Computers communicate using networks. These networks could be on a local area network LAN or exposed to the internet. Network sniffers are programs that capture low-level package data that is been transmitted over a network. An attacker can analyze this information to discover valuable information such as user ids and passwords.

In this article, we will introduce you to common network sniffing techniques and tools used to sniff networks. We will also look at counter measures that you can put in place to protect sensitive information been transmitted over a network.

Topics covered in this tutorial

• What is IP & Mac Address
• What is network sniffing?
• Active and passive sniffing
• What is Address Resolution Protocol (ARP) Poisoning?
• Hacking Activity: Configure Static ARP in Windows
• What is Media Access Control (MAC) Flooding
• Hacking Activity: Sniff Network

What is IP and MAC Addresses

IP Address is the acronym for Internet Protocol address.  An internet protocol address is used to uniquely identify a computer or device such as printers, storage disks on a computer network. There are currently two versions of IP addresses. IPv4 uses 32 bit numbers. Due to the massive growth of the internet, IPv6 has been developed and it uses 128 bit numbers.

IPv4 addresses are formatted in four groups of numbers separated by dots. The minimum number is 0 and the maximum number is 255. An example of an IPv4 address looks like this;

127.0.0.1

IPv6 addresses are formatted in groups of six numbers separated by full colons. The group numbers are written as 4 hexadecimal digits. An example of an IPv6 address looks like this;

2001:0db8:85a3:0000:0000:8a2e:0370:7334

In order to simplify the representation of the IP addresses in text format, leading zeros are omitted and group of zeros are completed omitted. The above address in a simplified format is displayed as;

2001:db8:85a3:::8a2e:370:7334

MAC Address is the acronym for media access control address. MAC addresses are used to uniquely identify network interfaces for communication at the physical layer of the network. MAC addresses are usually embedded into the network card.

A MAC address is like a serial number of a phone while the IP address is like the phone number.

Exercise

We will assume you are using windows for this exercise. Open the command prompt.

Enter the command

ipconfig /all

You will get detailed information about all the network connections available on your computer. The results shown below are for a broadband modem to show the MAC address and IPv4 format and wireless network to show IPv6 format.

What is network sniffing?

Computers communicate by broadcasting messages on a network using IP addresses. Once a message has been sent on a network, the recipient computer with the matching IP address responds with its MAC address.

Network sniffing is the process of intercepting data packets sent over a network.This can be done by specialized software program or hardware equipment. Sniffing can be used to;

• Capture sensitive data such as login credentials
• Eavesdrop on chat messages
• Capture files been transmitted over a network

The following are protocols that are vulnerable to sniffing

• Telnet
• Rlogin
• HTTP
• SMTP
• NNTP
• POP
• FTP
• IMAP

The above protocols are vulnerable if login details are sent in plain text

Passive and Active Sniffing

Before we look at passive and active sniffing, let’s look at two major devices used to network computers; hubs and switches.

A hub works by sending broadcast messages to all output ports on it except the one that has sent the broadcast. The recipient computer responds to the broadcast message if the IP address matches. This means when using a hub, all the computers on a network can see the broadcast message. It operates at the physical layer (layer 1) of the OSI Model.

The diagram below illustrates how the hub works.

A switch works differently; it maps IP/MAC addresses to physical ports on it. Broadcast messages are sent to the physical ports that match the IP/MAC address configurations for the recipient computer. This means broadcast messages are only seen by the recipient computer. Switches operate at the data link layer (layer 2) and network layer (layer 3).

The diagram below illustrates how the switch works.

Passive sniffing is intercepting packages transmitted over a network that uses a hub. It is called passive sniffing because it is difficult to detect. It is also easy to perform as the hub sends broadcast messages to all the computers on the network.

Active sniffing is intercepting packages transmitted over a network that uses a switch. There are two main methods used to sniff switch linked networks, ARP poisoning and MAC flooding.

What is ARP Poisoning?

ARP is the acronym for Address Resolution Protocol. It is used to convert IP address to physical addresses [MAC address] on a switch.  The host sends an ARP broadcast on the network and the recipient computer responds with its physical address [MAC Address].  The resolved IP/MAC address is then used to communicate.ARP poisoning is sending fake MAC addresses to the switch so that it can associate the fake MAC addresses with the IP address of a genuine computer on a network and hijack the traffic.

ARP Poisoning Countermeasures

Static ARP entries: these can be defined in the local ARP cache and the switch configured to ignore all auto ARP reply packets. The disadvantage of this method is, it’s difficult to maintain on large networks. IP/MAC address mapping have to be distributed to all the computers on the network.

ARP poisoning detection software: these systems can be used to cross check the IP/MAC address resolution and certify them if they are authenticate. Uncertified IP/MAC address resolutions can then be blocked.

Operating System Security: this measure is dependent on the operating system been used. The following are the basic techniques used by various operating systems.

• Linux based: these work by ignoring unsolicited ARP reply packets.
• Microsoft windows: the ARP cache behavior can be configured via the registry.  The following list includes some of the software that can be used to protect networks against sniffing;

• AntiARP– provides protection against both passive and active sniffing
• Agnitum Outpost Firewall–provides protection against passive sniffing
• XArp– provides protection against both passive and active sniffing
• Mac OS: ArpGuard can be used to provide protection. It protects against both active and passive sniffing.

Hacking Activity: Configure ARP entries in Windows

We are using Windows 7 for this exercise but the commands should be able to work on other versions of windows as well.

Open the command prompt and enter the following command

arp –a

HERE,

• aprcalls the ARP configure program located in Windows/System32 directory
• -a is the parameter to display to contents of the ARP cache

You will get results similar to the following

Note: dynamic entries are added and deleted automatically when using TCP/IP sessions with remote computers.

Static entries are added manually and are deleted when the computer is restarted, the network interface card restarted or other activities that affect it.

Adding static entries

Open the command prompt then use the ipconfig /all command to get the IP and MAC address

The MAC address is represented using the Physical Address and the IP address is IPv4Address

Enter the following command

arp –s  192.168.1.38 60-36-DD-A6-C5-43

Note: The IP and MAC address will be different from the ones used here. This is because they are unique.

Use the following command to view the ARP cache

arp –a

You will get the following results

Note the IP address has been resolved to the MAC address we provided and it is of a static type.

Deleting an ARP cache entry

Use the following command to remove an entry

arp –d 192.168.1.38

What is a MAC Flooding?

MAC flooding is a network sniffing technique that floods the switch MAC table with fake MAC addresses. This leads to overloading the switch memory and makes it act as a hub. Once the switch has been compromised, it sends the broadcast messages to all computers on a network. This makes it possible to sniff data packets as they sent on the network.

Counter Measures against MAC flooding

• Some switches have port security feature. This feature can be used to limit the number of MAC addresses on the ports. It can also be used to maintain a secure MAC address table in addition to the one provided by the switch.
• Authentication, Authorization and Accounting serverscan be used to filter discovered MAC addresses.

Sniffing Counter Measures

• Restriction to network physical mediahighly reduces the chances of a network sniffer been installed
• Encrypting messagesas they are transmitted over the network greatly reduces their value as they are difficult to decrypt.
• Changing the network to a Secure Shell (SSH)network also reduces the chances of the network been sniffed.

Hacking Activity: Sniff network traffic

In this practical scenario, we are going to use Wireshark to sniff data packets as they are been transmitted over HTTP protocol. For this example, we will sniff the network using Wireshark, then login to a web application that does not use secure communication. We will login to a web application onhttp://www.techpanda.org/

The login address is admin@google.com and the password is Password2010.

Note:we will login to the web app for demonstration purposes only. The technique can also sniff data packets from other computers that are on the same network as the one that you are using to sniff. The sniffing is not only limited to techpanda.org, it sniffs all HTTP and other protocols data packets.

Sniffing the network using Wireshark

The illustration below shows you the steps that you will carry out in order to complete this exercise without confusion

Download Wireshark from this link http://www.wireshark.org/download.html

• Open Wireshark
• You will get the following screen

• Select the network interface you want to sniff. Note for this demonstration, we are using a wireless network connection. If you are on a local area network, then you should select the local area network interface.
• Click on start button as shown above

• Open your web browser and type in http://www.techpanda.org/

• The login email is admin@google.com, the password is Password2010
• Click on submit button
• A successful logon should give you the following dashboard

• Go back to Wireshark and stop the live capture

• Filter for HTTP protocol results only using the filter textbox

• Locate the Info column and look for entries with the HTTP verb POST and click on it

• Just below the log entries, there is a panel with a summary of captured data. Look for the summary that says Line-based text data: application/x-www-form-urlencoded

• You should be able to view the plaintext values of all the POST variables submitted to the server via HTTP protocol.

Summary

• Network sniffing is intercepting packages as they are transmitted over the network
• Passive sniffing is done on a network that uses a hub. It is difficult to detect.
• Active sniffing is done on a network that uses a switch. It is easy to detect.
• ARP poisoning works by sending fake MAC addresses to the switch
• MAC flooding works by flooding the MAC table address list with fake MAC addresses. this makes the switch to operate like a HUB
• Security measures as outlined above can help protect the network against sniffing.

Thanks to http://www.guru99.com/ultimate-guide-to-network-sniffers.html

In this tutorial, we will cover some networking basics. We won't be hacking anything, but by the end of the tutorial you'll learn a lot of things which will be useful later, especially when you'll use nmap. Please note that it is advised that you go through wikipedia pages of all the concepts covered here since the discussion won't be exhaustive in any way.

IP address

An IP address is simply a 32 bit address that every device on any network (which uses IP/TCP protocol) must have. It is usually expressed in the decimal notation instead of binary because it is less tedious to write it that way. For example,
Decimal notation - 192.168.1.1
Binary  - 11000000.10101000.00000001.00000001
It is clear from the binary form that the IP is indeed 32 bits. It can range from 0.0.0.0 to 255.255.255.255 (for the binary all 0s and all 1s respectively) [A lot of time, the first octet usually goes upto 127 only. However, we aren't concerned with that here.]

Parts of an IP address

Now this IP address has 2 parts, the network address and host address. A lot of wireless routers keep the first 3 octets (8 bits, hence octets) for the network address and the last octet as host address. A very common configuration being 192.168.1.1 . Here, 192.168.1.0 is the network address and 0.0.0.1 is host address. I hope you can see that the host address can vary from 0.0.0.0 to 0.0.0.255 (though usually 0 and 255 are reserved for the network and broadcast respectively).

Need for Netmasks

But different networks have different needs. The previous configuration lets you have a lot of different possible networks (the first 3 octets are for the network and can take different values, not just 192.168.1.0) but only 256 (254 actually) hosts. Some networks may want more hosts (more than 255 hosts per network). This is why there is no "hardcoded" standard enforced on networks for the network and host addresses, and instead, they can specify their own configuration. The first 3 octets being network address and last octet being host address is common, but in no way mandatory. Using Netmasks, we can have very versatile set of configurations, for each and every need.

Netmask

A netmask is used to divide the IP address in subnets. 
We'll start with a basic example. Suppose we want to define a netmask which configures our network like wireless router in the previous example. We want the first 3 octets to correspond to the network and next 1 octet for host address. 
Let's think of an operation which we can use to separate the network and host part of the IP address. For simple purposes, we could have just defined after which octet does the host part start [basically saying that anything after the third period(.) is host address]. While this is a simple solution, it is not very versatile. 
A more elegant and mathematical solution was proposed.

Netmask - Working

First I'll tell you the mathematical functionality of a netmask. Assume A to be an IP address and M to be a netmask. Then, 
A & M gives the Network address
A & (~M) gives the Host address.
Where,
& is bitwise And
~ is bitwise Not (i.e. complement, 1s complement to be more precise)

So, basically a netmask is another 32 bit binary number (just like an IP address), but with the purpose of giving Host address and network address when the operation bitwise and is carried out on it (and it's complement) with A.

Example

You'll understand better with example.
A = 192.168.1.1 is you IP address
M = 255.255.255.0
We convert it  to binary, and then carry out the desired operations.


A   =    11000000.10101000.00000001.00000001  (192.168.1.1)
M   =    11111111.11111111.11111111.00000000  (255.255.255.0)
A&M =    11000000.10101000.00000001.00000000  (192.168.1.0)
A&M is network IP that we desired


A   =    11000000.10101000.00000001.00000001  (192.168.1.1)
~M  =    00000000.00000000.00000000.11111111  (0.255.255.255)
A&~M=    11000000.10101000.00000001.00000000  (0.0.0.1)
A&~M is host IP that we desired

Explanation

Basically, if you realize that 11111111 is 255 in decimal, then you can see that for the parts of the IP address that you want for networks, you set the subnet to 255, and for the ones you want for host, you set it to 0.
So, if you want to reserve 2 octets for networks and 2 for hosts, then the subnet will be-
M = 255.255.0.0
If you want 3 octets for host, then
M = 255.0.0.0
Hence, we can see that using netmasks we can achieve what we wanted, i.e. to define networks with whatever number of hosts we require. Now we go a bit further.

Subnets

Now suppose you want to divide your network into parts. It is the sub-networks that are known as subnets (it is correct to call them subnetwork as well). 
We'll jump right to it, consider the netmask M
M = 11111111.11111111.11111111.11000000
Now, the first 3 octets describe the network. But the 4th octet, which is supposed to be for the host, has the 2 most significant bits (i.e. rightmost bits) as 1. Thus, the 2 most significant (rightmost) bits of the 4th octet will show up when we carry out the bitwise AND operation. They will, thus, be a part of the network address. However, they belong to the host octet. Thus, these 2 bits, which belong to the host octet but show up in the network IP address divide the network into subnets. The 2 bits can represent 4 possible combinations, 00, 01, 10 and 11, and hence the network will have 4 subnets. 

Example of Subnetwork

Back to our previous "A",


A   =    11000000.10101000.00000001.xx000001  (192.168.1.1)
M   =    11111111.11111111.11111111.11000000  (255.255.255.0)
A&M =    11000000.10101000.00000001.xx000000  (192.168.1.0)


Earlier, irrespective of what was there in 4th octet of A, we would have got all 0s in 4th octet of A&M i.e. network address. This time we will get the 2 most significant bits in the network address. Four subnets will be formed depending on the value of xx (which can be 00,01,10 or 11). Now, we will see which subnet has which set of hosts.

Which subnet has which hosts

11000000.10101000.00000001.00000000
has hosts 192.168.1.0-63 (00000000 to 00111111)

11000000.10101000.00000001.01000000
has hosts 192.168.1.64-127 (01000000 to 01111111)

11000000.10101000.00000001.10000000
has host 192.168.1.128-191 (10000000 to 10111111)

11000000.10101000.00000001.11000000
has host 192.168.1.192-255 (11000000 to 11111111)

So the netmask M divided the network into 4 equal subnets with 64 hosts each. There are some subnets which are much more complicated and have their applications in certain specific areas. I recommend going through Wikipedia page on Subnetworks to get some more idea. I have covered enough and now you can understand Wikipedia;s content on the topic without any difficulty.

Some Special IPs

0.0.0.0 = All IPs on local machine. Anything hosted on this IP is available to all devices on the network.

127.0.0.1 = LocalHost, this loops back to the machine itself.

255.255.255.255 = Broadcast, anything sent to this IP is broadcasted (like radio is broadcasted to everyone) to all hosts on the network.

Finally

You see the notation in this pic?  

This way of representing subnets using /24, /25, /26, etc. is quite useful while doing vulnerability scans on networks (using nmap, etc.). /24 represents the netmask 255.255.255.0 , the first example we took of Wireless router. It is the most common configuration you'll use while doing nmap scan. The one we discussed later, in the subnets section, is /26. It has 4 subnetworks. /25 has 2 subnets. /27 has 8. /31 has 128 subnets! In this subnet, only 2 host can be there per network, and it is used for 1 to 1 or point to point links. I hope the next time you have to deal with networks, you won't be having difficulties. There are topic like Multicast etc. which build up on this, and you can do further reading on them. That was all for this tutorial. Good luck.

Thanks to : http://www.kalitutorials.net

All of us use CD's & DVD's but most of them don’t know who invented and how it works



So. Let’s know about this 

History:

    David Paul Gregg first envisioned the optical or laser disc in 1958 and patented it in 1969.

Invention of CD:
       James Russell invented the compact disk in 1965.
James Russell was granted a total of
22 patents for various elements of his compact disk system. In the early 1970s, using video Laser disc technology, Philips' researchers started experiments with "audio-only" optical discs, initially with wideband frequency modulation FM and later with digitized PCM audio signals. The compact disc was thus developed by Philips from its own 12 inch Philips Laser Vision discs. At the end of the 1970s, Philips, Sony, and other companies presented prototypes of digital audio discs.


In 1974, an initiative was taken by L. Otters, a director of the audio industry group within the Philips Corporation in Eindhoven, the Netherlands. A seven-person project group was formed to develop an optical audio disc with a diameter of 20 cm with a sound quality superior to that of the large and vulnerable vinyl record. In March 1974, during a meeting of the audio group, two engineers from the Philips research laboratory recommended the use of a digital format on the 20 cm optical disc, because an error-correcting code could be added. It wasn't until 1977 that the directors of the group decided to establish a laboratory with the mission of creating a small optical digital audio disc and a small player. They chose the term "compact disc" in line with another Philips product, the compact cassette. Rather than the original 20 cm size, the diameter of this compact disc was set at 11.5 cm, the diagonal measurement of a compact cassette.

However, the compact disk did not become popular until it was mass manufactured by Philips in 1980.

Invention of DVD:

         DVD is the advanced version of CD which is evolved from the CD. It is a high-density CD.

Before the advent of DVD in 1995, Video CD (VCD) became the first format for distributing digitally encoded films on standard 120 mm optical discs.VCD was on the market in 1993. In the same year, two new optical disc storage formats were being developed. One was the Multimedia Compact Disc (MMCD), backed by Philips and Sony, and the other was the Super Density (SD) disc, supported by Toshiba, Time Warner, Matsushita Electric, Hitachi, Mitsubishi Electric, Pioneer, Thomson, and JVC.Representatives of the SD camp approached IBM, asking for advice on the file system to use for their disc as well as seeking support for their format for storing computer data.
DVDs were invented in the early 1990s (1993 is the answer shown on two different websites as a third said 1996), but they did not become popular until around the turn of the millennium. Until around 2001, people mostly still rented videocassettes. Their predecessor, laserdiscs, were available in the early 1990s (although they were very expensive and almost nobody had them), but they quickly became obsolete when the DVD was invented. Laser discs were like a hybrid of a vinyl record and a DVD: they were huge -- like 14 inch-wide -- DVDs with a big hole in the middle. Educational films were sometimes shown on them. Laserdisc players were basically just like DVD players- but much bigger.But the actual date  The date of 'early 1990s' is the best to quote. DVDs came on the market in the UK about 1999. A presentation was given about 'a new video medium' (which turned out to be DVD) in early 1998. 

DVD-R read/write side
Media type	Optical disc
Capacity	4.7 GB (single-sided, single-layer – common) 8.5–8.7 GB (single-sided, double-layer) 9.4 GB (double-sided, single-layer) 17.08 GB (double-sided, double-layer – rare)
Read mechanism	650 nm laser, 10.5 Mbit/s (1×)

Write mechanism	10.5 Mbit/s (1×)
Standard	DVD Forum's DVD Books and DVD+RW Alliance specifications

Disc shapes and diameters:
The digital data on a CD begins at the center of the disc and proceeds toward the edge, which allows adaptation to the different size formats available. Standard CDs are available in two sizes. By far, the most common is 120 millimeters (4.7 in) in diameter, with a 74- or 80-minute audio capacity and a 650 or 700 MB (737,280,000 bytes) data capacity. This capacity was reportedly specified by Sony executive Norio Ohga so as to be able to contain the entirety of Beethoven's Ninth Symphony on one disc. This diameter has been adopted by subsequent formats, including Super Audio CD, DVD, HD DVD, and Blu-ray Disc. 80 mm discs ("Mini CDs") were originally designed for CD singles and can hold up to 24 minutes of music or 210 MB of data but never became popular.[citation needed] Today, nearly every single is released on a 120 mm CD, called a Maxi single

Physical size	Audio Capacity	CD-ROM Data Capacity	Definition
120 mm	74–99 min	650–870 MB	Standard size
80 mm	21–24 min	185–210 MB	Mini-CD size
85x54 mm - 86x64 mm	~6 min	10-65 MB	"Business card" size

Inner structure OF a CD
A CD is a fairly simple piece of plastic, about four one-hundredths (4/100) of an inch (1.2 mm) thick. Most of a CD consists of an injection-molded piece of clear polycarbonate plastic. During manufacturing, this plastic is impressed with microscopic bumps arranged as a single, continuous, extremely long spiral track of data. We'll return to the bumps in a moment. Once the clear piece of poly carbonate is formed, a thin, reflective aluminum layer is sputtered onto the disc, covering the bumps. Then a thin acrylic layer is sprayed over the aluminum to protect it. The label is then printed onto the acrylic. A cross section of a complete CD (not to scale) looks like this:

Different types of CD, DVD
these Optical Disc are classified into many ways such as
CD': s-,        
             CD-R, CD-RW, 

DVD's:-      
             DVD-R, DVD-RW, DVD+R DL, DVD+R, DVD-RAM, DVD+R DL, MINI DVD-R, 
MINI DVD-R DL, MINI DVD+RW, 

Blue Ray- BD-R, BD-R-DL, BD-RE

Uses:-
 Ah.. Everyone know the uses of Cd&DVD, U can Use them as U wish (vadukunnodiki vadukunnantha):-)

So guys what you will say if any one asks you "who is inventor of CD/DVD?"
A:    David Paul Gregg started invention in the year 1958 & James Russell invented the compact disk in 1965

Abbreviations: 

CD: Compact Disc   (Everyone knows it)
DVD: Digital Video Disc/Digital Video Disc
BR: Blu-ray (invented by Sony corp).

Looking after your Teeth

    By the way if, you're wondering where the Bluetooth name originally came from, it named after a Danish Viking and King, Harald Blåtand (translated as Bluetooth in English), who lived in the latter part of the 10th century. Harald Blåtand united and controlled Denmark and Norway (hence the inspiration on the name: uniting devices through Bluetooth).
He got his name from his very dark hair which was unusual for Vikings, Blåtand means dark complexion. However a more popular, (but less likely reason), was that Old Harald had a inclination towards eating Blueberries , so much so his teeth became stained with the colour, leaving Harald with a rather unique set of molars. And you thought your teeth were bad...
Blueberries and Harald Blåtand's teeth,
so these Blue Teeth became Bluetooth

Bluetooth

        Well it isn't some strange form of tooth decay as you might initially imagine. Bluetooth is the name of a new technology that is now becoming commercially available. It promises to change significantly the way we use machines.

         Look around you at the moment, you have your keyboard connected to the computer, as well as a printer, mouse, monitor and so on. What (literally) joins all of these together?, they are connected by cables. Cables have become the bane of many offices, homes etc. Most of us have experienced the 'joys' of trying to figure out what cable goes where, and getting tangled up in the details. Bluetooth essentially aims to fix this, it is a cable-replacement technology
         Bluetooth technology was designed primarily to support simple wireless networking of personal consumer devices and peripherals, including cell phones, PDAs, and wireless headsets. Wireless signals transmitted with Bluetooth cover short distances, typically up to 30 feet (10 meters). Bluetooth devices generally communicate at less than 1 Mbps.
         Bluetooth networks feature a dynamic topology called a piconet or PAN. Piconets contain a minimum of two and a maximum of eight Bluetooth peer devices. Devices communicate using protocols that are part of the Bluetooth Specification. Definitions for multiple versions of the Bluetooth specification exist including versions 1.1, 1.2 and 2.0.
          Although the Bluetooth standard utilizes the same 2.4 Ghz range as 802.11b and 802.11g, Bluetooth technology is not a suitable Wi-Fi replacement. Compared to Wi-Fi, Bluetooth networking is much slower, a bit more limited in range, and supports many fewer devices.
          As is true for Wi-Fi and other wireless technologies today, concerns with Bluetooth technology include security and interoperability with other networking standards. Bluetooth was ratified as IEEE 802.15.1.
Uses
 That was the original idea, but the originators of the original idea soon realised that a lot more was possible. If you can transmit information between a computer and a printer, why not transmit data from a mobile phone to a printer, or even a printer to a printer?. The projected low cost of a Bluetooth chip (~$5), and its low power consumption, means you could literally place one anywhere.

Ideas, ideas...
    With this viewpoint interest in Bluetooth is soaring, lots of ideas are constantly emerging, some practical and feasible e.g.: Bluetooth chips in freight containers to identify cargo when a lorry drives into a storage depot, or a headset that communicates with a mobile phone in your pocket, or even in the other room, other ideas not so feasible: Refrigerator communicating with your Bluetooth-enabled computer, informing it that food supply is low, and to inform the retailer over the internet.

A SIM card, also known as a subscriber identity module, is a subscriber identity

module application on a smart-card that stores data for GSM/CDMA Cellular telephone subscribers. Such data includes user identity, network authorization data, personal security keys, contact lists and stored text messages.
Security features include Authentication and encryption to protect data and prevent eavesdropping.

Functionality of the SIM card
The SIM card performs
the following valuable functions:

1) Identification of a subscriber: The IMSI programmed on the SIM card, is the
identity of a subscriber. Each IMSI is mapped to a mobile number and

provisioned on the HLR to allow a subscriber to be identified.
2) Authentication of a subscriber: This is a process, where, using the
authentication algorithm (COMP128V3 for 2/2.5 G GSM, CAVE for CDMA and
Mileage for 3G) on the SIM card, a unique response is provided by each
subscriber based on IMSI, Ki (stored on SIM) and RAND (provided by network).
By matching this response with values computed on the network a legal
subscriber is logged on to the network and he or she can now make use the
services of the mobile service provider.
3) Storage: To store phone numbers and SMS.
4) Applications: The SIM Tool Kit or GSM 11.14 standard allows creating
applications on the SIM to provide basic information on demand and other
applications for m-commerce, chatting, cell broadcast, phonebook backup,
location based services etc.

Typical Diagram of Sim Card

A Sim Card have six pads that also corresponds to the six SIM connectors pins, but only five has totally have connection on the entire layout.
SIM DATA - this is a digital data that being stored on a SIM memory
SIM Clock - this is a clock frequency signal that being synchronize to the digital data to create data signal in order transfer or sends and receive data information.
SIM Reset - this is also a frequency signal that triggers or reset all synchronization process.

VSIM B+ Supply Voltage- This a power supply voltage used to activated the SIM circuit.
SIM Ground - a ground line voltage
The smartcard with Subscriber identity module application is generally known as
SIMCARD. But, In reality, the SIM is effectively a mass-market smart card.

PIN and PUK:
PIN –Personal Identification Number

2 PINs exist (PIN 1 and PIN2)

Limited attempts on PIN accessPUK –PIN Unblocking Code
Resetting PUK, resets PIN and the attempt counter
Too many attempts on PUK blocks use permanently.

Two ways of Storing Data in SIM
1. As GSM Files
The data used for Telco and GSM operation are all stored over the files.
Telco/operator can change the Data this file through RFM in a secure channel.
Only upon successful verification of file access condition a file can be read.
All files are protected by access conditions.
2. As application data within an STK application as instance data.
mChek stores all its secured encrypted information within application data. All the
information stored is in persistent objects. Only mChek Server can access these
data through mChek OTA platform.