FIRST... Filter By Tags

Admin FA14 Humor News Resource Videos

Equipment for Sale

If you are in the market for networking equipment, take a look at this list of items and see Derek for more information.  While Packet Tracer is an incredible and worthwhile tool, nothing beats hands on with the actual devices.

Sr. No. Equipmment List Qty. Used New
1 Cisco 2620 with 10/100TX and WIC 1 x  
2 Cisco 2620 with no LAN/WAN card 1 x  
3 Cisco 2610 with 10/100TX and WIC 1 x  
4 Cisco WS-3550-24 FX SMI 1   x
5 Cisco Aironet AP 350 3 x  
6 Cisco AIR-1231G-A-K9 3   x
7 Cisco WS-C3524-XL-EN 2 x  
8 Cisco WS-C2924-XL-EN 1 x  
9 Cisco WS-C3524-PWR-XL-EN 1   x
10 Cisco WS-C3524-PWR-XL-EN 1   x
11 Cisco WS-3550-48-EMI 1   x
12 Cisco 1720 router 2 x  
13 Cisco CAT5509 with 3 WS-X5224 + 2 sup modules 1 x  
14 Nokia IP  330 Firewall 3 x  
15 Nokia IP  440 Firewall 2 x  
16 Netscreen 10 Firewall 1 x  
17 Zyplex MaxServer - 1620-20TX 11 x  
18 Bay Networks 350T 1 x  
19 Bay Networks 450T 2 x  
20 Bay Networks ARN-1 2 x  
21 Fore Systems ES-1200 3 x  
22 Fore Systems/Marconi Communications Accelar-1200 4 x  
23 Fore Systems/Marconi Communications ES2810 1 x  
24 Fore Systems/Marconi Communications ESX-24-24TX+2OC12-MM 1 x  
25 Fore Systems/Marconi Communications ASX-2008X 2 x  
26 Fore Systems/Marconi Communications Power Hub-7000 1 x  
27 Fore Systems/Marconi Communications ASX-1000 1 x  
28 Fore Systems/Marconi Communications ESX-NAC-1 2 x  
No comments:
Labels: , , , ,

How Encryption Works

http://computer.howstuffworks.com/encryption3.htm



Public Key Encryption

One of the weaknesses some point out about symmetric key encryption is that two users attempting to communicate with each other need a secure way to do so; otherwise, an attacker can easily pluck the necessary data from the stream. In November 1976, a paper published in the journal IEEE Transactions on Information Theory, titled "New Directions in Cryptography," addressed this problem and offered up a solution: public-key encryption.
Also known as asymmetric-key encryption, public-key encryption uses two different keys at once -- a combination of a private key and a public key. The private key is known only to your computer, while the public key is given by your computer to any computer that wants to communicate securely with it. To decode an encrypted message, a computer must use the public key, provided by the originating computer, and its own private key. Although a message sent from one computer to another won't be secure since the public key used for encryption is published and available to anyone, anyone who picks it up can't read it without the private key. The key pair is based on prime numbers (numbers that only have divisors of itself and one, such as 2, 3, 5, 7, 11 and so on) of long length. This makes the system extremely secure, because there is essentially an infinite number of prime numbers available, meaning there are nearly infinite possibilities for keys. One very popular public-key encryption program is Pretty Good Privacy (PGP), which allows you to encrypt almost anything.

 The sending computer encrypts the document with a symmetric key, then encrypts the symmetric key with the public key of the receiving computer. The receiving computer uses its private key to decode the symmetric key. It then uses the symmetric key to decode the document.

To implement public-key encryption on a large scale, such as a secure Web server might need, requires a different approach. This is where digital certificates come in. A digital certificate is basically a unique piece of code or a large number that says that the Web server is trusted by an independent source known as acertificate authority. The certificate authority acts as a middleman that both computers trust. It confirms that each computer is in fact who it says it is, and then provides the public keys of each computer to the other.
No comments:
Labels: , , , ,

Let’s check out an IPv6 header

Let’s check out an IPv6 header.

with one comment
 
I touched on the IPv6 addressing scheme a few weeks ago before and I wanted to continue the trend into a few more IPv6 related posts but that last IPS post spiked my interest, so I had to publish that one. Now we know the addressing scheme is different in IPv6 but what about the packet format? Obviously the packet headers will be larger because the source and destination addresses within that header are now 128 bits but let’s see what else we have in the IPv6 header:
 
IPv6 Packet Header
 
Now that doesn’t look too intimidating right? I think that looks a little simpler compared to the IPv4 packet header. Now let’s see what we got going on here:
  • Version: This field is in an IPv4 packet and simply tells us what version of IP we are running. Since this is an IPv6 packet it’s going to have a value of 6
  • Traffic Class: This is the equivalent of the DiffServ/DSCP portion of the IPv4 packet which carries the QoS markings of the packet. Just like in IPv4 the first 6 bits are designated for the DSCP value, and the next 2 bits are for ECN (Explicit Congestion Notifications) capable devices.
  • Flow Label: This field is 20 bits long and is defined in RFC 6437, I’ll admit finding information about the flow label is tough, but the RFC state this field could be used as a ‘hash’ for the routing devices look at and make forwarding decisions based on the field’s value. Its intention is for stateless ECMP (Equal Cost Multi-Path) or LAG mechanisms, but we will have to see how different vendors implement this feature. I’d take guess that IPv6 CEF will use the flow label, but I’ll have to wait and see.
  • Payload Length: Specifies the size of the data payload following the IPv6 header. 
  • Next Header: This field is 8-bits and specifies the layer 4 transport protocol which follows the IP header. These values are hex format as well, you’ll notice ICMPv6 has a value of 0x3a, IPv6 protocol numbers use the same numbers that were used in IPv4. IANA’s list of protocol numbers can be found here.
  • Hop Limit: This is also an 8-bit field and replaces the TTL field that was in the IPv4 header. Each hop decrements the hop limit value by 1 and when the hop limit reaches Zero the packet is discarded.
  • Source/Destination: This should go without saying but it tells you the source IPv6 address of the packet and the destination IPv6 address this packet is destined to. As you would expect both of these field are 128-bits each.
So there is a snappy run down of the IPv6 IP Packet header, I think it is actually simpler than the IPv4 IP packet headers but don’t tell that to a Cisco router. Remember these packet headers are considerably larger than their IPv4 counterparts so it takes more processor power to process IPv6 packets which is not a problem for the ISR G2’s we have todays but it is something you might want to keep in mind when run IPv6 on older hardware.
Now back to CCIE: R/S Labbing I go!
No comments:
Labels: , , , ,
Subscribe to: Posts (Atom)

Do You Have A Problem? :)

technically speaking, that is :)