Sunday, 26 August 2007

Guide to web analytics

When collecting data tracking or metrics web analyst should always ask themselves what actions they will take based on knowing this information? If the answer is none, then the data is not worth tracking or collecting.

Saturday, 25 August 2007

Euroffice is the UK's leading online office supplier

Euroffice is the UK's leading online office supplier. Euroffice sells more office products to more companies than any other online company in the UK.

Friday, 11 May 2007

Be careful people this guy is using hijacked account

This user http://forums.digitalpoint.com/member.php?u=46957 has hijacked my account at digitalpoint.com...so Be careful people.

Sunday, 15 April 2007

Quiz Program using Java

// Created by Husam Jalal

import javax.swing.JOptionPane;
public class QuizProgram
{
public static void main( String args[] )
{
String firstQuestion, //first string entered by user as answer
secondQuestion,//
thiredQuestion,
fourthQuestion,
fifthQuestion,
sixthQuestion;

int answer1,//answer question 1 by user
answer2,// answer question 2 by user
answer3,//answer question 3 by user
answer4, //answer question 4 by user
answer5,// answer question 5 by user
answer6;//answer question 6 by user
JOptionPane.showMessageDialog(null,"<<<<<<<<<<<<<<<<<<<<*>*<*>>>>>>>>>>>>>>>>>>>>>\nYou will be asked SIX questions,\nif you answer the first one you will be offered anther.\nIf you don't know the answer\nand you want to skip to the other question\nSIMPLY TYPE 0\ngood luck to you and lets begin\n<<<<<<<<<<<<<<<<<<<<<<*>>>>>>>>>>>>>>>>>>>>>>>","QUIZZES",JOptionPane.QUESTION_MESSAGE);

do{
firstQuestion=JOptionPane.showInputDialog(null,"How many oceans are they in world?\nTo skip this question enter 0","QUESTION 1",JOptionPane.QUESTION_MESSAGE );//string 1 entered by user

answer1 =Integer.parseInt( firstQuestion ); // convert numbers from type String to type int

if(answer1==0) // if the user entered 0 will skip the question. the user doesn't know the answer
break;

if(answer1==4) //if answer is 4 it is correct, show thw message in the next line

JOptionPane.showMessageDialog(null,"The answer is correct, go to the next Question","WEEL DONE",JOptionPane.PLAIN_MESSAGE);

else // if the answer is wrong offer the question anther time till you get the answer

JOptionPane.showMessageDialog(null,"your answer is wrong you should try again","SORRY WRONG ANSWER",JOptionPane.WARNING_MESSAGE);

}while(answer1!=4); //if the answer is correct go to the next question

do{
secondQuestion=JOptionPane.showInputDialog(null, " How many stats in USA?\nTo skip this question enter 0 ","QUESTION 2",JOptionPane.QUESTION_MESSAGE);

answer2 =Integer.parseInt( secondQuestion ); // convert numbers from type String to type int

if(answer2==0)
break;

if(answer2==50) //if answer is 50 it is correct, show thw message in the next line

JOptionPane.showMessageDialog(null,"your answer is correct go to the next Question","WEEL DONE",JOptionPane.PLAIN_MESSAGE);

else

JOptionPane.showMessageDialog(null,"your answer is wrong you should try again","SORRY WRONG ANSWER",JOptionPane.WARNING_MESSAGE);
}while(answer2!=50);

do{
thiredQuestion=JOptionPane.showInputDialog(null, " How many countries in Europe?\nTo skip this question enter 0 ","QUESTION 3",JOptionPane.QUESTION_MESSAGE);

answer3 =Integer.parseInt( thiredQuestion ); // convert numbers from type String to type int

if(answer3==0)
break;

if(answer3==12) //if answer is 12 it is correct, show thw message in the next line

JOptionPane.showMessageDialog(null,"your answer is correct go to the next Question","WEEL DONE",JOptionPane.PLAIN_MESSAGE);

else
JOptionPane.showMessageDialog(null,"your answer is wrong you should try again","SORRY WRONG ANSWER",JOptionPane.WARNING_MESSAGE);

}while(answer3!=12);

do{
fourthQuestion=JOptionPane.showInputDialog(null, "How many continents in the world?\nTo skip this question enter 0","QUESTION 4",JOptionPane.QUESTION_MESSAGE);

answer4 =Integer.parseInt( fourthQuestion ); // convert numbers from type String to type int

if(answer4==0)
break;

if(answer4==6) //if answer is 6 it is correct, show the message in the next line

JOptionPane.showMessageDialog(null,"your answer is correct go to the next Question","WEEL DONE",JOptionPane.PLAIN_MESSAGE);

else
JOptionPane.showMessageDialog(null,"your answer is wrong you should try again","SORRY WRONG ANSWER",JOptionPane.WARNING_MESSAGE);

}while(answer4!=6);

do{
fourthQuestion=JOptionPane.showInputDialog(null, "How many campus in Middlesex University?\nTo skip this question enter 0","QUESTION 5",JOptionPane.QUESTION_MESSAGE);

answer5 =Integer.parseInt( fourthQuestion ); // convert numbers from type String to type int

if(answer5==0)
break;

if(answer5==6) //if answer is 6 it is correct, show thw message in the next line

JOptionPane.showMessageDialog(null,"your answer is correct go to the next Question","WEEL DONE",JOptionPane.PLAIN_MESSAGE);

else
JOptionPane.showMessageDialog(null,"your answer is wrong you should try again","SORRY WRONG ANSWER",JOptionPane.WARNING_MESSAGE);

}while(answer5!=6);

do{
fourthQuestion=JOptionPane.showInputDialog(null, "How many player in a footbal team?\nTo skip this question enter 0","QUESTION 6",JOptionPane.QUESTION_MESSAGE);

answer6 =Integer.parseInt( fourthQuestion ); // convert numbers from type String to type int

if(answer6==0)
break;

if(answer6==11) //if answer is 11 it is correct, show thw message in the next line

JOptionPane.showMessageDialog(null,"your answer is correct\n\nWell done and thank you for answering the quizzes","THIS IS THE END OF THE QUIZZES",JOptionPane.PLAIN_MESSAGE);

else
JOptionPane.showMessageDialog(null,"your answer is wrong you should try again","SORRY WRONG ANSWER",JOptionPane.WARNING_MESSAGE);

}while(answer6!=11);

if(answer1+answer2+answer3+answer4+answer5+answer6==0)

JOptionPane.showMessageDialog(null,"you didn't answer any question","WHAT A SHAME",JOptionPane.WARNING_MESSAGE);

else

if(answer1+answer2+answer3+answer4+answer5==0)

JOptionPane.showMessageDialog(null,"you didn't answer the first 5 questions","SORRY WRONG ANSWER",JOptionPane.WARNING_MESSAGE);
else

if(answer1+answer2+answer3+answer4==0)

JOptionPane.showMessageDialog(null,"you didn't answer the first 4 questions","SORRY WRONG ANSWER",JOptionPane.WARNING_MESSAGE);

else
if(answer1+answer2+answer3==0)

JOptionPane.showMessageDialog(null,"you didn't answer the first 3 questions","SORRY WRONG ANSWER",JOptionPane.WARNING_MESSAGE);

else
if(answer1+answer2==0)

JOptionPane.showMessageDialog(null,"you didn't answer the first 2 questions","SORRY WRONG ANSWER",JOptionPane.WARNING_MESSAGE);

else
if(answer1==0)

JOptionPane.showMessageDialog(null,"you didn't answer the first questions","SORRY WRONG ANSWER",JOptionPane.WARNING_MESSAGE);

System.exit( 0 ); // terminate the program
}
}

Static RAM and Dynamic RAM

One of the very important parts of the computer is the memory, and is as important as our memory. Any thing we do or we see, stored in our memory and we can retrieve it again, which is the same as the computer memory, however, the main difference between the computer’s memory and ours is that we have one type of memory and the computer has many.

Two of these types of the computer’s memory are the static RAM, (or SRAM) and the dynamic RAM, (or DRAM). In this presentation we will compare the SRAM and the DRAM, and talk briefly about their construction and their use in the computer.

Dynamic Random Access memory (DRAM)
DRAM is made up from transistors, which store the state of binary digit as a charge built up on transistor called, a Field Affect Transistor (FET). This method is the most popular, because of its ease of manufacture and hence its cost effectiveness. However it is more complex to operate than static RAM, because the stored charge leaks away very quickly and gets lost, if it is not tipped up as frequent intervals, which means that extra electronics, have to be put into the system to carry these operations. The consequence of this topping up cycle is that the speed of access for dynamic RAM is slower than the speed of the static RAM.

Static Random Access Memory (SRAM)
It is more expensive to produce. As more transistors are needed for the storage of each byte. However, static RAM, does not have to be topped up. As data is stored by monitoring the state of a transistor, being used as switch, rather than a charge storing mechanism as is the case with dynamic RAM. The technology inside the static RAM chip, is a little different instead of being stored as a leaky charge, the transistors, are permanently switched into an ‘on’ or an ‘off’ state, and this do not need constant attention, in terms of topping them up.

Comparing between the SRAM and the DRAM

Static RAM (SRAM)

  1. 4 times more expensive
  2. Very low access time
  3. Can store ¼ as much
  4. Information stored on RS flip-flops
  5. No need for refreshing
Dynamic RAM (DRAM)
  1. Low cost
  2. Consumes less power
  3. Can store 4 times as much
  4. Information stored on FET transistors
  5. Needs to be refreshed
To sum up briefly, we say that Both the SRAM and DRAM are volatile. This means that if the power of the system is off, then all the data stored in them would be lost. However because the SRAM is a fast memory it is used in a (cache memory) which comes between the CPU and the dynamic RAM, in this way the data can be processed quickly, by the processor, which mean that the processor, will get the immediate data from faster static RAM.
As on the other hand, because of its low cost and its high capacity, which is four times as much as SRAM, the DRAM is used for main memory.

References
  1. Clements, Alan. The Principles of Computer Hardware, 3rd ed. (Oxford University Press, 2001).
  2. Stallings, William. Computer organization and architecture: designing for performance, 5th ed. (New Jersey, Prentice Hall, 2000).

Wireless communication

Wireless communication
1. Infra Red Transmission
2. Radio Transmission
a. Narrow Band
b. Spread Spectrum

1.Infra Red Transmission
This type of transmission is cheapest and easy to use for short distance, that is why it comes built-in in laptops and mobile phones, its has number of disadvantages, e.g low bandwidth, cannot be used for long distance communication, as it reflect back when strike with any obstacle like wall, furniture etc. [1]

2. Radio Transmission
This is a commonly used technology used in wireless LANs, it can be either directional or can operate at 360 degree, but depends on type of antenna being used, unlike Infra red it can pass through building and hence used for long distance transmission. Using RF Transmission the same device can communicate with more than one device at a time, by using different frequencies. The RF Transmission uses Electro magnetic waves, and used as a carrier i.e. either digital or analog data can be super imposed on it, it has three characteristics i.e. frequency, amplitude, and phase, any one of these characteristics can be used to encode/super-imposed analog or digital data for transmission.

The RF transmission is used widely in mobile, TV, Radio station etc. That is why Government tightly enforce license, because two or more stations can operate at same frequencies.

  1. Narrow Band: uses minimum Radio Frequency band for transmitting data, for the purpose of avoiding cross talk with other stations.
  2. Spread Spectrum: uses more bandwidth for transmission, it is commonly used by military, because Spread spectrum signal are easy to detect as uses high bandwidth.
Microwave is an extension of RF, it gives higher data rates, but it is considered as line-of sight medium and suffered for atmospheric conditions e.g. fog, rain etc.[2]

IEEE 802.11

Wireless LANs are based on IEEE 802.11; there are many versions of IEEE 802.11 i.e. IEEE 802.11(legacy), IEEE 802.11a, IEEE 802.11b, and 802.11g. These standards permit 1-2 Mbits/second and 5 to 10 Mbits/second.

It is standardized for both Infra Red and RF transmission. It uses CSMA/CD MAC protocol, which ensures that collision will not takes place; Wireless LANs, operates at less speed as compared to wired LANs, wireless LANs are more susceptible to interference, as air is the medium. [2]

Reference:
[1] http://en.wikipedia.org/wiki/IEEE_802.11
[2] http://www.smarthomeforum.com/start/wlan.asp?ID=24

Voice over IP, VoFR and ATM

1. Abatract
The Internet is being modified to support voice traffic and products are being made to link the data and voice networks. Eventually the Internet and the telephone network will be one and the same.
Internet Telephony is an emerging technology and has a number of technological and evolutionary issues. The technological issues are mainly because the Internet was not designed for real time traffic such as voice. The evolutionary issue is the fact that a variety of vendors develop their products according to market demands and supplies. It will take time for all these products to converge and inter work with the same reliability as the circuit switched networks.
VoIP, VoFR and ATM are the subjects of the technology nowadays. Each of them has advantages over the others, and for the benefice of the technology they all need to be interwork.
The following article describes the tree technologies, VoIP, VoFR and ATM by an overview of each of them, the interoperability of them and the Future potential of these three technologies

2. Introduction
VOIP is growing fast. The very knowledge of the applications of this technology is enough for users and manufacturers to flock towards it. It is ideal for computer based communications and at the same time bringing down the cost of multimedia transfer. Hence VOIP products and services have flooded the market.
When Frame Relay technology was designed, it was without the option of carrying voice. The engineers have worked hard under the need of the vendors to make the voice together over the frame relay and give a good quality of voice in parallel of the high speed of the FR.
ATM was designed to be a multimedia, multi service technology. Though the ATM has been accepted by the marketplace for its ability to deliver high speed data services, till the recent past its potential for deploying for voice services was overlooked. With the competitiveness of today's market, the network operators and the service providers have been continuously striving to reduce operating costs and lift network efficiency. They recognized that significant economic benefits can be achieved once the data traffic and voice traffic are integrated onto a single network. Since ATM has been around for around a decade claiming to be a multimedia technology, most of the service providers have started installing

single ATM infrastructure to support voice, video, and data transfer.
Network engineering still working and developing the packet networks (Frame Relay, IP and ATM) to carry voice as well as data, and they are searching to reassemble these technologies into a single communication service, to develop interconnection and internetworking standards in order to deliver voice services over Frame Relay, IP and ATM.

3. Overview of VoIP
Internet Voice, also known as Voice over Internet Protocol (Voice over IP), is a technology that allows you to make telephone calls using a broadband Internet connection instead of a regular phone line. Some services using Voice over IP may only allow you to call other people using the same service, but others may allow you to call anyone who has a telephone number - including local, long distance, mobile, and international numbers. Also, while some services only work over your computer or a special Voice over IP phone, other services allow you to use a traditional phone through an adaptor.

Voice over IP allows us to make telephone calls using a computer network, over a data network like the Internet. Voice over IP converts the voice signal from our telephone into a digital signal that travels over the internet then converts it back at the other end so we can speak to anyone with a regular phone number. When placing a Voice over IP call using a phone with an adapter, we'll hear a dial tone and dial just as we always have. Voice over IP may also allow us to make a call directly from a computer using a conventional telephone or a microphone.

Voice over IP lets us make long distance voice and fax calls over existing IP data networks instead of the public switched telephone network (PSTN). Today businesses that implement their own Voice over IP solution can dramatically cut long distance costs between two or more locations.

3.1 Functionality
VoIP can facilitate tasks that may be more difficult to achieve using traditional phone networks:
Incoming phone calls can be automatically routed to our VoIP phone, irrespective of where we are connected to the network. Take

the VoIP phone with us on a trip, and anywhere we connect it to the Internet, we can receive our incoming calls.
Call center agents using VoIP phones can work from anywhere with a sufficiently fast Internet connection.
VoIP phones can integrate with other services available over the Internet, including video conversation, message or data file exchange.

3.2 Implementation
Because IP does not provide any mechanism to ensure that data packets are delivered in sequential order, or provide any Quality of Service guarantees, VoIP implementations may face problems dealing with latency. They are faced with the problem of restructuring streams of received IP packets, which can come in any order and have packets delayed or missing, to ensure that the ensuing audio stream maintains a proper time consistency.
Another main challenge is routing VoIP traffic to traverse certain firewalls and NAT. Intermediary devices called Session Border Controllers (SBC) are often used to achieve this, though some proprietary systems such as Skype traverse firewall and NAT without a SBC by using users' computers as super node servers to route other people's calls.
Keeping packet latency acceptable can also be a problem, due to network routing time and transmission distances.

3.3 Technical details
There is a lot of debate about the two most popular types of VoIP; SIP and H.323, each of them has its own merits, H.323, was the most popular protocol, though its popularity has decreased in the "local loop" due to its poor traversal of NAT and firewalls. For this reason as domestic VoIP services have been developed, SIP has been far more widely adopted. However in backbone voice networks where everything is under the control of the network operator or Telco, H.323 is the protocol of choice. Many of the largest carriers use H.323 in their core backbones, and the vast majority of callers have little or no idea that their POTS calls are being terminated over VoIP. So really SIP is a useful tool for the "local loop" and H.323 is like the "fiber backbone". With the most recent changes introduced for H.323, however, it is now possible for H.323 devices to easily and consistently traverses NAT and firewall devices, opening up the possibility that H.323 may again be looked upon more favorably in cases where such devices encumbered its use previously.

Where VoIP travels through multiple providers Soft Switches the concept of Full Media Proxy and signaling proxy are important. In H.323 the data is made up of 3 streams of data: 1) H.225.0 Call Signaling 2) H.245 3) Media. So if we are in London, our provider is in Australia, and we wish to call America, then in full proxy mode all three streams will go half way around the world and the delay (up to 500-600ms) and packet loss will be high. However in signaling proxy mode where only the signaling flows through the provider the delay will be reduced to a more user friendly 120-150 ms. these proxy concepts could lead the way to true global providers.
One of the key issues with all traditional VoIP protocols is the wasted bandwidth used for packet headers. Typically to send a G.723.1 5.6kbps compressed audio path will require 18kbps of bandwidth based on standard sampling rates. The difference between the 5.6kbps and 18kbps is packet headers. There are a number of bandwidth optimization techniques used such as silence suppression and header compression this can typically save 35% on bandwidth used. But the really interesting technology comes from VoIP off shoots such as TDMoIP which take advantage of the concept of bundling conversations that are heading to the same destination and wrapping them up inside the same packets. These can offer near toll quality audio in a 6-7kbps data stream.

3.4 DSL Internet access
VoIP technology does not necessarily require broadband Internet access, but this usually supports better quality of service. A sizable percentage of homes today are connected to the Internet through DSL, which requires a traditional phone line. Having to pay for VoIP in addition to both a basic phone line and broadband Internet access reduces the potential benefits of VoIP. However, some regional telephone companies now offer DSL service without the phone, thus saving us money when we switch to VoIP. VoIP can also be used with Cable Internet instead of DSL, eliminating the need to purchase two telephone lines.

3.5 Reliability
Conventional telephones are connected directly to telephone company phone lines, which in the event of a power failure are kept functioning by back-up generators or batteries located at the telephone exchange. However, household VoIP hardware uses broadband modems and other equipment powered by household electricity, which may be subject to outages. In order to use VoIP during a power outage, an uninterruptible power supply or a generator must be installed on the premises. Early adopters of VoIP

may also be users of other phone equipment, such as PBX and cordless phone bases that rely on power not provided by the telephone company.

3.6 Security
The majority of consumer VoIP solutions do not support encryption. As a result, it is relatively easy to eavesdrop on VoIP calls and even change their content. There are several open source solutions like VoIPong or Vomit that facilitate sniffing of VoIP conversations. A modicum of security is afforded due to patented audio codecs that are not easily available for open source applications; however such security by obscurity has not proven effective in the long run in other fields. Some vendors also use compression to make eavesdropping more difficult. However, real security requires encryption and cryptographic authentication which are usually not available at a consumer level.

3.7 Benefits of the technology
The integration of voice and data traffic will be demanded by multi application software.
An integrated infra structure that supports all forms of communication allows more standardization and lesser equipment management.
The integration of voice and data effectively fills up the data communication channels efficiently, thus providing bandwidth consolidation. The idea is to move away from the TDM scheme wherein the user is given bandwidth when he is not talking. Data networks do not do this. It is a big saving when one considers the statistics that 50% of a conversation is silence. The network efficiency can be further boosted, by removing the redundancy in certain speech patterns.
In general, phone service via VoIP costs less than equivalent service from traditional sources but similar to alternative Public Switched Telephone Network (PSTN) service providers. Some cost savings are due to using a single network to carry voice and data, especially where users have existing under-utilized network capacity they can use for VoIP at no additional cost

4. Overview of VoFR
Frame relay is packet switched network that was designed for transmitting data over fixed line.

The frame relay can be a long distance telephone service. Once the service is established, the customer only need to transmit his data over a local link to a nearby frame relay station so the frame relay is responsible for transmitting the data of the user and delivering to destination. A frame relay service provides many attractive alternatives to leased lines.

4.1 Characteristics of a frame relay
One of the first noticeable network is its very high transfer speeds. The data transfer speed can be very fast as same as network.
Frame relay network also provide very good security. Because of the encryption technique used to transmit data between frame relay switches, also the frame relay connection are permanent then it is available.
Frame relay was originally designed and used to transfer packets of data between two sites more cost effectively than leased lines could.
Voice over frame relay allows the internal telephone systems of companies to be connected using frame relay PVCs.

4.2 Advantages
Transferring telephone calls using frame relay has a number of advantages over using the leased line service of a standard telephone system.
Frame relay reduce the cost of a telephone call.
Frame relay uses network resources more efficiently by combining a number of channels of voice traffic with data and reliably transmitting the result over an existing frame relay network.
The cost of the equipments that connects a company’s PBX to the frame relay network is quickly recovered from the saving involved in avoiding conventional telephone line. Because VoFR does not significantly complicate network architecture or increase link speed, voice, fax and data traffic can be combined effectively over a single network of wires.
Up to 255 voices sub channels can be multiplexed on a single frame relay circuit.

4.3 Disadvantages
Data network called upon to transmit frame relay voice in addition to data, it may experience congestion problems. Many corporate

networks are already straining just to deliver data. To add voice to an already congested network is a problem.
Voice compression is necessary in frame relay application to help ensure high quality audio while maximizing bandwidth usage. Sometimes this voice compression can affect the quality of the signal and therefore the sound quality of the voice on the telephone line.

5. Overview of ATM
Asynchronous Transfer Mode ATM, is a multi service, high speed, scalable technology. It is a dominant switching supporting services with different transfer characteristics. ATM transports voice, data, graphics and video simultaneously at very high speeds,
ATM can be used as the transfer technology for local area networks, metropolitan area networks, and wide area networks, since ATM like frame relay, is a layer 2 protocol, it can be supported by many different types of physical layer media, such as twisted pair and fabric optic cable.
ATM can support different classes of traffic to provide different levels of service (QoS).

5.1 Advantages of ATM
With the standards are in place it is now possible for packet switching techniques like Frame Relay or ATM to deliver high quality speech. Some of the intrinsic advantages ATM has over other network technologies are listed below.
The very format of the cell was arrived at by considering data, voice, and video payload requirements. ATM cells are of fixed size, 53 bytes each with 48 bytes for payload and 5 for ATM header. This helps in reducing the packetization delay significantly, which is one of the major delay parameters.
It supports extensive QoS (Quality of Service), which allows voice traffic to be transmitted across the network in a reliable jitter-free way.
Various service classes’ capabilities are supported by various ATM Adaptation Layers (AALs).
ATM switches have always been designed with effective traffic management capabilities - for example, call admission control, usage parameter control, traffic shaping, etc.
Single network for voice, data, and video.
Interworking with PSTN is relatively straightforward.

5.2 Disadvantages of ATM
It is often more expensive than other data transmission options. The cost of ATM equipment is high; Due to the complexity of ATM there is a high learning curve for setting and managing the network. Compatible hardware and software may not be widely available.
ATM is now being heavily used by the large telecommunications carriers to provide voice and Internet services. Because of its complexity and cost, smaller businesses have been reluctant to use ATM.

5.3 Standards and Specifications.
Various applications are available for the transport of voice over an ATM network. Each application has differing requirements for voice transport based on what class of network operators they are defined in. The three major classes of network operators are:
National or International Operators typically have an extensive PSTN service operating over SDH/SONET or PDH infrastructure. When bandwidth is limited there will be a requirement to integrate voice and data traffic, for reasons of efficiency into a single ATM network. Within the local loop, ATM may be a valuable solution for the carriage of voice and data to business premises.
Alternate Carriers or Value Added Network Suppliers take up licenses to provide communication services in competition with the incumbent national operators. Instead of having their own transmission infrastructure, they buy bandwidth from the primary operator. Cost and limited availability of bandwidth demand ATM's efficiency, and integration of voice and data services. Example of alternate carriers is cellular phone operators.
Private/Enterprise networks buy bandwidth at commercial (retail) rates and achieve the most they can with the resources on hand. Such organizations will have already deployed a TDM network utilizing E1 or T1 links. They will be looking to integrate these solutions into a new ATM network, and gain improvements in network performance and efficiency.

6. Data and its implications over voice
IP, ATM and Frame Relay are not as same as normal telephone, public telephone carries voice others carry data and cells known as packet and cells switching.

In circuit switching network (telephones) once the transmission start the line is occupied even though the line is in hold which means that the third party can not use
the path in any way, this is not efficient recording to packet switching.

One of the main reasons that this network (packet switching) is reliable because it allocates the bandwidth to the links, and each link can use the bandwidth available at any time.

One of the problems packet switching face is the delay, because of the share of the line, as a result of congestion, and in other situation could be the drop of packets so the delay must be minimised as minimum as possible to get a better quality of voice, and the integrity of the transmission.

Data and voice are tow distinct things, the voice is very sensible and any small delay will affect directly the quality of the voice, the voice will be not understandable in most cases.

One solution can be taken to solve these problems of congestions and delays is to use a bandwidth to the network in a way that will be not increased but managed by a mechanism that make priorities and reduce the congestions and delays.

7. The interoperability of the three technologies
Operating data and voice together with IP,ATM and Frame Relay is the best network solution of any other technology, however, the standardization of the elements such as protocols, voice compression and other elements are not compatible and then not standard to inter-work between them. Standardization is very important for the three technologies, and without it no mean to the interoperability.

VoIP interoperability defined by ITU H.323 without the definition of the address encoding and security and other things which is mean that the definition is not complete, based on these kind of definitions it will be no interoperability between equipment of different vendors.
IP vendors are collaborating and working together to achieve interoperability gatekeepers and gateways of different vendors to deploy different IP platform at either end of the network.
Frame Relay is a Permanent Virtual Connection (PVC), the reason why the RF.11 Phase 2 is not yet implemented, the two ends use

the same vendors equipments, in the meantime vendors are trying to interoperate the equipments for interoperability that the market requires.
With Voice Over ATM, the problem of the interoperability is there, AAL2 is not yet standardized, therefore the problem of interoperability between vendors still there, as same as FR and IP.

8. Future potential of these three technologies
With more and more voice traffic moving onto data networks. Vendors of voice equipment will continue to develop integrated voice and data devices based on pocketsize technology.
RAD Data Communications will remain in the forefront of industry efforts to provide universal services, for the benefit of the users
Since standardization has not been adopted for any one technology, it is not possible to expect the interoperability standards between technologies in the near future. It is essential that the interoperability be transparent to the users, who want to communicate through the network efficiently and without concern for the technological issues involved.
Due to the lack of interoperability standards for voice communications over Frame Relay, IP and ATM, vendors must develop proprietary interworking solutions.
RAD is developing a pre-standards strategy to facilitate interworking between Frame Relay and IP. The strategy will provide a migration path from Frame Relay to IP technologies, which can be an important advantage when IP services become available. RAD is currently developing an interworking solution between Frame Relay and IP. The VoFR-VoIP product will perform signalling conversion and negotiate with the remote IP product in order to choose a common voice compression algorithm and other parameters.

9. Conclusion
The integration of voice and data networks has been a long time coming, and complete unification is still a distant goal for most organizations. Consolidation is progressing in parts of the network, especially where medium-term cost savings can justify a new approach. Each of the major packet-voice-transport options--IP, frame relay and ATM--has its strengths, and no single technology is the best fit for every situation.
ATM is mature, reliable and manageable. However, its limited span and high cost per port will discourage IT managers from deploying it end to end. Inexpensive and fairly reliable, voice over frame relay is

a good interim step, but best used by only a few hundred sites per backbone. And voice over IP, with its wide reach, shows great promise but has some hefty requirements for maintaining its quality.
Although hundreds of vendors are exploring these technologies, four have taken the lead. Cisco, Lucent, Nortel and 3Com.
Interoperability between the various networks will allow users to benefit from the best that each network has to offer. The extent of compatibility is limited by the prioritization methods and signalling protocols, even though these networks follow similar fragmenting techniques. The level of interoperability will increase with the introduction of standardizations within the protocols, which will facilitate the interworking.

(Word count: 3678)

10. References:
  1. http://www.fore.com/products/wp/voicewp.htm
  2. http://www.cisco.com/warp/public/cc/cisco/mkt/switch/cat/8500/index.shtml.
  3. http://www.fore.com/products/voice-plus/voice-plus_po.html
  4. http://en.wikipedia.org/wiki/Special:Search?search=voice+over+ip&fulltext=Search
  5. http://www.freedomcomms.com/newcontactform.asp
  6. http://www.protocols.com/papers/voe.htm
  7. http://www.rapid.co.uk/iptelephony.html
  8. http://www.telsyte.com.au/feature/voip.htm

Wednesday, 11 April 2007

Hacking

Two things frighten today's computer users: viruses and hackers. And just similar to viruses, the majority of people don't understand hackers or what they do.

Hackers come in many varieties. The word "hacker" typically brings to mind people who break the security of computer networks, application software, and people who make malicious programs similar to viruses.

In the traditional parlance of computer programmers, a hack is a quickly written piece of code that makes something work; a hacker is someone who enjoys exploring the details of programmable system and how to stretch their capabilities, as opposite to most users, who prefer to learn only the minimum necessary. Since, hackers get hold of advanced knowledge of operating systems and programming languages. They may know of holes within systems and the reasons for such holes.

Hackers always seek further knowledge, freely share what they have discovered, and never, ever deliberately damage information.

A cracker in the other hand is one who breaks into computer systems without authorization, for malicious purposes, to steal or destroy vital information, or just to show off. Therefore crackers can easily be identified because their actions are malicious.
However these aren't mutually exclusive, but it's a simple way to divide the activities that fall under hacking.

Once crackers get onto the computers that host networks, they can modify or remove files, steal information and erase the evidence of their actions. However many hackers break security systems just to see if they can do it. They may enter the system, look at the information within and never go back. For these hackers, it's more a test of skill than an attempt to steal or alter data.

Hacker ethic
The hacker ethic was not something that was written up as a guiding principle, but a commonly, silently, agreed upon creed that simply came to be. The ethic on the whole consisted of allowing all information to be free in order to learn about how the world worked, using the already available knowledge to create more knowledge. Anything that prohibited them from this knowledge was resented.
Many hackers act on this by writing and giving away open-source software. A few go further and assert that all information should be free and any proprietary control of it is bad.
The belief that information-sharing is a powerful positive good, and that it is an ethical duty of hackers to share their expertise by writing open-source and facilitating access to information and to computing resources wherever possible.

Where did hacking start?
It started with telephone technology. This practice was referred to as phreaking. Typically, phreaking which was wide-spread in the seventies is used to make free calls or to have calls charged to a different account. However phreaking is now recognized as any act by which to circumvent the security of the telephone company.

What attracts people to hacking?
People have always been fascinated by adventure and exploration. Never before have they been able to get this without leaving their home. It is the Internet, and the ability to go anywhere, talk to anyone, and not reveal your personal information. That is in brief what most attracts people to the hacker culture, which is gradually becoming the Internet culture. Moreover is the wide-spread of hacker-oriented sites on the Internet, it is estimated that there are about 30,000, bringing hacking and terrorism within the reach of even the technically challenged.
It is not necessary to have the full knowledge, you just have to have the time, just download the tools and the programs. It's the democratization of hacking. And with these programs they can click on a button and send bombs to a network, and the systems will go down.
Finally some crackers crack for profit. They will break into almost any type of system you like, for a price. Some of these crackers get involved with criminal schemes.

Tools used by hackers

  1. Port scanners are probably the most commonly used scanning tools on the Internet. These tools scan large IP spaces and report on the systems they encounter, the ports available and other information, such as the operating system types. The most popular port scanner is Network Mapper (Nmap).
  2. Vulnerability scanners tools that look for a specific vulnerability or scan a system for all potential vulnerabilities. Vulnerability tools are freely available on the net. The most popular vulnerability scanner available is Nessus.
  3. Rootkits the term rootkit describes a set of scripts and executables packaged together that allow intruders to hide any evidence that they gained root access to a system. Some of the tasks Performed by a rootkit are as follows:
  1. Modify system log files to remove evidence of an intruder’s activities.
  2. Modify system tools to make detection of an intruder’s modifications more difficult.
  3. Create hidden back-door access points in the system
  4. Use the system as a launch point for attacks against other networked systems.
The threat from hackers

1. Trojans
A destructive program that masquerades as a benign application. Unlike viruses, Trojan horses do not replicate themselves but they can be just as destructive. One of the most insidious types of Trojan horse is a program that claims to rid your computer of viruses but instead introduces viruses onto your computer.
The term comes from a story in Homer's Iliad, in which the Greeks give a giant wooden horse to their foes, the Trojans, ostensibly as a peace offering. But after the Trojans drag the horse inside their city walls, Greek soldiers sneak out of the horse's hollow belly and open the city gates, allowing their compatriots to pour in and capture Troy.

2. Viruses
A destructive program that has the ability to reproduce itself and infect other programs or disks. Usually a virus will not show itself straight away, but will add itself to programs and disks to spread itself widely on many computers before it is triggered into its destructive phase.
The best defence is to run anti-virus software regularly furthermore, anti-virus software should be updated monthly.

3. Worms
Type of virus or replicative code that situates itself in a computer system in a place it can do harm. They replicate themselves by emails to many computers. They are network orientated viruses, tend to exist in memory and are non permanent, whereas viruses tend to reside on disc where they permanent until eradicated.

4. Logic or time bomb
A logic bomb is a program, or portion of a program, which lies inactive until a specific piece of program logic is activated. In this way, a logic bomb is very analogous to a real-world land mine.
The most common activator for a logic bomb is a date. The logic bomb checks the system date and does nothing until a pre-programmed date and time is reached. At that point, the logic bomb activates and executes its code.

Measures to prevent hacking
No one connected to a computer network is in reality safe from hackers. Fortunately, most invasions or infections don't result in severe damage to the system that has been attacked.
The only real defense is limiting the risk by using virus scanners, firewalls and (making them easier to install and configure). Furthermore improvements in vulnerability scanning and better explanations of how to repair them, and better intrusion-detection with fewer false-positives are all key technologies in this race. However in the end, hackers see security systems as a challenge, not an obstacle.

Nevertheless the most important improvement is in the area of awareness among users, furthermore enforcing new low and regulations by governments against this crime.

The outlook for computer security?
To summaries this important topic it is fair to say that while better security technologies are appearing all the time, education and awareness will continue to be the limiting factor. System administrators must learn about and maintain their systems securely. Users have to understand their security responsibilities like choosing good passwords, not installing unauthorized modems. Nevertheless innovations like biometrics and smart cards will go a long way toward making security easier for the end user as well as for the system administrators.

References

  1. Alex Noordergraaf. (2002). How Hackers Do It: Tricks, Tools, and Techniques. Sun BluePrints™ OnLine—May, 2002
  2. CNET Networks, Inc. (Accessed 1 April 2004) http://www.zdnet.co.uk/
  3. Linux User & Developer (13 Nov 2003) ‘Hack Attack’. Linux User & Developer Magazine. (Issue 34) page 22.

Transport Layer Security

Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols which provide secure communications on the Internet for such things as web browsing, e-mail, Internet faxing, instant messaging and other data transfers. There are slight differences between SSL 3.0 and TLS 1.0, but the protocol remains substantially the same. The term "TLS" as used here applies to both protocols unless clarified by context.

Description
The TLS protocol(s) allow applications to communicate across a network in a way designed to prevent eavesdropping, tampering, and message forgery. TLS provides endpoint authentication and communications privacy over the Internet using cryptography. Typically, only the server is authenticated (i.e., its identity is ensured) while the client remains unauthenticated; this means that the end user (be that a person, or an application such as a web browser), can be sure with whom they are "talking". The next level of security—in which both ends of the "conversation" are sure with whom they are "talking"—is known as mutual authentication. Mutual authentication requires public key infrastructure (PKI) deployment to clients.

TLS involves three basic phases:
1. Peer negotiation for algorithm support
2. Public key encryption -based key exchange and certificate-based authentication
3. Symmetric cipher -based traffic encryption

During the first phase, the client and server negotiation uses cryptographic algorithms. Current implementations support the following choices:

  • for public-key cryptography: RSA, Diffie-Hellman, DSA ;
  • for symmetric ciphers: RC2, RC4, IDEA, DES, Triple DES, AES or Camellia;
  • for one-way hash functions: MD2, MD4, MD5 or SHA.
How it works
The TLS protocol exchanges records; each record can be optionally compressed, encrypted and packed with a message authentication code (MAC). Each record has a content_type field that specifies which upper level protocol is being used.

When the connection starts, the record level encapsulates another protocol, the handshake protocol, which has content_type 22.

A typical handshake proceeds as follows:
  • A Client sends a ClientHello message specifying the highest TLS protocol version it supports, a random number, a list of suggested cipher suites and compression methods.
  • The Server responds with a ServerHello, containing the chosen protocol version, a random number, cipher, and compression method from the choices offered by the client.The Server sends its Certificate (depending on the selected cipher, this may be ommitted by the Server).
These certificates are currently X.509, but there is also a draft specifying the use of OpenPGP based certificates.
  • The server may request a certificate from the client, so that the connection can be mutually authenticated, using a CertificateRequest.
  • The Server sends a ServerHelloDone message, indicating it is done with handshake negotiation.
  • The Client responds with a ClientKeyExchange which may contain a PreMasterSecret, public key, or nothing. (Again, this depends on the selected cipher).
  • The Client and Server then use the random numbers and PreMasterSecret to compute a common secret called the "master secret". All other key data is derived from this master secret (and the client- and server-generated random values), which is passed through a carefully designed "pseudorandom function". The Client now sends a ChangeCipherSpec message, essentially telling the Server, "everything I tell you from now on will be encrypted." Note that the ChangeCipherSpec is itself a Record Layer protocol, and has type 20, and not 22.
  • Finally, the Client sends an encrypted Finished message, containing a hash and MAC over the previous handshake messages.
  • The Server will attempt to decrypt the Client's Finished message, and verify the hash and MAC. If the decryption or verification fails, the handshake is considered failed and the connection should be torn down.
  • Finally, the Server sends a ChangeCipherSpec and its encrypted Finished message, and the Client performs the same decryption and verification.
  • At this point, the "handshake" is complete and the Application protocol is enabled, with content type of 23. Application messages exchanged between Client and Server will be encrypted.
Given the above recount of a TLS/SSL connection process, one may have trouble envisioning a typical browser session. To elaborate upon this and to give ordinary insight to a typical TLS/SSL connection we can use what is commonly referred to as the SSL six step process. SSL establishes a stateful connection negotiated by a handshaking procedure between client and server as previously mentioned. During this handshake, the client and server exchange specifications for the cipher that will be used for that session.
  • The handshake begins when a browser connects to a TLS/SSL-enabled server and requests that the server send back its identification.
  • The server sends back its identification in the secured form of a digital certificate. The certificate will contain (usually all of these variables, but dependent on the X.509 standard used) the server name, the trusted certifying authority (CA), and the server public encryption key.
The browser may contact the server of the trusted CA and confirm that the certificate is authentic before proceeding. The browser then presents a list of encryption algorithms and hashing functions (used to generate a number from another).
  • From this list the server picks the strongest encryption that it also supports and notifies the client of the decision.
In order to generate the session keys used for the secure connection, the browser uses the server public key from the certificate to encrypt a random number and send it to the server.
  • The client can encrypt this data, but only the server can decrypt it (with its private key): this is the one fact that makes the keys hidden from third parties, since only the server and the client have access to this data.
  • The server replies with more random data (which doesn't have to be encrypted), and following this:
  • Both parties use the selected hash functions on the random data to generate the session keys.
This concludes the handshake and begins the secured connection, which is encrypted and decrypted with the session keys for the remainder.

If any one of the steps in previous mention fails, the TLS/SSL handshake fails, and the connection is not created.

TLS/SSL have a variety of security measures:
  • The client uses the CA's public key to validate the CA's digital signature on the server certificate. If the digital signature can be verified, the client accepts the server certificate as a valid certificate issued by a trusted CA.
  • The client verifies that the issuing Certificate Authority (CA) is on its list of trusted CAs.
  • The client checks the server's certificate validity period. The authentication process stops if the current date and time fall outside of the validity period.
  • To protect against Man-in-the-Middle attacks, the client compares the actual DNS name of the server to the DNS name on the certificate.
  • Protection against several known attacks (including man in the middle attacks), like those involving a downgrade of the protocol to a previous (less secure) version or a weaker cipher suite.
  • Numbering all the records and using the sequence number in the MACs.
  • Using a message digest enhanced with a key (so only a key-holder can check the MAC). This is specified in RFC 2104.
  • The message that ends the handshake ("Finished") sends a hash of all the exchanged data seen by both parties.
  • The pseudorandom function splits the input data in half and processes each one with a different hashing algorithm (MD5 and SHA), then XORs them together. This provides protection if one of these algorithms is found to be vulnerable.
  • SSL v3 uses the SHA-1 hashing algorithm and supports certificates for authentication. SHA-1 is considered much safer than the previous MD5 used in SSL v2. Additional improvements in SSL v3 include better handshake protocol flow and increased resistance to man-in-the-middle attacks.
Applications
TLS runs on layers beneath application protocols such as HTTP, FTP, SMTP, NNTP, and XMPP and above the TCP or UDP transport protocol, which form part of the TCP/IP protocol suite. While it can add security to any protocol that uses reliable connections (such as TCP), it is most commonly used with HTTP to form HTTPS. HTTPS is used to secure World Wide Web pages for applications such as electronic commerce & asset management. SMTP is also an area in which TLS has been growing and is specified in RFC 3207. These applications use public key certificates to verify the identity of endpoints.

An increasing number of client and server products support TLS natively, but many still lack support. As an alternative, users may wish to use standalone TLS products like Stunnel. Wrappers such as Stunnel rely on being able to obtain a TLS connection immediately, by simply connecting to a separate port reserved for the purpose. For example, by default the TCP port for HTTPS is 443, to distinguish it from HTTP on port 80. However, in 1997 the Internet Engineering Task Force recommended that application protocols always start unsecured and instead offer a way to upgrade to TLS - which a pure wrapper like Stunnel cannot cope with.

TLS can also be used to tunnel an entire network stack to create a VPN, as is the case with OpenVPN. Many vendors now marry TLS's encryption and authentication capabilities with authorization. There has also been substantial development since the late 1990s in creating client technology outside of the browser to enable support for client/server applications. When compared against traditional IPSec VPN technologies, TLS has some inherent advantages in firewall and NAT traversal that make it easier to administer for large remote access populations. Vendors like Arkoon, Aventail, F5 Networks, Juniper, and others have been developing in this space for some time.

TLS is also being used increasingly as the standard method for protecting SIP application signaling. TLS can be used to provide authentication and encryption of the SIP signalling associated with VOIP (Voice over IP) and other SIP-based applications. Vendors like Covergence, Linksys, and Microsoft are examples of vendors that provide TLS capabilities for SIP applications .

History and development
Developed by Netscape, SSL version 3.0 was released in 1996, which later served as the basis for TLS version 1.0, an IETF standard protocol first defined in RFC 2246 in January 1999. Visa, MasterCard, American Express and many leading financial institutions have endorsed SSL for commerce over the Internet.

SSL operates in modular fashion. It is extensible by design, with support for forward and backward compatibility and negotiation between peers.

Early short keys
Some early implementations of SSL used 40-bit symmetric keys because of US government restrictions on the export of cryptographic technology. The US government explicitly imposed a 40-bit keyspace small enough to be broken by brute-force search by law enforcement agencies wishing to read the encrypted traffic, while still presenting obstacles to less-well-funded attackers. A similar limitation applied to Lotus Notes in export versions. After several years of public controversy, a series of lawsuits, and eventual US government recognition of changes in the market availability of 'better' cryptographic products produced outside the US, the authorities relaxed some aspects of the export restrictions. The 40-bit key size limitation has mostly gone away. Modern implementations use 128-bit (or longer) keys for symmetric key ciphers.

Incorrect uses
Some websites have been criticized for incorrectly using TLS and therefore negating its security benefits [1]. Such incorrect uses include:
  1. Only securing the form submission page, while failing to secure the login page [2]
  2. Displaying a secure page mixed with non-secure media [3]
Both practices have been found present in many commercial websites such as those of Bank of America, Washington Mutual, JPMorgan Chase & Co. [4], and PayPal.

Implementation
Programmers may use the OpenSSL, NSS, or GnuTLS libraries for SSL/TLS functionality. Microsoft Windows includes an implementation of SSL and TLS as part of its Secure Channel package. Delphi programmers may use a library called Indy, which has ways of connecting components to a TLS intercept using the OpenSSL libraries. This enables the development of secure Web browsers and Web servers using Delphi/Indy/OpenSSL. The protocols supported are SSLv2, SSLv3, and TLS v1.

References
  1. The Netcraft Secure Server Survey
  2. Wagner, David; Schneier, Bruce (November 1996). "Analysis of the SSL 3.0 Protocol (PDF)". The Second USENIX Workshop on Electronic Commerce Proceedings, USENIX Press.

Why data encryption preserves confidentiality but not integrity and availability?

Encryption provides a means of preventing an unauthorised party from reading our data (hence confidentiality of data can be maintained).
It does not do anything to ensure that the data is correct (integrity) or that it can be obtained when needed (availability).
Secrecy: only sender, intended receiver should “understand” message contents sender encrypts message receiver decrypts message.
Authentication: sender, receiver want to confirm identity of each other
Message Integrity: sender, receiver want to ensure message not altered (in transit, or afterwards) without detection.