

Good luck if you're using H.323.