DNS Hijacking

You have (probably more than once in your life) keyed in a familiar domain name and ended up in an entirely different page that was not even close to what you had expected. Chances are that you never even noticed the abnormality and you went ahead retyping the domain name or making a custom search of your preferred destination on Google. Well, what you have never realized is that you may have been a victim of Domain Name System Hijacking or redirection.
Apparently, DNS hijacking is a growing threat, and no single organization is large enough for DNS attacks. Not long ago, a hackers’ group known as the Iranian Cyber army took Twitter by storm, after having successfully managed to redirect domain requests from Twitter.com to its own hosted IP addresses. Similarly, on Thanksgiving day, the Syrian Electronic Army hijacked network traffic to major media outlets sites including the Independent , the Telegraph and the Canadian Broadcasting Corporation, just to mention a few.
So, What is DNS Hijacking?
Technically, Domain Name System Hijacking intercepts legitimate DNS requests from the user and matches them to compromised IP addresses hosted on the attacker’s servers. Ideally, websites on the World Wide Web are identified using a combination of numbers known as IP addresses, which are unique to every single site. To save you from the hassle of having to remember each IP address like you do with all your passwords, all IP addresses are given a custom domain name, which is easy to remember. In simple terms, you can access the web by searching its domain name or through its IP address if you can recall it, although you won’t.
When it comes to DNS hijacking, the attacker launches a man-in-the-middle-like attack, which subverts the user’s DNS requests and directs them to their own compromised DNS server. The basic function of a DNS server is to match the user’s DNS request with the correct IP addresses. However, an attackers’ compromised DNS server uses a DNS switching Trojan to attach the wrong IP address to the user’s DNS request, therefore directing him to a spoofed website. Such attacks are known as Pharming and could be employed by scammers in a phishing campaign aimed at stealing personal information.
Notably, DNS hijacking is not a pattern of malicious hackers only. Legitimate ISP providers also engage in the ill-feting activity to suit their own selfish interests, including placing ads or collecting statistics for Big Data Analysis. Ordinarily, you should come up with a “server not found” error message every time you query a non-existent domain name. However, ISP providers have perfected the art of manipulating DNS (NXDOIMAN) responses and directing users to their ad-ridden IP addresses. DNS Hijacking is not only irritating, but could also expose the user to potentially dangerous cross-site scripting attacks, besides violating RFC international standard for DNS (NXDOMAIN) responses.
A fine example of an ISP “behaving badly” and somehow manipulating Internet users without their consent (otherwise, it would not be manipulation, right?) is that of Verizon and its Perma Cookie. EFF has heavily criticized the abuse of personal information that has been made by Verizon Wireless, and this is just a drop in the ocean of non-consensual traffic redirection and tracking occurring daily on the web.
Shore Up DNS Security
Whether it’s a DNS cache poisoning or simple DNS blocking by the ISP providers, no one wants to traverse the web at gun point. In a Cache Poisoning attack, the hacker secretly injects false addressing data into DNS resolvers, enabling the attackers to redirect legitimate DNS requests away from legitimate websites to compromised DNS servers. The clandestine activity can go undetected for ages, allowing the attack to siphon huge chunks of sensitive information, including all Passwords and Usernames.
The first step in fortifying your DNS security is to deploy Domain Name System Security Extensions (DNSSEC). This is a security standard that allows the Domain owners to physically monitor traffic to their domain. The owners are able to register their Domains’ zones, enabling DNS resolvers to verify the authenticity of all DNS responses. Anyone with .org domains can now register them to domain registers through companies such as GoDaddy. DNSSEC will also enable you to manage customer identities.
Configure Your DNS Settings
In reality, the solution to your DNS solution lies within. If your ISP provider’s DNS server does not live up to its security expectations, ditch that for an alternative third party DNS, such as OpenDNS, NortonDNS or DNSResolvers. Here is how to configure your DNS settings of your operating system and prevent DNS hijacking:
For Windows Users:
  • Open the control panel.
  • Under “Network and Internet” click on “Network status and tasks” and proceed to the Wireless connection button on the far right of your window.
  • Under the “Wireless Network Connection Status”, click on “Properties” and go ahead to select “Internet Protocol Version 4 (TCP/IPv4) properties.”
  • Now you should be able to give an alternative DNS address of your choice.
  • Almost at the bottom of the dialog box, select the “Use the following DNS server addresses” button and fill out your alternate DNS server IP information (e.g. 8.8.8.8 for Google or 205.210.42.205 for DNSResolvers). Click OK and your alternate DNS will now be active by default.
For Ubuntu Users:
  • On the system menu, click on “Network connections” and select “Preferences”.
  • Now you’re at a dialog box with three optional tabs. If you want to configure the Ethernet connection, click on the “Wired” button and then specify your network from the interface list. For a wireless connection, click on the “Wireless connection” button and select your network. Then click on the “Edit” button.
  • Select the IPv4 Settings tab and, if the Automatic (DHCP) is the selected method, then proceed to select “Automatic (DHCP) addresses only”.
  • In the Dialog box that appears, key in your DNS IP information (e.g. for Google type 8.8.8.8 8.8.4.4 and then follow up with the changes). You may be required to set a password of your choice.
  • Repeat the above steps for any network you wish to modify.
After having followed the guidelines provided above in order to amend your settings, you will see that the alternative DNS servers you use work wonders for your privacy. Without having the proper information displayed on your computer for anyone to track down on, DNS hijacking cannot happen. Instead, your wireless connection will be completed using fake details, and therefore you will be thoroughly protected at all times while surfing the web!

Packet Switching Methods: Process Switching, Fast Switching and CEF

By: Adeolu Owokade, Intense School
For a router to move traffic across the network, it needs to perform two different functions: routing and switching. Routing refers to how a router determines the best path to send the traffic through. This is usually achieved using various routing protocols like EIGRP and OSPF. Packet switching, on the other hand, relates to how packets are moved from the input interface to the output interface or interfaces (in the case of more than one best path).
In Cisco IOS, there are many packet switching methods, but the common ones which we will be discussing in this article are process switching, fast switching and Cisco Express Forwarding (CEF).
Note: In this article, we will be focusing on IP packets although the same concept applies to other protocol packets.
Layer 2 Header Rewrite
Before we go on to discuss the switching methods, I would like to quickly discuss the rewriting of the layer 2 header of a packet. Look at the diagram below:
Host A and Host B are on different subnets and they have the router configured as their default gateway. If Host A wants to send a packet to Host B, it sends the packet to its default gateway. The Layer 2 header will contain Host A’s MAC address as the source of the packet and the router’s Fa0/0 MAC address as the destination.

 

When the router makes a forwarding decision for the packet, it needs to add a new Layer 2 header as follows: it replaces the source MAC address of the packet with the MAC address of its outgoing interface (Fa0/1 in this example). It also replaces the destination MAC address with the MAC address of the next-hop (Host B’s MAC address in this case).
Now that we know what a Layer 2 header rewrite entails, we can go ahead with our packet switching methods.
Process Switching
Process switching is the oldest of the three switching methods we will be discussing in this article. It is also the slowest and we will see why.
When the router receives a packet that is to be processed, the router stores this packet in memory. The router’s processor is then interrupted informing it that there is a packet waiting to be processed. The router inspects the packet and places it in the input queue of the appropriate switching process, e.g. ip_input for IP packets.
When the switching process runs, it checks the routing table to determine the next-hop and outbound interface for the destination of the packet. It also determines the layer 2 address (e.g. MAC address) of the next-hop by consulting a table such as the ARP cache. Armed with this information, the switching process rewrites the layer 2 header of the packet. The packet is then sent out through the determined outbound interface.
The issue with process switching is that the process described above happens for every packet, making it quite slow. Recent IOS versions have CEF (discussed later) as the default switching method for IP but we can enable process switching using the no ip route-cache interface configuration command.
Using our network diagram above, I will enable process switching on the router’s Fa0/0 and Fa0/1 interfaces. I will then ping from Host A to Host B and enable IP packet debugging (debug ip packet [detail]) on the router.
Hint: Process switched packets show up in IP packet debugging. Fast switched and CEF switched packets do not.
A sample output of the debug is as shown below. Notice that the packet is “routed via RIB” RIB stands for Routing Information Base which is basically the routing table of the router.

 

I received 10 of these messages in my debug output, 5 from the ping request from Host A and 5 from the ping reply from Host B.
Fast Switching
Fast switching improves on process switching by making use of a cache. The first packet to a destination is still process switched but the result of this switching, which includes the outgoing interface, next-hop and Layer 2 header rewrite information, is stored in the Fast Cache. Future packets to this destination will be switched using information from the fast cache, thus improving on the speed of this switching method.
We use the ip route-cache interface configuration command to enable fast switching.

 

We can confirm that fast switching is enabled on an interface using the show ip interfacecommand.

 

Before I test using ping, I will check the fast cache. Since we have not sent any packet across the router, this cache is empty.

 

Now when I ping from Host A to Host B, notice that the first ping request packet and the corresponding ping reply packet are process switched. After this first process switching, entries are created for these destinations in the fast cache.
As I mentioned above, fast switched packets will not show up in our debug output; only the two packets that were process switched will show up.
We can view the fast cache again where we notice those two created entries which include information about the destination, the outgoing interface, the next-hop and the Layer 2 header rewrite.
The diagram below helps make sense of the Layer 2 rewrite information:
Since the first packet to a destination is always process switched, switching performance will be degraded in the event where the router receives a lot of traffic for destinations that are not yet in the fast cache. Also, since entries in the fast cache will be invalidated when a route in the routing table changes, fast switching is not suitable on routers with a large number of changing routes like Internet backbone routers.
Cisco Express Forwarding (CEF)
The CEF switching method goes a step further than fast switching by building the cache in advance even before any packets need to be processed. CEF uses two components to perform its function: the Forwarding Information Base (FIB) and the Adjacency table. The FIB is more like a mirror of the routing table but with faster search capability. The FIB is used to make the forwarding decision for the destination of the packet. It contains prefixes, next hop (recursive) and the outgoing interface. The Adjacency table contains information about directly connected next hops including Layer 2 header rewrite information.
CEF is enabled globally using the ip cef command and the ip route-cache cef interface configuration command on interfaces.

 

We can view the FIB using the show ip cef command and the adjacency table using the show adjacency command.
Because CEF does not to wait for a packet before building the cache, switching performance is greatly increased. Note however that even though CEF is enabled on a router, there are times when packets will need to be punted to the next best switching method for packets that CEF cannot handle.
Summary
In this article, we have considered three different packet switching methods used on Cisco routers: process switching, fast switching and CEF. Process switching is the oldest, slowest and most processor intensive. In fast switching, the first packet to a destination is process switched but subsequent packets are forwarded using the information stored in the fast cache. Finally, CEF pre-builds the cache before any packets need to be forwarded. CEF makes use of the FIB and Adjacency table to perform its functions.
Cisco’s implementation of MPLS, for example, requires CEF to be enabled because CEF is the only switching method that makes use of the FIB. I hope you have found this article interesting.
References and further reading

 

  1. Cisco Express Forwarding. Understanding and troubleshooting CEF in Cisco routers and switches by Nakia Stringfield
  2. Intense School’s CCNA Training: http://www.intenseschool.com/boot_camp/cisco/ccna
  3. Inside Cisco IOS Software Architecture by Russ White, Vijay Bollapragada, Curtis Murphy
  4. Process, Fast and CEF Switching and Packet Punting: http://blog.ipspace.net/2013/02/process-fast-and-cef-switching-and.html

Earpieceonline Explain What Are The Different Types Of Earpiece?

An earpiece allows security professional to communicate in a covert manner without anyone noticing. Earpieces are important to allow communication between the wearer and his/ her team discreetly. There are many earpiece models and makes that a security agent can wear but typically, earpieces are of two major categories i.e. wireless and wired. Within these two categories, there are varying versions and models available. Several factors affect the choice of the ideal earpiece, these factors include:
·         Discreetness- Security officials can chose an earpiece based on how discrete they want to be. The level of discreetness is determined by the earpiece style and color of the coiled tube. In-the ear earpieces are obviously discreet because they are worn inside the ear than over-the ear earpiece- with the wires and all. You can choose a colorless earpiece as opposed to a colored one for more secrecy or choose a wired earpiece altogether for total secrecy.
·         Comfort- You obviously want the earpiece you chose to be comfortable to wear. Choose an earpiece that fits well and that is made with hypoallergic materials. Some of the important questions to ask before choosing an earpiece include how easy the earpiece is to wear and remove, how easy is to use and control the device, can the earpiece remain intact as long as necessary without falling off. 
·         Versatility- The right earpiece should make it possible to wear underneath the clothes, attached to a collar or back of the tie.
·         Tastes and preferences- Different individuals have different tastes and preferences. You can chose an earpiece that meets your needs and preferences in terms of comfort, style and color
·         A security earpiece is normally worn inside or put around the ear depending on the type you choose and is usually connected to a 2- way radio or related device. An earpiece is also worn with a microphone and receiver that makes it possible for a person to communicate with other people wearing a similar earpiece. 
Earpieces are normally won by bodyguards and security personnel for instance the US secret service, law enforcement officers and private bodyguards and security personnel to allow discreet communication for security purposes. Earpieces are either wired or wireless, with each type having different models, types, styles and makes 
Earpieces can either be worn around the ear or in the entrance of the ear as a small ear bud. For extra discreetness, wireless earpieces are often preferred over wired ones since it’s hard to tell that someone is actually wearing a wireless earpiece as opposed to a wired earpiece. Wireless earpieces often receive signals wirelessly. A person needs to wear a separate microphone at the end of a sleeve or on a lapel. To send a message, the wearer needs to speak into the microphone and receive messages via the wireless earpiece
A wired earpiece works in the same way as a wireless earpiece the only difference is that the receiver is connected to the earpiece with a wire that anyone can see. However, the wire can be transparent to make it harder for people to notice. The wire is normally worn around the back of the ear to get out of the wearers way. 
There are different types of wired earpieces including one wire, two-wire and three wire. One wire microphone consists of a single wire and no microphone, two- wire comprises of an earpiece and a single wire connecting the earpiece to the microphone which is usually connected to a sleeve or lapel. 
A three-wire earpiece comprises of an earpiece, a microphone worn on the lapel, and a third wire that normally connects to a separate device on the hand to allow the wearer to activate the microphone at his discretion. 
As mentioned above there are typically two types of earpieces and a wide variety of models under each type. The ideal earpiece will be determined by the wearer’s preferences, level of secrecy wanted, cost, comfort, and how versatile the device is. 
Earpieceonline.co.uk is flooded with various models and makes so it’s important to understand your needs before buying an earpiece. Buy your earpiece from a reputable source, Do some research before buying your ideal security earpiece to understand the features, components, advantages, and disadvantages? 

Have You Tried the Kenwood Radio Earpiece?

You might have heard about the Kenwood radio which is the second most popular gadget in the world. As we watch communication systems surrendering to technology’s prodigies, businesses around the world expand. Various sectors of profession that rely on radio technology can actively communicate without facing any hassles. Kenwood is a renowned brand for producing reliable communication equipments. The Kenwood radio earpiece is no exception, being an ideal preference for this particular audio device. The fundamental kinds of ear pieces used for this kind of radio are the 2 pin and multi-pin connectors. Offering exceptional performance within a reliable framework, customers have shifted to using such models for increased audibility. 
 
Key Features of Kenwood Radio Earpiece
 
The earpiece offers a clear and discrete source that makes communication easier. Composed of high impact polycarbonate plastic, the earpiece allows individuals to communicate in the noisiest environments. Kenwood radio earpieces therefore are considered to be the best choice that is compatible with the radio device. It is the perfect choice of equipment used for communication by security experts, door staff, and surveillance teams. The 2-pin model features two connector pins whereas the multi-pin model features various connectors. A good example of the multi-pin model is the Kenwood 3 wire earpiece that features has been fabricated into a three wire system design.
 
The Kenwood earpiece comprises of a ‘push to talk‘ or PTT button which is basically the controller of the device. It allows individuals to rapidly get in touch with clients, associates or team members to discuss and carry out various tasks. The coordination of two way radios with the right earpiece ensures excellent sound quality. One of the key features of the 2 wire earpiece is that it can be attached to a collar, lapel or a tie and slipped inside the clothing easily. The Kenwood 3 wire earpiece is slightly different since it is held in the hand to regulate operation instead of being mounted on the lapel or collar. The PTT allows the recipient to switch on or off the earpiece to relay information across. 
Benefits of Buying Kenwood Earpiece
Coordinate the responses of your team at office using the Kenwood earpiece device that has been introduced by a reputable company which has existed since 1946. Attaining years of trust from clients, everyone knows how beneficial the Kenwood radio earpiece is! The ear bud has been fabricated with the idea of giving comfort to the listeners with a fitting frame. The cable of the earpiece is transparent, lightweight and durable with hardwearing. The sound quality is excellent of the earpiece that comes alongside a built-in microphone. Aligned with a clothing clip both the devices feature a surveillance tube and the PTT button. 
You can easily replace the plastic clothing clip with a steel clip and add features like swivel ear loop. This is done so as to improve flexibility of usage and comfort. Irrespective of how the environment is, the earpiece has a noise cancelling feature that makes it efficient to use in social events at nightclubs, factor or a public event. It is the choice made by professionals since the device is highly compatible with Kenwood 2 way radios. Imagine days when your communication systems are on a shutdown with extreme interference in sound waves! If you fancy a noise free, discrete and clear sound quality then Kenwood radio earpieces is the ideal pick. 
 
A Kenwood radio customer will never face the problem of compatibility or affordability. Having distinct features makes the earpiece an accommodating communication tool. There are lower priced devices available however lack the durability of Kenwood. The Kenwood earpiece is composed of robust framework that can withstand collision. In fact the earpiece is resistant to high strain making it a long lasting device. The earpiece has been recognized globally to being an apt choice for enhancing sound quality of Kenwood radios. You should ensure that while you’re out buying earpiece for yourself, the kind of radio you have matters a lot. So choose wisely before making a final decision.
 
Conclusion:
 
Kenwood radio earpiece is a result of proficient technology that assists receiving, sending and regulating information between recipients. It is vital to use competent communication tools to achieve quality proof sound. Kenwood is an economical brand that triggers consistent performance over time. This lightweight device couples with a resilient covering that secures prolonged connectivity. Enjoy the comfort of uninterrupted conversations with Kenwood’s brilliant earpiece technology today. 

Why SSL Certificate is Important When it Comes to Web Hosting

SSL means Secure Sockets Layer and what the SSL Certificate does is it keep your website protected against frauds and other malicious transactions online and this is the reason why SSL certificate is important when it comes to web hosting. This certificate will establish an encrypted connection between the host, which is your server, and that of the web browser. The connection in between the host and the browser should be kept private because your customers will have to key in their personal information on the browser of your site. You cannot expect your customers to trust your site if you do not have an SSL Certificate.  Learn more at http://www.sslcertificatereviews.net.
Boost Up Your Website’s Conversion Rate
One of the reasons why it is important for your web hosting to have an SSL Certificate is for you to be able to easily establish trust and confidence with your customers. Those who shop online are now very careful with their transactions given the number of frauds and scams that are going on all over the World Wide Web. Before they would decide to shop from any website, they will make sure to check the security features of the site and one of these is the SSL Certificate.
If your site does not have this, then you cannot expect your customers to trust you. But if you have this, then it will be easy for your customers to put their trust in you and this can result to an increase on the conversion rate of visitors of your site.  Visit the website http://buycertificate.comto get more information.
Keep Hackers and Scammers Away
If you have SSL Certificate on your web hosting, hackers and scammers will not include you on their list of victims, and this is another reason why SSL certificate is important when it comes to web hosting. This technology indeed helps to lessen the risks and visits of these malicious individuals to your site.
What these people would actually target are websites that are not fully secure because they know that they can easily get on with their crime if a website lacks security features, such as the SSL Certificate. If these hackers and scammers would be able to get through your site, you are not only putting your customers at risk but you yourself would be at high risk as well.
These people have a way to steal your account information and would jeopardize all transactions in your site so they can steal money from you. So before any of these can happen, make sure to look for a web hosting that comes with SSL Certification.
Choose a Reliable Web Hosting Company
In order to ensure that your SSL certificate is reliable, then look for a highly reputable web hosting company that provides reliable SSL security certifications. All of the websites on your server should have this security feature. But remember that in order to be able to obtain the SSL, you will be asked to get a dedicated IP address which might cost you extra money. Nevertheless, investing on this is definitely worth it.
Now that you know why SSL certificate is important, it’s about time to purchase this security feature for your site.

Choosing a Domain Name for your Niche Website

A domain name is that address on your website that the people will find. Basically, this is the “physical address” that you will give to customers in order for them to be able to locate your site. By having a domain name, your consumers will not have a hard time in finding your place in the World Wide Web.
This should be the first criterion that one would consider when starting an online business. But then, deciding a domain name would require that you familiarize with your market as well as your target consumers. So to help you on this, here is your guide on choosing a domain name for your niche website.  You can check for URL availability at http://checkurlavailability.com.
Market Research
First of all, you need to be able to conduct market research. This is for you to have a better chance to get found through Google and other search engines. As you know, people these days would greatly rely on these search engines when looking for something online. This is actually the hardest part when it comes to choosing the right domain name for your site. Sometimes, you will need to spend several days in market research just for this. Fortunately, Google has found a way to make it easier for ecommerce sites to easily reach out to their target consumers and that is through the Google Keyword tool. Learning how to use this tool can help you in choosing a domain name for your niche website.  More URL information at http://www.howtourl.com.
 
Choose .com Domains
If you are new to the World Wide Web and you are still in the process of building your presence in the web, then go for .com domain names, if possible. All people are used to .com domains so if they search for something on the search engines, they will most likely choose those with .com domains. Having this domain also helps to provide more credibility to your business, unlike if you use .biz, .info, and the likes.
Keywords Rich Domains
Your domains must be keywords rich and your domain name should be short and must have the most commonly searched terms related to the kind of business that you have. For example, your business has something to do with flowers. Therefore, when choosing a domain name, look for those that have the “flower” keywords in it. This is to ensure that your website will have a higher chance of getting ranked on the first few pages of Google and other search engines.
Short Domains
Your domain must be short, yet concise. This is for your customers to be able to easily remember you. If you choose a long domain name, your customers would end up misspelling it and the worst that could happen is that they will end up in your competitor’s website instead.
Three to four worded keywords are still acceptable to a lot of people, but anything more than that can make it hard for your target consumers to find you in the web.
Choosing a domain name may be difficult for beginners, but the tips above should be able to help you.

Essential Tips on Web Hosting

These days, you will find quite a lot of web hosting companies that provide different kinds of services. With this, it can be a bit difficult to decide which of these companies to consider and what type of web hosting package you should choose. These essential tips on web hosting should be able to help you in coming up with the best decision.  Learn more about monthly pay hosting.
 
 
 
Adopt a Yearly Plan
If you cannot find a highly reliable web service provider, it is always a great idea to consider getting a yearly plan for your hosting package. There is no host up fee that will be charged to you if ever you get a new web hosting package on a yearly plan. There are various online web hosting providers that you can find these days which are capable of offering very affordable yearly hosting plans.
 
Ensure the Bandwidth and Server Space
It is best to take time in researching the net and reading the reviews of various web hosting companies to find out which ones are capable of providing accurate bandwidth as well as a server area that is specific to your needs. If you are in need of only a lesser space, a free web hosting service will be a perfect choice for you.
But if you would prefer to get a much bigger website for your business, then you should choose the package that can give you enough bandwidth and server space. Getting a paid professional web hosting provider is always the best choice and is indeed one of the most essential tips on web hosting.  More info about monthly hosting.
 
Determine the Web Hosting Company Agreements
Before you pay for any of the web hosting company, make sure that you understand their agreement well. The agreement will list down the legal parameters that should be included on a web hosting contract. You must also ensure that the company is highly authorized and the best way to do this is by reading reviews as well as the site agreements. If your budget won’t be enough to pay for a certain web hosting package, try to negotiate with the company and see if they can come up with an affordable plan for you.
 
Ensure a Protected Support Domain
Most of the web hosting companies provide a technically stable support and services 24 hours of the day, seven days a week. Reliance on the Internet has been rapidly increasing these days along with the advancement of technology as well as the ease of accessibility. You can help to gain more traffic into your site if you are able to utilize top notch and popular domains. Most of the web hosting providers these days could provide top class domains to all their customers who will sign up for their yearly plan.
 
Familiarize Yourself with the Recent Updates on Software
A lot of the web hosting companies these days would launch new versions of their software from time to time. This is to help attract more customers to the website and ensure a high traffic. In order for you to know how this software can help you, try to familiarize yourself with the recent updates on their software.
When looking for the best web hosting company, make sure to remember all these tips on web hosting.