Monday, August 17, 2009


<A>…</A>   [Anchor tag]

This element is used to make hyperlink its one of the important tag of html. This tag is use to made hyperlink. Text enclosed with in this tag is became hyperlink text.

|HREF: this attribute is having address of file or bookmark by clicking over the hyperlink you can jump to that file or bookmark.

For example:  <a href=’main.html’>main page</a>

 By clicking over the text main page this link will load main.html in the browser window.

|NAME: Name attribute use for creating bookmark in the document <a name=’xyz’>xyz</a> see the text enclosed within the <A> tag is became a bookmark.

 When you have to give hyperlink to that bookmark you have to put ‘#’ before bookmark name and give as value to HREF attribute.

For example: <a href=’#xyz’>Index</a>

By clicking over the text index you will be jumped to the xyz bookmark.

|TARGET: This attribute used to set target that where the document will show mainly used when framed document is there.

|ACCESSKEY: defined keyboard shortcut.

|TABINDEX: defined tab order for the link.



This element will animate the enclosed text or any other object.

Attributes of <MARQUEE> … </MARQUEE>


There is three behavior scroll, slide, and alternate. Scroll is by default behavior, slide will take enclosed object or text form right to left, alternate will take  enclosed object at next horizon and move back to the opposite horizon.


Using this attribute you can set the direction of marquee values can be left, right, up , down .


Using this element you can set the number of time marquee will work. If value is -1 than infinite marquee.


You can set speed of marquee using this attribute. You have to give no. of pixel you want to move for each scroll time.


You can set a time for each move of marquee you have to give time in millisecond form, if value is small than marquee move speedy else vice-a-versa.


 you can give the background color for marquee


This attribute will set alignment of text or object inside marquee, value can be top, bottom, middle.


The height of marquee’s area you can set using this attribute value can be given in pixels.


The width of marquee’s area you can set using this attribure value can be given in pixels.


To set the horizontal space inside the marquee.


To set the vertical space inside the marquee.

For example:

<marquee behavior="alternate" height="200" width="200" align="bottom" hspace="20" vspace="20" bgcolor="#009999" scrollamount="20" scrolldelay="100" direction=’up’> HELLO WORLD  </marquee>

<marquee behavior="alternate" height="200" width="200" align="bottom" hspace="20" vspace="20" bgcolor="#009999" scrollamount="20" scrolldelay="100" direction=’down’> HELLO WORLD  </marquee>


<H1> TO <H6> : <h1> creates fist level heading. Its block level element it has six levels <H1> to <H6> it requires ending tag. It’s having ALIGN attribute having value like left, right, center, justify.

<P> …. </P>

<p> creates a paragraph, it’s a block level element its having attribute ALIGN having value like left, right, center, justify.

<PRE> … </PRE>

Creates a block of preformatted text so that you can arrange lines in a particular way to create text, most browsers will display the pre element using mono spaced font such as courier.

Attribute WIDTH to indicate the number of characters the widest line of the preformatted text has.

For example:



<title>first small program </title></head>

<body bgcolor=’red’ color=’white’>

<h1>Good morning……friends</h1>

<h2>Good morning……friends</h2>

<h3>Good morning……friends</h3>

<h4>Good morning……friends</h4>

<h5>Good morning……friends</h5>

<h6>Good morning……friends</h6>

<P align=’right’>

it suggests a shift in the ultimate power over HTML to the corporate players. From now on, you can probably assume that HTML extensions beyond what is generally considered HTML 3.0 will become standard on a case-by-case basis.


<p align=’center’>

It suggests a shift in the ultimate power over HTML to the corporate players. From now on, you can probably assume that HTML extensions.



1          ram     100

2          sita      200</pre></body></html>

<TT> …</TT>

This element makes enclosed text appear in a fixed width , typewriter style font such as courier , its text level element.

<B> … </B>

This element made enclosed text bold, its text level element, you can also use <strong>  tag for doing same thing.

<I> …. </I>

This element made enclosed text italic, its text level element, you can also use <EM> tag for doing same thing.

<U> … </U>

This element made enclosed text underlined its text level element.


Makes the enclosed text appear with a strike out through the middle you can also use <S> tag but <strike> is widely supported than <s>, its text level element.

<SUB> … </SUB>

This element used to indicate a subscripted section for example NA<sub>2</sub> CO<sub>3</sub> will display output like NA2CO3. its text level element.

<SUP> … </SUP>

This element used to indicate a superscripted section for example E=MC<sup>2</sup> will display output like E=MC2. Its text level element.

For example :



<title>first small program </title></head>

<body bgcolor=’red’>

<B>Good morning……friends….</B><BR>

<I>Good morning……friends….</I><BR>

<U>Good morning……friends….</U><BR>

<I><U>Good morning……friends….</U></I><BR>

<STRIKE> Good morning……friends….</STRIKE><BR>

NA<sub>2</sub> CO<sub>3</sub><BR>



it suggests a shift in the ultimate power over HTML to the corporate players. From now on, you can probably assume that HTML extensions beyond what is generally considered HTML 3.0 will become standard on a case-by-case basis.


Programmer's HTML Tags

One of the early, more common uses for HTML was for documenting computer programs and offering tips or advice to computer programmers. Part of the HTML 3.0 standard, then, offers some implicit (logical) HTML tags that allow HTML designers to mark text in a way that makes it easier to present computer-programming codes. Those tags are listed in table below. Tags Meaning   Generally Rendered as…

HTML Tags for Computer Programming  [All is text level element ]

<CODE> … </CODE>  

Programming lines  Monospaced  (like <TT>) 

<KBD> … </KBD>  

Keyboard text  Monospaced 

<SAMP> …  </SAMP>  

Sample output  Monospaced 

<VAR> …  </VAR>  

Variable  Italic

Notice that the majority of these tags are often displayed in exactly the same way-in the default monospaced font for the browser. Then why use them? First, not all browsers will necessarily follow the "general" way. Some browsers will actually render these tags in slightly different ways from one another, so that <SAMP>, for instance, might appear in a slightly larger font than <CODE>.  Second, using these tags is a great way to internally document your HTML pages, so that you can tell at a glance what certain text is supposed to be. This will help you later when you return to the document to update it or fix errors-especially as the document becomes more complex. 

HTML Tags for Font formatting [All is text level element ]


Make enclosed text bold

<SMALL> … </SMALL>   

Make enclosed text font size 1 pixel small

<BIG> … </BIG>  

Make enclosed text font size 1 pixel big

<BLINK> …  </BLINK>  

Make enclosed text blinking effect not supported by html 4.0


Make enclosed text italic.


Make block of quote for text

<FONT> … </FONT>

This element sets font size, color, face for enclosed text and it’s a text level element.

Attributes of <FONT> … </FONT>


This will set size of font. You have to specify the integer value


This will set a color of font


This will set a type of font. You can give more than one type by separating it using coma.

For example, <font color=’red’ face=’verdana,Helvetica,arial’ size=8> world wide web </font>


This element indicates the location of a document and can set a default link target it’s a head section element.

Attributes of <BASE> … </BASE>


This will give hyper reference for the file , required URL as value


To indicate the full URL of the current document.


This element indicates the default font settings for the rest of the document. it will be automatically apply over the text for which you don’t write <font> formatting tag.

Attributes of <BASEFONT> … </BASEFONT>


This will set size of font. You have to specify the integer value


This will set a color of font


This will set a type of font. You can give more than one type by separating it using coma.

The<FONT> and <BASEFONT> Tags

Ability unique to Netscape HTML (outside of style sheets) is specific control over the size of fonts. The general HTML theory is to allow a browser to decide what fonts will be larger than others, although it's safe to assume, for instance, that graphical browsers will render <H1> text larger than <H2>, etc.

Netscape, however, offers up the <FONT> and <BASEFONT> tags, which take the SIZE, attribute to change the size of browser fonts, regardless of the tags used. <BASEFONT> changes the font size for an entire document relative to the default. <FONT> can then be used to set individual font sizes within the document. They're formatted like this:

<BASEFONT SIZE="number">

<FONT SIZE="(+/-) number">

You'll want to use an incremental number (for example, +2) for the SIZE attribute to the <FONT> tag when you're using the <BASEFONT> tag to set the default. The <FONT> tag can be used just about anywhere in regular text. For instance:


<P>We're having a S<FONT SIZE="+1">A<FONT SIZE="+2">L<FONT SIZE="+3">A<FONT SIZE="+4">BRA<FONT SIZE="+3">T<FONT SIZE="+2">I<FONT SIZE="+1">O<FONT SIZE="+0">N!</P>


You can use <FONT> as often as you'd like. Just remember that as a general rule, the more you use it, the more annoying it is.


<HTML> This element contains the head element and body elements of a document. It’s a basic structure element. It contents head element and body element or frameset element.

<HEAD> This element contents head section of document. Head must contain exactly one title element in addition it may contain script element, style element and Meta element as well as link element.

<TITLE> Creates document’s title. Every html documents requires a title. This element is a part of basic structure comes in head section.

<span style="font-weight:bold;">Structure of HTML:</span>




Other text and elements to be represent information using tag are place in body element



<BODY> This tag contain the body section of html document. It’s basic structure element

Background: to set a background image.

Bgcolor :- to set background color

Link: - to set hyperlink color.

Alink:- to set active hyperlink color. & Vlink:- to set visited hyperlink color.

<span style="font-weight:bold;">Example:</span>


<head><title>first small program </title></head>

<body bgcolor=’red’>

Good morning……friends….


<span style="font-weight:bold;">COMMENT:</span>

<!-- -->

Inserts comments into an html document that would not be displayed by a browser also used to hide style sheets and active scripts from older browsers.

what is HTML ?

HTML stands for the Hypertext Markup Language. It was defined by Tim Berners-Lee in 1990 as the method of marking up pages of information to be looked at by a browser. The Standard Generalized Markup Language (SGML) had been used widely at CERN for documentation and HTML was a cut down version of the CERN documentation language. HTML is not a static language and has gone though a number of iterations over the last 10 years: was the first real standard definition for core HTML features based upon current HTML 2.0 practice in 1994. W3C's first Recommendation for HTML and was defined in 1996.HTML 3.2 added tables, applets, text-flow around images, superscripts and subscripts, and was compatible with HTML 2.0. was first released as a W3C Recommendation on 18 December 1997. HTML 4.0 was released on 24th December 1999 and fixed a number of bugs in the HTML 4.0 and then HTML 4.01 specification is a reformulation of HTML 4 in XML and was released on 26 January 2000.
There are certain advantages to the Web, such as multimedia, interactivity, timeliness, and a certain air of "tech awareness" that make creating HTML pages something of a necessity for businesses and a good idea for families, too. There are disadvantages as well, including the cost in time and money, the learning curve for Web design, and the constant need to update.
HTML has been forced to evolve over the last year because of the involvement of millions of people, larger businesses, and commercial artists. Spearheaded by Netscape Navigator, a number of extensions to HTML for page-layout purposes have confused the mission of the Web. As a designer, it's up to you to decide who your audience will be and the most appropriate flavors of HTML to use in order to reach that audience.

Advantages of HTML

Advantages and Disadvantages of the Web Most small or large businesses have a compelling reason to create a presence on the World Wide Web. It's an important new medium for communication that is relatively inexpensive to implement, it's a boon for dealing with customer service issues, and it's gaining popularity in leaps and bounds. But any good HTML designer should realize that there are also certain disadvantages to the Web. Advantages There are many good reasons to commit to creating a presence on the World Wide Web. Most of these are geared toward businesses, but you'll notice that these advantages are available to any Web site:
Multimedia presentation-A Web site allows you to do things that are simply not possible in any other medium. With some of the visual impact of television, the informational utility of print, and the personal appeal of radio, the Web is an effective tool for taking marketing information to another level. Products can be explained and offered in depth, along with pictures, video, sound, and even animation.
Interactivity-There are a number of different areas where the fact that your user can interactively determine what to view or hear can really make the difference for a business. Especially important is the added value the Web gives you for customer service, technical or product support, and immediate feedback. While most of any Web site is automated, it gives you an
Opportunity to answer frequently asked questions and point customers to resources that may help them solves problems on their own. While this may seem like an advantage reserved for computer companies, consider the implications for service-oriented industries like travel, consulting, catalog sales, and business-to-business sales.
Flexibility-If your business relies on printing or publishing as a medium, you may immediately see the advantage of the Web. Changes on the Web are relatively instantaneous, and the speed with which an update can be made is measured in minutes, not weeks. Consider the financial planner's or real estate agent's sales newsletter. Instant changes on the World Wide Web give their Net-savvy clients a time-based edge. Incorporating the Web into the services you offer a client gives you an added value in their eyes, especially in time-sensitive industries.
Easy High-Tech-Whether you're a small or large business, it's important to keep up with technology in order to satisfy customers and be up on the "latest." Web pages are moving toward a point where they'll be expected of large businesses and not unusual from small ones. Like e-mail a couple years ago, and fax machines before that, it's become important to keep up with the Web. Fortunately, it's also rather easy to get started with HTML and quickly develop a Web site.

The current state of HTML

With these commercial demands, however, have come different solutions. For every extension Netscape adds to HTML, there is generally (eventually) a standard agreed to by the World Wide Web Consortium (W3C) that meets the same need. Unfortunately, the implementation isn’t always the same. So, it's possible for an HTML 4.0 level standard, for instance, to provide for exactly the same layout functions as Netscape-but do it in a way that isn’t compatible with Netscape's browser. So HTML is currently in a bit of a flux. The best you can hope for is that the HTML standard is agreed upon and maintained more quickly in the future as more ideas pop up. At the same time, it's important that the standard remain well thought-out, and that it isn't allowed to become bloated and unworkable. In fact, this is probably the justification for recent changes to the standards bodies. With the W3C taking control of HTML, it suggests a shift in the ultimate power over HTML to the corporate players. From now on, you can probably assume that HTML extensions beyond what is generally considered HTML 3.0 will become standard on a case-by-case basis. Overall, this is probably a good thing, since standards can be agreed on as technology emerges-and competing browsers can all use the same methods to incorporate new technology.

Wednesday, July 22, 2009

Explain VPN ?

Introduction to VPNs

Long gone is the time when corporate networks were separate isles of local connectivity. Today, most networks are connected to each other by the Internet. Issues of protecting the local networks from Internet-based crime and intrusion are being solved by firewalls, intrusion detection systems, anti-virus software and other security investments. However, business is increasingly often being done across the Internet as a means of efficient and inexpensive communication.

As we all have learned the hard way, not all parts of the Internet can be trusted in our time. Private interests as well as corporate communication requirements necessitate a means for data to be able to travel across the Internet to its intended recipient without allowing anyone else to read or alter it. It is equally important that the recipient can verify that no one is falsifying information, i.e. pretending to be someone else.

VPNs, Virtual Private Networks, provide a very cost efficient means of establishing secure links to parties that one wishes to exchange information with in a secure manner.

VPNs vs Fixed Connections

Using leased lines or other non-public channels to exchange data between organisations is not a new concept. It has been done since the first computers began talking to each other. In the beginning, communication was limited to local area communication links, but in time, people were finding reasons to have their computers exchange information across greater distances.

Fixed connections are usually very reliable as far as uptime and available bandwidth is concerned. They are also fairly secure, as long as no one attacks the telephony infrastructure or digs your optical fibres out of the ground and attach their own equipment to it.

Fixed long-distance connections, provided that suitable security measures are taken, may be considered "Private Networks".

However, fixed channels of communication are just that: fixed. If you hire a fixed connection between company A and B, you only allow communication between companies A and B.

If several organizations would want to communicate with each other in all directions, separate fixed connections between all organisations would be needed. Such situations quickly escalate beyond all manageability and cost efficiency:
Two organizations only require one connection.

Three organizations require three connections.

Five organizations require ten connections.

Seven organizations require twenty-one connections.

Ten organizations require fourty-five connections.

100 organizations require 4 950 connections.

One could argue that maybe some communication could be done by the way of intermediates. If I wish to talk to company B, maybe I can send my data to company C that has a link to company B? That way I don't have to have a link to company B of my own?

In some cases, and in a small scale, this may work. On the other hand, it may not work at all even if it is on a manageable scale. Consider a company that sells a product to ten customers who all compete with each other.

- Would any one of them accept that their orders and delivery confirmations travel through the hands of one of their competitors?
- Hardly.

Another solution is required.

From a connectivity and security perspective, Virtual Private Networks may still be viewed as "fixed connections" in that they do provide connectivity between two or more organizations. This is a fact that does not change even though cryptography is deployed to implement the "Virtual" side of the "Private Network".

Cryptography and Authentication : VPN Basics

Cryptography provides a means to create "Virtual Private Networks" across the Internet with no additional investments in cables, leased lines or other connectivity.

Cryptography is an umbrella expression covering three basic techniques and benefits:

• Confidentiality ?no one but the intended recipients is able to intercept and understand the communication. Confidentiality is accomplished by encryption.
• Authentication and Integrity ?proof for the recipient that the communication was actually sent by the expected sender, and that the data has not been modified in transit. This is accomplished by authentication, often by use of cryptographic keyed hashes.
• Non-repudiation ?proof that the sender actually sent the data; the sender cannot later deny having sent it. Non-repudiation is usually a benign side-effect of authentication.

VPNs are normally only concerned with confidentiality and authentication. Non-repudiation is normally not handled at the network level but rather on a transaction (document-by-document) basis.

The following sections explain how encryption works, how it is used in VPNs to provide confidentiality, and how authentication is used to provide integrity.

What are the threats and vulnerabilities ?

threats to computers and networks have been an issue since computers began to be used widely by the general public. Nowadays, any computer or network that is connected to the Internet is at risk. CERT (the Computer Emergency Response Team funded by Carnegie Mellon University) cautions that:

"Intruders form groups and develop scripts that they share with each other on how to maliciously exploit vulnerabilities in systems. Intruders dedicate time to developing programs that exploit vulnerabilities and to sharing information. They have their own publications, and they regularly hold conferences that deal specifically with tools and techniques for defeating security measures in networked computer systems." The CERT/CC and the Internet Community
Breaches in library computer security are normally caused unintentionally by curious and persistent users—and sometimes intentionally by knowledgeable and malicious hackers. These threats are made more possible by software that has been installed improperly, software code that has inherent flaws (bugs), or insecure procedures.
Basic Types of Threats

Basic types of attacks include:
• Probes and scans - attempts to gain access or discover information about remote computers
• Account compromise - discovery of user accounts and their passwords
• Packet sniffing - capturing data that is sent across a network; the data can contain sensitive information like passwords
• Denial of service - flooding a network with requests that can overwhelm it and ultimately make a computer slow down or ultimately crash
• Malicious code - Trojan horses, worms, viruses
• Spoofing - making a computer look like a "trusted computer"

Probes and Scans

A probe is characterized by unusual attempts to gain access to a system or to discover information about the system. One example is an attempt to log in to an unused account. Probing is the electronic equivalent of testing doorknobs to find an unlocked door for easy entry. Probes are sometimes followed by a more serious security event, but they are often the result of curiosity or confusion. A scan is a way of performing multiple probes using an automated tool. The most common kind of scan is a "port scan." This kind of scan queries for listening ports on a remote computer. Scans are often a prelude to a more directed attack on systems that the intruder has found to be vulnerable.

Account Compromise

Account compromise is the discovery of user accounts and their passwords on a system. It allows an unauthorized user to gain access to all resources for which that user account is authorized. An account compromise might expose the victim to serious data loss, data theft, or theft of services. Limiting the amount of user accounts that have root-level access or administrative privileges minimizes potential damage; however, access to a user-level account is often an entry point for greater access to the system.
One kind of compromise better known to UNIX systems is called a root compromise. Traditionally, the administrative account for UNIX systems is called "root." Not only is it a user name, but it refers to the highest level directory on a server. If an account has root level access, it usually has access to the entire system. Intruders who succeed in a root compromise can do just about anything on the victim's system, including run their own programs, change how the system works, and hide traces of their intrusion.

Packet Sniffer

A packet sniffer is a program that captures data from information packets as they travel over the network. That data may include user names, passwords, and proprietary information that travels over the network. If the data captured by a packet sniffer is encrypted (see Importance of Encryption), it is unlikely that someone will be able to reveal any sensitive information. However, if the data is not encrypted, just about any information sent is vulnerable to being compromised. Installing a packet sniffer does not necessarily require privileged access; however, it requires obtaining access to a network card interface somewhere in the line of communication.

Denial of Service

The goal of denial of service attacks is not to gain unauthorized access to machines or data, but to prevent legitimate users of a service from using it. A denial of service attack can come in many forms. Attackers may "flood" a network with large volumes of data or deliberately consume a scarce or limited resource such as process control blocks or pending network connections. They may also disrupt physical components of the network or manipulate data in transit, including encrypted data. The underlying purpose to a denial of service attack is to bog down a system by giving it too much information to process quickly enough.

Malicious Code

Malicious code is a general term for programs that, when executed, can cause undesired results on a system. Users of the system usually are not aware of the program until they discover the damage. Malicious code includes Trojan horses, viruses, and worms. Trojan horses and viruses are usually hidden in legitimate programs or files that attackers have altered to do more than what is expected. Worms are self-replicating programs that spread with no human intervention after they are started. Viruses are also self-replicating programs, but they usually require some action on the part of the user to spread inadvertently to other programs or systems. These sorts of programs can lead to serious data loss, downtime, denial of service, and other types of undesirable effects. See Antivirus Software.


Computers on networks often have trust relationships with one another. For example, before executing some commands, the computer checks a set of files that specify which other computers on the network are permitted to use those commands. If attackers can forge their identity, appearing to be using the trusted computer, they may be able to gain unauthorized access to other computers.
Basic Types of Vulnerabilities
Although there are many, many vulnerabilities in computer systems and networks today, the main vulnerabilities that are likely to cause you harm are:

1. Default software installations
2. Ineffective use of authentication
3. Patches not applied
4. Too many open ports and services running
5. Not analyzing incoming packets
6. Backups not maintained and verified
7. Lack of protection against malicious code

Default Software Installations

A default software installation is where an operating system or application software is installed using all the default settings built in by the programmers. Performing a default software installation on computers with sensitive data is not good practice, especially when the chosen software is likely to be used by many people, such as on a public access computer or web server.
Servers are installed with default user accounts. It is therefore important to:

• Disable guest accounts
• Disable the Everyone group account for Windows NT/2000/XP
• Don't run important daemons as root
• Rename the administrator account
• Set a strong password for the administrator account

Ineffective Use of Authentication

Authentication is the process of proving who you are to a system using one or more authentication methods. Authentication can be based on what you know (such as a password), based on what you have (such as a smart card), or based on who you are (such as biometrics). Most organizations rely on authentication via passwords. Passwords can be a fairly secure form of authentication when they are created properly (and, of course, when default passwords aren't used). It is depressingly easy, however, for people to create poor passwords. For more on how to create good "strong" passwords see Using Passwords Effectively.

Patches Not Applied

All too frequently, patches for known security problems are not applied during a default installation. Granted, as software vendors write increasingly complex code, it becomes harder for them to keep up with making the necessary patches. But server and systems administrators must make the effort to keep their systems patched. For information on where to find system and software patches, see vendor-specific patches.

Too Many Open Ports and Services Running

Ports are labels—ways to identify services that are running on particular machines. Ports have identification numbers which are included with every TCP or UDP packet. Services that are running on a machine are programmed to be on the alert to "listen" for packets that arrive from other computers with matching port numbers. Thus, the types of ports your server has open can give away a lot of information about it. In addition, the more ports your servers have open, the more options there are to connect to that server.

Not Analyzing Incoming Packets

A packet is the smallest unit of information that is transmitted across networks. All information—web pages, email messages, etc.—are broken down into packets before being transmitted. Each packet of a transmission has the service's port number, the sender's IP address, the destination IP address, and a packet number. All of the packets in a transmission are numbered in sequential order. Analyzing incoming packets allows you to weed out packets that don't match the rules that have been built into a network device's table of acceptable traffic, such as spoofed packets or packets utilizing the wrong port for a service. It also allows you to watch for bursts of activity indicating a denial of service attack. Analyzing your network traffic for unacceptable traffic is usually only done when there is a suspected breach of security. Proactively analyzing network traffic as a preemptive function is normally only done on networks with extremely sensitive data.

Backups Not Maintained and Verified

One of the aims of risk assessment is to show how many hours an asset such as a server can be down before it starts to impact the library's mission. If backups are not made daily, or at an interval acceptable to your library, you won't be able to quickly recover from data loss caused by security breaches, other disasters (such as utility problems), or acts of nature (like floods). Backups also should be tested to ensure that data has been backed up properly and that staff has enough familiarity with the recovery procedure. Backups should be maintained offsite along with copies of the hardware specifications and the backup software installation media.

Lack of Protection against Malicious Code: Viruses, Worms, Trojan Horses

A virus is a program that reproduces by attaching to another program. It may damage data directly, or it may degrade system performance by taking over needed system resources which are then not available to authorized users. Worms are independent programs that reproduce by copying themselves from one system to another, usually over a network. Trojan horses are programs that appear to perform a useful function but actually hide another unauthorized program inside them. When an authorized user performs the apparent function, the Trojan horse performs the unauthorized function as well (often usurping the privileges of the user).

All of these threats and vulnerabilities must be anticipated, especially when the threat is due to staff ignorance. They certainly must not be ignored—an ostrich with its head in the sand is only getting its head dirty. Threats and vulnerabilities must be carefully examined to see whether or not they apply to your library's computers and networks, staff and procedures. Then they must be analyzed to devise strategies to counter them.

What is the need of Securing?

Computer security is required because most organizations can be damaged by hostile software or intruders. There may be several forms of damage which are obviously interrelated. These include:

• Damage or destruction of internal data.
• Damage or destruction of computer system.
• Loss of sensitive information of hostile parties.
• Use of sensitive information to steal items of monitory value.
• Use of sensitive information against the organization’s customers which may result in legal action by customers against the organization and loss of customers.
• Damage to the reputation of an organization
• Monetary damage duet o loss of sensitive information, destruction of data, hostile use of sensitive data, or damage to the organization’s reputation.

The methods used to accomplish these crooked objectives are many and varied depending on the circumstances.

What is the need of Securing?

Computer security is required because most organizations can be damaged by hostile software or intruders. There may be several forms of damage which are obviously interrelated. These include:

• Damage or destruction of internal data.
• Damage or destruction of computer system.
• Loss of sensitive information of hostile parties.
• Use of sensitive information to steal items of monitory value.
• Use of sensitive information against the organization’s customers which may result in legal action by customers against the organization and loss of customers.
• Damage to the reputation of an organization
• Monetary damage duet o loss of sensitive information, destruction of data, hostile use of sensitive data, or damage to the organization’s reputation.

The methods used to accomplish these crooked objectives are many and varied depending on the circumstances.

Friday, February 6, 2009


The <span> and <div> tags were introduced later in the HTML game that are very useful when dealing with Cascading Style Sheets. People tend to use them in similar fashion, but they serve different purposes.


The <div> tag defines logical divisions in your Web page. In terms of layout, the <div> tag does only one thing, it determines the alignment of that section of your page.

<div> also gives you the chance to define the style of whole sections of HTML. You could define a section of your page as a call out and give that section a different style from the surrounding text.

But that's not all it does! The <div> tag gives you the ability to name certain sections of your documents so that you can affect them with style sheets or Dynamic HTML.

One thing to keep in mind when using the <div> tag is that it breaks paragraphs. It acts as a paragraph end/beginning, and while you can have paragraphs within a <div> you can't have a <div> inside a paragraph.

The primary attributes of the <div> tag are:

align (left|center|right|justify)

Even if you don't use style sheets or DHTML, you should get into the habit of using the <div> tag. This will give you more flexibility when more XML parsers become available. Also, you can use the NAME attribute to name your sections so that your Web pages are well formed.

Because the <center> tag has been deprecated in HTML 4.0, it is a good idea to start using <div> align="center" to center your text and images. You can also use the text-align: center style tag.

More About the <div> Tag


The <span> tag has very similar properties to the <div> tag, in that it affects the style of the text it encloses. Items in the <span> can be aligned or given specific style attributes.

The primary difference between the <span> and <div> tags is that <span> doesn't do any formatting of it's own. The <div> tag acts as a paragraph break, because it is defining a logical division in the document. The <span> tag simply tells the browser to apply the style and align rules to whatever is within the <span>.

The primary attributes of the <span> tag are:

align (left|center|right|justify)

Use <span> when you want to change the style of elements without naming them in a separate division within the document. For example, if you had a Level 3 Heading (<h3>) that you wanted the second word to be red, you could surround that word with <<span> style="color : #ff0000;">2ndWord</<span>> and it would still be a part of the <h3> tag .

CSS style properties

Font properties





Specific font (Arial, Times, Verdana) 
Familly (serif, sans-serif, fantasy, monospace, cursive)

Defines one or more font names or font families. If multiple fonts are defined, the first one found on the user's system will be used. 


normal, italic, oblique 

Defines the writing style 


lighter, normal, bold or bolder. 
numeric value (100, 200, 300, 400, 500, 600, 700, 800, 900)

Defines the thickness of the font 


xx-small, x-small, small, medium, large, x-large, xx-large 
size in points (pt), cm, %

Defines the font size 


normal, small-caps 

Defines a variant (small capitals) 


font: Verdana, Arial, bold italic 8px; 

Shortcut for all properties 

Text and paragraphs






Defines the text colour 


line-height: 12pt; 

Defines line spacing


left, center, right or justify 

Defines text alignment 


text-indent: 5px; 

Defines indentation 


blink (blinking), underline (underlined), line-through(strikethrough), overline (overlined) or none (no decoration)

Defines decoration 


text-shadow: 1px 2px 4px black; 

Defines a drop shadow for the text, representing, respectively, the shadow's right-shift, down-shift, blur radius, and colour. 


uppercaselowercase, or capitalize

Defines the case of the text


normal (text will wrap to the next line), pre (text appears with whatever blank spaces were entered), nowrap (text will not wrap) 



word-spacing: 6px; 

Defines how much space to put between words


in points (pt), inches (in), in cm, on pixels (px), or as a % 

Defines the width of a text element or image 


in points (pt), inches (in), in cm, on pixels (px), or as a % 

Defines the height of a text element or image 

Background colours






Defines a background colour 



Defines a background image 


repeat, repeat-x, repeat-y, no-repeat 

Defines how the background image repeats 


scroll, fixed 

Specifies if the background image will stay in place when the screen scrolls 


top, middle, bottom, left, center or right 

Positions the image relative to the upper-left corner 


background: url(test.jpg) fixed repeat;

Shortcut for background properties 






margin-top: 5px; 

Value of top margin 


margin-right: 0.5em; 

Value of right margin 


margin-bottom: 2pt; 

Value of bottom margin 


margin-left: 0; 

Value of left margin 


margin: 5px 0.5em 2pt 0; 

Shortcut for margin properties 





border[-top -left -bottom -right]-width 

in points (pt), inches (in), in cm, on pixels (px), or as a % 

Border thickness [for the location given]

border[-top -left -bottom -right]-color 

border-left-color: #RRGGBB; 

Border colour [for the location given] 

border[-top -left -bottom -right]-style 

soliddasheddotteddouble or ridge

Border style [for the location given]



Adds or removes "3D" effect 


border: 1px 0 0 2px dotted green; 

Global shortcut for border properties 






padding-top: 3px; 

Padding between the element and the top border


padding-right: 0.25em; 

Padding between the element and the right border 


padding-bottom: 0; 

Padding between the element and the bottom border 


padding-left: 2pt; 

Padding between the element and the left border 


padding: 3px 0.25em 0 2pt; 

Shortcut for all padding properties 






separate or collapse

Merges cell borders (collapse), doesn't merge them (separate)


border-spacing: 4px; 

Cell spacing 


top, bottom, left or right 

Placing the table's caption 


show or collapse

Display (show) or hide (collapse) empty cells


fixed (independent of cell content) or auto(depending on cell content)

Fixed or variable width 


always (always before each cell) or once(just once)

Property for the blind and visually impaired, indicating how sound behaves when reading table header cells 






decimal, upper-roman, lower-latin, disc, circle, square or none

Type of bullets and numbering 


list-style-image: url(image.png); 

Personalise bullets with an image 


inside or outside 

Specifies bullet indentation 



Shortcut to list properties

Page layout





@page(size: portrait) 

Defines print layout 


auto, landscape or portrait 

Printing format 


margin-top: 3 cm; 

Top margin 


margin-right: 1.5 cm; 

Right margin 


margin-bottom: 1 cm;

Bottom margin 


margin-left: 2 cm; 

Left margin 


crop (crop marks), cross (cross marks), none (no marks) 

Crop marks and cross marks 


Always, avoid 

Forces a page break before an element 


Always, avoid

Forces a page break after an element 


orphans: 2; 

Avoids having orphaned lines at the end of a page. Defines the minimum number of lines of an element that are left at the bottom of a page before a page break. 


widows: 1; 

Avoids having widowed lines at the end of a page. Defines the minimum number of lines of an element that are left at the top of a page after a page break.