5
Nov

There are four primary classes of attacks.

Reconnaissance

Reconnaissance is the unauthorized discovery and mapping of systems, services, or vulnerabilities. It is also known as information gathering and, in most cases, it precedes another type of attack. Reconnaissance is similar to a thief casing a neighborhood for vulnerable homes to break into, such as an unoccupied residence, easy-to-open doors, or open windows.
Reconnaissance attacks can consist of the following:

-Internet information queries
-Ping sweeps
-Port scans
-Packet sniffers

Access

System access is the ability for an intruder to gain access to a device for which the intruder does not have an account or a password. Entering or accessing systems usually involves running a hack, script, or tool that exploits a known vulnerability of the system or application being attacked.
Access attacks can consist of the following:

-Password Attacks
-Trust Exploitation
-Port Redirection
-Man-in-the-Middle Attack

Denial of Service(DoS)

Denial of service is when an attacker disables or corrupts networks, systems, or services with the intent to deny services to intended users. DoS attacks involve either crashing the system or slowing it down to the point that it is unusable. But DoS can also be as simple as deleting or corrupting information. In most cases, performing the attack involves simply running a hack or script. For these reasons, DoS attacks are the most feared.
The following are some examples of common DoS threats:

-Ping of Death
-SYN Flood
-DDos Attacks
-Smurf Attack


Worms, Viruses, and Trojan Horses

Malicious software can be inserted onto a host to damage or corrupt a system, replicate itself, or deny access to networks, systems, or services. Common names for this type of software are worms, viruses, and Trojan horses.
The anatomy of a worm attack is as follows:

-The enabling vulnerability-A worm installs itself by exploiting known vulnerabilities in systems, such as naive end users who open unverified executable attachments in e-mails.
-Propagation mechanism-After gaining access to a host, a worm copies itself to that host and then selects new targets.
-Payload-Once a host is infected with a worm, the attacker has access to the host, often as a privileged user. Attackers could use a local exploit to escalate their privilege level to administrator.

6
Mar

it’s easiest to install a package such as Xampplite, which installs Apache, PHP, and MySQL on to a Windows machine with minimum configuration by you,If you aren’t familiar with the process of setting up a web server. It also helps to have a good PHP editor on your system. You can do it all on a text editor, but I find that the syntax highlighting feature of a good editor saves me from making lots of simple mistakes with unclosed brackets or mismatched quotation marks and notepad++ is enough for me too.

Once you’ve reached this far, now to have CI running on your system. Once your server is set up, go to the CodeIgniter site at http://www.codeigniter.com/ and download the latest version of the framework. Version 1.7.1, the latest, is only 893KB when zipped, so the download doesn’t take that long. Unzip the folder, and install the CodeIgniter files in your web root folder. If you are using Xampplite(XAMPP), this is usually the htdocs folder within the Xampplite folder. Included with CI is a comprehensive user guide (in the user_guide folder). You’ll use this a lot. It is usually clear, and often goes into more detail than this book can. So, try it if you get stuck.

When these files are on your machine, you can access them in two ways:
As a URL—e.g., http://127.0.0.1
Through the normal directory path: e.g.,
C:/xampplite/htdocs/index.php or http://localhost/CodeIgniter_1.7.1
You should be able to see the CI welcome screen by simply navigating to your URL with the browser. It’s that simple! The welcome page tells you that what you are seeing is built by two files, a view and a controller.

(source:Upton, David. 2007. CodeIgniter for Rapid PHP Application Development. Packt Publishing, Birmingham.)

18
Feb

Most of us just want to write applications that work well, and to do it as simply and easily as we can. If you need to produce results, if you think that the details and intricacies of coding are for geeks, then you should look at CodeIgniter (CI to its friends). CI is free, lightweight, and simple to install, and it really does make your life much easier. If you are already writing code in PHP, CodeIgniter will help you to do it better, and more easily.
It will cut down on the amount of code you actually type. Your scripts will be easier to read and update.

Here are two examples (If you are already writing code in PHP, CodeIgniter will help you to do it better, and more easily ).
Imagine you are writing a database query. This is how you might write a function within your PHP programme to query a MySQL database:
$connection = mysql_connect(“localhost”,”fred”,”12345″);
mysql_select_db(“websites”, $connection);
$result = mysql_query (“SELECT * FROM sites”, $connection);
while ($row = mysql_fetch_array($result, MYSQL_NUM))
{
foreach ($row as $attribute)
print “{$attribute[1]} “;

}

Now see how a CI function would handle a similar query:
$this->load->database(‘websites’);
$query = $this->db->get(’sites’);
foreach ($query->result() as $row)
{
print $row->url
}

Compare the character counts: 244 for the traditional syntax; 112 for CI.

Now let’s imagine that you are writing a data entry form in HTML, and you want
a drop-down query box. Let’s say this drop-down query box shows three options and allows the user to select one of them. In HTML, a drop-down box can be created like this:
<select name=”type”>
<option value=”1″>www.this.com</option>
<option value=”2″>www.that.com</option>
<option value=”3″ selected>www.theother.com</option>
</select>

CI’s version is both shorter and, because it works from an array, more adapted to PHP processing:

$urlarray = array(

‘1′ => ‘www.this.com’,
‘2′ => ‘www.that.com’,
‘3′ => ‘www.theother.com’,

);
$variable .= form_dropdown(‘url’, $urlarray, ‘1′);

In HTML, you need to type 154 characters; in CI, 128.

Imagine that you’ve just written a menu page, with lots of hyperlinks to other pages in your site. They are all in the traditional HTML format:
<a href=”http://www.mysite.com/index.php/start/hello/fred
“>say hello to Fred</a>

Then, you decide to move the site to another URL. That means you have to go painstakingly through your code, looking for each URL, and re-writing it, or else none of your links will work.
CI gives you a simple function to write hyperlinks like this:
echo anchor(start/hello/fred, Say hello to Fred);

if you want to compare  PHP framework:http://www.zflinks.com/Zend-Framework-and-Other-Frameworks/Taking-a-look-at-ten-different-PHP-frameworks-l8.html
(source:Upton, David. 2007. CodeIgniter for Rapid PHP Application Development. Packt Publishing, Birmingham.)

16
Feb

CodeIgniter vs Zend

Author: Bo1

CodeIgniter
Set Up: CodeIgniter is very easy to set up. Copy all the framework files to the web server and it’s good to go. It also has a small folder size – about 2.1 Mb.
Documentation: The documentation is very well-structured and organized although it is a bit less detailed than the Zend framework documentation. CodeIgniter also has forums and a wiki which feature a lot of user-submitted code.
Flexibility: CI is very flexible allowing almost all defaults to be modified.
Performance: CI has about double the performance of the Zend Framework.
Testing: CodeIgniter has a unit testing class but it encourages mixing the test code with the actual source code so I don’t recommend it.A third-party extension for SimpleTest is available though.Using PHPUnit with the CI classes should also be possible.

*CodeIgniter advantages include:

  • Extremely easy to setup.
  • Lower learning curve then the Zend Framework.
  • More accessible documentation.
  • Concise syntax – The Zend Framework syntax is wordier.
  • 100% faster than the Zend framework.

Zend Framework
Set Up:The Zend Framework requires a bit of effort to setup the project. It requires the creation of a bootstrap file with all the initialisation stuff it. The framework is relatively large – about 12.4Mb and the set-up process took about 19 minutes.
Documentation: The Zend Framework has very detailed documentation with a lot of examples. It is less organised than the CodeIgniter docs in my view although this could be down to the afore-mentioned detail and the large number of components available in the framework.ZF also has a wiki with a few tutorials.
Flexibility: CZF is simply a collection classes and as such any file or folder can be placed anywhere as long as the location is added to the bootstrap file.
Performance: The Zend Framework is about half as fast as CodeIgniter.
Testing:The Zend Framework does not have a built-in unit testing class but the core classes use PHPUnit as their test framework and this can be extended to include any additional classes.Using SimpleTest with the ZF classes should also be possible.

*The Zend Framework advantages include:

  • The “official PHP framework”.
  • My workplace is already a Zend “partner”.
  • Full-featured layout and template system.
  • Massive number of classes and components.
  • Extremely flexible.
  • More advanced database library.
  • More advanced validation library.
  • Internationalization support.

Conclusion
CodeIgniter is over twice the speed of the Zend framework in all cases and CakePHP is a lot slower than the other two PHP frameworks.

for the benchmarks is in here : PHP framework comparison benchmarks

(Source: http://www.avnetlabs.com/php/php-frameworks-revisited-codeigniter-vs-zend-framework)

16
Feb

PHP Framework?

Author: Bo1

PHP Framework implements the Model-View-Controller (MVC) design pattern, and encourages application design based on the Model 2 paradigm. This design model allows the Web page or other contents (View) to be mostly separated from the internal application code (Controller/Model), making it easier for designers and programmers to focus on their respective areas of expertise.

The framework provides a single entry point Controller. The Controller is responsible for allocating HTTP requests to the appropriate Action handler (Model) based on configuration mappings.

The Model contains the business logic for the application. The Controller then forwards the request to the appropriate View component, which is usually implemented using a combination of HTML with PHP tags in the form of templates. The resulting contents are returned to the client browser, or via another protocol such as SMTP.

(source: http://www.phpmvc.net/)

This is the list of PHP frameworks use for creating web application
# Akelos PHP Framework
# CakePHP
# Chisimba
# CodeIgniter
# FUSE
# Horde
# Jaws
# Kohana
# Kolibri
# LISA MVC
# Mambo
# MediaWiki
# Midgard
# MODx
# Nette Framework
# Orinoco Framework
# PHP For Applications
# Qcodo
# QPHP Framework
# Seagull PHP Framework
# SilverStripe
# Simplicity PHP framework
# SWiZ
# Symfony
# Tigermouse
# Zend Framework
# Zikula
# Zoop Framework

(Source: http://en.wikipedia.org/wiki/List_of_web_application_frameworks)

16
Feb

What is PHP?

Author: Bo1

PHP is a scripting language originally designed for producing dynamic web pages. It has evolved to include a command line interface capability and can be used in standalone graphical applications.[2]

While PHP was originally created by Rasmus Lerdorf in 1995, the main implementation of PHP is now produced by The PHP Group and serves as the de facto standard for PHP as there is no formal specification.[3] PHP is free software released under the PHP License, however it is incompatible with the GNU General Public License (GPL), due to restrictions on the usage of the term PHP.[4]

PHP is a widely-used general-purpose scripting language that is especially suited for web development and can be embedded into HTML. It generally runs on a web server, taking PHP code as its input and creating web pages as output. It can be deployed on most web servers and on almost every operating system and platform free of charge.[5] PHP is installed on more than 20 million websites and 1 million web servers.[6]

(source: http://en.wikipedia.org/wiki/PHP)

14
Feb

Progress

Author: Bo1

Still progress!!