Orb is completely free and allows you to access not only iTunes content, but any video, music, or photos on your system’s hard drive and stream it to just about any device on the Internet.
Setting up Orb is simple. Download Orb for either Mac or Windows.
Start the installation and Orb asks for your account information. If you don’t have an account, you can set one up during the install.
Orb indexes your iTunes content automatically, but if you have more media to add, then used the advanced tab to specify for folders.
Once Orb has indexed all your content, you can close the installation wizard and login to mycast.orb.com to further configure your streaming, channels, and playlists.
Now that Orb is setup, you can use any browser on your network, a friends house, your iPhone, Blackberry, Xbox, Wii, or PS3 to receive content from your media library.
Check it out for yourself at Orb.com.
Related Articles
]]>Tews and his co-researcher Martin Beck found a way to break the Temporal Key Integrity Protocol (TKIP) key, used by WPA, in a relatively short amount of time: 12 to 15 minutes.
Next week at a Tokyo conference, both Tews and Beck will show an audience how they are able to crack the encryption.
In a previous post, I mentioned the use of WPA and asked that we all stay away from WEP (as it was insecure) and still stand by that statement. What we really need to think about, is using WPA with AES encryption instead of TKIP. The use of AES has not been compromised and is still considered to be safe.
Should You Be Worried?
Although it is a fairly new discovery, cracking tool kits have been updated with the necessary code to exploit the vulnerability. If someone is out there trying to get onto your wireless network and cracking your encryption, they probably are already aware of the new vulnerability and have the latest tools to do so. Anybody can be a target, and there are some easy things you can do to protect yourself.
Make Sure You Are Not At Risk
If you have a fairly new router (as far back as 2005 in some cases), you can simply choose to use AES encryption with WPA — or switch from WPA to WPA2 (which has not been compromised). If you only have WEP as an option, then you should consider using a very long password for your wireless connection — one with random letters, symbols and numbers. The longer and more complex the password, the more secure. Go to grc.com/passwords to generate a secure password.
Photo credit Steven Riehl
Related Articles
]]>Open Wi-Fi
In a previous post, I discussed some of the mistakes that should be avoided when setting up your home’s wireless router (read Are You Making These Mistakes with Your Home Wi-Fi). One such mistake is leaving your access point “open”. Since public Wi-Fi access is usually “open” and you usually don’t have a choice about how to connect to a public access point, you should take precautions when surfing sites that may contain personal information.
Since communications between your laptop and the public access points are made over the air in an unencrypted manner, your email can be read by anybody who is savvy enough to start a free network sniffing program that is freely available for downloaded on the Internet. How much more careful about what your read at one of these hotspots would you be if you knew it was possible for someone to see the data that was being sent to our browser? How much personal information do you store in your email account?
HTTPS Browser Connections
There is something simple and easy you can do to ensure that you’re reading email securely. You can browse to your Gmail account without fear of prying eyes or network hackers. Simply use the HTTPS protocol when accessing your web email. HTTPS encrypts the data from your computer all the way back to the server you are browsing. Since the data is encrypted, even if someone is sniffing the network, they will not be able to determine what you are reading. The data simple looks like a bunch of random bits with no meaning.
Gmail and Yahoo
Both Gmail and Yahoo mail automatically redirect your browser to their “https” versions for login. This means that when you send your username and password to authenticate, it will be encrypted and secure. You can see this when browsing to mail.google.com or mail.yahoo.com. Go ahead and try it. Type “http://mail.yahoo.com” or “http://mail.google.com” in your browser’s address bar and see where you end up. You’ll notice that your browser now reflects the new address which begins with “https://”. Your browser is now using the HTTPS protocol to communicate with the login server.
A Gmail Advantage
The login process is only the beginning. Yes, your login information is secure, but unless you specifically tell the browser to use the “https://” address, your security encryption ends at the login for Gmail users. Browsing to http://mail.google.com will encrypt the login information only, but browsing to “https://mail.google.com” will not only encrypt your login, but your entire session as well. All the information sent to and from your computer to Google mail will be protected along with your username and password. This is one advance Gmail has over Yahoo mail. Yahoo mail will not encrypt the entire session even though you specify “https://” in the address bar.
A Secure HTTPS Session
Notice the “lock” icon in your browsers status bar. It is usually located somewhere near the bottom right of your browser window. If the lock icon is present, it means that your session with the web server is encrypted. Gmail uses will see the lock for the entire session (if they have browsed to the “https://” version of the page), but Yahoo users only see it at the login screen.
Other Web Email
Most mail programs provided by your ISP or hosting service do include web email. Try to access your web mail via the HTTPS address and see what happens.
Bottom Line
Be careful when browsing at public Wi-Fi hot spots. Try to use the HTTPS protocol for web mail because it can protect your privacy and security. At this point, it looks like Google has the advantage over Yahoo in this department. Don’t forget to bookmark https://mail.google.com and https://mail.yahoo.com to ensure you always use the secure pages when possible.
Related Articles
]]>Update: July 2008 - OpenDNS is not vulnerable to a DNS cache poisoning attack that was recently discovered. OpenDNS has written about the multi-vendor vulnerability on the OpenDNS blog. Please read on for the original post about OpenDNS.
We all want to be safe when we surf the web. The problem is that there are lots of malicious, unscrupulous web sites that we can potentially stumble upon. The more tools we install on our computers to protect us, the slower they potentially become. Instead of installing additional SW on your computer, you may think about using the free service available from OpenDNS.
Since our computers uses DNS to find web sites (see my previous posts which explain DNS), we can make a few small adjustments to our network settings to help avoid bad sites, and block others we deem inappropriate for our family.
Let me first stay that OpenDNS is truly free. I am not affiliated with OpenDNS in any way. There is no cost to you to use any of their services and there are no pop-ups, pop-unders or software to install. Simple change your computer’s DNS entries to the following: 208.67.222.222 and 208.67.220.220.
I’m not going to re-invent the wheel here, so I will direct you to their website which has detailed step by step instructions for changing your DNS settings. It only takes a couple of minutes, and if you are really brave, try changing your routers DNS entries too.
That’s it. No other actions are needed. You can stop at this point and enjoy the following benefits:
Faster Web Browsing
Your browsing experience will be faster and more reliable because OpenDNS will automatically route your DNS queries to the closest available server. Also, if that server is down or unavailable for any reason, you will automatically be routed to the next nearest one. This is something your ISP does not do.
Phishing Site Avoidance
By default, OpenDNS detects and blocks you from connecting to hosts known to have phishing scams associated with them. You simply get re-directed to OpenDNS’s Phishing Error page which lets you know why the site is not accessible.
OpenDNS uses a sophisticated system called PhishTank that keeps timely updates of scam and fraudulent sites that integrates into their DNS service to help keep you protected.
These two services alone are compelling enough reasons for me to start using their services (and by the way I have been using for months now). The little time it takes to make the configuration changes, I believe, is well worth the added benefits. However, there is more.
Sign up for a free account and add your network (which OpenDNS automatically detects) to your “Dashboard” and get these added benefits too:
Domain Blocking
Use their easy to navigate web administration page to block certain domains.
Enter a site like “example.com” and anything under that domain will be blocked. For instance, www.example.com, test.example.com, bubba.example.com, ww2.example.com, etc… will be blocked. A customizable OpenDNS page will appear instead.
Adult Site Blocking
OpenDNS can easily bock adult-xxx, or adult-themed sites with the click of a mouse.
Using your account administrator page, you can turn on Adult Site Blocking just by checking a box and applying the new settings. By default, adult-xxx and adult-themed sites are not blocked, so you will have to turn this on if you want it.
Sidenote: Whitelist
Any site which would normally be blocked can be whitelisted. Any whitelisted sites will bypass OpenDNS’s blocking and allow you to visit.
Stats
This is probably one of the coolest features they offer. If you decide to turn on statistics, you can view all the sites the have been visited from your network. If you want to see what the kids were looking at, this is an easy way to do it.
Not only can you view the sites, but you can click a button to immediately begin blocking any sites you deem inappropriate.
You can view the data in different ways, select to download the data as a CSV, all with a few clicks. You can even elect to delete all the collected data and start over, or just simple stop collecting data all together (for those of you that are concerned with privacy).
I highly recommend OpenDNS to anyone who wants to browse safer, faster, and with complete control over the content being viewed.
Related Articles
]]>Open Access Point
Don’t make it easy for people to steal your personal information. Any security is better than no security. Straight out of the box, many wireless routers default to a non-secured state in order to make installation easier, so you should change this right away. Many information thieves will simply move on to your neighbor’s non-secured wireless network since it will be seen as an easier mark.
Using WEP Security
Yes, I did say that any security is better than none, but if you have the option to go with WPA security instead of WEP, please start using WPA. WEP security has been proven to be quite weak. Any tech savvy person can sit in a car on your street and crack your WEP encryption in about 30 seconds using freely available tools downloaded from the Internet. WPA security has been proven to be much more secure and in most cases easier to implement. Many older routers do not support the new encryption scheme of WPA but do support WEP security. If this is your only option, then by all means use WEP, but seriously look into upgrading your wireless router to a newer model.
Not Changing the Router’s Default Password
How many of you have never bothered to change the default password on your router? Seems like a very simple thing, but thousands of us never do it. Here are plenty of websites that list the default passwords for many consumer-based wireless routers. If just a few trial and error sessions is all it takes to break in to your network, it might be worth it to just take a couple of seconds to do this quick fix.
Automatic Connection Settings Computer
If your wireless router were on the fritz, would you know it? Windows and Mac computers try to make connecting wireless as easy as possible and will automatically connect to the next available network. This could be neighbor’s open access point which for one, is unlikely to make for friendly neighbors if they find out you’re using their network, or two a little unethical (kind of like stealing cable). Check your settings and make sure you are only connecting the wireless networks you intended to use.
Broadcasting your SSID
Wireless routers allow you to broadcast your SSID. This is like the name of your wireless network. It acts as a beacon allowing others to more easily find your network. Newer routers by default do not broadcast your SSID in an attempt to be more secure. Not broadcasting the SSID will stop your neighbor from accidentally trying to connect to your network, but will not deter a determined hacker. Hackers have tools that will show them the SSID if at least one computer is using the wireless network. The real message in this one is to not think that hiding your SSID is enough.
Wireless networks are a great way to stay productive while being comfortable. I don’t want to discourage anyone from taking advantage of this great technology, but I do want all of you to be safe. What are your thoughts on the above mistakes?
Related Articles
]]>Just purchasing a domain name is simple. The domain you purchase can be used for private or commercial use and nobody else can claim that domain name until it is allowed to expire or you decide to sell it. But, now that you have that domain, what can you do with it? Well, without a hosting plan, about the only thing you can do is hold-on to it in the hopes of selling it for a profit. But your probably want to put up a web site so customers, friends, or family can visit your site and admire your content.
Lets start with a simple definition. A website is a collection of files hosted on a web server, accessed via the host name specified for that web server. For example, the website you are on now is a collection of files that you have accessed via your web browser by going to the web server address at www.uxking.com. The web server that I am using is located at www.uxking.com. This is where I have placed the files you are viewing right now. Without a place to host files to add your content, the domain name you purchased is not going to see any visitors, get any hits, or provide any information to your audience.
Granted, most folks purchase a hosting plan at the same time they purchase the domain name. But did you know that you don’t have to purchase any hosting with your domain? Did you know that you could simply use a properly configured DNS record to point that domain to an existing site? Take www.michaelhayslip.com for example. I purchased this domain, but didn’t really want to setup a new web server when I already had one that my wife purchased a while ago (910west.com). I purchased the domain and configured DNS to point www.michaelhayslip.com to www.910west.com. Try going there now. You’ll notice that the address in your browser will change to www.910west.com, even though you type www.michaelhayslip.com. But I’m not the only one. See what happens if you type www.gogole.com (google misspelled). Did you notice that the address was changed to www.google.com? DNS is doing this for us.
Every domain we purchase, whether with a hosting plan or not, has an associated DNS server that tells the world the IP address for the domain we are requesting (see the posts under the “dns” tag for a more in depth explanation of what DNS is and does and how you can find the DNS server for your site). Because most of us purchase a hosting plan with our domains, we never really have to think about DNS. Our hosting provider automatically points the DNS records to the right web server for our site.
But lets imagine this scenario? Say we have the simplest of web sites; we can almost certainly guarantee that the simplest and least expensive hosting plan will be sufficient. But say we start out as a simple site, and later on decide that we need some pretty sophisticated web programming to do shopping carts, database connectivity, etc… We may not have the proper hosting to support our new needs. What can we do? We can tell our hosting provider to point our DNS records to a different web host, one that can support our needs (maybe even one that is run by a different company). Most of the time out hosting plan providers have numerous hosting plans and can easily move your files and change the DNS records without you having to do much of anything but make the request. If not, then you’ll have to find a new hosting provider and do a bit of coordination between the two companies to ensure your site remains available.
Questions – need more clarification? Have any of you purchased domain names without hosting plans? What have your experiences been like?
Try looking up www.michaelhayslip.com and www.910west.com with the nslookup tool using the set type=all parameters I described my previous post.
Related Articles
]]>Okay, maybe you are confused, if so please see my earlier post for more background, but I will try to break it down a bit. We know that DNS gives us an IP address for a domain name. Example: www.google.com is at IP address 64.233.187.99. We also know that our computers look to a DNS database server to get that info. And our ISPs are telling our computers what DNS database servers to use for IP address lookups. Okay, now that we have done some review, we can look at how to find the DNS server for any domain.
There are two ways we can do this, via a web page, or using our own computers network utilities. Lets start with the web page first. Open your web browser and head to www.dnswatch.info.
Enter a domain name in the Hostname or IP box. Set the type to NS (for Names Server) and click resolve.
Check the table in the center of the page.
Here is the information about which DNS servers are updating the rest of the world with the IP addresses for uxking.com. Uxking.com has 3 DNS servers (most domains have at least two for redundancy). The info in the table is pretty self explanatory, except for the TTL. The domain we looked up, the type of DNS record (which is Name Server), the number of seconds the record should be cached on other DNS servers (TTL), and the hostnames of the DNS servers (Answer).
Lets use the other tool I mentioned earlier to do the same thing.
Open a Terminal Window (MAC or LINUX) or Command Window (PC). The tool works the same on either of these platforms, but I’m using a MAC right now, so I’ll show you what the output looks like on a MAC.
Open your terminal window and type nslookup.
Imac-G5:~mhayslip$ nslookup
> set type=ns
> www.uxking.com
Server: 10.0.1.1
Address: 10.0.1.1#53Non-authorative answer:
www.uxking.com canonical name = uxking.com.
uxking.com nameserver = ns1.lnhi.net.
uxking.com nameserver = ns2.lnhi.net.Authorative answers can be found from:
>
You should get a “>” prompt to indicate that you are now entering commands for nslookup. As you can see from above, I set the type of record I am seeking to be NS (name server) bye typing set type=ns. Next I simply typed the domain I was interested in, www.uxking.com. The output is similar to what you will find from the browser based tool, minus the TTL info. You can clearly see the nameservers listed for www.uxking.com.
You can continue to type any domain into either of the tools to find their nameservers. Try your own domain, or google.com, yahoo.com. Some domains have quite a few nameservers.
Go ahead and experiment with the nslookup tool. Try setting the type to ALL (set type=all) and see what other info you get. Also, try removing the www from the domain too.
Related Articles
]]>To understand DNS you will need to know that every website has a number. No, I don’t mean numbers like 1, 23, 98, etc… Websites aren’t ordered in the number that they appear. The numbers I am referring too are called IP addresses, and they are kind of like phone numbers. Every web site has a number where it can be reached. You may not know what the numbers are and frankly, most people don’t even care. But if DNS settings are incorrect, you and everybody else trying to get to a site will see those nasty error messages mentioned previously.
Let’s take www.google.com for an example. What happens if you type www.google.com into your web browser? You get to the white background, very simple, Google search page, of course. But did you know that you could also type 64.233.187.99 into your web browser and get to the same page (go ahead, try it)? Now isn’t it a lot easier to remember www.google.com instead of 64.233.187.99? Now imagine trying to remember thousands and thousands of numbers just to be able to browse the web. This is what DNS is helping our web browsers, and other applications, do, find a number (64.233.187.99) for the name (www.google.com) we just typed.
So we know there is this think called DNS that helps us map IP addresses to names, but how does it work? Think of DNS as a large set of databases containing websites and their corresponding IP addresses. If you need to get to yahoo.com or cnn.com, your computer will go out on the Internet to one of these DNS database servers and find the IP address for the site you are trying to visit. If the DNS server your computer is pointing to is not available, or your computer is not on the Internet… then “BAM” – the dreaded “not found” error messages. If everything is all right, then “whaalaa”, the site we wanted shows up as we expected.
While this processes seems simple, there is actually a bit of work happening behind the scenes. Your computer, along with just about every other computer on the Internet, is somehow told which DNS server to search when looking for IP addresses. If you don’t know where to look, then you won’t get anywhere. It’s like trying to dial “Bubba’s Pizza Parlor” and not having a phone book to look up the number. We get our DNS search list from our cable or DSL line providers. Our providers have their own DNS servers and allow and encourage us to use them for name to IP address lookups. Depending on how you connect, the work for getting these DNS server IP addresses (yep, you need the IP addresses for your DNS servers) to your computer, is done by your DSL router, cable or dial up modem. As soon as your cable modem, DSL router, or dial up modem is connected, it will be able to provide your machine with the needed information to allow you to surf the Net.
This has been but an introduction of DNS and the functionality it provides. I hope you have found this post to be easy to understand and useful. Later we will discuss how to troubleshoot and what website owners and builders need to know to ensure their sites remain available. What are your thoughts?