PEM
PEM stands for Privacy Enhanced mail, and was originally intended for use to secure email communication through the internet, but has since become a standard for internet security. It is used as a file type in Public Key Infrastructure (PKI)*, as a file format that stores cryptographic keys, such as SSL certificated along with their associated private keys.
A PEM file is created in four steps.
1. The email message is converted into a standard depending on the operating systems of the sending and receiving parties.
2. The message digest* of the email in addition to the sender’s private key is then encrypted together to create a digital signature.
3. Then the message digest along with the digital signature is encrypted with the symmetric key to create the encrypted message.
4. Lastly the binary encrypted message goes through base-64 encoding* process that outputs a message containing characters.
*Bonus Terms:
- Public Key Infrastructure (PKI): Is the system of using a private and public key for encryption
Resources:
Also see, VPN: Beginner’s Guide
Privacy Enhanced Mail (PEM) and Its Working
What Is A PEM File? And How Do You Use It?
Bogon
A bogon is an informal term used to describe an illegitimate IP address. Some IP packets on public internet claim to be coming from an IP address that is in use, but has not yet been delegated by the Internet Assigned Numbers Authority (IANA)*. These IP address can’t be associated to an actual host, which makes them bogus and unable to be geolocated.
You may see these addresses pass through your router, as it does not care about a source IP (the bogon) but only the destination IP address. These bogons aren’t static either, but are dynamic and the addresses get changed over time.
Bonus Terms:
- Internet Assigned Numbers Authority (IANA): An organization that manages IP address allocation, domain names, and
Resources:
Bogons: Do Not Let Them In Or Through Your Networks
VLAN
VLAN stands for virtual local area network. It is a layer in a network that groups devices together that share a physical LAN* (a group of computers or other IoT devices that are in the same place geographically that share the same physical network), which groups the traffic of these devices.
Main reasons to implement VLANs is to improve performance of some devices, as an organization tool for many devices, tighten security, ease administration in a network. By grouping traffic of some devices, this reduces the traffic going through one device in order to improve its performance. Grouping certain devices together, can also give people control of the access devices have to one another. And in an administration example, devices that can be grouped together in a logical form, i.e. all security devices on one VLAN, all accounting devices on another.
VLANs work by assigning /inserting an ID to the header data of an Ethernet Frame* incoming through a network switch. Network switches can then pass through these tagged frames to their associated destination.
*Bonus Terms:
- LAN: A group of computers or other IoT devices that are in the same place geographically and share the same physical network.
- Ethernet Frame: A message used in the data link layer. See Jingyuan’s definition of Packet vs. Frame
Resources: