Word 2013 gives an error when opening a file downloaded from the web

Today, after downloading an important attachment from my Gmail Account, I got the following error while trying to open it:

Word experienced an error trying to open the file.
Try these suggestions:
*Check the file permissions for the document or drive.
*Make sure there is sufficient free memory and disk space
*Open the file with the Text Recovery converter.

The solution is to right click the file then on the properties box click unblock.

Advertising a default route over BGP

JEREMY L. GADDIS , owner of  the blog at http://evilrouters.net, has written an excellent tutorial on how to advertise a default route over BGP.

The most important part of the tutorial to actually advertise the default route is the following:

R3(config)# router bgp 33
R3(config-router)# neighbor default-originate
R3(config-router)# neighbor default-originate

How strong is SSL encryption ?

Ever wondered how strong is the SSL encryption we use everyday in our web browser and email clients (e.g Outlook, ThunderBird)?

Q: How secure is the encryption used by SSL?
A:  It would take significantly longer than the age of the universe to crack a 128-bit key.

Understanding SSL

SSL uses public-key encryption to exchange a session key between the client and server; this session key is used to encrypt the http transaction (both request and response). Each transaction uses a different session key so that even if someone did manage to decrypt a transaction, that would not mean that they would have found the server's secret key; if they wanted to decrypt another transaction, they'd need to spend as much time and effort on the second transaction as they did on the first.  Of course, they would have first have to have figured out some method of intercepting the transaction data in the first place, which is in itself extremely difficult.  It would be significantly easier to tap your phone, or to intercept your mail to acquire your credit card number than to somehow intercept and decode Internet Data.

Servers and browsers do encryption ranging from a 40-bit secret key to a 128-bit secret key, that is to say '2 to the 40th power' or '2 to the 128th power'.  Many people have heard that 40-bit is insecure and that you need 128-bit to keep your credit card info safe.  They feel that using a 40-bit key is insecure because it's vulnerable to a "brute force" attack (basically trying each of the 2^40 possible keys until you find the one that decrypts the message). This was in fact demonstrated when a French researcher used a network of fast workstations to crack a 40-bit encrypted message in a little over a week.  Of course, even this 'vulnerability' is not really applicable to applications like an online credit card transaction, since the transaction is completed in a few moments.  If a network of fast computers takes a week to crack a 40-bit key, you'd be completed your transaction and long gone before the hacker even got started.

It would take significantly longer than the age of the universe to crack a 128-bit key

Using a 128-bit key eliminates any problem at all because there are 2^128 instead of 2^40 possible keys.  Using the same method (a networked of fast workstations) to crack a message encrypted with such a key would take significantly longer than the age of the universe using conventional technology.   Remember that 128-bit is not just 'three times' as powerful as 40-bit encryption.  2^128 is 'two times two, times two, times two...' with 128 two's.   That is two, doubled on itself 128 times.  2^40 is already a HUGE number, about a trillion (that's a million, million!).   Therefor 2^128 is that number (a trillion), doubled over and over on itself another 88 times.   Again, it would take significantly longer than the age of the universe to crack a 128-bit key.

The strength of the encryption looks very interesting in terms of figures.

Doing the math, you can see that using the same method that was used to break 40-bit encryption in a week, it would take about 72 million weeks (about 1.4 million years) to even break '56-bit medium' encryption and significantly longer than the age of the universe to crack a 128-bit key.  Of course the argument is that computers will keep getting faster, about doubling in power every 18 months.  That is true, but even when computers are a million times faster than they are now (about 20 years from now if they double in speed every year), it would then still take about 6 thousand, trillion years, which is about a million times longer than the Earth has been around.  Plus, simply upgrading to 129-bit encryption would take twice as long, and 130-bit would take twice as long again.  As you can see, it's far easier for the encryption to keep well ahead of the technology in this case.  

Simply put, 128-bit encryption is totally secure.

If you want to understand the technical details  behind SSL I recommend you read this nice and simple explanation given by digicert titled Everything You Want to Know about the Cryptography behind SSL Encryption


How to solve the Blue Screen of Death when Using GNS3 on Windows 7 or 8

When you are using GNS3 on Win 7/8 and if you stop the router, you get a blue screen saying your PC ran into some problem with the following error:


Your PC will restart after this error :(

After doing some research on the GNS3 forum and reading the users experience, I found 2 solutions to this problem:

1. Run GNS3 on a LINUX Distro e.g DEBIAN or UBUNTU (FYI: A Linux Distro is always more stable than Windows)

2.If you are not comfortable with LINUX then you can still use WINDOWS but make sure you run the following CISCO IOS Images according to a post (please see extract below) on the CISCO LEARNING NETWORK  by Navneet.Gaur :

“These are the stable working IOS images for GNS 3.
I have some of them as I own the routers.
Cisco 2691 Router | 2600 Series - Extremely stable
Cisco 3640 Router | 3600 Series
Cisco 3725 Router | 3700 Series - For MPLS
Cisco 7200 Router - Extremely stable
     c7200-advipservicesk9-mz.150-1.M.bin - For SLA”

I don’t promise that your PC will not crash but you can still try.
I tried the “c2691-adventerprisek9-mz.124-5a.bin” image…its really stable on Windows 8.
I can start and stop the router..No BSOD so far J

1 tip when using GNS3: After you have started your router on GNS3, right click on it and calculate a new idle-pc value. You will be presented with a list of values choose the one starting with an asterix (*)

Hope this helps you in preparing for your Cisco CCNP Exams..Good Luck !!! 

Bandwidth vs Speed

One of my friend was having a difficult time understanding these 2 terms and was interchangeably using the words speed and bandwidth to mean the same thing where in fact speed and bandwidth are 2 different things.

So I decided to write this post and make things clear :)

Bandwidth IS NOT Speed
Speed is generally used by consumers to refer to how fast they can download files and upload files. 
Bandwidth Broadband Internet packages are sold based on their bandwidth, or the size of the "Internet pipe" that is allocated to each user. This number refers to the capacity of the "last mile" connection that connects your home to the nearest aggregation point. In other words, it is the maximum throughput that the user can get on his broadband service.

Does higher bandwidth give you faster speed?

The analogy of driving on the motorway will help you to understand bandwidth and speed.

Imagine that you're driving on a road with 4 lanes in a car that can go at a maximum of 300km/hr
No matter the amount of lanes on the road, your car can only go at a maximum of 300km/hr and no faster. However, this same road with four lanes comes in handy when your family members having their own cars share the same road and reach the same destination at a shorter time as opposed to having a single lane road where they will have to queue up. 
Likewise for our broadband service, with a higher bandwidth you can actually do more at the same time or share the connection with your family members using a bigger pipe.

Higher BANDWIDTH does not necessarily mean higher SPEED

In general, getting a broadband service with higher bandwidth will often mean better surfing speeds as you are increasing the size of your pipe. 
But if the limitation is at the end device, then having a higher bandwidth does not increase your surfing speed. 
By the same analogy, if you are sharing your broadband connection among multiple users in your home, it is more important to get a connection with a higher bandwidth to ensure each individual user gets enough bandwidth for their needs.
To get a list of factors affecting speed check this nice page

Contents of this post have been adapted from www.starhub.com. The original webpage is available at <http://www.starhub.com/personal/support/broadband/home-broadband/broadband-101/bandwidth-vs-speed.html>

Insufficient power on USB port causes clicking sound on USB External Drive

On a Saturday night, after happily and proudly connecting my Verbatim USB 3.0 External Drive I was shocked to hear a clicking and fearful noise. I thought the drive has failed. The drive is 1 TB (2.5 inch hard disk). I had to copy some important files from the External drive to my Laptop.

I switched to another USB port and guess what... my drive worked correctly J

The real culprit was one of the USB ports on my laptop. (Oh My DOG, this USB port is a real B*TCH !!)
“Clicking Noise does not absolutely mean that the external drive has failed.”
The USB port on my laptop is not faulty – a USB mouse connected on this port works correctly.
I did some research to investigate this issue. Other users got similar problem
“Low voltage to a hard-drive can mimic all manner of failures.”

So, insufficient power from a USB port on a laptop or pc can cause clicking noises on an usb external drive.

My drive is safe. I can copy my data from it. Long live my drive J

WinRAR - Total Path and File Name must not exceed 260 characters

Below is the message I usually get when the 260 characters limit is exceeded while extracting an archive especially if it contains lots of HTML files.

This limitation is by design in Windows. WinRAR or any software is not to be blamed. On Linux you don’t have this limitation.

From MSDN:
“In the Windows API (with some exceptions discussed in the following paragraphs), the maximum length for a path is MAX_PATH, which is defined as 260 characters.”
I found a couple of workarounds to deal with this issue:
1.Print my favorite online pages as PDF (You can use doPDF or online web2pdf convertors. I recommend printfriendly.com)

2.Move the archive file (ZIP or RAR) to the root of the drive. Example, You can copy or move it to C:\  or D:\  then extract your ZIP or RAR file from there.

Traditional T9 Style Keyboard for Android

Traditional T9 Style Keyboard for Android
If you are looking for traditional keyboard on your android smartphone welcome!!
I am used to the traditional style keyboard on my Nokia N73 mobile. So I find it a bit difficult to type using the QUERTY Keyboard especially on smaller screens.
As solutions we have the following  apps on Google Play Store:

1. Perfect Keyboard Free - Free and Commercial Versions

2. (EvenBetter)NumberPad Keyboard - Commercial

There might be other similar (FREE) apps but these two looks great.

Just for your info, from Wikipedia:
"T-9, which stands for Text on 9 keys, is a USA-patented predictive text technology for mobile phones (specifically those that contain a 3x4 numeric keypad), originally developed by Tegic Communications, now part of Nuance Communications."

enable password vs enable secret vs service password-encryption

Even if you have passed the CCNA or higher certifications, there’s always something which still teases your mind and challenges your technical knowledge.

I am talking about password encryption in cisco routers. I did some research and investigated it myself.

“To determine which scheme has been used to encrypt a specific password, check the digit preceding the encrypted string in the configuration file. If that digit is a 7, the password has been encrypted using the weak algorithm. If the digit is a 5, the password has been hashed using the stronger MD5 algorithm.

7 = type 7.weak encryption (reversible encryption)
5= type 5. strong encryption (MD5 one way hash encryption)

enable password = plain text enable password in configuration file (show running-config)

enable secret = encrypts enable password using the MD5 Hashing algorithm. Password is encrypted in configuration file (show running-config).

service password-encryption = encrypts password(s) using type 7.if you have already “enable secret” which is type 5 , service password encryption will not convert this password from type 5 to 7. enable secret does not get affected by service password-encryption.

According to Cisco, the enable password command should no longer be used”. Instead use the enable secret command.

“Enable secrets are hashed using the MD5 algorithm. As far as anyone at Cisco knows, it is impossible to recover an enable secret based on the contents of a configuration file (other than by obvious dictionary attacks).

C++ Implementation of JAVA API

Java is a programming language created by Sun Microsystems,now owned by Oracle Corporation. One of the strength of the Java programming is that it comes with a rich set of Application Programming Interface (API).

This API facilitates programming of IMAGE Processing, Sound processing etc.

The standard library in C/C++ does not have any built in functions for manipulating images or sound.

You have to start coding from scratch a set of functions which will allow you to accomplish this task (What a pain !!) Alternatively, you can use open-source or third party libraries.

While searching for a native implementation of JAVA-like API I got NaJa and NewJ as solutions.
NaJa is an open source project while NewJ is a commercial product (Trial available)

What is NaJa according to the official website:
"NaJA stands for Native C++ Java-like API. The Java API is is a rich, standard and quite good design object library. There is no complete equivalent usable directly with C++. C++ developers must reuse old C libraries or a big set of C++ libraries, each with its own design. This make C++ difficult and code not as readable as it should be. The main NaJA goal is to provide what standard ANSI C++ library and STL don't.
NaJA also intends to bring C++ as easy as java can be while letting hackers free to decide whenever they need assistance (and then, accept some limitations, no magic!) or not. Not providing at all pointers and multiple inheritance because they are hard to use is not a solution !"

What is NewJ according to the official website:
"NewJ is a 100% native implementation of the core Java API and language features in C++, for C++. It is intended for Java/C++ developers who wish to use the Java API to deploy 100% native applications where performance or executable size are crucial factors. It is also well suited for Java developers who are learning C++ or maintaining existing C++ applications."

Other open source attempts include j2k and stemkit.

To prevent data loss, proactively monitor your hard disk

Nice Introduction from the Acronis website:
“There are three unavoidable certainties in life: Death, Taxes and Hard Disk Drive Failures. 
Acronis does not have a solution for the first; however, we can make sure that your financial records, photos, videos and other items of sentimental or monetary value are protected so that you can cherish the memories and pay your taxes on time!
Acronis Drive Monitor is a free tool that helps monitor your hard drive, and prevent data loss.”

How? Understanding the Technology:
S.M.A.R.T. (Self-Monitoring, Analysis, and Reporting Technology) is a disk monitoring technology which can predict many disk failures. This technology is implemented on the most modern hard drives.
Many hard disk monitoring software e.g Acronis Drive Monitor query this information to analyze and predict hard drive health, status, failure.

Supported Hard Drives according to the Acronis website:
With the first version of Acronis Drive Monitor, the level of support may be described as following:
·         Vast majority of internal drives attached to internal I/O controllers are supported.
·         Most USB-connected drives are supported, too.
·         Many software RAID controllers are supported.
·         Most hardware RAID controllers are not yet supported.

1. Suitable for monitoring the hard disk on your laptop or PC because the hard disk is not attached to a hardware raid controller .
2. In general, software raid controllers can be monitored but not hardware RAID controllers
3. Data found on the hard disk must be regularly backup’d as a good practice, not only when the monitoring software starts giving you a warning or error.

Disclaimer: I am not affiliated to Acronis in any way. This information is for educational purpose only.
The author cannot be held responsible for any data loss which might occur even after using this software (Acronis Drive Monitor). 

KVM: Open Source Virtualization

KVM (for Kernel-based Virtual Machine) is a full virtualization solution for Linux on x86 hardware containing virtualization extensions (Intel VT or AMD-V). It consists of a loadable kernel module, kvm.ko, that provides the core virtualization infrastructure and a processor specific module, kvm-intel.ko or kvm-amd.ko. KVM also requires a modified QEMU although work is underway to get the required changes upstream.

Using KVM, one can run multiple virtual machines running unmodified Linux or Windows images. Each virtual machine has private virtualized hardware: a network card, disk, graphics adapter, etc.
The kernel component of KVM is included in mainline Linux, as of 2.6.20.

KVM is open source software.

KVM is arguably a TYPE 1 Hypervisor according to this IBM blog post on virtualization:
…but the truth is that KVM actually does run directly on x86 hardware. People assume it is a type 2 hypervisor because one of the ways that it is packaged is as a component of Linux - so you can be running a Linux distribution and then, from the command-line shell prompt or from a graphical user interface on that Linux box, you can start KVM. The interface makes it look like it is a hosted hypervisor running on the operating system, but the virtual machine is running on the bare metal - the host operating system provides a launch mechanism for the hypervisor and then engages in a co-processing relationship with the hypervisor. . In a sense, it is taking over part of the machine and sharing it with the Linux kernel.
On x86 hardware, KVM relies on the hardware virtualization instructions that have been in these processors for seven years. Using these instructions the hypervisor and each of its guest virtual machines run directly on the bare metal, and most of the resource translations are performed by the hardware. This fits the traditional definition of a “Type 1,” or bare metal hypervisor
You can also get KVM  packaged as a standalone hypervisor - just like VMware ESX is packaged - but initially KVM was not available in that package. One way of doing this is with Red Hat Enterprise Virtualization (RHEV).

For a more technical debate whether KVM is TYPE1 or TYPE2 Hypervisor check this interesting blog post by mrpointy.

Hello World !! Welcome to my blog

As in programming, I will follow the tradition by starting this technical blog with "Hello World".

I will try to share my technical experiences,challenges and solutions to IT issues.

This blog will be very helpful to System Administrators, Systems Engineers, DBA, Network Engineers, IT Managers, IT Newbies (noobs) and other IT professionals.