Ehsanul Karim

Virtual memory management (VMM) is truly a wonderful thing. It protects programs from one another and lets them think that they have more memory available than is physically in the system. To accomplish this, the VMM uses what is called a paging file . As you run more and more programs over the course of time, you’ll begin to run out of physical memory. Since things can start to go awry when this happens, the memory manager will look for the least frequently used pieces of memory owned by programs that aren’t actively doing anything at the moment and write the chunks of memory out to the disk (i.e., the virtual memory). This is known as swapping .

However, there is one possibly bad side effect of this feature: if a program containing confidential information in its memory space is , the memory containing such information may be written out to disk. This is fine when the operating system is running and there are safeguards to prevent the paging file from being read, but what about when the system is off or booted into a different operating system?

is where this hack comes in handy. What we’re going to do is tell the operating system to overwrite the paging file with zeros when it shuts down. Keep in mind that this will not work if the cord is pulled from the system or the system is shut down improperly, since this overwrite will only be done during a proper shutdown.

To enable this feature of Windows, we must edit the system registry. To do this, open the Registry and find the
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management key. You should now see something that looks like this

regedit_windows_security

Locate the ClearPageFileAtShutdown entry in the right pane of the window and change its value to 1. Now restart Windows for the
change to take effect, and your swap file will be cleared at shutdown. The only side effect of enabling this is that Windows may take
longer to shut down. However, this is very much dependent on your hardware (e.g., disk controller chipset, disk drive speed, processor
speed, etc.), since that’s what will govern how long it will take to overwrite your paging file with zeros.

Good luck with your bluescreen. :)

16 Jun, 2009

GMAIL : attachment failed [solved]

Posted by: admin In: Uncategorized

Like millions of others Gmail is the provider that I live on. From the last night I saw all the files I am trying to send as attachment are getting failed messages. First of all I thought my file size can be a cause ,as I was trying to attach a 9MB file. I tried uploading a smaller file but same results. I felt Gmail is working on their system so thought it would be ok by the next morning. But the problem was still there even the next morning. So I started googling and about my problem.

The first suggestion that came up was to install latest flash . I installed flash 10 from http://get.adobe.com/flashplayer but no improvement. So I had to dig further and changed the settings of attachment to Normal and then it started working ok.

The cool flash upload progress was working fine for me till last night , don’t know what Gmail did. However I am happy for now to see it working atleast.

15 Apr, 2009

Securing SSHD further

Posted by: admin In: Server security

Allowing only permitted ips

Reject all sshd logins by adding this in /etc/hosts.deny:
sshd: ALL

This means that by default all hosts are forbidden to access the SSH service. This needs to be here, otherwise all hosts would have access to the SSH service, since TCP wrappers first looks into hosts.deny file and if there is no rule regarding blocking SSH service, any host can connect.
Next, create a rule in /etc/hosts.allow to allow only specific hosts (as defined earlier) to use the SSH service:

sshd: 202.79.X.X

Limiting SSH login attempts

You can also use different iptables parameters to limit connections to the SSH service for specific time periods. You can use the /second, /minute, /hour, or /day switch in any of the following examples.

In this example, iptables are set to allow only host 202.79.X.X to connect to the SSH service ( we used 2426 port for SSHD). After three failed login tries, iptables allows the host only one login try per minute:

iptables -A INPUT -p tcp -s 202.79.X.X -m state --syn --state NEW --dport 2426 -m limit --limit 1/minute --limit-burst 1 -j ACCEPT
iptables -A INPUT -p tcp -s 202.79.X.X -m state --syn --state NEW --dport 2426 -j DROP

11 Apr, 2009

Securing SSHD in 5 minutes or less

Posted by: admin In: Server security

Step 1: First of all we need to make a regular user, since we are disabling direct root login:

adduser admin && passwd admin

Step 2: Backup your currenct sshd.conf

cp /etc/ssh/sshd_config /etc/ssh/sshd_config.bak

Step 3: Open and replace your sshd_config with the following code

nano -w /etc/ssh/sshd_config


## SSHD Daemon config, http://www.ehsanulkarim.com
# Updated 11 Apr ,2009

## Change to non familiar ports like 2426
Port 2426

## Sets listening address on server. default=0.0.0.0
#ListenAddress 192.168.0.1

##Setting the MaxAuthTries to a low number will minimize the risk of your SSH server being attacked in a brute force type of way.
MaxAuthTries 3

## Enforcing SSH Protocol 2 only
Protocol 2

## Disable direct root login, with no you need to login with admin user, then "su -" you into root
PermitRootLogin no

##
UsePrivilegeSeparation yes

##
AllowTcpForwarding no

## Disables X11Forwarding
X11Forwarding no

## Checks users on their home directority and rhosts, that they arent world-writable
StrictModes yes

## The option IgnoreRhosts specifies whether rhosts or shosts files should not be used in authentication
IgnoreRhosts yes

##
HostbasedAuthentication no

## RhostsAuthentication specifies whether sshd can try to use rhosts based authentication.
RhostsRSAAuthentication no

## Adds a login banner that the user can see
Banner /etc/motd

## Enable / Disable sftp server , you will need to uncomment to enable sftp
#Subsystem sftp /usr/lib/misc/sftp-server

## Enable these if you going to use Key autorization only, DO MAKE SURE YOUR KEY WORKS BEFORE ENABLING THESE!
#RSAAuthentication no
#PasswordAuthentication no
#UsePAM no
#KerberosAuthentication no
#GSSAPIAuthentication no

## Add users that are allowed to log in , only admin is allowed here
AllowUsers admin

Step 4: Add a banner to discourage hackers

nano -w /etc/motd

Add this text, or something else of your choice
“Restricted system , log off.”

Step 5: Restart SSHD with new config

service sshd reload

Recession, job cuts and budget downsizing are now a day’s few of the most talked about topics. But what is the effect of this recession on companies that depends on outsourcing from USA and other countries?
Bangladesh has been relatively a new player in the block for software outsourcing. It is a great time to take advantage of the situation, when talent is available; resources are cheaper even than outsourcing giants like India. Organizations don’t want to hire the workers for full time in recession. The recession will promote the adoption of increased outsourcing.
Organizations worldwide are under severe pressure to increase revenue and profit margins through streamlining operations. Outsourcing is the most effective way to achieve this, by acquiring productive power at the minimal cost. More and more companies are becoming interested in the outsource trend and trying use the power of outsourcing at their advantage. According Times of India states that outsourcing deals from US would be around $8 billion by March 2009 and is expected to reach $11 billion by March 2010.

The software outsourcing market is stable and it is enjoying tremendous growth even in this time of recession. Companies in USA, UK and Canada have started to consider Bangladesh as a strategic place for entry level software projects. Bangladesh still has a long way to go to come anywhere close to India. But during this recession where companies like looking for outsourcing partners, Bangladesh should take utmost advantage from the situation.

11 Apr, 2009

Am I a stupid to use Meta Keywords?

Posted by: admin In: SEO

Meta Keywords tag holds hardly any importance now a day. As Google, the search engine emperor, completely ignores Meta keywords tags to find out the relevancy of the site. Google still uses Meta Description tag as a content summart of the site. Though few years back you could have come on top of search results only with Meta tag keywords, the story is completely different now. So putting Meta keywords should not be in your priority list of your SEO plan.
Having said that,as you all may know SEO is 99% assumptions and 1% fact, so even though you know keywords are not being used now, you don’t know when Google might re consider this idea and start giving weight to Meta keyword tags. So if you have time it might be a good idea to include some Meta keywords. I have seen some posts were SEO guru doubted that meta title tags may be penalized by Google but I have seen thousands of sites listed on Google #1 which has meta tags in their sources .

05 Apr, 2009

5 White Hat SEO techniques for your site

Posted by: admin In: SEO

In this period of recession when businesses are fighting to get a pocket share of their target customers, it is vital your site stay in the competition. Day by day customers are getting distracted form sales calls, banner ads and direct mail.

So how to reach your customers in middle of these millions of websites?

The simple answer is SEO, as you may all know. Visitors rely a lot more on organic search results rather than paid advertisements. And when it comes to search engines, Google is king with service around more than 60% of all search queries. This means it is vital that you make it easy for customers to find you on Google and other engines, and one of the most effective ways to do so is search engine optimization (SEO), which focuses on getting your Web site listed in the organic and unpaid search engine results.

How do you actually get your Web site shown in first pages of search engines like Google?

The answer is quite simple, but getting there can be a bit more difficult.

When you have decided to start SEO you need to work on two areas:

On-site SEO are all the things that are in your pages like titles, tags and content. The good part is that you have complete control over these things.

Off-page SEO are things that happen outside your domain and from the World Wide Web. The most important off-Page SEO factor is the number and quality of links into your Web site, which is widely known as back links.

seo

With those basics covered, here are few tips to guide you through your SEO strategy.

1. Good and relevant page titles

The page title of each Web page is the most important on-page SEO factor. The page title is the text that appears in the top bar of your browser window and is the first thing a search engine looks at to determine what the page is all about.

For instance, the page title of a hosting provider may be “ABC Host – Fast and Reliable Hosting”, which gives the search engine the idea that it is a site that offers fast and reliable hosting.  Having said so you need to be very smart when selecting page titles, as you don’t want to be too generic or too unique.

2. Short and smart domain

Your URL is how search engines track and manage your company’s reputation online. Using URLs like yourcompany.blogspot.com make it possible for you to build SEO power for blogspot.com, but if you ever want to move or rename your Web site, you have to leave all the power of the site behind.

If you have your own domain, like yourcompany.com, then you can always move to a new address and forward all the SEO power you have built up. I have had customer queries to do SEO for a classified ad that she has on Kijiji, but doing SEO for a third party site may not be worth the effort you have to put in. Rather think about having it listed on your site and link to Kijiji and let Kijiji link to you as well from your ad.

3. Blog, blog and blog

Blogging does two great things that are a huge help with SEO.

First, if you run a blog correctly, you are updating content on a frequent basis. Search engines love fresh content on Web sites. Web pages or articles that have been published recently on an established Web site get an extra boost in the rankings. The second benefit of blogging is that blogs are a magnet for links. The people who do the most linking online are bloggers and writers. They are much more likely to link to an interesting blog article with a unique perspective on an issue than a typical corporate Web site.

If you start a blog and regularly post conteant that is appealing to your market, you will help your SEO efforts a lot. You understand the importance as you are reading this blog post right?

4. Take advantage of PR
If you already into PR then you have taken your first step, now it is time you start working on them. First, you should optimize all of your press releases. This basically means adding links into your press releases that lead back to your Web site. Second, as you get coverage of your company in online publications, make sure that there is link within the article back to your company. You would be surprised how many journalists do not automatically link to companies they write about.

For bonus points, for your links in press releases and media coverage, use hyperlinked text with keywords relevant to your business as the link, not just the URL. The search engines key off of these keywords for added clues about the topic of your Web site. For example: you want a link like Ehsanul Karim, not http://www.ehsanulkarim.com.

5. Social networking and beyond

Social media is an excellent way to promote your interesting blog articles or other content, because other bloggers and writers might write about your company and link back to your content. Find online communities, groups, blogs, and networks where your audience hangs out, and start listening and asking questions.

SEO means a lot of works and patience—but it is always better to be late than never, these are just a few tips to get you started on the most critical first few levels which should make the ball rolling for your site.

Categories


  • melatonintablets: the Economic Recession has been pretty hard on us. some of my friends lost their job because of the massive job cuts. i just hope that our economy bec
  • atozsolutionseo: your post is helpful and informative
  • KattyBlackyard: The best information i have found exactly here. Keep going Thank you

About

This is an example of a WordPress page, you could edit this to put information about yourself or your site so readers know where you are coming from.