Firewalls

As we've seen in our discussion of the Internet and similar networks, connecting an organization to the Internet provides a two-way flow of traffic. This is clearly undesirable in many organizations, as proprietary information is often displayed freely within a corporate intranet (that is, a TCP/IP network, modeled after the Internet that only works within the organization).

In order to provide some level of separation between an organization's intranet and the Internet, firewalls have been employed. A firewall is simply a group of components that collectively form a barrier between two networks.

A number of terms specific to firewalls and networking are going to be used throughout this section, so let's introduce them all together.

Bastion host.

A general-purpose computer used to control access between the internal (private) network (intranet) and the Internet (or any other untrusted network). Typically, these are hosts running a flavor of the Unix operating system that has been customized in order to reduce its functionality to only what is necessary in order to support its functions. Many of the general-purpose features have been turned off, and in many cases, completely removed, in order to improve the security of the machine.

Router.

A special purpose computer for connecting networks together. Routers also handle certain functions, such as routing , or managing the traffic on the networks they connect.

Access Control List (ACL).

Many routers now have the ability to selectively perform their duties, based on a number of facts about a packet that comes to it. This includes things like origination address, destination address, destination service port, and so on. These can be employed to limit the sorts of packets that are allowed to come in and go out of a given network.

Demilitarized Zone (DMZ).

The DMZ is a critical part of a firewall: it is a network that is neither part of the untrusted network, nor part of the trusted network. But, this is a network that connects the untrusted to the trusted. The importance of a DMZ is tremendous: someone who breaks into your network from the Internet should have to get through several layers in order to successfully do so. Those layers are provided by various components within the DMZ.

Proxy.

This is the process of having one host act in behalf of another. A host that has the ability to fetch documents from the Internet might be configured as a proxy server , and host on the intranet might be configured to beproxy clients . In this situation, when a host on the intranet wishes to fetch the web page, for example, the browser will make a connection to the proxy server, and request the given URL. The proxy server will fetch the document, and return the result to the client. In this way, all hosts on the intranet are able to access resources on the Internet without having the ability to direct talk to the Internet.

Types of Firewalls

There are three basic types of firewalls, and we'll consider each of them.

Application Gateways

The first firewalls were application gateways, and are sometimes known as proxy gateways. These are made up of bastion hosts that run special software to act as a proxy server. This software runs at the Application Layerof our old friend the ISO/OSI Reference Model, hence the name. Clients behind the firewall must be proxitized (that is, must know how to use the proxy, and be configured to do so) in order to use Internet services. Traditionally, these have been the most secure, because they don't allow anything to pass by default, but need to have the programs written and turned on in order to begin passing traffic.

Packet Filtering

Packet filtering is a technique whereby routers have ACLs (Access Control Lists) turned on. By default, a router will pass all traffic sent it, and will do so without any sort of restrictions. Employing ACLs is a method for enforcing your security policy with regard to what sorts of access you allow the outside world to have to your internal network, and vice versa.

There is less overhead in packet filtering than with an application gateway, because the feature of access control is performed at a lower ISO/OSI layer (typically, the transport or session layer). Due to the lower overhead and the fact that packet filtering is done with routers, which are specialized computers optimized for tasks related to networking, a packet filtering gateway is often much faster than its application layer cousins. Figure 6shows a packet filtering gateway.

Because we're working at a lower level, supporting new applications either comes automatically, or is a simple matter of allowing a specific packet type to pass through the gateway. (Not that the possibility of something automatically makes it a good idea; opening things up this way might very well compromise your level of security below what your policy allows.)

There are problems with this method, though. Remember, TCP/IP has absolutely no means of guaranteeing that the source address is really what it claims to be. As a result, we have to use layers of packet filters in order to localize the traffic. We can't get all the way down to the actual host, but with two layers of packet filters, we can differentiate between a packet that came from the Internet and one that came from our internal network. We can identify which network the packet came from with certainty, but we can't get more specific than that.

Risk Management: The Game of Security

It's very important to understand that in security, one simply cannot say ``what's the best firewall?'' There are two extremes: absolute security and absolute access. The closest we can get to an absolutely secure machine is one unplugged from the network, power supply, locked in a safe, and thrown at the bottom of the ocean. Unfortunately, it isn't terribly useful in this state. A machine with absolute access is extremely convenient to use: it's simply there, and will do whatever you tell it, without questions, authorization, passwords, or any other mechanism. Unfortunately, this isn't terribly practical, either: the Internet is a bad neighborhood now, and it isn't long before some bonehead will tell the computer to do something like self-destruct, after which, it isn't terribly useful to you.

This is no different from our daily lives. We constantly make decisions about what risks we're willing to accept. When we get in a car and drive to work, there's a certain risk that we're taking. It's possible that something completely out of control will cause us to become part of an accident on the highway. When we get on an airplane, we're accepting the level of risk involved as the price of convenience. However, most people have a mental picture of what an acceptable risk is, and won't go beyond that in most circumstances. If I happen to be upstairs at home, and want to leave for work, I'm not going to jump out the window. Yes, it would be more convenient, but the risk of injury outweighs the advantage of convenience.

Every organization needs to decide for itself where between the two extremes of total security and total access they need to be. A policy needs to articulate this, and then define how that will be enforced with practices and such. Everything that is done in the name of security, then, must enforce that policy uniformly.

Introduction to Network Security

IP

As noted, IP is a ``network layer'' protocol. This is the layer that allows the hosts to actually ``talk'' to each other. Such things as carrying datagrams, mapping the Internet address (such as 10.2.3.4) to a physical network address (such as 08:00:69:0a:ca:8f), and routing, which takes care of making sure that all of the devices that have Internet connectivity can find the way to each other.

Understanding IP

IP has a number of very important features which make it an extremely robust and flexible protocol. For our purposes, though, we're going to focus on the security of IP, or more specifically, the lack thereof.

Attacks Against IP

A number of attacks against IP are possible. Typically, these exploit the fact that IP does not perform a robust mechanism for authentication , which is proving that a packet came from where it claims it did. A packet simply claims to originate from a given address, and there isn't a way to be sure that the host that sent the packet is telling the truth. This isn't necessarily a weakness, per se , but it is an important point, because it means that the facility of host authentication has to be provided at a higher layer on the ISO/OSI Reference Model. Today, applications that require strong host authentication (such as cryptographic applications) do this at the application layer.

IP Spoofing.

This is where one host claims to have the IP address of another. Since many systems (such as router access control lists) define which packets may and which packets may not pass based on the sender's IP address, this is a useful technique to an attacker: he can send packets to a host, perhaps causing it to take some sort of action.

Additionally, some applications allow login based on the IP address of the person making the request (such as the Berkeley r-commands )[2]. These are both good examples how trusting untrustable layers can provide security that is -- at best -- weak.

IP Session Hijacking.

This is a relatively sophisticated attack, first described by Steve Bellovin [3]. This is very dangerous, however, because there are now toolkits available in the underground community that allow otherwise unskilled bad-guy-wannabes to perpetrate this attack. IP Session Hijacking is an attack whereby a user's session is taken over, being in the control of the attacker. If the user was in the middle of email, the attacker is looking at the email, and then can execute any commands he wishes as the attacked user. The attacked user simply sees his session dropped, and may simply login again, perhaps not even noticing that the attacker is still logged in and doing things.

For the description of the attack, let's return to our large network of networks in Figure 4. In this attack, a user on host A is carrying on a session with host G. Perhaps this is a telnet session, where the user is reading his email, or using a Unix shell account from home. Somewhere in the network between A and G sits host H which is run by a naughty person. The naughty person on host H watches the traffic between A and G, and runs a tool which starts to impersonate A to G, and at the same time tells A to shut up, perhaps trying to convince it that G is no longer on the net (which might happen in the event of a crash, or major network outage). After a few seconds of this, if the attack is successful, naughty person has ``hijacked'' the session of our user. Anything that the user can do legitimately can now be done by the attacker, illegitimately. As far as G knows, nothing has happened.

This can be solved by replacing standard telnet-type applications with encrypted versions of the same thing. In this case, the attacker can still take over the session, but he'll see only ``gibberish'' because the session is encrypted. The attacker will not have the needed cryptographic key(s) to decrypt the data stream from G, and will, therefore, be unable to do anything with the session.

TCP

TCP is a transport-layer protocol. It needs to sit on top of a network-layer protocol, and was designed to ride atop IP. (Just as IP was designed to carry, among other things, TCP packets.) Because TCP and IP were designed together and wherever you have one, you typically have the other, the entire suite of Internet protocols are known collectively as ``TCP/IP.'' TCP itself has a number of important features that we'll cover briefly.

Guaranteed Packet Delivery

Probably the most important is guaranteed packet delivery. Host A sending packets to host B expects to get acknowledgments back for each packet. If B does not send an acknowledgment within a specified amount of time,A will resend the packet.

Applications on host B will expect a data stream from a TCP session to be complete, and in order. As noted, if a packet is missing, it will be resent by A, and if packets arrive out of order, B will arrange them in proper order before passing the data to the requesting application.

This is suited well toward a number of applications, such as a telnet session. A user wants to be sure every keystroke is received by the remote host, and that it gets every packet sent back, even if this means occasional slight delays in responsiveness while a lost packet is resent, or while out-of-order packets are rearranged.

It is not suited well toward other applications, such as streaming audio or video, however. In these, it doesn't really matter if a packet is lost (a lost packet in a stream of 100 won't be distinguishable) but it does matter if they arrive late (i.e., because of a host resending a packet presumed lost), since the data stream will be paused while the lost packet is being resent. Once the lost packet is received, it will be put in the proper slot in the data stream, and then passed up to the application.

UDP

UDP (User Datagram Protocol) is a simple transport-layer protocol. It does not provide the same features as TCP, and is thus considered ``unreliable.'' Again, although this is unsuitable for some applications, it does have much more applicability in other applications than the more reliable and robust TCP.

Lower Overhead than TCP

One of the things that makes UDP nice is its simplicity. Because it doesn't need to keep track of the sequence of packets, whether they ever made it to their destination, etc., it has lower overhead than TCP. This is another reason why it's more suited to streaming-data applications: there's less screwing around that needs to be done with making sure all the packets are there, in the right order, and that sort of thing.

step by step configuration of frame relay

Chang the encapsulation

Go in interface mode and select the Frame Relay encapsulation on the interface. There are two types of Frame Relay encapsulations: Cisco and IETF. Cisco is the default. The syntax to set your encapsulation is

 encapsulation frame-relay [ietf] 

Configuring the LMI type

The three LMI types are Cisco, Ansi, and Q933a. For IOS 11.2 and higher, the LMI type is automatically detected

 frame-relay lmi-type [cisco | ansi | 933a] 

Configuring the Frame Relay map

configuring a static Frame Relay map, is optional unless you are using subinterfaces. The Frame Relay map will map a Layer 3 address to a local DLCI. This step is optional because inverse-arp will automatically perform this map for you. The syntax for a Frame Relay map is as follows:

frame-relay map protocol address dlci [broadcast] [cisco | ietf]

Configuring subinterfaces

If you are using a routing protocol in a hub-and-spoke topology, you will probably want to use subinterfaces to avoid the split-horizon problem. To configure a subinterface, remove the IP address off the main interface and put it under the subinterface. Configuring a subinterface involves assigning it a number and specifying the type. The following command creates point-to-point subinterface serial0/0.1

 Router(config)#interface serial0/0.1 point-to-point 

To create a multipoint subinterface, enter multipoint instead:

 Router(config)#interface serial0/0.1 multipoint 

Assign IP address to subinterface

After entering one of these commands you will be taken to the subinterface configuration mode where you can enter your IP address:

Router(config-subif)#ip address 10.0.0.2 255.0.0.0 

If you are using a multipoint subinterface, you will need to configure frame-relay maps and you cannot rely on inverse-arp.

If you are using a point-to-point subinterface, you will need to assign a DLCI to the subinterface. This is only for point-to-point subinterfaces; this is not needed on the main interface or on multipoint subinterfaces. To assign a DLCI to a point-to-point subinterface, enter the following command under the subinterface:

 frame-relay interface-dlci dlci 

Configuration of Frame Relay

لتحميل اللاب باكيت تريسير

http://www.4shared.com/file/9gQFvyH8/frame_relay.html

Now first configure R1. Fast Ethernet port and hostname is already configured. Double click on R1 and configure serial port for frame relay encapsulation and further create sub interface for connecting R2, R3, R4. Configure also static route for connecting remaining network.

Configure R1

R1>enable
R1#configure terminal
R1(config)#interface serial 0/0/0
R1(config-if)#encapsulation frame-relay
R1(config-if)#no shutdown
R1(config-if)#exit
R1(config-subif)#interface serial 0/0/0.102 point-to-point
R1(config-subif)#ip address 192.168.1.245 255.255.255.252
R1(config-subif)#frame-relay interface-dlci 102
R1(config-subif)#exit
R1(config)#interface serial 0/0/0.103 point-to-point
R1(config-subif)#ip address 192.168.1.249 255.255.255.252
R1(config-subif)#frame-relay interface-dlci 103
R1(config-subif)#exit
R1(config)#interface serial 0/0/0.104 point-to-point
R1(config-subif)#ip address 192.168.1.253 255.255.255.252
R1(config-subif)#frame-relay interface-dlci 104
R1(config-subif)#exit
R1(config)#ip route 192.168.1.64 255.255.255.224 192.168.1.246
R1(config)#ip route 192.168.1.96 255.255.255.224 192.168.1.250
R1(config)#ip route 192.168.1.128 255.255.255.224 192.168.1.254
R1(config)#exit 

configure R2

R2>enable
R2#configure terminal
R2(config)#interface serial 0/0/0
R2(config-if)#encapsulation frame-relay
R2(config-if)#no shutdown
R2(config-if)#exit
R2(config)#interface serial 0/0/0.101 point-to-point
R2(config-subif)#ip address 192.168.1.246 255.255.255.252
R2(config-subif)#frame-relay interface-dlci 101
R2(config-subif)#exit
R2(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.245 

configure R3

R3>enable
R3#configure terminal
R3(config)#interface serial 0/0/0
R3(config-if)#encapsulation frame-relay
R3(config-if)#no shutdown
R3(config-if)#exit
R3(config)#interface serial 0/0/0.101 point-to-point
R3(config-subif)#ip address 192.168.1.250 255.255.255.252
R3(config-subif)#frame-relay interface-dlci 101
R3(config-subif)#exit
R3(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.249
R3(config)# 

configure R4

R4>enable

R4#configure terminal
R4(config)#interface serial 0/0/0
R4(config-if)#encapsulation frame-relay
R4(config-if)#no shutdown
R4(config-if)#exit
R4(config)#interface serial 0/0/0.101 point-to-point
R4(config-subif)#ip address 192.168.1.254 255.255.255.252
R4(config-subif)#frame-relay interface-dlci 101
R4(config-subif)#exit
R4(config)#ip route 0.0.0.0 0.0.0.0 192.168.1.253
R4(config)# 

now verify by doing ping from pc 0 to all pc. It should be ping successfully.

Eng.Mhammed hamad

WINDOW SERVER 2003

WINDOW SERVER 2003 SERVER FAMILY

1:-SERVICE PACK1

In the service pack 1 new feature are included like that window firewall post setup security update. Security configuration. And reduce securities vulnerabilities by closing ports. It has also reducing feature for attack surface during post setup configuration.

2:- WINDOW SERVER 2003 R2

With the help of window server 2003 R2 you can easily manage the server in branch office and application organization. And improve identity management across the platform. Window server 2003 R2 support high performance web application. By this server you can also manage the storage configuration and enable the cost-effective server virtualization.

The different edition of Windows server 2003 is:-

1. Small Business Server (SBS)
2. Web edition
3. Standard Edition
4. Enterprises Edition
5. Datacenter Edition

Small Business Server:-

Small Business Server is a low cost Edition this edition support up to 75 users. According to Microprocessor this edition is capable to full fill the necessities of small organization or Business.

There are two Edition of SBS
1. Standard Edition
2. Premium Edition.
In its standard edition there is active directory share point portable and exchange Server. In the same way in premium edition SQL Server 2000 and ISA server 2000 has given.

Web Edition

Window Server 2003 Web Edition is mainly made to make and host the web application. In this Edition the RAM support is possible up to 2 GB.

Standard Edition

This edition is perfect for small to medium Business organization. This edition supports the file and print service secure Internet connectivity. Besides that this edition supports the 4 way symmetric multi processing and 4 GB RAM (4 Processors). Window Server 2003 is also support distributed file system (DFS), Encrypting file services (EFS) and shadow copies.

Enterprises Edition

Window Server 2003 enterprises edition is made for medium to big business organization. This is full function Server for one organization. This edition support in 8-way symmetric multiprocessing (8 Processor) and in 32GB RAM 32bit version and in 64GB RAM 64bit version.

Datacenter Edition

Window Server 2003 datacenter is made for very big Business organization, where high security and reliability is need. This edition is the power house of Window platform. This edition supports the 32-way symmetric multi processing (64 processor) and 512GB RAM.

Window Server 2003 Features:-

1. 64 bit Processor Support (For Intel Iteninu).
2. Maximum RAM Support.
3. Maximum Symmetric Multiprocessing Support (SMP).
4. Active Directory Service Support.
5. Internet Connection Firewall.
6. Remote Desktop.
7. Service for UNIX.
8. Internet Connection sharing.
9. Distributed file system.
10. Support IP V6.
11. Internet Information Servers 6.0 has given.
12. Domain Rename Facility.
13. File System Support (FAT 16, FAT 32, NTFS).
14. Network Type Support- 1. Workgroup Network. 2. Domain Network.
15. Disk Quota Support.
16. Recovery Console.

Windows Server 64-bit editions

Windows Server 64-bit editions provide for higher CPU clock speeds and faster floating-point processor operations than the 32-bit editions. Increased access speed to enormous memory address space allows for smooth operation of complex resource-intensive applications such as scientific analysis application, massive database applications, and heavily accessed Web servers.

The64-bit editions do not support 16-bit Windows applications, real-mode applications, POSIX applications, or print services for Apple Macintosh clients.

SERVER :-

Server is a type of which computer or system who provides the all services according to client requirement.

CLIENT :-

A computer on network that requests other computer for services or resources, generally any node workstation is called client.

Workgroup

In Workgroup Network the User Account Database is maintained separate-separate on every Computer. So in that each Computer is himself responsible for its own security. The administration of Workgroup Network is De-centralized. So it is typical to manage.

Domain

In this network the User Account and its Password are on Server (Domain). The Domain Member has to logon on Domain to access the shared resource. In Domain Network the administration of each shared resource is from centralized location (Domain) so it's easy to manage.

eng.Mohammed hamad

تصميم الشبكات

طبقات الشبكة السبعة (مقاييس ISO/OSI)

يعتبر استخدام نماذج الطبقات عند القيام بتصميم الشبكة أمراً في غاية الأهمية. فعند القيام بإجراء معين، كإنشاء تطبيق برمجي، يكون التنفيذ أسهل إذا تم تقسيم العمل على مراحل، أو ضمن طبقات برمجية، حيث تقوم كل طبقة بالاتصال مباشرة مع الطبقة التي تعلوها، وتلك الأدنى منها. إن هذا الأسلوب يجعل المهندسين قادرين على العمل في أي مرحلة من مراحل تطوير المشروع، وعلى تقسيم مهمة تصميم الشبكة إلى أجزاء صغيرة بحيث يمكن إدارتها بسهولة، دون العودة إلى أساس التصميم.

قامت منظمة ISO أو International Standards Organization وهي الهيئة الدولية المعنية بالمقاييس في أوائل الثمانينات بطرح أسلوب للتصميم يدعى Open Systems Interconnection "أنظمة الترابط المفتوحة"، حيث تألف هذا الأسلوب الجديد في التصميم من سبعة طبقات، أو بما يشار إليه بالمراحل الأساسية في التصميم. وقد ساعد هذا النموذج مصممي الشبكات والشركات المصنعة للتجهيزات على توحيد بروتوكولات الأجهزة، وتصميم معدات شبكة تعمل وفق مقاييس دولية. وهذا الأسلوب يعطي الطلاب فرصة هامة لفهم كيفية عمل الشبكات مع بعضها.

فيما يلي شرح مختصر لكل من هذه الطبقات.

- طبقة البرمجيات والتطبيقات Application Layer

يتم التواصل بين طبقة التطبيقات والبرمجيات وبين المستخدم. فبعد أن يقوم المستخدم بإنشاء رسالة وإرسالها عبر الشبكة، يتم ربط البرنامج أو التطبيق بنظام الاتصالات. تتضمن هذه الطبقة الخدمات التالية:

- خدمات الطباعة والملفات؛

- البريد الإلكتروني؛

- برامج الدخول عن بعد؛

- برامج نقل الملفات.

- طبقة التمثيل Presentation Layer

مهمة هذه الطبقة هي التأكد من أن المعطيات المرسلة من جهاز ستصل إلى وجهتها حتى ولو كان تمثيل هذه المعطيات مختلف. إضافة فإن عمليات الضغط وفك الضغط، والتشفير وفك التشفير، وتحويل أسلوب إظهار المعطيات على الطرفيات يتم هنا.


- طبقة الحوار Session Layer

تتحكم هذه الطبقة بالاتصالات بين التطبيقات عبر الشبكة، بما في ذلك:

- إنشاء الاتصال؛

- الحفاظ على الاتصال؛

- إنهاء الاتصال.

- طبقة النقل Transport Layer

إن هذه الطبقة مسؤولة عن سلامة وصول المعطيات المرسلة.

- طبقة الشبكة والبروتوكولات Network & IP Layer

يتم في هذه الطبقة إضافة عنوان مميز لرزم المعطيات ليتم تحويلها إلى حاسب على شبكة أخرى، وهي مسؤولة عن:

- تحديد العناوين على الشبكات؛

- إيجاد الطريق الأمثل بين عنواني المرسل والمستقبل.

- طبقة ربط المعطيات Data Link Layer

إن هذه الطبقة مسؤولة عن بناء أطر المعلومات، وإرسالها واستقبالها. حيث يتم إضافة تابع رياضي إلى كل إطار بهدف الكشف عن الأخطاء، ومن ثم يتم نقل هذه الأطر إلى الطبقة الأولى كي يتم ارسالها.

- الطبقة الفيزيائية Physical Layer

تعتبر هذه الطبقة مسؤولة عن نقل المعطيات بين الحاسب والناقل من كابلات وغيرها تصل بين الأجهزة، وتقوم بتعريف المتطلبات الكهربائية (الفولت) والفعلية (طريقة وصل الكبل) كي يتم الربط بين الأجهزة والناقل.

إن كافة المفاهيم المتعلقة بالشبكات وأجهزة ومعدات الشبكات تعمل ضمن واحدة من هذه الطبقات، وأحياناً ضمن العديد منها، مما يسمح للمهندسين بمعالجة المشاكل منهجياً ومنطقياً.

مهندس/ محمد حمد النيل

Listen to the words is the most beautiful استمع الى كلمات اجمل ما يكون

الاستثمار يحول ثمن جوال قديم الى سيارة حديثة

اجعل حلمك ينمو من

الاستثمار يحول ثمن جوال قديم الى سيارة حديثة

---

يمكنك استثمار نقودك فى حسابك فى البورصة
(باسمك الشخصي) فتكون فى أمان 100%

كل ما عليك هو الضغط و التسجيل فورا و دفع مبلغ 30 دوﻻر ثمن جوال و اتباع الخطوات الموضحه في الموقع بسهوله


http://www.ad3af.com/?u=33342

Microsoft

30 years ago, Bill Gates and a group of friends enjoyed working with computers. Today, Microsoft is a multibillion dollar company and rides the crest of the internet wave.

It is hard to broach the subject of the birth of Microsoft without mentioning the name of Bill Gates, the founder and leader of Microsoft Corporation. Bill Gates was born William Henry Gates III on October 28, 1955. He was born to a family that was successful in business, living a comfortable upper middle class life in Seattle, Washington.

Early in his elementary school days, Bill Gates quickly shot to the head of the class, consistently outscoring his peers in most subjects, but especially math and science. His parents soon enrolled him in Lakeside Prep School, where the atmosphere was intellectual enough to stimulate the young Gates. This move to Lakeside would prove historic, for it was here, in the spring of 1968, that he was introduced to computers.

At that time, computers were still too large and expensive for the school to purchase one of its own. Over the next ten months or so, the school struck agreements with various corporations who allowed the students to use their computers. Bill Gates, his buddy Paul Allen and a handful of others quickly took to computing. In fact, they began to skip classes, opting instead to stay in the computer room and write programs, read computer books and find out exactly how these machines worked. They soon learned to hack the system, and altered and crashed valuable files until they were banned from the computer. Soon, however, Bill and his friends were actually hired by the computer company to find bugs and explore weaknesses in the system, which kept causing the computers to crash. Instead of paying the boys for their time, they were granted something even better--unlimited computer time.

Gates has been quoted as saying that that was the time when he got into computers fulltime. "I mean, then I became hardcore. It was day and night," he said. The boys used their time eating, drinking and breathing computers. They studied manuals, explored the system, and hounded the employees with questions until they had formed a base of knowledge that would eventually lead to the formation of Microsoft.

The computer company that was hiring the group went out of business in 1970, and the boys had to find alternate sources for computer time. They were soon hired by Information Sciences Inc. to write a program for payroll. This time they actually earned money as well as enjoying the unlimited computer time. It was during this time that the group gained notoriety for their skill in computer programming. They were hired or contracted by various organizations to find bugs and fix them. Each job helped Gates and his friends learn their skill and delve ever deeper into the world of programming.

In the fall of 1973, Gates left for Harvard University. He enrolled as a prelaw student, but spent most of his time in the campus computer center, programming away. He stayed in touch with Paul Allen and they continued to talk about future projects and the possibility of one day having their very own business. Allen even moved to Boston to be closer to Gates, so they could continue working on projects. Allen continually urged Gates to quit school and work with him full-time, and Gates was unsure of what he wanted to do. This was soon to change.

One year later, Paul Allen saw the first microcomputer on the cover of a magazine. He bought the magazine and went immediately to show it to Gates. They realized the time was right. The home PC business was about to explode and someone would need to provide software for the machines. By stretching the truth somewhat, Gates arranged for a meeting with the Altair manufacturers. He had called them to let them know he had a program written for them. After the appointment was made, Gates and Allen stayed up for nights, feverishly writing the program he had promised. It worked perfectly at the meeting, and everyone was impressed. They sold the program, and saw that this was something they could do for real. Within a year, Gates had dropped out of Harvard and Microsoft was formed.

The company went through some rough first years, but eventually were able to license MS-DOS to IBM. The IBM PC took the public by storm, and its success signaled the success of Microsoft. Microsoft continued writing software, for businesses as well as the consumer market. In 1986, the company went public, and Gates became a 31-year old billionaire. The next year, the first version of Windows was introduced, and by 1993 a million copies per month were being sold.

In 1995, Gates knew that the Internet was the next area of focus, and the course of Microsoft shifted dramatically. The popular Internet Explorer browser soon became a bestseller. Today, Microsoft software is everywhere, and indeed, is almost synonymous with the terms "computer" and "Internet."

Definitions of

Gooooogle

on the Web:

• search the internet (for information) using the Google search engine; "He googled the woman he had met at the party"; "My children are googling all day"
• a widely used search engine that uses text-matching techniques to find web pages that are important and relevant to a user's search
  
  
• Google Inc. (, ) is a multinational public cloud computing and Internet search technologies corporation. Google hosts and develops a number of Internet-based services and products, and generates profit primarily from advertising through its AdWords program. ...
  
  
• A googol is the large number 10100, that is, the digit 1 followed by one hundred zeros in decimal representation. The term was coined in 1938 by Milton Sirotta (1929–1980), nephew of American mathematician Edward Kasner, when he was nine years old. ...
  
  
• To search for using Google (or, rarely, another Internet search engine); A particular Internet company; Its search engine
  
  
• googles - The number of pages returned by a Google search
  
  
• A web search program that ranks web pages in a list of hits by giving weight to the links that reference a specific page.
  
  
• Google, a popular search engine, is a tool for finding resources on the World Wide Web. Google scans web pages to find instances of the keywords you have entered in the search box.
  
  
• An American company known for its popular search engine of the same name.
  
  
• Google Inc. is an American public corporation, specializing in Internet search and online advertising. It is a very popular and powerful search engine
  
  
• is the FOPL form of the statement "Mark works for Google".
  
  
• Google is the most popular search engine on the planet, so much so that its name has become a verb. (As in, “to google.”) The term “google” was originally “googol,” a term meaning the number “1” followed by 100 zeroes, created by prominent mathematician Edward Kasner. ...
  
  
• Google is a Search Engine which started as a university project of two students but has now become the biggest online website. Google provides many other services such as analytics, video hosting and community building apart from its Search Marketing products.
  
  

google's - Pay-Per-Click (PPC) or Cost Per Click (CPC) text based advertising system. AdWords takes click-through rate into consideration in addition to the advertiser's bid to determine the ad's relative position within the paid search results. ...

Gooooooooooogle

They don’t just have the world’s best search engine, they have the world’s largest and most scalable platform for developing huge web-based applications.

Google has taken the last 10 years of systems software research out of university labs, and built their own proprietary, production quality system. What is this platform that Google is building? It’s a distributed computing platform that can manage web-scale datasets on 100,000 node server clusters. It includes a petabyte, distributed, fault tolerant filesystem, distributed RPC code, probably network shared memory and process migration. And a datacenter management system which lets a handful of ops engineers effectively run 100,000 servers. Any of these projects could be the sole focus of a startup.

Definition of Information Technology

In the broadest sense, information technology refers to both the hardware and software that are used to store, retrieve, and manipulate information. At the lowest level you have the servers with an operating system. Installed on these servers are things like database and web serving software. The servers are connected to each other and to users via a network infrastructure. And the users accessing these servers have their own hardware, operating system, and software tools

الحكومة الالكترونيه-e-government

ماهي الحكومة الالكترونيه
Definition and objectives of e-government

First: the definition of e-government

اعتمدت المنظمة العربية للتنمية الإدارية تعريفا للحكومة الإلكترونية، بأنها عملية استخدام المعلومات العريضة والإنترنت، والاتصال عبر الهاتف الجوال لامتلاكها القدرة على تغيير وتحويل العلاقات مع المواطنين ورجال الأعمال ومختلف المؤسسات الحكومية. Adopted by the Arab Organization for Administrative Development, the definition of e-government, as a process of broad use of information and the Internet, and communication via mobile phone to possess the ability to change and transform relations with citizens, businessmen and various government institutions.

وقد قامت فى هذا الإطار بتصنيف أنواع الحكومات الإلكترونية لصنفين أولهما التصنيف التفاعلي Interactivity، وثانيهما على أساس الخدمة من/على .From who to who . Has in this context, the classification of types of e-government for the first two classes classification Interactive Interactivity, and secondly on the basis of service from / to. From who to who.

ويعرف الدكتور أحمد القرعى فى مقاله المنشور بصحيفة الأهرام القاهرية الحكومة الالكترونية بشكل لا يخلو من المزاح الجاد قائلاً، بأنها حكومة خفية تحتضنها الحكومة الشرعية القائمة في الدولة بمعني أنها تقتنيها, ولكن لا تمتلكها, حيث المواطن سيد قراره فهو في منزله الفاعل لا المرفوع من الخدمة أو المشاركة . Known as Dr. Ahmed Qarae in his article, Al Ahram newspaper, Cairo's e-government is not without serious joke, saying it is a government secret nestled in the legitimate government in the State the sense that they acquire, but does not own, where he is master of its citizens at home are not actor raised from service or participation. والمواطن هنا أيضاً الحاضر الغائب فهو سي السيد الجديد الذى يتم توظيف كل وسائل الاتصال والمعلومات لخدمته لاستجداء مشاركته وعلي الحكومة الالكترونية الجديدة أن تلبي رغباته أينما كان في المنزل أو العمل في الشارع أو علي طريق السفر, داخل الوطن أو خارج الحدود. And the citizen are also currently absent is C Mr. New, who is employing all means of communication and information for the service to solicit participation and the government's new electronic to meet the wishes anywhere in the home or business in the street or on the road to travel, at home or outside the border.