Thursday, July 29, 2010

IM: Decisive Force's crowded



Currently, instant messaging has become the phone, fax, E-mail after one of the most important way of communication and exchange. Compared to more traditional means of communication, IM is no doubt in the communication, collaboration has a more convenient speed. However, inherent personal IM security, and poor management of many problems, making enterprises, government organizations and institutions such as the user sticks in the throat, thereby specifically for enterprise applications, enterprise instant messaging (EIM) demand is becoming strong.

According to statistics, in 2008 China's enterprise instant messaging market reached 22.36 million end-users, due to the global financial crisis, China's enterprise instant messaging market growth has slowed, relative to the full personal instant messaging and mobile instant messaging hot, Enterprise instant messaging is still going strong development.

Personalized personalized design configuration

Enterprise instant messaging products still in its infancy in China, whether Tencent's QQ, or Microsoft's MSN, Yahoo Messenger, to meet the business from the independent, free use of the demand point of view, these software are passive use for the enterprise. QQ's success lies in its people do not know the instant communication, when he "pager network" concept spread; MSN's growth is its strong entertainment purposes such software QQ under the present conditions, to provide an office relatively specialized for work use instant messaging software. However, with the use of QQ, MSN users increased, the further away from the needs of business users. How to avoid the use of IM at work of employees in private communication, instant messaging into the enterprise to become an important issue to be resolved? While most enterprise instant messaging software, has text, voice, video and other functions, also can file transfer and sharing, The software itself does not provide additional functionality to achieve the configuration of humanity?

Currently, businesses can have a good real-time communication system, as found a handy business secretary. However, the review of the current enterprise instant messaging market, the homogeneity of the instant messaging software abound, and enable enterprises to truly customize according to their own needs on demand, human development has very little real-time communication system.

Sectors of the business needs of a human custom, free to use rather than the passive use of the instant messaging system that allows companies to use to free from the passive configuration changes. Currently, there are already a small part of business needs software providers began to come to the front, they are trying to create a free and independent businesses, personalized configuration of the software environment. For example, King Abacus Software (www.eabax.com) the timely availability and real-time Shangwutong "BIM", is the current situation in this market a natural product. The software for the user to create a free and independent, stable and secure instant messaging software environment. Not only provides users exchange text, voice communication and mobile phone text messaging, file transfer and other diversified information-sharing, while also providing powerful plug-ins, users can customize news, weather, stock inquiries, search engines, office software learning software and other services. The same time, focus on product features and details of the human design. For example: server remote monitoring capabilities, to reflect the IT managers of human care.

Leading the trend of SaaS applications

As a professional enterprise instant messaging IM services must reflect the individual significant differences in instant messaging products. In the enterprise instant messaging market, Tencent RTX, Microsoft LCS, IBM Sametime and other products account for most market share, but LCS, Sametime non-localized products, corporate instant messaging product associated with the overall business system solutions and high, dependent , which also makes its product prices and higher total cost of ownership, while three types of products dearly. In addition, the deployment of the implementation of complex and serious impact on the development of their products. Therefore, the future of enterprise instant messaging product is not a simple technical issue, but an application problem.

Today, SaaS-based enterprise instant messaging application product lead times. SaaS applications for its simple, personalized, cheap, professional features, a management software development. As a corporate office platform-based enterprise instant messaging is so simple to implement, to meet individual needs, cost-effective, professional office rental model real-time platform. At the same time, some software vendors started to pay attention to changes in consumer and intended to introduce some products at any time to adjust to new market conditions. For example: the above-mentioned gold abacus software company (www.eabax.com) introduced the application of BIM is SaaS-based enterprise instant messaging tool, more promotional package for SMEs Internet services that integrate with existing business systems , enterprises are not required to pay network access and other computer hardware and the high cost of infrastructure, you can achieve regional office, cross-enterprise collaboration. The establishment of real-time collaborative work areas, to achieve the business collaboration without time and space. Striking is that BIM also features according to the enterprises themselves, create different dimensions of organizational structure; the same time a high degree of integration throughout the Golden Abacus e-commerce platform (www.72ec.com), may be synergistic business management of the supply chain companies in the whole e-commerce platform (www.72ec.com) in search of customers and suppliers of resources simultaneously saved in the BIM, the convenience of customers and suppliers with real-time business communication and improve the competitiveness of each product.

Platform development trend

With the accelerated development of the Internet, especially Internet applications this year for more in-depth development, enterprise IM platform functions as a more protruding. EIM new era not only has all the functions and features of personal IM, and more requests can be made available to enterprises in management, communication on the controllability, efficiency and flexibility, it is more than just chat and transfer files, but a communication service platform.

As a mature and comprehensive platform for enterprise instant messaging, instant messaging to reach a mature product quality, including the stability of large-scale use to support text, voice, video and other communication capabilities, with the IM platform features; and have a good platform of ideas and design, reflects the openness and good scalability characteristics, rich and standardized interfaces, and to open API interfaces. Such as gold abacus BIM will open a lot of interfaces, applications for the future connection of the various operational systems open the door.

Therefore, the future use of EIM as a unified enterprise business systems and unified messaging platform, the entrance portal will be a new concept.

In the market is huge, good industrial environment in China IM market, how to grasp the direction of investment, seize market opportunities, how to instant messaging in the enterprise market, grabbed the first cup of soup, all the software service provider is bound to one of the issues to consider .

From a competitive point of view, who can provide enterprises with the free independent, stable and secure instant messaging system, who can adopt new ideas, new model for enterprise instant messaging to provide personalized service, who is likely to become the winning enterprise instant messaging market persons.

From a market point of view, meet the needs of enterprise instant messaging software system, of course, is through the appropriate way to maximize the "liberation" business needs to meet the business needs on-demand and personalized products for the enterprise, the enterprise and efficiency of communication among staff, only then can we save business costs, provide efficiency. So integration is the instant messaging product development means necessary.

Of course, as more and more the appearance of instant messaging products and business heats up demand for instant messaging, enterprise instant messaging market will continue to develop ideas into products and services from a thoroughly experienced the baptism of the market from childishness to maturity. We believe that with the development of enterprise instant messaging technology, enterprise instant messaging system, users will also be changed using the previous model. The future, an open instant messaging system for the new office hub of the enterprise platform, with the popularization of network applications become a reality.







Recommended links:



Vertical Market Apps Shop



Mp3 to mp4



Dialog box for further study



Swf to flv



Unicom frankly difficult to govern without legal constraint SP is critical violations



Lists Dictionaries Education



Kingston NEW-MINISD impression



Five reasons for changing jobs frequently lead to UNIVERSITY graduates



Mp3 To 3g2



Why engage in career planning?



Risk leaving the Confused



BLACKBERRY format



Premier Education



God Used to measure BI



Posted by at No comments:

Sunday, July 25, 2010

IDS weaknesses and limitations (2)




1.2.5 Intrusion variant
1.2.5.1 HTTP attack variant
Repeat the directory separator ,'/'' into'//''銆?br />The current directory, '/ cgi-bin/phf''into the' / cgi-bin/./phf''.
Parent directory, '/ cgi-bin/phf''into the' / cgi-bin/xxx/../phf''.
URL encoding, '/ cgi-bin /''becomes'% 2fcgi-bin /''.
Use TAB instead of spaces and other separators.
NULL method, 'GET% 00/cgi-bin/phf''.
GET outside use other methods such as POST.
Change the parameters of the order, add the unwanted parameters.
For IIS, there are the following:
DOS / Win under the directory separator, '/ winnt/system32/cmd.exe''into the' / winntsystem32cmd.exe''.
Case conversion, such as cmd.exe into CMD.EXE.
IIS second decoder, such as cmd.exe into% 2563md.exe,% 25 and then decoded to decode% 63''%'', as''c''.
UNICODE encoding, such as cmd.exe into the% c0% 63md.exe. UNICODE encoding more complex because there are very few NIDS can decode it.

1.2.5.2 Telnet attack variant
Use the backspace key.
Using the Tab key for command padded.
Use Shell to execute attack code.
Using macros.
Add a useless argument.
In fact very difficult to detect those NIDS Telnet to connect to the server through the local after the attack.

1.2.6 TCP / IP protocol limitations
As TCP / IP design did not consider good security, so now IPV4 security is worrying, in addition to the above problems arising due to network structure, there are some limitations below.

1.2.6.1 IP fragmentation
Packet fragmentation, some NIDS can not restructure IP fragmentation, or more than its capacity, you can bypass the NIDS.
A maximum of 8192 IP datagram fragmentation, NIDS performance parameters of a reorganization shall be able to slice the largest number of IP.
NIDS every IP received a new IP datagram fragmentation when the fragment will start a restructuring process, after the reorganization is complete, or timeout (typically 15 seconds of overtime) Close this restructuring process, NIDS performance parameters of a shall simultaneously restructuring the number of IP packets.
An IP datagram maximum 64K, as ready to receive a IP datagram, NIDS will be ready enough memory to accommodate the upcoming follow-up fragments, NIDS performance parameters of a reorganization shall be to the largest IP datagram .
Combining above three parameters, namely, in the time-out time NIDS (for example 15 seconds) while preparing for maximum internal energy (for example, 64K) The number of IP datagram reorganization.
If the NIDS received packets over the limit, NIDS have packet loss, which occurred DoS attacks.

1.2.6.2 IP fragment overlap
IP packet fragmentation in the reorganization of the time, if met, then overlapping fragments, each operating system is not the same approach, for example, some systems will use the first received fragment (Windows and Solaris), some will be adopted after the closing to the slice (BSD and Linux), if the overlapping fragment of data is not the same thing, and NIDS approach is different with the protected host, it will lead to NIDS packet after the reorganization of the protected host and the packet is inconsistent, NIDS to bypass the detection.
For example, TCP or UDP can overlap the destination port, and then penetrate through most firewalls now, and may bypass the NIDS.
You can also overlap TCP flags, so that NIDS can not correctly detect the TCP FIN packet, so that NIDS soon to be able to simultaneously monitor the maximum number of TCP connections; to NIDS can not correctly detect TCP SYN packet, so that NIDS can not detect TCP connection due.

1.2.6.3 TCP segmentation
If the NIDS can not be re-TCP stream, you can bypass the TCP segmentation to NIDS.
Some unusual TCP segmentation will confuse some of NIDS.

1.2.6.4 TCP un-sync
Sent the wrong in the TCP sequence number, send the duplicate serial number, reverse the order to send such, it is possible to bypass the NIDS.

1.2.6.5 OOB
Attacker to send OOB data is protected if the host application can handle OOB, as NIDS can not predict the protected buffer when the host received OOB data in the number of normal, they may bypass the NIDS.
Some systems, when dealing with OOB will be the beginning of a byte of data discarded (such as Linux, the Apache, but IIS is not), then by sending in more than one TCP segment, including options with OOB TCP segment, then NIDS may lead to the data stream after the reorganization of the host and the protected application is inconsistent, and thus bypass the NIDS.

1.2.6.6 T / TCP
If the destination host can handle things TCP (currently very few systems support), an attacker can send transaction TCP, NIDS may not be protected with the host application on the same treatment, which may bypass the NIDS.

1.3 Resource and capacity constraints

The DoS attack against the NIDS 1.3.1.

1.3.1.1 the impact of high flow
Attacker to the protected network to send large amounts of data, more than NIDS processing power is limited, the situation of packet loss will occur, which may lead to acts of omission of the invasion.
NIDS network packet capture capabilities associated with a number of factors. For example, 1500 bytes in each packet case, NIDS will be over 100MB / s of processing power, even to more than 500MB / s of processing power, but if only 50 bytes per packet, 100MB / s of traffic means that 2 million package / s, most of which will exceed the current handling capacity of cards and switches.

1.3.1.2 IP fragmentation attacks
Attacker to the protected network to send a large number of IP fragments (such as TARGA3 attacks), more than NIDS IP fragments can be simultaneously restructuring capacity, leading technology through IP fragmentation attacks omitted.

1.3.1.3 TCP Connect Flooding
Attacker to create or simulate a large number of TCP connections (described by the above method of IP fragment overlap), while more than NIDS to monitor the maximum number of TCP connections, resulting in unnecessary TCP connection can not be monitored.

1.3.1.4 Alert Flooding
Attacker can detect the light of the rules posted on the network, while the attack would deliberately send a large number of alarm caused by NIDS data (such as stick attack), may exceed the speed NIDS to send alarm, resulting in omission, and to network received a large number of alarm, it is difficult to distinguish real attacks.
If you send 100 bytes can generate an alarm, you can generate per second through dial-up 50 police, 10M LAN can produce 10 thousand per second alarm.

1.3.1.5 Log Flooding
The attacker will send large amounts of data caused by NIDS alarms and eventually led to the space NIDS to be depleted Log, Log to delete the previous record.

1.3.2 RAM and hard drive limit
If the NIDS to improving the ability to process the IP fragments and TCP connection monitoring capabilities restructuring, which will require more memory to do the buffer, if the NIDS's memory allocation and management is not good, will the system cost a lot of exceptional circumstances memory, if the start using virtual memory, it will shake the memory may occur.
Hard drive speed is usually far less than the speed of the network, if the alarm system to produce a large number of records to the hard drive, will cost enormous amounts of system capacity, if the system records the original network data, save a large and high-speed network data will require expensive large-capacity RAID.

1.4 NIDS related to the vulnerability of the system
NIDS itself should have very high security, generally used for monitoring the network cards are not IP addresses, and other card will not open any ports. However, associated with the NIDS system may be attacked.

1.4.1 Console host of security vulnerabilities
Some systems have a separate console, if the attacker can control the console to the host computer, you can control the entire NIDS system.

1.4.2 Sensor and the vulnerability of the console communication
If the communication between sensors and the console may be attacked by a successful attack, will affect the normal use of the system. Such as conducting ARP deception or SYN_Flooding.
If the communication between sensors and console explicit communication or simply use encryption, you may be subject to IP spoofing or replay attacks.

1.4.3 and the system alarm and other equipment related to the vulnerability of communications
If an attacker can successfully attack the system alarm and other related equipment, such as mail servers and so on, will affect the alarm message is sent.

2 HIDS weaknesses and limitations

2.1 Resource constraints
As HIDS installed on protected hosts, so the resources can not be too much occupied, thus limiting the detection method used and the processing performance.

2.2 operating system limitations
Unlike NIDS, manufacturers can customize their own operating system, a sufficient security to ensure their own security NIDS, HIDS where the security of the host operating system under its security restrictions, if the host system is compromised, HIDS will soon be cleared. If the HIDS as stand-alone, it is basically not successful attack can only be detected if the HIDS for the sensor / control panel structure, will be faced with the same NIDS attack on the related systems.
Some HIDS will consider increasing the security of the operating system itself (such as LIDS).

2.3 System log limit
HIDS will monitor the system log to discover through the suspicious behavior, but some procedures are not sufficiently detailed system logs, or no logs. Some of the invasion would not in itself be a system log of the proceedings recorded.
If the system does not install third-party logging system, the system's own log system will soon be intruders or modified, and intrusion detection systems typically do not support third-party logging systems.
If there is no real-time inspection system HIDS log, then use automated tools to attack will be entirely possible to complete the inspection interval and clear of all the attack works in the system log traces.

2.4 The core of the system was modified to fool the paper check
If an intruder to modify the system core, you can fool a tool based on file consistency check. It's like the beginning of certain viruses, when they think that by the time of inspection or to track the original documents or data will be available to the inspection tool or tracking tool.

Detection limit of 2.5 Network
Some HIDS can check the network status, but will face many problems facing the NIDS.







相关链接:



Easy Hobby



BROWSER Tools for you



Wmv



Make A IPhunter



HP and Novell reach a new exclusive alliance agreement



Overcome stage fright interview the 10 candidates recruited nirvana



Ma, "New York Times" Published A Signed Article: Small Is Beautiful Because



Swf file



Simple Network Monitoring



Lei Jun Served Its Purpose, Soul Shine Jinshan



Own use A MVC Pager



For screen capture program with VC



How To Convert M4v To Mp4



Vob File



Learning Regular Expressions Entirely Manual: Getting Started Guide Rookie



Posted by at No comments:

Thursday, July 22, 2010

CSS box model



CSS box model

Web design is a rectangular box for each element. What is the exact size of the box calculated, see the following figure:






If the user then Firebug (basic and front end will use the Firebug bar - sugar with tomatoes), will be very familiar with the chart below the.

This chart shows the role very well on any box on the page value.






Note that the above two examples, margin is white. Margin rather special, it does not affect the size of the box itself, but it will affect and the other contents of the box, so margin a box model of an important part.

The size of the box itself is calculated:

Width width + padding-left + padding-right + border-left + border-right

Height height + padding-top + padding-bottom + border-top + border-bottom

Value is not the case statement

If you do not declare padding or border, that they or the value is zero (css reset when used), or as the default browser (it may not be zero, especially those who often do not have to reset the form elements)

The default width of the block-level boxes

If you do not declare the width and the box is static or relative positioning, the width will remain 100% width, padding and border will promote inward rather than outward expansion.

However, if you explicitly set the width of the box 100%, then the padding will extend outward.






The lesson here being that the default width of a box isn't really 100% but a less tangible "whatever is left". This is particularly valuable to know, since there are lots of circumstances where it is immensely useful to either set or not set a width.

Note that the default width of the box is not really 100%, but the rest of the possible values (should be said that the width of the remaining real - sugar with tomatoes). Should understand the special value, because in many cases, it is to set / not set the width is very useful.

The biggest problem I encountered is the textarea (text box) elements, and they need to set the width to the desired "cols" attribute, and can not contain child elements. It is often necessary to set textarea width defined as 100%, but padding, they will extend the textarea width. Fixed-width environment, usually set to the appropriate pixel width, but widens the situation not so lucky.

The width of the box without absolute positioning

Not set the width of the performance of the absolute positioning of the box a little bit different. They just need to fit the width of the content they contain can be. Therefore, if the box is only one word, the box will be like as wide as the performance of that word. If the two words into the box width will increase accordingly. The situation is going to box the width of the width to 100% of the parent element (the nearest relative positioning of the parent element or browser window), then it will fold line.






On the box, the vertical expansion to accommodate the content contained is natural. Surprising, not only in the performance of different platforms with different text, different browsers handle this issue, there are many quirks.






No width of the floating box

Absolute positioning with no width as the box's performance. The width of the box contained only extended to the width of the content until the width of its parent element (parent element is not necessarily the relative positioning). As these non-vulnerability of the width of the box, we have to learn is the key mission mode when they can not rely, as the overall page layout. If floating a use as a sidebar, and expect that the internal elements (eg images) to be responsible for the width of containing it, you're asking for trouble.

Inline element is a box

Here has focused on block-level element box. It is easy to imagine the block-level elements of the box, but also inline element boxes. They can think for very long, narrow rectangle, they can have the same box as the other margin, padding he border






It looks bad to exercise off some understanding. As shown in the left margin to push the right side of the box, but only the first line effective, because it is the starting point of the box. the normal application of padding in the text of the upper or lower part, when folded it will ignore the row above the row to row padding and high (line-height) required position as a starting point. Transparent background effect to make look better.

Witnessed what

Composition of the page to see each individual "box" it? Try this line of code into the style sheet for the time being:

* (

border: 1px solid red! important;

)










Recommended links:



Merry DVD Ripper Platinum



WorldCup Flash To PSP



Brief Firewall And Proxy Servers



Youtube FLV to Xvid Utility



EMC Q3 earnings results ANNOUNCED revenue fell 5.3% over the same period



Was BRILLIANT: Ten-man weapon crack revealed inside story of classical



free download mp4 to MPEG converter



mpg to WMV converter



mp4 to mpeg converter free download



For You Recreation



Multimedia effect is good, But not indiscriminate



Ts video format



Analysis of pros and cons Of discount promotions



Bill - Bill Gates retirement after pitching in a number of patent applications



Shuo-side by side with the day thinking up the computer "settle down"



Posted by at No comments:

Tuesday, July 6, 2010

AlltoDVD DVD to RMVB

AlltoDVD DVD to RMVB is the best RealMedia converter software. easy convert Real Media files(.rm, .rmvb) to AVI, MPEG-1, MPEG-2, VCD, SVCD, DVD files. convert RM/RMVB to AVI DIVX XVID MPEG VCD SVCD DVD and burn to DVD/CD. You can change the codec/system type to PAL or NTSC, and adjust the video size of the output files . It supports to convert almost all video, such as: RM to AVI, RM to DIVX XVID, RM to MPEG-1, RM to MPEG-2, RM to WMV, RM to VCD, RM to DVD, RM to PSP Video, iPod Video, Zune Video, iPhone Video...

Support convert AVI, Divx, ASF, WMV, WMA, MPEG, MOV, QT, RM, RMVB, file to MPEG with all encode format such as VCD PAL/NTSC, SVCD PAL/NTSC, DVD PAL/NTSC, MPEG-1 standard, MPEG-2 standard etc. Support convert AVI, Divx, ASF, WMV, WMA, MPEG, MOV, QT, RM, RMVB, file to AVI with all encode format such as DIVX, XVID, Mircosoft MPEG-4 etc.



Recommand Link:



VOB



free download mp4 to 3gp



Hope SVCD Convert



Free Download Converter Mp4 To 3gp



Delphi Shop



SoundTaxi Platinum New!



Youtube Video to Cell Phone Guide



Daniusoft Video to Nokia Converter



TUNEBITE Music & Audiobook DRM converter



Swift VCD CREATOR



Expert Help Tools



Apex Apple TV Video Converter Home



Christmas-Idea VOB to Pocket PC



Mts To Vob



BRIEF Science Education



Youtube FLV to iphone Value



X-CLONER DVD Editor



Posted by at No comments:
Labels:
Subscribe to: Posts (Atom)