Bon Jovi - It's My Life

The Corrs-Radio [unplugged]

Runaway -The Corrs Unplugged

The Corrs - Breathless

Firewall

What Are Firewalls

Firewalls are an integral part of any secure network. As we continue the discussion of the various security features and designs, it is important to take an in-depth look at how firewalls protect a network.

3 Part : 1 - Firewalls

              2 - Types of Firewalls

              3 - Positioning of Firewalls

Firewalls

The term firewall has many definitions in the industry. The definition depends on how and to what extent a firewall is used in a network. Generally, a firewall is a network device that, based on a defined network policy, implements access control for a network.

Apart from doing this basic job, firewalls are often used as network address translating devices, because they often tend to sit on the edge of a network and serve as entry points into the network. 

shows the basic philosophy of a firewall setup.

 

Some important characteristics distinguish a serious, industrial-strength firewall from other devices that go only halfway toward providing a true security solution are:

• Logging and notification ability
• High-volume packet inspection
• Ease of configuration
• Device security and redundancy
  
  

  Logging and Notification Ability

  A firewall is not much good unless it has a good logging facility. Good logging not only allows network administrators to detect if attacks are being orchestrated against their networks, but it also lets them detect if what is considered normal traffic originating from trusted users is being used for ungainly purposes. Good logging allows network administrators to filter much information based on traffic tagging and get to the stuff that really matters very quickly. Obviously, good logging is different from logging everything that happens.
  "Good logging" also refers to notification ability. Not only do you want the firewall to log the message, but you also want it to notify the administrator when alarm conditions are detected. Notification is often done by software that sorts through the log messages generated by the firewall device. Based on the criticality of the messages, the software generates notifications in the form of pages, e-mails, or other such means to notify a network administrator. The purpose of the notification is to let the administrator make a timely modification to either the configuration or the software image of the firewall itself to decrease the threat and impact of an attack or potential attack.
  
  
  
  

  High-Volume Packet Inspection

  One test of a firewall is its ability to inspect a large amount of network traffic against a configured set of rules without significantly degrading network performance. How much a firewall should be able to handle varies from network to network, but with today's demanding networks, a firewall should not become a bottleneck for the network it is sitting on. It is important to keep a firewall from becoming a bottleneck in a network because of its placement in the network. Firewalls are generally placed at the periphery of a network and are the only entry point into the network. Consequently, a slowdown at this critical place in the network can slow down the entire network.
  Various factors can affect the speed at which a firewall processes the data passing through it. Most of the limitations are in hardware processor speed and in the optimization of software code that keeps track of the connections being established through the firewall. Another limiting factor is the availability of the various types of interface cards on the firewall. A firewall that can support Gigabit Ethernet in a Gigabit Ethernet environment is obviously more useful than one that can only do Fast Ethernet in a faster network such as Gigabit Ethernet.
  One thing that often helps a firewall process traffic quickly is to offload some of the work to other software. This work includes notifications, URL filter-based access control, processing of firewall logs for filtering important information, and other such functions. These often-resource-intensive functions can take up a lot of the firewall's capacity and can slow it down.

  Ease of Configuration

  Ease of configuration includes the ability to set up the firewall quickly and to easily see configuration errors. Ease of configuration is very important in a firewall. The reason is that many network breaches that occur in spite of a firewall's being in place are not due to a bug in the firewall software or the underlying OS on which the firewall sits. They are due to an error in the firewall's configuration! Some of the "credit" for this goes to the person who configures the firewall. However, an easy-to-configure firewall mitigates many errors that might be produced in setting it up.
  It is important for a firewall to have a configuration utility that allows easy translation of the site security policy into the configuration. It is very useful to have a graphical representation of the network architecture as part of the configuration utility to avoid common configuration errors. Similarly, the terminology used in the configuration utility needs to be in synch with normally accepted security site topological nomenclature, such as DMZ zones, high-security zones, and low-security zones. Use of ambiguous terminology in the configuration utility can cause human error to creep in.
  Centralized administrative tools that allow for the simultaneous management of multiple security devices, including firewalls, are very useful for maintaining uniformly error-free configurations.

  Device Security and Redundancy

  The security of the firewall device itself is a critical component of the overall security that a firewall can provide to a network. A firewall that is insecure itself can easily allow intruders to break in and modify the configuration to allow further access into the network. There are two main areas where a firewall needs to have strength in order to avoid issues surrounding its own security:
• The security of the underlying operating system- If the firewall software runs on a separate operating system, the vulnerabilities of that operating system have the potential to become the vulnerabilities of the firewall itself. It is important to install the firewall software on an operating system known to be robust against network security threats and to keep patching the system regularly to fill any gaps that become known.
• Secure access to the firewall for administrative purposes- It is important for a firewall to have secure mechanisms available for allowing administrative access to it. Such methods can include encryption coupled with proper authentication mechanisms. Weakness in the implementation of such access mechanisms can allow the firewall to become an easy target for intrusions of various kinds.
  
  
  An issue related to device security is the firewall's ability to have a redundant presence with another firewall in the network. Such redundancy allows the backup device to take up the operations of a faulty primary device. In the case of an attack on the primary device that leaves it nonoperational, redundancy also allows for continued operation of the network.

  Types of Firewalls

  In order to gain a thorough understanding of firewall technology, it is important to understand the various types of firewalls. These various types of firewalls provide more or less the same functions that were outlined earlier. However, their methods of doing so provide differentiation in terms of performance and level of security offered.
  The firewalls discussed in this section are divided into five categories based on the mechanism that each uses to provide firewall functionality:
• Circuit-level firewalls
• Proxy server firewalls
• Nonstateful packet filters
• Stateful packet filters
• Personal firewalls

These various types of firewalls gather different types of information from the data flowing through them to keep track of legitimate and illegitimate traffic and to protect against unauthorized access. The type of information they use often also determines the level of security they provide.

Circuit-Level Firewalls

These firewalls act as relays for TCP connections. They intercept TCP connections being made to a host behind them and complete the handshake on behalf of that host. Only after the connection is established is the traffic allowed to flow to the client. Also, the firewall makes sure that as soon as the connection is established, only data packets belonging to the connection are allowed to go through.

Circuit-level firewalls do not validate the payload or any other information in the packet, so they are fairly fast. These firewalls essentially are interested only in making sure that the TCP handshake is properly completed before a connection is allowed. Consequently, these firewalls do not allow access restrictions to be placed on protocols other than TCP and do not allow the use of payload information in the higher-layer protocols to restrict access.

Proxy Server Firewalls

Proxy server firewalls work by examining packets at the application layer. Essentially a proxy server intercepts the requests being made by the applications sitting behind it and performs the requested functions on behalf of the requesting application. It then forwards the results to the application. In this way it can provide a fairly high level of security to the applications, which do not have to interact directly with outside applications and servers.

Proxy servers are advantageous in the sense that they are aware of application-level protocols and they can restrict or allow access based on these protocols. They also can look into the data portions of the packets and use that information to restrict access. However, this very capability of processing the packets at a higher layer of the stack can contribute to the slowness of proxy servers. Also, because the inbound traffic has to be processed by the proxy server as well as the end-user application, further degradation in speed can occur. Proxy servers often are not transparent to end users who have to make modifications to their applications in order to use the proxy server. For each new application that must go through a proxy firewall, modifications need to be made to the firewall's protocol stack to handle that type of application.

Nonstateful Packet Filters

Nonstateful packet filters are fairly simple devices that sit on the periphery of a network and, based on a set of rules, allow some packets through while blocking others. The decisions are made based on the addressing information contained in network layer protocols such as IP and, in some cases, information contained in transport layer protocols such as TCP or UDP headers as well.

Nonstateful packet filters are fairly simple devices, but to function properly they require a thorough understanding of the usage of services required by a network to be protected. Although these filters can be fast because they do not proxy any traffic but only inspect it as it passes through, they do not have any knowledge of the application-level protocols or the data elements in the packet. Consequently, their usefulness is limited. These filters also do not retain any knowledge of the sessions established through them. Instead, they just keep tabs on what is immediately passing through.. The use of simple and extended access lists (without the established keyword) on routers are examples of such firewalls.

Stateful Packet Filters

Stateful packet filters are more intelligent than simple packet filters in that they can block pretty much all incoming traffic and still can allow return traffic for the traffic generated by machines sitting behind them. They do so by keeping a record of the transport layer connections that are established through them by the hosts behind them.

Stateful packet filters are the mechanism for implementing firewalls in most modern networks. Stateful packet filters can keep track of a variety of information regarding the packets that are traversing them, including the following:

• Source and destination TCP and UDP port numbers
• TCP sequence numbering
• TCP flags
• TCP session state based on the RFCed TCP state machine
• UDP traffic tracking based on timers

Stateful firewalls often have built-in advanced IP layer handling features such as fragment reassembly and clearing or rejecting of IP options.

Many modern stateful packet filters are aware of application layer protocols such as FTP and HTTP and can perform access-control functions based on these protocols' specific needs.

Personal Firewalls

Personal firewalls are firewalls installed on personal computers. They are designed to protect against network attacks. These firewalls are generally aware of the applications running on the machine and allow only connections established by these applications to operate on the machine.

A personal firewall is a useful addition to any PC because it increases the level of security already offered by a network firewall. However, because many of the attacks on today's networks originate from inside the protected network, a PC firewall is an even more useful tool, because network firewalls cannot protect against these attacks. Personal firewalls come in a variety of flavors. Most are implemented to be aware of the applications running on the PC. However, they are designed to not require any changes from the user applications running on the PC, as is required in the case of proxy servers.

 

Positioning of Firewalls

Positioning a firewall is as important as using the right type of firewall and configuring it correctly. Positioning a firewall determines which traffic will be screened and whether there are any back doors into the protected network. Some of the basic guidelines for positioning a firewall are as follows:

• Topological location of the firewall- It is often a good idea to place a firewall on the periphery of a private network, as close to the final exit and initial entry point into the network as possible. The network includes any remote-access devices and VPN concentrators sitting on the its periphery. This allows the greatest number of devices on the private network to be protected by the firewall and also helps keep the boundary of the private and public network very clear. A network in which there is ambiguity as to what is public and what is private is a network waiting to be attacked.
  Certain situations might also warrant placing a firewall within a private network in addition to placing a firewall at the entry point. An example of such a situation is when a critical segment of the network, such as the segment housing the financial or HR servers, needs to be protected from the rest of the users on the private network.
  Also, in most cases firewalls should not be placed in parallel to other network devices such as routers. This can cause the firewall to be bypassed. You should also avoid any other additions to the network topology that can result in the firewall's getting bypassed.
• Accessibility and security zones- If there are servers that need to be accessed from the public network, such as Web servers, it is often a good idea to put them in a demilitarized zone (DMZ) built on the firewall rather than keep them inside the private network. The reason for this is that if these servers are on the internal network and the firewall has been asked to allow some level of access to these servers from the public network, this access opens a door for attackers. They can use this access to gain control of the servers or to stage attacks on the private network using the access holes created in the firewall. A DMZ allows publicly accessible servers to be placed in an area that is physically separate from the private network, forcing the attackers who have somehow gained control over these servers to go through the firewall again to gain access to the private network.
• Asymmetric routing- Most modern firewalls work on the concept of keeping state information for the connections made through them from the private network to the public network. This information is used to allow only the packets belonging to the legitimate connections back into the private network. Consequently, it is important that the exit and entry points of all traffic to and from the private network be through the same firewall. If this is not the case, a firewall may drop packets belonging to legitimate connections started from the internal network for which it has no state information. This scenario is known as asymmetric routing.
• Layering firewalls- In networks where a high degree of security is desired, often two or more firewalls can be deployed in series. If the first firewall fails, the second one can continue to function. This technique is often used as a safeguard against network attacks that exploit bugs in a firewall's software. If one firewall's software is vulnerable to an attack, hopefully the software of the second firewall sitting behind it will not be. Firewalls from different vendors are often used in these setups to ensure that one incorrect or compromised implementation can be backed up by the other vendor's implementation.

Positioning a firewall can be a complicated issue in a large network with multiple subsegments and entry points. Often a network that has not used a firewall in the past needs to be restructured to allow a firewall to be placed properly to protect it. This is necessary to create a single point of entry and exit and to remove the issue of asymmetric routing.

Summary

Firewalls are a critical component of any secure network. Firewalls in one form or another provide restricted access to a network based on a defined security policy. In order to make the best use of a firewall's capabilities, however, it is critical to position it in the network where it can provide the most security coverage possible.

Credit for  :  Book

 

Cloud Computing

CLOCO

Teknologi berkembang sangat pantas. Mungkin sekarang kite rase itu bende baru. Tapi akan datang kite akan rase bende yang baru hari ini akan jadi sejarah atau suatu yang sudah lapok. Aku tertarik dengan perkataan ni " Cloud Computing " ( CLOCO ). Apabila sume application, information dan sebagainye dikongsi dalam satu network(Cloud).

Macam biase, untuk kite beralih ke satu tempat yang lain atau dari teknologi yang sedia ade kepada teknologi yang bar, banyak perkara yang perlu diambil kira.

Pada saya kite kenalah memahami " What is cloud computing". Ape yang sebenarnye "cloud computing" buat. Kite juga perlu memahami bagaimana "Cloud Computing" beroperasi, dari segi " architecture " terutamanya. Kita jangan "confused" dengan "Autonomic Computing",  "Client-Server Model", "Grid Computing", "Mainframe Computer", "Utility Computer","Peer-to-Peer".

Ape yang menarik nye. Pengguna "Cloud Computing" tak perlu ade infrastructure. Contohnye, sekiranya didalam satu network dimana terdapt banyak" site or brances " , sume branches tidak perlu ade server untuk " access " sistem atau aplikasi. Dengan menggunakan " Cloud Computing " hanya di DC (datacenter) sahaja memerlukan server.

Banyak kelebihannya, diamana kos dari segi infrastructure untuk setiap branches boleh dikurangkan.( server,place,electrical,storage ,dll).

Go to this link to know details.... http://clocom.wordpress.com

Personal PC Audit

Get your PC information.

Ni caranye. Banyak software sebenarnye.Tapi aku guna tools ni. Belarc Advisor .
Pada aku ok laa.sebab ape info yang aku nak boleh dapat dari tools ni.

Sume info pasal laptop/pc .Leh dapat info serial number software yang kite install. security info laptop/pc kite.
sume jenis software yang ade dalam pc/laptop kite pun leh tau gak.dan byk lagi laa..leh tgk kat sini or try je download n install. BELARC

Pakej Baru Menara Petronas.

Dalam utusan ade kuar pasal pakej baru yang mantap utk ke menara petronas.

Ape yang menarik dan pakej baru tu...

" Petronas dalam satu kenyataan hari ini berkata, pakej-pakej yang akan diperkenalkan sebagai tambahan kepada lawatan sedia ada ke Skybridge di tingkat 41 itu akan turut merangkumi lawatan ke dek pemerhatian di aras teratas Menara 2, serta jamuan di Kelab Petroleum Malaysia (MPC) di bangunan yang sama. "

dipetik dari Utusan : nah ambik ni

Sejajar dengan kesungguhan untuk menjadikan menara berkembar petronas sebagai tumpuan utama pelancong dlam dan luar negara. Pi la try nanti. Aku pun tak penah melawat lebih2 petronas tu. pi isetan tu je..ekeke.

MCTF10

Hallu sume.

Kembali lagi Malaysia Career & Training Fair

Nah ambik link ni. byk company ade. pilih je nak mane satu.

Career yang di cari ade disini. jom jom..... MCTF10

UltraSurf

What is ultrasurf......= ini software leh lepaskan korang dari cengkaman web filtering. Ape2 yang kene blok kat tempat koje lee.

nak download kat sini

Nak tau lebih2 bace la kat sini. aku pun ambik kat sini... UltraSurf

Apa itu " Kuasa Melayu "

Bak kate Tuah ( Laksamana Hang Tuah pada zaman Kesultanan Melaka) "Takkan Melayu Hilang di Dunia"

Kata-kata negarawan terulung kita Tun Dr Mahathir " Melayu mudah lupe "

Tertarik aku dgn Utusan Malaysia keluaran 26 september 2010.  " Kuasa melayu ". dengan panjang lebar dalam utusan. ( nak bace silakan Utusan Malaysia ).


Pada pemikiran aku yang biase2 je ni. Melayu memang takkan hilang didunia, tapi melayu mungkin akan hilang ape yang ade pada hari ini. Ape yang melayu ade pada hari ini adalah hanya ada KUASA. KUASA memerintah negara tercinta Malaysia. KUASA dalam menentukan hala tuju negara tercinta MALAYSIA.

Tapi tanpa disedari.Melayu mudah  lupe dengan ape yang ade pada hari ini.Ape yang Melayu miliki pada hari ini. Apa yang Pemimpin melayu yang benar-benar jujur dalam memeperjuangkan KUASA dan HAK melayu.( Tak kesah la mane2 kumpulan pun)
Pada aku, PEMIMPIN Melayu skrg kene paham. Melayu tidak ade ape-ape selain KUASA.  MELAYU tidak handal dalam ekonomi. Oleh itu perkasa kan Ekonomi melayu. Jagalah KUASA melayu yang ade sekarang ni, supaya tak di rampas oleh orang yang tak sepatutnye...Ade Paham. :)

Jangan bile dah terkena baru nak menyesal..... ni laa pendapat aku yang telah aku rumuskan.

Melayu takkan hilang,tapi kuase mungkin boleh hilang.

 

iphone 4G = Digi

iphone 4G is coming to town......

Harga mcm gempak.. tapi tak tau laa gempak ke tak. kalu digi ade 3 plan. idigi88. idigi138. idigi238.




nak lebih2 tgk la kat website digi. iphone4G dari Digi

nah tgk ni cun ke tak. terbaik de..

Rumah=House

Kadar pembiayaan rumah kekal 90% bak kate PM.

Bagus2. Ni memang la patut, sebab dgn ini boleh laa golongan mude yang baru2 koje ke, yang berpendapatan ok ok je boleh beli rumah.

Saya memang le bersetuju sgt2 le dgn pendekatan ni.OK laa kan untuk rumah pertama or kedua.

Kalu rumah ke3 nak wat 80% buatlee..

aku nak beli umah satu je.ehehehehehe


ehsan dari utusan online. Utusan Malaysia

Sourcefire

This is IPS security appliance. Analyze network traffic and prevent critical threats from damaging your network.

Sourcefire provide defense from all this threat : -

Worms Trojans Backdoor attacks Spyware Port scans VoIP attacks

DoS attacks Buffer overflows P2P attacks Statistical anomalies Protocol anomalies Application anomalies

Invalid headers Blended threats Rate-based attacks Zero-day threats TCP segmentation & IP fragmentation attacks IPv6 attack

Can protect your physical and virtual environment.
Defense you network before bad things happen.

Details.go this link.

http://www.sourcefire.com/

Nama Domain

Halluu...


Jom register nama domain. Sape2 yang rase2 nak register name domain baru ke,nak tambah domain baru ke silalah ke sini. Aku rase macam ni je yang harge yang murah dan ok lee..


Yang ni harge tengah promosi. RM35 setahun murah tu.

Beli kat sini dapat free ni :

30 days web hosting
pre-installed WordPress
One email address
Dns hosting
Transfer of domain ownership


Ape lagi jangan sampai domain yang anda mimpi malam tadi terlepas...

details go to Webserver


Ni satu lagi....


Memang sempoi..sesempoi namanya.

Ni pun kire murah gak. RM 38 Setahun.Daftar kat sini dapat free ni :

Url forwarding
Email
Whois guard(Maklumat anda disembunyikan)free setahun je .



Nak detail2 pi la kat sini. Sempoi

Lambat register terlepas lee domain korang.

jom cepat2.Ni kalu lambat tak selamat.

Palo Alto

Palo Alto Networks' Next-Generation Firewalls

Sejauh mane keberkesanan Palo Alto ?

Ni definasi Palo Alto.

Palo Alto Networks’ next-generation firewalls provide network security by enabling enterprises to see and control applications, users, and content – not just ports, IP addresses, and packets – using three unique identification technologies: App-ID, User-ID, and Content-ID. These identification technologies, found in Palo Alto Networks' enterprise firewalls, enable enterprises to create business-relevant security policies – safely enabling organizations to adopt new applications, instead of the traditional “all-or-nothing” approach offered by traditional port-blocking firewalls used in many security infrastructures. ( http://www.paloaltonetworks.com/products/index.html )

Aku pernah pakai Palo Alto. Pada aku boleh diakatakakn user friendly laa...Senang gak nak kuar report. Tapi yang tak berkenan plak, bile masuk dalam environment network aku ade masalah lak.Box Palo Alto tu leh plak hang. Sape2 yang penah gune Palo Alto ni share2 skit. ok ke tak .Berkesan tak sebagai Firewall dalam network korang.


Ni keluarga Palo Alto.




Selanjut nye bace2 la kat website Palo Alto (http://www.paloaltonetworks.com/)

PGEF 2010

yihaaaa...


Malaysia's Largest Post Graduate Education Fair is Back.


Pot event ni kat Mid Valley Exhibition Centre.
Tarikh 8 - 10 October 2010.


Sesiape rajin atau tido je...pi la tgk.ekekek

BROCADE

uit...

Ceritera bermula dgn huruf B

Brocade picks Malaysia as regional centre for storage area network (SAN)


Ceritera bermula dgn huruf T

Tan Sri Muhammad Ali : I made the decision to quit JCORP

Ceritera bermula dgn huruf M

MAS Set to Receive 35 New Boeing 737-800


Ceritera bermula dgn huruf S

Seagate the first 3 Tetrabyte external desktop drive.


Ehsan dari SME & Entrepreneurship Magazine.....

Business Continuity

Selamat bertemu lagi..

Ape tu "Business Continuity" ?

Pada saya ia adalah suatu bende atau future plan yang perlu ade untuk mane2 organisasi di dunia ini.Ini adalah untuk memastikan kejayaan sesebuah organisasi tersebut.

Semua organisasi mempunyai data yang sangat penting.lebih-lebih lagi dalam bidang " Banking","Healthcare" dan sewaktun dgnnya.

Semua organisasi didunia ini terdedah pada risiko.Sekiranya bekalan elektrik terputus,Files corrup,disaster (disaster disebabkan manusia "human-made disaster" ) (Bencana alam "Natural Disaster") dan sewaktu dgnnye.

Oleh sebab itu penting gile business continuity ni.

IT people main peranan untuk setandby dgn langkah2 sekiranya berlaku sebarang kemungkinan.

ayat lebih mudah lagi... ape2 hal pun kene buat backup. Maksudnye, kite kene identify atau kenal pasti mane data yang penting. Banyak care nak buat backup.........

Majalah = Megazine

Bertemu kembali...

Untuk sesiape yang belum tahu.

Sy pun baru je tahu .Busan2 mlm tadi pi la jalan2 dalam inter-net.Website ni bagus gak pada peniaga2 baru atau lame.Kecil-kecilan atau besar-besaran.Online niage or offline niage.
Yang rase baru nak mule2 niage pun ok gak. Kat website ni ade info tentang supplier.Kat ne nak ambik barang.Contohnye kerepek ke.Baju ke. Dan mcam2 lagi.

Jadinye.Pegila ke website ni jalan2.hehehe.


http://www.majalah.com

Salam dan selamat sejahtera semua.

Lame dah tak tengok2 blog aku ni. Tibe2 pagi2 ni saje2 nak buka balik.Nak tengok ape yang dah terjadi kat blog aku ni. Hah sebelum tu, SELAMAT HARI RAYA MAAF ZAHIR DAN BATIN sume.

Aku nak stat balik jage blog aku ni.huhuhh. Mungkin pas ni banyak bende2 aku akan post kan.Tungggguuuuuu.

Harap2 aku rajin laa..ekekekeke.

Selamat bertemu kembali.