NAT (Network Address Translation)

NAT (Network Address Translation or Network Address Translator) is the translation of an Internet Protocol address (IP address) used within one network to a different IP address known within another network. One network is designated the inside network and the other is the outside. Typically, a company maps it’s local inside network addresses to one or more global outside IP addresses and unmaps the global IP addresses on incoming packets back into local IP addresses. This helps ensure security since each outgoing or incoming request must go through a translation process that also offers the opportunity to qualify or authenticate the request or match it to a previous request. NAT also conserves on the number of global IP addresses that a company needs and it lets the company use a single IP address in its communication with the world. 

NAT is included as part of a router and is often part of a corporate firewall. Network administrators create a NAT table that does the global-to-local and local-to-global IP address mapping. NAT can also be used in conjunction with policy routing. NAT can be statically defined or it can be set up to dynamically translate from and to a pool of IP addresses. Cisco's version of NAT lets an administrator create tables that map:

• A local IP address to one global IP address statically
• A local IP address to any of a rotating pool of global IP addresses that a company may have
• A local IP address plus a particular TCP port to a global IP address or one in a pool of them
• A global IP address to any of a pool of local IP addresses on a round-robin basis
  NAT serves three main purposes:
  1 Provides a type of firewall by hiding internal IP addresses
   2 Enables a company to use more internal IP addresses. Since they're used internally only, there's no possibility of conflict with IP addresses used by other companies and organizations.
  3   Allows a company to combine multiple ISDN connections into a single Internet connection. 
  
  
  
  

Types of Firewalls

Firewalls can be categorized in following types:

Packet filtering: The system examines each packet entering or leaving the network and accepts or rejects it based on user-defined rules. Packet filtering is fairly effective and transparent to users, but it is difficult to configure. In addition, it is susceptible to IP spoofing.

Circuit-level gateway implementation: This process applies security mechanisms when a TCP or UDP connection is established. Once the connection has been made, packets can flow between the hosts without further checking.

Acting as a proxy server: A proxy server is a type of gateway that hides the true network address of the computer(s) connecting through it. A proxy server connects to the Internet, makes the requests for pages, connections to servers, etc., and receives the data on behalf of the computer(s) behind it. The firewall capabilities lie in the fact that a proxy can be configured to allow only certain types of traffic to pass (e.g., HTTP files, or web pages). A proxy server has the potential drawback of slowing network performance, since it has to actively analyze and manipulate traffic passing through it.

Web application firewall: A web application firewall is a hardware appliance, server plug-in, or some other software filter that applies a set of rules to a HTTP conversation. Such rules are generally customized to the application so that many attacks can be identified and blocked.

IP security Protocols Mode

Both AH (Authentication Header) and ESP (Encapsulation Security Payload) support two modes of use: transport and tunnel mode . The operation of these two modes is best understood in the context of a description of ESP.

Transport Mode: Transport mode provides protection primarily for upper-layer protocols. That is, transport mode protection extends to the payload of an IP packet. Examples include a TCP or UDP segment or an ICMP packet, all of which operate directly above IP in a host protocol stack. Typically, transport mode is used for end-to-end communication between two hosts (e.g., a client and a server, or two workstations).When a host runs AH or ESP over IPv4, the payload is the data that normally follow the IP header. For IPv6, the payload is the data that normally follow both the IP header and any IPv6 extensions headers that are present, with the possible exception of the destination options header, which may be included in the protection. ESP in transport mode encrypts and optionally authenticates the IP payload but not the IP header. AH in transport mode authenticates the IP payload and selected portions of the IP header.

Tunnel Mode: Tunnel mode provides protection to the entire IP packet. To achieve this, after the AH or ESP fields are added to the IP packet, the entire packet plus security fields is treated as the payload of new outer IP packet with a new outer IP header. The entire original, inner, packet travels through a tunnel from one point of an IP network to another; no routers along the way are able to examine the inner IP header. Because the original packet is encapsulated, the new, larger packet may have totally different source and destination addresses, adding to the security. Tunnel mode is used when one or both ends of a security association (SA) are a security gateway, such as a firewall or router that implements IPsec. With tunnel mode, a number of hosts on networks behind firewalls may engage in secure communications without implementing IPsec. The unprotected packets generated by such hosts are tunneled through external networks by tunnel mode SAs set up by the IPsec software in the firewall or secure router at the boundary of the local network.

Here is an example of how tunnel mode IPsec operates. Host A on a network generates an IP packet with the destination address of host B on another network. This packet is routed from the originating host to a firewall or secure router at the boundary of A’s network. The firewall filters all outgoing packets to determine the need for IPsec processing. If this packet from A to B requires IPsec, the firewall performs IPsec processing and encapsulates the packet with an outer IP header. The source IP address of this outer IP packet is this firewall, and the destination address may be a firewall that forms the boundary to B’s local network. This packet is now routed to B’s firewall, with intermediate routers examining only the outer IP header. At B’s firewall, the outer IP header is stripped off, and the inner packet is delivered to B.

IPsec (Internet Protocol Security)

IPsec (Internet Protocol Security) is a framework for a set of protocols for security at the network or packet processing layer of network communication. 

Earlier security approaches have inserted security at the Application layer of the communications model. IPsec is said to be especially useful for implementing virtual private networks and for remote user access through dial-up connection to private networks. A big advantage of IPsec is that security arrangements can be handled without requiring changes to individual user computers. Cisco has been a leader in proposing IPsec as a standard (or combination of standards and technologies) and has included support for it in its network routers.

Internet Protocol security (IPsec) is a framework of open standards for helping to ensure private, secure communications over Internet Protocol (IP) networks through the use of cryptographic security services. IPsec supports network-level data integrity, data confidentiality, data origin authentication, and replay protection . Because IPsec is integrated at the Internet layer (layer 3), it provides security for almost all protocols in the TCP/IP suite, and because IPsec is applied transparently to applications, there is no need to configure separate security for each application that uses TCP/IP.

IPsec helps provide defense-in-depth against:

• Network-based attacks from untrusted computers, attacks that can result in the denial-of-service of applications, services, or the network
• Data corruption
• Data theft
• User-credential theft
• Administrative control of servers, other computers, and the network.

IPsec provides two choices of security service: Authentication Header (AH), which essentially allows authentication of the sender of data, and Encapsulating Security Payload (ESP), which supports both authentication of the sender and encryption of data as well. The specific information associated with each of these services is inserted into the packet in a header that follows the IP packet header.

Shop Amazon - Contract Cell Phones & Service Plans

Best Practices for Tightening Internal Data Security

According to the IBM Cyber Security Intelligence Index, U.S. businesses experienced over 1.5 million monitored cyber attacks in 2013 alone.Take a look at these eight crucial security reminders for Internet User to keep in mind.
1. Password Character Requirements. There's a reason why so many web-based consumer services require complex passwords. Unauthorized users are less likely to guess passwords when employees use a blend of phrases, upper and lower case letters, numbers, and punctuation. 
2. Password rotation. Passwords that go stagnant are a liability for companies. For example, former employees might still be able to gain access to confidential information after they leave the company, if teams use the same outdated group email. Schedule password rotations every few months so that every user must update accounts with new passwords.
3. Session time out. This setting prevents a user's account from remaining signed into a system after a certain period of time. For example, if a cashier leaves their point of sale terminal, their session should automatically expire after a delay so that no unauthorized users can attempt to operate the point of sale.
4. No outside hardware. No employee should be allowed to use external hardware in the office, such as storage devices or other peripherals, unless cleared by your company's IT department. External devices can contain spyware or viruses that pose a significant risk to your computers and network.
 5. Installation restrictions. Employees/Students/others should not be able to install unauthorized software on work computers or mobile devices, since unchecked installations can lead to malware infections. For example, a graphic designer might decide to download a freeware utility to complete a project. While they are well intentioned, this employee might accidentally install a trojan on their work computer.
6. Managed mobile devices. Mobile device management (MDM) software allows you to enroll in-house and BYOD technology in a system that deploys security configuration settings, company data and content over the air. This is an excellent way to enforce remote security restrictions, such as password updates or app restrictions.
 7. Backup encryption. Copies of your company data can also be a weak point, if unauthorized users are able to view and edit these files. Work with your IT department to create redundant and encrypted backups of your business-critical data.
 8. Remote wipe. Mobile device solutions like Android Device Manager and iCloud allow you to remotely wipe device data if your smartphone or tablet is lost or stolen. This will quell your fears about confidential data leaks,

Oracle Basic Questions Part-1

1) What is oracle database ?
Oracle Database is a relational database management system (RDBMS) which is used to store and retrieve the large amounts of data. Oracle Database had physical and logical structures. Logical structures and physical structures are separated from each other

2) What is schema?
A user account and its associated data including tables, views, indexes, clusters, sequences,procedures, functions, triggers,packages and database links is known as Oracle schema. System, SCOTT etc are default schema's. We can create a new Schema/User. But we can't drop default database schema's. 3)

3) What is a Tablespace?
Oracle use Tablespace for logical data Storage. Physically, data will get stored in Datafiles. Datafiles will be connected to tablespace. A tablespace can have multiple datafiles. A tablespace can have objects from different schema's and a schema can have multiple tablespace's. Database creates "SYSTEM tablespace" by default during database creation. It contains read only data dictionary tables which contains the information about the database.

4) What is a Control File ?
Control file is a binary file which stores Database name, associated data files, redo files, DB creation time and current log sequence number. Without control file database cannot be started and can hamper data recovery.

5) Define data blocks ?
Data Blocks are the base unit of logical database space. Each data block represents a specific number of bytes of database space on a disk

6) What is an Extent ?
Extent is a collection of Continuous data blocks, which is used for storing a specific type of information.

7) What is a Segment ?
A segment is a collection of extends which is used for storing a specific data structure and resides in the same tablespace.

8) What is Rollback Segment ?
Database contain one or more Rollback Segments to roll back transactions and data recovery.

9) What are the different type of Segments ?
Data Segment(for storing User Data), Index Segment (for storing index), Rollback Segment and Temporary Segment.

10) What is a Redo Log ?
Redo Log files is a collection of 2 or more pre-allocated files, which is used in data recovery. When ever a change is made to the database, change info gets stored in redo files. In case of a database crash, we can used redo files for data recovery.

11) What is a table Cluster ?
Table Cluster is a group of related tables that share common columns are store related data in the same block.

12) What is a cluster Key ?
The common column or group of columns associated with the clustered tables is called cluster Key. Advantage of using cluster key is that the common columns will be stored only once.
13) What is a synonym?
Synonym is the alias name for a table, view, sequence or program unit.

14) What are the two types of Synonyms?
Two types of Synonyms are Private and Public. A private synonym can be accessed by its owner only, where as the public synonym can be accesses by any DB user.

15) What is System Global Area (SGA) ?
The System Global Area (SGA) is a part of system memory which is allocated to all process belonging to  oracle instance. We can allocate memory to SGA by modifying Oracle initialization parameters like shared_pool_size, include db_cache_size and log_buffer.

16) What is a shared pool?
Shared pool is one of the most important part of SGA. Shared pool is used by oracle to handle identical queries, which enables it to execute only once thus by improving performance. Shared Pool depends on db_cache_size parameter.

17) What is Program Global Area (PGA)?
Program Global Area is the non shared memory used by oracle that contain data and control information of server process.

18) What is dictionary cache ?
Oracle Data directory contains meta data about the tables owned by SYSTEM and SYS schema's. Proper sizing of data directory cache allows fast retrieval of data from data dictionary.

19) What is Database Buffer Cache ?
Database buffer cache is used by SGA to hold blocks of data read from data files. Each buffer can hold one database block.

20) What is a cursor ?  
When a DML statements like INSERT, UPDATE, DELETE, or MERGE is executed or when SELECT query is executed, the information (statement and the rows of data accessed by it) about the same will be stored in private SQL area. Cursor is a pointer to this private SQL area.

21) Explain the two type of Cursors ?
Two types of cursors are Implicit Cursor and Explicit Cursor. Implicit Cursors are created when SELECT which returns one row, INSERT, UPDATE and DELETE statements are executed. Explicit Cursors are user defined cursors which get created when SELECT statement return more than one row.

22) What is a Query Record Group?
A query record group is a record group that has an associated SELECT statement. Columns in query record group derive their default names, data types, had lengths from the database columns referenced in the SELECT statement. Records in query record group are the rows retrieved by the query associated with that record group.

23) What is row chaining?
When size of a row exceed size of data block, data for the row is stored in a chain of data block reserved for that segment. This is called row chaining