Monday, 20 October 2014

Private Key Cryptography:Introduction

Encryption can be viewed as a process of locking the confidential message inside a box.
Decryption can be viewed just inverse of encryption, process of unlocking the message for reading by one who is authorized.

Encryption and decryption done using the same key is Private Key Cryptography aka Symmetric Key Cryptography. The ciphers developed by such encryption are called as symmetric or secret ciphers. Here the secret key is shared among sender and receiver. 
Consider Alice and Bob as sender and receiver respectively and plain-text is the original message to be sent to Bob. This plaintext is first converted into ciphertext by applying encryption algorithm and is then transmitted towards Bob. Alice, while encryption uses a secret key which is also shared with Bob who uses it for decrypting the message received from Alice. This means that both Alice and Bob need a secure channel for exchanging the key. Traditional ciphers were generated by using this technique of Private Key Cryptography. 

Thursday, 2 October 2014

Internet Control Message Protocol

The internet is managed and monitored by routers. Any unexpected is reported by a protocol called Internet Control Message Protocol (ICMP). As it goes with its name, this protocol is used as a control and to test the internet.
It must be noted that there are a number of messages associated with this protocol, but only important ones are discussed here in brief.

DESTINATION UNREACHABLE
Used when a packet fails to reach the destination or when the router/subnet can not locate the destination.

TIME EXCEEDED
Used when the packet is dropped as its counter reaches zero. This may signify heavy traffic and/or congestion.

PARAMETER PROBLEM
Used when an illegal/incorrect parameter is inserted header field. 

SOURCE QUENCH
Used for flow control and congestion control. When a packet is discarded, this message is sent to the source informing about the congestion is the path. 

REDIRECT
Used when the router judges that the packet is wrongly routed. 

ECHO and ECHO REPLY
These messages are used to confirm the availability of the destination. ECHO message is transmitted towards destination and ECHO REPLY message from destination to source confirms presence of destination. 

Other messages along with their formats are available here.

Sunday, 21 September 2014

Firewall Configuration

This is my second post on firewall, I'll be using the abbreviations that I described in the first post. This post is aimed at the firewall configurations in brief. 
The following three firewall configurations are the most used.

Screened Host Firewall Single Homed Bastion














Whatever is coming from the internet is checked by packet filter. Packet filter checks the header of packets and then it proceeds to AGW where word-by-word checking is performed. However, in this configuration, incentive given to regular packets is that they are identified differently and are not checked thoroughly every time they visit. Such frequently visiting packets are by-passed directly to the LAN without being checked by AGW. This is where the configuration lacks and is prone to spoofing attacks. Hence, though it is faster, cannot be used practically. 

Screened Host Firewall Dual Homed Bastion 













This configuration was introduced to overcome the flaw in single homed bastion. Here, in order to enter LAN, every packet must undergo packet filter and AGW checking. Packets are allowed to enter the LAN only after these checks. So, there is no compromise in security but this makes the configuration slow, which becomes the major drawback for the system operations.

Screened Subnet Firewall

This configuration is like a hybrid of above two configurations. Here, two packets filters and one AGW is present which makes up the design of firewall. The packet coming from the internet towards the LAN is checked by the outside filter and AGW while the packet going out from the LAN is checked by the inside filter and AGW. This configuration combines the advantages of both of the above configurations and also overcomes their drawbacks. This is why, it is the best suited for practical use.

Saturday, 20 September 2014

Peeping Into The "Firewall"

This post is aimed at the basic understanding of the Firewall and its types.

What is the purpose of using firewall?
Firewall is just another security guard for the system which prevents the in and out of "bad" elements from our system. A company can have many LANs connected in arbitrary ways, but all the traffic to or from the company must be forced through an electronic drawbridge- firewall.

Types of firewall:

1. Circuit level gateway (CGW)-
This operates at the physical layer of the system.
Since physical layer deals with the bits, its main task is bit-level checking.

2. Packet filter-
It opeartes at the network layer.
The main job is to check the packet headers for errors.

3. Application layer gateway(AGW)-
As the name suggests, it functions at the application layer and performs the job of content based checking where the end user operates.

4.Bastion host-
This one can be said to be a hybrid of CGW and AGW.

The next post is all about the detailed configurations of firewall. Stay tuned, breaching to you soon!

Tuesday, 16 September 2014

TCP Joke?

"Hi, I'd like to hear a TCP joke"
"Hello, would you like to hear a TCP joke?"
"Yes, I'd like to hear a TCP joke"
"Okay, I'll tell you a TCP joke"
"Okay, I'm ready to hear a TCP joke"
"Okay, I'm about to send a TCP joke, that'll last for 10 seconds. It has two characters, it does not have a setting, it'll end with a punchline."
"Okay, I'll get your TCP joke, that'll last for 10 seconds. It has two characters, it does not have a setting, it'll end with a punchline."
"I'm sorry, your connection has timed out"

"Hello, I'd like to hear a TCP joke"

Friday, 5 September 2014

Domain Name Service:Everything To Know

Domain Name Service (DNS) is an application layer protocol used to keep track of computers, resources and services in network environment.
It uses four servers:
  • Local DNS Server: Local server present in the end user's network.  
  • Top Level Domain Server: Holds addresses for domains with extensions .com, .net, .org etc
  • Authoritative Server: System acting as an interface in the particular domain.  
  • Root Server: Holds the addresses of all TLDs.

    DNS uses TCP for replication and UDP for translation since it requires fastness.

  • How Does DNS Work?

    Whenever an end user requests for connecting to a domain on the internet, the request is first transferred to its local DNS server. If it has the information for which user is asking for, it replies immediately and connection is established. If local DNS has no information, the request goes to ISP router to check to see if it has the desired address. The request is then transferred to Root Server, which contains all addresses of Top Level Domains. If the address of domain is still not found, it finally goes to respective TLD server. TLD server will then search for the particular requested domain in its address tables and forward the request to thr Authoritative Server (AS). AS  may be any system in the network of that domain. The reverse connection process starts here. It'll respond back to the TLD server establishing connection in between TLD and AS servers. TLD server will send reply to root server giving it the information about the respective address. Root server in turn will pass on this information to ISP router which sends it to the local DNS server of end user. The end user can now get connected to desired domain. 
    While the address sent by AS to end user, the intermediate servers also add this address to their database and update it. In other words, it is said that this address is cached into these servers. Thus whenever next request is made to same domain, the local DNS server is capable of providing the reply to user avoiding the need to contact further servers.   

    Here's how I can summarize the working of DNS:


    Tuesday, 26 August 2014

    Configure A Telnet Server On Windows System For Remote Desktop

    Here's a Do-It-Yourself of implementing Telnet service on Windows environment.
    The following step-by-step procedure is a easy way to have Telnet connection without the use of any third-party application. 

    Telnet Server is a network service. When you install Windows 7, Windows Server 2008 R2, Windows Vista or Windows Server 2008, the files that make up the Telnet Server service are copied to your computer, but they are not yet operational. The Telnet service is disabled at first. You must enable the service by configuring the service to start when you need it. On a Telnet server that is regularly used, you might want to configure the service to start automatically every time Windows starts. You can also configure the Telnet Server service to start only when you start it manually.
    Membership in the local Administrators group, or the equivalent, is the minimum required to complete these procedures.


    To enable Telnet Server and start or stop it from the Windows interface

    1.       Open the Services MMC snap-in. Click Start, and then type services.msc in the Start Search box.
    2.       If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
    3.       Right-click Telnet, and then click Properties.
    4.       In the Startup type list, select one of the following:
      • Automatic (Delayed Start) to start Telnet Server after Windows starts and all boot processes have finished
      • Automatic to start Telnet Server when Windows starts
      • Manual to allow Telnet Server to be started and stopped when needed
      • Disabled to prevent Telnet Server from running
    5.       To start or stop the service, on the Telnet Properties dialog box, click Start or Stop. You can also start or stop the service on the main Services page by selecting Telnet in the list, and then using the start (triangle) and stop (square) icon buttons on the toolbar at the top of the page.


    To start or stop Telnet Server at a command prompt

    1.       Open an elevated command prompt. Right-click a Command Prompt shortcut, and then click Run as administrator.
    2.       If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
    3.       Type one of the following commands:
      • To start Telnet Server, type net start telnet.
      • To stop Telnet Server, type net stop telnet.


    To start Telnet service on Windows 7 or 8 or Windows Vista

    1. Click Start, and then click Control Panel.
    2. On the Control Panel Home page, click Programs.
    3. In the Programs and Features section, click Turn Windows features on or off.
    4. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
    5. In the Windows Features list, select Telnet Client, and then click OK.
    The command prompt will respond accordingly once Telnet services have been started. 
    Remote system can be connected by running command as:
    o <port or IP>
    For example, if the IP address of the system to be connected is 176.16.180.25 then the above command will look like this-
    o 176.16.180.25

    After successful execution of this command, the system will ask for username and password of the remote system. Make sure to provide login credentials with which the system is logged in. 
    On successful login, user can run any commands from his/her system which will execute on remote system. 

    Search This Blog