On Line Bookmark Community

October 28, 2005

大家一起来共享交换各自的书签和收藏,管理交换标签。这样的社区形成了一种非常新颖的在线的知识和交友方式。这个地方就就不错:

http://del.icio.us

Technorati Tags: Blog,Tools, News,共享,在线书签,交友


Collections of my publications in chinese

October 28, 2005

Most of my publications in Chinese, during 2000-2005, are now collected at cn.zhaol.cn, which is redirected to zhaol.i170.cn at this moment. Welcome to comment.

Technorati Tags: Telecom, security, P2P


Day Zero Defense System by Facetime.com

October 28, 2005

Facetime unveils its competitive next generation technology, named Day Zero Defense System, built in its industry leading products – IMAuditor 6.5.1. 

  • # IM Anomaly Detection – intelligently monitors IM communications and performs behavioral analysis across multiple attributes including message frequency, content, and message sender to determine anomalies against normal thresholds set by the organization.
  • # Zero-Day Policy Management- Provides administrators complete flexibility in defining the actions to be taken on IM communications when an anomaly is detected, including block, allow, log, send alert, challenge, and more. The system provides comprehensive reporting on all activity.
  • # Patent-pending Challenge/Response Technology – allows administrators to quarantine suspicious IM conversations and initiate a challenge to the sender which requires a human to successfully respond to the challenge. This stops malicious threats created by computer bots and allows uninterrupted delivery of legitimate communications sent by human sources
  • # Integration with FaceTime Security Labs – New threats are automatically reported to researchers for further analysis and evaluation by the largest security team dedicated to IM, P2P and spyware threats.

Currently there have been a few known products to address IM threats, such as Facetime (IM Guardian RTG500), IMLogic(IM Manager), SurfControl(Instant Message Filter), Websense, BlueCoat(ProxySG 400), Akonix(L7 Enterprise).  SC Magzine tested a group of those products at Aug.27, 2004, see the following test summary:

The ease of use combined with the vast array of functionality offered by Websense Enterprise 5.2 wins it the Best Buy award. The product’s rich enterprise functionality incorporating excellent IM security was very impressive. For large enterprises looking for a dedicated solution to IM security, the FaceTime FTG500 Guardian is a very strong contender. It offers a high-end solution and is highly configurable to the needs of even the largest environments, and so wins the Recommended award.

Technorati Tags: IM, P2P, EIM, GreyNet, Security


Skype keynote address covers the whole gambit

October 28, 2005

TMCnet reported a keynote by Nikalas Zennstrom, the founder of Skype, where “Skype Groups” was regarded as an important step for Skype to turn to enterprise solutions, see the below excerpt.

“…Another area he focused on was Skype Groups, which is designed for enterprises looking to deploy Skype as a business solution. He mentioned that it features the ability for administrators to centrally administer SkypeOut credits, as well as administer SkypeIn numbers. Skype Groups is a step in the right direction in making Skype part of the solution and not part of the problem, considering Skype has often been a disruptive “uninvited guest” within the enterprise….”

Technorati Tags: Skype, P2P, eBay, EIM


Fast Growing IM/P2P Applications (Chinese)

October 27, 2005

In fact, this post is the first part of the whole review of IM/P2P application and security management (see second part: IM/P2P Security Management at Telecom Networks (Chinese) ). It’s easy to find one pretty clients with millions of fans, while it’s difficult to evaluate and predict which one will win the competition.

Lou Latham, famous IM expert of Gartner, at “Talking Technology”, the audio magzine of Gartner, divided the IMs into two kinds: consumer-oriented and enterprise-oriented. Most of popular IM/P2P applications are consumer-oriented, while he regarded that Microsoft, SAP, Novell, IBM, and etc. provide the solution what enterprised IT managers might consider to adopt to leverage the internal communication. Further, he emphasized that Jabber was one open and flexible platform and worthy of attention.

I uploaded the whole article in PDF format to my chinese version blog at i170.com. Click to download.

即时消息和P2P的安全管理 (Part 1)

1 快速增长中的IM/P2P应用

即时消息
即时消息(IM)成为现在网络几乎上不可或缺的一种应用。即时消息是一种类似电子邮件的联机通信方式,但是不同于电子邮件的地方是其“即时性”。 Yankee Group的预测分析,从2003年到2005年,即时消息(IM)在企业中的应用将以150%的复合增长率增长,至2005年底全世界的企业用户将会达到3.5亿。

Garter Group也认为到2006年,即时消息应用可以明显提升企业的工作效率和实时性,将会超过电子邮件,而成为企业中首选的文本通信形式。Gartner还估计使用IM的企业能够减少内部电子邮件数量的30%~40%,语音邮件数量也将减少10%~15%。

在下面的网址上大家可以找到数以百计的各式各样的即时消息软件(客户端):
http://fileforum.betanews.com/browse/InstantMessaging/IMClients

应该注意到,支持多种协议的IM客户端开始受到追捧,例如Gaim, Trillian, Myim, IM2等,它们都能够同时支持ICQ, AIM, YahooIM, MSN,Jabber等多种通信协议,甚至还可以在其中充当消息路由器或者桥接器。当前主流的IM客户端通常还会带有话音、视频、游戏、以及文件共享等多种增强功能。另外,穿越防火墙(也包含地址翻译)、具备加密功能、简捷易用的界面成为新一代IM软件的趋势。

Peer-To-Peer (P2P)

对等网络(P2P)是一种网络的组织形式。P2P的应用摆脱了传统的服务器/客户机系统在服务器端的带宽瓶颈,可以充分利用互联网的带宽资源,发挥互联网无所不在的优势,代表了未来个性化通信的需求。基于P2P技术,有越来越多的应用被开发出来,例如文件共享、群件与协作、数字媒体分发等。IM也是P2P技术的重要应用之一。虽然也有很多的IM是采用传统的客户机/服务器(C/S)架构实现的,但是基于P2P技术的IM在安全管理上具有独特性。

下面的表格是当前一些主要的即时消息和P2P软件和平台网络的枚举以及简要功能介绍。

  • 名称    P2P    聊天    文件共享    话音    视频    备注
  • ICQ    x    v    v    v    x    最早的网络聊天工具
  • YIM    x    v    v    v    v    Yahoo的出色聊天工具
  • MSN    x    v    v    v    v    国内很大的用户群
  • AIM    x    v    v    v    v    依靠AOL,在美国有很大的影响力
  • Skype    v    v    v    v    x-v    有外挂实现视频,话音质量、穿透防火墙以及加密能力是其特色
  • QQ    x    v    v    v    v    国内最大的网络聊天工具,支持多种游戏,国内短信互通有优势
  • BT    v    x    v    x    x    最有影响力的网络共享平台
  • eDonkey    v    x    v    x    x   
  • eMule    v    x    v    x    x   
  • Kazaa    v    x    v    x    x    Napster的升级
  • Napster    v    x    v    x    x   
  • Gnutella    v    v    v    V    V    一个出色的P2P平台,许多应用基于其上
  • Jabber    v    v    v    v    v    一个出色的P2P平台网络,许多应用基于其上。Google Talk即基于Jabber平台

2 P2P/IM的双刃剑效果

IM和P2P技术在带来便利和效率的同时,也同时带来了多重的负面效应:首先,从普通用户角度来看,使用即时消息进行通信与使用电子邮件一样,也具有一些类似的隐私和安全风险。例如如同垃圾邮件(SPAM)一样,现在互联网也存在垃圾即时消息(SPIM)的困扰。其次,IM和P2P的大量使用为企业IT部门带来了很多安全方面的困扰,使得企业的网络边界进一步模糊化。如果没有有效的、针对性的安全管理措施,不夸张地说,企业内网将等同于互联网,重重设防的企业边界在IM/P2P流行的年代里将逐渐变得形同虚设、甚至消失了。加重了企业安全管理的负担。第三,对电信运营商来说,IM可能意味着提供综合信息平台服务的同时,还需要关注所承担的垃圾短消息、以及反动黄色等不良内容的控制;而P2P则意味着带宽的低价值消费、知识产权的保护、甚至自身城域网安全等很多的关注话题。

关于个人用户使用IM/P2P应用过程中的隐私和安全威胁,目前网络上已经有不少的讨论和指导,例如下面的链接就是微软公司网站对于IM用户的安全使用建议:
http://www.microsoft.com/china/athome/security/online/imsafety.mspx

思科公司在其中文网站也提出了电信网络中在P2P面前的“增量不增收”的困境:
http://www.cisco.com/global/CN/about/news_info/press_release/leadship/2005_06_1.shtml

Technorati Tags: IM, P2P, Skype, GTalk, SPAM, SPIM, Jabber


TOP 5 Security Risks for Instant Messaging

October 26, 2005

IMLogic publishes two Top 5 Security Risks for Instant Messaging in 2004 and 2005, respectively. In 2005, the top 5 is as below:

  1. Blended Threats Include Instant Messaging
  2. Identity Theft, Spoofing, and Phishing over IM
  3. Advanced Spyware and SPAM over IM
  4. Information Security Leaks over IM
  5. Targeted Attacks on Enterprise Domains

while the top 5 in 2004 is:

  1. Viruses and Worms over IM
  2. Identity Theft and Authentication Spoofing
  3. Tunneling Through Firewalls
  4. Information Security Leaks
  5. SPIM or Spam over Instant Messaging

What differs 2005 against 2004 is that the priority of SPAM/SPIM: increased to 3rd from 5th. The openness and inter-op of IM services and clients will worsen the SPAM/SPIM threats in the near future.

Virus infections are most often sent via file transfers that bypass traditional gateway anti-virus security. IM and P2P attacks also push URLs to malicious code hosted on the Internet which can be downloaded and executed on local machines.

Technorati Tags: IM, SPAM, SPIM, Security


First post via Flock

October 26, 2005

Have you downloaded and installed ? That’s quite easy and straightforward. Go to www.flock.com to find more.

Once I began to add accounts, I found one “maybe as design” bug:

if you have two blog acounts, with the same title, when you try to add the second one, the first one will be replaced, rather than just add.

Technorati Tags: , ,


Follow

Get every new post delivered to your Inbox.