Comparisons of Linux and Windows Web Hosting
By Shellaine Enfesta

There are a lot of people trying to compare windows web hosting to Linux based webhosting. There are many similarities as well as the benefits and the advantages of both. While there are so many similarities and advantage, it is those little specifics that count the most. It needs to be broken down in order to know the many similarities and advantages.

Current versions of Windows Server also support PHP. Most Windows hosting packages today are based on either Microsoft Windows Server 2003 or 2008 operating systems. Although Linux is dominant in the hosting arena, Windows is becoming more common and now stands firm as a solid number-two option. For the rest of us, however, most of whom can barely spell HTML, never mind use it, building a website is something either best left to the aforementioned techno-geeks, or to Windows and Microsoft. If you’re looking for an inexpensive way to host your personal site, blog or small business web site, than look no further.

For example, all components from IIS (Internet Information Services) to the SQL Server database system are designed to support one another. Two of the most essential components you definitely need to consider are storage and bandwidth. Our guaranteed web hosting providers offer many years of experience in managing your website or shopping cart or will build and support an entire on-line store.

NET, both of which are web application frameworks that can help you creates a dynamic, feature-rich website. Plesk is a web based interface to your Windows web hosting account that allows you to create e-mail addresses and mailboxes, view your web site traffic statistics, set permissions on your HTML, ASP, and ASP. Outsourcing enables a company to reduce its TCO by freeing assets, such as cash that is allocated to capital expenditures and the expense of specially-trained staff, which can account for anywhere from 22 percent to 47 percent of the total budget for the Web site.

Linux web hosting in the beginning, the system was primarily but sparingly used by diehard fans and experienced users due to its complexity. Here are the other advantages of choosing Linux web hosting: The internet itself is based on interconnected networking computers, something that comes naturally for Linux.

Both operating systems have pros and cons to consider when deciding which to use for hosting. Commercial support is offered via a number of vendors. Linux web hosting is not a complicated job like the way it is portrayed by pundits who compare it with the user-friendly interface of Windows.

The bottom line when you compare these two main web hosting systems, it all depends on your business or personal preference. All you need to do is to compare the advantages and disadvantages and then make the informed decision on which web hosting systems is more of your preferences and easier to undertake.

Get More Tips and Info On Windows Web Site Hosting and Windows Hosting Reseller From A Cheap Web Hosting Before Buying Your Hosting Package compare the Hosting Plans and Decide.

How To Sniff A Switched Network And Protect Against It
By Brian Carpio

Introduction

Up until now all the main stream information about sniffing a switched network has told you that if you are host c trying to watch traffic between host a and b it’s impossible because they are inside of different collision domains.

This document will teach you that it is possible due to flaws and security problems within TCP/IP.

We will be utilizing two programs one is called arpspoof and the other fragrouter.

TCP/IP Overview

As most of you know TCP/IP utilizes ARP (Address Resolution Protocol) to convert IP addresses into hardware addresses. This hardware address is referred to as a MAC (Media Access Control) address. Once the destination’s MAC address is determined, the encapsulated IP packed can be transmitted to the host. Every host on the network must have a unique MAC address for them to communicate on an Ethernet LAN.

Within Ethernet ARP there are four types of messages:

ARP request – A request for a destination hosts MAC address this is usually sent to all hosts in a broadcast domain.

ARP reply – This is a response to the ARP request and tells the hardware address of the destination host.

RARP request – This is a Reverse ARP request. This requests the IP address of a known MAC address.

RARP reply – This is a response to the RARP request and tells the IP address of the requested MAC address

All Ethernet hosts and switches keep a list of known MAC addresses and their corresponding IP address. The only time a ARP request is sent to the network is when a request for an IP address NOT in the hosts table is requested which occurs when a new host is requested or when the MAC entry on the table times out.

Sniffing traffic on network utilizing a hub is easy because all traffic is transmitted to each host on the network. Sniffing a switched network presents a problem because the switch knows which MACs are plugged into which ports, the only time a broadcast is sent to the entire network is when an ARP or RARP request is sent out.

Since there is no way built into TCP/IP to verify which MACs are associated with which IP addresses but to ask or look it it’s ARP table this opens TCP/IP up for exploitation.

So the goal of a malicious hacker would be to trick your system into updating it’s ARP table so that data goes to the attacker instead.

There are many ways to do this, but for the purpose of this document we will cover arpspoof from dsniff.

Network Setup

We have a pretty basic network setup here 3 hosts connect by a switch.

HostA: 192.168.0.2 MAC: 00:08:74:95:65:11

HostB: 192.168.0.3 MAC: 00:08:74:46:EB:08

HostC: 192.168.0.4 MAC: 00:02:B3:A4:7F:8B

For the purpose of this document we are HostC a linux box. Host B and Host C or something else, doesn’t really matter HostA could be a Sun box and HostB could be it’s default router, HostA could be a PC and HostB a Sun box, etc…

On HostC will will download and install dsniff

Src: http://monkey.org/~dugsong/dsniff/

Pkg: http://www.rpmfind.net

On HostC we will also download and install fragrouter

http://www.securityfocus.com/tools/176

>> tar zxvf fragrouter-1.6.tar.gz

>> ./configure

>> make

>> make install

Running Fragrouter

This app is very simple. We just want to do normal IP forwarding, we want the traffic to make it to the destination we just want to see it first.

>> fragrouter -B1

Running ARPSPOOF

The man page gives a completed explanation of how to use arpspoof. Of this document we will run arp spoof like this (again we want to watch traffic from host a to host b)

>> arpspoof -t HostA HostB

The man page for arpspoof says that -t . Target is the box that you want to spoof the arp tables on, meaning we want to update HostA’s ARP tables telling it that the MAC address of HostB is 00:02:B3:A4:7F:8B (which is you look above is the MAC address of HostC.

Frgrouter will just route the packets on to HostB.

Preventing Against This Type of Attack

Well there are a few ways to go about this.

1) You can gather all the MAC information for every host on your network and feed that into a startup script using arp -p. The problem with this is that every host will need to be updated if/when a network card gets replaced. — BAD IDEA

2) Solaris – Change the default arp_cleanup_interval. The default is 5 min. which means Solaris keeps arp values in it’s arp cache for 5 minutes.

ndd -set /dev/arp arp_cleanup_interval 6000

3) Arpwatch – This is one of the greatest tools for protecting your self against this type of attack.

You can download for linux from rpmfind.net and Solaris from sunfreware.com.

Example of logs:

Jun 23 10:22:02 hostA arpwatch: new station 192.168.0.5 00:02:B3:A4:7F:8B

Jun 23 10:22:02 hostA arpwatch: changed ethernet address 192.168.0.3 00:02:B3:A4:7F:8B

(00:08:74:46:EB:08)

The log on hostA which is running arpwatch show that hostB’s (192.168.0.3) MAC address has changed to what we know is hostC. You can easily setup scripts which monitor for this type of activity.

In Summary

As you can tell this document provides a basis for arp spoofing, however this basic idea lays the way for SSH and SSL man-in-the-middle attacks. Once a box is compromised and used as a gateway in a network the entire network’s security becomes open for exploitation.

About The Author

Brian Carpio is a senior Solaris/Linux system architect and has worked for some of the largest companies in the world. Currently he is a freelance Linux/Solaris consultant for his own company, The Tek, LLC. http://thetek.net and can be reached at info@thetek.net