Professional Documents
Culture Documents
APIPA - Automatic Private IP Addressing
APIPA - Automatic Private IP Addressing
APIPA - Automatic Private IP Addressing
When a DHCP server fails, APIPA allocates addresses in the private range 169.254.0.1 to
169.254.255.254. Clients verify their address is unique on the LAN using ARP. When the DHCP
server is again able to service requests, clients update their addresses automatically.
In APIPA, all devices use the default network mask 255.255.0.0 and all reside on the same
subnet.
APIPA is enabled on all DHCP clients in Windows unless the computer's Registry is modified to
disable it. APIPA can be enabled on individual network adapters.
The principle of ARP spoofing is to send fake, or "spoofed", ARP messages to an Ethernet LAN. Generally,
the aim is to associate the attacker's MAC address with the IP address of another node (such as the
default gateway).
Answer file
A text file that contains information that Windows NT/2000/XP required in order to do
an unattended installation.
Installation (or setup) of a program (including drivers, plugins, etc.) is the act of putting the program
onto a computer system so that it can be executed.
What is RAID 5?
HIBERFIL.SYS AND PAGEFILE.SYS are system-generated files. They are used by Windows
for hibernation and virtual memory control.
HIBERFIL.SYS
HIBERFIL.SYS is a file the system creates when the computer goes into hibernation mode.
Windows uses the file when it is turned back on. If you don't need hibernation mode and want to
delete the file you need to turn the hibernation option off before Windows will allow you to
delete the file. The procedure for turning hibernation off differs markedly between Windows XP
and Vista. The file size depends largely on the size of active RAM in the computer as the
contents of the file are basically a RAM image.
Windows XP
Procedure for Windows XP. This procedure makes use of the graphical user interface.
o Start | Control Panel | Power Options
o Go to the Hibernate Tab.
o Uncheck the Enable Hibernation box if you don't need the hibernation function.
o The file should now be able to be deleted.
How to Troubleshoot Hibernation and Standby Problems in Windows XP. See this Microsoft
Knowledgebase article.
o http://support.microsoft.com/kb/907477/
Windows Vista
Procedure for Windows Vista and Windows 7. This procedure requires that you be an
administrator and uses the command line.
o Start | All Programs | Accessories
o Right click on the Command Prompt entry and choose Run as Administrator from the
context menu that pops up (OK any UAC queries about doing this).
o A Command Prompt window should open.
o At the command prompt (where the flashing cursor is) type powercfg.exe /hibernate
off and press the Enter key.
o The box should flash and you'll be back at the Command Prompt; type exit and press the
Enter key to exit the Command Prompt mode.
o Hibernation should now be turned off and the file HIBERFILE.SYS deleted. If you want to
turn it back on repeat the procedure and use /hibernate on instead.
o More Information: Microsoft Support document . A method of doing this using the
graphical user interface is available using the Disk Cleanup Wizard. See the writeup here
for that if you absolutely refuse to use the command prompt.
How to Troubleshoot Hibernation and Standby Problems in Windows Vista. See this Microsoft
Knowledgebase article.
o http://support.microsoft.com/kb/950686
PAGEFILE.SYS
PAGEFILE.SYS is the virtual memory file Windows uses. Typically, on install, Windows sets
the size of the file at around 1.5 times your physical memory size however this size will vary
depending on the amount of free space on the disk when the file is established and other factors.
Most will find the default size works fine but it can be changed. Windows uses this file for its
normal operation however if you really need the space you can delete it after turning the virtual
memory option off but be aware that this can cause extreme instability in Windows to the point
where it might stop so do this at your own risk...
Windows XP
Procedure for Windows XP.
o Start | Right Click on My Computer | Select Properties from the menu
o Select the Advanced Tab
o Select Performance Settings
o Select the Advanced Tab
o Under virtual memory use the Change button to either set the size you want or turn it
completely off. Note that if you turn it off or make the value too small you may notice a
system slowdown or Windows may stop. Windows wants to use this file and if it's set to
zero then in addition to a slowdown while running, on system shutdown you may think
Windows has hung due to the extra time involved. You may have to experiment a bit if
you set it lower than some minimum. The best advice would be to leave the file alone.
The Elder Geek has a tutorial on the paging file that describes how to change its size
in more detail.
Windows Vista
Procedure for Windows Vista. You must be an administrator to make these changes.
o Start | Right Click on Computer | Select Properties from the menu
o Select Advanced System Settings from the left menu.
o Under Performance click on Settings
o On the Advanced tab you'll find the Virtual Memory area. Select the Change button to
either set the size you want or turn it completely off. Note that if you turn it off or make
the value too small you may notice a system slowdown or Windows may stop. Windows
wants to use this file and if it's set to zero then in addition to a slowdown while running,
on system shutdown you may think Windows has hung due to the extra time involved.
You may have to experiment a bit if you set it lower than some minimum. The best
advice would be to leave the file alone. See the Elder Geek link above for a general
discussion of virtual memory and its interaction with Windows
en.wikipedia.org/wiki/Perfect_forward_secrecy
A cryptosystem in which, if one encryption key is compromised, only the data encrypted
by that specific key is compromised. ...
www.watchguard.com/glossary/p.asp
www.sequi.com/SEQUI_VPN_Glossary.htm
In an authenticated key-agreement protocol that uses public key cryptography, perfect forward
secrecy (or PFS) is the property that ensures that a session key derived from a set of long-term
public and private keys will not be compromised if one of the (long-term) private keys is
compromised in the future.
Forward secrecy has been used as a synonym for perfect forward secrecy [1], since the term
perfect has been controversial in this context. However, at least one reference [2] distinguishes
perfect forward secrecy from forward secrecy with the additional property that an agreed key
will not be compromised even if agreed keys derived from the same long-term keying material in
a subsequent run are compromised.
Perfect Forward Secrecy (PFS) refers to the notion that compromise of a single key will permit
access to only data protected by a single key. For PFS to exist the key used to protect
transmission of data MUST NOT be used to derive any additional keys, and if the key used to
protect transmission of data was derived from some other keying material, that material MUST
NOT be used to derive any more keys
How Does SSL Work?
by Dr. Ralph F. Wilson, E-Commerce Consultant
Web Commerce Today, Issue 25, August 15, 1999
This article contains older information. Go here for newer information on miscellaneous Internet marketing strategies.
Every modern web browser has built into it a very sophisticated encryption system that allows secure
"conversations" with webservers equipped with an SSL secure server (See endnote).
This is about to get pretty technical so I am simplifying it greatly. If you find your eyes glazing
over, don't worry. The main message here is that SSL ensures an encrypted communication
between the customer's web browser and the merchant's webserver. This produces both customer
confidence and a very secure communication system. Use it!
You remember the Decoder Ring you found in a cereal box when you were a kid? It consisted of
a wheel with the alphabet on each of two rotating discs. If you someone sent you a message
where the "key" is A=L, you'd set the A above the L, and then determine that B=M and C=N,
etc. Modern cryptography uses a very complex algorithm or formula to encode messages using a
key. Rather than A=L, the key will be very large number used to scramble the text. If you were
to give the key to your friend, he would be able to decode the messages you encode with it and
visa versa.
Two problems present themselves, however, when you don't have face-to-face contact with a
trusted friend.
Who is your friend and who is the evil hacker? The Internet is a anonymous place where people
are not always whom they seem. If you've spent any time in chat rooms, you know that
"Pixiebabe" just might be a middle-aged man in Toledo. How do you know that you're speaking
to the real online store, or just a mimic of it? That's where a Digital Certificate comes in, to
identify the store as authentic, verified by a trusted Third Party (called the Certificate Authority).
In addition, on the Internet you can't physically hand over a key, and whatever key you send
electronically could be intercepted by an evil hacker. Enter a complex technology called Public
Key encryption.
Private Keys and Public Keys
The way SSL solves this problem is to have two keys: a private key (that you never disclose to
anyone) and a public key (which you may distribute freely to the general public). This is how it
works: You send your friend your public key and he uses it to send you an encrypted message
that only you can decode when you use your private key. Your friend can only encode the
message; he wouldn't be able to decode it, since he only has your public key, not your private
key. Confused yet?
You may be, but your web browser can keep it straight, and comes with the ability to encode and
decode messages sent to and from an SSL-secure webserver.
The merchant's in-house webserver (or the merchant's web hosting service) has a Digital
Certificate or Digital ID that identifies it as the authentic owner of a certain domain name. The
Digital Certificate contains the several pieces of information, including the merchant's public
key, signed by the Certificate Authority (such as VeriSign).
The customer's web browser has built into it a list of recognized Certificate Authorities (such as
VeriSign) and their unforgeable digital signatures, so it can verify if a merchant's Digital
Certificate is valid or a forgery.
Now the customer's web browser and the merchant's website begin a getting-to-know-you
exchange, kind of like fax machines squawking as they're getting in synch with each other. Here
are some of the important steps in this mating ritual:
Now the merchant's webserver uses the unique Session Key to encode a message to customer's
webserver, and visa versa. The two are in step and the dance has begun, dancing to a tune that
only they can hear. They can whisper sweet nothings to each other encoded with this unique
Session Key, and no one can tell what they're saying.
So long as the evil hacker can't guess the unique Session Key, he can't decode the messages
being passed back and forth. It is gobbldy-gook so far as he is concerned. Now the customer can
give his credit card number safely and the web server can echo it back for verification without
any chance of an evil hacker kidnapping it on the way by.
That's how SSL works. Actually that's the kindergarten version of an extremely complex subject.
But I hope it's enough to give you some confidence in the process. It really works quite smoothly
and securely.
Note: SSL stands for "Secure Sockets Layer." "Socket" is a technical term that refers to an application programming
interface, or API, which is used to communicate between two computers. "Layer" refers to the level or layer of this
communication between the computers.