So, What are Intrusion Detection Systems

So, What are Intrusion Detection Systems? by Rob Lamper

Intrusion Detection System (IDS) are becoming a very important part of any strategy for enterprise

security. But what are Intrusion Detection systems? CERIAS, The Center for Education and Research in Information Assurance and Security, defines it this way:

"The purpose of an intrusion detection system (or IDS) is to detect unauthorized access or misuse of a computer system. Intrusion detection systems are kind of like burglar alarms for computers. They sound alarms and sometimes even take corrective action when an intruder or abuser is detected. Many different intrusion detection systems have been developed but the detection schemes generally fall into one of two categories, anomaly detection or misuse detection. Anomaly detectors look for behavior that deviates from normal system use. Misuse detectors look for behavior that matches a known attack scenario. A great deal of time and effort has been invested in intrusion detection, and this list provides links to many sites that discuss some of these efforts"(http://www.cerias.purdue.edu/about/history/coast_resources/intrusion_detection/)

There is a sub-category of intrusion detection systems called network intrusion detection systems (NIDS). These systems are looking for suspicious activity and monitor the packets. Network intrusion detection systems can monitor many computers at a time over a network, while other intrusion detection systems may monitor only one.

Who wants to breaking into your system?

One common misconception of software hackers is that it is usually people outside your network who break into your systems and cause mayhem. The reality, especially for corporate workers, is that insiders can and usually do cause the majority of security breaches. Insiders often impersonate people with more privileges then themselves to gain access to sensitive information.

How do intruders break into your system?

The simplest and easiest way to break in is to let someone have physical access to a system. Despite the best of efforts, it is often impossible to stop someone once they have physical access to a machine. Also, if someone has an account on a system already, at a low permission level, another way to break in is to use tricks of the trade to be granted higher-level privileges through holes in your system. Finally, there are a lot of ways to gain access to systems even if one is working remotely. Remote intrusion techniques have become harder and more complex to fight.


How does one stop intrusions?

There are several Freeware/shareware Intrusion Detection Systems as well as commercial intrusion detection systems.


Open Source Intrusion Detection Systems


Below are a few of the open source intrusion detection systems:


AIDE (http://sourceforge.net/projects/aide) Self-described as "AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire. It does the same things as the semi-free Tripwire and more. There are other free replacements available so why build a new one? All the other replacements do not achieve the level of Tripwire. And I wanted a program that would exceed the limitations of Tripwire."


File System Saint (http://sourceforge.net/projects/fss) - Self-described as, "File System Saint is a lightweight host-based intrusion detection system with primary focus on speed and ease of use."


Snort (www.snort.org) Self-described as "Snort® is an open source network intrusion prevention and detection system utilizing a rule-driven language, which combines the benefits of signature, protocol and anomaly based inspection methods. With millions of downloads to date, Snort is the most widely deployed intrusion detection and prevention technology worldwide and has become the de facto standard for the industry."

Commercial Intrusion Detection Systems

If you are looking for Commercial Intrusion Detection Systems, here are a few of these as well:

Tripwire

http://www.tripwire.com


Touch Technology Inc (POLYCENTER Security Intrusion Detector)

Http://www.ttinet.com


Internet Security Systems (Real Secure Server Sensor)

http://www.iss.net


eEye Digital Security (SecureIIS Web Server Protection)

http://www.eeye.com

Rob Lamper
Computer Security 2006

Article Source: U Publish - Free Reprint Articles Free Articles Free Article Publishing

More Software Articles

Software RSS Feed

PHP, SEO, And Spiders - Oh My

PHP, SEO, And Spiders - Oh My! by Ian Wilson

Dynamic database-driven sites have become very popular, and relatively easy to set up and administer, through the use of Content Management Systems (CMS) and PHP server-side scripting. It's also possible to create a fancy-looking site with little actual content, or automatically generated code that can harm your SEO, such as multiple URLs that display identical content.

Search engines are constantly evolving and adapting in response to changes in the way information is presented on the web. Strategies that were once necessary to ensure inclusion of PHP pages are no longer required.

It was once helpful to generate a static HTML version of a PHP page so that all the "includes" could be indexed. Now search spiders "see" all the content on a PHP page, the same way it is viewed in a browser.

It used to be prudent to avoid dynamic URLs containing "? & =" - now, the search engines list URLs with the dynamic variables. However, it is best to compose them with no more than three variables. Some variable-laden URLs may be listed, but without any accompanying content/description, in the search results... Stay tuned for further developments as the search engines refine their methods.

With many hosts running the popular Apache server, developers are expanding the use of PHP by modifying the .htaccess file to allow PHP code processing within HTML documents, and enabling shorter URLs with fewer variables by configuring httpd.conf. Your web hosting provider's support team should be able to tell you if these features are available for your site.

Implementing a common-sense approach to SEO for your PHP site requires cooperation and coordination among the developer, webmaster, and web host. Beware of "SEO Experts" with "secret methods" and "guaranteed results" - gimmicks that kludge the search spider today might hurt your ranking tomorrow.

A descriptive and catchy page title is one of the key elements of SEO - whether or not your site uses PHP - since it becomes the linked title of your search engine listing. Use the name of your site in the title to encourage branding, along with a brief capsule about the specific page. Remember that the title displays at the top of the browser window and in the menu bar, so keep it brief, less than 160 characters. Avoid using identical titles on multiple pages (this can easily happen with dynamically generated titles) because they may not be listed individually, and if they are listed separately, it's confusing. Meta tags for description and keywords have become less crucial to SEO - but that doesn't mean you should forget about them.

The basic principles of SEO that apply to static HTML sites also apply to dynamic PHP sites:

● Provide engaging and valuable content presented in an attractive design.

● Code should be error-free and standards-compliant.

● Use keywords appropriate to your subject matter - don't be tempted to use "tricks" that might end up hurting your search engine listing.

● Encourage repeat visits with frequent updates, interactive features, membership sign-up, opt-in newsletters and, if appropriate, "freebies" - contests, giveaways, downloads and other resources.

● Encourage linking to your site with copy & paste code. Reciprocal links build partnerships and enhance page rank, but avoid hosting bulky "link farms" and other venues for worthless web site spam.

● Make use of tools provided by the search engines, such as creating a sitemap.

● Educate yourself by reading the search engine faqs, as well as by perusing some independent forums for SEO tips and methods.

Here are a few resources for further information:

Optimizing Dynamic Content

http://www.highrankings.com/issue065.htm#seo

Building Dynamic Pages With Search Engines in Mind

http://phpbuilder.com/columns/tim20000526.php3

High Rankings(r) Search Engine Optimization Forum > Technobabble > Dynamically Generated Site Issues

http://www.highrankings.com/forum/index.php?s=c5e371a3bec60ac7e650447c430abfd4&showforum=25

Digital Point Forums > Marketing > Search Engine Optimization > PHP, HTML does it matter?

http://forums.digitalpoint.com/showthread.php?t=53280

Parsing PHP in .html Files

http://www.desilva.biz/php/phpinhtml.html

Ian Wilson is a support analyst, specializing in coding and system administration, for Apollo Hosting. Apollo Hosting provides website hosting, ecommerce hosting, vps hosting, and web design services to a wide range of customers.

Article Source: U Publish - Free Reprint Articles Free Articles Free Article Publishing

More PHP Articles

PHP RSS Feed

The History of the WWW and HTML

The History of the WWW and HTML by Michael Colucci

When you are surfing through the web you generally see some pages that are not displayed properly, the frames become all mixed up and the content become unreadable. Many surfers think that it is a problem of coding and the blame incompetent coders. Actually, if you feel better placing blame, it belongs with the greedy program distributors like Microsoft and Sun Systems which turned the great educational idea of Tim Berners-Lee into a competition area and a complex language not having a standard form.

Tim Berners-Lee is the inventor of the Web. In 1989, Tim was working in a computing services section of CERN when he came up with the concept (web); at the time he had no idea that it would be implemented on such an enormous scale. Particle physics research often involves collaboration among institutes from all over the world. Tim had the idea of enabling researchers from remote sites in the world to organize and pool together information. But far from simply making available a large number of research documents as files that could be downloaded to individual computers; he suggested that you could actually link the text in the files themselves.

In other words, there could be cross-references from one research paper to another. This would mean that while reading one research paper, you could quickly display part of another paper that holds directly relevant text or diagrams. Documentation of a scientific and mathematical nature would thus be represented as a ‘web’ of information held in electronic form on computers across the world. This, Tim thought, could be done by using some form of hypertext, some way of linking documents together by using buttons on the screen, which you simply clicked on to jump from one paper to another.

Tim’s simple but effective idea turned out to be the greatest communication device of humanity even if it was not supported by big companies and manufacturers. For instance, Hewlett-Packard, in common with many other large computer companies, was quite unconvinced that the Internet would be a success; indeed, the need for a global hypertext system simply passed them by. For many large corporations, the question of whether or not any money could be made from the Web was unclear from the outset.

Later, especially after Mosaic, the first web browser was released; the competition between the companies became more obvious. The later version of Mosaic in competition with the Microsoft Internet Explorer added new features to the HTML language like n-compass and active-x controls respectively. Meanwhile, the World Wide Web Consortium was formed to fulfill the potential of the Web through the development of open standards. They had a strong interest in HTML. Just as an orchestra insisting on the best musicians, the consortium recruited many of the best-known names in the Web community headed up by Tim Berners-Lee. During 1995, all kinds of new HTML tags emerged. Some, like the BGCOLOR attribute of the BODY element and FONT FACE, which control stylistic aspects of a document, found themselves in the black books of the academic engineering community. “You're not supposed to be able to do things like that in HTML,” they would protest. In the end, the technology of web was for the pure purpose of science and technology. It was not supposed to turn into a multimedia “tool”. It was their belief that such things as text color, background texture, font size and font face were definitely outside the scope of a language when their only intent was to specify how a document would be organized.

While the W3 Consortium was working on already the HTML 3, the web design was benefiting the competition between the Netscape and IE. Even for the good intentions of the consortium, the big corporations insisted on creating their own derivatives for HTML. This was creating many compatibility problems. Finally, following the success of the November, 1995 meeting, the World Wide Web Consortium formed the HTML Editorial Review Board to help with the standardization process. This board consisted of representatives from IBM, Microsoft, Netscape, Novell, Softquad and the W3 Consortium, and did its business via telephone conference and email exchanges, meeting approximately once every three months. Its aim was to collaborate and agree upon a common standard for HTML, thus putting an end to the era when browsers each implemented a different subset of the language. The bad fairy of incompatibility was to be banished from the HTML kingdom forever, or one could hope so, perhaps.

The incompatibility was not banished but was at least minimized. However, HTML kept on growing and the last versions like the dynamic HTML, like HTML 4.0 brought new colors and usages for this language. Especially after the edition of style sheets, it became extremely difficult to standardize the view of a web page depending on the browser you use.

As you can see, HTML was written for the pure purpose of information sharing but turned into a mass communication mechanism. It was supposed to be an organizational language, and yet became multi-media source where you can edit the layout and add images, sound and many other multimedia files. We can blame the evolution process of this language for the non-standardized nature of it.

For website hosting please visit www.299host.net
Complete hosting plans starting at $2.99 per month.

Article Source: U Publish - Free Reprint Articles Free Articles Free Article Publishing

More HTML Articles

HTML RSS Feed

Basics Of A Router

Basics Of A Router by Robert Thatcher

Router is a computer device that receives or forwards data packets to and from the Internet towards a destination in the process called routing. Router is the essential component of the computer networking that enables any sent data to arrive at the right destination.

As an illustration, imagine that the Internet is the world and one computer is one household. Other computers connected through the Internet are households around the world. Say one household will send a letter to another household in any part of the world. The letter has an address right? And that address would determine the destination of the letter. But without one reading the address, the letter would not arrive to the right receiver. The letter also would not be able to reach the intended receiver if there is not medium. This medium would be the courier. And the courier of the computer data is the router.

A router (broadband router) is also a device that enables two or more computer to receive data packets from the Internet under one IP address at the same time.

Remember that to be able to connect to the Internet, a computer must have an IP address unique from the rest of the computers. Therefore, every computer connected to the Internet has it own IP address. It is like having a fingerprint or ID as an access pass to be able to enter the web. With the presence of the router, this “fingerprint” or “ID” could be shared by two or more computer at the same time.

In simplest form, a router makes two or more computer use the Internet at the same with one access pass.

One more thing: a computer with cable modem could also be considered as a router. In this, the computer would do the process of routing like normal routers do. Other computers are then connected to the computer with Internet connection that would give it with the Internet connection. The computer with cable modem has the direct contact with the Internet and the ones connected to it are sharing the connection.

Why would anyone need a router?

For households with two or more computers who would want to have Internet connection to every computers they have, taking subscription for each would be too much. The solution is to buy a router that would enable every computer in the house to have an Internet connection. In the definition above, the broadband router would act as a hub to the existing Internet connection.

If the router is comparable to a hub, would it affect the Internet speed?

It should be taken into consideration that once a single Internet connection is divided, the connection speed is affected. But there are some broadband routers that would bring minimal slowdown to the Internet speed and the effect might not even be big.

Internet speed would also depend on the type of application used in a router. While some would inflict little effect on the speed like online games, others would terribly slowdown your connection and even hinder you to use the Internet at all.

Usually, offices use a more sophisticated router to redirect Internet connections to the large number of computers. These routers would give better data packeting compared to a typical router used at home that results to faster Internet speed.

Robert Thatcher is a freelance publisher based in Cupertino, California. He publishes articles and reports in various ezines and provides router resources on www.about-routers.info.

Article Source: U Publish - Free Reprint Articles Free Articles Free Article Publishing

More Computer Hardware Articles

Computer Hardware RSS Feed

Preventing And Reversing Data Loss

Preventing And Reversing Data Loss by Trevor Marshall

One of the most stressful times that a simple student or employee may encounter is a loss of an important file on the computer. It can be a day of doom if you are due to submit your paper or make a presentation and at the worst possible moment your file is deleted. Thus, data recovery may be the answer you are looking for. Data recovery is technology that will help you to salvage lost data. First things first, you may want to take out your rolodex and try calling your tech-savvy friends to help you out. In case you have no more choice, you just might have to spend a little bit to get yourself a data recovery software or a specialist to help you out.



1. Determine What's Wrong:



- your computer will not start at all

- blue screen of death

- your computer boots up, but files are missing or are corrupted

- your computer opens up but you cannot seem to find some of your other drives



2. Weird Sounds



Before doing anything, try to hear if there are any sounds coming from your hard drive like a weird scratching, scraping or ticking. If you do hear something like it, then it is enough to conclude that your hardware may be physically damaged. The only possibility for you is to take your computer to a data recovery service where experts might be able to get your data off for you. Of course, this would entail a lot of time and money, so you may want to weigh the value of the data you lost before going a step further.



3. Do-It-Yourself Data Recovery Tips:



- Acquire and download software to help you out

- Not all software is free

- Attach your hard drive to another computer if your computer has only a single drive. This is to provide enough space to store all your data

- If your computer has a rollback safety feature, try and roll back to a previous saved state to restore damage



4. Possible Causes Of Damage:



- Lightning strike

- Virus

- Hard drive failure

- Accidental deletion of data

- Water/fire damage

- Improper software installation overwriting important data



5. Be Prepared - Make Backups



Having back-ups is the only solution to your data loss problems. They come in various forms:



- Virus protection software

- Personal firewall

- CD backup

- DVD backup

- RAID hard drive



6. Back-Up Tips



- Try investing in backup software of good quality and performance. Products that leave you secured from data loss disaster or further computer file crashes are always a good investment.

- Double check the restore capability. The software should have features that guarantee that while the product is performing your back up it checks all the data down to the level of bits and bytes.

- Double check the capability of your back up medium. Invest on the best back up software you can get and at the same time, for the purposes of prevention, start manually and diligently backing up your data regularly.

- Do an inspection of your hard drives from time to time. Always be on guard of viruses and spywares that can possibly crash your hardware. Defrag your computer regularly to correct errors and check bad sectors as soon as they are detected.

- Be sure you conduct a proper documentation of what transpired during the data loss disaster, what you have observed, as it progresses and the things you attempted doing to give your files the first aid. This will help the data recovery expert to track the problem and recommend the best solution for your problem.



For more great data loss related articles and resources check out http://datarecovery.infotechinsider.com



Article Source: U Publish - Free Reprint Articles Free Articles Free Article Publishing


More Data Recovery Articles


Data Recovery RSS Feed

Boost Your Career And Benefit From A Microsoft Certification Or Two Or Three

Boost Your Career And Benefit From A Microsoft Certification Or Two Or Three! by James Croydon

You went to college and thought you were prepared for the job market. If you are going for entry-level work, yeah, you are prepared. However, to really get ahead, you need Microsoft certification, whether it is an MCP, MCSA, MCSE or any other string of letters. Quite a few people will go for multiple certifications to broaden their experience and scope of possible job opportunities.



Some of the Microsoft certifications require you have to have at least one year of practical experience in order to pursue a certification, namely an MCSE or Microsoft Certified Systems Engineer. It is important to have that experience that these certain certifications require because the training, like the MCSE training and the MCSE exams that follow, are very intense. In fact, some people will not only partake of the standard MCSE training, but also MCSE boot camps for more in-depth studies into their certification.



One standard benefit to having a Microsoft certification is that it is a great basic means of analyzing the aptitude of an employee. If you are a manager or owner in a business, you want some way to evaluate that employee’s skills. And if you are the employee, you know that your boss recognizes your abilities.



If you are on the hunt for a new job, then potential hiring managers and employers have a basis in which to assess your qualifications. Without that Microsoft certification on your resume, these employers would have no idea about your skills and most likely would consider someone else, someone with a certification, for the position you were aiming for.



If you do not have much hands-on experience in your field, but you do have the Microsoft certification to prove that you know the material, you would also have a leg up on anyone else applying for the same position that may have more hands-on experience, but no certification. For some reason, that certification, those little string of letters like MCP or MCSE, hold a lot of power.



Yet another benefit to holding a Microsoft certification or two is the money aspect of it all. Sure, you shelled out some major bucks to fund your education in those MCP courses or that MCSE training, but consider it an investment in yourself. With certification, you can bargain a higher salary and even reimbursement for your training!



Many professionals in the IT field or in a company in which you work in an IT department could benefit from Microsoft certification. Do you work as an Administrator for a network, mail or web server? Are you involved in the security of networks and the internet? Any of those positions and much more benefit with additional training and certification. Just think money! It is the biggest motivator. The more you know and can bring to a position, the more money you stand to make.



So think about going for your MCSE or MCP certification or any number of others available. More training; more knowledge; more money ... sounds like a no-brainer! Go nuts and get certified today!



James Croydon, Microsoft Certified Professional and MCSE Certification Courses advisor - focusing on MCSE Certification


Article Source: U Publish - Free Reprint Articles Free Articles Free Article Publishing


More Computer Certification Articles


Computer Certification RSS Feed

Computer Skills: Which Ones Your Staff Needs

Computer Skills: Which Ones Your Staff Needs by Joshua Feinberg

Don't worry too much if you lack advanced technical computer skills. A lot of that can be remedied by just putting in a little bit of time each week in doing some self-study. In this article, you'll learn which computer skills are necessary to serve your sweet spot small business clients.


If It Works, Break It

You can do something as simple as getting a not-for-resale (NFR) copy of a product that you want to sell, install, and support and then working with the product in your lab. When you or one of your lead technicians or engineers has a spare half-hour to an hour, you can walk through the basic installations. Then, deliberately break the lab installations. Next, reinstall the software until you get more comfortable with the package.


Most of these products that you'll be installing for small businesses are very mature technologies. They're very wizard-driven, and at least for plain-vanilla configurations, they don't require tremendous levels of computer skills.


Installations Are Easier Now

Years ago, it was much more difficult to install the Novell small business suite or IBM equivalent, or the original 1997 Microsoft Small Business Server. But all of these companies, especially Microsoft, put a lot of money into making it easier for people who don't have advanced IT backgrounds and networking computer skills to install their small business server application suites.


In terms of your technical computer skills to service sweet spot clients, your staff needs to:

1. have good strong PC hardware skills

2. be able to handle a peer-to-peer setup

3. understand what TCP/IP is all about

4. know what POP3 and SMTP are

5. know how to work with basic SOHO routers


If your staff possesses the above skills, you're definitely at a good starting point to get started with at least the smaller sweet spot small businesses (10-20 PCs).

Share the knowledge among your employees

Make sure your staff members cross-train each other and you. This way, no one's ever “too knowledgeable” to the point where they can blackmail you, extract huge raises or huge bonuses, or walk away with your client base. You have to make sure your company's internal know-how or intellectual capital can't just get up and walk out the door to your biggest competitor.

The Bottom Line about Computer Skills

In this article you've learned about which technical computer skills are necessary to service your sweet spot clients.

Copyright Notice:

Copyright MMI-MMVI, Computer Consulting 101. All Worldwide Rights Reserved. {Attention Publishers: Live hyperlink in author resource box required for copyright compliance}

About the Author:

Joshua Feinberg, co-founder of Computer Consulting 101, helps computer consulting business owners get more steady, high-paying clients. Learn how you can too with free proven computer consulting secrets at http://www.ComputerConsulting101.com

Article Source: U Publish - Free Reprint Articles Free Articles Free Article Publishing

More Computer Articles

Computer RSS Feed

Balance in Inventory Control

Balance in Inventory Control by Jessica Deets

In Inventory control, the fundamental thing is to strike a balance between the questions ‘How little and how much’. Your industry’s basic stock should give a reasonable collection of products and should be enough to fulfill the normal sales demands. If you have just entered into business then you would not have any history of sales or stocking figures to indicate, but you can project such figures based on your business plan.

Basic stock should be calculated based on lead-time, that is, the length of time between reordering and receiving a product. For example, if a product sells 100 units in a week and your lead-time is 5 weeks then you must reorder before the basic stock level falls below 500 units. If you do not reorder until you actually need the stock, you will have to wait 5 weeks without the product.

If your inventory is not sufficient then you can lose sales and cost of back orders is also time consuming. In the midst of production if you run short of raw materials or parts it can be crucial and will increase your operating costs. Labor cost will be higher since your workers would not be working till the stock materials arrive and when they arrive they would have to be paid for their overtime jobs. And if there is immense demand for your product you may even get tempted to buy inventory at a higher price.

You should always keep a safety margin while determining basic stock figures to save yourself from such shortcomings. You should be able to evaluate the factors that might lead to delays, like your supplier who might have a tendency to be late, or your goods being imported. With experience you would be able to calculate this safety margin.

Excess Inventory is a no, no

If your business is in the category of seasonal product line like the woolens, festive gifts, or fast-perishing raw materials like fruits and vegetables, you should avoid excess inventory. These have too little shelf life and once the season is gone they are hard to sell. But products which contribute to people’s basic needs like some kinds of machinery and their parts, have more breathing space because it takes longer for these products to become outdated.

Irrespective of your type of business, however, surplus inventory should be avoided. The overhead costs, like the extra interest on the loan, if any, rent or property tax for dumping the unsold inventory and an increased cost on insurance will bother you from time to time. Excess inventory also leads to reducing your liquidity that should be anyhow avoided. There is this example of a retailer who gets an opportunity to buy 500 gallons of antifreeze at a mind-blowing discount, but this time it was mild winter in the country. Though he can wait till next year’s winter but the cost of space that could have been utilized for some better product goes a waste.

To get rid of the unwanted inventory you tend to sell it at a lower price and in turn you end up losing on profits. This surely solves the problem of overstocking but return on investment simultaneously gets reduced. So your business plan goes down the drain that had projected full price for your products.

Once you have faced the problem of over stocking you should be cautious, but not overly cautious, otherwise you may end up facing inventory shortage. Hence, the safety margins should always be realistic so that you can stock what you can sell.

Copyright (c) 2006

Jessica Deets researches the internet to find useful information. You can find out more information about inventory control at http://www.inventorycontrolinfo.com

Article Source: U Publish - Free Reprint Articles Free Articles Free Article Publishing

More Small Business Articles

Small Business RSS Feed