APIPA - Automatic Private IP Addressing

Definition: A feature of Microsoft Windows, APIPA is a DHCP failover mechanism. With

APIPA, DHCP clients can obtain IP addresses when DHCP servers are nonfunctional. APIPA
exists in all popular versions of Windows except Windows NT.

When a DHCP server fails, APIPA allocates addresses in the private range 169.254.0.1 to
169.254.255.254. Clients verify their address is unique on the LAN using ARP. When the DHCP
server is again able to service requests, clients update their addresses automatically.

In APIPA, all devices use the default network mask 255.255.0.0 and all reside on the same
subnet.

APIPA is enabled on all DHCP clients in Windows unless the computer's Registry is modified to
disable it. APIPA can be enabled on individual network adapters.

Also Known As: Automatic Private IP Addressing; AutoNet

Examples:
Because APIPA uses IP addresses in the private Class B space, APIPA is a feature generally
only useful on home or other small intranet LANs

What is ARP Cache Poisoning?

Address Resolution Protocol (ARP) spoofing, also known as ARP flooding, ARP poisoning or ARP Poison
Routing (APR), is a technique used to attack an Ethernet wired or wireless network. ARP Spoofing may
allow an attacker to sniff data frames on a local area network (LAN), modify the traffic, or stop the traffic
altogether. The attack can only be used on networks that actually make use of ARP and not another
method of address resolution.

The principle of ARP spoofing is to send fake, or "spoofed", ARP messages to an Ethernet LAN. Generally,
the aim is to associate the attacker's MAC address with the IP address of another node (such as the
default gateway).

Answer file

 A text file that contains information that Windows NT/2000/XP required in order to do
an unattended installation.

Installation (or setup) of a program (including drivers, plugins, etc.) is the act of putting the program
onto a computer system so that it can be executed.
What is RAID 5?

RAID 5 provides a very redundant fault tolerance in addition to performance advantages

allowing data to be safeguarded while only sacrificing the equivalent of one drive's space. RAID-
5 requires at least three hard drives of the same size; The total storage space available with a
RAID-5 array is equal to { (number of drives - 1) * size of smallest drive }. So if you use three
120gb hard drives, you will have 240gb of actual usable space. If you use five 120gb hard drives,
you would have 480gb of usable space. The more drives you use, the more efficient your storage
space becomes without losing any redundancy.

What are HIBERFIL. SYS and PAGEFILE. SYS?

 Written By: DaBoss ...

 2009-05-26
 Categorized in: What...

HIBERFIL.SYS AND PAGEFILE.SYS are system-generated files. They are used by Windows
for hibernation and virtual memory control.

HIBERFIL.SYS

HIBERFIL.SYS is a file the system creates when the computer goes into hibernation mode.
Windows uses the file when it is turned back on. If you don't need hibernation mode and want to
delete the file you need to turn the hibernation option off before Windows will allow you to
delete the file. The procedure for turning hibernation off differs markedly between Windows XP
and Vista. The file size depends largely on the size of active RAM in the computer as the
contents of the file are basically a RAM image.

 Windows XP
 Procedure for Windows XP. This procedure makes use of the graphical user interface.
o Start | Control Panel | Power Options
o Go to the Hibernate Tab.
o Uncheck the Enable Hibernation box if you don't need the hibernation function.
o The file should now be able to be deleted.
 How to Troubleshoot Hibernation and Standby Problems in Windows XP. See this Microsoft
Knowledgebase article.
o http://support.microsoft.com/kb/907477/
 Windows Vista
 Procedure for Windows Vista and Windows 7. This procedure requires that you be an
administrator and uses the command line.
o Start | All Programs | Accessories
o Right click on the Command Prompt entry and choose Run as Administrator from the
context menu that pops up (OK any UAC queries about doing this).
o A Command Prompt window should open.
o At the command prompt (where the flashing cursor is) type powercfg.exe /hibernate
off and press the Enter key.
 o The box should flash and you'll be back at the Command Prompt; type exit and press the
Enter key to exit the Command Prompt mode.
o Hibernation should now be turned off and the file HIBERFILE.SYS deleted. If you want to
turn it back on repeat the procedure and use /hibernate on instead.
o More Information: Microsoft Support document . A method of doing this using the
graphical user interface is available using the Disk Cleanup Wizard. See the writeup here
for that if you absolutely refuse to use the command prompt.
 How to Troubleshoot Hibernation and Standby Problems in Windows Vista. See this Microsoft
Knowledgebase article.
o http://support.microsoft.com/kb/950686

PAGEFILE.SYS

PAGEFILE.SYS is the virtual memory file Windows uses. Typically, on install, Windows sets
the size of the file at around 1.5 times your physical memory size however this size will vary
depending on the amount of free space on the disk when the file is established and other factors.
Most will find the default size works fine but it can be changed. Windows uses this file for its
normal operation however if you really need the space you can delete it after turning the virtual
memory option off but be aware that this can cause extreme instability in Windows to the point
where it might stop so do this at your own risk...

 Windows XP
 Procedure for Windows XP.
o Start | Right Click on My Computer | Select Properties from the menu
o Select the Advanced Tab
o Select Performance Settings
o Select the Advanced Tab
o Under virtual memory use the Change button to either set the size you want or turn it
completely off. Note that if you turn it off or make the value too small you may notice a
system slowdown or Windows may stop. Windows wants to use this file and if it's set to
zero then in addition to a slowdown while running, on system shutdown you may think
Windows has hung due to the extra time involved. You may have to experiment a bit if
you set it lower than some minimum. The best advice would be to leave the file alone.
The Elder Geek has a tutorial on the paging file that describes how to change its size
in more detail.
 Windows Vista
 Procedure for Windows Vista. You must be an administrator to make these changes.
o Start | Right Click on Computer | Select Properties from the menu
o Select Advanced System Settings from the left menu.
o Under Performance click on Settings
o On the Advanced tab you'll find the Virtual Memory area. Select the Change button to
either set the size you want or turn it completely off. Note that if you turn it off or make
the value too small you may notice a system slowdown or Windows may stop. Windows
wants to use this file and if it's set to zero then in addition to a slowdown while running,
on system shutdown you may think Windows has hung due to the extra time involved.
You may have to experiment a bit if you set it lower than some minimum. The best
 advice would be to leave the file alone. See the Elder Geek link above for a general
discussion of virtual memory and its interaction with Windows

Perfect forward secrecy

 In an authenticated key-agreement protocol that uses public key cryptography, perfect

forward secrecy (or PFS) is the property that ensures that a session key derived from a set
of long-term public and private keys will not be compromised if one of the (long-term)
private keys is compromised in ...

en.wikipedia.org/wiki/Perfect_forward_secrecy

 A cryptosystem in which, if one encryption key is compromised, only the data encrypted
by that specific key is compromised. ...

www.watchguard.com/glossary/p.asp

 A feature of IKE protocol (using a Diffie-Hellman exchange) that forbids previous or

subsequent encryption keys from being derived by the key that is protecting data. Top

www.sequi.com/SEQUI_VPN_Glossary.htm

In an authenticated key-agreement protocol that uses public key cryptography, perfect forward
secrecy (or PFS) is the property that ensures that a session key derived from a set of long-term
public and private keys will not be compromised if one of the (long-term) private keys is
compromised in the future.

Forward secrecy has been used as a synonym for perfect forward secrecy [1], since the term
perfect has been controversial in this context. However, at least one reference [2] distinguishes
perfect forward secrecy from forward secrecy with the additional property that an agreed key
will not be compromised even if agreed keys derived from the same long-term keying material in
a subsequent run are compromised.

Perfect Forward Secrecy (PFS) refers to the notion that compromise of a single key will permit
access to only data protected by a single key. For PFS to exist the key used to protect
transmission of data MUST NOT be used to derive any additional keys, and if the key used to
protect transmission of data was derived from some other keying material, that material MUST
NOT be used to derive any more keys
How Does SSL Work?
by Dr. Ralph F. Wilson, E-Commerce Consultant
Web Commerce Today, Issue 25, August 15, 1999

This article contains older information. Go here for newer information on miscellaneous Internet marketing strategies.

Every modern web browser has built into it a very sophisticated encryption system that allows secure
"conversations" with webservers equipped with an SSL secure server (See endnote).

This is about to get pretty technical so I am simplifying it greatly. If you find your eyes glazing
over, don't worry. The main message here is that SSL ensures an encrypted communication
between the customer's web browser and the merchant's webserver. This produces both customer
confidence and a very secure communication system. Use it!

But some of you want to know how it works, so here goes.

Keys and Identities

You remember the Decoder Ring you found in a cereal box when you were a kid? It consisted of
a wheel with the alphabet on each of two rotating discs. If you someone sent you a message
where the "key" is A=L, you'd set the A above the L, and then determine that B=M and C=N,
etc. Modern cryptography uses a very complex algorithm or formula to encode messages using a
key. Rather than A=L, the key will be very large number used to scramble the text. If you were
to give the key to your friend, he would be able to decode the messages you encode with it and
visa versa.

Two problems present themselves, however, when you don't have face-to-face contact with a
trusted friend.

 Who is your friend and who is the evil hacker? The Internet is a anonymous place where people
are not always whom they seem. If you've spent any time in chat rooms, you know that
"Pixiebabe" just might be a middle-aged man in Toledo. How do you know that you're speaking
to the real online store, or just a mimic of it? That's where a Digital Certificate comes in, to
identify the store as authentic, verified by a trusted Third Party (called the Certificate Authority).
 In addition, on the Internet you can't physically hand over a key, and whatever key you send
electronically could be intercepted by an evil hacker. Enter a complex technology called Public
Key encryption.
Private Keys and Public Keys

The way SSL solves this problem is to have two keys: a private key (that you never disclose to
anyone) and a public key (which you may distribute freely to the general public). This is how it
works: You send your friend your public key and he uses it to send you an encrypted message
that only you can decode when you use your private key. Your friend can only encode the
message; he wouldn't be able to decode it, since he only has your public key, not your private
key. Confused yet?

You may be, but your web browser can keep it straight, and comes with the ability to encode and
decode messages sent to and from an SSL-secure webserver.

Getting to Know You

The merchant's in-house webserver (or the merchant's web hosting service) has a Digital
Certificate or Digital ID that identifies it as the authentic owner of a certain domain name. The
Digital Certificate contains the several pieces of information, including the merchant's public
key, signed by the Certificate Authority (such as VeriSign).

The customer's web browser has built into it a list of recognized Certificate Authorities (such as
VeriSign) and their unforgeable digital signatures, so it can verify if a merchant's Digital
Certificate is valid or a forgery.

Now the customer's web browser and the merchant's website begin a getting-to-know-you
exchange, kind of like fax machines squawking as they're getting in synch with each other. Here
are some of the important steps in this mating ritual:

1. The customer's web browser requests a secure page, such as

https://www.yourcompany/orderform.htm
2. The merchant's webserver responds by sending the customer's web browser the Digital
Certificate containing all its information.
3. The customer's web browser checks to be sure that the Digital Certificate is valid, hasn't
expired, and matches the Certificate's domain name and the list of digital signature of Certificate
Authorities the web browser has on file. Then it replies by encrypting a message using the
merchant's public key. In this message will be a unique Session Key generated by the web
browser from a random number.
4. The merchant's webserver decodes the unique Session Key using the merchant's Private Key.
Now both the customer and the merchant have the same unique Session Key. If you were an evil
hacker listening in, you could hear both the messages from the webserver and the customer,
but you couldn't decode the customer's message to the webserver, since you don't possess the
merchant's Private Key. (I'm skipping over some other checks performed at this time.)

Now the merchant's webserver uses the unique Session Key to encode a message to customer's
webserver, and visa versa. The two are in step and the dance has begun, dancing to a tune that
only they can hear. They can whisper sweet nothings to each other encoded with this unique
Session Key, and no one can tell what they're saying.
So long as the evil hacker can't guess the unique Session Key, he can't decode the messages
being passed back and forth. It is gobbldy-gook so far as he is concerned. Now the customer can
give his credit card number safely and the web server can echo it back for verification without
any chance of an evil hacker kidnapping it on the way by.

That's how SSL works. Actually that's the kindergarten version of an extremely complex subject.
But I hope it's enough to give you some confidence in the process. It really works quite smoothly
and securely.

Note: SSL stands for "Secure Sockets Layer." "Socket" is a technical term that refers to an application programming
interface, or API, which is used to communicate between two computers. "Layer" refers to the level or layer of this
communication between the computers.