LINUX MAGAZINESLINUX MAGAZINES: Open Source News, Articles and Reviews

As you innocently type away at your computer or surf the Internet, you never know when you will face one of the many threats lurking in the shadows of the World Wide Web. In recent years, there are plenty of types of software that threaten the safety and integrity of a desktop or laptop. Today, the list of clever and tricky ways that spyware, adware, and malware become attached to a computer is becoming increasingly commonplace, prompting consumers to take extra precautions against an attack.

Hidden Downloads

One of the most common ways that spyware infiltrates a computer is through a “free” application download, such as peer-to-peer file sharing programs like Kazaa. When downloading and installing this type of program, an assortment of spyware programs is automatically included, which is one of the ways the company is able to keep their services free to the public.

Some downloads are unauthorized and may simply initiate because you have visited a particular website by accident or under false pretenses that forces the download of malicious software. You may also become tricked into downloading spyware without your knowledge if you should answer dialog boxes that request you to click “yes” or “no.” When these boxes appear, you should cancel out of the action by clicking on the “x” in the corner of the box. As a rule of thumb, you shouldn’t authorize the download of any software onto your computer if it does not come from a reputable source.

There are also certain websites that take advantage of popular subjects on the Internet. While a user is surfing their website, they may happen upon placed links that will install adware onto a computer or possibly flood a computer with embarrassing and annoying information and solicitations on point of contact. This is a common technique used on sites that promote pornography, gambling, and music downloads.

Toolbars

Sometimes, spyware is attached to a download that comes in the form of a toolbar. At one time, you may or may not have authorized its receipt, but often when a newly installed toolbar appears, it is a sign you have spyware on your computer. If you are faced with a decision to download a new toolbar, your best bet is to cancel the action or deny permission.

Pop-Ups

A common method of advertisement in the Internet world includes the use of pop-ups, which automatically load and appear on a computer screen. While some are meant to display marketing information, others are created with the intent to get a user to click on a link that will download adware or spyware without their knowledge. This is why many computer users turn to pop-up blockers to significantly reduce or eliminate the appearance of malicious pop-ups.

Corrupted Emails and Attachments

Some people infuse emails and attachments with malicious software that downloads and installs itself onto a computer because opening such items initiate the act. A common way to thwart this kind of attack is to install software that protects against this type of software, as well as to make it a habit not to open emails from people you are unfamiliar with.

The Importance of Removing Malicious Software

Not only does spyware, adware, and malware make a computer run slower than usual, but also comprises the files, applications, and personal information stored on the PC. Malicious software has the ability to permit outside intruders to gain access into the insides of your private life by providing a gateway to important data. Regardless of the type of spyware installed onto a computer, the user’s privacy is violated because their computer use, habits, and personal information can be tracked.

It is through spyware and other similar software that credit card numbers, bank statements, financial records, usernames and passwords, and other vital details become compromised. Today, the latest technology and methods allow strangers to enter a computer and retrieved all of the necessary data required to execute identity fraud and theft, which is why it is quite important to remove malicious software at once.

Learn the latest malware, adware and spyware tricks and how to protect yourself. http://www.spywaresecrets.net Anti Spyware

Author: Rita Lambros-Segur
Article Source: EzineArticles.com
Awe Inspiring Pictures

Ok, so you went out and bought a big, fancy computer with all the fixins. You’ve got memory, DVD burners, wireless adapters, and enough hard drive space to trump the library of Congress, but is that all you need? As most people inevitably realize…NO WAY! Your cool, new system may be able to fly you to the moon, but you’re not going anywhere until you furnish that thing with the right software.

Software packages come in all flavors, and they truly run the gamut on price. If you don’t have the right connection (and who among us does?) you’ll be stunned to find that some of the most popular products come at a pretty penny. Microsoft Office for example, the world’s leading office and productivity software suite, ranges in price from $350 – $500. Word processing never seemed so painful! How about some of the photo hobbyists out there; ever heard of Adobe Photoshop? Of course you have. You can’t open a Photography magazine without someone mentioning a Photoshop trick or two. A fun program indeed, but it costs about $600.

Matters worsen if you’re an aspiring business looking to build an office system. Even the simplest of office server software by Microsoft starts somewhere between $500 – $1000, with higher-end servers costing well into the teens. Databases alone can coast anywhere from $10,000 – $250,000, depending on the product. It’s enough to make you clinically depressed!

So what can we do to avoid high priced software? Plenty! In an age of burgeoning price wars and techie revelry, just about every major product has an [almost] equal-and-opposite counterpart that costs little or no money. They don’t get the marketing hype their goliath competitors enjoy, but in most cases they are both alike in features and compatible with one another. If knowledge is power, consider this to be below your hemi-powered, super-charged engine to cheap computer success. Check out the following links:

OpenOffice – a full featured replacement for Microsoft Office. Fully compatible. Version 2.0 contains Word Processor, Database, Spreadsheet, the works!

GIMP Photo Productivity Suite – Photo editing suite replacement for Adobe Photoshop

Firefox Web Browser – Web browser replacement for Microsoft Internet Explorer. Safe, secure, and fast!

Thunderbird Mail Manager – Email management suite that replaced Microsoft Outlook.

Jon Arking is a software architect in the greater Philadelphia region. He maintains a website offering free, one-on-one computer and technical support at [http://www.JustHelpMe.Net]

Author: Jon Arking
Article Source: EzineArticles.com
Duty on LCD/Plasma TV

Hearing the word “spyware” sends shudders up and down the spines of people who know anything about computers. Spyware essentially monitors the user’s activity without the user’s consent. This is a formula for precarious outcomes as it relates to the user. Many individuals in our technologically advanced society rely heavily on computers to make purchases, handle finances, and a myriad of other personal matters and transactions that many wish to keep confidential. Spyware is capable of filtering to obtain a user’s personal information, which could result in identity theft. Many transactions online require social security numbers, bank routing numbers, addresses and telephone numbers. The minimum of these is often all that is needed to attempt to open an account or make purchases without the user’s knowledge or consent.

As frightful as spyware is, it does not have to agonize the user. You CAN fix spyware, and it is not all that hard but only if you do it the right way.. Research shows that although the journey to complete annihilation of this harried source of worry to many users can be a laborious process. This tedious removal is due to spyware’s heightened level of chicanery. It is often not until a user’s identity has been stolen that they are even aware that they have been victimized by spyware. Most often it occurs as a result of their banking activities being deciphered for the purpose of extracting only that which is needed to assume the user’s identity elsewhere. In order to prohibit this type of surreptitious behavior and fix spyware problems, the user may consider a spyware scanner that is devised to scan the user’s computer for detection of spyware. The fact that removal is easy but maintaining removal is not so easy makes the removal process not just irksome but also chancy.

It is very easy for users to be coerced into downloading spyware without their knowledge until the damage has been done. With this posing a challenge to complete obliteration of spyware, users are urged to not only consider spyware removers but to do so with a vengeance and strategically so scanning regularly.

The best way to fix spyware problems is to use a spyware removal product, and my top pick is XoftSpySE. To get the ball rolling and to protect yourself from identity theft, get a FREE SCAN for spyware by clicking here. It’s safe and will go a long way in protecting your assets.

Author: Jeff Farley
Article Source: EzineArticles.com
Beading Necklace

Data loss can tantamount to a huge loss be it on a personal level or a professional backfire that leaves you awry and helpless. Its always better to be forearmed and forewarned thus devise your defense mechanisms long before the actual havoc strikes so that you are in a reasonable position to command if not the whole but a part of your fortune that may not drown in the deep waters of destiny when a major data loss situation strikes. You don’t have to own a multimillion dollar business to be effectively crippled when a data loss situation hits cause be it your college assignment’s drafts or the letter to your attorney, loss of crucial and sensitive data spells disaster whatever might be the situation and whatever might be the magnitude. It is not unnatural to experience a data loss situation as more often than not, unexpected system shutdown, media read error, no memory error leads to sudden quitting of computer operations thereby deleting the unsaved data that we might have been working on.

Sometimes the errors that are generated in the process impede save functions thereby hindering the program from saving that data that is being worked on. These situations render us helpless but if a little thought is invested in backing up the data on a regular basis, much of the ordeal can be taken care of and the rest can be effectively countered. Provided below are a few suggestions that can enable users to safeguard their data more effectively and efficiently.

o Storing the data in the same drive as the operating system can prove grievous in most cases. Most word processors save the files to My Documents folder, never do so, cause when a virus hits or a software malfunction occurs, the operating system is the most vulnerable to damage. If this happens all your precious data might have to undergo complete erasure as in most cases these kinds of situations demand reformatting of the hard drive and thus reinstallation of the operating system. It’s advisable to resort to a second internal hard drive or an external drive to store the data securely. The benefit attached to external drives is that they can also be used for backups as and when required.

o Backup your data well-CDs get scratched, hard drives break and floppies get erased. Thus it is of absolute necessity to keep a backup of the work that’s important to you. Backing up work regularly to an online storage, server or an offsite backup can be of considerable help when data loss situations strike.

o Open email attachments with caution E-mails are a major source of virus afflictions. Set your email software program to save attachments in a unique location. It often happens that you receive a document with the same name as the one on your drive and saving it to the same location results in overwriting the file that’s already there. Virus can corrupt the whole of the file system and cause the system to crash.

o Eliminate human errors More often than not; we pay for our carelessness and ignorance. Saving the new changes in a document when it is being edited is rarely a thing we do and this is by far the most common cause that leads to deletion of the newly edited data that you are working on. This can easily be avoided by copying the text in some other document and renaming the newly edited one if you are not desirous of tempering with the advanced features or the F12 Key.

o Keeping hard copies of the important documents help, as you at least have access to the basic document which might not have the modifications and alterations but the crux contents nevertheless. If you have already lost your data and you are in search of a viable recovery option that can perform a comprehensive scan of all the recoverable data from your corrupted or defective hard drive, bank on Stellar Information Systems Ltd for help.

Stellar, a pioneer Data Recovery company specializing in data recovery and data protection services and solutions has come up with an express remedy to retrieve lost/ missing data from corrupted hard drives that have suffered reverses from any sort of data loss situation.Stellar Phoenix Windows Data Recovery software is an answer to all your data loss queries. Stellar has a host of other software’s that cater to different requirements and situations.

Jonny a student of Mass Communication doing research on data recovery software. He is also a freelancer for http://www.stellarinfo.com

Author: Jonny Weatson
Article Source: EzineArticles.com
Duty tariff

This is a topic a lot of people ask about so here is a list of free to use programs for windows that can replace your other more expensive programs.

ALL OF THESE PROGRAMS ARE FREE

Antivirus:

avast! Antivirus – I have used avast for 2 years now and it works BETTER than the Antivirus programs I have used in the past. It does not hog resources like Norton does and it actively scans network traffic and emails.

General Tools:

OpenOffice – Open office is a project that is now being supported by Sun Microsystems. The OpenOffice project is a collection that can replace the Microsoft Office package. All of the OpenOffice programs that have Microsoft Counterparts allow you to save in the Microsoft format so they can be opened on OpenOffice AND Microsoft Office.

Adware Tools:

AdAware – AdAware is a program that will scan your computer for spyware and will remove everything it finds. It works very well and I have personally used it for many years. Zip/Compression Tools: Winace XAcePlus – XAcePlus can Zip/Unzip ACE, ARJ, CAB, LHA, LZH, JAR, RAR, ZIP, and SFX Files.

Image Editing Tools:

GIMP – I have been using GIMP for my image editing for quite some time…It does have a learning curve just like Photoshop and its not going to have all the functions that Photoshop does however it comes pretty close and considering its free there is really no question for most people.

Networking Tools:

LogMeIn – I use logmein everyday for work. LogMeIn is a completely automatically configured remote desktop application(does not require ANY router configuration, no need to open and ports) which allows you to control any computer the software is installed on from any other computer that has internet explorer(The computer you connect to is the only computer that needs the logmein software running on it). This is probably the best program listed in this whole post!

Hamachi – This software is made by the same company as LogMeIn. It is a automatically configured VPN program that allows you to create a network and then allow any computers that install the program to connect to it (with different security options). Any computers connected to the network (even if they are in different countries) will be able to access the folders on the other computers on the network as if they were within the same LAN.

Temperature Monitoring

MBM – This software will monitor all aspects of your computer including hard drive temperature, processor temperature, fan speeds, hard drive speeds and more.

This article was originally posted on our website. Please visit http://www.willdiscuss.com to get a comprehensive list of open source software or to discuss this article.

Author: Aaron Riesbeck
Article Source: EzineArticles.com
Canada duty rates

Almost everybody has some kind of Internet personality that they can’t do without. Simply put, this technology has become so much a part of our lives. Everyday, we log on to the different social networking sites such as Facebook and MySpace or we make a search on things that interest us or even those that we’re required to research about in school or at work. Some people get online simply to play online games while some are there to update themselves on the latest news. Somehow, someway, people are going to find a reason to be connected to the web and this has become an undeniable reality today.

Although this technology has brought us major conveniences we could only dream of before, it has also put us at risk to a certain degree. Emails, which are normal, everyday things we attend to, are, in fact, the most potent carriers of online threats. While most of us think they’re but a tiny innocent speck in this whole Internet craze, emails could be powerful enough to spread the most destructive of these threats though malicious programs hidden behind spam mail and attachments. It is, therefore, very crucial that every Internet user knows how to handle these things if he and his system are to stay safe.

The most basic rule when it comes to protecting oneself from possibly hazardous emails is avoidance of opening attached files from suspicious sources. Usually, these attachments come with emails from people you don’t know and are usually accompanied by very enticing text such as those claiming that you have won some lottery or grant from a foreign donor. In most cases, the message comes with an empty message field and an attractive subject with the attached file. This is certainly something you’re better off deleting. What you would definitely want to stay away from are those attachments with the .exe file extension. However, don’t be too complacent still as these executable files may also come with hidden or disguised extensions.

If you’re thinking about how opening these attachments could possibly cause you damage, there are actually many ways. For example, if the file you opened is infected with malicious code, your computer will definitely be affected. A virus will embed itself into your hard drive and start damaging your files immediately. Or it can collect personal information such as credit card details and send this back to the one who made the virus. This type of program can even pull up all your contacts and spread itself among them. In other words, just one malicious file opened in one email could wreak havoc in incredible proportions. Remember that millions of Internet users open their emails each day. You can just imagine how fast things could spread around.

When it comes to email threats, spams are yet another. Essentially, they do not pose a threat to your computer but somehow, they can get very annoying. Spam mails are those that offer you various deals about anything from skin care products to ad tracking software. While these emails are merely for marketing purposes, they still can get very bothersome especially for someone who doesn’t appreciate being targeted for any type of advertisement.

And then, there’s phishing which is carried out through an email that attempts to create a false urgency for the receiver to reveal sensitive information such as banking passwords and PINs with the sender usually posing as a bank official. If identity theft is the last thing you want to deal with, do not, by all means, reveal anything confidential through email. Besides, legitimate banks and companies never seek information of this nature through the Internet.

These are just some of the threats that you could be exposed to while you’re online. If you simply don’t want to deal with them, just hide your IP address. Once you start using an IP changer software, you can surf anonymously. And when you’re anonymous, nobody knows you’re there, including hackers who can’t possibly make you a target simply because they don’t even see you.

Author: Brad M Smith
Article Source: EzineArticles.com
US Dollar credit card

A NTP Server connects to a computer network with the purpose of synchronising all computers, routers and other devices to the exact same time. NTP servers use Network Time Protocol to adjust the drift of different machines to match the reference time.

NTP servers rely on using a reference clock; most networks that use a NTP server will use a UTC (Coordinated Universal Time) time source. UTC is based on the time told by the incredibly accurate and expensive atomic clocks.

Atomic clocks work on the principle that a single atom (in most cases the caesium -133) will resonate at an exact rate at certain energy levels. The accuracy of atomic clocks is so proficient that UTC was developed to allow international Atomic Time (TAI) and Greenwich Meantime (GMT) to be combined, allowing for the slowing of the Earth’s rotation by adding leap seconds and therefore keeping the Sun at the Earth’s meridian at noon.

Failure to account for this slowing in the Earth’s spin would result in the eventual drift of day and night (albeit in many millennia).

A NTP server can be set to receive a UTC time signal from across the Internet although these can vary tremendously in accuracy and are reliant on reasonably close distances from client and server.

Relying on an Internet based timing references can also leave a network open to malicious users as they can not utilise NTP authentication which is a security measure used to ensure a timing reference is what it says it is.

Many dedicated NTP servers are designed to receive a more accurate and authenticated timing reference. One method utilises radio transmissions that are broadcast by several national physics laboratories such as NIST (National Institute for Standards and Technology) in the US (WWVB signal) and NPL (National Physical Laboratory) in the UK (MSF signal). These signals are broadcast in long wave and can be picked up within the broadcast area although the signals can be blocked by local geographical features.

Another method to receive a UTC timing reference is to use the onboard atomic clocks on GPS (Global Positioning System) network. While GPS is most commonly known as a positioning system the satellite actually relays timing information which is used by GPS receivers to calculate the time it has travelled and therefore the distance.

While the GPS signals are not broadcast in UTC format they are highly accurate and NTP has no problem in converting them.

The NTP server checks the time stamp from the UTC source and uses the information to calculate if the network clocks are drifting and adds or subtracts a second to match the reference clock. The NTP server will do this at set intervals, normally every fifteen minutes to ensure perfect accuracy.

NTP is accurate to within 1/100th of a second (10 milliseconds) over the public Internet and can perform even better over LANs and WANS with accuracies of 1/5000th of a second (200 microseconds) not unheard of.

To ensure further accuracy the NTP service (or daemon on Linux) runs in the background and does not believe the time it is told until after several exchanges and each one has passed a protocol specification (a test), the server is then considered. It usually takes about five good samples) until a NTP server is accepted as a timing source.

Richard N Williams is a technical author and specialist in atomic clocks, telecommunications, NTP and network time synchronisation helping to develop dedicated NTP clocks. Please visit us for more information about a network time server or other ntp server solutions.

Author: Richard N Williams
Article Source: EzineArticles.com
Smiling shark

Everyday, lots of people are experiencing a type of program with built-in advertising being installed on their computers. This is what we called an adware. This type of program is something people do not want to appear or being installed on their computers.

Once installed, what this program does is to make adjustments on the performance of your computer. You will just notice that your PC is getting slower from time to time. Other promoters of this program will just install it on your computer without your approval.

Malware or adware perform almost the same function: to slow down your computer, while popping out their offers such as you have a virus, presenting pornographic advertisements, etc.

There are lots of ways for these programs to enter your computer and create unwanted incidents once they are activated. If they cannot go through the backdoor, the will try to mislead you by inserting their codes on other executable files you are downloading. Without a strong defense against these applications, your computer will soon be a victim of their tricks.

These are some of the common tricks being done by adware and malware in order to compromise your computer:

1. Piggybacking. This is the trick where malware is bundled in a program you are downloading which comes from various download sites. These programs might be in a form of games, utility software, cracks, etc.

Once you install the software, you will never know that the adware has also been installed together with the program you have just downloaded. So be careful when downloading such files.

As much as possible, avoid downloading programs from download sites and do not use file-sharing applications, as these are the common sources of malware. It is always best to download a legitimate application, which comes from trusted sources. Do not support piracy.

2. Bait and Switch. There are lot of offers you can see on the Internet about a program that will accelerate your browsing experience, only to find out that it will install toolbars or plug-ins in your browser and will automatically place some unwanted advertisements on it.

It may even change your default website when opening your browser application. Be very suspicious in downloading free or promising programs which will increase the speed of your applications, your Internet, etc.

3. Outright Lying. These might be one of the most dangerous forms of malware where it will completely destroy your registry and the entire operating system. It may even steal personal information saved on your computer.

This program might come in a form of security patch, or an update of legitimate software. If you are downloading this file, make sure it only comes from legitimate websites. Much better if you download operating system patches on the manufacturers website to just make sure.

Installing antispyware and antivirus applications can help track and separate genuine applications from crap ones. Of course, always update your computers defense because many forms malware, spyware, and adware are being created each day.

Want more source of knowledge? Visit wheelchair lift which showcases various commercial wheelchair lift, information, and purchasing guides.

Author: Ramir Sarmiento
Article Source: EzineArticles.com
Canada duty tariff

When looking for a BCI 24 Ink cartridge for your iP1500 printer, it is always important to ensure that you are using the highest levels of privacy and security.

The Printer ink business is one that is very easy to get into, and while there are many high quality distributors, there are also many that are not as high quality.

The most important idea for finding the best sources for an Ink Cartridge is to look for a street address for the company providing it.

Many people have now started an ink program out of their own home!

They will sit there at their kitchen tables, refilling ink cartridges.

While their entrepreneurship is highly admirable, it doesn’t always result in the best quality product for the consumer.

When looking to buy BCI 24 Ink, always ensure that the company you are dealing with has a street address – that way you can be sure that they are an actual company who is determined to make quality products.

If there is no street address listed, however you feel comfortable with their website, try sending them an email to ask for their physical address.

Most companies should be happy to give this out – after all, all companies must run from a physical space.

If the company is not willing to give this information, chances are it is a shop out of somebody’s home, and the quality of the ink (and the construction of the cartridge) may be questionable.

It can be easy for a person to purchase ink or toners wholesale and sell them online. Therefore, when you’re ready to buy BCI 24 Ink cartridges, always check to make sure that you’re dealing with a business that has a proper address.

If you are looking to purchase ink off a website like Kijiji or Craigslist, it is important to take some security precautions into place.

Always make sure that when you’re visiting a place you haven’t been, that there’s somebody who knows where you are – that way if anyone ever takes advantage of you or tries to scam or rob you, you know that help will be on the way.

As well, instead of having people into your own home, meet them at a nearby restaurant or diner – this will ensure that all conversation is out in the open and does not take place anywhere something bad could happen to you.

You can save a lot of money on ink by purchasing the right kinds – and by using a bit of common sense, you should be able to make the process headache free!

Ethan Phillips is a it support specialist, and has help a number of clients make sure they have the best quality ink for their printing needs at the best quality price.

BCI 24 Ink

BCI 24 Ink Cartridge Recommendations

Author: Ethan Phillips
Article Source: EzineArticles.com
Canada duty rate

The presentation of Norton Antivirus 2010 will open a new chapter in protection system with the lightest and fastest antivirus application created on the line of revised technology based on experience.

Hackers and spammers would be away with the uninterrupted protection with Symantec intrusion detection system. It prevents and stops viruses and spyware.Positive action eliminates open threats and bars fresh threats promptly to safeguard your PC.

Norton Antivirus 2010 works with minimum memory requirement and its intrusion detection system detects hidden spiteful symbols before its invasion. Norton’s updating system ensures that you are always covered by Symantec security network with regular updates that are affected within minutes.

The new Version works on the principle of intelligence based technology to speed up the scanning process and thereby takes shorter effective times for scanning. It goes on examining the complete online intelligence network in actual duration to detect the trustworthiness of files present in the system.

It clearly defines the nature of files to be trusted or left out and performs the scanning of doubtful files.This is employed at a very fast speed consuming negligible time for scanning and you use your PC for more time. The files at risk are scanned with lightning speed.

Norton Antivirus 2010 is efficient to provide clean performing process and identifies threats clearly. It is able to provide all the information regarding the CPU including the memory resources utilized by several applications present in the machine for functioning of your PC.

It provides a clear picture of the threats that it recognizes the source and the subsequent effect the threats could bring upon the machine. You are therefore cautioned about threats. You are able to prevent them to infect your machine just by avoiding them. It has the system to update the PC frequently to identify the current threat positions to maintain a perfect security of the system.

Norton Antivirus 2010 has the facility of the real time SONAR2, a competent device that is the online network and advance research system to detect upcoming threats in a quick manner. It continuously watches every file and each process separately to keep the PC free from any kind of threats.

Download now your Free Norton Antivirus 2010 Trial Version and test it yourself. http://www.SmartSoftwareReview.com/norton-antivirus

Author: Adrian Keating
Article Source: EzineArticles.com
Mobile device news

As enterprises continue to automate more of their internal processes, they acquire more applications. In many enterprises, these applications can number from the dozens to the hundreds and consist of numerous categories including CRM, HR, Accounting, ERP and finance to name a few. Each typically has its own internal access policies in order to allow user access. These security functions are typically custom developed by Independent Software Vendors (ISV) and are specific to their respective applications. This specific development is typically not within the core competency of most ISVs, and as such the resulting security functionality is usually substandard.

As users come and go from the organization or are promoted, security access policies need to change with these events. The lack of standardization of security policy across applications requires security administrators to manipulate security policies within each application, the result of which is that up to 50% or more of enterprise security budgets are consumed by administrative labor costs. This labor intensive process is susceptible to errors and omissions, which can result in unauthorized access.

Software vendors have responded to the challenge by introducing software solutions known as Identity Access Management (IaM). These solutions are targeted at the enterprise to offer a single point of administration, access and authorization. Implementation requires aftermarket integration with third party applications within the enterprise; they are very complex and expensive with many projects easily costing hundreds of thousands of dollars to over a million. Only the very largest enterprises are able to justify and afford these solutions with most enterprises priced out of the market. Ultimately, most IaM projects never achieve their original stated objectives.

The current approach to IaM challenges suffers from several flaws. The enterprise is not the most effective place to address IaM challenges, they are too monolithic and implementation of IaM solutions at this level is ineffective because they do not address core challenges. This is clearly why the solutions are overly expensive and ineffective.

Enterprise IaM challenges are combinations of smaller more addressable elements; one of which are those of the ISV. ISVs develop enterprise applications, which all require security access and audit features, the development and maintenance of which can consume up to 20% of their R&D budget and it is not a profit center. In addition, after market enterprise demands for any number of IaM integration requirements can delay sales cycles and add to the development burden.

The ISVs challenges are a core enterprise challenge and they are much more addressable, solve their challenges and you will address the enterprise challenges in a much more effective manner.

AccesStream (http://www.accesstream.com) is an Atlanta-based provider of enterprise open source identity access management security solutions. Its solution is a full featured enterprise class Open Source Identity Access Management solution providing Authentication, Authorization, Administration, Security Policy, Single Sign on and support for common directories and existing identity access management solutions. It’s fully embeddable in enterprise applications or installable standalone in enterprise environments.

Author: Lance Edelman
Article Source: EzineArticles.com
Netbook, Tablets and Mobile Computing

Pen drive is a familiar, portable computer gadget which gained popularity for its data storage and recovery functionality. Identical to various other products and gadgets, it also has its downside that cannot be ignored, as it poses the threat of virus transmission, sometimes making it difficult to be detected by anti-virus software. Also, this handy device may be responsible for data theft, as restricting its usage in corporate environments is difficult.

The advantage of being small in size helps in carrying it stealthily and this is topped with the benefit of acquiring it for a low price. These days, pen drives get through metal detectors very safely and hence the threat towards information security becomes a tough task. The greater the number of tech-savvies running for improved technology, the higher is the threat and dangers exposed in association to the new technology, and pen drive is no exception. Owing to these hazards, taking some challenging measures helps in dealing the issue.

Locking desktop: Earlier, emails or floppy drives were the key sources of virus, but these could be eradicated without much effort. Now even with the improvements in technology, detecting pen drive transmitted virus sometimes is difficult. Hence, adopting the locking desktop security policy is recommended as the computer gets automatically locked when it is not in use even for few minutes. This can be made more secure by minimizing the locking interval so that misuse of pen drive can be averted to a very great extent.

Offering training: Pen drive is available at less expensive costs and this has lured all the gadget junkies to have one as an indispensable part of their regular things. And since the usage of it has become highly essential in today`s work, a proper training or crash course about how to make the right use of it has become essential. This training might even help the users understand the hazards of transferring virus or stealing important information.

Limited USB Ports: The USB ports should be made disabled so that there is a check on the pen drive being used by outsiders. The USB ports should be made available only to authorized staff workers. Besides, there is software available to limit the access of these devices such that there should be a strict vigilance.

Accurate policies for anti-virus: The anti-virus software that is configured should be capable enough to detect and scan every removable and attached drive or media. Training every interface user to scan files prior to opening them helps in reducing the virus effect even if gets transmitted from a pen drive.

Employing secure devices: The corporate or company should be meticulous in issuing the employees secure devices such as pen drive and they should approve the purchase of such devices. Potential access may be given to users, but it must be followed with complete security features and they must be adeptly trained to employ all the secure devices and features.

Security personnel: Training the security personnel is a must so that they know how it looks and comprehend the hazards of pen drive. This will keep them aware to restrict any illegal or unofficial person entering or leaving the company with a pen drive.

The fact cannot be ignored that it is hard to work without the assistance of a pen drive in any corporate environment, but facing constant threats should certainly be checked by following the measures mentioned above.

Roberto Sedycias works as IT consultant for Polomercantil

Author: Roberto Sedycias
Article Source: EzineArticles.com
Digital TV, HDTV, Satellite TV

Password protected USB drives and data sticks are wonderful for locking away your private information from most other peoples’ prying eyes. However, depending upon just which type of software tool you use to acquire password protection, your delicate private data may well be an open book to quite a few sets of eyes belonging to God-knows-who. This is definitely not a good thing, and especially even more so if you use such password protected USB drives to store any data for business purposes… storing personal private financial information on your trusted clientele. Do you know where this is leading to?

At times when we shop around on the internet for a software tool that can help make our USB data drives become protected by use of passwords, we may discover that there are many which can be downloaded free of charge, and they seem to work just fine, overall. However what we may never realize (until we happen to find our e-mail addresses and postal mail overrun with junk), is that these shareware programs (also called freeware) usually have something known as spyware or adware mixed into the whole package. These stowaway programs, anti-productively to the whole cause, gain access to the very information we originally wanted to protect – can you believe that?

Your password protected USB drives, if “protected” by such a free software tool, may in reality be effectively an open book to the whole world. You may wish to rethink your chosen option as to how to keep your information secure. Especially if your USB data sticks are being used for purposes of business, you’ll need to seriously consider how much security you’re providing your trusting clients for their private and delicate financial information. When all is said and done, it’s much more sensible and intelligent to be investing into professional password protection software from a source that can provide you with an absolute guarantee that you get nothing less than the ultimate in security and protection.

We’ve reviewed the best USB password protection available at the moment – to read that review head over to http://www.passwordprotectusb.com

Author: Jimmy A Jones
Article Source: EzineArticles.com
Cellphone news

I was challenged recently to explain why Microsoft would have certain features such as xp_cmdshell and openrowset disabled by default if that feature was not full of security holes. The jist of the conversation was that these features must contain serious security holes, otherwise Microsoft would not have disabled them. Enabling therefore would be downright negligent. This article was written to clear up some of the confusion surrounding the “small footprint” approach to security.

I have been a SQL Server DBA since 1996 and have watched Microsoft’s product evolve over the years. I think it is safe to say that Microsoft did not “get” security early on. That being said, Microsoft has put an enormous amount of effort into rethinking security for SQL Server 2005.

Microsoft’s new attitude towards security: “We will rethink our approach to security. We will examine our code for vulnerabilities. We will release patches as needed. We will turn off most features by default in order to keep the footprint small. If you need something, turn it on. But if you don’t need it, leave it off. That way if a vulnerability is discovered in a product you are not using, you won’t be affected.”

Some people claim that a big security hole in SQL Server 2000 was the ability to issue command shell commands using xp_cmdshell. I would argue that the most of the blatant security “holes” were a result of a combination of poor design and human error. Specifically:

a) the default password for the system administrator account (sa) was blank

b) the service account that SQL Server was configured to use was far too often a domain administrator account thus escalating the privileges of any account that used xp_cmdshell

c) Microsoft failed to detect vulnerabilities in their source code and took too long to release patches once the vulnerabilities were identified

d) DBA’s failed to keep the latest patches applied thus leaving their servers vulnerable to known exploits

A good case study regarding SQL 2000′s vulnerabilities is the Sasser virus (early 2001 I believe). This virus spread rapidly by searching out unpatched SQL Server’s. There were an unbelievable amount of these servers exposed on the internet, including SQL Server’s run by financial institutions. Sasser did a lot of damage. Sasser did this by executing remote procedure calls on unpatched servers. You could say that running remote procedure calls should be turned off, but then you would be effectively be eliminating the whole “Client/Server” approach from modern day computing.

The solution to Sasser style attacks is of course is two-fold. Microsoft must be determined to hunt down vulnerabilities in their code and release patches in a timely fashion, and we as DBA’s must be vigilant in applying those patches.

When it comes to SQL 20005 and features like xp_cmdshell, we have to remember that Microsoft built these features to allow database developer to develop rich applications capable of performing complex processing tasks. It is NOT Microsoft’s intention that people keep these features turned off . Rather, the administrator (DBA) has to make the effort to turn the features on if they are required. Keep your application footprint small and reduce your exposure to attack.

You could say that the most secure SQL Server is one that is turned off. That would not be very useful to anyone, and somebody could still walk away with a backup of the database. They could even simply yank out the hard drives and put them in bag like yesterday’s dirty tupperware.

File System Objects (FSO) in my opinion is a great alternative to using the xp_cmdshell if all you are doing is manipulating files. Microsoft created FSO so ALL its scripting languages (C#, Visual Basic, T-SQL, etc) can have access to file system objects without having the ability to execute arbitrary commands.

Here are some other features that are turned off by default:

openrowset / opendatasource Allows SQL Server to query an outside datasource without having to define a “linked server”

CLR – Common Runtime Language This is one of the biggest selling features for SQL 2005 which allows you to code SQL procedures that include code from any of the .NET applications

Database Mail Allows the database processes to send email messages via SMTP

As I have already stated, these features are only turned off to minimize the footprint of the SQL Server. The smaller the footprint, the less code that is running that may be vulnerable to attack. The features are neither bad nor insecure. But if you don’t need them, don’t’ run them.

Other features

Bulk Insert is an example of a feature that is not “turned off” by default, but you need special permission to use. User accounts that wish to perform bulk inserts must first be assigned the role of “BulkAdmin”.

You must also be aware of how SQL 2005 handles security when bulk inserting data. In 2000, the account that the SQL Server service account used had to have permission to access the file. In SQL Server 2005, the user issuing the command must have access to the file.

We experienced a very frustrating and difficult to solve problem when we tried to perform bulk inserts across a network.

The problem that we encountered is that the current network configuration is not “Kerberos Protocol 5″ compliant, which prevents SQL Server from passing on the credentials of the logged in user. This is more commonly referred to as the “Two Network Hop” problem. We log in to SQL to issue a command (hop 1). SQL tries to grab the file from a network share using our credentials (hop 2). The primary domain controller responds saying “I don’t know what you are trying to do”.

The LAN administration team who was helping us solve the problem were perplexed as to why we were having difficulty, when they were not. I solved that mystery when I realized that the LAN administrators were using remote desktop to connect to the server then they would open Management Studio directly on the server to issue the Bulk insert command. For all intents and purposes they were logging into the SQL Server locally (no network hop involved). SQL Server was able to grab the file across the network because only one network hop was involved.

In summary, use the features you need, turn off the features you don’t.

Update: Microsoft Responds!

A few days after posting this article, I received an alarming email from a Microsoft Engineer who stated that xp_cmdshell is indeed dangerous and should be de-activated. After a brief email exchange, he clarified his stance. It turns out that he ended up agreeing with me that xp_cmdshell is safe if you configure your systems appropriately.

William McEvoy is a Master Chef / DBA at http://www.CookingWithSQL.com who specializes in performance tuning enterprise class applications.

Author: William Mcevoy
Article Source: EzineArticles.com
Latest trends in mobile phone

Majority of the time, the traffic that flows in and out of networks is accompanied with security threats. To do away with these developing threats, all network administrators require techniques for denying unwanted access to networks and only allow access to authorized and trusted users. There is a wide range of security tools ranging from physicals devices to passwords that facilitate internet access control. This have been helpful in the past but with network attackers devising new ways of bypassing the old techniques, there is a need for advanced internet control tools. These tools enable network administrators to define the users that can access a network or entire LAN resources. Access Control Lists (ACL) presents a list of protocols and conditions that are used in checking the network traffic travelling over the interface of a router. Internet access control is vital for all network users so as to do away with unauthorized access of particular sites.

Business owners can protect their businesses by use of ACLs that aid in telling a router the kind of packets to deny or accept but this is normally based on particular conditions. For instance, Cisco routers are capable of filtering traffic and can even block traffic from another network or the internet. ACL offers a great way of controlling the traffic that comes in and out of a network offering you an excellent internet access control tool. You can also configure the ACLs for the entire network protocols that have been routed. There are various types of ACLs such as the complex, extended and standard lists and they are all utilized as protocols for controlling the traffic on a network. The control is based on the Transfer Control Protocol (TCP) port in use; it is basically part of the solution for internet security.

These Lists work by guarding what enters and leaves a network. As a guard, the List only allows what appears on the list to be accessed. It basically filters what can be accessed basing on the condition that the name is on the authorized list. This is how this form of internet access control works; when a packet reaches the router, some information is extracted from the header of the packet by the router. After this, basing on the filtering rules, the router decides if the packet is passable or if it should be dropped. The packet filtering process normally takes place in the Internet Layer of the TCP/IP or Network layer of the OSI (Open System Interconnection) model.

In summary, the ACL extracts particular information from packet headers after which they test the info against their rules. It is after this that the ‘deny’ or ‘access’ decision is made basing on the type of ICMP messages, the source and destination IP address and the TCP/UDP destination and source port. Internet access control is of essence for any business as it aids in controlling the users that can access a network. It also aids in controlling operating system resources. Internet access control entails the control of downloaded material to ensure adware and spyware applications are avoided since only permitted users will access the computer and will only access what is permitted. The internet access control concept generally enables business owners to keep track of what takes place on organizational networks and control the entire network operations.

With the variety of threats lurking around the internet, it now more important than ever to have an efficient internet access control in place. Access Control Lists are an important part of any internet access control system as it allows access only to what is approved and marked as safe.

Author: Samuel J Brown
Article Source: EzineArticles.com
Digital Camera Information