PhishTank, a free community site operated by the people from OpenDNS allows anyone to submit, verify,track and share phishing data. The guys are PhishTank are highly reputed and focus on phish and phishing leaving other bad areas such as viruses, malware, spam, botnets to other communities, like Project Honey Pot(anti spam) for instance.

One of the main goals of PhishTank is to provide the community with timely phishing statistics. The following world map depicts their phishing statistics for the month of October which show that a quarter of the phishing websites are located in the US while South Korea and India finish up the top three slots.

So, what is phishing?

Phishing is a fraudulent attempt, usually made through email, to steal your personal information. Phishing emails usually appear to come from a well-known organization and ask for your personal information - such as a credit card number, social security number, account number or password. In order for Internet criminals to successfully “phish” your personal information, they must get you to go from an email to a website. Phishing emails will almost always tell you to click a link that takes you to a site where your personal information is requested. Legitimate organizations would never request this information of you via email.

From the report(phishing Ebay PayPal) we see that PayPal is the top target with 1493 valid phishes with Ebay a close second with 1210 valid phishes. Banks round up the remaning of the top ten.

If you wish to read more about Phishing and how to protect yourself from phishing by learning how to recognize a phish, check out the excellent walk through example from the folks of PhishTank.

Microsoft has combined two popular Sysinternals utilities, Filemon ( for monitoring and displaying file system activity of a system in real time)and Regmon (real time Registry monitoring tool to display applications accessing the registry, the keys and the registry data they are reading and writing) to release Process Monitor, an advanced monitoring tool that shows real - time file system, Registry and process/ thread activity besides adding an extensive list of enhancements to the already powerful tools. Some of the new features include enhanced filtering, simultaneous logging to a file, comprehensive event properties such as session IDs and user names etc. All these features and others combine to make Process Monitor a must have tool in your system troubleshooting and malware hunting toolkit.

System Requirements:

OS(both 32 bit & 64 bit versions): Windows 2000 SP4, Win XP SP2, Win Server 2003, Windows Vista

Download Microsoft Process Monitor 1.0

Related Tools

FileMon - a file access monitor

RegMon - a Registry monitor

PortMon - a serial and parallel port monitor

Process Explorer - a process and thread monitor

DiskMon - a hard disk monitor

DebugView - a debug output monitor

Availability — the probability that a server will be perform its intended function under normal operating conditions when needed, usually expressed as a percentage.

Examples of Server Availability

Table below shows the relationship between single server availability and downtime for commonly used availability levels. The downtime column lists the maximum amount of single server downtime permitted in a year that will still satisfy your single server availability goal. For example, to achieve 99.9% availability on a single server, the server cannot be down for more than 8.76 hours per year.

Standard approaches for increasing server availability is to increase redundancy so that if one component fails, other components can be put into service. Higher end servers have hot-plug replaceable components.

1. RAID: RAID allows for continued hard drive access in the case of a single hard drive’s failure, increasing fault tolerant capabilities within a drive array. Two common RAID levels are RAID level 1 (mirroring) and RAID level 5 (stripe with parity).
2. Hot-plug hard drives: These hard drives can be removed or added to a system while the system is operating. This reduces system downtime by avoiding the need to power off the server.
3. Hot-plug PCI cards: Similar to hot-plug hard drives, hot-plug PCI cards can be deactivated, allowing for removal and replacement of a PCI card while the system is in operation.
4. Redundant and Hot-plug power supplies: Hot-plug power supplies provide redundant power to the server in the case of component failure. Two or more redundant power supplies are required to ensure zero downtime from power supply failures.
5. Redundant NICs: Allows one to create redundant switched networks with automatic failover should one NIC card or network switch fail.
6. Redundant Cooling Fans: The cooling of a server is generally achieved by cooling fans installed inside the network server, which pull in cool air from outside of the network server and remove heated air from the network server. Failure of a cooling fan can lead to heat buildup in the server, which in most cases will cause the server to shut down due to heat sensors in the server. Many server vendors have hot-pluggable redundant cooling fans that are , meaning zero downtime due to a cooling fan failure.
7. Uninterruptible Power Supply: An uninterruptible power supply (UPS) is a battery backup system that supplies power to the server in the event of an electrical power outage. The UPS is designed to supply power to the server just long enough for the server to be shut down gracefully. The shutdown process is usually done by software running on the server that is monitoring the UPS by means of a serial cable running from the server to the UPS. A UPS also conditions the power (eliminates spikes and sags) before it gets to the server. If a server has multiple power supplies, each of them should be connected to a different UPS to provide the ultimate in power protection and server reliability.
8. Emergency Generator: When true full-time (24 x 7) operation of the server is required, an emergency generator, which is usually diesel powered, will start up soon after a power failure and be able to supply power to the server (probably the entire server room), before the battery power of the UPS is fully exhausted.
9. Server Location: A server should be housed in a room designed to support this very special and very expensive piece of equipment. The server room should be secured and only authorized personnel should be allowed into the server room. The server room should be environmentally controlled. Network servers do not function well in rooms that are too hot or too humid.
10. Redundant Network Feeds: Make sure your server is connected to the Internet via redundant network feeds, ideally provided by different vendors. Make sure that these feeds have independent physical routes to the Internet nodes where they originate from.

Other options are to maintain an inventory of spare components plus having a contract with server vendor to in-house service within a specified time interval (e.g. same-day 4hr service).

More explaination on two major factors for availability : Disk reliability and Redundant NICs

Google and Reuters announced on January 11, 2007 that they are going to offer real-time stock quotes and last-sale prices for free across all Google properties including Google Finance, Personalized Google, Google Mobile and of course Google.com. This partnership of Google with the SEC, the New York Stock Exchange and their D.C. trade association NetCoalition is pending approval by the SEC which upon approval will allow you to have free, easy and fast access to real time prices from NYSE on Google. If the SEC approves the plan, the NYSE will allow Web sites to publish trade prices with nearly no delay in return for payments of $100,000 a month, the Wall Street Journal reported.

Google Finance is currently lagging behind in being the most favored web destination for Financial information behind Yahoo Finance.

Read the rest of this entry »

This wonderful illustration divides the world wide web city in three sectors - the first sector is like a posh colony of clean, entertaining or very useful websites, second sector represents the garbage dumping ground or spam, and third sector has sites that exists solely for the purpose of making money and add little value.

The most worrying part is that the spam sector is on the verge of overflowing.

Interestingly, About.com, owned by the New York Times, is treated in the same category as other Made-for-Adsense websites and discontinued blogs.

Wonder why there is no mention of porn or adult websites in this picture.

Source: irony.com

Amazon this week have announced the launch of Endless.com, an exclusive shoe and handbag web site. The biggest upside, Endless.com offers a FREE overnight or next business day shipping on all of its items. While this might be a promotional event, Amazon is heavily promoting this free next day shipping enough to make it a permanent feature. Endless.com’s motto: Destination for great styles, the best prices and fast delivery.

At Endless.com, you can shop by style, brand, size, or color family; make multiple selections and clear the results you don’t want to see. Endless.com provides detailed product descriptions including construction materials, heel height and customer reviews to help you make the right choice as well as a zoom feature that allows customers to see all product details, whether it’s a subtle pattern or a not-so-subtle texture. On a budget? You can use their price slider to filter to results in your range. If you have a question on how a style fits, you can bounce over to their Customer Fit Ratings and read what other shoppers had to say about their purchase. Other upsides of shopping at Endless.com include Free return shipping for a period of 365 days from the original purchase date and also offer price match or refund of 110% of the difference if you find another shopping destination offering lower price for the same product thus offering their customers a no-risk opportunity to try them out. For details and timelines on free overnight shipping, customers can reference the countdown clock on the top of every page, which lets them know what their order deadlines and delivery dates will be.

Amazon and Endless.com association.

Read the rest of this entry »

Boing Boing reports that Google Videos now have Google Ads built into the video stream.

In this Charlie Rose Show clip, which is nearly an hour long, there are two ad segments each lasting about 15 seconds long. I have seen other ads but mostly restricted to TV show content and atleast an hour long.

If anyone of you have seen any other instances of ads being shown in Google Videos or YouTube, post in the comments section.

Fauxto … like photo is a fully featured, free range, web-based image and photo editor. It joins other online photo and image editors like WebImageFX in the crowded image editing web based applications. According to Fauxto’s developers, their aim is to develop a free range editing capability and a YouTube like usage model of create/share anytime/anywhere.

Unlike these other online image editors, the one significant difference is that you can create brand new images from scratch instead of having to manipulate or having to edit existing images. It is also the first online image editor that includes Photoshop-style layers and filter support. Fauxto is your scaled down Photoshop in a browser and it’s pretty well done and above all, it is FREE.

Fauxto was written in Flex and is completely Flash based and the application loads inside your web browser. Another plus is that you can launch multiple images as tabs allowing you to easily switch between one image to another. Here is a sample image edited using Fauxto

Read the rest of this entry »

TrueCrypt is a free open source disk encryption software that works on both Windows and Linux platforms. No data stored on an encrypted volume can be read (decrypted) without using the correct password/keyfile(s) or correct encryption keys. TrueCrypt does this by creating a virtual hard drive that will read and write encrypted files on the fly. The advantage of using TrueCrypt is that you need not download it everywhere. All you need are the files truecrypt.exe, truecrypt.sys and the volume file you create which you can carry on your flash drive.

Step by Step Tutorial on how to encrypt your Hard disk or data or message using TrueCrypt

Step # 1: Download and install TrueCrypt

Step # 2: Once you Launch TrueCrypt, Click on “Create Volume” button. This launches the Volume Creation wizard that prepares the encryped drive location. Next, choose ” Create a Standard TrueCrypt Volume” and hit Next. Next, click on “Select File” button. Browse to a place where you want to store your encryped files. In this case, I am selecting askstudent.ajit Note: This is not the file you want to encrypt. Think of this as a Folder Name which in turn would contain the files you want to encrypt later on. Hit Next

Read the rest of this entry »

BitTorrent is the name of a peer-to-peer (P2P) file distribution protocol, and is the name of a free software implementation of that protocol. The protocol was originally designed and created by programmer Bram Cohen, and is now maintained by BitTorrent Inc. BitTorrent is designed to distribute large amounts of data widely without incurring the corresponding consumption in costly server and bandwidth resources. CableLabs, the research organization of the North American cable industry, believes that BitTorrent represents 55% of the upstream traffic on the cable companies’ access network.CacheLogic puts that number at roughly 35% of all traffic on the Internet, although there are dissenting opinions on the methodology to measure P2P traffic on the Internet.

An interactive Java Applet showing how the BitTorrent network works. The image below consists of 5 seeders and 5 leechers.

BitTorrent source Wikipedia