Welcome to Practical Issues in Information Security. In these pages you will find ideas and tips for your consideration as you work to improve the information security and privacy of your organization. Even though most of the information is focused on the home or personal user and small business, the principles are applicable to larger organizations in most industries..

Experiences with the Verizon Wireless Network Extender

by d.strom, cissp, gsec, gsna on February 2, 2010

It’s been over two weeks now since I installed a Verizon Wireless Network Extender at home. We can get a weak Verizon signal at our house, but it varies based upon where in the house the phone is. I wanted to have a way to reliably use my Verizon Wireless cell phones at home. That is why I got the Network Extender.

As you can imagine, results have been mixed…

What is the Network Extender?

It is a small box that attaches to your broadband Internet connection and creates a small cell for your cell phone to connect to. When inside that cell, or “bubble” as I have seen it referred, your cell phone talks to this little box rather than trying to find a signal from a far-away tower. Your conversation is routed across your Internet connection to Verizon’s servers and then to to other party.

What do I like about the Network Extender?

  1. I like the idea of using broadband internet to allow cellular access in an area of weak cell phone signal.
  2. Access to the Network Extender can be limited to only specified cell phone numbers.
  3. A certain amount of management can be done on-line via the Verizon Wireless web site.
  4. Our landline was out the past couple of days. With the Network Extender, we were still able to communicate with the outside world!

What do I not like about the Network Extender?

  1. Following the published setup instructions did not work on my home network. I had to call tech support for more information. My connection t the Internet is very generic. They should include more information in the setup instructions.
  2. I live in an area that was AllTel until last October. I couldn’t connect to the Network Extender with my cell phones, and so called Tech Support. Because of the migration from AllTel to Verizon, we have a hybrid PRL pushed out to our phones. The Tech Dude had to turn off the hybrid PRL, and then we had to do the *228, option 2 to get a Verizon-only PRL. (Of course, I had to take each phone to the one location in the house that get sufficient signal off of a Verizon tower in order to get the PRL update.) I’m still experimenting with my Moto Android to see if there is any impact on my reception and signal strength while out-and-about.
  3. The cell phone needs to be within 15′ of the Network Extender to latch onto the femtocell for incoming or outgoing calls. Then the phone can go further away. I haven’t quite figured out the patterns of when the femtocell is used, and when it is not.
  4. I had to configure my home router (linksys wrt610n) so that the Network Extender is the DMZ machine. This was one of the things that I needed to call tech support for. What if I had another machine using the DMZ configuration? How could I use both? The tech dude didn’t know what ports I needed to allow. I configured the wrt610n so that the Network Extender is the DMZ host.

Being the inquisitive sort, I decided to put a hub on the network drop going to the Network Extender and fired up Wireshark. It appears that the Network Extender is using IPSec to connect to the Verizon servers. I wonder if they are using VoIP protocols encapsulated in IPSec, or not…

I am thinking about sniffing the traffic for a bit longer and then removing the Network Extender from the DMZ and putting it back on the internal network. I will update this post if I try this.

- Dan

{ 0 comments }

Why Trust is Important

January 27, 2010

President Ronald Reagan said, “Trust, but verify.” I used to hold fast to that, but recently have learned that you cannot, nor should you, always verify.
Trust is a critical foundational element of life, government and information security.
Things would be different if trust was non-existant…

Husbands and wives would always be paranoid.

Negotiations between teachers and school [...]

Read the full article →

Common Sense and Physical Security

January 8, 2010

I received a call this week from a friend who works in a small office. She had been out for a few days, and when she returned it became obvious that someone had been rummaging through the stuff on her desk.
Then, she started telling me that when she turned her computer on there was evidence [...]

Read the full article →

5 Reasons InfoSec Is Like Basketball

November 5, 2009

Basketball season is just ramping up at the collegiate level. After watching a game last night, I realized that there are at least 5 reasons why information security is like basketball.
Focusing on the small business, here goes…

Success requires more than just one person.

We’ve all seen teams that tried to rely solely on one star player. [...]

Read the full article →

First Impressions – Security Essentials from Microsoft

September 29, 2009

For most folks, FREE is a word that they makes their ears perk up.
Microsoft Security Essentials is a FREE anti-virus and anti-spyware offering from Microsoft. They bill it as a light-weight product that has a smaller footprint than commercial products. It is intended for the home user. It can be found at www.microsoft.com/security_essentials/
Obviously, it runs [...]

Read the full article →