How To Exam?

Read online ......... save tree...............

Distributed Network Firewall Design - Optimization and Performance Evaluation

Thursday, 05 January 2012 22:07 Samual
E-mail Print PDF
No Photo
“Cyber Attacks Hit 75% of Global Enterprises in 2009” [Symantec, Feb-2010]
“IT Security spending to outpace other IT spending in 2010” [Gartner Research, Dec 2009]

Today, increasing attention is paid to firewall rule-set quality due to regulations such as the Sarbanes-Oxley act, CobiT framework, the Payment-Card Industry Data Security Standard (PCI DSS) and the NIST standard 800-41. All these regulations include specific sections dealing with firewall configuration, management and audit.

The document will begin with current analysis of Vulnerabilities in Internet Firewalls. Various types of firewalls which are operational today will be examined and cross reference each firewall operation with causes and effects of weaknesses in that operation, analyzing reported problems with available firewalls. Detailed analysis and comparison will be done in terms of cost, security, operational ease and implementation of Open source packet filter (PF) firewall, Checkpoint SPLAT and Cisco PIX.

Various policy anomalies in Distributed firewalls will be studied to make firewall scalable. Packet filtering mechanisms in various firewalls will be studied and comparative analysis will be done. Various common configuration errors in installation/management of network firewall will be studied and summarized. Conclusion will be made to design a structured method for configuring firewall rulebase to be correct, consistent, complete, and compact.

Introduction
Network Firewalls protect a trusted network from an un-trusted network by filtering traffic according to a specified security policy. A firewall is often placed at the entrance of each private network in the Internet. The function of a firewall is to examine each packet that passes through the entrance and decide whether to accept the packet and allow it to proceed or to discard the packet. A firewall is usually designed as a sequence of rules. A firewall's basic task is to regulate some of the flow of traffic between computer networks of different trust levels. Typical examples are the Internet which is a zone with no trust and an internal network which is a zone of higher trust. A zone with an intermediate trust level, situated between the Internet and a trusted internal network, is often referred to as a "perimeter network" or Demilitarized zone (DMZ).

A firewall’s configuration contains a large set of access control rules, each specifying source addresses, destination addresses, source ports, destination ports, one or multiple protocol ids, and an appropriate action. The action is typically “accept” or “deny.” Some firewalls can support other types of actions such as sending a log message, applying a proxy, and passing the matched packets into a VPN tunnel. For most firewalls, the rule set is order-sensitive. An incoming packet will be checked against the ordered list of rules. The rule that matches first decides how to process the packet. Due to the multidimensional nature of the rules (including source/destination addresses and ports), the performance of a firewall degrades as the number of rules increases. Commercially deployed firewalls often carry tens of thousands of rules, creating performance bottlenecks in the network. More importantly, the empirical fact shows that the number of configuration errors on a firewall increases sharply in the size of the rule set. A complex rule set can easily lead to mistakes and mal-configuration.

Despite their critical role, firewalls have traditionally been tested without well-defined and effective methodologies. Currently, a diverse set of firewalls is being used. Because it is infeasible to examine each firewall separately for all potential problems, a general mechanism is required to understand firewall vulnerabilities in the context of firewall operations. The firewall data flow model we presented gives an overall description of firewalls by detailing the operations they perform (depicted in figure 1). When a packet is received by a firewall, it first undergoes link layer filtering. Then it is checked against a dynamic rule set. The packet then undergoes packet legality checks and IP and port filtering. Finally, network/port address translation is performed. Sophisticated firewalls also reassemble packets and perform application level analysis. After a routing decision is made on the packet, out-bound filtering may also be performed. Each of these operations is optional, and the order in which the packet traverses them may also differ in different firewalls.
( 0 Votes )

Read more... Add new comment
Last Updated on Tuesday, 10 January 2012 17:15

VS 2005 Web Site to Web Application - A Migration Guide

Thursday, 05 January 2012 15:10 Samual
E-mail Print PDF
No Photo
This tutorial depicts step by step instruction to migrate Visual studio 2005 web site projects to web application projects. The Web Application Projects add-in provides a Visual Studio 2005 (VS 2005) Web project model option that works like the Visual Studio .NET 2003 Web project model. In this paper, the new project type is referred to as a Web application project. You can use Web application projects as an alternative to the Web site project model already available in Visual Studio 2005, which we refer to in this paper as Web site projects.

Steps for migration

1.Open existing VS 2005 Web site project.
2.Right click on solution and Select -> Add new project.
3.Under your language preference, select web option from left pane and then select ASP.NET Web Application option. Give the name to your application and click on OK Button.
4.Delete web.config file and default.aspx file from new web application project
5.Select all files and copy from existing web site project.
No Photo
6. Right click on WebApplication project (i.e – SampleWebApplication) and click on Paste option. It will prompt the user with following message. Click YES to overwrite the same.
No Photo
7.To convert pages and classes within the project, right click the root node of the Web Application Project (i.e – SampleWebApplication) and select "Convert to Web Application". This will cause VS 2005 to recursively examine every page, user-control, and master-page in the project and automatically generate a .designer.cs file for each, as well as change the .aspx/.ascx files to use the "codebehind" rather than the "codefile" attribute. This command will also rename App_Code to Old_App_Code.
( 0 Votes )

Read more... Add new comment
Last Updated on Thursday, 05 January 2012 21:31

Migration Guide - Oracle to MYSQL

Thursday, 05 January 2012 15:40 Samual
E-mail Print PDF
With the rapid growth of MYSQL in the database market, many corporations, government agencies, educational institutions and other organizations have begun to migrate away from their expensive and proprietary databases. Of course, a migration from any database is not something to be taken lightly, and so countless organizations are considering their options for migrating to MYSQL.
In particular, many MYSQL customers are migrating from Oracle because they have reached the conclusion that the combination of cost-savings and feature set of MYSQL make for a compelling business case to offload some or all of their database-driven applications to the MYSQL database.
This guide provides insight into what is needed for considering a move from Oracle to MYSQL, and presents a number of options that help make the transition easy. Both the business and technical sides of migrating to MYSQL will be dealt with, so whether you are a manager or a seasoned DBA, you will find the needed answers to questions that revolve around migrating to the world's most popular open source database - MYSQL.
Version 5.1.30 of MYSQL will be referred in this paper.

Introduction to MYSQL

MYSQL is the world’s most popular open source database management system, is developed, distributed and supported by MYSQL AB. It has become more popular because of its consistent fast performance, reliability and ease of use. Current versions of MYSQL are 4.1X and 5.X.

Platforms on which MYSQL can run:-

o Linux (Redhat, SUSE, Mandrake, Debian)
o Embedded Linux (Montavista, Lynuxworks BlueCat)
o Unix (Solaris, HP-UX, AIX)
o Windows (Windows 2000, Windows NT)
o RTOS (QNX)
o Handheld (Windows CE)

Key Relational database features that MYSQL provides:-

o High-performance
o Main-memory tables with disk-based tables
o Single-User and Multi-User
o Multi-Threaded
o Multi-Process
o SQL-92 and SQL-99
o ACID Transactions Referential Integrity
o Cascading Updates and Deletes
o Multi-table Joins
o Row-level Locking
o Replication
o Clustering
o UDFs (User Defined Objects)
o OLTP (On-Line Transaction Processing)
o Unicode and Double-Byte character support
o Drivers for ODBC, JDBC, .NET and C++

( 1 Vote )

Read more... Add new comment
Last Updated on Thursday, 05 January 2012 20:36

What is Polarization?

Thursday, 05 January 2012 16:28 Ayush Singh
E-mail Print PDF
One of the most common question asked in comptetion and exams related to inorgainic chemistry is the comparision of stabilty of various  IONIC COMPOUNDS. or reason for the exceptional  unstabilty of an ionic compound. For example

Q. Why Li2CO3 is thermally unstable where as Na2CO3 is thermally stable?

                                          OR
Q. Which one of these is least stable:-
1.LiOH
2.NaOH
3.RbOH
4.CsOH

well the answer is very simple, for the first question the reason is POLARIZATION & for second it depends upon the covalent nature found in compound due to polarization. 
No Photo
POLARIZATION

 It is defined as the distortion of electron cloud of anion (-) by the attractive force of cation(+) in a molecule (ionic).It leads to the following changes in the nature of compound:

1. It generates the sharing of orbitals in the compound which is Ionic in nature!
2. This results into the generation of covalent nature in compound.

EXPLANATION

Well this concept is quite simple. When an Ionic compound is formed between ions of very large size difference ( where anion is very larger than cation) then an  electrovalent force of attraction between nucleus of cation and electron cloud of anion, is generated due to  powerfull effective nuclear charge of cation on the negatively charged electron cloud of anion. This leads to the distortion of electron cloud of anion, as its effective nuclear charge is less and nucleus and its radius is more.
The distorstion results into the sharing of orbitals or shells between ions which results into covalent nature in the molecule and further results into unstabilty (since covalent compounds are more unstable).

Now, I think it would be easy for you to check the stabilty of an inonic compound. Just keep in mind that those compounds in which there is a large size difference between ions or atoms are more unstable than those with lesser size difference. Now, can you guess what is the answer of the second question? well if yes then it is good but if no then ask your teacher to explain you about polarization. REMEMBER This concept is only applicable for ionic compounds not for covalent ones. YOU CAN ALSO USE IT  AT ANYPLACE WHERE THERE IS QUETION OF UNSTABILTY ,NO ONE CAN CUT IT BUT REMEMBER THE COMPOUND SHOULD BE IONIC ONLY.
( 1 Vote )

Comments (1)
Last Updated on Thursday, 05 January 2012 23:42

More Articles...

Page 1 of 7

  • «
  •  Start 
  •  Prev 
  •  1 
  •  2 
  •  3 
  •  4 
  •  5 
  •  6 
  •  7 
  •  Next 
  •  End 
  • »
You are here: Home