ഈ തവണ മലയാളത്തില്‍ തന്നെ ഒരു ആര്‍ട്ടിക്കിള്‍ എഴുതാം എന്ന് വച്ചു. ഇന്റര്‍നെറ്റ്‌ വന്നതോടെ എല്ലാം ഓണ്‍ലൈന്‍ ആയി മാറുകയാണല്ലോ. ഈ ഒരു കാരണം കൊണ്ട് തന്നെ സ്വാഭാവികം ആയും എല്ലാം ഇംഗ്ലീഷ് ആയി മാറുന്ന ഒരു പ്രവണത ആണ് നമ്മള്‍ കഴിഞ്ഞ കുറച്ചു വര്‍ഷങ്ങളായി കണ്ടു വരുന്നത്. എന്നാല്‍ ഇപ്പൊ “OS”, സോഫ്റ്റ്‌വെയര്‍, ബ്രൌസര്‍ എല്ലാം ഇന്ത്യന്‍ ഭാഷകള്‍ സപ്പോര്‍ട്ട് ചെയുനുണ്ട്. ഇതില്‍ നമുക്ക് അഭിമാനിക്കാം.

ഇതൊക്കെ ആണെങ്കിലും യതാര്‍ഥത്തില്‍ keyboard ആയിരുന്നു പ്രശ്നകാരന്‍. US keyboard കണ്ടു വളര്‍ന്ന നമ്മള്‍ മലയാളത്തില്‍ ടൈപ്പ് ചെയ്യാന്‍ ശെരിക്കും കഷ്ടപെട്ടു. എന്നാല്‍ നമ്മള്‍ മലയാളം ഇംഗ്ലീഷില്‍ ടൈപ്പ് ചെയ്യാന്‍ തുടങ്ങി. ഇതിനു ഒരു പോംവഴി ആയി ആരോ കണ്ടു പിടിച്ച ഒരു സൂത്രമാണ് മംഗ്ലീഷ് ടൈപ്പിംഗ്‌.

ഈ സൂത്രം ആദ്യം വന്നത് ചില സൈറ്റുകളില്‍ ആണെങ്കിലും , പിന്നീടു ജിമെയില്‍ മുതലായ വെബ്മൈല്‍ ധാതാകളും തന്നു തുടങ്ങി.

മലയാളം മറകുന്ന മലയാളിക്ക് ഇതു ഒരു നേട്ടമായി കരുതാന്‍ പറ്റുമോ എന്നറിയില്ല

Hope most of us got the Google Wave by this time. Everybody would have started gazing at it , like a child holding a complex toy. Anyway long video had impressed us with its capabilites, far before we got an account.

For those who have not yet seen this,

Yes, I stared using wave. What next? What about the other features of Wave. What about embedding it in our website. Oh yaa.. I guess we have to wait more for that.

Anyway, Its pretty easy I guess. For wordpress user a plugin is ready, with which we can easily embed waves.

You can download this plugin HERE But you would probably need a developer wave account for this to work, as of now.

The all new OS from canonical is out. I didnt try it yet, will do it today.

A full specification is available at http://www.ubuntu.com/getubuntu/releasenotes/910overview

• Gnome 2.28
• Upstart (faster booting)
• Empathy IM (replaces Pidgin)
• New login manager
• Quickly (easier application development)
• Ubuntu One (cloud-based sharing and storage)
• Linux Kernel 2.6.31
• Changes to power management
• New Intel video driver architecture
• Ext4 file system default
• Grub 2 default

So what are you waiting for. Click here to download your copy.

You could even request  your free copy here .

Even If I support open source, here I am writing about the latest OS from Microsoft,  Windows 7. Lets see its features.

Windows 7 is the latest version of Microsoft Windows, a

s

eries of operating systems produced by Microsoft for use on personal computers, including home and business desktops, laptops, netbooks, tablet PCs and media center PCs.Windows 7 was released to manufacturing on July 22, 2009, and general retail availability on October 22, 2009, less than three years after the release of its predecessor, Windows Vista.

Windows 7’s server counterpart, Windows Server 2008 R2, was released at the same time.

Unlike its predecessor, which introduced a large number of new features, Windows 7 is intended to be a more focused, incremental upgrade to the Windows line, with the goal of being fully compatible with applications and hardware with which Windows Vista is already compatible. Presentations given by Microsoft in 2008 focused on multi-touch support, a redesigned Windows Shell with a new taskbar, a home networking system called HomeGroup, and performance improvements. Some applications that have been included with prior releases of Microsoft Windows, including Windows Calendar, Windows Mail, Windows Movie Maker, and Windows Photo Gallery, are not included in Windows 7; some are instead offered separately as part of the free Windows Live Essentials suite.

Windows 7 is the latest version of Microsoft Windows, a series of operating systems produced by Microsoft for use on personal computers, including home and business desktops, laptops, netbooks, tablet PCs and media center PCs^. Windows 7 was released to manufacturing on July 22, 2009, and general retail availability on October 22, 2009, less than three years after the release of its predecessor, Windows Vista. Windows 7’s server counterpart, Windows Server 2008 R2, was released at the same time.

Unlike its predecessor, which introduced a large number of new features, Windows 7 is intended to be a more focused, incremental upgrade to the Windows line, with the goal of being fully compatible with applications and hardware with which Windows Vista is already compatible. Presentations given by Microsoft in 2008 focused on multi-touch support, a redesigned Windows Shell with a new taskbar, a home networking system called HomeGroup, and performance improvements. Some applications that have been included with prior releases of Microsoft Windows, including Windows Calendar, Windows Mail, Windows Movie Maker, and Windows Photo Gallery, are not included in Windows 7; some are instead offered separately as part of the free Windows Live Essentials suite.

The taskbar has seen the biggest visual changes, where the Quick Launch toolbar has been replaced with pinning applications to the taskbar. Buttons for pinned applications are integrated with the task buttons. These buttons also enable the Jump Lists feature to allow easy access to common tasks. The revamped taskbar also allows the reordering of taskbar buttons. To the far right of the system clock is a small rectangular button that serves as the Show desktop icon. This button is part of the new feature in Windows 7 called Aero Peek. Hovering over this button makes all visible windows transparent for a quick look at the desktop. In touch-enabled displays such as touch screens, tablet PCs, etc., this button is slightly wider to accommodate being pressed with a finger. Clicking this button minimizes all windows, and clicking it a second time restores them. Additionally, there is a feature named Aero Snap, that automatically maximizes a window when it is dragged to either the top or left/right edges of the screen. This also allows users to snap documents or files on either side of the screen to compare them. When a user moves windows that are maximized, the system restores their previous state automatically. This functionality is also accomplished with keyboard shortcuts. Unlike in Windows Vista, window borders and the taskbar do not turn opaque when a window is maximized with Windows Aero applied. Instead, they remain transparent.

For developers, Windows 7 includes a new networking API with support for building SOAP-based web services in native code (as opposed to .NET-based WCF web services), new features to shorten application install times, reduced UAC prompts, simplified development of installation packages, and improved globalization support through a new Extended Linguistic Services API.At WinHEC 2008 Microsoft announced that color depths of 30-bit and 48-bit would be supported in Windows 7 along with the wide color gamut scRGB (which for HDMI 1.3 can be converted and output as xvYCC). The video modes supported in Windows 7 are 16-bit sRGB, 24-bit sRGB, 30-bit sRGB, 30-bit with extended color gamut sRGB, and 48-bit scRGB. Microsoft is also implementing better support for solid-state drives, including the new TRIM command, and Windows 7 will be able to identify a solid-state drive uniquely. Microsoft is also planning to support USB 3.0 in a subsequent patch, although support was not included in the initial release because of delays in the finalization of the standard.^[52]

Internet Spades, Internet Backgammon and Internet Checkers, which were removed from Windows Vista, were restored in Windows 7. Windows 7 includes Internet Explorer 8 and Windows Media Player 12.

Users also are able to disable many more Windows components than was possible in Windows Vista. New additions to this list of components include Internet Explorer, Windows Media Player, Windows Media Center, Windows Search, and the Windows Gadget Platform. Windows 7 includes 13 additional sound schemes, titled Afternoon, Calligraphy, Characters, Cityscape, Delta, Festival, Garden, Heritage, Landscape, Quirky, Raga, Savanna, and Sonata. A new version of Virtual PC, Windows Virtual PC Beta is available for Windows 7 Professional, Enterprise, and Ultimate editions. It allows multiple Windows environments, including Windows XP Mode, to run on the same machine, requiring the use of Intel VT-x or AMD-V. Windows XP Mode runs Windows XP in a virtual machine and redirects displayed applications running in Windows XP to the Windows 7 desktop. Furthermore Windows 7 supports the mounting of a virtual hard disk (VHD) as a normal data storage, and the bootloader delivered with Windows 7 can boot the Windows system from a VHD. The Remote Desktop Protocol (RDP) of Windows 7 is also enhanced to support real-time multimedia application including video playback and 3D games. That means that Direct X 10 can be used in a remote desktop environment. The three application limit will be removed from Windows 7 Starter.

” Hey your server is infected with virus, google has blocked it again…can you fix it or not !!!”

This is the words that most of the webhosts hear from their customers these days. Anyway I would like to explain here, how and why these kinds of attacks are done.

The first point that I would like to share with you is that, it is NOT a server issue.

The main reason for such an attack is either

1. A Vulnerable code.  Most of the websites use CMS such as wordpress/joomla etc. If they are not updated properly, you are likely to have attacked.

2. A weak ftp password, that can be easily cracked by bruteforcing.

3. A clinet Pc ( Windows) being infected by virus and this is the most common way I have seen so far.

Working

I am not explaining here the first two methods as they are self explanatory. The third one works as mentioned below.

It startes with a google search. When someone searches for something in google, probably infected websites or even attackers website itself pops up in results.

When the user click on this, his pc gets infected with the virus.

If he is a webmaster, when he tries to upload or edit contents of his website, the virus code is also injected.

So what does this injected code do ?

The basic idea is that an code loads the content of an external site(Virus website) into the site, sets the external content to be invisible and then overlays the page you’re looking at. When you click a link you see on the current page, you are in fact clicking on the externally loaded page and about to load pretty much whatever the attacker wants.

Thus it propagates from client Pc to Pc.

Got Infected..What to do now!!

If you have a good backup, you are saved. Else you have to contact someone to write some kind of script to remove the injected code. The sad part is, I have seen many hexadecimal code which does’nt have any pattern. In this case it is extremely difficult if your site is having thousands of webpages.

Also, I have seem some attacks, where the original content is replaced. In that case, if you do not have any backups there is no other way than to contact developer to rebuild the website.

How to Avoid

The basic steps that is to be done to prevent this type of attack in future are

1. Install software from the latest version of the developer’s site manually.
2. Check this site periodically or use any built in update functions the script may have to ensure you are running the latest version.
3. Stay up to date with news the developers may post or any exploits posted on security sites such as http://www.securityfocus.com/. Some times developers just can’t patch their software fast enough, some developers can’t even fix the exploits in their software between versions.

4. Use a good antivirus software in your PC. ( Anyway Linux users dont have to worry about this !!!)

Cloud computing can be confused with

Grid computing—”a form of distributed computing whereby a ’super and virtual computer’ is composed of a cluster of networked, loosely coupled computers acting in concert to perform very large tasks”;

Utility computing—the “packaging of computing resources, such as computation and storage, as a metered service similar to a traditional public utility, such as electricity”;and

Autonomic computing—”computer systems capable of self-management”.

Indeed, many cloud computing deployments as of 2009 depend on grids, have autonomic characteristics, and bill like utilities—but cloud computing tends to expand what is provided by grids and utilities.me successful cloud architectures have little or no centralized infrastructure or billing systems whatsoever, including peer-to-peer networks such as BitTorrent and Skype, and volunteer computing such as SETI@home.

Furthermore, many analysts are keen to stress the evolutionary, incremental pathway between grid technology and cloud computing, tracing roots back to application service providers (ASPs) in the 1990s and the parallels to SaaS, often referred to as applications on the cloud. Some believe the true difference between these terms is marketing and branding; that the technology evolution was incremental and the marketing evolution discrete.

Characteristics

Cloud computing customers do not generally own the physical infrastructure serving as host to the software platform in question. Instead, they avoid capital expenditure by renting usage from a third-party provider. They consume resources as a service and pay only for resources that they use. Many cloud-computing offerings employ the utility computing model, which is analogous to how traditional utility services (such as electricity) are consumed, while others bill on a subscription basis. Sharing “perishable and intangible” computing power among multiple tenants can improve utilization rates, as servers are not unnecessarily left idle (which can reduce costs significantly while increasing the speed of application development). A side effect of this approach is that overall computer usage rises dramatically, as customers do not have to engineer for peak load limits. Additionally, “increased high-speed bandwidth” makes it possible to receive the same response times from centralized infrastructure at other sites.

Economics

Diagram showing economics of cloud computing versus traditional IT, including capital expenditure (CapEx) and operational expenditure (OpEx)

Cloud computing users can avoid capital expenditure (CapEx) on hardware, software, and services when they pay a provider only for what they use. Consumption is usually billed on a utility (e.g. resources consumed, like electricity) or subscription (e.g. time based, like a newspaper) basis with little or no upfront cost. A few cloud providers are now beginning to offer the service for a flat monthly fee as opposed to on a utility billing basis. Other benefits of this time sharing style approach are low barriers to entry, shared infrastructure and costs, low management overhead, and immediate access to a broad range of applications. Users can generally terminate the contract at any time (thereby avoiding return on investment risk and uncertainty) and the services are often covered by service level agreements (SLAs) with financial penalties.

According to Nicholas Carr, the strategic importance of information technology is diminishing as it becomes standardized and less expensive. He argues that the cloud computing paradigm shift is similar to the displacement of electricity generators by electricity grids early in the 20th century.Although companies might be able to save on upfront capital expenditures, they might not save much and might actually pay more for operating expenses. In situations where the capital expense would be relatively small, or where the organization has more flexibility in their capital budget than their operating budget, the cloud model might not make great fiscal sense. Other factors impacting the scale of any potential cost savings include the efficiency of a company’s data center as compared to the cloud vendor’s, the company’s existing operating costs, the level of adoption of cloud computing, and the type of functionality being hosted in the cloud.

Architecture

The majority of cloud computing infrastructure, as of 2009 consists of reliable services delivered through data centers and built on servers with different levels of virtualization technologies. The services are accessible anywhere that provides access to networking infrastructure. Clouds often appear as single points of access for all consumers’ computing needs. Commercial offerings are generally expected to meet quality of service (QoS) requirements of customers and typically offer SLAs. Open standards are critical to the growth of cloud computing, and open source software has provided the foundation for many cloud computing implementations

History

The Cloud is a term that borrows from telephony. Up to the 1990s, data circuits (including those that carried Internet traffic) were hard-wired between destinations. Subsequently, long-haul telephone companies began offering Virtual Private Network (VPN) service for data communications. Telephone companies were able to offer VPN-based services with the same guaranteed bandwidth as fixed circuits at a lower cost because they could switch traffic to balance utilization as they saw fit, thus utilizing their overall network bandwidth more effectively. As a result of this arrangement, it was impossible to determine in advance precisely which paths the traffic would be routed over. The term “telecom cloud” was used to describe this type of networking, and cloud computing is conceptually somewhat similar.

The underlying concept of cloud computing dates back to 1960, when John McCarthy opined that “computation may someday be organized as a public utility”; indeed it shares characteristics with service bureaus that date back to the 1960s. Ramnath K. Chellappa defined it as a computing paradigm where the boundaries of computing will be determined by economic rationale rather than technical limits.The term cloud had already come into commercial use in the early 1990s to refer to large Asynchronous Transfer Mode (ATM) networks. By the turn of the 21st century, the term “cloud computing” began to appear more widely, although most of the focus at that time was limited to SaaS.

In 1999, Salesforce.com was established by Marc Benioff, Parker Harris, and their associates. They applied many technologies developed by companies such as Google and Yahoo! to business applications. They also provided the concepts of “on demand” and SaaS with their real business and successful customers. The key for SaaS is that it is customizable by customers with limited technical support required. Business users have enthusiastically welcomed the resulting flexibility and speed.

In the early 2000s, Microsoft extended the concept of SaaS through the development of web services. IBM detailed these concepts in 2001 in the Autonomic Computing Manifesto, which described advanced automation techniques such as self-monitoring, self-healing, self-configuring, and self-optimizing in the management of complex IT systems with heterogeneous storage, servers, applications, networks, security mechanisms, and other system elements that can be virtualized across an enterprise.

Amazon played a key role in the development of cloud computing by modernizing their data centers after the dot-com bubble which, like most computer networks, were using as little as 10% of their capacity at any one time just to leave room for occasional spikes. Having found that the new cloud architecture resulted in significant internal efficiency improvements whereby, small, fast-moving “two-pizza teams” could add new features faster and easier, Amazon started providing access to their systems through Amazon Web Services on a utility computing basis in 2005.

In 2007, Google, IBM, and a number of universities embarked on a large scale cloud computing research project.By mid-2008, Gartner saw an opportunity for cloud computing “to shape the relationship among consumers of IT services, those who use IT services and those who sell them”,and observed that “[o]rganisations are switching from company-owned hardware and software assets to per-use service-based models” so that the “projected shift to cloud computing … will result in dramatic growth in IT products in some areas and in significant reductions in other areas.”

Political issues

The Cloud spans many borders and “may be the ultimate form of globalization.”As such, it becomes subject to complex geopolitical issues, and providers are pressed to satisfy myriad regulatory environments in order to deliver service to a global market. This dates back to the early days of the Internet, when libertarian thinkers felt that “cyberspace was a distinct place calling for laws and legal institutions of its own”.

Despite efforts (such as US-EU Safe Harbor) to harmonize the legal environment, as of 2009[update], providers such as Amazon Web Services cater to major markets (typically the United States and the European Union) by deploying local infrastructure and allowing customers to select “availability zones.”Nonetheless, concerns persist about security and privacy from individual through governmental levels (e.g., the USA PATRIOT Act, the use of national security letters, and the Electronic Communications Privacy Act’s Stored Communications Act.

Legal issues

In March 2007, Dell applied to trademark the term “cloud computing” (U.S. Trademark 77,139,082) in the United States. The “Notice of Allowance” the company received in July 2008 was cancelled in August, resulting in a formal rejection of the trademark application less than a week later.

In September 2008, the United States Patent and Trademark Office (USPTO) issued a “Notice of Allowance” to CGactive LLC (U.S. Trademark 77,355,287) for “CloudOS”. As defined under this notice, a cloud operating system is a generic operating system that “manage[s] the relationship between software inside the computer and on the Web”, such as Microsoft Azure[30].

In November 2007, the Free Software Foundation released the Affero General Public License, a version of GPLv3 intended to close a perceived legal loophole associated with Free software designed to be run over a network, particularly SaaS. An application service provider is required to release any changes they make to Affero GPL open source code.[citation needed]

Control issues

The founder and president of the Free Software Foundation Richard Stallman has warned people that cloud computing will force people to buy into locked, proprietary systems that will cost more and more over time.

Key characteristics

• Agility improves with users able to rapidly and inexpensively re-provision technological infrastructure resources. The cost of overall computing is unchanged, however, and the providers will merely absorb up-front costs and spread costs over a longer period..

• Cost is claimed to be greatly reduced and capital expenditure is converted to operational expenditure. This ostensibly lowers barriers to entry, as infrastructure is typically provided by a third-party and does not need to be purchased for one-time or infrequent intensive computing tasks. Pricing on a utility computing basis is fine-grained with usage-based options and fewer IT skills are required for implementation (in-house). Some would argue that given the low cost of computing resources, that the IT burden merely shifts the cost from in-house to outsourced providers. Furthermore, any cost reduction benefit must be weighed against a corresponding loss of control, access and security risks.

• Device and location independence enable users to access systems using a web browser regardless of their location or what device they are using (e.g., PC, mobile). As infrastructure is off-site (typically provided by a third-party) and accessed via the Internet, users can connect from anywhere.

• Multi-tenancy enables sharing of resources and costs across a large pool of users thus allowing for:

  • Centralization of infrastructure in locations with lower costs (such as real estate, electricity, etc.)

  • Peak-load capacity increases (users need not engineer for highest possible load-levels)

  • Utilization and efficiency improvements for systems that are often only 10–20% utilized.

• Reliability improves through the use of multiple redundant sites, which makes cloud computing suitable for business continuity and disaster recovery.Nonetheless, many major cloud computing services have suffered outages, and IT and business managers can at times do little when they are affected.

• Scalability via dynamic (”on-demand”) provisioning of resources on a fine-grained, self-service basis near real-time, without users having to engineer for peak loads. Performance is monitored, and consistent and loosely-coupled architectures are constructed using web services as the system interface.

• Security typically improves due to centralization of data, increased security-focused resources, etc., but concerns can persist about loss of control over certain sensitive data, and the lack of security for stored kernels. Security is often as good as or better than under traditional systems, in part because providers are able to devote resources to solving security issues that many customers cannot afford. Providers typically log accesses, but accessing the audit logs themselves can be difficult or impossible.

• Sustainability comes about through improved resource utilization, more efficient systems, and carbon neutrality. Nonetheless, computers and associated infrastructure are major consumers of energy.

Layers

Clients

See also category: Cloud clients

A cloud client consists of computer hardware and/or computer software which relies on cloud computing for application delivery, or which is specifically designed for delivery of cloud services and which, in either case, is essentially useless without it.For example:

• Mobile (Android, iPhone, Windows Mobile)

• Thin client (CherryPal, Zonbu, gOS-based systems)

• Thick client / Web browser (Mozilla Firefox, Google Chrome, WebKit)

Application

See also category: Cloud applications

A cloud application leverages cloud computing in software architecture, often eliminating the need to install and run the application on the customer’s own computer, thus alleviating the burden of software maintenance, ongoing operation, and support. For example:

• Peer-to-peer / volunteer computing (BOINC, Skype)

• Web applications (Facebook, Twitter, YouTube)

• Security as a service (MessageLabs, Purewire, ScanSafe, Zscaler)

• Software as a service (Google Apps, Salesforce, Cool Life Systems, SpringCM)

• Software plus services (Microsoft Online Services)

• Storage [Distributed]

  • Content distribution (BitTorrent, Amazon CloudFront)

  • Synchronisation (Live Mesh)

[Platform

See also category: Cloud platforms

A cloud platform (PaaS) delivers a computing platform and/or solution stack as a service, generally consuming cloud infrastructure and supporting cloud applications. It facilitates deployment of applications without the cost and complexity of buying and managing the underlying hardware and software layers. For example:

• Services

  • Identity (OAuth, OpenID)

  • Payments (Amazon Flexible Payments Service, Google Checkout, PayPal)

  • Search (Alexa, Google Custom Search, Yahoo! BOSS)

  • Real-world (Amazon Mechanical Turk)

• Solution stacks

  • Java (Google App Engine)

  • PHP (Rackspace Cloud Sites)

  • Python Django (Google App Engine)

  • Ruby on Rails (Heroku)

  • .NET (Azure Services Platform, Rackspace Cloud Sites)

  • Proprietary (Force.com, WorkXpress, Wolf Frameworks)

• Storage [Structured]

  • Databases (Amazon SimpleDB, BigTable)

  • File storage (Amazon S3, Nirvanix, Rackspace Cloud Files)

  • Queues (Amazon SQS)

Infrastructure

See also category: Cloud infrastructure

Cloud infrastructure (IaaS) is the delivery of computer infrastructure, typically a platform virtualization environment, as a service. For example:

• Compute (Amazon CloudWatch, RightScale)

  • Physical machines (Softlayer)

  • Virtual machines (Amazon EC2, GoGrid, Rackspace Cloud Servers, Terremark Enterprise Cloud)

  • OS-level virtualisation

• Network (Amazon VPC)

• Storage [Raw] (Amazon EBS)

Servers

The servers layer consists of computer hardware and/or computer software products which are specifically and soley designed for the delivery of cloud services.For example:

• Fabric computing (Cisco UCS)

Architecture

Cloud computing sample architecture

Cloud architecture,the systems architecture of the software systems involved in the delivery of cloud computing, comprises hardware and software designed by a cloud architect who typically works for a cloud integrator. It typically involves multiple cloud components communicating with each other over application programming interfaces, usually web services.

This closely resembles the Unix philosophy of having multiple programs each doing one thing well and working together over universal interfaces. Complexity is controlled and the resulting systems are more manageable than their monolithic counterparts.

Cloud architecture extends to the client, where web browsers and/or software applications access cloud applications.

Cloud storage architecture is loosely coupled, where metadata operations are centralized enabling the data nodes to scale into the hundreds, each independently delivering data to applications or users.

Types

Cloud computing types

Public cloud

Public cloud or external cloud describes cloud computing in the traditional mainstream sense, whereby resources are dynamically provisioned on a fine-grained, self-service basis over the Internet, via web applications/web services, from an off-site third-party provider who shares resources and bills on a fine-grained utility computing basis.

Hybrid cloud

A hybrid cloud environment consisting of multiple internal and/or external providers “will be typical for most enterprises”.

Private cloud

Private cloud and internal cloud are neologisms that some vendors have recently used to describe offerings that emulate cloud computing on private networks. These (typically virtualisation automation) products claim to “deliver some benefits of cloud computing without the pitfalls”, capitalising on data security, corporate governance, and reliability concerns. They have been criticized on the basis that users “still have to buy, build, and manage them” and as such do not benefit from lower up-front capital costs and less hands-on management, essentially “[lacking] the economic model that makes cloud computing such an intriguing concept”.

While an analyst predicted in 2008 that private cloud networks would be the future of corporate IT, there is some uncertainty whether they are a reality even within the same firm. Analysts also claim that within five years a “huge percentage” of small and medium enterprises will get most of their computing resources from external cloud computing providers as they “will not have economies of scale to make it worth staying in the IT business” or be able to afford private clouds.. Analysts have reported on Platform’s view that private clouds are a stepping stone to external clouds, particularly for the financial services, and that future datacenters will look like internal clouds.

The term has also been used in the logical rather than physical sense, for example in reference to platform as a service offerings, though such offerings including Microsoft’s Azure Services Platform are not available for on-premises deployment.

Source: wikipedia.org

I joined twitter 8-9 months ago, even if I liked its concept, I never felt it would become this much popular here in kerala, probably because people here takes things in a different angle.

What I have to say is how Shashi Tharoor incident made twitter famous among keralites, even among old people.

I was not that active in twitter for the past few months, but I am back in action seeing my dear ones interest in twitting.

So what are you waiting for, follow  me and Shashi Tharoor

http://twitter.com/prajith

http://twitter.com/ShashiTharoor

Happy Twitting..

Happy news for ubuntu lovers. The all new ubuntu 9.10 will be out very soon. Lets wait for the blast.

If you cant wait…. download beta from here BETA

The php.ini files in your home directory won’t reflect the changes.

Perform the following actions to get it resolved.

1. Moving php5 binary:

mv /usr/local/cpanel/cgi-sys/php5 /usr/local/cpanel/cgi-sys/php5.bin

2. Then creating wrapper file in the /usr/local/cpanel/cgi-sys/php5 with the following content:

#!/bin/bash

# This will fake the name & path and hide the /usr/local/cpanel/cgi-sys/php5 path!
export SCRIPT_NAME=$REQUEST_URI
export SCRIPT_FILENAME=$PATH_TRANSLATED
export PWD=$DOCUMENT_ROOT

if [ -f "$DOCUMENT_ROOT/php.ini" ]; then
exec /usr/local/cpanel/cgi-sys/php5.bin -c $DOCUMENT_ROOT
else
exec /usr/local/cpanel/cgi-sys/php5.bin
fi

3. Save the file and change the permissons:

chown root:wheel /usr/local/cpanel/cgi-sys/php5*;
chmod 755 /usr/local/cpanel/cgi-sys/php5*;

Thanks to Cpanel forums…..

There are two aspects to dealing with spam for a server administrator:

1. Inbound spam to users
2. Outbound spam from compromised scripts

Both need very different approaches to help detect, remove and resolve.

Inbound spam to users

Inbound spam is the scourge of the modern internet and, the inconvenience to users aside, can cause serious performance and resource issues on the server. These can affect both the server overall and the timely deliver of clean email in particular.

The best way to tackle inbound spam is at the entry point into the server - the MTA, i.e. exim the SMTP server of choice for cPanel. By blocking spam before it has even entered the server you save both on server resources used when delivering the email in addition to 3rd party tools to help detect spam further along the email relay process.

To do this you need to do work at the RCPT stage of the SMTP protocol. This occurs during the transaction between the sender and recipient SMTP servers and comes before the actual body of an email arrives on a server. The primary form of spam attack is the Dictionary Attack:

A common technique for spammers to use is what is known as a dictionary attack on a domain. A dictionary attack, in our context, is a single SMTP connection that attempts to send email from a spam source to a random set of names on our domain, e.g. bob@ourdomain.com fred@ourdomain.com harry@ourdomain.com, in the hope that one of the many hundreds that we try will get a hit and deliver our spam.

This technique is used by spammers mainly because most people don’t advertise their email addresses (due to spam!) and they want to access this untapped market.

To prevent this type of spam getting through, it is essential that you do not use the Default Address (catchall) feature within cPanel to receive emails wherever possible. You should always setup specific Forwarders (aliases) for any email addresses you use and set the Default Address to :fail: for each domain.

By using :fail: exim will automatically reject email at the SMTP RCPT stage and make dictionary attacks redundant. Additionally, you can use exim ACLs to block such spammers who repeatedly perform dictionary attacks to further relieve the server of the load from dealing with them. See:
http://www.configserver.com/free/eximdeny.html

From a server performance perspective, it is essential that you use :fail: and not :blackhole: with email addresses or the Default Address to block such spam. Mor information about the reasoning for this is presented here.

Another preventative measure is to enable the WHM options:

WHM > Exim Configuration Editor > Verify the existance of email senders.
WHM > Exim Configuration Editor > Use callouts to verify the existance of email senders.

These two options have exim check that any server that attempts to relay email to your server can actually receive email in reply. This is part of the RFC requirements of an SMTP server and the inability of a server to do so indicates a likely spammer.

There are numerous other checks that you can also perform at the SMTP RCPT stage in exim ACLs. Examples are using RBL checks to reject email from IP addresses that originate from IP addresses that are know to harbour spammers, e.g.:

deny message = Message rejected - $sender_fullhost is in an RBL, see $dnslist_text
!hosts = +relay_hosts
!authenticated = *
dnslists = bl.spamcop.net : sbl-xbl.spamhaus.org

You can also check the format of email headers to ensure that they’re RFC compliant, which many spam servers are not. A typical example is checking the SMTP HELO/EHLO protocol command to ensure it’s correctly structured, e.g.:

deny message = HELO/EHLO set to my IP address
condition = ${if match {$sender_helo_name}{11.22.33.44} {yes}{no}}

(where 11.22.33.44 is your servers main IP address)

deny message = EHLO/HELO does not contain a dotted address
condition = ${if match{$sender_helo_name}{\\.}{no}{yes}}

Finally, once the email has passed through these hoops, you can implement a 3rd party application to scan emails and tag them as likely spam. cPanel has an inbuilt solution that uses SpamAssassin to score email likely to be spam. You can then have such emails filtered to a special account or the client can filter such emails based on the email header record modifications made by SpamAssassin.

An alternative is to use a more thorough tool such as MailScanner which can be very effective at scoring spam emails.

A free installation tool is available for cPanel servers from us here or as a paid service here.

However, a cPanel server using such a tool is not supported by cPanel and would have to be removed/disabled before cPanel would investigate any email related issues should you need support.

Outbound spam from compromised scripts

Outgoing spam is likely to come from two sources:

1. Indirectly from a compromised web script in a clients account
2. Directly from a client

The starting point for both will be the exim mainlog:

/var/log/exim_mainlog (Linux)
/var/log/exim/mainlog (FreeBSD)

For the purpose of this document I am going to assume a Linux OS.

The most laborious way to track messages down is to trawl the exim mainlog and to look for anomalous behaviour. This is actually very difficult to do and you really need to narrow down exactly what you are looking for.

Tracking down spammers is a difficult affair, but can be made easier with some preparation of your servers environment. I would strongly advise that you add the following to the exim configuration to enable some extended logging that greatly improves the ease in tracking down on-server spammers:

In WHM > Exim Configuration Editor > Switch to Advanced Mode > in the first textbox add the following line and then Save:

log_selector = +arguments +subject

This tells exim to log the path on disk from where the email was executed and the subject of the email. You can then interrogate the exim mainlog more easily.

The best way to do this is to obtain the original email header from the spam originating from your server. This you should receive either from the person reporting the spam, or from remnants of a spam attack in the exim mail queue.

The part required in the email is the exim message id in the Received: header line within the email header of the spam.

As an example, take the following email header:

Return-path: <bob@barfoo.com>
Received: from [11.22.33.44] (helo=barfoo.com)
by foobar.com with esmtps (TLSv1:AES256-SHA:256)
(Exim 4.52)
id 1FZ8z3-0006M4-Do
for fred@foobar.com; Thu, 27 Apr 2006 17:04:49 +0100
Received: from forums by barfoo.com with local (Exim 4.43)
id 1FZ8zt-0005lz-E7
for fred@foobar.com; Thu, 27 Apr 2006 12:05:41 -0400
To: fred@foobar.com
Subject: Buy Me!
From: bob@barfoo.com

The Received: header lines are added to the email header, so the original Received: line that we’re interested in is:

Received: from forums by barfoo.com with local (Exim 4.43)
id 1FZ8zt-0005lz-E7
for fred@foobar.com; Thu, 27 Apr 2006 12:05:41 -0400

And the id we want is 1FZ8zt-0005lz-E7

This is the unique identifier for this email that has originated from the server. With this, we can follow the exim transaction on the server to see how it was processed using:

grep 1FZ8zt-0005lz-E7 /var/log/exim_mainlog

(be aware that the exim_mainlog files may have been rotated so you may have to expand compressed archives and search them instead)

This transaction may look something like this:

2006-04-27 17:43:41 1FZ8zt-0005lz-E7 <= bob@barfoo.com U=nobody P=local S=4001 T=”Buy Me!”
2006-04-27 17:43:50 cwd=/home/ClientX/public_html/phpBB/ 5 args: /usr/sbin/exim -Mc 1FZ8zt-0005lz-E7
2006-04-27 17:43:53 1FZ8zt-0005lz-E7 => fred@foobar.com R=lookuphost T=remote_smtp H=foobar.com [44.33.22.11] X=TLSv1:AES256-SHA:256
2006-04-27 17:43:53 1FZ8zt-0005lz-E7 Completed

In this example, we can see that the email originated from the nobody user locally on the server. This means that the likely spam was sent from a script on the server. The nobody user is used to run the Apache web server and is the default username and group that Apache will execute web scripts as. Two things can affect this:

1. suexec, if enabled, will run CGI scripts as the owner of the script file, typically the cPanel account name
2. phpsuexec, if enabled, will run PHP scripts in the same manner as CGI scripts

suexec is typically always enabled on web servers and phpsuexec may or may not be. If phpsuexec is not enabled, then in all likelihood, the script run under the nobody account will be a PHP script.

From the example above we can see that a script was run from with the /home/ClientX/public_html/phpBB/ directory on the server, which would suggest a compromised PHP script within that directory.

Here’s another example of a spam originating from a client instead of a script. This can happen either with malicious intent, or if the clients PC has been compromised by a virus or worm:

2006-04-27 17:54:51 1FZ9lT-000707-O2 <= bob@barfoo.com H=someisp.com ([192.168.254.2]) [11.22.33.44] P=esmtpa A=fixed_plain:bob@barfoo.com S=715 id=ABCDEFG T=”Buy Me!”
2006-04-27 17:54:51 cwd=/var/spool/exim 3 args: /usr/sbin/exim -Mc 1FZ9lT-000707-O2
2006-04-27 17:54:51 1FZ9lT-000707-O2 => fred@foobar.com R=boxtraper_autowhitelist T=boxtrapper_autowhitelist
2006-04-27 17:54:52 1FZ9lT-000707-O2 => fred@foobar.com R=lookuphost T=remote_smtp H=foobar.com [44.33.22.11] X=TLSv1:AES256-SHA:256
2006-04-27 17:54:52 1FZ9lT-000707-O2 Completed

In this example, the key part is:

A=fixed_plain:bob@barfoo.com

This shows that the email was authenticated for relaying using SMTP AUTH (i.e. fixed_plain) and the username bob@barfoo.com from that clients PC.

As you can see, there is a great depth to the amount of work needed to track down spammers on a server, plus there’s the additional work of closing holes in insecure scripts if they are the cause. Some instances can be much more complex and require trawling through the Apache logs for domains in /usr/local/apache/domlogs/* which is not a trivial matter.

The best security from such exploitation is to keep your server secure and to be aware of who and what you allow on your server.

Hope that you have enjoyed this.   I found its very useful and informative. Its from http://www.configserver.com