LDAP is a short hand for Light weight Directory Access Protocol. It is a standard protocol used by the application to access the information in a directory. It runs over TCP and can used a standalone LDAP directory service which has a backend X.500.

The LDAP service model is based on the number of Entries. An entry is a collection of the attributes which describes it. Each attribute has unique characteristics which contains name, type and many more.

A LDAP directory tree often reflects geographic and organization concerns. In LDAP directories the entries are arranged in tree structure, which starts at root and goes till leaf. At the top level it represents the larger organizations. This larger directories contains smaller organization. Each entry has a distinguished name. The DN(Distinguished Name) consists of unique and a path of the names that trace till the root.

Working:

LDAP is based on Client - server model. In which the LDAP server provides the directory service while the clients use the directory service to access the directory.

Some of the operations of the LDAP directories.

1.     Search and Retrieve the entries.

2.    Updating the entries.

3.    Renaming , adding and deleting the entries.

To perform the operations the client has to establish the connection with the server. It uses the TCP/IP and port no 389 (sever can run on different ports). It has a very simplified authentication process.

Bookmark To:

A DDos attack is Denial of service attack or distributed denial of service attack, in which the computer resource is made unavailable to the users. This attack emerged as one of the most news worthy as the weaknesses of the internet. The means to carry out the attack can be different but the motive is same. There are several tools on computers that allow vandals to remotely control the resources to encounter an attack on the users computer to be inoperable. The nature of the attack is that it becomes impossible to stop in one  attempt and single handedly. The basis of the attack is to flood the users computer with traffic.

DDos attack involves encountering into hundreds or thousand of machine all over the internet. After this the attacks installs DDos software on them which allows them to control these machines to launch the attack at ones on an organized way. These attacks exhaust bandwidth, router capacity , network resources etc.

There are two means of attacks Wireless and wired.

Some basic type of attacks include:

1. consumption of the resources
2. Disruption of routing information
3. Disruption of state information.
4. Disruption of network consumption
5. Obstruction in media between the users and resources.

Why it is difficult to halt such attacks?

1. The flood of the traffic makes the network shut down which makes it difficult to trouble shoot the problem
2. Some times the victim may be able to filter the traffic by using the firewall, however this also nit effective it will degrade the performance If the attack is overloaded filter is useless.
3. The traffic that comes from different compromised computers. To stop this traffic it requires to trace each address, then contacting that organization and ask them to stop the traffic.
4. Many of the DDos attack tools allows to forge the there source address which makes even more difficult to trace the address.
5. Once the source machines are identified the victim must ask to shut down the compromised computer. Now the source organization and staff may not be working on weekends or in nights, language barrier, the authority with the staff may not be sufficient and they may also be not familiar to the attack

What measures we can take?

Linux/Unix computer :

Follow R.U.N.S.A.F.E Guidelines.

Download and run the test programs from the National protection Center to test these type of attacks

Windows :

Follow R.U.N.S.A.F.E Guidelines.

These precautions may help you to prevent the attacks

Bookmark To:

What is BGP network ?

BGP stands for Border Gateway Protocol, it is core routing protocol of the Internet which contains a colletions of multiple networks and IP tables. It maintains the network IP’s and designates network reachability among autonomous systems (AS). BGP was created to replace the EGP routing protocol system to allow removal of NSFNet Internet backbone network. The internet version IP4 was support of Classless Inter-Domain Routing.

BGP is used by Internet service providers to establish routing between one another, it is one of the most important protocols of the Internet. BGP performs interdomain routing in Transmission-Control Protocol/Internet Protocol (TCP/IP) networks. BGP performs three types of routing: interautonomous system routing, intra-autonomous system routing, and  pass-through autonomous system routing.

01. Interautonomous system routing is established between two or more BGP routers at different autonomous systems. BGP neighbors communicating between autonomous systems must reside on the same physical network.

02. Intra-autonomous system routing is established between two or more BGP routers located within the same autonomous system. The BGP protocol can provide both inter- and intra-autonomous system routing services.

03. Pass-through autonomous system  routing is established between two or more BGP peer routers that exchange traffic across an autonomous system that does not run BGP. BGP must interact with whatever intra-autonomous system routing protocol is being used to successfully transport BGP traffic through that autonomous system.

BGP devices exchange routing information upon initial data exchange and after incremental updates. BGP routers exchange their entire BGP routing tables. An update message is used to provide routing updates to other BGP systems. Updates are sent using the Transmission-Control Protocol (TCP) to ensure reliable delivery.

Bookmark To:

TCP/IP Model :  This model is a description framework of internet protocols. It is also called as Internet protocol suite. This model is a later invention after the original model OSI model with 7 layers. TCP/IP contains 4 layers. It was developed by the defense ministry of United states in 1970. This model is also referred as Internet model or Dod model. TCP/IP is the short hand for Transmission Control Protocol and Internet Protocol.

Take a look at this diagram how the data is encapsulated at each layer.

The TCP (Transmission Control Protocol )  operates at transport layer of the Internet protocol suite and provides the network devices with reliable and secured communication facilities. Applications of TCP include Email and file transfer.

IP (Internet Protocol) is a networking protocol used for communicating data over a packet-switched network. It operates on the Internet layer of the protocol suite and facilitates the delivery of datagrams based on the IP Address of the network hosts.

Indeed, TCP/IP protocol suite is the core of communication and computing over the Internet.

It gives set of guidelines to communicate over the network and also implements certain networking protocols to help computers communicate over the network. The model shows the end to end connectivity between the source and destination specifying how the data is formatted, addressed, transmitted and received to the destination.

Although this model is always compared with the OSI reference model , this model is descriptive and not a reference model as OSI is.

Layers in TCP/IP Model:

Application Layer: This layer works where the high level protocols reside. It defines how the host programs interface with the transport layer services to use the network efficiently. It defines the application protocols.

Transport Layer: This layer provides the communication management between the communicating computers. It is responsible to establish and take care of the sessions between the hosts.It is the most important layer and basically uses two protocols

TCP: Transmission Control Protocol - Connection oriented

UDP: User datagram Protocol - Connection less.

Internet Layer: This layer is responsible to encapsulate the data into the IP datagrams which contains the source and destination IP address information useful for routing. It performs the routing of the IP datagrams over the networks.

Link Layer/ network Interface Layer: This is the last layer of the model and it specifies the details how the data is actually and physically transmitted over the network. It includes the electrical specification of the data that is transmitted, how the bits are signaled by the hardware.

Bookmark To:

A firewall is software written for the purpose of securing your computer from the threats like hacking, Viruses and worms that try to enter your system from the network. Using firewall is the first step to make your system secured. It is the device or set of devices which is configured to either permit or deny , encrypt and decrypt the traffic  between the domain in regards to the security rules set.

Please always turn ON your firewall before connecting to the internet.

A Firewall can be software, hardware or combination of both.

There are several types of firewall techniques:

1.       Packet filter Firewall: In this firewall, each packet coming to or leaving the network is monitored and decision is taken whether to accept or deny based on the rules set. This technique is very effective and well appreciated, however it is somewhat difficult to configure.

2.       Stateful firewall: This firewall is similar to packet filter firewall, however it is more intelligent in tracking the connections which are active. Configuring rues is easy and in deeper way.

3.       Application Gateway Firewall:  This technique is useful in some applications such as Telnet servers and FTP Servers. This firewall can bring performance degradation to the network.

4.       Circuit Level Gateway: This firewall is activated only when TCP or UDP connection is made. Once the connection is established the packets can traverse in the network without further filtering process.

5.       Proxy server: This is widely used in an enterprise. It checks each an every packet in the network. The proxy server also hides the network address

Basic way the Firewall is configured.

A firewall can be configured in either of the two basic ways given below.

Default Deny: The firewall lists the network services that are allowed and every thing else is denied.

Default Allow: The Firewall lists the network services which are not allowed and every thing else is allowed.

Need of firewall:

If the computer is not secured with the firewall and connected to the internet. The hackers can easily gain access to your system and exploit with your system The intruder can install code on your system that destroys files or may do some malfunctioning. This is firewall helps you out, It screen outs many kind of malicious traffic before it reaches the system.

Only firewall doesn’t make your system completely secure. This is base line securing your system. You should install additional security measures. Antivirus software is a good for your system

Bookmark To:

Ping command:

This is the most widely used tool to check the connectivity between the network devices. It uses port no 69 and is TCP based. It relies on ICMP(Internet control message Protocol)

It uses two types of  ICMP messages;

• Type 0, Echo request  - sent by the source machine;
• Type 0, Echo reply - sent by the Destination machine.

Ping command Helps in following way.

1)      Access: It helps us to see if the system is in reach of the connected system. If you get a reply from the destination then you can say that the system is reachable or else not.

2)      Distance : You can also find the distance and time it takes to reach the destination system. You can compare the time and the ping distance to determine if the system or site or the network is slow.

3)      IP Address: You can use the Ping command to find the IP address of the site. If you ping the domain name it automatically displays the IP address of the site.

Using Ping command is very easy:

Open the MSDOS on the windows computer and type PING followed by the computer name or the IP address of the computer. You will get the result in few seconds.

The output of the command consists:

IP Address of the remote machine

ICMP Sequence number

TTL i.e Time To Live, which shows the no of routers the packet hoped to reach the destination

Round-trip delay: It is the length of the time between the source and the destination

The number of lost packets.

Lets see the exact process of execution:

1. The source machine generates  the ICMP Data unit

2. This ICMP data unit is encapsulated with source and destination IP address and IP header

3. The Host machine also notes the time on the local machine while it sends the IP datagram towards the destination.

4. Each system reads the IP datagram if the destination address contains the IPaddress of its machine if not it forwards it to the next machine.

5. Finally when the destination machine receives the IP datagram and then Ipaddess maches with the machine.

6. The destination machine then replies with the ICMP Reply message, encapsulates it in the datagram placing its own IP address in source IP address field and the original senders IP in Destination field

7. This new IP datagram is routed back to the original sender of the command.

8. The host receives it and then notes the time on the clock and at last displays the output information which include the time elapsed

Bookmark To:

What is Internet Registry?
Internet Registry is an organization overseeing the allocation and registration of Internet number resources within a particular region of the world. Resources include IP addresses (both IPv4 and IPv6) and autonomous system numbers. The Internet Registry is known as Regional Internet Registry.

There are currently five RIRs ( Regional Internet Registry ) in operation :

• American Registry for Internet Numbers (ARIN) :: For North America and parts of the Caribbean
• RIPE Network Coordination Centre (RIPE NCC) :: For Europe, the Middle East and Central Asia
• Asia-Pacific Network Information Centre (APNIC) :: For Asia and the Pacific region
• Latin American and Caribbean Internet Addresses Registry (LACNIC) :: For Latin America and parts of the Caribbean region
• African Network Information Centre (AfriNIC) :: For Africa

Bookmark To:

After the great success of the Google chrome browser, Google is now spreading wings to the master software i.e Operating system named after the browser itself as Google chrome OS. Stats show that over 30 million people use Chrome browser every day. The concept behind developing such kind of operating system is that, OS were designed when Internet(Web) was not there. So this operating system would be thinking in the context of web.

Some of the features disclosed yet.

Google chrome OS is an Open source operating system that will be initially targeted towards Net books. It is lightweight too. In the second half of the 2010 the operating system will be available with its code with net books.

Speed, security and simplicity will be the key aspects of the operating system. Now the operating itself will be a fast software as well as lightweight. This will help in few seconds boot up and get you on the web.

Users would love the OS when they hear that the operating system has a great security architecture will itself deal with the malwares, Viruses and security updates.

Google OS will run on ARM chips and x86 as well. The software of the OS is also simple. All web based application will automatically work and the new applications can be written using any liked technologies. This application would infact work on all the operating system such as Windows, Mac and Linux.

Google is also looking to develop a cloud computing with web based Chrome OS, which will eliminate the need for local data and local software.

Google has thought of all the problems of the end users as well. Many problems arise while using OS in day to day life such as, users need to get email instantly without waiting for the System to boot up and browsers to start up.

All of them just hope that the system should be as fast as it was new, data backup is also a  worry of the users. What harasses the users is configuring the computer to work with every software, script or utility, this takes a lots of time and hardly succeed. This operating system will make the people happy who like to spend more time on internet

Bookmark To:

UDP is used by the network applications to transfer data between two computers. It is one of the core protocols in the protocol suite. UDP is sometimes called the Universal Datagram Protocol. Mostly the client Server application use UDP, for example : Video conferencing systems. Though UDP has many more challenging alternatives, it remains a viable technology

UDP is transport layer protocol as TCP is. Its main purpose is to abstract traffic in the form of datagrams. A datagram consists of  a unit binary data, first 8 bytes of a datagram consists of the header information and the remaining is the data.

UDP uses the simple model for transmission without handshaking method. Handshaking provides reliability, ordering or data integrity. As a result UDP is an unreliable service, datagrams reach the destination in an unordered way, duplicated or can be missing. UDP doesn’t rely on the error checking and correction techniques. UDP is not used by the time sensitive applications. It is compatible with the packet broadcast and multicast.

UDP applications use datagram sockets to establish host-to-host communications. Sockets bind the application to service ports, which function as the endpoints of data transmission.

UDP Packet structure:

Packet structure consists of 4 fields. In this two of the fields are optional.(Source port and checksum)

Source port: This field identifies the port from where the data was sent. If not used then it should be Zero(0).

Destination Port: This port identifies the destination port.

UDP Length : This is 16 bit field which specifies the length of the entire datagram in bytes. The minimum is 8 bytes.

Checksum: This is 16 bit field used for checksum and error checking function.

Bookmark To:

Class A IP address is used for a network with large number of hosts.

Class B IP address is used for a network with medium number of hosts.

Class C IP address is used for a network with less number of hosts.

The Class D IP addresses are used for multicasting.

The Class E IP addresses are reserved for experimental purpose.

The maximum number of networks and hosts that can be represented using the various IP address classes is shown below in the table:

Some IP Address are not available for general internet use, They are used for special purpose:

Bookmark To: