Something Non-IT just for relaxation + as a change

                                                                                                                                      Figure 1

‘Towser’ the Killer Cat (Guinness world record holder)

Name          : Towser     

Birth           : 21/Apr/1963                                                

Death          : 20/Mar/1987                                                            
                                                                                                                                                                        
Service       : 24 Years

Record       : Biggest mice killer in the world (28,899 mice)

Towser was a long-haired Tortoise shell breed female cat who holds the official Guinness world record for killing most number of mice. It is calculated that Towser has caught about 3 mice daily during her life time. The auditors for the Guinness book of records observed Towser's expertise over a number of days and her total kill count was estimated statistically. Towser was lived in Scotland and offered her generous service for Glenturret Distillery. Refer Figure 2         

                                 

                                                                            Figure 2 

Distilleries often keep cats on their premises because mice like to eat the barley that is used for making whiskey. And also it is reported that Towser had laid her victims out on the Still House floor each morning to be inspected by the stillman.

After the death of Towser, she was commemorated by Glenturret Distillery by putting up a bronze statue of her at visitor’s centre and her story was telecasted in BBC children’s program, ‘Blue Peter’. Refer Figure 3. Her paw prints also decorate the label on a bottle of Fairlie's light Highland Liqueur

                                                                            Figure 3

It can be guessed that all mice in Scotland must had celebrated the death of their enemy in grand scale.

References

[1] Glenturret Distillery, Wikipedia, viewed 12 Oct 2010, < http://en.wikipedia.org/wiki/Glenturret_Distillery>

[2] Puss Idol hunt for distillery cat, 2005, BBC News, viewed 12 Oct 2010,

[3] OMG Facts, viewed 12 Oct 2010, < http://www.omg-facts.com/search.php?type=article&text=towser >

‘Figure 1’[image] Puss Idol hunt for distillery cat, 2005, BBC News, viewed 12 Oct 2010, < http://news.bbc.co.uk/2/hi/uk_news/scotland/4596611.stm >

‘Figure 2’[image] Glenturret Distillery, Wikipedia, viewed 12 Oct 2010, < http://en.wikipedia.org/wiki/Glenturret_Distillery>

‘Figure 3’[image] viewed 12 Oct 2010, < http://www.cuillinn.com/Towser.jpg >

Please feel free to comment on this if you liked it. Refer previous post on how to comment a post

Did you know these???

Bluetooth

                                                                                                                                           Figure 1                   Bluetooth is an open wireless technology for transferring data over shorter distances (up to 100m). It creates Personal Area Networks (PANs). It was created by Sweden based telecom company Ericsson in 1994 which was originally used as a substitute for RS-232 (Serial) data cables. An adhoc group of up to 8 Bluetooth devices (1 master + 7 slaves) is called as a ‘Piconet’. Today Bluetooth is managed by ‘Bluetooth Special Interest Group’. [1, 2]

The aim of this mini article is to reveal the secret behind Bluetooth’s logo. The word Bluetooth is an anglicised version of ‘Blatand’ in Danish. It was the epithet of kink Herald I of Denmark and parts of Norway who lived in 10th century. He united Danish tribes into a single kingdom who were apart from each other. Same logic applies in Bluetooth in a way that uniting several communication protocols together forming a universal standard.

Bluetooth logo is a bind rune (aggregation of letters) merging two letters of Younger Futhark alphabet which were initials of King Herald (Hagall + Bjarkan). [1] Refer Figure 2.

Figure 2

References

[1] Bluetooth, Wikipedia, viewed 7 Sep 2010, < http://en.wikipedia.org/wiki/Bluetooth >

[2] Piconet, Wikipedia, viewed 7 Sep 2010, < http://en.wikipedia.org/wiki/Piconet >

[3] ‘Figure 1’[image] in admin, 2009, ‘B for communication’, DAVENG WRITES, viewed 7 Sep 2010, http://davengwrites.com/


Cisco & Tsunami

Cisco’s legacy wireless access points’ default SSID was ‘tsunami’. Refer Figure 1. From Cisco IOS Release 12.3(7)JA , there is no default SSID. [1, 2]

                                                                                Figure 1
References

[1] Cisco IOS Software Configuration Guide for Cisco Aironet Access Points, 12.2(15)JA, Cisco Systems, viewed 7 Sep 2010, < http://www.cisco.com/en/US/docs/wireless/access_point/12.2_15_JA/configuration/guide/s15ssid.html >

[2, Figure 1] Cisco IOS Software Configuration Guide for Cisco Aironet Access Points 12.3(7)JA, Cisco Systems, viewed 7 Sep 2010, < http://www.cisco.com/en/US/docs/wireless/access_point/12.3_7_JA/configuration/guide/s37ssid.html >

Systems Administrator's Song

A tribute to all Sys Admins out there !!!!



Do not forget to comment on your favourite posts as described in a previous post.

Wi-Fi Myth Busters Series – Episode 4

                                                                                                                                                                Figure 1

Myth # 8 : Wireless IDS is needed to prevent rogue access points.

It is true that IDS (Intrusion Detection Systems) can identify 802.11a/b/g rogue APs. But it is not smart when detecting non 802.11a/b/g rogue APs which uses 900MHz and/or FHSS. Apart from those legacy technologies, latest Bluetooth and MIMO (802.11n draft) also can be taken. Although some wireless IDS vendors produce products which can detect such non standard APs, it is hard to identify them comprehensively. IDS blocks rogue APs in DoS method (Denial of Service) too by de-authenticating/disassociation of RAPs and their associated stations. This method is not successful because Wi-Fi adapters can have its drivers configured to ignore disassociation requests.

Some other vendors shut down the wired switch port that the RAP is connected to. This is unsuccessful too as if RAP is configured with encryption and authentication (even WEP) will not allow wireless IDS to send message to wired portion of network.

             Figure 2

As a perfect solution, wired 802.11x authentication (EAPOL – EAP over LAN) which blocks access on every port can be taken. When 802.11x is configured, network access is denied until a device authenticates as a supplicant with an authenticator (mostly RADIUS). If a company has the above mentioned structure already, wireless devices can be integrated into it easily. And also 802.1x authentication negotiates an encrypted key which prevents intruders spoofing MAC addresses as they don’t have the secure key. So answer for this myth is clearly “No it is not.”

Read more about 802.11x here.

Myth # 9 : A wireless IDS is not necessary if other rogue AP prevention measures are in place.

Even though this myth was busted in previous point, still there are some needs to use IDS. Most administrators do not go for IDS as it is very expensive and only few people know what all the things an IDS can do. Actually IDS can provide troubleshooting and optimization features such as location tracking, remote packet captures and RF interference levels analysis. Those ways can be beneficial for an administrator to handle this Rogue Access Points pain centrally without going here and there gathering information. So in this way it is clear that IDS can do a better service in performance optimization and troubleshooting more than security.

References

Miller, B & Hill, G 2006, ‘Eleven Myths about 802.11 Wi-Fi Networks’, Expert Reference Series of White Papers , 18 August, pp. 7-8, Global Knowledge Training LLC., viewed 05 September 2010

‘Figure 1’ [image] in 2009, ‘The second day of the School on Low Cost Wireless’, school2009, viewed 05 September 2010, http://wireless.ictp.it/groups/school2009/wiki/8d8fe/Group_Two's_-_Day_Two.html

‘Figure 2’ [image], KBR Wireless, viewed 05 September 2010, http://kbrwireless.com/hardware/80211x.htm

The previous episode of this series has been posted on 24th Aug 2010 which can be found easily in here. If you enjoyed this article, please leave a comment as described in previous week.

Wi-Fi Myth Busters Series – Episode 3

                                                                                                                                 Figure 1                  Myth # 6 : Captive Portals are an effective ways to prevent unauthorized users

When WPA/WPA2 cannot be used, some organizations such as airports, hotels, shopping malls and universities tend to go for captive portals for authentication. It restricts access until a user authenticates through a web interface. Refer Figure 2. Actually, captive portals provide Layer 2 security which means it places authenticated users’ MAC addresses in a pool of authorized MAC addresses until users log off. So it can be considered as a dynamic MAC filter. But, how many utilities are there in market to spoof MAC addresses? So is it safe as people think?

Asiri’s Experience : When I was doing our rogue access point detection project, I could change MAC of my laptop easily using ‘ifconfig wlan0 hw ether 00:XX:XX:XX:XX:XX’ .

                                                                            Figure 2

As WPA/WPA2 is very common in most wireless devices, best solution is to go for it with a personal passphrase. Even though some security flaws are there with WPA, of course it is more secure than a captive portal.

Myth # 7 : Disabling SSID broadcast may protect network from intruders.

By disabling SSID broadcast, it stays hidden from users and whenever a user wants to connect, he has to enter parameters manually rather than auto detecting. When devices are connected to access point, they constantly probe for other networks with same SSID for roaming purposes. The response from AP’s are sent in clear text surprisingly and unfortunately.

Asiri’s Experience : I could reveal hidden SSID networks by using Kismet wireless sniffer within few seconds. Kismet is not the only tool which can be used for that task.

So moral of the story is SSID is hidden as long as network is dead.

References

Miller, B & Hill, G 2006, ‘Eleven Myths about 802.11 Wi-Fi Networks’, Expert Reference Series of White Papers , 18 August, pp. 5-6, Global Knowledge Training LLC., viewed 23 August 2010

‘Figure 1’ [image] in 2009, ‘The second day of the School on Low Cost Wireless’, school2009, viewed 23 Aug 2010, http://wireless.ictp.it/groups/school2009/wiki/8d8fe/Group_Two's_-_Day_Two.html

‘Figure 2’ [image],‘Captive Portal Guideline’, Wireless LAN service in UM, viewed 23 Aug 2010, http://ictoinfo.umac.mo/wireless/portal.html

The previous episode of this series has been posted on 16th Aug 2010 which can be found easily in here.

Please support to keep your favourite blog live and rich with contents !!!

It would be very helpful if you give your feedback for any post or about this blog using any of the following methods ;

1. - Post a comment by clicking on "x comments" link under each and every post
2. - Follow using your gmail account. Use the "Followers" panel at the right side of blog.
3. - Follow using Twitter. Use the "Twitter Updates" panel at the right side of blog
4. - Directly contact Asiri by email  support@asirirajapakse.com

Your feedback may help Asiri to post more valuable articles fine tuned as per your choices. Thank You for visiting Asiri's Blog.

Have you ever used /, + and – IOS commands in a router?

These commands are similar to last week’s ‘|’ command, but these can be used to parse output several times in a single show command. This is very handy in situations where you have to search for a particular portion of text in a lengthy output.

/   : Displays output from the next entry of search text

+   : Displays lines of output which contains search text

-   : Displays lines of output which does not contain search text

Examples

Sh run --> /bgp         = Output starting from “bgp”

Sh run --> +interface = Output lines containing “interface”

Sh run --> -line          = Output lines without “line”

As usual, keep in touch with ‘Asiri’s Blog’ for more cool tutorials and tips like this. Do not forget to follow this using your Google account and comment as well.

Bill Gates' Last Day at Microsoft

This time it is well known Bill Gates. May this become a tribute for the great man who spent his last full time day at Microsoft Corporation on 27 June, 2008. Now he serves as 'non-executive' chairman while Steve Ballmer acts as CEO since January 2000. [1,2]



References

[1] Bill Gates, Wikipedia, viewed 16 Aug 2010, < http://en.wikipedia.org/wiki/Bill_Gates >

[2] Steve Ballmer, Wikipedia, viewed 16 Aug 2010, < http://en.wikipedia.org/wiki/Steve_Ballmer >

As always, stay tuned with Asiri's Blog and feel free to comment on any post which you find interesting ...

Wi-Fi Myth Busters Series – Episode 2

                                                                                                                          Figure 1

Myth # 5 : Even with 802.11i (WPA2), there is a need of VPN still in order to provide enterprise level security to a wireless network.

IPSec and SSL VPNs are famous solutions to protect networks linked with WAN connections. So people may choose same to protect their wireless networks too. WPA fixed flaws of WEP by introducing TKIP and 802.1x/EAP or WPA-PSK as secure authentication methods. Unfortunately, TKIP is based on same cipher as WEP (RC4). When WPA2 was released it came with CCMP (Counter Mode CBC-MAC Protocol) encryption. The cipher used in CCMP is AES which is considered as strongest among IPSec VPNs. The end result is WPA2 provides same strong encryption as IPSec VPNs.

But WPA-PSK and 802.1X/EAP-LEAP authentications are both vulnerable to brute force attacks surprisingly. Even though vulnerable WPA2 authentication methods do exist, some secure methods are there too such as EAP-TLS, EAP-TTLS or PEAP which keeps credentials securely using tunnelling similar to SSL. Like that it satisfies WPA2 Enterprise Standards. WPA2 Enterprise secures the wireless link in Layer 2 but if consider about layer 3 technologies such as IPSec to protect it too, it would become less scalable and manageable.

So this myth also can be taken as partially correct.

References

Miller, B & Hill, G 2006, ‘Eleven Myths about 802.11 Wi-Fi Networks’, Expert Reference Series of White Papers , 18 August, pp. 4-5, Global Knowledge Training LLC., viewed 15 August 2010

‘Figure 1’ [image] in 2009, ‘The second day of the School on Low Cost Wireless’, school2009, viewed 15 Aug 2010, http://wireless.ictp.it/groups/school2009/wiki/8d8fe/Group_Two's_-_Day_Two.html

The previous episode of this series was posted on 8th Aug 2010 which can be found easily in this blog.To be continued…

Have you ever used | (Pipe) IOS command in a router?

This is a really cool way to filter text in output commands of Cisco routers. Please note that expressions you type with | commands are case sensitive (Typing serial0/1 instead of Serial0/1 will not work). In this tutorial a Cisco 3640 router has been used. Some | commands are not available in some routers depending on IOS version and model.

Type ‘show run | ?’ in order to see what are the available commands. Refer figure 1.

                                                                          Figure 1

Following ‘show run’ output has been used to explain commands ‘append, begin, redirect, section and tee’. Refer figure 2

                                                                              Figure 2

Append

This command can append an output of a show command into an existing file somewhere (ex: ftp, nvram). Give command ‘sh run | append ?’ to see what are the supported formats. Then issue ‘sh run | append '<'path to existing file'>'’. Refer figure 3

                                                                             Figure 3

Begin

This command can display an output starting from the given expression in it. As an example, if you want to display all lines after ‘Serial’ in show run output, command should be issued as ‘sh run | begin Serial’. Again remember that expressions are case sensitive. Refer figure 4

                                                                                   Figure 4

Tee

This command is similar to ‘append’ command but this creates a new file in given destination. Give command ‘sh run | tee ?’ to see what are the supported formats. Then issue ‘sh run | tee '<'path to new file'>'’. And also output is displayed on console at the same time. Refer figure 5

                                                                              Figure 5

Redirect

This command is similar to ‘tee’ command but output is not displayed on console at the same time. Give command ‘sh run | redirect ?’ to see what are the supported formats. Then issue ‘sh run | redirect '<'path to new file'>'’. Refer figure 6

                                                                             Figure 6

Section

This command can display a particular section of a show command. As an example, the section which is relevant to an interface in show run output can be viewed with ‘sh run | section '<'Interaface name'>'’. Refer figure 7

                                                                               Figure 7

The following ‘show ip route’ output has been used to explain commands ‘include and exclude’. Please note there are 2 ‘BGP’ routes and 3 ‘Connected’ routes in figure 8.

                                                                                Figure 8

Include

This command can display lines which include the given expression. As an example ‘sh ip ro | include B’ may filter out and display all BGP routes. Again remember that expressions are case sensitive. Instead of characters you can use numbers such as IP addresses too. Refer figure 9

                                                                             Figure 9

Exclude

This command can display lines which does not include (exclude) the given expression. As an example ‘sh ip ro | exclude B’ may filter out and display all routes except BGP routes. Again remember that expressions are case sensitive. Refer figure 10

                                                                               Figure 10

Hope you learned something new and valuable today. Make sure you practice them in order to learn where to apply correctly.

As usual, keep in touch with ‘Asiri’s Blog’ for more cool tutorials and tips like this. Do not forget to follow this using your Google account and Twitter as well.

"Geek Rap" of the week - 2

This time only one intern. Really funny and creative !



Stay tuned.......!!!

Wi-Fi Myth Busters Series – Episode 1

                                                                                                                            Figure 1
Myth # 1 : Wi-Fi stations are vulnerable to attacks just by leaving their Wi-Fi adapters enabled.                  

It is correct partially. Unknown Wi-Fi device drivers may be present which leads to such attacks. And if the end user is so dumb and careless, it is possible as well. (Common factor with any kind of attack – user unawareness)

But, to communicate with another machine, Data Link connectivity (Layer 2) must be operational. So it is impossible for an attacker to gain peer-to-peer access without establishing Layer 2 connectivity first.                                               

Myth # 2 : Isolated stations are vulnerable to “Rogue Access Points” and already associated stations are secretly hijacked by “Rogue Access Points”.

Both cases are correct partially. Specifically, unassociated stations which are controlled by client side Wi-Fi utilities and maintaining a ‘Preferred Networks List’ are vulnerable. If the attacker throws an AP (Access Point) with a non-encrypted SSID which is in station’s 'Preferred Networks List', station will connect to that attacker.

Asiri’s Experience : This Rogue Access Points topic was a hot topic during my masters’ final group project period. If I add something more to above paragraph, an already associated station is vulnerable if RAP’s (Rogue Access Point) signal strength is higher than the legitimate AP’s signal strength. And also to attack successfully, end station’s Wi-Fi adapter should be restarted and re-associated with its preferred network in the list which leads to connect with RAP. It is tested by my team (Asiri, Roger, Sharan, Prashanth, and Prasad) and the viable solution we came up with can be seen on my ‘LinkedIn’ profile for its registered users.

Other solutions for hijacking attacks.

• Removing all non-encrypted SSIDs from preferred list would work but not practical as it saves such poor configurations automatically whenever user connects with that. 
• A simple but practical solution is disable wireless adaptor when it is not in use. 
• User’s wireless station can be disconnected automatically when it is connected with a wired network by using applications such as “NetOaats”. It can be configured to work in other way around as well (wired --> wireless).                                                                                           Figure 2
• Another state of the art solution is using wireless client isolation security protocols such as Cisco’s PSPF (Public Secure Packet Forwarding). It prevents accessing another machine directly when they are connected with same AP. It is recommended to implement such protocols in free public Wi-Fi hot spots.

Myth # 3 : Stations get connected with ad-hoc (peer-to-peer) Wi-Fi networks with same SSID as an Access Point

It is also partially correct. Beacon frames from APs always indicate whether it is AP based (BSS) or ad-hoc (IBSS) based. So it is impossible to connect like that.

Asiri’s Experience : But, my project team demonstrated it is ‘possible’ to make a peer-to-peer like association with another laptop which runs Ubuntu with wireless card’s mode set to “Master mode”. So laptop itself acted as a rogue “AP” which appeared as a real access point(BSS) in victim’s visible wireless networks list. So it is possible as well. Our solution was smart enough to detect such vulnerabilities as well.

Myth # 4 : Stations connect with any access point in vicinity if their Wi-Fi adapter is left enabled.

Some legacy client utilities had that flaw but modern utilities are smart enough to connect with SSID that are configured with secure parameters in preferred networks list.

Conclusion

Users are vulnerable if following conditions are met;

                                                                             Figure 3

References

Miller, B & Hill, G 2006, ‘Eleven Myths about 802.11 Wi-Fi Networks’, Expert Reference Series of White Papers , 18 August, pp. 2-4, Global Knowledge Training LLC., viewed 8 August 2010

'Figure 1’ [image] in 2009, ‘The second day of the School on Low Cost Wireless’, school2009, viewed 8 Aug 2010, http://wireless.ictp.it/groups/school2009/wiki/8d8fe/Group_Two's_-_Day_Two.html

‘Figure 2’ [image] in Ironic1 2008, ‘Geek Prom - WiFi Ready?’, perfectduluthday, viewed 8 Aug 2010, http://archive.perfectduluthday.com/2008/03/

To be continued… Stay tuned with Asiri’s Blog

Who are the “real” founders of Public Key Cryptography?

                                                                                                                                       Figure 1

In a nut shell, Public-key cryptography uses asymmetric algorithms in communications devices such as computers and mobile equipments to encrypt and decrypt messages. The algorithm on the sender's end uses a code, or key, to encrypt a message, and the recipient uses a different key to decrypt it which relates with the meaning of  “asymmetric."

                                                                                                        

As most people know already, the founders of public key technology are the researchers at Stanford and MIT who discovered it in 1976. More specifically, they are Whitfield Diffie, Martin Hellman, and Ralph Merkle. [1] Later on, their invention was named as “Diffie-Helman Key Exchange”. Although in 2002, Hellman suggested the algorithm should be called as Diffie-Hellman-Merkle key exchange, still it uses without Merkle’s name in most cases. Actually that is not the question. [2]

                                                Figure 2 - Left to Right : Merkle, Hellman and Diffie

In early 1970’s, British researchers named James Ellis, Clifford Cocks, and Malcolm Williamson invented public-key cryptography while working at a British intelligence agency, the Government Communications Headquarters (GCHQ), in Cheltenham, England. But surprisingly they kept it as a secret for nearly 25 years and finally broke the news in 1997. Unfortunately, Ellis died before he could enjoy the public recognition of it.[2]

                                                              Figure 3 - Malcolm Williamson

Even though that story had been revealed for more than 10 years, Diffie, Hellman and Merkle were awarded this year’s (2010) IEEE Richard W. Hamming Medal for invention of public-key cryptography. But in order to respect real owners of that technology, a group of IEEE members from Region 8, nominated the invention by Ellis, Cocks, and Williamson for an IEEE Milestone in Electrical Engineering and Computing, IEEE's 100th. [1]

How to prove first inventors of Public Key Cryptography?

In brief, Ellis came up with that idea but could not proceed because he was not a mathematician. So in 1973, Cocks who was a mathematician was asked to join with him and he had come up with the solution. But his solution was not simple enough to run on computers in that time. So Williamson, who was also a mathematician, had implemented the final solution. [1]

Who are Ron Rivest, Adi Shamir and Leonard Adleman (RSA)?

                                               Figure 4 - Left to Right : Shamir, Rivest and Adleman

They also came up with another ‘independent’ algorithm similar to Ellis, Cocks and Williamson’s scheme when they were at MIT in 1977. It was published in 1978 and became popular as “RSA”. [3]

Summary

1973 - Ellis, Cocks and Williamson came up with initial solution and kept as a secret until 1997. Solution was known as “non-secret encryption”
1976 - Diffie, Hellman and Merkle came up with another similar solution who believed ‘they were the first’ and earned credit for it.
1977 - Rivest, Shamir and Adelman came up with another ‘independent’ solution

Verdict

It is questionable still on who is the real inventor of this technology. Nobody has confirmed ‘officially’ regarding that yet. Most people do not know about this secret too.

References

[1] Bogdanowicz, A. 2010, Cryptography Breakthrough Is 100th Milestone , The Institute, viewed 5 Aug 2010, < http://www.ieee.org/portal/site/tionline/menuitem.130a3558587d56e8fb2275875bac26c8/index.jsp?&pName=institute_level1_article&TheCat=1008&article=tionline/legacy/inst2010/jun10/featurehistory.xml&>

[2] Diffie–Hellman key exchange , Wikipedia, viewed 5 Aug 2010, < http://en.wikipedia.org/wiki/Diffie%E2%80%93Hellman_key_exchange > 

[3] Public-key cryptography, Wikipedia, viewed 5 Aug 2010, < http://en.wikipedia.org/wiki/Public-key_cryptography >

[4] ‘Figure 1’ [image] in 2004, ‘Public Key Cryptography & PGP’ , Treachery Unlimited, viewed 5 Aug 2010, http://www.treachery.net/images/public_key_cryptography_and_pgp.jpg 

[5] ‘Figure 2’ [image] in Prevost, E. 2009, ‘Public Key Cryptography’, EdwardPrevost.info, viewed 5 Aug 2010, http://edwardprevost.info/Blog/2009/10/15/public-key-cryptography/

[6] ‘Figure 3’ [image], ‘Public Key Cryptography (PKC) History’, viewed 5 Aug 2010, http://www.livinginternet.com/i/is_crypt_pkc_inv.htm

[7] ‘Figure 4’ [image] in 2008, ‘Leonard Adleman’, Adleman Portraits, viewed 5 Aug 2010, http://www-history.mcs.st-and.ac.uk/PictDisplay/Adleman.html

"Cisco Rap" of the week

Yes it is Cisco.You got it correctly. Check it out how two interns of cisco rock you !




Stay tuned with 'Asiri's Blog' for more!!!

My literature review on "Data Privacy"

Usage of information communications technologies (ICT) are beneficial in a way that individuals are able to solve their regular problems which are hard and cumbersome. Although ICT provides people with advantages, there can be social and ethical issues revolving around it. Issues may vary depending on purposes of ICT use. It is visible that most of those issues are related with online personal information privacy, accuracy of the information used, intellectual property rights and equal access rights. These mostly ignored issues grow along the time and it has created an opportunity for researchers to dig more deeper and find solutions in order to make the web more safer for online private information by stopping or minimizing the distribution of them. (Kuzu, 2009). In this review, personal information generated by various transactions and privacy problems resulting from the regular usage or sharing of them are addressed in deep in conjunction with legal support and solutions.

If privacy problems divide into two main categories, information reuse and unauthorised access can be taken. Information reuse means company making new uses of collected personal information legally. Unauthorised access violates either laws or corporate policies. Both issues can be harmful for a company in its customer relationships, share holders and regulators. As examples for information reuse, aggregation of data, data mining, new uses and sharing can be taken. It harms company due to incorrect inferences, decisions based on errors, exclusions and intrusions. Apart from reuse, unauthorized access is the most common way of breaching privacy. As examples unauthorised access to personal information and breaking into a system by a hacker can be taken. As well as accessing data from a stolen or unattended computer and failing to dispose sensitive data which leads to chaos can be taken too. (Cuinan & Williams, 2009)

If consider why people need privacy, information privacy can be divided in to three. First category is individuals or professionals who don’t want them selves to reveal their private secrets to public. As an example, a person may not allow anybody to access his medical files. The second category expects some sort of behaviour from co-workers to be protected. As an example, employees should not leave personal information on their desks and photocopier machines by mistake. The control is at their own hands. Finally the third category concerns data that looks non-sensitive but sensitive in reality. As an example, a whole story can be made out of small chunks of information which does not seem harmful picked from different places. In overall, individuals should be extra careful about their privacy at their work places. (Palm, 2009)

So if consider about legal support for this issue, fair information practices are global data protection principles which address privacy issues by defining guidelines. In most countries, fair information practices are implemented through common laws. In USA it is bit different. Laws are tailor made to a specific industry’s needs. As additional legal support for this in USA, Gramm-Leach-Bliley Act (GLBA), Health Insurance Portability and Accountability Act Regulations (HIPAA), Section 5 of the Federal Trade Commission Act, Massachusetts Security Rule (201 CFM 17.00) and Payment Card Security Standard (PCI–DSS) can be taken. (Cuinan & Williams, 2009)


As solutions for privacy leakage, some preventive actions can be taken as follows. When designing office layouts, extra effort should be taken in to account in order to design it in a way which protects employee’s privacy. As examples, not placing seats next to each other and separate work cubicles can be taken. (Palm, 2009) .Findings have revealed that even ICT professionals are not aware of ethics regarding data privacy. So formal education on ethical practices might help professionals to develop their knowledge in computer ethics. And also it is important to update company’s privacy policy regularly as necessary and make sure everybody know and follow it. Some employees are not aware of it since they read it for first time when they were recruited. (Kuzu, 2009). Apart from company’s perspective, everyone should take this issue serious and take actions against it in order to secure their privacy more. This review addressed personal information generated by various transactions and privacy problems resulting from the regular usage or sharing of them, reasons for protecting privacy, legal support and solutions for overcoming privacy related issues in depth.



References:

Cuinan, MJ & Williams, CC 2009, 'HOW ETHICS CAN ENHANCE ORGANIZATIONAL PRIVACY: LESSONS FROM THE CHOICEPOINT AND TJX DATA BREACHES', Mis Quarterly, vol. 33, no. 4, Dec, pp. 673-687

Kuzu, A 2009, 'PROBLEMS RELATED TO COMPUTER ETHICS: ORIGINS OF THE PROBLEMS AND SUGGESTED SOLUTIONS', Turkish Online Journal of Educational Technology, vol. 8, no. 2, Apr, pp. 91-110

Palm, E 2009, 'Privacy Expectations at Work-What is Reasonable and Why?', Ethical Theory and Moral Practice, vol. 12, no. 2, Apr, pp. 201-215

Lets have a good start with *SUBNETTING* before everything!

Hi folks,


I thoroughly recommend you to access the following book online or as hard copy and get a perfect start.(Search for that exact title please)
Title : CCNA Cisco certified network associate study guide, 5th edition
Author/Creator : Todd Lammle

In that,master Chapter 3 by reading and doing ALL of those exercises without looking at answers in the back.There are exercises to practice subnetting in head(paperless) also.Believe me.If you do it properly,you should be able to do any subnet calculation within 3 - 5 minutes with/without paper.


Let me know your progress by replying this post.Good luck.Happy subnetting!!!