Wan's Blog

Lab 8

wanjr — Thu, 29 Oct 2009 10:24:56 +0000

WEP use to provide comparable confidentiality to a traditional wired network in particular it does not protect users of the network from each other. WEP was supported by Wi-Fi Protected Access (WPA) in 2003, and then by the full IEEE 802.11i standard (also known as WPA2) We can use Aircrack to hack wirelss.Hence, Aircrack is a set of tools for auditing wireless networks.

Lab 7

wanjr — Thu, 29 Oct 2009 10:21:22 +0000

A computer network is defined as a connection between two or more computer. Two computers are said to be interconnected if they are able to exchange information. Since it beginning network has become an essential tool for computer user. Computer users nowadays are depending on network, you cannot imagine the world without computer networking.

IPSec is available in IPv4, yet it is not mandatory to use it, user can choose to enable IPSec or not. This protocol suite is not only providing authentication and encryption on each IP packet of a data stream but also providing an establishment of mutual authentication between the parties involves at the beginning of the
session and negotiation of cryptographic keys to be used during the session. As it is implemented at the IP layer, IPsec provide protection for all the layer above it, in particular TCP and UDP IPSec protocol suites contain various protocols for performing various functions:-
• Internet key exchange (IKE and IKEv2) to set up a security association (SA) by handling negotiation of protocols and algorithms and to generate the encryption and authentication keys to be used by IPsec.
• Authentication Header (AH) to provide connectionless integrity and data origin authentication for IP datagrams and to provide protection against replay attacks.
• Encapsulating Security Payload (ESP) to provide confidentiality, data origin authentication, connectionless
integrity, an anti-replay service (a form of partial sequence integrity), and limited traffic flow confidentiality.

Lab 6

wanjr — Thu, 29 Oct 2009 10:19:06 +0000

When a good in database security, need to consider a database where aggregates are placed at a higher sensitivity level than the data items they are derived from. A user privileged to access the data items can potentially compute the aggregate by accessing the data items individually. We can defend against such an attack by prevent this problem by do not put any sensitive information at the web address to send the data. Usually, this problem happen in PHP code when the developer use GET method to send information in the database. I suggest that we use POST or other method to send the data. Also, try to make a new function in different file to save the data by calling the function in that file when submitting. Then, do a double checking especially if the data is a sensitive information like total price and balance.

Lab 4

wanjr — Thu, 29 Oct 2009 10:15:16 +0000

Cryptography algorithm used in cryptosystem can be classified into two categories which is symmetric and asymmetric encipherment. In symmetric encipherment, plaintext is encrypted and decrypts using the same key whereas asymmetric encipherment is using different keys to encrypt and decrypt a plaintext.

Symmetric encipherment can be in form of substitution, transposition or both. In substitution encryption method alphabet (character) in the plaintext is always changed with another alphabet (character). Each character can be either change with one character (monoalphabetic) or multiple characters (polyalphabetic).
Caesar cipher is an example of monoalphabetic cipher and Vigeneré cipher is an example of polyalphabetic.

Transposition encryption method does not substitute character with another character but it changes the location of the characters. The character in the first position might be placed on the fifth position and the fifth position character might be placed in another location in the plaintext. In other word, we can look this
encryption method as a process or reordering the character in the 4 plaintext. This method can be either keyless or key transposition

Lab 5

wanjr — Thu, 29 Oct 2009 10:12:37 +0000

Web application or simply called webapp is an application that can be accessed using a web browser over a network, either the Internet or within the Local Area Network. It is developed using browser-supported language such as HTML, JavaScript, PHP, ASP and etc. The script produced is then rendered by common web
browser. Web application let user to access application or system anywhere and at any time provided the user is connected to a network connection and there is a web browser installed on the machine. This ease of usage makes webapp popular among Internet user. Moreover the ability to update and maintain web
applications without distributing and installing software on potentially thousands of client computers contribute to the popularity of the webapp. Nowadays webapp is used for accessing mail, online banking, online shopping, online reservation, wikis and many other functions.

Lab 4

wanjr — Thu, 29 Oct 2009 10:10:30 +0000

Transposition encryption method does not substitute character with another character but it changes the location of the characters. The character in the first position might be placed on the fifth position and the fifth position character might be placed in another location in the plaintext. In other word, we can look this
encryption method as a process or reordering the character in the Cryptography Extended 4 plaintext. This method can be either keyless or key transposition.

Lab 3

wanjr — Thu, 29 Oct 2009 10:07:30 +0000

Authentication is a process to verify an identity of someone or something that claims by the subject is true. Authentication services provide a means to prove that whatever the subject claims is true, this include username, password or any object that can prove the claim is true. Authentication relates to the scenario where some party (claimant) has presented a principal’s identity and claims to be that principal. Authentication enables some other party (verifier) to gain confidence that the claim is legitimate. Authentication methods are based upon any of the following principles:
• The claimant demonstrates knowledge of something, e.g. password.
• The claimant demonstrates possession of something, e.g. a physical key or card
• The claimant exhibits some required immutable characteristics, e.g. a finger print.
• Evidence is presented that the claimant is at some particular place or time.
• The verifier accepts that some other party, who is trusted, has already established authentication.

Cryptography is the science of disguising information in such a way that its meaning is unintelligible to an Anauthorized person. The two most common uses are, probably, to store data securely in a computer file or to transmit it across an insecure channel such as the internet. Encrypted document does not prevent Aunauthorized people gaining access to it but, rather, ensures that they cannot understand what they see. Cryptography has become one of the main tools for privacy, trust, access control, electronic payments, corporate security, and countless other fields. We should be able to make full use of cryptography in our lives in modern society. Encryption is a process of encoding a message so that its meaning is not obvious. Decryption is the reverse process are transforming an encrypted message back to its normal form. The
original message is called a plain text and the encrypted message is called the cipher text. The terms encode and decode or encipher and decipher are used instead of the verbs encrypt and decrypt. More specifically, encoding is the process of translating entire words or phrases to other words or phrases, while enciphering is
translating letters or symbols individually. Encryption covers both encoding and enciphering.

Lecture 8

wanjr — Thu, 29 Oct 2009 10:00:01 +0000

Infrastructure mode have 3 mode. First Basic Service Set (BSS) mean one access point. The second, Etended Service Set mean two or more BSSs forming a single subnet. The third one Most corporate LANs in his mode. While Ad-hoc mode have 3 thing also called peer-to-peer, Independent Basic Service Set and Set of 802.11 wireless stations that communicate directly without an access point (Useful for quick & easy wireless networks)

Lecture 7

wanjr — Sat, 03 Oct 2009 01:24:35 +0000

Topic that have been cover for this chapter is

I can learn about security in application. First about what is an e-mail ? An e-mail is a message made up of a string of ASCII characters in a format specified by RFC 822. There are tTwo parts, separated by blank liner first the header sender, recipient, date, subject, delivery path, and so on, the second one, the body containing the actual message content.Then about MIME stand for Multipurpose Internet Mail Extensions. It is extends the capabilities of RFC 822 to allow e-mail to carry non-textual content, non-ASCII character sets, long messages. IT uses extra header fields in RFC 822 e-mails to specify form and content of extensions. Then about HTTPSstand for Secure Hypertext Transfer Protocol. HTTPS is a communications protocol designed to transfer encrypted information between computers over the World Wide Web (WWW). Essentially an implementation of HTTP. We learn also about E-mail security threats and threats enabled by E-mail. Finally about biometric conclusions. Biometric technology has great potential. There are many biometric products around, regarding the different biometric technologies.Shortcomings of biometric systems due to manufacturers ignorance of security concerns, lack of quality control and standardisation problems

Lecture 6

wanjr — Sat, 03 Oct 2009 01:11:20 +0000

Topic that have been cover for this chapter is

I can learn about about internet security. It means when there are more than one processors connect to each other and connected, we must have a few of resources such as computers, programs, people, processes and operating system. So computer and users are connected to network by using layers and protocols. Connection can be develop as LAN, MAN OR WAN by creating network topology such as bus topology, star topology or network topology and many more.