Mukadimah

Assalamualaikum wr wb ..

I created this new blog, actually is not no mo intention to make the blog. So who ya are so mbuat culprit that I make a blog mo, ya man always called her name Zulkarnain aka Nain Jaka Baring. His alias is for ya people sleep in the morning until noon then disconnected again, wake up again next night he ... he .. (like bats).

The story, if not one before or the early days of fasting she (Nain), go back two Singaparna, Tasikmalaya, gone not use any further ado I do not know if it turns out he went in there. Why do I say a second village? If his hometown is actually in Kilkenny, Kilkenny father as her mother was in fact both are the same sister, brother still in Palembang. Because the annual've student in Cipasung, so smitten he same Tasikmalaya (do not know what Tasikmalaya same as the girls there, he ... he ..).

As I recall he once told mo open mushroom planting effort but more promising there (Tasikmalaya) to weigh in Palembang (Nain lo these words, not mine), he said the market difficult.
So I thought maybe she went there tuh mo start the project, because he had not asked for money sending few in number. I can only pray just hope he's successful.

Eventually he returned again to Kilkenny, the return did not use too small talk (probably go - go through the underground ya man he ... he ....) tau-tau've come home (like a ghost .. weehh. dong).
I'm Seeing Online continues to say he wrote, "Anything else ya how to get mo money". "What's more, the forex? who yesterday wrote did not go up and ride instead ancur added," I said.
Nyegir dah him, "No, find the money pake blog", he said. "How to make it how?" I asked. He said, "No need to bother buying a ready-made wrote blogs, find that demand a lot."
"Really how much to buy a blog?" I asked. I do not want detailed nyebutin price when he bought the blog, which clearly there are millions of his. Keep me just laught.

Day after day passed, morning noon switch, switch noon afternoon accompanied by a little hunger and thirst month of fasting (weehh. .. like poetry), every time she came till Eid speaking mere blog blog blog again and again he ... he .. . I think a true blogger emang mo so ya man he ... he ..
Because blogs are often heard, by chance I'm online a fad I go to Google then I write the boxed search: How to Create a Blog. Found easy way to make a blog on Blogger.com, I follow the way he eventually became this blog.

Because the only fun I'm confused what ya mo filled blog, so ... what's on the computer I wrote that on now. Yes ... the stories trus Islamic multimedia program that could be considered old school.
If there are mo Allhamdulillah ngunjungin this blog, if not mo ya okay. What is clear for Sodara and sodari, fathers, mothers and sisters-just not all that intentionally or accidentally dropped on this blog, please be understandable if not interesting and thank you as much as possible.

Wassalamualaikum wr ... wb

ReadBud

Rabu, 08 Juni 2011

PCI File Integrity Monitoring - Five FAQs for PCI DSS Merchants

Requirement 11.5 of the PCI DSS specifies "the use of file-integrity monitoring tools within the cardholder data environment by observing system settings and monitored files, as well as reviewing results from monitoring activities." Additionally, "verify the tools are configured to alert personnel to unauthorized modification of critical files and to perform critical file comparisons at least weekly."
The following is part one in a two part series listing the Top Ten FAQs for File-Integrity Monitoring that any PCI Merchant should be aware of.
1. Agent-based file monitor or Agentless file monitor?
The gut reaction is that an agentless file integrity monitor is preferable - no software deployment required, no agent updates to apply and one less process running on your server. In theory at least, by enabling Object Access auditing via Group Policy or the Local Security Policy on the server or EPoS device it is possible to track file changes via Windows Events. You still need to work out how to get the local Windows Events back to a central log server, but then you will need to do this in order to comply with PCI DS requirement 10 anyway (and by the way, this will definitely need an agent to be deployed to any Windows server or Till).
However, the agent-based file-integrity monitor does have some distinct advantages over the agentless approach. Firstly, by using an agent, a PCI DSS file integrity monitoring template can be provided. This will comprise a blueprint for all folders and files that should be monitored to secure card data. In other words, a windows file monitoring agent is easier to set-up and configure.
Secondly, a windows file integrity monitor can actively inventory the file system. This approach allows the PCI DSS Merchant to demonstrate compliance with PCI DSS Requirement 11.5b by not just performing critical file comparisons weekly, but on a scheduled daily basis, or even in real-time for ultra secure environments.
Finally a file-integrity monitor for Windows that is agent-based can provide a Secure Hash Checksum of a file which is the only infallible means of guaranteeing the identity and integrity of binary system files. See FAQ 2 for more details.
2. Why use a Secure Hash Checksum for File Integrity Monitoring?
A secure hash checksum is generated by applying a hash algorithm to a file. The algorithm used is such that the resulting hash is unique. Even a one bit difference to a file will result in a significant variation to the hash. The most common algorithms used are SHA1 and MD5. SHA1 will generate a 160-bit hash value for a file, MD5 a 128-bit value. Recording and tracking changes to the Secure Hash of a file in conjunction with tracking changes to other file attributes such as permissions, modified date and size provides an infallible means of ensuring file integrity.
3. How to implement File Integrity Monitoring for Firewalls, Switches and Routers
Typically, any Firewall, Switch and Router will have a range of configuration settings which govern the performance, operation and crucially, the security of the device and the network it is protecting.
For instance, tracking changes to the running config and changes to the startup config of a router will reveal if any significant changes have been made that could affect the security of the network, Similarly tracking changes to permissions and rules on a firewall will ensure that perimeter security has not been affected.
Use of file integrity monitoring for firewalls, routers and switches is a key dimension for any change management procedure and essential for a comprehensive IT Security Policy.
4. File Integrity Monitoring for Web Applications
Web site Apps can generate lots of file changes that are not significant with respect to security of card data. For instance, images, page copy and page layouts may change frequently on an active ecommerce website, but none of these file changes will affect the security of the website. Depending on the web environment in use, there may be a mixture of ASP.NET (ascx, aspx, and asmx asdx files), Java (with js and jsp files), PHP, config or cnf files plus the more regular system files, such as dll and exe program files. It is essential to monitor file changes to all system files and config files for a car data application and web applications create more of a challenge due to the highly dynamic nature of the web app file system. A good file integrity monitor for web applications will have built-in intelligence to automatically detect significant file changes only and ignore changes to other files
5. File Integrity Monitoring for Web Applications
Web site Apps can generate lots of file changes that are not significant with respect to security of card data. For instance, images, page copy and page layouts may change frequently on an active ecommerce website, but none of these file changes will affect the security of the website. Depending on the web environment in use, there may be a mixture of ASP.NET (ascx, aspx, and asmx asdx files), Java (with js and jsp files), PHP, config or cnf files plus the more regular system files, such as dll and exe program files. It is essential to monitor file changes to all system files and config files for a car data application and web applications create more of a challenge due to the highly dynamic nature of the web app file system. A good file integrity monitor for web applications will have built-in intelligence to automatically detect significant file changes only and ignore changes to other files.

PCI File Integrity Monitoring - Five More FAQs for PCI DSS Merchants

PCI DSS File integrity monitoring - What are the best options file integrity monitoring and what else do you need to know? How do you implement file integrity monitoring for Windows servers and Unix servers? How do you provide file integrity monitoring for firewall, routers, EPoS devices and servers? How does file integrity monitoring software work and what are the key features to look for? Should a file integrity monitor be agent-based or agentless?
The following is part two in a two part series listing the Top Ten FAQs for File-Integrity Monitoring that any PCI Merchant should be aware of.
1. For Log Files and Databases
Log files will change constantly on a busy server but it is important that log files are only changed in the manner expected. File integrity monitoring must be used in secure environments to protect important audit trails of system access and privilege usage and changes. The key is to only allow log files to increase in size and to alert if any changes are made to monitor for log file changes that may be an attempt to remove or change audit trail information - clearing log files or changing log files is classic hacker activity and should be monitored. Of course, event logs should be backed up centrally on a secure log server as a mandated requirement of the PCI DSS, PCI Requirement 10.
Similarly database files containing card data and personal information must be protected and an audit trail of all access and changes created. Again, database files will change constantly so the SHA1 approach will not be suitable. When using file integrity monitoring for SQL Server or file integrity monitoring for Oracle databases the best option is to log access and changes to specific tables and backup event logs centrally on your secure PCI DSS log server.
2. For System32 Folder
The most critical system files on a Windows server or EPoS till to monitor for file-integrity are within the WindowsSystem32 folder. All critical operating system programs, dll files and drivers reside within this location and it is therefore an ideal location for Trojans to reside. The threat is that a Trojan could be implanted onto the EPoS device or Card Data Handling Server (evading Anti-Virus detection because AV is only typically 70-90% effective). A file integrity monitor agent will gather a full inventory of all files within the System 32 folders and then make regular comparative checks subsequently to detect any changes made. Trojans are particularly difficult to find ordinarily because they masquerade as regular System32 program files, so they look and appear to act like the genuine program.
Similarly for Linux file integrity and Unix file integrity, all key program file systems such as the /usr/sys and /bin must be checked for integrity using a Linux or Unix file integrity monitor.
3. For Windows Updates
Windows Updates and patches for other applications will almost always involve updating program files, drivers and dll files. It is rarely clear which files will be modified by a patch and therefore any updates may generate numerous file changes across many folders and locations. Therefore it is vital that, while your file integrity monitor may track detailed changes to any one of a wide range of file attributes, you can also get good 'at a glance' summary information regarding whether a file has been added, deleted or changed.
4. Card Data and Card Data Folder File Integrity Monitoring
Where card data or other sensitive financial information is stored on an EPoS device or server the first line of defense is to limit access via folder and file rights and permissions. Even then, any user with Administrator rights will still be able to view the data and potentially copy out card numbers.
Therefore the best line of defense is to implement object access auditing on the file or folder. This will generate a full audit trail logging all access to the folder including the user account used to do so. Processing this audit trail with an intelligent, PCI event log analyzer will then ensure any unexpected access to the card data will generate an alert. For example, defining a rule to automatically distinguish between normal operations e.g. local system account access compared to a named account with administrator access.
5. PCI File Monitoring and Planned Changes/Change Acknowledgment
Of course, changes will need to be made to configuration files and system files every once in a while. It is important to keep security patches up to date and the PCI DSS mandates this should happen every month.
Operating a formal Change Management process is a key element of any IT security policy and therefore it is vital that your file integrity monitoring solution takes account of intended, planned changes. Any file changes detected as part of a planned change should be verified as part of your QA Testing and post implementation review processes to confirm that the right changes happened to the intended files only.
What about unplanned changes that are either emergency changes or those that for some reason bypass the change management process? These will all be detected and alerts raised by the file integrity monitor but there then needs to be an incident management process to investigate and either approve the changes or remediate them. The PCI DSS is not prescriptive as to how these processes should be managed so for some organizations they will use a full Service desk application to document and approve changes, whereas smaller organizations may just need a spreadsheet record of changes - use what works best for your company, not what you think a QSA will expect to see!

Desktop As a Service and Cloud Computing Solutions

For individuals that do not know technologies, you may not understand anything about Desktop as a Service. DaaS is a crucial application when it comes to remote access to your PC files. This requires a secure internet connection. You can be virtually anywhere and still be connected and have access to your personal PC files.
There is an increasing need from consumers for mobile access, and a lot of companies are contemplating DaaS systems in order to in order to generate a highly effective mobile system that is secure. This is a tremendous advancement in technology. Workers still possess accessibility to their own data files or company intranet. Dynamic PC systems provides computing systems for the internet. This platform significantly minimizes PC management obligations and will additionally manage cloud computing for DaaS.
DaaS may also be known as virtual PC. Furthermore, there are several third party companies that utilize this system. Usually, DaaS features multi-tenancy structures and also the provides back-end support. This certainly will include data storage, back-up techniques, all security issues as well as upgrades. The whole computer ends up being virtualized within the centralized data facility.
The actual DaaS technologies won't hold data on the actual computer All data is actually kept remotely. Employing this process keeps data secure and in a central location that cannot be penetrated by interlopers. If your notebook computer or cellular device is misplaced or stolen, the actual information is still secure.
There are numerous advantages of employing this specific program. This will produce new workstations very quickly. This platform offers dependable and scalable options through which enables businesses as well as other distributors can provide secured virtual workspaces. This is really accomplished in a very fast and beneficial approach. Data safety is furnished. It holds preserved data inside the secured data center as opposed to the actual mobile product.
Generally, this is an exceptionally adaptable and cost conserving process. Ease of access is definitely attained when you want without issues. DaaS will be able to operate with a variety of cellular devices. There isn't a need to install unique applications. The entire technique is central. It generates a significant amount of digital workspaces originating from a solitary source. This tends to generate a simplified process.
DaaS is considered to be a highly effective instrument whenever it involves virtualized platforms. It is really an essential process that is most certainly changing into a hugely popular system. This is extremely important these days with regard to users being able to get entry to their emails and files while on the go. This is required for business owners that travel often, they are going to have to be in a position to access their Computer without having to be on the real PC. This is certainly all made possible as a result of this innovative technology. This computer access is actually instantaneous.
DaaS moreover allows employees to communicate and share data over different platforms very easily. This is often realized in a very guarded environment. Personnel don't have to stress about others obtaining entrance to not authorized information. It also enables personnel accessibility to their very own Desktops from any region within the world. You just need an internet connection. Desktop as a Service offers overall security and safety as well as continuous entry.

Cloud Computing and Hosted Services Help Empower Your Business and Staff

All businesses, start-up, small, medium and large rely heavily on technology for day to day activities. Expectations around the technology are that it must be available 99.9% of the time and work. If it doesn't work, money is lost through staff not being productive through not having access to key information or the ability to reach out to clients.
Building and managing a technology infrastructure is costly. Capital must be used to purchase servers. And support contracts put in place for maintaining and keeping the server lights on.
The traditional approach to IT where a server has been placed in the main office along with a telephone PBX has been a solution which has worked well for a number of years.
Changes in staff working locations be it from home or when travelling and expansion to new office locations is challenging the traditional IT approach.
Additionally, maintaining a server is costly and upgrades are time consuming and expensive. Furthermore, when the server in the office is unavailable through loss of power, hardware failure or virus infections, the whole company is without the ability to access information and communicate with clients.
Cloud computing or hosted services are offering a compelling alternative to traditional IT solutions of installing and maintaining servers and / or a PBX.
Your current setup, working locations, numbers of staff and quality of connectivity will influence how much difference cloud computer or hosted services can help provide resilience for your technology and additionally help empower staff by enabling the right information at the right time wherever they are.
There are a great number of services available. Sound advice would be to ask an IT Support company who has a good knowledge to help understand how your business operates and suggest practical ways that cloud computing and hosted service can help empower your business and staff.
Below is a selection of services that are on offer:
• Remote desktops
• Remote servers
• Email
• File storage
• Telephone systems (VoIP)
• Application e.g. SAGE
A company with good knowledge of traditional IT support and cloud computing and hosted services will be able to quickly help you choose which cloud computing / hosted services are right for your business.
The process of implementing cloud computing and hosted services is usually very straightforward and will not impact your business in any way. Using a company with a good knowledge of cloud computing and hosted services will help you make a very smooth transition.

Cloud Computing For Business Applications

Advancements in computer technology have increased performance levels and productivity in businesses of all sizes. Increased data speeds and internet usage in conjunction with larger storage capacities and a diverse lineup of electronic devices have brought about a new era in networking capabilities. On the cutting edge of this technology is cloud computing.
What exactly is cloud computing? Through a service provider, cloud computing is a platform that acts as a remote data center where users can access files and software securely through a multitude of devices wherever there is internet access. It is a solution for businesses and individuals looking for an easy way to store and access media from one device to another and the ability to share that media with other people who have been given access.
The cloud computing network may seem complicated, but it can be used by anyone. It is not necessary for the end user to understand the complexities of the infrastructure involved or the networking system and how it works. The interesting and applicable example for comparison would be electricity, where users have access to the service but don't necessarily understand the systems and the component devices, which provide the service.
It is a model, which provides an environment where networks, applications, and storage can be shared by many users with minimum effort. This requires minimal service provider interaction and makes available the pooled computing sources, which can be shared on-demand. This capability to store information remotely opens many possibilities in small business. Without the need to keep programs and files stored locally, a person can now work from a phone, touch pad, or laptop from anywhere, and share their files with anyone else in the company. Cloud computing can also be used as a remote backup, storing an off-site copy of important documents in case data recovery is necessary for computer repair.
Since cloud computing providers deliver online business applications and IT infrastructures, these services can be used without investing a lot of resources. Especially helpful to small and medium businesses, these services have the potential to stop outsourcing by making in-house tasks more affordable, saving both time and money. Offering low up-front costs, complete customization, and IT support options, cloud computing is becoming a competitor in computer networking for small businesses.
This new platform is still an emerging technology, but will help to create a new generation of products and services. Many large companies are investing resources, building infrastructure and exploring the possibilities of cloud computing as a platform. Products and services that were not previously cost effective or viable options for many businesses will be available through these service providers. Sharing of pooled resources will enable users to build real-time connections, making project collaboration and business partnerships more efficient.
This revolutionary computer networking platform made possible by advancements in computer technology will eventually be commonplace in businesses of all sizes. Cloud computing has had a strong and promising beginning, and will most definitely have a lasting impact on business environment, business practices and productivity.

How Do I Find Out If Someone Is Searching For Me?

Have you ever thought of searching yourself online? Many people are curious about how search engines portray them but few are bold enough to admit that they have searched their name online because it is often considered a vain move to look yourself up on the web. Although, it is important to let your vanity get the best of you and discover what kind of information is available about you on the major search engines and social networking sites.
This helps you to remain updated and lets you acquit yourself in the virtual world as you would in the real life. It is important to be careful with what you have attached to your name because you never know who might be looking for your name on the internet. There can be various reasons why somebody might type your name in the search engines. May be he is your boss who wants to look into your past and present activities, current and previous social connections, lifestyle and attitude or may be it is a long-lost friend, colleague or family member who are seeing if they can get in touch with you over the internet.
If you are among those who are curious to know "who is searching for me" online, various people search sites can help. It can be difficult to know about the onlookers through social networking sites like Facebook, LinkedIn or Twitter. People search sites can help you figure out "who is looking for me" and also let you look for your friends and relatives without paying a penny.
All you have to do is sign up for the site. You can also select to get email updates sent to you whenever someone looks for your name or other details online. This means that you can keep the update of people who are searching for you online and track the searchers in real time. Such sites scrutinize all search engines along with numerous social networking sites so that you can get the answer to the question "who searching for me" online.
Make sure to sign up to a free people search site to find out the answer of this interesting question "who searching for me" online. In the days of online identity theft, this can be a threatening implication, but in today's internet savvy world, you will definitely be surprised by figuring out "who is looking for me" online.
Do not just wonder who is searching for you online, instead, check out people search sites and figure out exactly who is looking for you on the web!

Should You Buy The 1st Generation Of A Gadget?

High tech doesn't stay high tech for too long in this world of fast moving, upgradable and downloadable technology. It appears as if once a week there's an update to make something faster, or a download to give you more content and a new version of whatever you just bought is on the shelf with new even more magnificent features. So what are you supposed to do about it? Are you supposed to just sit on the sideline and watch all the cool things from a distance and not take the plunge into the awesomeness yourself?
That wouldn't be enjoyable and you would wind up missing out on all of the awesome new things that technology is offering. As long as you do not make technology the core of your life and depend on it 100% to get you through the day and are able to hold a conversation face to face without needing to do it in a chat room online, then you will end up fine. But sometimes holding out, waiting a little bit longer before purchasing that new toy can save lots of money and complications.
All new technology gets better after the 1st generation has been sold and all of the glitches have been solved. The very first iPod is nothing like the most recently released generation iPod, and I am fairly certain that most of the people that bought the first generation iPod have upgraded to a more modern model since then. That is not to say that the first generation iPod was not any good, however it got better yet after the 1st generation. But it was crucial that those first people purchased the product because it enabled the developers to create an even better model afterwards.
So there needs to be a good mix of individuals who are going to jump on a new technology right away, and individuals that are going to hold back until the costs get a little more sensible. And it makes no difference how great the technology is, if there aren't enough people that purchase that technology and prove that it's profitable, then the developers and manufacturers will be unable to keep the technology moving forward and turning it into what it could be.
Without the popularity of the iPod and the iPod touch, Apple never would have been able to release the iPhone to the public. And without the iPhone, there would be millions of people that would not know what to do with their leisure time playing music and apps.

What Is IT Asset Disposition (ITAD)?

Companies struggling to remain competitive in an increasingly technical world are finding that immense capital resources are being used to purchase new equipment. Properly disposing of old equipment offers another costly challenge. Failure to uphold disposal regulations can result in irrevocable legal and environmental damage. Information Technology Asset Disposition (ITAD) offers a variety of strategies to deal with these difficulties and return part of a company's technological investments.
Auditing and Equipment Reinvestment
IT Asset Disposition can be undertaken by internal IT professionals or external companies. Both alternatives have individual benefits but provide the same basic services. Initially, an ITAD strategy will implement in-depth auditing of equipment and their barcodes, serial numbers and other ID numbers. This ensures that accurate reporting on ITAD implementation can be given. The second process undertaken involves reinvestment in the current technology infrastructure. Minor hardware and software upgrades can prevent the purchase of new equipment for years at a time. This delay allows for needed products to diminish in cost and become more able to perform to company requirements.
Reselling and Recycling Logistics
Those computer devices that are not worth reinvesting typically see two futures. Many are sold to customers who have a lesser need for their computing. This is often the case with large servers as companies grow and upgrade. ITAD professionals always ensure that secure data destruction methods are employed to prevent a breach of secure information. Equipment that cannot be reused or resold is typically sent to a recycling facility that upholds a policy for zero landfill use. This goal is obtained by separating each component within the device and breaking it down to be used in a new manufacturing process.
Liability, Environmental Resolution and Capital Recovery
Implementation of each of the IT asset disposition techniques allows for resolution of issues that can create legal liabilities and environmental damage while returning some of the original investment. During secure data destruction the private and confidential information stored on hard drives and other media is irrevocably destroyed. Zero landfill recycling policies prevent any waste is allowed to contribute to environmental degradation. Furthermore, reselling to outside companies recoups computer costs and prevents chemical use and carbon emissions that occur during the creation of new equipment. The continued reliance on IT asset disposition will increasingly serve companies in the future as they see major financial incentives while offering a valuable service to the environment. Customers and clients will appreciate the powerful security strategies and the "green" approach to company policy. In the persistently digital world, companies will more and more rely on ITAD strategies to get the greatest return on their technology investments.