Blog
Summary report of APNIC 55 (APRICOT 2023) Meeting held in Manila, Philippines
APNIC Logo The APNIC 55 meeting was held in Manila, Philippines from 20th Feb to 02nd March 2023. The meeting was hosted by PhNOG, The Philippine Network Operators Group (PhNOG) and supported by DOST- Advanced Science and Technology Institute. Every year, APNIC ...
Continue...
Thank you note
"A thank you note is the simplest form of showing gratitude". I am both humbled and honored that you have placed your confidence and support in me by electing me for the NRO NC Member and NIR SIG Co-Chair position. I sincerely thank you for casting your valuable vote ...
Continue...
How to - Configure Firefox to use only DoH and not to fallback to OS native resolver
In this post, i will talk about configuring firefox browser to use DoH and not to fallback to OS native resolver Step 1 :- Configure DoH like the way it is mentioned here - https://support.mozilla.org/en-US/kb/firefox-dns-over-https . I am using https://doh.nkn.in/dns-query ....
Continue...
IP Ratings
An IP rating must begin with 5 for partial dust protection or 6 for complete dust protection. The IP rating is two digits, with the first and second digit defined as follows: First Digit (intrusion protection) 0. (or X - see section below): No special protection. Not rated ...
Continue...
Are NIRs limiting the nation’s say in APNIC governance policies? (NIR: Boon or Bane – Is APNIC policy of Members Voting Rights doing the Justice with NIRs and Corresponding Countries)
Are NIRs limiting the nation’s say in APNIC
governance policies?
(NIR: Boon or Bane – Is APNIC policy of Members Voting Rights
doing the Justice with NIRs and Corresponding Countries)
History of Root Servers
History of ROOT-SERVERS (A Journey from 4 nodes to 13 nodes at present)..
Continue...
Availability of 5 GHz WLAN Channels in India under unlicensed band
"Availability of 5 GHz WLAN Channels in India under unlicensed band in India, Wireless Planning and Coordination Wing of Department of Telecom, under Ministry of Communication takes care of licensing of radio frequencies...
Continue...
Identity PSK ( iPSK)
"With the evolution of IoT (Internet of Things), devices that connect wirelessly have increased many folds. From webcams, Smartwatches, fitness bands, firestick, Alexa, Google Home, and many more.., everything is going wireless for connectivity and so does the security threat...
Continue...
Multiple Input Multiple Output (MIMO)
IEEE-802.11n wireless standard uses multiple antennas for high data transmission[1]. 802.11n standard...
Continue...
Common terms used in Wireless Communications
This Document will explore the terms used in Wireless Communication...
Continue...
Analysis of IGI Airport Wi-Fi setup
The access points installed at T3, IGI Airport, New Delhi are of Cisco make, Internal access points with internal antennas. This is depicted in the below images – Cisco access points can be installed in two modes –...
Continue...
CA Certificate chain and traceroute of bad.horse
Today i come across a funny domain, name bad.horse; Its funny not because of its name but because of the certificate chain and traceroute to this domain. Both subCA hierarchy and tracroute, has the full lyrics of Bad Horse song. Interesting stuff and amazing use of technology...
Continue...
Flaw in ServerKeyExchange messages of TLS Protocol
Here we will discuss the flaw in the ServerKeyExchange messages of the TLS protocol which caused the Logjam attack over TLS while using Diffie-Hellman Key Exchange. Before SSLv3, we don't use to authenticate the...
Continue...
“FREAK” -- Factoring attack on RSA-EXPORT Keys
FREAK attack allows an attacker to intercept the SSL/TLS traffic between the vulnerable client & server and force them to use week encryption, typically Export Grade encryption (i.e, 512 bit RSA key exchange)...
Continue...
Export Grade Cryptography
What is export grade cryptography ? Since World War II, many countries including the U.S., U.K. and others, have regulated the export of cryptography in the interest of national security till 1992. Those countries used to believe that they had developed more advanced cryptographic solution than others and they wished to monitor the communication of other countries and hence...
Continue...
IP to Country Mapping in Wireshark
Please follow the below articles for IP to Country Mapping in Wireshark :-
https://www.wireshark.org/lists/wireshark-dev/200902/msg00154.html
https://wiki.wireshark.org/HowToUseGeoIP...
Server Name Indication (SNI)
TLS does not provide a mechanism for a client to tell a server the name of the server it is contacting. It may be desirable for clients to provide this information to facilitate secure connections to servers that host multiple 'virtual' servers at a single underlying network address..
Continue...
TLS Session Resumption
The extra latency and computational costs of the full TLS handshake impose a serious performance penalty on all applications that require secure communication. To help mitigate some of the costs, TLS provides an ability to resume or share the same negotiated secret key data between multiple connections..
Continue...
HTTP/1.0 and HTTP/1.1
HTTP is a protocol used to exchange or transfer hypertext. Hypertext is structured text that uses logical links (hyperlinks) between nodes containing text. Tim Berners-Lee and his team at CERN are credited with inventing the original HTTP..
Continue...
SPDY (pronounced speedy); NPN (Next Protocol Negotiation); ALPN (Application Layer Protocol Negotiation) and HTTP/2
SPDY (pronounced as SPeeDY) :- SPDY is an experimental protocol developed at Google, designed to reduce the latency of web pages. Specifically, its goal is to address the limitations of HTTP/1.1 and to remove existing bottlenecks like:- - head of line blocking, - inefficient use of underlying TCP...
Continue...
Cipher Suites
A cipher suite is a named combination of authentication , encryption , message authentication code (MAC) and key exchange algorithms used to negotiate the security settings for a network connection using the Transport Layer Security (TLS) / Secure Sockets Layer (SSL)...
Continue...
Transport Layer Security (TLS) and Secure Sockets Layer (SSL)
Transport Layer Security (TLS) is a successor of Secure Sockets Layer (SSL) and its a cryptographic protocol used for establishing an encrypted link between a Server and a Client over a public network. They use X.509 certificates and hence asymmetric cryptography to authenticate...
Continue...
IPv6 DNS Measurement Stats
NIC IPv6 DNS Measurement Measuring who all are querying for nic.in or gov.in domain, what they are querying for and from where they are querying. NIC had tested its IPv6 connectivity with internet peers on June 8, 2011 (World IPv6 day) and next year on World IPv6 Launch Day (June 6, 2012), we had launched...
Continue...
Internationalized Domain Name -- URL in any Language
From whichever part of the world you belong, no matter what is your mother tongue, if you are reading this post, this means you understands English. Nearly half of the world doesn't know English But still accessing Internet was not very much friendly for those non-English speaking community to an extent due to the limitation of only having ASCII...
Continue...
Extension Mechanisms for DNS (EDNS0)
DNS Background The Domain Name System Protocol was first designed in 1980s and after that various features has been added while maintaining the compatibility with earlier versions of the protocol. DNS Packet was restricted to UDP 512...
Continue...
PGP and S/MIME Protocol
Both PGP and S/MIME protocols are used for authentication and privacy of messages over internet. S/MIME protocol refers to Secure/Multipurpose Internet Mail Extensions which has been incorporated in the various main exchange software, incl. Outlook, Thunderbird...
Continue...
Google Public DNS Servers Hijacked on 16th March 2014
Google Public DNS Servers i.e., 8.8.8.8 (which are running in Anycast mode) was hijacked on 16th of March 2014 for the Internet users of Venezuela and Brazil for nearly 22 mins. Google's Public DNS servers are used for "130 billion DNS...
Continue...
Public DNS Servers
Domain Name Service (or Server or System) is an internet service that translate easily memorized domain names into IP numbers and vice-versa. DNS Servers can be better understands as Yellow page directory to the Internet. Every ISP runs DNS services for their customers and users. A user can also runs DNS service...
Continue...
Why we have IPv6 after IPv4..... Where is IPv5 ?
IP or Internet Protocol, is the primary network protocol used on the Internet, introduced by Vint Cerf and Bob Kahn in 1974. IP version 0 to 3 was introduced and used between 1974 and 1979. After changes and refinements in initial IP protocol, version 4 was introduced in 1981, commonly known as IPv4, described in RFC 791 , which become the backbone of Whole Internet in no time...
Continue...
IPv6 Address Allocation BCP
Best Current Practices in for IPv6 Address Allocation. This Best Practices document aims to provide IPv6 Address allocation guidelines that a network operator can follow while planning the IPv6 sub-netting for its network...
Continue...
Domain Information Groper (DIG) -- DNS Query Tool
DIG is a command-line tool for querying DNS Name Server (similar to nslookup utility available in Windows and host utility) dig utility can be used for querying DNS about the host address (both A and AAAA), name server(NS), mail exchange(MX), Pointer Record(PTR), SOA (Start Of Authority) and others...
Continue...
How to install DIG in Windows Machine
DIG is a domain query tool and a part of BIND package of ISC. Using dig is very simple in Linux but is little bit tricky to use the same in Windows. I have tried to do the same and sharing you the steps which i follow for configuring the dig in my windows machine...
Continue...
Online Privacy (About gstatic.com and DoNotTrackMe)
There was a time when we use to get a call from marketing companies selling blah-blah products and these calls were the last call we want to receive. Then comes a National Do Not Call and we get a rid of these marketing calls. But what about internet. Big internet marketing companies (like Google and others)...
Continue...
National Knowledge Network
National Knowledge Network The NKN is a state-of-the-art multi-gigabit pan-India network for providing a unified high speed network backbone for all knowledge related institutions in the country. The purpose of such a knowledge network goes to the very core of the country's quest for...
Continue...
What is Wi-Fi ???
Wi-Fi is the name of a popular wireless networking technology that uses radio waves to provide wireless high-speed Internet and network connections. Wireless networks operate using radio frequency (RF) technology, a frequency...
Continue...
Shouldn't India have a Root Server ???
A Root name server is a name server for DNS root zone. Every new DNS query resolved by our local resolver first goes to Root Name Server and then root name server directs it to required domain server. This means that if in any case, root name servers...
Continue...