Thursday, December 06, 2007

The top 10 computer security threats for 2008

The 2008 Olympics is likely to spur a flurry of hacker activity, says Websense Inc, which specializes in web filtering and security software, releasing the top ten computer security threats for 2008.

"Looking at the current attack trends, cyber criminal techniques are evolving quickly and efficiently to not only evade detection, but to steal data and manipulate trusted content such as Web sites and applications," said Dan Hubbard, vice president of security research, Websense, in a media release. "It's critical that organizations and individuals recognize that attackers are changing techniques and launching targeted attacks."

The top 10 security threats are:

1. Olympics: New cyber attacks, phishing and fraud

Event-based attacks and scams are popular, and with the whole world watching, the 2008 Olympics may fuel a surge in cyberattacks, says Websense. As the Olympic torch burns, Websense researchers predict the possibility of large scale denial-of-service attacks on Beijing Olympic-related sites as political statements and fraud attempts through email and the Web surrounding the Olympics. Additionally, Websense predicts compromises of popular Olympic news or other sports sites -- attacks designed to install malicious code on end-users' machines and steal personal or confidential business information.

2. Malicious spam invades blogs, search engines, forums and Web sites

Websense predicts that hackers will increasingly use Web spam to post URLs to malicious sites within forums, blogs, in the commentary or 'talk-back' sections of news sites and on compromised Web sites. This activity not only drives traffic to the infected Web sites but also assists in the purveyor's site sitting higher on search engine rankings, increasing the risk that users will visit the site.

3. Attackers use Web's 'weakest links' to launch attacks

The Web is an entanglement of links and content. The advent of Web 2.0 additions such as Google Adsense, mash-ups, widgets, and social networks along with the massive amounts of Web advertisements linked to Web pages have increased the likelihood of 'weak links' -- or Web sites and content that are vulnerable to compromises.

Websense predicts that attackers will increasingly exploit the weakest links within the Web infrastructure in order to target the greatest number of Internet users. Most vulnerable to these attacks are search engines and large user networks such as MySpace, Facebook or other social networking sites.

4. Number of compromised Web sites will surpass number of created malicious sites

The Web as an attack vector has been steadily increasing for the last five years and now attackers are using compromised sites as their launching platforms -- even more than their own created sites. Compromising sites -- particularly, sites well-visited by end-users, such as the Dolphin Stadium attack that occurred a few days prior to the 2007 Super Bowl XLI in Miami, provides attackers with built-in Web traffic and minimizes the need for lures through email, instant messaging or Web posts.

5. Cross-platform Web attacks: Mac, iPhone popularity spurs increase

With the brand popularity and growing use of iPhones and Macintosh computers, Websense researchers predict attackers will increasingly launch cross-platform Web attacks that detect the operating system in use and serve up code specifically targeting that operating system instead of attacks based on just the Web browser. Operating systems that are targeted now include Mac OSX, iPhone, and Windows.

6. Rise in targeted Web 2.0 special interest attacks: Hackers targeting specific groups of people based on interests and profile

Web 2.0 has spawned a proliferation of Web users that visit chat rooms, social networking sites, and special interest Web sites such as travel sites, automotive, and more. These sites provide attackers with potential victims that fall within a certain age group, wealth bracket, or people with particular purchasing habits. In 2008, Websense researchers predict targeted attacks will rise toward specific social networking or special interest sites that have a higher probability of delivering a payoff.

7. Morphing JavaScript to evade anti-virus scanners

Hackers are upping the ante with evasion techniques that use poly-morphic JavaScript (Polyscript) -- which means that a uniquely-coded Web page is served up for each visit by a user to a malicious Web site. By changing the code every visit, signature-based security scanning technologies have difficulty detecting Web pages as malicious and hackers can extend the length of time their malicious site evades detection.

8. Data concealment methods increase in sophistication

Websense predicts an increased use of crypto-virology and sophistication in data concealment including the use of stenography, embedding data within standard protocols, and potentially within media files. Toolkits widely available on the Web will be used to embed proprietary information and steal data.

9. Global law enforcement will crack down on key hacker groups and individuals

In 2007, large-scale Internet-based attacks garnered the attention of law enforcement officials around the world. Websense anticipates that through the global cooperation of enforcement agencies, in 2008 the biggest crackdown and arrests of key members of a hacker group will occur.

10. Vishing and voice spam will combine and increase

The vast cell phone user population has grown into a lucrative market to exploit with spamming and "vishing" for financial gain. To date, researchers have seen an increased number of vishing attacks but not a lot of spam -- or pro-active automated calling. In 2008 Websense predicts that 'vishing,' or the practice of using social engineering and Voice over IP (VoIP) to gain personal and financial information, and voice spam will combine and increase -- users will receive automated voice calls on LAN lines with voice spam to lure them to input their credentials through the telephone.

Friday, November 30, 2007

How To Increase Traffic to Your Blog / Best Ways To Increase Traffic to Your Blog

One important topic for blog owners is how to increase traffic, which is easier than it seems, once you know how. In this article, we cover 7 specific methods of increasing traffic to your blog.

Tip #1: Sign up for pinging services
It seems pretty obvious, but many bloggers, even those who are more experienced, don’t sign up for pinging services. If you’re new to blogging, pinging means that when your blog is updated, a “ping” is sent out by the service to let pinging sites know that your blog has been updated. People who are visiting sites with pinging services will then see your blog flash across the side of the screen as “newly updated.” Pinging services include Yahoo’s blogs, weblogs.com, Google Blog search and ZingFast.

Tip #2: Sign up for Technorati
If you go to technorati.com, you’ll see an option on the left side of the screen to “Claim Your Blog.” Doing so allows you to get updated link counts, add your photo or branding to Technorati and see your Technorati link. Having your blog claimed on Technorati helps to increase traffic because the millions of people who go to that site will have a chance to see your blog listed there.

Tip #3: Sign up for FeedBurner, an RSS service
FeedBurner basically helps you to promote your blog’s content, and to build and measure your audience.

Tip #4: Bookmark your blogs at places like del.icio.us
You can set up an account and profile at del.icio.us. From there, you can add links to your blog, as well as excerpts. When a user visits your profile on del.icio.us, they will see a link to your blog and excerpts. There are other social bookmarking sites that you can use in much the same way. All of these social bookmarking sites can help you increase traffic.

Tip #5: Post comments at other blogs
Here, you should visit similar blogs to your own, post legitimate comments and then sign your name(along with a link to your blog). This way, people know you aren’t there just to promote your site—you’re there to post a good piece of feedback and also say where you’re from.

Tip #6: Ask owners of other blogs to post a link to yours
Find other blogs that are similar to yours. If they seem to be decently popular (if they have a good amount of comments for each post), contact the owner of the blog and ask if they will add a link to your blog. Offering to link back to their blog is a way to sweeten the offer. Reciprocal linking helps to increase traffic.

Tip #7: Use keywords in your blog
Like regular Web pages, having a good keyword density on a blog is a terrific way of getting search engine spiders to notice your page. (FYI: search engine spiders are programs from search engines that browse sites and report back their findings to the search engine database, which then lists that site. The more keywords on your site, the more likely it is for a search engine spider to pay a visit)

If your average blog posting is around 200 words, use 2-6 keywords per blog post. This creates a keyword density of between 1 and 3 percent, a respectable number. Remember that you don’t want to use too many keywords, as that will make your blog look bad. Also be sure that the keywords used are relevant to your blog. Before even making a blog posting, decide what the post will be about and then select a keyword or two to use in your post. This will help to increase your traffic.

Tuesday, October 23, 2007

Advantages and disadvantages of flash usage in web design

Flash allows web developers to create interactive content, such as animations, animated menus, movies, games and more. Flash animations can be made rapidly, using a certain type of software which provides the developer with visual tools easy to use and understand.

Flash is based on vector graphics, which means
that flash animations can be rescaled without losing the image quality. Flash animations can be embedded in HTML pages as menus, movies or web site layouts. You will be able to create presentations, short courses, quizzes, Flash being an effective multimedia tool in business marketing and e-learning due to the possibility of easy control and model of the degree of interactivity for a certain animation. Flash movies have a high loading speed, being rendered with controllable quality by all major modern web browsers.

There are also disadvantages of Flash, depending on its implementation in a web site structure. For example, if your website needs the presence of many customers, it’s recommended to avoid the excessive flash usage, especially in web sites intros. Flash is not optimized for search engine indexing, and as a consequence, the content of your Flash animation is not visible for search engine spiders.

If your flash intro will contain unoptimized raster images, the final animation size will determine higher page loading times, which could mean losing many of your visitors or customers. On the other hand, updating the Flash content of a given website could be more expensive than traditional content non-Flash based.

The selection criteria of Flash editing tools is also important, due to performance of optimization options and their cost. In conclusion, as a function of your website destination, you should carefully select the parts where Flash animations will fit in, and never overuse Flash animations.

Top 51 Free & Useful Downloads

Once upon a time you actually had to pay for great software or use illegal cracked versions. The scenario has totally changed today. Luckily we are out of that world now. If you want to make your PC more productive, secure, informative and entertaining, try these softwares listed below. We've compiled a list of the most useful softwares available for download - and they don't cost even a cent!

Tweaking Windows XP
  • Fresh UI - Configure and optimize your system, hardware, and Windows application settings.
  • Microsoft Power Toys For Windows XP - PowerToys add fun and functionality to the Windows experience. PowerToys are additional programs that developers work on after a product has been released.
  • Tweak & Tune - Access hidden Windows system settings.
Tweaking Windows Vista
  • Tweak VI Basic - Tweak hundreds of hidden features of Windows Vista.
  • VistaBootPRO - Featured in PC Magazine, Microsoft's Tech Net Magazine, and hundreds of online articles worldwide.
  • EasyBCD - Modify, back up, and restore configurations of Windows Vista bootloader.
Security Tools
  • Ad-Aware SE Personal - Scan your system for ad-supported software components and remove them.
  • Avast - Scan your computer for viruses, worms, and Trojan horses.
  • ZoneAlarm - Protect your Internet connection from hackers and other security breaches.
  • AVG Anti-Virus - Protect your computer from viruses and malicious programs.
  • SMAC - View, change, and validate MAC Address.
  • Microsoft Windows Defender - Remove spyware from your PC and prevent unwanted software from being installed without your knowledge.
  • Spybot Search & Destroy - Search your hard disk and Registry for threats to your security and privacy.
Registry Cleaners
System Information
  • Belarc Advisor - Plug a PC audit into your browser with details on hardware and software.
  • SpeedFan - Monitor fan speeds, temperatures, and voltages in computers with hardware monitoring chips.
  • M2 Information - Get your system specifications quickly for easy reference when filling in technical-support questionnaires.
E-mail Clients
  • Thunderbird -View e-mail and news the way you want it, with intelligent junk controls and personalized themes.
  • Eudora - Send e-mail to and receive it from friends and coworkers.
  • Spamato - Add-on for Microsoft Outlook, an extension for Thunderbird and Mozilla Mail, and as a stand-alone proxy component.
File Sharing
  • AllPeers - Share anything with people you choose
  • Pando - Bypass e-mail attachment limits when sending big files.
  • uTorrent - Manage BitTorrents for Windows with scheduling and other features
  • Skype - More than just talk
  • Yahoo Messenger - Communicate instantly with your friends on YIM and Windows Live using custom avatars, PC-to-PC calling, and lively emoticons.
  • Trillian - Chat and share files with all your friends on mIRC, AIM, ICQ, MSN, and Yahoo Messenger.
  • Google Talk - Talk share with your friends for free.
  • Microsoft Windows Live Messenger - Connect and share instantly on the worlds most popular IM network.
Desktop Search
Office Suites & Word Processors
  • OpenOffice.org - Take an open-source approach to office productivity.
  • Easy To-Do - Manage important tasks at home or in the office.
  • NoteTab Light - Edit text and HTML documents of any size.
  • Crimson Editor - Edit programs in HTML, C/C++, Perl, Java, and other languages.
  • EditPad Lite - Try a general-purpose Notepad-like text editor.
Backup & File Synchronization
Video Players
  • VLC Media Player - Play audio and video files with this cross-platform media player and streaming server.
  • iTunes Foobar2000 - Listen to music with an audio player that supports several popular audio formats.
Image Editing
  • Google Picasa - Find, edit, and share pictures faster.
  • IrfanView - View and edit most graphics formats available today in a fast and simple way.
  • StudioLine Photo Basic - Import, manage, edit, and share your digital images using e-mail, slide shows, and Web galleries.
  • Microsoft Photo info - View and change metadata properties for digital photographs in Windows Explorer.
  • FastStone MaxView - View, edit, and manipulate your images.
  • GIMP - Create and alter photos and graphics manually or via scripting.
  • Paint.net - Create and alter photos using layers, effects, and other tools.
Audio Players
  • Nullsoft Winamp - Play and organize a variety of audio and video files.
  • iTunes - Create MP3 playlists, burn CDs, and download music with this top-rated jukebox.
  • Audacity - Edit your digital audio files.

Monday, October 15, 2007

A Visual Explanation of SQL Joins

I thought Ligaya Turmelle's post on SQL joins was a great primer for novice developers. Since SQL joins appear to be set-based, the use of Venn diagrams to explain them seems, at first blush, to be a natural fit. However, like the commenters to her post, I found that the Venn diagrams didn't quite match the SQL join syntax reality in my testing.

I love the concept, though, so let's see if we can make it work. Assume we have the following two tables. Table A is on the left, and Table B is on the right. We'll populate them with four records each.

id name       id  name
-- ---- -- ----
1 Pirate 1 Rutabaga
2 Monkey 2 Pirate
3 Ninja 3 Darth Vader
4 Spaghetti 4 Ninja

Let's join these tables by the name field in a few different ways and see if we can get a conceptual match to those nifty Venn diagrams.

SELECT * FROM TableA
INNER JOIN TableB
ON TableA.name = TableB.name

id name id name
-- ---- -- ----
1 Pirate 2 Pirate
3 Ninja 4 Ninja

Inner join produces only the set of records that match in both Table A and Table B.

Venn diagram of SQL inner join
SELECT * FROM TableA
FULL OUTER JOIN TableB
ON TableA.name = TableB.name

id name id name
-- ---- -- ----
1 Pirate 2 Pirate
2 Monkey null null
3 Ninja 4 Ninja
4 Spaghetti null null
null null 1 Rutabaga
null null 3 Darth Vader

Full outer join produces the set of all records in Table A and Table B, with matching records from both sides where available. If there is no match, the missing side will contain null.

Venn diagram of SQL cartesian join

SELECT * FROM TableA
LEFT OUTER JOIN TableB
ON TableA.name = TableB.name

id name id name
-- ---- -- ----
1 Pirate 2 Pirate
2 Monkey null null
3 Ninja 4 Ninja
4 Spaghetti null null

Left outer join produces a complete set of records from Table A, with the matching records (where available) in Table B. If there is no match, the right side will contain null.

Venn diagram of SQL left join
SELECT * FROM TableA
LEFT OUTER JOIN TableB
ON TableA.name = TableB.name
WHERE TableB.id IS null

id name id name
-- ---- -- ----
2 Monkey null null
4 Spaghetti null null

To produce the set of records only in Table A, but not in Table B, we perform the same left outer join, then exclude the records we don't want from the right side via a where clause.

join-left-outer.png
SELECT * FROM TableA
FULL OUTER JOIN TableB
ON TableA.name = TableB.name
WHERE TableA.id IS null
OR TableB.id IS null

id name id name
-- ---- -- ----
2 Monkey null null
4 Spaghetti null null
null null 1 Rutabaga
null null 3 Darth Vader

To produce the set of records unique to Table A and Table B, we perform the same full outer join, then exclude the records we don't want from both sides via a where clause.

join-outer.png

There's also a cartesian product or cross join, which as far as I can tell, can't be expressed as a Venn diagram:

SELECT * FROM TableA
CROSS JOIN TableB

This joins "everything to everything", resulting in 4 x 4 = 16 rows, far more than we had in the original sets. If you do the math, you can see why this is a very dangerous join to run against large tables.

Thursday, October 11, 2007

Understanding Domain Name System (DNS)

Domain Name System (DNS) makes it possible to refer to Internet Protocol (IP) based systems (hosts) by human-friendly names (domain names). Name Resolution is the act of determining the IP address (or addresses) of a given host name.

Benefits of DNS
  • Domain names can be logical and easily remembered.
  • Should the IP address for a host change, the domain name can still resolve transparently to the user or application.
The structure of Domain Names
  • Domain names are separated by dots, with the topmost element on the right. Eg: www.yahoo.com . IP addresses have topmost element on the left.
  • Each element may be up to 63 characters long. The entire name may be atmost 255 characters long.
  • The right most element in a domain name is called the Top-Level Domain (TLD). Referring the above example (www.yahoo.com), TLD is 'com'.
  • If a domain name is not shortened, it is called the Fully Qualified Domain Name (FQDN). For example, briefcase.yahoo.com can be specified by a machine in the yahoo.com domain as either briefcase.yahoo.com (FQDN) or as briefcase.
Host names map to IP addresses in a many-to-many relationship. A host name may have one or more IP addresses. Conversely, an IP address may have multiple host names associated with it.

Hosts that are designed to perform email routing are known as mail exchangers. These machines should have special purpose records in DNS called Mail eXchanger (MX) records. When a SMTP server or mail server, needs to send mail to a remote domain, it does a DNS lookup for the Mail Exchanger (MX) of that remote domain. A domain can and should have multiple mail exchangers. Mail that cannot be sent to one mail exchanger, can instead be delivered to an alternative server, thus providing failsafe redundancy.

Different types of Domain Name Servers
  1. Root Name server - Each top level domain (such as in,edu,com etc) has one or more root name servers which are responsible for determining where the individual records are held. These servers are fairly static and every machine on the internet has the capability of reaching any of them. A root name server is allocated like just one to three per country. For example, India has only 2 root name servers.
  2. Authoritative Name Servers - These are the servers that the Root name servers sent queries to. These servers hold the actual information on an individual domain. This information is stored in a file called a zone file. Zone files are updated versions of the original HOSTS.TXT file.
  3. Resolving Name Server - These are the servers that do most of the work when you are trying to get to a machine with a certain host name. Besides being responsible for looking up data, they also temporarily store the data for host names that they have searched out in a cache, which allows them to speed up the resolution for host names that are frequently visited.
Zone
A zone keeps the information about the domain database. It does this by maintaining two types of files:
Zone File - It is used to map host names to address, to identify the mail servers, and to provide other domain information.
Reverse Zone File - This file is responsible for mapping IP address to host names, which is exactly the opposite of what the zone file does.

Note: The zone file and the reverse zone file has to be maintained by the user.

Name Server Hierarchy
Master Name Server - Also called primary server. This contains the master copy of data for a zone.
Slave Name Server - Also known as secondary server. This provides a backup to the master name server. All slave servers maintain synchronization with their master name server.
A zone may have multiple slave servers. But there will be only one master name server per zone.

Apache : Name-based Vs IP Based Virtual Hosting

Often when, you attend interviews for network administration related jobs , the one question you may encounter while discussing about web servers is the difference between name-based and IP based virtual hosting. Here I will explain the difference between the two.

In IP-based virtual hosting, you are running more than one web site on the same server machine, but each web site has its own IP address. In order to do this, you have to first tell your operating system about the multiple IP addresses. See here configuring multiple IP addresses on a single NIC . You also need to put each IP in your DNS, so that it will resolve to the names that you want to give those addresses .

In Name-based virtual hosting, you host multiple websites on the same IP address. But for this to succeed, you have to put more than one DNS record for your IP address in the DNS database. This is done using CNAME tag in BIND. You can have as many CNAME(s) as you like pointing to a particular machine. Of course, you also have to uncomment the NameVirtualHost section in httpd.conf file and point it to the IP address of your machine.

#FILE: httpd.conf
...
NameVirtualHost 192.168.0.1
...

Setting up multiple IP addresses on a single NIC

In linux, you can bind multiple IP addresses on a single NIC. This is usually done in case you are using your linux machine as a webserver and is hosting multiple domains and you want to bind each domain to a unique IP address. This is how it is done.
Let us assume that you already have a NIC which is bound with a static IP address. Then you will have a file called /etc/sysconfig/network-scripts/ifcfg-eth0 .My ifcfg-eth0 file has the following entries:
# File: ifcfg-eth0
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.0.1
NETMASK=255.255.255.0
BROADCAST=192.168.0.255
NETWORK=192.168.0.0
HWADDR=00:80:48:34:C2:84
Now to bind another IP address to the same NIC, I create a copy of the above file ifcfg-eth0 and name it as ifcfg-eth0:1
# cd /etc/sysconfig/networking-scripts
# cp ifcfg-eth0 ifcfg-eth0:1
Now just change the values of the DEVICE and IPADDR in the file as follows:
# File: ifcfg-eth0:1
DEVICE=eth0:1
ONBOOT=yes
BOOTPROTO=static
IPADDR=192.168.0.5
NETMASK=255.255.255.0
BROADCAST=192.168.0.255
NETWORK=192.168.0.0
HWADDR=00:80:48:34:C2:84
And lastly, restart the networking service. If you are using RedHat, then it is as simple as :
# service network restart

How to install a Network card in linux

There are different ways of installing a network card in linux - and that too depending on the linux distribution that you are using. I will explain each one of these methods here.
1) The Manual method
First open the computer case and insert the network card into an empty PCI slot. Then boot up your machine to load linux. In linux login as root and then navigate to the directory /lib/modules/kernel_version_number/net/ . Here you will find the modules supported by your system. Assuming that you have a 3Com ethernet card, in which case, the module name is 3c59x , you have to add this in the /etc/modules.conf file to let the machine detect the card each time the machine boots.
#File: /etc/modules.conf
alias eth0 3c59x
Note: If you have only one network card, it is known by the name eth0, the succeeding network cards in your computer go by the name eth1, eth2 ... and so on.
Now you have to load the module into the kernel.
root# /sbin/insmod -v 3c59x
Next configure an IP address for the network card using ifconfig or netconfig or any other method if your machine gets its IP address from a DHCP server. Eg:
root# ifconfig eth0 192.168.1.5 netmask 255.255.255.0 broadcast 192.168.1.255
2) The Easy way
RedHat/Fedora distributions of linux ships with Kudzu a device detection program which runs during systems initialization (/etc/rc.d/init.d/kudzu). This can detect a newly installed NIC and load the appropriate driver. Then use the program /usr/sbin/netconfig to configure the IP address and network settings. The configuration will be stored so that it will be utilized upon system boot.


How to Assign an IP address

Computers may be assigned a static IP address or assigned one dynamically (via DHCP). Here I will explain the steps needed to assign an IP address to your NIC.
Choose one of the following methods:

=> Dynamic Host Configuration Protocol (DHCP) is a protocol used by networked computers (clients) to obtain IP addresses and other parameters such as the default gateway, subnet mask, and IP addresses of DNS servers from a DHCP server.
Command line :
/sbin/ifconfig eth0 192.168.1.3 netmask 255.255.255.0 broadcast 192.168.1.255
GUI tool : You can use the GUI tool /usr/bin/neat - Gnome GUI network administration tool. It handles all interfaces and configures for both static assignment as well as dynamic assignment using DHCP.

Console tool : /usr/sbin/netconfig (Only seems to work for the first network interface eth0 but not eth1,...)

The ifconfig command does NOT store this information permanently. Upon reboot this information is lost. (Manually add the commands to the end of the file /etc/rc.d/rc.local to execute them upon boot.) The command netconfig and /usr/bin/neat make permanent changes to system network configuration files located in /etc/sysconfig/network-scripts/ , so that this information is retained.
The Red Hat configuration tools store the configuration information in the file /etc/sysconfig/network. They will also allow one to configure routing information.
# File: /etc/sysconfig/network
# Static IP address Configuration:
NETWORKING=yes
HOSTNAME=my-hostname # Hostname is defined here and by command hostname
FORWARD_IPV4=true # True for NAT firewall gateways and linux routers. False for
# everyone else - desktops and servers.
GATEWAY="XXX.XXX.XXX.YYY" # Used if your network is connected to another
# network or the internet.

# Gateway not defined here for DHCP.

# Or for DHCP configuration: in the same file /etc/sysconfig/network
NETWORKING=yes
HOSTNAME=my-hostname # Hostname is defined here and by command hostname
# Gateway is assigned by DHCP.
# File: /etc/sysconfig/network-scripts/ifcfg-eth0
# Static IP address configuration:
DEVICE=eth0
BOOTPROTO=static
BROADCAST=XXX.XXX.XXX.255
IPADDR=XXX.XXX.XXX.XXX
NETMASK=255.255.255.0
NETWORK=XXX.XXX.XXX.0
ONBOOT=yes
# OR for DHCP configuration:
DEVICE=eth0
ONBOOT=yes
BOOTPROTO=dhcp
Used by script /etc/sysconfig/network-scripts/ifup to bring the various network interfaces on-line.
To disable DHCP change BOOTPROTO=dhcp to BOOTPROTO=none
In order for updated information in any of these files to take effect, one must issue the command:
root# service network restart

Tuesday, July 31, 2007

The Future of The Web

The next-generation Net won’t just be more portable and personal. It’ll also harness the power of people, making it even easier to zero in on precisely what you’re looking for.

The web’s most common method of interaction is the tried-and-true link: “Click here and we’ll show you a different page.” But the future of online will be fast, two-way communication, the roots of which are beginning to take hold. New technologies will soon give us speedy, uninterrupted access to the Web wherever we wander. We’ll see innovative Web applications that allow us to access information anywhere and work seamlessly with colleagues around the globe. People will gain more power online—rather than simply reading the news, they’ll be able to go out and uncover some stories of their own. And new sites and services will offer information targeted precisely to your needs, rendering one-size-fits-all sites obsolete.

The Web Gets Down to Work

New web services—ones that mimic desktop applications but work entirely within a browser window—appear constantly. But the Web apps you’ll eventually use will focus on productivity and mobility, instead of simply giving you the same functions you’d find in a desktop application.

“Web applications are terrific for situations where you want to share and collaborate,” says Google product manager Bret Taylor. “That’s where we see the most benefit: for consumers planning the annual family reunion or a group of colleagues putting together a sales proposal.”

Brandon Schauer, design strategist for Web consulting firm Adaptive Path, says the next phase of Web applications will focus on practical uses: “things that the rest of the world might have a reason to interact with, not just the Generation Y people who have time to click around,” he says.

One business-focused Web application, Coghead, has been in development since 2003 and is likely to launch soon. It’s a beefy-looking app that allows nonprogrammers to build their own custom applications for tasks like inventory control, with data stored entirely online. Coghead CEO Paul McNamara says the application will be aimed at small to medium-size businesses, and at people who have some level of technical ability—“people who do macros in Microsoft Excel, work in Microsoft Access, or Adobe Dream-weaver,” explains McNamara.

Another Web application that reflects that trend toward productivity is weSpendMoney. It’s one of the first offerings to store users’ financial data exclusively online, unlike more traditional desktop applications. Pedro Sousa, one of the developers, says that future versions of the application will allow users to view their data on the tiny screens of Web-enabled cell phones, too.

A focus on mobility is a common theme among Web apps. “At some point, applications as advanced as Google Earth will be able to run on devices as small as a cell phone,” says Google’s Taylor. “Users will be able to search and collaborate more effectively no matter where they are.”

Another category that will gain in popularity is what Adaptive Path’s Schauer calls “workarounds.” Examples include Kayak.com, a site that uses a Web app to help people deal with the aggravation of shopping for airline tickets, and VideoEgg, which compresses video via a plug-in, thereby skirting poky uploads caused by slow upstream connections.

Social networking sites like MySpace are huge, but sites that aren’t purely social will use people connections to solve problems. Schauer says sites that use social networks in this way “plug into what the Web has always been great at, which is getting you together with people who share the same interests but may be miles away.” Examples include Last.fm and Pandora, which ascertain your musical preferences and play songs from additional artists you might like. These sites also let you find and play “stations” that have been created by others. Another similar site is Soundflavor.

Search Engines With Real Savvy

Today most search engines depend primarily on algorithmic processing: results that are ordered by popularity. But better systems are beginning to supplement the blunt-force approach. “We want to do a better job of understanding the user’s intent and the content provider’s intentions,” says Peter Norvig, director of research for Google. “We mostly rely on matching keywords, but we’d like to get closer to matching the intent.”

Microsoft is another company investing heavily in research on search technology. “We’re working on all kinds of things that will go away from ‘here’s ten links on a page,’” says Adam Sohn, a director in Microsoft’s online services group, which is responsible for the Windows Live portal. “If someone is searching for ‘Jaguar,’ he explains, “the smarts to distinguish between ‘he’s looking for a car and ‘a big cat in the jungle’—that’s coming.”

Search engines can also deliver improved, more personalized results by adding better sources of information. “A search engine would be very good at telling me who won the FIFA World Cup, but bad at telling who’s the best nanny in the neighborhood,” says Sohn. So search engines are adding social networking features for sharing information within small groups.

Social-network searching will extend to other areas, too. Sohn says most video sites encourage the people who upload clips and those who view them to add tags. “Over time, especially with video, there will be this social input, where people add tags to other people’s video. Then you get this sort of community-reinforced set of searchable attributes.”

Soliciting input will also help provide searchers with more personalized results. Norvig says Google should do a better job of helping people use the search engine the way it is by offering proactive suggestions—for example, “It looks like you’re trying to do this kind of search; here’s how you do it.” Sohn says Microsoft is building two-way feedback mechanisms that will ask users how useful they found the search result.

Both Norvig and Sohn agree that one issue search engines will be addressing is how to present search results. Most search sites have many sections drawing on separate databases. “[We have] one look for Web sites, one for news, one for images,” Norvig says of Google’s site. “We want to find a way to combine all of that information.” Microsoft’s Sohn uses the example of combining results from Windows Live’s QnA (question and answer) section with its main search section. “We need to build the connection between the two services. It’s not a multiyear thing; it’s in the next 12 to 18 months.”

New Clout for Everyday People

Even with throttled bandwidth, people are uploading 65,000 new videos to YouTube each day. More than 52 million blogs are covering everything from the best burger in Bangalore to the latest finance scandal. Think that’s impressive? Amateurs will find new venues that will give them even greater influence.

Jay Rosen, an associate professor of journalism at New York University and writer of the PressThink blog, says that amateur and professional journalists can work together to produce some-thing greater than either could produce separately. “Bloggers are good at filtering and organizing information,” he says.

“Sometimes they get involved in [reporting on] things, but often it’s accidental. They’re collating what’s out there.” NewAssignment.net, combines the efforts of amateurs and professionals. Members will suggest, debate, and research stories; professional reporters will complete selected stories.

The Web will continue to reshape itself to serve not just professionals and geeks but everyone, whether they have an opinion, a gripe, or simply a job that needs to be done.

Monday, June 04, 2007

10 Valuable Tips for Creating Your Web Site


Introduction

When looking for ways to build of your web site, even minor steps can make a huge difference. The most helpful information and best content will have little impact without simple protocols that make your Web site easier to use and more visually appealing. This paper focuses on 10 tips you can employ to ensure your web site is effec- tive from the day it goes live.

1. Accessibility

Web site accessibility has recently become a very important issue in the web community. Because of Section 508 of the Rehabilitation Act of 1973, all web sites and pages created by Federal agencies and Federal contrac-tors after June 21, 2001 must comply with its provisions. The purpose of the law is to make web sites accessi-ble to all individuals, including those with disabilities. The World Wide Web Consortium (W3C) developed Web
Content Accessibility Guidelines (May 1999), which expand the scope of Section 508.

This is very important to all web developers, whether you are a government agency, a contractor who does work for the government, or a private firm with its own web site. An accessible web site refers to any content or information provided via an online medium that all individuals (including those with disabilities) could easily access and understand. Disabilities include not only visual impairments, but auditory, cognitive, and physical
impairments as well. They can range from very severe (total blindness, for example) to something as simple as the increasing inability to see contrasts that develop as we age. Greater accessibility means more people can fully utilize your web site’s features.

There are a number of aids available for enhancing accessibility. These range from programs like Jaws or IBM’s Home Page Reader—which read the page aloud for the visually impaired—to sip-and-puff systems for the quadriplegic. It is up to the web developer to create pages that allow these systems to provide an equivalent alternative for these individuals. Think of accessing a web page as being similar to a play or opera. If you read the script without benefit of the actors’ interpretation, lights, scenery, or music, you are only experiencing one aspect of the author’s intent. The same is true of web access: if you can only hear the words being read, for example, with no description of the images on the page or other visual components, you would not fully expe-rience the information being provided on the page. That is why, when we include an image, it is important to use the “alt” attribute to provide a description of the image. This enables a screen reader to read this informa-
tion aloud for a visually impaired user.

There are several other tips like using table headers with tables of information, not just placeholders. Be careful of using the colors red and green together because of red/green colorblindness. Use sounds with care. Not everyone can hear, nor does everyone have speakers set up on their computers.

So how do you know if your web site is accessible? Go to http://webxact.watchfire.com and enter the URL for a web page. This free application will test your page and let you know where it does not comply

2. Security

Security is crucial to the success of your web site. There are several steps you can take to minimize the risk that your web sites will be subjected to a breech in security.

Security Updates
Be sure you are running the most current version of your web Server. Monitor your vendor updates, and per-form regular maintenance.

Validate User Input on the Client and the Server
Validating user input on the client is great for user experience. However, you need to validate input on the server side as well. Consider that there are tools that look and feel to your sever like a web site when in fact they are actually designed to fake input such as passwords.

Audit Logs
Maintain and review server logs to check for suspicious activity.

Common Settings
Be sure to minimize the risk to your server by minimizing the things users can do on your server. For example, don’t permit users to browse the directory structure of your site unless it’s necessary.

Lockdown Your Server
Most servers have standard development mode and then a production mode. For example, Microsoft’s Internet Information Server (IIS) has a lockdown utility that minimizes the attack surface for your web site.

3.Web Server Statistics

How many visitors do you have? What pages do they frequent? What times do they log on? Utilize a web tool to assist you in not only collecting these statistics but also analyzing and correlating them. Web tools, such as Web Trends, will aid you in collecting and utilizing this knowledge to answer these questions about your site. Build a web page that not only follows appropriate standards, but also drives repeat visitations.

4. Dynamic Technologies Styles
Are the pages within your site beginning to feel and act a little plain? Would you like more ways to format your documents and give users more interaction with them? If so, then your site could make use of languages such as Cascading Style Sheets and JavaScript.

Cascading Style Sheets (CSS) technology gives you more control of page layout and the ability to control the design of multiple pages on your site from a single file. Additionally, CSS allows you to develop more sophisticat- ed layouts, more font schemes, and even more interactivity for your pages than was possible using just HTML.

JavaScript techniques are needed to develop cutting-edge, interactive web sites. From opening windows to image-flipping and form validation, Javascript can help you build exciting, dynamic web pages.

Integrating HTML, JavaScript, and Cascading Style Sheets techniques are collectively known as Dynamic HTML or DOM Scripting. Utilizing all three languages allow you to fully exploit the capabilities of Netscape Communicator, Firefox, and Microsoft Internet Explorer.

5. Efficient Use of Appropriate Design Software

In the past, many web developers eschewed graphical web editing packages and boasted of developing pages using a simple text editor (for example, Notepad). There is still a place for text editors, but efficient designers and developers both use appropriate design software, often manually tweaking the code. Such packages offer a what- you-see-is-what-you-get (WYSIWYG) environment for designers and code-writing tools for developers. These have
the software-complete repetitive steps, and let designers and developers focus on what they do best.

There are many options, but here are some of the major ones:
Dreamweaver (Adobe, formerly Macromedia)
• The most popular package
• Offers both design (layout) and development (programming) support
• Supports all major server-side scripting languages (ColdFusion, ASP, PHP, JSP), Javascript, XML, and

ASP.NET (VB.NET and C#)
• Integrates well with Adobe Flash and Adobe Fireworks (both formerly Macromedia)

GoLive (Adobe)
• Offers both design (layout) and development (programming) support
• Supports several scripting and markup languages (PHP, JavaScript, SVG-t, SMIL)
• Integrates well with long-standing Adobe products (Photoshop, Illustrator, InDesign)

FrontPage (Microsoft)
• Offers both design (layout) and development (programming) support
• Supports Microsoft JScript and ASP.NET (VB.NET and C#)
• Integrates well with Visual Studio .NET and the Microsoft Office Suite

Microsoft Visual Studio (Microsoft)
• Primarily provides development (programming) support
• Integrated Design Environment (IDE) for developing in .NET environment
• Supports .NET languages (primarily VB.NET and C#, but other extensions for other
languages provided by third parties)

Eclipse (open source)

• Primarily provides development (programming) support
• Integrated Design Environment (IDE) for developing in any environment, but mostly
ommonly used for J2EE
• Supports a multitude of programming languages (not language-specific).


6. Standards and Browser Independence

Web site development has come a long way. There are lots of new tools that will help with web-page design, not to mention web sites that offer suggestions and ideas for making your web site absolutely incredible. Probably the biggest movement is the increasing use of Cascading Style sheets to separate page content from formatting. We are also seeing more sophisticated use of JavaScript to make pages more dynamic and, therefore, more interesting. Along with this, the World Wide Web Consortium (W3C) has instituted an effort to standardize how browsers handle the display of web pages through the use of XHTML. It is hoped that among all of these initiatives, programming for the web will become less a matter of making sure our pages work on all browsers by testing against each one, and more one of creating web pages that are useful, accessible, and exciting.

There are a vast number of resources on the web to help improve web sites. For information about the new XHTML standards, as well as help with Cascading Style Sheets and DOM Scripting (using JavaScript to make your web pages more dynamic), the W3C pages (http://www.w3.org) are invaluable. They include examples and tutorials, both of which are very well done. For some wonderful examples of Cascading Style Sheets, we recommend CSSZenGarden.com (http://www.csszengarden.com). The organization that runs this site supplies an html page with the required content. Designers are invited to create an external style sheet to format the page. New contributions are regularly posted.

Another excellent resource is http://www.dynamicdrive.com. The Internet group on Google groups, formerly Deja, http://groups.google.com/groups is helpful as well. The good news is that you can post a question through Deja/Google groups. Within 24 hours you will usually get one-to-three technically correct answers. Other potential resources include:

http://www.developer.com
This is a solid resource for most scripting/programming languages and is top-notch for Java.
http://www.codehound.com
This is another language resource and is especially helpful with Microsoft .NET technologies.
http://www.4GuysFromRolla.com
This is the definitive place to get ASP or ASP.NET information.
http://www.php.net A good resource for php.
http://www.news.com CNET news.
This site keeps you up-to-date on IT news.
http://www.theinquirer.net
This site provides a hardware outlook for six months to a year-and-a half.

7. Database Access with Server-side Scripting Languages

Static web pages are good place to start, but they quickly can become time intensive and not an efficient use of a designer or developer’s time. Database-driven web sites can refresh their own data, presenting up-to-the- minute data in way manual updates could never do. A dozen or so programmed pages can dynamically change so that they do the job of thousands of static pages. The benefits are clear: more timely information; fewer pages to maintain; and a freeing up of both designers and developers to enhance and further develop the functionality of a site, rather than its content.

But by itself, HTML is not up to this kind of job; that’s not what it was designed to do. A server-side program-
ming language is needed. There are several options, but here are a few of the major products available:

Active Server Pages (ASP) (Microsoft)
• Written using VBScript (server-side JavaScript also possible, but rare)
• Comes installed with Windows servers
• Can run in UNIX/Linux environment using Sun ONE
• Being somewhat overshadowed by ASP.NET

PHP Hypertext Preprocessor (PHP) (open source)
• C-like programming language
• No licensing cost (open-source)
• Can run on UNIX/Linux servers or Windows-based servers
• Close integration with MySQL database

ColdFusion (Adobe)
• Written using tag-based language which integrates well with web-editing software (can also be written using a scripting-like language)
• Easy to learn, quick to create and maintain pages
• Java-based architecture
• Can run on UNIX/Linux server or Windows-based servers

Java 2 Enterprise Edition (J2EE) (Sun)
• Written using cross-platform Java language
• Most often deployed on UNIX/Linux, but can run on any system
• Web page scripting using Java Server Pages (JSP)
• Most appropriate for enterprise-wide installations involving multiple servers, databases, and possibly
mainframe.

ASP.NET (Microsoft)
• Written using VB.NET or C# (other languages possible)
• Deployed in a Windows server environment
• Requires use of Visual Studio .NET for development
• Most appropriate for enterprise-wide installation with other Microsoft solutions

Perl (open source)
• Not really a scripting language (doesn’t co-habitate with HTML)
• Powerful, flexible language, good for dealing with patterns or manipulating data
• Uses less modern Common Gateway Interface (CGI) model
• More appropriate for communication between different applications on a server

Any of these will work with any Relational Database Management System (RDBMS). Here are some common ones:

Oracle (Oracle Corporation)
• Fully featured, flexible, scalable
• Works on UNIX/Linux or Windows servers

SQLServer (Microsoft)
• Fully featured, flexible, scalable
• Works on Windows servers
• Integrates well with .NET

MySQL (open source)
• Fully featured, flexible, scalable
• No licensing costs (open-source)
• Integrates especially well with PHP

Access (Microsoft)
• Friendly user-interface for database management
• Integrates well with MS Office suite
• Not fully featured, limited capabilities, only appropriate for small-scale implementations.

8. Using Image Editors for Fast Loading Graphics

Use Adobe Photoshop/Imageready or Fireworks to create the appropriate type of graphic file Typically GIF or
JPEG. There are other Image Editors available but Photoshop/Imageready and Fireworks are currently the most
popular and are considered the industry standard.


9. Site Planning, Design, and Management

“On time, within scope, and within budget” is the project management motto these days. This is also true for IT projects. IT managers can no longer live in the IT black hole. All IT requires fundamental project manage- ment best practices. Learn how to communicate with your staff. Clarify your project’s business goals to ensure that your project is aiding in the vision and meets your company’s vision. Learn how to follow through your project from inception to implementation. Apply your management skills to the concepts of web design. Apply a strategic focus within your organization to help save time and resources. Learn the benefits of various soft- ware packages to aid in efficiency.

All of these project management practices can help your web site design projects run more smoothly and ensure your web site does what it’s suppose to do.

10.Technological Flexibility

If your web application is Data driven, it is imperative that sharing information with different applications and/or platforms be done in the most flexible way possible. Transforming Data from one format to the next, however, can be arduous and considerably time consuming. Fortunately, storing data in an extensible format, and working with it using XSL, has become relatively easy.


Extensible Markup Langauge (XML) allows developers to store raw data in a text file make up with an HTML-like syntax. With the use of Extensible Style Sheet Transformations (XSL - T), Formatting Objects (XSL - FO), and CSS developers now are able to transform this raw data into an application specific format. Languages com- monly used to augment an XML application are listed below:

• Extensible Markup Langauge (XML): Used to store raw data files
• Document Type Definitions (DTDs): Used to validate XML documents
• eXtensible Stylesheet Language (XSL) and Cascading Style Sheets (CSS): Used to transform the display of XML document into an application specific format. XML utilizes complexities like XPath, functions, modes, and dynamic modification of stylesheets commonly featured in many scripting and programming languages


To Summarize
1. Make sure your web pages are accessible
2. Take steps to minimize security risks
3. Use web server statistics to determine how popular your site is
4. Utilize dynamic technologies styles
5. Be aware of web development software and how to use it efficiently to enhance your web site
6. Use XHTML, DOM Scripting, and CSS to make your site browser and rule independent
7. Choose an appropriate database to ensure it is more dynamic, and does the job of many static pages
8. Use image editors for fast-loading graphics
9. Learn to use planning and project management techniques to build great web sites with large teams
10. Use new technologies like XML, DTDs, and XSL to help your application communicate with other plat-forms in the most flexible manner

If you follow these simple rules, you too can create an excellent web site.

Wednesday, May 30, 2007

Top 50 Best Programming Languages

In my years of experience in software development, I wandered around which is the best programming language. I’d been involved in Oracle based application but there are programming languages out there that excels in their fields.

Amazon Unspun provides methods for community collaboration on the Web to develop consensus ranking. For the Best Programming Languages, here are the rankings.

Top 50 Best Programming Languages


1. Ruby
2. Pythou
3. Java
4. Lisp
5. C
6. Smalltalk
7. APL
8. Perl
9. C++
10. PHP
11. Javascript
12. C#
13. Haskell
14. Objective-C
15. Scheme
16. J
17. Erlang
18. Algol
19. SQL
20. Pascal
21. Basic
22. Fortran
23. Delphi
24. Ada
25. K
26. Snobol
27. Assembler
28. Visual Basic
29. D
30. Coldfusion
31. O’Caml
32. Brainfuck
33. Forth
34. Cobol
35. Icon
36. Standard ML
37. IO
38. Groovy
39. Prolog
40. Logo
41. Lua
42. Powebuilder
43. F#
44. R
45. Providex
46. Dylan
47. ToonTalk
48. Var’AQ
49. Comal
50. MOO

Thursday, May 24, 2007

Top 10 Special Search Engines

Looking for a new search engine? There are literally hundreds of really great niche search engines on the Internet that focus on specific topics: images, jobs, blogs, etc. You can find all sorts of great stuff using these alternative search engines that you might not be able to find on the more well-known search engines; plus, many of these niche search engines have really interesting features that are fun to play with. Here are my picks for the top ten alternative/niche search engines out there on the Web.
1) Blinkx
Blinkx TV is a search engine that helps you find audio, video, and podcasts using not only keywords and phrases, but also content in the actual clips that you're looking for. For example, if you wanted to find Kermit the Frog's "It's Not Easy Being Green", you could type in "having to spend each day the color of the leaves", and Blinkx would be able to fetch what you're looking for using not only your content, but the concept behind your content - the spoken word (or in this case, the lyrics).
2) Daypop
Daypop is a current events search engine. Daypop crawls sites that are updated frequently in order to bring searchers the latest news; included in Daypop's index are newspapers, blogs, online magazines-any site that is updated on a regular basis will make it into Daypop's index. You can use Daypop to search a small slice of the Web for news and information.

3) AuctionMapper
AuctionMapper is an extremely cool search engine that focuses only on eBay listings. Sure, eBay has it's own site search; but AuctionMapper takes that site search and goes a few steps further. There's all sorts of geeky (yet useful) fun to be had with AuctionMapper; the whole site is full of maps, animated fun things that fly around, and Star Trekky sounds. AuctionMapper is just a really well-done search engine that is not only fun to play with, but also actually useful.
4) USA.gov
USA.gov, formerly known as FirstGov.gov, is an absolutely mammoth search engine/portal that gives the searcher direct access to searchable information from the United States government, state governments, and local governments.
5) Healthline
Healthline.com is a medical information search engine. Healthline is solely dedicated to finding medical information online, and it offers medically filtered results developed by trained medical personnel. It's really an excellent tool for finding all kinds of medical information.
6) BrainBoost
BrainBoost is an automated question-answering search engine. Here's how it works: you type in a question, any question, and instead of merely matching your search query in page text and titles like other search engines, BrainBoost actually goes the next logical step and sorts through the search results for you, then extracts the answer to your question.
7) National Geographic's Map Search Engine
National Geographic's Map Machine is a gigantic collection of all the National Geographic maps in a searchable online database. There is so much to the Map Machine that it's best to look at it piece by piece. Start with the Map Machine categories to get a big picture view of all that National Geographic map search has to offer. There's a lot here, and it's all searchable: world maps, satellite maps of Mars, Globe Explorer aerial imagery, and much, much more.
8) Technorati
Technorati is a real-time search engine dedicated to the blogosphere. It only searches through blogs to find exactly what you're looking for. At the time of this writing, Technorati was tracking over 22 million sites and over a billion links, a mind-boggling amount.
9) Clusty
Clusty is a meta search engine, meaning it combines results from a variety of different sources. However, Clusty adds a bit of extra search engine goodness in the mix by giving you clustered results. Basically, Clusty uses clusters to help your search become better, helping you cast your net wider, and sometimes coming up with search queries that you might not have thought of without the clustering feature.
10) Dogpile
Dogpile is a meta search engine, meaning that it gets results from multiple search engines and directories and then presents them combined to the user. Dogpile currently gets its results from Google, Yahoo, MSN Search, Ask , About, MIVA, LookSmart, and more.