Browsing speed, Multitabs, RSS integration, add-on support are some of the usability considerations in the browser world today.
So I’ll share my experience about 3 browsers.
I’ve been using 3 browsers (Well, I don’t like Internet Explorer 
)
I liked all the three of them for the normal day to day operations I do, but however the way things work, I love Opera the best.
The aspects that got me into it and conclude to it is the speed of launching pages using Opera, it supports the multiple tabs, an RSS aggregation facility as well as the add-on support. While firefox is fast enough, one thing I’ve noticed is that the more and more plugins/extensions you add, the more it becomes slow. As well, at one point (may be even now), the only browser that had ZERO bugs was Opera.
Now you also need to consider the fact that I am an avid lover of Windows Operating System and do not have much experience with Linux. So these products how do they perform while on Linux is something I do not know.
I’m writing this post using Windows Live Writer which is an amazing software with rich content and works for multiple blog platforms;
Released yesterday and as of now, it supports Windows Live Spaces, Sharepoint, WordPress, Blogger, LiveJournal, TypePad, Moveable Type, Community Server, and many other weblog services.
It is much better compared to Beta 1 and is very versatile, so no more logging in, clicking panes to post the blog. Just launch the software at the pc, write it and click the magic button (publish)!
Here is where you would be downloading it { Click }
The best part is the drafts are saved and automagically updated with the the blog site! Oh yeah and as well the spell checker…
del.icio.us tags:
design,
Blog,
webdesign
It has been some time that I’ve been blogging at WordPress.com (an amazing free service). I decided to host the blog on my website itself.
From now onwards, I would be blogging here instead of http://rsivanadnan.wordpress.com
Cheers, Rajesh T Sivanandan
So the common belief is that it is very safe when a network is on a *switched* lan compared to a hub.
Story?
In a hub network, traffic is seen by everybody connected so sniffing would be very easy and with the introduction of switches, you see only traffic that is destined for you. So that provides you security from sniffing and attacks later-on! Well not quite true as long as ARP is the way it is now…
So how does arp work? When a machine wants to talk to somebody – an arp broadcast is done for which only the machine intended would reply with its mac address, so that the communication goes through; very IDEAL scenario.
Now if someone were to send in an incorrect arp response [ pretending to be someone else ], the original machine would still entertain this reply and send the packet to this address. Inherently there is no authentication with ARP protocol, was not required at the time it was designed!
So lets see how it works;
- Port1 – Host A is connected with mac A
- Port2 – Host B is connected with mac B
- Port3 – Host C (attacker) is connected with mac C
- So Host C (attacker) sends an arp reply to Host A saying that I’m Host B. Similarly it sends another arp reply to Host B saying that I’m Host A
- So now Host A believes Host B is Host C { AND }
- Host B believes Host A is Host C
So a simple software at Host C (attacker) would be able to read all the communication between Host A and Host B!
High end managed switches might not entertain the unasked ARP replies but the hosts would! For example Windows XP before SP2 entertains any gratuitous ARP packets and change their local ARP cache!
CVE Entry for this [ Here ]
A tool can be used to read the data and then forward the traffic to respective clients, facilitating that those hosts wouldn’t even know that there is something going on like this; the fashion as below;
- Host A sends ‘HI’ to Host B
- Traffic actually reaches Host C
- Host C reads the data and then forwards the packet to Host B
- Host B sends ‘hello’ to Host A
- Traffic actually reaches Host C
- Host C reads the data and then forwards the packet to Host A
Seems impossible? Well, there is rather a simple tool arpspoof which can perform this!
So how do you find out if there is something going on similar to this ? You could use arpwatch to perform the task
Its pretty appealing to read their *focus*, combined with a PPT that I saw couple of months back regarding Google’s work atmosphere and culture – It is a ~should’ve been there company
[ More... ]
Now that I answered the same question twice @ EE, it would be better that I bookmark it for the sake of others here;
So, the question is when it comes to a platform with Cisco to be a Firewall, do we use Cisco Router or Cisco PIX Firewall ? Both has a lot of similar feature set and the argument of using router as firewall instead of shelling more money on PIX/ASA ?
PIX (Packet Internet Exchange)
These are the firewall series from Cisco Networks (Now moving towards ASA). It is a hybrid firewall with capabilities of stateful firewall, Application proxy etc. The way it works is known as ASA (Adaptive Security Algorithm). This gear is specifically meant for doing firewall functions to much higher level
http://www.examcram2.com/articles/article.asp?p=101741&seqNum=4&rl=1
Cisco Routers
These are general routing engine which is made with different types of interfaces supporting routing in big scale. For example, pix can support only primitive level of routing but Cisco Routers can run almost all routing protocols that are available now. Now if you ask whether the firewall functionalities can be done by these routers? YES. Special image needs to be used and a Cisco Router can work as a vpn endpoint and a firewall. This is called CBAC (Context Based Access Control)
http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121cgcr/secur_c/scprt3/scdcbac.htm#wp1000981
So what is the difference. The numbers of throughput, while Routers are meant to have different idea the PIX is made only for the firewall functions. So firewall related outputs (VPN, Encryption speed etc..) are high in the PIX.
If VPN is only what you’re looking at then probably a Cisco Router would do, but *encryption speeds* matter, with PIX/ASA it would be much faster.
As well, application awareness is more in PIX/ASA than a normal Router. You could turn a router into a firewall but it is good only for layer 3 and layer 4 traffic to a major extent, while ASA or PIX would do more that that.
What is so great about it? Well, heard about OS fingerprinting / “Tcp/IP” Stack fingerprinting. Those who practice security couldn’t imagine a life without nmap ?, yeah that line is familiar…
So many of these tools do this by the changes in tcp/ip stacks. The RFC for tcp/ip defines value types for TTL, Window Size, MTU etc but do not mandate a default value hence different OS implementations have adopted it to have different values. What does it make it easy? Recon… Just a ping packet would let one know the TTL value, so similar correlations for many parameters would yield the OS in place without much trouble.
Operating System Obfuscation is a method, using which you could change those parameters on the OS so that it looks like a totally different Operating System!
If you do not want much of technical details on how you do it, (although I must tell it is a piece of cake) you could use a tool to configure it.
{Sec_Cloak}
Test it out yourselves;
1. First do an nmap scan [ nmap -O2 <target_ip> ] => See the OS guesses.
2. Run Sec_Cloak on the machine and set it to appear as some linux flavor.
3. Repeat the first step again and watch for the OS guess.
You’d get it by then….
Eight years back… this was us then…
Today is our 5th happy (?) marriage anniversary. Looking back;
- We’ve known each other for a total of 12 years!
- We’re gifted with a 2 year old kiddo! -> rose.rsivanandan.com
- We’re still young though I’m 31 and she’s 29
Wish us guys…. this one, is a well deserved one, gotta tell ya…..
Now we look this;
“Overall, U.S. government agencies received a ‘C-’ grade this year on an annual data security report card mandated by the Federal Information Security Management Act (FISMA), despite regulations designed to secure data storage practices.”
“In its statement on the latest data leak, the TSA said that it has some method of detecting if someone uses the hard drive.”
Yeah, it will walk up to the nearby phone station and make a call
Read More [ Click ]
