SITHIRA'S BLOGS

Micro Panda Cross

2011-11-20T17:08:00.005+05:30

This is the newest car of Micro. Named as "Micro Panda Cross".

Why penetration testing information should be destroyed?

2011-10-25T23:57:00.001+05:30

Penetration testing is a sensitive testing mechanism against organizational assets. Penetration testing focuses on the current infrastructure of an organization network and its weaknesses. This test is able of identified most sensitive information security weaknesses of organizations’ network infrastructure. This sensitive information is very critical to organizations and protecting this from unwanted hands is utmost priority. When a penetration testing assignment is underway, it is important to reveal most of the business critical operations, information, critical assets, resource persons, etc to penetration testing team. On the other hand, during their penetration testing process, penetration-testing team can learn many hidden vulnerabilities, security weaknesses, and business process weaknesses and many more. These hidden weaknesses can create catastrophe event to organization without any notification, if goes to intruders or malicious users hands. Although the criticality of this information is very high, organization cannot do penetration testing with their internal teams. This is due to lack of experience, exposure, qualifications, equipments, knowledge of internal teams or lack of personal resource availability within the organization. Hence, organizations have to go for external resources by taking a slight risk. However, many of these risks can be covered via appropriate legal bindings, and selecting reputed, qualified, and professional team of penetration testers. Organizations must draft appropriate legal terms and bindings and get third parties abide by them to protect the organization that they may face in case of breach of confidentiality. In the normal practice and depending on the sensitivity of the information client organizations and third party penetration testing team can agree to destroy the information gathered during the penetration testing process. Furthermore, it should be noted, that client organization must specifically mention the information that they wanted the service provider (penetration testing team) to destroy and the period of time that the penetration testing team can retain confidential data before destroying. On the other hand, it should be clearly define the process to destroy, and confirmation of destroy, etc.

In case, if the external penetration testing team does not destroy the information, it is an unprofessional behavior of that origination or the team, and they might face legal charges or imprisonment depending on the case. Penetration testing team can be victims of, negligence of duties, breach of confidence, reputational damages, and legal actions. Since, the criticality of the information it is advised to destroy the collected information. For instance, if an attacker infiltrate penetration testing team member’s laptop where critical data is stored, attacker can extract very valuable first hand information from without much difficulty. This information can be used against the client organization to blackmail, threaten, attack, steal more information, and selling extracted information to third parties (hackers, competitors), etc.

It is imperative to select very reputed and professional team of penetration testers for your penetration testing projects. Below given are few ways to gauge the penetration testing vendor.

· Check whether the penetration testing is their core competencies. Some organizations provide this as a value added service and not master in the area.

· Check for the real world implementation and experience, rather than paper qualifications of testing team

· Evaluate vendors trustworthiness and competence

· Consider the cost versus frequency of penetration testing needed to conduct

· Find real penetration tester who are expert in the field and have practical experience in real environment, this is difficult to find but it will be worth the test

· Ask for references from vendor and verify their status

· Perform a thorough background check to identify the real nature of the vendor

Session fixation

2011-10-25T23:54:00.001+05:30

Web applications use a mechanism called session management to maintain user’s web experience more smooth and easy. Web servers’ use unique identifier called Session ID to identify users separately. Each user is been granted with a unique session ID upon request to open a connection with a web service. Commonly session IDs are maintain by use of session IDs in a URL, session IDs in a hidden form field or store in cookies. These IDs are given a time to expire in some cases. Many of the cookies are not only identifiers but also act as an authenticator. This enable the interest to attackers, if they can grab the cookies and establish the session, they can take act as a legitimate user. This helps them to carry out unauthorized activities. This method is called session hijacking, where attacker takeover some legal users session and act as a legitimate user. Hence, it is necessary to provide web session security. Web session security is trying to prevent mainly three types of web attacks; those are interception, prediction and brute forcing. Session fixation attack is a three-step process

1. Session setup - The attacker sets up a "trap-session" for the target web site to extract the session's ID or select an arbitrary session ID for the attack. In some cases, the established trap session value must be maintained (kept alive) with repeated web site contact.

2. Session fixation - The attacker introduces the trap session value into the user's browser and fixes the user's session ID.

3. Session entrance - The attacker waits until the user logs into the target web site to fix the session ID value and take over the session by the attacker.

Below listed few ways in which the session fixation can be mitigated.

1. User built in session frameworks - most of the application framework comes in a session management scheme. These generate session IDs and manage them pretty well. These mechanisms are well tested by security professionals and fixed most of the vulnerabilities. Hence, these are much better than the homegrown session managements, due to above reasons.

2. Store session data on severs - any program language provide a way to store session data in objects. These session objects can be stored in servers to prevent attacks.

3. Be aware of the data in the session objects. - Programmers need to be aware of where and what data they store in session objects. These can be DBs, file systems, or RAM. There can be many standards violation (for instance, PCI-DSS, ISO 27001). You can consider encrypting data that is being stored in session objects.

4. Short session timeout sessions - session timeout interval is generally configured in servers. If the time that the session be active without activities can be reduce, where it can reduce the time that left for attackers to steal, copy, of hijack the session IDs.

5. User session ID with enough entropy and length - most built-in session ID frameworks use random session IDs that are difficult to predict due to the long length.

6. Invalidate session on the server - although users and applications clear cookies at their log out from sites, it does not necessarily kill the session on the server. Malicious attackers use session ID replay to gain access to that particular session. This can be avoided with implementation of Session.Abandon() (ASP,.Net), or session.invalidate (J2EE), which kill sessions on the server when users log out.

7. Regenerate session when privileges changes - when the privileges of user changes, sessions should be change. For instance, when a user log in his privileges changes and when users changes from http to https and vice versa.

8. Set flags on cookies such as secure and HTTPOnly - when the secure flag is set cookies will only sent via SSL/TLS (HTTPS connections). When HTTPOnly flag is set, it prevent client side scripting which access cookies and its values. This helps prevent cross-site scripting and stealing session token stored in cookies. Path and domain attribute also can set appropriately.

9. Never to reuse session IDs - session IDs should not be used as cryptographic keys or create unique file names with it. These are only random identifiers assigned by application servers only for a particular session.

Usage of valid SSL certificates - certificated used by application should be valid SSL/TLS certificates. When users are being get used to accept invalid certification, they do not know which is secure and which is not. Attackers can send malicious certificates, which can use this vulnerability. This can raise MITM attacks as well, thus accept only SSL/TLS certificates.

Different password cracking techniques

2011-10-25T23:52:00.002+05:30

Password cracking technique	Description
Social engineering attack (guessing and shoulder surfing)	This is a technique used to manipulate human into perform an action or divulge some confidential information without using any technical actions to breaking to systems. This technique can be utilized to attack systems without any technically sophisticated attacks. Two most interesting techniques are, shoulder surfing and guessing. For instance, you can pretend as a technical staff from the ISP and enter a office premises to meet the network administrator, and ask him to login to systems and see whether everything works perfectly. When network administrator types his password attacker can silently observe his password by standing behind the administrator and looking over his shoulder. Next option is to guess the password by profiling the organization and the user. Most users use a password relevant to them. Hence, if you know the person very well , chances are high to guess what he will use as a password.
Dictionary Attack	This is a subset of brute forcing attacks. Dictionary attacks try to use combination of words instead of all possible password combination of digits. Dictionary attacks use common usernames and passwords to crack passwords. This technique use dictionary words to guess passwords.
Brute Force Attacks	This method tries all possible combination of letters, numbers and characters until they find the correct combination. Comparatively this process takes long time depending on the length of the password, complexity, and the computer speed.
Hybrid Attack	This method of password cracking tries to add numbers or symbols to previous found passwords. Some cases users’ simply add new numbers or words to the end of old password and these passwords can be cracked easily.

Web Application Penetration Testing

2011-10-10T09:06:00.003+05:30

Nowadays everything we see and find is computerized and interconnected, and it is hard to find anything that is not computerized or cannot be computerized. Due this factor, many businesses have improved their efficiency, productivity, save lot of energy (human and machinery), introduce more innovative products and services as well as made services available at fingertips of customers. For instance, web enabled service of banks like internet banking, which enabled customers to stay at home and make all the transactions such as paying utility bills, making other financial transactions, transferring money, checking accounts details etc with comfort and ease. This became possible due to secure web applications used by banks. However, not to forget everything comes with a risk and side effects. In Web applications that we use can have numerous unidentified and hidden vulnerabilities, security loopholes, improper codes, errors and inconsistencies. These could open up disasters to organizations and users if not identified before hand and managed effectively. Hence, organizations need to test these web applications with proven web application testing methodology to correct these vulnerabilities. There are many methodologies existing and organizations can use what is most suitable for the web applications that they require to test. This article will illustrate how to perform web application penetration testing effectively with proven methodology.

Penetration testing is a process of proactive and authorized evaluation of organizational information for security weaknesses. During the process, it analyzes for design weaknesses, technical flaws and vulnerabilities. At the end of the security measures evaluation process, it delivers comprehensive report to executives, management and technical expert’s review. Penetration testing could satisfy the goals of organizations such as test and validate the efficiency of implemented security protections and controls, to enable internal and external vulnerability perspective to organizations, and provide productive information for auditing teams for regulatory compliances, etc.

Web Application penetration test is a part of penetration testing, which only focuses on penetrating web applications and identifying vulnerabilities and weaknesses. Thereafter, reporting that to management and technical experts via reports. This includes the assessment of the web applications and the impact to the organization and often with a proposal for risk mitigation or technical solution.

As of any software and product, Web Applications also need security test to verify that it can handle what they are promising. Web applications have taken serious measures in implementing security within the web applications. On the other hand, it provides required level of security and not susceptible to any identified security vulnerabilities, weaknesses or improper input, modifications, etc. For instance, consider an internet-banking site. It stores personal sensitive information of users such as sensitive financial information and transaction details. If an attacker is able to access this information due to vulnerability in the web application; attacker can perform any transaction, modification, or insert hidden code, etc to the web applications. Hence, could harvest all the customer information and financial details as well as manipulate any information. This would be devastating news for the banking institute as well as their customers. Hence, it is critical to validate the security posture of web applications with web application penetration testing ,to be sure the level of security of the organization.

Since, there are many vulnerabilities in web applications, web applications penetration testers and developers need to concentrate on these items during their testing and application development. It is much better if application developers are well aware and educated to develop secure web applications rather than fixing vulnerabilities later when implemented. Below given list include few of the common web application vulnerabilities.

· Cross-Site Scripting (XSS)

· Cross-Site Request Forgery (CSRF)

· OSAP injection

· SMTP command injection

· Blind SQL/XPath injection

· Code executioin

· CRLF injection / HTTP response splitting

· SQL injection

· Cookie manipulation

· Script source code disclosure

Web Application penetration testing is a complex task and requires very well organized steps to identify and evaluate security measures. Methodology allows this complex process to streamline and have a standardized way to perform each task. OWASP (Open Web Application Security Project) Testing Guide is a proven and recognized Web Application penetration methodology, as well as OSSTMM (Open Source Security Testing Methodology Manual).Below illustrates how to perform Web Application penetration testing and its steps. This is a lengthy process however; it is noted here with brief description.

i. Fingerprint web application environment - this is the basic step to start with, you need to identify web application environment such as used scripting language, web server software, version, operating system, etc.

ii. Investigate the output form HEAD and OPTION HTTP request - these two options usually contain with web server software version, scripting environment and operating system in use.

iii. Investigate format and wording of 404 and other errors - some application environment such as ColdFusion maintain custom error pages that consist of software versions of the scripting language in use.

iv. Test for recognized file types, extensions and directories - different web servers respond differently for unknown extensions than known. Request will monitor for any unusual output or error codes.

v. Examine the source of available pages - immediately accessible pages of front end application’s source code will give very useful details

vi. Manipulate inputs to elicit scripting errors

vii. Test the inner working of web application - scripting languages like Javascript and client-side code can provide information of inner working of web applications

viii. Test database connectivity - access rights should be limited to minimum rights required and limited to required time duration.

ix. Test application code - check for misuse of super user accounts, login ID and passwords, exception /error handling and backdoors left by developers.

x. Test GET and POST in web application - check how these GET and POST are used in web applications.

xi. Test for parameter tampering attacks on the website - try to manipulate URL strings to retrieve sensitive information.

xii. Test URL manipulation - modify URL to see whether you can access unauthorized areas.

xiii. Test Cross-Site Scripting - use tools like, Paros proxy, Fiddler, and Burp proxy to test for these vulnerabilities.

xiv. Test for hidden fields - inspect source code to see if there is any hidden information stored. Try to modify source code and save, then execute and see whether the changes are accepted.

xv. Test for cookies attacks - stealing user cookies will enable attackers to access an account without any authentication.

xvi. Test for buffer overflows - send large amount of data to the buffer, where the buffer will crash and will result in unexpected behavior.

xvii. Test for bad data - enter data in to application by entering between will store in the database, later will result in inaccurate reports.

xviii. Test for client-side scripting - capture a URL after valid login and enter that URL in to a new browser. Check whether you can login without authentication.

xix. Test for known vulnerabilities - use Bugtraq to monitor these vulnerabilities

xx. Test for race condition - application use multiple threads to achieve simultaneous processing, check for this condition.

xxi. Test user protection via browser settings - browser settings provide protection from harmful contents, check whether this is supported.

xxii. Test for command execution vulnerabilities - web applications not properly sanitize the user input data before using it within the application. Application could execute the operating system commands using this.

xxiii. Check for SQL injection attacks - when directly input SQL statements by user are not properly sanitized attacker can steal data from your database, modify and delete.

xxiv. Check for Blind SQL injection attacks - this is identical to SQL injection except it gets a generic page specified by the developer.

xxv. Test for session fixation attacks - this is where attacker tries to use previously used session ID to log again.

xxvi. Check for session hijacking attacks - attacker tries to locate active session and track it, disconnect the host and hijack the session and resume the session after hijacking and use to his will.

xxvii. Check for XPath injection attacks - technique use to exploit website that construct XPath queries from the user supplied input.

xxviii. Test for server side include injection attacks - this exploit web application’s failure to sanitize user supplied data before they are inserted to server side interpreted HTML file

xxix. Check for logic flaws - this is a failure of performing conditional branching or apply security in web applications.

xxx. Check for binary attacks - static buffers may be vulnerable to binary attacks such as format string bugs and butter overflows.

xxxi. Check for XML structural - try to overload the XML parser by sending large amount or malformed XML messages to server.

xxxii. Test for XML content level - use Webscarab tool to test Web Service Definition Language, modify parameter’s data based on WSDL’s definition and check whether you can use web services with escalated privileges.

xxxiii. Test for WS HTTP GET parameter/RESET attacks - check for maximum and minimum length, validate payload, validate the parameter’s names and existence

xxxiv. Test for suspicious SOAP attachments - search wed service definition language that accepts attachments.

xxxv. Test for WS replay - user tools such as WebScarab to capture HTTP traffic and try to perform replay attack.

Few handy Tools for the tester
AtStake WebProxy
SPIKE Proxy
Httprecon - http://www.computec.ch/projekte/httprecon/
KSES - http://sourceforge.net/projects/kses/
Mieliekoek.pl
Sleuth
Webgoat - https://www.owasp.org/index.php/Category:OWASP_WebGoat_Project
AppScan
Nikto - http://cirt.net/nikto2

Every vulnerability found during the web application penetration testing process should be properly documented with valid evidences. Do not try to fix or modify the vulnerability to enhance security of the web application at this moment. This is not a duty of a penetration tester. Penetration tester could inform the relevant authorities if there is an immediate threat, otherwise these findings should be included in to the final reports of the client organization. Make sure the identified vulnerabilities exist with evidence. Furthermore, have proof of concepts to show this could enable greater danger if exploited by an attacker. Penetration tester should not exploit the vulnerabilities and cause any harm to web application of relevant systems. However, if the organization requested and agreed to exploit any vulnerability found during the process, you may proceed. Penetration tester could recommend possible security control measures that organizations could take in order to mitigate the risk exposed due to the vulnerabilities.

This paper discussed briefly how and what areas of a web application needs to be checked for vulnerabilities. In addition, what sort of vulnerabilities that we can find in general. This does not cover comprehensive web application testing in detail or discuss tools in depth. However, few tools that can be used are listed and where the details of these tools can be referred is noted.

Why should we take great care when creating passwords?

2011-10-10T08:32:00.003+05:30

This is a very simple and interesting cartoon that I came across while I was searching some information.I think this is very well depict the importance of setting a secure password. This is simple, humorous, educational and delivering the message with attraction.

It is almost one year

2011-10-10T08:25:00.003+05:30

It is sad to note that I have not updated my blog for almost a year. It is terrible. Why can't I post something in my blog?

Let's start it again, this time I am going to make it through. No excuses. Let me start with my previous post about the bird. This bird's name is "Cuckoo", or else we commonly known as "Koha".

Bird..!

2010-10-23T14:54:00.004+05:30

Very recently I spotted a bird in our garden and though to capture few frames of the scene since that was the first time I spotted a bird in that nature. I don't know the name or anything but will try to find some information and post it here.

Different types of Wireless Networks and comparison of WLAN, WWAN and WMAN standards.

2010-10-23T14:25:00.009+05:30

Wireless networks types can be noted as in two different kinds, one is wireless network by types connection and the other one is wireless networks by the geographical area of coverage. I have described the types of network by the connection below for the purpose of this assessment question.

Peer to peer network – This network allows wireless devices to directly communicate with the other devices. No intermediately devices are place to control or transmit wireless signals between devices. Mostly commonly two or many laptop intercommunicate with each other via wireless technology can be considered as peer to peer network.
Extension to a wired network – Extension point added to the wired network which act as a wireless relays.
Multiple access points – Multiple access points are attached to a wired network by the means of extending LAN with wireless. These networks communicate with wired network as well as wireless access points to fulfill corporate communication requirement.

LAN to LAN wireless network – This allows two wireless access points to interconnect two LAN segments via wireless communication. For instance, this will help to extend the corporate communication between two buildings of same organization via wireless technology.

Key steps in conducting forensic investigations.

2010-10-21T11:05:00.003+05:30

Before proceeding with the investigation, forensic investigation team must be well prepared and equipped with necessary prerequisite facilities. Below indicated steps define the steps that the forensic team should adapt to, although the steps are not limited to this.

I. Policy and Procedure development.

Developing proper procedures and policies will give a clear guidance of functional and operational behavior of the forensic unit, and the mission statement that will keep the unit focus on their existence.

· Software licensing – Purchase required softwares and licenses for the forensics unit

· Training – Forensic team requires specialized training for the investigation.

· Resource allocation – Funds and resource allocation

II. Evidence assessment

Forensic investigator must determine the actions to be taken after considering the evidence assessment against the scope of the case.

· Case assessment – Determine whether you need to sought additional evidences such as finger print, DNA analysis, etc.

· Processing location assessment – Identifying the place of the investigation ( In lab environment or onsite)

· Legal considerations - What is the extend of authority to search.

III. Evidence acquisition

Digital evidence has the tendency of getting destroyed, damaged or altered due to its sensitivity, thus protecting and handling them during the entire process is very critical.

· Imaging – Extract the evidence data by fixing the storage device to a forensically cleaned system.

· Write protection – Perform MD5 (Message Digest 5) or CRC (Cyclic Redundancy Check) before and after examination of evidence to determine if the evidence is being tampered during the examination process.

IV. Evidence examination

This process will defer according to the case that the investigator is working on, method, tools to be used and methodology of the investigation. Examination should not perform on original evidence.

· Preparation – Create a unique folder on a separate system to extract evidence data

· Extraction

i. Physical – Extract /recover data of the full physical drive

ii. Logical – Extract and recover data based on operating system, file stucture.ect

iii. Analysis of data – This is the method of matching the relevance of the evidence data to the case that is being examined.

V. Documenting and reporting

All the incidences have to be documented with the timelines of the occurrence from the beginning to the closure of the case and each and every supporting document should be filed accordingly. Final report has to be produced to the case if needed or only to the relevant authority.

How to implement Wireless VoIP

2010-10-20T14:47:00.002+05:30

Comparatively wireless VoIP is slower than VoIP in wired network. Thus deployment of wireless VoIP needs to consider the real need of wireless VoIP to the corporate network. It is not the point to implement the latest technology but to implement the best system which serves the purpose of the corporate network. Below mentions are basic guidelines for wireless VoIP deployment and this can greatly vary according to the organizational requirements.

1. Make sure the network can handle VoIP.

When moving from wired communication channels to wireless communication channels it is vital to check whether current organizational structure is capable of handling the wireless VoIP requirement adequately and provide the level of expected results. Since data and voice are going to be transmitted through shared medium if the corporate network is also a wireless LAN. Even with the wired data network voice transmission required to be prioritized due to its real time requirement.

Determining the network's readiness for VoIP is essential. A readiness assessment to establish the baseline capabilities of the network will help determine which areas of the overall system need to be fine-tuned or upgraded to support the streaming media requirements of VoIP.

2. Keep the deployment simple.

Deployment of wireless VoIP should take place in parallel or pilot deployment due to the fact that if anything got backfired in the corporate network, it is easy to rectify and resolve without having to shutdown the whole communication lines. This pilot deployment helps to measure the pros and cons of the wireless VoIP implementation and take necessary actions in due places.

3. Create network service maps and update service-level agreements.

During pre-deployment, network administrators should create maps of the network and define service-level agreements with internal departments and external clients. With a proper inventory of the network in the form of a service map, administrators will be able to pinpoint potential bottlenecks and areas of the network that need to be upgraded or extended to support the additional traffic.

Setting requirements in advance is essential, because appropriate expectations and regular feedback between business owners, technology departments and end-users will result in a more successful VoIP experience. Define the policies for ongoing monitoring, performance measurement and management of the network and the VoIP system. Typical SLA metrics include network uptime, application availability, and network and application response time. The data gathered is used to measure pertinent service delivery aspects, such as delay, jitter and uptime, and report confirmation that all requirements and expectations are being met.

4. Consider QoE.

Quality of experience (QoE) is a way to understand the user's perception of the quality of the VoIP telephone systems which can give a correct feedback of the systems that you have implemented. QoE will help measure the success of the wireless VoIP deployment from the end users level.

5. Review, reassess and repeat.

Networks are not static, so implementing an ongoing monitoring process is important. Any change to the infrastructure or usage patterns has an impact to everything on the network. Bringing servers on and offline, upgrading hardware or virtualizing portions of the environment can impact VoIP services.

Continuous monitoring and measurement of IT operations and service-level reporting will provide needed information to quickly resolve network outages and system issues. This technical and business intelligence analysis supports service improvement plans that will sustain the VoIP implementation and make sure end-users do not experience call degradation issues.

Much of the management of the VoIP system and applications can be automated to allow network assessment and monitoring to be repeated consistently to maintain appropriate baselines. Baselines enable administrators to monitor performance and availability, as well as prevent, diagnose and resolve problems.

Wireless Protocols

2010-10-20T14:46:00.000+05:30

These are few wireless protocols in use.

Name of the Protocol	Description
WAP (Wireless Application Protocol)	This is an application communication protocol inherited from internet which is used by handheld devices, mobile phones, pagers and two way radios, smart phones, etc. WAP is supported by operating systems such as PalmOS, EPOC, Windows CE, FLEXOS, OS/9, and JavaOS. This protocol is capable of working with wireless networks such as CDPD, CDMA, GSM, PDC and TDM
TKIP (Temporal Key Integrity protocol)	This is a short term fix introduced to WAP which comes as a simple software/firmware upgrade. TKIP identifies all of the WAP weaknesses. This increase the IV (Initialization Vector) to 48 bits and first 4 bits indicate QoS traffic class while remaining 44 bits are used as a counter. TKIP generate new secret keys dynamically and use original secret key as a base.
SWAP (Shared Wireless Access Protocol)	This is developed by HomeRF Working Group for wireless voice and data networking for home environment. SWAP supports TDMA for interactive data transfer and CSMA / CA for high speed packet transfer.
EAP (Extensible Authentication Protocol)	EAP supports multiple authentication methods such as, token cards, smart cards, Kerberos, one time passwords, certificates and public key authentication. There are two EAP variations, · LEAP (Lightweight Extensible Authentication Protocol) – This is a proprietary protocol of Cisco which use dynamic Wired Equivalent Privacy (WEP) key that are changed with more frequent authentication between RADIUS server and clients. LEAP intends to provide secure authentication for 802.11 WLAN which supports 802.1x port access control. · PEAP (Protected EAP) – This is base on the Internet Draft (I-D) submitted by Cisco, Microsoft and RSA security to IETF. This relies on TLS to allow nonencrypted authentication types and encrypt all user sensitive authentication information.
LDAP (Lightweight Directory Access Protocols)	This is built on X.500 Directory services model and communication has two elements such as client-server and server-server. Few common LDAP server are, IBM DS Series LDAP Directory (AIX), Netscape Directory Server and OpenLDAP server (Linux), etc.
WRAP (Wireless Robust Authentication Protocol)	This is an encryption protocol standard for 802.11i and based on Offset Codebook (OCB) mode of AES. (EC Council)
HDTP (Handheld Device Transport Protocol)	This protocol is optimized for handheld devices and low performance networks and provide security features like, authentication, privacy and integration, counteracting playback attacks, etc. (EC Council)

Wireless Terminology

2010-09-28T21:28:00.001+05:30

These are some of the wireless terminologies used in the industry.

Terminology	Description and common usage	Area of usage
802.11a	ü An IEEE standard for wireless area network which operate in the 5 GHz. Wireless product must support 6,12, and 24 Mpbs data rate as well as this can go up to 54 Mbps.	ü This is used in 802.11a wireless networking
802.11b	ü An IEEE standard support 11 Mbps of data rate and operating range between 2.4 GHz – 2.4835 GHz. This uses CSMA/CD for path sharing. These wireless devices suffer interference with other devices like, microwaves, codeless phones, etc which operate in same frequency.	ü This is used in 802.11b wireless networking
802.11g	ü These devices operate range between 2.4 GHz – 2.4835 GHz and support data rate of 54 Mbps in most of the devices. These devices are backward compatible with 802.11b devices. These standard support better security such as WPA (Wi-Fi Protected Access), WPA2 with pre shared key or RADIUS server.	ü This is used in 802.11g wireless networking, Routers, laptops,
802.11n	ü Latest IEEE standard which support bandwidth upto 600 Mbps. This standard support 2.4 GHz and 5 GHz band and backward compatible with 802.11a, 802.11b and 802.11g wireless standards.	ü This is used in 802.11n wireless networking, routers, laptops, PDAs and 802.11g and 802.11b devices which are compatible with 802.11n.
dBi	ü Decibel is the unit which measures the gain of wireless antenna.	ü Used in every standard due to its usage to measure the signal strength.
Antenna	ü Antennas are used to transmit and receive wireless signals from wireless bridge. Antennas are connected to bridge and bridge is connected to local area network.	ü Used in all standard.
Fresnel Zone	ü The area around the line of sight of WLANs which used to transmit signals between WLAN devices. This are should be free with disturbance for strong signals	ü Used in all the standards.
RADIUS	ü Remote Authentication Dial In User Service an authentication and accounting which used to authenticate dial in users usernames and passwords. This service is used by ISP (Internet Service Providers)	ü Used in all the standards when needed to authenticate.
WEP (Wired Equivalent Privacy)	ü This is a security layer which used by wireless network. WEP used shared key by source and destination devices to encrypt and decrypt communication.	ü PDAs, Wi-Fi areas, hotspots, WLAN, WPAN,
SSID (Service Ser IDentifier)	ü This is the public name which identifies the wireless network from other networks.	ü WLAN, WPAN, WMAN, etc.
PCMCIA (Personal Computer Memory Card International Association)	ü External peripheral device which is comes in size of a credit card. This can be fixed to laptops to get wireless connection.	ü Laptops, PCs
Access Point (A/P)	ü Help users to connect to WLAN or wired network. Mobile users are automatically shifted to next AP while they are on the move.	ü WLAN, WPAN, WMAN, etc.
WPA (Wi-Fi Protected Access)	ü Security mechanism better than WEP which provide better security.	ü WLAN, WLAN, WPAN, PDAs,
WLAN (Wireless Local Area Connection)	ü High frequency radio waves or infrared can be used for communication between nodes. In this Local Area Network used wireless transmission for communication.	ü
WWAN (Wireless Wide Area Network)	ü Similar to WAN except the implementation of wireless technology for communication. These enable users to interact with corporate email, applications and information as they do in the wired environment.	ü
WPAN (Wireless Personal Area Network)	ü With help of IrDA and Bluetooth we can communicate in a short distance such as 10m. This enabled personal area network which equipped with personal devices like, PDA, laptop and wireless printers, etc.	ü
WMAN (Wireless Metropolitan Area)	ü Wireless communication network which covers a metropolitan area which use multiple WLAN in the range of 50km.	ü
War Driving	ü This is a process of travelling around buildings to find out available wireless access points to gain access to networks and internet. Hackers use war driving to gain unauthorized access to corporate networks.	ü This can be used in any wireless network.

RFID Implementation.

2010-09-28T21:12:00.004+05:30

RFID (Radio Frequency Identifier) is an interesting and booming technology in tracking, monitoring and administration in many industries. These RFID devices automatically transmit radio frequency which has a unique serial number for identification that particular devices uniquely. RFDI technology uses few main components in their architecture to provide complete and comprehensive system. Main components are RFID tag, Tag readers, RFID antennas, RFID controllers, RFID premises servers, and RFID integration servers.

RDIF architecture is shown in below diagram for better comprehension.

Implementation of RFID projects needs to be thoroughly planned and organized due to its nature of complexity, cost and needed expertise knowledge. First of all network administrator should have clearly identify the use case of RFID project. Planning, designing, and implementation of RFID project is based on the use case. Hence, meeting all the requirements of users is a great achievement but very difficult task for the implementer due to compatibility of hardware/software, environmental, budget, and organizational structural issues. When implementing RFID project minimum of below points needs to be adequately addressed.

Project objectives must be clearly defined and understood by the RFID team before hand doing anything. To understand clear objectives you need to identify why the organization is required to have RFID implementation, to serve what purpose. Whether it is trying to comply with some regulations or trying to improve productivity, efficiency or cost reduction in long run for their production environment or warehouse. This identification of reasons and setting objectives based on the facts you collected will help having smooth implementation process.

There should be a proper site survey to analyze the current infrastructure to identify places needs implementation of RFID. Selection of RFID product such as RFID tags, RFID readers, RFID antennas, etc need to be determined by the project team to suit the project budget. This is an area where there are lot of questions been rose. Your budget may not be enough to purchase required hardware devices such as RFID tags, RFID readers, etc with expected quality thus, this may leads to improper operation of devices when integrating, mismatch of your requirement or low quality of service. It is important to point out the disadvantages of having a fixed budget which cannot facilitate the organizational main purpose, thus get your budget approved for correct devices or else proceed with compromised budget, which is not recommended. On the other hand make sure your devices that are going to be purchased are well tested and have met quality and compliance standards in industry. There may be other RFID systems already in place in the organization or different system using radio frequency, in these conditions proper investigation should be carried out to identify the interferences that these existing systems may have on the RFID project you are going to implement.

Next step is to align your project to the organizational processes. Your organization’s business in the main concern, and this RFID implementation should benefit to the organization as a whole and improve the processes without adding burden. Due to new RFID implementation there may be a need to process/procedure realignments, adding new process/procedures, removing redundant processes/procedures, etc, which have to be well analyzed and adjusted to suit the business needs and implementation of RFID project.

Software configuration and integration of RFID devices play an important part in the RFID project. All the devices need to place in appropriate places as decided during the planning stage and configure software to connect all RFID devices and meet organization expectations. It is acceptable to start with the default configurations for general purposes applications. But fine tuning to get maximum accuracy and high performance needs well trained professional knowledge.

When all the things are in place monitor how interdependent components behave in the system. For instance all processes, equipments, software, and human aspect of the entire system needs to operate in collaboration to produce better result. Monitor all aspects to identify places where it needs adjustments to smooth the operation of RFID system to improve performance and efficiency.

One main aspect needs to address above all stages is education, awareness and training for users and manage the positive/negative resistance of users. People might have a misunderstanding of that implementation of RFID system will eliminate the human resources in the process which may results in loss of employment. If this situation cannot be managed diplomatically, this might result in a project failure with large amount of financial, and human resources wastage.

Applying RFID in real time or in line process just to serve the purpose of customer compliance is not going to give you a cost effective solution. But if the customer compliance is going to make huge difference in the market place than when it is not compliance, then the implementation is definitely going to give financial advantage. If the customer compliance is not going to add ad impact to your market place, then these are going to add some additional cost to the production due to its implementation of RFID tags. Thus, if the organization can find another a place where they can improve a production process, streamline warehouse operation, or improve logistic services, etc with the implementation of RFID system along with complying customer requirement, then the organization is reaping the true benefit of implementing RFID system.

Perimeter defense strategies employed on various segments for an internal network.

2010-08-14T09:43:00.005+05:30

One of the main aspects of security is to avoid, minimized or defend malicious activities as soon as it detects or take action before hand as appropriate. If this tasks can be achieved from the boarders of your premises and reduce the impact of the risk to the organization, it is the best method. Even though many of us have not considered perimeter defense in-depth, it is becoming very valuable defending strategy for any organization during incident breaches.

Safe-guarding organizational perimeter is an art and a science, which needs to identify all possible perimeter breaches in all the possible angles and applying best solution which balance the financial commitment of the organization and the amount of the risk that the organization can tolerate.

As a beginning of the defense strategy we must analyze the organization’s assets and their importance to the organization’s operation. Thereafter we should analyze and identify the risk factors involved and their impact to the business. When we are preparing the defense strategy consider above analyzed factors and find a balance between them. Deferent departments have different requirements as the defense strategy differ.

Reception area is the mostly frequently exposed area to the general public and there are limited numbers of measures that we can take to restrict access to this area. But in this scenario will look at the internal access to the area rather than the outside access. All internal work forces have basically given privilege of accessing the area since they are trusted by the organization than general public. This privilege can be misused by the employees with malicious intention. Reception area is equipped with important customer contact details, head of departments personal contact details, and access to whole contact detail of all major contacts. If an unwanted individual access these information they can exploit those detail and gain very valuable information. Even misuse of equipments like business telephone lines, international call facilities, can be dangerous and could tarnish the reputation of the organization. To prevent such occurrences taking place this area should be protected even from the internal staff by restricting access to only necessary people, placing the equipments in a secure manner by partitioning the area or separating access from visitors and internal staff.

Finance department should have a more restricted movement of internal staff as well. All organization information is stored in the place and manipulation, copying, or deleting this information has very drastic impact to the business. This could even take down the whole operation of the business and keep the organization out of operation for few days or forever. Free movement to this area by general public is generally restricted by any organizations, thus very marginal consideration is given by access from internal staff. This area’s access privileges can be controlled by company security policies for internal and external people. On the other hand restricting access by means of access controls like finger printing, facial recognition, proximity cards, ID cards, door access systems and monitoring cameras could be useful.

One of the main departments in any organization is the information technology department. This needs to have very strong security defense in place to protect the information. This target can be fulfilled by the implementation of properly planned and tested defense system. Apart from the general security measures placed in other areas in the organization such as security cameras, finger printing and ID cards below measures can be placed. Special security policy for IT department, formal sanction process to penalized the breach of security policies, limit very restrictive permission for IT department, properly laid and practiced backup procedures, maintenance procedures, SLA (Service Level Agreements), training and education for internal staff to understand, practice and obey the IT rules and regulation, man-traps, etc.

Why is it important to have disaster recovery and business continuity policy?

2010-03-24T22:35:00.004+05:30

Business continuity plan (BCP) is the way in which an organization should recover and restore its organizational function within a predetermined time frame after a total or partial disturbance to its services during a disaster. These disasters can be earthquake, flood, natural disaster, terrorist attack, or any major event which cause a catastrophic event to the organization. In simple terms, BCP is a method of planning strategically to prevent or if possible manage the consequences of a disaster, as a result reduce the consequences to a limit that businesses can absorb.

BCP manual is a printed manual which is stored in a safe place (remote site) which contains names, contact numbers, crisis management staff and other staff details, venders, clients and details of offsite backup site to operate, other important legal documents and business documents, etc. Organizations should make sure their BCP manual is realistic and easy to follow in a crisis situation without adding another burden.

Disaster Recovery Plan is a map of how an organization gets recovered in the event of a major disaster and continues its business. This is a key component in an organizational business continuity planning. Business continuity plan has a broader scope than disaster recovering planning in an IT perspective.

We cannot predict what disaster will happen next and what impact that will have on our business or the patterns in which those disasters are occurring. Businesses have to continue with minimum interruption to survive in the industry. Suppose an organization is faced with a disaster, as a result its network and the communication went down. How can you operate the organization in a situation like this? This is where you see the practicality of investing for a BCP and DRP to backup plan to guide you how to operate in a disaster situation and how to get out of the disastrous situation. BCP guides you during this difficult situation how to find the resources and operate with business till you recover fully from the disaster. DRP is more towards the technology and how to build the normal operation after the disaster is over, while BCP helps to operate the business functions during the disaster’s period.

Project Processes which should be followed when implementing IT Security projects

2010-03-24T22:23:00.001+05:30

IT security project require well defined processes because omission and errors can leads to huge security holes. There are quite a lot of processes should define to implement a IT security project. These processes are briefly discussed below.

Acceptance criteria - These is predefined results which can be expected during the security project. These results are agreed y discussing with key stakeholders of the IT security project.

Risk management - you conduct a thorough risk assessment and threat assessment to identify the risk associated with the security project and define in which way those risk can be avoided, mitigate or transfer during and after the project.

Change management - Errors and omissions in security project is hard to avoid but keeping proper track of what went wrong, when, where, how and what measures you take should be properly documented to avoid countering or solve the risk and problems that could occur in future.

Communication procedure - Most importantly the communication has to be managing properly. Project’s key stakeholders and sponsors have to keep informed about the milestones of the project throughout the security project. The process of when, how, who to keep update and at what frequency should to known when starting the security project. Otherwise project manager and team will have a tough time what, when and whom to inform when the security project underway.

Quality management - Quality measured through testing and this should be clearly defined in your quality management procedure. What test methodologies to use, what modules to test, when to test, etc have to be defined in advance. Level of testing required for IT security projects is solely depend on the type of the security project and the severity of the impact to the organization.

Status reporting - Status of the project should be updated to project sponsors and key stakeholders when needed. This frequency of reporting can be agreed during the project requirement phase, where you can discuss the report type required and what frequency they needed.

Escalation procedure - If the issues cannot solved through the normal channels, you need to pass the issue to the next level in the escalation hierarchy to reach a solution. These escalation paths have to be identified accurately and defined clearly in case of an emergency to follow without causing any delay for the project.

Documentation - Every aspect of the project should be clearly documented. This documentation will greatly help in future when managing, monitoring and troubleshooting some errors in the project.

Approval procedures - Approval procedure should include who has the authority to approve for changes in the project. Mostly this will be the project sponsor who makes the decision about the security project. You cannot run here and there to see who should approve the changes in urgent situation. If these procedures are clearly defined, the unwanted delays could be avoided.

Deployment - Deployment procedure should include when and how the deployment should happen. Before the deployment all the affected parties must be informed in advance to avoid unwanted systems problems, this can be address in the communication plan.

Operational procedures - How the security system is monitored during the day to day activities and who is responsible for the maintenance and monitoring of the implemented system is mentioned in the operations procedure. It includes how to manage the security system and to whom to contact in case of any emergency, etc.

Training procedure - Users of the security system should be adequately trained to get the maximum use of the implemented security system. Through training you increase the awareness level of the users and make them responsible for the system, where they can report any suspicious activity.

Capturing Nature - Sky

2009-08-16T17:20:00.004+05:30

These pictures were captured during 2006-2007 using Nokia 6230i.

Data Compression Algorithm - Lampel Ziv

2009-08-16T17:06:00.003+05:30

This is a universal lossless data compression algorithm designed by A. Lampel, Jacab Ziv, and Terry Welch, which was published by T. Welch in 1984 as an enhanced version of LZ78 algorithm. Lempel Ziv algorithm is mostly used in compression like gzip, GIF, and V.42 modem standard. There are two algorithms derived from Lempel Ziv algorithms , they are LZ77 and LZ78.

Most data carry a pattern, for instance in an article some letters appear more often than others, data compression techniques uses this method to compress data by replacing repeated letters by adding different short value to it and get a small size than the original data. Reproducing the original data is possible in this lossless data compression method. Lempel Ziv uses an adaptive dictionary; this is created in while the data being encoded. On the other hand it is not required to transmit or store the dictionary since decoder is capable of building the dictionary. The dictionary size can increase infinitely large in theory, although it practice it increased to certain extend and stop. Recommended size of a dictionary is 4096.

What is Data Hiding Analysis ?

2009-08-07T11:24:00.002+05:30

Data hiding analysis is the method or the process of searching for the hidden data in the system or the hard disk. Cybercriminals hide the information in the system by thinking that it would not be detected by searching queries or advance forensic data analyzing tools used by forensic investigators. They will use different methods to hide the information or the application that they infect, intend to damage or trying to steal in hidden format inside the hard disk using many varieties of data hiding methods such as using tools like Invisible software or simple method of adding the hidden flag in Windows file system or by adding the hidden attribute (-h) in DOS prompt. In some other cases cybercriminals change the file format of the data so that it appears different to other users. For instance a cybercriminal who is trying to pass out a confidential business data file (MS excel file) might rename it as a picture file and nobody would suspect since this is a totally different file than it looks. Later the cybercriminal will rename the file extension back to the excel format and use it.
On the other hand cybercriminals use steganography techniques to hide data from the authorized users. For example in MS PowerPoint slide add a picture of a “duck” and insert a confidential document and minimize it as much as possible then change the font colour of the words to white and group with the “duck” picture and save and send via e-mail. Everyone will think that sender is transferring a picture of a duck to a friend, but the actual scenario is the cybercriminal is transferring confidential data without anyone noticing any difference.

Windows XP boot Process

2009-08-07T11:14:00.002+05:30

When switch on the power of a PC, system clock send clock ticks to start the CPU, then the CPU checks the startup program in ROM BIOS and starts the POST (Power On Self Test) which is tests all the hardware devices functionality of the PC and check whether the PC is good condition to operate. If the POST completed successfully it finishes the initialization of the CPU. During the POST process it checks whether this power on process occurred due to soft/warm or hard/cold start. (Cold start is when the machine start occurs with an in proper shutdown, whereas soft start happens when the machine is restarting with proper execution of commands when it is on) If it is a cold start POST perform a full test and if it is a warm start it omit the memory test part during the POST.

BIOS check the disk and load the MBR (Master Boot Record) to the memory, and then MBR take over the boot process. Boot Loader in the MBR searches the partition table for active partition and reads first sector to locate Boot Record. NTLDR (NT Loader) is a system file which is stored in the system root start the XP loading in following phases;

Initial Boot Loading – Processor is turned to real mode from the protected mode and switched on the memory paging. NTLDR will detect and load Boot.ini into memory.

Operating System selection – Boot.ini check whether it has more than one operating systems configured in the system and if it identified two or more it stops the process and allow user to select a OS.

Hardware detection – When XP is selected, NTLDR loads the Ntdelect.com program which detect the hardware profiles configured for the system. If there are many hardware profiles detected, it gives a time period to select a hardware profile for the system before proceeding with the 1^st profile. Then NTLDR is loading Ntoskrnl.exe.

Configuration selection – It loads drives which are selected as boot drivers to the system, while ntoskrnl.exe in first phase disable interrupts and call HAL (Hardware Abstraction Layer) to setup interrupt controller, then it enables the interrupts before the next phase. During the 2^nd phase below processes execute and re-initialization occurs in the given sequence.

a. Object manager

b. Executive

c. Microkernel

d. Security Reference Monitor

e. Memory manager

f. Cache manager

g. LPCS

h. I/O Manager

i. Process Manager

I/O manager first finishes loading boot drivers and system drivers and prioritized and load all other drivers. Session Manager Subsystem (SMSS) loads win23k.sys devices driver which change screen into graphical mode. After successful loading of all the device drivers and services it saves its configuration as “Last Know Good Configuration”. Hence logging process is started by Winlogon.exe, and lsass.exe (Local Security Authority) displays the logon screen.

Good Luck and Bad Luck

2009-07-15T09:24:00.003+05:30

Prof Richard Wiseman is based at the University of Hertfordshire in the UK, and has gained an international reputation for research into quirky areas of psychology, including deception, humour, luck and the paranormal.

This is the one such experiment conducted by the Prof. wiseman about how some people get all the luck and others miss it.

By Professor Richard Wiseman, University of Hertfordshire :

Why do some people get all the luck while others never get the breaks they deserve? A psychologist says he has discovered the answer. His study in his own words:--

Ten years ago, I set out to examine luck.

I wanted to know why some people are always in the right place at the right time, while others consistently experience ill fortune. I placed advertisements in national newspapers asking for people who felt consistently lucky or unlucky to contact me.

Hundreds of extraordinary men and women volunteered for my research and over the years, I have interviewed them, monitored their lives and had them take part in experiments.

The results reveal that although these people have almost no insight into the causes of their luck, their thoughts and behaviour are responsible for much of their good and bad fortune. Take the case of seemingly chance opportunities. Lucky people consistently encounter such opportunities, whereas unlucky people do not.

I carried out a simple experiment to discover whether this was due to differences in their ability to spot such opportunities. I gave both lucky and unlucky people a newspaper, and asked them to look through it and tell me how many photographs were inside. I had secretly placed a large message halfway through the newspaper saying: "Tell the experimenter you have seen this and win $50."

This message took up half of the page and was written in type that was more than two inches high. It was staring everyone straight in the face, but the unlucky people tended to miss it and the lucky people tended to spot it.

Unlucky people are generally more tense than lucky people, and this anxiety disrupts their ability to notice the unexpected.

As a result, they miss opportunities because they are too focused on looking for something else.

They go to parties' intent on finding their perfect partner and so miss opportunities to make good friends.

They look through newspapers determined to find certain types of job advertisements and miss other types of jobs.

Lucky people are more relaxed and open, and therefore see what is there rather than just what they are looking for.

My research eventually revealed that lucky people generate good fortune via four principles.

They are skilled at creating and noticing chance opportunities, make lucky decisions by listening to their intuition, create self-fulfilling prophesies via positive expectations, and adopt a resilient attitude that transforms bad luck into good.

Towards the end of the work, I wondered whether these principles could be used to create good luck. I asked a group of volunteers to spend a month carrying out exercises designed to help them think and behave like a lucky person.

Dramatic results! These exercises helped them spot chance opportunities, listen to their intuition, expect to be lucky, and be more resilient to bad luck. One month later, the volunteers returned and described what had happened. The results were dramatic: 80% of people were now happier, more satisfied with their lives and, perhaps most important of all, luckier.

The lucky people had become even luckier and the unlucky had become lucky.

Finally, I had found the elusive "luck factor".

Here are Professor Wiseman's four top tips for becoming lucky:

1) Listen to your gut instincts - they are normally right

2) Be open to new experiences and breaking your normal routine

3) Spend a few moments each day remembering things that went well

4) Visualize yourself being lucky before an important meeting or telephone call.

Have a Lucky day and work for it..

The happiest people in the world are not those who have no problems, but those who learn to live with them.

Trincomale Beach

2009-06-18T15:04:00.000+05:30

War Crimes - A creamy pie (for some)

2009-05-27T09:26:00.004+05:30

War Crimes - A creamy pie (for some)!!!

The Glory of Freedom
The menace of terror is finally over. The self proclaimed 'liberator' who was responsible for the massacres of over 65,000 innocents across Sri Lanka for 3 decades is no more, for he and his empire now lies in ashes, buried somewhere in the soils of/off Sri Lanka.

The terrorists were defeated in their own battlefield by men - ordinary men who have shown the world how to do the most extra-ordinary of feats ever accomplished in the modern world - defeating the most ruthless, mono-ethnic, fascist terrorist outfit in the world - the LTTE. The victors are none other than the legitimate military forces of Sri Lanka, the Army, Navy and the Air Force, who were guided and blessed throughout their battle against terrorism by the Secretary of Defense and the overall Commander, HE the President.

These men (and women) have today, kept their sacred promise to safeguard the territorial integrity of our nation against separatists and terrorists. They have given back to us the National Pride that has been dead for well over 504 years or more!!! Perhaps this generation would take better care of it and pass it down to the many generations yet to be born.

Indeed, Mother Lanka is proud that she bore mighty sons as thee!

A Magnificent Victory - Unsurpassed

At a time when the entire world is fighting various terrorist organizations, a small circle of nations such as the US, UK, France and a few Nordic nations who have self proclaimed themselves as "the International community" have yet failed to uproot the evils of terrorism. In contrast, Sri Lanka showed the world how a terrorist outfit perceived to be 'invincible' was totally defeated, whilst ensuring the safety of civilians in the process.

This 'self proclaimed International community' by conduct has little respect for all other nations across the world, and have always resorted to selfish acts disregarding the majority consensus. They often boast of the best military training for their cadres, the use of high-tech weaponry with pin-point accuracy and devastating results. But sadly, even after over 6 years of 'combating' terrorists who seem to be armed only with guns, mortars and the likes, (obviously less sophisticated weapons compared to what these nations are using now), they are still far from seeing an end to their wars in both their own soil and abroad!
In contrast, Sri Lanka, with one of the smallest military units in the world took on the most sophisticated terrorist outfit the LTTE and won. Unlike other terrorists that are battled by the self proclaimed International Community for nearly a decade, the Sri Lankan military fought the LTTE which had the arsenal to invade an entire nation, for they had heavy artillery, 'submarines' and airplanes. Further, the LTTE had the international media eating out of their hands and the services of several diplomats and NGOs across the world. What is more important to note was that the Sri Lankan military forces were fighting within our own soil, to safeguard Sri Lanka's sovereignty, whilst the self proclaimed International Community was fighting on soils of another nation, in different parts of the world!

The three forces of Sri Lanka showed the world, that the fight lies not in the weapons, but in the hearts of men! The Sri Lankan forces have taught these nations that it is not the weapons or the sophistication or the bragging that ultimately wins wars, but brains and brawn combined and flavored with true guts of steel and meticulous military planning, spiced with true leadership and motivation! Whilst showing how terrorists should be dealt with, the three forces took additional pains to show the world the true meaning of compassion for life, which is a far greater virtue than destruction alone - for they rescued over 200,000 civilians held hostage by the LTTE - a feat that took its toll with supreme sacrifices of many soldiers. This feat is indeed remarkable for not a single military outfit in the World has done what Sri Lankan did during the last 02 years and 10 months.

Sour Losers and Childish Antics

The last couple of months, were hectic of times for several foreign politicians (of the self proclaimed International Community), who have tried hard to black mark Sri Lanka's victory and halt the war on terrorism, carried out within our own soil. These people have put away more pressing needs of their own country and people to appease the LTTE and its worshippers. But amidst all this 'interference' by these seedy politicians, especially into an internal matter (as the battle was fought well within Sri Lanka's territorial rights), the Battle was won.

Naturally, we have learnt over the years that there are some people who despise the achievements of others, especially, if the achievements were by people from nations that were termed as 'developing nations' or 'backward', or in certain instances termed as 'failed nations'. After all, civilization, as some Britishers explain, is what they taught the savages in the rest of the world!!! Perhaps, it is this petty jealousy and bruised egos that has aroused some nations and personalities to cry out for "War Crime investigations" against the victorious Sri Lanka, especially at a time when they should actually be congratulating one member nation (of the UN) on their victory over a barbaric terrorist outfit.

It is immaterial whether the world recognizes it or not, for the scourge of terror is finally over for Sri Lanka, and the military objectives of territorial sovereignty and security achieved within the stipulated time period. But as a moral duty, we Sri Lankans should not allow any organization or person to tarnish the image of Sri Lanka for petty politics and personal biases!

War Crimes and Identifying the Real Perpetrators

The IV Geneva Convention describes war crimes as the willful killing, torture or inhuman treatment; unlawful deportation or transfer or unlawful confinement of a protected person; compelling a protected person to serve in the forces of a hostile power; or willfully depriving a protected person of the rights of fair and regular trial; taking of hostages and extensive destruction and appropriation of property, not justified by military necessity and carried out unlawfully and wantonly.

According to so called informed sources, the UN had estimated that nearly 7000 civilians held as hostages and used as a human shield by the LTTE have been killed during Sri Lanka's battle with the terrorists. But a glimpse into the last 3 decades and later in 2005, 2006 and 2007 show us the real perpetrators of war crimes. But astonishingly, the so called advocates and bodies of human rights and the self proclaimed International Community seem to be totally and irresponsibly dumb and numb to the facts that should be considered before barging out strings of gibberish!
The LTTE who have blatantly massacred so many civilians in cold blood from remote villages to places of worship and who resorted to drive out Sinhalese and Muslims domiciled in Jaffna, giving them only 24 hours to vacate and allowing only 12 kg per person to carry on evacuation are Crimes against Humanity according to the prevailing International Laws. There use of arms and violence to carve out a mono-ethnic state is under the same principles, Crime against Peace. Both crimes are well recognized by the Geneva Convention. The latter acts of the LTTE by using human shields, recruitment of child soldiers, forcibly conscripting men and women to fight under a hostile regime against their will are considered as grave War Crimes. No one could argue otherwise against the pile of facts that the self proclaimed International community has deliberately sidelined, without sounding like na‹ve hypocrites in the wake of such appalling atrocities.

Furthermore, the LTTE seems to have a knack for self proclaimed leaders, since after the demise of their previous warlord, the infamous gun running 'KP', has now self proclaimed himself to be the able leader of the LTTE. Perhaps it would be wise for the Human Right watch dogs, including UNHRC to look into the offences above and call on the new LTTE ruler to answer for the atrocities committed against humanity and peace and for the Carnage and War Crimes committed on Sri Lankan soil. Though it can be argued that he was not 'personally involved' in the fighting, the very fact that he advocates a banned terrorist organization and had been the procurement dealer for arms for the LTTE is sufficient grounds for ordinary laymen.

The Art of 'War Crimes'

The Geneva Conventions are a treaty that represents a legal basis for International Law with regard to the conduct of warfare. Not all nations are signatories, and therefore these nations have resorted to retain different codes and values with regard to wartime conduct. On 1st July, 2002, the International Criminal Court, a treaty-based court located in The Hague, came into being for the prosecution of war crimes committed on or after that date. However, several nations, most notably the United States, an active member of the 'international community', have criticized the court and refused to participate in it or to permit the court to have jurisdiction over their citizens. Ironically, these nations are today shouting for UNHRC to investigate war crimes in Sri Lanka!

Further, it is said that a citizen of one of the 'objector nations' would only be brought on trial if he/she were accused of committing war crimes in a country that was a signatory. Therefore the validity of the UNHRC's claim should be established under the terms of signatory nation and the geographical location of the "alleged" war crimes. It also raises the question why the US, which is not a signatory, is hell bent on indicting Sri Lanka for war crimes unless it has some invisible benefit politically of economically. Could it be because of certain affiliations of politicians to pro-LTTE groups as rumoured through several media reports? Or could it be that the rumoured LTTE funds frozen in safe deposit boxes are appealing to some economies in times of economic downturn?

Further, why has the UNHRC overlooked the background and the rescue of over 200,000 civilians by the SL military (who were used by the LTTE as a human shield)? In contrast, the UNHRC is yet to even voice its intentions and action with regard to the war crimes committed by the US and coalition forces on Iraqi and Afghan civilians. The civilian deaths in Iraq alone during their long drawn out 'war on terror' claimed over 100,000 lives according to informed sources. In addition the US, despite their sophisticated weaponry and pinpoint accuracy, bombed unarmed innocent civilians, (women and children included) when the US drones attacked several Afghan villages. Where were the UNHRC and the other HR watch dogs then? Were they even aware that the attack by these drones in several locations around the world left many children half burnt and dismembered?

David Miliband, who is now in a soup for neglecting his duties towards his own electors, was also shouting the implication of war crimes against Sri Lanka. Perhaps, despite being the British Foreign Minister, he may not have heard of the atrocities the British, committed during WW I and II. Is this ignorance or impunity?

In fact, some signatories have routinely violated the Geneva Conventions using the ambiguities of law or political maneuvering to sidestep the protocols established. The definition of a state of "war" may be debated, and hence the term "war crime" itself has seen different usages under different systems of international and military law. The legalities of war have sometimes been accused of containing favoritism toward the winners who have actually drafted these legislations, ("Victor's justice"), as certain controversies have not been ruled as war crimes.

Some examples include the destruction of civilian targets in nations termed as the Axis of Power during World War I and World War II - the firebombing of the German city of Dresden is one such example. The use of atomic bombs on Hiroshima and Nagasaki by the US in World War II; the use of Agent Orange against civilian targets in the Vietnam war by the US; are only a few examples to start off with.

Miliband's own nation, the UK re-designated the German 'POWs' (POWs fall under the protection of the Geneva conventions) into 'Disarmed Enemy Forces' (allegedly unprotected by the Geneva convention) and who were then used for forced labor such as clearing minefields. By December 1945 it was estimated by French authorities that 2,000 German prisoners were being killed or maimed each month in mine-clearing accidents. So where is the justice for these atrocities? Remember, we Sri Lankans, have not resorted to using the captured LTTE terrorist for mine clearing operations - they are being rehabilitated in several centers - That is the difference!

The UNHRC should acknowledge that spotting a war crime is not easy, for example, is it a war crime for the air force of one country to bomb an enemy's television station or identified target? Under the Geneva Conventions, this is not a war crime. Just about all aspects of a state's infrastructure - roads, bridges, power stations, factories - become legitimate targets if they might be put to military use. Further the displacement of civilians from their homes by an army is not necessarily a war crime because it can be argued that the displacement is being carried out for the protection of the civilians, which is indeed the case here in Sri Lanka, as the actions have shown very clearly.

However, one must not forget that the LTTE's conduct a few years back when they drove out the Sinhala and Muslim residents from Jaffna and Mannar are war crimes, since under the Geneva Convention these expulsions are proven to be part of campaign of ethnic cleansing or designed as a mass punishment of civilians and forming of a mono-ethnic state.

End-piece...

In the context of the above, it is quite clear that the Human Right Watch dogs and the UNHRC have not quite got their facts right, and have displayed reputation of unfairness and inequality in their treatment of nations. Whilst, the powerful nations proclaiming themselves to be the sole representatives of the International Community are allowed to get away scot free (for various reasons under the stars), the less developed nations are taken to task and their developments are further hampered by embargoes, baseless accusations and invisible political and economic barriers.

The accusations these organizations and several diplomats shout are more in the nature of tarnishing the image of a nation rather than acknowledging the achievement. But we stand firm, in the face of the world, as a nation that did the right thing in vanquishing terrorism from our own soil and giving freedom to its citizens.

The UNHRC should also note that it is the people who have elected the leaders of this country, and hence the people have impliedly given a mandate to vanquish terrorism from Sri Lankan soil. In such an event, the elected are bound to ensure that their duty towards the people they represent are carried out - and it was (unlike the notoriously failed foreign ministers and secretary of state of some of the nations). Therefore if UNHRC is to shout accusations, it should well consider that it will have to take to task all the citizens of Sri Lanka that abhor terrorism in any form in our own country. It should also consider the repercussions of such a task - in the global context. Sri Lanka looked after its own interest with regard to an internal matter - and that is the way it should be!

"Why have you invited me to speak here? Because terrorism is a threat to all states and to all peoples, which can strike anytime, anywhere. It is a direct attack on the core values the United Nations stands for: the rule of law; the protection of civilians; mutual respect between people of different faiths and cultures; and peaceful resolution of conflict. So of course the United Nations must be at the forefront in fighting against it, and first of all in proclaiming, loud and clear, that terrorism can never be accepted or justified, in any cause whatsoever." - Kofi Annan (2005).

Sri Lanka fought it and won!!! ----*----

References and further reading...

For those of who are inquisitive to further read about the war crimes committed by some of these so called self proclaimed international communities we append a few examples below:

* The US has its own war legislature, and a few of its provisions under common article 3 violations are given below:
(1) Prohibited conduct.- In subsection (c)(3), the term "grave breach of common Article 3" means any conduct (such conduct constituting a grave breach of common Article 3 of the international conventions done at Geneva August 12, 1949), as follows:

(A) Torture.- The act of a person who commits, or conspires or attempts to commit, an act specifically intended to inflict severe physical or mental pain or suffering (other than pain or suffering incidental to lawful sanctions) upon another person within his custody or physical control for the purpose of obtaining information or a confession, punishment, intimidation, coercion, or any reason based on discrimination of any kind. Wonder what the UNHRC and HR watchdogs would do with all those tortured inmates of Abu Ghraib and Guant namo.

(B) Cruel or inhuman treatment.- The act of a person who commits, or conspires or attempts to commit, an act intended to inflict severe or serious physical or mental pain or suffering including serious physical abuse, upon another within his custody or control.... brings to mind the 'appalling' images shown across the international media, where inmates of the above prisons were traumatized by US military - guess the UNHRC was in deep slumber. Perhaps the foreign ministers of the responsible nations should recollect those unsavoury moments!

(C) Performing biological experiments

(D) Murder.- The act of a person who intentionally kills, or conspires or attempts to kill... the best examples were the innocent civilians who were bombed by US drones - again the HR watch dogs seem to be blind.

(E) Mutilation or maiming.- Nothing more than the 'appalling' and pathetic scenes of children burnt and maimed in the US drone attacks.

(F) Intentionally causing serious bodily injury.- Why repeat...?!

(G) Rape.- The act of a person who forcibly or with coercion or threat of force wrongfully invades, or conspires or attempts to invade, the body of a person by penetrating, however slightly, the anal or genital opening of the victim with any part of the body of the accused, or with any foreign object. The UNHRC perhaps sanctions the rape of two innocent Japanese girls in Okinawa, Japan, at the hands of US military...?

(H) Sexual assault or abuse.- Same as above...

(I) Taking hostages - The act of a person who, having knowingly seized or detained one or more persons, threatens to kill, injure, or continue to detain such person or persons with the intent of compelling any nation, person other than the hostage, or group of persons to act or refrain from acting as an explicit or implicit condition for the safety or release of such person or persons. Perhaps, the HR watch dogs have no 'informed sources' to account for the numbers held hostages during the various exercises carried out across the world.

* A glimpse of the War crimes of the British

After Germany surrendered in May 1945, it was divided into sectors, with Russians in the east, Americans in the south, French in the west and the British occupying the northwest, from Bonn to Hamburg. Britain inherited the most heavily populated zone. Hamburg, the second biggest city after Berlin, lay in ruins because of five RAF raids from July 24 to 29, 1943 created a firestorm which rose two and a half miles above the city. In those five nights, most of Hamburg was destroyed. Some 750,000 people were made homeless, and up to 150,000 killed -- many more than died from air raids in Britain in the whole of World War II.

When the occupying forces arrived in Hamburg, they discovered a land of cave-dwellers. Thousands of people were living in windowless concrete air-raid shelters; thousands more crammed into cellars under the rubble or else climbed a ladder into rooms suspended in some teetering ruin, amid falling masonry. (Source: A STRANGE Enemy People: Germans Under The British 1945-50, by Patricia Meehan) A pity that the US and UNOSAT did not have satellite imagery to confirm the craters created by the bombings and the devastations so that the HR watch dogs could have some work! What is worse than committing the act is whitewashing the act!

* A snippet of the War Crimes committed by France

The war crimes were wounds opened by the memoirs of an aging general, 83-year-old Paul Aussaresses, who admits taking part in torture and summary executions during France's long, losing battle to keep Algeria, during the Algerian war for independence from 1954 to 1962. He describes the summary execution as well as tortures France committed on captured 'revels'. For more read France Faces Its Demons For Algerian War Brutality, by Keith B. Richburg, Washington Post, Thursday 10 May 2001; Page A26. (http://www.hartford-hwp.com/archives/61/118.html)
It seems that the very nations who are shouting alleged war crimes on Sri Lanka for fighting a group of terrorists, have also one time or the other committed some of the most heinous war crimes and crimes against humanity and peace against citizens of other nations - not even on their own soil!!!
The above excludes the atrocities committed by these nations during their colonial rule.

(Source : http://defence.lk/new.asp?fname=20090526_07 ; By: Manisha Fernando)

Admin Pack in Windows Vista

2008-08-18T08:01:00.003+05:30

I have to use AD (Active Directory) frequently for my office work to identify some issues and troubleshoot, either interactively or remotely. Remote connection has made easy with the Microsoft Windows Server 2003 Administration Tools Pack which you can download and install in your PC. WS2k3 Admin pack is supported by Windows XP, Win2000, and Windows 2003 workstation without any hassle.

But unfortunately I have a Windows Vista Business Edition running in my HPdc7800 Core 2 Duo 2.33GHz system and it is not directly supported by this Admin pack. :( I had bit annoying time with connecting and managing AD because either I have to remotely connect to that DC or have to connect to other PC which is running Admin pack. But with this new script it is running smoothly with my own Vista machine.

You must first run the Microsoft Windows Server 2003 Administration Tools Pack under your user account (Account which needs the Admin Pack), make sure that you have the local administrative privileges otherwise you can not perform this properly. When you try to access the Windows Server 2003 management tools after installation you will get an empty console. Additionally, you will receive the following error message. MMC could not create the snap-in.

Do the following to resolve the problem;

1. Log on to Windows Vista as a user who has local administrator permissions.

2. Create the RegisterAdminPak.cmd script. To do this, follow these steps:

I. Start Notepad, and then open a blank document.

II. Paste the following code to the document in Notepad:

@echo off

REM RegisterAdminPak.cmd

REM (c) 2006 Microsoft Corporation.  All rights reserved.

set filelist=adprop.dll azroles.dll azroleui.dll ccfg95.dll

set filelist=%filelist% certadm.dll certmmc.dll certpdef.dll certtmpl.dll

set filelist=%filelist% certxds.dll cladmwiz.dll clcfgsrv.dll clnetrex.dll

set filelist=%filelist% cluadmex.dll cluadmmc.dll cmproxy.dll cmroute.dll

set filelist=%filelist% cmutoa.dll cnet16.dll debugex.dll dfscore.dll

set filelist=%filelist% dfsgui.dll dhcpsnap.dll dnsmgr.dll domadmin.dll

set filelist=%filelist% dsadmin.dll dsuiwiz.dll imadmui.dll lrwizdll.dll

set filelist=%filelist% mprsnap.dll msclus.dll mstsmhst.dll mstsmmc.dll

set filelist=%filelist% nntpadm.dll nntpapi.dll nntpsnap.dll ntdsbsrv.dll

set filelist=%filelist% ntfrsapi.dll rasuser.dll rigpsnap.dll rsadmin.dll

set filelist=%filelist% rscommon.dll rsconn.dll rsengps.dll rsjob.dll

set filelist=%filelist% rsservps.dll rsshell.dll rssubps.dll rtrfiltr.dll

set filelist=%filelist% schmmgmt.dll tapisnap.dll tsuserex.dll vsstskex.dll

set filelist=%filelist% w95inf16.dll w95inf32.dll winsevnt.dll winsmon.dll

set filelist=%filelist% winsrpc.dll winssnap.dll ws03res.dll

for %%i in (%filelist%) do (

        echo Registering %%i ...

        regsvr32 /s %%i

echo.

Echo Command Completed

III. On the File menu, click Save.

IV. In the Save as type box, click All Files, type C:\Users\UserAccountName\RegisterAdminPak.cmd in the File name box, and then click Save.

3. Run RegisterAdminPak.cmd from a command prompt. To do this, follow these steps:

Click Start, click All Programs, click Accessories, right-click Command Prompt, and then click Run as administrator

I. If you are prompted for an administrator password or for confirmation, type your password, or click Continue.

II. At the command prompt, type the following command, and then press ENTER.

III. C:\Users\UserAccountName\RegisterAdminPak.cmd

Now you are ready to use Admin Pack in Windows Vista. Enjoy. :)