fakecineaste : September 2014

Tuesday, September 9, 2014

software

Google Play

Google Play, formerly the Android Market, is a digital distribution platform operated by Google. It is the official app store for the Android operating system, allowing users to browse and download applications developed with the Android SDK and published through Google.
http://en.wikipedia.org/wiki/Google_Play

App Store (iOS)

The App Store is a digital distribution platform for mobile apps on iOS, developed and maintained by Apple Inc. The service allows users to browse and download applications that were developed with Apple's iOS SDK.
The apps can be downloaded directly to an iOS device, or onto a personal computer via iTunes (also developed and maintained by Apple Inc.).
http://en.wikipedia.org/wiki/App_Store_%28iOS%29

Instagram

Instagram is an online mobile photo-sharing, video-sharing and social networking service that enables its users to take pictures and videos, apply digital filters to them, and share them on a variety of social networking services, such as Facebook, Twitter, Tumblr and Flickr.
Users are also able to record and share short videos lasting for up to 15 seconds.
Instagram is distributed through the Apple App Store, Google Play, and Windows Phone Store.
Support was originally available for only the iPhone, iPad, and iPod Touch;
in April 2012, support was added for Android camera phones.
http://en.wikipedia.org/wiki/Instagram

Vine is a short-form video sharing service. Founded in June 2012, it was acquired by microblogging website Twitter in October 2012, just prior to its official launch.

The service allows users to record and edit six-second long video clips, which can be then published through Vine's social network and shared on other services such as Facebook and Twitter. Vine's app can also be used to browse through videos posted by other users, along with groups of videos by theme, and trending videos.
http://en.wikipedia.org/wiki/Vine_%28software%29

WhatsApp Messenger is a proprietary, cross-platform instant messaging subscription service for smartphones and selected feature phones that uses the internet for communication. In addition to text messaging, users can send each other images, video, and audio media messages as well as their location using integrated mapping features.
http://en.wikipedia.org/wiki/WhatsApp

Wickr

Wickr (pronounced "wicker") is the name of a proprietary instant messenger for iPhone and Android and of the company that produces it. Wickr allows users to exchange end-to-end encrypted and self-destructing messages, including photos and file attachments
http://en.wikipedia.org/wiki/Wickr

hardware

Smartphone

A smartphone (or smart phone) is a mobile phone with more advanced computing capability and connectivity than basic feature phones.
Early smartphones typically combined the features of a mobile phone with those of another popular consumer device, such as a personal digital assistant (PDA), a media player, a digital camera, and/or a GPS navigation unit. Later smartphones include all of those plus the features of a touchscreen computer, including web browsing, Wi-Fi, and 3rd-party apps.
http://en.wikipedia.org/wiki/Smartphone

iPod Touch

The iPod Touch (stylized and marketed as iPod touch) is a multi-purpose pocket computer designed and marketed by Apple Inc. with a user interface that is touchscreen-based. It can be used as a music and video player, digital camera, handheld game device, and personal digital assistant (PDA).It connects to the Internet through Wi-Fi base stations and is therefore not a smartphone, though its design and iOS operating system are very similar to Apple's iPhone.
http://en.wikipedia.org/wiki/IPod_Touch

iPhone

a line of smartphones designed and marketed by Apple Inc.
It runs Apple's iOS mobile operating system
There are seven generations of iPhone models, each accompanied by one of the six major releases of iOS.
http://en.wikipedia.org/wiki/IPhone

A Chromebook is a laptop running Chrome OS as its operating system. The devices are designed to be used primarily while connected to the Internet, with most applications and data residing "in the cloud". A Chromebook is an example of a thin client.

http://en.wikipedia.org/wiki/Chromebook

iPad

a line of tablet computers designed and marketed by Apple Inc. which runs Apple's iOS.
The user interface is built around the device's multi-touch screen, including a virtual keyboard.
The iPad has built-in Wi-Fi and, on some models, cellular connectivity
An iPad can shoot video, take photos, play music, and perform Internet functions such as web-browsing and emailing. Other functions—games, reference, GPS navigation, social networking, etc.—can be enabled by downloading and installing apps.
http://en.wikipedia.org/wiki/IPad

iPad Mini

a line of mini tablet computers designed, developed, and marketed by Apple Inc
It is a sub-series of the iPad line of tablets, with a reduced screen size of 7.9 inches, in contrast to the standard 9.7 inches
http://en.wikipedia.org/wiki/IPad_Mini

Google Nexus

a line of consumer electronic devices that run the Android operating system.
The product family consists mostly of mobile devices—five smartphones and three tablet computers
the devices currently available in the line are the Nexus 5 smartphone (made with partner LG Electronics), second generation Nexus 7 tablet (made with Asus), and Nexus 10 tablet (made with Samsung).
Nexus devices are the first Android devices to receive updates to the operating system.
http://en.wikipedia.org/wiki/Google_Nexus

Kindle Fire

The Kindle Fire is a mini tablet computer version of Amazon.com's Kindle e-book reader.
Kindle Fire has a color 7-inch multi-touch display with IPS technology and runs a custom version of Google's Android operating system called Fire OS.
The device—which includes access to the Amazon Appstore, streaming movies and TV shows, and Kindle's e-books
http://en.wikipedia.org/wiki/Kindle_Fire

Tablet computer

A tablet computer, or simply tablet, is a mobile computer with display, circuitry and battery in a single unit. Tablets are equipped with sensors, including cameras, microphone, accelerometer and touchscreen, with finger or stylus gestures replacing computer mouse and keyboard. Tablets may include physical buttons, e.g., to control basic features such as speaker volume and power and ports for network communications and to charge the battery. An on-screen, pop-up virtual keyboard is usually used for typing. Tablets are typically larger than smart phones or personal digital assistants at 7 inches (18 cm) or larger, measured diagonally
http://en.wikipedia.org/wiki/Tablet_computer

personal digital assistant (PDA)

A personal digital assistant (PDA), also known as a palmtop computer, or personal data assistant, is a mobile device that functions as a personal information manager. PDAs are largely considered obsolete with the widespread adoption of smartphones.
Nearly all current PDAs have the ability to connect to the Internet. A PDA has an electronic visual display, enabling it to include a web browser, all current models also have audio capabilities enabling use as a portable media player, and also enabling most of them to be used as mobile phones. Most PDAs can access the Internet, intranets or extranets via Wi-Fi or Wireless Wide Area Networks. Most PDAs employ touchscreen technology.
http://en.wikipedia.org/wiki/Personal_digital_assistant

laptop

A laptop is a portable personal computer with a clamshell form factor, suitable for mobile use.They are also sometimes called notebook computers or notebooks
http://en.wikipedia.org/wiki/Laptop

operating system

iOS (previously iPhone OS) is a mobile operating system developed by Apple Inc. and distributed exclusively for Apple hardware. It is the operating system that powers many of the company's iDevices.

Originally unveiled in 2007 for the iPhone, it has been extended to support other Apple devices such as the iPod Touch (September 2007), iPad (January 2010), iPad Mini (November 2012) and second-generation Apple TV onward (September 2010).
http://en.wikipedia.org/wiki/IOS

iOS 8 is the eighth major release of the iOS mobile operating system designed by Apple Inc. as the successor to iOS 7.

Many of the features and highlights of iOS 8 have seem to come from previous versions of Android, and even Windows Phone.
http://en.wikipedia.org/wiki/IOS_8

Chrome OS is a Linux kernel-based operating system designed by Google to work primarily with web applications

The user interface takes a minimalist approach and consists almost entirely of just the Google Chrome web browser
This means that Chrome OS is almost a pure web thin client OS
Chrome OS is built upon the open source project called Chromium OS[10] which, unlike Chrome OS, can be compiled from the downloaded source code.
Chrome OS is the commercial version installed on specific hardware from Google's manufacturing partners.
http://en.wikipedia.org/wiki/Chrome_OS

Chromium OS is a Linux-based operating system designed by Google to work exclusively with web applications. It is the open source development version of Chrome OS.

http://en.wikipedia.org/wiki/Chromium_OS

Android (operating system)

Android is a mobile operating system (OS) based on the Linux kernel that is currently developed by Google.
http://en.wikipedia.org/wiki/Android_%28operating_system%29

GeoJSON

GeoJSON is a format for encoding a variety of geographic data structures.

http://geojson.org/

Geography Markup Language (GML)

Geography Markup Language (GML)

The OpenGIS® Geography Markup Language Encoding Standard (GML) The Geography Markup Language (GML) is an XML grammar for expressing geographical features. GML serves as a modeling language for geographic systems as well as an open interchange format for geographic transactions on the Internet
http://www.opengeospatial.org/standards/gml

OGC Web Services Context Document defines the application state of an OGC Integrated Client

http://en.wikipedia.org/wiki/Open_Geospatial_Consortium

The ISO 19100 is a series of standards for defining, describing, and managing geographic information

http://www.slideshare.net/Databaseguys/iso-19100-geographic-information-and-geomatics

PostGIS

PostGIS

PostGIS is a spatial database extender for PostgreSQL object-relational database. It adds support for geographic objects allowing location queries to be run in SQL.
http://postgis.net/

Intrusion detection system (IDS / IPS)

Intrusion detection system

An intrusion detection system (IDS) is a device or software application that monitors network or system activities for malicious activities or policy violations and produces reports to a management station. IDS come in a variety of “flavors” and approach the goal of detecting suspicious traffic in different ways. There are network based (NIDS) and host based (HIDS) intrusion detection systems.
http://en.wikipedia.org/wiki/Intrusion_detection_system

Intrusion prevention system

Intrusion prevention systems (IPS), also known as intrusion detection and prevention systems (IDPS), are network security appliances that monitor network and/or system activities for malicious activity. The main functions of intrusion prevention systems are to identify malicious activity, log information about this activity, attempt to block/stop it, and report it
http://en.wikipedia.org/wiki/Intrusion_prevention_system

IPS vs IDS vs Firewall

firewall prevents malicious traffic
Passive IDS: the IDS only reports that there was an intrusion.
Active IDS: the IDS also takes actions against the issue to fix it or at least lessen its impact.

Firewall - A device or application that analyzes packet headers and enforces policy based on protocol type, source address, destination address, source port, and/or destination port. Packets that do not match policy are rejected

Intrusion Detection System - A device or application that analyzes whole packets, both header and payload, looking for known events. When a known event is detected a log message is generated detailing the event.

Intrusion Prevention System - A device or application that analyzes whole packets, both header and payload, looking for known events. When a known event is detected the packet is rejected.

The IDS only monitors traffic. The IDS contains a database of known attack signatures. And it compares the inbound traffic against to the database. If an attack is detected then the IDS reports the attack.

http://security.stackexchange.com/questions/44931/difference-between-ids-and-ips-and-firewall

The differences between an IDS and a firewall are that the latter prevents malicious traffic, whereas the IDS:

    Passive IDS: the IDS only reports that there was an intrusion.
    Active IDS: the IDS also takes actions against the issue to fix it or at least lessen its impact.

However, what's the difference between an IPS and a Firewall? Both are a preventative technical control whose purpose is to guarantee that incoming network traffic is legitimate.

    Firewall - A device or application that analyzes packet headers and enforces policy based on protocol type, source address, destination address, source port, and/or destination port. Packets that do not match policy are rejected.
    Intrusion Detection System - A device or application that analyzes whole packets, both header and payload, looking for known events. When a known event is detected a log message is generated detailing the event.
    Intrusion Prevention System - A device or application that analyzes whole packets, both header and payload, looking for known events. When a known event is detected the packet is rejected.

http://security.stackexchange.com/questions/44931/difference-between-ids-and-ips-and-firewall

WAF vs IPS

IPS’s deal with packets, while WAF’s work within sessions

WAFs must understand not just protocol behavior, like HTTP GET, POST, HEAD, etc, but also JavaScript, SQL, HTML, XML, Cookies, etc. This application layer logic is fundamental to the operation of a WAF but not required for IPS functionality, and therefore not typically implemented on an IPS

Baselining is available on IPS and WAF, but the similarity stops with the name. IPS baselining consists of statistical deviations in throughput and traffic flows. WAF baselining involves URL, Parameter, HTTP Method, Session, and Cookie mapping. A WAF knows no concept of bandwidth utilization for baselining, just an IPS doesn’t know if a given URL is supposed to accept HTTP POSTs or GETs.

IPS signatures are looked at by companies as a means to virtually patch their PC’s ahead of an actual being patch or update being available or fully rolled out. This level of protection isn’t available on an IPS when specific application-layer vulnerabilities exist or when custom written web-application code has some new vulnerability. This is where the WAF provides a measure of protection not available on an IPS, due to the application-awareness of the WAF.

WAF deployments are focused on web applications and web application traffic, while IPS deployments are typically done at the network level inspecting all packets.
https://practical.wordpress.com/2009/12/28/waf-vs-ips-or-four-things-your-ips-cant-do/

Security: IDS vs. IPS Explained

an IPS has all the features of a good IDS, but can also stop malicious traffic from invading the enterprise.
In addition, an IPS can respond to a detected threat in two other ways. It can reconfigure other security controls, such as a firewall or router, to block an attack. Some IPS devices can even apply patches if the host has particular vulnerabilities. In addition, some IPS can remove the malicious contents of an attack to mitigate the packets, perhaps deleting an infected attachment from an email before forwarding the email to the user.
http://www.comparebusinessproducts.com/fyi/ids-vs-ips

Intrusion Detection FAQ: What is the difference between an IPS and a Web Application Firewall?

An IPS generally sits in-line and watches network traffic as the packets flow through it. It acts similarly to an Intrusion Detection System (IDS) by trying to match data in the packets against a signature database or detect anomalies against what is pre-defined as "normal" traffic
WAFs are designed to protect web applications/servers from web-based attacks that IPSs cannot prevent. In the same regards as an IPS, WAFs can be network or host based. They sit in-line and monitor traffic to and from web applications/servers. Basically, the difference is in the level of ability to analyze the Layer 7 web application logic.
https://www.sans.org/security-resources/idfaq/ips-web-app-firewall.php

Perimeter’s Host Intrusion Detection and Prevention System (HIDS/HIPS) is our premier

service designed to protect your most critical data and servers on your network. It
provides an additional layer of defense beyond services such as a managed firewall,
Network Intrusion Prevention Systems (NIPS) and signature-based anti virus software.
HIDS/HIPS relies on a learning pattern for both known and unknown types of malicious
activity. Rather than relying on signature matching for specific attacks, the behavior-
based rules associated with HIDS/HIPS products monitor and deny malicious activity
patterns. HIDS/HIPS monitors and alerts security operations personnel if activity is
suspicious
http://www.falkensecurenetworks.com/PDFs/HIDS-HIPS[1].pdf

Host based intrusion detection (HIDS) refers to intrusion detection that takes place on a single host system. Currently, HIDS involves installing an agent on the local host that monitors and reports on the system configuration and application activity. Some common abilities of HIDS systems include log analysis, event correlation, integrity checking, policy enforcement, rootkit detection, and alerting1. They often also have the ability to baseline a host system to detect variations in system configuration.

https://www.sans.org/security-resources/idfaq/what-is-a-host-intrusion-detection-system/1/24

"OSSEC is an Open Source Host-based Intrusion Detection System. It performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response. It runs on most operating systems, including Linux, MacOS, Solaris, HP-UX, AIX and Windows.

http://ossec.github.io/

The Samhain host-based intrusion detection system (HIDS) provides file integrity checking and log file monitoring/analysis, as well as rootkit detection, port monitoring, detection of rogue SUID executables, and hidden processes.Samhain been designed to monitor multiple hosts with potentially different operating systems, providing centralized logging and maintenance, although it can also be used as a standalone application on a single host.Samhain is an open-source multiplatform application for POSIX systems (Unix, Linux, Cygwin/Windows).

http://la-samhna.de/samhain/index.html

HIDS vs NIDS and which one is better and why?

It’s just that the placement in different. HIDS is placed on each host whereas NIDS is placed in the network. For an enterprise, NIDS is preferred as HIDS is difficult to manage, plus it consumes processing power of the host as well.
https://www.greycampus.com/blog/information-security/top-cyber-security-interview-questions

Snort

Snort® is an open source network intrusion prevention and detection system (IDS/IPS) developed by Sourcefire.
http://www.snort.org/

Differences Between IPS and Firewalls

An IPS will inspect content of the request and be able to drop, alert, or potentially clean a malicious network request based on that content.

A firewall will block traffic based on network information such as IP address, network port and network protocol.

https://its.umich.edu/enterprise/wifi-networks/network-security/ips-vs-firewalls

A firewall permits and blocks traffic by port/protocol rules. However, an attacker can use legitimate ports to send illegitimate traffic. An IPS looks at the contents of the packets and/or can correlate over time to determine if an attack is happening. An IPS works in tandem with a firewall to make sure that the traffic the firewall permitted is actual legitimate traffic.

https://learningnetwork.cisco.com/s/question/0D53i00000KstPg/ips-vs-firewall

Thursday, September 4, 2014

Terms,Organizations

The Single Euro Payments Area (SEPA) is a payment-integration initiative of the European Union for simplification of bank transfers denominated in euro. As of February 2014, SEPA consists of the 28 EU member states, the four members of the EFTA (Iceland, Liechtenstein, Norway and Switzerland), Monaco and San Marino.
The European Free Trade Association (EFTA) is a free trade organisation between four European countries that operates in parallel with – and is linked to – the European Union (EU). The EFTA was established on 3 May 1960 as a trade bloc-alternative for European states who were either unable or unwilling to join the then-European Economic Community (EEC) which has now become the EU

credit card

AVS (Address Verification Service): determines if the address provided by the customer matches the address of the credit card

CVV (Code Verification Value): the three or four digit number on the back of a credit card

–providing these numbers ensures that the card is in the hand of its owner

This is also known as CSC (Card Security Code), CVC (Card Verification Code), and V-Code,depending on the card scheme norms and region

Backend as a service (BaaS)

Backend as a service (BaaS), also known as "mobile backend as a service" (MBaaS), is a model for providing web and mobile app developers with a way to link their applications to backend cloud storage and APIs exposed by back end applications while also providing features such as user management, push notifications, and integration with social networking services.

These services are provided via the use of custom software development kits (SDKs) and application programming interfaces (APIs)

Platform as a service (PaaS)

Minishift is a tool that helps you run OpenShift locally by launching a single-node OpenShift cluster inside a virtual machine. With Minishift you can try out OpenShift or develop with it, day-to-day, on your local machine.

OpenShift Online is Red Hat’s public cloud application development and hosting service. On-Demand Access.

Openshift Origin is the upstream community project that builds up OpenShift platform. Openshift origin is built around a core of Docker container, using Kubernetes for cluster containers orchestration. Openshift origin includes also a functional Web application and a CLI interface to build up and manage your applications.

Docker and OpenShift Origin must run on the Linux operating system.

Minimum Hardware Requirements

To simplify the task of setting up and operating containers, the use of a container management tool is essential. These solutions, known as container orchestration tools, help operations staff decide where to run containers, how to run them in production, and which systems to put them on

OpenShift Online has been completely rewritten, enabling you to rapidly build and deploy Docker images and manage them on a robust, scalable platform. The power of Docker containers and the Kubernetes container cluster manager optimized for enterprise app development and deployment.OpenShift is Red Hat's Platform-as-a-Service (PaaS) that allows developers to quickly develop, host, and scale applications in a cloud environment.

https://www.openshift.com

Source-to-Image (S2I) is a toolkit and workflow for building reproducible Docker images from source code.

S2I produces ready-to-run images by injecting source code into a Docker container and letting the container prepare that source code for execution.
By creating self-assembling builder images, you can version and control your build environments exactly like you use Docker images to version your runtime environments.
https://github.com/openshift/source-to-image

OpenShift is designed to run any existing Docker images. Additionally, you can define builds that will produce new Docker images using a Dockerfile.

https://github.com/openshift/origin

Source-to-Image (S2I) is a mechanism for building custom Docker images. It produces ready-to-run images by injecting application source into a Docker image and assembling a new Docker image. The new image incorporates the base image and built source

So let's say you want to load the image "openshift/wildfly-100-centos7" and produce a new image using the source code available on https://github.com/fmarchioni/mastertheboss in the folder "openshift-demo"
(Have a look at the application here: https://github.com/fmarchioni/mastertheboss/tree/master/openshift-demo)
http://www.mastertheboss.com/soa-cloud/openshift/deploy-docker-images-on-openshift

Openshift uses Image Streams to reference a Docker image. An image stream comprises one or more Docker images identified by tags. It presents a single virtual view of related images, similar to a Docker image repository, and may contain images from any of the following:

    Its own image repository in OpenShift’s integrated Docker Registry
    Other image streams
    Docker image repositories from external registries
http://www.mastertheboss.com/soa-cloud/openshift/using-wildfly-on-openshift

When deployed on OpenStack, OpenShift Origin can be configured to access OpenStack infrastructure, including using OpenStack Cinder volumes as persistent storage for application data.

https://docs.openshift.org/latest/install_config/configuring_openstack.html#install-config-configuring-openstack

OpenShift can build Docker images from your source code, deploy them, and manage their lifecycle. To enable this, OpenShift provides an internal, integrated Docker registry that can be deployed in your OpenShift environment to locally manage images.

https://docs.openshift.com/enterprise/3.1/install_config/install/docker_registry.html

geard is a command-line client and agent for integrating and linking Docker containers into systemd across multiple hosts. It is the core of the next generation of OpenShift Origin and helps administrators install and manage the components of their developers' applications

http://openshift.github.io/geard/

Use immutable infrastructure to deploy and scale your containerized applications. Project Atomic builds OSes, tools, and containers for cloud native platforms.

Atomic Host provides "immutable infrastructure" for deploying to hundreds or thousands of servers in your private or public cloud.
http://www.projectatomic.io/

direct debit

A direct debit or direct withdrawal is a financial transaction in which one person withdraws funds from another person's bank account. Formally, the person who directly draws the funds ("the payee") instructs his or her bank to collect (i.e., debit) an amount directly from another's ("the payer's") bank account designated by the payer and pay those funds into a bank account designated by the payee.

Before the payer's banker will allow the transaction to take place, the payer must have advised the bank that he or she has authorized the payee to directly draw the funds. It is also called pre-authorized debit (PAD) or pre-authorized payment (PAP)

In countries where setting up authorization is easy enough, direct debits can also be used for irregular payments, such as for mail order transactions or at a point of sale.

payee

the person or organization to whom money, especially a cheque, must be paid

payment service provider (PSP)

A payment service provider (PSP) offers (web) shops online services for accepting electronic payments by a variety of payment methods including credit card, bank-based payments such as direct debit, bank transfer, and real-time bank transfer based on online banking.

Typically, they use a software as a service model and form a single payment gateway for their clients (merchants) to multiple payment methods

fakecineaste