Related
I don’t know if I asked my question correctly, but I wanted to know how it’s done. We have a website, and yesterday we noticed that the index.php file was deleted in the server, and instead added the index.html. We know for sure that the problem is not in the server, I mean that they didn't hack the server, and I would like to know with what attacks they could do this. I understand that there can be a lot of options, but I ask for help, can someone describe how this can be done, or give some kind of link where I could read about it. I apologize if I described the situation poorly, but I think someone will understand what I am asking for, and maybe help, thanks in advance.
The main attacks are most likely related to a rootkit, specific modification of a server is hard to do with an automated script, so your suspected hacker is likely accessing your server through a back door; you need to make sure that you are only keeping the needed ports open and have firewalls to detect scanners being used on your server. Another option, if you have the funds, is to store your files in a backend storage server, and allowing your frontend server to access those files, it's not foolproof, but it should effectively square the amount of time to detect an open port and pass through the firewall.
Look into these website(s) if you need more info: https://www.veracode.com/security/rootkit
https://en.wikipedia.org/wiki/Rootkit
I've proof read these, and they work well for some basic elaboration on the subject, as well as some prevention methods.
Ok so ive been tasked with doing "research" on building an intranet for a potential new client for my company and they want some kind of answer by Monday (like any company, they REALLY want this project).
That said, ive been doing "Reasearch" and have so many tabs/windows open that im going nuts and getting lost since my research doesn't have direction...taking in too much and need assistance.
i have 2 questions after a brief explanation.
Essentially, From my understanding, an Intranet is...well in plain
terms, a website that is offline? has a deeper framework because of
the documents that will be available(i think its for a school)and the
ppl who can access them but can also have access to the internet?
Since its for a school(not sure if its mainly for teachers or teachers
and students ) im assuming alot of documents either way.
aside form being private, throughout my research, ive read alot about file security, firewalls, and...and.. im starting to get overwhelmed.
Me myself, am a web designer/so-so developer. decent knowledge of js/jquery and php/mysql though i feel like im just getting started in the web-developer part. Good knowledge of standards HTML/css, designer tools etc...
That said, these are my questions.
1.What is actually involved in planning to create this? What tools( read CMS if possible ) can i use to create any of this. Like to make this happen what do i actually need, and need to know? what direction should i take. If you can direct me and help me close some of these 30+ links spread across my 3 monitors id owe ya lol.
i can build many things and dont mind giving it a HARD go but, this seems like a HUGE project and, im SURE that if my company takes this job, id be put on it. now i can do some of the parts of this project but not 100% sure im the right person for this. Theyre counting on me for a yes/no answer as to whether i can do it (they know its big and itll take time to accomplish) but so...with my skills posted above, am i the right person to do this? or is this more akin to an ACTUAL tried and true developer?
Thank you for your time and, any tips/links/cms info/ i mean ANYTHING that would make this easier PLEASE dont hesitate to share. i dont mind doing the research but i need direction.
i dont want to tell them "YES i can do it" and in a month or two im on pause stuck and the yes turns into a "no i cant do it"
If you have no experience in setting up networks, then you are probably not the man for the job (unless your client is willing to let you have a shot at it for the experience, on a no-win, no-fee basis). Certainly do not over-promise and under-deliver!
I deal with quite a lot of schools, and I know many of the smaller ones will use the secretary's computer as a server, with a simple Windows home network to place files in a shared directory. Its a cheap and cheerful alternative, within their own skillsets to manage.
You should also check with the govermental department with relevant oversight (Dept. of Education, I'd imagine) to see what guidlines, requirements, and grants, are available or required. There may be a specific recommended route to take here, with made to measure firewall protection provided to you.
Larger schools will have invested in proper servers, with automatic external backups in place. I'm not qualified to give advice on how to set those up however. Hopefully someone else here will :)
Best of luck!
CMS may be included as a Intranet website, but Intranet includes much more than CMS. Your best stragetic is tell your boss find a network system integrator to do this project collaboratively. Intranet involves more networking technology (L2, L3, switching, routing, firewall, wireless, etc etc) and physical instrument (ex. cabling).
For some time I have been looking at the possibility to integrate PowerShell as a scripting engine in SharePoint but I haven't found the right solution yet.
My main objective is to enable event triggers in e.g. a list to call and execute a PowerShell script (by filename) on the local server. This would give me a lot of flexibility compared to using an ordinary event handler written in visual studio, but the question is whether it is possible and whether I have overlooked some serious security issues?
Since each and every unique idea that I come up with in many years have already be invented by somebody else, I might have missed an existing product/project so any links to such projects will be appreciated, thanks
In the spirit of "already being invented by somebody else", check out http://www.codeplex.com/iLoveSharePoint for some very interesting uses of PowerShell inside SharePoint. Some great code samples and documentation. Haven't tried myself yet, but seems interesting.
I see what you're trying to achieve, but there's something that just doesn't "feel right" about a user indirectly running script code on your server.
The key difference is that the script can be run by anyone logging into the server. Event handlers can only be run by SharePoint. Strict validation of any inputs would be essential. You should also ensure the script is signed so tampered scripts won't execute.
Also, scripts by their nature aren't really designed for enterprise solutions. There is less opportunity for best practices such as good software architecture, design patterns, source control, code analysis, unit testing, and reuse of code. It's also messy/difficult to share code with a common code base that contains web parts, controls, entities, etc.
Finally, introducing PowerShell means another technology to be maintained in the mix we already have with SharePoint. This might be OK if you are comfortable with it.
Depending on how much customisation has already been done or is planned for the future some of the points above may not matter. Be sure to think about how this idea would feel if implemented 6, 12 and 24 months down the track.
A third party developer my boss has brought in, designed a "Better" System than our ASP.NET + MSSQL Server 2005 website we're using now.
Here are the relevant specs:
Excel + ODBC as the data store
Built using old school ASP, not ASP.NET
Is there any glaring problem with his solution short of the ancient tech? Thread safety etc?
Let me put it this way, "What can tell my boss (who's only partially technical) to blow this code out of the water?"
Thank you,
Vindictive Developer :)
Excel should never be used as a data store,
It is not a database
It will not handle multiple users at once at all
No support for transactions, so if an error occurs in the middle of a odbc call the excel file could end up trashed. (Even access would be better then using excel and that isn't saying much)
Excel is a spreadsheet, designed for analyzing data, not for storing data.
Straight from Microsoft: http://support.microsoft.com/kb/195951
IMPORTANT: Though ASP/ADO applications support multi-user access, an Excel spreadsheet does not. Therefore, this method of querying and updating information does not support multi-user concurrent access.
Allain, as well as the great technical reasons that have come out here, I think you need to ask yourself "why did the boss do this?"
Perception is reality, and if your boss is only partially technical, then purely technical reasoning may not get through.
Apart from the glaring architectural weaknesses, is there some functionality in this monster that makes it more appealing to your boss? Generally people don't do stupid things on purpose, it may serve you well to consider where you boss is coming from before you go making a CLM.
Ummm.... it lacks scalability: You could only have a few users. Is the data important?
Here's what you can tell him: Remind him of the nightmares that happen when two or more people need to edit the same spreadsheet at the same time. Now tell him to imagine that multiplied by a hundred people who can't call each other to tell them to "close the spreadsheet so I can update it". That's what it will be like.
Synching issues dealing with a seperate xls datastore and sql server 2005? On our IIS server, classic asp pages are prohibited by default. Maybe that's a sign lol.
How about terrible performance, since Excel is not designed to be used as a database? Tell your boss Excel isn't even a single-user database (that's what MS Access is), let alone a multi-user database designed for high, concurrent performance.
And of course by using pure ASP you're losing access to all of the libraries .NET framework (which of course is what all library developers in the MS ecosystem are focusing on). But you asked for 1 reason, and the first is better.
I would go with the mantra that those are the wrong tools for the job (assuming they are in your case). It'd be like using a screw driver as a hammer. For one nail, it might work with a lot of sweat and tears. For a real project, through, this is likely doomed.
I'd boast about the tools you are familiar with--how much better the tooling is in terms of performance, security, maintenance (esp. maintenance cost).
You could say something like he's paying someone to write a new app with decade old technology which may not be supported for much longer (if it still is...).
Ummm...row limit?
Is an Excel spreadsheet even going to handle concurrent transactions correctly? It wasn't designed for this kind of thing, and I wouldn't hold it responsible if it did something bad (like only letting one ODBC connection in at a time, or not properly locking concurrent updates).
That excel file's going to get corrupted in a hurry with many people hitting it at the same time. The scalability of Excel as a backend datastore is almost non-existent. It has a hard enough time keeping data integrity with its native Shared Workbook feature...
BTW- Is this third party a relative of your boss??? Yikes...
The ancient tech is itself a glaring problem. Will you be around forever? It will be very difficult for the boss to find new developers to maintain something like this. The tech world has moved on.
Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
We don’t allow questions seeking recommendations for books, tools, software libraries, and more. You can edit the question so it can be answered with facts and citations.
Closed 8 years ago.
Improve this question
I am a programmer, and my father uses Access to collect the patients information (my father is a doctor),
He wants me to teach him how to use it.
I don't like Access (I'm a linux guy), and I cannot find any replacement of it. Do you guys know of any? (it must be easy enough for my father to use)
Maybe you need to be a bit more pragmatic about this.
I'm not a fan of Access either, but if your father already understands it and he already has the system in place, you need to ask the question, why change? If it aint broke don't try to fix it.
You may find that a few simple changes in the existing system gives your father everything he needs, it'll save you a whole lot of time and means you don't need to retrain your father.
What about OpenOffice - Base?
Your father wants you to teach him how to use access but you're a linux guy and don't like access.
Access isn't the problem here
I don't think you and your father a good fit for this.
Get someone else to teach him how to use Access
Access is not always the monster it is made out to be. A poorly coded database in any application or language is a poorly coded database. Access' dominance of the market at a critical time led to more people coming across a higher ratio of poorly designed databases.
There's a great deal of support out there for Access users and programmers too. I particularly like Access World Forums. As ilivewithian said, if you're not happy telling him about it, get someone else to.
If however you are keen to take on the role of tutor to your dad (and I can see the attraction - a chance to give something back, perhaps), then I would suggest a web-based database interface. Unlike Oli, I have no experience of Django, but I would recommend Dabble or blist. (Blist is particularly good at handling images, Dabble is better at flexible report formats, though neither is as good at reports as Access, IMHO).
I think the natural successor to Access is a simple web-interface database system.
They're simple enough to create in a billion different ways but I would seriously suggest trying Django (because you'll find its admin area does 90% of the real work for you in this case)
FileMaker Inc. is subsidiary of Apple. It runs on Mac OS X as well as Windows (whereas MS Access only runs on Windows). Many people claim FileMaker is easier to use than MS Access. Sounds like FileMaker might be the perfect solution for you! (although I do agree with ilivewithian)
There's also Sun's counterpart to MS Access in OpenOffice/StarOffice called BASE (someone already mentioned this), which is also cross-platform compatible.
Rather than develop his own record keeping application he would probably be better off purchasing an already developed system from one of the numerous medical record system vendors. He'll get a better application and have people he can call on for support. Plus there are all of the legal issues about medical record storage and access. A vendor will have worked out those problems already.
That having been said there are many other file based databased systems out there: http://www.google.com/search?q=file+based+database
I haven't used any of them so I can't make a recommendation.
Of course, there's always the various enterprise databases (Oracle, MySQL, SQL Server, etc...) as well. Of those SQL Server is probably the easiest to learn for a newbie. Since there's no 64 bit version of Access I'm starting to see people replace Access with SQL Server Express (free!) for small applications that need to run on 64 bit windows.
I am using Viravis now for more than 6 months in a multi-language organization with several projects and I find it very good. It's not only easy to build (I am a beginner) but they give also very good support!
Gambas ist a very good alternative for Access if one used Access as a database frontend and programmed with VBA (Visual Basic fro Applications). One can reuse a lot of code written for Access and create forms and reports easily.
So for a VB or VBA programmer, who wants to use the own knowledge under Linux, Gambas is a wonderful solution.
No first hand experience, but you can try out OpenOffic.org Database. Or, you may teach your Dad to use the MySQL GUI tool.
Getting the database structure is the toughest part for most. Creating a simple form or report is not that tough either. As far as being a users (data entry, reports, etc.) is probably easier than most applications. You also have all the searching and sorting capabilities; why reinvent the wheel?
Viravis may be an online alternative to the access database. You should better to check it out if it fit your need.
For Windows and simple data, I would use Excel, so I think Open Office should be ok. Unless your father has a hospital, it will probably fit... Or you can do some programming, take embedded database like Firebird and write something on your own, say - in Java?