Another quick one for you:
Here's a helpful tip for creating Ethernet cables while freeing up a hand, using items you likely have around your home.
I am starting to run into more environments where ipv6 is showing up. I must admit most of the time, the client wasn’t aware the impact of having ipv6 enabled on hosts can have. Other times the client intentionally had ipv6 enabled and in use.
Either way, I get asked how to perform some of the most basic troubleshooting when a Windows host has both ipv4 and ipv6 on it. I must admit, that the first time I was asked about this a few years ago, it was stumped until I stopped, took a breath and read the ping and tracert help screen , lol. Accessing a webserver using a ipv6 address took a little bit more digging but well worth it since the same questions come up in my classes and troubleshooting engagements.
In this video I cover how to ping, tracert and http using ipv6 addresses and how to force the usage of ipv4 addresses when using a host name.
In April 2023, NetAlly released CyberScope, the world’s first handheld cybersecurity analyzer. Still, for many such a description could be considered very broad. So, what exactly is a CyberScope and what does it do? More importantly, how can it help a network or security professional like yourself?
In a nutshell, CyberScope is a handheld cybersecurity analysis tool that offers comprehensive risk assessment, analysis and reporting for the site access layer. All in a single, powerful, and portable form factor. It supports endpoint and network discovery, wireless security scans, vulnerability assessments using Nmap, plus segmentation and provisioning validation.
As a ruggedized, purpose-built all-in-one tool, CyberScope is a network security solution that eliminates the use of fragile laptops and tablets. With multiple functions, it provides fast, actionable insights into your network, filling the critical visibility gaps that other cybersecurity tools frequently do not address.
As for what it does and how it can help, there is a lot. Here is some of its core functionality:
Network discovery is a critical cybersecurity best practice, providing valuable information about the network infrastructure, layout, devices, and services that are present. CyberScope’s Discovery combines scanning and active probing via five different network interfaces (wired and wireless) using multiple technologies (including CDP, LLDP, FDCP, SNMP, Nmap, and others) to find endpoints, network infrastructure elements, and potential attack surfaces.
Network segmentation and provisioning can be complicated and prone to error. CyberScope can verify proper segmentation of both wired and Wi-Fi networks at the point of access with clear pass/fail indication. CyberScope can also examine switch ports for proper provisioning, join a VLAN to ensure correct segmentation, and capture traffic on a specific VLAN for deeper analysis. Not only that, all discovered devices and even endpoint manufacturers can be classified as Authorized, Unauthorized, Neighbor or Unknown.
Path analysis is critical to understand how devices are interconnected. CyberScope provides complete port by port details of the network path – both wired and wireless – to any device. This is crucial when hunting down unknown or nefarious devices. Rogue hunting is made fast and easy on Wi-Fi with CyberScope’s external directional antenna.
Nmap can help identify potential vulnerabilities like open backdoors, malware or poorly configured firewalls and intrusion detection systems. However, the cryptic nature of Nmap’s command line interface and excessive textual output prevents many network professionals from using it to its fullest extent.
CyberScope’s intuitive user interface integrates with Nmap’s robust probing capabilities to help with efficiency and repeatability. Even seasoned Nmap users will appreciate the ease of use that CyberScope brings to vulnerability detection.
Also, the embedded Nmap analysis engine in the CyberScope automatically scans for vulnerabilities on all endpoint devices connected to the network. Nmap allows CyberScope to enhance the information gathered from each device with valuable vulnerability information by running built-in or custom scripts and automatically generating warning and error notifications. All this can help identify potential security weaknesses and prioritize remediation efforts to reduce risk.
Vulnerability reporting is easy using the Link-Live collaboration platform. With features that include vulnerability scan results visibility, discovery snapshots and comparisons, plus heat and topology maps, Link-Live makes it easier to collaborate and share with other team members. There is also a licensed, containerized version for on-prem use, available for those of you that don’t like the idea of storing network data in the cloud. Not only that, but Link-Live allows for secure sharing and even analyzer remote control by centralized experts, which fully enables collaboration across your team regardless of their location.
In conclusion, CyberScope is a rugged, hand-held instrument which allows you to identify wired and wireless network vulnerabilities in a single walkthrough. Plus, as a dedicated, purpose-built tool, CyberScope integrates all the hardware capabilities you need to complete any type of network survey or analysis. That includes:
10 gig fiber optic and copper (RJ45) Ethernet ports with high-power PoE support – functionality you won’t find on a laptop.
One Bluetooth/BLE and two Wi-Fi radios with up to 802.11ax and 6GHz band support.
USB ports that provide connectivity for accessories, like a spectrum analyzer, a headset for voice communications, label printers, and more.
Want to know more about NetAlly’s CyberScope? Then make sure to visit cyberscope.netally.com and check it out!
The NetAlly® family of network test and analysis solutions has been helping network engineers and technicians better deploy, manage, and maintain today’s complex wired and wireless networks for decades. Since creating the industry’s first handheld network analyzer in 1993, NetAlly continues to set the standard for portable network analysis with tools that include EtherScope® nXG, CyberScope™, AirMagnet®, LinkRunner®, LinkSprinter®, AirCheck™, and more. NetAlly simplifies the complexities of network testing and cybersecurity assessments, provides instant visibility for efficient problem resolution, and enables seamless collaboration between site personnel and remote experts. To learn more and see how NetAlly helps network and security professionals get their jobs done fast, visit https://www.netally.com, follow us on Facebook, Twitter, Linked-in, Instagram or YouTube.
Either way, I get asked how to perform some of the most basic troubleshooting when a Windows host has both ipv4 and ipv6 on it. I must admit, that the first time I was asked about this a few years ago, it was stumped until I stopped, took a breath and read the ping and tracert help screen , lol. Accessing a webserver using a ipv6 address took a little bit more digging but well worth it since the same questions come up in my classes and troubleshooting engagements.
In this video I cover how to ping, tracert and http using ipv6 addresses and how to force the usage of ipv4 addresses when using a host name.
Every network technician will have a sort of network tool that connects to the network. It can be a packet capture tool, like the IOTA I used in my example, a laptop, etc..
In some scenarios, you might send the tool out with a technician or ship it out to a remote site. If you’re lucky, you can preconfigure a static IP, gateway, etc, and connect to it remotely. But what if you have to rely on DHCP assigned address. If you have time you can work with the DHCP administrator and reserve an IP address, or look through the DHCP database for the device’s Mac address. In my experience, getting multiple departments coordinated to find an ip address can take a while, not to mention, what if it's after hours?
In this video, I use Nmap to locate my Profitap IOTA capture device. All I needed to know was a port number that it has ‘open’. In this case, TCP 3000. As I mention in the video, if you had more than one unit, you would need to know your device’s Mac address. Tip; to have Nmap return the Mac address, you need to be on the same VLAN as the target device. In our case, they had a support computer on that VLAN, but I have also used a remote client computer (with their permission).
