Vulnerability in RC4 stream cipher can get your Gmail, Facebook or Paypal hacked
Security researchers at Royal Holloway, University of London and University of Illinois at Chicago have discovered a vulnerability in RC4 stream cipher. RC4 is both simple and quick and is used by major corporations like Google, Facebook, PayPal, etc. to encrypt and transfer your information when you connect to these sites over HTTPS. Attack developed by these researchers can extract original information hidden in the encrypted text on careful analysis.How does this matter to you as a normal web user?
Post authentication, whichever link you click from within Gmail or Facebook or for that matter any site, sends with the request an authentication cookie, that is to verify that the request is coming from an authenticated user. So, when you are on SSL or TLS encryption (in simple terms, when your browser shows HTTPS), this cookie is sent to the server in an encrypted manner and cannot be misused even if some attacker manages to sniff your traffic. But, things might change after this development pertaining to the RC4 cipher. The protocol which is used to encrypt these cookies in transit is proven to be vulnerable. Hence, if an attacker manages to get a dump of your encrypted traffic, he may on careful inspection be able to extract the cleartext cookie that is hidden in the encrypted message.
So what happens if someone has your cookie?
If an authentication cookie falls in mischievous hands, it can be used to make the remote server believe that the request is actually originating from the person from whom the cookie was stolen. Sounds difficult? It is not. Cookie-stealing is a very old-school method of hacking user accounts. Then too, not much was done on the cookie implementation side, to make them more secure. Instead, these cookies were secured by mode of encryption.
Should you be afraid?
Not right now but beware. This is a relatively new vulnerability, and mass exploitation is not yet witnessed. This attack requires that the hacker should on the same network as you are such that he can sniff the traffic being sent over the network.
Which websites use RC4?
As per stats, 50% of Internet's HTTPS websites use RC4. The irony is that, this mass migration to RC4 had happened because of a vulnerability discovered in the Cipher-block Chaining (CBC) encryption algorithm in TLS. Well, I guess we will again get to see this mass migration from RC4 to an even stronger encryption protocol.
But RC4 itself has been infamous for its vulnerable nature. RC4 was developed in 1987 (quite old), and was used in WEP (Wired Equivalent Privacy) protocol for authentication and encryption. Its been long that we have given WEP the RIP status, but RC4 is continually being used by big names on the Internet.
Wi-Max !!!
WiMAX (Worldwide Inter-operability for Microwave Access) is a wireless digital communications system, also known as IEEE 802.16, that is intended for wireless "metropolitan area networks". WiMAX can provide broadband wireless access (BWA) up to 30 miles (50 km) for fixed stations, and 3 - 10 miles (5 - 15 km) for mobile stations ( WiFi/802.11 is limited 100 - 300 feet).
The name "WiMAX" was given by the WiMAX Forum, which was formed in June 2001 to promote conformity and interoperability of the standard. WiMAX operates on both licensed and non-licensed frequencies. WiMAX supports WiFi-like data rates, but the issue of interference is lessened. WiMAX is a second-generation protocol that allows for more efficient bandwidth use, interference avoidance, and is intended to allow higher data rates over longer distances.
Fixed WiMAX
WiMAX provides fixed, portable or mobile non-line-of sight service from a base station to a subscriber station, also known as customer premise equipment (CPE). Some goals for WiMAX include a radius of service coverage of 6 miles from a WiMAX base station for point-to-multipoint, non-line-of-sight service. This service should deliver approximately 40 Mbps for fixed and portable access applications. That WiMAX cell site should offer enough bandwidth to support hundreds of businesses with T1 speeds and thousands of residential customers with the equivalent of DSL services from one base station.
Mobile WiMAX
Mobile WiMAX takes the fixed wireless application a step further and enables cell phone-like applications on a much larger scale. For example, mobile WiMAX enables streaming video to be broadcast from a speeding police or other emergency vehicle at over 70 MPH. It potentially replaces cell phones and mobile data offerings from cell phone operators such as EvDo, EvDv and HSDPA.
A WiMAX tower, similar in concept to a cell-phone tower - A single WiMAX tower can provide coverage to a very large area -- as big as 3,000 square miles (~8,000 square km).A WiMAX tower station can connect directly to the Internet using a high-bandwidth, wired connection (for example, a T3 line). It can also connect to another WiMAX tower using a line-of-sight, microwave link. This connection to a second tower (often referred to as a backhaul), along with the ability of a single tower to cover up to 3,000 square miles, is what allows WiMAX to provide coverage to remote rural areas.
A WiMAX receiver - The receiver and antenna could be a small box or PCMCIA card, or they could be built into a laptop the way WiFi access is today.
It provides two types of wireles services:
There is the non-line-of-sight, WiFi sort of service, where a small antenna on your computer connects to the tower. In this mode, WiMAX uses a lower frequency range -- 2 GHz to 11 GHz (similar to WiFi).
There is line-of-sight service, where a fixed dish antenna points straight at the WiMAX tower from a rooftop or pole. The line-of-sight connection is stronger and more stable, so it's able to send a lot of data with fewer errors. Line-of-sight transmissions use higher frequencies, with ranges reaching a possible 66 GHz. At higher frequencies, there is less interference and lots more bandwidth.
The name "WiMAX" was given by the WiMAX Forum, which was formed in June 2001 to promote conformity and interoperability of the standard. WiMAX operates on both licensed and non-licensed frequencies. WiMAX supports WiFi-like data rates, but the issue of interference is lessened. WiMAX is a second-generation protocol that allows for more efficient bandwidth use, interference avoidance, and is intended to allow higher data rates over longer distances.
Fixed WiMAX
WiMAX provides fixed, portable or mobile non-line-of sight service from a base station to a subscriber station, also known as customer premise equipment (CPE). Some goals for WiMAX include a radius of service coverage of 6 miles from a WiMAX base station for point-to-multipoint, non-line-of-sight service. This service should deliver approximately 40 Mbps for fixed and portable access applications. That WiMAX cell site should offer enough bandwidth to support hundreds of businesses with T1 speeds and thousands of residential customers with the equivalent of DSL services from one base station.
Mobile WiMAX
Mobile WiMAX takes the fixed wireless application a step further and enables cell phone-like applications on a much larger scale. For example, mobile WiMAX enables streaming video to be broadcast from a speeding police or other emergency vehicle at over 70 MPH. It potentially replaces cell phones and mobile data offerings from cell phone operators such as EvDo, EvDv and HSDPA.
A WiMAX tower, similar in concept to a cell-phone tower - A single WiMAX tower can provide coverage to a very large area -- as big as 3,000 square miles (~8,000 square km).A WiMAX tower station can connect directly to the Internet using a high-bandwidth, wired connection (for example, a T3 line). It can also connect to another WiMAX tower using a line-of-sight, microwave link. This connection to a second tower (often referred to as a backhaul), along with the ability of a single tower to cover up to 3,000 square miles, is what allows WiMAX to provide coverage to remote rural areas.
A WiMAX receiver - The receiver and antenna could be a small box or PCMCIA card, or they could be built into a laptop the way WiFi access is today.
It provides two types of wireles services:
There is the non-line-of-sight, WiFi sort of service, where a small antenna on your computer connects to the tower. In this mode, WiMAX uses a lower frequency range -- 2 GHz to 11 GHz (similar to WiFi).
There is line-of-sight service, where a fixed dish antenna points straight at the WiMAX tower from a rooftop or pole. The line-of-sight connection is stronger and more stable, so it's able to send a lot of data with fewer errors. Line-of-sight transmissions use higher frequencies, with ranges reaching a possible 66 GHz. At higher frequencies, there is less interference and lots more bandwidth.
Tag :
WiMax
Why Area 0 in OSPF is a Backbone network?
In OSPF, if there are more than 1 areas have to be configured always make area 0 as a backbone network, because while designing networks it is a best practice to start with area 0 and then expand it into other areas.
The basic concept behind this idea is that all areas are physically connected to area 0 and area 0 resides at the center of all other areas. Whatever routing information is generated is transferred into area 0 by other areas and then area0 spreads that information into other areas.
If we are unable to connect any area physically to area 0 (which is mandatory) we need to configure a Virtual Link between that area and area 0 provided they both should have a common area which is physically connected to both the areas.
Ex: consider there are 3 areas in ospf( area 0, area 1 and area 2). area 0 and area 1 are physically connected to each other and area 2 is physically connected to area 1 but unable to connect to area 0 in this situation we can configure a Virtual Link betweeen area 0 and area 2.
But virtual link is completely depend upon physical link, so if physical link fails then virtual link also fails.
The basic concept behind this idea is that all areas are physically connected to area 0 and area 0 resides at the center of all other areas. Whatever routing information is generated is transferred into area 0 by other areas and then area0 spreads that information into other areas.
If we are unable to connect any area physically to area 0 (which is mandatory) we need to configure a Virtual Link between that area and area 0 provided they both should have a common area which is physically connected to both the areas.
Ex: consider there are 3 areas in ospf( area 0, area 1 and area 2). area 0 and area 1 are physically connected to each other and area 2 is physically connected to area 1 but unable to connect to area 0 in this situation we can configure a Virtual Link betweeen area 0 and area 2.
But virtual link is completely depend upon physical link, so if physical link fails then virtual link also fails.
Why UDP is connectionless?
1) TCP is reliable because it provides Acknowledgement. It establishes connection and sends packets in their arriving order.
2)UDP is unreliable because it doesn't provide Acknowledgement. Packets are sent over network without their arriving order, but data gram can be sent to many destinations at the same time.
It is connectionless because it doesn't establish connection and it is fast.
2)UDP is unreliable because it doesn't provide Acknowledgement. Packets are sent over network without their arriving order, but data gram can be sent to many destinations at the same time.
It is connectionless because it doesn't establish connection and it is fast.
Black Hole in Networking
BLACK HOLE is a term used for Router that goes gown (offline) and it is undetected by other routers in network.
Packets forwarded to router get dropped and never arrive at destination.
They are unable to generate destination unreachable message, so users are unaware of data lost.
Packets forwarded to router get dropped and never arrive at destination.
They are unable to generate destination unreachable message, so users are unaware of data lost.
