Wednesday, 23 December 2015

An Introduction to the Point-to-Point Protocol for Windows Protocol Engineers

The PPP is used to establish point-to-point links for systems transporting multi-protocol datagrams.  It is an amalgam of several sub-protocols.

Part of the protocol is an LCP or link control protocol for establishing, configuring and testing the data-link connection, as well as other network control protocols. Amongst other uses, one of the LCP's jobs is to agree encapsulation format options.

A background to the intellectual development and design criteria behind the PPP can be analysed in RFC 1547 (put together by Drew Perkins of Carnegie Mellon in December 1993, who also founded Infinera) entitled "Requirements for an Internet Standard Point-to-Point". In it he highlights that while many protocols then existed for the data-link layer, none were sufficiently complete and versatile enough to be accepted as an Internet Standard.

Wireless Authentication for Windows Bods

The Wireless Networking and Authentication World

Wireless networking has a technical lingo all of its own. The following guide gives an overview of the terms and techniques a Windows programming bod may encounter in the field of wireless networking.

What is the EAP framework? (Hint: the E stands for Extensible)

The EAP or Extensible Authentication Protocol is an authentication framework (in the sense that it supports multiple authentication methods) commonly used in wireless networks.

What is UMA?

Unlicensed mobile access.

What is Pre Shared Key?

A pre-shared key (PSK) is a shared secret between two users of a communications channel.  A PSK is used in Wifi encryption methods such as WEP (Wired Equivalent Privacy), WPA (where there term WPA-PSK and WPA2-PSK is used) and also in EAP-PSK.

What is WPA?

WPA is the recommended authentication method for IEEE 802.11 devices. It stands for Wi-Fi Protected Access and became available in 2003. WPA2 came about in 2004.

What is a WNIC?

A WNIC is a wireless network interface controller. It connects to a radio-based computer network rather than a wire-based network such as Ethernet.

What is a Service Set in the IEEE 802.11 standard?

A Service Set consists of all devices on a WLAN. A service set consists of an SSID or Service Set identifier. The technique of network cloaking inhibits broadcasting of SSIDs and is a form of security by obscurity.

What is a WMN?

A WMN is a wireless mesh network made up of radio nodes arranged in a mesh.  Mesh networks relay messages either by routing or flooding.

Thursday, 10 December 2015

What is a SID in Windows? How does it relate to Security Principals? How does it apply to ACLs?

An SID refers to Security Identifier in the Windows NT line of operating systems. It can belong to a user, user group or other Security Principal. The SID remains attached to the principal even if the object is renamed. Access Control Lists (ACLs) use SIDs to determine which objects can access what resources.

Follow on questions:

What is a security principal? A principal in Computer Security is an entity that can be authenticated by a computer system or network, it is an "authenticable object". It is referred to as security principal in the world of Java and Microsoft.

Basics of AD Groups

An AD Group aggregates together user and computer accounts into a single unit. Their goal is to simplify administration by applying common permissions to multiple accounts at once.

A group can be local to a particular computer, as described here. However, for a group to be valid over the network, it has to be a directory object within Active Directory. The groups are then known as AD groups.

AD groups can be nested- in other words, one group can be made a member of another group.