Saturday, January 12, 2008

Bootstrapping in Compilers

Any high level language can be implemented using an Assembler. So how are the assemblers implemented.

Well primitive type of assemblers where implemented using machine code. This implies that by making a language a subset of another we could develop languages.

This process is known as BOOTSTRAPPING.

Just to explain in a much more simpler manner, BOOTSTRAPPING could be described as stated bellow.

"A simple language compiles a complicated program and this program in turn could compile a much more complicated program and so on...."

So folks thats it about bootstrapping... So for anyone of you, who still think "what the heck is a boot strapper" please don't mix it up with the boot straper in the Pirates of the caribbean (Wiliam's Father)...

Friday, January 11, 2008

IPSec

Well for all of you who are wondering what is IPSec here is a small introduction to rock your mind off from what ever it is. IPSec is a security protocol which works in the 3rd layer of the OSI stack. It can ensure the following

  • Make sure that routing or a routing advertisement came from an authorized router.
  • An redirect message came from the original router where the initial request was sent.
  • Make sure that routing update was not forged.
There are two types of IPSec connections

1. Tunnel Mode
Encrypts the entier IP packet and authenticates the entire IP packet.Original IP header should be replaced by the new IP header which has the next hop router address. Slow and good for VPN's and gateway to gateway security

2. Transport Mode
Encrypts and authenticates the payload of the IP packet. The original IP packet stay intact. Faster than Tunnel mode and is used for traffic analysis purpose.

Benifts of IPSec over SSL/TSL

  1. Encrypts entire IP packet
  2. Independent of IP address
  3. No impact on security gateway to security gateway communications
  4. Protocol Independent

Pitfalls with IPSec

  1. Many way to configure and can be complex at times
  2. Can be configured in a wrong way
  3. Client security is an issue
IPSec guidelines

  1. Use SHA1 over SHA and MD5
  2. Use 3DES AES or blowfish
  3. Never use DES
  4. Tunnel mode
  5. Encrypt entire packet
  6. Use certificates for key exchange
Extracted from the lecture slides of Dr. Kasun De Zoysa. Department of Communication and media technologies, Department of Computer Science, University of Colombo School of Computing(UCSC) Sri Lanka(LK)