Archive for February, 2010
Monday, February 15th, 2010
Why Choosing The Best Web Host Is The Most Important Task
Choosing a web host is the major step that you have to take very carefully. A web host is one who provides you a web hosting server along with its features like the bandwidth, the disk space, and other tools and applications. You get a lot of web tools, softwares and other things from your web host, but choosing a web host is not as easy as it may seem.
When you start searching for a good web hosting service, there are some very important things that you need to keep in mind. Some of thing that you need to take care of and the things that you need to avoid are mentioned below.
First important thing is, if you are really serious about starting your own online business, you need to avoid choosing any free web hosting service. If you are planning to have a professional business website on the internet, then make sure that you only choose the best that is available. The free web hosting services often limit the growth of your website. Firstly, they do not provide enough disk space, memory, the bandwidth, uptime guarantee and many other important web tools.
Also, the free web hosting service contains many different types of advertisement banners and external links on almost all the web pages of your website. Some of these links and advertisements often occupy the most important parts of your web page like the topmost section. Due to this, you may not be able to place your own ads or display other important content or links in these important places.
The free web hosting services can even change their terms and conditions or plans anytime without giving you any prior notice. They may even cancel your free service or sometimes even ask you to pay them some money to further make use of their service. In such cases, you may have to loose your entire website or else pay them the amount that they ask.
Even the security that you get with any free web hosting service is not of top class. Your website can become extremely vulnerable to various kinds of attacks. Also, because of this, you will not only lose your data and other content but even lose the online traffic.
Also, see that you avoid the limited web hosting service as it is also somewhat similar to the free web hosting service. See that you avoid the hosting packages which do not allow you to add order forms, statistics, or multiple email accounts to your website. All these things are absolutely necessary for any webmaster who desires to start his own online business and be successful in it.
The last thing that you need to avoid is making use of the low cost hosting. Similar to the free web hosting service and the limited web hosting service, the low cost hosting must also be avoided, if you are planning for something big and professional. The low cost web hosting service is not of top class and the service that you get can be extremely poor.
It is often seen that during any crisis, you would not be getting any sort of help from the customer service department or the technical staff of your web host. Like free web hosting service, they can cancel their service any time or increase the cost of it. They even have different types of banners and other useless things like ads, external links, placed on your web pages. Many of these links and ads are present on the top of the web page. These ads are such that if any user clicks on them, it will directly take that user to another website which can be a major disadvantage to your website and to your online business.
Another important reason why you need to avoid choosing any kind of free web hosting service, the limited web hosting service and the low cost web hosting service, is that most of the times all of these servers are shared between many users. There may be even thousands of users present on a single shared web hosting server. Due to this, you are like to face some major issues regarding the bandwidth, the disk space and sometimes, the entire web server may slow down causing a lot of problems.
Even the security may be a big issue in case of the shared web hosting services. The websites hosted on the shared web hosting services are more likely to get hacked or corrupted when compared with those hosted on any dedicated or similar type of web hosting service.
This can be very irritating for your web visitors. They may get irate due to your service and are likely to leave and are unlikely to revisit your website again. Another major disadvantage of using all this kinds of services is that you will not be getting your own domain. You are provided with a sub-domain name which consists of your web hosts name as well. Due to this, you may not be able to give your website the name related to your online business or any products that you advertise.
Make sure that you always research well before choosing. It is always best to know each and every thing about the web hosting company that you are going to choose. Make sure that you check their past record, the quality of service that you offer to their customers. It is always best to go for a web hosting service that offers many options like Dedicated Hosting, multiple POP email accounts, secure servers, web usage statistics, web space allocation, URL Redirection, Auto Responders. With such excellent search methods, you will find a great web host that will suit all the needs of your important website.
Tags: best web host the best web host, choosing the best web host
Posted in Web Hosting Articles | No Comments »
Monday, February 15th, 2010
What Is An Electronic Data Center EDC?
The Data Processing Center, also called the Electronic Data Center (EDC) is the organizational unit that coordinates and maintains the equipment and services for data management.
The information and knowledge are now available in various forms and with various access methods and is known by now the value of communication, whether it be borrowed through paper correspondence, telephone, facsimile or computerized tools such as email and the Web
The EDC is to coordinate and manage the dissemination of information within the reality in which it operates so that we have available all the necessary knowledge without being overwhelmed by the notion obesity, primary effect of excess of information, often redundant, which are available to everyone.
With this in an EDC must provide the IT support for both general and specific administrative and organizational management and surveillance activities. It also provides technical and scientific advice to the various structures on computer systems, computer networks and information systems as well as assess the needs and goals to achieve the functionality of computer services.
In reality, the greatest is responsible for the guidance of project managers who request it, the choices for development and management of their information systems and computer peripheral and assistance to the sections or branches in the management, use of computer systems and strategic choices and operational.
In some cases, and in some limited reality, it carries out studies, research, teaching and coordination in information technology and its applications, maintains and develops relationships and collaborations with public and private organizations in areas of common interest and promote spreading a culture of information, through training, qualification and retraining of users.
Purpose and activities of the Electronic Data Center (EDC)
The EDC provides the following purpose and activities:
- Manage and maintain the architecture means.
- Acquire, develop and manage IT equipment and telecommunication facilities, programs, databases, communications, documentation and anything else in common use.
- Define the security policies, defining the limits of resource utilization of EDC and enforce the regulation technique.
- Provide a structured and qualified consulting service.
- Organize courses, seminars and meetings, with the collaboration of experts from external providers.
The activities of the EDC are:
- Management of operating systems and advice to the EDC client-server AIX, UNIX, Linux, Solaris, Windows, Macintosh;
- Management software and server hardware of EDC.
- Manage server acquisition and data analysis.
- Manage network.
- Care of the following network services: electronic mail, Internet and intranet Web servers, IP and DNS, FTP server, access server, HTTP proxy server, firewall server, network printing and LAN and WAN connectivity with TCP / IP.
- Monitoring the activities of the server data centers, network traffic and storage of these data.
- Management of devices: Printers, X-Terminal, Terminal servers, print servers, wireless bridge, scanner and plotter.
- Management of mass storage and backup data on servers in the EDC.
- Manage service calls for action on hardware and its assistance during repair operations.
- Support research groups: the EDC, at the express request of those responsible for research activities, delegating staff for short periods of time to perform activities of interest groups were working wherever needed, and such requests must be agreed with the Head.
- Advice for computer and electronic purchases for good management.
- Care of technical-operating with the sections through the figure of the referent information section.
- Management software telephone exchange.
- Setting up of any agreements with public and private.
The EDC can provide the company with a large amount of value added services such as:
Web Communication
The benefits that this new form of communication leads to companies are extensive and varied and should be customized on the specific needs also examining the strategic aspects of implementation.
The solutions to managing the relationship with the customer based on the Internet can help companies integrate and improve the relationship with consumers and meeting their expectations.
E-Commerce
Analyze the various aspects of the Internet Economy and the types of E-Commerce widespread today, you have to organize the structure for the company to benefit from the advantages of Internet sales, and also implementing a successful website.
Web Marketing
Commercial aspects of marketing on the Web can be a complement to traditional marketing activities.
Sales Force Automation
The new Internet-based technologies enable retailers to focus on what they do best and reduce administrative activities. The sales force automation focuses primarily on sales processes such as customer contact, order processing, storage charges, sales forecasts and performance analysis.
HR Management
The instruments of personnel management based on the Internet can help companies reduce costs, retrain employees and increase productivity. Due to the potential of networked systems can easily communicate with all staff of the company who is making available all relevant information.
Finance Manager
Looking closely at the various systems for financial management within organizations, highlighting ways to speed up the collection of information so that the company itself can then be taken, as appropriate, the best decisions, the finance management solutions based on Internet has the ability to lower costs by increasing productivity of the finance departments of the company and reduce errors.
Production and Distribution
Internet solutions enable organizations to deploy get their products to customers more efficiently, by automating the process of inventory management and warehouse, transport to the interior and the exterior and the final distribution of products .
E-Procurement (procurement via Web)
With the automation of purchasing processes, companies can share data with their suppliers and better understand the relationship between demand and supply. Moreover, the activities of E-Procurement can help to better manage suppliers and to significantly reduce procurement costs.
Management of the Supply Chain
Through the line management of the Supply Chain is streamlining the process of interaction between suppliers and customers via the Web Management of Web-based Supply Chain aims to increase sales, reduce costs and improve production by simplifying communication processes between all participants in your supply chain: suppliers, manufacturers, distributors, resellers and retailers.
Teleworking
The introduction of telework in a company brings benefits to the competitiveness and cost reduction, and has the advantage of also improving customer satisfaction.
Study: From Wikipedia, the free encyclopedia. The text is available under the Creative Commons.
Tags: activities of the edc, data processing center, edc, electronic data center, electronic data center edc
Posted in Web Hosting Articles | No Comments »
Monday, February 15th, 2010
DDoS or Leverage
Given the current performance of servers and the widespread use of load balancing and high availability, it is virtually impossible to cause a denial of service just as described in the previous chapter. It is often necessary to find a way to apply a multiplier effect in the initial attack.
The principle is to use multiple sources (daemons) for the attack and masters (masters) who control them.
The attacker uses masters to easily control the sources. Indeed, it needs to connect (TCP) for teachers to configure and prepare attacks. The masters only send commands to the UDP sources. If there were no teachers, the attacker would have to connect to each source. The source of the attack would be detected more easily and setting up much longer. Each master daemon and discuss exchanging specific messages depending on the tool used.
These communications may also be encrypted and / or authenticated. To install the daemons and the Masters, the attacker uses known vulnerabilities (buffer overflow on RPC services, FTP, etc).
The attack itself is a SYN Flooding, UDP Flooding or a Smurf Attack. The result of a denial of service is to create an unreachable network.
Disadvantages
The drawback here is the need to work in two stages:
- Mass hack the systems to accommodate the zombies.
- Launch orders.
In the second step, the control package can be blocked by a detection tool or filter. Thus the evolution is to automate the launch orders from the corruption of the relay. This technique has been implemented by CodeRed whose goal was to connect the servers to corrupt website white house on a specific date. In the same vein the DDoS based on the IRC channels as channels of communication.
The objective here is not to establish a direct connection between the master and the zombies, but to use an IRC server (or rather a channel) as relays. This method, initiated in July and August 2001 by Knight and Kaiten, has many advantages:
- The commands are sent asynchronously via a flow outgoing, whether in terms of the master or agent. It is more likely that the zombie can get his orders
- With SSL support it is impossible to detect orders, and therefore identify the IRC channel relaying. Similarly the teacher is virtually undetectable
- The attacker has a platform Relay (IRC channel) distributed.
The protection against attacks from denial of service
The denial of service distributed can not be countered by identifying the IP address of the machine issuing the attacks and the banning at the firewall or server. IP packets from the hostile machine are rejected without being treated to prevent the server service is overloaded and therefore can not be found offline.
Distributed denial of service attacks are more difficult to counter. The principle of the attack by distributed denial of service is to reduce the possibility of stopping the attack.
A distributed architecture consisting of multiple servers offering the same service managed so that each client is only supported by one of them, a way of distributing access points to services and offers, in situations of attack, a degraded mode (slower) often acceptable.
According to the attacks it is also possible to put a stamp server that filters and cleans the traffic. This server, “Cleaning Center” allows in case of attack to ensure that malicious applications can not reach the target server.
The use of SYN cookies is also an option to prevent attacks like SYN flood, but this approach does not avoid the saturation of network bandwidth.
After An Attack — Back To Normal
The return to normal after an attack may require human intervention, because some software does not restart properly after an attack.
Who Are Responsible For These Attacks
The denial of service is often performed by inexperienced hackers like ‘lamers’ and ’script kiddies’.
These attacks are also used by a hacker who fails to take control of a computer trying to impersonate a trusted machine by IP spoofing. Indeed, if session request (TCP SYN) with an IP address “spoofed” to be one of the trusted machine, it is the latter who receive the TCP SYN / ACK issued by the target, so it automatically reset the connection attempt with a RST packet (since it is not the source of the request for session establishment), prohibiting the attacker to establish session.
In recent years, the attack by distributed denial of service is also used for purposes of blackmail from companies whose business relies on the availability of their website. These frauds are usually committed by criminal organizations (mafia) and not isolated hackers.
Study: From Wikipedia, the free encyclopedia. The text is available under the Creative Commons.
Tags: attack by dos, ddos attack, ddos attacks, denial of service attack, protection against attacks from denial of service
Posted in Server Security | No Comments »
Monday, February 15th, 2010
Programs available on the Internet
- Ping ‘O Death: To saturate a router or a server by sending a large number of requests “ICMP REQUEST” datagrams whose size exceeds the maximum allowed. Patches exist to protect themselves from this type of aggression under the MacOS, Windows NT/9x, Sun Solaris, Linux and Novell Netware.
- Land – Blat: It is sending a package forged (spoofed) containing the SYN flag on a given port (like 113 or 139 for example) and identify the source as the address of the target station. There are a number of patches for this “bug” for UNIX and Windows.
- Jolt: Specially designed for Microsoft systems (NT, 9x and 2000), this attack can saturate the CPU of the station who suffered. IP fragmentation causes, when sending a large number of fragments of identical packets (150/sec), a total saturation of the processor during the entire duration of the attack. Pre-existing patches are used to try to counter this type of attack.
- Teardrop - SynDrop: problem discovered in the old system kernel in the Linux section on the fragmentation of IP packets. This is a problem of reconstruction package. When the system reconstructs the packet, it performs a loop that will allow to store in a new “buffer” all packets already received. There actually control the size of the package but only if it is too big. If it is too small it can cause a problem with the kernel and crash the system (alignment problem packages). This problem has also been observed on Windows systems (NT/9x) and patches are now available.
- Ident Attack: This problem in the identd daemon can easily destabilize a UNIX machine that uses it. A large number of requests for authorization results in a total instability of the machine. To avoid this problem, install a newer version of the daemon and then use identd daemon pidentd-2.8a4 (or later).
- Bonk - Boink: same problem as the Teardrop but slightly modified to not be affected by the patches provided for Teardrop. There are new patches better constructed that also prevent this new type of attack.
- Smurf: This program uses the technique of “ICMP Flood” and amplifies it in order to create a disaster on (or) machines specified. In fact, he uses the technique of “broadcast ping” so that the number of ICMP packets sent to the station to grow exponentially while causing a crash is almost inevitable. It is difficult to protect them from this type of attack, there is no patch but correct filter rules allow you to limit its effect.
- Winnuke: it is still a program to “crash” NT/95 Windows systems by sending data type “OOB” (Out Of Band) in connection with a Windows client. NetBIOS service seems to be most vulnerable to this type of attack. Apparently, Windows does not know how to react to receiving this type of package and “panic”. Several patches exist against this type of attack and recent versions of Windows (98/2000 onwards) are now protected.
Continued…
Tags: attack by dos, ddos attack, ddos attacks, denial of service attack, protection against attacks from denial of service
Posted in Server Security | No Comments »
Monday, February 15th, 2010
UDP Flooding
This denial of service exploits the connectionless mode of the UDP. It creates a UDP Packet Storm (a large amount of UDP packets) or destination of a machine or between two machines. Such an attack between two machines leads to congestion and a saturation of resources on both hosts. Congestion is more important that the UDP traffic has priority over the TCP traffic.
In fact, TCP has a mechanism for congestion control, if the acquittal of a packet arrives after a long period, this mechanism adjusts the transmission frequency of packets and the TCP throughput decreases. UDP has no such mechanism. After some time, the UDP traffic occupies all the bandwidth, leaving only a small part in TCP traffic.
The best known example of UDP Flooding is “Chargen Denial of Service Attack”. The implementation of this attack is simple, just do the chargen service provide a machine with the echo service of another. The first generates characters, while the second resends the data it receives. Just then the attacker to send UDP packets on port 19 (chargen) to victims spoofing the IP address and source port of another. In this case, the source port is UDP port 7 (echo). The UDP Flooding causes saturation of bandwidth between two machines, and it can completely disable a network.
Packet Fragment
Denial of Service type Packet Fragment uses weaknesses in the implementation of some TCP / IP defragmentation (IP reassembly of IP fragments).
A known attack using this principle is Teardrop. The fragmentation offset of the second segment is smaller than the size of the first and the offset plus the size of the second. This means that the second fragment contains the first (overlapping).
During defragmentation, some systems do not handle this exception and that entails a denial of service. There are variants of this attack, bonk, boink and newtear. Denial of Service Ping of Death uses a mismanagement of the ICMP defragmentation, sending more data than the maximum size of an IP packet. These different types of denial of service lead to a crash on the target machine.
Smurfing
This attack uses the ICMP protocol. When a ping (ICMP ECHO) is sent to a broadcast address (e.g., 10.255.255.255), it is reduced and sent to every machine on the network. The principle of attack is to spoof the ICMP ECHO REQUEST packets sent using as source IP address of the target. The attacker sends a continuous stream of ping to the broadcast address of a network and all machines answer for an ICMP ECHO REPLY target. The flow is then multiplied by the number of hosts in the network. In this case the entire target network suffers denial of service because the huge amount of traffic generated by this attack leads to network congestion.
Continued…
Tags: attack by dos, ddos attack, ddos attacks, denial of service attack, protection against attacks from denial of service
Posted in Server Security | No Comments »
|
|
|
| © 2003 - 2010 Storm Internet Ltd |
|
|
