Monday, February 28, 2011

Does port forwarding create security risk?

Yes and no.

Yes, because if you forward the port to your PC and an application is sitting on your PC listening with that port then you have to trust that that application is written well and has no exploits. However, there are always software bugs and instances of such exploits is not uncommon.

No, because if you forward a port to your PC and the application isn’t open then the port is not open on your PC.
Or if the application is open on your PC and listening on that port and it’s a well written application then there’s nothing a hacker can do to abuse the port.

To clarify. If you open port 50000 on your router and tell it to go to your PC then any request from the internet to your router over 50000 gets forwarded to your PC. If you have no application or service listening on 50000 then the packet goes no further. If you have an application listening on that port (say uTorrent or Azureus) then the data gets passed to the application. If it’s valid uTorrent or Azureus traffic then the application works on the data. If it’s not valid, the application ignores it. In some cases hackers can write packets to go to your application that exploit a bug or security problem to cause the application to crash or do stuff you don’t want. In those cases you get patches or updated applications. Web servers suffer from this a lot because of the amount of features (and crappy programmers). I haven’t heard of torrent programs being exploited yet.
In business environments, because of this, generally if a PC has ports open to the internet then it’s in a DMZ (segregated network) as it’s never trusted.
In a home environment you’re not likely to have seperate PCs or networks for this security. The software firewall helps because if a hacker does manage to send traffic through to your PC and compromises your application then the software firewall may stop the PC from communicating back out to the internet if they’re doing it over a different port.
Looking at that, I see it’s a bit complicated. So short answer. You can forward a couple of ports to your PC for torrents reasonably safely. Use a software firewall too and a virus checker. And check for updates to your torrent application regularly as they may include security fixes.

Saturday, February 26, 2011

fever worldcup

The Silent Indian National Anthem

Heart touching silent Indian national anthem

Ahmedabad's 600th birthday

Ahmedabad to celebrate 600 years of existence

Population: 4.5 million
Area: 205 sq Km
Languages: Gujarati, Hindi and English
Best Time to Visit: Winters
STD Code: 079
 

AHMEDABAD: One of the oldest city of the country from where Mahatma Gandhi spearheaded the Indian freedom movement will be entering 600th year of its existence in a big way from next week.

In the last six centuries city has seen many ups and downs and has developed into a mega-city which is at heart of Gujarat state's development.

The Ahmedabad Municipal Corporation (AMC) plans to have year-long celebrations for the city's 600th anniversary bash which was founded by Ahmed Shah in 1411.

"We plan to have many events through out the year to mark the 600 year of this historic city," AMC Deputy Commissioner, Dileep Mahajan said.

"The celebrations will begin on February 26, which is the day when the foundation of the city was laid by Ahmed Shah six centuries ago. A city-run has been organised inside the walled city followed by some cultural programmes," he said.

"City's artists, historians, industrialists and various leaders have promised their support and cooperation for the celebrations," City Mayor Kanaji Thakore said.

He said that he already had meeting with some of the well known personalities of the city who have suggested various ways for celebrating the heritage of the historical city. 

The Ahmedabad Municipal Corporation (AMC) has set aside Rs 50 lakh for the year-long celebrations to mark 600 years of the foundation of the city. That’s exactly the amount Ahmed Shah spent way back in 14th century to build the entire city. The town planing of old Ahmedabad, especially the pols, resembles that of Patan, the original capital of Ahmedshah Badshah. He spent Rs 50 lakh to build Ahmedabad. He came to the city with 3,200 camel, 800 elephants, 600 canons, 1,600 carts. The strength of his infantry was 1,00,000.

A five-member committee has been constituted to monitor preparations for the celebrations. AMC Standing Committee Chairman Asit Vora said: “This year, the city will complete 600 years and the state 50 years of its inception. We will try to make people aware of the glorious history of the city during the grand celebrations.” Run for Ahmedabad will be a part of the celebrations. AMC will set 600 questions pertaining to the city’s history.


















26th February 2010 celebration:



Life In Ahmedabad:



Ahmedabad Live In Action:



AHMEDABAD:

Diff Bet Internal, External, Public, Private, Static and Dynamic IP address.

When you want to connect to your DVR remotely, you will need to use either the internal or the external IP address. This will be determined by whether you are accessing the DVR from inside the network or from outside the network. If you are accessing the DVR from inside your network then you will use the internal IP address. The internal IP address will usually begin with 192.168.XX.XXX . No port number would be used since you are connecting internally. The internal IP address can usually be found in your DVR under network settings.

To access your DVR from outside the network, you will need to use an external IP address followed by the port number to identify the DVR (unless you put the DVR on port 80). An external IP address is the IP address used to connect to your router. The port number will identify the individual device inside the network you wish to access. So an external IP address would not have 192.168 in the beginning but it could be anything else. An external IP address would be entered as XXX.XXX.XXX.XXX:port#

Private IP addresses exist to save on the limited number of available public IP addresses. There are actually 4 ranges of private addresses: 10.0.0.0 to 10.255.255.255 when you need a lot (16,000,000+) of addresses in your internal network; 172.16.0.0 to 172.31.255.255 when you need up to a million or so; and 192.168.0.0 to 192.168.255.255 or 169.254.0.0 to 169.254.255.255 when you only need up to 254 addresses. These addresses must exist behind a router or gateway, not on the live Internet. 

The real genius of these private IPs is that you can get one IP from your ISP (let's say 205.20.2.105), and your router / gateway basically splits that into however many internal (private) addresses you need.

A public IP address makes your equipment accessible to everyone on the internet and is needed for VoIP or if you want to give others to access to specific equipment on your network. You must therefore be careful to protect your equipment from hackers and viruses and not to allow your equipment to be hi-jacked and used as an open email-relay, for example. A private IP address is for private use within the network and allows many more PCs to be connected. If a customer is using a private IP and later wants VOIP they would need to change to a public IP address.
 
A static IP is one that will never change. A dynamic IP is exactly that, dynamic. It could change frequently, or not change for more than 1 year. It really depends on how the DHCP server that’s assigns the IPs is set up.
 

Friday, February 25, 2011

TrAgeDies [fun]

:------------------------------------ 

 tragedy in boys life..
 

-good girls are not good looking
-good looking are not good girls
-good looking and good girls are not single


:------------------------------------

=- TRAGEDIES OF GIRLS LIFE -=-

1- Good Boys R Not Good Looking =P

2- Good Looking Boys R Not Good Boys =D

3- Good Looking Boys R Not Single =S

4- Good Looking, Good N Single Boys R Not Interested In This Stupid Stuff ... =P



:------------------------------------


biggest tragedy of youth

girls are very good selectors but not "good lovers" !

boys are very good lovers" but not "good selectors"


:------------------------------------ 

Thursday, February 24, 2011

HTTP v/s HTTPS v/s S-HTTP

This may sound silly to technophiles, but plenty of people don’t understand how secure Web sites work.
People often ask how they can shop on a Web site, giving out personal information, and feel even remotely safe? After all, you’re sending identifying data, without guide or guard, into the vast expanse of cyberspace. Expecting your data to arrive at the right place at all, let alone safely, seems like putting your faith in a miracle. How does it work? The secret lies in a trusted third party and good encryption.
The HyperText Transfer Protocol is an application layer protocol, which means it focuses on how information is presented to the user of the computer but doesn’t care a whit about how data gets from Point A to Point B. It is stateless, which means it doesn’t attempt to remember anything about the previous Web session. This is great because there is less data to send, and that means speed. And HTTP operates on Transmission Control Protocol (TCP) Port 80 by default, meaning your computer must send and receive data through this port to use HTTP. Not just any old port will do.
Secure HyperText Transfer Protocol (HTTPS) is for all practical purposes HTTP. The chief distinction is that it uses TCP Port 443 by default, so HTTP and HTTPS are two separate communications. HTTPS works in conjunction with another protocol, Secure Sockets Layer (SSL), to transport data safely. Remember, HTTP and HTTPS don’t care how the data gets to its destination. In contrast, SSL doesn’t care what the data looks like. People often use the terms HTTPS and SSL interchangeably, but this isn’t accurate. HTTPS is secure because it uses SSL to move data.

Going Through the Process

With HTTP, you sit at your browser and interact with data. HTTP’s job is to present that data to you, and browsers are the means of doing so. Mozilla’s Firefox browser, for example, understands HTTP instructions and arranges the data as the site’s designer intended. The browser knows what to do when you click. It uses HTTP to do this. But HTTP cannot do much beyond that. How the data travels from Point A to Point B, or even if it travels at all, is none of HTTP’s concern. This is a great compromise if you want speed and elegance and couldn’t care less about security. One does not require security to view BizTech’s latest online articles, for instance.
With HTTPS, the story is quite the same. But when security is a must, HTTPS differentiates one sender and receiver from another. SSL takes the data, going or coming, and encrypts it. This means that SSL uses a mathematical algorithm to hide the true meaning of the data. The hope is that this algorithm is so complex it is either impossible or prohibitively difficult to crack. 
The encryption begins when the owner of the Web site purchases a time-sensitive certificate from a trusted certificate authority such as VeriSign. You can get a certificate anywhere, or even make your own, but is it trusted? Your browser will let you know. This certificate is a security code created specifically for that one user, or even for that one Web site. The code is so complex that no one else on Earth should have a duplicate.
Getting a certificate can be an involved task. All types of information must be recorded so the issuer of the certificate can be a reliable authority on the certificate’s owner. Information that must be provided includes the name of the site and even the name of the server that hosts the site. Complexity makes counterfeiting incredibly difficult.
This makes the issuer a trusted third party. When your browser sees the secure Web site, it uses the information in the certificate to verify that the site is what it claims to be. Browsers commonly indicate security by presenting a picture of a shiny closed lock at the bottom of the screen. This process is not always perfect because of human error. Maybe 53.com is a valid banking site, but 53RD.com is not. We call that phishing. Unscrupulous people phish for careless people. So be cautious. After the identity of the Web site is accepted, the encryption is negotiated between the browser and the Web server, and the data is all but locked up tight.
Knowing the difference between HTTP and HTTPS can help users buy with confidence and help businesses get started in electronic commerce.

S-HTTP is an extension of the HTTP (HyperText Transfer Protocol) that permits the secure exchange of files on the World Wide Web. EIT (Enterprise Integration Technologies) developed S-HTTP in 1999 to provide a secure communication between an HTTP client-server pair. S-HTTP is awaiting approval as a standard from the IETF (Internet Engineering Task Force).
An S-HTTP file is encrypted or it contains a digital certificate (an electronic credit card), or both. It provides secure communication between an HTTP client-server pair in order to enable spontaneous commercial transactions. For example, when you purchase something online, and you are asked to provide a credit card number, the URL (uniform resource locator) at the top of the screen should change from http:// to https:// or shttp://. The ‘s’ lets you know a security system is in place.
This protocol is an alternative to the SSL (Secure Sockets Layer) security protocol. The difference between the two protocols is that S-HTTP can authenticate a user while SSL authenticates a server. You can use S-HTTP, for example, in situations where the server represents a bank and requires authentication from the user that is more secure than an ID number or word and password.
S-HTTP does not use any single encryption system, but it does support the Rivest-Shamir-Adleman public key infrastructure encryption system (an Internet encryption and authentication system). Popular Web servers support both S-HTTP and SSL, as do newer browsers.
So basically what it is Secure Hypertext Transmission Protocol (SHTTP) is a more advanced version of HTTP, basically using document encryption. HyperText Transmission Protocol Secure/Security (HTTPS) is normal HTTP over SSL, which uses a private key to encrypt the data. 

ganesh mobile wallpapers



Help Me Improve...
Send me suggestions...
devharshtrivedi@yahoo.co.in
facebook.com/devharsh