Thursday, November 27, 2008

KNOW ABOUT WINDOWS 7

Welcome to Windows 7
If you're looking for information about Windows 7, you've come to the right place. And as we make new information available, we'll make sure you can find it all from here. If you want day-by-day news about Windows 7


USER INTERFACE
At PDC today, Microsoft gave the first public demonstration of Windows 7. Until now, the company has been uncharacteristically secretive about its new OS; over the past few months, Microsoft has let on that the taskbar will undergo a number of changes, and that many bundled applications would be unbundled and shipped with Windows Live instead. There have also been occasional screenshots of some of the new applets like Calculator and Paint. Now that the covers are finally off, the scale of the new OS becomes clear. The user interface has undergone the most radical overhaul and update since the introduction of Windows 95 thirteen years ago.
First, however, it's important to note what Windows 7 isn't. Windows 7 will not contain anything like the kind of far-reaching architectural modifications that Microsoft made with Windows Vista. Vista brought a new display layer and vastly improved security, but that came at a cost: a significant number of (badly-written) applications had difficulty running on Vista. Applications expecting to run with Administrator access were still widespread when Vista was released, and though many software vendors do a great job, there are still those that haven't updated or fixed their software. Similarly, at its launch many hardware vendors did not have drivers that worked with the new sound or video subsystems, leaving many users frustrated.
While windows 7 doesn't undo these architectural changes—they were essential for the long-term health of the platform—it equally hasn't made any more. Any hardware or software that works with Windows Vista should also work correctly with Windows 7, so unlike the transition from XP to Vista, the transition from Vista to 7 won't show any regressions; nothing that used to work will stop working.
So, rather than low-level, largely invisible system changes, the work on Windows 7 has focused much more on the user experience. The way people use computers is changing; for example, it's increasingly the case that new PCs are bought to augment existing home machines rather than replacement, so there are more home networks and shared devices. Business users are switching to laptops, with the result that people expect to seamlessly use their (Domain-joined) office PC on their home network.
As well as these broader industry trends, Microsoft also has extensive data on how people use its software. Through the Customer Experience Improvement Program (CEIP), an optional, off-by-default feature of many Microsoft programs, the company has learned a great deal about the things that users do. For example, from CEIP data Microsoft knows that 70% of users have between 5 and 15 windows open at any one time, and that most of the time they only actively use one or two of those windows. With this kind of data, Microsoft has streamlined and refined the user experience.
The biggest visible result of all this is the taskbar. The taskbar in Windows 7 is worlds apart from the taskbar we've known and loved ever since the days of Chicago.
Text descriptions on the buttons are gone, in favor of big icons. The icons can—finally—be rearranged; no longer will restarting an application put all your taskbar icons in the wrong order. The navigation between windows is now two-level; mousing over an icon shows a set of window thumbnails, and clicking the thumbnail switches windows.
Right clicking the icons shows a new UI device that Microsoft calls "Jump Lists."

Jump lists provide quick access to application features. Applications that use the system API for their Most Recently Used list (the list of recently-used filenames that many apps have in their File menus) will automatically acquire a Jump List containing their most recently used files. There's also an API to allow applications to add custom entries; Media Player, for example, includes special options to control playback.
This automatic support for new features is a result of deliberate effort on Microsoft's part. The company wants existing applications to benefit from as many of the 7 features as they can without any developer effort. New applications can extend this automatic support through new APIs to further enrich the user experience. The taskbar thumbnails are another example of this approach. All applications get thumbnails, but applications with explicit support for 7 will be able to add thumbnails on a finer-grained basis. IE8, for instance, has a thumbnail per tab (rather than per window).
Window management has also undergone changes. In recognition of the fact that people tend only to use one or two windows concurrently, 7 makes organizing windows quicker and easier. Dragging a window to the top of the screen maximizes it automatically; dragging it off the top of the screen restores it. Dragging a window to the left or right edge of the screen resizes the window so that it takes 50% of the screen. With this, a pair of windows can be quickly docked to each screen edge to facilitate interaction between them.
Another common task that 7 improves is "peeking" at windows; switching to a window briefly just to read something within the window but not actually interact with the window. To make this easier, scrubbing the mouse over the taskbar thumbnails will turn every window except the one being pointed at into a glass outline; moving the mouse away will reinstate all the glass windows. As well as being used for peeking at windows, you can also peek at the desktop:
VIEW THIS INFORMATION IN TELUGU AT
http://www.eenadu.net/specialpages/sp-eenadumain.asp?qry=sp-eenadu1

Tuesday, November 25, 2008

NEW TO LINUX THEN KNOW ABOUT IT ?

WHAT IS LINUX ?
Linux is a free operative system that has become more and more popular due to the fact that it's image is being polished from an operative system for freaks and hackers to an operating system that is graphical oriented and a possible contender to Microsoft Windows. Linux was developed by Linux Torvalds with some other programmers. It now has a huge community from all over the world working on the further development of Linux. Since Linux is free it can be obtained by any body without the need for a License, this is called the General Public License (GLP). It has all the features you would expect in a modern fully-fledged Unix, including true multitasking, virtual memory, shared libraries, demand loading, shared copy-on-write executables, proper memory management, and TCP/IP networking.
Linux is made up of the Kernel, which is the operating system, the Xfree86 X Windows system that provides the user interface and the graphical Desktop like GNOME and KDE that gives the Windows feel. The Kernel is the heart or the core component of the Linux operating system and it is is maintained by the thousands of corporate-supported and volunteer programmers all over the world. Linux is not owned by anybody so everyone can get a copy of the Linux operating system called (source code) modify it and distribute it further.
Another big word that you come across is the distributions. A Linux distribution is a Linux kernel that is surrounded with a lot of different applications that makes the installation of the operating system easy and provides a friendly interface for anybody familiar with a computer to use. Distributions are created by individuals and companies and is usually packed with different software for networking, communication and other software that combine with the operating system so that a normal user that use it. An example of a Linux distribution is Mandrake or Redhat.
Since the Kernel is the main thing you usually end up with kernel version that is different from the distribution version. The present Kernel version is 2.6 and while Redhat distribution is up to version 9.0 at this time. A typical distribution comes with office applications, desktops, Internet browsers, FTP clients and much more. The most interesting thing is that it's all free because nobody can claim Linux and make huge profit from it.
Section 1: Introduction
This document started out as a justification for producing another Linux distribution. However, the Simple End-User Linux project (SEUL) has changed their goals from being a distribution project to working on the non-technical aspects of bringing Linux to end-users -- Linux in education , advocacy documents , managing and coordinating communications between projects, coordinating feedback from end-users, and hosting related development projects.
However, this document is still very useful as a description of the reasons for why Linux should be considered as an alternative to other (particularly proprietary) operating systems. In broadest terms, there are four categories under which this justification falls:
Problems with existing systems
Technical merits of Linux
Deficiencies of current Linux distributions
Advantages of commercial systems
Section 2: Problems with existing systems
There are certain problems which are common to all commercial-release operating systems - that is, any operating system which has all of the following attributes:
It costs money, typically more than $50
Source code for the system is not available
There are strict limits as to how the system may be copied.
Consequently, Windows, MacOS, DEC Ultrix, Solaris, OS/2, and other similar platforms are commercial operating systems. Linux (including Red Hat Official Linux, though that is a borderline case) and FreeBSD are free operating systems. They are often available for the cost of media ($2 to $5), the source code is available, often included with the main distribution; and there are few limits to redistributing the system.
Since commercial systems are a source of revenue for the companies who make them, some situations develop which are not necessarily advantageous to computer users. Most of these are directly related to the need for trade secrets and the protection of source code. Some of these problems include:
Section 2.1: Slow release pattern
Major upgrades to operating systems come very slowly. Windows 95 came out three years after Windows 3.11; Windows 98 might be released this year. Other systems are similar. The major distributions of Linux, on the other hand, are releasing major updates every six months or so.
Minor upgrades also take longer to acknowledge and fix in commercial systems. Recent problems with Netscape Navigator and Microsoft Internet Explorer are good examples of this. In the case of the "denial of service" TCP/IP bug, a Linux patch was posted for it mere hours after the problem was isolated. Anyone who is technically capable can fix the bugs, too, merely by changing the code in question and recompiling.
Section 2.2: High cost
Commercial operating systems, especially server operating systems, like Windows NT Server and Novell IntraNetware, can can cost more than $400 for a single copy and limited number of user licenses. Even the more modest $100 for Windows 95 can be a problem for people in developing countries, as well as students and others. The price for commercial systems almost never includes development tools, which cost even more. Linux, on the other hand, includes free C, C++, FORTRAN, and other development tools.
Section 2.3: Tech Support?
Commercial systems require their customers to depend on their companies for technical support. If there is a problem, users must often wait on hold (while paying for a toll call). While decentralized, it is often easier to get help with problems in Linux.
Section 2.4: Lack of source code availability
The fact that the source code for Windows and other systems is a closely guarded secret keeps people from learning from it, tinkering with it, and (perhaps) improving it. It means that problems which are technically easy to fix (like the infamous teardrop Pentium bug) cannot be fixed by any user with the technical expertise, but everyone must wait until Microsoft publishes a patch. The availability of source code is a particularly useful thing for programmers and computer science students, which form a significant percentage of Linux users.
In addition to the general problems noted above, there are some others which seem to particularly affect Microsoft Windows in all its variations. (Our intent is not to pick on Microsoft specifically, but since it is the single largest OS vendor, and most people are familiar with DOS and/or Windows, it would serve as a useful example for our purposes. Note also that we recogniz certain advantages to commercial systems, which we will discuss in detail later on.
Problems particular to Windows include:
Section 2.5: Planned obsolescence of hardware
A growing computer industry requires that people periodically get faster and more capable hardware to keep up with the advances the industry makes. Microsoft does not make it a priority to maintain backward-compatibility with older systems when it releases new operating systems. While it is technically possible to run Windows 95 on a 386/25 (I have seen it done), it is not an experience any user would relish. Running Windows 95 on any hardware less than a 486/66 with 16MB of RAM is an exercise in masochism. Cost becomes an issue again: until quite recently a new system would cost close to $2000; many people do not have the money to upgrade every two or three years. (I have heard that Windows 98 will not support any processor below the level of the "classic" Pentium.) So that 486 becomes a very expensive paperweight unless there is a platform which can run on it acceptably. Linux is such a platform.
Section 2.6: Monopolistic attitude
Epitomized by recent legal troubles with the Department of Justice and Sun Microsystems, there is a general perception that Bill Gates just wants to rule the world. (The latest Bond film, "Tomorrow Never Dies," even has a brief allusion to this.) Whether true or not, many people are seeking alternatives to Microsoft systems just because they are uncomfortable with Microsoft having a monopoly in this area.
Section 2.7: Crash-prone
No one in the computer industry was surprised when Steve Ballmer, Microsoft Vice-President, admitted that in the rush to beat Netscape, Microsoft had cut corners in quality control. (So had Netscape -- we're not playing favorites here.) Based on anecdotal evidence, many people have problems with Windows crashing for no particularly good reason, often causing people to lose work. Sometimes it is just an annoyance, but other times it can be quite serious. While Windows 95 and in particular Windows NT are far more stable than Windows 3.1x, they still fail with alarming regularity. There are documented cases of Linux servers running for over a year at a time without a system-halting crash.
Section 3: Technical merits of Linux
"Everyone's a critic." Too true. So, you may ask, what do we suggest to improve the computing situation? If you have read this far, you probably think we are going to say "Linux!" And you would be right. Linux provides an excellent base to work from for several reasons, and although it is not perfect, we believe it is the best place to start.
Section 3.1: Linux is Network-friendly
Nowadays, people are becoming more and more enamored of the Internet and what it can do for them. It is by no means an uncommon thing to see major vendors advertise their World Wide Web addresses during football games and other events; many TV commercials have them, too. The American marketing machine sees the Internet as a phenomenon that is here to stay, and the public wants to take advantage of it. The best way to do that now is with a computer. Set top devices, like WebTV (which Microsoft owns, in case you were curious) have a long way to go before they offer the flexibility and power of a PC with a modem.
Although not a huge movement yet, there will be more networks set up in homes as costs for basic computer hardware and networking equipment continue to plummet. The small office/home office network can now be realized for about half the price it would have cost a year ago. Most industry news sources expect this trend to continue. This will probably be more of a factor when homes and small offices want to get their own high-speed internet connections and need dedicated hardware to manage it.
Thus, one of the major litmus tests of the quality and utility of a modern operating system is how well it networks. Since Linux was developed by a team of programmers over the Internet, its its networking features were given high priority. Linux is capable of acting as client and/or server to any of the popular operating systems in use today, and is quite capable of being used to run Internet Service Providers. In fact, in Southern Minnesota, all of the small local ISP's (I do not know anything definite about the phone companies) use Linux. It is also well-suited to serving as a dial-in network station.
Linux supports most of the major protocols, and quite a few of the minor ones. Support for Internet, Novell, Windows, and Appletalk networking have been part of the Linux kernel for some time now. With support for Simple Network Management Protocol and other services (such as Domain Name Service), Linux is also well suited to serving large networks.
Finally, all these networking options will run quite acceptably on minimal hardware configurations. It depends on what services are needed and in what quantity, but I know that for some time a small college in Southern Minnesota ran a 56k baud leased line (access for a student body of about 300) gateway with E-Mail, DNS, and FTP on a single 486/33 with 32MB RAM and a lot of big SCSI drives.
Section 3.2: Linux is Multi-user
Linux is an implementation of the UNIX design philosophy, which means that it is a multi-user system from the word "go." This has numerous advantages, even for a system where only one or two people will be using it. Security, which is necessary for protection of sensitive information, is built into Linux at selectable levels. More importantly, the system is designed to multi-task. Whether one user is running several programs or several users are running one program, Linux is capable of managing the traffic.
Section 3.3: Linux is Open
Perhaps most importantly for what we are trying to accomplish with SEUL, Linux is open. That means that for the entire base system, which includes the kernel, the GNU tools, and all the basic utilities, we as programmers and users have access to the source code as well as the right to modify it. Without that access and that right, this project would not be possible. Neither would many of the other Linux projects currently underway, including GNOME, the GNU Network Object Model Environment, a desktop interface; MNEMONIC, a free web browser under development; or many others. If users like SEUL, they will be able to modify it if they wish.
An important aspect of open software is the ability to write kernel extensions and drivers as needed. What if new hardware comes out that we want to take advantage of? We just write the driver -- if someone else doesn't do it first.
Another huge advantage of an open system is a large number of software authors and beta testers. This makes the software testing and refinement process faster and better. Because there is not a lot of commercial software for Linux (though that is an increasing market), most software written for Linux is written because the authors want to do it. Since there are no corporate deadlines, there need be no compromise of quality. Also, I think many programmers relish the idea of showing off some artistry, since others will actually see and appreciate their code.
This means many good things for the user. It means higher-quality software, which means less prone to crash, more efficient, what have you. Often, if you have a question, it is often possible to ask the author of the software him/herself via E-Mail or Usenet Newsgroups. It makes it easier for people to get involved in the development process, which means that even if someone is not a programmer, he or she can have a profound impact on a piece of software by suggesting how to improve it to the development team.
Section 3.4: Linux is "Free"
Linux is "Free" in two senses. In one sense, the Linux consumer is free to modify the system and do anything he or she wishes with it. In another sense, acquiring Linux does not necessarily require any cash outlay at all.
There are two very popular methods for acquiring and distributing Linux: FTP and CD-ROM. Most of the major Linux distributions (Red Hat, Debian, Slackware, Caldera) are available for free download from several popular sites. Though time consuming, it does not cost anything beyond connection charges.
Getting Linux by CD-ROM seems to make more sense in many cases. For a few dollars (essentially the cost of the physical disc itself and shipping and handling), anyone can get the major Linux distributions. Many vendors even offer several-CD sets with prices averaging less than $2 per disc.
This would be a bargain if Linux were a run of the mill system with few frills and no truly compelling features. As a matter of fact, Linux comes with full networking capabilities, a mind-boggling array of programs, utilities, and development tools.
The development tools in particular make Linux a great platform for learning how to write software. In addition to the tools, you often get a full CD of source code to browse and study and tinker with. Another advantage is that, as a multi-user system, it is much more likely to keep you from shooting yourself in the foot as you learn to program -- I have seen Windows 95 and how it handles errors in Borland's C++ compiler, and I am very glad I use Linux. Of course, if you are not inclined to write software, these things do not need to be installed.
Of course one of the greatest advantages of Linux is that it is the freedom to modify the existing code makes it a very easily extensible platform. That is exactly what we are trying to do with EUL - modify and extend the base system to make it easier for people who do not have years of Unix experience to work with the system.
Section 3.5: Linux is Reliable
Linux is one of the more stable operating systems available today. This is due in large part to the fact that Linux was written by programmers who were writing for other programmers and not for the corporate system. The only people who made the decisions on what went into the system were programmers. Also, the deadline pressure is not as strong when one is developing as a hobby. What does this mean in practical terms? In a recent issue of Linux Journal, a feature was run on how long a Linux system has continuously run. Several uptimes of over 1 year were reported. This is because the system is designed to be upgraded and modified "on the fly" -- the only reason one would need to turn off a Linux system would be to add hardware or boot from a different kernel. That means that the end-user can count on Linux to work consistently, day in and day out.Another factor which touches on reliability is that there are currently two mature program packaging standards in the Linux world. Debian and Red Hat each have their own packaging systems; both will check dependencies (package A needs to have package B installed before it will run, so the installer will install package B), both can upgrade an entire running system without a reboot. this makes it easy to upgrade parts or all of a system, as well as add new software, or remove unwanted software.
Section 3.6:
Linux is Backwards-Compatible Linux has superb support for older hardware. In fact, it is often easier to find hardware support for 486-era hardware than the latest gizmos to hit the market. This is because the driver authors need time to write and test the drivers, and some vendors are not exactly forthcoming with the information required to write a driver.What this means for the user is that they can protect their investment in hardware. When old hardware is rendered obsolete by the latest version of Windows (or MacOS...we try to be fair), it can most likely still run enough of Linux to be perfectly useful. There is no reason for Linux users to try to make hardware obsolete - and every reason for them to provide support for older hardware.
Section 4: Deficiencies of Linux as of Jan. 1, 1998
Despite the tremendous advantages of Linux as it stands right now, it is not without its problems. Several in particular which we are trying to provide solutions for include the following: Section 4.1:
Inconsistent User Interface One of the by-products of the development of GNU/Linux is that it is a patchwork quilt of sorts, reflecting different interfaces, design goals, etc. It is not easy learning to use the vi editor, for example, or learning the command line syntax of find. Nor is there any consistency enforced among the various programs and utilities included in a standard Linux distribution. This leads to user confusion and frustration.Current projects are underway to provide consistent graphical interfaces through the X Window system. These include KDE (the K Desktop Environment), GNOME (GNU Object Model Environment), and Teak (a GNU project which as far as I know exists only on paper). What we think would be ideal would be a consistent interface to configure various services, as well as user tools such as a calendar, word processor, emailer, and so on.
Section 4.2:
Replication of packages There is a lot of replication among the various packages in a Linux distribution. Some of the Mail Transfer Agents available (and this is not an exhaustive list) include sendmail, smail, qmail, and exim. Granted, the diversity is generally because there are differing design goals, but the choice is confusing to many users, who may not know how to use any one of them.
Section 4.3:
Wrong amount of info in install process The major Linux distributions give either too much or too little information to the new user when installing. Red Hat gives too little -- you can choose packages individually but there is no information about the packages you are selecting beyond what category they fall under. Debian, with dselect, gives too much -- there are a number of status items on the display that are difficult to read and are not easily deciphered without the manual.While many Linux users argue that any Linux user should Read The Fine Manual before installing, it can be pointed out that the Windows installation routing (which has problems of its own) does not require a lot of reading before someone can perform it adequately.
Section 4.4:
Inadequate PnP support For whatever reason, the Plug and Play (PnP) specification has not been a particularly critical item for the Linux world to take care of. Many PnP cards do not work at all (though this is not always the fault of Linux - it is often due to the manufacturer keeping vital aspects of the technology secret so that a driver cannot be written), and the only current interface to PnP cards is through a program called isapnp. More work should be done in this area.
Section 4.5:
Most installations presume full-time network and ethernet Debian and Red Hat both seem to spend most of their network installation time assuming that the machine being installed on will be connected to a network. Not enough potential problems with dial-up networking (Modem setup, IRQ tuning, PPP setup) are dealt with at installation. This process needs to be easier.
Section 4.6:
Locations of help not obvious It can be very difficult to find help, especially for those not accustomed to a Unix system. New users may see a command line and try to get a directory by typing "dir," unaware that it will not work. Once a user learns "man" and "locate," she can do quite a bit, but the individual program documentation still needs to be manipulated with gzip. What would be ideal would be a natural language help facility which, when asked, "How do I check for disk problems?" responds with a reference to docs for fsck. A project like this is under development.
Section 4.7:
System administration difficult for non-UNIX users Learning Unix system administration from the ground up can be a nightmare. Most users are not concerned with issues such as hard vs. symbolic links, filesystem-specific issues (fat or vfat or fat32?), file permissions, user rights, group rights, and all the other trivia that make Unix administration what it is. Ideally, the user would be shielded from as much of this as possible.
Section 4.8:
Lack of commercial applications Linux still suffers from a frustrating lack of applications in some areas. These are mostly the big-ticket commercial type apps, such as word-processors, spreadsheets, databases, and web browsers. The Linux software market is growing, but what we need are some free items like this for a freely-distributable system.
Section 4.9:
Lack of hardware vendor support Some hardware vendors simply refuse to release the information on their products necessary to write a driver. A recent (and fairly public) example of this was Adaptec's response to Linux user complaints about not making information on new versions of the AHA-2940 BIOS available, meaning that the card behaves erratically under Linux (and since such a card usually has the main system storage hooked to it, that is not a Good Thing). Fortunately, Adaptec publicly posted that it was willing to work with the Linux community for a mutually beneficial solution. We can only hope episodes like this become more common.Meanwhile, some vendors are actually giving instructions on their tech support pages on how to set their hardware up under Linux. A notable example of this is Linksys, the network hardware vendor. This too is a positive sign we can only hope will increase.
Section 4.10:
Lack of traditional customer support Earlier, we cited Linux' lack of traditional support as an advantage. That only part of the story, though. Most business IS departments want and need some tangible entity to stand behind a product which performs mission-critical services for the business, so that 24 hour support is needed. There is currently no central organization in the Linux community for this, and this is a major barrier to widespread acceptance of Linux in the workplace. Since it is such an obvious shortcoming, there are some things underway which should alleviate this problem:
Red Hat has now instituted phone support Just for installation and for 30 days, but it is a start.
Some consultancies provide support Red Hat is working to coordinate this with local resources.
Caldera is working aggressively in this market Caldera's products are specifically aimed at this issue. They are also priced comparably to similar offerings from Microsoft and Novell, which has irked some Linux people. Mailing lists and newsgroups These are still the best places to get Linux tech support, and will be for some time. There should be more information given to beginning Linux users, though, to ease their transition.
Section 5:
Advantages of commercial systems Earlier, we promised that we would discuss in detail the advantages of commercial systems over Linux as it is now. We believe this is especially important because of the perceived (OK, real) ease of use gap between Linux and commercial offerings. While all the major distributions have made great strides in bridging the usability gap, Linux is "not there" yet. Some things in particular we notice about commercial systems that make them easier to use:
Section 5.1:
System operation is easy to find info on IDG books has made a pile of money with their "For Dummies" books. They can be bought at any bookstore, too -- "Running Linux" by Matt Welsh is a little harder to come by -- and it is not "For Dummies." It is typically easier to find a friend who knows how to install a Windows device driver than it is to find someone who can do it in Linux. This is simply a function of the ubiquity of Windows, but is certainly part of the "ease of use" gap.
Section 5.2:
Commercial systems have many commercial apps This is really the bread and butter of the commercial software world. Microsoft's biggest revenue generator, for example, is Office. As a result, a lot of time, effort, and research and development goes into these programs. They can do a lot (too much, perhaps), and are relatively easy to use. Nothing like MS Word 97 yet exists for Linux, nor is it likely to in the near future. This is partly because a project like that is enormous, requiring lots of time from lots of people, but also because it already exists, so why re-do it?
Applix makes a decent office suite for Linux. There is also StarOffice, so the market is not empty. But there is no doubt that Linux would help itself immensely by getting more of these apps.
Section 5.3:
Commercial systems have better "out-of-box" support for home user
Since commercial systems are tailored to the home user, they tend to be easier to set up and use by the home user. Under the best of circumstances, it can be quite easy to set Windows 95 up as an Internet dial-up networking station. (If PnP fails, it can be a nightmare, granted.) Nevertheless, quite a few people get on the Internet with Win95 so Microsoft must be doing something right in that regard. Linux can gain by offering some of the visual interfaces with interactive questions ("Wizards") for new users.
Section 5.4: Interface R & D
Large companies have budgets for developing newer and better User Interface technology, a luxury Linux does not have. But Linux can use this information to its advantage by learning from the success of some interfaces and the failures of others.

LOTTERY SCAMS AND AWARENESS ABOUT THEM

Email Lottery Scams - International Lottery Scam Information

Lottery scams are one of the most common types of fraudulent email currently hitting inboxes. Be wary of unsolicited email that informs you that you have won a large sum of money in an international lottery. This is a common Internet scam. There is no lottery and no prize. Those who initiate a dialogue with the scammers by replying to the lottery scam emails will eventually be asked for advanced fees to cover expenses associated with delivery of the supposed "winnings". They may also become the victims of identity theft.

HOW IT WORKS ?

You receive an unsolicited email, which states that you have won a major prize in an international lottery. Supposedly, your email address was collected online and attached to a random number that was subsequently entered in a draw for the lottery. In order to claim your prize, you are instructed to contact the official "agent" in charge of your case. You are also advised to keep the win confidential for "security reasons". This part of the scam is basically a random phishing expedition. If you respond in any way to the email, the scammers will send further messages or even contact you by phone in an attempt to draw you deeper into the scam.

You may be asked to provide banking details, a large amount of personal information, and copies of your driver's licence and passport. Ostensibly, these requests are to prove your identity and facilitate the transfer of your winnings. However, if you comply with these requests, the scammers will have enough information to steal your identity.

Sooner or later, the scammers will request some sort of advance fee supposedly to cover administration, legal or delivery costs. At its core, this scam is just a reworking of the Nigerian loan fraud, in which scammers also eventually ask for upfront fees to facilitate the "deal". Like Nigerian scams, victims who do actually pay the requested fees will probably find that they receive continuing payment demands to cover "unexpected expenses". The requests for money will go on until the victim realizes what is happening or has no further money to send.

In some cases, the scammers give victims the option of opening an account at a particular bank as an alternative to paying upfront fees. However, this "bank" which is completely bogus, will insist on an initial deposit of $3000 as a requirement for opening the account. The fake bank will have a legitimate looking website to reinforce the scam. In other cases, the victim is given the option of travelling to an overseas destination and paying a cash fee to facilitate the release of the funds. However, any "winnings" released to the victim will be counterfeit and therefore worthless.

The details of the lottery scams vary regularly with regard to the name of the lottery itself, the country of origin, the sponsoring organization, the amount of the "prize" and other particulars. The scammers try to add a patina of legitimacy to their claims by mentioning real financial institutions, government departments or well-known companies. They may also provide links to slick looking, but fraudulent websites that are designed to back up information included in the scam emails. If the scammers are successful in establishing a dialogue with a potential victim, they may provide "proof" such as a scanned image of a supposed government official's ID and even photographs of the "winnings" in cash.

WHAT TO DO IF U RECEIVE A LOTTERY SCAM EMAIL?
If you receive one of these scam emails, it is important that you do not respond to it in any way. The scammers are likely to act upon any response from those they see as potential victims. Although it can be educational and even entertaining to "bait" these scammers, such endeavours should only be attempted under controlled conditions. The people who run these scams are criminals and could even resort to violence and intimidation to meet their aims. You should delete the email without replying. Before you delete the message, you might like to report the scam by forwarding the email to the address supplied on the FraudWatch International website.

WHAT IS PHISHING AND HOW IT WORKS

Phishing Scams - Anti-Phishing Information

Phishing is one of the most prevalent of all Internet scams. At any one time, a large number of major financial institutions and online entities around the world will be the target of phishing scammers. Some high profile institutions such as Citibank and PayPal are targeted almost continually. Phishing scams attempt to trick people into providing sensitive personal information such as credit card or banking details.
HOW IT WORKS ?
Phishing scams attempt to trick people into providing sensitive personal information such as credit card or banking details. In order to carry out this trick, the phishing scammers send a fraudulent email disguised as an official request for information from the targeted company. Generally, they also create a "look-a-like" website that is designed to closely resemble the target company's official site. The fake website may appear almost identical to the official site. Style, logos, images, navigation menus and other structural components may look the same as they do on the genuine website.Recipients of the scam email are requested to click on an included hyperlink. Clicking this link will cause the fake website to open in the user's browser. Once at this fake website, the user may be presented with a web form that requests private information such as credit card and banking details, and other account data such as a home address and phone number. Often, the visitor is requested to login using his or her username and password. All information entered into this fake website, including login details, can subsequently be collected and used at will by the criminals operating the scam.A variation of the scam involves using an embedded form within the bogus email itself. Victims are instructed to enter details such as a password and bank account number into the form provided and return the email to the sender. Another variation attempts to trick recipients into installing a trojan on their computer, either by opening an email attachment or downloading the trojan from a website. The scammers can then use the trojan to collect information from the infected computer. The scam emails are randomly mass-mailed to many thousands of Internet users in the hope of netting just a small number of victims. The majority of people who receive these scam emails will probably not even be customers of the targeted institution. However, the scammers rely on the statistical probability that at least a few recipients will:
1. Have accounts with the targeted institution.
2. Will be unaware of such scams and believe the email to be a legitimate request.
The scam can prove to be a lucrative exercise for the scammers even if only a very small percentage of recipients ultimately become victims.

Thursday, September 4, 2008

ABOUT LINUX IN FUTURE

What Linux Will Look Like In 2012 ?

Our open source expert foresees the future of Linux: By 2012 the OS will have matured into three basic usage models. Web-based apps rule, virtualization is a breeze, and command-line hacking for basic system configuration is a thing of the past.

What will desktop Linux be like four years from now?


In the time it takes most college students to earn an undergraduate degree -- or party through their college savings -- Linux will continue to mature and evolve into an operating system that non-technical users can fully embrace.

The single biggest change you'll see is the way Linux evolves to meet the growing market of users who are not themselves Linux-savvy, but are looking for a low-cost alternative to Microsoft (or even the Mac). That alone will stimulate enormous changes across the board, but there are many other things coming down the pike in the next four years, all well worth looking forward to.

Over the course of the last four years, Linux has taken enormous strides in usability and breadth of adoption. Here's a speculative look forward at what Linux could be like a few years from now -- or, maybe we could say what Linux ought to be like.

For-free Versus For-pay
Expect to see a three-way split among different versions of Linux. Not different distributions per se, but three basic usage models:


1. For-pay: Ubuntu's in-store $20 boxes are a good example. For a nominal cost, you get professional support for Linux as well as licenses to use patent-restricted technologies (e.g., codecs for legal DVD playback).

Expect this to at least gain nominal momentum, especially if the cost is no more than an impulse buy and people understand that Ubuntu can non-destructively share a machine with Windows. Also expect at least one other Linux company to pick up on this model (openSUSE, for instance), and to have preloads on new systems incorporate such things if they don't already.


2. Free to use: This is the most common model right now -- a free distribution with support optional, and additional optional support for closed-source components: proprietary, binary-only device drivers.


3. Free/libre: These distributions contain no components with patent encumbrances or other issues, in any form. Distributions like gNewSense or Blag Linux already do this, and an upcoming version of Ubuntu (8.10 / "Intrepid Ibex," due in October) will also feature a wholly free installation option.

Wednesday, September 3, 2008

Windows XP Piracy Badgering Set To Begin

Microsoft this week plans to update the Windows Genuine Advantage anti-piracy mechanism for Windows XP Professional, which the software giant claims is the most oft-pirated version of Windows.

After the update, WGA notifications for XP will be the same as they are for Windows Vista service pack 1, said Alex Kochis, senior product manager in the Windows Genuine Advantage group, in a Tuesday blog post.

That means users whose copies of XP fail validation will see a black background the next time they log in. Although users will be free to switch to their background of choice, the black screen will return every 60 minutes until they validate their copy, and they'll also see a watermark with a logo that reads "Ask For Genuine Microsoft Software."

According to Kochis, this will make it easier for XP users to install and stay up to date with the latest release of WGA notifications. "Our research has clearly shown that customers value the ability of Windows to alert them when they may have software that is not genuine, but they also want the ability to stay up to date with the least effort required on their part," he wrote.

WGA is designed to combat piracy by installing software on users' PCs that periodically checks to see if their version of Windows is authentic before allowing them to download updates. However, WGA has been a source of frustration for many users since it was launched in 2005, due to several incidents in which genuine users have been mistakenly identified as pirates.

Prior to the release of Vista service pack 1, Vista copies that failed WGA validation would enter a reduced functionality mode in which certain features were disabled, but Microsoft changed to the black screen nagging approach when it released Vista SP1.

Monday, August 25, 2008

The Survey Process

To create and run a survey, you will need to work through these steps:

  • Define your goals
  • Pick your tools
  • Write your questions
  • Test your survey
  • Deploy your survey
  • Measure your results

The rest of this article will describe these steps in greater detail later.

one of the best survey site where u don't need to pay any sign-up fee and registration fees and here is the my referral link to that site

http://www.AWSurveys.com/HomeMain.cfm?RefID=NARESHI3


Friday, August 22, 2008

Seamless and AVG offer security software

Seamless and AVG offer security software

(Telecomworldwire Via Acquire Media NewsEdge)
Seamless Corporation (OTCBB:SMWF), a provider of secure cutting-edge
hardware and software, Internet communications products and services,
has announced that its subsidiary, Seamless TEK LABS Inc, will be
marketing a bundled solution of Seamless Secure Internet Browsing
(S-SIB) software programs and AVG Technologies' Anti-Virus programs.

S-SIB Complete offers a data security product liability policy,
encryption of Internet traffic with government grade encryption,
protection from common Wi-Fi attacks, an anonymous web browsing
feature, anti-virus and anti-spyware protection, anti-rootkit, instant
messaging protection and AVG Surf-Shield and Active Surf-Shield.

The package is available at a price of USD 44.95.

DATA PROTECTION INTRODUCED BY IBM

IBM EXPANDS DATA PROTECTION SOFTWARE PORTFOLIO TO WINTEL CUSTOMERS Technology from FilesX Acquisition Strengthens Tivoli Storage Manager Portfolio

INDIA, Bangalore � August 22, 2008 � IBM (NYSE: IBM) today announced a new suite of integrated data protection solutions designed to help WindowsIntel customers deal with the challenges of quick and efficient data backups and restores to meet business, legal and regulatory requirements.


According to the IDC AP Enterprise Server Tracker, Q1 2008, the number of x86 units shipped in 2007 were 126,940 and forecasted at 148,467 in 2008. With almost this entire infrastructure generating business critical data, the need for data management, backup and recovery focused at Windows and x86 market is greater than ever.

IBM new Tivoli Storage Manager FastBack software will enable IBM Tivoli to cater to a completely new market segment of x86 customers on Windows at competitive price points and functionalities. In particular, this offering will help small-to-midsized businesses (SMBs) and remote locations, which typically lack dedicated IT staff but have to deal with mounting storage concerns.


The new IBM Tivoli Storage Manager FastBack solutions are available now. For more information on the IBM Tivoli Storage Manager family, visit http://www-306.ibm.com/software/tivoli/products/storage-mgr/

INFORMATION ON WI-FI (WIRE LESS FIDELITY)

Wifi is a wireless networking based on IEEE 802.11 standards, and connects millions of peoples by using various devices such as PCs, laptops, printers, camera, TV, gaming, and mp3 players and much more just like a digital life style. There are lots of website and companies providing you WiFi services and information as we are! We are here to provide you ever best information about wifi as you came to know little more about wifi and extend your knowledge to the next level.

A Wifi is a long-distance, transportable connectivity technology for individual. Millions of people all over the world use Wifi. You can converse to anyone on the planet from just about anywhere with wifi connected devices. The wifi was make-believe by the Institute of Electrical and Electronic Engineers in 1997.Through wifinotes.com you can take pleasure in the experience of finding precisely what you need in a wireless network. We provide competently, with the best information anywhere.Here you can get detailed information about wifi that what is wifi and how it works, what about WiFi Security which tools protect your wireless network more secure and protected. Enjoy knowledge of broad selection of wifi product such as Desktop Wireless Wi-Fi Cards, Laptop / Notebook Wireless Wi-Fi Cards, Wireless Wi-Fi Routers, Wireless Wi-Fi USB Adapters, and Handhelds and PDAs. Www.wifinotes.com repeatedly has the newest and latest wifi accessories information that you will locate anywhere.

Wifinotes.com comprehended the wifi limitations as security concerns, interference from other devices, and lacking high-quality media streaming, terminologies such as gigahertz, wibro, hotspot, wifi finder, and access point, features, pan including loss of confidentiality, loss of integrity, loss of avaiability, and solution like management solutions, operational solutions, and technical solutions and types of network as you get more about wifi. If you are going to make a wireless network and you are looking for wifi then you are at very right place here you will spend less and talk more because we are here for those who want a bit more . Now days every one has crazed of wireless network due to beyond services. Here you will find all features of wifi where you can understand how much useful they are for you. By using or browsing this website will help you make a wise choice. We have all best rating wifi product with undeniable statement of style and these are only for you because we know your values and no doubt our customer’s and readers satisfaction is our chief goal. Therefore we have your entire wifi needs just one click away www.wifinotes.com.

Tuesday, July 29, 2008

How does MP3 player works?

You see them here, there, everywhere! But have you ever really wondered at the technology behind that wonderful music playing contraption? Learn the technology behind one of the most popular gadgets around.

MP3 players use solid state memory, and are very similar to your computer's hard drive. In fact, some of them even double as portable hard drives! What solid state memory does is cut down on malfunctions as they contain no moving parts. They also help to avoid those annoying skips that are oh so prevalent in CD players. They use magnetic based storage, just like your hard drive and floppy drive. This does mean that they are susceptible to corruption by magnets and other devices that have a strong magnetic field (such as speakers or monitors)

The other parts of the MP3 player help to process the data on the drive and translate the 1s and 0s into audio signals. The player contains a microprocessor and controls the functions of the player.

The DSP (digital signal processing) chip is one that does a great deal of the work relating to the music. It is responsible for a few different functions, including loading the music from the drive, decompressing the mp3 (or other format), and convert the music into an analogue signal so that you can enjoy the latest hits. It then goes to the amplifier. This enhances the signal prior to sending it to headphones or speakers.

MP3 players draw their power from batteries, although some can switch to drawing power through a USB port when they have access to a computer. The typical MP3 player will allow you to listen to your music, make play lists, browse through your files, rearrange files, and delete files. As the technology gets more advanced, some also have expanded to let you watch movies, listen to local radio stations, and also store other types of files.

Contrary to the name, most MP3 players can handle a wide variety of music file formats. Format support can sometimes be added in at a later date by the manufacturer, who can issue a firmware update to be downloaded and installed on the player. As a last resort, enterprising people can make their own software, or reverse engineer the drive so that they know how to add the file format support themselves.

You can get music to put on your drive from a variety of sources. Be careful in making sure that your sources are legitimate, however. You wouldn't want to be on the receiving end of a RIAA lawsuit. You can also rip music from your personal CD collection. Most MP3 players come with software that can do this quickly and easily for you. In addition, there are loads of software download sites out there that have free CD to MP3 converters.

MP3 players are almost must have accessories, even for those not heavily into getting the newest gadgets and gizmos. With a capacity of hundreds or thousands of songs, do you really want to mess around with your CD player instead of this?

Wednesday, July 23, 2008

INFORMATION TO SLOVE ERRORS SHOWN BY DIFFERENT VIRUSES

*Windows cannot find SSVICHOSST.EXE make sure you typed name correctly and then try again to search for file, click the start button and then click start. For the solution log on to www.daniweb.com/blogs/entry1747.html

*Solution to virus occurred due to flash drives visit the following URL
www.pchell.com/support/aboutblank.shtml


*For deleting the viruses by name smss.exe , killer.exe visit the URL
http://infosecawareness.in and clean the registry affected by viruses.

*For viruses by name heurtrojangenericvirus and to access hidden files visit the URL http://malwareclawer.com/?=13


*Use less emails by name “YAMUNA” for solution visit the URL
http://www.cyberforensics.in/onlineemailtracer/index.asp then copy the email header and paste in above address then you will find a solution. To get the email header http://www.abika.com/reports/samples/emailheaderguide.html


*If the affected with viruses and cannot update then follow the below procedure
goto START -> RUN -> COMMAND -> REGEDIT Then type

hkey_local_machine\system\current control set\services then

hkey_local_machine\system\Microsoft\windowsNT\version then click viruses then update system.

*For viruses by the name ‘newfolder.exe these will affect your task manager and registry aditor and also disables them and creates new .exe folders and slows down system. For solution visit www.od3n.net/tools then click virus removal.


*If your internet explorer shows the message like “HACKED BY GODGILLA” it shows beside the address bar. To delete the above virus follow the following

steps

1. Download process explorer and run it. Delete or close the processes running in

your system by the name wscript.exe

2. Download RRT.exe file(remove restriction tool). By this we can enable the

disabled files.

3. Then START -> RUN -> REGEDIT Then type

hkey_current_user/software/Microsoft/windows/currentversion/run and delete

MS32DLL.

4. hkey_current_user/software/Microsoft/internetexplorer/main and delete

“windows title” i.e., “HACKED BY GODGILLA”.

5. Then goto “MY COMPUTER” FILE -> TOOLS -> FOLDER OPTIONS -> ADVANCE

SETTINGS Then check for “show hidden files and folders” and hide extension

for the known file types and hide protected “operating system files” on them.

Then click OK and restart the computer.

TIPS TO PROTECT YOUR SERVERS FROM HACKERS

Is your server secure?

To reply in a word, the answer is ‘No’. No machine connected to the Internet is 100% secure. This does not mean that you are totally helpless. You definitely can take measures to protect your machines from hackers, but you cannot avoid them completely. You can compare your system to a house — whenever windows and doors are open, then the probability of a thief getting in is high, but if the doors and windows are closed and locked the probability of being robbed is less, but still not nil!

What is Information Security?

For our purpose, Information Security means the methods we use to protect sensitive data from unauthorized users.

Why do we need Information Security?

The entire world is rapidly becoming IT enabled. Wherever you look, computer technology has revolutionized the way things operate. Some examples are airports, seaports, telecommunication sector and TV broadcasting, all of which are thriving as a result of the use of IT. "IT is everywhere."

A lot of sensitive information passes through the Internet, such as credit card data, mission critical server passwords and important files. There is always a chance of someone viewing and/or modifying the data while it is in transmission. There are countless horror stories of what happens when an outsider gets hold of someone's credit card or financial information. The transgressor can use it in any way he/she likes and could even destroy you and your business by taking or destroying all your assets. As we all know, "An ounce of prevention beats a pound of cure." So, in order to avoid such critical situations, it is advisable to have a good security policy and security implementation.

Security Framework

Figure 1 illustrates the framework needed to implement a functioning security implementation.



This framework shows the basic steps in the life cycle of securing a system. "Risk Analysis" deals with risks associated with the data in the server to be secured. "Business Requirements" is the study that deals with the actual requirements for conducting business. These two components cover the business aspects of security implementation.

The "Security Policy" covers eight specific areas of security implementation and is discussed in more detail in the forthcoming section on security policy. "Security Service, Mechanisms and Objects" is actually the implementation part of security. "Security Management, Monitoring, Detection and Response" is the operational face of security, where we cover the specifics of how to find a security breach, and what needs to be done if a breach is found.

Security Policy

The Security Policy is a document that addresses the following areas:

1. Authentication: This section deals with what methods are used to determine if a user is real or not, which users can or cannot access the system, the minimum length of password allowed, how long a user can be idle before he is logged out, etc.
2. Authorization: This area deals with classifying user levels and what each level is allowed to do on the system, which users can become root, etc.
3. Data Protection: Data protection deals with details like what data should be protected and who can access which levels of data on the system.
4. Internet Access: This area deals with the details of users having access to the Internet and what they can do there.
5. Internet Services: This section deals with what services on the server are accessible from the Internet and which are not.
6. Security Audit: This area addresses how audit and review of security related areas and processes will be carried out.
7. Incident Handling: This area addresses the steps and measures to be taken if there is any breach of security. It also covers the steps to find out the actual culprit and the methods to prevent future incidents.
8. Responsibilities: This part covers who will be contacted at any given stage of an incident and the responsibilities of the administrator(s) during and after the incident. It is a very important area, since the operation of the incident handling mechanism is dependent on it.

Types of Information Security

There are two types of security – Physical security/Host security and Network security. Each of these sections has three parts:

1. Protection: Slow down or stop intrusions or damage;
2. Detection: Alert someone if a breach (or attempted breach) of security occurs, and quantify and qualify what sort of damage occurred or would have occurred; and
3. Recovery: Re-secure the system or data after the breach or damage and, where possible, undo whatever damage occurred.

Host security/Physical security

Host security/Physical security means securing the server from unauthorized access. For that, we can password protect the box with such steps as setting up a bios password, placing the computer box in a locked room where only authorized users have access, applying OS security patches and checking logs on regular basis for any intrusion and attacks. In Host security, we check and correct the permissions on all OS related files.

Network security

Network security is one of the most important aspects of overall security. As I mentioned earlier, no machine connected to the internet is completely secure, so security administrators and server owners need to be alert, and make sure that they are informed of all new bugs and exploits that are discovered. Failure to keep up with these may leave you at the mercy of some script kiddy.

Which operating system is the most secure?
Every OS has its own pros and cons. There are ways to make Windows more secure but implementation is quite costly. Linux is stable and reasonably secure, but many companies perceive it as having little vendor support. In my opinion, the best OS for security purposes goes to FreeBSD, another free Unix-like OS, but not many people are aware of its existence.

Is a firewall the final solution to the Network Security problem?

No, a firewall is just part of the security implementation. Again, we will use the example of a house. In a house, all the windows and doors can be closed but if the lock on the front door of the house is so bad that someone can just put any key-like thing in and open it, then what is the use of the house being all closed up? Similarly, if we have a strong firewall policy, it will restrict unauthorized access. However, if the software running on the box is outdated or full of bugs, then crackers can use it to intrude into the server and gain access to the root. This shows that a firewall is not the final solution. A planned security implementation is the only real quality solution to this issue.

Security is a continuous process

Continuing security is an ongoing process. Security administrators can only conduct their work on the basis of alerts and bug fixes released up to the date of securing. So, in order to accommodate all of the fixes for the latest bugs, security work has to be performed on a regular basis.

Does security implementation create overhead and/or reduce performance?

Yes, security implementation creates a small amount of overhead, but it need not reduce overall performance drastically. In order to take care of such things, a well-done security implementation has an optimization section where the security administration gives priority to both performance and security. While securing any software, we should secure it in such a way that it provides maximum performance.

Security audits: What should be checked?

Security audit is a part of security implementation where we try to find out the vulnerabilities of the system and suggest actions to improve security. In a normal audit, the points below should be checked and a report with the results of that audit created.

1. Check intrusion detection: Use chkrootkit or rkhunter for this purpose.
2. Check for known bugs in the software installed on the server: the kernel, openssl, openssh, etc.
3. Scan all network ports and find out which ports are open. Report the ports that should not be open and what program is listening on them.
4. Check whether /tmp is secured.
5. Check for hidden processes.
6. Check for bad disk blocks in all partitions (This is just to make sure that the system is reasonably healthy).
7. Check for unsafe file permissions.
8. Check whether the kernel has a ptrace vulnerability.
9. Check the memory (another system health check).
10. Check if the server is an open e-mail relay.
11. Check if the partitions have enough free space.
12. Check the size of the log files. It is better that the log size remains in megabytes.

How to determine if you are being hacked?

To find out if your box has been compromised or not, follow the below-mentioned steps. These will be handy in most of situations.

Check your box to see if your performance has degraded or if your machine is being over-used.
For that, use the commands:
vmstat
Displays information about memory, CPU and disk.
Ex: bash# vmstat 1 4 (where 1 is delay and 4 is count).
mpstat
Displays statistics about CPU utilization. This will help us to see if the CPU is overworked or not.
Ex: bash# mpstat 1 4 (where 1 is delay and 4 is count).
iostat
This command displays statistics about the disk system. A few useful options include:
-d - Gives the device utilization report.
-k - Displays statistics in kilobytes per second.
Ex: bash# iostat -dk 1 4 (where 1 is delay and 4 is count).
sar
Displays overall system performance.

Check to see if your server has any hidden processes running
ps
Displays the status of all known processes.
lsof
Lists all open files. In Linux, everything is considered a file and as such it will be possible to see almost all of the activity on your system with this command.

Use intrusion detection tools

· rkHunter (http://www.rootkit.nl/); and
· chkrootkit (http://www.chkrootkit.org/).

Check your machine's uptime

If the uptime is less than it should be, it could mean that somebody else is utilizing the machine’s resources. Linux does not crash or reboot under normal conditions because it is a stable OS. If your machine has been rebooted, try to find out the actual reason behind it.

Determine what your unknown processes are and what they are doing
Use commands like the following to take apart unknown programs:

readelf
This command will display what the executable's program is performing.
ldd
This command will show the details of libraries used by an executable.
string
This command will display the strings in the binary.
strace
This command will display the system calls a program makes as it runs.

Hardening Methodology

1. Read all security related sites and keep up to date. This is one of the main things that a security administrator or server owner should do. Server owners should be made aware of security and its importance. Security training is an important part of an overall security package.
2. Create a good security policy. Conduct security audits on the basis of this policy.
3. Keep your OS updated by applying all patches.
4. Install a custom kernel with all unwanted services removed and patched with either grsecurity or openwall.
5. Disable all unwanted services and harden the services you leave running; change file and directory permissions so that security is tightened.
6. Install a firewall and create good rule sets.
7. Test and audit the server on a regular basis
8. Install an intrusion detection system, log monitor, all of the Apache security modules, bfd, faf and tmp monitor. Make your partitions secure.
9. Run a good backup system to recover data in case of an intrusion, crash or other destructive incident.
10. Install a log analyzer and check your logs for any suspicious entries.
11. Install scripts to send out mail or enable notifications when a security breach occurs.
12. After a security breach, try to find out how, when and through what the breach occurred. When you find a fix for it, document the details for future reference.

Summary

Now let us conclude by covering the main steps by which a hosting server can be secured.

1. Determine the business requirements and risk factors applicable to the system.
2. Devise a security policy with the above data in mind. Get the management's approval and signoff on this security policy.
3. On approval of the policy, conduct a security audit on any existing systems to determine current vulnerabilities and submit a report regarding this to the management.

The report should also cover the methods needed to improve existing security. Here is a quick checklist:
* Software vulnerabilities;
* Kernel upgrades and vulnerabilities;
* Check for any Trojans;
* Run chkrootkit;
* Check ports;
* Check for any hidden processes;
* Use audit tools to check the system;
* Check the logs;
* Check binaries and RPMS;
* Check for open email relays;
* Check for malicious cron entries;
* Check /dev /tmp /var directories;
* Check whether backups are maintained;
* Check for unwanted users, groups, etc. on the system;
* Check for and disable any unneeded services;
* Locate malicious scripts;
* Querylog in DNS;
* Check for suid scripts and nouser scripts;
* Check valid scripts in /tmp;
* Use intrusion detection tools;
* Check the system performance; and
*Check memory performance (run memtest).
4. Implement the security policy.
5. Correct all known existing software vulnerabilities either by applying patches or by upgrading the software.
6. Implement host security.
* Protect your systems with passwords;
* Check the file systems and set correct permissions and ownerships on all directories and files:

chmod -R 700 /etc/rc.d/init.d/*

Use rpm -Va to find out if an rpm has been modified;
* Apply security patches to vulnerable software (i.e. patch -p1 < style="color: rgb(255, 0, 0);">*
Remove all unneeded ttys and console logins by removing the entry from /etc/securetty;
* Check system logs (e.g. /var/log/messages, /var/log/secure, etc.);
* Set a password on the boot loader (lilo and grub both support this); and
* Monitor the system (nagios or big brother).
7. Implement network security:
* Remove all unwanted users and groups;
* Use custom security scripts that will send out notifications when sshing as root or while creating a user with uid of 0, etc.;
* Require passwords with 16 characters (can be done by making changes in login.def);
* Disable unwanted services using tcpwrapper (unwanted services can also be disabled through xinet.d or xinetd.Conf);
* Set up an idle timeout, so that idle users will be logged out after a certain amount of time;
* Disable all console program access (e.g. rm –rf /etc/security/console.app/);
* Enable nospoof option in /etc/host.conf;
* Specify the order in which domain names should be resolved (e.g. order bind hosts);
* Lock the /etc/services file so that no one can modify it;
* Restrict direct root login (comment out the PermitRootLogin login option in sshd_config);
* Restrict su, so that only wheel group members are able to su (You can use pam or disable the permission of other for the su binary);
* Limit users resources (using pam, specify the limits for each user in /etc/security/limit.conf);
* Secure /tmp (mount /tmp with noexec,nodev,nosuid);
* Hide the server details. Remove /etc/issues and /etc/issues.net;
* Disable unwanted suid and sgid files (e.g. find -type -perm -04000 -o perm 02000)
Examples of these: gpasswd, wall, and traceroute;
* Using iptables, allow only pings from specific locations (for monitoring systems to work);
* Take preventive measures against DOS, "ping of death" attacks, etc.;
* Install a firewall (e.g. apf and iptables) and allow only ports to operate, which the box needs for its normal functions; block all other ports to prevent mischief (Links: http://rfxnetworks.com/ and http://yolinux.com/TUTORIALS/LinuxTutorialIptablesNetworkGateway.htm);
* Install intrusion detection (e.g. install tripwire or aide). Links: http://www.cs.tut.fi/rammer/aide.html and http://redhat.com/docs/manuals/linux/RHL-9-Manual/ref-guide/ch-tripwire.html;
* Install sxid to keep an eye on suid and sgid scripts (Link: http://linux.cudeso.be/linuxdoc/sxid.php);
* Restrict ssh to specific IP addresses and specific users (Key authentication using passphrase is recommended);
* Install logcheck to check the logs;
* Install tmpwatch to delete unused files from the /tmp directory;
* Install and set up portsentry and configure it to use iptables to block Ips;
* Install mod_security and mod_dosevasive to safeguard apache;
* Delete files with nouser and nogroup;
* Deleted unwanted files/folders in htdocs, disable directory indexing;
* Check for unwanted scripts in /root, /usr/local, /var/spool/mbox;
* Install BFD and FAF for additional security;
* Disable open email relaying; and
* Submit a status report to the management detailing all discovered vulnerabilities and fixes.

Testing phase

Use tools like nessus, nikto and nmap to perform a penetration test and see how well your server is secured. Also, do a stress test.

Security is of utmost importance to a server, compromising security is compromising the server itself. Hence, an understanding of the same is a prerequisite to server ownership and administration.

Saturday, July 12, 2008

TOP 100 ENGG COLLEGES IN INDIA

RANK Name of Institute City

1 Indian Institute of Technology IIT Kanpur Kanpur

2 Indian Institute of Technology IIT Kharagpur Kharagpur

3 Indian Institute of Technology IIT Bombay Mumbai

4 Indian Institute of Technology IIT Madras Chennai

5 Indian Institute of Technology IIT Delhi Delhi

6 BITS Pilani Pilani

7 IIT Roorkee Roorkee

8 IT-BHU Varanasi

9 IIT-Guwahati Guwahati

10 College of Engg , Anna University Guindy

11 Jadavpur University , Faculty of Engg & Tech Calcutta

12 Indian School of Mines Dhanbad

13 NIT- National Institute of Technology Warangal

14 BIT, Mesra Ranchi

15 NIT- National Institute of Technology Trichy

16 Delhi College of Engineering New Delhi

17 Punjab Engineering College Chandigarh

18 NIT- National Institute of Technology Suratkal

19 Motilal Nehru National Inst. of Technology Allahabad

20 Thapar Inst of Engineering & Technology Patiala

21 Bengal Eng and Science University , Shibpur Howrah

22 MNIT Malviya National Institute of Technology Bhopal Bhopal

23 PSG College of Technology Coimbatore

24 IIIT - International Institute of Information Technology Hyderabad Hyderabad

25 Harcourt Butler Technological Institute (HBTI) Kanpur

26 Malviya National Institute of Technology Jaipur

27 VNIT - Visvesvaraya National Institute of Technology Nagpur Nagpur

28 NIT- National Institute of Technology Calicut

29 Dhirubhai Ambani IICT Gandhinagar

30 Osmania Univ. College of Engineering Hyderabad

31 College of Engineering , Andhra University Vishakhapatnam

32 Netaji Subhas Institute of Technology New Delhi

33 NIT- National Institute of Technology Kurukshetra

34 NIT- National Institute of Technology Rourkela

35 SVNIT Surat

36 Govt. College of Engineering Pune

37 Manipal Institute of Technology Manipal

38 JNTU Hyderabad

39 R.V. College of Engineering Bangalore

40 NIT- National Institute of Technology Jamshedpur

41 University Visvesvaraya College of Engg. Bangalore

42 VJTI Mumbai

43 Vellore Institute of Technology Vellore

44 Coimbatore Institute of Technology Coimbatore

45 SSN College of Engineering Chennai

46 IIIT Allahabad

47 College of Engineering Trivandrum

48 NIT Durgapur Durgapur

49 SIT Calcutta

50 Mumbai University Inst of Chemical Tech Mumbai

51 Sardar Patel College of Engineering Mumbai

52 P.E.S. Institute of Technology Bangalore

53 Maharashtra Institute of Technology (MIT) Pune

54 Amrita Institute of Technology & Science Coimbatore

55 National Institute of Engineering Mysore

56 B.M.S. College of Engineering Bangalore

57 Laxminarayan Institute Of Tech. Nagpur

58 Nirma Institute of Technology Ahmedabad

59 IIIT Pune

60 Amity School of Engineering Noida

61 JNTU Kakinada

62 S.J. College of Engineering Mysore

63 Chaitanya Bharathi Inst. of Technology Hyderabad

64 IIIT Bangalore

65 SRM Institute of Science and Technology Chennai

66 SASTRA Thanjavur

67 Bangalore Institute of Technology Bangalore

68 The Technological Inst. of Textile & Sciences Bhiwani

69 I I I T Gwalior

70 JNTU Anantpur

71 M.S. Ramaiah Institute of Technology Bangalore

72 Gitam Vishakhapatnam

73 NIT- National Institute of Technology Hamirpur

74 NIT- National Institute of Technology Jalandhar

75 SV University Engineering College Tirupati

76 NIT- National Institute of Technology Raipur

77 Vasavi College of Engineering Hyderabad

78 The ICFAI Inst of Science and Technology Hyderabad

79 IIT- National Institute of Technology Patna

80 Cummins Colleges of Engg of Women Pune

81 VIT Pune

82 Shri Ramdeo Baba K.N. Engineering College Nagpur

83 Muffakham Jah Engineering College Hyderabad

84 Karunya Institute of Technology Coimbatore

85 D.J. Sanghvi Mumbai

86 Sathyabhama Engineering College Chennai

87 Kongu Engineering College Erode

88 Mepco Schlek Engineering College Sivakasi

89 Guru Nanak Dev Engineering College Ludhiana

90 Hindustan Inst of Engineering Technology Chennai

91 SDM College of Engineering Dharwad

92 R.V.R. & J.C. College Of Engg Guntur

93 Jamia Millia Islamia, New Delhi New Delhi

94 K.L. College of Engineering Veddeswaram

95 Dharmsinh Desai Institute of Technology Nadiad

96 S.G.S. Institute of Technology & Science Indore

97 Jabalpur Engineering College Jabalpur

98 Sree Chitra Thirunal College of Engineering Trivandrum

99 G.H. Patel College of Engg & Technology Vallabh Vidyanagar

100 Kalinga Institute of Industrial Technology Bhubaneshwar