Saturday, October 23, 2010

Bird..!

Very recently I spotted a bird in our garden and though to capture few frames of the scene since that was the first time I spotted a bird in that nature. I don't know the name or anything but will try to find some information and post it here.







Different types of Wireless Networks and comparison of WLAN, WWAN and WMAN standards.

Wireless networks types can be noted as in two different kinds, one is wireless network by types connection and the other one is wireless networks by the geographical area of coverage. I have described the types of network by the connection below for the purpose of this assessment question.

  • Peer to peer network – This network allows wireless devices to directly communicate with the other devices. No intermediately devices are place to control or transmit wireless signals between devices. Mostly commonly two or many laptop intercommunicate with each other via wireless technology can be considered as peer to peer network.
  • Extension to a wired network – Extension point added to the wired network which act as a wireless relays.

  • Multiple access points – Multiple access points are attached to a wired network by the means of extending LAN with wireless. These networks communicate with wired network as well as wireless access points to fulfill corporate communication requirement.
  • LAN to LAN wireless network – This allows two wireless access points to interconnect two LAN segments via wireless communication. For instance, this will help to extend the corporate communication between two buildings of same organization via wireless technology.










Thursday, October 21, 2010

Key steps in conducting forensic investigations.

Before proceeding with the investigation, forensic investigation team must be well prepared and equipped with necessary prerequisite facilities. Below indicated steps define the steps that the forensic team should adapt to, although the steps are not limited to this.

I. Policy and Procedure development.

Developing proper procedures and policies will give a clear guidance of functional and operational behavior of the forensic unit, and the mission statement that will keep the unit focus on their existence.

· Software licensing – Purchase required softwares and licenses for the forensics unit

· Training – Forensic team requires specialized training for the investigation.

· Resource allocation – Funds and resource allocation

II. Evidence assessment

Forensic investigator must determine the actions to be taken after considering the evidence assessment against the scope of the case.

· Case assessment – Determine whether you need to sought additional evidences such as finger print, DNA analysis, etc.

· Processing location assessment – Identifying the place of the investigation ( In lab environment or onsite)

· Legal considerations - What is the extend of authority to search.

III. Evidence acquisition

Digital evidence has the tendency of getting destroyed, damaged or altered due to its sensitivity, thus protecting and handling them during the entire process is very critical.

· Imaging – Extract the evidence data by fixing the storage device to a forensically cleaned system.

· Write protection – Perform MD5 (Message Digest 5) or CRC (Cyclic Redundancy Check) before and after examination of evidence to determine if the evidence is being tampered during the examination process.

IV. Evidence examination

This process will defer according to the case that the investigator is working on, method, tools to be used and methodology of the investigation. Examination should not perform on original evidence.

· Preparation – Create a unique folder on a separate system to extract evidence data

· Extraction

i. Physical – Extract /recover data of the full physical drive

ii. Logical – Extract and recover data based on operating system, file stucture.ect

iii. Analysis of data – This is the method of matching the relevance of the evidence data to the case that is being examined.

V. Documenting and reporting

All the incidences have to be documented with the timelines of the occurrence from the beginning to the closure of the case and each and every supporting document should be filed accordingly. Final report has to be produced to the case if needed or only to the relevant authority.


Wednesday, October 20, 2010

How to implement Wireless VoIP

Comparatively wireless VoIP is slower than VoIP in wired network. Thus deployment of wireless VoIP needs to consider the real need of wireless VoIP to the corporate network. It is not the point to implement the latest technology but to implement the best system which serves the purpose of the corporate network. Below mentions are basic guidelines for wireless VoIP deployment and this can greatly vary according to the organizational requirements.

1. Make sure the network can handle VoIP.

When moving from wired communication channels to wireless communication channels it is vital to check whether current organizational structure is capable of handling the wireless VoIP requirement adequately and provide the level of expected results. Since data and voice are going to be transmitted through shared medium if the corporate network is also a wireless LAN. Even with the wired data network voice transmission required to be prioritized due to its real time requirement.

Determining the network's readiness for VoIP is essential. A readiness assessment to establish the baseline capabilities of the network will help determine which areas of the overall system need to be fine-tuned or upgraded to support the streaming media requirements of VoIP.

2. Keep the deployment simple.

Deployment of wireless VoIP should take place in parallel or pilot deployment due to the fact that if anything got backfired in the corporate network, it is easy to rectify and resolve without having to shutdown the whole communication lines. This pilot deployment helps to measure the pros and cons of the wireless VoIP implementation and take necessary actions in due places.

3. Create network service maps and update service-level agreements.

During pre-deployment, network administrators should create maps of the network and define service-level agreements with internal departments and external clients. With a proper inventory of the network in the form of a service map, administrators will be able to pinpoint potential bottlenecks and areas of the network that need to be upgraded or extended to support the additional traffic.

Setting requirements in advance is essential, because appropriate expectations and regular feedback between business owners, technology departments and end-users will result in a more successful VoIP experience. Define the policies for ongoing monitoring, performance measurement and management of the network and the VoIP system. Typical SLA metrics include network uptime, application availability, and network and application response time. The data gathered is used to measure pertinent service delivery aspects, such as delay, jitter and uptime, and report confirmation that all requirements and expectations are being met.

4. Consider QoE.

Quality of experience (QoE) is a way to understand the user's perception of the quality of the VoIP telephone systems which can give a correct feedback of the systems that you have implemented. QoE will help measure the success of the wireless VoIP deployment from the end users level.

5. Review, reassess and repeat.

Networks are not static, so implementing an ongoing monitoring process is important. Any change to the infrastructure or usage patterns has an impact to everything on the network. Bringing servers on and offline, upgrading hardware or virtualizing portions of the environment can impact VoIP services.

Continuous monitoring and measurement of IT operations and service-level reporting will provide needed information to quickly resolve network outages and system issues. This technical and business intelligence analysis supports service improvement plans that will sustain the VoIP implementation and make sure end-users do not experience call degradation issues.

Much of the management of the VoIP system and applications can be automated to allow network assessment and monitoring to be repeated consistently to maintain appropriate baselines. Baselines enable administrators to monitor performance and availability, as well as prevent, diagnose and resolve problems.

Wireless Protocols

These are few wireless protocols in use.

Name of the Protocol

Description

WAP (Wireless Application Protocol)

This is an application communication protocol inherited from internet which is used by handheld devices, mobile phones, pagers and two way radios, smart phones, etc. WAP is supported by operating systems such as PalmOS, EPOC, Windows CE, FLEXOS, OS/9, and JavaOS. This protocol is capable of working with wireless networks such as CDPD, CDMA, GSM, PDC and TDM

TKIP (Temporal Key Integrity protocol)

This is a short term fix introduced to WAP which comes as a simple software/firmware upgrade. TKIP identifies all of the WAP weaknesses. This increase the IV (Initialization Vector) to 48 bits and first 4 bits indicate QoS traffic class while remaining 44 bits are used as a counter. TKIP generate new secret keys dynamically and use original secret key as a base.

SWAP (Shared Wireless Access Protocol)

This is developed by HomeRF Working Group for wireless voice and data networking for home environment. SWAP supports TDMA for interactive data transfer and CSMA / CA for high speed packet transfer.

EAP (Extensible Authentication Protocol)

EAP supports multiple authentication methods such as, token cards, smart cards, Kerberos, one time passwords, certificates and public key authentication. There are two EAP variations,

· LEAP (Lightweight Extensible Authentication Protocol) –

This is a proprietary protocol of Cisco which use dynamic Wired Equivalent Privacy (WEP) key that are changed with more frequent authentication between RADIUS server and clients. LEAP intends to provide secure authentication for 802.11 WLAN which supports 802.1x port access control.

· PEAP (Protected EAP) –

This is base on the Internet Draft (I-D) submitted by Cisco, Microsoft and RSA security to IETF. This relies on TLS to allow nonencrypted authentication types and encrypt all user sensitive authentication information.

LDAP (Lightweight Directory Access Protocols)

This is built on X.500 Directory services model and communication has two elements such as client-server and server-server. Few common LDAP server are, IBM DS Series LDAP Directory (AIX), Netscape Directory Server and OpenLDAP server (Linux), etc.

WRAP (Wireless Robust Authentication Protocol)

This is an encryption protocol standard for 802.11i and based on Offset Codebook (OCB) mode of AES. (EC Council)

HDTP (Handheld Device Transport Protocol)

This protocol is optimized for handheld devices and low performance networks and provide security features like, authentication, privacy and integration, counteracting playback attacks, etc. (EC Council)