Forum Replies Created

Viewing 15 posts - 1 through 15 (of 45 total)
  • Author
    Posts
  • in reply to: Help stop hackers #14563
    0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
    You need to be a registered member to rate this.
    Loading...

    Hi @guruofnothing,

    None of the symptoms can surely indicate that there is malware on the devices. For example, echo in calls can happen for various reasons https://www.nextiva.com/support/articles/why-do-my-calls-have-an-echo.html Similarly, floating keyboard may get turned on with a touch.

    Can you please check your network usage? Is there a sudden spike in usage of your network bandwidth? If cyber attackers have infected all your devices with malware, then attackers will try to collect data and transfer the data to their servers. This should take lots of network bandwidth.

    If someone wants to hack a device in the firmware level, one would need a rootkit. Can you please scan your devices with rootkit detection tools?

    Also, you can try factory resetting your phones. I would suggest, please use some good rootkit detection and removal tools (along with other anti-malware programs from trusted sources) to see if there are indeed any rootkits. Otherwise, the reasons for all these symptoms may be different.

    in reply to: OpenVPN over TCP vs. UDP โ€“ What is the difference? #14067
    0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
    You need to be a registered member to rate this.
    Loading...

    Letโ€™s first understand what TCP and UDP are. TCP or Transmission Control Protocol is a connection-oriented protocol that provides reliable delivery of octets over the IP network. TCP works in the Transport Layer of the Internet Protocol Suite.

    If two hosts are connected over the IP network, and they want to transfer data over a reliable connection, the hosts can use TCP. Using TCP, the sending and the destination host first establishes a reliable connection after TCP handshake. Then, TCP can receive the data from the application of the sending host, divide the data into several packets, number the packets, and then send them to the destination host.

    The destination host receives the packets in an ordered way. And, after receiving the packets, the host sends an acknowledgment. If any packet is delayed, the packet is retransmitted. TCP also provides error-checking to ensure the reliable delivery of transmitted data.

    UDP or User Datagram Protocol, on the other hand, is a connectionless protocol that provides unreliable delivery of data in an unordered way. Before sending the UDP packets, no reliable connection is established between the sending and the receiving host. Also, if two packets are sent to the destination host, there is no guarantee in which order the packets will reach the destination. Moreover, if a packet is delayed, the packet is dropped rather than retransmitting it.

    In other words, UDP provides no guarantee of delivery, ordering, or duplicate protection of data. It provides a checksum for a basic integrity check but provides no other error-checking.

    So, UDP is more suitable for time-sensitive real-time applications where the packets should reach the destination without much retransmission delays. Voice over IP or VoIP, online games, or streaming applications often use UDP for this reason.

    OpenVPN TCP provides better reliability. It can also bypass a firewall easily as it runs on standard ports. But, for the reasons mentioned above, OpenVPN TCP provides a slower speed.

    OpenVPN UDP, on the other hand, provides faster speed. But, it is less reliable as UDP does not guarantee the delivery of packets.

    So, if we think about security and privacy, both OpenVPN TCP and UDP are good. But, OpenVPN UDP provides faster speed than OpenTCP. So, if you want to use OpenVPN for online gaming or streaming applications, you can use OpenVPN UDP. Otherwise, OpenVPN TCP can be used for better reliability.

    in reply to: Which VPN protocol is the fastest? #14065
    0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
    You need to be a registered member to rate this.
    Loading...

    When we use a VPN, the VPN protocol first creates a tunnel, and then it sends encrypted packets through the tunnel. Now, cryptographic operations like encryption and decryption require processing power. When the encryption is stronger, it needs more processing power. So, in VPN, the connection speed is closely related to the security it provides.

    PPTP VPN is the fastest VPN protocol in terms of connection speed. So, if you want to stream data, you can use a PPTP VPN. But, please note that PPTP VPN provides weak encryption, and hence, it is often not recommended.

    Otherwise, IKEv2/IPSec VPN and Open VPN UDP are fast enough, and they provide strong encryption.

    in reply to: What is the recommended size of an RSA key? #14035
    0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
    You need to be a registered member to rate this.
    Loading...

    RSA is a public-key cryptosystem. Now, a public-key cryptosystem is based on mathematical problems such as integer factorization. These types of problems are less computation-intensive than symmetric key algorithms and hence, faster to solve using brute-force attacks. So, the size of an asymmetric key should be more than the size of a symmetric key for practical purposes.

    For example, a 1024-bit RSA key is equivalent to an 80-bit symmetric key as per cryptographic strength. And, a 2048-bit RSA key is equivalent to a 112-bit symmetric key.

    As per NIST, a 1024-bit RSA key can be cracked easily in the near future. Hence, it is recommended that we use a 2048-bit RSA key. But, as of 2020, the size of the largest RSA key that is known to be cracked is 829 bits.

    in reply to: Stateful Firewall vs. Stateless Firewall #14033
    0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
    You need to be a registered member to rate this.
    Loading...

    A firewall is a network security system that monitors the incoming and outgoing traffic of a host or a network and filters the traffic based on some pre-defined rules. In other words, it monitors each packet and matches it with some pre-defined rules. And, based on the rules, it decides whether the packet should be allowed.

    Now, there can be different types of firewalls, such as packet filters, stateful filters, web application firewalls, etc. A stateless filter is a packet filter. It monitors each packet and filters them based on some information on the packet header, such as the source address, the destination address, port number, or specific protocols like TCP and UDP. The problem with this type of firewall is while monitoring a packet, it cannot understand whether the packet belongs to some existing connection.

    So, to address the problem, stateful filters are developed. A stateful filter is a type of firewall that, much like a stateless filter, can filter traffic based on source IP address, destination IP address, port number, and specific protocols like TCP and UDP. But, along with that, it maintains the connection state of a packet. So, while monitoring a packet, it can understand whether the packet belongs to some existing connection or belongs to a new connection. And, based on the connection state, it can filter the traffic.

    For example, we may want to allow packets from an existing connection to a specific port number and block new connections. With a stateful filter, we can easily make a firewall rule and block unwanted traffic. With a stateless filter, it is not possible as a stateless filter has no idea about the connection state of the packet.

    in reply to: Can you get a virus from scanning a QR code? #14024
    0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
    You need to be a registered member to rate this.
    Loading...

    A QR code is a type of matrix barcode or 2-dimensional barcode. A barcode represents data in a machine-readable form. It represents data using parallel lines that vary in widths and spacing.

    A QR code is a type of two-dimensional barcode. It consists of some black squares on a white background that is arranged within a square grid. A user can use an imaging device like a camera and read a QR code.

    A QR code often contains some data that can point to a website or an application. When we read the QR code using an imaging device, the data is processed using Reed-Solomon error correction and the image is interpreted. We retrieve the appropriate data from the horizontal and vertical components of the QR code.

    Now, a QR code can store up to 7,089 characters. So, given the storage capacity, a QR code has, it cannot store executables of a virus. But, a QR code can easily point a user to some malicious content. For example, a malicious QR code can point a uer to a malicious website or application that spreads a virus.

    So, scanning a malicious QR code is more like clicking on a malicious link. While the QR code itself cannot store virus, it can point a user to some malicious content that spreads a virus.

    in reply to: What to do if I accidentally click on a phishing link? #14022
    0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
    You need to be a registered member to rate this.
    Loading...

    If you accidentally click on a phishing link or open a malicious attachment, please follow the steps as mentioned below:

    1. Firstly, disconnect your computer from the Internet. You can unplug your ethernet cable or disconnect the Wi-Fi. Once malware infects a computer, attackers can use the Internet to control the device remotely. Sometimes the malware also self-replicates and spreads to other devices on the same network. So, it is important to disconnect the computer from the Internet.

    2. Next, take a backup of all important files so that you can restore the important files to your computer at any time if needed.

    3. Now, use a trusted anti-malware program(s) and run a full scan. If any infected file is detected, please follow the instructions to quarantine.

    4. Now, you should change passwords of your email or social media accounts. In case the malware was able to access any of your accounts, it should not be able to access it again if you change the password immediately. Please note that it is always advisable to use a different computer to change the passwords.

    5. Enable 2 Factor Authentication wherever possible. 2 Factor Authentication or 2FA uses one more authentication factor. Most websites use an OTP sent over the userโ€™s mobile phone as the second authentication factor. So, if you enable 2FA, then an attacker wonโ€™t be able to access your account even if the attacker manages to hack your password as long as the attacker does not have access to your mobile phone. So, 2FA is much more secure.

    6. If you are a victim of phishing, you may want to report it. It will help the authority in catching the cybercriminals. And, if you clicked on a phishing link using your company laptop, then please report the incident to the concerned person in your company.

    7. You may also want to flag the email as phishing. This will indirectly help the spam filter to filter out potentially dangerous emails in a better way. Spam filters often use machine learning to learn about the characteristics of malicious emails and use that to filter out potentially dangerous emails. So, if you flag spam or phishing emails, that would help the spam filter to filter out such malicious emails in a better way.

    in reply to: What is a VPN tunnel? #14020
    0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
    You need to be a registered member to rate this.
    Loading...

    When a user uses a VPN, a connection is established between the VPN userโ€™s device and the VPN server. This is called a VPN tunnel. Later, when the user transfers sensitive data, the data is encrypted first and then sent over the VPN tunnel securely.

    Please note that a VPN tunnel does not provide encryption itself and hence does not ensure security and privacy. To make the connection secure and private, an encryption protocol is used using which the transmitted data is encrypted before sending it through the VPN tunnel.

    in reply to: Is IKEv2 more secure than OpenVPN? #14018
    0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
    You need to be a registered member to rate this.
    Loading...

    OpenVPN is an open-source VPN protocol. It uses SSL/TLS for key exchange and the OpenSSL library and the TLS protocol for encryption. It can use several secure cryptographic algorithms like AES, Blowfish, etc. OpenVPN is supposed to be one of the most secure VPN protocols available.

    IKEv2, on the other hand, is a tunneling protocol. This protocol is paired with the secure IPSec protocol to transmit data securely over the tunnel.

    IKEv2/IPSec VPN is also considered one of the most secure VPN protocols available. But, the main disadvantage of this protocol is, it is closed source. The protocol was developed by Microsoft and Cisco. But, the IKEv2 protocol is less CPU-intensive and considered faster than OpenVPN.

    in reply to: What is a VPN Protocol? #14016
    0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
    You need to be a registered member to rate this.
    Loading...

    A VPN protocol is a protocol using which a VPN connection is established between a VPN userโ€™s device and the VPN server and sensitive data is encrypted and transmitted over the connection securely.

    There are several VPN protocols:

    – PPTP
    – L2TP/IPSec
    – IKEv2/IPSec
    – IPSec
    – SSTP
    -OpenVPN, etc.

    When we use a VPN, we need to select a VPN protocol based on connection speed, level of encryption, connection stability, etc. A detailed discussion on the difference between various VPN protocols can be found here: PPTP vs L2TP vs OpenVPN vs SSTP vs IKEv2 VPN

    in reply to: What are the different types of IPv6 addresses? #14013
    0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
    You need to be a registered member to rate this.
    Loading...

    IPv6 supports the following types of addresses:

    Unicast Addresses โ€“ A unicast address identifies a single interface. If an IPv6 packet contains a unicast address as the destination address, the packet is sent to the interface that is assigned that unicast address.

    There can be different types of unicast addresses.

    Unspecified Address โ€“ The IPv6 address 0:0:0:0:0:0:0:0 is called the unspecified address. This address is specified with the prefix ::/128. This address is used by a host when the host is initializing and has not yet learned its own address.

    Loopback Address – The IPv6 address 0:0:0:0:0:0:0:1 is called the loopback address. The loopback address is used by a host to send IPv6 packets to itself. This address is specified with the prefix ::1/128.

    Global Unicast Address – An IPv6 Global Unicast Address is a routable IPv6 address that can be routed by a router and is globally reachable on the IPv6 Internet. An IPv6 Global Unicast Address is equivalent to an IPv4 public IP address.

    IPv6 Address with Embedded IPv4 Address โ€“ IPv6 addresses are 128-bit long and IPv4 addresses are 32-bit long. Sometimes a 128-bit IPv6 address carries a 32-bit IPv4 address in ints lower 32 bits. These types of addresses are called IPv6 addresses with embedded IPv4 addresses. These embedded IPv4 addresses can be of two types โ€“ IPv4-compatible and IPv4-mapped addresses. Nowadays, IPv4-mapped IPv6 addresses are used and these addresses have the prefix ::ffff/96.

    Link-Local IPv6 Address โ€“ A Link-local IPv6 address is used for a single link. Every IPv6 interface has a link-local IPv6 address. When a host boots up, the link-local address is assigned to its interface. Later, the interface may be assigned one IPv6 address manually or using a DHCP server. But, the interface will still have the link-local IPv6 address. Link-local IPv6 addresses have the prefix fe80::/10.

    Unique Local Address – In IPv6, Unique Local IPv6 Unicast Addresses are similar to private addresses in IPv4. These addresses are used for local communications. But, Unique Local IPv6 Unicast Addresses are globally unique, especially when used within a site. These addresses have the prefix fc00::/7.

    And, other than unicast addresses, IPv6 supports anycast and multicast addresses.

    Anycast Address – An anycast address identifies a set of interfaces. If a router receives an IPv6 packet with an anycast address as the destination address, the router finds out the nearest host using routing protocol and delivers the packet to the nearest host.

    Multicast Address – A multicast address also identifies a set of interfaces on different hosts. If an IPv6 packet contains a multicast address as the destination address, the IPv6 packet is delivered to all interfaces that are assigned that particular multicast address. Multicast addresses have the prefix ff00::/8.

    IPv6 does not support broadcast addresses.

    in reply to: Which address type is not supported in IPv6? #14011
    0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
    You need to be a registered member to rate this.
    Loading...

    IPv6 does not support broadcast addresses. It uses unicast, anycast, and multicast addresses.

    Unicast addresses are used for a single interface. When an IPv6 packet is sent with a unicast address as the destination address, the packet is delivered to the particular interface to which the unicast address is assigned.

    An anycast address identifies a set of interfaces. An anycast address can be assigned to more than one IPv6 interface. If a router receives an IPv6 packet with an anycast address as the destination address, the router finds out the nearest host using routing protocol and delivers the packet to the nearest host.

    A multicast address also identifies a set of interfaces on different hosts. If an IPv6 packet contains a multicast address as the destination address, the IPv6 packet is delivered to all interfaces that are assigned that particular multicast address.

    IPv6 does not support broadcast addresses.

    in reply to: What are IPv6 Multicast Addresses? #14009
    0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
    You need to be a registered member to rate this.
    Loading...

    In IPv6, a multicast address identifies a group of interfaces on different hosts. If an IPv6 packet contains a multicast address as the destination address, the IPv6 packet will get delivered to all interfaces that are assigned that multicast address. Please note that in IPv6, a particular interface may belong to any number of multicast groups.

    In IPv6, a multicast address has the following format:

    1111 1111 | Flags | scop | Group ID

    The first eight bits of a multicast address are 1111 1111 or FF in hexadecimal. The next 4 bits are used as flags. These bits specify whether the multicast address is permanently assigned by IANA or it is non-permanently assigned.

    The next 4 bits are scop. They are used to limit the scope of the multicast group. For example, 0010 or 2 (hexadecimal) is used to indicate a link-local scope. 0101 or hexadecimal 5 is used to specify a site-local scope and 1110 or hexadecimal E is used to specify the global scope.

    The last 112 bits specify the group ID. The group ID identifies the multicast group.

    Example:

    If some servers are assigned a permanent multicast address with the group ID 123 (hexadecimal), then:

    The multicast address FF02:0:0:0:0:0:0:123 specifies that all the servers are on the same link as the sender.

    The multicast address FF05:0:0:0:0:0:0:123 specifies that all the servers are on the same site as the sender.

    And, the multicast address FF0E:0:0:0:0:0:0:123 specifies that all the servers are on the Internet.

    in reply to: What is an IPv6 Anycast Address? #14007
    0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
    You need to be a registered member to rate this.
    Loading...

    In IPv6, an anycast address is assigned to more than one IPv6 interface. Many interfaces on different hosts can have the same anycast IPv6 address. If a router receives an IPv6 packet with an anycast address as the destination address, the router measures which is the nearest host using routing protocols and delivers the packet to the nearest host.

    In IPv6, anycast addresses are syntactically indistinguishable from unicast addresses. An anycast address uses the same format as that of a unicast address. The difference is, an anycast address is assigned to more than one interface on different hosts. The host that is assigned an anycast address should be properly configured to indicate that the assigned IPv6 address is an anycast address.

    Anycast addresses are used in many scenarios. For example, letโ€™s say an organization has a set of routers to provide Internet service. The routers can be assigned one anycast address. The anycast address can identify the set of routers. Anycast addresses can also be used to identify a set of routers attached to a particular subnet.

    in reply to: What is Unique Local IPv6 Unicast Address? #14005
    0 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 50 votes, average: 0.00 out of 5 (0 votes, average: 0.00 out of 5)
    You need to be a registered member to rate this.
    Loading...

    In IPv6, Unique Local IPv6 Unicast Addresses are similar to private addresses in IPv4. These addresses are used for local communications. But, Unique Local IPv6 Unicast Addresses are globally unique, especially when used within a site.

    A Unique Local IPv6 Unicast Address uses a well-known prefix. As a result, it is easier to filter packets with a Unique Local IPv6 Unicast Address at site boundaries. And, each Unique Local IPv6 Unicast Address uses a unique prefix. As a result, multiple sites can interconnect with each other without creating any address conflicts.

    A Unique Local IPv6 Unicast Address has the following format:

    Prefix | L | Global ID | Subnet ID | Interface ID

    The 7-bit prefix is specified as FC00::/7. The first 7 bits of the prefix are 1111 110.

    The L bit is set to 1 to indicate that the address is locally assigned.

    The next 40 bits specify the Global ID. The Global ID is used to create a globally unique prefix and it is a pseudo-random number that is generated with a pseudo-random generator to ensure uniqueness.

    The next 16 bits specify the subnet ID. And, the last 64 bits are for interface ID.

Facebooktwitterredditpinterestlinkedinmail
Viewing 15 posts - 1 through 15 (of 45 total)