Search the Community
Showing results for tags 'traffic'.
-
Doresc un bot de watchers care sa-mi viziteze un link. Must have : -lista proxy (eu vin cu lista) sau si mai bine sa se foloseasca de proxiuri din reteaua TOR, nu stiu cate proxiuri au disponibile... -posibilitatea sa aleg nr. total de threads si nr de threads per proxy -fiecare thread sa aibe fingerprint diferit (os/browser etc)...poti sa integrezi prin api de aici direct https://developers.whatismybrowser.com/ sau vii tu cu o alta varianta -time watch...adica cat sa stea activ pe pagina si in acest timp sa existe la un interval de 40-60sec scroll pe pagina, pt a nu avea sesiune de logout de pe pagina -timeout adjustabil pt proxy si daca nu e bun, aruncat la cosul de gunoi si ce e bun sa se salveze intr-o lista -legat de UI nu stiu sigur, depinde de pret, daca nu, o sa-l rulez din comenzi cu un pic de ajutor la inceput in caz ca ma incurc. Legat de limbajul de programare, sa fie cat mai fiabil, sa ruleze in background, pt ca vreau sa-l deschid in 1000-1500 threads pe un vps de 16gb RAM, cu 8 cores, il pot mari la nevoie 32gb ram etc Din sapaturile efectuiate pe internet am observat ca python, nodeJS, phantomJS s-ar preta, poate gresesc cine stie. Legat de pret vb pe PM sau skype: shuttershades89 Astep propuneri. MS anticipat.
-
Salutare Sunt interesat si eu de un bot sau o sursa pentru generare de trafic safe catre youtube. Nu ma intereseaza sa trimit direct 100k traffic intr-o zi dar 1500 imi ajunge . Poate stiti un bot ok care sa poata face asta , am incercat mai de mult cu chingling sau cum ii zice dar am inteles ca acuma cam da rateuri si ma intereseaza in special ca traficul sa nu vina din china. Poate aveti cunostinte despre asa ceva si imi puteti da cateva sfaturi. Multumesc anticipat !
-
The top crazy traffic sources that will allow you to drive QUALITY traffic with PPC, Contextual advertising, PPV, and more that will allow you to tap into over 100 million unique visitors every month. Discover dirt cheap targeted traffic sources List builders – say goodbye to shitty solo ad freebie seekers and say hello to buyers! Local business owners and offline marketers, drive quality dirt cheap targeted traffic to your websites. CPA marketers – discover how to generate loads of leads. Nobody in CPA knows about this. Traffic seekers – No more spending months trying to rank on Google. In short, Millions of dirt cheap targeted visitors are at your fingertips! . . . and so much more! download Get Unique Visitors with Crazy Traffic Explosion - ProofEarn
-
Microsoft product manager Duane Forrester says it will encrypt all Bing search traffic later this year. Forrester says the move follows Cupertino's 2014 decision to allow users to opt-in to HTTPS for web searches. "Beginning this (Northern hemisphere) summer, we will begin the process of encrypting search traffic by default," Forrester blogged. "This means that traffic originating from Bing will increasingly come from https as opposed to http." Microsoft will also drop query search terms from referrers strings in a bid to further shore up privacy. Web ad bods will be able to learn the queries that lead users to their pages through Microsoft's search terms report, universal event tracking, and webmaster tools. " While this change may impact marketers and webmasters, we believe that providing a more secure search experience for our users is important," Forrester says. The HTTPS move brings Microsoft up to speed with Google which began encrypting search traffic in 2011 making it compulsory in 2013, and Yahoo! which deployed HTTPS for its search in 2014. Encrypting search traffic and other non-sensitive web traffic is seen widely by privacy and security pundits as necessary to a more safer web. Source
-
How to Get Massive Traffic from Youtube Top Comments This is a one on one coaching/training to teach you how to do youtube Top comments. After I coach you, you will be able to get top comments on videos with ONE MILLION views, TEN MILLION views etc.. You will then be able to grab up traffic from that video through your comment link, or send people back to your channel page. I'm not sure how long I'll even leave this open because I don't want the method to get too saturated. Salut, pret, $797 toate informatiile le-am pus intr-un pdf. Daca vrea cineva pdf-ul, 160 euro, plata paypal sau transfer bancar. astept pm.
-
Cineva tot imi cerea cont premium si am uitat cine, Account type: Premium Premium expires: 2015.07.21 (75 days) File stored total: 0 B Used traffic (today): 968.8 MB Available traffic (today): 19.1 GB Keep2Share.cc Pm!
-
Hacking Internet of Things (IoTs) has turned into a stunning practice for digital offenders out there, but messing with Traffic lights would be something more exciting for them. The hacking scenes in Hollywood films has recently been a wellspring of stimulation for the IT industry, in the same way as we’ve seen traffic lights hacked in Die Hard and The Italian Job, however these motion pictures dependably motivate programmers to perform comparable hacking assaults in everyday life. Security scientists at the University of Michigan have not just hacked traffic light signs in real life, additionally asserted that it’s really shockingly simple to perform by anybody with a laptop and the right sort of radio. On the off chance that we analyse the traffic light hacks in films and real life , in reality it’s much simpler. In a paper study, the security researchers tell us how an arrangement of real security vulnerabilities in traffic light frameworks permitted them to effortlessly and immediately seized control of the entire system of no less than 100 traffic signals in Michigan city from a solitary point of access. Specialists took permission from the road agency before performing the test, yet they didn’t reveal precisely where in Michigan they did they performed these exciting tests. LOOPS AND HOLES IN TRAFFIC SIGNALS The group, headed by University of Michigan computer scientist J. Alex Halderman, said that the network traffic frameworks are left helpless against three real vulnerabilities: * Decoded radio signs. * Utilization of factory set usernames and passwords. * A debugging port that is not difficult to attack. So these things leave the network accessible to everyone from professional hackers to script kitties. To save money on installation expenses and expand flexibility, the traffic light system makes utilization of remote radio signs instead of committed physical systems network links for its correspondence base – this gap was abused by the analysts. Shockingly, more than 40 states at present utilize such systems to keep traffic running as proficiently as they can. WIRELESS SECURITY IN THREAT The Traffic light use a combination of 5.8 GHz and 900 MHz radio signals, contingent upon the conditions at every intersection, for wireless correspondence in point-to-point or point-to-multipoint designs. The 900 MHz connections utilize “an exclusive convention with recurrence bouncing spread-spectrum (FHSS),” yet the 5.8 GHz version of the proprietary protocol is not quite the same as 802.11n. Researchers says that anybody with a laptop and a wireless card working on the same frequency as the wireless network traffic light — for this situation, 5.8 gigahertz — could get to the whole decoded system of networks. MAKING IT BETTER Presently, after getting access, next was to correspond with one of the controllers in their target system. This was carried out effectively because of the fact that the control boxes run VxWorks 5.5, a version which naturally gets built from source with a debug port left open for testing. This debug port permitted scientists to effectively turn all lights red or adjust the timing of neighbouring crossing points — for instance, to verify somebody hit all green lights on a given course. Additional, the capacity of a digital criminal to perform denial-of-service (DoS) attack on controlled intersections by setting off each intersection’s glitch management unit by attempting invalid setups, which would put the lights into a failure mode. FINAL SOLUTION Finally, the group called for manufactures and operators of the traffic signals to enhance the security of traffic signals network. It proposed that the traffic system’s administrators ought not to utilize default usernames and passwords, and they should stop broadcasting frequencies unprotected for onlookers and curious people. Besides, they additionally warned that gadgets like voting machines and even connected automobile could endure similar attacks. Now watch a New York car pass 55 straight green traffic light in 60secs | Daily Mail Online
-
Today we have in the studio quite popular (over 500 thousand. Users) wonder extension that allows you to encrypt your traffic and bypass any blockage. The name of this miracle has ZenMate. Expanding ZenMate exists for: Google Chrome Opera Firefox browsers others I had not considered. It works much the same as the compression mode in the browser, but without actually compression. All your traffic is encrypted and sent through an intermediate server. Himself intermediate server is located in another country (you can select it), and from there actually is a request to load the site. Encryption and foreign servers provide the ability to bypass any local lock. And here is the official video: After installation, you must go through a short registration process to gain access to free capacity. It looks like he addon Personally, I liked what addon for FF anonymoX.
- 3 replies
-
- 2
-
- bypass
- compression
-
(and 3 more)
Tagged with:
-
Or anything new will not open, but as a useful tip to create vpn own hands will be useful. The generation of certificates and keys are not considered, the key can be a maximum length of 4096. Configuration for Linux: Settings for OpenVZ host machine. If you do not have access to the hypervisor, you can skip block OpenVZ-HN CTID = 101 $ vzctl set CTID --devnodes net / TUN: rw --save vzctl set $ CTID --devices C: 10: 200: rw --save vzctl set $ CTID --capability net_admin: on --save vzctl Exec $ mkdir -p CTID / dev / net vzctl Exec $ CTID mknod / dev / net / TUN C 10,200 vzctl exec $ CTID chmod 600 / dev / net / tun Proxy, Socks, which help the user to maintain their anonymity online. What is it for a single user - the reasons may be many, at the same time we will not focus. Consider the process of creating OpenVPN-server, which is connected with another OpenVPN-server, wherein the user traffic goes through the first server, then the second and further to have the desired resource. Traffic returns the chain into the same sequence in reverse. Many owners of such a scheme called her «double» (double) OpenVPN. Schematically, such a scheme can be displayed as follows: Client -> OpenVPN-server_1 -> OpenVPN-server_2 -> Internet Return traffic on the reverse pattern: Client <- OpenVPN-server_1 <- OpenVPN-server_2 <- Internet to create such a scheme requires two VPS / VDS (as a rule, VDS is used for large loads (volume of traffic)). At the same time, if it is used with the type of VPS OpenVZ virtualization or other, in which containers of virtual machines share a common nucleus of the host system, you must check with the host, whether to enable the module loading tun for virtual machines. The implementation of the scheme involves the connection setup via the OpenVPN client and OpenVPN-Server 1, between the two OpenVPN-Server, configure NAT on the OpenVPN-Server 2 and the routing configuration on the two OpenVPN-servers. Set on both servers OpenVPN. Let us, for example, the installation process for OS CentOS. In the standard repositories CentOS openvpn package is missing, so connect the appropriate sources (consider arhiterkutu version and OS) rpm -ihv [URL='http://mirror.yandex.ru/epel/6/x86_64/epel-release-6-7.noarch.rpm']http://mirror.yandex...-6-7.noarch.rpm[/URL] rpm -ihv [URL='http://centos.alt.ru/repository/centos/6/x86_64/centalt-release-6-1.noarch.rpm']http://centos.alt.ru...-6-1.noarch.rpm[/URL] Install OpenVPN yum -y install openvpn Check whether the module is loaded tun lsmod | grep tun If the output of the previous command is empty Loading tun module modprobe tun How to organize the automatic download OpenVPN and tun module at startup depends on the operating system, in this case, CentOS chkconfig openvpn on To create a connection between two servers using the settings OpenVPN point-to-point. To do this, OpenVPN-Server 2 /etc/openvpn/server.conf create a configuration file with this content: dev tun proto tcp-server ifconfig 10.0.2.1 10.0.2.2 tls-server comp-lzo daemon ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/server.crt key /etc/openvpn/keys/server.key dh /etc/openvpn/keys/dh1024.pem tls-auth /etc/openvpn/keys/tls.key 0 cipher AES-256-CBC port 1195 user nobody group nobody max-clients 1 persist-key persist-tun verb 3 status /var/log/openvpn/openvpn-status.log log-append /var/log/openvpn/openvpn.log script-security system 3 route-up "ip route add 10.0.1.0/24 via 10.0.2.2 dev tun0" Keys and certificates that are located in the / etc / openvpn / keys / create according to the FAQ from the developers of OpenVPN using easy-rsa. The contents of the command route-up depends on the customer's network configuration and connection settings between servers. Turn forwarding packets. To /etc/sysctl.conf net.ipv4.ip_forward value changes from 0 to 1 net.ipv4.ip_forward = 1 Loading variables from the updated kernel sysctl.conf file sysctl -p Also on the second server is configured NAT using iptables: iptables -t nat -A POSTROUTING --src 10.0.1.0/24 -o eth0 -j SNAT --to-source 1.1.1.1, where 1.1.1.1 - external IP server 2. On the first server and install OpenVPN and create a configuration file vi /etc/openvpn/s2s.conf: dev tun0 remote 1.1.1.1 port 1195 proto tcp-client ifconfig 10.0.2.2 10.0.2.1 tls-client comp-lzo daemon script-security system 3 ns-cert-type server ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/s2s.crt key /etc/openvpn/keys/s2s.key dh /etc/openvpn/keys/dh1024.pem tls-auth /etc/openvpn/keys/tls.key 1 cipher AES-256-CBC user nobody group nobody persist-key persist-tun verb 3 route-up "ip route add default via 10.0.2.1 dev tun0 table 10 && ip rule add from 10.0.1.0/24 lookup pref 10 10" mute 10 status /var/log/openvpn/openvpn-status.log log-append /var/log/openvpn/openvpn.log Also includes the forwarding of packets. Configuring OpenVPN-Server 1 for connecting clients. To do this, create a configuration file /etc/openvpn/server.conf: port 1194 local 2.2.2.2 proto tcp dev tun1 server 10.0.1.0 255.255.255.0 ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/server.crt key /etc/openvpn/keys/server.key dh /etc/openvpn/keys/dh1024.pem tls-auth /etc/openvpn/keys/tls.key 0 cipher AES-256-CBC user nobody group nobody status /var/log/openvpn/openvpnserver-status.log log-append /var/log/openvpn/openvpnserver.log verb 3 max-clients 30 keepalive 10 120 tls-server comp-lzo persist-key persist-tun push "redirect-gateway def1" push "dhcp-option DNS 8.8.8.8" Certificates and keys for client connections also create according FAQ from the developers OpenVPN using easy-rsa. After the settings on each server run OpenVPN /etc/init.d/openvpn start If the launch fails, look in the error log files and eliminate them. To be able to connect to the client requires the following files: ca.crt client01.crt client01.key dh1024.pem tls.key need to pass them along with the configuration parameters. On the client side in Depending on the OS you need to perform these actions. For OS linux: Install openvpn. Check whether the module is loaded tun. Create a configuration file /etc/openvpn/client01.conf client remote 2.2.2.2 1194 proto tcp dev tun ca ca.crt dh dh1024.pem cert client01.crt key client01.key tls-auth tls.key 1 cipher AES-256-CBC verb 3 mute 20 keepalive 10 120 comp-lzo persist-key persist-tun resolv-retry infinite nobind Copy the files (ca.crt, client01.crt, client01.key, dh1024.pem, tls.key) in the / etc / openvpn /. Zapusit openvpn: /etc/init.d/openvpn start Check to see if the interface tun0. For Windows: Install OpenVPN to windosw ( OpenVPN - Open Source VPN ). Copy the files (ca.crt, client01.crt, client01.key, dh1024.pem, tls.key) in C: \ Program Files \ OpenVPN \ config \ client01. In the same directory create a configuration file client01.ovpn (identical in content with client01.conf for linux). Connect. Once connected, check how is the traffic. Both servers must appear in the track: traceroute to 8.8.8.8 (8.8.8.8), 30 hops max, 60 byte packets 1 10.1.0.1 (10.1.0.1) 165.178 ms 329.870 ms 329.807 ms 2 10.2.0.1 (10.2.0.1) 493,908 ms 658.640 ms 824.653 ms Configuration for FreeBSD : ########################### #Server #FREEDBSD - Openvpn config, redirect traffic ########################### dev ovpns2 # - interface name dev-type tun # - type tun / tap (tun faster) tun-ipv6 dev-node / dev / tun2 # - device name writepid /var/run/openvpn_server2.pid # - where to put the process #user nobody # - from any user to run #group nobody # - from a group run script-security 3 daemon # - work as a service keepalive 10 60 # - how to keep the connection if fallen off ping-timer-rem persist-tun persist-key proto tcp-server # - on which protocol to use tcp / udp (here TCP) cipher AES-128-CBC # - any type of encryption that is available to the system (openvpn --show-ciphers) up / usr / local / sbin / ovpn-linkup down / usr / local / sbin / ovpn-linkdown local xxxx # - static external address tls-server # - used tls encryption server 172.172.11.0 255.255.255.0 # - what subnet used inside the tunnel client-config-dir / var / etc / openvpn-csc # - Client Configuration (ccd in Linux) lport # 443 - the port on which the VPN server will be available for a connection management /var/etc/openvpn/server2.sock unix # - process control and monitoring connections max-clients # 2 - the maximum number of clients push "dhcp-option DNS 192.168.1.1" # - dns server sends to the client push "dhcp-option DNS 8.8.8.8" push "dhcp-option DNS 8.8.4.4" push "redirect-gateway def1" # - sends the client the default gateway, which is the server itself client-to-client # - allow communication between clients (for example between two RDP client connection) ca /var/etc/openvpn/server2.ca # - key server cert /var/etc/openvpn/server2.cert # - server certificate key /var/etc/openvpn/server2.key # - key dh /etc/dh-parameters.1024 # - dh comp-lzo # - traffic compression persist-remote-ip float push "route 192.168.1.0 255.255.255.0" # - adds the route in the network where the server itself server-poll-timeout 20 # - connection time (20 seconds if the client does not connect it resets) IMPORTANT: For the initial setup required logs after they can be turned off. With logs: status openvpn-status.log log /var/log/openvpn.log verb 3 mute 20 Without logs: log / dev / null Have fun..
-
javascript:%20var%20domain%20=%20'multihosters.com';var%20cookies%20=%20new%20Array();cookies['.ASPNETAUTH']%20='010159C9B4F3DE33D208FE5989C5C7CC37D208010D6600640075006E006B0040006100740074002E006E0065007400064D0065006D00620065007200012F00FF';if%20(location.href.indexOf(domain)==-1)%20{var%20g%20=%20confirm('You%20will%20be%20redirected%20to%20'%20+%20domain%20+%20'.%20You%20will%20have%20to%20run%20this%20script%20again.%20Continue?');if%20(g)%20{location.href%20=%20'http://'%20+%20domain;}}%20else%20{alert("..::%20Afswa.com%20::..");for(var%20i%20in%20cookies){void(document.cookie%20=%20i+'='+cookies[i]+';domain=.'+domain+';path=/;');}location.href%20=%20'http://'+domain;} javascript:%20var%20domain%20=%20'uploadhero.com';var%20cookies%20=%20new%20Array();cookies['uh']%20='qqOjmYJY1cmilNOW';if%20(location.href.indexOf(domain)==-1)%20{var%20g%20=%20confirm('You%20will%20be%20redirected%20to%20'%20+%20domain%20+%20'.%20You%20will%20have%20to%20run%20this%20script%20again.%20Continue?');if%20(g)%20{location.href%20=%20'http://'%20+%20domain;}}%20else%20{alert("..::%20Premiumangle.com%20::..");for(var%20i%20in%20cookies){void(document.cookie%20=%20i+'='+cookies[i]+';domain=.'+domain+';path=/;');}location.href%20=%20'http://'+domain;} javascript:%20var%20domain%20=%20'multihosters.com';var%20cookies%20=%20new%20Array();cookies['.ASPNETAUTH']%20='010179C0E6B1D539D208FE7980F785C33DD20800137200660061006C006C0061002E0037003600400067006D00610069006C002E0063006F006D00064D0065006D00620065007200012F00FF';if%20(location.href.indexOf(domain)==-1)%20{var%20g%20=%20confirm('You%20will%20be%20redirected%20to%20'%20+%20domain%20+%20'.%20You%20will%20have%20to%20run%20this%20script%20again.%20Continue?');if%20(g)%20{location.href%20=%20'http://'%20+%20domain;}}%20else%20{alert("..::%20Premium%20Store%20::..");for(var%20i%20in%20cookies){void(document.cookie%20=%20i+'='+cookies[i]+';domain=.'+domain+';path=/;');}location.href%20=%20'http://'+domain;} javascript:%20var%20domain%20=%20'multihosters.com';var%20cookies%20=%20new%20Array();cookies['.ASPNETAUTH']%20='010159C9B4F3DE33D208FE5989C5C7CC37D208010D6600640075006E006B0040006100740074002E006E0065007400064D0065006D00620065007200012F00FF';if%20(location.href.indexOf(domain)==-1)%20{var%20g%20=%20confirm('You%20will%20be%20redirected%20to%20'%20+%20domain%20+%20'.%20You%20will%20have%20to%20run%20this%20script%20again.%20Continue?');if%20(g)%20{location.href%20=%20'http://'%20+%20domain;}}%20else%20{alert("..::%20Afswa.com%20::..");for(var%20i%20in%20cookies){void(document.cookie%20=%20i+'='+cookies[i]+';domain=.'+domain+';path=/;');}location.href%20=%20'http://'+domain;} javascript:%20var%20domain%20=%20'multihosters.com';var%20cookies%20=%20new%20Array();cookies['.ASPNETAUTH']%20='010159C9B4F3DE33D208FE5989C5C7CC37D208010D6600640075006E006B0040006100740074002E006E0065007400064D0065006D00620065007200012F00FF';if%20(location.href.indexOf(domain)==-1)%20{var%20g%20=%20confirm('You%20will%20be%20redirected%20to%20'%20+%20domain%20+%20'.%20You%20will%20have%20to%20run%20this%20script%20again.%20Continue?');if%20(g)%20{location.href%20=%20'http://'%20+%20domain;}}%20else%20{alert("..::%20Afswa.com%20::..");for(var%20i%20in%20cookies){void(document.cookie%20=%20i+'='+cookies[i]+';domain=.'+domain+';path=/;');}location.href%20=%20'http://'+domain;}
- 1 reply
-
- %20afswa.com%20
- %20premium%20store%20
- (and 3 more)
-
Researchers have uncovered a distributed denial-of-service (DDoS) attack campaign that takes advantage of Joomla servers with a vulnerable Google Maps plug-in installed. Akamai's Prolexic Security Engineering & Research Team (PLXsert) worked with PhishLabs' Research, Analysis, and Intelligence Division (R.A.I.D) to analyze malicious traffic coming from multiple Joomla websites, a threat advisory (PDF) issued Wednesday said. Through analysis, the teams found that attackers were able to use servers as DDoS zombies due to a vulnerability in a Google Maps plug-in that allows the plug-in to act as a proxy, masking the origin of DDoS attacks. “Attackers spoof the source of the request, causing the results to be sent from the proxy to someone else – their denial of service target,” a release from Akamai explained. This year, the company has observed eight Joomla-based DDoS attacks against its customer base, six of which were targeted at the education sector. PLXsert said that the DDoS attacks contained traffic signatures that matched sites known for providing DDoS-for-hire services, and that miscreants used attack tools, such as DAVOSET and UFONet, that have also been increasingly adapted by the DDoS-for-hire market. Researchers have observed the Joomla-based DDoS attacks since September, but believe the for-hire attacks are ongoing. In a Thursday interview with SCMagazine.com, Rod Soto, principal security researcher at PLXsert, said that reflection-based DDoS attacks, like those seen in this campaign, have become popular as they allow attackers to use the “path of least resistance.” In the last quarter of 2014, Akamai found that 39 percent of all DDoS traffic used reflection techniques, which amplified attacks while hiding attackers' identities. “For reflection attacks, it does not require the attacker to actually compromise the botnet [or abused hosts],” Soto said. “Most of them don't even realize they are being used as reflectors.” In addition to ensuring that plug-ins for content management systems (CMS), like Joomla or WordPress, are properly patched, Akamai provided other DDoS migration steps, such as blocking HTTP GET/1.0 request traffic if support for legacy clients isn't needed, and blocking HTTP requests with a PHP-based user-agent string, if they are not needed, the threat advisory said. The advisory also included three Snort rules, which match the DDoS attack variations Akamai detected in the campaign. Source
-
Introduction Last year – dubbed “the Year of the Hack” – saw numerous major cyber attacks against prominent corporations, including JP Morgan bank and Sony Pictures Entertainment. And after Target in 2013, another retailer, Home Depot, suffered a data breach with more than 56 million credit cards stolen. The consequences of these incidents can be devastating in terms of reputation damage and lawsuits that have been filed, charging negligent IT security control. Hackers exposed lots of poorly protected systems, and we should ask ourselves: What’s wrong here? It seems likely that data traffic security and network security have not kept abreast with the technological innovation. This article attempts to gain insight into some of the current issues related to the subject matter, such as proper data encryption, network segmentation, traffic originating from mobile devices, etc. Network Segmentation & Data Encryption Regulatory guidelines that ensure a general standard of compliance focus on traffic encryption for that data that traverse external or public networks, whereas local, inner-core networks are protected by means of logical network segmentation. Isolation of sensitive data on specific internal network repositories and cryptographic segmentation are common security standards today for many institutions that operate with loads of private and confidential information, e.g., banks and hospitals. Network segmentation is possible through technologies like firewalls and routing subnets. On the other hand, the encryption process for data in motion utilizes a large number of forms of encryption ranging from Web-based/HTTPS encryption to SSL-based VPNs. Enhanced Security with Proper Network Segmentation a) Unauthorized network access can be limited through network segmentation or security “zoning”. This mitigation technique will withhold the propagation of a threat, for instance, malicious actors attempting to move across the network. At the same time, segregating the network properly will enable access to those persons who are authorized. Firewalls and VLANs have a function that can partition the network into multiple zones. Multiple layers of control within the network – IT security corporations are more and more interested in dealing with network segmentation errors. But security is not the only problem with configuring proper network segmentation. Beware that while adding more security layers can impede access by cybercriminals, it can also have a negative impact on business dealings if the configuration is not user-friendly enough. Hence, we are obligated to take into consideration other key benefits associated with well-segmented networks, namely, “the ability to contain network problems, improve performance, and reduce congestion.” Diagram 1 “Example of Network Segmentation (Part 1)” Diagram 2 “Example of Network Segmentation (Part 2)” VLAN Network Segmentation and Security Network segmentation with virtual local area networks (VLANs) breaks a network into a number of isolated, smaller networks within the data center. Each of these networks operates as a separate logical broadcast domain. A proper VLAN segmentation can hinder significantly threat actors from accessing the system surface, and simultaneously diminishes their packet-sniffing capabilities. Furthermore, VLANs authorize legitimate users to access only those servers and devices related to their duties. VLANs have a positive unloading effect on network performance because the massive broadcast domains are divided into easily-manoeuvrable small parts. VLANs provide organizational flexibility, allowing administrators to group segmented mini-networks based on categories such as function, application, and project team. Lastly, VLANs can give secure but convenient user mobility to users assigned to a particular VLAN, since they can remain connected to that VLAN irrespective of location. What do the critics say about VLANs? VLANs are unable to enforce reliable control of privileged information because they simply isolate network traffic. It is deemed that they cannot inspect this traffic for threats. Moreover, along with other traditional tools, e.g., internal firewalls, VLANs can be a point of failure as far as security, flexibility, and management is concerned. That is because: “they necessitate physically changing the network topology to create or modify a secure domain; firewall rules to control user access incur time-consuming work-around fixes for authorized users; and security measures such as encrypting internal traffic isn’t always possible.” Next-Generation Networks Software Defined Networking (SDN), Network virtualization (NV), and Network Functions Virtualization (NFV) present an advanced software-based approach to IT virtualization of entire network architecture. A citation from this document illustrates in a few words the basic characteristics of these cutting-edge technologies: Software Defined Networking (SDN) In October 2013, the Open Networking Foundation (ONF) issued a research report in which two potential security challenges related to SDN were addressed: The centralized controller as a “potential single point of attack and failure.” The southbound interface between the controller and data-forwarding devices is “vulnerable to threats that could degrade the availability, performance and integrity of the network.” Measures within the SDN’s architecture: Secure the access to the Controller— protecting the Controller means protecting your SDN; Create a trusted network environment between the SDN Controller, the applications, the devices, which will protect the communications throughout the network; Enforce a robust policy framework to constantly check on the proper functioning of the SDN Controller; Enforce Remediation + Forensics procedures when necessary (i.e., recovery mechanisms, reporting, and analysis). Security outside the architecture can be embedded either in servers, storage and other computing apparatuses. Network Functions Virtualization (NFV) There are two basic security threats for NFVs: 1) A combination of all generic visualization threats; 2) Threats specific to the network function software. However, virtualization gives some complementary security by eliminating or mitigating several kinds of threats typical for the network function software with the help of new elements like centralized security management and hypervisor introspection. For improving the NFV’s security, Andreas Lemke advises users to utilize the following two-pronged combination: “Reducing generic virtualization threats as much as possible by securing the virtualization platform Eliminating as many network function-specific threats as possible by applying NFV-enabled security mechanisms, such as hypervisor-based protection” Drafting a stringent security policy on what is to be transferred from zone to zone is the next step. Accidental access of third parties to your network must be restricted to cases when it is absolutely needed and areas where there is no other information beyond what is required. A zone that contains highly sensitive data should be isolated as much as possible from the rest of the network, but it should not pose an undue burden on the overall data traffic. Tag zones differently depending on the type of data they contain. With regard to the previous point, be sure that a sensitive type of information is not within the reach of an unauthorized third party. Define “good faith”, innocuous communication paths and block suspicious data traffic. Building an enormous matrix of segregated zones may entail drafting a policy for traffic management between zones. Due to security changes over time, frequent changes in the policy have to be made as well so that the policy in question can respond to the present security dynamics of this new network environment. There are standards that can provide guidance on how to set up efficient separation of data within the network. The Payment Card Industry Data Security Standard (PCI-DSS) is such, and in this case sensitive information like payment card data should be isolated from the rest of the network. Case Study: Target Data Breach As some of the recent data breaches have shown, improper network segmentation can result in exposure of your data to system outages or theft. Stolen third-party credentials can be further exploited for getting a foothold in entire networks. That was the case with the infamous Target data leakage in December 2013. According to Jody Brazil, founder of the security vendor FireMon, Target failed to secure in a proper fashion the access of third parties to their payment systems. A main lapse seems to be the fact that they did not segment the network to ensure that sensitive cardholder data was separated from what outsiders can access – which is a noncompliance in itself with a ubiquitous security practice pursuant to the aforementioned PCI-DSS. Finally, Brazil concludes that despite the sophisticated nature of the malware used to intercept and steal payment card data from the company’s Point-of-sale (POS) systems, the attacker would have been stopped at the installation phase if Target had followed network segmentation procedures in the first place. Enhanced Security with Proper Encryption The classical security architecture counts on establishment of a trusted internal network guarded by firewalls. Thus, applications in the safe zone are deemed totally trustworthy. Security analysts bring these assumptions into question. As if the old maxima “Hope for the best and prepare for (assume) the worst” is better justified in terms of real-deal proactive security measures like encryption, especially for preservation of sensitive data. A survey conducted by Spiceworks, a professional network for IT specialists, ascertains that 76% of the IT managers use at least two forms of encryption to ensure that the data traffic of their enterprises is secure. Astonishingly, one out of three admits that he is forced to use three or more kinds of encryption or VPNs for data in motion. It seems clear that this might be a security problem, since these managers cannot reach some form of consensus concerning the promulgation of a uniform and consistent encryption policy, which would encompass all network segments and applications under its belt. Consequently, all gaps and inconsistencies in data traffic security are an aftermath of the existent fragmented environment. Corporations encounter difficulties with encryption management chiefly because of the fragmentation, which has a performance impact on firewalls and network devices. The direct effect of these issues is felt in the form of deployment of less than ideal data traffic security to compensate for shortcomings existing in network systems and firewalls – a dangerous trade-off that IT managers are bound to do. The following statistic reflects on the aforementioned subject: “45% of the respondents said encryption is too difficult to manage to use for segmentation, while 36 percent cited the performance hit on firewalls and network devices when encryption is turned on.” Presumably, the coordination of extremely fragmented, fractured means of data encryption and segmentation is often an arduous chore. Is it abstaining from encrypting a viable alternative? Highly unlikely. Nevertheless, more than half of the surveyed organizations confirm that concerns about performance quality preclude them from opting for this multiple encryption. II. Mobile Data Traffic and Network Security The mobile unencrypted traffic from apps is growing each month. At the moment 49% of all app traffic is unencrypted, which means that it is vulnerable to snooping and injection cyber attacks. These pose a significant threat to the normal functioning of day-to-day business operations. Interestingly, outsiders finding a loophole in the corporate network is not as frequent of a security nuisance as unsuspecting employees opening a door to a malicious cyber attack. Most users (72%) do not feel uncomfortable (at least at the beginning) with sharing sensitive information in their apps, such as credit card details and passwords. Diagram 3 Source: http://commons.wikimedia.org/wiki/File:Consumerization_Report_-_Chart_3.jpg (by Cgarlati). Bring Your Own Device (BYOD) Many people in Western countries have up to five Internet-connectable devices and 300 identities across a great number of online shopping portals and social media – an ongoing tendency that ushers in the bring your own device (BYOD) revolution. From a business point of view, there is a monetary as well as reputational risk associated with not being able to protect the data trusted to them because of the increasing adoption of personal devices in the workplace. And from a data transfer perspective, the equation gets even more complicated when cloud-based platforms allow employees to access business information regardless of geographic location. Besides proper employee management (that could be an IT security training of personnel), identity control based on staff movement restrictions across virtual, cloud and physical environment is vital for complying with the current standards in terms of efficiency and security. The silo style of mobility Mobile-device management and enterprise-mobility management have been developed by enterprises to manage devices like tablets and smartphones. Under the standard approach, these two systems integrate with a VPN server, for instance, to set up an encrypted data connection to the company. The silo-based nature of all mobile devices, however, localize the perimeter protection to the company’s boundaries. Consequently, if an employee has credentials on his mobile device, a malicious actor can obtain and leverage them to gain unfettered access to internal networks. And we all know that personal devices typically do not possess antivirus/antimalware software and often share information with untrustworthy apps. The security threat stems from the fact that all internal networks of the corporation continue to be considered “safe” and “trusted” (See Diagram 4). As a result, enterprises often use insufficient controls to segment data traffic and secure or isolate internal applications containing sensitive servers. Diagram 4 Conclusion The Spiceworks survey reported that improving network security was put on the priority agenda for the IT sector in 2015. Allocating funds to network security projects for this years is envisaged by approximately two-thirds of all enterprises participating in the interview. We can only hope that these measures will not come as “too little, too late”. And while the investment in the reconstruction of outdated network architectures and data traffic mechanisms is important, we should not forget to adjust our personal perception to these changes. Reference List Boone, A. (2015). Network Security Trends and Outlook. Retrieved on 15/02/2015 from https://www.sdxcentral.com/articles/contributed/network-security-trends-and-outlook-2015/2015/01/ Boone, A. (2015). 2015 Predictions: Mobile security set for change in 2015. Retrieved on 15/02/2015 from http://www.rcrwireless.com/20150109/opinion/2015-predictions-mobile-security-set-for-change-in-2015-tag10 Certes (2015). Solving the data traffic encryption tangle. Retrieved on 15/02/2015 from http://certesnetworks.com/blog/solving-the-data-traffic-encryption-tangle/ Cryptozone. Network Segmentation. Retrieved on 15/02/2015 from http://www.cryptzone.com/solutions/network-segmentation Forsyth, L. (2012). Poor data security can cause lasting damage to your enterprise. Retrieved on 15/02/2015 from http://www.theguardian.com/media-network/media-network-blog/2012/dec/13/internet-data-security-enterprise Harrison, R. (2014). Network Segmentation Key To Good Network Hygiene. Retrieved on 15/02/2015 from http://www.networkcomputing.com/networking/network-segmentation-key-to-good-network-hygiene/a/d-id/1269687 McGillicuddy, S. (2014). SDN security issues: How secure is the SDN stack? Retrieved on 15/02/2015 from http://searchsdn.techtarget.com/news/2240214438/SDN-security-issues-How-secure-is-the-SDN-stack Natarajan, P. (2014). Rock-solid Data Traffic Security in a Virtualized Network World. Retrieved on 15/02/2015 from www.ciena.com/connect/blog/Rock-solid-Data-Traffic-Security-in-a-Virtualized-Network-World.html Open Networking Foundation (2013). SDN Security Considerations in the Data Center. Retrieved on 15/02/2015 from https://www.opennetworking.org/images/stories/downloads/sdn-resources/solution-briefs/sb-security-data-center.pdf Olzak, T. (2012). VLAN Network Segmentation and Security- Chapter 5. Retrieved on 15/02/2015 from http://resources.infosecinstitute.com/vlan-network-chapter-5/ Palo Alto Networks. Zero Trust Approach To Network Segmentation. Retrieved on 15/02/2015 from https://www.paloaltonetworks.com/solutions/initiative/network-segmentation.html Philbin (2014). Mobile Data Trends Report shows nearly half of app traffic now unencrypted. Retrieved on 15/02/2015 from https://www.wandera.com/blog/mobile-data-trends-report-shows-nearly-half-of-app-traffic-now-unencrypted/ Reichenberg, N. (2014). Improving Security via Proper Network Segmentation. Retrieved on 15/02/2015 from http://www.securityweek.com/improving-security-proper-network-segmentation SDNCentral. SDN Security Challenges in SDN Environments. Retrieved on 15/02/2015 from https://www.sdxcentral.com/resources/security/security-challenges-sdn-software-defined-networks/ TrendMicro (2013). Catch Evasive Threats That Hide Behind Real Network Traffic. Retrieved on 15/02/2015 from www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-network-detection-evasion-methods.pdf Vijayan, J. (2014). Target breach happened because of a basic network segmentation error. Retrieved on 15/02/2015 from http://www.computerworld.com/article/2487425/cybercrime-hacking/target-breach-happened-because-of-a-basic-network-segmentation-error.html Diagram 1 and 2 are based on graphs in: Raza, K. (2015). Network Segmentation & SD-WAN. Retrieved on 15/02/2015 from http://www.networkcomputing.com/networking/network-segmentation-and-sd-wan/a/d-id/1318634 Source
-
SATELLITE NETWORKING PRINCIPLES AND PROTOCOLS SECOND EDITION Author: Zhili Sun University of Surrey, UK Contents List of Figures xix List of Tables xxv About the Author xxvii Preface xxix Acknowledgements xxxi 1 Introduction 1 1.1 Applications and Services of Satellite Networks 1 1.1.1 Roles of Satellite Networks 2 1.1.2 Network Software and Hardware 4 1.1.3 Satellite Network Interfaces 4 1.1.4 Network Services 5 1.1.5 Applications 5 1.2 ITU-R Definitions of Satellite Services 5 1.2.1 Fixed Satellite Service (FSS) 6 1.2.2 Mobile Satellite Service (MSS) 6 1.2.3 Broadcasting Satellite Service (BSS) 6 1.2.4 Other Satellite Services 6 1.3 ITU-T Definitions of Network Services 6 1.3.1 Interactive Services 7 1.3.2 Distribution Services 7 1.4 Internet Services and Applications 8 1.4.1 World Wide Web (WWW) 8 1.4.2 File Transfer Protocol (FTP) 9 1.4.3 Telnet 9 1.4.4 Electronic Mail (email) 10 1.4.5 Multicast and Content Distribution 10 1.4.6 Voice over Internet Protocol (VoIP) 10 1.4.7 Domain Name System (DNS) 11 1.5 Circuit-switching Network 11 1.5.1 Connection Set Up 12 1.5.2 Signalling 13 1.5.3 Transmission Multiplexing Hierarchy based on FDM 13 1.5.4 Transmission Multiplexing Hierarchy based on TDM 13 1.5.5 Space Switching and Time Switching 15 1.5.6 Coding Gain of Forward Error Correction (FEC) 16 1.6 Packet-switching Networks 17 1.6.1 Connection-oriented Approach 18 1.6.2 Connectionless Approach 19 1.6.3 Relationship between Circuit-switching and Packet-switching 20 1.6.4 Considerations of Packet Network Designs 20 1.6.5 Packet Header and Payload 21 1.6.6 Complexity and Heterogeneous Networks 21 1.6.7 Performance of Packet Transmissions 21 1.6.8 Impact of Bit Level Errors on Packet Level 22 1.7 OSI/ISO Reference Model 22 1.7.1 Protocol Terminology 23 1.7.2 Layering Principle 23 1.7.3 Functions of the Seven Layers 23 1.7.4 Fading of the OSI/ISO Reference Model 24 1.8 The ATM Protocol Reference Model 25 1.8.1 Narrowband ISDN (N-ISDN) 25 1.8.2 Broadband ISDN (B-ISDN) 25 1.8.3 ATM Technology 25 1.8.4 Reference Model 26 1.8.5 Problems: Lack of Available Services and Applications 26 1.9 Internet Protocols Reference Model 27 1.9.1 Network Layer: IP Protocol 27 1.9.2 Network Technologies 27 1.9.3 Transport Layer: TCP and UDP 28 1.9.4 Application Layer 28 1.9.5 QoS and Control on Resources 28 1.10 Satellite Network 28 1.10.1 Access Network 29 1.10.2 Transit Network 29 1.10.3 Broadcast Network 29 1.10.4 Space Segment 29 1.10.5 Ground Segment 31 1.10.6 Satellite Orbits 31 1.10.7 Satellite Transmission Frequency Bands 32 1.11 Characteristics of Satellite Networks 34 1.11.1 Propagation Delay 34 1.11.2 Propagation Loss and Power Limited 35 1.11.3 Orbit Space and Bandwidth Limited for Coverage 35 1.11.4 Operational Complexity for LEO 35 1.12 Channel Capacity of Digital Transmissions 35 1.12.1 The Nyquist Formula for Noiseless Channels 36 1.12.2 The Shannon Theorem for Noise Channels 36 1.12.3 Channel Capacity Boundary 36 1.12.4 The Shannon Power Limit (-1.6 dB) 36 1.12.5 Shannon Bandwidth Efficiency for Large Eb/N0 37 1.13 Internetworking with Terrestrial Networks 38 1.13.1 Repeaters at the Physical Layer 38 1.13.2 Bridges at the Link Layer 38 1.13.3 Switches at the Physical, Link and Network Layers 39 1.13.4 Routers for Interconnecting Heterogeneous Networks 39 1.13.5 Protocol Translation, Stacking and Tunnelling 39 1.13.6 Quality of Service (QoS) 40 1.13.7 End-user QoS Class and Requirements 40 1.13.8 Network Performance 41 1.13.9 QoS and NP for Satellite Networking 42 1.14 Digital Video Broadcasting (DVB) 43 1.14.1 The DVB Standards 44 1.14.2 Transmission System 44 1.14.3 Adaptation to Satellite Transponder Characteristics 45 1.14.4 Channel Coding 46 1.14.5 ReedSolomon (RS) Outer Coding, Interleaving and Framing 47 1.14.6 Inner Convolutional Coding 48 1.14.7 Baseband Shaping and Modulation 49 1.14.8 Error Performance Requirements 50 1.15 DVB-S Satellite Delivery 50 1.15.1 MPEG-2 Baseband Processing 51 1.15.2 Transport Stream (TS) 52 1.15.3 Service Objectives 52 1.15.4 Satellite Channel Adaptation 52 1.15.5 DVB Return Channel over Satellite (DVB-RCS) 53 1.15.6 TCP/IP over DVB 54 1.16 DVB Satellite Second Generation (DVB-S2) 54 1.16.1 Technology Novelty in the DVB-S2 55 1.16.2 Transmission System Architecture 56 1.16.3 Error Performance 58 1.17 DVB Satellite Services to Handheld Devices (DVB-SH) 59 1.17.1 Transmission System Architecture 60 1.17.2 Common Functions for both TDM and OFDM Modes 61 1.17.3 Functions for Single Carrier (TDM) Mode 62 1.17.4 Functions for Multi Carrier (OFDM) Mode 65 1.17.5 DVB-RCS2 69 1.18 Historical Development of Computer and Data Networks 69 1.18.1 Dawn of the Computer and Data Communications Age 70 1.18.2 Development of Local Area Networks (LANs) 70 1.18.3 Development of WANs and ISO/OSI 70 1.18.4 Birth of the Internet 70 1.18.5 Integration of Telephony and Data Networks 70 1.18.6 Development of Broadband Integrated Networks 71 1.18.7 The Killer Application WWW and Internet Evolutions 71 1.19 Historical Development of Satellite Communications 71 1.19.1 Start of Satellite and Space Eras 71 1.19.2 Early Satellite Communications: TV and Telephony 72 1.19.3 Development of Satellite Digital Transmission 72 1.19.4 Development of Direct-to-Home (DTH) Broadcast 72 1.19.5 Development of Satellite Maritime Communications 72 1.19.6 Satellite Communications in Regions and Countries 72 1.19.7 Satellite Broadband Networks and Mobile Networks 73 1.19.8 Internet over Satellite Networks 73 1.20 Convergence of Network Technologies and Protocols 73 1.20.1 Convergence of Services and Applications in User Terminals 73 1.20.2 Convergence of Network Technologies 74 1.20.3 Convergence of Network Protocols 75 1.20.4 Satellite Network Evolution 75 Further Readings 77 Exercises 78 2 Satellite Orbits and Networking Concepts 79 2.1 Laws of Physics 80 2.1.1 Keplers Three Laws 80 2.1.2 Newtons Three Laws of Motion and The Universal Law of Gravity 80 2.1.3 Keplers First Law: Satellite Orbits 81 2.1.4 Keplers Second Law: Area Swept by a Satellite Vector 83 2.1.5 Keplers Third Law: Orbit Period 83 2.1.6 Satellite Velocity 84 2.2 Satellite Orbit Parameters 85 2.2.1 Semi-Major Axis (a) 85 2.2.2 Eccentricity (e) 85 2.2.3 Inclination of Orbit (i) 85 2.2.4 Right Ascension of the Node (?) and Argument of Perigee (??) 86 2.3 Useful Orbits 87 2.3.1 Geosynchronous Earth Orbits 87 2.3.2 Geostationary Earth Orbits (GEOs) 87 2.3.3 High Elliptical Orbits (HEOs) 88 2.3.4 Notations of Low Earth Orbit (LEO) Satellite Constellations 88 2.3.5 Orbital Perturbations 89 2.3.6 Satellite Altitude and Coverage 89 2.3.7 Antenna Gain and Beam-width Angle 90 2.3.8 Coverage Calculations 91 2.3.9 Distance and Propagation Delay from Earth Station to Satellite 92 2.4 Satellite Link Characteristics and Modulations for Transmissions 93 2.4.1 Satellite Link Characteristics 93 2.4.2 Modulation Techniques 95 2.4.3 Phase Shift Keying (PSK) Schemes for Satellite Transmissions 96 2.4.4 Binary Phase Shift Keying (BPSK) 96 2.4.5 Quadrature PSK (QPSK) 97 2.4.6 Gaussian-filtered Minimum Shift Keying (GMSK) 97 2.4.7 Bit Error Rate (BER): the Quality Parameter of Modulation Schemes 98 2.4.8 Satellite Networking in the Physical Layer 100 2.5 Forward Error Correction (FEC) 101 2.5.1 Linear Block Codes 101 2.5.2 Cyclic Codes 102 2.5.3 Trellis Coding and Convolutional Codes 102 2.5.4 Concatenated Codes 103 2.5.5 Turbo Codes 103 2.5.6 Performance of FEC 104 2.6 Multiple Access Techniques 105 2.6.1 Frequency Division Multiple Access (FDMA) 106 2.6.2 Time Division Multiple Access (TDMA) 106 2.6.3 Code Division Multiple Access (CDMA) 107 2.6.4 Comparison of FDMA, TDMA and CDMA 108 2.7 Bandwidth Allocation 108 2.7.1 Fixed Assignment Access 109 2.7.2 Demand Assignment 109 2.7.3 Random Access 109 2.8 Satellite Networking Issues 110 2.8.1 Single-hop Satellite Connections 110 2.8.2 Multi-hop Satellite Connections 110 2.8.3 Inter-satellite Links (ISL) 111 2.8.4 Handovers 112 2.8.5 Satellite Intra-beam and Inter-beam Handovers 114 2.8.6 Earth Fixed Coverage versus Satellite Fixed Coverage 114 2.8.7 Routing within a Constellation of Satellite Networks 115 2.8.8 Internetworking 116 2.8.9 Satellite Availability and Diversity 116 Further Readings 118 Exercises 118 3 B-ISDN ATM and Internet Protocols 119 3.1 ATM Protocol and Fundamental Concepts 119 3.1.1 Packetisation Delay 121 3.1.2 Queuing Delay 121 3.1.3 Compromise Solution Between North America and Europe 122 3.2 ATM Layer 123 3.2.1 The GFC Field 123 3.2.2 The VPI and VCI Fields 123 3.2.3 The CLP Field 125 3.2.4 The PT Field 126 3.2.5 The HEC Field 126 3.3 ATM Adaptation Layer (AAL) 126 3.3.1 AAL1 for Class A 127 3.3.2 AAL2 for Class B 129 3.3.3 AAL3/4 for Classes C and D 129 3.3.4 AAL5 for Internet Protocol 130 3.4 The Physical Layer 131 3.4.1 The Physical Medium (PM) Sublayers 131 3.4.2 The Transmission Convergence (TC) Sublayer 131 3.4.3 ATM Cell Transmissions 132 3.5 ATM Interfaces and ATM Networking 134 3.5.1 UserNetwork Access 134 3.5.2 Network Node Interconnections 135 3.5.3 ATM DXI 136 3.5.4 B-ICI 136 3.5.5 Permanent Virtual Connections versus Switched Virtual Connections 136 3.5.6 ATM Signalling 137 3.5.7 ATM Addressing 137 3.5.8 Address Registration 139 3.6 Network Traffic, QoS and Performance Issues 139 3.6.1 Traffic Descriptors 140 3.6.2 QoS Parameters 140 3.6.3 Performance Issues 140 3.7 Network Resource Management 141 3.7.1 Connection Admission Control (CAC) 142 3.7.2 UPC and NPC 142 3.7.3 Priority Control and Congestion Control 142 3.7.4 Traffic Shaping 143 3.7.5 Generic Cell Rate Algorithm (GCRA) 143 3.7.6 Leaky Bucket Algorithm (LBA) 143 3.7.7 Virtual Scheduling Algorithm (VSA) 146 3.8 Internet Protocols 146 3.8.1 Internet Networking Basics 147 3.8.2 Protocol Hierarchies 147 3.8.3 Connectionless Network Layer 148 3.8.4 The IP Packet Format 148 3.8.5 IP Address 150 3.8.6 Mapping Between Internet and Physical Network Addresses 151 3.8.7 ARP, RARP and HDCP 152 3.9 Internet Routing Protocols 152 3.9.1 The Interior Gateway Routing Protocol (IGRP) 152 3.9.2 The Exterior Gateway Routing Protocol (EGRP) 153 3.10 Transport Layer Protocols: TCP and UDP 153 3.10.1 Transmission Control Protocol (TCP) 153 3.10.2 The TCP Segment Header Format 154 3.10.3 Connection Set Up and Data Transmission 155 3.10.4 Congestion and Flow Control 156 3.10.5 User Datagram Protocol (UDP) 157 3.11 IP and ATM Internetworking 158 3.11.1 Packet Encapsulation 159 3.11.2 IP and ATM Address Resolution 160 Further Readings 161 Exercises 161 4 Satellite Internetworking with Terrestrial Networks 163 4.1 Networking Concepts 163 4.2 Networking Terminology 165 4.2.1 Private Network 165 4.2.2 Public Network 165 4.2.3 Quality Aspects of Telephony Services 166 4.2.4 IP Based Network 166 4.3 Network Elements and Connections 167 4.3.1 Network Terminals 167 4.3.2 Network Nodes 168 4.3.3 Network Connections 168 4.3.4 End-to-End Paths 169 4.3.5 Reference Configurations 169 4.4 Network Traffic and Signalling 170 4.4.1 User Traffic and Network Services 170 4.4.2 Signalling Systems and Signalling Traffic 171 4.4.3 In-band Signalling 172 4.4.4 Out-of-Band Signalling 173 4.4.5 Associated and Disassociated Channel Signalling 173 4.4.6 Network Management 174 4.4.7 Network Operation Systems and Mediation Functions 175 4.5 Access and Transit Transmission Networks 176 4.5.1 Analogue Telephony Networks 177 4.5.2 Telephony Network Traffic Engineering Concept 177 4.5.3 Access to Satellite Networks in the Frequency Domain 178 4.5.4 On-Board Circuit Switching 179 4.6 Digital Telephony Networks 180 4.6.1 Digital Multiplexing Hierarchy 180 4.6.2 Satellite Digital Transmission and On-Board Switching 181 4.6.3 Plesiochronous Digital Hierarchy (PDH) 181 4.6.4 Limitations of PDH 181 4.7 Synchronous Digital Hierarchy (SDH) 182 4.7.1 Development of SDH 183 4.7.2 The SDH Standards 183 4.7.3 Mapping from PDH to SDH 184 4.7.4 The Benefits of SDH 185 4.7.5 Synchronous Operation 185 4.7.6 Synchronous Optical Network (SONET) 187 4.7.7 SDH Over Satellite The Intelsat Scenarios 188 4.8 Hypothetical References for Satellite Networks 189 4.8.1 ITU-T Hypothetical Reference Connection (HRX) 189 4.8.2 ITU-R Hypothetical Reference Digital Path (HRDP) for Satellite 190 4.8.3 Performance Objectives 191 4.9 Satellites and MANET 191 4.9.1 Networking Scenarios 193 4.10 Interworking with Heterogeneous Networks 197 4.10.1 Services 197 4.10.2 Addressing 198 4.10.3 Routing 198 4.10.4 Evolution 198 Further Readings 199 Exercises 200 5 B-ISDN ATM over Satellite Networks 201 5.1 Background 201 5.1.1 Networking Issues 202 5.1.2 Satellite Services in the B-ISDN Networking Environment 202 5.2 Design Issues of Satellite B-ISDN ATM Systems 204 5.2.1 Propagation Delay 204 5.2.2 Attenuation and Constraints 205 5.3 The GEO Satellite B-ISDN ATM Networking Architecture 206 5.3.1 Ground Segment 206 5.3.2 Space Segment 207 5.3.3 Satellite Bandwidth Resource Management 207 5.3.4 Connection Admission Control (CAC) 209 5.3.5 Network Policing Functions 209 5.3.6 Reactive Congestion Control 209 5.4 Advanced Satellite B-ISDN ATM Networks 210 5.4.1 Radio Access Layer 210 5.4.2 On-Board Processing (OBP) Characteristics 211 5.4.3 B-ISDN ATM On-Board Switch 211 5.4.4 Multibeam Satellites 214 5.4.5 LEO/MEO Satellite Constellations 215 5.4.6 Inter-Satellite Links (ISL) 215 5.4.7 Mobility Management 216 5.4.8 Use of Higher Frequency Spectrum 216 5.5 B-ISDN ATM Performance 217 5.5.1 Layered Model of Performance for B-ISDN 217 5.5.2 Network Performance Parameters 218 5.5.3 Impact of Satellite Burst Errors on the ATM Layer 220 5.5.4 Impact of Burst Errors on AAL Protocols 221 5.5.5 Error Control Mechanisms 221 5.5.6 Enhancement Techniques for Broadband Satellite Networks 222 5.6 Evolution of Broadband Satellite Systems 224 Further Readings 225 Exercises 225 6 Internet Protocol (IP) over Satellite Networks 227 6.1 Different Viewpoints of Satellite Networking 227 6.1.1 Protocol-centric Viewpoint of Satellite IP Network 228 6.1.2 Satellite-centric Viewpoint of Global Networks and the Internet 229 6.1.3 Network-centric Viewpoint of Satellite Networks 230 6.2 IP Packet Encapsulation 231 6.2.1 Basic Concepts 231 6.2.2 High-level Data Link Control (HDLC) Protocol 232 6.2.3 Point-to-Point Protocol (PPP) 232 6.2.4 Media Access Control 233 6.2.5 IP Over Satellite 233 6.3 Satellite IP Networking 233 6.3.1 Routing On-Board Satellites 235 6.3.2 IP Mobility in Satellite Networks 235 6.3.3 Address Resolution 237 6.4 IP Multicast Over Satellite 237 6.4.1 IP Multicast Concepts 238 6.4.2 IP Multicast Addressing 239 6.4.3 Multicast Group Management 239 6.4.4 IP Multicast Routing 240 6.4.5 IP Multicast Scope 241 6.4.6 IGMP Behaviour in Satellite Environments 241 6.4.7 Multicast Routing Protocols in Satellite Environments 243 6.4.8 Reliable Multicast Protocols Over Satellites 243 6.5 Basic Network Security Mechanisms 245 6.5.1 Security Approaches 245 6.5.2 Single-direction Hashing Functions 246 6.5.3 Symmetrical Codes (With Secret Keys) 246 6.5.4 Asymmetrical Codes (With Public/Private Keys) 247 6.6 Satellite Networking Security 248 6.6.1 IP Security (IPsec) 248 6.6.2 Firewall and VPN 249 6.6.3 IP Multicast Security 250 6.7 Internet Quality of Service (IP QoS) 250 6.7.1 Layered Model of Performance for IP Service 251 6.7.2 IP Packet Transfer Performance Parameters 252 6.7.3 IP Network Performance Objectives for QoS Classes 253 6.7.4 Guidance on IP QoS Class Usage 254 6.8 Integrated Services (Intserv) Architectures for QoS 254 6.8.1 Integrated Services Architecture (ISA) Principles 255 6.8.2 Resource Reservation Protocol (RSVP) 256 6.8.3 Intserv Service Classes 257 6.9 Differentiated Services (Diffserv) for QoS 258 6.9.1 Diffserv Architecture 258 6.9.2 Traffic Classification 260 6.9.3 Traffic Conditioning 261 6.9.4 Diffserv Per Hop Behaviour (PHB) 261 6.9.5 Supporting Intserv Across the Satellite Network Diffserv Domain 263 6.10 DVB Over Satellite 264 6.10.1 MPEG-2 Source Coding and Multiplexing DVB-S Streams 265 6.10.2 DVB-S System 266 6.10.3 DVB Security 268 6.10.4 Conditional Access in DVB-S 268 6.10.5 DVB-RCS Interactive Service and IP over DVB 270 6.10.6 DVB-RCS Security 271 6.10.7 IP Multicast Security 271 6.11 DVB-S and DVB-RCS Network Architecture 272 6.11.1 On-Board Processor (OBP) 273 6.11.2 Management Station (MS) 274 6.11.3 Regenerative Satellite Gateway (RSGW) 274 6.11.4 Return Channel Satellite Terminal (RCST) 275 6.11.5 Network Interface 275 6.11.6 Network System Characteristics 276 6.12 Network Protocol Stack Architecture 276 6.13 The Physical Layer (PHY) 277 6.13.1 Up-link (DVB-RCS Compliant) 277 6.13.2 Time Slots 278 6.13.3 Frames 278 6.13.4 Superframes 280 6.13.5 Carrier Type and Frame Composition 280 6.13.6 Uplink MF-TDMA Channel Frequency Plan 281 6.13.7 Downlink (DVB-S Compliant) 282 6.13.8 RCS Terminal (RCST) Transmission 283 6.14 Satellite MAC (SMAC) Layer 284 6.14.1 Transport Mechanisms 284 6.14.2 MPEG-2, DVB-S and DVB-RCS Tables 285 6.15 Multi Protocol Encapsulation (MPE) 288 6.16 Satellite Link Control Layer 290 6.16.1 Session Control 290 6.16.2 Resource Control 293 6.16.3 Capacity Request Categories 294 6.16.4 Connection Control 294 6.17 Quality of Service (QoS) 297 6.17.1 Traffic Classes 297 6.17.2 Flow Classification 298 6.17.3 Link Layer Connection QoS Adaptation 298 6.18 Network Layer 299 6.18.1 IP Routing and Address Resolution 299 6.18.2 IP Multicast Star and Mesh Configurations 301 Further Readings 303 Exercises 305 7 Impact of Satellite Networks on Transport Layer Protocols 307 7.1 Introduction 308 7.1.1 Application Characteristics 308 7.1.2 Client and Server Host Parameters 309 7.1.3 Satellite Network Configurations 309 7.1.4 TCP and Satellite Channel Characteristics 310 7.1.5 TCP Flow Control, Congestion Control and Error Recovery 311 7.2 TCP Performance Analysis 313 7.2.1 First TCP Segment Transmission 313 7.2.2 TCP Transmission in the Slow-start Stage 314 7.2.3 TCP Transmission in the Congestion Avoidance Stage 314 7.3 Slow-start Enhancement for Satellite Networks 315 7.3.1 TCP for Transactions 316 7.3.2 Slow-start and Delayed Acknowledgement (ACK) 316 7.3.3 Larger Initial Window 317 7.3.4 Terminating Slow-start 317 7.4 Loss Recovery Enhancement 318 7.4.1 Fast Retransmission and Fast Recovery 318 7.4.2 Selective Acknowledgement (SACK) 319 7.4.3 SACK Based Enhancement Mechanisms 319 7.4.4 ACK Congestion Control 320 7.4.5 ACK Filtering 320 7.4.6 Explicit Congestion Notification 321 7.4.7 Detecting Corruption Loss 322 7.4.8 Congestion Avoidance Enhancement Policy 322 7.5 Enhancements for Satellite Networks Using Interruptive Mechanisms 323 7.5.1 TCP Spoofing 323 7.5.2 Cascading TCP or Split TCP 324 7.5.3 Other Considerations for Satellite Networking 325 7.6 Impacts on Applications 325 7.6.1 Bulk Data Transfer 325 7.6.2 Interactive Applications 326 7.6.3 Distributed Caching for Internet Services and Applications 326 7.6.4 Web Caching in Satellite Networks 327 7.7 Real-time Transport Protocol (RTP) 328 7.7.1 Basics of RTP 328 7.7.2 RTP Control Protocol (RTCP) 331 7.7.3 Sender Report (SR) Packets 332 7.7.4 Receiver Report (RR) Packets 333 7.7.5 Source Description (SDES) RTCP Packet 333 7.7.6 SAP and SIP Protocols for Session Initiations 334 7.7.7 Session Directory Service (SDS) 336 7.8 Voice over IP 336 7.8.1 Gateway Decomposition 336 7.8.2 Protocols 336 7.8.3 Gatekeepers 337 7.8.4 Multimedia Conferencing (MMC) 337 7.8.5 Conference Control 337 Further Readings 337 Exercises 338 8 Next Generation Internet (NGI) over Satellite 341 8.1 Introduction 342 8.2 New Services and Applications 342 8.2.1 Internet Integrated Services 343 8.2.2 Elastic and Inelastic Traffic 343 8.2.3 QoS Provision and Network Performance 344 8.3 Traffic Modelling and Characterisation 344 8.3.1 Traffic Engineering Techniques 345 8.3.2 Traffic Modelling 345 8.3.3 Statistical Methods for Traffic Modelling 346 8.3.4 Renewal Models 346 8.3.5 Markov Models 346 8.3.6 Fluid Models 347 8.3.7 Auto-regressive and Moving Average Models 347 8.3.8 Self-similar Models 348 8.4 The Nature of Internet Traffic 348 8.4.1 World Wide Web (WWW) 348 8.4.2 Pareto Distribution Model for Self-similar Traffic 350 8.4.3 Fractional Brownian Motion (FBM) Process 350 8.4.4 Consideration of User Behaviour in Traffic Modelling 351 8.4.5 Voice Traffic Modelling 352 8.4.6 On-off Model for Voice Traffic 354 8.4.7 Video Traffic Modelling 355 8.4.8 Multi-layer Modelling for WWW Traffic 356 8.5 Traffic Engineering 357 8.5.1 Traffic Engineering Principles 358 8.5.2 Internet Traffic Engineering 360 8.6 Multi-protocol Label Switching (MPLS) 361 8.6.1 MPLS Forwarding Paradigm 362 8.6.2 MPLS Basic Operation 363 8.6.3 MPLS and Diffserv Interworking 366 8.6.4 MPLS and ATM Interworking 367 8.6.5 MPLS with Traffic Engineering (MPLS-TE) 368 8.7 Internet Protocol Version 6 (IPv6) 369 8.7.1 Basics of Internet Protocol Version 6 (IPv6) 369 8.7.2 IPv6 Addressing 371 8.7.3 IPv6 Networks over Satellites 374 8.7.4 IPv6 Transitions 375 8.7.5 IPv6 Tunnelling Through Satellite Networks 375 8.7.6 The 6to4 Translation via Satellite Networks 376 8.7.7 Issues with 6to4 377 8.7.8 Future Development of Satellite Networking 378 Further Readings 380 Exercises 381 Index 383 Download: http://www68.zippyshare.com/v/XtssMyns/file.html
-
Attackers living on any network are all about one thing: persistence. They want to get on quietly and stay on quietly. But what about moving stolen data off a network? How quiet can that be? Two researchers believe they’ve figured out a way to combine Siri, Apple iOS’ native voice-activated service, and tenets of steganography to sneak data from jailbroken iPhones and iPads to a remote server. Luca Caviglione of the National Research Council of Italy, and Wojciech Mazurczyk of Warsaw University of Technology published an academic paper called “Understanding Information Hiding in iOS” in which they describe three steps how to pull it off. Their method, called iStegSiri, takes advantage of the data Siri sends to Apple servers for translation and manipulates that traffic, which is then observed by an attacker who must intercept it before it reaches Apple’s servers. Before that happens, an attacker would have to convert the secret to an audio sequence based on the “proper alternation of voice and silence,” the researchers wrote. Next, that altered sound pattern is fed to Siri via the iOS device’s internal microphone. Siri sends voice-to-text translation input to an Apple server where it is translated and sent back to the device. The attacker must be able to passively inspect the traffic, the researchers said, and apply a decoding scheme to learn the secret, which can be anything from a credit card number to an Apple ID and password combination. “The covert listener must capture the traffic and decode the secret. The former can be achieved in several ways, including transparent proxies or probes that dump traffic for offline processing,” the researchers wrote. “The decoding algorithm implements a voting-like method using two decision windows to determine whether a run of throughput values belongs to voice or silence (1 or 0).” IStegSiri does not require the installation of a malicious app, or an alteration of any kind. The researchers said that the method is relatively slow; secrets are sent at 0.5 bytes per second, meaning that it would take two minutes to transmit a 16-digit credit card number. “[iStegSiri] requires access to Siri’s inner workings; this means that only jailbroken iOS devices can currently be used. However, iStegSiri showcases the principle of using real-time voice traffic to embed data,” the researchers wrote. “Therefore, it can be further exploited on existing similar applications such as Google Voice or Shazam, or implemented in future applications by taking advantage of coding errors.” The paper states that the ideal countermeasure lies with Apple server-side. “For example, Apple should analyze patterns within the recognized text to determine if the sequence of words deviates significantly from the used language’s typical behaviors,” the researchers wrote. “Accordingly, the connection could be dropped to limit the covert communication’s data rate. This approach wouldn’t rely on the device, so additional functionalities or battery consumptions wouldn’t be required.” Source
-
- apple
- researchers
-
(and 3 more)
Tagged with:
-
CapTipper: Omri Herscovici: CapTipper - Malicious HTTP traffic explorer tool CapTipper is a python tool to analyze, explore and revive HTTP malicious traffic. CapTipper sets up a web server that acts exactly as the server in the PCAP file, and contains internal tools, with a powerful interactive console, for analysis and inspection of the hosts, objects and conversations found. The tool provides the security researcher with easy access to the files and the understanding of the network flow, and is useful when trying to research exploits, pre-conditions, versions, obfuscations, plugins and shellcodes. Feeding CapTipper with a drive-by traffic capture (e.g of an exploit kit) displays the user with the requests URI's that were sent and responses meta-data. The user can at this point browse to Romanian Security Team - Homepage[uRI] and receive the response back to the browser. In addition, an interactive shell is launched for deeper investigation using various commands such as: hosts, hexdump, info, ungzip, body, client, dump and more... Download: https://github.com/omriher/CapTipper
-
Encrypt DNS Traffic In Ubuntu With DNSCrypt [PPA] ~ Web Upd8: Ubuntu / Linux blog si daca nu ce variante ar fi?
- 2 replies
-
- descarcare
- filme
-
(and 3 more)
Tagged with:
-
AIEngine is a packet inspection engine with capabilities of learning without any human intervention. AIEngine helps network/security profesionals to identify traffic and develop signatures for use them on NIDS, Firewalls, Traffic classifiers and so on. Using AIEngine To use AIEngine just execute the binary aiengine: luis@luis-xps:~/c++/aiengine/src$ ./aiengine -h iaengine 0.1 Mandatory arguments: -I [ --interface ] arg Sets the network interface. -P [ --pcapfile ] arg Sets the pcap file. Link Layer optional arguments: -q [ --tag ] arg Selects the tag type of the ethernet layer (vlan,mpls). TCP optional arguments: -t [ --tcp-flows ] arg (=32768) Sets the number of TCP flows on the pool. UDP optional arguments: -u [ --udp-flows ] arg (=16384) Sets the number of UDP flows on the pool. Signature optional arguments: -R [ --enable-signatures ] Enables the Signature engine. -r [ --regex ] arg (=.*) Sets the regex for evaluate agains the flows. -c [ --flow-class ] arg (=all) Uses tcp, udp or all for matches the signature on the flows. Frequencies optional arguments: -F [ --enable-frequencies ] Enables the Frequency engine. -g [ --group-by ] arg (=dst-port) Groups frequencies by src-ip,dst-ip,src-por t and dst-port. -f [ --flow-type ] arg (=tcp) Uses tcp or udp flows. -L [ --enable-learner ] Enables the Learner engine. -k [ --key-learner ] arg (=80) Sets the key for the Learner engine. Optional arguments: -k [ --stack ] arg (=lan) Sets the network stack (lan,mobile). -d [ --dumpflows ] Dump the flows to stdout. -s [ --statistics ] arg (=0) Show statistics of the network stack. -p [ --pstatistics ] Show statistics of the process. -h [ --help ] Show help. -v [ --version ] Show version string. Integrating AIEngine with other systems AIEngine have a python module in order to be more flexible in terms of integration with other systems and functionalities. The main objects that the python module provide are the followin. Check the wiki pages in order to have more examples. Flow |---> getDestinationAddress |---> getDestinationPort |---> getFrequencies |---> getHTTPHost |---> getHTTPUserAgent |---> getPacketFrequencies |---> getProtocol |---> getSourceAddress |---> getSourcePort |---> getTotalBytes |---> getTotalPackets |---> getTotalPacketsLayer7 FlowManager Frequencies |---> getDispersion |---> getEnthropy |---> getFrequenciesString HTTPHost HTTPUserAgent LearnerEngine |---> agregateFlows |---> compute |---> getRegularExpression |---> getTotalFlowsProcess NetworkStack |---> enableFrequencyEngine |---> enableLinkLayerTagging |---> getTCPFlowManager |---> getUDPFlowManager |---> printFlows |---> setStatisticsLevel |---> setTCPSignatureManager |---> setTotalTCPFlows |---> setTotalUDPFlows |---> setUDPSignatureManager PacketDispatcher |---> closeDevice |---> closePcapFile |---> openDevice |---> openPcapFile |---> run |---> runPcap |---> setStack PacketFrequencies |---> getPacketFrequenciesString Signature |---> getExpression |---> getMatchs |---> getName SignatureManager |---> addSignature StackLan |---> enableFrequencyEngine |---> enableLinkLayerTagging |---> getTCPFlowManager |---> getUDPFlowManager |---> printFlows |---> setStatisticsLevel |---> setTCPSignatureManager |---> setTotalTCPFlows |---> setTotalUDPFlows |---> setUDPSignatureManager StackMobile |---> enableFrequencyEngine |---> enableLinkLayerTagging |---> getTCPFlowManager |---> getUDPFlowManager |---> printFlows |---> setStatisticsLevel |---> setTCPSignatureManager |---> setTotalTCPFlows |---> setTotalUDPFlows |---> setUDPSignatureManager Compile AIEngine $ git clone git://bitbucket.com/camp0/aiengine $ ./autogen.sh $ ./configure $ make Contributing to AIEngine AIEngine is under the terms of GPLv2 and is under develop. Check out the AIEngine source with $ git clone git://bitbucket.com/camp0/aiengine https://bitbucket.org/camp0/aiengine/
-
Salut, m`am apucat de SEO, nu stiu multe..is cam 10% ce stiu insa ca orice lucru de succes are nevoie de un brand..partea asta am rezolvato cat de cat, apoi e nevoie de trafic..pt inceput las asta in baza retelor de socializare. Planul meu e urmatorul : research > site > continut > brand > spam > backlinkuri > spam > spam cum imi place sa automatizez totul am reusit in mare parte sa automatizez partea de brand [dupa multe ore nedormite]: in urma testului : facebook: profil => https://www.facebook.com/monica.patrunjel pagina => https://www.facebook.com/pages/Tigancaseo/626457560711739?ref=hl twitter: https://twitter.com/Tigancaseo Tumblr: Untitled Youtube: Monica Patrunjel - YouTube Cand am sa postez pe site o sa se posteze automat si pe retele de mai sus cu un link catre postul respectiv Urmeaza sa automatizez partea de spam [sunt pe la 40%], vreau sa fac boti [femei sexy] sa adune prieteni pe fb, twitter, tumblr, etc [sa dea likeuri, fallow, etc] si intr`un final sa`i trimit pe site sau paginile oficiale. Iar la partea cu backlinkuri am sa ma folosesc de senuke pt tier2,3,4 iar pt tier1 am sa fac un bot sa urmareasca forumuri in nisa pe care o aleg si sa faca posturi timp de 1 sapt [gen cum fac "botii" reali] si sa pun site`ul in semnatura...si in final spam prin pm la un post interesant de pe site. Am facut topicul ca sa`mi dati sugestii si sa ma motivez sau poate cine stie iese un fel de "cafenea de seo" pt incepatori [asta urmaresc] si sa "crestem original" prin teste si provocari. //si pt youtube am sa fac channel art`ul in care o sa fie link`ul catre site..
-
Dupa cum si titlul ii spune, vand script similar cu cel de pe WTA, GTop, sau WTStats.com, acesta fiind un script de analiza si statistica trafic web. Ce face scriptul? Monitorizeaza traficul site-urilor inscrise, atat vizitele unice cat si afisarile, tot odata ofera detalii despre urmatoarele: - Browsere (top 10 cele mai folosite browsere - poate fi schimbat cu mai mult sau mai putin) - Tari - arata din ce tara intra cei mai multi vizitatori (vine impreuna cu un chart prin Google API) - Sisteme de Operare - Top sisteme de operare - Cei mai buni referreri - Arata ce site este cel mai bun referrer - Cele mai folosite rezolutii - Top 10 rezolutii folosite de vizitatori - Ultimii 10 vizitatori - Arata ultimii 10 vizitatori care au accesat site-ul, incluzant browserul, sistemul de operare, rezolutia, referrer-ul, ora si data la care vizitatorul a intrat. - Cele mai bune cuvinte cheie - Afiseaza cele mai bune cuvinte cheie prin care vizitatorul ajunge pe site-ul monitorizat. (din SE) Scriptul este foarte flexibil, cam toate din cele mai sus pot fi printate pe charturi. "Features": - Inregistrare cu reCaptcha - Statistici private pentru userii inscrisi (toate statisticile pot fi facute private) - JqueryUI integrat in tema care o dau default, eu vand scriptul nu tema insa acesta vine cu o tema asemanatoare cu cea de pe livestats.ro - Imagini multiple - Puteti pune cate imagini doriti in panoul userului, prin imagine se intelege codul care apare pe site-ul utilizatorul impreuna cu o imagine. (culori diferite and all that stuff). Instalare: Include pasi de instalare, o pot face eu pentru un fee de 3e (euro). Support: Ofer support pentru script doar in cazul in care acesta nu este modificat de la starea lui initala, daca este modificat va priveste. Accept plata doar prin PayPal, pretul este 5e (euro) Scriptul poate fi cumparat de aici WTstats Script iar demo-ul este aici: Demo
- 4 replies
-
- analiza
- statistici
-
(and 6 more)
Tagged with: