Drive By Download

A drive-by download is a program that is automatically downloaded to your computer without your consent or even your knowledge. Unlike a pop-up download, which asks for assent (albeit in a calculated manner likely to lead to a "yes"), a drive-by download can be initiated by simply visiting a Web site or viewing an HTML e-mail message. If your computer's security settings are lax, it may be possible for drive-by downloads to occur without any further action on your part.

Frequently, a drive-by download is installed along with a user-requested application. (In this case, the unwanted application is sometimes called a barnacle.) For example, a file sharing program might be included with a spyware program that tracks and reports user information for targeted marketing purposes. An associated adware program can then generate pop-up advertisements using that information.

Xupiter, an Internet Explorer toolbar program, was frequently installed as a drive-by download in the early 2000s. The program replaced a user's home page, changed browser settings, and used a redirect to take all searches to the Xupiter Web site. In some versions, the program initiated drive-by downloads of other programs. Furthermore, although it came with an uninstall utility, Xupiter was quite challenging for the average computer user to remove.

Drive-by downloads continue to be a major security issue online. In April 2007, researchers at Google discovered hundreds of thousands of Web pages that initiated drive-by downloads. One in ten pages was found to be suspect. Sophos researchers in 2008 reported that they were discovering more than 6,000 new infected Web pages every day, or about one every 14 seconds. Many of these infections are connected to botnets, in which each PC is turned into a zombie that may then be directed to further malicious activity, like spam or DDoS attacks

Source: http://whatis.techtarget.com

VAR to VAR

VAR-to-VAR is a business model based on cooperation between value-added resellers (VARs) that allows the companies to obtain professional services and solutions that would not have been accessible to them otherwise.

Successful VAR-to-VAR partnerships expand geographic reach, tap each other's expertise and enhance the brainstorming process. Such cooperative ventures can increase the buying power of both companies and reduce overhead and production cost. By buying in bulk, VAR-to-VAR partnerships are sometimes able to negotiate pricing from suppliers of critical components. VAR-to-VAR partnerships have successfully challenged larger, consolidated enterprises for lucrative contracts when neither of the smaller companies could have done so alone.

VARs tend to be ideal clients for one another because they understand each other's service-related challenges. The ultimate result is good for the end user because it encourages the evolution of the best possible product. Nevertheless, some companies find the VAR-to-VAR paradigm difficult to accept, especially if their past experiences have involved rivalries with other players in their field.

Source: http://whatis.techtarget.com

XNA Game Studio

XNA Game Studio is an integrated development environment (IDE) that includes tools and code development libraries that hobbyists, students and other nonprofessionals can use to create computer games for Microsoft Windows and X-Box 360.
To get started with XNA Game Studio, you'll need to have a basic working knowledge of C# and object-oriented programming (OOP). The basic version of XNA Game Studio, which includes Visual C# 2005 Express, development tools and a runtime environment, is free of charge. Debugging can be done from the Windows desktop. XNA Game Studio does require a Direct 3D video adapter card that can support Shader Model 1.1 or later, along with the latest DirectX runtime updates, so some hardware expense may be involved.

If a programmer wants to develop, debug or play games on an Xbox 360, however, he or she must subscribe to the XNA Creator's Club. Friends or family that want to play a game created with XNA Game Studio on Xbox 360 must also have XNA Game Studio installed on the gaming console, along with the runtime environment and a subscription to creator's club. Games developed with XNA Game Studio cannot be shared using any removable storage medium or burned to disc.

Games created with XNA Game Studio or XNA Game Studio Express for Windows can be sold commercially. Games created for XBox 360, however, are limited to non-commercial use by the Microsoft EULA and technical requirements.

With this initiative, Microsoft hopes to attract developers to create games for Windows and its popular Xbox 360. Programmers that create and upload games to the Creators Club community will have the opportunity to receive up to 70% of the revenue from sales of the applications.

Source: http://whatis.techtarget.com

Virtual Flopply Disk

A virtual floppy disk is an alternative to the traditional floppy that exists as a file rather than physical media. A virtual floppy is mounted to the same drive letter (A:) and accessed in the same way but is actually a disk image stored as a file on the hard drive.

Virtual floppy disks are used for a number of reasons. Although many manufacturers are no longer including floppy drives on computers and fewer retailers are selling floppy disks, some software installation processes still require their use. Other uses include partitioning a hard drive, accessing the command line prompt and transfering files between virtual machines. Some people prefer to use virtual floppies simply because they are easier to manage - there is no physical media to get damaged or lost.
A virtual floppy disk can be created by copying a physical disk to an image file.

There are also a number of programs, such as Diskcopy, Virtual Floppy Drive (VFD) and Floppy Image Creator, that can create a virtual floppy in the absence of a physical disk (or, possibly, the absence of a computer with a floppy disk drive).

Source: http://whatis.techtarget.com

Enlightenment

Enlightenment, also called E, is a popular free and open source (FOSS) windows manager that can serve as a standalone desktop environment. E can also be used along with other desktop environments like KDE and GNOME.

Enlightenment is highly customizable and includes the types of themes and high-end graphics familiar to users of Windows and the Mac OS. Many functions can be performed from the keyboard, without the need for mouse manipulation. The command line-driven mode is said to streamline operation. The portable, user-friendly interface is favored by graphics professionals and sophisticated hobbyists.
The three components of the Enlightenment project are Enlightenment DR16, Englightenment DR17 and the Enlightenment Foundation Libraries.

Carsten 'Rasterman' Haitzler released the first Enlightenment Windows Manager in 1997. Enlightenment DR16 (V.0.16), released in 2000, is still used today. V.16.8.13 was released in May 2008. Enlightenment DR17 (V.0.17), in development, is a complete rewriting of DR16, including a desktop shell. DR17 is expected to enhance graphics quality, improve performance and support new and emerging applications

Source: http://whatis.techtarget.com

Genetic Programming

Lately I was introduced to a new methodology of programming called Genetic Programming. Genetic Programming is a revolutionary algorithm based methodology inspired by biological evolution to find computer programs that performs a user-defined task. It is a specialization of genetic algorithms where each individual is a computer program.

Therefore it is a machine learning technique used to optimize a population of computer programs according to a fitness landscape determined by a program's ability to perform a given computational task.

Genetic Programming involves creating an environment in which tiny computer programs can evolve. This environment, also known as "the Universe", is a breeding pool for programs to pair and swap lines of codes as well as mutating.

In an article posted by NASA, Genetic Algorithms were used in designing high-efficiency antenna for space technology projects. The team were able to produce two designs using GA and was dubbed as the two best designs based on a criteria.

References
Genetic Programming using VB6
Genetic Programming - Wikipedia
Automated Antenna design using Genetic Algorithm

NetBeans 6.5 now in beta release

Good news to all Java guys! NetBeans 6.5 is already available on beta release. The NetBeans IDE is an award-winning Integrated Development Environment available for Windows, Mac, Linux, and Solaris. The NetBeans project consists of an open-source IDE and an application platform which enable developers to rapidly create web, enterprise, desktop, and mobile applications using the Java platform, C/C++, JavaScript, Ruby, Groovy, and PHP. It is supported by a vibrant developer community and offers a diverse selection of third-party plugins. The NetBeans IDE is a must-download for software developers.

Release Overview

The NetBeans IDE 6.5 Beta release provides several new features and enhancements, such as a new IDE-wide QuickSearch shortcut, more user-friendly interface, and automatic Compile on Save. In addition to full support of all Java editions (Java SE, Java EE, Java ME), the NetBeans IDE is the ideal tool for software development with PHP, C/C++, Groovy and Grails, Ruby and Rails, Ajax and JavaScript. The 6.5 release also includes enhanced support for web frameworks (Hibernate, Spring, JSF, JPA), the GlassFish application server, and databases.

Feature Highlights

PHP PHP Editor (Code completion, syntactic and semantic code highlighting) Support for heredoc notation and PHTML Xdebug Generators for MySQL database code snippets

JavaScript and Ajax JavaScript Editor and Debugger JavaScript Library Manager Yahoo UI, Woodstock, jQuery, Dojo, Scriptaculous, Prototype libraries CSS Editor

Java EE & Web Development Enhanced support for Spring, Hibernate, JSF, JSF CRUD generator, JPA (Java Persistence API) Create RESTful web services from database tables or from JPA entities Drag and drop SaaS services into PHP files SQL Editor Improvements (code completion, save/recall queries, and more)

Groovy and Grails Develop pure Groovy apps or use Groovy in Java SE projects Groovy editor (code completion, highlighting, and more) Grails web application framework Open existing Grails applications without adding metadata

Ruby and Rails Rake improvements: Rake Runner and a pre-generated Rake file Debugger: Conditional breakpoints and catchpoints Ruby projects accept JVM options from command line New Test Runner interface for displaying test results

GlassFish v3 Prelude for Web Development Modular, OSGi based architecture Small footprint, fast startup and deployment Support for scripting, including JRuby

C/C++ Improved code completion, error highlighting, and semantic highlighting Call graph, Memory window Remote development Packaging of application as tar files, zip files, or SVR4 packages

Java ME New project wizard for adding custom components to the Visual Designer Palette New SVG UI components in the enhanced SVG Composer enable rich UI design New Data Binding Custom Components in the Visual Designer Palette Upgraded obfuscation tool to ProGuard 4.2 and test framework to JMUnit 1.1.0

Java SE Multi-threaded Java debugging Java Swing GUI Builder: TreeModel Editor for JTrees Improved Eclipse project import and synchronization

IDE Tools and Usability One QuickSearch shortcut for IDE actions, files, options, and docs Support for Windows UNC paths (shared network folders) Automatic Compile on Save / Deploy on Save

For more information visit http://www.netbeans.org/community/releases/65/

Heartbeat

Heartbeat is a program that automatically runs specialized scripts whenever a system is initialized or rebooted. Originally designed for two-node Linux-based clusters, Heartbeat is extensible to larger configurations.

In a system running Heartbeat, nodes communicate by exchanging packets called "heartbeats" at the rate of approximately 2 Hz (twice per second). The name of the program comes from the regularity of the packet exchanges.

When Heartbeat is used in a multi-node system, one machine is designated as the primary node and the other as the secondary node. If the primary node fails or requires downtime, the secondary node can take over the primary role. A script called "shoot the other node in the head (STONITH)" shuts down the primary node before the secondary node comes online. STONITH prevents "split-brain" operation, with the consequent risk of file corruption, that could occur if both nodes attempt to play the primary role at the same time.

Heartbeat is commonly bundled with Distributed Replicated Block Device (DRBD), a software component that facilitates the replacement of shared storage systems.

Source: http://whatis.techtarget.com

Honey Monkey

A honey monkey is a program that imitates a human user to lure, detect and identify malicious activity on the Internet.

According to Microsoft, who developed the concept, a honey monkey is an active client-based honey pot. The honey monkey behaves like a highly active and extremely unwary human Internet user, logging onto many suspect websites. The programs detect harmful coding that could jeopardize the security of human visitors.

Certain types of websites are more likely to contain malicious coding, whether by design or as a result of hacking. Favored targets include the home pages of celebrities, sites that offer downloadable music and videos (particularly those that operate in violation of copyright law), pornographic sites and sites with gaming cheat codes. Sophisticated hackers operate according to the principle of "minimizing the effort and maximizing the results." Effective honey monkeys take advantage of the same paradigm, scanning the Web for URLs most likely to be compromised. In some cases, individual hackers can be personally identified.

Microsoft developed a Web patrol system called Strider HoneyMonkeys to detect Web sites that frequently install spyware, Trojans and viruses on the computers of Internet users. Microsoft's system consists of multiple monkey programs running on virtual machines (VMs). Host systems have a range of patch levels to detect specific types of exploits.

In addition to identifying and isolating uniform resource locators (URLs) that propagate malware, a program called Strider Tracer can detect configuration and file changes that occur following an exploit. Using this method, interconnected communities of Web sites have been discovered that use targeted URLs to exploit client-side vulnerabilities on unpatched computers. Once such a site and the nature of its activity has been identified, a patch is generated to counter the threat.

For more information on Honey Monkeys visit Microsoft Research discusses how Strider HoneyMonkeys work. (PDF)

Source: http://whatis.techtarget.com

HTML5

HTML5 is the next generation of HTML. It is a revision of the Hypertext Markup Language, a set of markup tags used in creating web pages. HTML5 was adopted by the World Wide Web Consortium (W3C) in 2007, who published the draft in January 2008.

HTML5 offers several features over its predecessor HTML4 which includes

• New parsing rules for enhanced flexibility
• New attributes
• Elimination of outmoded and redundant attributes
• Immediate-mode drawing
• Drag and drop
• Back button management
• Timed media playback
• Offline editing
• Messaging enhancements
• Detailed rules for parsing
• Multipurpose Internet Mail Extensions (MIME) and protocol handler extensions
• Improved canvass support
  

HTML5 is designed that older browsers that do not support the new version can ignore its new constructs without affecting the presentation of the web page.

For more information on HTML5 visit http://en.wikipedia.org/wiki/HTML5
Reference http://whatis.techtarget.com

Squid Proxy Server

Squid is a Unix-based proxy server that caches Internet content closer to a requestor than its original point of origin. Squid supports caching of many different kinds of Web objects, including those accessed through HTTP and FTP. Caching frequently requested Web pages, media files and other content accelerates response time and reduces bandwidth congestion.

A Squid proxy server is generally installed on a separate server than the Web server with the original files. Squid works by tracking object use over the network. Squid will initially act as an intermediary, simply passing the client's request on to the server and saving a copy of the requested object. If the same client or multiple clients request the same object before it expires from Squid's cache, Squid can then immediately serve it, accelerating the download and saving bandwidth.

Internet Service Providers (ISPs) have used Squid proxy servers since the early 1990s to provide faster download speeds and reduce latency, especially for delivering rich media and streaming video. Website operators frequently will use a Squid proxy server as a content accelerator, caching frequently viewed content and easing loads on Web servers. Content delivery networks and media companies employ Squid proxy servers and deploy them throughout their networks to improve the experience of viewers requesting programming, particularly for load balancing and handling traffic spikes for popular content.

Squid is provided as free, open source software and can be used under the GNU General Public License (GPL) of the Free Software Foundation. Squid was originally designed to run on Unix-based systems but can also be run on Windows machines.

Squid was originally an outgrowth from the Harvest Project, an ARPA-funded open source information gathering and storage tool. "Squid" was the code name used to differentiate the project when development in the new direction was initially begun.

For more information on Squid proxy servers visit: http://www.squid-cache.org/

Source: http://whatis.techtarget.com

Setting up Oracle Unbreakable Linux using VMWare

For all you guys who want to experience Oracle Unbreakable Linux without replacing your current OS this is good news. There are several ways in running Linux OS in your PC without removing your current OS,

1. Using a Live CD - some flavors of Linux OS have Live CDs available. To name a few, we have Knoppix, Ubuntu, Kubuntu, etc... This method allows you to run the OS using the Live CD. Load the CD in your drive and reboot your PC; make sure that your system will boot first from your CD drive, and away you go!
2. Dual Boot - this method allows you to run two different OS in your PC one at a time. Which means that once the PC starts running, you will be asked to select which OS to run. This method is a lot faster than that of using the Live CD. Just make sure that you know how to perform dual boot installation or your existing OS is history.
3. Using a Virtual Machine - this method is what I preferred most, but first, you need to install a program that allows you to create virtual machines in your PC. A lot of virtual machine programs are out there - some are free while others are not. I am using VMWare.

Oracle Enterprise Linux is based from Red Had Enterprise Linux, so when I created my virtual machine, I chose Red Hat Enterprise settings to make sure that all the drivers for my Oracle Linux can run. The installation is very straightforward, just read the instructions and choose your preferences and click next!


I am taking my virtual class from www.LinuxBasics.org. Now I can perform the exercises in the course using my preferred Linux flavor. Oracle Unbreakable Linux is available for download for free!