Showing posts with label General. Show all posts
Showing posts with label General. Show all posts

Wednesday, December 1, 2010

Things You Should Consider When Selecting a VoIP Provider

Things You Should Consider When Selecting a VoIP Provider


The following are very important factors to consider when you are selecting a VoIP provider. Educate yourself and be informed before you choose.

Monthly costs:
A VoIP provider can save you up to 75% on your telephone/long distance expenses. There are many VoIP providers out there so it will benefit you from shopping around. Unlimited calling packages can range from $19.95/month to as high as $54.95/month. Usually the lower priced providers have more customers and are able to offer the service at a lower price due to a lower overhead per subscriber.

VoIP Product Features:
Not all VoIP providers are created equal. VoIP offers a great value to the consumers because of the drastically reduced long distance costs as well as inexpensive local phone service with lots of enhanced features. Some providers offer more features than others. Features like Call Waiting, 3 Way Calling, etc. are usually included in the VoIP monthly cost where as the traditional phone companies will charge up to and above $5/month per feature. When shopping for a VoIP provider, be sure to compare VoIP providers by features as well as by monthly price.

Keeping Your Number:
Some providers allow you to transfer (port) your current phone number to the VoIP service and some providers do not. It is not recommended to switch your home number to the VoIP service immediately. It is recommended that you try out the service and see if you are satisfied before you request that your current number be switched. Keep in mind that if you have DSL service, you must retain a phone number with the service provider of the DSL because the DSL service is provided over that telephone line. If you want to get rid of your current phone company all together, then we suggest you use a Cable Internet Service Provider.

911 Service:
Most of the VoIP carriers offer E911 service, but not all. Be sure to check if the VoIP provider offers E911 because it is not a given. If the VoIP provider does not offer E911, then we suggest that you either have a cell phone or traditional landline to use in case of an emergency. (Note: It is also important to point out that if you take your VoIP phone when traveling, E911 has no way of knowing where you are when you call 911 if you are away from the registered address.)

International Calling:
If you make a lot of international calls, you will want to do a lot of research on International Rates as they vary by provider. There are a few carriers that offer unlimited calling to certain countries.

Money Back Guarantee:
Since VoIP is a relatively new product; most all VoIP providers will offer a free money back guarantee. Be sure to check with each provider as we have seen the money back guarantees range from a 14-day to a 30-day money back guarantee. (Note: Be sure to keep the original packaging that your equipment came in just in case you need to send it back)
This is only a short list. In fact, there are many things to consider when choosing a VoIP provider. An educated consumer generally results in a satisfied consumer.
Chris Landry is the foremost authority on residential and small business VoIP providers. Chris is the founder of http://www.VoIPChoices.com. Chris has prequalified several high-quality VoIP providers and compares them by price and features at www.VoIPChoices.com. Chris can be reach via email at Chris@VoIPChoices.com or via telephone at (888) NEED-VOIP.
 
 

http://cyber-rulerz.phpbb9.com

Posted by ALEEM at 9:31 PM 0 comments
Labels:

VOIP -->>A Basic, Basic Intro about VOIP!!!

 VOIP -->>A Basic, Basic Intro about VOIP!!!


 VOIP: A Basic, Basic Intro

What is it?

Most people are familiar w/ NetMeeting and other software that let you talk to others over the internet. VOIP is similar. However, it also uses your phone - the interface we're all familiar with.
Instead of connecting your phone to the wall, you connect it to a box either the VOIP company provides or you buy on your own. This is the modem. You need highspeed/broadband internet for this. Your modem plugs into your cable/dsl modem and now it can 'talk' btwn your phone and the internet.
Your phone lines already do pretty much what VOIP does, just w/ different/older technology (well, some of it's new w/ optics and such, but...).

How hard is it to setup?

It's actually very easy. Assuming you have the company send you a modem or you buy a kit at the store, you simply plug the modem btwn your current cable/dsl modem and your computer (e.g., the out from your cable modem now goes to the new box and the out from that to your computer). It also has a phone jack for your regular phone.
Once it is on, it will boot up and configure itself.

What are the benefits?

There are many benefits depending on the company you go w/, but here are a few I have (all of these are free w/ the monthly fee- $14.99 for my setup):
1. Features like caller id, call waiting, call waiting caller id, call forwarding, etc.
2. Voicemail
3. Email alerts for new voicemail.
4. Web access to voicemail - you can play your messages on your computer.
5. Auto-forward - if the phone is ever down or isn't answered, it's auto-routed to another number
6. Online management of all features, settings, account, etc.
7. Computer dialing - highlight any number on your computer, hit F6 and it sets up the call from your phone to theirs - very convinient!
8. Keep your regular phone (you don't need a voip phone)

There are some other cool features available for extra $ like the softphone which lets you use your computer as a phone w/o the modem - this means you can take your laptop w/ you wherever and you have your phone w/ the same phone number everywhere too (you can do this w/o the softphone, but you have to take your VOIP modem around w/ you - not bad if you're going somewhere for a longer trip).
Another really cool thing is the virtual phone numbers. You can get extra numbers that ring the same phone, but they are local numbers to any area code you want. So if I live in Dallas and have family in New York, I can get a local phone number here and there. That way my family in New York can call a local number (free) and talk to me! Vonage charges $4.99/month for that. I'm not sure about the others.

And the biggest benefit - IT'S CHEAP! I pay $14.99 plus some tax and such, but not the ump-teen taxes, charges, fees, etc. like the phone company charges.

Also, if you do a little research/reading, you can set it up to where every phone jack in your house is wired for VOIP. It's little more than plugging the output of your VOIP modem into the wall jack you already have. Very little more.

Bottom Line

You get lots of good, free features and options for doing/managing a lot more including a lot over the web and it's SO much cheaper (at least it is for me!). Being the 'average guy' I am, I don't really use all the features. Fortunately, it's pretty much a 'set it up and forget about it' type thing except that I save $40+/month w/ it!
I use Vonage b/c that's what I was told about first and it was one of the first. There are others and I'm sure they have their strengths, but Vonage has the cheapest base option at the time I did my research.
Bear Cahill is a software engineer in the Dallas, TX area and runs a few websites: The Armchair Geek (thearmchairgeek.com), Webpage Hosting Info (webpagehostinginfo.com), Go To College Online (gotocollegeonline.com) and The Video Exchange Community (videoexchange.org)

Posted by ALEEM at 9:26 PM 0 comments
Labels:

How VoIP Works -- Busting Out of Long Distance Rates

How VoIP Works -- Busting Out of Long Distance Rates

 VoIP is the newest advancement in audio communications technology, and has a variety of different applications that make it useful. VoIP stands for Voice over Internet Protocol, and how VoIP works is actually quite revolutionary because it streamlines the process of sending analog audio signals by converting them to a much easier to send digital form for transmission.
To understand how VoIP works, you'll need to understand the basic concept behind regular analog audio communication as well, since this is the precursor for VoIP. Analog phone calls are actually made via fiber optic networks by digitizing your voice communications for sending the signal across thousands of miles, but once it gets to the final destination (a home or office phone, for instance), the signal is once again converted to analog.
During these calls, the switches remain open even while there is dead air and no conversation is taking place; the circuit is also open in both directions even when only one party is talking and the other is listening. This isn't terribly efficient, and slows down the communication of information considerably.

Packet switching streamlines VoIP
VoIP works on a different premise -- rather than circuit switching, data packet switching sends and receives information only when you need it instead of in a constant stream. It also sends the information packets along whatever open channels are available rather than a dedicated line, which is much more efficient. The information is simply reassembled at the source.
The payload of each packet has a destination coded into it determining the ultimate destination. When the computer at the other end receives all of these packets, it will reassemble the information into useable form. This form of sending audio data is extremely efficient because it always takes the cheapest route that is also the least congested.
The compression of information and use of multiple routes in order to send that information over the most efficient route makes sending audio over packet switching quicker, much less expensive and more efficient. The number of calls that can be sent is orders of magnitude higher than it was with the more traditional analog circuit switching systems.
For companies, the savings in long distance charges can be in the hundreds or even thousands of dollars per year. If companies also make extensive conference calls, VoIP makes even more sense when combined with conferencing options such as document sharing in systems offered by companies like Voxwire and iVocalize.

Different types of VoIP calling are available
  • The most commonly used VoIP system is from one computer to another. To set up this type of service, you will need to have a sound card installed in both computers along with microphones and Internet connections. For practical purposes, you'll want a broadband connection or DSL -- a dial-up modem will be so slow the sound quality just won't be that good. Aside from that, all you need is a software package that can set you up with everything you need to use VoIP to make phone calls to whomever is also set up with the same system.
  • You can also invest in IP phones if you want something that looks just like your standard analog telephones but with VoIP connectability. These simply replace the old-style RJ-11 connectors with Ethernet connectors (RJ-45). Hardware such as routers and the needed software are built right in.
  • Analog telephone adaptors (ATA) enable you to connect a standard telephone to your computer Internet connection in order to take advantage of VoIP options. ATA converts analog signals to digital so that it can be transmitted properly via the Internet.
  • The newest option on the market is the Wi-Fi phone, which uses short-distance Internet transmission of VoIP to replace cell phones calls. Wi-Fi broadcasts over the radio spectrum to cover short range areas for users in certain areas, and these "hot spots" have popped up across the U.S.
The upshot of VoIP is that standard long-distance charges may soon become a thing of the past. As more and more consumers turn on to VoIP and broadband connections make it easy and inexpensive (as well as practical) to make phone calls over the Internet, fewer individuals will be willing to pay high rates to make a telephone call they can make for free or next to nothing via their computer.

VoIP saves you money on long distance

There's no by-the-minute charges with VoIP, no set-up fees, and no "time of day" or overages. That's the great thing about VoIP plans. You just pay a monthly fee and get to make all the calls you want over your computer for one monthly fee. It's so simple and elegant, and it's the solution that everyone's been wanting and waiting for far too long.
You don't have to wait for a certain time of day of day of the week to make telephone calls with VoIP. There's also the advantage of being able to use your VoIP connection from anywhere -- remember, you're not tied to a phone jack to use your number, but an Internet connection, so you can call from anywhere with many calling plans.
Some of the companies that offer excellent VoIP plans with unlimited calling are listed below with their most popular options:
  • Vonage currently offers a $24.95 per month unlimited VoIP package to anywhere in the U.S. or Canada. It includes voicemail, call forwarding, three way calling, call waiting and caller ID.
  • Packet 8 can provide unlimited VoIP for $19.95 a month in the U.S. and Canada with a variety of features like call waiting and three-way calling, and can also give you video phone service for about $29.95 per month.
  • AT&T's CallVantage provides the usual U.S. and Canada broadband calling with voicemail, call waiting, etc. along with email, a call log and a 'do not disturb' option, all for $29.99 a month. You also get to keep your phone number for life, no matter where you go -- a great feature for some who move around a lot.


VoIP in web conferencing packages

VoIP is used in almost all web conferencing services as an alternative to standard conference calls, and looking into these packages will give you an idea of some ways to combine VoIP with extras such as white boards, document sharing and video. For less expensive options, many companies can provide strictly audio VoIP conference calls combined with text messaging and document sharing without video.
Some companies that offer VoIP in web conferencing packages separate from video conferencing are:

  • Voxwire offers voice communication with features like auto-queue, mute options, individual speaker adjustments and moderator controls along with a "follow me" browser system so that all participants can view a shared desktop. Two persons can use VoIP for $9.95 a month, or up to ten in a conference environment for $29.95 per month.
  • VoiceCafé provides similar services with a wide range of options that vary from packages with VoIP capability for five people at a time on a conference call to up to 500 in one conference call, all for a flat monthly fee. The prices vary depending upon what package you choose, and there are several.
  • iVocalize offers VoIP along with Internet conferencing options like PowerPoint presentation capabilities and presentation recording for future playback. They also provide optional Unicode translation in thirteen languages. The most basic VoIP package begins at $10.00 a month with a prices going up incrementally depending upon your needs and how many will be involved in your conference calls.
It is obvious that conference calling as well as standard long distance calling will be changing greatly in the near future as VoIP changes the landscape of telephone service. "Land lines" for long distance calling will eventually become obsolete as broadband becomes more common and makes VoIP just as commonplace as any other type of telephone call.
And with the greater portability of soft phone options built into laptops and the use of ATA phone adapters, the use of VoIP in the average home will arrive sooner rather than later.
This article on the "How VoIP Works" reprinted with permission.
Copyright © 2004-2005 Evaluseek Publishing.

About the Author

Lucy P. Roberts is a successful freelance writer providing practical information and advice for consumers and businesses about everything related to audio conferencing services and VoIP providers. Her numerous articles include tips for saving both time and money; product reviews and reports; and other valuable insights for persons searching the Internet for information about the history of the telephone and related topics.

Posted by ALEEM at 9:23 PM 0 comments
Labels:

Friday, July 9, 2010

Facebook Users Warned of 'likejacking' Scam

Facebook Users Warned of 'likejacking' Scam

Sophos , the internet security firm has warned Facebook users to be on the alert for a scam ,which sends a spam message to all of their friends on the social network.Thousands of Facebook users have fallen for the scam which known as  'likejacking'. Many Facebook users had received a message such as "This man takes a picture of himself EVERYDAY for 8 YEARS!!" and were encouraged to click on a link.Clicking on the message will automatically publish the same link on the victims Facebook wall potentially allowing friends to click on it.


Sophos said clicking on the link takes a Facebook user to what appears to be a blank page with a 'Click here to continue' message. Sophos said clicking on the page publishes the original message on their own Facebook page with a 'like' notation and recommends it to all of their Facebook friends.
So beware Facebook users, don't click on suspicious links, even in your friends' profiles and News Feeds. Beware of any page that contains an invitation to "Click to continue."
Those who are already clicked such links remove any entries related to these links from locating your "Recent Activity" in your News Feed. Then click on the Info tab, and next to "Likes and Interests" click on "Edit". Click "Show Other Pages", and click "Remove Page" for each of the malicious links. Then click "Close" and "Save Changes".
Sophos warned last week about a Facebook scam designed to trick users into installing adware, a software package that automatically plays, displays or downloads advertisements to their computer.

Read more  here : Facebook Worm - “Likejacking”  : Sophos

Posted by ALEEM at 1:39 PM 0 comments
Labels:

Sunday, May 30, 2010

Easy Way to Send Big Files With "WeTransfer"

Easy Way to Send Big Files With "WeTransfer"
In recent days sending large files is not a cumbersome work.There are a lot of free services available in net.But email is not one of the way to transfer big files over the internet.WeTransfer is a new service which  offers a simple and easy way to send big files to anyone online.You can add multiple files like your videos, music, photo albums or documents up to 2 GB.It allows you to upload files via the browser and  you can  fill out up to 20 email addresses of the people you want to send the files

Features
  1. It is a  free service
  2. You can send large files up to 2 GB
  3. No registration needed
  4. Files & Emails data kept private
  5. Files available for 2 weeks
  6. Up to 20 receivers/transfer 
Your files are automatically scanned for viruses before they’re safely stored on their servers.When the transferring is finished  you’ll be send a confirmation notice to your email saying that your friend has been sent an email with a link to your file.
Check it out : WeTransfer

Posted by ALEEM at 10:24 AM 0 comments
Labels:

Unify All Your Communication Channels With VoxOx

Unify All Your Communication Channels With VoxOx

These days communication is getting complicated.Everyone use a lots of tools like instant messaging services , e-mails and social networks etc to stay in touch .Keeping track of all the different networks and media you use to keep in touch these days can be more time-consuming and cumbersome.Here is a free application called VoxOx, that provides access to a variety of communication services.It looks sleek and includes more features than most competitors like Digsby,Skype.

With  VoxOx ,you can use it to chat with your friends on Facebook,Twitter, Google Talk,YahooIM , SMS, and more. It  lets you to  make calls from PC to PC, as well as from PCs to landlines and mobile phones.The application comes with 2 hours of free calling time, and assigns you a VoxOx phone number.Placing calls is as easy as dialing a number, but voice quality will vary depending on the speed of your Internet connection and the quality of your headset. With your free VoxOx phone number , you can also fax. Just click the fax button, and choose the PDF or word document you want to send.

You can send  your photo albums, music files or large documents with a VoxOx download link. No more missed deliveries or crowded inboxes, and it’s super easy to include the link in an email, chat, text or IM.In this way it unifies most of the  communication channels - video, instant messaging ,file sharing and social networking,text, social media, e-mail, fax and content sharing.In nutshell  it is a one-stop shop for your communications .
Try Voxox   (http://www.voxox.com/home.php)

Posted by ALEEM at 10:18 AM 0 comments
Labels:

Friday, May 14, 2010

Common used Abbrevations in LAN

Common used Abbrevations in LAN


A
AGP
Accelerated Graphics Port
API
Application Program Interface
ARP
Address Resolution Protocol See RARP
ATA
AT Attachement Interface See IDE
ATAPI
AT Attachment Packet Interface
ATM
Asynchronous Transfer Mode

----------------------------------------------------------------------
C
CBT
Computer Based Training
CCIT
Consultative Committee for International Telegraph and Telephone See ITU
CITS
Combat Information Transfer System
CNE
Certified Novell Engineer
CPU
Central Processing Unit
CSMA
Carrier-Sense Multiple Access
CTS
Clear To Send

----------------------------------------------------------------------
D
DCE
Data Circuit Equipment (Modem)
DDP
Digital Data Processor
DHCP
Dynamic Host Configuration Protocol
DMA
Direct memory Access
DOS
Disk Operating System
DNS
Domain Name System
DSR
Data Set Ready
DTE
Data Terminal Equipment (Computer)
DTR
Data Terminal Ready

----------------------------------------------------------------------
E
EDO
Extended Data Output
EIDE
Enhanced Integrated Drive Electronics
EISA
Extended Industry Standard Architecture
ESD
ElectroStatic Discharge

----------------------------------------------------------------------
F
FAT
File Allocation Table
FDDI
Fiber Distributed Data Interface
FIFO
First In First Out
FSK
Frequency Shift Keying
FTP
File Transfer Protocol

----------------------------------------------------------------------
H
HTML
Hypertext Markup Language
HTTP
Hypertext Transfer Protocol

----------------------------------------------------------------------
I
IDE
Integrated Drive Electronics See also EIDE
IEEE
Institute of Electronic and Electrical Engineers
IIS
Internet Information Services
IP
Internet Protocol
ISA
Industry Standard Architecture
ITU
International Telecommunications Union. Formerly CCIT

----------------------------------------------------------------------
L
LAN
Local Area Network
LCD
Liquid Crystal Display
LED
Light Emitting Diode

----------------------------------------------------------------------
M
MAC
Media Access Control
MAN
Metropolitan Area Network
MBR
Master Boot Record
MCSE
Microsoft Certified Systems Engineer
MODEM
Modulator Demodulator
MS-DOS
Microsoft Disk Operating System

----------------------------------------------------------------------
N
NDIS
Network Driver Interface Specification
NDS
NetWare Directory Services
NIC Card
Network Interface Control Card
NIPRNET
None Secure IP Router Network
NT
New Technologies

----------------------------------------------------------------------
O
ODI
Open Data-Link Interface

----------------------------------------------------------------------
P
.PAB
Personal address book file
PCI
Peripheral Component Interconnect
PCMCIA
Personal Computer Memory Card International Association
PING
Packet Internet Groper
.PST
Outlook archive file

----------------------------------------------------------------------
R
RARP
Reverse Address Resolution Protocol. See also ARP
RIP
Routing Information Protocol

----------------------------------------------------------------------
S
SAP
Service Advertising Protocol
SCSI
Small Computer System Interface
SIPRNET
Secret IP Router Network
SMTP
Simple Mail Transfer Protocol
SNMP
Simple Network Management Protocol
STP
Shielded Twisted Pair

----------------------------------------------------------------------
T
TCP
Transmission Control Protocol
TCP/IP
See IP and TCP
TFTP
Trivial File Transfer Protocol

----------------------------------------------------------------------
U
UART
Universal Asynchronous Receiver/Transmitter
UDP
User Datagram Protocol
UPS
Uninterruptible Power Supply
UTP
Unshielded Twisted Pair

----------------------------------------------------------------------
W
WAN
Wide Area Network
WINS
Windows Internet Naming Service
WWW
World Wide Web

Posted by ALEEM at 5:05 AM 0 comments
Labels:

How to Connect Two Computers in Network

How to Connect Two Computers in Network


.How to connect two computers in Windows XP. This will let you share files and folders, printers, play network games, etc...
Steps
Connect the two computers together either with a Crossover cable or a Hub/Switch to the ethernet card in your computer.
Set the IP address on both computers. Goto Start > Control Panel > Network Connections (choose switch to classic view if you cannot see network connections)
Look for your Local Area Connection ethernet adapter, right-click and choose properties.
Select Internet Protocol TCP/IP and choose properties.
Setup the IP as 192.168.1.1 and the subnet mask of 255.255.255. 0 on the first computer and 192.168.1.2 on the second with the same subnet mask.
Choose OK then OK/close again.

Tips
To share your files, right click on any folder and choose Sharing to make them shared.
You can also do this with your printers to be able to print from one computer while the printer is connected to the other.

Things You'll Need
A Crossover cable. This a Cat5 Ethernet Cable that the wires have been switched around to allow two computer only to talk to each other
OR, you can purchase a switch/hub with two Standard "Straight-Through" Ethernet Cables
Check to see if your computer has an Ethernet Adapter in the back of the computer. Most new computers have this. You can tell by the documentation from the computer or by looking at the back of the computer. It looks like a phone jack, but larger..

Posted by ALEEM at 5:02 AM 0 comments
Labels:

List of Network Commands

List of Network Commands

These are the list of the IP commands.

To Open : type cmd in run dialog box, or command prompt from the accessories.

Display Connection Configuration: ipconfig /all
Display DNS Cache Info Configuration: ipconfig /displaydns
Clear DNS Cache: ipconfig /flushdns
Release All IP Address Connections: ipconfig /release
Renew All IP Address Connections: ipconfig /renew
Re-Register the DNS connections: ipconfig /registerdns
Display DHCP Class Information: ipconfig /showclassid
Change/Modify DHCP Class ID: ipconfig /setclassid
Network Connections: control netconnections
Network Setup Wizard: netsetup.cpl
Trace IP address Route: tracert
Displays the TCP/IP protocol sessions: netstat
Display Local Route: route
Display Resolved MAC Addresses: arp
Display Name of Computer Currently on: hostname

Posted by ALEEM at 5:00 AM 0 comments
Labels:
What is PING?

Ping is a computer network tool used to test whether a particular host is reachable across an IP network. Ping works by sending ICMP “echo request” packets ("Ping?") to the target host and listening for ICMP “echo response” replies (sometimes dubbed "Pong!" as an analog from the Ping Pong table tennis sport.) Using interval timing and response rate, ping estimates the round-trip time (generally in milliseconds although the unit is often omitted) and packet loss (if any) rate between hosts.

The word ping is also frequently used as a verb or noun, where it can refer directly to the round-trip time, the act of running a ping program or measuring the round-trip time.

Mike Muuss wrote the program in December, 1983, as a tool to troubleshoot odd behavior on an IP network. He named it after the pulses of sound made by a sonar, since its operation is analogous to active sonar in submarines, in which an operator issues a pulse of energy (a network packet) at the target, which then bounces from the target and is received by the operator. Later David L. Mills provided a backronym, "Packet INternet Grouper (Groper)", also by other people "Packed IN(ternet) Gopher", after the small rodents.

The usefulness of ping in assisting the "diagnosis" of Internet connectivity issues was impaired from late inp 2003, when a number of Internet Service Providers filtered out ICMP Type 8 (echo request) messages at their network boundaries. This was partly due to the increasing use of ping for target reconnaissance, for example by Internet worms such as Welchia that flood the Internet with ping requests in order to locate new hosts to infect. Not only did the availability of ping responses leak information to an attacker, it added to the overall load on networks, causing problems to routers across the Internet.

There are two schools of thought concerning ICMP on the public Internet: those who say it should be largely disabled to enable network 'stealth', and those who say it should be enabled to allow proper Internet diagnostics.

These two schools of thought merge when considering intranet/extranet networks within the same organization. An example would be an organization which maintains 'buffer' network(s) to shield said net from the raw internet, such a network is usually described as a DMZ (after the military designation 'demilitarized zone'). In such a scenario an organization would maintain both a network(s) that would allow ICMP packets to radiate within the internal (trusted network), and disallow ICMP (ping) packets in a separated network that would more often than not include raw internet facing systems

Posted by ALEEM at 4:53 AM 0 comments
Labels:

What is VPN?

What is VPN?

A virtual private network (VPN) is a private communications network often used within a company, or by several companies or organizations, to communicate confidentially over a publicly accessible network. VPN message traffic can be carried over a public networking infrastructure (e.g. the Internet) on top of standard protocols, or over a service provider's private network with a defined Service Level Agreement (SLA) between the VPN customer and the VPN service provider.

Authentication mechanism
VPN involves two parts: the protected or "inside" network, which provides physical and administrative security to protect the transmission; and a less trustworthy, "outside" network or segment (usually through the Internet). Generally, a firewall sits between a remote user's workstation or client and the host network or server. As the user's client establishes the communication with the firewall, the client may pass authentication data to an authentication service inside the perimeter. A known trusted person, sometimes only when using trusted devices, can be provided with appropriate security privileges to access resources not available to general users.

Many VPN client programs can be configured to require that all IP traffic must pass through the tunnel while the VPN is active, for better security. From the user's perspective, this means that while the VPN client is active, all access outside their employer's secure network must pass through the same firewall as would be the case while physically connected to the office ethernet. This reduces the risk that an attacker might gain access to the secured network by attacking the employee's laptop: to other computers on the employee's home network, or on the public internet, it is as though the machine running the VPN client simply does not exist. Such security is important because other computers local to the network on which the client computer is operating may be untrusted or partially trusted. Even with a home network that is protected from the outside internet by a firewall, people who share a home may be simultaneously working for different employers over their respective VPN connections from the shared home network. Each employer would therefore want to ensure their proprietary data is kept secure, even if another computer in the local network gets infected with malware. And if a travelling employee uses a VPN client from a Wi-Fi access point in a public place, such security is even more important. However, the use of IPX/SPX is one way users might still be able to access local resources.

Types of VPN :-

Secure VPNs use cryptographic tunneling protocols to provide the intended confidentiality (blocking snooping and thus Packet sniffing), sender authentication (blocking identity spoofing), and message integrity (blocking message alteration) to achieve privacy. When properly chosen, implemented, and used, such techniques can provide secure communications over unsecured networks. This has been the usually intended purpose for VPN for some years.

Because such choice, implementation, and use are not trivial, there are many insecure VPN schemes available on the market.

Secure VPN technologies may also be used to enhance security as a "security overlay" within dedicated networking infrastructures.

Secure VPN protocols include the following:

IPsec (IP security) - commonly used over IPv4, and an obligatory part of IPv6.
SSL used either for tunneling the entire network stack, as in the OpenVPN project, or for securing what is, essentially, a web proxy. Although the latter is often called a "SSL VPN" by VPN vendors, it is not really a fully-fledged VPN in the usual sense. (See also TUN/TAP.)
PPTP (point-to-point tunneling protocol), developed jointly by a number of companies, including Microsoft.
L2TP (Layer 2 Tunnelling Protocol), which includes work by both Microsoft and Cisco.
L2TPv3 (Layer 2 Tunnelling Protocol version 3), a new release.
VPN-Q The machine at the other end of a VPN could be a threat and a source of attack; this has no necessary connection with VPN designs and has been usually left to system adminstration efforts. There has been at least one attempt to address this issue in the context of VPNs. On Microsoft ISA Server, an applications called QSS (Quarantine Security Suite) is available.
Some large ISPs now offer "managed" VPN service for business customers who want the security and convenience of a VPN but prefer not to undertake administering a VPN server themselves. In addition to providing remote workers with secure access to their employer's internal network, other security and management services are sometimes included as part of the package. Examples include keeping anti-virus and anti-spyware programs updated on each client's computer.

Trusted VPNs do not use cryptographic tunneling, and instead rely on the security of a single provider's network to protect the traffic. In a sense, these are an elaboration of traditional network and system administration work.

Multi-protocol label switching (MPLS) is often used to build trusted VPN.
L2F (Layer 2 Forwarding), developed by Cisco, can also be used.
[edit]
Characteristics in application
A well-designed VPN can provide great benefits for an organization. It can:

Extend geographic connectivity.
Improve security where data lines have not been ciphered.
Reduce operational costs versus traditional WAN.
Reduce transit time and transportation costs for remote users.
Simplify network topology in certain scenarios.
Provide global networking opportunities.
Provide telecommuter support.
Provide broadband networking compatibility.
Provide faster ROI (return on investment) than traditional carrier leased/owned WAN lines.
Show a good economy of scale.
Scale well, when used with a public key infrastructure.
However, since VPNs extend the "mother network" by such an extent (almost every employee) and with such ease (no dedicated lines to rent/hire), there are certain security implications that must receive special attention:

Security on the client side must be tightened and enforced, lest security be lost at any of a multitude of machines and devices. This has been termed, Central Client Administration, and Security Policy Enforcement. It is common for a company to require that each employee wishing to use their VPN outside company offices (eg, from home) first install an approved firewall (often hardware). Some organizations with especially sensitive data, such as healthcare companies, even arrange for an employee's home to have two separate WAN connections: one for working on that employer's sensitive data and one for all other uses.
The scale of access to the target network may have to be limited.
Logging policies must be evaluated and in most cases revised.
A single breach or failure can result in the privacy and security of the network being compromised. In situations in which a company or individual has legal obligations to keep information confidential, there may be legal problems, even criminal ones, as a result. Two examples are the HIPPA regulations in the US with regard to health data, and the more general European Union data privacy regulations which apply to even marketing and billing information and extend to those who share that data elsewhere.

Tunneling
Tunneling is the transmission of data through a public network in such a way that routing nodes in the public network are unaware that the transmission is part of a private network. Tunneling is generally done by encapsulating the private network data and protocol information within the public network protocol data so that the tunneled data is not available to anyone examining the transmitted data frames. Tunneling allows the use of public networks (eg, the Internet), to carry data on behalf of users as though they had access to a 'private network', hence the name.
Port forwarding is one aspect of tunneling in particular circumstances.

VPN security dialogs
The most important part of a VPN solution is security. The very nature of VPNs — putting private data on public networks — raises concerns about potential threats to that data and the impact of data loss. A Virtual Private Network must address all types of security threats by providing security services in the areas of:
Authentication (access control) - Authentication is the process of ensuring that a user or system is who the user claims to be. There are many types of authentication mechanisms, but they all use one or more of the following approaches:
something you know (eg, a login name, a password, a PIN),
something you have (eg, a computer readable token (eg, a Smartcard), a card key),
something you are (eg, fingerprint, retinal pattern, iris pattern, hand configuration, etc).
What is generally regarded as weak authentication makes use of one of these components, usually a login name/password sequence. Strong authentication is usually taken to combine at least two authentication components from different areas (i.e., two-factor authentication). But note that use of weak and strong in this context can be misleading. A stolen SmartCard and a shoulder-surfed login name / PIN sequence is not hard to achieve and will pass a strong authentication two-factor text handily. More seriously, stolen or lost security data (eg, on a backup tape, a laptop, or stolen by an employee) dangerously furthers many such attacks on most authentication schemes. There is no fully adequate technique for the authentication problem, including biometric ones.

Posted by ALEEM at 4:52 AM 0 comments
Labels:

What is DHCP?

What is DHCP?

DHCP (Dynamic Host Configuration Protocol) is a protocol that lets network administrators manage centrally and automate the assignment of IP (Internet Protocol) configurations on a computer network. When using the Internet's set of protocols (TCP/IP), in order for a computer system to communicate to another computer system it needs a unique IP address. Without DHCP, the IP address must be entered manually at each computer system. DHCP lets a network administrator supervise and distribute IP addresses from a central point. The purpose of DHCP is to provide the automatic (dynamic) allocation of IP client configurations for a specific time period (called a lease period) and to eliminate the work necessary to administer a large IP network.

Who Created DHCP?
DHCP was created by the Dynamic Host Configuration Working Group of the Internet Engineering Task Force (IETF: a volunteer organization which defines protocols for use on the Internet). As such, its definition is recorded in an Internet RFC (standard) and the Internet Activities Board (IAB) is asserting its status as to Internet Standardization.

Why Is DHCP Important?
When connected to a network, every computer must be assigned a unique address. However, when adding a machine to a network, the assignment and configuration of network (IP) addresses has required human action. The computer user had to request an address, and then the administrator would manually configure the machine. Mistakes in the configuration process are easy for novices to make, and can cause difficulties for both the administrator making the error as well as neighbors on the network. Also, when mobile computer users travel between sites, they have had to relive this process for each different site from which they connected to a network. In order to simplify the process of adding machines to a network and assigning unique IP addresses manually, there is a need to automate the task.
The introduction of DHCP alleviated the problems associated with manually assigning TCP/IP client addresses. Network administrators have quickly appreciated the importance, flexibility and ease-of-use offered in DHCP.

How Does DHCP Work?
When a client needs to start up TCP/IP operations, it broadcasts a request for address information. The DHCP server receives the request, assigns a new address for a specific time period (called a lease period) and sends it to the client together with the other required configuration information. This information is acknowledged by the client, and used to set up its configuration. The DHCP server will not reallocate the address during the lease period and will attempt to return the same address every time the client requests an address. The client may extend its lease with subsequent requests, and may send a message to the server before the lease expires telling it that it no longer needs the address so it can be released and assigned to another client on the network.

What Advantages Does DHCP Have Over Manual Configuration Methods?
The use of DHCP is highly recommended and there are a number of obvious reasons why you should use it. As mentioned before, there are two ways you can configure client addresses on a computer network, either manually or automatically. Manual configuration requires the careful input of a unique IP address, subnet mask, default router address and a Domain Name Server address. In an ideal world, manually assigning client addresses should be relatively straight forward and error free. Unfortunately, we do not live in an ideal world; computers are frequently moved and new systems get added to a network. Also if a major network resource, such as a router (which interconnects networks) changes network addresses, this could mean changing EVERY system's configuration. For a network administrator this process can be time consuming, tedious and error prone. Problems can occur when manually setting up your client machines, so if you have the option to set-up your client machines automatically, please do, as it will save you time and a lot of headaches.
DHCP has several major advantages over manual configurations. Each computer gets its configuration from a "pool" of available numbers automatically for a specific time period (called a leasing period), meaning no wasted numbers. When a computer has finished with the address, it is released for another computer to use. Configuration information can be administered from a single point. Major network resource changes (e.g. a router changing address), requires only the DHCP server be updated with the new information, rather than every system.

Can DHCP Provide Support For Mobile Users?
Yes. The benefits of dynamic addressing are especially helpful in mobile computing environments where users frequently change locations. Mobile users simply plug-in their laptop to the network, and receive their required configuration automatically. When moving to a different network using a DHCP server, then the configuration will be supplied by that network's server. No manual reconfiguration is required at all.


Are DHCP Servers Easy To Set-up And Administer?
DHCP Servers offer completely centralized management of all TCP/IP client configurations, including IP address, gateway address and DNS address. DHCP servers are easy to administer and can be set-up in just a few minutes. Client addresses are assigned automatically unlike static set-up which requires the manual input of client addresses which can be a time consuming and tedious task.


Are There Any Limitations That I Should Be Aware Of?
Some machines on your network need to be at fixed addresses, for example servers and routers. The DHCP server you choose should be capable of assigning pre-allocated addresses to these specific machines.
You need to be able to assign a machine to run the DHCP server continually as it must be available at all times when clients need IP access.
To avoid conflicts between addresses assigned by the DHCP server and those assigned manually, users should be discouraged, or preferably prevented, from reconfiguring their own IP addresses.
Some older operating systems do not support DHCP. If you have such systems you may be able to upgrade them. If this is not possible they may support the older BOOTP protocol, and a DHCP server can be chosen that will support this option.
For peace of mind, it is a good idea to decide what is important to you, which of the available DHCP servers is best suited to meet your specific requirements and always get a second opinion.


What's The Bottom Line?
Assigning client addresses automatically is by far the easiest option of the two. To set-up clients to receive their address information automatically all you need to do is to set your TCP/IP control panels to receive automatically. The DHCP server then assigns the required client address information.
If you intend to set up your client computers manually, make sure that the assigned IP address is in the same range of your default router address and that it is unique to your private network. However we would highly recommend that if you have a network of computers and the option to assign your TCP/IP client configurations automatically, please do. An IP address allocation scheme will reduce the time it takes to set-up client computers and eliminate the possibilities of administrative errors..

Posted by ALEEM at 4:51 AM 0 comments
Labels:

What is NAT?

What is NAT?

In computer networking, the process of network address translation (NAT, also known as network masquerading or IP-masquerading) involves re-writing the source and/or destination addresses of IP packets as they pass through a router or firewall. Most systems using NAT do so in order to enable multiple hosts on a private network to access the Internet using a single public IP address (see gateway). According to specifications, routers should not act in this way, but many network administrators find NAT a convenient technique and use it widely. Nonetheless, NAT can introduce complications in communication between hosts.
NAT first became popular as a way to deal with the IPv4 address shortage and to avoid the difficulty of reserving IP addresses. Use of NAT has proven particularly popular in countries other than the United States, which (for historical reasons) have fewer address-blocks allocated per capita. It has become a standard feature in routers for home and small-office Internet connections, where the price of extra IP addresses would often outweigh the benefits.

In a typical configuration, a local network uses one of the designated "private" IP address subnets (the RFC 1918 Private Network Addresses are 192.168.x.x, 172.16.x.x through 172.31.x.x, and 10.x.x.x), and a router on that network has a private address (such as 192.168.0.1) in that address space. The router is also connected to the Internet with a single "public" address (known as "overloaded" NAT) or multiple "public" addresses assigned by an ISP. As traffic passes from the local network to the Internet, the source address in each packet is translated on the fly from the private addresses to the public address(es). The router tracks basic data about each active connection (particularly the destination address and port). When a reply returns to the router, it uses the connection tracking data it stored during the outbound phase to determine where on the internal network to forward the reply; the TCP or UDP client port numbers are used to demultiplex the packets in the case of overloaded NAT, or IP address and port number when multiple public addresses are available, on packet return. To a system on the Internet, the router itself appears to be the source/destination for this traffic.

The wide adoption of IPv6 would make NAT unuseful as a method of handling the shortage of IPv4 address space. However, migration to IPv6 is proving difficult.

Drawbacks
Hosts behind a NAT-enabled router do not have true end-to-end connectivity and cannot participate in some Internet protocols. Services that require the initiation of TCP connections from the outside network, or stateless protocols such as those using UDP, can be disrupted. Unless the NAT router makes a specific effort to support such protocols, incoming packets cannot reach their destination. Some protocols can accommodate one instance of NAT between participating hosts ("passive mode" FTP, for example), sometimes with the assistance of an Application Layer Gateway (see below), but fail when both systems are separated from the internet by NAT. Use of NAT also complicates security protocols such as IPsec.

End-to-end connectivity has been a core principle of the Internet, supported for example by the Internet Architecture Board. Some people thus regard NAT as a detriment to the Public Internet. Some internet service providers (ISPs) only provide their customers with "local" IP addresses. Thus, these customers must access services external to the ISP's network through NAT. As a result, some may argue that such companies do not properly provide "Internet" service.

Depending on one's point of view, another drawback of NAT is that it greatly slowed the acceptance of IPv6, relegating it to research networks and limited public use.

Benefits
In addition to the convenience and low cost of NAT, the lack of full bidirectional connectivity can be regarded in some situations as a "feature", rather than a "limitation". To the extent that NAT depends on a machine on the local network to initiate any connection to hosts on the other side of the router, it prevents malicious activity initiated by outside hosts from reaching those local hosts. This can enhance the reliability of local systems by stopping worms and enhance privacy by discouraging scans. Many NAT-enabled firewalls use this as the core of the protection they provide.

The greatest benefit of NAT is that it is a practical solution to the impending exhaustion of IPv4 address space. Networks that previously required a Class B IP range or a block of Class C network addresses can now be connected to the Internet with as little as a single IP address (many home networks are set up this way). The more common arrangement is having machines that require true bidirectional and unfettered connectivity supplied with a 'real' IP addresses, while having machines that do not provide services to outside users (e.g. a secretary's computer) tucked away behind NAT with only a few IP addresses used to enable Internet access.

Basic NAT vs port number translation
Two kinds of network address translation exist. The type often popularly called simply "NAT" (also sometimes named "Network Address Port Translation" or "NAPT" or even PAT) refers to network address translation involving the mapping of port numbers, allowing multiple machines to share a single IP address. The other, technically simpler, form - also called NAT or "one-to-one NAT" or "basic NAT" or "static NAT" - involves only address translation, not port mapping. This requires an external IP address for each simultaneous connection. Broadband routers often use this feature, sometimes labelled "DMZ host", to allow a designated computer to accept all external connections even when the router itself uses the only available external IP address.

NAT with port-translation comes in two sub-types: source address translation (source NAT), which re-writes the IP address of the computer which initiated the connection; and its counterpart, destination address translation (destination NAT). In practice, both are usually used together in coordination for two-way communication.

Applications affected by NAT
Some higher-layer protocols (such as FTP and SIP) send network layer address information inside application payloads. FTP in active mode, for example, uses separate connections for control traffic (commands) and for data traffic (file contents). When requesting a file transfer, the host making the request identifies the corresponding data connection by its layer 3 and layer 4 addresses. If the host making the request lies behind a simple NAT firewall, the translation of the IP address and/or TCP port number makes the information received by the server invalid.
An Application Layer Gateway (ALG) can fix this problem. An ALG software module running on a NAT firewall device updates any payload data made invalid by address translation. ALGs obviously need to understand the higher-layer protocol that they need to fix, and so each protocol with this problem requires a separate ALG.

Another possible solution to this problem is to use NAT traversal techniques using protocols such as STUN or ICE or proprietary approaches in a session border controller. NAT traversal is possible in both TCP- and UDP-based applications, but the UDP-based technique is simpler, more widely understood, and more compatible with legacy NATs. In either case, the high level protocol must be designed with NAT traversal in mind, and it does not work reliably across symmetric NATs or other poorly-behaved legacy NATs.

Yet another possibility is UPnP (Universal Plug and Play) or Bonjour but this requires the cooperation of the NAT device.
Most traditional client-server protocols (FTP being the main exception), however, do not send layer 3 contact information and therefore do not require any special treatment by NATs. In fact, avoiding NAT complications is practically a requirement when designing new higher-layer protocols today.

NATs can also cause problems where IPsec encryption is applied and in cases where multiple devices such as SIP phones are located behind a NAT. Phones which encrypt their signalling with IPsec encapsulate the port information within the IPsec packet meaning that NA(P)T devices cannot access and translate the port. In these cases the NA(P)T devices revert to simple NAT operation. This means that all traffic returning to the NAT will be mapped onto one client causing the service to fail. There are a couple of solutions to this problem, one is to use TLS which operates at level 4 in the OSI Reference Model and therefore does not mask the port number, or to Encapsulate the IPsec within UDP - the latter being the solution chosen by TISPAN to achieve secure NAT traversal..

Posted by ALEEM at 4:50 AM 1 comments
Labels:

What is a Local Area Network?

What is a Local Area Network?

If you're curious about networking, this primer will provide an introduction to Local Area Networks. For a discussion of network terminology, see Network Introduction.

A Local Area Network (LAN) is a high-speed communications system designed to link computers and other data processing devices together within a small geographic area, such as a workgroup, department, or building. Several LANs can also be interconnected within a campus of buildings to extend connectivity (also called a Wide Area Network or WAN). This allows users to electronically share vital computing resources, such as expensive hardware (e.g. printers and CD-ROM drives), application programs, and information.

Local Area Networks implement shared access technology. This means that all of the devices attached to the LAN share a single communications medium, usually a coaxial, twisted-pair, or fiber-optic cable.

A physical connection to the network is made by putting a network interface card (NIC) inside the computer and connecting it to the network cable. Once the physical connection is in place, the network software manages communications between stations on the network.

To send messages to and from computers, the network software puts the message information in a packet. (If the message to be sent is too big to fit into one packet, it will be sent in a series of packets.) In addition to the message data, the packet contains a header and a trailer that carry special information to the destination. One piece of information in the header is the address of the destination.

The NIC transmits the packet onto the LAN as a stream of data represented by changes in electrical signals. As it travels along the shared cable, each NIC checks its destination address to determine if the packet is addressed to it. When the packet arrives at the proper address, the NIC copies it and gives its data to the computer. Since each individual packet is small, it takes very little time to travel to the ends of the cable. After a packet carrying one message passes along the cable, another station can send its packet. In this way, many devices can share the same LAN medium.

Each LAN has its own unique topology, or geometric arrangement. There are three basic topologies: bus, ring, and star. Most LANs are a combination of these arrangements.

In a bus topology all of the devices are connected to a central cable or backbone.

In a ring topology the devices are connected in a closed loop so that each device is connected to two others, one on either side. This kind of topology is robust; that is, one device's failure will probably not cause total network failure.

In a star topology the devices are all connected to a central hub, which forwards data towards its final destination. The NCI-Frederick LAN infrastructure is standardized on the star topology. If the data's destination is within the local star segment, the hub will forward data directly to the destination device; if the data's destination is outside the local star segment, the hub forwards the data to a router.

Depending on the topology and media that are used, as well as the protocols (formats for transmitting data) that are implemented, a LAN can permit data transfer rates of up to 100 Million bps.

Posted by ALEEM at 4:48 AM 1 comments
Labels:

What is an IP Address?

What is an IP Address?

.IP Address:

Definition 1: Every machine that is on a network (a local network, or the network of the Internet) has a unique IP number [four sets of numbers divided by period with up to three numbers in each set. (Ie 64.139.27.165)] - If a machine does not have an IP address it cannot be on a network. Most machines also have one or more Domain Names that are easier for people to remember.

Definition 2:
An identifier for a computer or device on a TCP/IP network. Networks using the TCP/IP protocol route messages based on the IP address of the destination. The format of an IP address is a 32-bit numeric address written as four numbers separated by periods. Each number can be zero to 255. For example, 1.160.10.240 could be an IP address.


Within an isolated network, you can assign IP addresses at random as long as each one is unique. However, connecting a private network to the Internet requires using registered IP addresses (called Internet addresses) to avoid duplicates.

The four numbers in an IP address are used in different ways to identify a particular network and a host on that network. Four regional Internet registries -- ARIN, RIPE NCC, LACNIC and APNIC -- assign Internet addresses from the following three classes.


•Class A - supports 16 million hosts on each of 126 networks

•Class B - supports 65,000 hosts on each of 16,000 networks

•Class C - supports 254 hosts on each of 2 million networks

Definition 3:
Every machine on the Internet has a unique identifying number, called an IP Address. A typical IP address looks like this:

•216.27.61.137

To make it easier for us humans to remember, IP addresses are normally expressed in decimal format as a "dotted decimal number" like the one above. But computers communicate in binary form. Look at the same IP address in binary:

•11011000.00011011.00111101.10001001

The four numbers in an IP address are called octets, because they each have eight positions when viewed in binary form. If you add all the positions together, you get 32, which is why IP addresses are considered 32-bit numbers. Since each of the eight positions can have two different states (1 or 0) the total number of possible combinations per octet is 28 or 256. So each octet can contain any value between 0 and 255. Combine the four octets and you get 232 or a possible 4,294,967,296 unique values!.

Posted by ALEEM at 4:46 AM 0 comments
Labels:
Subscribe to: Posts (Atom)