瀏覽模式: 普通 | 列表

Combating Spyware in the Enterprise

作者:terry 日期:2006-11-02 23:13

attachments/month_200611/7511651035.jpg


Trim Size: 7 x 9
Author: Paul Piccard
ISBN: 1597490644

•Find Out How Spyware Works

Learn the common and not-so-common ways spyware gets on your system and see how it can be instrumental in identity theft.

•Define Spyware, Malware, Adware, Parasiteware, Phishing, and Botnets

Find out the differences and see examples of how programs like Mytob, Netsky, Sober, Lop.com, CoolWebSearch, IRC.Flood, Agobot, and Sdbot work.

•Investigate the Methods for Getting Spyware on a System

See the different types of keystroke loggers, learn how legitimate corporations sometimes use Trojan encapsulation to conceal spyware activities, and learn the relationship between spyware and backdoors.

•Understand the Increase in Criminal Spyware Use

See how phishing attacks and botnets provide a way for mounting directed attacks against an identifiable population.

•Review End-User Spyware Mitigation Solutions

See how freeware, toolbars, and licensed solutions such as Lavasoft’s Ad-Aware and Spybot can help, and see why you should never trust your computer to just one spyware scanner.

•Learn Manual Detection Techniques

The Registry contains vital keys and values that allow spyware to automatically start itself when Windows starts, but in known places that you can easily uncover.

•Discover Detection and Removal Tools

HijackThis and HiJackFree are free tools that automatically gather information about applications installed.

•Does Spyware for Linux Exist?

See why Linux has been the target of some malware and viruses, but how there has yet to be a major outbreak.

•Protect Yourself on a Budget

標籤: eBook
類別: eBook | 引用: 0 | 評論: 0 | 閱讀: 2534 | 列印

Understanding AJAX: Using JavaScript to Create Rich Internet Applications

作者:terry 日期:2006-11-02 23:10

attachments/month_200611/4919874758.jpg

Editorial Reviews
From the Back Cover
AJAX: fast mastery for experienced Web developers!

Already an experienced Web developer? Apply your skills in today’s fastest-growing area of Web development: AJAX!

Building on what you already know, this fast-paced guide will show you exactly how to create rich, usable Internet applications. Joshua Eichorn teaches through sophisticated code examples, including extensive server-side PHP code.

 

You won’t just learn how to code AJAX applications: Eichorn covers the entire development lifecycle, from use cases and design through debugging. He also presents detailed application case studies, including a start-to-finish update of a non-AJAX application that addresses everything from feature improvements to changing usage patterns. Coverage includes:

 

·       How AJAX changes the conventional Web development cycle

·       Problems created by the AJAX paradigm -- and how to avoid them

·       Adding AJAX to existing Web applications: key considerations

·       Using core AJAX technologies, including the XMLHttpRequest object

·       Consuming data returned to an AJAX application using both XSLT and JSON

·       Building more usable AJAX applications: guidelines and downloadable resources

·       Use cases: solving real-world problems in the AJAX environment

·       Libraries and toolkits for simplifying AJAX development, including Sarissa, scriptaculous, and HTML_AJAX

·       A complete guide to AJAX debugging

·       Supporting browsers without XMLHttpRequest by using IFrames or cookies

·       JSON data encoding debugging guide, which covers tools for Firefox and Internet Explorer

·       A list of libraries, which includes PHP, .NET, Java, and other libraries that can be used with any server language



About the Author

Joshua Eichorn, senior architect for Uversa, has developed custom solutions that have incorporated AJAX concepts since before the term “AJAX” was coined. He has more than six years’ experience with Open Source projects, and created phpDocumentor, the #1 PHP documentation solution. He is currently lead maintainer of the HTML_AJAX PHP PEAR library, and helps to run the Phoenix, Arizona PHP Users Group. His blog, There and Back Again (blog.joshuaeichorn.com) , focuses on AJAX and PHP innovations.


Product Details

標籤: eBook
類別: eBook | 引用: 0 | 評論: 0 | 閱讀: 4805 | 列印

Windows Live系列

作者:terry 日期:2006-10-30 00:30

MicroSoft的免費東西你擁有多少?

以下有些部分還沒有上線


查看...
標籤: Microsoft
類別: 新聞 | 引用: 0 | 評論: 1 | 閱讀: 3289 | 列印

Windows 2003 DNS安全

作者:terry 日期:2006-10-25 23:41

確保Windows Server 2003域上的域名解析系統(domain name system,簡稱DNS)安全,是非常基本的一個要求。活動目錄(Active Directory,簡稱AD)使用DNS來定位域控制器以及其他域服務所需的資源(比如文件,打印機,郵件等等)。由於DNS是活動目錄域體系不可或缺的一部分,所以從一開始就應當確保它的安全。

在Windows Server 2003上安裝DNS時,不要修改「活動目錄集成DNS」的默認設置。微軟在2000中開始提供這種設定。

這意味著系統僅僅在DNS服務器上保存DNS數據,而不會保存或複製域控制器和全局目錄服務器上的相關信息。這樣不僅可以提升運行速度,而且還提升了三種服務器的運作效率。

對DNS服務器和客戶端(或其他服務器)之間的數據傳輸進行加密也是至關重要的。DNS使用TCP/UDP的53端口;通過在你的安全界線上不同的點對這個端口進行過濾,你可以確保DNS服務器只接受認證過的連接。

另外,這也是一個部署IPSec的好時機,來對DNS客戶端和服務器之間的數據傳輸進行加密。開啟IPSec可以確保所有客戶端和服務器之間的通訊得到確認和加密。這意味著你的客戶端僅僅和認證過的服務器通訊,並有助於阻止請求欺騙或損害。

配置完畢DNS服務器之後,繼續監視連接,就像你留意企業中其他高價值目標一樣。DNS服務器需要可用的帶寬以服務客戶的請求。

如果你看到某個源機器上朝著DNS服務器發出了大量的網絡通訊,你可能是遭受了「拒絕服務攻擊」(denial-of-service,簡稱DoS)。直接從源頭切斷連接,或者斷掉服務器的網絡連接,直到你調查清楚問題之後再說。記住,一次成功的對DNS服務器的DoS攻擊會直接導致活動目錄癱瘓。

使用默認的設置(動態安全更新),只有認證過的客戶端才可以註冊並更新服務器上的入口信息。這可以阻止攻擊者修改你的DNS入口信息,從而誤導客戶到精心偽造的網站上以竊取財務資料等重要信息。

你同樣可以使用配額以阻止客戶端對DNS的洪水攻擊。客戶端通常只能註冊10個記錄。通過限制單個客戶可註冊的目標數目,你可以阻止一個客戶端對它自己的DNS服務器進行DoS攻擊。

注意:確定你對DHCP服務器,域控制器,以及多宿主服務器(multi-homed)使用了不同的定額。這些服務器依據他們提供的功能不同,可能需要註冊上百個目標或用戶。

DNS服務器將對一個授權區域內的任何查詢請求作出響應。要想對外部世界隱藏你的內部網絡架構,通常需要設置一個分隔的姓名空間,這一般意味著一台DNS服務器負責你的內部DNS架構,另一台DNS服務器則負責外部以及Internet的DNS架構。通過阻止外部用戶訪問內部DNS服務器,你可以防止內部非開放資源的洩露。

最後
不管你是運行一個Windows網絡,或者是UNIX和Windows的混合體,DNS的安全都應該是你網絡的核心。採取措施以保護DNS免受外部和內部的攻擊。

出處:techrepublic.com.com
標籤: DNS
類別: 教學 | 引用: 0 | 評論: 0 | 閱讀: 4781 | 列印

ATC2 - 中部國際機場

作者:terry 日期:2006-10-16 00:16

 

日本的中部國際機場, 在2005年完工的海上機場.

ATC於9月推出這個新版本,


我剛剛完成了8個關卡.

attachments/month_200610/1160928952.jpg


不太清楚這是什麼飛機及裡面是什麼?

attachments/month_200610/1160928939.jpg

標籤: Games
類別: 遊戲 | 引用: 0 | 評論: 2 | 閱讀: 3910 | 列印

關於F2BLOG - 自由誌

F2BLOG 自由誌, 一班為興趣而開發的BLOG程式,
我們不是為了獲利, 也不收分毫, 只想給大家知道華人也有好的程序.
請尊重自己及尊重自由誌團隊,
如果您選用我們的程序請勿刪除F2BLOG版權訊息!