There's nothing more soothing than a good cup of java (lower-case) and a free WiFi connection at your local coffee shop. But watch that guy at the booth next door -- he may be hacking into your laptop over that very same WiFi link.
Your users are even more at risk if their wireless card uses the Wireless Access Protocol (WAP), which is notoriously simple to hack. A hacker can use a sniffer and grab your corporate user name and password, for instance, or infect you with a worm, says Daniel Peck, a security researcher with SecureWorks.
Even if they're only sipping coffee and working offline, an attacker could use your employee's wireless card to access his machine -- and eventually, your corporate network.
It's tempting for a user on the road to jump on the closest WiFi connection they pick up while waiting at the airport or some other public place. "There is no way of ensuring that the networks they connect to aren't run by a malicious attacker," says Matasano Security's Goldsmith. "While the unsuspecting user surfs the Web, an attacker could be using a man-in-the-middle attack to monitor their traffic -- or even worse, use a client side attack toolkit to compromise their machine."
A personal firewall can help, says the Enderle Group's Enderle -- as long as your users keep it turned on, that is.
"Attach away. Just tunnel through with SSH or a VPN client," says Cigital's McGraw. "Also be aware of low-level attacks, and don't do anything too sensitive."
But the only way to ensure that your users won't get hacked via WiFi is to have them disable their wireless card altogether while they work from public places, says Matasano Security's Ptacek. "The safest reasonable attitude right now is that even browsing available wireless networks is risky."
source: http://www.darkreading.com/document.asp?doc_id=107771&page_number=9
Top five most hacked WAP's
source: http://www.wifihacking.net/index.html
Monday, November 27, 2006
Wi-Spy Spectrum Analyzer
Have you every been annoyed using WiFi service offering range of networks with all high signal strength but you still got poor connectivity? The secret is interference from non-WiFi devices can degrade WiFi performance. Some networks are interfered but some not.
This cool gadget Wi-Spy can show you as ordinary Spectrum Analyzer. Wow!
The software bundled with Wi-Spy will analyze and give you an overview of the quiet and busy WiFi networks Bluetooth, 2.4 GHz cordless phones, microwaves, Zigbee, and all other 2.4 GHz transmitters.
Hence you can select the rigth choice at a glance.
source: http://www.thinkgeek.com/computing/accessories/80ce/
Sunday, November 26, 2006
5 Most Actions for Protecting your Windows XP Computer from Internet Hammer
1) Always have Anti-Virus software on. Your Anti-virus software should have features that include Anti-spyware and E-mail Protection.
2) Always have Personal Firewall on. Windows XP has built in "Windows Firewall".
Follow this link for "How to set up Windows Firewall".
3) Always update Computer OS security and Anti-virus softare patches. Windows XP provides "Automatic Updates" feature that you can easily turn on.
Follow this link for "How to turn on Windows Automatic Updates" or Windows XP Automatic Updates.
4) Do not install software from untrusted sites. You may luckily lead trojan hourse to your computer one day.
5) Always Observe "Windows Task Manager" for strange Applications, Processes, Performance, and Networking. The too high CPU and Networking utilization may give you a hint if your computer has already virus infected or trojan infected.
2) Always have Personal Firewall on. Windows XP has built in "Windows Firewall".
Follow this link for "How to set up Windows Firewall".
3) Always update Computer OS security and Anti-virus softare patches. Windows XP provides "Automatic Updates" feature that you can easily turn on.
Follow this link for "How to turn on Windows Automatic Updates" or Windows XP Automatic Updates.
4) Do not install software from untrusted sites. You may luckily lead trojan hourse to your computer one day.
5) Always Observe "Windows Task Manager" for strange Applications, Processes, Performance, and Networking. The too high CPU and Networking utilization may give you a hint if your computer has already virus infected or trojan infected.
Why tweaking TCP is important to Internet Broadband User?
TCP Slow Start
TCP is an end to end protocol which operates over the heterogeneous Internet. TCP has no advance knowledge of the network characteristics, thus it has to adjust its behavior according to the current state of the network. TCP has built in support for congestion control. Congestion control ensures that TCP does not pump data at a rate higher than what the network can handle.
TCP is an end to end protocol which operates over the heterogeneous Internet. TCP has no advance knowledge of the network characteristics, thus it has to adjust its behavior according to the current state of the network. TCP has built in support for congestion control. Congestion control ensures that TCP does not pump data at a rate higher than what the network can handle.
And well ... becasue your OS's TCP does not know your Internet Broadband speed - it is just a simple answer, ha? But this is a painful truth. TCP is not designed to guess your maximum speed and work at the highest capacity all the time. You may feel dumb why paying higer cost than normal 56K modem if you don't adjust TCP parameters for your Internet Broadband subscription.
Tweaking TCP parameters can be done manually if you are a computer nerd. However, there are such smart tools that you would love to utilize them. Here they are:
DrTCP - by BroadbandReport's moderator DrTCP and the users of the tweaks forum. You will need to reboot (older windows) and restart networking (2k,XP) for DrTCP changes to take effect.
There are also researchs to modify TCP slow start mechanism at protocol level. Attempts on modifications to TCP slow start for high delay, bandwidth networks e.g. Floyd's TCP slow-start and AIMD mods.
Tweaking TCP parameters can be done manually if you are a computer nerd. However, there are such smart tools that you would love to utilize them. Here they are:
SG TCP Optimizer - The TCP Optimizer is a free, easy Windows program that provides an intuitive interface and optimizing your Internet connection. There is no installation required, just download and run.
DrTCP - by BroadbandReport's moderator DrTCP and the users of the tweaks forum. You will need to reboot (older windows) and restart networking (2k,XP) for DrTCP changes to take effect.
There are also researchs to modify TCP slow start mechanism at protocol level. Attempts on modifications to TCP slow start for high delay, bandwidth networks e.g. Floyd's TCP slow-start and AIMD mods.However, this approach is not "You Can Do It Yourself" like tweaking TCP as suggested above. The mechansim will be bundled, if implemented, to equipments such as ADSL router, WiFi router, Satellite Modem, etc.
Ethernet
Ethernet is a large and diverse family of frame-based computer networking technologies for local area networks (LANs). The name comes from the physical concept of the ether. It defines a number of wiring and signaling standards for the physical layer, two means of network access at the Media Access Control (MAC)/Data Link Layer, and a common addressing format.
Ethernet has been standardized as IEEE 802.3. Its star-topology, twisted pair wiring form became the most widespread LAN technology in use from the 1990s to the present, largely replacing competing LAN standards such as coaxial cable Ethernet, token ring, FDDI, and ARCNET. In recent years, Wi-Fi, the wireless LAN standardized by IEEE 802.11, has been used in addition to or instead of Ethernet in many installations.
A Brief History of Ethernet
The first experimental Ethernet system was invented in 1972 by Metcalfe and his Xerox PARC colleagues to interconnect the Xerox Alto. Metcalfe's first experimental network was called the Alto Aloha Network. It was changed to "Ethernet" in 1973 to make it clear that the system could support any computer.
Charles Spurgeon's Ethernet Web Site provides extensive information about Ethernet
Ethernet has been standardized as IEEE 802.3. Its star-topology, twisted pair wiring form became the most widespread LAN technology in use from the 1990s to the present, largely replacing competing LAN standards such as coaxial cable Ethernet, token ring, FDDI, and ARCNET. In recent years, Wi-Fi, the wireless LAN standardized by IEEE 802.11, has been used in addition to or instead of Ethernet in many installations.
A Brief History of Ethernet
The first experimental Ethernet system was invented in 1972 by Metcalfe and his Xerox PARC colleagues to interconnect the Xerox Alto. Metcalfe's first experimental network was called the Alto Aloha Network. It was changed to "Ethernet" in 1973 to make it clear that the system could support any computer.
Charles Spurgeon's Ethernet Web Site provides extensive information about Ethernet
Voice Encryption - Why We Need It?
Why do I need Encryption?
Any general discussion on the need for voice encryption makes a few assumptions. These being, that the user of a communications system believes that;
The average eavesdropper with a simple analog radio or telephone wire tap may not be a real threat against a modern digitized communications channel, however, most people would agree that the 'average eavesdropper' is not representative of their threat. The standards placed on communications systems are global in nature, and the boxes that can intercept (monitor) most communications protocols 'off-the-shelf' purchases. Therefore, digitization alone only protects your voice channel from the 'casual listener' who's budget does not include the necessary, commercially available, monitoring products.
Voice Encryptor and Voice Circuit Types:
Any general discussion on the need for voice encryption makes a few assumptions. These being, that the user of a communications system believes that;
- a real or perceived threat exists in voice traffic collection from source who has the technical and financial means to collect and extract information from a communications system.
- the information on the system is of some value to persons other than the sender and the intended receiver(s), e.g., personal; financial; intelligence; or otherwise information that is sensitive in nature.
The average eavesdropper with a simple analog radio or telephone wire tap may not be a real threat against a modern digitized communications channel, however, most people would agree that the 'average eavesdropper' is not representative of their threat. The standards placed on communications systems are global in nature, and the boxes that can intercept (monitor) most communications protocols 'off-the-shelf' purchases. Therefore, digitization alone only protects your voice channel from the 'casual listener' who's budget does not include the necessary, commercially available, monitoring products.
Voice Encryptor and Voice Circuit Types:
- The Digital Voice Encryptor. The digital voice encryptor treats the voice signal as a digital data stream, and is therefore closer to a data encryptor than a voice encryptor in terms of its performance characteristics. It relies on some method of converting the voice signal into a digital data stream. Once it is digitized, it is then 'Exclusive ORed' with the key stream generator's output bit stream, thus producing the encrypted data stream signal sent out over the channel.
- The Analog Voice Encryptor. Early methods of 'analog' encryption were nothing more than voice scrambles with little security to any aggressive attack. The advent of more powerful voice processing circuitry and software allowed more sophisticated voice processing techniques that use a key generator's secure key stream for selecting the given sound segment's permutations. There purmutations include band segmentation, sub-band frequency inversions (or non-inversions), and sub-band segment interleaving. The more combinations used, the harder to reconstruct the signal without knowledge of the key generator's key stream. This technique will generally provide a near-plain mode level of voice quality while containing the encrypted channel to within the plain modes voice channel bandwidth. It is common in the newer 'analog' techniques to digitize the signal, but it processes (in many respects) like an analog signal. In this respect, it is a bit of a minomer to call it 'analog encryption', however it is done primarily to differentiate it from 'digital' voice encryption techniques (see the discussions below).
Saturday, November 25, 2006
Acoustic Delay vs. VoIP Quality
What is Acoustic Delay Line?
acoustic delay line: A device that introduces a delay in the propagation of an electrical signal by (a) employing a transducer to convert the signal into an acoustic wave, (b) propagating the acoustic wave through a medium such as a column of mercury or a carbon or ferrite rod, and (c) by means of another transducer, converting the acoustic wave back to an electrical signal. Note: An acoustic delay line may be used for temporary storage of information, e.g., a digital data stream.
How does Acoustic Delay effect VoIP quality?
acoustic delay line: A device that introduces a delay in the propagation of an electrical signal by (a) employing a transducer to convert the signal into an acoustic wave, (b) propagating the acoustic wave through a medium such as a column of mercury or a carbon or ferrite rod, and (c) by means of another transducer, converting the acoustic wave back to an electrical signal. Note: An acoustic delay line may be used for temporary storage of information, e.g., a digital data stream.
How does Acoustic Delay effect VoIP quality?
There are two forms of echo on voice networks, hybrid echo and acoustic echo. Hybrid echo is a linear electrical signal reflection that occurs at the 4-wire to 2-wire conversion point in a PSTN network (usually found in a Class 5 PSTN switch). Hybrid echo can enter the VoIP network wherever there is a connection between VoIP and PSTN networks. Acoustic echo is non-linear and is caused by poor acoustic isolation between the speaker and the microphone of user's device (e.g., handset, headset, softphone, speakerphone). It can enter the VoIP network from any source.
Both forms of echo become more noticeable and annoying to the caller with the added delay of the IP network. In fac, the added VoIP-induced delay can make what would formerly be considered minor echo annoying enough to cause users to abandon the call.
VoIP Type
PC-to-PC VoIP via Microsoft MSN and/or Skype
It is not a great and easy VoIP experience but it is free anyway. You just need a high speed Internet Broadband that has speed more than voice codec (64 Kbps) together with a good headphone (of course you can use a mic with a speaker phone if you don't care about acoustic echo). The most annoying to me about PC-to-PC VoIP is appointment. You need to tell your partner in advance to be online at the time you "VoIP" him/her.
It is not a great and easy VoIP experience but it is free anyway. You just need a high speed Internet Broadband that has speed more than voice codec (64 Kbps) together with a good headphone (of course you can use a mic with a speaker phone if you don't care about acoustic echo). The most annoying to me about PC-to-PC VoIP is appointment. You need to tell your partner in advance to be online at the time you "VoIP" him/her.
Somebody is wondering about quality of MSN and Skype VoIP. There is a paper comparing MSN and Skype VoIP at http://www.multicomm.org/proc_multicomm06_3.pdf.
PC-to-Phone VoIP
PC-to-Phone VoIP
This could be either free or charge service depends on where on earth you are. Both MSN and Skype provide PC-to-Phone but you need to pay.
Phone-to-Phone VoIP
Absolutely this is not a free service unless you own VoIP network between destinations ;-)
What is Voice over IP?
Source: http://en.wikipedia.org/wiki/VoIP
Voice over Internet Protocol, also called VoIP, IP Telephony, Internet telephony, Broadband telephony, Broadband Phone and Voice over Broadband is the routing of voice conversations over the Internet or through any other IP-based network.
Protocols which are used to carry voice signals over the IP network are commonly referred to as Voice over IP or VoIP protocols. They may be viewed as commercial realizations of the experimental Network Voice Protocol (1973) invented for the ARPANET.ce providers. Some cost savings are due to utilizing a single network to carry voice and data, especially where users have existing underutilized network capacity they can use for VoIP at no additional cost. VoIP to VoIP phone calls on any provider are typically free, while VoIP to PSTN calls generally costs the VoIP user.
There are two types of PSTN to VoIP services: DID (Direct Inward Dialing) and access numbers. DID will connect the caller directly to the VoIP user while access numbers require the caller to input the extension number of the VoIP user. Access numbers are usually charged as a local call to the caller and free to the VoIP user(citation/example needed) while DID usually has a monthly fee. There are also DID that are free to the VoIP user but is chargeable to the caller.
Functionality
VoIP can facilitate tasks that may be more difficult to achieve using traditional networks:
VoIP allows users to travel anywhere in the world and still make and receive phone calls:
Voice over Internet Protocol, also called VoIP, IP Telephony, Internet telephony, Broadband telephony, Broadband Phone and Voice over Broadband is the routing of voice conversations over the Internet or through any other IP-based network.
Protocols which are used to carry voice signals over the IP network are commonly referred to as Voice over IP or VoIP protocols. They may be viewed as commercial realizations of the experimental Network Voice Protocol (1973) invented for the ARPANET.ce providers. Some cost savings are due to utilizing a single network to carry voice and data, especially where users have existing underutilized network capacity they can use for VoIP at no additional cost. VoIP to VoIP phone calls on any provider are typically free, while VoIP to PSTN calls generally costs the VoIP user.
There are two types of PSTN to VoIP services: DID (Direct Inward Dialing) and access numbers. DID will connect the caller directly to the VoIP user while access numbers require the caller to input the extension number of the VoIP user. Access numbers are usually charged as a local call to the caller and free to the VoIP user(citation/example needed) while DID usually has a monthly fee. There are also DID that are free to the VoIP user but is chargeable to the caller.
Functionality
VoIP can facilitate tasks that may be more difficult to achieve using traditional networks:
- Incoming phone calls can be automatically routed to your VoIP phone, regardless of where you are connected to the network. Take your VoIP phone with you on a trip, and wherever you connect to the Internet, you can receive incoming calls.
- Free phone numbers for use with VoIP are available in the USA, UK and other countries from organizations such as VoIP User.
- Call center agents using VoIP phones can work from anywhere with a sufficiently fast and stable Internet connection.
- Many VoIP packages include PSTN features that most telcos normally charge extra for, or may be unavailable from your local telco, such as 3-way calling, call forwarding, automatic redial, and caller ID.
VoIP allows users to travel anywhere in the world and still make and receive phone calls:
- Subscribers of phone-line replacement services can make and receive local phone calls regardless of their location. For example, if a user has a New York City phone number and is traveling in Europe and someone calls the phone number, it will ring in Europe. Conversely, if a call is made from Europe to New York City, it will be treated as a local call. Of course, there must be a connection to the Internet e.g. WiFi to make all of this possible.
- Users of Instant Messenger based VoIP services can also travel anywhere in the world and make and receive phone calls.
- VoIP phones can integrate with other services available over the Internet, including video conversation, message or data file exchange in parallel with the conversation, audio conferencing, managing address books and passing information about whether others (e.g. friends or colleagues) are available online to interested parties.
Subscribe to:
Comments (Atom)