Latest ads
-
Bodim.lk out now !- Manoj Suranga Bandara
- Updated:
-
Power Lifting Lever Belt- SkullVamp
- Updated:
-
port.lk Domain for sale
- Lankan-Tech
- Updated:
-
Colombo Kaduwela - Two Storey House for Sale- dilrasan
- Updated:
-
Wechat qr verification
- Pawan2005
- Updated:
Internet Security
- Thread starter watchdog
- Start date
What is the best security implimentation that you know........
watchdog said:I know machang.. but as per my knowelge ........ its ZEROOO
OK in what sense do you ask? Is it in the sense of hosting web sites? Is it in the sense of authenticating users? Is it in the sense of transmitting data? etc.
Write back the question in a specific area, there are a few who I have seen are pretty competent on the area, they'd help.
watchdog said:I know machang.. but as per my knowelge ........ its ZEROOO
Yeah Its me!
jkWell security is always up to you. If you use firewalls, virus guards and anti-spy softwares you will have atleast 90% security. There is nothing you can guarentee for 100%.
OK I couldnt exactly find the news item you said on BBC, so it would be helpful if you can put up what it said.
As for the 128 bit encryption used in IE6, the method is a standard SSL encryption which uses 128 bit long key to encrypt data. The SSL works on the technology known as the public-key private-key tehcnique.
I'll explain a bit on the SSL and public key, private key it self first.
General Encryption
==============
This technique was introduced based on the thinking that 'how' you encrypt should be public knowledge and what you use to encrypt (your password) should be the only thing that should be private. Lets illustrate on this. Lets supose you and your friend have this secret code. Lets say you two decide on a password
'abcd'. Your coding method is this
message to send : I am watchdog
password : abcd
coding (encryption) method
i a m w a t c h d o g
a b c d a b c d a b c
j c p a b v f l e q j
You write your sentence and you write your password below it in a repeating manner. Then add them up producing the encoded message. As 'a' is the first letter, you add one letter to 'i' so it becomes 'j'. As b is the second letter you add two letters to the letter 'a' and so on. So you end up with the phrase "j c p a b v f l e q j" Now your friend knows the password and he knows how it was done. So he can easily reverse the process (i.e. deduct the letter) and get the original sentence.
Now lets suppose a bad guy got your message He cant initially do anything with the phrase "j c p a b v f l e q j". But there is this thing with the language, there are certain characteristics of letters. If you take English, letter E is more common in a paragraph than others. Letters Q and U always go together (except in Qi). J and Z are the least to occur. Therefore the bad guy can guess and with some work can obtain what you have actually written.
Now comes the worst part. Imagine that everyone knew that you were using this letter addition method for coding messages. Now the badguy has teh original message you sent, the coded message and also the connection between the two. What can heget out of this? Your PASSWORD!!! ( original mes + pass = code So code - original mess = pass) Why is this worse? Because from now on, he doesnt have to use a very complex techniue and start guessing on what you have written. Because he has your password he can directly understand what you are writing to your friend. (An even worse thing is that now he can pretend to be u and start writing false letters to your friend).
So therefore we cannot tell anyone our password, and HOW we code right? Right. Thats how the things initially were. But there was a problem. When large companies did this, they had to keep things secret from eachother and the net effect was that they couldnt communicate between eachother. Why? Because no one was willing to tell what sort of coding they use. When things like e commerce are concerened this is a very big problem.
The answer to this was the common knowledge algorithm system. Here the teaching is that you create a method that is extremely hard to reverse. The reverse would produce results only to the correct passwords. (Its a mathematical area. Dont worry, I dont understand much truck about it either ). The Public Key Private Key method was born out of this.
Public Key Private Key
===============
In this method you have two passwords instead of one. One is known as the public key, you give it to anyone who wants to contact you. The private key, you keep it to yourself, you use it to read what others send you. Think of it like this, public key is you address, others can post you mail on it, and then in your house you have a lock for the mail box right? Private key is similar to the key of the mailbox. Only you can open and take whats inside.
The exact usage of the private key and the public key is a bit different. BUt the above example would be enough. I'll post about the SSL later in a second post
(This post was getting too lengthy and Im getting too sleepy)
As for the 128 bit encryption used in IE6, the method is a standard SSL encryption which uses 128 bit long key to encrypt data. The SSL works on the technology known as the public-key private-key tehcnique.
I'll explain a bit on the SSL and public key, private key it self first.
General Encryption
==============
This technique was introduced based on the thinking that 'how' you encrypt should be public knowledge and what you use to encrypt (your password) should be the only thing that should be private. Lets illustrate on this. Lets supose you and your friend have this secret code. Lets say you two decide on a password
'abcd'. Your coding method is this
message to send : I am watchdog
password : abcd
coding (encryption) method
i a m w a t c h d o g
a b c d a b c d a b c
j c p a b v f l e q j
You write your sentence and you write your password below it in a repeating manner. Then add them up producing the encoded message. As 'a' is the first letter, you add one letter to 'i' so it becomes 'j'. As b is the second letter you add two letters to the letter 'a' and so on. So you end up with the phrase "j c p a b v f l e q j" Now your friend knows the password and he knows how it was done. So he can easily reverse the process (i.e. deduct the letter) and get the original sentence.
Now lets suppose a bad guy got your message
He cant initially do anything with the phrase "j c p a b v f l e q j". But there is this thing with the language, there are certain characteristics of letters. If you take English, letter E is more common in a paragraph than others. Letters Q and U always go together (except in Qi). J and Z are the least to occur. Therefore the bad guy can guess and with some work can obtain what you have actually written. Now comes the worst part. Imagine that everyone knew that you were using this letter addition method for coding messages. Now the badguy has teh original message you sent, the coded message and also the connection between the two. What can heget out of this? Your PASSWORD!!! ( original mes + pass = code So code - original mess = pass) Why is this worse? Because from now on, he doesnt have to use a very complex techniue and start guessing on what you have written. Because he has your password he can directly understand what you are writing to your friend. (An even worse thing is that now he can pretend to be u and start writing false letters to your friend).
So therefore we cannot tell anyone our password, and HOW we code right? Right. Thats how the things initially were. But there was a problem. When large companies did this, they had to keep things secret from eachother and the net effect was that they couldnt communicate between eachother. Why? Because no one was willing to tell what sort of coding they use. When things like e commerce are concerened this is a very big problem.
The answer to this was the common knowledge algorithm system. Here the teaching is that you create a method that is extremely hard to reverse. The reverse would produce results only to the correct passwords. (Its a mathematical area. Dont worry, I dont understand much truck about it either
). The Public Key Private Key method was born out of this.Public Key Private Key
===============
In this method you have two passwords instead of one. One is known as the public key, you give it to anyone who wants to contact you. The private key, you keep it to yourself, you use it to read what others send you. Think of it like this, public key is you address, others can post you mail on it, and then in your house you have a lock for the mail box right? Private key is similar to the key of the mailbox. Only you can open and take whats inside.
The exact usage of the private key and the public key is a bit different. BUt the above example would be enough. I'll post about the SSL later in a second post
(This post was getting too lengthy and Im getting too sleepy
)For all round computer security = Good Anti-Virus + Good Firewall + Good Anti-Spyware
my recommendationz might seemed bias to ya guyz but itz outta experience...
ESET Nod32 (mentioned PLENTY o time
) + ZoneAlarm Professional Edition + NOT NEEDED
ESET Nod32 has a built in detection algorithm which detectz malware n spyware too thus making the need of having a standalone anti-spyware totally out of date... ZoneAlarm too has a good combo of strict firewall rules + auto updation of spywares thus protectin ya al round...
As for encryption.. itz only vital if you are one of those hectic dudez who want al dere stuff private.. therez plenty o encryption software out dere havin various algorithm n methodz o encryptin data... 128 Bit keyz r timewasting to crack and 256 bit is practically impossible..
Zz
my recommendationz might seemed bias to ya guyz but itz outta experience...
ESET Nod32 (mentioned PLENTY o time
) + ZoneAlarm Professional Edition + NOT NEEDEDESET Nod32 has a built in detection algorithm which detectz malware n spyware too thus making the need of having a standalone anti-spyware totally out of date... ZoneAlarm too has a good combo of strict firewall rules + auto updation of spywares thus protectin ya al round...
As for encryption.. itz only vital if you are one of those hectic dudez who want al dere stuff private.. therez plenty o encryption software out dere havin various algorithm n methodz o encryptin data... 128 Bit keyz r timewasting to crack and 256 bit is practically impossible..
Zz
I RECOMMEND
eset nod32
Ad-Aware SE Personal or proff
lavasoft personal firewall
spy sweeper webroot
---
zone alarm sux cuz of the vsmon.exe overtaking the cpu.. same probz wit windows defender beta the latest.. sum msmn@#@#$.exe over taking the cpu again at idle mode
eset nod32
Ad-Aware SE Personal or proff
lavasoft personal firewall
spy sweeper webroot
---
zone alarm sux cuz of the vsmon.exe overtaking the cpu.. same probz wit windows defender beta the latest.. sum msmn@#@#$.exe over taking the cpu again at idle mode
Similar threads
