Author Archives: admin

802.11i

802.11i (or IEEE 802.11i-2004) is a variation of the Institute of Electrical and Electronic Engineers’ wireless network standard. It identifies security measures and protocol used in wireless network data transmission documented in the IEEE 802.11-2007 publication.

802.11 is a group of IEEE standards governing wireless networking transmission procedures. Widespread use of the 802.11a, 802.11b, and 802.11 g protocols enable efficient wireless connectivity for home, office, and commercial computing.

802.11i is a recent amendment for WLANs (Wireless Local Area Networks). This evolution of the 802.11 presents enhanced encryption for 802.11a, 802.11g, and 802.11b connections (such as Wi-Fi). The 802.11i standard employs improved encryption key protocols like the Temporal Key Integrity Protocol (TKIP) and the Advanced Encryption Standard (AES) .

802.11i architecture includes these integral components:

  • 802.1x to authenticate (requiring the use of EAP plus an authentication server)
  • RSN (Robust Security Network) to keep track of connections
  • AES-based CCMP to provide security (in terms of data confidentiality, integrity, and origin authentication)

Another important part of the process of authentication is the ‘four-way handshake.’ This heightens data security, as the AP needs to verify itself with the client station first and derive traffic encryption keys before gaining access to the network. After this, the signal must also surrender the Global Temporal Key (GTK) before finally decoding the broadcast and multicast traffic.

The 802.11i amendment specifications meet the security standards of many government agencies and other entities. AES, however, needs a dedicated microchip, which could mean hardware upgrades to present Wi-Fi networks. 802.11i also enables key caching (which assists in quick server reconnection for users who have gone offline) as well as pre-authentication (which provides fast roaming – ideal for more sophisticated applications like VoIP or Voice over Internet Protocol) .

802.11b

802.11b (or 802.11b-1999) is an evolution of the IEEE (Institute of Electrical and Electronic Engineers) standard that raised transmission rates to 11 Mbit/s using the prior 2.4 GHz band. 802.11b is the system used in WLANs (Wireless Local Area Networks) marketed under the name ‘Wi-Fi’ and implemented around the globe. Wi-Fi is often expanded (albeit erroneously) to mean ‘Wireless Fidelity.’ 802.11b is compatible with its predecessor and root model 802.11.

802.11 is a group of IEEE standards used to govern methods for transmission in wireless networks. The most commonly used versions of the series today are 802.11a, the 802.11b, and the 802.11g. This group offers wireless connectivity for home, office, and commercial computer use.

802.11b employs the Ethernet protocol, as well as the CSMA/CA (Carrier Sense Multiple Access with Collision Avoidance) method for purposes of file sharing, following 802.11 standards. PSK (phase-shift keying) is the method of modulation used by most of the 802.11 devices, while 802.11b uses CCK (complementary code keying). The latter standard allows faster and higher data transmission and less multipath propagation obstructions.

802.11b uses the standard media access methods. In early 2000, 802.11b products emerged in the market, acquiring a direct modulation adjustment used by 802.11. A radical increase in transmission rates and the significant price reduction of the 802.11b version (as compared to the original 802.11) led to its present popular reputation in the WLAN technology world.

IEEE 802.11b-compatible equipment may bring about interference when used near products operating within the 2.4 GHz frequency range. These devices include baby monitors, Bluetooth devices, cordless phones, and microwave ovens.

802.11a

802.11a is a standard used under WLAN (Wireless Local Area Network) and Ethernet. It is a wireless network protocol standard defined by the IEEE (Institute of Electrical and Electronics Engineers). 802.11a is part of a series developed to offer wireless connectivity for home, office, and commercial computing.

IEEE 802.11a wireless networks, theoretically, can sustain a maximum bandwidth of up to 54 Mbps. On the other hand, 802.11a performs better than its successor, 802.11b in terms of efficiency and capacity. Consequently, the APs (Access Points) and adapters accompanying 802.11a cost considerably more than the 802.11b complementary devices.

Radio transmission signals of 802.11a are in the frequency range of 5 GHz and higher. This span is ‘designated,’ which means that 802.11a machinery uses frequencies not used by other products like wireless home phones. In comparison, the 802.11b standard uses frequencies in the more-populated 2.4 GHz range thus, meeting more interference from other devices.

Due to the less availability of its more costly 5 GHz components, 802.11a devices reached the markets much slower than its 802.11b equivalents. Performance of the first generation 802.11a merchandise was poor and burdened with bugs. When the second wave of 802.11a products started to sell, the consumer market did not embrace the technology because the cheaper 802.11b was already in widespread use. 802.11a, however, penetrated enterprise network systems in spite of larger initial costs. This standard was more compatible with some networks, allowing greater capacity and increased reliability than that of 802.11b-driven networks.

Note that an 802.11a device’s signal is limited because it uses the high 5 GHz frequency, although network performance significantly improves and interference lessens. An 802.11a AP transmitter device may encompass less than a fourth of the area of a similar 802.11b device. Physical obstructions, such as brick walls, affect 802.11a networks at a higher degree than similar 802.11b networks.

802.1Q

802.1Q (or Virtual LAN) is a venture under IEEE (Institute of Electrical and Electronics Engineers) 802 standards. This project provides a mechanism with the capacity to bridge several networks to share a physical network link while prohibiting data leakage between them.

802.1Q is also an interchangeable term used to refer to the standard issued by this project. It also pertains to procedures applied in the mechanism of Ethernet networks.

As a standard, IEEE’s 802.1Q screens large networks into smaller components to minimize bandwidth use by broadcast and multicast traffic. This standard also contributes to a higher level of privacy between various internal segments within networks.

The 802.1Q procedure provides a typical way of introducing VLAN membership data to Ethernet frames. In a Local Area Network (LAN), multicast and datalink-layer broadcast traffic transmitted to every end station. The traffic does not pass the LAN boundaries despite the fact that the perimeter shares cables or hubs.

IEEE 802.1Q explains the meaning of VLAN based on the specific model bridging at MAC (Media Access Control) level and the 802.1D spanning tree protocol. This procedure allows individual VLAN communication using Layer-3 routers.

If a company’s IT department wants to offer individual logical networks per specific department within the company while using one corporate network, VLAN will enable this route. Edge switches in the corporate network insert specific VLAN tags into the data frames coming from the equipment to and from any given department. The edge switches also removes the VLAN tags before the frames reach the specific department’s equipment (after switching off the frames in the corporate network). This ensures protection of one department from another.

802.1p

802.1p is an IEEE (Institute of Electronic and Electrical Engineers) standard that assigns traffic priorities while executing dynamic multicast filtering for other network mechanisms. 802.1p offers higher reliability and quality by prioritizing specification support, thus achieving higher Quality of Service (QoS).

QoS is a system that endows better management of any data that passes through a network. There are two main classes of QoS – soft QoS and hard QoS. Soft QoS mainly involves data prioritization, while hard QoS deals with set capacities specific to certain types of service. QoS helps assure that integral data packets get to their destinations in the shortest span of time.

The IEEE 802.1p standard assigns priority to packets crossing a network. The standard operates with the Media Access Control (MAC) header in the data link level. The MAC header is a portion monitored by a network’s switches and hubs. These devices also distinguish packets based on their priorities within the network.

802.1p designates prioritization by setting a value within the MAC header. This value’s priority levels range from 0–7 (covering a sum of 8 levels), with level 0 denoting the lowest priority and level 7 being the highest. This allows packets to group and create various traffic classes. When network overcrowding happens, packets with low priority will be held temporarily while high-priority packets will be managed first.

802.1p cannot work with older switches. Coexistence of the 802.1p with non-802.1p standards may lead to network instability. Older standards are bound to misread the header used by 802.1p protocol. For a network to operate properly, it is important that the device drivers, Ethernet cards, and the switches are compatible with 802.1p.

X.509

X.509 is a standard set by the ITU Telecommunication Standardization Sector (ITU-T). It was developed for Public Key Infrastructure (PKI) in cryptography. This standard primarily defines formats for Public Key Certificates or PKCs. X.509 incorporates a hierarchical structure of certification authorities. This is in contrast to other model systems wherein any individual can attest to the validity of a person or group’s Public Key Certificate.

An X.509 system involves certain elements and processes. The system starts when a certification authority releases a certificate which binds a specific public key to a unique name. Other alternative pieces of information to which the public key could be attached can be an e-mail address or a DNS entry. During the said event, the authenticity of the certificate becomes dependent on the root certificate. Root certificates are an integral part of the X.509 model and are implicitly trusted. Web browsers are common examples of software applications containing pre-installed root certificates.

An X.509 certificate includes a number of variables. These are the certificate signature, the certificate signature algorithm, and the certificate itself.

An X.509 certificate can also be described by a number of characteristics. These aspects include but are not limited to version, serial number, issuer, algorithm ID, public key information, and validity.

X.509 is implemented in a number of protocols. Certain smart card products use X.509 in completing the transfer of data and ensuring the correctness and safety of their transactions. SSH, or Secure Shell, also incorporates the X.509 system in successfully establishing a secure connection between two computers. Transport Layer Security and Secure Multi-purpose Internet Mail Extensions are other protocols applying X.509.

192.168.0.1

192.168.0.1 is among a number of IPv4 addresses designated for use only within a private network. The following are the private IP address ranges defined for IPv4:

10.0.0.0 – 10.255.255.255
172.16.0.0 – 172.31.255.255
192.168.0.0 – 192.168.255.255

Using NAT (Network Address Translation), routers intelligently route incoming packets from the Internet to the right device on the private network. The network as a whole is identified by its public IP address.

192.168.0.1 as a Default IP address for Network Devices

Often, you’ll find that 192.168.0.1 is the default IP address for network devices, including routers manufactured by Netgear and D-Link. Visit http://192.168.0.1 in your Web browser to set up your connection preferences, such as PPPoE, firewall, and port forwarding.

After typing in http://192.168.0.1 in your browser, you may be prompted for a username and password. Look up your manual for the default username and password. Otherwise try these common ones:

  1. admin, (blank) [default for D-Link routers];
  2. admin, password [default for Netgear routers];
  3. (blank), admin;
  4. and admin, admin.

Note that you can always change the default IP address and also the username and password.

Router Page not Opening?

Try the following suggestions if you cannot connect to your router.

  1. Make sure that the IP address of your computer is 192.168.0.x (where x is between 2 to 255). To do this in Windows, right click My Network Places and choose Properties. Now, right click the LAN connection and choose Properties again. Click “Internet Protocol (TCP/IP)” and then click the Properties button. You can choose to obtain an IP address automatically from the router, or you can assign an appropriate unique IP address. For example, you can choose 192.168.0.2 as the IP address if it has not been already assigned on the network. Choose 255.255.255.0 for the Subnet mask and 192.168.0.1 for the Default gateway.
  2. If you think the IP address of the router has been changed, try one of the following:
    1. Find out the address of the default gateway. In Windows, open the command line by going to Start->Run. Type in “ipconfig” and press Enter. Visit the address listed for “Default Gateway” using your browser to get to your router’s Web interface.
    2. Reset your router to its factory defaults. Press and hold the reset button for several seconds until the router restarts. For some models, you’ll need to turn the power off first, press and hold the reset button, and then turn on power with the reset button still pressed. Release when the router lights begin to blink slowly.
  3. The router IP default address could be different from 192.168.0.1, such as 192.168.1.1. Check the router’s manual.

Additional Reading on 192.168.0.1

192.168.2.1

Like 192.168.1.1, 192.168.2.1 belongs to the range of private IPv4 addresses with the first two octets as 192.168. Private means these appear only internally within a network and cannot appear on the Internet publicly.

Routers use NAT (Network Address Translation) to intelligently route incoming packets from the Internet to the right machine. The router itself has a public IP address leased by the Internet Service Provider. This public IP address is also the address by which computers within the network are identified when accessing the Internet.

192.168.2.1 as a Router’s Default IP Address

192.168.2.1 is the default IP address for many routers and other network devices, including those manufactured by Belkin. For these routers, you can use http://192.168.2.1 to set up functions such as PPPoE (to connect to your ISP automatically), firewall settings, and port forwarding on the router’s firmware.
After typing in http://192.168.2.1 in your browser, you’ll be asked for a username and password. Here are some common ones to try if you’ve lost your manual:

  1. Administrator, (blank) [default for Belkin routers];
  2. admin, admin;
  3. admin, (blank);
  4. admin, password; and
  5. (blank), admin.

Cannot Connect to 192.168.2.1?

If you are facing problems connecting to 192.168.2.1, try the following suggestions. Note that these apply similarly for routers with different IP addresses, such as 192.168.1.1 or 192.168.0.1.

  1. Make sure that the IP address of your computer is 192.168.2.x, with x in the range of 2-255. To do this in Windows, right click My Network Places and choose Properties. Now, right click the LAN connection and choose Properties again. Click “Internet Protocol (TCP/IP)” and then click the Properties button. You can choose to obtain an IP address automatically, or you could assign an appropriate, unique IP address. For example, you can choose 192.168.2.2 as the IP address, if it has not been already assigned on the network. Choose 255.255.255.0 for the Subnet mask and 192.168.2.1 for the Default gateway.
  2. Someone might have changed the router’s IP address. Try one of the following:
    1. Find out the address of the default gateway. In Windows, open the command line by going to Start->Run. Type in “ipconfig” and press Enter. Visit the address listed for “Default Gateway” using your browser to get to your router.
    2. Reset your router using the reset button. For Belkin routers, press and hold the button for exactly 7 seconds. This will cause your router to restore all settings to the factory defaults.
  3. The router IP address could be different from 192.168.2.1, such as 192.168.1.1. Check the router’s manual.

Additional Reading on 192.168.2.1

192.168.1.1

Like any IP address of the form 192.168.x.y, 192.168.1.1 is a private IPv4 address. Devices on different networks can have this same IP address, but only one device on an internal network can have it.

Typically, this is the address of routers manufactured for home use by companies such as Linksys. Note that a router actually has at least two IP addresses visible to other devices: one for devices within the network and the other for the Internet.

Configuring your Router through 192.168.1.1

You can visit http://192.168.1.1 to access your router’s configuration software through your computer’s browser. Your connection to the router could be wired or wireless, although it is recommendable to be wired if you’re a novice.

You may now be prompted for a username and password. For Linksys, the default username and password are “admin.” In some firmware versions, the username is blank. For other models, try using “admin”-<blank> or “admin”-“password”.

Note that you can always change the router’s IP address from its default.

Cannot Connect to 192.168.1.1?

If you cannot connect to 192.168.1.1, try looking up the following suggested solutions.

  1. Make sure that the IP address of your computer is 192.168.1.x (where x is between 2 to 255). To do this in Windows, right click on Network (in the Start menu) and choose Properties. Now, choose “View Status” of your LAN connection. Go to “Properties” and then click “Internet Protocol (TCP/IPv4)” and click the Properties button. You can choose to obtain an IP address automatically (i.e. through DHCP), or you can assign an appropriate, unique IP address. For example, you can choose 192.168.1.2 as the IP address, if it has not been already assigned on the network. Leave the Subnet mask at 255.255.255.0 and type in 192.168.1.1 for the Default gateway.
  2. If you think the IP address of the router has been changed, try one of the following:
    1. Find out the address of the default gateway. In Windows, open the command line by going to Start->Run. Type in “ipconfig” and press Enter. Try visiting the address listed for “Default Gateway” using your browser to get to your router’s Web interface.
    2. Reset your router using the reset button. You should keep the button pressed for about 30 seconds (while powered on) until it restarts. Now, switch off the power supply and switch it on again. This will cause your router to reset the IP address as well as all other settings.
  3. The router’s default IP address could be something other than 192.168.1.1, such as 192.168.2.1. Check the router’s manual or website.

Additional Reading on 192.168.1.1

127.0.0.1

127.0.0.1 is an address in the special class of IP addresses known as loopback addresses. In fact, any IP address that begins with 127 is a loopback address.

Network packets sent to this address are not transmitted over wire; rather, these are received directly by the same computer as input. For this network address, therefore, there is no hardware involved, just pure software.

Use for Testing and Debugging

The localhost (another name for 127.0.0.1) is used mainly for testing and debugging network software on a single computer. Furthermore, programs using inter-process communication use this address for communicating with processes on the same computer, without regard to the computer’s external IP address.

Very often, the localhost is used for testing Web applications. A client (such as a Web browser) sends a request to a Web server residing on the same machine, which then responds to the request.

Illegal Address for a Network Device

No network device can have an address with a first octet of 127. Also, packets meant for the localhost should never appear on a network, nor should any interface forward any such packet. The loopback address must not appear as the source address for a packet sent outside a single node.

Testing 127.0.0.1 Using the ping Command

Here’s how you can test the loopback address on your computer. At the command prompt, type in “ping 127.0.0.1” and press Enter. If you get a response such as “Reply from 127.0.0.1…,” then your system’s TCP/IP software is working properly. Typing in “ping localhost” should give similar results.

The Future – IPv6

127.x.y.z forms the special class of loopback addresses for IPv4. For IPv6, the IP address 0:0:0:0:0:0:0:1 is reserved for loopback.