What is Malware?

Posted on October 26, 2010 by Murugan B Iyyappan

Malware is the biggest threat on the Internet. It is a general term for malicious software. Hackers install malware by exploiting security weakness on the web server to gain access to the web sites. It can be an adware which displays pop-up ads, Trojan horses which help hackers to get confidential information.

Malware cannot easily spread from one system to system over the network. But through web they can penetrate to a company web site and use it as a host to spread malware to all over the systems. Malware code is not easily detectable and may infect the system when they browse an affected web site. The users are no longer aware of the attack on their systems. This is called “drive-by” malware. Hackers use drive-by malware to spread viruses, hijack computers and to steal the valuable personal information.

Drive-by malware downloads itself onto a user’s system. Cybercriminals exploit browsers or plug-in vulnerabilities to deliver the malware by hiding it with in a web page as an invisible thing. It can be of the form of iframe, obfuscated javascript, embedded image, flash and PDF file that can be unknowingly delivered from web site to the visitor’s system. Targeting web sites with low traffic allows hackers to avoid detection and can cause more damage for a longer time.

To infect a computer through a web browser, an attacker must do two tasks. First thing is to connect with the victim and to install malware on the victim’s system. One of the easiest way is to make victim’s browser execute the malicious code by ask the victim to visit a web site that is affected by malware. Common types of malware delivery methods are software updates, banner ads, downloadable documents, man-in-the-middle (duplicating the original website and getting the username and password) and keyloggers.

Search engines like Google, Yahoo and Bing place any web site found with malware on a blocked list or “blacklist”. Once blacklisted, the search engine issues a warning to potential visitors that the site is unsafe or excludes it from search results. Taking proper measures to prevent search engine blacklisting is the long-term success of any web site

Posted in Citrix XenApp, Citrix XenDesktop | Tagged , , , , , , , | Leave a comment

What is new in IE 9?

Posted on October 25, 2010 by Murugan B Iyyappan

1. The first visible thing is the bigger site surface area than the various toolbars

2. Pinned Sites that allows a user to pin the most visited sites on the Windows taskbar

3. New folder like visual to each opened tab. Suggests the most visited sites

4. Added download manager add-on that allows us to check the status of the download

5. Faster speed as it uses HTML5 and new web technologies like CSS3 and SVG2 and GPU for acceleration.

6. The scrolling is a much smoother than previous versions, and use new hardware acceleration.

7. IE 9 will work only on Windows Vista and Windows 7

8. Combined with AJAX and the canvas element creates an astounding image zooming experience.

9. This web platform supports all Canvas element APIs and most Canvas 2D Context APIs and attributes. Supports MP4 H.264 playback support, using hardware or software decoding and MP3 and AAC audio support

10. Better than Firefox and slower than Google Chrome

Posted in Citrix XenApp, Citrix XenDesktop | Tagged , | Leave a comment

Amazon EC2 Vs VMware vCloud Express.

Posted on July 30, 2010 by Murugan B Iyyappan
 
The Amazon EC2 cloud is based on Citrix XenServer technology for server instances.
 
vCloud Express has more options related to instance provisioning details such as number of CPU cores, specific quantities of RAM to assign to the server
EC2 instances start at $.10 per hour and vCloud Express instances start at $.036 per hour.
 
AWS does not explicitly charge for the public IP addresses (Elastic IP addresses), but vCloud Express charges $.01 per hour for a public IP address and external Internet access for the workload
 
Load balancing is available in vCloud Express which is not available on EC2
 
AWS has a comparatively limited (about 10) operating system offering from the pre-bundled instances. vCloud Express, however, has a broader (nearly 200) offering
 
vCloud Express is in its beta version, lets see how it prepare itself for its long battle
Posted in Citrix XenApp | Tagged , , | Leave a comment

New features of DNS and Active Directory in Windows Server 2008

Posted on July 1, 2010 by Murugan B Iyyappan
DNS Devolution
Allows client computers in a child namespace to access resources in the parent namespace without the need to explicitly provide the fully qualified domain name (FQDN) of the resource in the Active Directory environment.
DNS Cache Locking
Cache locking allows to control whether or not information in the DNS cache can be overwritten. DNS server will not allow cached records to be overwritten for the duration of the time to live (TTL) value.
DNSSEC
In short, DNSSEC allows for a DNS zone and all the records in the zone to be cryptographically signed. When a DNS server hosting a signed zone receives a query, it returns the digital signatures in addition to the records queried for.
 
DNS Socket Pool
The socket pool enables a DNS server to use source port randomization when issuing DNS queries. Instead of using a predicable source port when issuing queries, the DNS server uses a random port number selected from this pool, known as the socket pool
 
Restartable Active Directory Domain Services
Restartable AD DS reduces the time that is required to perform certain operations. AD DS can be stopped so that updates can be applied to a domain controller. Also, administrators can stop AD DS to perform tasks, such as offline defragmentation of the Active Directory database, without restarting the domain controller. Other services that are running on the server and that do not depend on AD DS to function, such as Dynamic Host Configuration Protocol (DHCP), remain available to satisfy client requests while AD DS is stopped.
 
Fine-Grained Password Policies
You can use fine-grained password policies to specify multiple password policies within a single domain. You can use fine-grained password policies to apply different restrictions for password and account lockout policies to different sets of users in a domain.
 
Read-Only Domain Controllers
An RODC provides a way to deploy a domain controller more securely in locations that require fast and reliable authentication services but cannot ensure physical security for a writable domain controller. Except for account passwords, an RODC holds all the Active Directory objects and attributes that a writable domain controller holds. However, changes cannot be made to the database that is stored on the RODC. Changes must be made on a writable domain controller and then replicated back to the RODC.
 
Database Mounting Tool
The purpose of the Active Directory database mounting tool is to expose AD DS data that is stored in snapshots or backups online. Administrators can then compare data in snapshots or backups that are taken at different points in time, which in turn helps them to make better decisions about which data to restore, without incurring service downtime.
 
Posted in Citrix XenApp, Citrix XenDesktop | Tagged , , , , | Leave a comment

Types of DNS zone available on a Windows 2003

Posted on July 1, 2010 by Murugan B Iyyappan

 A Zone is a contiguous portion of DNS namespace managed by one or more name servers. Zones contain resource records that specify the name of the DNS server authoritative for the zone (SOA record), the names and IP addresses of all name servers in the zone (NS records), the names and IP addresses of other hosts (A records), aliases for hosts (CNAME records), and so on.

Primary Zone: Standard and Active Directory Integrated
Holds Read and Write copies of all resource records (A, NS, _SRV).
 
Secondary Zone:
Read only copies of records, gets updates from the primary server by zone transfer.
 
Stub Zone:
New in Windows 2003, a sub zone with just pointers to another domain. NS, SOA and A record of the main server will be in Stub dns. 
 
Conditional Forwarder:
If the clients in the domain often query the ip address and computers of the other domain (abc.com), then we can configure that DNS server which resolves the dns query as a conditional forwarder in this domain
Posted in Citrix XenApp | Tagged , , | Leave a comment