Security

Security is the degree of resistance to, or protection from, harm. It applies to any vulnerable and valuable asset, such as a person, dwelling, community, nation, or organization.

Identify a Scam

Identify a scam

How do I identify a scam message ?

The first 3 necessity for a person is food, shelter and clothing. But now internet is the 4th important necessity in people’s life. The usage of internet is widely used for seeking numbers to all kind of information. But the biggest disadvantage is that you might get caught by scam mails. The scam mailsare sent by the scam companies which are listed on the internet. Try avoiding this website which can be harmful for your computers. To avoid this kind of scam messages download a fee version of anti-scam software from the internet. These stop the scam mail to enter your inbox.

The scam companies can send you a message which has an interesting subject like how to avoid cancer? Or let say about earning money in 15 days. The most usual scams found are the Nigerian. These letters contains generally of transferring money. For example a person claimed to be a widower and asked to transfer money to your bank account. It is better if you don’t give them any personal information. You will never know when you will be bankrupt. These types of letters are otherwise known as 419 scams. How will you find out if the person is a scammer or not? Here are some points which will help you in identifying the scammer.

Clues :

– Scammer never uses his original name or any other personal identification.
– They always write in capital letter and write to you in formal method like referring you with Mr. or miss in each letter.
– There are always a friendless words like my dear or greeting to you in the letter.
– The body of the letter is mostly filled with financial term like lottery, funds etc.
– You can identify the scammer from their e-mail address.
– They register the e-mail address in a formal name for example mrbobcardon@address.com. This shows that they are fake address.

Some of the popular messages are listed below :

Gain lot of money by working from your place. There is no such company who allows you to work from your place. Another type of message is you have won a price from so and so company which you have never heard of. It is highly dangerous if you give your account data to a stranger. Never trust an unknown person who might offer you a job with higher salary. There are many companies who literally steal the money from you via internet. It is safer if you don’t open an unknown scam messages. There is a possibility of hacking your computer through these scam messages. So to stay on a safer side you can download free trial or buy the original anti-scam software which can block all the scam messages.

EOF

Share this post from Rbcafe :
Share on FacebookTweet about this on TwitterPin on PinterestShare on Google+Share on LinkedInEmail this to someoneShare on RedditBuffer this page

Xinetd

Xinetd

xinetd – the extended Internet services daemon

SYNOPSIS

xinetd [options]

DESCRIPTION

xinetd performs the same function as inetd: it starts programs that
provide Internet services. Instead of having such servers started at
system initialization time, and be dormant until a connection request
arrives, xinetd is the only daemon process started and it listens on
all service ports for the services listed in its configuration file.
When a request comes in, xinetd starts the appropriate server. Because
of the way it operates, xinetd (as well as inetd) is also referred to
as a super-server.

The services listed in xinetd’s configuration file can be separated
into two groups. Services in the first group are called multi-threaded
and they require the forking of a new server process for each new con-
nection request. The new server then handles that connection. For
such services, xinetd keeps listening for new requests so that it can
spawn new servers. On the other hand, the second group includes ser-
vices for which the service daemon is responsible for handling all new
connection requests. Such services are called single-threaded and
xinetd will stop handling new requests for them until the server dies.
Services in this group are usually datagram-based.

So far, the only reason for the existence of a super-server was to con-
serve system resources by avoiding to fork a lot of processes which
might be dormant for most of their lifetime. While fulfilling this
function, xinetd takes advantage of the idea of a super-server to pro-
vide features such as access control and logging. Furthermore, xinetd
is not limited to services listed in /etc/services. Therefore, anybody
can use xinetd to start special-purpose servers.

OPTIONS

-d Enables debug mode. This produces a lot of debugging output, and
it makes it possible to use a debugger on xinetd.

-syslog syslog_facility
This option enables syslog logging of xinetd-produced messages
using the specified syslog facility. The following facility
names are supported: daemon, auth, user, local[0-7] (check sys-
log.conf(5) for their meanings). This option is ineffective in
debug mode since all relevant messages are sent to the terminal.

-filelog logfile
xinetd-produced messages will be placed in the specified file.
Messages are always appended to the file. If the file does not
exist, it will be created. This option is ineffective in debug
mode since all relevant messages are sent to the terminal.

-f config_file
Determines the file that xinetd uses for configuration. The
default is /etc/xinetd.conf.

-pidfile pid_file
The process ID is written to the file. This option is ineffec-
tive in debug mode.

-dontfork
Tells xinetd to stay in the foreground rather than detaching
itself, to support being run from init or daemontools. This
option automatically sets -stayalive (see below).

-stayalive
Tells xinetd to stay running even if no services are specified.

-limit proc_limit
This option places a limit on the number of concurrently running
processes that can be started by xinetd. Its purpose is to pre-
vent process table overflows.

-logprocs limit
This option places a limit on the number of concurrently running
servers for remote userid acquisition.

-version
This option causes xinetd to print out its version information.

-inetd_compat
This option causes xinetd to read /etc/inetd.conf in addition to
the standard xinetd config files. /etc/inetd.conf is read after
the standard xinetd config files.

-cc interval
This option instructs xinetd to perform periodic consistency
checks on its internal state every interval seconds.

The syslog and filelog options are mutually exclusive. If none is
specified, the default is syslog using the daemon facility. You should
not confuse xinetd messages with messages related to service logging.
The latter are logged only if this is specified via the configuration
file.

CONTROLLING XINETD

xinetd performs certain actions when it receives certain signals. The
actions associated with the specific signals can be redefined by edit-
ing config.h and recompiling.

SIGHUP causes a hard reconfiguration, which means that xinetd
re-reads the configuration file and terminates the
servers for services that are no longer available.
Access control is performed again on running servers by
checking the remote location, access times and server
instances. If the number of server instances is lowered,
some arbitrarily picked servers will be killed to sat-
isfy the limit; this will happen after any servers are
terminated because of failing the remote location or
access time checks. Also, if the INTERCEPT flag was
clear and is set, any running servers for that service
will be terminated; the purpose of this is to ensure
that after a hard reconfiguration there will be no run-
ning servers that can accept packets from addresses that
do not meet the access control criteria.

SIGQUIT causes program termination.

SIGTERM terminates all running servers before terminating
xinetd.

SIGUSR1 causes an internal state dump (the default dump file is
/var/run/xinetd.dump; to change the filename, edit con-
fig.h and recompile).

SIGIOT causes an internal consistency check to verify that the
data structures used by the program have not been cor-
rupted. When the check is completed xinetd will gener-
ate a message that says if the check was successful or
not.

On reconfiguration the log files are closed and reopened. This allows
removal of old log files.

FILES

/etc/xinetd.conf default configuration file
/var/run/xinetd.dump default dump file

SEE ALSO

inetd(8),
xinetd.conf(5),
xinetd.log(5)

AUTHOR

Panos Tsirigotis, CS Dept, University of Colorado, Boulder Rob Braun

PRONUNCIATION

zy-net-d

EOF

Share this post from Rbcafe :
Share on FacebookTweet about this on TwitterPin on PinterestShare on Google+Share on LinkedInEmail this to someoneShare on RedditBuffer this page

Evp

Evp

evp – high-level cryptographic functions

SYNOPSIS

#include (openssl/evp.h)

DESCRIPTION

The EVP library provides a high-level interface to cryptographic func-
tions.

EVP_Seal… and EVP_Open… provide public key encryption and decryp-
tion to implement digital « envelopes ».

The EVP_Sign… and EVP_Verify… functions implement digital signa-
tures.

Symmetric encryption is available with the EVP_Encrypt… functions.
The EVP_Digest… functions provide message digests.

Algorithms are loaded with OpenSSL_add_all_algorithms(3).

All the symmetric algorithms (ciphers) and digests can be replaced by
ENGINE modules providing alternative implementations. If ENGINE imple-
mentations of ciphers or digests are registered as defaults, then the
various EVP functions will automatically use those implementations
automatically in preference to built in software implementations. For
more information, consult the engine(3) man page.

EOF

Share this post from Rbcafe :
Share on FacebookTweet about this on TwitterPin on PinterestShare on Google+Share on LinkedInEmail this to someoneShare on RedditBuffer this page

Google SSL

Google SSL Search

With Google search over SSL, you can have an end-to-end encrypted search solution between your computer and Google. This secured channel helps protect your search terms and your search results pages from being intercepted by a third party. This provides you with a more secure and private search experience.

To use search over SSL, visit https://www.google.com each time you perform a search. Note that only Google web search is available over SSL, so other search products like Google Images and Google Maps are not currently available over SSL. When you’re searching over SSL, these properties may not appear in the left panel.

What is SSL ?

SSL (Secure Sockets Layer) is a protocol that helps provide secure Internet communications for services like web browsing, e-mail, instant messaging, and other data transfers. When you search over SSL, your search queries and search traffic are encrypted so they can’t be read by any intermediary party such as employers and internet service providers (ISPs).

What can I expect from search over SSL ?

Here’s how searching over SSL is different from regular Google search:

SSL encrypts the communication channel between Google and a searcher’s computer. When search traffic is encrypted, it can’t be read by third parties trying to access the connection between a searcher’s computer and Google’s servers. Note that the SSL protocol does have some limitations — more details are below.As another layer of privacy, SSL search turns off a browser’s referrers . Web browsers typically turn off referrers when going from HTTPS to HTTP mode to provide extra privacy. By clicking on a search result that takes you to an HTTP site, you could disable any customizations that the website provides based on the referrer information. At this time, search over SSL is supported only on Google web search. We will continue to work to support other products like Images and Maps. All features that are not supported have been removed from the left panel and the row of links at the top. You’ll continue to see integrated results like images and maps, and clicking those results will take you out of encrypted search mode. Your Google experience using SSL search might be slighly slower than you’re used to because your computer needs to first establish a secure connection with Google.

Note that SSL search does not reduce the data that Google receives and logs when you search, or change the listing of these terms in your Web History .

Does SSL provide complete security ?

While SSL helps prevent intermediary parties, such as ISPs, from knowing the exact search that you typed, they could still know which websites you visit once you click on the search results. For example, when you search over SSL for [ flowers ], Google encrypts the query « flowers » and the results that Google returns. But when you click on a search result, including results like images and maps, you could be exiting the encrypted mode if the destination link is not on https://.

If your computer is infected with malware or a keylogger, a third party might still be able to see the queries that you typed. We recommend that everyone learns how to prevent and remove malware.Remember that only Google web search supports search over SSL, so searching Google Images, for example, will not be encrypted.

Technical discussion of SSL protocol-level limitations. While SSL is a clear privacy and security benefit, we are aware of some technical limitations to SSL at the protocol level that are not specific to Google’s implementation:

A determined, skilled malicious party could potentially interpose himself into the network traffic and present a spoofed certificate to the user. In many cases, this will result in a certificate warning to the user. If you see a certificate warning, the protection may not hold. An adversary with the ability to install root certificates on the machine could potentially interpose himself into the network traffic without any warnings appearing. A highly capable source may be in a position to sign certificates with a standard, pre-installed certificate authority (CA), which again would allow intercept without any apparent warnings to the user. Even if all web searching occurs over SSL, a passive traffic listener may still be able to observe DNS look-ups.

How can I confirm whether I’m on a secure connection ?

Check to see that the URL you’re on starts with https:// instead of http://. Most browsers provide a visual confirmation (such as an icon of a lock) in the address bar or in the status bar at the bottom of the page. On Google SSL search, you’ll also see a special Google SSL logo with a lock icon. In addition to this logo, be sure to also check the https:// text in the address bar and any browser lock icons.

When you perform a search on https://www.google.com , you might see a warning if a page has some non-secure components: depending on your browser settings, you might see the lock icon turn into a warning sign, a pop-up message, or some other form of alert. This issue is often referred to as a « mixed mode error. »

Since this is a beta feature, there might be some rare cases in search over SSL that generate a mixed mode error. We’re working to prevent such errors, and you can help if you report any errors through our Help Forum.

EOF

Share this post from Rbcafe :
Share on FacebookTweet about this on TwitterPin on PinterestShare on Google+Share on LinkedInEmail this to someoneShare on RedditBuffer this page
Page 2 sur 212
Rbcafe © 2004- | Rb Cafe 1.3 | Contacter Rbcafe | Rbcafe sur Twitter | Rbcafe sur Facebook | Politique de confidentialité