Speak Asia Online Out Of Control In India

Recently CNBC AWAAZ news channel showing that Indian Government Not Able to control Speak Asia Online. Singapore company Speak Asia Online control in India is tough and its very big challenge for government of India. Ministry of Corporate Affairs (MCA) can’t do any thing with Speak Asia because involves with WCO and other country law’s. MCA give information with SEBI and RBI about Speak Asia online to Indian people that how to beware from this company and In upcoming three months they do programs in 300 city.

Speak Asia Launch New Website On 25th June

There is some good news for Speak Asian that now they will be experiencing a new website of Speak Asia which will also include e-commerce and there new Brand YUG. The new website will also feature Air Booking Facilities and you can also buy product directly from your E-Wallet like Mobile, TV, clothes etc. Subscribe to ENet Blog by Email.

To confirm this you can call Speak Asia Helpline numbers :- 91-11-46488000 & 91-11-46170511 .

New Update :- New Website Of Speak Asia which was going to launch on 25th June 2011 has been postpone. Now you will get a new Pop-Up from Speak Asia on 1st July 2011 in which there will be the information regarding New Website Launch and may be YUG Brand Launch.

Any further Update will be posted here. 

Starting today, every SpeakAsian Can See The Below Image – This Is An Indication That The New Website Of SpeakAsia Will Be Seen And Accessible Very Soon

How To Configure Standard Access Control List with Simple Steps

Because a standard access list filters only traffic based on source traffic, all you need is the IP address of the host or subnet you want to permit or deny. ACLs are created in global configuration mode and then applied on an interface. The syntax for creating a standard ACL is
access-list {1-99 | 1300-1999} {permit | deny} source-address
[wildcard mask] 
 

In this article we will configure standard access list. If you want read the feature and characteristic of access list reads this previous article.

In this article we will use a RIP running topology. Which we created in RIP routing practical.

Download this RIP routing topology and open it in packet tracer
 

Three basic steps to configure Standard Access List

  • Use the access-list global configuration command to create an entry in a standard ACL.
  • Use the interface configuration command to select an interface to which to apply the ACL.
  • Use the ip access-group interface configuration command to activate the existing ACL on an interface.

With Access Lists you will have a variety of uses for the wild card masks, but typically For CCNA exam prospective you should be able to do following:

  1. Match a specific host,
  2. Match an entire subnet,
  3. Match an IP range, or
  4. Match Everyone and anyone

Match specific hosts

Task
You have given a task to block 10.0.0.3 from gaining access on 40.0.0.0. While 10.0.0.3 must be able to communicate with networks. Other computer from the network of 10.0.0.0 must be able to connect with the network of 40.0.0.0.

Decide where to apply ACL and in which directions.
Our host must be able to communicate with other host except 40.0.0.0 so we will place this access list on FastEthernet 0/1 of R2 (2811) connected to the network of 40.0.0.0. Direction will be outside as packet will be filter while its leaving the interface. If you place this list on R1(1841) then host 10.0.0.3 will not be able to communicate with any other hosts including 40.0.0.0.

To configure R2 double click on it and select CLI (Choose only one method result will be same)

R2>enable
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#access-list 1 deny host 10.0.0.3
R2(config)#access-list 1 permit any
R2(config)#interface fastEthernet 0/1
R2(config-if)#ip access-group 1 out

OR

R2>enable
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#access-list 1 deny 10.0.0.3 0.0.0.0
R2(config)#access-list 1 permit any
R2(config)#interface fastEthernet 0/1
R2(config-if)#ip access-group 1 out

To test first do ping from 10.0.0.3 to 40.0.0.3 it should be request time out as this packet will filter by ACL. Then ping 30.0.0.3 it should be successfully replay.

PC>ping 40.0.0.3

Pinging 40.0.0.3 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 40.0.0.3:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

PC>ping 30.0.0.3

Pinging 30.0.0.3 with 32 bytes of data:

Request timed out.
Reply from 30.0.0.3: bytes=32 time=140ms TTL=126
Reply from 30.0.0.3: bytes=32 time=156ms TTL=126
Reply from 30.0.0.3: bytes=32 time=112ms TTL=126

Ping statistics for 30.0.0.3:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 112ms, Maximum = 156ms, Average = 136ms

As we applied access list only on specific host so other computer from the network of 10.0.0.0 must be able to connect with the network of 40.0.0.0. To test do ping from 10.0.0.2 to 40.0.0.3

PC>ipconfig

IP Address......................: 10.0.0.2
Subnet Mask.....................: 255.0.0.0
Default Gateway.................: 10.0.0.1

PC>ping 40.0.0.3

Pinging 40.0.0.3 with 32 bytes of data:

Request timed out.
Reply from 40.0.0.3: bytes=32 time=141ms TTL=126
Reply from 40.0.0.3: bytes=32 time=140ms TTL=126
Reply from 40.0.0.3: bytes=32 time=125ms TTL=126

Ping statistics for 40.0.0.3:
Packets: Sent = 4, Received = 3, Lost = 1 (25% loss),
Approximate round trip times in milli-seconds:
Minimum = 125ms, Maximum = 141ms, Average = 135ms

Match an entire subnet

Task

You have given a task to the network of 10.0.0.0 from gaining access on 40.0.0.0. While 10.0.0.0 must be able to communicate with networks .

Wildcards

Wildcards are used with access lists to specify an individual host, a network, or a certain range of a network or networks.

Formula to calculate wild card mask for access list

The key to matching an entire subnet is to use the following formula for the wildcard mask. It goes as follows:
Wildcard mask = 255.255.255.255 – subnet
So for example if my current subnet was 255.0.0.0, the mask would be 0.255.255.255.

255.255.255.255
255 .0 .0 .0 -
----------------
0. 255 .255.255
----------------

Once you have calculated the wild card mask rest is same as we did in pervious example

R2>enable
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#access-list 2 deny 10.0.0.0 0.255.255.255
R2(config)#access-list 2 permit any
R2(config)#interface fastethernet 0/1
R2(config-if)#ip access-group 2 out
R2(config-if)#

To test first do ping from 10.0.0.3 to 40.0.0.3 it should be request time out as this packet will filter by ACL. Then ping 30.0.0.3 it should be successfully replay.
Now do ping from 10.0.0.2 to 40.0.0.3 an
d further 30.0.0.2 result should be same as the packet is filtering on network based

Match an IP range

You are a network administrator at ComputerNetworkingNotes.com. You task is to block an ip range of 10.3.16.0 – 10.3.31.255 from gaining access to the network of 40.0.0.0

Solutions

Our range is 10.3.16.0 – 10.3.31.255. In order to find the mask, take the higher IP and subtract from it the lower IP.

10.3.31.255
10.3.16.0 -
--------------
0.0.15.255
--------------

In this case the wildcard mask for this range is 0.0.15.255.
To permit access to this range, you would use the following:

R2>enable
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#access-list 2 deny 10.3.16.0 0.0.15.255
R2(config)#access-list 2 permit any
R2(config)#interface fastethernet 0/1
R2(config-if)#ip access-group 2 out
R2(config-if)#

One thing to note is that each non-zero value in the mask must be one less than a power of 2, i.e. 0, 1, 3, 7, 15, 31, 63, 127, 255.

Match Everyone and Anyone

This is the easiest of Access-Lists to create, just use the following:
access-list 1 permit any
or
access-list 1 permit 0.0.0.0 255.255.255.255
 

Secure telnet session via standard ACL

This is among the highly tested topic in CCNA exam. We could use extended ACL to secure telnet session but if you did that, you’d have to apply it inbound on every interface, and that really wouldn’t scale well to a large router with dozens, even hundreds, of interfaces.Here’s a much better solution:
Use a standard IP access list to control access to the VTY lines themselves.
To perform this function, follow these steps:

  1. Create a standard IP access list that permits only the host or hosts you want to be able to telnet into the routers.
  2. Apply the access list to the VTY line with the access-class command

Secure R2 in a way that only 20.0.0.2 can telnet it beside it all other telnet session should be denied

R2>enable
R2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
R2(config)#access-list 3 permit host 20.0.0.2
R2(config)#line vty 0 4
R2(config-line)#password vinita
R2(config-line)#login
R2(config-line)#access-class 3 in

To test do telnet from 20.0.0.2 first is should be successful.

PC>ipconfig

IP Address......................: 20.0.0.2
Subnet Mask.....................: 255.0.0.0
Default Gateway.................: 20.0.0.1

PC>telnet 50.0.0.2
Trying 50.0.0.2 ...

User Access Verification

Password:
R2>

Now telnet it from any other pc apart from 20.0.0.2. it must be filter and denied

PC>ipconfig

IP Address......................: 20.0.0.3
Subnet Mask.....................: 255.0.0.0
Default Gateway.................: 20.0.0.1

PC>telnet 50.0.0.2
Trying 50.0.0.2 ...

% Connection refused by remote host
PC>

Network Security Reconnaissance Attack Password attack methods

 Reconnaissance Attack
A reconnaissance attack occurs when an adversary tries to learn information about your network Reconnaissance is the unauthorized discovery and mapping of systems, services, or vulnerabilities.
Reconnaissance is also known as information gathering and, in most cases, precedes an actual access or DoS attack. First, the malicious intruder typically conducts a ping sweep of the target network to determine which IP addresses are alive. Then the intruder determines which services or ports are active on the live IP addresses. From this information, the intruder queries the ports to determine the type and version of the application and operating system running on the target host.
Reconnaissance is somewhat analogous to a thief investigating a neighborhood for vulnerable homes, such as an unoccupied residence or a house with an easy-to-open door or window. In many cases, intruders look for vulnerable services that they can exploit later when less likelihood that anyone is looking exists.

Access Attacks

An access attack occurs when someone tries to gain unauthorized access to a component, tries to gain unauthorized access to information on a component, or increases their privileges on a network component. Access attacks exploit known vulnerabilities in authentication services, FTP services, and web services to gain entry to web accounts, confidential databases, and other sensitive information.

DoS Attacks

DoS attacks involve an adversary reducing the level of operation or service, preventing access to, or completely crashing a network component or service.

Password Attacks

A password attack usually refers to repeated attempts to identify a user account, password, or both. These repeated attempts are called brute-force attacks. Password attacks are implemented using other methods, too, including Trojan horse programs, IP spoofing, and packet sniffers.

Password attack threat-mitigation methods

A security risk lies in the fact that passwords are stored as plaintext. You need to encrypt passwords to overcome risks. On most systems, passwords are processed through an encryption algorithm that generates a one-way hash on passwords. You cannot reverse a one-way hash back to its original text. Most systems do not decrypt the stored password during authentication; they store the one-way hash. During the login process, you supply an account and password, and the password encryption algorithm generates a one-way hash. The algorithm compares this hash to the hash stored on the system. If the hashes are the same, the algorithm assumes that the user supplied the proper password.
Remember that passing the password through an algorithm results in a password hash. The hash is not the encrypted password, but rather a result of the algorithm. The strength of the hash is that the hash value can be recreated only with the original user and password information and that retrieving the original information from the hash is impossible. This strength makes hashes perfect for encoding passwords for storage. In granting authorization, the hashes, rather than the plain password, are calculated and compared.
Password attack threat-mitigation methods include these guidelines:

  • Do not allow users to have the same password on multiple systems. Most users have the same password for each system they access, as well as for their personal systems.
  • Disable accounts after a specific number of unsuccessful logins. This practice helps to prevent continuous password attempts.
  • Do not use plaintext passwords. Use either a one-time password (OTP) or an encrypted password.
  • Use strong passwords. Strong passwords are at least eight characters long and contain uppercase letters, lowercase letters, numbers, and special characters. Many systems now provide strong password support and can restrict users to strong passwords only.
The standard authentication protocols used by various network services, such as RAS and VPN, for authentication include the following:

Password Authentication Protocol

Password Authentication Protocol (PAP) The Password Authentication Protocol sends the user’s username and password in plain text. It is very insecure because someone can analyze and interpret the logon traffic. This is the authentication protocol used by the basic authentication method mentioned previously.

Challenge Handshake Authentication Protocol

Challenge Handshake Authentication Protocol (CHAP) With the Challenge Handshake Authentication Protocol, the server sends a client a challenge (a key), which is combined with the user’s password. Both the user’s password and the challenge are run through the MD5 hashing algorithm (a formula), which generates a hash value, or mathematical answer, and that hash value is sent to the server for authentication. The server uses the same key to create a hash value with the password stored on the server and then compares the resulting value with the hash value sent by the client. If the two hash values are the same, the client has supplied the correct password. The benefit is that the user’s credentials have not been passed on the wire at all.

Microsoft Challenge Handshake Authentication Protocol MS-CHAP

Microsoft Challenge Handshake Authentication Protocol MS-CHAP uses the Microsoft Point-to-Point Encryption (MPPE) protocol along with MS-CHAP to encrypt all traffic from the client to the server. MS-CHAP is a distinction of the CHAP authentication protocol and uses MD4 as the hashing algorithm versus MD5 used by CHAP.

MS-CHAPv2

MS-CHAPv2 With MS-CHAP version 2 the authentication method has been extended to authenticate both the client and the server. MS-CHAPv2 also uses stronger encryption keys than CHAP and MS-CHAP.

Extensible Authentication Protocol (EAP)

Extensible Authentication Protocol (EAP) The Extensible Authentication Protocol allows for multiple logon methods such as smartcard logon, certificates, Kerberos, and public-key authentication. EAP is also frequently used with RADIUS, which is a central authentication service that can be used by RAS, wireless, or VPN solutions.

How to Configure Switch Port Security Ethereal Channel

In this article I will show you that how can you

  • Configuring the IP address and subnet mask
  • Setting the IP default gateway
  • Enable telnet session for switch
  • Enable Ethereal Channel
  • Enable port security

To perform this activity download this lab topology and load in packet tracer or create your own topology as shown in figure

Configure IP address subnet mask and default gateway

IP address and default gateway is used to configure switch remotely via telnet or SSH. Without this essential configurations you have connect with switch via console cable each time. That’s very tedious as you have to go near to switch each time.

Switch>enable
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname S1
S1(config)#interface vlan 1
S1(config-if)#ip address 10.0.0.10 255.0.0.0
S1(config-if)#no shutdown
%LINK-5-CHANGED: Interface Vlan1, changed state to up
%LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to up
S1(config-if)#exit
S1(config)#ip default-gateway 10.0.0.1

Enable Telnet and password protect the line

You can secure a switch by using passwords to restrict various levels of access. Using passwords and assigning privilege levels are simple ways of providing both local and remote terminal access control in a network. Passwords can be established on individual lines, such as the console, and to the privileged EXEC (enable) mode. Passwords are case sensitive. By default There are five VTY ports on the switch, allowing five simultaneous Telnet sessions, noting that other Cisco devices might have more than five logical VTY ports. The five total VTY ports are numbered from 0 through 4 and are referred to all at once as line vty 0 4.

S1(config)#line console 0
S1(config-line)#password vinita
S1(config-line)#login
S1(config-line)#exit
S1(config)#line vty 0 4
S1(config-line)#password vinita
S1(config-line)#login
S1(config-line)#exit
S1(config)#

Enable Switch port security

this feature set allows you (among several other options) to disable a port if more than one MAC address is detected as being connected to the port. This feature is commonly applied to ports that connect security-sensitive devices such as servers. You can use the port security feature to restrict input to an interface by limiting and identifying MAC addresses of the stations allowed to access the port. When you assign secure MAC addresses to a secure port, the port does not forward packets with source addresses outside the group of defined addresses.

Switch>enable
Switch#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Switch(config)#hostname S2
S2(config)#interface fastEthernet 0/1
S2(config-if)#switchport mode access
S2(config-if)#switchport port-security
S2(config-if)#switchport port-security maximum 1
S2(config-if)#switchport port-security mac-address sticky
S2(config-if)#switchport port-security violation shutdown
S2(config-if)#exit
S2(config)#

You can verify port security.

  • Click on the red x button on the right hand portion of the PT window. This will allow you to delete a connection in the topology. Place the x over the connection between Server and S2 and click. The connection should disappear.
  • Select the lightening bolt button on the bottom left-hand corner of the PT window to pull up connection types. Click the “copper straight-through” connection. Click the TestPC device and select the fastethernet port. Next, click on S2 and select port Fa0/1.
  • From the command prompt of TestPC type the command ping 10.0.0.4. The ping should fail.
  • On S3, enter the command show port-security interface fa0/1.

Port security is enabled, port-status is secure-shutdown, security violation count is 1.

Configure Ethereal channel

Ethereal Channel allows you to combine switch ports to increase more bandwidth. If you connect switch ports without Ethereal Channel configurations STP switch’s in built function will shutdown one of these port to avoid loop. You can download this example topology for practice of Ethereal Channel .

  • To enable EtherChannel on DLS1, enter the interface range mode for ports F0/11 and F0/12 on with the command interface range f0/11 - 12.
  • Enter the command switchport mode trunk.
  • Enter the command channel-group 1 mode desirable.
  • Repeat steps a through c on DLS2.
DLS1>enable
DLS1#configure terminal
DLS1(config)#interface range fastEthernet 0/11 - 12
DLS1(config-if-range)#switchport mode trunk
DLS1(config-if-range)#channel-group 1 mode desirable
DLS1(config-if-range)#exit
DLS1(config)#exit
DLS1#

Top 5 Best Nikon Camera Lenses

The wedding season is constantly approaching and soon there will be a flood of customers for your photography company. However, Being the top photographer for the job requires both skills to catch the best shots, and an amazing lens to capture it with. Here is a list of the top 5 SLR lenses sure to impress even the most picky clients, or take amazing nature pictures.

1.Nikon 60mm f/2.8D AF Micro-Nikkor Lens
the first on the list may be the cheapest, but with the quality of every shot it takes, its one of the best lenses in its price range. This auto-focus lens has the ability to focus clearly to 1:1 life size reproduction ratio without breaking a sweat. This macro lens is definitely one of the best macro lenses in its price range, perfect for those photographers interested in taking shots of smaller items and insects to see even the smallest details in every shot.

2.Nikon 24mm f/2.8D AF Nikkor Lens
One of the best photographers from Malaysia mentioned this Nikon lens to me, and I must say If you are looking for a decent 24mm lens, then look no further. This auto-focusing lens comes equipped with Nikon’s CRC floating element feature. It has amazing contrast and resolution and its performance is one of the best for taking shots of landscapes or interior designs. This is definitely a lens for those who want an excellent clear shot with little to no distortion.

3.Nikon 85mm f/1.8D AF Nikkor Lens
If you are a fan of Steve McCurry’s work, then this may be a lens for you as this is one of his favorite lenses. It brings amazing details to portrait shots and gives sharp shots to wide open areas as well. A thing to note about this is it is also relatively small and pretty light, but you can tell that this particular lens is built to last. The only downside to this lens is no auto-focus feature, but if you can get around that minor detail, then you have a winner on your hands.

4.Nikon 60mm f/2.8G ED AF-S Micro-Nikkor Lens
Don’t be fooled by the specs on this lens claiming 7.2″ minimal focus: This one is a winner for both close range and mid range shots. The images it takes are both incredibly sharp and have incredible detail to color reproduction. If you are interested in taking a lot of nature shots, this may be the lens for you.

5.Nikon 17-55mm f/2.8G ED-IF AF-S DX Nikkor Zoom Lens
If you have an extra thousand to splurge on a good camera lens, then look no further. This is absolutely one of the best Nikon lenses the company has to offer. Choosing the best camera is relatively easy but choosing the lens can be a difficult decision, but that’s where this lens shines and never disappoints. Natural light shots explode in color with amazing detail and even though it may seem like it has a relatively frail feel to it, the amazing detail and clarity of the pictures can’t be beat. If you can afford it, don’t hesitate to give this lens a spin.

So this completes the list of some of the best Nikon lenses available and all for good reason. If you decide to purchase these lenses you won’t be disappointed and your clients won’t either as these beauties are built with quality in every detail and you should expect nothing less from Nikon. Just be prepared for some of your clients to be left in tears by the shots you deliver.

iPhone Clock Radio by iLive

iPhone Clock Radio by iLive
iLive Clock Radio is one sexy-looking iPhone dock. The iLive uses your iPhone as the hands, and the number 12, for a traditional analog clock face. A free app download for your iPhone/iPod Touch provides added features, including hour, minute and second hands for a unique clock face, alarm settings and FM radio settings. This can be yours for just $49.99.

A New Amazing PS3 Is Comming Soon!

Sony have got a new PS3 console revision on the way. A Japan and North America release has been confirmed and hopefully other regions will be confirmed fairly soon.

The new CECH-3000B model is meant to be a lighter, slightly slimmer and more economic version of the beloved console. Power consumption will be lower too.

But that’s not all. Sony are reinforcing the consoles security features by adding copy protection to the blu-ray drive. Previously, the copy protection was mainly handled by the systems motherboard and firmware. But in the wake of last years PS3 hack, and more recently the PSN hack, it seems Sony are upping their security on all levels.

Adding security features to the blu ray drives will ensure hackers will not be able to do too much damage, even if they break through the firmware again.

A firmware update will also be on the cards to add new blu ray related drivers to all Ps3′s for performance enhancements and possibly quicker load times.

The console is rumoured to be the 320gb version.

I personally think this will not only aid Sony in further securing the console but also allow them to drop the price and be more competitive as the Wii U hits the market next year.

Source 1: Edge
Source 2:  Andriasang / Gamertell

‘Death of Bin Laden’ Special Telecast On Discovery Channel Full Download

An hour-long special Telecast on how Al Qaeda chief Osama bin Laden was tracked and killed by American commandos will be telecast on Discovery Channel on June 5.

The Telecast will provide a second-by-second account of the bin Laden operation — from the time the intelligence agencies gathered information in 2010 and to the time when he was buried in the sea.
It will show how intelligence tracked bin Laden’s hideout in Pakistan by tracking a senior Al Qaeda courier.
Once the experts were convinced that the compound had Osama, they launched the operation that ended in his death May 2.
The repeat telecast will be June 6 and June 22.

Download Full Video Torrent File – Click Here

http://static.discoverymedia.com/videos/components/dsc/ea2f8670510adc1e54a38dad459d5670fa2a1859/snag-it-player.html?auto=no