Understanding IPv6 in greater details

February 1st, 2012 | Posted under Internet Trends, The Internet | No Comments »

 Understanding IPv6 in greater details

 

Understanding IPv6 in greater details

IPv6 stands for Internet Protocol version 6. This version has at last arrived in the market lately although the protocol has already been worked on for more than a decade now since the standards and the specifications have been finalized recently.

There are still many features and aspects on which the Internet Engineering Task Force (IETF) group is working on. The internet protocol version 4 has certain drawbacks which encouraged and initiated the IETF to work towards a better version known as the Internet Protocol version 6.  The working group is working on the version 6 of the protocol and is making sure that the same problems and obstacles faced by version 4 are not encountered in version 6 of the protocol.

Understanding IPv6 in greater details

The working committee for the new version carefully scrutinized and analyzed each and every RFC i.e., request for comments and worked on it. Standardization helps each software and hardware manufacturer, to follow the standard blueprint than developing separate versions of the protocol. A lot of effort is being put on the development of the version 6 of the internet protocol which will help the growth of the internet.

Understanding IPv6 in greater details

The Internet Protocol version 6 mainly solves two problems of earlier internet protocols; they are routing scalability and address depletion.  Let us discuss them in details.

IP Address Space increased

IPv6 has now improvised 128 bits for addressing.  This means that 2^125 different addresses will be available. The very first three bits of the address 001 are booked for Globally Routable Unicast addresses. So, the rest 125 bits are used for addresses. This facilitates and is taking the present internet trends a lot into the future. IPv6 can keep 10^28 more addresses than what IPv4 could keep.

Understanding IPv6 in greater details

Number of networks

IPv6 can support a lot more number of networks than IPv4. The last 64 bits are used for indicating the host ID of the system in the network by IPv6.

More Support for Addressing Hierarchy

Internet Protocol version 6 uses a new and a better format for addressing. IPv4 first used the normal and regular Internet Protocol assignment rules and then it started its assignment based on the rules of Classless Inter-Domain Routing or the CIDR.

Understanding IPv6 in greater details

More simplified version of Host Addressing

The format of addressing has already been explained earlier. The first four bits are used for the numbering of the network and the last four are used for the numbering of the host.

Understanding IPv6 in greater details

The facility of Address Auto configuration

One of the main advantages of using internet Protocol version 6 is that not only the Host ID can be determined beforehand but also the network on which it is residing can be determined.

Understanding IPv6 in greater details

Thus we can say that the Internet Protocol version 6 is a much better and advanced internet protocol than internet protocol version 4. Actually this can be described as the result of hard and tedious research that the researchers have put in to develop a better internet protocol for the world.

Managing IP configurations on your Bounceweb Hosting control panel is extremely easy!


How To Maintain HTTP Session In A Web Application

December 28th, 2011 | Posted under Internet Trends, The Internet, Web Hosting, Web Hosting Tips | No Comments »

How To Maintain HTTP Session In A Web Application

HTTP is stateless in nature, which means it does not contain any extra information about any request made by the client. It is the duty of the web application itself which is running the HTTP, to keep track of the users and maintain their session in the application since they sign in, and until they log out. There also has to be adequate measures to detect and classify the requests made by the client and to identify if they are coming from a multiple active browsers or not. So this is quite a challenging issue while designing a web application.

We will assume Visual Basic coding in Microsoft .net Framework architecture. The following steps describe in brief the process involved in maintaining an HTTP session in a web application –

Identification

All the active sessions can be identified using a unique Session ID, containing only ASCII characters, and can be as long as 120 bits to accommodate a large number of users at the same time, though this number can be varied for different applications.

Storing session values

Some important data and modifications made by the user with different requests can be stored in the server database. For example, the shopping cart of a website can be managed in the server through sessions. When using SQL, all the session values are stored in the SQL database, and the values are directly retrieved from it as and when required.

How To Maintain HTTP Session In A Web Application

Session State

The session states are implemented using Session State Module class which is responsible for executing all the requests received by the application. It generates the unique Session ID. Adding the values to the session state can be achieved by following code.

How To Maintain HTTP Session In A Web Application

Collecting information

The session state code collects all the required information and stores it using the code present in the global.asax file. The data collected can never be anything other than the ones already within the web application, so it ensures data safety.

How To Maintain HTTP Session In A Web Application

The number of objects stored can also be directly accessed without interacting with the server database.

Start-up

.Net Framework provides 3 state modes, namely, in-process, state server, and SQL server. The basic state configuration of all of them is almost same. This configuration is done to make appropriate changes in the Machine. For proper working, fully qualified assembly name must be provided along with the appropriate version which is being used by the web application, as shown here.

How To Maintain HTTP Session In A Web ApplicationConfiguration

For different session state modes, appropriate state attributes are to be provided. In this example, the default on-process mode is shown. To use the other states, simply change the state mode values and add necessary attributes.

How To Maintain HTTP Session In A Web Application

Apart from the above mentioned procedure, there are other ways to achieve session management with URL based methods, or by cookies. Different approaches give varied levels of security. For maximum security, a mixture of two or more of the methods can be used. HTTP being a stateless protocol, the web developers are usually free to choose the method of their own, especially on the basis of the nature and importance of the web application. Though, every method has its own list of benefits and disadvantages. So the developers are needed to look into them, and how each of them can be exploited to get a better management of HTTP sessions.

Maintain proper sessions using the best scripting languages for your web applications hosted on Bounceweb Hosting!


Cloud Computing and its security threats

November 7th, 2011 | Posted under Internet Trends, Software, The Internet | No Comments »

Cloud Computing and its security threats

Cloud computing is the new technology in the block. It has already passed tremors across the nation with its launch. Though it is in its neo natal stage yet it has thrown up immense possibilities. Cloud computing is enabling the users to communicate seamlessly with every ounce of technology being hosted in a single place with no environment requirements. A virtual world is being built that is incognito for every user who gets connected to the network. This idea seems enticing and in actuality this is the main fact that is driving the security personnel of internet into nuts.

Cloud Computing and its security threats

The cloud connections are the most vital issues that have come up in the recent times. Domain name server is a recognizable path that every user gets to know once he or she is using a webpage or connection. The vulnerabilities f cloud computing is evident from the fact that it can bypass any dependent connection without even getting recognized. If you are not able to secure the connection there is immense possibility that the security code can be breached.

Routing is another aspect that is closely connected with the Domain Name System. The services that we are mentioning are predominantly available in the client side of the inter-connecting network. The client cloud can be susceptible to various attacks because of the failure of proper protective measure in the client side of the system.

The data security threat is one of the prime threats that the system poses to its users. The businesses and organizations that provide support services on software and other related licensed products are in the most vulnerable zones. Cloud has immense potential when it comes to the cost reduction part since the storage capacity of a cloud connection is virtually unlimited.

Most of the times the Data protection Act would be breached in cloud computing. If you are using a cloud system knowingly or unknowingly, you may transfer any sensitive data that can be easily intercepted and used against the authorization laws.

Cloud Computing and its security threats

When dealing with sensitive data, you would never risk a situation where the possibility of data theft or data loss arises. In that case the cloud computing environment comes into a serious spot of concern. Cloud environment can be used and the norms of it can be used in an illegal manner quite easily. If there is any malicious software that a person wants to incorporate within the system he can do so without much of a trouble. Hence hosting of malwares in cloud environment is quite easy. This may even lead to unethical hacking. Cloud computing service providers do provide the service to almost anyone who has a valid credit card. This is a major flaw in the system which any unethical person can exploit to ill-effect. Unauthorized users can use the flexibility of cloud computing in order to phish someone else’s account. Masquerading is a very simple way of breaching a cloud computing system.

The APIs provided by the cloud service providers to their customers have generally got poor authentication system. This API is basically used by the user to avail the services provided by the vendor. The customer rarely has any control over his own security system as cloud follows a separate and independent security conduct. Due to this reason a user is always open to any outside attack. Insecure APIs lead to theft of identity on a cloud network.

Cloud Computing and its security threats

A cloud framework uses an infrastructure which can be exploited by an unrecognized user to get access to the resources with no bounds. There is no proper encryption in a cloud security system. This lack of protocol may lead to a break in control over the system and that too on the client side of the network. The irregularities that are carried out over a cloud network are hard to retrace because the data that is provided from a user account remains scattered all over the network. It becomes tough to join the pieces when there is an absence of data integrity.

 Ensure your web application the best security guaranteed by Bounceweb Hosting!


Why SSL Certification is necessary for your website

August 18th, 2011 | Posted under Internet Trends, The Internet, Uncategorized, Web Hosting | No Comments »

Why SSL Certification is necessary for your website

 

With the popularity of the Internet gaining steam in full flow these days, the cases of network fraud have been considerably on the rise. This happens basically because most of the website owners these days are ignorant about how the whole network protocol works and malicious hackers take advantage and rip them off! A network is a connection of numerous computers connected to a web server and when information is exchanged from one site to another, it usually travels through all of the connecting nodes in the network before it reaches its actual destination. So, if this information is sent just in plain text, then there lies the risk of any middle node intervention which can lead to disastrous results if the information sent is something confidential as a credit card number. So, to protect the website from such a hazard, SSL or Secure Sockets Layer Certification is required.

Why SSL Certification is necessary for your website

 

Diagram showing how SSL encryption works

  • SSL Certification, once enabled, forms an encrypted connection between your website and any visitor’s web browser so that any information that is exchanged between the two of you is not tampered with by anyone else. It ensures it by converting the plain text into an encrypted one thus reducing the chances of eavesdropping.
  • But that is not the primary purpose of SSL Certificates! Certification Authority (CA) provide SSL Certificates to legitimate websites just to ensure their authenticity, so that when a visitor logs on to the website, they understand that it is genuine and one they can trust.
  • So, what happens if a website is actually secured by an SSL Certification? Its URL gets changed and it always begins with an “https” in front of it. This is different from the normal “http” protocol and this “s” at the end ensures that the website is safe and has got an SSL Certification.
  • Even many websites who have got an SSL Certificate, because of their procrastination, don’t show it in the correct manner to their visitor and therefore can lose business. For better functionality, make it visible that you have got your website secured by displaying the safety seal as they are difficult to scam and do make all your site information available for any customer.
  • But many companies nowadays dole out “free certificates” nowadays which are not at all safe and secure. If encountering one such case ask specifically whether your website will get a dedicated IP address and a certificate with your domain name. If not, don’t get certified by them.

Research has shown that online shoppers and social networkers are growing more and more conscious about website security and protection. As much as 60% of online shoppers cancel out orders on the websites they find to have no authorised SSL Certificates. So, if your website doesn’t have that all assuring seal of approval that an SSL certificate provides, then business can get really rough. Therefore, go get your website SSL certified by any government or commercial Certificate Authority for a very small sum and make it safe and secure for its users.

Bounceweb Hosting plans provide you SSL features which ensures safety of your website.

 


How to ensure security for your website

June 18th, 2010 | Posted under Computer Advice, The Internet, Web Hosting Tips | 1 Comment »

How to ensure security for your website

With the advancement in web technologies, technical flaws have also risen that pose threat to security of websites. Security measures have been invented to prevent these flaws and provide security to websites. Here are a couple of most important security measures.

1. Secure Sockets Layer (SSL)

SSL is a method of providing security certificates to the client computer. All major web browsers support SSL. When a client browser visits a web page, it requests a security certificate. If the website provides a certificate, the originality of the website is verified, and the clients see a notification of the secure connection. This provides security to the client, preventing him from phishing attacks or fake transactions. The HTTPS protocol is used for SSL enabled web page surfing.

2. SQL Injection

This refers to a technique of running user-written code on the client server, issuing SQL commands on the server database. This can be used by malicious users to steal passwords or log into websites without passwords. This flaw can be easily removed by SQL injection checking. However, many web programmers overlook such flaws or write weak prevention code. Care should be taken to prevent such attacks through robust injection checking.

Secure your website. Use BounceWeb web hosting!


The difference between a strong and a weak password

March 17th, 2009 | Posted under Computer Advice, The Internet, Tips For Life, Web Hosting Tips | No Comments »

When you create an account somewhere or when you need to pick a password to secure your web server, the advice always is to pick a strong password. It’s a bit of weird advice, much like telling someone to pick a good man or woman if you want to marry. If you didn’t think the person was a good person, you wouldn’t have married, and if you thought your password was weak, you wouldn’t have picked it. Luckily there’s a simple way to pick a strong password.

Unlike what you may think, strong or weak, are not just a matter of opinion, there are criteria that define what’s strong and what’s weak. For example, you may think that iwasbornonthefourthofjuly is a strong password, when in fact it’s not. It’s not weak because it’s easy to guess (unless you really are born on the fourth of July), it’s weak because a password generator would be able to crack this password very quickly. So what can we do to make it a little stronger? Well first of all, we can take the word four, and turn it into the number 4. So then we would have the password iwasbornonthe4thofjuly, which is stronger, but still not strong enough. It needs at least two numbers to be a medium password, so it would have to be iwasbornonthe14thofjuly or iwasbornonthe4thofjuly1979.

Is it a strong password now? No, it still isn’t (yes I know, life is hard, live with it). Now, you need to add capitals and symbols. Something that would result in the password !Iwasbornonthe4thofjuly1979#. Now that is even a little strong password. And don’t worry, it doesn’t need to be that long, as long as it has symbols, capitals, numbers and letters. That’s a combination that’s still not impossible to hack, but why would a hacker try to hack a difficult one, if there are thousands of people that use a weak password?

Truely I would say that you need to choose a password that has no sequential algorithm. I don’t think I really know what those words mean but what I’m trying to say is that it should be something that can never be guessed. It really should be a combination of letters (capitol and lowercase) numbers, and symbols that have no relation to each other, just totally random.
something like lQp!96R; . Now that is a secure password and no it’s not mine 🙂