Contents

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.

Your Business can suffer due to absence of Digital certificate on your website

Your Business can suffer due to absence of Digital certificate on your websiteIt is very important to take the protection against online information larceny, because it's getting very easy for people to share digital products. Information theft is a type of computer safety and security risk and it's defined as thieving someones private or confidential information. Its very dangerous to get the information stolen as this can cause as much damage, or possibly more then hardware or software theft.Most of the systems on the way of your data can see what you send. A lot of companies try to stop information from being stolen by applying some user identification and authentication controls.These constrictions are most promising for protecting computers along a company's premise. However, to protect information on the Internet and on networks, companies use a handful of encryption methods like digital certificates and SSL security. SSL is an industry standard and is used by millions of websites in the protection of their online transactions with their customers. Encryption refers to the process of converting data into an unreadable form. Encrypted data is like any other data because you can send it through a lot of options, but to read it you must decrypt or decipher it into a more readable form with the help of public and private keys provided. Throughout the encryption process, the unencrypted data or input is known as plaintext and the encrypted data, or output is known as cipher text. To be able to create an SSL connection a web server requires an SSL Certificate. When you choose to activate SSL on your web server you will be prompted to complete a number of questions about the identity of your website and your company. Your web server then creates two cryptographic keys - a Private Key and a Public Key. To encrypt information, the programmer converts the plaintext into cipher text using some type of encryption key. An encryption key is the programmed formula that the person who receives the data uses to decrypt the cipher text. There are varieties of encryption or algorithm methods. However, with an encryption key formula, you will be using more then one of these techniques. Most common example is a nasty individual stealing credit cards so they can make illegal purchases on another person's account. If information is transmitted over a network then it has a very high chance for nasty users to capture the information.A digital signature is a type of encrypted code that an individual, website, or company pastes to an electronic document to make sure that the individual is who they claim to be. The code will most likely consist of the user name and a hash of usually part of the message. The complexities of the SSL protocol remain invisible to your customers. Instead, their browsers provide them with a key indicator to let them know they are currently protected by an SSL encrypted session - the lock icon in the lower right-hand corner, clicking on the lock icon displays your SSL Certificate and the details about it. All SSL Certificates are issued to either companies or legally accountable individuals. The main purpose behind using digital signatures is to make sure that it's not a swindler participating in the transaction. So, digital signatures help narrow down e-mail frauds. A digital signature can also make sure that contents of a message have not been changed. Typically, an SSL Certificate will contain your domain name, your company name, your address, your city, your state and your country. It will also contain the expiration date of the Certificate and details of the Certification Authority responsible for the issuance of the Certificate. When a browser connects to a secure site it will retrieve the site's SSL Certificate and check that it has not expired, it has been issued by a "Certification Authority" the browser trusts, and that it is being used by the website for which it has been issued. Many ecommerce websites will usually have digital certificates. A certificate authority (CA) is an authorized company or individual for that matter that has the ability to issue and verify digital certificates. There are several of websites that offer a digital certificate. One of the popular Global Certification authorities is MindGenies (www.sslgenie.com).

Cisco CCNA Certification Tutorial: Segmenting Your Network

Cisco CCNA Certification Tutorial:  Segmenting Your Network

When you're getting started on your CCNA studies on your way to earning this certification, you're swamped with network device types that you're familiar with, but not quite sure how to use. Let's look at these networking devices and their main purposes.Hubs and repeaters operate at Layer One of the OSI model, and they have one main purpose - regenerating the electrical signal that Layer One technologies carry. This regeneration helps to avoid attenuation, the gradual weakening of a signal. Much like a radio signal, the electric signals that travel at Layer One gradually weaken as they travel across the wire. Hubs and repeaters both generate a "clean" copy of the signal. While hubs and repeaters can be helpful, they do nothing as far as network segmentation is concerned. The first such device we encounter as we move up the OSI model is the switch. Operating at Layer 2, a switch creates multiple collision domains by default each switch port is considered its own little collision domain. If 12 PCs are connected to a Cisco switch, you have 12 separate collision domains. Switches can be used to segment the network into smaller broadcast domains, but this is not a default behavior. Virtual LAN (VLAN) configuration segments the network into smaller broadcast domains, since a broadcast sent by a host in one VLAN is heard only by other devices in the same VLAN.Routers operate at Layer 3 of the OSI model and segment a network into multiple broadcast domains by default. Routers do not forward broadcasts as switches do, making the router the only device of the four we've discussed today that create multiple broadcast domains by default.Knowing what each of these devices can and cannot do is essential to passing the CCNA and becoming a great network administrator. Good luck to you in both of these goals!

Its 2006. Do You Know Where Your IT Career Is?

Its 2006.  Do You Know Where Your IT Career Is?

Whether you're thinking of starting a career with computers and information technology, or thinking about earning a professional certification such as the CCNA or MCSE to accelerate your career, there is no better time to start than today. Silicon Valley is hiring again, and while we all can't work for Google, IT hiring is at its highest level in years and the opportunities for driven, motivated individuals are unlimited.I also know that for many of us, the holiday season is a good excuse to put off those studies! "I'll study for the CCNA after Thanksgiving..." "I'll start working on my CCNP after the New Year..." Well, guess what - the new year is here. It's 2006. Where is your IT career? Are you actively studying to earn a certification, or are you still thinking about it? Are you attending a school to break into the IT field, or are you still thinking about it?Newton's First Law Of Motion states that an object at rest tends to stay at rest, and an object at motion tends to stay in motion. This is true of careers as well, including yours. Where do you want your career to be in one year? Do you want to have earned several certifications in that time, therefore advancing your career, or do you want to be in the exact same place you are today?The only person who can make this decision is you. And I can speak from experience that when you begin putting your career into motion - the possibilities are unlimited. But you have to get started - today!

Cisco CCNP / BCSI Exam Tutorial: Configuring EIGRP Packet Authentication

Cisco CCNP / BCSI Exam Tutorial:  Configuring EIGRP Packet Authentication

Configuring RIPv2 and EIGRP authentication with key chains can be tricky at first, and the syntax isn't exactly easy to remember. But for BSCI and CCNP exam success, we've got to be able to perform this task.In a previous tutorial, we saw how to configure RIPv2 packet authentication, with both clear-text and MD5 authentication schemes. EIGRP authentication is much the same, and has the text and MD5 authentication options as well. But EIGRP being EIGRP, the command just has to be a little more detailed!As with RIPv2, the authentication mode must be agreed upon by the EIGRP neighbors. If one router's interface is configured for MD5 authentication and the remote router's interface is configured for text authentication, the adjacency will fail even if the two interfaces in question are configured to use the same password.We'll now configure link authentication on the adjacency over an Ethernet segment. Below, you'll see how to configure a key chain called EIGRP on both routers, use key number 1, and use the key-string BSCI. Run show key chain on a router to see all key chains.R2(config)#key chain EIGRPR2(config-keychain)#key 1R2(config-keychain-key)#key-string BSCIR2#show key chainKey-chain EIGRP:key 1 -- text "BSCI"accept lifetime (always valid) - (always valid) [valid now]send lifetime (always valid) - (always valid) [valid now]R3(config)#key chain EIGRPR3(config-keychain)#key 1R3(config-keychain-key)#key-string BSCIR3#show key chainKey-chain EIGRP:key 1 -- text "BSCI"accept lifetime (always valid) - (always valid) [valid now]send lifetime (always valid) - (always valid) [valid now]The EIGRP command to apply the key chain is a bit of a pain to remember, because the protocol and AS number is identified in the middle of the command, not the beginning. Also note that two commands are needed - one to name the key chain, another to define the authentication mode in use.R2(config)#interface ethernet0R2(config-if)#ip authentication key-chain eigrp 100 EIGRPR2(config-if)#ip authentication mode eigrp 100 md55d07h: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.23.3 (Ethernet0) is down: keychain changedR3(config)#interface ethernet0R3(config-if)#ip authentication key-chain eigrp 100 EIGRPR3(config-if)#ip authentication mode eigrp 100 md55d07h: %DUAL-5-NBRCHANGE: IP-EIGRP 100: Neighbor 172.12.23.2 (Ethernet0) is up:As with RIPv2, the existing adjacency was torn down when one side was configured with authentication. If the key chain is correctly defined and applied on both sides, the adjacency will come back up. Always run show ip eigrp neighbor to make sure the adjacency is present. Learn the details of EIGRP key chains by configuring them on your home lab equipment, and you'll be more than ready for BSCI exam success!

Cisco CCNP / BCMSN Exam Tutorial: Spanning Tree Protocol (STP) Timers

In your BCMSN / CCNP exam study, it's easy to overlook some of the details of Spanning Tree Protocol (STP). After all, you learned all of that in your CCNA studies, right? Not necessarily! While some of the BCMSN material will be a review for you, there are some details regarding familiar topics that you need to learn. That includes the timers for STP - Hello Time, MaxAge, and Forward Delay.You may remember these timers from your CCNA studies as well, and you should also remember that these timers should not be changed lightly. What you might not have known is that if you decide to change any and all of these timers, that change must be configured on the root bridge! The root bridge will inform the nonroot switches of the change via BPDUs.Hello Time is the interval between BPDUs, two seconds by default. Forward Delay is the length of both the listening and learning STP stages, with a default value of 15 seconds.Maximum Age, referred to by the switch as MaxAge, is the amount of time a switch will retain a BPDU's contents before discarding it. The default is 20 seconds.The value of these timers can be changed with the spanning-tree vlan command shown below. Verify the changes with the show spanning-tree command.SW1(config)#spanning-tree vlan 1 ?forward-time Set the forward delay for the spanning treehello-time Set the hello interval for the spanning treemax-age Set the max age interval for the spanning treepriority Set the bridge priority for the spanning treeroot Configure switch as rootSW1(config)#spanning-tree vlan 1 hello-time 5SW1(config)#spanning-tree vlan 1 max-age 30SW1(config)#spanning-tree vlan 1 forward-time 20SW1(config)#^Z SW1#show spanning-tree vlan 1VLAN0001Spanning tree enabled protocol ieeeRoot ID Priority 32769Address 000f.90e1.c240This bridge is the rootHello Time 5 sec Max Age 30 sec Forward Delay 20 secBridge ID Priority 32769 (priority 32768 sys-id-ext 1)Address 000f.90e1.c240Hello Time 5 sec Max Age 30 sec Forward Delay 20 secAging Time 300Interface Role Sts Cost Prio.Nbr Type---------------- ---- --- --------- -------- --------------------------------Fa0/11 Desg FWD 19 128.11 P2pFa0/12 Desg FWD 19 128.12 P2pAgain, you should always take great care in changing these timers. Those defaults are set for a reason - helping to prevent switching loops!

Cisco CCNA / CCNP Tutorial: Home Lab Assembly Case Study

Part of your CCNA / CCNP education is deciding what network topology to use when you're putting together your home lab. Some of you are starting with one or two routers or switches, while others are starting with more. A customer recently sent me a list of his Cisco routers and switches that he has available for a home lab and asked for my help in coming up with the best way to use them.There is no "right" or "wrong" answer to this question; again, part of the learning process is configuring and reconfiguring the physical topology of your lab. Let's look at the routers and switches he has available, including the interfaces on each, and come up with one possible CCNA / CCNP home lab setup.The equipment list:Two 3620 routers. Each has 1 serial port and 2 ethernet ports.One 3640 router. This has two ethernet cards, each with two ports, and two AUI ports.Three 2503s, my personal favorite for home labs! These have 1 AUI port, 2 serial interfaces, and one BRI interface apiece.One 2524 router. This has one serial port, 1 ethernet port, and one BRI interface.One 4500 router. This has eight BRI ports, 2 ethernet ports, and more importantly, four serial ports.He also has a 5200 access server, an ISDN simulator, one 2924 switch, and one 1924 switch.Now, if you don't have this much equipment to work with, don't panic! Most CCNA / CCNP candidates don't; this is more of an exercise in looking at what you do have and using it to the utmost.As I've mentioned in many of my CCNA / CCNP home lab articles, an access server is a great thing to have. All he needs is an octal cable to connect his AS to the other devices we choose to use, and he's all set. (If you need an access server sample configuration, there is one on my website in the Home Lab section.)A frame relay switch is also great to have, and the 4500 will make a great FR switch. Having a frame relay cloud in your CCNA / CCNP home lab is a great way to get experience configuring and troubleshooting frame relay, an essential skill for CCNA success.I would put both of the 3620s on the frame relay cloud via the Serial interface, as well as two of the 2503s. That gives you four routers that will be using frame relay to communicate, and that's the most we can have since the 4500 has four serial ports. The 4500 will need to be configured as a frame relay switch and connected to the other routers via a DTE/DCE cable. (Again, if you need a frame relay switch configuration, the one I use in my pods is on the website in the same place as the access server configuration.)The two 2503s that are on the frame relay cloud should also be connected via their BRI interfaces. The home lab also includes an ISDN simulator, which is necessary to allow routers to communicate via their BRI interfaces. Just get a couple of straight-through cables to connect those two routers to the ISDN simulator and that segment is ready to go. (Remember that you can't connect Cisco routers directly via their BRI interfaces.)All of the routers in this lab have at least one ethernet or AUI port, so we can connect them all to either one of the switches. The switches should be connected via at least two crossover cables to allow practice with trunking, root bridge election, and VLANs. Having two switches really does add quite a bit to a CCNA / CCNP home lab's capabilities. You can experiment with different subnets and vlans with as well. Don't be afraid to dive in - that's what a home lab is all about!So now we've got four routers connected via frame relay, two via ISDN, and the others via ethernet segments. Two of the routers that are not using their serial interfaces should be connected directly via their serial ports. For this, you'll just need another DTE/DCE cable. Knowing how to bring up the line between two directly connected serial ports is an important CCNA skill, and so is troubleshooting it. You should be able to bring such a connection up with your eyes closed, and once you work with your own CCNA / CCNP home lab, you'll be able to!Also, don't forget to add a loopback interface to each one of your routers. I like to use 1.1.1.1 for R1, 2.2.2.2 for R2, and so on. Advertising loopbacks is another great way to get practice with RIP, OSPF, EIGRP, IGRP, and static routing.We've taken a pile of routers and switches and turned them into a fantastic CCNA / CCNP home lab. Whether you're working with two Cisco devices or ten, coming up with your own home lab topology is a great learning experience and the beginning of developing your analytical and troubleshooting skills.

Summary

SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral.