Category Archives: Internet

6

Difference Between Http and Https………….

http is hyper text transfer protocol which is responsible for transmitting and receiving information across the Internet where as https is secure http, which is used exchanging confidential information with a server, which needs to be secured in order to prevent unauthorized access.

HTTP is Hyper Text Transport Protocol and is transmitted over the wire via PORT 80(TCP). You normally use HTTP when you are browsing the web, it’s not secure, and so someone can eavesdrop on the conversation between your computer and the web server. HTTP can support the client asking for a particular file to be sent only if it has been updated after a certain date and time. This would be used if the client has already retrieved a copy of a file by that name from that server, but wants to check to see if it has been updated since then. The server responds either with the updated file, with a message to say the file has not been changed, or with a message that the file no longer exists.

HTTPS (Hypertext Transfer Protocol over Secure Socket Layer or HTTP over SSL) is a Web protocol developed by Netscape and built into its browser that encrypts and decrypts user page requests as well as the pages that are returned by the Web server. HTTPS is really just the use of Netscape’s Secure Socket Layer (SSL) as a sub layer under its regular HTTP application layering. (HTTPS uses port 443 instead of HTTP port 80 in its interactions with the lower layer, TCP/IP.) SSL uses a 40-bit key size for the RC4 stream encryption algorithm, new-age browsers use 128-bit key size which is more secure than the former, it is considered an adequate degree of encryption for commercial exchange. HTTPS is normally used in login pages, shopping/commercial sites.

SHARE THE KNOWLEDGE


Installing Red Hat Enterprise Linux in VMware-workstation.

This section covers installing a fully virtualized Red Hat Enterprise Linux 5 guest.  the steps are interchangeable and different steps are noted.

Procedure : Creating a fully virtualized Red Hat Enterprise Linux 5 guest with virt-manager

1.Start the new virtual machine wizard

Pressing the New button starts the virtual machine creation wizard.

Press Next to continue.

2.Name the virtual machine

Provide a name for your virtualized guest. Punctuation and whitespace characters are not permitted in versions before Red Hat Enterprise Linux 5.5. Red Hat Enterprise Linux 5.5 adds support for ‘_‘, ‘.‘ and ‘‘ characters.

Press Next to continue.

3.Choose a virtualization method

Choose the virtualization method for the virtualized guest. Note you can only select an installed virtualization method.

Press Next to continue.

4.Select the installation method

Red Hat Enterprise Linux can be installed using one of the following methods:

  • local install media, either an ISO image or physical optical media.
  • Select Network install tree if you have the installation tree for Red Hat Enterprise Linux hosted somewhere on your network via HTTP, FTP or NFS.
  • PXE can be used if you have a PXE server configured for booting Red Hat Enterprise Linux installation media. Configuring a sever to PXE boot a Red Hat Enterprise Linux installation is not covered by this guide. However, most of the installation steps are the same after the media boots.

Set OS Type to Linux and OS Variant to Red Hat Enterprise Linux 5 as shown in the screenshot.

Press Next to continue.

5.Locate installation media

Select ISO image location or CD-ROM or DVD device. This example uses an ISO file image of the Red Hat Enterprise Linux installation DVD.

  1. Press the Browse button.
  2. Search to the location of the ISO file and select the ISO image. Press Open to confirm your selection.
  3. The file is selected and ready to install.

Press Next to continue.

6.Storage setup

Assign a physical storage device (Block device) or a file-based image (File). File-based images must be stored in the /var/lib/libvirt/images/ directory. Assign sufficient space for your virtualized guest and any applications the guest requires.

Press Next to continue.

7.Network setup

Select either Virtual network or Shared physical device.

The virtual network option uses Network Address Translation (NAT) to share the default network device with the virtualized guest. Use the virtual network option for wireless networks.

The shared physical device option uses a network bond to give the virtualized guest full access to a network device.

Press Next to continue.

8.Memory and CPU allocation

The Memory and CPU Allocation window displays. Choose appropriate values for the virtualized CPUs and RAM allocation. These values affect the host’s and guest’s performance.

Virtualized guests require sufficient physical memory (RAM) to run efficiently and effectively. Choose a memory value which suits your guest operating system and application requirements. Remember, guests use physical RAM. Running too many guests or leaving insufficient memory for the host system results in significant usage of virtual memory and swapping. Virtual memory is significantly slower which causes degraded system performance and responsiveness. Ensure you allocate sufficient memory for all guests and the host to operate effectively.

Assign sufficient virtual CPUs for the virtualized guest. If the guest runs a multithreaded application, assign the number of virtualized CPUs the guest will require to run efficiently. Do not assign more virtual CPUs than there are physical processors (or hyper-threads) available on the host system. It is possible to over allocate virtual processors, however, over allocating has a significant, negative effect on guest and host performance due to processor context switching overheads.

Press Next to continue.

9.Verify and start guest installation

Verify the configuration.

Press Finish to start the guest installation procedure.

10.Installing Red Hat Enterprise Linux

Complete the Red Hat Enterprise Linux 5 installation sequence.

A fully virtualized Red Hat Enterprise Linux 5 Guest is now installed.

SHARE THE KNOWLEDGE


Satellite Communication……….

Satellite communication is based on ideas similar to those used for line-of-sight. A communication satellite is essentially a big microwave repeater or relay station in the sky. Microwave signals from a ground station is picked up by a transponder, amplifies the signal and rebroadcasts it in another frequency, which can be received by ground stations at long distances.

To keep the satellite stationary with respect to the ground based stations, the satellite is placed in a geostationary orbit above the equator at an altitude of about 36,000 km. As the spacing between two satellites on the equatorial plane should not be closer than 40, there can be 360/4 = 90 communication satellites in the sky at a time. A satellite can be used for point-to-point communication between two ground-based stations or it can be used to broadcast a signal received from one station to many ground-based stations as shown in Fig. 2.2.8. Number of geo-synchronous satellites limited (about 90 total, to minimize interference). International agreements regulate how satellites are used, and how frequencies are allocated. Weather affects certain frequencies. Satellite transmission differs from terrestrial communication in another important way: One-way propagation delay is roughly 270 ms. In interactive terms, propagation delay alone inserts a 1 second delay between typing a character and receiving its echo.

Satellite Microwave Communication: point –to- point

Satellite Microwave Communication: Broadcast links

Types of Firewalls………….

The firewalls can be broadly categorized into the following three types:

  • Packet Filters
  • Application-level Gateways
  • Circuit-level Gateways
  1. Packet Filters: Packet filtering router applies a set of rules to each incoming IP packet and then forwards or discards it. Packet filter is typically set up as a list of rules based on matches of fields in the IP or TCP header. An example table of telnet filter rules is given in Fig. 8.3.2. The packet filter operates with positive filter rules. It is necessary to specify what should be permitted, and everything that is explicitly not permitted is automatically forbidden.
  2. Application-level Gateway: Application level gateway, also called a Proxy Server acts as a relay of application level traffic. Users contact gateways using an application and the request is successful after authentication. The application gateway is service specific such as FTP, TELNET, SMTP or HTTP.
  3. Circuit Level Gateway: Circuit-level gateway can be a standalone or a specialized system. It does not allow end-to-end TCP connection; the gateway sets up two TCP connections. Once the TCP connections are established, the gateway relays TCP segments from one connection to the other without examining the contents. The security function determines which connections will be allowed and which are to be disallowed.

Limitations of a Firewall………….

Main limitations of a firewall system are given below:

  • A firewall cannot protect against any attacks that bypass the firewall. Many organizations buy expensive firewalls but neglect numerous other back-doors into their network.
  • A firewall does not protect against the internal threats from traitors. An attacker may be able to break into network by completely bypassing the firewall, if he can find a “helpful” insider who can be fooled into giving access to a modem pool.
  • Firewalls can’t protect against tunneling over most application protocols. For example, firewall cannot protect against the transfer of virus-infected programs or files

Describe the difference between Web and Window applications…..

Web Application: In software engineering, a Web application or webapp is an application that is accessed via Web browser over a network such as the Internet or an intranet. It is also a computer software application that is coded in a browser-supported language (such as HTML, ASP, PHP, Perl, Python etc.) and reliant on a common web browser to render the application executable.

These are used for server controls, HTML controls, user controls, or custom controls that is created especially for the Web forms. Web applications are displayed in a browser only. These are instantiated on the server; it sent to the browser and destroys immediately. These can run in any machine if that machine supports browser.

Web applications are popular due to the ubiquity of a client, sometimes called a thin client. The ability to update and maintain Web applications without distributing and installing software on potentially thousands of client computers is a key reason for their popularity. Common Web applications include Webmail, online retail sales, online auctions, wikis, discussion boards, Weblogs, MMORPGs and many other functions.

Windows Application: A program that is written to run under Microsoft’s Windows operating system. Such applications typically run under all 32-bit versions of Windows, but earlier applications might also run under the 16-bit versions (Windows 3.x) as well.

Windows applications can run on the same machine as they are displayed only on that machine. It displays their own windows and has more control over how those windows are going to display. These are instantiated and it exists for as long as needed and is destroyed.

SHARE THE KNOWLEDGE


 

Types of Internet threats………

  • Image SPAM
    Image-based SPAM has increased in the past year, and a higher percentage is making it past SPAM filters. The reason this happens is the images are varied each time a message is sent out. SPAM images are just slightly changed each time the message is sent. The difference may be a change in the border, or the variance of one pixel, but the change is enough to get past traditional content and signature-scanning filters. These SPAM messages are compared to snowflakes, because each one looks similar, but is different. Every image is in fact unique, but from a distance it will look identical.
  • Phishing
    You receive an email that is made to look as though it comes from a legitimate company you normally do business with. The email, for example, might tell you that some sort of service normally provided to you is due to expire soon. The email directs you to a phony Web site made to look like the site of the company you do business with. Once there, you are asked to provide personal information — such as a credit card or Social Security number — so that your service can be continued.
  • E-mail Spoofing
    E-mail Spoofing is when an email message appears to have originated from one source when it actually was sent from another source. E-mail spoofing is often an attempt to trick the user into making a damaging statement or releasing sensitive information (such as passwords). Spoofed e-mail can range from harmless pranks to social engineering ploys. Examples of the latter include: 

    • E-mail claiming to be from a system administrator requesting users to change their passwords to a specified string and threatening to suspend their account if they do not comply.
    • E-mail claiming to be from a person in authority requesting users to send them a copy of a password file or other sensitive information.

    Windstream, as well as most legitimate businesses, WILL NEVER ask for any sensitive information in an e-mail.

  • E-mail Borne Viruses
    Viruses and other types of malicious code are often spread as attachments to e-mail messages. Before opening any attachments, be sure you know the source of the attachment. It is not enough that the mail originated from an address you recognize. Also, malicious code might be distributed in amusing or enticing programs. Never run a program unless you know it to be authored by a person or company that you trust. Also, don’t send programs of unknown origin to your friends or co-workers simply because they are amusing — they might contain a Trojan horse program.
  • Chat Clients
    Internet chat applications, such as instant messaging applications and Internet Relay Chat (IRC) networks, provide a mechanism for information to be transmitted bi-directionally between computers on the Internet. Chat clients provide groups of individuals with the means to exchange dialog, web URLs, and in many cases, files of any type. 

    Because many chat clients allow for the exchange of executable code, they present risks similar to those of email clients. As with e-mail clients, care should be taken to limit the chat client’s ability to execute downloaded files. As always, you should be wary of exchanging files with unknown parties.

  • Overseas Money Transfer Scam
    If an e-mail sounds too good to be true, then it is. You’ll receive an e-mail from someone claiming to represent a foreign government or someone formerly involved with a foreign government. The person will claim that, through a change in leadership or death, he or she has been left with a large amount of money. They will ask your help getting the money out of the country, and if you help you can receive a large share of the money. The message will go on to ask you to respond to the e-mail with bank account information and other personal information to help set up the transfer. The best thing you can do is ignore the e-mail and hit the delete button.
  • Trojan Horse Programs
    Trojan horse programs are a common way for intruders to trick you (sometimes referred to as social engineering) into installing back door programs. These can allow intruders easy access to your computer without your knowledge, change your system configurations, or infect your computer with a computer virus.
  • Denial of Service Attack (DOS Attack)
    Another form of attack is called a denial-of-service (DoS) attack. This type of attack causes your computer to crash or to become so busy processing data that you are unable to use it. In most cases, the latest patches will prevent the attack. It is important to note that in addition to being the target of a DoS attack, it is possible for your computer to be used as a participant in a denial-of-service attack on another system.
  • Being an Intermediary for Another Attack
    Intruders will frequently use compromised computers as launching pads for attacking other systems. An example of this is how distributed denial-of-service (DDoS) tools are used. The intruders install anagent (frequently through a Trojan horse program) that runs on the compromised computer awaiting further instructions. Then, when a number of agents are running on different computers, a singlehandler can instruct all of them to launch a denial-of-service attack on another system. Thus, the end target of the attack is not your own computer, but someone else’s — your computer is just a convenient tool in a larger attack.
  • Modem Hijacking
    This is perhaps one of the most prevalent scams on the Internet today. When you visit a web site, you’ll often see pop-up ads that ask you various questions and offer you a variety of services. To receive them, all you have to do is select yes on one or more ads. If you haven’t read the fine print, however, you can unwittingly be agreeing to have software downloaded to your modem, which then instructs your modem to make long distance calls to overseas pay-per-call services. These calls can result in hundreds of dollars in charges. This usually impacts dial-up customers, rather than broadband customers. Often you don’t know this has happened until you receive your next phone bill.
  • Unprotected Windows Shares
    Unprotected Windows networking shares can be exploited by intruders in an automated way to place tools on large numbers of Windows-based computers attached to the Internet. Because site security on the Internet is interdependent, a compromised computer not only creates problems for the computer’s owner, but it is also a threat to other sites on the Internet. The greater immediate risk to the Internet community is the potentially large number of computers attached to the Internet with unprotected Windows networking shares combined with distributed attack tools. Another threat includes malicious and destructive code, such as viruses or worms, which leverage unprotected Windows networking shares to propagate. There is great potential for the emergence of other intruder tools that leverage unprotected Windows networking shares on a widespread basis.

SHARE THE KNOWLEDGE


 

Advantages and Disadvantages of the Internet….

Advantages

Communication:
The foremost target of internet has always been the communication. And internet has excelled beyond the expectations .Still; innovations are going on to make it faster, more reliable. By the advent of computer’s Internet, our earth has reduced and has attained the form of a global village.

Information
Information is probably the biggest advantage internet is offering. The Internet is a virtual treasure trove of information. Any kind of information on any topic under the sun is available on the Internet. The search engines like Google, yahoo is at your service on the Internet. You can almost find any type of data on almost any kind of subject that you are looking for. There is a huge amount of information available on the internet for just about every subject known to man, ranging from government law and services, trade fairs and conferences, market information, new ideas and technical support, the list is end less.

Entertainment
Entertainment is another popular raison d’être why many people prefer to surf the Internet. In fact, media of internet has become quite successful in trapping multifaceted entertainment factor. Downloading games, visiting chat rooms or just surfing the Web are some of the uses people have discovered. There are numerous games that may be downloaded from the Internet for free. The industry of online gaming has tasted dramatic and phenomenal attention by game lovers. Chat rooms are popular because users can meet new and interesting people. In fact, the Internet has been successfully used by people to find life long partners.

Disadvantages

Theft of Personal information
If you use the Internet, you may be facing grave danger as your personal information such as name, address, credit card number etc. can be accessed by other culprits to make your problems worse.

Pornography:
This is perhaps the biggest threat related to your children’s healthy mental life. A very serious issue concerning the Internet. There are thousands of pornographic sites on the Internet that can be easily found and can be a detrimental factor to letting children use the Internet.

Virus threat
Virus is nothing but a program which disrupts the normal functioning of your computer systems. Computers attached to internet are more prone to virus attacks and they can end up into crashing your whole hard disk, causing you considerable headache.

SHARE THE KNOWLEDGE


 

%d bloggers like this: