What is history behind 802.11 in wifi
Dear friends,
So far you have spent your time by reading the three parts of this topic and at this stage I should tell you an interesting history behind this wifi. You have seen some numbers in the articles of my friend Sudipta and some of my friends may have thought that why those numbers are used here. Now I will tell you that thing. So pl read it.
We often hear words, tongue twisting Acronyms for Terms and Terminologies in the world of Computers and other related Technologies. Often these words and numbers do not seem to have any meaning. But they ALWAYS DO…..
Since this series of postings are on the Topic of “Wi-Fi Networks” , you hear the read about the number and letter string 802.11x all the time. Here is the History behind it.
The first meeting that IEEE held for “Network Communication Standards” was in – February of 1980. Therefore, the Working Group Committee for Network Communication Standards was given the number 802. Thereafter, a Subgroup number 11 was assigned for “Wireless Network Communication Standards”. That is the history behind 802.11 naming standard.
After this there have been several Wi-Fi Network Communication Standards. These standards were assigned letters “a”, “b”, “c”, and so on all the way to “m”. That is how you get 802.11a, 802.11b, 802.11c …..802.11m
This is little trivia behind 802.11 xs.
Hope that was interesting reading for you.
Pl keep in touch with us for more interesting article on this topic.
Thanking you
Urproblemmysolution Team
Sunday, May 16, 2010
Friday, May 14, 2010
Unsecured Wifi and we----------Part-3
What is Secure in Wifi.
Dear Friends,
As I promised you earlier that my wifi series posting will be interesting to all you so my friend Sudipta of Future Netwings (www.futurenetwings.com) again has come to stretch his hand to make you understand why WPA-2 is secure and how much secure. So lets have a look:
WPA2 compliments TKIP and the improved data integrity control algorithm with more secured encryption mechanism called Advanced Encryption Standard (AES) - Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP). In other words, this means an improved encryption algorithm. Experts say that AES-CCMP is robust enough to be used for government data security purposes.
WPA2 also has two flavours - WPA2-PSK and WPA2-802.1x Just like WPa-802.1x WPA2-802.1x would require integration of the Access Points with a Directory server using RADIUS.
Release time: July 2004
Encryption: TKIP
Authentication: PSK or 802.1x
Suitable for Corporate: For Corporate WPA2-802.1x needs to be implemented where the authentication database would reside on the Active Directory or any other LDAP directory. WPA2-PSK may also be used alternatively.
Suitable for Home/Small Business: WPA2-PSK is sufficient for home/SMB.
Cracking: Though there are rumours, it is safe to consider WPA2 as not crackable.
Therefore, for Home/SMBs the order of choice needs to be WPA2-PSK>WPA-PSK>WEP. In addition to this one should also do MAC- binding in the APs for the clients.
However the Corporates should implement 802.1x versions of WPA or WPA2. We have found EAP-TLS implementations with WPA2 and an in-house certificate server very strong in terms of security.
Pl keep in touch with my forthcoming interesing articles on wifi.
Thanking you
Urproblemmusolution Team
Dear Friends,
As I promised you earlier that my wifi series posting will be interesting to all you so my friend Sudipta of Future Netwings (www.futurenetwings.com) again has come to stretch his hand to make you understand why WPA-2 is secure and how much secure. So lets have a look:
WPA2 compliments TKIP and the improved data integrity control algorithm with more secured encryption mechanism called Advanced Encryption Standard (AES) - Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP). In other words, this means an improved encryption algorithm. Experts say that AES-CCMP is robust enough to be used for government data security purposes.
WPA2 also has two flavours - WPA2-PSK and WPA2-802.1x Just like WPa-802.1x WPA2-802.1x would require integration of the Access Points with a Directory server using RADIUS.
Release time: July 2004
Encryption: TKIP
Authentication: PSK or 802.1x
Suitable for Corporate: For Corporate WPA2-802.1x needs to be implemented where the authentication database would reside on the Active Directory or any other LDAP directory. WPA2-PSK may also be used alternatively.
Suitable for Home/Small Business: WPA2-PSK is sufficient for home/SMB.
Cracking: Though there are rumours, it is safe to consider WPA2 as not crackable.
Therefore, for Home/SMBs the order of choice needs to be WPA2-PSK>WPA-PSK>WEP. In addition to this one should also do MAC- binding in the APs for the clients.
However the Corporates should implement 802.1x versions of WPA or WPA2. We have found EAP-TLS implementations with WPA2 and an in-house certificate server very strong in terms of security.
Pl keep in touch with my forthcoming interesing articles on wifi.
Thanking you
Urproblemmusolution Team
Thursday, May 13, 2010
Unsecured Wifi and we------Part-2
Dear friends,
I promised you that some interesting topics on wifi would be forthcoming for you so I decided to explain it in part 2 about why the WEP and WPA are unsecured in a easy way and one of my team members Mr. Sudipta Pal of Future Netwings (www.futurenetwings.com) has tried to explain this before you in an easy and understandable manner. So please read it:-
WEP - Wired Equivalent Privacy.
This is the most primitive wireless encryption technology that uses static Pre Shared keys (single/multiple). WEP has three versions - 64 bit or 128 bit or 256 bit.
An WEP key is formed by concatenating a pre shared key with another quantity called IV (Initialization Vector).
Standard 64-bit WEP uses a 40 bit key (also known as WEP-40), which is concatenated with a 24-bit initialization vector (IV) to form the RC4 traffic key.
A 128-bit WEP key is almost always entered by users as a string of 26 hexadecimal (base 16) characters (0-9 and A-F). Each character represents four bits of the key. 26 digits of four bits each gives 104 bits; adding the 24-bit IV produces the final 128-bit WEP key.
A 256-bit WEP system is available from some vendors, and as with the 128-bit key system, 24 bits of that is for the IV, leaving 232 actual bits for protection. These 232 bits are typically entered as 58 hexadecimal characters. (58 × 4 = 232 bits) + 24 IV bits = 256-bit WEP key.
Release time: 1997
Encryption: WEP
Authentication: Open (none) or Shared using the pre-shared, static WEP key.
Suitable for Corporate: No, WEP can be cracked in few minutes. Please refer to http://www.youtube.com/watch?v=SRC1Z-ZSEr8 for a video on this.
Suitable for Home/Small Business: No A home should never use this because if a criminal activity happens, the homeowner may not have the political muscles to fight the charges.
Suitable for Corporate: Corporate should never use WEP. However, if at all WEP needs to be used in order to support legacy wireless applications; one should implement technologies like EAP-TLS in order to compensate for the weaknesses of WEP. WEP alone is worse than not having any security at all. Because it leads to false sense of being secured.
Cracking time: Few minutes
WPA (Wireless Protected Access)
WPA is built upon WEP, making it more secure by adding extra security algorithms and mechanisms to fight intrusion. Perhaps the most important improvement over WEP is a dynamic security key exchange mechanism and much more improved authentication and encryption mechanisms.
WPA is also better than WEP in its data encryption abilities. While WEP uses the same static security key for both encryption and decryption of all communication (the key never expires), WPA implements a mechanism involving a number of security keys. This is done through so-called Temporal Key Integrity Protocol (TKIP). This is a revolutionary improvement because even if the intruder obtains one security key, he will not be able to use it for long. This system changes the security key used for data transmission every specified amount of time to prevent cracking attempts.
When we talk about security keys, we implicitly talk about a working mechanism of security keys. The TKIP mechanism shares a starting key between devices, but each device then changes its encryption key for the ongoing communication.
WPA has two variants: WPA-PSK (Pre-Shared Key) and WPA-802.1x
WPA-PSK uses a user defined password to initialize the TKIP, temporal key integrity protocol. There is a password and the user is involved, for the most part that means it is flawed. The TKIP is not really crackable as it is a per-packet key but upon the initialization of the TKIP, like during an authentication, we get the password (well the PMK anyways). A robust dictionary attack will take care of a lot of consumer passwords.
WPA-802.1x involves physical transferring of the key and encrypted channels, it requires one to implement the authentication of the users based on Active Directory or other LDAP based directories.
Release time: April 2003
Encryption: TKIP
Authentication: PSK or 802.1x
Suitable for Corporate: May be, WPA can be cracked though it takes much longer time compared to WEP. For Corporate WPA-802.1x needs to be implemented where the authentication database would reside on the Active Directory or any other LDAP directory. WPA-PSK is not recommended for corporate.
Suitable for Home/Small Business: Since most of the homes/SMBs cannot afford a Directory server, the only choice they will have is WPA-PSK. A home may opt for this since most of the security best practice guidelines consider this as sufficient. The users in this case need to do MAC binding along with WPA-PSK.
Cracking time: 30 minutes to one hour if the PSK is based on dictionary words. It would take few days if non-dictionary words are used. A brief guide may be accessed at: http://docs.alkaloid.net/index.php/Cracking_WEP_and_WPA_Wireless_Networks
I think you have enjoyed it.
Thanking you
Urpromlemmysolution Team
I promised you that some interesting topics on wifi would be forthcoming for you so I decided to explain it in part 2 about why the WEP and WPA are unsecured in a easy way and one of my team members Mr. Sudipta Pal of Future Netwings (www.futurenetwings.com) has tried to explain this before you in an easy and understandable manner. So please read it:-
WEP - Wired Equivalent Privacy.
This is the most primitive wireless encryption technology that uses static Pre Shared keys (single/multiple). WEP has three versions - 64 bit or 128 bit or 256 bit.
An WEP key is formed by concatenating a pre shared key with another quantity called IV (Initialization Vector).
Standard 64-bit WEP uses a 40 bit key (also known as WEP-40), which is concatenated with a 24-bit initialization vector (IV) to form the RC4 traffic key.
A 128-bit WEP key is almost always entered by users as a string of 26 hexadecimal (base 16) characters (0-9 and A-F). Each character represents four bits of the key. 26 digits of four bits each gives 104 bits; adding the 24-bit IV produces the final 128-bit WEP key.
A 256-bit WEP system is available from some vendors, and as with the 128-bit key system, 24 bits of that is for the IV, leaving 232 actual bits for protection. These 232 bits are typically entered as 58 hexadecimal characters. (58 × 4 = 232 bits) + 24 IV bits = 256-bit WEP key.
Release time: 1997
Encryption: WEP
Authentication: Open (none) or Shared using the pre-shared, static WEP key.
Suitable for Corporate: No, WEP can be cracked in few minutes. Please refer to http://www.youtube.com/watch?v=SRC1Z-ZSEr8 for a video on this.
Suitable for Home/Small Business: No A home should never use this because if a criminal activity happens, the homeowner may not have the political muscles to fight the charges.
Suitable for Corporate: Corporate should never use WEP. However, if at all WEP needs to be used in order to support legacy wireless applications; one should implement technologies like EAP-TLS in order to compensate for the weaknesses of WEP. WEP alone is worse than not having any security at all. Because it leads to false sense of being secured.
Cracking time: Few minutes
WPA (Wireless Protected Access)
WPA is built upon WEP, making it more secure by adding extra security algorithms and mechanisms to fight intrusion. Perhaps the most important improvement over WEP is a dynamic security key exchange mechanism and much more improved authentication and encryption mechanisms.
WPA is also better than WEP in its data encryption abilities. While WEP uses the same static security key for both encryption and decryption of all communication (the key never expires), WPA implements a mechanism involving a number of security keys. This is done through so-called Temporal Key Integrity Protocol (TKIP). This is a revolutionary improvement because even if the intruder obtains one security key, he will not be able to use it for long. This system changes the security key used for data transmission every specified amount of time to prevent cracking attempts.
When we talk about security keys, we implicitly talk about a working mechanism of security keys. The TKIP mechanism shares a starting key between devices, but each device then changes its encryption key for the ongoing communication.
WPA has two variants: WPA-PSK (Pre-Shared Key) and WPA-802.1x
WPA-PSK uses a user defined password to initialize the TKIP, temporal key integrity protocol. There is a password and the user is involved, for the most part that means it is flawed. The TKIP is not really crackable as it is a per-packet key but upon the initialization of the TKIP, like during an authentication, we get the password (well the PMK anyways). A robust dictionary attack will take care of a lot of consumer passwords.
WPA-802.1x involves physical transferring of the key and encrypted channels, it requires one to implement the authentication of the users based on Active Directory or other LDAP based directories.
Release time: April 2003
Encryption: TKIP
Authentication: PSK or 802.1x
Suitable for Corporate: May be, WPA can be cracked though it takes much longer time compared to WEP. For Corporate WPA-802.1x needs to be implemented where the authentication database would reside on the Active Directory or any other LDAP directory. WPA-PSK is not recommended for corporate.
Suitable for Home/Small Business: Since most of the homes/SMBs cannot afford a Directory server, the only choice they will have is WPA-PSK. A home may opt for this since most of the security best practice guidelines consider this as sufficient. The users in this case need to do MAC binding along with WPA-PSK.
Cracking time: 30 minutes to one hour if the PSK is based on dictionary words. It would take few days if non-dictionary words are used. A brief guide may be accessed at: http://docs.alkaloid.net/index.php/Cracking_WEP_and_WPA_Wireless_Networks
I think you have enjoyed it.
Thanking you
Urpromlemmysolution Team
Sunday, May 9, 2010
Unsecured Wifi and We-------- Part -1
My dear friends,
After long long and long interval I am again in front of you with an interesting topic, which I feel important to tell you. That is un-secured wifi. I think most of you know what wifi connection is. Wifi connection is a method of connecting your computer with the internet. You can connect your computer or any network device in two ways i.e.:- wired and wireless (wifi). So now it’s clear to all what is wifi connection. In your wired connection none can use your connection unless you are connected with internet or you have allowed someone to use your computer systems and in the same way in wifi connection you are not allowed to use anyone’s network connection if it is secured i.e.:- when you are going to use someone’s wifi network it seeks authentication with key or password, though there are some conditions i.e.:- level of encryption.
So now let me tell you some important issues about un-secured wifi networks. First of all you should know what is unsecured network. Unsecured networks are those which do not seek any password or key or authentication to connect to the network. So you are thinking that when a wifi connection seeks all the above requirements they are secured. But not my friend and that’s why I mentioned earlier about some conditions. The conditions are level of encryption. Wifi networks have generally three types of level of encryption i.e.:- WEP, WPA1 and WPA2. WEP and WPA1 can be cracked easily. So the wifi networks with WEP and WPA1 are not secured. WPA2 is secured.
So now definitely a question has arose in your mind where un-secured networks are found. These are found outsite the hotels, restaurants, corporate areas and in the IT sectors, cafes, airports, outside someone’s residence nursing homes, hospitals, colleges etc, and study says that 30% wifi networks are secured in the world and rests are unsecured. So it’s a huge drawback for wifi networks.
To be continued and be in touch for some interesting forth coming topics on the same subject.
With thanks
Urproblemmysolution Team
After long long and long interval I am again in front of you with an interesting topic, which I feel important to tell you. That is un-secured wifi. I think most of you know what wifi connection is. Wifi connection is a method of connecting your computer with the internet. You can connect your computer or any network device in two ways i.e.:- wired and wireless (wifi). So now it’s clear to all what is wifi connection. In your wired connection none can use your connection unless you are connected with internet or you have allowed someone to use your computer systems and in the same way in wifi connection you are not allowed to use anyone’s network connection if it is secured i.e.:- when you are going to use someone’s wifi network it seeks authentication with key or password, though there are some conditions i.e.:- level of encryption.
So now let me tell you some important issues about un-secured wifi networks. First of all you should know what is unsecured network. Unsecured networks are those which do not seek any password or key or authentication to connect to the network. So you are thinking that when a wifi connection seeks all the above requirements they are secured. But not my friend and that’s why I mentioned earlier about some conditions. The conditions are level of encryption. Wifi networks have generally three types of level of encryption i.e.:- WEP, WPA1 and WPA2. WEP and WPA1 can be cracked easily. So the wifi networks with WEP and WPA1 are not secured. WPA2 is secured.
So now definitely a question has arose in your mind where un-secured networks are found. These are found outsite the hotels, restaurants, corporate areas and in the IT sectors, cafes, airports, outside someone’s residence nursing homes, hospitals, colleges etc, and study says that 30% wifi networks are secured in the world and rests are unsecured. So it’s a huge drawback for wifi networks.
To be continued and be in touch for some interesting forth coming topics on the same subject.
With thanks
Urproblemmysolution Team
Monday, March 8, 2010
How to trace email sender
My Dear Friends,
I discussed you earlier about many type of cyber crimes, where we become a victims, like phishing mail, spoof mail, threat mail, cyber stalking mail and so on. But my friends if we know the or trace out sender then we can take precautionary measures and at least we can help those police officers, who does not know any thing about finding the sender of the offensive mail.
So, let talk about that. Before finding out the sender we should find out the header file of the mail and I think you know to find out the header file of the mail. Then copy the header file of the mail and open the link www.ip2location.com/emailtracer.aspx
You will find a open box (Pl c the picture above) there and then paste that header file, which you copied earlier and now click on "Find Location" and now you will see the IP address of the sender and also the path through which it came to you.
Now you give the sender's IP to the Police for there enquiry or investigation. I think this will help you lot from the cyber criminals, specially those who make you fool by there phishing mails.
Here is Video Tutorial from other links and I thought it is helpful for everybody and thats why this for you.
http://www.metacafe.com/watch/1355889/how_to_trace_email_sender_and_locate_him_with_the_satellite/
Pl copy it and paste it on your browser and enjoy.
Thanking you,
Urproblemmysolution team
Subscribe to:
Posts (Atom)