In the summer of 2005, systems administrators and security researchers from all over the world gathered in Las Vegas, Nevada for Black Hat, one of the largest computer security conferences in the world. On the morning of the first day, Michael Lynn, one of the authors of this book, was scheduled to speak about vulnerabilities in Cisco routers. These vulnerabilities were serious: an attacker cou…
It was mid-January 2003. Things were going well in my role as a network engineer supporting data center networks at Cisco. My team celebrated on January 21 when our site vice president powered off the last Avaya PBX; the Research Triangle Park (RTP) campus telephony was now 100% VoIP. We had just completed several WAN circuit and hardware upgrades and were beginning to see the highest availabil…
This series is the result of a collaborative effort of several people and institutions. The contributions presented here consolidate the findings of the project ‘Comparative Study of the National Innovation Systems of BRICS’ sponsored by the International Development Research Centre (IDRC). The project is rooted in a larger research effort on BRICS National Innovation Systems being develope…
Node.js and MongoDB are quickly becoming very popular tech stacks for the Web. Powered by Google's V8 engine, Node.js caters to easily building fast, scalable network applications while MongoDB is the perfect fit as a scalable, high-performance, open source NoSQL database solution. Using these two technologies together, web applications can be built quickly and easily and deployed to the clou…
If you’re in a security-based startup company, then you’ll know that making money requires making excitement, even if the excitement is somebody else’s public humiliation.
The evolution of the secure proxy is a reflection of the evolution of the web. The proxy began as a gateway that bridged content that was processed and managed by various information systems, and served that content to the open web dur- ing the early days of Internet web construction. The term web proxy server was given to this general intermediary to reflect its main duty at the time, namely, …
In this part of the book, you discover how to create a security plan that you can use when writing applications. Having a good security plan ensures that your application actually meets specific goals and that others can discuss how to implement security with the development team. Without a good security plan in place, hackers often find easy access to the application and cause all kinds of pro…
Like any development project, the ones in Hadoop start with proof of concept (POC). Especially because the technology is new and continuously evolving, the focus always begins with figuring out what it can offer and how to leverage it to solve different business problems, be it consumer analysis, breaking news processing, and so on. Being an open source framework, it has its own nuances and req…
Welcome to Joomla! If you’re new to content management systems or even new to building websites, this book will help you get up and running in no time. All you need is a basic understanding of HTML and CSS to create high-quality websites and powerful web applications. Whether you’re a web designer or an experienced devel- oper, this tome will help you get to know one of the most popular con…
This book is a starting point to meet the most important concepts and frameworks involved in modern web application production. Delivering a web application nowadays consists of building a complete development environment, starting with a proper design and its testing, and ending with an automated build process. Every chapter sequentially introduces a library or a tool as a specific building bl…
The Yii framework, hosted at http://www.yiiframework.com/, is a PHP-based application framework built around the Model-View-Controller composite pattern. It is suitable for building both web and console applications, but its feature set makes it most useful for web applications. It has several code generation facilities, including the full create-read-update-delete (CRUD) interface maker. It re…
REST is an architecture that uses the strengths of the Web to build services. It proposes a set of constraints that simplifies development and encourages more scalable designs. Developers (the majority of whom were outside the Microsoft world) began to adopt this set of architectural constraints shortly after it was proposed (although, to be fair, there were a few inside the Microsoft camp who …
If the APL community debated this topic, it would certainly be making the case for APL as a development tool. The decisive question is: Use APL exclusively or in conjunction with other tools? Whatever the merits, this would be a misplaced debate: the objective is to vindicate APL as a contemporary development tool, with or without other tools. The graphical user interface and a grid object are …
By its resolutions 39/79 and 39/88 of 13 December 1984, the General Assembly requested the Secretary-General to prepare, on the basis of the outline elaborated by the Special Committee on the Charter of the United Nations and on the Strengthening of the Role of the Organization and in the light of the views expressed in the course of the discussions in the Sixth Committee and in the Special Com…
Up until a few years ago, storage, computing, and network resources were intentionally kept physically and operationally separate from one another. Even the systems used to manage those resources were separated—often physically. Applications that interacted with any of these resources, such as an operational monitoring system, were also kept at arm’s length significantly involved access pol…
Deciding to add security to a web application is like deciding whether to wear clothes in the morning. Both decisions provide comfort and protection throughout the day, and in both cases the decisions are better made beforehand rather than later. Just look around and ask yourself, “How open do I really want to be with my neigh- bors?” Or, “How open do I really want them to be with me?” …
Welcome to Rootkits For Dummies, a book written for regular folks who need a better understanding of what rootkits are, what we can do to protect our computers and networks against them, and how to detect and remove them. Like Sergeant Schultz on Hogan’s Heroes, you may be among those who know “nothing, nothing” at all about them. Even the name rootkit may be unfamiliar to you — but soo…
Software engineering is the only engineering discipline where product testing is a major technical and organizational concern, as well as an important cost factor. Several factors contribute to this state of affairs: • The first factor that makes software testing such a big concern is, of course, the size and complexity of software products, which make the design of software products a high-…
Shopify has grown by leaps and bounds over the last few years and their ever expanding client list means that now is the perfect time to build a killer app to meet the needs of storeowners across the globe. With the release of the App Store, customers can read reviews, see screenshots, and install apps with a few clicks. There has been a lot of effort from Shopify to make the developer experien…
When people speak of Ruby web development, it has historically been in reference to the opinionated juggernaut that is Rails. This is certainly not an unfounded association; Hulu, Yellow Pages, Twitter, and countless others have relied on Rails to power their (often massive) web presences, and Rails facilitates that process with zeal. Why, then, are people so interested in Sinatra, the tiny lit…
Real-time web applications have traditionally been a challenging thing to achieve, relying on hacks and illusions. Many people avoid going real-time under the assumption of the complexity involved. This book will show you how to build modern, real-time web applications powered by Socket.IO, introducing you to various features of Socket.IO and walking you through the development, hosting, and s…
We extend you a very warm welcome to the first chapter of our journey. Let's give you an idea of what you will achieve here. After reading this chapter, you will have the basic and stimulating knowledge you need to set up a development environment to work with RESTful web services. Then, you will familiarize yourself with the development of a very basic project related to it. In addition, by th…
This manual is both a guide to treatment and a workbook for persons who suffer from generalized anxiety disorder. During treatment, it is a workbook in which individuals can record their own experience of their disorder, together with the additional advice for their particular case given by their clinician. After treatment has concluded, this manual will serve as a self-help resource enabling t…
This chapter introduces Python's core networking library through some simple recipes. Python's socket module has both class-based and instances-based utilities. The difference between a class-based and instance-based method is that the former doesn't need an instance of a socket object. This is a very intuitive approach. For example, in order to print your machine's IP address, you don't need a…
The successful adoption of a technology into the community of those who rely on it to conduct business is a complicated journey—one that starts with the unyielding work of designers who see something that others don’t. But without the efforts of those who believe in its value and are willing to promote (evangelize), to educate, and to adapt the tool to the needs of the community, the techno…
On the Internet, popularity is swift and fleeting. A mention of your website on a popular blog can bring 300,000 potential customers your way at once, all expecting to find out who you are and what you have to offer. But if you’re a small company just starting out, your hardware and software aren’t likely to be able to handle that kind of traffic. Chances are, you’ve sensibly built your s…
To make best use of web services and SOAP, you must have a firm understanding of the principles and technologies upon which they stand. This chapter is an introduction to a variety of new technologies, approaches, and ideas for writing web-based applications to take advantage of the web services architecture. SOAP is one part of the bigger picture described in this chapter, and you'll learn how…
Professional ASP.NET 3.5 helps the experienced programmer put the latest ASP.NET technologies into action. Greatly expanded from the original best-selling Professional ASP.NET 2.0, Professional ASP.NET 3.5 covers all the key technologies retained from 2.0 in new depth alongside the hundreds of pages of coverage of the important new 3.5 features. Written by 3 of the most well- known and influent…