The internet is considered as the information superhighway where you can gather the information you need for school and work. In fact, the internet is so useful that people have begun to use it for businesses.
The internet can even be a great way to entertain yourself with downloadable movies, comics and music. Another benefit the internet gives is that you can do your shopping for your clothes and groceries right in the comforts of your own home. You no longer need to go out to the supermarket or to the mall to buy the things you need. All you need to do is log in to an online shopping website and purchase the items you need.
Unfortunately, useful as the internet may be, it also has its dangers. Since more and more people are purchasing goods and services in the internet, it also paved the way for new kinds of criminals. These criminals will try and get your financial and personal information and use it to steal money from you without you knowing about it until its too late.
These people develop programs or softwares that can invade your personal computer silently and will start gathering information for the developer. With these programs, they will have access to your files and know every key you type in your keyboard and every click of your mouse. Sometimes, these programs simply destroy the files inside your computer.
Here are the different programs cyber criminals use to destroy your files, or obtain your personal information:
Spyware
Adware
Viruses
Spam emails
In order to protect yourself and your PC from the different malicious software circulating the internet, you have to purchase a kind of internet security software. However, since there is a lot of security software available in the internet, you will be confused on which one you should purchase.
This is why there are trial periods for softwares in order for you to determine which software is better. Trial or demo versions of the different internet security software are free and can be downloaded instantly from the companys website. You can download it for free, install it in your computer, and test it if it would be worth your time and money to purchase the full version of the software.
However, these demo versions can only protect your personal computer at a limited time only. After the trial period expires, the software will be locked and you will need to purchase the full version of the software in order to use it again.
Some trial versions have full capabilities while others have only limited capabilities. These free software versions can also be very useful. You can try and use these versions until you find the internet security software you want. Think of it as a temporary fix until you find the right software.
So, if you are looking for a way to protect your computer from malicious software at least temporarily, you can try out the free versions of internet security software until you find the software that is right for your computer. You have to find the software that offer full capabilities against the growing threat in the internet today. It should be able to fight off viruses, spyware, adware, spam emails, and hackers.
With the right kind of software, you will be sure that you can surf the internet without worrying about the different malicious software circulating the internet today.
Deon Melchior is the Editor and Publisher of Article Click. For more FREE articles for your ezine and websites visit ArticleClick.com. Article Click is a free content article directory. You may reprint this article, as long as the article is unedited and this author box is included with it's live hyperlinks.
Saturday, August 25, 2007
Internet security : How Secure Is HTTP Basic
With basic authentication, your server has identified who the client user is by means of a user ID and password. How sure can you be that the user really is who he claims to be? To answer this you have to consider the ways in which the ID and password may have been compromised:
The user may have voluntarily given the ID to another person.
The user may have written down the ID, and someone may be using it without his knowledge.
Someone may have guessed the password.
Someone may have intercepted the user ID and password between client and server systems.
The first three possibilities are problems which occur in any password-based system. The normal response to such issues is to suggest better user education and password rules. This is quite reasonable, and can be effective within a single enterprise, where you have some control over the users of the system. It is much less effective in the Interne environment, where the users can come from many backgrounds and locations.
The last possibility is dependent on the level of protection given to messages by the HTTP protocol. We mentioned at the start of the chapter that base64 encoding is used to protect the user ID and password. The base64 encoding system is described in the Multipurpose Internet Mail Extensions (MIME) standard (RFC1521). It is intended as a mechanism for converting binary data into a form that can be sent through mail gateways, some of which can only handle 7-bit ASCII data. The result of this conversion is to mask the contents of any text string but, although it looks as though the data is encrypted, the protection that Base64 provides is an illusion.
We will illustrate this with an example. In order to crack a message, the hacker first has to be able to capture it. There are various ways to do this through hardware and software and none of them are very difficult. What is more difficult is finding a suitable point to make the trace. There are numerous techniques that a hacker can use to divert Internet traffic through his own tracing system, although they are becoming more complex as firewalls and routing controls become smarter. Nonetheless, we can assume that this is not an impossible task for a determined hacker.
For our example we used the DatagLANce LAN analyzer to capture an HTTP packet packet that contained a request including a basic authentication header.
The user may have voluntarily given the ID to another person.
The user may have written down the ID, and someone may be using it without his knowledge.
Someone may have guessed the password.
Someone may have intercepted the user ID and password between client and server systems.
The first three possibilities are problems which occur in any password-based system. The normal response to such issues is to suggest better user education and password rules. This is quite reasonable, and can be effective within a single enterprise, where you have some control over the users of the system. It is much less effective in the Interne environment, where the users can come from many backgrounds and locations.
The last possibility is dependent on the level of protection given to messages by the HTTP protocol. We mentioned at the start of the chapter that base64 encoding is used to protect the user ID and password. The base64 encoding system is described in the Multipurpose Internet Mail Extensions (MIME) standard (RFC1521). It is intended as a mechanism for converting binary data into a form that can be sent through mail gateways, some of which can only handle 7-bit ASCII data. The result of this conversion is to mask the contents of any text string but, although it looks as though the data is encrypted, the protection that Base64 provides is an illusion.
We will illustrate this with an example. In order to crack a message, the hacker first has to be able to capture it. There are various ways to do this through hardware and software and none of them are very difficult. What is more difficult is finding a suitable point to make the trace. There are numerous techniques that a hacker can use to divert Internet traffic through his own tracing system, although they are becoming more complex as firewalls and routing controls become smarter. Nonetheless, we can assume that this is not an impossible task for a determined hacker.
For our example we used the DatagLANce LAN analyzer to capture an HTTP packet packet that contained a request including a basic authentication header.
Internet Security -- Types of Attack
The internet is home to a variety of cyberpunks who pose threats to the security of WWW communications. They may attempt a number of different types of attack, for example:
Passive Attacks In a passive attack the perpetrator simply monitors the traffic being sent to try to learn secrets. Such attacks can be either network based (tracing the communications links) or system based (replacing a system component with a Trojan Horse that captures data insidiously). Passive attacks are the most difficult to detect. You should assume that someone is eavesdropping on everything you send across the Internet.
Active Attacks In these the attacker is trying to break through your defenses. There are several types of active attack, for example:
System access attempts, where the attacker aims to exploit security loopholes to gain access and control over a client or server system.
Spoofing, where the attacker masquerades as a trusted system to try to persuade you to send him secret information.
Cryptographic attacks, where the attacker attempts to break 0your passwords or decrypt some of your data.
Denial of Service Attacks In this case the attacker is not so much trying to learn your secrets as to prevent your operation, by re-directing traffic or bombarding you with junk.
Passive Attacks In a passive attack the perpetrator simply monitors the traffic being sent to try to learn secrets. Such attacks can be either network based (tracing the communications links) or system based (replacing a system component with a Trojan Horse that captures data insidiously). Passive attacks are the most difficult to detect. You should assume that someone is eavesdropping on everything you send across the Internet.
Active Attacks In these the attacker is trying to break through your defenses. There are several types of active attack, for example:
System access attempts, where the attacker aims to exploit security loopholes to gain access and control over a client or server system.
Spoofing, where the attacker masquerades as a trusted system to try to persuade you to send him secret information.
Cryptographic attacks, where the attacker attempts to break 0your passwords or decrypt some of your data.
Denial of Service Attacks In this case the attacker is not so much trying to learn your secrets as to prevent your operation, by re-directing traffic or bombarding you with junk.
Internet security : Http Methods
When a client sends an HTTP request it includes a methods specification which tells the server what the client wants it to do. So, for example, a request to retrieve a document will have a method type of GET. When we start to restrict access to files on the server, we will need to specify which method(s) are permitted.
In the IBM Internet Connection Secure Sever the methods are specified by Mask specifications, which are part of the Protection directives. The following is a list of the methods that the servers support and a description of how the server would respond to a client request containing the method. The description assumes the method is enabled.
- GetMask – The server returns whatever data is defined by the URL. If the URL refers to an executable program, the server returns the output of the program. Briefly you can receive and display all the GTML pages, but you cannot submit a form.
- PostMask – The request contains data and a URL. The server creates a new object with the data portion of the request. The server links the new object to the URL sent on the request. The server gives the new object a URL. The server sends the URL of the new object back to the client. The new object is subordinate to the URL contained on the request (the same way a file is subordinate to a directory or a news article is subordinate to a news group.) POST creates new documents; use PUT to replace existing data.
- PutMask - The request contains data and a URL. The URL must already exist on the server. The server deletes the current data defined by the URL and replaces it with the new data contained in the request. PUT replaces existing data; use POST to create new documents. Because PUT lets clients replace information on your server, it’s extremely important you use protection rules to define who you want to be able to use this method.
- Mask – Mask provides the protection definition for the directives that you have not explicitly coded..
In the IBM Internet Connection Secure Sever the methods are specified by Mask specifications, which are part of the Protection directives. The following is a list of the methods that the servers support and a description of how the server would respond to a client request containing the method. The description assumes the method is enabled.
- GetMask – The server returns whatever data is defined by the URL. If the URL refers to an executable program, the server returns the output of the program. Briefly you can receive and display all the GTML pages, but you cannot submit a form.
- PostMask – The request contains data and a URL. The server creates a new object with the data portion of the request. The server links the new object to the URL sent on the request. The server gives the new object a URL. The server sends the URL of the new object back to the client. The new object is subordinate to the URL contained on the request (the same way a file is subordinate to a directory or a news article is subordinate to a news group.) POST creates new documents; use PUT to replace existing data.
- PutMask - The request contains data and a URL. The URL must already exist on the server. The server deletes the current data defined by the URL and replaces it with the new data contained in the request. PUT replaces existing data; use POST to create new documents. Because PUT lets clients replace information on your server, it’s extremely important you use protection rules to define who you want to be able to use this method.
- Mask – Mask provides the protection definition for the directives that you have not explicitly coded..
Thursday, August 23, 2007
Motherboards an explanation
A motherboard is also known as a main board, system board and logic board. A common abbreviation is "mobo" they can be found in all computers, it is the central circuit board of your computer. All other components and peripherals plug into it, and the job of the motherboard is to relay information between them all.
A motherboard houses the BIOS (Basic Input/Output System), which is the simple software run by a computer when initially turned on. Other components attach directly to it, such as the memory, CPU (Central Processing Unit), graphics card, sound card, hard-drive, disk drives, along with various external ports and peripherals.
There are a lot of motherboards on the market to choose from. The big question is, how do you go about choosing which one is right for you? different motherboards support different components, and so it is vital you make a number of decisions concerning general system specifications before you can pick the right motherboard, what type of Computer do you want to build, an Intel based or AMD based "the two most common".
If you purchase your case before the rest of the components, the first factor to think about concerning motherboards is the size, or form factor, a form factor is a standardized motherboard size, if you think about fitting a motherboard in a case, there are a number of mounting holes, slot locations and PSU connectors - 20 pin and mostly now 24 pin. The most popular motherboard form factor today is ATX, which evolved from it's predecessor, the Baby AT, a smaller version of the AT (Advanced Technology) form factor. Nowadays a standard computer will have an ATX form factor motherboard: only special cases require different form factors
Windows XP Keyboard Shortcuts
CTRL+C(Copy)
CTRL+X (Cut)
CTRL+Z (Undo)
DELETE (Delete)
SHIFT+DELETE (Delete the selected item permanently without placing the item in the Recycle Bin)
CTRL while dragging an item (Copy the selected item)
CTRL+SHIFT while dragging an item (Create a shortcut to the selected item)
F2 key (Rename the selected item)
CTRL+RIGHT ARROW (Move the insertion point to the beginning of the next word)
CTRL+LEFT ARROW (Move the insertion point to the beginning of the previous word)
CTRL+DOWN ARROW (Move the insertion point to the beginning of the next paragraph)
CTRL+SHIFT with any of the arrow keys (Highlight a block of text)
CTRL+UP ARROW (Move the insertion point to the beginning of the previous paragraph)
SHIFT with any of the arrow keys (Select more than one item in a window or on the desktop, or select text in a document)
CTRL+A (Select all)
F3 key (Search for a file or a folder)
ALT+ENTER (View the properties for the selected item)
ALT+F4 (Close the active item, or quit the active program)
ALT+ENTER (Display the properties of the selected object)
ALT+SPACEBAR (Open the shortcut menu for the active window)
CTRL+F4 (Close the active document in programs that enable you to have multiple documents open simultaneously)
ALT+TAB (Switch between the open items)
ALT+ESC (Cycle through items in the order that they had been opened)
F6 key (Cycle through the screen elements in a window or on the desktop)
F4 key (Display the Address bar list in My Computer or Windows Explorer)
SHIFT+F10 (Display the shortcut menu for the selected item)
ALT+SPACEBAR (Display the System menu for the active window)
CTRL+ESC (Display the Start menu)
ALT+Underlined letter in a menu name (Display the corresponding menu)
Underlined letter in a command name on an open menu (Perform the corresponding command)
F10 key (Activate the menu bar in the active program)
RIGHT ARROW (Open the next menu to the right, or open a submenu)
LEFT ARROW (Open the next menu to the left, or close a submenu)
F5 key (Update the active window)
BACKSPACE (View the folder one level up in My Computer or Windows Explorer)
ESC (Cancel the current task)
SHIFT when you insert a CD-ROM into the CD-ROM drive (Prevent the CD-ROM from automatically playing)
CTRL+SHIFT+ESC (Open Task Manager)
CTRL+X (Cut)
CTRL+Z (Undo)
DELETE (Delete)
SHIFT+DELETE (Delete the selected item permanently without placing the item in the Recycle Bin)
CTRL while dragging an item (Copy the selected item)
CTRL+SHIFT while dragging an item (Create a shortcut to the selected item)
F2 key (Rename the selected item)
CTRL+RIGHT ARROW (Move the insertion point to the beginning of the next word)
CTRL+LEFT ARROW (Move the insertion point to the beginning of the previous word)
CTRL+DOWN ARROW (Move the insertion point to the beginning of the next paragraph)
CTRL+SHIFT with any of the arrow keys (Highlight a block of text)
CTRL+UP ARROW (Move the insertion point to the beginning of the previous paragraph)
SHIFT with any of the arrow keys (Select more than one item in a window or on the desktop, or select text in a document)
CTRL+A (Select all)
F3 key (Search for a file or a folder)
ALT+ENTER (View the properties for the selected item)
ALT+F4 (Close the active item, or quit the active program)
ALT+ENTER (Display the properties of the selected object)
ALT+SPACEBAR (Open the shortcut menu for the active window)
CTRL+F4 (Close the active document in programs that enable you to have multiple documents open simultaneously)
ALT+TAB (Switch between the open items)
ALT+ESC (Cycle through items in the order that they had been opened)
F6 key (Cycle through the screen elements in a window or on the desktop)
F4 key (Display the Address bar list in My Computer or Windows Explorer)
SHIFT+F10 (Display the shortcut menu for the selected item)
ALT+SPACEBAR (Display the System menu for the active window)
CTRL+ESC (Display the Start menu)
ALT+Underlined letter in a menu name (Display the corresponding menu)
Underlined letter in a command name on an open menu (Perform the corresponding command)
F10 key (Activate the menu bar in the active program)
RIGHT ARROW (Open the next menu to the right, or open a submenu)
LEFT ARROW (Open the next menu to the left, or close a submenu)
F5 key (Update the active window)
BACKSPACE (View the folder one level up in My Computer or Windows Explorer)
ESC (Cancel the current task)
SHIFT when you insert a CD-ROM into the CD-ROM drive (Prevent the CD-ROM from automatically playing)
CTRL+SHIFT+ESC (Open Task Manager)
Windows XP Run Commands / Short Cuts :1
How To - Click Start, Click Run and enter the command Click OK
Run commands
Calc - Calculator
Cfgwiz32 - ISDN Configuration Wizard
Charmap - Character Map
Chkdisk - Repair damaged files
Cleanmgr - Cleans up hard drives
Clipbrd - Windows Clipboard viewer
Cmd - Opens a new Command Window (cmd.exe)
Control - Displays Control Panel
Dcomcnfg - DCOM user security
Debug - Assembly language programming tool
Defrag - Defragmentation tool
Drwatson - Records programs crash & snapshots
Dxdiag - DirectX Diagnostic Utility
Explorer - Windows Explorer
Fontview - Graphical font viewer
Ftp - ftp.exe program
Hostname - Returns Computer's name
Ipconfig - Displays IP configuration for all network adapters
Jview - Microsoft Command-line Loader for Java classes
MMC - Microsoft Management Console
Msconfig - Configuration to edit startup files
Msinfo32 - Microsoft System Information Utility
Nbtstat - Displays stats and current connections using NetBios over TCP/IP
Netstat - Displays all active network connections
Nslookup- Returns your local DNS server
Ping - Sends data to a specified host/IP
Regedit - egistry Editor
Regsvr32 - egister/de-register DLL/OCX/ActiveX
Regwiz - Reistration wizard
Sfc /scannow - Sytem File Checker
Sndrec32 - Sound Recorder
Sndvol32 - Volume control for soundcard
Sysedit - Edit system startup files (config.sys, autoexec.bat, win.ini, etc.)
Taskmgr - Task manager
Telnet - Telnet program
Tracert - Traces and displays all paths required to reach an internet host
Winipcfg - Displays IP configuration
Run commands
Calc - Calculator
Cfgwiz32 - ISDN Configuration Wizard
Charmap - Character Map
Chkdisk - Repair damaged files
Cleanmgr - Cleans up hard drives
Clipbrd - Windows Clipboard viewer
Cmd - Opens a new Command Window (cmd.exe)
Control - Displays Control Panel
Dcomcnfg - DCOM user security
Debug - Assembly language programming tool
Defrag - Defragmentation tool
Drwatson - Records programs crash & snapshots
Dxdiag - DirectX Diagnostic Utility
Explorer - Windows Explorer
Fontview - Graphical font viewer
Ftp - ftp.exe program
Hostname - Returns Computer's name
Ipconfig - Displays IP configuration for all network adapters
Jview - Microsoft Command-line Loader for Java classes
MMC - Microsoft Management Console
Msconfig - Configuration to edit startup files
Msinfo32 - Microsoft System Information Utility
Nbtstat - Displays stats and current connections using NetBios over TCP/IP
Netstat - Displays all active network connections
Nslookup- Returns your local DNS server
Ping - Sends data to a specified host/IP
Regedit - egistry Editor
Regsvr32 - egister/de-register DLL/OCX/ActiveX
Regwiz - Reistration wizard
Sfc /scannow - Sytem File Checker
Sndrec32 - Sound Recorder
Sndvol32 - Volume control for soundcard
Sysedit - Edit system startup files (config.sys, autoexec.bat, win.ini, etc.)
Taskmgr - Task manager
Telnet - Telnet program
Tracert - Traces and displays all paths required to reach an internet host
Winipcfg - Displays IP configuration
Subscribe to:
Comments (Atom)
