Steps: point application to Web (instead of 'localhost') - linux

I have a question on how to go about posting a page to the Internet using Spring STS Framework with Tomcat container (I am using Linux). I have a basic Hello World program created and able to bring it up within http://localhost:8080/mypage.
I have checked the following sites so far, but have not found a definitive process: SpringSource.org, Apache.org, and StackOverflow.com, and AskUbuntu.com
I noticed one possible way is to add IP address and Domain name to the /etc/hosts file. If it is as simple as that, I will go ahead and purchase a domain name/address.
If it is not as simple as that, what are the steps to be able to have this page display onto the Internet?

The answer to my question will occur in the process of taking further steps.
Assumption: this question may not have been posted on the correct forum within StackExchange. Upon Ravi's suggestion, it may be better suited for the serverfault forum.
The intent in asking this question was to get a few general ideas on direction, however the question was specific steps. Since there may be several variables to answer this question accurately involving cable modem, router, 'server' settings, and IDE settings for example, this is going to involve smaller more segmented questions that are specific in nature.
Steps to be taken:
Re-phrase question to smaller segment or ask for more general
response.
Post to serverfault forum.
If I have further questions, break them down in small segments,
investigate.

Related

how do they do it? [closed]

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 9 years ago.
Improve this question
i am a senior developer and I'm trying to advance my knowledge of security to a deeper level. That is to say that i know what these hackers can do/what the risks are, but I'd like to know how they do it in general. On that note, if anyone can enlighten me on the following items, i would be most grateful:
Packet sniffing: I know that packets can be sniffed out and analyzed, but how do they do it? my understanding was that in order to do this, there would need to be actual software running on the server itself since it needs access to the network card to do so... is that accurate? If not, how can they remotely capture incoming packets to a server without access to that box directly?
Session Hijacking: Once again, i am confused here. I know they can do it, but how? The session ID is issues by the server itself, and then returned to the browser based on what? the caller's ip address? mac address? what is used by these hackers to capture the session id from a web session? is it software on a pc that is infected?
Site Hijacking: again, i know they can do this, but from my current knowledge, this would mean that they would have to have hijacked/infected a DNS publishing server and redirecting queries for that site to their choice of IP address... again: is that accurate?
Hijacking a server: how is this possible? how can an open port, for example, allow any hacker to gain full fledged access yo a box so that they can infect it or install some piece of software that would enable 1, 2 and 3 above? My current understanding is that ports are used to communicate, but that unless some software/service is monitoring that port and waiting for commands, nothing would come of that port being open... is that accurate? and if so, why is so much importance given to ports being closed and such?
Hijacking some super secure site: i work every day with security in mind, and constantly use things like: SSL, RSA, SHA512, SSL TOKENS, IP restriction, etc... my question is: how in the crapper are they STILL able to get in with all of these things enabled?
i know that's a lot of stuff, but i really am curious and want to take my security knowledge to the next level. If you're a developer with the same mindset as me, you have issues just using some pre-built library or control without knowing what it does in the background in details, and you'll understand why I'm not happy just knowing which protocols, libraries or encryption methods to implement.
Know the enemy, right?
First of all, I love hacking (only for good), and I think the more people are educated about it the safer we all will be, so I applaud you for your curiosity.
These are great questions, but a good answer would literally require an entire book or two. I have read all of these books in my studies and I personally recommend them. I recommend the following to get you started:
This will get you started with basic tools and techniques. This book doesn't go very deep so if you're looking for the meat, skip it and read the other three unless you are very new to security: The Basics of Hacking and Penetration Testing: Ethical Hacking and Penetration Testing Made Easy, Patrick Engebretson (Full disclosure, the author was a professor of mine at DSU. The book rocks though)
For a relatively deep introduction to security, including an excellent background in OSes and networking:Counter Hack Reloaded: A Step-by-Step Guide to Computer Attacks and Effective Defenses (2nd Edition), Edward Skoudis (probably my favorite book of all time)
To dive very deep (Assembly language level) into how the attacks work:Hacking, The Art of Exploitation, Jon Erickson
To dive deeply into the Web app side of things:The Web Application Hacker's Handbook: Finding and Exploiting Security Flaws, Dafydd Stuttard, Marcus Pinto (Full disclosure, the technical editor was a professor of mine at DSU)

How search engines find websites over internet

I'm going to write a Web parser (an application that crawles on the web from one site to another).
How Can I find list of available domains/IPs in the internet (as complete as possible)?
How search engines find websites (What they use as a reliable list of registred IP/Domains for starting point)?
Thanks
As Michael P's comment indicates, depends on what your objective is.
My company recently wanted to answer a question about third-party tools used on leading websites. I used Alexa as a starting point to find the top (by traffic) websites, and created a parser that can answer the specific question my company asked. If you start from such a list, you can program your web crawler to follow the links it encounters to broaden your knowledge of sites on the web.
Hopefully that helps you think about the problem.

How do you prevent hired developers from stealing code? [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 3 years ago.
Improve this question
I'm in the process of opening up a company that will eventually hire 2-5 developers to work on a large web app.
My main concern is that one or more developers could steal the code. I could make them sign contracts against this type of thing, but I live in a country where the law is "bendable".
Is my only option to lock them up in a room without inet access and usb ports?
I'd love to know how others have solved this problem.
Don't hire people you can't trust.
Break the app into sections and only let people work on a subset of the app, never getting access to the whole thing.
Make it worth their while - you're opening a company, hire people and give them some stock options. Make sure it's more attractive for them to make you succeed than otherwise.
How about keeping them all happy and show that you appreciate their work?
You may find that you think your source code is the valuable part of your business, but you can always build that again. Your real advantage over your competitors is usually in the people you hire, and in the business relationships that you establish in the course of naturally doing business.
My suggestion is not technical but social: Make them feel good.
Most human beings have a moral base that prevents them from hurting other people who have treated them with respect and generosity.
There's a slim chance you'll wind up hiring a psychopath, in which case this approach won't work -- but then, it's likely to be the least of your worries.
The only thing that occures to me is to make them sign a contract where you explicit that if they share any code outside the project ambient, they'll compromise to pay you a large amount of money. But there's no guarantee they'll not do it anyway ..
You can create a vitual environment (a virtual machine) with limited internet connection (only to specific servers - git/svn server, database server, etc) and no copy/paste possibilities.
This virtual machine would be a standard environment with common developer tools.
At the office a developer would remotely connect to the virtual machine and start developing without being able to steal the code.
Of course he could print the screen or type the code on another computer but it's still very hard to steal.
There are many encrypting softwares available to encrypt the code. Here is an example http://www.codeeclipse.com/step1.php
In other words you can hide the code of one developer(one module) from the other developer and he will not be able to take the whole code himself in any case if you follow this approach.
Thanks
Sunny

How does a website build popularity? [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 1 year ago.
Improve this question
So, my question is how do people get the word out that their website or blog exists? Do blogger invest in ads? Is is just through word of mouth? Or searching Google? I'm just curious how does a website build it's popularity. Do you just put your website up on the web and hope people find it? I know you can make your site SEO friendly, create sitemaps and such but what other techniques are used?
Thanks,
John
The big thing is, build a good site! have good quality relevant content. SEO and page linking will help. Most search traffic comes from Google imho. I would suggest
http://www.google.com/webmasters/start
Submite a sitemap would be high on my todo list.
Also Use relevant and unique - page titles, Friendly urls and relevant H1 tags
Hope that helps
My blog has been running for about a year and a half. I tried some tricks or tips on promotion that I read from around the Internet. Sure, you can get some activity bursts from promotion on other places, but I've found that the number one factor for a blog is simply to have good quality content. You can trick people into visiting with clever reddit or digg titles, but they'll never turn into repeat visitors. With quality posts, the search engine and referrer inflow will be steady.
If you only blog for popularity or money, and don't really care about putting out worthwhile content, it will show, and the people will not visit your site. I changed pretty early on from quantity over quality to quality over quantity. After all, ask yourself: wouldn't you rather subscribe to a blog that gave you a great read once a month rather than a blog that flooded your reader inbox with shallow, forced posts?
Among hobbyists, the usual approach is to make a polite announcement on related forums, and when a subject comes up on a forum or blog that you have addressed on your blog or web site, include a link as a part of your response.
Among professionals, advertising, advertising, advertising.
This thread at Hacker News is a good starting point.
Well, this site was started by Jeff Atwood and Joel Spolsky (if I'm correct), so they both mentioned it on their blogs. Then they asked for people on those blogs to join the beta version. By the time the live version came out, people were already here. Then... wait for word of mouth to spread. If your site is great, they will come.
Join the ASP, read and participate in their forums... I learned a lot from them and highly recommend them. Ignore the politics.
I used Myspace as my own free advertising engine, perhaps a bit a-moral but it did the trick till I caught my server on fire.
Having a community of users is very important in having a popular site. Typically your site would have a message board of some sort where users could interact with each other. Also having a large source of reference information is also important. Once you have your site up, you need to go out and promote it. It takes time, be patient but never give up promoting it.

How to collect customer feedback? [closed]

Closed. This question is opinion-based. It is not currently accepting answers.
Want to improve this question? Update the question so it can be answered with facts and citations by editing this post.
Closed 9 years ago.
Improve this question
What's the best way to close the loop and have a desktop app "call home" with customer feedback? Right now our code will login to our SMTP server and send me some email.
The site GetSatisfaction has been an increasingly popular way to get customer feedback.
http://getsatisfaction.com/
GetSatisfaction is a community based site that builds a community around your application. Users can post questions, comments, and feedback about and application and get answers to their questions either from other members or from members of the development team themselves.
They also have an API so you can incorporate GetSatifaction into your app, and/or your site.
I've been playing with it for a couple of weeks and it is pretty cool. Kind of like stackoverflow, but for customer feedback.
Feedback from users and programmers simply is one of the most important points of development in my opinion. The whole web2.0 - beta - concept more or less is build around this concept and therefore there should be absolutely no pain involved whatsoever for the user. What does it have to do with your question? I think quite a bit. If you provide a feedback option, make it visible in your application, but don't annoy the user (like MS sometimes does with there feedback thingy on there website above all elements!!). Place it somewhere directly! visible, but discreet. What about a separate menu entry? Some leftover space in the statusbar? Put it there so it is accessible all the time. Why? People really liking your product or who are REALLY annoyed about something will probably find your feedback option in any case, but you will miss the small things. Imagine a user unsure about the value of his input "should I really write him?". This one will probably will not make the afford in searching and in the end these small things make a really outstanding product, don't they? OK, the user found your feedback form, but how should it look and what's next? Keep it simple and don't ask him dozens questions and provoke him with check- and radioboxes. Give him two input fields, one for a title and one for a long description. Not more and not less. Maybe a small text shortly giving him some info what might be useful (OS, program version etc., maybe his email), but leave all this up to him. How to get the message to you and how to show the user that his input counts? In most cases this is simple. Like levand suggested use http and post the comment on a private area on your site and provide a link to his input. After revisiting his input, make it public and accessible for all (if possible). There he can see your response and that you really care etc.. Why not use the mail approach? What about a firewall preventing him to access your site? Duo to spam in quite some modern routers these ports are by default closed and you certainly will not get any response from workers in bigger companies, however port 80 or 443 is often open... (maybe you should check, if the current browser have a proxy installed and use this one..). Although I haven't used GetSatisfaction yet, I somewhat disagree with Nick Hadded, because you don't want third parties to have access to possible private and confidential data. Additionally you want "one face to the customer" and don't want to open up your customers base to someone else. There is SOO much more to tell, but I don't want to get banned for tattling .. haha! THX for caring about the user! :)
You might be interested in UseResponse, open-source (yet not free) hosted customer feedback / idea gathering solution that will be released in December, 2001.
It should run on majority of PHP hosting environments (including shared ones) and according to it's authors it's absorbed only the best features of it's competitors (mentioned in other answers) while will have little-to-none flaws of these.
You could also have the application send a POST http request directly to a URL on your server.
What my friend we are forgetting here is that, does having a mere form on your website enough to convince the users how much effort a Company puts in to act on that precious feedback.
A users' note to a company is a true image about the product or service that they offer. In Web 2.0 culture, people feel proud of being part of continuous development strategy always preached by almost all companies nowadays.
A community engagement platform is the need of the hour & an entry point on ur website that gains enuf traction from visitors to start talking what they feel will leave no stone unturned in getting those precious feedback. Thats where products like GetSatisfaction, UserRules or Zendesk comes in.
A company's active community that involves unimagined ideas, unresolved issues and ofcourse testimonials conveys the better development strategy of the product or service they offer.
Personally, I would also POST the information. However, I would send it to a PHP script that would then insert it into a mySQL database. This way, your data can be pre-sorted and pre-categorized for analysis later. It also gives you the potential to track multiple entries by single users.
There's quite a few options. This site makes the following suggestions
http://www.suggestionbox.com/
http://www.kampyle.com/
http://getsatisfaction.com/
http://www.feedbackify.com/
http://uservoice.com/
http://userecho.com/
http://www.opinionlab.com/content/
http://ideascale.com/
http://sparkbin.net/
http://www.gri.pe/
http://www.dialogcentral.com/
http://websitechat.net/en/
http://www.anymeeting.com/
http://www.facebook.com/
I would recommend just using pre built systems. Saves you the hassle.
Get an Insight is good: http://getaninsight.com/

Resources