CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – More Protocols
Host-to-Host Transport Layer Protocols
TCP – Transmission Control Protocol
- Connection oriented
- Sequenced packets
- Acknowledgement is sent back for received packets
- If no acknowledgement then packet is resent
- Packets are re-sequenced
- Manageable data flow is maintained
Note: TCP and UDP use dynamic port numbers greater than 1023
CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Protocols – Continued
Data Encapsulation
- The process in which information from one packet is wrapped around or attached to the data of another packet
- In the OSI model each layer encapsulates the layer immediately above it
OSI Layers
- Process down the stack and up the stack
- Each layer communicates with corresponding layer through the stack
CISSP Exam Note (Domain 2: Telecommunications and Networking Security) – Protocols
Protocols – a standard set of rules that determines how computers communicate with each other across networks despite their differences
Layered architecture
- Shows how communication should take place
- Clarify the general functions of a communication process
- To break down complex networking processes into more manageable sub-layers
- Using industry standard interfaces enables interoperability
- To change the features of one layer without changing the code in every layer
- Easier troubleshooting Read more
Yeah Boy! Yah Suck! – David Pogue | Microsoft
This week’s, Yeah Boy!!!
I don’t know if you’ve heard of David Pogue, New Technology Columnist for NyTimes.Com. His website is aptly named: DavidPogue.com. I first got turned on to him (no he did not turn me on 
) when he did the keynote for a marketing conference I attended in Las Vegas about 2 years ago. The man has proven that he had the gift for writing, the gift of gab, he delivers his stuff in a very down-to-earth and funny fashion (both in text and in speech) and as he demonstrated in that keynote speech, he got musical skills, too. He explained that Music was actually his major in college and becoming one of the most recognized and respected tech reviewer in the web today is quite a feat indeed. Read more
Does Microsoft Even Care? Technet willing host of Spammers…
I was out of commission for the past two days, not because I was sick, but is simply loaded with other commitments and barely had any chance to pee… 
…
Anyway, an unavoidable facet of blogging or the Web 2.0 framework in general, wherein the web publisher allows their visitors to submit entries such as comments, is the fact that you will be dealing with a lot of spammers who will use every trick in the book to exploit your system. This blog is no exception. I do, however, care and try to monitor and try my best not to let spammers inundate this blog with useless crap.
It is a standard practice for all Web 2.0 systems developers to provide some form of spam protection in their system and it is wise for the users of these systems to utilize these protections in order for them to avoid getting their site inundated with junk and their mailbox with even more junk. Read more
Thursday Geek Mail – Stuff in my e-mail that may be worth sharing
Why Small Businesses Quit Advertising Online
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
When I was focused 100% on online advertising, the rate of advertiser churn was perhaps the biggest challenge of the business.
Customers buying cheap ad packages were extremely happy and loyal (well over 90% retention). They got a great value and bought a product that they understood.
But as the advertising become more sophisticated and expensive, advertiser churn became a major drag.
Read more
Bum-A-Post Wednesday: How to Fix a Computer or PC that is Not Booting/Starting Up? How Can I Fix my PC Without Having a Boot CD? Where Can I Get a Boot CD for Windows?
How to Fix a Computer or PC that is Not Booting Up? How Can I Fix my PC Without Having a Boot CD? What Should I Do if I Don’t Have a Boot Disc? Where Can I Get a Boot CD for Windows?
One of my friend’s computer had numerous problems. He used to ignore all the error messages he gets in his Windows XP and continued to work with it, until the day it became dead.
And he asked me how he could revive it, because he was not even able to start his computer and didn’t know where his boot CD was. Read more
Let’s do the Wave… (Or at least as soon as I figure out how…)
I finally received my invite for Google Wave. If you have not heard of Wave, below is the snippet from Google Wave about page:
Google Wave is an online tool for real-time communication and collaboration. A wave can be both a conversation and a document where people can discuss and work together using richly formatted text, photos, videos, maps, and more. Read more
Join Me On Facebook
Business Tech Press Releases- Telecom Argentina S.A. Announces Consolidated Annual Period ('FY09') and Fourth Quarter Results for Fiscal Year 2009 ('4Q09')* March 10, 2010
- Country Club Products Chooses Direct|Connect 4.0 for its Paid Search Marketing Needs March 10, 2010
- RTS Introduces First Phase of Technology Initiative to Further Reduce Latency March 10, 2010
- Health Privacy Rights Are Threatened by Proposed Federal Rule for Electronic Health Records (EHRs) March 10, 2010
- Motorola Announces Industry Leading Capabilities for MOTOTRBO(TM) Professional Digital Two-way Radio System March 10, 2010
- From the National Vulnerbility Database
- CVE-2010-0940 (simple_php_guestbook) March 7, 2010Cross-site scripting (XSS) vulnerability in guestbook.php in Simple PHP Guestbook 1.0 allows remote attackers to inject arbitrary web script or HTML via the action parameter. […]nvd@nist.gov
- CVE-2010-0936 (dkvm-ip8) March 7, 2010Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlinkA4_p8_20071213 allows remote attackers to inject arbitrary web script or HTML via the nickname parameter. […]nvd@nist.gov
- CVE-2010-0945 (com_hotbrackets) March 7, 2010SQL injection vulnerability in the HotBrackets Tournament Brackets (com_hotbrackets) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. […]nvd@nist.gov
- CVE-2010-0938 (todoo_forum) March 7, 2010Cross-site scripting (XSS) vulnerability in todooforum.php in Todoo Forum 2.0 allows remote attackers to inject arbitrary web script or HTML via the id_forum parameter in a post action. […]nvd@nist.gov
- CVE-2010-0944 (com_jcollection) March 7, 2010Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. […]nvd@nist.gov
- CVE-2009-4678 (winn_guestbook) March 7, 2010Cross-site scripting (XSS) vulnerability in index.php in Winn Guestbook 2.4 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO. […]nvd@nist.gov
- CVE-2010-0943 (com_jashowcase) March 7, 2010Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php. […]nvd@nist.gov
- CVE-2010-0939 (abb_forum) March 7, 2010Visialis ABB Forum 1.1 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for fpdb/abb.mdb. […]nvd@nist.gov
- CVE-2010-0942 (com_jvideodirect) March 7, 2010Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. […]nvd@nist.gov
- CVE-2010-0937 (visualization_library) March 7, 2010Multiple unspecified vulnerabilities in Visualization Library before 2009.08.812 have unknown impact and attack vectors. […]nvd@nist.gov
- CVE-2010-0940 (simple_php_guestbook) March 7, 2010