Skip to main content

Posts

Transport Layer Security (TLS) and Secure Sockets Layer (SSL)

Transport Layer Security (TLS) is a successor of Secure Sockets Layer (SSL) and its a cryptographic protocol used for establishing an encrypted link between a Server and a Client over a public network. They use X.509 certificates and hence asymmetric cryptography to authenticate the certificate holder to its clients, and to negotiate a symmetric session key. This session key is used to encrypt the data communication between client and server. This allows message confidentiality and authenticity. TLS is widely used in applications like:- i.   Email ii.  Web Broswing iii. VoIP Because of the use of X.509 certificates,  CAs and PKI infrastructure are necessary to verify the certificates and for the establishment of chain-of trust. TLS is an Internet Engineering Task Force (IETF) standards track protocol, first defined in 1999 and updated in RFC 5246 (August 2008) and RFC 6176 (March 2011). It is based on the earlier SSL specifications (1994, 1995, 1996) developed by Netscap

IPv6 DNS Measurement Stats

NIC IPv6 DNS Measurement Measuring who all are querying for nic.in or gov.in domain, what they are querying for and from where they are querying. NIC had tested its IPv6 connectivity with internet peers on June 8, 2011 (World IPv6 day) and next year on World IPv6 Launch Day (June 6, 2012), we had launched our IPv6 DNS Server (having address 2405:8A00:1000::2) along with some websites.  Our IPv6 DNS Servers are live from day one onwards and today we are receiving roughly 54000 queries per hour over IPv6 for various nic.in and gov.in domains. In this paper, we are showing the following statistics:-        1. Who all are querying us     2. What they are querying for     3.    From which part of world we are getting the hits For taking out the bellow stats, we analyzed 7, 69, 00,000 (roughly 7.7 crore) IPv6 queries.     AS wise Query Statistics Autonomous System number (ASn) wise query stat gives us the unexpected results. Although we were pred

Internationalized Domain Name -- URL in any Language

From whichever part of the world you belong, no matter what is your mother tongue, if you are reading this post, this means you understands English. Nearly half of the world doesn't know English But still accessing Internet was not very much friendly  for those non-English speaking community to an extent due to the limitation of only having ASCII characters in domain names until few years back. In simple term, before 2011 domains was restricted to be in English language only. In 2011, ICANN approved addition of  IDN gTLDs (Internationalized Domain Name generic Top-Level Domain)in the root zone. And this gives the luxury to the internet community to have a domain url in any language. ICANN has delegated IDN in seven languages to NIXI. Details of those are as follows: Internationalized Domain Name (IDN) Language .भारत .Bharat in Devanagari .ভারত .Bharat in Bangla .భారత్ .Bharat in Telugu .ભારત .Bharat in Gujarati . بھارت .Bharat in Urdu .இந்தியா .Bharat in Tamil .ਭਾਰ

Extension Mechanisms for DNS (EDNS0)

DNS Background The Domain Name System Protocol was first designed in 1980s and after that various features has been added while maintaining the compatibility with earlier versions of the protocol. DNS Packet was restricted to UDP 512 bytes in the early releases while keeping in mind the minimum MTU size is of 576 bytes in IPv4. This has been done to check the issues of packet drops, fragmentation and others. This packet size limit of 512 bytes also led to limit the number of root servers to 13 (A to M). In 1999, Paul Vixie proposed extending DNS to allow new flags and Response Codes, and to provide support for longer responses which should also be backward compatible with previous implementation. Mechanism Due to limitation of space in DNS header, no new flags can be added in it. EDNS add information to DNS message in the form of pseudo-RRs included in the ‘additional data’ section of DNS message. This section exist both in Request and Response. The pseudo-RR introduc

PGP and S/MIME Protocol

Both PGP and S/MIME protocols are used for authentication and privacy of messages over internet. S/MIME protocol refers to Secure/Multipurpose Internet Mail Extensions which has been incorporated in the various main exchange software, incl. Outlook, Thunderbird & others And also incorporated in all major browsers (chrome, Mozilla, IE and others). S/MIME is based on IETF standards and defined in RFC 5751.   RFC 5751 defined S/MIME as "S/MIME (Secure/Multipurpose Internet Mail Extensions) provides a consistent way to send and receive secure MIME data. Based on the popular Internet MIME standard, S/MIME provides the following cryptographic security services for electronic messaging applications: authentication, message integrity and non-repudiation of origin (using digital signatures), and data confidentiality (using encryption). As a supplementary service, S/MIME provides for message compression." PGP known as Pretty Good Privacy, is a data encryption and decryp

Google Public DNS Servers Hijacked on 16th March 2014

Google Public DNS Servers i.e., 8.8.8.8 (which are running in Anycast mode)  was hijacked on 16th of March 2014 for the Internet users of Venezuela and Brazil for nearly 22 mins. Google's Public DNS servers are used for "130 billion DNS queries on average (peaking at 150 billion) from more than 70 million unique IP addresses each day." This makes Google most popular Public DNS service in the Internet world. It is suspected that Hackers exploited a well-know vulnerability in Border Gateway Protocol. There is no-way in BGP to check if particular IP address segment belongs to a particular ISP. RPKI and BGPSEC are the solution of this flaw but these two protocols are still in initial phase and lot or works needs to be done on these protocols. In this particular case, attack kept users from using the internet but no malicious activity has been traced till yet. No redirection of DNS traffic to rogue servers has been traced. This lead to suspect that someone might

Public DNS Servers

Domain Name Service (or Server or System) is an internet service that translate easily memorized domain names into IP numbers and vice-versa. DNS Servers can be better understands as Yellow page directory to the Internet. Every ISP runs DNS services for their customers and users. A user can also runs DNS service for its own. There are many DNS servers which are open for all, commonly known as Public DNS Servers. IP addresses of main Public DNS Servers are :- Google Public DNS Servers 1.   8.8.8.8 2.   8.8.4.4 3.   2001:4860:4860::8888 4.   2001:4860:4860::8844 Level 3 Public DNS Servers 5.     4.2.2.1 6.     4.2.2.2 7.     4.2.2.3 8.     4.2.2.4 9.     4.2.2.5 10.   4.2.2.6 OpenDNS Public DNS Servers 11.     208.67.222.222 12.      208.67.222.222 13.      2620:0:ccc::2 14.      2620:0:ccd::2 Norton Public DNS Servers 15.   198.153.192.1 16.   198.153.194.1 Comodo Secure Public DNS Server 17.   8.26.56.26 18.   8.20.247.20 Other Public DNS Server 19.