WizGidget

February 23, 2011

Running Out of Addresses, Part II

Filed under: Belton Journal, Info Bytes, Tips & Tricks — pmckinley @ 12:00 AM

Last week I introduced the internet address exhaustion as an issue, and explained the difference between an internet domain and an internet address.

As mentioned, the current addressing scheme uses four numbers separated by dots.  Actually the address is four 8-bit numbers (remember everything computer is binary at some level and “bits” are digits in a binary number), where an 8-bit number can have values between zero to 255.  Four of these numbers translates to 32 bits (8×4=32), ) which is effectively 2 times itself 32 times, a number that translates into 4,294,967,296. There’s some overhead in how the addressing works so the actual available addresses is maybe a half percent less than that.  The point though is that it’s a somewhat limited number, about 4 addresses for every 6 people on earth.

I can imagine a scenario where every person needs several addresses, such as one for your phone, one for your PC, one for your laptop, and so forth, so despite the fact that there’s lots of people in the world who don’t use the internet, that number is made up by all the web and email servers in use. Eventually we’re bound to run out, and that’s what happened February 3, 2011, at least the last of the main blocks of addresses were allocated to regional internet registries.  At this point either your eyes have glazed over, or your propellor beanie is really spinning, so let’s get down to what it means to us civilians.

In terms of domain names, it doesn’t really mean anything.  Remember we have DNS (Domain Name Service) to provide mapping between URL’s and the actual address.  Internet domain names have their own limitations, but it’s more of a practical limitation than a functional one — domain names can be up to 63 characters (a-z, 0-9, and “-”) long, not including the www or the .com.  That’s a LOT of permutations (think 37 characters raised to the 63rd power, or 6 with 98 zeros, a Really Big Number), but typing in 63 characters can be a bit cumbersome, especially if they’re random characters, so that cuts down on the practical list of domain names.

Also, it’s possible to run multiple domains on the same address.  The http protocol specifies that when you type in a URL, the packet of information that gets sent to the server to request your webpage includes the URL of the page.  It’s not difficult for the server to sort out which web server to send the request.  The web server where wizgidget.com lives has something like 30 different domains/websites.  It’s quite common to have hundreds or more, although the web hosting services that load too many suffer from poor performance. Your website’s cheap hosting service may mean that they’ve leveraged their server a bit much so your site may be a bit slow to load at times.  So, address exhaustion could possibly be an issue for websites, but we’ve kinda handled that.

Another possible issue would be end users  like you and me — people who are trying to access the internet.  You have to have an address to get to the internet.  Next week we’ll continue with this issue — addresses for end users.

February 16, 2011

Running Out of Addresses

Filed under: Belton Journal, Info Bytes, News — pmckinley @ 12:00 AM

Spouse Ann asks: “There is a lot of noise right now about how the internet is running out of addresses. A new system that is not compatible with the old is in the works. But how does this affect us who are trying to get new websites up and how does it affect purchasing a domain name.”

I think it would be helpful first to differentiate between a domain name and an internet address. A domain name is a “user friendly” name used to connect on the network, like “wizgidget.com”.  It’s a bit like saying “First United Methodist Church of Belton Texas” — you know what/who it refers to but maybe not where it is.  The internet address (at least the current “IPv4″ address, more on that later) is a sequence of four numbers separated by “dots”, such as 173.201.16.100 (which happens to be the address of the server where wizgidget.com lives).  It’s also referred to as the IP address, where IP means Internet Protocol.  The IP address is about like the street address, such as “204 East 3rd Ave.” is the street address for First UMC Belton.  That and a map will get you there.

Web page URL’s (Uniform Resource Locators) that we use to navigate to web pages generally start with the domain name, and may be followed by a specific path on that server, such as “wizgidget.com/articles” for the articles published on wizgidget.com.  Think of the part that comes after the domain, the “/articles” part, to be similar to referring to a location within the church, like “/first-floor/kitchen/west-wall/top-cabinet/left/topshelf/bowls” might refer to the place where you’d find something within the church for serving chili.  Most people are used to adding the “www” on the beginning, ala www.wizgidget.com, but in many cases that’s not necessary.  The “www” in “www.wizgidget.com” is actually the “hostname” part (a “host” being a “server” or computer in this case) or specifically the name of A (not necessarily THE) server that lives at wizgidget.com.  “wizgidget.com” can itself refer to a server.  A given domain may have one or many servers, with each server having a different address, just like a church might have several buildings, each of which has a different address.

Naturally, knowing “FUMC Belton” isn’t very helpful to you, unless you either know where the church is already, or have a way of using the name to look up the address.  The internet has a lookup facility called “DNS,” which stands for Domain Name Service.  It’s a bit like the whitepages in the phone book — if you know the name, you can look up the address.

A bit earlier, I referred to the “IPv4″ addressing that is current primary addressing scheme.  By the way, “IP” stands for “Internet Protocol” which is the standard that describes the addressing scheme, and “v4″ is the version of the standard. As mentioned, IPv4 addresses are a series of four numbers, with each number having a values between 0 and 255.  The challenge comes in that this numbering scheme defines a finite number of addresses: approximately 4.3 billion usable addresses.

Next week, we’ll dig a bit deeper into IPv4.

February 9, 2011

Secure email

Filed under: Belton Journal, Tips & Tricks — pmckinley @ 8:00 AM

Last week I mentioned that email is one thing you could do safely at a public WiFi, IF you have your email configured to use SSL. SSL stands for “Secure Sockets Layer.” It builds a virtual “tunnel” through the network, much the same way that the VPN connection  does. The data is encrypted in such a way that someone snooping the network stream would have a very, very difficult time cracking the encryption so that they’d have access to your information. The entire data stream is encrypted, including login information such as username and password.  Without SSL, someone on the same local network as yourself could easily “snoop” the network stream and read all of your information, including usernames and passwords.  I would recommend using secure email even if you only use email from home.

Most email providers have the ability to support SSL-encrypted email. There’s two streams for email, both the incoming which is either IMAP (Internet Message Access Protocol) or more typically POP (Post Office Protocol), and the outgoing stream which is SMTP (Simple Mail Transport Protocol). SMTP is the protocol used to send email; it’s also the protocol used to send email between email servers. From a network perspective, each protocol uses a standard “port”, for instance, POP normally uses port 110 and SMTP normally uses port 25. SSL encrypted POP and SMTP normally use port 995 and 465, respectively. IMAP normally uses port 143, while SSL imap uses either port 585 or 993, depending on whether it’s normal IMAP tunneled through an SSL connection, or a newer IMAP standard that incorporates SSL. Your email provider should be able to tell you what ports to use for their email servers. Often they provide this information on their web page. For instance, Yahoo has a web page with instructions for setting up your email application (such as Outlook or Outlook Express); the URL is http://help.yahoo.com/l/us/yahoo/mail/yahoomail/mailplus/pop/pop-35.html.  Alas, Yahoo’s pop-able email account is a fee-based service.  Google on the other hand has free pop-able email.  Their instructions are at http://mail.google.com/support/bin/answer.py?answer=75291

Basically, setting up secure email in Outlook or Outlook Express involves turning on the SSL layer, setting the correct port numbers, and of course testing that your email still works.  For Outlook, click the Tools menu, then pick Email Accounts.  The “View or change” radio button is selected by default, just click the “Next” button, then pick the account to change, and click the “Change” button on the right.  In the window that pops up, click the “More Settings” button, then the Advanced tab.  Check both of the SSL checkboxes — POP should automatically reset to port 995, but you’ll have to change SMTP to port 465 if that’s what’s required.  Outlook Express is similar: click Tools, then Accounts, then the mail tab.  Pick an account, and click the properties button.  Next click the Advanced tab, and make the same settings as Outlook.

Spouse Ann wants to know what’s all the hoopla in the news recently about the Internet running out of addresses, so we’ll explore that next week.  Have your propeller beanie ready.

February 2, 2011

Surf Safe Part II

Filed under: Belton Journal, Tips & Tricks — pmckinley @ 8:00 AM

Last week we talked about some of the ways that your internet surfing can become risky from a networking perspective.

The first thing for keeping safe at home is either to use a wired network or to make sure your wireless router is using WPA or WPA2 security with a “Pre-Shared Key” (PSK) which is basically a really long password.  Being an engineer I like using some form of scientific number like Planck’s Constant that I’ve memorized  as the PSK.  Other people like to use a phrase or lyric that means something to them and is thus easy to remember.  It doesn’t matter what you use, but the more characters or numbers it has the more difficult it will be to guess.  Using WPA security effectively makes your wireless session undecipherable to other computers, even ones that are connected to your wireless network.  It also makes it fairly impossible for someone without your PSK to connect to your wireless network.  This is important, because as we discussed you really don’t want strangers and neighbors to have access to your network – it’s like leaving your front door unlocked when you’re away.

Most wireless networks at coffee shops, airports & hotels don’t use WPA security because that would make it difficult for their customers to use the network.  So, while you’re connected to that network, your computer is exposed to others who might find your information useful.  You could just have fun browsing the web, but using a web-based email reader, ebay, facebook, or anything that requires a login is not a good idea.  In other words you can’t do anything really useful. You can be somewhat useful catching up with your email… if you’ve made sure your connection to your email server is encrypted using SSL.  Most email providers and email applications like Outlook can handle an SSL connection, if you configure it properly.  But that’s only going to help if you’re using your own computer (laptop or tablet since you’re at a coffee house, right?), AND you’ve configured your email properly.  We’ll discuss that next week.

Pretty much anything you’re going to do in a web browser needs similar security, and fortunately there is a solution in the form of a “VPN” service.  VPN means Virtual Private Network – it’s a software method for encrypting your entire internet session so that nobody between your computer and your VPN provider can snoop your web session.  VPN works by configuring a virtual encrypted “tunnel” between your computer and the VPN provider.  Just do a search for “VPN provider” and you’ll find a number of companies that provide this service for varying prices.  I recommend checking out any company that you pick, because while your neighbors won’t be able to snoop your session, the VPN company can.  Google the company name or domain and see if anything nasty shows up before you sign up.  For instance, when I was doing the research for this article, at least one of the sites listed on vpnpreviews.com was flagged  by my antivirus program as being a fraudulent site.

Powered by WordPress

Bad Behavior has blocked 30 access attempts in the last 7 days.