Disadvantages of JAVA

Disadvantages of JAVA 

• No separation of specification from implementation. Java classes aren't divided into specification and implementation parts. Hosch feels that this is an important point for beginners and would like ``this distinction between specification and implementation to be supported by the syntactic structure of the language.'' Lacking such a separation, he would at least like to be able to write prototypes for methods, which Java doesn't allow except within an abstract class or interface.
• No preconditions and postconditions. Hosch's introductory course emphasizes preconditions and postconditions, for which he would like language support. Java, like most languages, has no such support. (Among major languages, only Eiffel does.)
• Visibility rules are ``baroque.'' Hosch decries the many types of visibility in Java. He also laments that Java's syntactic support for hierarchical packages doesn't carry any semantic significance.
• No support for genericity. Hosch notes Java's lack of support for writing generic data structures and methods. As a substitute, he would accept ``type by association,'' such as Eiffel's anchored types.
• No enumeration types. Java lacks enumeration types entirely, although they can be simulated by creating a series of named constants.
• No local constants. In Java, variables that belong to a class can be made constant by declaring them to be final. Variables that are local to a method cannot be declared final, however.
• Exceptions not caught within a method must be declared as thrown by that method. Hosch finds this requirement to be onerous: ``for introductory students, it's a sequence of ugly, unintelligible syntactic marks.''

Memory Allocation in C++

In C, you use malloc(), free() and variants of malloc() to allocate and free memory, but these functions have their pitfalls. Therefore C++ introduced operators for handling memory, these operators are called new and delete. These operators allocates and frees memory from the heap (or sometimes called the free store) at runtime.

In C++, you should always use new and delete unless you're really forced to use malloc() and free(). But be aware that you cannot mix the two. You cannot malloc() memory, and then delete it afterwards, likewise you can't "new" memory, and then free it with free().

Firewall: Packet Filtering

Abstract— Loss of irreplaceable data is a very real threat for any business owner whose network connects to the outside world. Remote access for employees and connection to the Internet may improve communication in ways you’ve hardly imagined. Access to the Internet can open the world to communicating with customers and vendors, and is an immense source of information. But these same opportunities open a local area network (LAN) to the possibility of attack by thieves and vandals. Therefore, security of network is the main criteria here firewalls provide this security. The Internet firewalls keep the flames of Internet hell out of your network or, to keep the members of your LAN pure by denying them access the all the evil Internet temptations. The benefits of connecting to the Internet are clear. This paper discusses the risks you face when you connect to the Internet, describes the types of attacks that can occur, and offers an overview of firewall technology, which can protect your network from hackers. Specifically, the paper discusses the implementation of a firewall and what you should consider in choosing the type of firewall you require.

Keywords— Network LAN, TCP / IP, HTTP, NAT, ISAPI

1. Introduction

In this age of universal electronic connectivity, of viruses and hackers, of electronic eavesdropping and electronic fraud, there is indeed no time at which security does not matter. The explosive growth in computer systems and their interconnections via networks has increased the dependency of both organizations and individuals on the information stored and communicated using these systems. This has led to a heightened awareness of the need to protect data and resources from disclosure, to guarantee the authenticity of data and to protect systems from network-based attacks.

2.       Major Types of Network Attacks

i) TCP SYN flooding and IP spoofing attacks, ii) Smurfing,

iii) Distributed Denial of Service attacks (DDoS), iv) Mail spam, v) DNS spoofing (Malicious Cache poisoning)

3.     Firewalls

Major Networking Security Technologies include using one or more of the following techniques: encryption, firewall, and virtual private networks. The scope of the paper is limited to one security technology for the networked world: Firewalls.   

A computer firewall protects networked computers from intentional hostile intrusion that could compromise confidentiality or result in data corruption or denial of service. It may be a hardware device or a software program running on a secure host computer. In either case, it must have at least two network interfaces, one for the network it is intended to protect, and one for the network it is exposed to. A network firewall sits at the junction point or gateway between the two networks, usually a private network and a public network such as the Internet. The earliest computer firewalls were simple routers.        An Internet firewall examines all traffic routed between your network and the Internet to see if it meets certain criteria. If it does, it is routed between the networks, otherwise it is stopped. A network firewall filters both inbound and outbound traffic. It can also manage public access to private networked resources such as host applications. It can be used to log all attempts to enter the private network and trigger alarms when hostile or unauthorized entry is attempted. Firewalls can filter packets based on their source, destination addresses and port numbers. This is known as address filtering. Firewalls can also filter specific types of network traffic. This is also known as protocol filtering because the decision to forward or reject traffic is dependent upon the protocol used, for example HTTP, ftp or telnet. Firewalls can also filter traffic by packet attribute or state.

There are two access denial methodologies used by computer firewalls. A firewall may allow all traffic through unless it meets certain criteria, or it may deny all traffic unless it meets certain criteria. The type of criteria used to determine whether traffic should be allowed through varies from one type of firewall to another. Computer Firewalls may be concerned with the type of traffic, or with source or destination addresses and ports. They may also use complex rule bases that an analyze the application data to determine if the traffic should be allowed through. How a computer firewall determines what traffic to let through depends on which network layer it operates at. A discussion on network layers and architecture follows. 

1.      Basic Firewall Operation

2.       How does a network firewall interact with OSI and TCP/IP Network models?

Network Firewalls operate at different layers to use different criteria to restrict traffic. The lowest layer at which a firewall can work is layer three. In the OSI model this is the network layer. In TCP/IP it is the Internet Protocol layer. This layer is concerned with routing packets to their destination. At this layer a firewall can determine whether a packet is from a trusted source, but cannot be concerned with what it contains or what other packets it is associated with. Firewalls that operate at the transport layer know a little more about a packet, and are able to grant or deny access depending on more sophisticated criteria. At the application level, firewalls know a great deal about what is going on and can be very selective in granting access.  It would appear then, that firewalls functioning at a higher level in the stack must be superior in every respect. This is not necessarily the case, however. The lower in the stack the packet is intercepted, the more secure the firewall. If the intruder cannot get past level three, it is impossible to gain control of the operating system.

3.       Professional Firewalls Have Their Own IP Layer

 Professional firewall products catch each network packet before the operating system does, thus, there is no direct path from the Internet to the operating system’s TCP/IP stack. It is therefore very difficult for an intruder to gain control of the firewall host computer then “open the doors” from the inside.  According To Byte Magazine, traditional firewall technology is susceptible to misconfiguration on non-hardened operating systems. More recently, however, “...firewalls have moved down the protocol stack so far that the OS doesn’t have to do much more than act as a bootstrap loader, file system and GUI”. The author goes on to state that newer firewall code bypasses the operating system’s IP layer altogether, never permitting “potentially hostile traffic to make its way up the protocol stack to applications running on the system”. 

4.       Firewall Types

Firewalls fall into four broad categories:

i) Packet filters, ii) Circuit level gateways, iii) Application level gateways, iv) Stateful multilayer inspection firewalls

7.1 Packet Filtering Firewall

Packet filtering firewalls work at the network level of the OSI model, or the IP layer of TCP/IP. They are usually part of a router firewall. A router is a device that receives packets from one network and forwards them to another. In a packet filtering firewall, each packet is compared to a set of criteria before it is forwarded. Depending on the packet and the criteria, the firewall can drop the packet, forward it, or send a message to the originator. Rules can include source and destination IP address, source and destination port number and protocol used. The advantage of packet filtering firewalls is their low cost and low impact on network performance. Most routers support packet filtering. Even if other firewalls are used, implementing packet filtering at the router level affords an initial degree of security at a low network layer. This type of firewall only works at the network layer, however, and does not support sophisticated rule based models. Network Address Translation (NAT) routers offer the advantages of packet filtering firewalls but can also hide the IP addresses of computers behind the firewall, and offer a level of circuit-based filtering.

  

TCP protocol ensures reliable connection oriented transmission of packets between client and server. 

The flow of the TCP server program can be described in following steps:

i. TCP server opens up a well-known port 8080 and listens for client requests. ii. TCP client opens a socket and requests connection to the server. iii. TCP server acknowledges the request (which is the accept function system call). iv. TCP client sends HTTP/1.1 GET request. v. TCP server sends back the response, if the client and web server address are valid. vi. TCP server sends HTTP/1.1 403 Forbidden response otherwise.

7.1.2 Filtering features available in different operating systems:

Linux- iptables (originally called ipchains), http://www.linuxguruz.org/iptables/howto/maniptables.html, Man page of iptables, Windows – ISAPI (internet session application programming interface).

7.2 Circuit level Gateway

Circuit level gateways work at the session layer of the OSI model, or the TCP layer of TCP/IP. They monitor TCP handshaking between packets to determine whether a requested session is legitimate. Information passed to a remote computer through a circuit level gateway appears to have originated from the gateway. This is useful for hiding information about protected networks. Circuit level gateways are relatively inexpensive and have the advantage of hiding information about the private network they protect. On the other hand, they do not filter individual packets.

7.3 Application level Gateway

Application level gateways, also called proxies, are similar to circuit-level gateways except that they are application specific. They can filter packets at the application layer of the OSI model. Incoming or outgoing packets cannot access services for which there is no proxy. In plain terms, an application level gateway that is configured to be a web proxy will not allow any ftp, gopher, telnet or other traffic through. Because they examine packets at application layer, they can filter application specific commands such as http:post and get, etc. This cannot be accomplished with either packet filtering firewalls or circuit level neither of which know anything about the application level information. Application level gateways can also be used to log user activity and logins. They offer a high level of security, but have a significant impact on network performance. This is because of context switches that slow down network access dramatically. They are not transparent to end users and require manual configuration of each client computer.

7.4 Stateful Multilayer Inspection Firewall

Stateful multilayer inspection firewalls combine the aspects of the other three types of firewalls. They filter packets at the network layer, determine whether session packets are legitimate and evaluate contents of packets at the application layer. They allow direct connection between client and host, alleviating the problem caused by the lack of transparency of application level gateways. They rely on algorithms to recognize and process application layer data instead of running application specific proxies. Stateful multilayer inspection firewalls offer a high level of security, good performance and transparency to end users. They are expensive however, and due to their complexity are potentially less secure than simpler types of firewalls if not administered by highly competent personnel.

The firewall is an integral part of any security program, but it is not a security program in and of itself. Security involves data integrity (has it been modified?), service or application integrity, data confidentiality and authentication. Firewall security only addresses the issues of data integrity, confidentiality and authentication of data that is behind the firewall. Any data that transits outside the firewall is subject to factors out of the control of the firewall. It is therefore necessary for an organization to have a well-planned and strictly implemented security program that includes, but is not limited to, firewall protection.

5.       Conclusion

The paper reinforces the principle that security technology alone will not solve all security problems.  Responsible management of information is essential. One of the Courtney’s laws sums it up: “There are management solutions to technical problems, but no technical solutions to management problems”.

6.       References

[1]        Cryptography and Network Security: William Stallings

[2]        Network Security: Private Communications in a Public World: Charlie Kaufman, Radia Perlman, Mike Spencer

[3]        Guidelines for the Use of Cryptography in the Enterprise: Wolf Halton, Jack Krichen, Richard Costello

[4]        Encryption Fundamentals: Hugo Fruehauf

[5]        www.firewall-software.com

[6]        www.gocsi.com

[7]        www.searchsecurity.com

[8]        www.ciac.org

[9]        www.computel.com

[10]     www.sans.org

[11]     www.3com.com

[12]     www.cisco.com

[13]     www.extremenetworks.com

With Out main Function in C Program

#include<stdio.h>
#define decode(s,t,u,m,p,e,d) m##s##u##t
#define begin decode(a,n,i,m,a,t,e)
int begin()
{
printf("hello");
return 0;
}

Hey guys Do u Liitle bit Nw abt windows mobile Os??????

Windows Mobile

Windows Mobile is a mobile operating system developed by Microsoft for smartphones and Pocket PCs,^[2]. It is based on the Windows CE kernel and first appeared as the Pocket PC 2000 operating system. It is supplied with a suite of basic applications developed with the Microsoft Windows API, and is designed to have features and appearance somewhat similar to desktop versions of Windows. Third parties can develop software for Windows Mobile with no restrictions imposed by Microsoft. Some software applications can be purchased using Windows Marketplace for Mobile.

Most early Windows Mobile devices came with a stylus, which can be used to enter commands by tapping it on the screen.^[3] The primary touch input technology behind most devices were resistive touchscreens which did not require a stylus and work with any pressed input method; later devices used capacitive sensing. Along with touchscreens a large variety of form factors existed for the platform. Some devices featured slideout keyboards, while others featured minimal face buttons.

In February 2010, Microsoft announced a completely new phone platform, Windows Phone, designed to supersede Windows Mobile.^[4] The final version of Windows Mobile released after the announcement of Windows Phone was 6.5.5. Phones running Windows Mobile will not be officially upgradeable to Windows Phone^[5] and software designed for Windows Mobile is incompatible with the new operating system.^[6]

Windows Mobile 6.5.3 Today Screen
Company / developer	Microsoft
Programmed in	C++[1]
OS family	Windows CE
Working state	Discontinued
Initial release	April 19, 2000; 11 years ago (April 19, 2000)
Latest stable release	6.5.3 / February 2, 2010; 2 years ago (February 2, 2010)
Latest unstable release	6.5.5
Marketing target	Mobile devices
Update method	Adaptation kit upgrade
Kernel type	Windows CE 5.2
Default user interface	Graphical
License	Proprietary (Microsoft EULA)
Preceded by	Windows CE and Pocket PC
Succeeded by	Windows Phone

 

Common features

Most versions of Windows Mobile have a set of standard features such as multitasking and the ability to navigate a file system similar to that of Windows 9x/Windows NT, with support for many of the same file types. Much like its desktop counterpart it comes bundled with a set of applications to perform basic tasks. Internet Explorer Mobile is the default internet browser and Windows Media Player is used for media playback, such as video and music. Microsoft Office Mobile, the mobile versions of Microsoft Office applications, including Outlook Mobile is the default office suite. The ability to install third party software has existed since the original Pocket PC implimentations. A client for PPTP VPNs is standard. Internet Connection Sharing is supported on compatible devices, which in mobile phones allows the phone to make its Internet connection available to computers via USB and Bluetooth.

Most devices with mobile connectivity include a Radio Interface Layer. The RIL provides the system interface between the CellCore layer within the Windows Mobile OS and the radio protocol stack used by the wireless modem hardware. This allows OEMs to integrate a variety of modems into their equipment.

The user interface has changed much between versions but the basic functionality has remained similar. The Today Screen, later called the Home Screen, shows the current date, owner information, upcoming appointments, e-mail messages, and tasks. The taskbar shows the current time and the audio volume and of devices with a cellular radio the signal strength.

Windows Mobile 6.5

Windows Mobile 6.5 was never part of Microsoft's mobile phone roadmap, and has been described by its chief executive, Steve Ballmer, as "not the full release [Microsoft] wanted" until the multi-touch-enabled Windows Mobile 7 (now replaced by Windows Phone) arrived in 2010.^[38] Ballmer also indicated that the company "screwed up with Windows Mobile", he lamented that Windows Mobile 7 was not yet available and that the Windows Mobile team needed to try to recoup losses.^[39] Microsoft unveiled this version at the 2009 Mobile World Congress in February,^[40] and several devices were supplied with it.^[41] It was released to manufacturers on May 11, 2009; the first devices running the operating system appeared in late October 2009.^[42] Several phones that officially shipped with Windows Mobile 6.1 can be officially updated to Windows Mobile 6.5.^[43] This update includes some significant new added features, such as a revamped GUI , a new Today screen resembling that of Microsoft's Zune player with vertically scrollable labels (called 'Titanium').^[44] WM6.5 also includes the new Internet Explorer Mobile 6 browser, with improved interface.^[45]

Along with Windows Mobile 6.5, Microsoft announced several Cloud computing services codenamed "SkyBox", "SkyLine", "SkyMarket".^[46] "SkyBox" has been confirmed as My Phone,^[47] while "SkyMarket" has been confirmed as Windows Marketplace for Mobile.^[48] This version was designed mainly for easier finger usage.^[49] Some reviewers have noted interface inconsistencies, with some applications having small buttons making them harder to operate using only a finger.^[50] Whilst this version of Windows Mobile does not natively support capacitive screens, mobile manufacturers have been able to use them on their devices^[51]

In the months following this release, development shifted from Windows Mobile to its successor Windows Phone. As such no major upgrades were planned or released, although three minor updates; 6.5.1, 6.5.3 and 6.5.5; were made to satisfy consumers during the transition period. 6.5.1 brings larger user interface elements,^[52] including icon based soft buttons (rather than text based),^[53] an updated contacts app,^[54] native support for A-GPS,^[52] improved threaded text messaging,^[55] and performance improvements.^[56] It was unofficially ported to several Windows Mobile phones.^[57]

The second minor update was announced on February 2, 2010, along with the Sony Ericsson Aspen which was the first phone to use this version.^[58] 6.5.3 continues the trend of attempting to provide a more finger-friendly user interface with several new usability features such as native support for multitouch; although device maker HTC Corporation created proprietary work-arounds to allow multi-touch to work on some applications it installed on its HD2 handset(However, Microsoft applications on this handset, such as the Internet Explorer web browser, did not support multi-touch.^[59]) and drag-and-drop start menu icons. Touchable tiles replaced soft keys."^[60] Internet Explorer Mobile 6 has also received some major updates including decreased page load time, improved memory management and gesture smoothing.^[61] As with other updates it was unofficially ported to some other devices. Additional features include threaded email and Office Mobile 2010.^[61]

The last minor update, and as of 2012 the last released version is 6.5.5. It first leaked in January 2010, and was unofficially ported to some Windows Mobile phones.^[62] The name Windows Mobile 6.5.5 has been applied to these newer builds, although this name remains unconfirmed by Microsoft.

 Hardware

There are three main versions of Windows Mobile for various hardware devices:

• Windows Mobile Professional runs on smartphones with touchscreens
• Windows Mobile Standard runs on mobile phones without touchscreens
• Windows Mobile Classic which runs on personal digital assistant or Pocket PCs.

Windows Mobile for Automotive and Windows Mobile software for Portable Media Centers are among some specialty versions of the platform.

Microsoft had over 50 handset partners,^[64] when Windows Mobile was still being shipped on new devices. 80% of the 50 million Windows Mobile devices that were made from launch to February 2009 were built by one contract manufacturing group, HTC, which makes handsets for several major companies under their brands, and under its own brand.

 Market share

In August 2010, it was the fifth most popular smartphone operating system, with a 5% share of the worldwide smartphone market (after Symbian, BlackBerry OS, Android, and iOS).