Glo Networks Technical Blog (Glo Blog)

If you’re not familiar with what IPv6 is, it’s the next generation Internet Protocol. In broad terms, if we don’t all start using it we’re heading for a world where communicating directly between devices gets a little trickier (if you want to know more, check out our (rather long) previous blog post entitled “The sky is falling on our heads; We’re running out of addresses“).

As you can probably imagine IPv6 is generally considered a Good Thing(TM), by many technical people. After all, we don’t want to make our lives harder, do we?

The problem is uptake has been slow. The first official specs were released in 1996, but work on defining the protocol is tracable back to 1992. That’s a long time ago in the computer industry. The main issue was a chicken and egg problem; why bother upgrading your network when no one uses it? And no one will use if it there’s no reason (read: content). The other problem has been sometimes you can get an IPv6 address without having an actual IPv6 network, and sometimes it won’t work. That’s the non-technical explanation.

These 2 issues are whats caused IPv6 to really stutter.

However last year, on June 8th 2011, major websites and services enabled IPv6 by default to gauge the impact. It turned out that most of the potential problems weren’t really problems for over 99.9% of their users.

So this year, on June 6th 2012, major players who rely on the Internet, and produce hardware and software to access the Internet, will be enabling IPv6 permanently including, but not limited to;

• Akamai
• AT&T
• Cisco (& Linksys)
• Comcast
• D-Link
• Facebook
• Free Telecom
• Google
• Internode
• KDDI
• Limelight
• Microsoft Bing
• Time Warner Cable
• XS4ALL
• Yahoo!

So where am I going with this?

Glo Networks are proud to announce that we are now able to provide native IPv6 accessible web hosting right now. We’re working on the rest of our services at the moment, but we feel this is an important first step. One of our website host boxes is happily server on IPv6 -
dig -t AAAA stem.glo-net.net

; <<>> DiG 9.7.3 <<>> -t AAAA stem.glo-net.net
;; global options: +cmd
;; Got answer:
;; ->>HEADER< ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;stem.glo-net.net. IN AAAA

;; ANSWER SECTION:
stem.glo-net.net. 3600 IN AAAA 2a01:4f8:121:2322::defa:ced

;; Query time: 44 msec
;; SERVER: 213.133.99.99#53(213.133.99.99)
;; WHEN: Wed Jan 18 16:13:07 2012
;; MSG SIZE rcvd: 62

If you already host your site with us and want access either open a support ticket on GloHelp or give us a ring.

If you don’t already host your site with us, feel free to give us a ring.

If you want to talk about IPv6 enabling your corporate office network, again feel free to get in touch.

Want to know more? Check out world www.worldipv6day.org, www.worldipv6launch.org.

Posted by Karl in Cool Stuff, Networking | No Comments »

There’s a Microsoft TechNet article called ‘Ten Immutable Laws Of Security’. It discusses ten security problems that the Microsoft Security Center feel cannot be ‘fixed’ by software. These are persistent problems that won’t be solved by an update from the software manufacturer but by following best practice and using good judgement. The ten laws are as follows:

Law #1: If a bad guy can persuade you to run his program on your computer, it’s not solely your computer anymore.
Law #2: If a bad guy can alter the operating system on your computer, it’s not your computer anymore.
Law #3: If a bad guy has unrestricted physical access to your computer, it’s not your computer anymore.
Law #4: If you allow a bad guy to run active content in your website, it’s not your website any more.
Law #5: Weak passwords trump strong security.
Law #6: A computer is only as secure as the administrator is trustworthy.
Law #7: Encrypted data is only as secure as its decryption key.
Law #8: An out-of-date antimalware scanner is only marginally better than no scanner at all.
Law #9: Absolute anonymity isn’t practically achievable, online or offline.
Law #10: Technology is not a panacea.

While the entire article is interesting and raises several very good points today we’d like to focus on Law #5 – Weak passwords trump strong security.

Passwords can be and frequently are a pain in the neck but they are a necessary evil. Currently they are simply the best way to verify the person accessing the computer/program is who they say they are.

That isn’t to suggest that they are the only way. Several other methods have been tried; facial recognition, finger print scanners and RSA Keys are just a few such methods. They all have their strengths and weaknesses but for the most part where they fail when compared to passwords is ease and convenience of use.

The problem with this is ease and convenience are the downfall of secure passwords. A short, simple and easy to remember password won’t stand up against an attempt to crack it for long. For a password to be secure it needs to complex and not easy to guess, and as such the securest passwords are generally randomly generated strings of letters, numbers and symbols, the longer the string the better.

But the average person will struggle to recall a 64 character string of characters that means nothing to them, so instead they trade off better security in favour of convenience. A quick read through lists of the most popular passwords reveals that many people will chose overly simple or easy to guess passwords such as ‘123456’ or simply ‘password’.

Somehow a compromise must be made.  Passwords should be as long and as complicated as possible, while still being memorable. One suggestion we at Glo Networks can offer is, rather than just a word, why not use a phrase for your password? Switch some letters for numbers/symbols and make sure it’s a phrase that will stick with you whilst not being obvious.

Here’s a quick example of how you could change a phrase to a decent passphrase:

‘spend a penny’ becomes ‘Spend4penEE’

Using this method it becomes much easier to create a longer password that you will quickly remember every time!

Posted by James in Desktops and Laptops, General, Networking, Servers | No Comments »

You may or may not know that yesterday was IPv6 day. Amongst some of us networking nerds that was a fairly big thing.

As we’ve previously mentioned in our article The sky is falling on our heads; We’re running out of addresses, IPv4 addresses are running out. To very quickly recap IPv6 is the technology to replace this.  The problem is that IPv6 has a chicken and egg situation; no content is being delivered on IPv6, so there are few mass roll outs of IPv6. But why would anyone publish on IPv6 if no one is going to see it?

The point of IPv6 day was to get a number of high profile websites running both IPv6 and IPv4 on their main addresses, and to see what happened. How many out of the total IPs were hitting those companies providing their content on IPv6? If we take facebook as an example, about 0.5%.

Now you may think that’s not many. But it’s more than a lot might have thought. That’s half a percent with working IPv6, either through a tunnel or natively from their provider(s).

The really good thing is that many network engineers were predicting that because of a number of automatic tunneling protocols, there would be a lack of connectivity to major participants. From the figures we’re seeing published publicly at the moment, it seems to have been a much smaller number than many were predicting.

Sadly Glo Networks was not one of the exclusive club. Our equipment is now in a datacentre that will have IPv6 connectivity soon, however we’re waiting on them.

The fact that nothing overtly bad was reported to us makes us believe that IPv6, whilst quiet, is the start of the migration.

Posted by Karl in Cool Stuff, Networking | No Comments »