Sunday of my Life

Before I go to bed, just a quick note: Exams + Migrane = No Fun

*nodsnodsnods, and regrets it as the almighty thump hits him.*

G’night.

My apologies if you’ve posted a comment here over hte last few days. I got a very sudden influx of spam comments which triggered my moderation queue, so everoyne got routed in there. Ho hum, fixed now. I think I may have to institute a capatcha or hidden field to combat them. That means monkeying around in WordPress’ code, which I really don’t have time for right onw. More exams on the way. Soon, then. After my exams are done. Until then, please bear with us.

Well, it being Thanksgiving in the US, and it being that most of the blogosphere that I surf regularly is located there, there is much ado about Thanksgiving Cookery lately. Of such things is food heaven made.

Me? I don’t celebrate this thanksgiving thingy, but I did celebrate my fan-damn-tastic mark yesterday by taking most of today off. I got some work done this morning, then vegitated with a book the rest of the day. Rounded it off tonight with a good home-cooked meal. Chicken breast fillet marinated for 4 or 5 hours in a honey, soy, brown sugar, sweet chilli and garlic marinade (sealed in a little plastic bag in a bowl in the fridge, and skewer pierced to let it penetrate). Mashed ‘taters. Mushy peas. Steamed carrots. And, after the chicken was cooked, a splash of red wine into the pan, a glazing and a reducing to make a beautifully sweet, smoky sauce.

Beautiful.

I did my CNAP 640-801 Voucher Exam today (to be all offically titled about it and stuff). The purpose being ot net myself a 50% discount on sitting my 640-801 CCNA exam. I needed something aorund 85% for it. Here I present to you my score.

Most Triumphant.

PPP or the Point-to-Point Protocol, is an open-source (I think) protocol for multi-protocol transport on point-to-point serial links. It was designed as an answer to Cisco’s proprietary HDLC protocol, and to address limitations in this protocol, as well as providing a broad, open base protocol that can be extended and updated, to keep pace with emerging protocol technologies. PPP, being an open-source protocol, is available on almost every manufacturer’s platform, unlike HDLC which is only available on Cisco equipment. This makes PPP a more widely spread protocol because, although CIsco is a market leader in internetworking technology, they are far from the only company on the market.

PPP has many features that set it above HDLC as the data-link serial protocol of choice for the growing internet. It is more correctly known as a protocol suite, like TCP, because it contains a number of sub-protocols that provide its greater functionality. This moduler suite design makes PPP almost infinitely extensible, particularly in its unique encapsulation support for different network-layer protocols. PPP also supports two methods of connection authentication in its modular design. Amongst its sub-protocols, the most well-known and notable are LCP (Link Control Protocol), NCP (Network Control Protocol), PAP (Password Authentication Protocol) and CHAP (Challenge Handshake Authentication Protocol). Below is a description of these protocols:

• LCP: LCP, or the Link Control Protocol, is PPP’s signalling protocol. It provides facilities for call negotiation, setup, maintenance, testing and tear-down. LCP frames may contain data on various configuration parameters, including authentication routines to be used, or status messages, or call-termination signals.
• NCP: NCP, or Network Control Protocol, is almost a protocol suite in its own right. It is the open, modular basis on which PPP’s extensibility rests. For every supported network-layer protocol, there is a corresponding NCP that defines methods of transmission, encapsulation and decapsulation. Since each protocl has its own NCP, it means that new NCPs can be written and andded to the protocol without having to rewrite PPP’s whole structure.
• PAP: PAP, or Password Authentication Protocol, is the older of PPP’s two authentication routines. It takes place at call establishment, immedieately after LCP finishes negotiating the link. The reciever challenges the caller for their credentials, and the caller’s password is then transmitted back in a PPP frame, as clear text. This lack of encryption and predictable sequence makes PAP susceptable ot such attacks as playback¹ and man-in-the-middle². This method of authentication is called a two-way handshake, since the process involves one packet exchange from either end.
• CHAP: CHAP, or Challenge Handshake Authentication (or, sometimes, Acknowledge) Protocol, is the newer and more secure of PPP’s two authentication protocols. At the commencement of the authentication phase of connection, and periodically throughout the duration of the call, the reciever sends a challenge frame to the caller. This frame contains a randomly generated string of characters. Using this string and the password both ends calculate a hash, usually using the MD5 algorithm. The caller then sends this value to the reciever, which will trigger one of two events. Either the reciever will send back an acknowledgement and validation frame if the values match, or it will terminate the session if they do not. Since the challenge string is unique and random, the hash generated will be unique and random, making it impossible to guess the password from a number of intercepted hashes since MD5 is a non-reversible hash. The fact that authentication is repeated periodically — this period being controlled by the caller, and negotiated with LCP a tthe commencement of the call — the damage caused by an intercepted and mis-routed call is mitigated, limiting the time an intruder has to transfer damaging data over the link.

PPP’s method of framing data, preparing it for transmission across the serial link, is quite similar to HDLC, making the two protocols in some ways compatible, although HDLC’s use of a proprietary type field prevents true compatibility. PPP, unlike HDLC, also supports seamlessly both synchronous³ and asynchronous⁴ serial transmissions. As with any transmission protocol PPP’s encapsulation follows a set number of fixed-length fields in a set order, allowing each frame to be decapsulated at the recieving end and interpreted clearly. Below is the framing sequence for PPP, sorted by order of transmission:

1. Start Flag: This 1 byte field indicates the beginning of the PPP frame. It always consists of the binary value 01111110.
2. Address: This 1 byte field always contains the standard broadcast address of 11111111. PPP does not assign addresses to hosts because it is designed purely for point-to-point links, where there will only ever be two hosts.
3. Control: This 1 byte field consists of the binary sequence 00000011, a standardised control number which represents the transmission of unsequenced user data, providing a connectionless transmission not unlike the Logical Link Control protocol.
4. Protocol: The 2-byte protocol field indicates which protocol’s frame is encapsulated in the data field of the PPP frame, thus telling PPP which NCP it will have to use. Different values in this field can indicate such protocols as IP, IPX, and AppleTalk.
5. Data: The data field of the PPP frame can vary between 0 and 1500 bytes in length, containing a full, complete frame of the protocol indicated in the protocol field. Since this frame is variable in length, its end is indicated by the End Flag field immediately proceeding it. This consists of the same value as the Start Flag.
6. FCS: The FCS, or Frame Check Sum, is a 2-byte field consisting of a binary hash of the frame contents preceeding it. It is used as an error-detection mechanism. If the frame on the other end does not sum down t othe same vlaue, then an error has entered the frame data and it is dropped.

In summary, PPP is a serial point-to-point link transmission and control protocol suite that supports by synchronous and asynchornous links, multiple network-layer protocol encapsulations, strong, attack-resistant authentication routines and is a non-proprietary, open-source protocol that can be implemented across many varied hardware platforms, allowing inter-manufacturer communication. It is quickly replacing HDLC as the protocol of choice for point-to-point serial WAN links.

1: Playback Attack: A playback attack is an intrusion or subversion method which involves the attacker intercepting the transmission, accertaining which frame contains the encrypted password and storing that, to be ‘played back’ at the target machine at a later date, attempting to imitate a legitimate user.

2: Man-in-the-middle Attack: A Man-in-the-middle Attack involves that attacker, instead of intruding the system thsemvles, intercepting and holding the communication packets between two end-points and modifying them, in an attempt to get the systems to divulge sensitive data to what they believe to be a legitimate destination.

3: Synchronous Transmission: In data communications a synchronous link involves two end-points using a single set clocking rate to transmit their data at. They constantly monitor the connection for clocking points, modifying the clock rate according to these, allowing constant fine-tuning, so both ends stay in synch. The most prevailent example of this is a 56K dialup modem, which transmits data at the clock rate of 56,000 cycles per second. This constant synchronised clocking allows the use of TDM (Time-Division Multiplexing) to allow multiple connections to share the one communications link. TDM works by allowing each connection to transmit for a set number of cycles before it moves to the next. This sequence is repeated over and over, with the reciever being aware of it. Packets are reassembled at the reciving end using this TDM sequence as a guide.

4: Asynchronous Transmission: Unlike a synchronous link, asynchronous communication does not make use of clocking rates. It instead monitors the connection itself, transmitting data as fast as it can. Connection negotiation can place an upper limit on this transmission type if, for example, a recieving host can only recieve data at a lower rate than the transmitter can send it. This method of transmission relies upon set packet preambles and trailers to define where a packet begins and ends, since packets can be of a variable length depending upon the size of the data field. The link protocol may elimiate this need by maknig use of fixed-length frames, splitting up later packets to make them fit. One of the most common asynchronous protocols which also uses this method of delivery is ATM (Asynchoronous Transfer Mode), which uses fixed-length ‘cells’ of 53 bytes.

You heard me, folks. I have officially just completed my CNAP (Cisco Networking Academy Program) Semester 4 Final and compulsary voluntary feedback exams. I scored 88.9% on the final, and with this score (considering the pass is 70%), I am more than happy. Didn’t help — being the paranoid soul that I am — to have a group of people standing behind me laughing as I do the exam. Or the V.35 Serial Cable hitting me in the back of the head. But I got through it regardless of any machinations on their part, real or imaginary. Remember folks: Just because you think they’re out to get you is no reason to assume they aren’t.

One of my friends is currently undergoing a procedure to help save his sight. Eye surgery != fun, never. My thoughts are with you Matt. Here’s for the best of luck.

I am writing code. The code I write, I comment, especially when I’m writing it late at night, since I have a terrible memory lately. But you can tell the comments I write late at night compared to, say, the comments I write during the day, when I’m half-way lucid. It is a matter of:

function auth_quit()//an authorised, normal quit.

compared to:

break;//thus spaketh $_DIETY: "When thou dost find a break, then break the case thou shalt".

I think you’ll agree, my late-night comments can be infinitely more interesting.

Word does Screwy Maths. I tell it: Prineth for me, pages 1 through 10.

It responds: Certainly, mon capitan. Now printing 12 pages.

Quite close to being done with the meat of my Project Development report.

I’m such a trend sheep. This report is about 60% pretty logos and pictures and other assorted frivolities, and 40% actual content.

Just follow the flock, that’s me. All in the name of getting it passed with the minimum of having to rewrite it. Where’s the infernal contract, where do I sign? I have sold my soul to the trend for the purposes of expediency.