Appin announces expansion of its franchise network to tier two cities in India
Appin Knowledge Solutions the training wing of appin announces its expansion plan from 90 hi tech training labs to 200 training labs in the current fiscal year. Appin has been a premier company in niche technology training specially programs related to Information Security, Ethical Hacking , Forensics , Embedded Robotics and has been operating across India, Africa and Middle East. ?Appin has been appreciates by Dr. A.P.J Abdul Kalam during his presidentship at Rashtrapati Bhawan for inspiring efforts in the field of niche technology and has been rated among top 5 IT professional training companies and the best in its category by the popular week magazine in the past.
Mr. Khare Rajat Saha, director of Apin, said: "We have more than 20,000 students in India, through our training center, a total of 83000 or so, but our market and have in general small and medium cities and first-tier cities . We hope to expand to every nook and corner of India to allow students a real taste of high-tech training to enable them to become leaders of tomorrow. ethical hacker and specialized skills, the shortage of talent, information security, forensics, embedded robot and so on, we want to discuss this training gap in this area, more people. We invite potential business partners to join the arpin network, as a unique technical training, provision of entrepreneurship education "
Appin has been doing a brisk business for last 5 years with multi fold growth in topline and bottomline. For details visit www.appinonline.com or contact Mr. Rajesh Kumar at +91-9871684653 for checking if you are eligible for taking an appin franchise popularly known as appin technology lab. The gap of over 400000+ individuals to be trained and placed in industry is a big need and hence appin has taken a task on its end to contribute to the cause.
Posted in: java training| Tags: Business Security Technology Training Network Information Expansion franchise niche appinA survey report on software watermarking technique with graph coloring approach
Abstract
In the recent times the main aspect of any service provider or any product provider is the security. Everybody is very much conscious about the security of contents because in this internet savvy world, hacking information is nowadays just a matter of joke to the professional hackers. Nowadays digitization of information is a very important because digital can be used very efficiently and it can be sent through internet in a few seconds to anywhere of this world. So, there is a need to protect the digital content. Software watermarking is a unique process that gives a digital content protection from the hackers. Several processes are invented to make a digital content software watermarked. This survey report covers the prestigious work that has been done on software watermarking using graph-coloring approach.
1. Introduction
This article surveys the software watermarking [1] technique with graph coloring approach. The primary object of this software watermarking is to prevent any digital content from being tampered. The main advantage of this software watermarking approach is,
·It prove the ownership of the content
·It make the content an anti-pirated
By the software watermarking technique we can prevent the pirates using reverse algorithm and de-compilation technique to steal software.
Intellectual property protection or IPP [7] is basically a theoretical framework to evaluate watermarking techniques. The main aspects of any efficient watermarking technique are credibility and overhead.
Software Watermarking? [1] is basically a way of hiding the digital information into a digital content (Cover Text) to prevent piracy. In this approach watermark is a special data structure and cover text is a software program. The hidden digital information is invisible to the user. It is of two types,
·Static
·Dynamic
There are two main types of approach in software watermarking,
· Frequency domain approach
· Path Based
·Graph-Based
In graph theory’s term, graph coloring [6] is a special case of “graph labeling”. Graph coloring is of several types,
Vertex Coloring is to color a graph in such a way that no two adjacent vertices share the same color. Edge Coloring is to Color a graph in such a way that no two adjacent edges share the same color. Face Coloring is to Color a planer graph in such a way that no two faces that share a boundary have the same color. The chromatic polynomial counts the number of ways a graph can be colored using no more than a given number of colors. The smallest number of colors needed to color a graph G is called its chromatic number, ?(G). Graph coloring is computationally hard. It is NP-complete to decide if a given graph admits a k-coloring for given k except for the cases k = 1 and k = 2. Especially, it is NP-hard to compute the chromatic number. Graph coloring remains NP-complete even on planer graphs of degree at most 4.The graph coloring problem is, Given an Undirected Graph G=(V , E) where V= Set of? Vertices and E=Set of Edges , it is required to find out an assignment of colors to vertices, such that no two vertices which are connected by an edge would? get the same color. The main idea behind the solution is, once a vertex is assigned a color then all the vertices which are connected to that are refrained from using the same color. This basic idea is used in software watermarking [7] approaches. Whenever the system get an 1(of the main content) color it and when in case of 0 color it with different color or color the MISes with different but minimum color to make it a distinguished one. The approaches of watermarking techniques for graph coloring problem both credibility and overhead are maintained properly.
2. Software Watermarking approaches
A static algorithm [3] recognizes the watermark by examining the (source or compiled) code of the watermarked program. A dynamic algorithm recognizes the watermark by examining the state of the program after it has been executed with a special finite input sequence (i1,………in). Thus, for a dynamic algorithm the recognizer will have the signature R(Pw[i1,………in])) -> W where P[I] is the state of program P after input I.
Mr. Stern, Hachez, Koeune and Quisquater [2] invented an algorithm for frequency domain software watermarking approach , this approach is called SHKQ algorithm [8].
The basic performance of SHQK algorithm stated below,
1. Watermarks can be embedded by re-ordering parts of the code [9], where such re-ordering can be shown to be semantics preserving.
2. Watermarks can be embedded by inserting new (non-functional) code in the program, such that this code encodes a watermark number.
The three algorithms [2] Vector Extraction, Watermark Embedding, and Watermark Extraction below formalize these steps.
Vector Extraction:
1. Define n as a security parameter.
2. Define a vector S= (s1,...........sn) of n ordered groups of machine language instructions.
3. For each group i in S, count the frequency c of the group in the code, and form the vector c = (c1,..........cn). Return c.
Watermark Embedding:
1. Apply the vector extraction step to obtain a vector c of length n.
2. Choose an n-coordinate vector w= (w1,.................wn) whose coefficients are randomly distributed following a normal law with standard deviation ?
3. Modify the code in such a way that the new extracted vector c ? = c + w
Watermark Extraction
1. Set a detection threshold ? , (0 < ? < 1).
2. Apply the vector extraction step to obtain a vector c from the original (non watermarked) application.
3. Apply the extraction step to obtain a vector d from the watermarked application.
4. Compute a similarity measure Q between d-c and w.
5. If Q is higher than then the algorithm outputs marked, else it outputs unmarked.
C. Collberg, E. Carter, S. Debray, A. Huntwork, C. Linn, M. Stepp [5] discussed path-based watermarking where the basic idea is to embed the mark in the branching structure of the program.
There are some consequences of this approach,
First, the forward branches that a program takes are an essential part of what makes the program unique. This makes branches inherently difficult to change or remove, making path-based watermarks resilient to many distortive attacks.
Second, branches are inherently binary in nature (they are either taken or not taken), which makes it easy to embed a bit-string.
Third, path-based watermarking lends itself well to error-correction and tamper proofing.
Fourth, branches are ubiquitous in real programs, hopefully making path-based marks insusceptible to statistical attacks.
Two basic algorithms [3] have been discussed below for graph-based approach,
Venkatesan et. al. [10] discussed The Graph-Theoretic Watermark (GTW) algorithm whose main objective is to embed a watermark by inserting a code segment which has no semantic effect
Fig.1: The GTW algorithm. Dashed control flow edges connect the watermark graph G with the cover control flow graph P. The watermark nodes of Pw are marked to distinguish them from the nodes of P
The basic embedding technique is stated below,
1. Encode the integer watermark value W as a control-flow graph (CFG) G ? e(W).
2. Construct the watermarked program Pw by combining G and the program CFG P.
3. Connect G and P by adding bogus control-flow edges.
4. Mark the nodes (basic blocks) of G.
This process is illustrated in Figure 1. In order for the watermark to be stealthy G and P should be tightly integrated. Integration is achieved by performing a random walk over the nodes of G and P and adding edges until Pw is uniformly dense.
The watermark is extracted from Pw as follows:
1. Make the nodes of the watermark graph G is the set of marked blocks from
2. Make the edges of G be the set of control-flow edges between marked blocks in .
3. Compute the watermark using the decoder d (G).
Collberg and Thomborson [11] discussed the algorithm that embeds the watermark in a dynamically built, linked, graph structure.
Fig. 2: The Collberg-Thomborson watermarking algorithm
1. At A, the watermark number is encoded into a graph G.
2. At B, G is split into a number of sub graphs.
3. At C, each sub graph is converted into a code sequence that builds the graph. Pw is constructed by inserting the graph-building statements along a special execution path? <P1,P2,P3,P4> of the program.
4. At D, the recognition sequence is started by executing with a special input sequence. This causes the program to follow the execution path Pw and the watermark graph G to be built on the heap.
5. At E, G is extracted from the heap and decoded into W.
In graph based approach two main techniques are discussed below,
A] Graph theoretic approach
B] Graph coloring approach
Christian Collberg, Andrew Huntwork, Edward Carter, Gregg Townsend [4] discussed this approach to achieve a technique for software watermarking; in this approach the GTW algorithm has been used. The GTW embedding algorithm takes as input application code P, watermark code W, secret keys w1 and w2 , and integers m and n. GTWSM uses a smaller and simpler set of parameters. Values of m and n are inferred from P, W, and w1. The clustering step is unkeyed, so w1 is unused. Thus, our implementation takes as input application code P, a secret key w, and a watermark value.
1.The watermark value v is split into k values, { v1,………, vk-1}
2.The split values are encoded as directed graphs { G1,………, Gk-1}
3.The generated graphs are converted into CFGs? {W1,………, Wk-1} by generating executable code for each basic block.
4.The applications clusters are identified
5.The watermark is merged with the application by adding control-flowed edges to the graphs.
6.Each basic block is marked to indicate whether it is part of the watermark.
Embedding:
In GTWSM we accept an integer value for transformation into a watermark CFG. The recognition process performs the inverse transformation from CFG to integer. First, the embedding process involves several steps; secondly, splitting the watermark value into small integers; thirdly, constructing directed graphs that encode these values; generating code that corresponds to the graphs; and connecting the code to the program.
Watermark Value Splitting:
GTWSM splits a watermark value v into a multiset S of k integers, k >? 2. Empirically, we have determined that values of k between 5 and 15 produce watermark methods that are neither overly large nor overly numerous.
A watermark value v is split as follows:
1. Compute the minimum exponent l such that v can be represented using k-1digits of base 2l.
2. Split the value v into digits (v0, v1,……,vk-2) such that 0 <? vj < 2l v = ?k-2j=02jlvj. and
3. Encode the digits in the multi set {s0, s1,……,, sk-1} where s0 = l-1 si = si-1 + vi-1. and
Encoding Integers as Graphs:
-
Each integer is converted into a graph for embedding in the application. Several issues must be considered when choosing a graph encoding:
2. The graph must have the structure of a valid CFG. It should have a header node within-degree zero and out degree one from which every node is reachable, and it should have a footer node without-degree zero that is reachable from every node.
3. The graph should have a maximum out-degree of two.
4. The graph should be reducible [12] because true Java code produces only reducible graphs.
5.The control structures represented by the graph should not be deeply nested, because real programs seldom nest deeply.
Mr Gang Qu and Mr. Miodrag Potkonjak [7] analyzed ‘adding edge’ watermarking techniques for graph coloring problem. Suppose a random graph G(V,E) has been given. A randomly selected message M V is the vertex set of graph G where V = {v0, v1,........, vn-1}. Convert the message M into binary (using ASCII) M=m0m1.............. for embedding.
Now, the message M have to be embed into graph G by the following manner,
lCopy the graph G(V,E) to G'(V,E').
lFor each bit mi , take two nearest bit of vi that are not connected, i.e. vi1 and vi2 in such a manner that? i2 > i1 > i (mod n) and (vi,vi2),(vi,vi1) ? E and (vi,vj) ? E for all i < j < i1 , i1 < j < i2 (mod n).
lIf mi=0 then add edge (vi,vi1)
else if mi=1 then add edge (vi,vi2)
Those edges are extra edges and connected vertex has to be colored by different colors that may not be essential at all in the original graph.
Mr Gang Qu and Mr. Miodrag Potkonjak [8] demonstrate technique to recover the hiding signatures from the colored graph, which is basically watermarked content.
The approach for recovery from the colored graph, which is embedded by the “adding edge” technique, is as follows,
lAfter embedding the message to the original graph several new edges have been created and the vertex pair may be colored by different colors.
lFor each pair {vi, vj} we can receive one bit of information by counting how many nodes are in between (i.e. Nodes with indices between i and j) vi and vj are not connected with vi.
lIf the difference is 0 then the hidden bit is 0 and if the difference is 1 then the hidden is 1. Otherwise if the difference is more than 1 then reverse the order of vi and vj and try the above steps.
lBy this single binary information the whole binary string can be made. That string is basically the hidden message.
Mr Gang Qu and Mr. Miodrag Potkonjak [7] analyzed ‘selecting MIS’ watermarking techniques for graph coloring problem. MIS means Maximal independent set. MIS of a graph means it is a subset of vertex set S such that the vertex in MIS are not connected and those are not in S is connected with at least one vertex of the graph. Main advantage of this technique is all the vertex of one MIS be labeled by one single color.
Suppose a random graph G(V,E) has been given. A randomly selected message M for embedding. V is the vertex set of graph G where V={v0, v1…………, vn-1}.Convert the message M into binary (using ASCII) M=m0m1..............
Now, the message M have to be embed into graph G by the following manner,
lThe idea of selecting no of MISes according to M.
lTake vi as the first vertex of the MIS where the binary exponent of i log2 n bits of M. coincides the first
lCut the vi and it's neighbors as they can't be in same MIS as vi.
lReorder the vertex and get the next MIS.
lColor each MIS with separate colors.
lConstruct the MIS till the M has not been completely embedded.
Mr Gang Qu and Mr. Miodrag Potkonjak [8] demonstrate technique to recover the hiding signatures from the colored graph, which is basically watermarked content. The technique to recover the hidden signature from the colored graph embedded by “selecting MIS” approach is as follows,
In this approach several number of MISes are generated. The selected MIS with a particular order of vertex represent the watermark. Binary string can be retrieved from that MIS by reconstruction.
lSuppose the graph contain 11 vertex and 3 MISes have been generated colored by 3 different colors.The binary string needed is 11111.
lTake a certain MIS like {v7, v4, v1, v10 }.
lThe first vertex is v7. As (7)10=(111)2, then the binary string we retrieved is 111.
Now remove v7 and it's neighbors from the original graph.
lThe second vertex in the MIS is v4 and the binary string we retrieved is 11.
lRemove v4 and its neighbors from the original graph. Only v1 and v10 are remained lonely.
lSo, desired result 11111 has been retrieved.
The above technique shows the uniqueness of the selected MIS in determining the credibility.
Mr Gang Qu and Mr. Miodrag Potkonjak [8] analyzed one more technique ‘adding edge and nodes’ along with previous two for hiding signature in a digital content.
Suppose a random graph G(V,E) has been given. A randomly selected message M for embedding. V is the vertex set of graph G where V={v0, v1…………, vn-1}.Convert the message M into binary (using ASCII) M=m0m1..............
Now, the message M have to be embed into graph G by the following manner,
lA new node v has been introduced.
lTake the first ?log n? bits from M.
lFind the corresponding vertex v' and connect it to v.
lTake the next ?log n-1? bits and locate the next vertex to which v is connected.
lRepeat the previous step until np edges have been added and a new graph Gn+1, p have been generated.
lIntroduce a new node until M has been totally embedded.
lColor the new graph.
Mr Gang Qu and Mr. Miodrag Potkonjak [8] demonstrate the approach in behind to recover the hidden signature from a embedded, colored graph generated by “adding edges and nodes” technique is as follows, as by this technique a new node and it's associate edges has been created and they remain invisible. To exhibit the hidden signature we have to go through the signature embedding technique once again and encrypted signatures can be added to the colored graph as edges to the newly inserted vertex. Different binary strings can be generated in the same way from the same colored graph. So to get a valid result a comparison in between every result is necessary.
Mr Gang Qu and Mr. Miodrag Potkonjak [7] discussed some technical aspects of? “adding edge” approach,
The signature or message that have to embed can be anything but that should capable of protecting the ownership.
Encrypt the message, which is converted to binary using cryptographic hash function or stream cipher. Assume that the final binary bit stream is random.
A basic assumption on this approach,
lTo color Gn, p, we need exactly X color where X is given by,
X ( Gn, p ) = é n/(2logbn) ù ...(i)
lAfter embedding k bits into the main graph Gn,p there are extra k edges added to the watermarked content, the resulting graph remains random with the same number of vertex and a new edge probability,
p' = p + (2k/n(n-1))
So, formula (i) for the chromatic number still holds and this number is denoted by X'. The overhead is defined by the X’-X (i.e. total no of extra color need to color the watermarked graph).
Some theorem have been deduced on contrary of the technical concept of the above approach,
Theorem 1.1: Adding k (n) edges to a random graph Gn,p , limn-> μ X'-X= μ
if and only if k (n) ? ?( n log n)
Corollary 1.2: (1 color overhead) Adding k(n) edges to graph Gn,p , if
limn->μ (k(n)/n log n) = l then limn-> μ X'-X <= 1+ é l/(1-p) ù .? In particular
k (n) ? o( n log n). The overhead is at most 1.
Theorem 1.3: Adding k(n) edges to a random graph Gn,p , let & be the event that
these edges are added randomly, then limn->μ Prob[?]=0 if k (n) ? ?( n/ log n).
Mr Gang Qu and Mr. Miodrag Potkonjak [7] discussed some technical aspects of “selecting MIS” approach,
Whenever a MIS has been removed from the original graph, the graph became a random one again with the same edge probability.
·To generate a random graph Gn+1,p , add one new vertex into a random graph Gn,p and add an new edge in between the new vertex and the old vertex in Gn,p with probability P.
·The first vertex of any MIS have been selected randomly and the next vertex’s choices are restricted to (1-p)n=qn as pn neighbors of the first vertex have been eliminated.
Therefore following theorems have been deduced,
Lemma 2.1: Given random graph Gn,p , almost all randomly selected MIS is of size logb n, where b = 1/(1-p).
To create a convincible watermarking a large graph, we have to add w(n/log n) edges by the first technique.
Theorem 2.2: Given a random graph Gn,p, Let ? be the event that in a random solution, all vertices in this MIS have the same color. By selecting one vertex from an n-vertex graph, we can embed ?log2 n? bits.
From lemma 2.1, at most log2 n log b n bits of information could be embedded into the MIS. To embed long messages, we have to construct more MISes, which may result in huge overhead.
Theorem 2.3 : Given a random graph Gn,p , if we select k(n) MISes ,assign each MIS one color and color the rest of the graph, then the overhead is at most k(n) and k(n/2) on average at least.
Mr Gang Qu and Mr. Miodrag Potkonjak [7] discussed some technical aspects of “adding edges and nodes” 8 approach the technical aspects are,
· k new edges have been added into the initial graph Gn,p and transformed into Gn+k,p.
· The formula for implying overhead is,
X`-X= é (n+k)/2logb(n+k) ù. - é n/2logbn ù where b=1/1-p
· The watermarked potential for the graph Gn,p as WP(Gn,p) = X(Gn,p) – n/(2logbn)
The theorems deduced for this technique’s aspect are,
Theorem 3.1: Given a random graph Gn,p, we introduce k (n) new vertex and associate edges based on the signature, then for almost all Gn,p , the overhead is at most 1 if
k(n) ? o(log n).
Theorem 3.2: We build graph Gn+1,p from a given random graph Gn,p np edges. A coloring scheme to the initial Gn,p is obtained by coloring by introducing one new vertex and
Gn+1,p. Let ? be the event:
·Add a vertex v to the colored graph Gn,p .
·Connect v to np random vertex.
3. Conclusion
Two most important criteria of any watermarked content is low overhead and high credibility. Previously discussed three techniques have been fully analyzed and we can conclude that, those techniques are totally capable to provide high credibility with at most 1 color overhead. For large graphs (i.e. Random graphs, DIMACS challenge graph, Graphs generated from real life problems).
Numerical data from simulation have been analyzed and confirms the result.
Fingerprinting is one of the most efficient method to provide security to any content. The technique? can be implemented in NP complete GC(graph coloring)problem. Fingerprinting in the random graphs introduces overhead while for graphs generated from real life register problem.
In the QP algorithm which is basically a algorithm for constraint based watermarking algorithm, the graph coloring problem can be used to embed a watermark (edge adding) in the registry allocation.
5. References
[1]? Mohanty S. P. . “Digital Watermarking : A tutorial View “ .A technical report. Indian Institute of Science,1999
[2]? Sahoo T. R., Collberg C. . “Software Watermarking in the Frequency Domain: Implementation, Analysis, and Attacks”. Technical report TR04-07, Dept.of computer science, University of Arizona, March, 2004
[3]? Collberg C., Kobourov S. , Carter E. .“Error-Correcting Graphs for Software Watermarking” . In workshop on graph theoretic concepts in computer science. 2003
[4]?? Collberg C., Huntwork A. , Carter E., Townsend G. . ”Graph Theoretic Software Watermarks: Implementation, Analysis, and Attacks” . In 6th International Information Hiding Workshop, March, 2004
[5]?? Collberg C. , Carter E. , Devroy S. , Huntwork A. , Linn C., Stepp. M. “Dynamic Path Based Software Watermarking”. In proceedings of the conference on programming language and implementation, 2004
[6] http://en.wikipedia.org/wiki/Graph_coloring
[7] Qu G. and Potkonjak M. . “Analysis of Watermarking Techniques for Graph Coloring Problem”. In IEEE/ACM International Conference of Computer aided design, Pages 190-193, November, 1998.
[8] Stern J. P., Hachez G., Koeune F., and Quisquater J.J.. Robust object watermarking: Application to code. In Information Hiding, pages368-378,1999. http://citeseer.nj.nec.com/stern00robust.html.
[9] Davidson R.L. and? Myhrvold N. Method and system for generating and auditing a signature for a computer program. US Patent 5,559,884, Assignee: Microsoft Corporation,1996. http://www.delphion.com/details?pn=US05559884__
[10] Venkatesan R., Vazirani V. , and Sinha?? S. A graph theoretic approach to software watermarking. In 4th International Information Hiding Workshop, Pittsburgh, PA, Apr. 2001.
[11] Collberg C. and Thomborson C.. Software watermarking: Models and dynamic embeddings. In Principles of Programming Languages 1999, POPL99, San Antonio, TX, Jan. 1999.
[12] Aho V.A., Sethi R., and Ullman D.J. Compilers,Priciples,Techniques and tools. Addison-Wisely,1986.ISBN0-201-10088-6.
Posted in: java tutorial| Tags: Software Internet Security Approach Report provider technique content survey graph
PHP Programming Made Easy
Here are some helpful basics on PHP: Begin, at all times, a PHP page with . (a period) and never neglect to use ; (semi colon) at the close of a variable. Secondly, before manually starting phpmyadmin to make your PHP program run properly, be ready to set up PHP, PHPTriad first. Next, to enable your php program to function, bring a php page in a .php wing. And lastly, don't forget that security is the main requirement in using this type of PHP language. In developing a page with PHP, high level of security is necessary.
It is also very important to note that if you really want your program to operate, follow instructions to the letter. With this type of system, accuracy is the key.
Contrary to popular conception, programming is not really difficult, at least at present. Compared to the early days of programming on more than twenty years ago when it was completely foreign to most people today, almost anyone can learn this skill. It is true that the child during the programming stage, there were books to support learning, those who study and train in this area wanted. But we are more fortunate, because there are tutorials, especially online, which can help us to develop programming skills.
On the other hand, although experience of tutorials online or in the actual location should be promoted by a person's determination and interest. Perseverance required learners to read tutorial, then try out some actual programming, but people who really want to push interest rates and learning, said the acquisition capability.
Blogger is a blog with a run out of blog entries and to promote recognition of his position to achieve a better clean up a great interface. This application requires only a simple SimpleXML for PHP to set up a complete system for transportation, as well as a number of Google's Blogger API understanding and a small part of the PHP script with the required HTML code.
Blogger when you take full advantage of the interface so that the need to better promote the blog for this method, one for one, Blogger has already been built on a Web server and installing the software on another blog required. This way, you save time and effort to the site of the owner of the website, he also maintains a reserve for the MySQL database, in the future, you can use to keep more advanced.
Mashup, in a technological context, refers to a web application that involves the use of a combination of data, or a mixture of two or more sources. This combination is then put together in a single device. A good example is the integration of cartographic data from Google Maps in real estate facts, so that a different and new Web services that would otherwise not by one or two sources provided. Consequently, the final product of the mashup data or code that can be used for software purposes.
Interestingly, mashup originated from a certain application in pop music, especially hip-hop in which a special song is created by combining two or more other songs.
Output Buffer is a process which is HTML or Javascript code or echo or print is produced in PHP with the information sent by the browser and therefore the site as a result. This is the information stored on the server until the script is executing, or do something about the actual buffer.
In order to complete this process, you should start the output buffer first. This work should be directly entered into any other browser. This is very important, and you start immediately after the start of the PHP before the tag. You have to be very precise to ensure that no pre-emptive action to be done before the PHP tags to open, because even the quiet or space may result in an error.
Six Steps to a More Secure Linux Server
I've worked as a remote Linux System Administrator for quite a while, and one thing that I've noticed is that many "administrators" out there don't know how to configure or secure a server properly. This article is a quick reference on some of the more important (and easy) security or configuration tweaks that any administrator should do for their server. These six steps can dramatically increase the security and stability of any Linux server. The best part about these tips, is that they are all quick and easy to do as well, with each step taking less than 15 minutes!
1.) Security Updates Not Installed
Almost every server that I work is not the newest (and surest) software. Yes, Linux is a great operating system software, but has all the security problems. Enable the installation of automatic updates using a cron script, or is similar to the simplest and easy way to make sure that your server is not compromised. There really is no excuse to not have the latest security updates to install
2.) Disable root login via SSH, and password authentication
Admittedly, I've been guilty of this myself sometimes. Let's face it, everyone likes being able to quickly and easily log into their servers, and change settings. However, if you're using password authentication, what's to keep someone else from logging into your server? In addition, you should not use password authentication on your Linux server, to prevent others from logging into your Linux server. Instead, enable RSA signed authorization keys. This is more secure, since an attacker will not be able to guess or brute force a login session with your server.
3.) Disable or filter extra services
This is the second biggest problem is that I look over the new customers with servers. Often the system administrator to build their Linux server does not automatically imply a necessary final step filter incoming connections that are not necessary. I've seen it all run from the day service, MySQL is waiting for connections on a remote IP. If a Linux administrator is not familiar with iptables, there are several tutorials that someone will show you how even a simple firewall ruleset. Moreover, disabling unnecessary services is a fundamental step to optimize the server as well, why extra services that run to tie resources if they are not needed?
4.) Test accounts or guest accounts still active
Another glaring security hole (and often used is one) that a customer will not have to be test-user is run (often with very simple passwords, such as test) if a software solution for a production server is deployed. I do not need the security implications of this single-make sure that getting rid of you, the guest or trial accounts!
5.) Advertising banners left on
We all like advertising, is not it? However, the advertising world, for the version of Apache or Sendmail, you run on your Linux server is the three-year-old, is not to be concerned about, it is necessary. Disable the server as long as the banner will help to hide the script from a fundamental reliance on attacking your server. Moreover, why is bad to help determine the software server is running?
6.) PHP errors or application errors
I'm pretty confident that we have all seen an error or two displayed on a website. Some errors that are displayed are not a security issue at all, for instance Javascript errors. However, some errors are security issues (PHP is particularly bad with this), because they disclose sensitive information. The easiest way around this is to disable displaying errors in PHP (or your web applications). Otherwise, an attacker may be given information about your website's database details, or file locations.
These issues are the top 6 security issues that I see on a daily basis in my work. You can all check your server or servers for these quick issues (these tips take almost no time at all), and dramatically increase the security of your server. However, if you have any problems implementing these security steps, please feel free to contact me.
Know the Essential Skills to Become an Ethical Hacker
Computer is now a major cause of concern for businesses and governments around the world. Although Internet e-commerce is possible, helped in advertising products and services for millions of people, it has also led to the rise of criminal hackers. For this reason, a growing number of companies and governments are turning to ethical hacking or white-has to lift them out of the problem.
A Certified Ethical Hacker examines the security of the systems, check for viruses and eliminate the problems associated with network security. But in order to be en efficient Ethical Hacker, you must have the appropriate skills, together with the right attitude.
Programming skills
The knowledge of programming languages is a mandatory. You should learn the technique of C, C++, Python, Java, Perl and Lisp.
As a beginner, you can start to learn Python is less complicated than other languages, but is also quite attractive. It is well documented and well designed. Then you learn C, Lisp, Perl and Java.
It is important to learn Perl as it is used extensively for web pages and system administration.
All these languages have different approach to programming and the acquisition of knowledge of each of these would you be much more efficient hacker. Each language has its own importance and at the end of the day you would benefit by learning each of them.
UNIX
You can’t become a hacker unless you learn and understand UNIX. After all UNIX is the platform on which the Internet is built upon. Though there are other platforms, it is not possible to read the code or modify them. However with UNIX you can read how the operating system is written and modify it. Hence, learn to hack on open-source UNIX by getting a Linux or BDS-UNIX installed on your personal computer and practice on it daily for hours.
HTML
To become a hacker, you should know how the World Wide Web functions. And having knowledge of web is not just restricted to how to use the browser. You should make efforts to learn and write HTML.
Usage of English
In order to become an effective ethical hacker, you need to have a relatively good command of English, because it is the master of the Internet in English. Hackers come in all the books in English. Therefore, concentrate on this part of the improved.
Apart from all this topic, read many books on hacking. The more you read, the better. Books to buy or enroll in some libraries, and they take on rent. And do not hesitate to experiment. To a white hat hacker, you have the curiosity to have to learn new things.
Well actually, of course, you can take a hack. There is some theoretical and practical training and research institute established to provide some hacking certification course. Many would benefit from appropriate training to get a prestigious institution, professional help to become a certified ethical hacker.
Posted in: java training| Tags: Internet Security Programming java knowledge perl unix python hacker ethicalSecurity Advantages of the .net Framework
?
I remember, in a recent article, I mentioned that the report of the NET framework to ensure the safety of custom IAuthenticationExtension extension interface. This is a not override the default Windows Authentication mode, and to propose a third-party security tools to work. Recall, however, posters are often raised a question: is the NET inherently more popular than any other platform, J2EE safe? In other words, is the same as a good open-source business software encryption tool?
The other day, the folks at Nashua(NH)-based HyTech Professionals, able code developers at J2EE and Net frameworks both, sent along an interesting showdown between the two platforms. Seems two Professors Francia (spouses, I hazard) of Jacksonville State U’s Computer Security and Forensics Laboratory got themselves a grant from the National Science Foundation. In short, this was a scientific test of cryptographic API’s running under Java and NET frameworks.
The head-to-head test involved four encryption algorithms (DES, Triple DES, RC2 and AES), as well as four message digest algorithms (MD5, SHA 1, 256 and 512). At the time, NET framework 2.0 was in use hence the test bed was System.Security.Cryptography under the VS development environment and C# language. The result was that the NET framework API’s ran almost twice faster than Java API’s. For the most part, Net framework message digest API’s also did better than their Java counterparts. The result likewise favored native NET framework applications (the test included exchanging environments and, for instance, running Java API’s in Windows) when researchers normalized the comparison by stripping the test conditions of file I/O operations.
In short, each one has its own encryption strength of the software. However, NET Framework to achieve often work more quickly. This is the hard science.
Because your time and money are valuable, you deserve a solutions orientated software development firm that can deliver high quality solutions on time for a great price. Our distinct selling point is the ability to convert our client’s vision into a cost effective and efficient business solution. We believe our unique approach to offshore outsourcing combines significant cost benefits with lower risks and higher levels of customer service. In a highly competitive international environment, HyTech Professionals distinguishes itself by providing the following advantages:
?
- HyTech Professionals is a Microsoft Gold Certified Partner and ISO 9001 Certified software engineering services company, delivering top quality results on which our clients can depend.
- We have U.S.-based project managers to ensure that the risks associated with offshore outsourcing are minimized, and accountability is increased. You do not have to worry about issues like cultural differences, time differences, communication gaps, etc
- As an employee owned IT firm, all of our staff are committed to helping our clients succeed. Our people are our greatest assets, and as such, we invest heavily in training, our internal mentorship program, and MS/ISO certification. Our programmers bring years of software development experience, domain expertise, and a desire to help you succeed in your business goal.
- By employing world-class software developers in India, HyTech Professionals ensures high quality programming along with significant savings for each one of our clients.
- HyTech Professionals maintains 24/7 service support staff equipped with the latest technologies and secured systems.
- We strive to build long-term relationships with our clients. HyTech Professionals nurtures a company culture of helping our clients beyond expectations, even when we have to go that extra mile. Our organization's values revolve around customer satisfaction, quality delivery, privacy protection, promoting equal opportunity, flexibility and integrity.
?
?
Posted in: java training| Tags: NET Security Report article encryption framework test advantages safety desValuing Network Certifications - Is The Time, Money And Effort Worth The Bother?
There are many ways to get any of the large number of network certifications now available.There's not only software certification like those offered from Oracle, Java, Microsoft, etc.but there's also direct network hardware certifications from strong companies like Cisco and then there's the server administration, hardware repair, security and several sub category type certifications.All are available but the question is if these have any real value in the marketplace.
The answer is not easy, is such a pity. This is a lot of companies, which require a specific certificate, and bend the requirements and is certified to have a job once. The certificate or people who are supporters of a strong market for it separately. This is because, typically, by requiring them to prove they are believed to pass the test to validate the decision to obtain training in some way.
The reality is that like a good resume and education pedigree, certifications help get you in the door.Think about it for a moment.If you were hiring a network administrator, you would probably ask for the usually experience and basic education and some type of networking certification.If 100 people claiming the same skills and experiences levels all apply and all have at least the single required certification while 10 have not only the network cert but also maybe several MS and a security certificate, which candidates applying would probably get scheduled for interviews?Right!It would be the ones with the better paper qualifications.
So the value of a certification they can be measured, the importance of recognition by employers, and the relative worth it for such training. If you have an application in net-shops, the value of certifications, they will of course place a premium on the fact that you have that is likely to reflect the training and who grew up in an area, the operating result.
But the real key is to recognize that employers do not hire you because you have a certificate. You must have the necessary skills to carry out work and meet the requirements of the post. No amount of certification can build a strong work ethic and solid experience. With today's learning materials, almost anyone can learn enough to pass the test required to become certified. However, this does not make anyone the right to work on the network, than walking into a garage is no longer a mechanic. It is the skills, talents and knowledge really want.
Microsoft Certifications are one of the most widely pursued and acclaimed professional certifications in the IT industry. Preparing MS certification tests, however, is a significant undertaking whether you're just out of college or have been in IT field for years. IT professionals are continuously demanded to acquire new knowledge in order to perform well on their jobs as new technology in the IT industry emerged at a pace that has never been seen before. Regardless what certifications (Microsoft Certified Professional or MCP, Microsoft Certified System Administrator or MCSA, Microsoft Certified System Engineer or MCSE ) you are pursuing, a thorough planning will increase the chance of success.
The importance of hands-on Experience, no matter if it's your own little network at home or at your job, experience matters!Being able to apply the knowledge gained by the study necessary to obtain your certification is just as important as the exam itself.
When preparing for any certification test, have a network available to physically learn the principles being taught.You network might only be a couple of old PC's and a switch but it's enough to understand the principles and basic information.You gain valuable skills that cannot be obtained any other way except through hands on work.
Finally, consider using CBT's or computer based training as part of your test preparation.These tools are a great way to take your level of understanding to a new level.This is also true of practice exams.
If you develop the skills necessary to support the certifications, pay your education, cost and effort. With your knowledge and training you can expect it will be easier to get considered for positions, moves in a society and enjoy a solid working career.
Posted in: java training| Tags: Security Type Network time certifications certification education hardware valuing certificateCIW Courses - Providing Valuable Skills to Boost Your Career Prospects
CIW courses are now held in high esteem in the new generation of emerging Internet professionals. In fact, CIW (Certified Internet Webmaster) is almost like the standard certification for webmasters around the world. All companies today are looking for qualified employees working in the areas of project management, web development, security management, professional e-commerce and the like. Includes all the skills, allows a CIW course you can as a professional web-empowered in all respects.
Courses Available
CIW courses are available in various levels like associate, professional and master. Then there are four major areas of specialization provided by CIW - Enterprise Developer, Administrator, Website Manager and Designer. For these, there are various programs offered by the course like CIW Site Designer, CIW Foundations, CIW JavaScript Fundamentals, CIW Server Administrator, etc.
Here are 9 main courses offered by the CIW:
- CIW Security Analyst Certification
- Master CIW Enterprise Developer Certification
- Master CIW Administrator Certification
- Fundamentals of databases (IBM, Oracle, DB2, etc.)
- CIW V5 Database Designer Specialist Certification
- Master CIW Designer Certification
- CIW Professional Certification
- CIW Associates Design Specialist Certification
- CIW Associates
All these programs enable you to grasp not just the basics and fundamentals of web-based technologies but also the use of XHTML and network infrastructure that you need to make a mark in the world of internet.
How Job-Oriented Is It?
CIW is not just a curriculum publisher or a certification body but a comprehensive web-technology foundation that includes web designing, basics of internet, java, website programming, administration, internet server and much more. No wonder CIW courses are today recognized by academic institutions, governments and businesses all over the world.
The capabilities of CIW are certified in high demand in the e-business market. This certification career-oriented programs will give you the right tools in the current professional environment necessary if companies understand the importance of network applications and Internet software. CIW courses also provide valuable technical skills like writing and project planning.
The Examination Point of View
Job-oriented CIW courses are also available as distance learning programs. That means you can learn at your own pace and appear for tests through the official site of CIW training certification.
Just fill CIW training, you must register for the exam by CIW permitted, online registration system. The CIW then conducted tests in various centers. The tests designed to measure skills, web design, web development skills and other technical and non technical skills.
Since the CIW tests have set down 75 percent as the minimum passing score, the standard of these online tests are par excellence. The level of competition among the applicants is also very high since most of the applicants include hard-core professionals like e-commerce designers, database managers and system administrators.
CIW courses are among the few certifications that as