, ,

Wonderful web world - vulnerability stats

, ,

With over  800 million sites now hosted on the Internet, and this number can possibly be multiplied or divided by the golden ratio, but either way the fundamental mechanics of web sites is big. And, with 'big' we also get vulnerabilities, as a recently published survey report by White Hat Security indicates that 86% of those surveyed had at least one web site vulnerability in 2012, with the average number of vulnerabilities per web site being 56. Whilst 56 vulnerabilities per web site may appear large it is a number that is trending lower from well over 1000 in 2006, and even the prior year of the report (2011), recorded 79.

Of the the sites that experienced vulnerabilities the top three vulnerabilities classes were:

1. Information leakage – 55% of web sites

2. Cross-Site-Scripting – 53% of web sites

3. Content Spoofing – 33% of web sites.

And, the interesting statistic from an education perspective was that 57% of those in the survey pool provided some instructor-led or computer-based software security training, and the payback was 40% fewer vulnerabilities with 59% faster resolution.

 

 

Stand in the light!

Attending a conference in Perth this weekend, I'm reminded how important it is for presenters and trainers to remember what the most important visual element of a presentation is - the presenter themselves!

So often in setting up a room, organisers and trainers will focus on ensuring a big screen and darkened room so that everyone can see the presenter's slides, but then the presenter is left to stand in whatever available light is left. To make matters worse, the speaker usually stands next to the screen with the slides which is the brightest thing in the room. The speaker is almost as good as invisible.

Slice 1@2x.png
Slice 1@2x.png

What can be done to bring the audience's attention back to your speaker?

Start by turning the lights back on! Check to see if your venue has split lighting controls that allow you to keep light off the projector screen while lighting up the rest of the room. Many lecture theatre style rooms will have this capability. Larger venues such as theatres and conference centres will have dedicated lighting rigs. Talk to your venue organiser and ensure everywhere a speaker may stand during their presentation will be well lit, while keeping light from spilling onto the screen. This will not only help your in person audience, but also vastly improve the quality of the recording if you are videoing your event.

lightson.png
lightson.png

Getting light to where your presenter will be standing will reduce the contrast between the presenter and the screen making them much easier to see.

But wait! I hear you cry. If I turn the lights on, my projector screen washes out - even if I turn off the lights on the projector screen.

For this, there is a 'simple' solution. Buy or rent a brighter projector. A 1500 lumen projector might be great for watching blu-ray movies at night with the lights off, but it's not going to cut it in a bright room with all the ceiling lights on. Look for a projector with a brightness of 3000 lumens or more. These models might be double the price of a less bright projector, but in absolute cost, they're still not that expensive and the outcome for your audience will be many times better. Your presenter will be the star, and your projector display will be the perfect supporting act. Just how it's supposed to be.

,

The gems you find in RFC's

,

In the last 18 months we have been doing a lot of design, development and delivery of training in the area of Carrier Ethernet (CE). Especially in the world of carrier networks there is the need to pro-actively manage the quality of service (QoS) and network performance, which normally goes under the name Operations, Administration and Maintenance (OAM) functions. To ensure conformance with QoS metrics and design build, test methods need to be constructed to provide rigor to the acceptance testing process. And, there is a number of publications from different standards bodies that provide guidance on the testing process...and this raises the question which do you follow, because we have the International Telecommunications Union (ITU), working some aspects and the Internet Engineering Task Force (IETF) - Request For Comment (RFC) working other paths.  So, you may well ask is there consensus between these standards' groups, and in RFC 6815 you will find this gem (page 7, para 3) of an answer:

"The world will not spin off axis while waiting for appropriate and standardized methods to emerge from the consensus process."

You may be interested in referring to some of the network performance documents. The documents include from the IETF - RFC 2544 - Benchmarking Methodology for Network Interconnection Devices http://www.ietf.org/rfc/rfc2544.txt. Published in 1999 this is still a topical document providing various test conditions, frames sizes and rates. The ITU Study Group 12 published in 2011 an Ethernet service activation test methodology in the document, SERIES Y: GLOBAL INFORMATION INFRASTRUCTURE, INTERNET PROTOCOL ASPECTS AND NEXT-GENERATION NETWORKS Internet protocol aspects – Quality of service and network performance (See http://www.itu.int/rec/T-REC-Y.1564/en ). This was intended to fill the gaps in measurement methodology (with respect to RFC 2544) given the evolution of Ethernet services in the telecommunications carrier space.

In November 2012 the IETF published Applicability Statement for RFC 2544: Use on Production Networks Considered Harmful (See http://tools.ietf.org/html/rfc6815 ) The title says it all, with the intention to clarify that RFC2544  was  only for use in isolated test environments and not for production networks.

 

Platinum Winner 2018 - Best Technical Training Solution

Platinum Winner 2018 - Best Technical Training Solution