WebProWorld IT Forum

Site search using ASP
Although I am a web designer, now I am having extra responsibility to make site search. My client wants site search using ASP. Can anybody send me the code & explain the code?

I want to search a etxt for color values and replace them with the inverted color value. I tried something like this but.. the problem is that I dont know haw to pass the hex value that the regex found to the inverseColor function...

Smarter Search Does Not Upgrade
I paid for unlimited upgrades. I was told new features would be added such to the affiliate. Suggestions were also made by several customers including myself. Now two years later and still no upgrade/features added to the script.

Recent Articles

Key Benefits of a Single Intranet or Public Website
A single website is more connected and credible. It is more consistent and cost effective. It is easier to manage and measure.

PassMark's SiteKey - Answering The Wrong Question
In my article "Spear-Phishing - New Angles On An Old Game" (http://www.cafeid.com/art-spear.shtml), I wrote about a variation on "traditional" e-mail phishing that has proved to be more effective than random casting of stink-bait into a vast pool of random e-mail addresses.

IT Career Error! Click Here to Repair
Two years ago Jeff was a discontented software developer. His work left him frustrated and mentally drained each day.

Microsoft Getting FrontBridge Hookup: Secure Messaging
Microsoft announced yesterday they will acquire FrontBridge Technologies Inc., a company that provides managed services for corporate email security, compliance and availability requirements.

Remote Reboot Power Management Guide
Implementing a remote reboot power management solution is a required procedure for assembling a true lights-out data center or co-location facility.

Environmental Monitoring Reference Guide
Creating a safe and secure lights-out co-location or remote data center facility ensues by incorporating environmental monitoring devices to remotely detect and resolve unwarranted server room conditions.

What is a Matrix KVM Switch Solution?
Enterprise KVM switches, such as the Raritan Paragon II, will often include the word Matrix in part descriptions or throughout promotional means such as in features and benefits sections on websites.

Top 5 Reasons Why CAT5 KVM Switches Solve Common KVM Switch Limitations
Simplifying server rack environments by introducing a CAT5 KVM to help ease server cabinet clutter is an example of how beneficial UTP cabling can be.

42U Server Management: 5 Easy Steps to Beef up your KVM Architecture
Discover how to clean up your server room or desk top by examining 5 easy steps to beef up your current KVM solution.

Small Business Outsourcing: An Introduction
Outsourcing is the delegation of a business process to an external service provider. The service provider will then be responsible for the day-to-day running and maintenance of the delegated process.

Spear-Phishing - New Angles On An Old Game
It usually doesn't take long for emerging trends in business IT security to reach the point at which a new name for a given phenomenon is required to set it apart.


Network Forensics Is Affordable For Most Businesses

By Bruce Warner

Regulatory requirements such as Sarbanes Oxley or HIPPA along with cyber crime have heightened the interest in computer security.

Organizations have started to purchase monitoring systems that not only support network forensics but help organizations understand what information is moving over their key network connections. These frequently are WAN and Internet connections. Network forensics requires the capture, recording, and analysis of network events. This requires a packet capture tool with analysis capabilities. The Network Analyzer is a perfect backbone for such a system. Most products have strong post capture filtering capabilities and provide network health statistics.

System Requirements

Today's advanced processors and high capacity storage now makes it possible to store large amounts of packet capture data. Although network bandwidth has increased for many homes and small businesses with broadband access, the majority of businesses still rely on T1 connectivity for Internet or WAN connections.

At full utilization a T1 would use approximately 17 gigabytes to record 24 hours of data. But traffic isn't a steady-state phenomenon. It fluctuates a lot and is "bursty." Thus a link can be fully utilized one moment, and then completely empty the next. Also, utilization can be very low during non-business hours. For most companies they can now store better than several weeks of data on a modern system with the addition of a second 300 Gigabyte drive.

For significant bandwidth, such as monitoring Gigabit or Trunked Gigabit requires special considerations. A number of factors come into play. Memory is faster than Disk so Raid Storage can be required; also the utilization of specialized NIC's may be needed to capture the data and buffer what is written to disk. The products on the market are designed to recycle the storage of data on a firstin first out basis. That way a history is preserved. Some products can monitor a T1 link for as little as $5,000. There is a great disparity in price, architecture and features. High end pricing for some vendors can approach $100,000. Appliances may be required on the high end, whereas the low end can be fulfilled with a software solution.

The following table illustrates the storage in Gigabytes needed to provide hours or days of history on heavily utilized WAN connections. It assumes a continuous level of usage 24/7 not likely found in most business networks. You could easily cut the storage requirement down by 1/3 for businesses that run 8:00 to 5:00. You might also be able to cut it again in half, as it is unlikely most businesses are continuously using all of the bandwidth during those office hours. Therefore a 300 Gigabyte drive for many businesses with a T1 connection could easily provide weeks of storage.

Storage Requirements needed for Network Forensics with common WAN Connections

Image 1.

* Assumes Full Duplex and 65% continuous utilization. This can be considered a fairly high
utilization rate.

** Drives Write Limit bits per second maximum

N/A - Not applicable as it exceeds write capabilities of the drive.

Note: Drive Write Speeds of 15 to 20 MB per second will support all but OC-3

However, it is also interesting to note that the higher bandwidth connections tend to drive the requirement for more sophisticated storage requirements.

Network Forensics

Analysis of the flow of packets over time that network analyzers provide makes it possible to determine when users are active, when they are communicating to other devices, the client-server requests made such as the SQL requests and what Web sites they are visiting.

Traffic analysis can help identify suspect devices. Filter's can be used to identify in the packets a signature of chat sessions, hacks and viruses. Device discovery and switch port discovery can help isolate the devices.

We do not live in a world in which strong encryption is normally placed into the packet payload. Most data flowing across networks or even the internet today is sent without encryption. Many of the tools allow you the ability to reassemble and view/play VOIP, streaming media or even e-mail. I f you are hacked the history can be filtered to try to understand what systems were attacked.

Use of such powerful tools should not be abused. You should have policies on who has access to the system and the circumstances when it should be used along with any restriction on what can be accessed for a given situation. Once the information is accessed policies should specify how to handle or treat the information collected. Companies generally can monitor their own networks, but should notify employees and network users that the monitoring may be taking place by published policies.

Network Analysis

Although Security and Forensics are strong justification for implementation of a continuous packet capture product, other benefits help make for more efficient network operations. Understanding the cause of poor application performance can be just one benefit. But other Network Analysis standards such as Bandwidth Utilization, Protocols and Sub-Protocols in use, level of Broadcasts and Multicasts, Packet Size Distribution and Top Talkers provide valuable information to Network and System Administrators.


As a result of advancements in processors and storage, it is now possible to keep a history of network activity on key network or WAN segments. The information is not only valuable for Network Forensics but also provides answers to network management and performance questions.

About the Author:
Bruce Warner is the owner of Operative Software Products - www.operativesoft.com. He has over 20 years experience with networking products. Operative Software Products operates in the United States and Canada and provides solutions for test automation, application analysis and network performance. Copyright 2005

About ITManagementNews
ITmanagementNews answers questions for IT managers. Our experts offer real-world advise and cutting edge technology for the enterprise. ITmanagementNews is focused on Delivering IT Solutions

ITManagementNews is brought to you by:


-- ITManagementNews is an iEntry, Inc. publication --
iEntry, Inc. 2549 Richmond Rd. Lexington KY, 40509
2005 iEntry, Inc. All Rights Reserved Privacy Policy Legal

archives | advertising info | news headlines | free newsletters | comments/feedback | submit article
Delivering IT SolutionsITManagementNewsNewsArchivesAbout UsFeedbackITManagementNews Home PageAboutArticle ArchiveNewsDownloadsWebProWorld ForumsJaydeiEntryAdvertiseContact