What Came Before Google?

Although we credit Google, Yahoo, and other major search engines for giving us the system we use to find the information we seek, the concept of hypertext came to life in 1945 when Vannaver Bush urged scientist to work together to help build a body of knowledge for all man kind. He then proposed the idea of a virtually limitless, fast, reliable, extensible, associative memory storage and retrieval system. He named this device a memex.

But there is a long list of great minds that have given us the information system we now use today. This article illustrates some of them. Here is the History of the Search Engine:

Ted Nelson
Ted Nelson created Project Xanadu in 1960 and coined the term hypertext in 1963. His goal with Project Xanadu was to create a computer network with a simple user interface that solved many social problems like attribution. While Ted's project Xanadu, for reasons unknown, never really took off, much of the inspiration to create the WWW came from Ted's work.

George Salton
George Salton was the father of modern search technology. He died in August of 1995. His teams at Harvard and Cornell developed the Saltons Magic Automatic Retriever of Text, otherwise known as the SMART informational retrieval system. It included important concepts like the vector space model, Inverse Document Frequency (IDF), Term Frequency (TF), term discrimination values, and relevancy feedback mechanisms. His book A theory of indexing explains many of his tests. Search today is still based on much of his theories. History of the search engine uses some of the same techniques even today.

Alan Emtage
In 1990 a student at McGill University in Montreal, by the name of Alan Emtage created Archie; the first search engine. It was invented to index FTP archives, allowing people to quickly access specific files. Archie users could utilize Archie's services through a variety of methods including e-mail queries, telneting directly to a server, and eventually through the World Wide Web interfaces. Archie only indexed computer files. With Archie, Alan Emtage helped to solve the data scatter problem. Originally, it was to be named archives but was changed to Archie for short.

Paul Lindner and Mark P. McCahill
Archie gained such popularity that in 1991 Paul Linder and Mark P. McCahill created a text based information browsing system that uses a menu-driven interface to pull information from across the globe to the user's computer. Named for the Golden Gophers mascot at the University of Minnesota, the name is fitting, because Gopher tunnels through other Gophers located in computers around the world, arranging data in a hierarchical series of menus, which users can search for specific topics.

Tim Berners-Lee
Up until 1991 until there was no World Wide Web. The main method of sharing information was via FTP. Tim Berners-Lee wanted to join hypertext with the internet. He used similar ideas to those underlying the Enquire (a prototype created with help from Robert Cailliau) to create the World Wide Web, for which he designed and built the first web browser and editor, called WorldWideWeb, and developed on NeXTSTEP. He then created the first Web server called httpd, short for HyperText Transfer Protocol daemon.

The first Web site built was at: http://info.cern.ch/ and was first put online on August 6, 1991. Tim Berners-Lee created the World Wide Web Consortium in 1994. Tim also created the Virtual Web library which is the oldest catalogue of the web. The history of the search engine is a fascinating story.

http://services.entireweb.com/newsadv/index.php?md=click&uid=1&cid=767&lid=6129&id=bddd3349a96fc4026c356261743d1ec8

Google's Mobile Platform Plans

Google may finally go public with its "Google Phone" plans today. Rumors have been swirling that Google plans to make an announcement of some kind soon with a few of the largest U.S. wireless carriers, including Sprint Nextel and Verizon Wireless.

A blog post in the Wall Street Journal's online edition, citing unnamed sources, said an announcement is expected today.

Google did not respond to a request for comment at press time. The company has been coy about its plans, declining to confirm if there is such as a thing as the rumored "G-Phone" or Google Phone, an actual device that would compete with the Nokia's of the world.

The more recent speculation is that the search giant intends to make software available to several different phone carriers that would open up more application development, including its own, to mobile devices from a variety of companies.

If it's also working on a phone, there's no indication its release is imminent. In fact, even the software platform is likely to be more of a pre-announcement; its actual release isn't likely till later in 2008.

Sprint Nextel, the No. 3 U.S. mobile service, is in talks to put applications Google on its cell phones, according to recent reports. Last week, sources told Reuters that the number two U.S. mobile service Verizon Wireless, a Verizon Communications and Vodafone Group venture, is also in talks with Google about putting applications on its mobile phones.

Sprint had already said in August it would offer Google Web search and communications services to customers using a new network it is building based on WiMax, an emerging high-speed wireless technology.

If and when the Google software is available it stands to shake up the mobile phone industry in general and software development in particular. The phone industry is still absorbing the impact of Apple's high profile iPhone, a device that already includes Google Maps software. Google CEO Eric Schmidt is also on Apple's board of directors.

http://itmanagement.earthweb.com/cnews/article.php/3709066

Yahoo : 'IP Rules'

SUNNYVALE, CALIF. -– Can you name one product with which the United States holds a sizable trade surplus over other countries? Try intellectual property (IP), the stuff we (individuals, businesses and academia) think up.

"There's a strong U.S. trade surplus for IP," said Joseph Siino, Yahoo's vice president for intellectual property, in a briefing here at the Internet giant's headquarters. "America's top companies are IP-based. Think of Microsoft absent copyright law, or Disney without trademark. They'd be worth a very low percentage of the market cap they are today."

But there's trouble brewing in IP-land, with copyright, patents and trademark issues keeping many legal staffs working overtime to keep up, particularly the tech sector. The explosion of user-generated content, for example, has blurred the lines of who owns what, and what constitutes fair use in the digital media age.

"Users have become copyright owners," said Siino.

While Yahoo has long had straightforward agreements with traditional media companies and other groups, dealing with what millions of users post (including the copyrighted works of others), is a lot trickier. Siino wouldn't comment on the billion dollar suit Viacom filed against YouTube/Google other than to say Yahoo is trying to develop the right mechanism to respect all IP rights.

"We don't believe large companies have a monopoly on IP rights or should," he said.

http://www.internetnews.com/bus-news/article.php/3707986

Hardening Servers with Security Templates

Why you need to harden servers

In depth security has become a requirement for every company. Your network boundaries, firewalls, VPNs, mobile computers, desktops, servers, domain controllers, etc., all need to be considered when you are designing for a secure environment. It is important to know what you get out of the box, as well as what options you have at your disposal to secure these environments. When you consider a new installation of a Windows server, 2000 or Server 2003, you might not be getting the security settings that you anticipate. Both of these operating systems' security will not be configured to meet your expectations or company security requirements.

There are many reasons for the security of these servers to be set for weaker security. First, with so many other operating systems that might need to communicate with them, they need to be set for the “lowest common denominator” of security to ensure compatibility. The security options that come with Windows Server 2003 are not available on your Windows NT 4.0 Workstations, for example. Second, the servers might be running applications or services that can’t run with the heightened security. Your financial servers might be running a third-party accounting application that can’t handle encrypted network communication, for example. Third, it is my opinion that many network administrators and companies have been trained to use servers in this state and any form of heightened security at initial installation could render the server useless. I have seen more than my fair share of network administrators become confused when some computers have elevated security settings established, which stops communications with older operating systems.

What a security template can establish

Security templates have been around for a long time, since about Windows NT 4.0 Service Pack 4. Security templates have become a popular method for security not only for servers, but also desktops. The primary reason for their success is because they provide a wide range of security settings and they are very easy to implement.

Within a single security template you can configure a broad scope of security settings on a multitude of servers. To see a security template first hand, it is best to use the Security Template snap-in. To get to this snap-in, type MMC from the Start|Run menu option. Once you have the MMC console open, you will need to add in the Security Template snap-in. Different operating systems have different menu names, but for the most part you will go to the File menu, where you can select the Add Snap-in option. There, you can add any number of snap-ins to the console.

Each security template comes with a core set of security setting options. The following is a list of the security areas that can be established within a security template.

• Password Policies - These settings allow you to control the length, complexity, and other parameters regarding a user account password.
• Account Lockout Policies - These settings allow you to control the behavior of what happens when a user forgets their password and their account can be locked out.
• Kerberos Policies - These settings control the behavior of the Kerberos ticketing service.
• Audit Policies - These settings control how the different areas of auditing will be set up, including whether success and/or failure events will be tracked.
• User Rights - These settings control all of the different user rights and which users and/or groups are assigned the specific user rights. User Rights are server specific and control the actions of what a user can perform on that server.
• Security settings - These settings include a multitude of different areas, including network security, authentication, devices, etc.
• Event Log settings - These settings allow you to configure the various aspects of each event log, such as size of the log and when to start to overwrite events in the log.
• Group membership - You can customize which group you want to control using this security setting. You can control local groups and groups that are contained within Active Directory.
• Services - Using these settings you can control all of the different services on a server to set the startup mode and security of the service.
• Registry permissions - Using these settings you can control the Access Control List (ACL) of Registry Keys.
• File and folder permissions - Using these settings you can control the ACLs of files and folders on the target server.

These are just the security settings that you can set in a standard default security template. Like almost everything else in a computer environment, you can also customize the settings. (Refer to article - Customizing Windows Security Templates - for details on how to accomplish this.) Customization can be made in the security template to modify Registry values.

Options for deploying security templates

Now that you have your security templates configured for your servers, they must be deployed to each server. There are three options that you can use to deploy a security template to a server. The first option is the manual method and is not very efficient. The second option is semi-automated, but still requires some hand holding of the security template to get it deployed. The third, and final, option is the desired method, as it allows for the automated deployment of the security templates.

For your first option, you can use the Security Configuration and Analysis snap-in within the MMC on the target server. This snap-in is loaded into the MMC identical to the Security Templates snap-in that we discussed earlier. Once the snap-in is loaded, you have the menu option to “Open Database”, which is really adding the security template to the tool for analysis and deployment. Once you add in the security template to the tool, the option to “Configure Computer Now” becomes enabled. This will take the settings from the security template and set them on the server.

For your second option, you can create a script (or run a command from a command prompt window) that takes advantage of the Secedit.exe tool. This tool gives you a bit of flexibility in configuring and analyzing a computer with regard to the security templates. The command has many switches, but you will use the /configure switch that has the following parameters:

secedit /configure /db FileName [/cfg FileName ] [/overwrite][ /areas area1 area2...] [/log FileName] [/quiet]

The only required parameters are the /configure and /db settings. Everything else further specifies details of the security template if you need to be granular with the deployment of the security settings.

Your final option for deploying the security template is to use your existing Active Directory structure and rely on Group Policy. Group Policy has a default mechanism to import and deploy security templates. For example, you might have all of your Web servers in an organizational unit (OU) named WebServers. If you create and link a Group Policy Object (GPO) to WebServers OU, you can import the security template to the GPO. The tool to do the management of the GPO is the Group Policy Management Console (GPMC). To import the security template into the GPO, you will edit the GPO from within the GPMC initially. After you have the Group Policy Editor running, you will open the GPO to expose the Security Settings node.

By right-clicking on this node, you will have an option to -Import Policy-. This menu option will give you a chance to import your security template into the GPO. Once the security template is in the GPO, it will automatically deploy to all servers that it is targeting (based on those in the OU) using default Group Policy processing. For servers, this processing occurs automatically every 90 minutes.

Summary

There are no default installed Windows servers that will meet your security needs completely. Therefore, you need to consider the most economical and efficient methods for configuring these servers. Since security is not a narrow set of configurations, you need to use some mechanism that can handle a wide variety of settings. The security templates provide a broad, yet deep, capability of configuring security settings for your servers. With the variety of security configurations that come standard with the security templates, coupled with the ability to customize them, you can get the majority of the security settings accomplished using only this one solution. Finally, by using any one of three methods to deploy your security templates, GPOs being the most efficient, you can have your servers functioning in a secure manner quickly.

Derek Melber , MCSE, MVP, CISM – www.windowsecurity.com