Selecting a Business ISP Connection

You might think that choosing an internet connection plan was fairly straight forward after you’ve chosen a provider. After all most of them only have two or three options for home users which are normally listed in price order and supply different speeds and allowances. However many people are not aware that most ISP companies have two distinct categories one for residential users and the other for businesses. Now you might then think that if you don’t have a registered business that this doesn’t apply to you but that’s not so. Most ISPs are more than happy to let ordinary people register and use their business plans instead of the residential ones.


Many ISPs provide business internet plans that cost a little bit extra, but furthermore offer excellent features such as absolutely no throttling, no data caps, and even higher speeds. And the probabilities are that you can easily receive business internet in your house, regardless if you really have a business or otherwise. So why should you choose a business plan, is anything worth the increased expense that these plans come with?

What is “Business” Internet and Just How is It Different than an ordinary “Home” internet plan?

There are a number of important factors which set business internet plans apart from home internet, and supposing that you depend heavily on the internet in your everyday life, you may like to think about making the shift. Just like with just about anything, there certainly are benefits and drawbacks. Let’s begin along with the good stuff.

A few ISPs make available increased internet speeds (most notably upload speeds) for companies than they provide for domestic accounts. And that’s just the beginning.

It’s 2018, and even at this point the majority of ISPs are operating metered networks for home service, signifying you get a certain volume of data you are able to utilize monthly. Supposing that you go over that data cap, you get billed an overage. In the case of my service provider, if you go over your data bundle three times, they systematically bump you up to the next bundle, costing you more money. For various other ISPs, they might simply bill you additional monthly for what you use. And nevertheless others commence throttling your speed when you reach your data cap.

Nevertheless considering that businesses use more data (and also fluctuating amounts) on a month-to-month schedule, running a capped network does not make a great deal of sense. Most business internet schemes have zero data cap.   If you’re sick of having to watch every gigabyte you download, plan your download days around your billing cycle, or anything else involved in avoiding data overages, a business plan may be for you.

Unlimited usage is probably the most significant reason to consider a business plan over a home package, so if your home internet is already unlimited, a business plan may not be as enticing to you.  However you should be careful there are certain instances where a business connection can be unsuitable.  One of the primary issues is the classification of the IP address, which may different depending on the plans.  It’s possible that a business connection will supply a ‘business classified’ IP address, which can cause an issue for normal users.  Indeed many people actively pay for these home addresses as you can see in the following post about residential proxies.

The problem is that many commercial sites in an attempt to block spammers and automated connections have restricted access to those who have residential IP addresses.  For example if you connect to Netflix using a commercial address then you won’t be able to stream anything,.

When it comes to obtaining tech assistance from your ISP (for basic network problems ), it can be hit or miss on a home data plan. You might be waiting for ages and still just wind up with a generic answer from a script-reading employee.

Support for company plans often tends to be much better. In my circumstances, the wait times are a fraction of exactly what I’ve experienced in the past, and it feels like I’m speaking with a genuine person who really knows what they’re talking about– not someone just reading off a prompt.

In a perfect world, this would definitely be a non-issue, due to the fact that you ‘d certainly never have to call tech support. But we really don’t live in that world, so if having the best support you can obtain from your ISP is crucial, a business plan is a pretty good solution.

Not only that, but the support in general is much better. For example, I fairly recently got an e-mail to let me know my ISP would be performing some system upgrades in my area, so I could experience occasional issues while the repairs are taking place. Now when my’ internet drops for a couple of minutes, I know what’s up. I certainly never got anything like that when I was a home internet customer.

Our perception, though, is that ISPs have become more accommodating to providing business class internet at residential locations over recent years. And why not? Besides, the work-from-home types stand for a pretty large workforce nowadays, so why not offer them your services?

You may also be able to circumvent some of these qualifications (if you run into them) by talking with your ISP’s local rep. Whenever you call the business, it typically goes to a general call center, where they have no idea everything about you (or even care). If you can hit up a local office and speak with the local business representative, then you may be able to swing a change to a business plan with less hassle. Once again, it all just depends upon your location and your ISP.

Nonetheless, it deserves looking into. Maybe even at the increased price, the pros of business class internet often outweigh the cons.

Further Reading: Residential Proxies

Explaining Residential and Commercial Addresses

Everyone of course has a physical footprint, an address, an educational history and places of employment. Each and everyday we create more and more information which establishes our own personal history. The same is true of our digital lives and actually this is expanding at a much more rapid rate for most of us. The core of our digital presence is arguably the IP address that is assigned to our devices. Although this can alter over time, mostly the address that is assigned to our home connection rarely changes.

It’s appealing to look at an IP address and presume that they’re all practically the same. The notation is standard across the board something like 192.168.1.23, every address will have the same numerical format. In case you’re an IT professional you will have the capacity to recognize further distinctions, i.e the fact that these addresses are split into various classes – A, B, C, D and E. To the normal user these are of limited use and indeed interest.

There is an awful lot more that an IP address can reveal about the person or device using it that may not be so obvious. For a start, your specific location – your IP address could be traced back very precisely to your geographical location. With access to the right resources it can be pinpointed to an exact location and device. This stuff is often a shock to people who remain at home browsing the web, believing they are fairly anonymous. When in reality your IP address offers the computerized equivalence of your mail address, it leads straight to your door.

Web sites utilize this information continuously, to tailor what you can see and what you can get access to. One of the most favored strategies is to provide different price lists depending on your location, a straightforward but effective profit maximising strategy for the company. For example a web service can most likely be sold at a much higher cost in wealthier areas than it can in poorer ones. The online games retailer will sell a digital copy of a game at a much higher price in Europe than it will in African or South America.

Does not actually seem fair does it? Most of us most likely expect that we’e all treated in the same way online irrespective of who or where we are. Regretfully this online commercial discrimination is quite common and despite the fact that there are techniques to bypass it like utilizing a VPN or even a residential proxy, most people do not have access to this technology.

Looking up your physical location really isn’t the only piece of data that can be determined from your IP address, there’s more. To online organisations and websites there’s another important piece of relevant information that is easily obtainable from every address and that’s a specified classification. This is actually a further category from the subnet addressing reported above, and that’s regardless of whether the address is from a commercial or domestic range.

Assuming that you connect to the world wide web from your home address through a standard ISP after that you’ll have a residential IP address. If you access the web from work or university you’ll have a commercial IP address. This is useful specifically for commercial and e-commerce sites as they can establish who is most likely to become a potential customer. Indeed many websites have taken to blocking connectivity to any IP address which is categorized as a commercial address. They’ve carried this out to some extent to stop various application and online marketing software being able to access the site or indeed people from other geographic locations using VPNs.

Many 1000s of individuals used to utilize VPNs to access the US version of Netflix which in turn is significantly superior to most other provincial variations. In order to prevent this behavior Netflix blocked access to all commercial IP addresses which included 99% of all the VPN addresses being used to access Netflix. Now you can only access Netflix through a home internet connection or a VPN with a residential IP. Most other large internet companies don’t go to this level, however it’s likely to become an increasing trend.

Further Reading: Residential IP Services

Bypassing Web Filters – Simple Method

There are numerous ways in which the internet is filtered, although none of them are completely reliable. In reality the only ‘prefect’ method to block access to specific sites that are available online is to block access to the internet completely. Fortunately with the possible exception of North Korea this method is rarely used and most companies and countries use some other method to control access to websites.

The Western Democracies mostly leave access to the world wide web unfettered, however even these countries will restrict certain criminal sites. Companies normally will block access to sites which could cause them legal or productivity issues. After all, why leave access open from the company network to somewhere like Facebook when it serves little business purpose. What is more your employees are likely to waste many hours on such sites when they really should be working.

However there are also restrictions and blocks placed by the websites themselves. These are for a variety of reasons but mostly due to copyright and profit maximisation ones, they are probably most commonly found in large media sites who want to block access to their content outside the domestic market so that they can resell elsewhere. Mostly these blocks are quite simple ones, where the IP address of the inbound connection is looked up in database then either allowed through or blocked depending on which country it’s originated from. This method is actually very easily to bypass as all you need to do is mask your real address and present one from the specified country.

The easiest method by far to do this is to route your connection through an intermediate server. Originally most people used a proxy server for this, simply because free ones were readily available all over the internet in different locations. Most sites now can detect and automatically block these servers though so using a proxy for bypassing blocks is fairly redundant now. The new method is pretty similar but involves a VPN connection instead of a simple proxy. The advantage is that the connection is encrypted and virtually impossible to detect easily, although the Chinese have made some progress in this.

Providing the VPN server is located in the correct location it should allow unrestricted access to whichever site is accessed. So for example if you were in Paris you’d need to find a VPN server in the UK to access the BBC iPlayer in France. This is because when you connected to the BBC website it would only see the IP address of the VPN server and presume you were in the United Kingdom. Although the VPN cannot be detected directly, the IP addresses are vulnerable to detection and indeed some are blocked.  The main method for detecting and blocking addresses of VPN servers is by monitoring concurrent connections.  An overloaded VPN server will have hundreds of connections originating from a single IP addresses, it can be presumed that this is a relay server of some sort and they will often be blocked.

Jim Reeves

Website

No Comments Networking, News

Packet Sniffing for Beginners

Sometimes there are errors and problems on a network that need in depth analysis. Troubleshooting some issues can be almost impossible without using a tool to investigate deeper such as a packet sniffer. Often you won’t be able to find that issue with a non-responsive share or the reason that your RAS server is so slow is because all your travelling sales people are using it to watch BBC TV abroad when they’re travelling!

If a certain error condition occurs only when the request is coming from an actual client, but not when using telnet, packet sniffing is in order.
Sometimes, using telnet may be complex, because the proxy and origin servers may require authentication credentials to be sent. In those
cases, it is more convenient to use a real Web client that can easily construct those headers. Also, if a problem exhibits itself with a certain client,
but not with others, it is worthwhile to find out exactly what is being sent by the client.

There are a number of packet sniffers. Depending on the operating
system, you may find some of these useful.
° wireshark
° ethereal
° etherfind
° tcpdump
° nettl

Many books and instructions will pick a specific packet sniffer to use so if you’re following a guide use this. One of the most popular is Wireshark which is a fully functional and free packet sniffer often used by professionals instead of more costly commercial options.
Many of the most comprehensive are actually distributed as part of Unix and Linux distributions and you’ll have to refer to the UNIX man pages for instructions for the others.
Example. Let’s say you want to snoop the traffic between the hosts fred’s PC (client) and socrates (server). You can use something like Wireshark to track the traffic between the two endpoints and analyse what’s happening between them.

Of course, this only is useful if you can initially identify which sources to monitor. If you suspect that Fred is using the company proxy for Netflix then you can prove the point easily using a packet sniffer. If you’re not sure then you may have to look first to the network hardware for clues, checking switches and hubs for span ports and plugging into them is a useful tactic. These ports typically mirror all the traffic being carried over the active ports meaning you can use the span port to track all the data on that device.

The ability to specify a port is essential and all decent packet sniffers will allow this. Also you should be able to use switch options to control how the traffic should be dumped. That is to specify exactly what format the traffic should be returned in, this is useful as it helps in the analysis stage. Any packet sniffer which doesn’t do this will make the next stages much harder as the amount of data produced will often be very large.

Implementing your Internet Security Policy

One of the problems with IT department is that they can often be a little bit detached from the rest of an organisation. Many are even physically separated, perhaps stuck in a separate building or floor which only helps increase the isolation. In many ways it’s not a problem after all, it’s a department which will probably need more space and room for storage of parts, replacements etc. Commonly the IT department will have easy access to server rooms so that they can maintain and support when those remote connections drop.

However one of the issues is that people who work in IT often see the rest of the company through their IT usage and not through their real function. This can be a problem with how people use technology and how it is managed throughout the company.

The classic example is that of internet usage, which over the last decade or so has become one of the main issues to manage in any IT department. First of all there are the technical complexities of allowing company clients to access outside resources. Then there are the potential security risks of viruses, hacking attempts, inappropriate browsing, email security, spam and so on. Access to the internet is now fairly commonplace but it almost always puts a huge strain on both technical and human resources to support.

For example many users will use the internet just as they do at home? Downloading BBC videos like this, visiting shopping sites, hobbies, research and all sorts of things which can impact the local network. It doesn’t take many users streaming video to their PCs to have a huge slowdown on many normal company networks which are rarely configured to cope with this sort of traffic. Yet how do you stop them? Many IT departments I have seen over the years simply block access, a few rules in the firewall will stop all access to a particular site. However this is obviously not the way to do this, a technical solution should not be implemented on it’s own.

A company should have an Internet Usage Policy to cover situations like this. Without stating clearly what employees can or can’t do online leaves the company and Human Resource departments on very thin ice. That user who spends all day streaming from Netflix or visiting porn sites is clearly not doing their job but it’s difficult to discipline without clear guidelines in such a policy or in their terms of employment. Having a proper internet policy is much simpler as it can be adapted quickly, can be referenced from other policies and things like employee guidelines. Also the policy can be directly linked to technical solutions like a proper access control list.

If guidelines are in place, you mostly won’t have to spend time chasing and blocking video and media sites individually like Netflix or the BBC iPlayer. If employees know that they are not able to use these sites and the reasons behind them generally the problem is resolved first. There may be issues with more technical users who attempt to circumvent or hide their activities perhaps using an online IP changer but there people are easier to deal with if they are directly contravening company policies.

No Comments Networking, News, Protocols

Network Layer Switches

Network switches play a critical role in the performance of local area networks. They may be used in private networks like the intranet and extranet, segmenting the networks into more manageable sections. The resulting networks are known as HFC, please see the glossary for definitions. Setting up a sizable computer network can be an intimidating undertaking and one needs an in-depth understanding of the role of every networking device to construct an efficient network. Thus, it’s accountable for setting up the essential network for transferring data from 1 user to other. In truth, it is the largest SDH-based transport network on earth. It establishes a relation to the device by choosing the essential service or application.

Packet routing is extremely essential task in order to prevent congestion. When a data packet would like to reach a specific destination, it must traverse through these networks. The file transfer protocol supplies a way to move data efficiently from 1 machine to another. Routing protocols transmit information concerning the network. Most routing protocols do not consist of layer two information that’s necessary to set up a VCC connection. It’s an unreliable, connectionless protocol for applications which do not want TCP’s sequencing on flow control and want to provide their own. In large, complex networks servers need access to this sort of throughput – imagine the strain on something like Netflix IP servers broadcasting video to millions.

Every computer online or a local network becomes assigned an exceptional address commonly called Internet Protocol address or simply the IP address. It is not just a vast array of computers, connected to each other. You may also browse the internet for articles, discussions and suggestions. Optical communication links and networks are crucial for the online backbone along with for interconnects utilised in data centres and high-performance computing systems.

While doing this, it must manage problems like network congestion, switching issues, etc.. It can help you comprehend the working of a network in an easy and quick method. Many times, once an application would like to communicate with a different application, then there must be communication between these associated processes. Working of the web is based on a collection of protocols. To have the ability to find that massive network to work and get our LANs to act jointly there has to be a routing protocol that enables it. It uses TCP at the transport layer again to find out the reliability.

If you have a relatively new mobile handset, then it’s most inclined to be equipped with an integrated web browser. It selects device and execute a service discovery to look for available services or applications. Bluetooth devices operate in a variety of about ten meters. It functions as an intermediary between wireless and wired devices which are part of a network. Aside from the computers themselves, there are numerous intermediary devices which make data transfer possible. It can also allow a network to detect, reroute or simply block specific types of transport presumably it is how the BBC has blocked VPNs like this story details.

Window flow control mechanisms weren’t modeled, so as to extend the reach of the study to congestion collapse regions. After you prepare the export feature, NetFlow information is exported whenever a flow expires. The principal use of the router is to ascertain the very best network path in a complicated network. The third main purpose of LAN switches is Layer two loop avoidance. Besides this, the gateway functionality has to be enabled. Each P-NET module also has to have a service channel that may identify unknown participants.

Computer Security: Phishing

Out of all the weapons available to a cyber criminal, phishing is probably one of the most widely used. It is generally described as a random, un-targeted attack with the intention of tricking someone into revealing confidential information by replying to an email, clicking a link or filling in a bogus webpage. Most of the popular phishing attacks rely on an element of social engineering. That is deceiving people into gaining access rather than directly hacking into a target system.

Usually the main delivery mechanism is via email and using modern mailing systems they can target millions of email addresses at one time. There are many variations of the phishing attacks ranging from installing keyloggers, duplicate websites or similar. The intent is always to steal personal information such as username, passwords and account numbers.

It is fairly common for these phishing emails to include attachments or links that can install various types of malware onto the victims computer in order to steal their information too.

Quick Summary of Phishing Attacks

There are as explained lots of different types of Phishing attacks and their popularity changes quite regularly.

Email Phishing – is probably the most well known and centers around mass distributions of emails, they are very random and usually rely on volume to succeed.

Spear Phishing – is a more targeted term for phishing which follows the basic premises. However they are usually more sophisticated and tailored towards a certain type of user or organisation.

Man in the Middle (MiTM) attacks involve the attacker positioning themselves between a legitimate website or company and the end user, the goal is to record any information sent. It\’s normally one of the most difficult to operate but also to detect as the transactions are normally legitimate but simply intercepted.

There are many other methods available to capture information with things like keyloggers and screen capture programs popular too, the ideas are always to simply gain passwords or other personal information.

Some other variants include pharming which is even less targeted than phishing just installing malicious code onto servers to redirects any user to fake websites. There are various methods of doing this including several involving DNS like modifying a users host file to redirect them without their knowledge. A particularly sinister version of pharming is known as DNS (Domain Name System) poisoning where users are directed to fraudulent websites without the need for corruption of the personal host file.  Others use legitimate or at least semi-legitimate services to trick people to using them.  One of the more popular methods was to put free proxy servers out on the internet for people to bypass region blocks, these were then used to steal peoples credentials as they were using them.   This explains the method of region lock bypass using a proxy to watch the BBC although the example used in the post was a commercial service.

Malware Phishing – Is the process of download malware on a users’ device either through an attachment in an email, a downloadable web file or exploiting software vulnerabilities.

Further Reading – Security Information and UK VPN trial

Using Reverse Proxies in your Environment

Many IT administrators use proxies extensively in their networks, however the concept or reverse proxying is slightly less common.  So what is a reverse proxy? Well, it refers to the setup where a proxy server like this is run in such a way that it appears to clients just like a normal web server.

Specifically, the client will connect directly to the proxy considering it to be the final destination i.e. the web server itself, they will not be aware that the requests could be relayed further to another server.   It is possible that this will even be an additional proxy server.   These ‘reverse proxy servers’ are also often referred to as gateways although this term can have different meanings too.  To avoid confusion we’ll avoid that description in this article.

In reality the word ‘reverse’ refers to the backward role of the proxy server. In a standard proxy, the server will act as a proxy for the client initially.  Any request by the proxy is made on behalf of the received client request.  This is not the case in the ‘reverse’ scenario because because it acts as a proxy for the web server and not the client.  This distinction can look quite confusing, as in effect the proxy will forward and receive requests to both the client and server however the distinction is important.  You can read RFC 3040 for further information on this branch of internet replication and caching.

A standard proxy is pretty much dedicated to the client’s needs,  all configured clients will forward all their requests for web pages to the proxy server.   In a standard network architecture they will normally sit fairly close to the clients in order to reduce latency and network traffic.   These proxies are also normally run by the organisations themselves although some ISPs will offer the service to larger clients.

In the situation of a reverse proxy, it is representing one or a small number of origin servers.  You cannot normally access random servers through a reverse proxy because it has to be configured to specifically access certain web servers.  Often these servers will need to be highly available and the caching aspect is important,  a large organisation like Netflix would probably have specific IP addresses (read this) pointing at reverse proxies.  The list of servers that are accessible should always be available from the reverse proxy server itself.   A reverse proxy will normally be used by ‘all clients’ to specifically access certain web resources, indeed access may be completely blocked by any other route.

Obviously in this scenario it is usual for the reverse proxy to be both controlled and administered by the owner of the origin web server.  This is because these servers are used for two primary purposes to replicate content across a wide geographic area and two replicate content for load balancing.  In some scenarios it’s also used to add an extra layer of security and authentication to accessing a secure web server too.

 

Using Proxies for Virtual Locations

For many people, travel is becoming much easier and as a species our geographical horizons are perhaps wider than ever.  Inexpensive air travel and soft borders like the European Union means that instead of just looking to work in another city or town, another country is just as viable.  The internet of course enables this somewhat, many corporations have installed infrastructure to allow remote or home working which means many people can work from wherever they wish.   Instead of sitting in cubicles in vast expensive office space, the reality is that people can work together just as easily using high speed internet connections from home.

Unfortunately there are some issues from this digital utopia, of which most are self inflicted.  Instead of being a vast unfettered global communications medium, the internet in some senses has begun to shrink somewhat.  Not so much in size but rather an increasing number of restrictions, filters and blocks being applied to web servers across the planet.  For instance the company I work for has two main bases one in the UK and the other in Poland, which means there is quite a bit of travel between the two countries.  Not surprisingly employees who are working away from home for some time, use the internet to keep in touch with their homelife, yet this can be frustrating.

A common issue is the fact that many websites are not really accessible globally, they are locked to specific regions.  Take for example the main Polish TV channel – TVN, it has a fantastic website and a media player by which you can watch all their shows.  However a Polish citizen who tries to watch the local News from Warsaw from a hotel in the UK will find themselves blocked, the content is only available to those physically located in Poland.  It’s no one off either, this behaviour is shared by pretty much every large media company on the web who block access depending on your location.

There is a solution and for our employees it’s actually quite simple, all they need to do is fire up their VPN client and remotely connect back to their home server in Poland.  The instant they do this, their connection looks like it’s based in Poland and all the Polish TV channels will work perfectly.  There’s a post about something similar here – using a Polish proxy to watch TVN and some other channels although this one is through a commercial service designed to hide your location.  It’s a practice that is becoming increasingly necessary, the more we travel the more we find our online access is determined by our physical location.

The use of proxies and more recently VPNs allows you to break out of these artificial intranets which companies are creating by blocking access from other countries.  The idea is that if you have the ability to switch to various VPNs across the world you can effectively take back control and access whatever website you need. Your physical location becomes unimportant again, by taking control of your virtual location you have an huge advantage over other internet users by choosing the location you wish to appear from.  There are even some other options now take a look at this UK DNS proxy which does something fairly similar and can be used to watch the BBC and Netflix from outside the UK.

John Hammond

Author of – Does BBC Iplayer Work in Ireland 

IP Name Resolution

There is one technology normally associated with IP name resolution and that’s DNS (Domain Name System) or Smart DNS, this is probably because it’s the dominant system on the internet.  However in the average corporate network you’ll find all sorts of alternative methods to resolving names and IP addresses which have been around for years.  Here’s just a few of the common ones that you might come across:

Broadcasting: The use of mass broadcasts to help resolve names is of course very inefficient, basically a plea to the whole network asking for an answer.  You’d think that this method isn’t used any more and it’s true most network administrators have tried to remove it from their networks.   However for anyone who’s tried to troubleshoot a network of any size you’ll almost certainly find devices who routinely broadcast looking for name resolution.  A couple of reasons it doesn’t work well are it generates lots of unnecessary traffic and most routers won’t transmit the broadcasts anyway so calls are frequently just lost.  You can configure routers to pass on these message using the IP address helper function but this is not the way to run a fast efficient network.

Netbios over TCP/IP

Netbios was the primary method used by windows computers to resolve names and IP addresses, although again DNS is likely to have replaced it normally.  There are 4 methods to Netbios Name resolution and they are usually operated in a distinct order.

  • p-Node – Client contacts a WINS or NBNS server using unicast.  This needs to be configured on the client server to work properly but then just requires IP connectivity.
  • b-Node – Client attempts to  contact a WINS or NBNS server using a broadcast.  This will only be successful if there is a server on the same subnet or routers are configured to forward the request.
  • m- Node – Client uses b-node first then p-node is there is no reply to the initial broadcast.
  • h-Node – Client will first use a p-node unicast if configured and then fall back to a b-Node broadcast afterwards.

WINS

Windows Internet Names Service is a Microsoft implementation of the NetBios (NBNS) protocol.  It’s a dynamic and distributed method of name resolution used mainly in Windows environments.  It has all name resolutions saved on central WINs servers, and indeed in some implementations the WINS service was installed automatically on Microsoft Windows server installations. Again it works best when the WINS server is configured correctly on the client, otherwise it will fall back on broadcasts like NBNS.

LMHOST

This is a simple static file similar to a hosts file which is must be created, distributed and kept updated by the network administrator.  If a client is configured in h-node then the LMhosts file will be consulted as a fall back method.  It can create a lot of work and potential issues in large dynamic environments although it can be used to distribute names of key servers which are unlikley to be moved or modified.

Read More

3 Comments Networking, News