Monday, June 30, 2008

Harmony IV: Mi Querido Viejo - My dear Old Man



Piero - Mi Querido Viejo
Transcripción de John Manuel K. T.
“Ars Longa Vita Brevis”  March 16, 2007
===================================================
INTRODUCCIóN
Am Am Am Am Am Am Am G7 (PARADA)

E7 Dm
Es un buen ti-po mi vie-jo
do la mi do la mi si sol#

G7 Cmaj7 E7
quean da so-lo yes pe-ran-do
la fa re la fa re sol mi

Am E7
tie--ne la tris-te-za lar-ga
sol# la si si la si do la

Am G
de tan-to ve-nir an-dan-do . . .
sol# la si si la si do la



E7 Dm
Yo lo mi-ro des-de le-jos
do la mi do la mi si sol#

G7 Cmaj7 E7
pe-ro so-mos tan dis-tin-tos
la fa re la fa re sol mi

Am
es que cre-ció con el si-glo
si do re re do si mi do

G7 C E7
y tie-nehis to-rias sin tiem-po - o . . .
re mi fa fa mi re sol mi re


Am G7
Vie-jo, mi que-ri-do vie-jo
si si si si re si do la

C E7
aho-ra ya ca-mi--nas ler-do
re re re re sol sol mi do

Am E7
co-mo per-do-nan-doel tiem-po
si si si si re si do la

Am E7
yo soy tu san-gre mi vie-jo
mi re mi re mi re mi do

Am G7
soy tu si-len-cioy tu tiem-po - o
mi re mi re mi re mi do si


E7 Dm
El tie-ne los o--jos bue-nos
do la mi do la mi si sol#

G7 Cmaj7 E7
yu na fi-gu-ra pe-sa--da
la fa re la fa re sol mi

Am E7
lae dad se le vi-noen ci-ma
sol# la si si la si do la

Am G
sin car-na-val, ni com-par-sa . . .
sol# la si si la si do la

E7 Dm
Yo ten-go los a--ños nue-vos
do la mi do la mi si sol#

G7 Cmaj7 E7
yel hom-bre los a--ños vie-jos
la fa re la fa re sol mi

Am
el do-lor lo lle-va den-tro
si do re re do si mi do

G7 C E7
con tran-ví-ay vi-no tin-to - o . . .
re mi fa fa mi re sol mi re


Am G7
Vie-jo, mi que-ri-do vie-jo
si si si si re si do la

C E7
aho-ra ya ca-mi--nas ler-do
re re re re sol sol mi do

Am E7
co-mo per-do-nan-doel tiem-po
si si si si re si do la

Am E7
yo soy tu san-gre mi vie-jo
mi re mi re mi re mi do

Am G7
soy tu si-len-cioy tu tiem-po - o
mi re mi re mi re mi do si

Am E7
yo, yo soy tu san-gre mi vie-jo
mi mi re mi re mi re mi do

Am G7
soy tu si-len-cioy tu tiem-po - o . . . etc
mi re mi re mi re mi do si

Saturday, June 28, 2008

Harmony III: Beautiful Music | The Universal Argentinian | EL Argentino Universal

The Harmony of Jorge Cafrune - La Harmonía de Jorge Cafrune

Disfrutar la Poesía Cantada, del Sancocho Sagrado, y la Música de Pueblo

Lo ví cuando era un pibe, es decir un niño, admiré su enorme figura, sus barbas, sus botas y su increíble voz. Caminaba el Gaucho por el centro de Lima. Yo pensaba que era también la voz de mi pueblo, era cerca de los 70s. Perú gozaba de buen fútbol y yo me dedicaba a componer algunas poesías, un poco a escondidas pues nunca se las enseñé a nadie; un profesor de inglés sin embargo logró hacerme concursar en un evento, acerca del señor de los milagros, el cual gané y mi ensayo fue leído en un programa radial. Mi profesor me dijó que podía escoger un premio pues la radio tenía entradas para circos, películas taquilleras o canastas de comestibles y otros productos o juguetes. Le pregunté: "¿Tendrá la emisora, entradas para ver a Cafrune?" La respuesta fue un no categórico, pero de todas maneras me las arreglé para conocerlo y logré darle la mano al mismo Cafrune en la calle. Para mí fue ese encuentro como un verdadero legado, cuyos principios y recuerdos perdurarían en mí muy frescos y en cada momento de mi vida.

Me impresioné y deprimí mucho cuando me enteré de su trágica muerte, más aún cuando me acordé algunas de sus declaraciones en una entrevista que le hicieron, en la cual él contestó a un periodista acerca de lo mal que supuestamente viven los artistas, tanto dentro y fuera de su vida conyugal y con los demás. Cafrune habló y le dió [al entrevistador] el significado de los nombres de su hijas , le habló como las quería y como ellas lo querían a él. Explicó que su esposa nunca se metió ni se enteraba que él era artista y de cuanto se amaban y cómo se respetaban siempre. ...Y mientras recordaba, como lo recuerdo a él ahora y es como una milonga... continuaré en otra oportunidad pues ahora quiero compartir con ustedes algo de lo mucho que es Jorge Cafrune, el Argentino universal.

Zamba de mi Esperanza





Pantalón Cortito





Lo que los "copetudos" Nunca Entederán






Yamila Cafrune le Canta a su Padre



Wednesday, June 25, 2008

Harmony II: The magical healing power of Music ◙ The Music of Libera

There is liberation, harmony and healing in music, listen to this songs.
Far away



Listen Libera's rendition of the Ave Maria



No matter how hateful is the distance between us, Kathy, I will sing for you forever! so learn this song and sing this song for us.



The member Libera Chorus explain what they do. Certainly their renditions are the expression of human harmony. Here their video





Visit Libera's official web site here

Listen to Shirusho: The Armenian who won the European's Heart at Eurovision

Cloud Computing or The Mobile Semantic Web Browser at the iPhone



Powerset iPhone Web App Demo from officialpowerset on Vimeo.

Monday, June 23, 2008

The War on Science: Our Earth or All you need to know about climate change: By an American Leading Authority James Hansen

Your own Conclusions



Part One
Hansen's paper On "Global Warming in the 21st Century.." Read it in here.






Part Two




Part Three




Part Four



Part Five



Part Six

The Human Firewall: The Logic against Digital Attacks

The Human Firewall

External and Internal Testing on Vulnerabilities Assessments

The Logic against Attacks

Introduction

In this paper, I am documenting a brief research that I have conducted on the different internal and external testing approaches employed by the security industry for assessing information systems vulnerabilities. I surveyed different tools, and I have selected mainly vulnerabilities scanners, according to a criteria based on how frequently are in used, reviewed and recommended by security organizations and experts. The information was prepared to be thoroughly discussed during the last meeting held at The Plow of the Sea, Inc. by the security team members. (Course, 2008)

The Human Firewall

What exactly is vulnerability, or have been or could ever be a system, a person or some with the might to be invulnerable. I always remember Goliath the giant Philistine who is infamously known now because his head was cut by the comparatively small David, when in his times and up to that moment when he died was thought to be invincible. Later on, from the 8th or 7th century BC, in one of the first works of the western literature, “The Iliad”, attributed to Homer, we have learned those great duels and battles in a blow by blow fashion between the Greeks and the Trojans, much attention we have devoted to the fights and more importantly to the tactic better known as the “Trojan Horse”, a real exploit of human confidence and vanity. It is used today as much the same manner it was used almost three thousand years ago. It seems that for the most part, crackers know their history but in the Iliad there are many other examples, for example Priam, the king of Troy, we are told, found his way to the meet the mere Achilles at his very fortified and firewalled camp, just for claiming the body of his son Hector. Achilles who was a demigod and the most beautiful and best warrior described by Homer in the “Iliad” was killed in this case by a coward, Paris. Since Achilles was immortal but for one spot, hence the great lesson given by the ancients, “the Achilles’ heel”; it seems that they meant that nothing is invulnerable. The reader could be nodding his head and thinking: both the Iliad and Goliath are just legends, popular stories; nothing can be learned or applied, pragmatically speaking, from them. Well, the basic tenet is vulnerability, i.e. the weakness whereby, a system can be exploited and put at-risk of lost, harm or malfunction. Let me present a more recent example, George Koval.

Koval, posthumously honored as a Hero of the Russian Federation by president Putin just this last November (2007) for his contribution in to increase Russian , as we are told by the International Herald Tribune and the New York Times, well Koval spied for the Soviets, nothing less and nothing more that the Manhattan project, the most top secret project ever in the US was cracked by one guy who played very well basketball, as we are told by his colleagues, and who managed somehow to had access to everything. As an insider, Hero “George” eluded millions of millions of dollars invested on security of the project. He would monitor radiation levels at Oak Ridge, and Tennessee facilities where enriched uranium was converted into bomb fuel, and at Dayton factories in Ohio, he would patiently observed and documented how polonium was refined to be mixed for the so called “Fat-Man”, the plutonium bomb that was dropped in Nagasaki. Now, if we just stop to think about it a little in here, we should be a little concerned when Gregg Herken, a Professor of History at the University of California in Merced and author of “The Brotherhood of the Bomb: The tangle lives and loyalties of Oppenheimer, Ernest Lawrence and Edward Teller (aka the father of the H bomb)” was evenly surprised about Koval’s relation with the soviets. In fact Koval died in Russia at the same technology institute where he had been a student. Although, there were some documented investigations about him conducted at Oak Ridge by Federal Bureau of Investigations [FBI] in 1950s when he was already back in USSR nothing was known up to the day in which Putin anointed him as national hero (Broad, 2007).

I presented this lucubration as a preamble of our most vulnerable link or component, the human and within the human component, the insider, being the most dangerous the seemed very nice sitting at the next cubicle or office. Social engineering techniques exploit our universal needs of our psyche. The need to talk, the need to be understood and the need to be respected, just find out the methodology utilized by the well mannered WWII German master interrogator Hanns-Joachim Gottlob Scharff and Koval to understand that the weakest link could be our best friend or the least likely person like, the boss, the employee or the colleague. Who else could know how to exploit our deepest vulnerabilities? (Broad, 2007) Kotadia (2005) reported, that Kevin Mitnick and his business partner Alex Kasperavicius (this name appears to be a little suspicious to me) of the Mitnick Security Consulting, as a demonstration, are able to access many of their clients systems by using different method of Social engineering, that involved extracting passwords from naïve employees or by simply dumpster diving, et al. Mitnick indicates that any information systems are as secured as their weakest point, and for the most part those points are just the employees that are not trained too well. Most people are focused in technology or the process, explained Mitnick, but a system is managed, maintained, configured and used by human beings. The priority is to train the employees on the importance to observe closely the security policy and participate in all the company’s educative and training security activities (P. 1); Mitnick and Kasperavicius seem to be stating that the best firewall is the human firewall (Kotadia, 2005). Now, I do not know if Mitnick coined the term Human-firewall, what it has become certain that there are many organizations advocating for it, like the PentaSafe Security Technologies, Inc., which has made its business to help organizations to build human firewalls and security policies across the enterprise. However, no everything is about highly and super intelligent crackers, spies, and/or competitors stealing trade secrets or intellectual property, inflicting financial, information, or physical property theft, as sabotage or extortion; much of the havoc, for their credit, is caused by script kiddies and lamers, individuals with nothing better to do than cause pain to others. Panko (2004) reports that sites like CNN.com, eBay, Yahoo.com, Amazon.com, Dell.com, eTrade, et al. have been attacked by a 15-year-old script kiddy (p. 18-20). Panko (idem.) reminds us, “Never underestimate the power of stupid people in large numbers.” (P. 16).


Bibliography

Broad, W. J. (2007 November 12). A Spy’s Path: Iowa to A-Bomb to Kremlin Honor. U.S. New York Times. Retrieved January 19, 2008, from http://www.nytimes.com/2007/11/12/us/12koval.html?_r=1&oref=slogin.

Ciampa, M. (2005). Security + Guide to Network Security: Fundamentals, 2nd Edition. Boston, Massachusetts: Course Technology, Thomson Learning, Inc.

Katterjohn, K (2002 March 8). Port Scanning Techniques. Retrieved January 23, 2008, from

http://www.milw0rm.com/papers/141.

Kotadia, M. (2005 April 14). Mitnick: 'Human firewall' a crucial defense. News.com, ZDNet News, Retrieved January 21, 2008, from http://news.zdnet.com/2100-9589_22-5671188.html.

Ollmann, G. (2007) Tools. Technical Info. Making sense of Security. Retrieve January 22, 2008, from http://www.technicalinfo.net/tools/index.html.

Panko R. R. (2004). Corporate Computers and Network Security. Upper Saddle River, NJ: Prentice Hall- Pearson Education, Inc.

Pflegeer C. P., & Pflegeer, S. L. (2003). Security in Computing, 3rd Edition. Upper Saddle River, NJ: Prentice Hall Professional Technical Reference, Prentice Hall- Pearson Education, Inc.

The Fourth Amendment and Carnivore. (2000 July 28). Statement of the Electronic Frontier Foundation Before the Subcommittee on the Constitution of the Committee on the Judiciary United States House of Representatives. Retrieve January 24, 2008, from http://w2.eff.org/Privacy/Surveillance/Carnivore/20000728_eff_house_carnivore.html.

SANS Top-20 2007 Security Risks (2007 November 28). Annual Update. SANS Institute. Retrieved January 20, 2008, from http://www.sans.org/top20/.

Using people assets to protect information assets: understanding the "human factor" of information security: A Blueprint for building a "Human Firewall in your organization". (2001). Norwell, MA: PentaSafe Security Technologies, Inc. Retrieved January 24, 2008, from http://www.infopackaging.com/Brochures/humanfirewall.pdf.

More Security Sources

Azari, R. (2003). Current Security Management & Ethical Issues of Information Technology. Hershey, PA, USA: Idea Group Inc., 2003. Retrieved January 20, 2008, from, http://wf2dnvr5.webfeat.org:80/8i3HJ1828/url=http://site.ebrary.com/lib/cecybrary/Doc?id=10032091&ppg=18.

Basta, A. & Halton, W. (2007 August). Computer Security and Penetration Testing. Boston, Massachusetts: Course Technology, Thomson Learning, Inc.

Bellovin, S.M. (1989). Security Problems in the TCP/IP Protocol Suite. Murray Hill, New Jersey: AT&T Bell Laboratories. Retrieved January 20, 2008, from http://www.cs.columbia.edu/~smb/papers/ipext.pdf.

Birkholz, E. P. (2003). Special Ops: Host and Network Security for Microsoft, UNIX, and Oracle. Rockland, MA, USA: Syngress Publishing Retrieved January 20, 2008, from http://wf2dnvr3.webfeat.org:80/nDEHJ1268/url=http://site.ebrary.com/lib/cecybrary/Doc?id=10023441&ppg=27.

Cisco IOS Security Configuration Guide Release 12.4. (2006 July 29). Corporate Headquarters. San Jose, CA: Cisco System, Inc. Retrieved January 20, 2008, from http://www.cisco.com/application/pdf/en/us/guest/products/ps6350/c2001/ccmigration_09186a00804f229a.pdf.

Coakes, E. (Editor). (2003). Knowledge Management: Current Issues and Challenges. Hershey, PA, USA: Idea Group Inc. Retrieved on January 13, 2008 from, http://http://wf2dnvr3.webfeat.org:80/nDEHJ1151/url=http://site.ebrary.com/lib/cecybrary/Doc?id=10032062&ppg=22.

Current Malware Threats and Mitigation Strategies. (2005 May 16). Informational Whitepaper. Multi-State Information Sharing and Analysis Center & US-CERT - United States Computer Emergency Readiness Team. Retrieved January 20, 2008, from http://wf2dnvr3.webfeat.org:80/R2LHJ138/url=http://site.ebrary.com/lib/cecybrary/Doc?id=10158249&ppg=27.

Fitzgerald, M. (2001). Building B2B Applications with XML: A Resource Guide. New York, NY, USA: John Wiley & Sons. Retrieved January 21, 2008, from http://wf2dnvr3.webfeat.org:80/nDEHJ1195/url=http://site.ebrary.com/lib/cecybrary/Doc?id=10001744&ppg=32.

Göran P., Kaj J. G. , Peik Å, (2003). Network security software, Current security management & Ethical issues of information technology, Hershey, PA: Idea Group Publishing.

Hassing, K., Kent, A. K., & Johnson, G. (2003). CCNA 1 & 2 Companion Guide, 3rd Edition. Cisco Networking Academy Program Indianapolis, IN: 2003.

Jackson, J. (2007 March 3). Assessing firmware vulnerability. Tech Blog, Government Computers News [GCN]. Retrieved January 21, 2008, from http://www.gcn.com/blogs/tech/43212.html.

Khosrow-Pour, M. (Editor). (2004). Annals of Cases in Information Technology, Volume 6. Hershey, PA, USA: Idea Group Inc. Retrieved January 19, from, http://wf2dnvr3.webfeat.org:80/nDEHJ1158/url=http://site.ebrary.com/lib/cecybrary/Doc?id=10051156&ppg=113.

Maiwald, E. (2002). Security Planning and Disaster Recovery. Blacklick, OH, USA: McGraw-Hill Professional, 2002. Retrieve January 21, 2008, from http://http://wf2dnvr3.webfeat.org:80/R2LHJ12/url=http://site.ebrary.com/lib/cecybrary/Doc?id=10043872&ppg=30.

Nelson, B., Phillips, F. E., & Steuart, C. (2004). Guide to Computer Forensics and Investigations. Boston, Massachusetts: Course Technology, Thomson Learning, Inc.

Panko R. R. (2005). Business Data Networks and Telecommunications, 5th Edition. Upper Saddle River, NJ: Prentice Hall- Pearson Education, Inc.

Ratnasingam, P. (2003). Inter-Organizational Trust for Business To Business E-Commerce. Hershey, PA, USA: Idea Group Inc. Retrieved January 12, 2008, from http://wf2dnvr3.webfeat.org:80/nDEHJ1167/url=http://site.ebrary.com/lib/cecybrary/Doc?id=10032067&ppg=13.

Reuvid, J. (2006). Secure Online Business Handbook: A Practical Guide to Risk Management and Business Continuity (4th Edition). London, GBR: Kogan Page, Limited. Retrieved January 19, 2008, from http://wf2dnvr3.webfeat.org:80/R2LHJ138/url=http://site.ebrary.com/lib/cecybrary/Doc?id=10158249&ppg=27.

Russell, T. (2000). Telecommunications Pocket Reference. New York, NY: McGraw- Hill Companies.

SANS Top-20 2007 Security Risks (2007 November 28). Annual Update. SANS Institute. Retrieved January 20, 2008, from http://www.sans.org/top20/.

Scheneier, B. (January 18, 2007). Information Security and Externalities. Retrieved January21, 2008, from http://www.schneier.com/blog/archives/2007/01/information_sec_1.html.

Tomasi, W. (2005). Introduction to Data communications and Networking, Upper Saddle River, NJ: Pearson Prentice Hall, Inc.

Wheeler, D. A. (2004 October 12). Linux Kernel 2.6: It's Worth More! Retrieved January 21, 2008, from http://www.dwheeler.com/essays/linux-kernel-cost.html

Sunday, June 22, 2008

In the Land of the LANs, the Ethernet is the King: The heart of the Cloud


◙Cloud◙ Computing


The Metcalfe’s Paradigm or the Heart of the Cloud

In the Land of the LANs, the Ethernet is the King

Introduction

In many networking diagrams, the Internet is depicted with an icon of a cloud, as representing perhaps its complex and dense structure. I really do not know how to put it: A networked cloud or Clouded internetwork, anyways the Internet is made out of many other networks. As we “traveled” into the “cloudnet”, we can see that is made out of other interconnected clouds or units, we have some denominations for them. From Global Area Network [GAN] (internet, in this sense all GANs or internets form the one and only one: Internet) (Panko, 2005), we continue our voyage, passing through: The Wide Area Networks [WANs]; Metropolitan Area Networks [MAN]; Campus Area Networks [CAM]; until we outreach the Personal Area Networks [PANs], or Body Area Networks, [BANs] and Power Line Are Networks [PLANs]. (the object of PANs, or BANs, is to peruse the human body to transmit data from people to people by the simple means of touching each other). (Tomasi, 2005, p. 34-38) Notwithstanding, as soon as we look the Internet’s architecture, we by simply inspection understand that within all its main portions or networks, the Local Area Networks [LAN] are the more numerous structures, and in the “Land of the LANs the Ethernet standard is the king”.

Incidentally, Ethernet the subject of this paper, this is a brief study of the development of Ethernet LANs [E-LANs], a standard which in spite of being more than 30 years used by experts in the networking industry, and consumed by the enterprises and homes, Ethernet still prevalent, but especially for companies that as the Great Catalogues Inc. [GCI], are doing or thinking on doing business over the Web (which is just a part of the Internet perhaps the biggest interactive part of it) and thus participate actively in the eCommerce environment. This paper, which has been prepared for the top management of GCI, documents the conducted researching efforts made by the GCI information systems security [GISS] department, for explaining the importance, shortcomings and prevalence that Ethernet plays for the accomplishment of GCI’s eBusiness goals and objectives (Course, 2008).

The Ethereal Ethernet

The ether is here to state, this concept extracted by Robert “Bob” Metcalfe, from the field of classic theoretical physics, to name his network standard, is still very popular among notable researchers, as its definition is being reformulated, once and again, by investigators of the caliber of such physicists as the Nobel Prize laureate, Frank Wilczek of the Massachusetts Institute of Technology [MIT] and by the latest experiments involving Quantum Chromodynamics or QCD and broken symmetries, done at the 2.4 mile Relativistic Heavy Ion Collider [RHIC] of the Brookhaven Laboratory in New York. Nonetheless, Ethernet networks are what we find today in almost every network, whether be at the enterprises or at homes, it is predominantly and extensively utilized. Metcalfe, and his assistant Boggs, were able to develop a system at Xerox Palo Alto Research Center [PARC] to interconnect their computers with those of the then famous, minicomputer manufacturer, Digital Equipment Corporation [DEC] without the use of a mainframe network (Russell, chap. 5 p. 65-73).

Metcalfe & Boggs (1997) published, in 1976, a seminal paper in the journal “Communications” of the Association for Computing Machinery [ACM] with the title “Ethernet: Distributed Packet Switching for Local Computers Networks” in which they defined what really is Ethernet, or the U.S Patent number 4,063,220, “Multipoint data communication with collision detection” issued by Xerox Corporation on December 13, 1976 (TechFest, 1999). Here is part of the original text: “Ethernet is a branching broadcast communication system for carrying digital data packet among locally distributed computing stations. …” (p. 1). Let us how all started …

The Development of the Ethernet

Ethernet networks located itself, at the center of two extremes of the computing spectrum of the late 70’s. On one hand, they had those “big-irons”, enormous mainframes of centralized connections from remote networks of stations, i.e., dumb-terminals (Terminal Teletypes [TTYs]), with the only computability power of a transceiver with a keyboard plus a monochrome screen of lower resolution managed by an Command line Interface, perhaps Multics or MVS. On the other hand, those isolated main frames, with the parallelism offered by its multiprocessing capabilities. However, Ethernet is distributed and for such decentralized (Metcalfe & Boggs, 1976) perhaps, the main ideas behind Ethernet came from the Arpanet’s design which from the beginning was intensively focused on decentralization for resiliency. LAN technology has facilitated our ability to created distributed networks. The figure 1 shows two diagrams that depicts the evolutionary differences between those early time-sharing system of the 60s; and the distributed networks that characterizes most of the currents networks and internetworks of the present time, most of what we owe to the Metcalfe’s paradigm, i.e., the Ethernet.

Figure 1

In fact, as Metcalfe and Boggs (1976) stated, that Ethernet derives from the telecommunications terminal-computer communication era, as depicted in figure 1. The whole point, of these types of networks, was to connect those dumb terminals to a centralized computing facility. The facility consisted of several separated units: The computer, the front-end processor, the file storage unit, et al. So the challenge that Metcalfe faced at the time, and was able to met rather successfully, was the need for computer-to-computer communication. in which computers were used as a packet switches and for resource sharing, all of what of course, and again, was developed by the direct initiative of ARPA, and names like Bob Taylor, Leo Roberts, Vincent Cert, et al.

Figure 2

Metcalfe op. cit., pointed out in his paper how Ethernet was developed since the times of the Aloha networksMenehune, (Figure 2) the Hawaiian version of the Arpanet’s central processor called the Interface Message Preprocessor [IMP] (A packet switching appliance that can be considered as the first router ever, it was designed and built by BBN in Boston, Massachusetts, after winning among 140 companies, a Request For Quotation [RFQ] released from the then ARPA’s Director, Bob Taylor, to built the Arpanet). (p.1-2) Tomasi (2005) states that Metcalfe called the first Ethernet the Alto Aloha Network, changing the name later to Ethernet to making a point that his standard could be used by any computer not just the Xerox’s Alto. Tomasi (idem) added that Metcalfe had had chosen “ether” as meaning of air, atmosphere or heavens. (Chap. 18, p. 572) By reading his paper, I think that what he meant by “ether” was the vital force that connects the computers and transports the signal, the cable, he refers constantly to the “ether” whenever and wherever there is the suggestion that should be a cable instead.

In the beginning, Ethernet (See Appendix A – Figure 3) shared many objectives with other local networks prototypes; such as, MITRE’s Mitrex, Bell Telephone Laboratory’s Spider, and the University of California Irvine’s Distributed Computing System [DCS]. (Metcalfe & Boggs, 1976) However, two years after Ethernet was patented, DEC, Intel and Xerox combined efforts with the objective to standardized an “Ethernet system that any company could use.”

The products of this industrious collaboration appeared a year later, in September 1980, under the released of Ethernet version 1.0, the first specification, labeled “Ethernet Blue Book” or DIX (from the initial of the aforementioned corporations). Version 1.0 specified the application of the coaxial cable 10Base5, aka “thick”, 10 Megabits per second Mb/s Carrier Sense Multiple Access with Collision Detection CSMA/CD protocol, in addition, the networks connected with 10Base5 were called thicknet, the final version of DIX standard was released in 1982, as version 2.0.

From the DIX era, we enter, in 1983, the Institute of Electrical & Electronic Engineers [IEEE] period, with its first release, an Ethernet improved standard developed by the “802.3 Working Group” of the “802 Committee”, titled, “CSMA/CD Access Method and Physical Layer Specifications”. This specification was geared to add hardware interoperability between to different standards and now they are encapsulated and known by the IEEE Standard, Std-802.3 Ethernet.

The IEEE also had continued the improvement of the Ethernet system by creating the standard 802.2, which involved the packetizing of data and the identification of the protocol structure, whereas 802.3 defines the standard used to prevent multiple computers from sending data at the same time with reduces the likelihood of collisions. From 1980 Ethernet standard has been evolving all along in a steady pace and an incremental and significant ways, as presented below by the table 1 (Russell, 2000, TechFest, 1999, Tomasi, 2005, Panko, 2005):

Ethernet’s Milestones

Date

Who

What

Specification

Detail

Early 1970s

Metcalfe & Boggs Xerox PARC

Experimenting

Xerox Alto connected to a printer at 2.94 Mb/s


July 1976

Metcalfe & Boggs ACM’s Communications Journal

Ethernet: Distributed packet Switching for local Computer Networks



12/13/1977

Xerox Corp

Multipoint data communications with collision Detection

U.S. Patent


1979-80

DIX

Ethernet System that anyone could use

Version 1.0 or Ethernet Blue Book

CSMA/CD – 10Base5 – 10Mb/s

Thick coaxial cable

1982

DIX

1st Ethernet Controller

DIX Final version

Version 2.0


1983

IEEE Working Group of The IEEE 802.3

802.3 CSMA/CD

Access Method and Physical Layer Specification


1985

IEEE

2nd version IEEE Ethernet called “thinnet”

802.3a

Simply cable and cheaper cable

1987

IEEE

Fiber Optic Inter-Repeater Link (FOIRL)

[1] 802.3d

[2]802.3e

[1] Extend maximum distance between 10Mb/s Ethernet repeaters

[2] Based on 1Mb/s twisted pair wiring.

1990

IEEE

Major advance

802.3i

10-Base-T standard

Operated over Category [CAT] 3 Unshielded Twisted Pair. Wired in a Star topology fashion.

Date

Who

What

Specification

Detail

1993

IEEE

Attachments over longer distances, up to 2000 meters

802.3j

10 Base F (FP, FB & FL) expanded the FOIRL

1995

IEEE

Performance Improved ten (10) times.

802.3u

100Base-T aka Fastnet

100Base-Tx

100Base-T4

100Base-Fx

1997

IEEE

Full-duplex Ethernet allows concurrency of transmissions from both stations.

[1] 802.3x

[2] 802.3y

[1] 100 Mb/s and beyond

[2] 100Base-T2 standard for 100 Mb/s CAT 3

1998

IEEE

Improved 10 times performance

[1] 802.3z

[2] 802.3ac

[1] Gigabit Ethernet

1000Base-SX 850mm laser over multi-mode fiber, 2

10000Base-CX – short haul copper “twinax” Shielded Twisted Pair [STP]

[2] Support Virtual LAN VLAN tagging on Ethernet networks

1999

IEEE

Operation over four pairs of CAT 5 UTP

802.3ab

1000Base-T I Gb/s

July 2001

IEEE document

1562 pages Long document condensing all 802.3 standards

Std 802.3-2000

[1]802.3ad

[1] Link Aggregation

2002

IEEE


802.3ae

10 Gb/s

2003

IEEE


Std 802.3af

DTE Power via MDI

2004

IEEE


802.3ah

Ethernet in the First Mile

2004

IEEE


802.3ak

10GBASE-CX4.

2006

IEEE


802.3an

10GBASE-T

2006

IEEE

Creation


802.3 Higher Speed Study Group [HSSG]

2006

IEEE


802.3aq


2007

IEEE


802.3ap

Backplane Ethernet

2007

IEEE Project Authorization Request [PAR]


802.3ba

PAR status

40 Gb/s & 100 Gb/s

Ethernet Security

Still Ethernet has breaches and is not secure as other technologies; this means that many security features are needed to be set in place for obtaining a decent effective Ethernet security protection. It is curious that Metcalfe itself would prognosticate much of the security issues that we are facing today, and he did it much before he developed the Ethernet, in his RFC 602 “The Stockings Were Hung by the Chimney with Care” that he in1973 about weak passwords.

One of the major problems that I have is with IP spoofing. Well, it is TCP/IP embedded in the architecture of Ethernet, since an Ethernet frame in its header contains or encapsulates an IP packet. Even though Ethernet operates at the physical and data link layer, divides this layer in two sub-layers the MAC-Media Access Control and LLC – Logical Link Control, it is at the LLC that many thing could happen and evenly at the MAC level.

At the AT&T Bell labs, Bellovin (1989) wrote a paper on security problems of TCP/IP protocols and IP address spoofing attacks, telling us that IP spoofing were already introduced circa 1980s by attackers for hide their true identities (p. 1-17). The reader might already thinking, “wait a minute” you can only spoofed an IP packet, so these attacks are only activities done at the network and transport layers, but the response could be that the Ethernet address or MAC address (the 48-bits) of the sending machine can be spoofed also. It is a matter of fact, that it is spoofed most often that we can normally think is possible. There many problems and nothing but nothing is 100% completely secure out there in the Internet. Another example of Ethernet security are the Address resolution Protocol [ARP] attacks, heretofore, Ethernet attacks protection is a field by itself in information security.

Conclusion

As Ethernet is being upgraded and reviewed, the case of the IEEE 802.11 Wi-Fi standard is becoming more and more fashionable and it is used at homes, as by the enterprises. However, and spite of Wi-Fi’s advantages, for instance, mobility, the experts are talking about already, M-Commerce. They want to define the transactions done over smart wireless phones and Personal Digital Assistants [PDAs]. Moreover, another advantage of Wireless networks is that there is not need of the expensive wiring costs and procedures or as Metcalfe & Boggs (1976) would put it, in a wireless network, you do not need to worry about the “ether in the Ethernet” anymore; because, the connection is, casually, the mere air. Anyways, this type of network juxtaposes serious security challenges as well. At may firm we prefer to use a combination, like some kind of Pareto networking strategy, i.e., 80% Ethernet network at the border and within our perimeter to support the 20% or little more of wireless or mobile secure connections.

Bibliography

Bellovin, S.M. (1989). Security Problems in the TCP/IP Protocol Suite. Murray Hill, New Jersey: AT&T Bell Laboratories. Retrieved January 18, 2008, from http://www.cs.columbia.edu/~smb/papers/ipext.pdf.

Fascinating facts about Robert Metcalfe inventor of Ethernet in 1973. Robert Metcalfe

Ideafinder. Retrieve, January 17, 2008, from http://www.ideafinder.com/history/inventors/metcalfe.htm.

Festa, P. (2003 May 21). 30 years of Ethernet gains. As a key technology behind the Internet hits a milestone birthday, its inventor, Bob Metcalfe, says the protocol faces a new generation of "Godzillas" to conquer. Newsmakers, CNET News.com. Retrieved January 17, 2008, from http://www.news.com/30-years-of-Ethernet-gains/2008-1082_3-1008450.html?tag=st.rn.

IEEE 802.3 Ethernet Working Group. Institute of Electrical & Electronic Engineers.

Retrieved January, 16, 2008, from http://www.ieee802.org/3/.

Metcalfe, R. M. & Boggs, D. R. (1976). Ethernet: Distributed Packet Switching for Local Computers Networks. Xerox Palo Alto Research Center [PARC]. Association for Computing Machinery [ACM]. Retrieved January 17, 2008, from http://www.stanford.edu/class/cs240/readings/ethernet.pdf.

Hassing, K., Kent, A. K., & Johnson, G. (2003). CCNA 1 & 2 Companion Guide, 3rd Edition. Cisco Networking Academy Program Indianapolis, IN: 2003.

Holbrook, P. & Reynolds, J. Editors. (1991 July). Site Security Handbook, Network Working

Group. Request for Comments, RFC 1244, January 14, 2008, from http://www.ietf.org/rfc/rfc1244.txt.

Panko R. R. (2005). Business Data Networks and Telecommunications, 5th Edition. Upper Saddle River, NJ: Prentice Hall- Pearson Education, Inc.

Reardon, M. (2007 May 7). Ethernet papa makes Invent Now Hall of Fame Before his induction ceremony, Bob Metcalfe reflected on network tech, patents, Net neutrality and bold predictions. Newsmaker, CNET News.com. Retrieved January 17, 2008, from http://www.news.com/Ethernet-papa-makes-Invent-Now-Hall-of-Fame/2008-1033_3-6181578.html.

Russell, T. (2000). Telecommunications Pocket Reference. New York, NY: McGraw- Hill Companies.

TechFest Ethernet Technical Summary (1999) TechFest.com. Retrieved January 12, 2008, from http://www.techfest.com/networking/lan/ethernet1.htm.

Tomasi, W. (2005). Introduction to Data communications and Networking, Upper Saddle River, NJ: Pearson Prentice Hall, Inc.

Plowed Results | Resultados Arados