Out-of-Band Management of Data Center Infrastructure

August 29th, 2010 adminLeave a comment

Data Center

We recently had a client who asked us to implement the simple and cost effective solution for Out-of-band management for their production data centers. The goal of Out-of-band management is to have a network access to the critical data center infrastructure when company’s network is melted, preventing you to access any devices for troubleshooting purposes. In other words this is meant to be company’s alternative way of accessing data center critical devices.

The simplest solution, that we actually ended up implementing, was a static DSL line from a local ISP provider, terminated on Cisco 2611 router, using PPPoE protocol. Cisco 2611 router is not a high throughput router, but given that packet throughput is not a requirement in our case and the fact that it supports asynchronous modules for device console connectivity, we decided it would be a good fit. Client would initially SSH to the static IP provided by the ISP and configured on Cisco 2611 router. From there, given the router had asynchronous lines to all network devices’ console port, they would be able to connect to any device via the console.

Point-to-Point Protocol over Ethernet (PPPoE) is traditionally suited for connecting many users on a company Ethernet network to the Internet by using a common Customer Premises Equipment (CPE), which in most cases is the ISP provided device such as cable modem. PPPoE is based on the well known Point-to-Point Protocol (PPP), that has been commonly used in dialup connections a while back.

Here is how we got it done:

1. Ordered a static DSL line from AT&T. You have to request a static IP if you plan to be able to SSH or Telnet into your data center router form anywhere outside. You must configure the AT&T modem to be in the ‘bridged’ mode, meaning it will act as a dumb device and will delegate the responsibility of establishing the connection to your Cisco 2611 router. Once you have registered with AT&T ask them to provide you with the PPP username and password, that you will need later on to configure your router for PPP authentication. Also ask them to provide you with the static IP and network mask for your router interface.

2. AT&T technician will install your DSL line and connect it to the outside port on the modem. You will need to connect an internal port on the modem to one of the Ethernet interfaces on your Cisco 2611 router.

3. Next step is to configure your Cisco 2611 router to support PPPoE and establish the connection to your ISP network. Here is the router configuration that achieved our goal. In our case Cisco 2611 router acts as a PPPoE client.

Configure VPDN (Virtual Private Dialup Network) and enable PPPoE globally:

conf t
vpdn enable 
!
vpdn-group 1 
request-dialin 
protocol pppoe

Configure the dialer interface responsbile to ‘dial up’ to the ISP device and establish a PPPoE session. You need to identify what authentication protocol your provider is using – PAP or CHAP. PAP is a clear password authentication, while CHAP is more secure. If unsure – you can configure them both, as we did, and let the interface negotiate it for you:

interface Dialer1
ip address X.X.X.X 255.255.255.0  !!! <--- Static IP provided by ISP
ip mtu 1492                       
encapsulation ppp
dialer pool 1
dialer-group 1
no cdp enable
ppp chap hostname 
ppp chap password 0 
ppp pap sent-username  password 0 
no shutdown
exit

Configure physical ethernet interface with the MSS(maximum segment sise) of 1452 to alow for additional 8-byte PPPoE encapsulation and have the total segment sixe not to exceed 1500 bytes, the standard ehternet maximum segment size. You specify dial-pool-number that your Dialer 1 interface is part of:

interface FastEthernet0/0
ip tcp adjust-mss 1452
pppoe enable
pppoe-client dial-pool-number 1
no shutdown
exit

Configure routing with the default static route pointing to the dialer interface:

ip classless
ip route 0.0.0.0 0.0.0.0 dialer1

This specifies for what kind of traffic should connection be established:

dialer-list 1 protocol ip permit

And Ta Da!

Once everything is configured, you must be able to reach your router’s static IP that you have assigned anywhere from the internet. So make sure you have configured both ‘Exec’ level and enable passwords on Cisco 2611 router, as it is now officially exposed to anyone on the Internet to login.

If your connections is not established, you might need to troubleshoot it. The first step is to make sure PPPoE authentication is working correctly and PPPoE session is estblished. These commands will help:

show vpdn
show ppoe session 
debug pppoe errors

Turn on PPP debugging in case there are issues with PPP authentication:

debug ppp negotiation

If you turn on debugging, dont forget to turn it all off at the end of troubleshooting, as it might suck up some of your router resources during normal operation:

no debug all

Overall, this was inexpensive solution to get it done and client would proactivley monitor an Ehternet interface with the static IP going forward to avoid situations where engineers find out about broken service when they actually need to use it. Cost for a brnad new Cisco 2611 is around 2K, we however bought a used one from a reseller for only $200. Monthly recurring charges for the DSL line would be $30/month.

We welcome anyone to share their solution for this specific problem.

  • Share/Bookmark

No comments »

Posted in networking

LearnComputer! Tags: , , , ,

Technorati Tags: , , , ,

Google Analytics – Track AdWords Campaigns Effectively

August 24th, 2010 adminLeave a comment 1 comment

To get the most out of your search marketing efforts, you can link Google AdWords to Google Analytics for effective campaign tracking. The level of detail you can see within your search campaigns through Analytics tracking is much deeper, providing you with a unique vantage point to get the most out of your marketing investment. This guide provides an overview of best practices for improving your marketing campaigns based upon insights from Analytics tracking.

At a high level, Analytics provides a window into detailed performance of your campaigns down to the keyword level. The ultimate aim and potential of this linkage is to improve the ROI (return on investment) for your search marketing spend. In order to accomplish this, you can utilize the native conversion funnels within AdWords so you can easily track conversions within your campaigns. Within the campaign, ad-group, and keyword levels you can find tabs which allow you to view the different groups of conversions within your analytics profile. If you have an e-commerce site, you can setup custom commercial reporting for your site, including a wide variety of shopping carts which you must enable through Google Analytics:

Google Analytics Profile Settings

Most commonly, sales tracking is done through an integrated shopping cart model or server coding that allows you to securely track e-commerce by source. To get a deeper dive into the metrics of your search campaign, new options within AdWords allow for rich tracking of sources and options. In order to improve your return on investment, follow this basic equation that determines your Return On Advertising Spending (ROAS):

ROAS = SEM Revenue / SEM Costs
Clicks * Conversion Rate * Avg. Order Size / Clicks * CPC

SEM = Search Engine Marketing
CPC = Cost Per Click

Therefore, in order to improve your ROAS, you should aim to increase the Conversion Rate and Order Size or lower your Cost Per Click (CPC). Google Analytics provides a variety of insights into helping you identify areas of opportunity and challenges within your campaigns. You can pivot AdWords Analytics reports across a variety of dimensions, including the ad format, campaign, keyword, match type, placement, and destination URL. In the latter case you can segment ROAS for each of your landing pages to determine which performs better. Further integration with Website Optimizer can help you find opportunities for improvement across your site.

Within the AdWords reports you can see conversion rate by hour of the day, helping you better identify opportunities to improve performance by properly segmenting your campaigns with day-parting. You may notice, for example, that your conversion rate is lower from 10 p.m. until 5 am., allowing you to exclude these hours in favor of prime opportunities. At the same time, you can drill down into keyword or placement level reports in order to analyze the individual performance of certain campaign elements. You can identify opportunities for expansion as well as inefficiencies within your campaign which can be addressed in the optimization process.

  • Share/Bookmark

1 comment »

Posted in google adwords, google analytics

LearnComputer! Tags: , , ,

Technorati Tags: , , ,

Is Android Google’s Launching Pad into Apple’s Airspace?

August 15th, 2010 adminLeave a comment

Android on top of Steve Jobs

With the release of iOS version 4, Apple continues to build on their momentum as the leading blue chip smart phone provider. As Google takes strides to develop its Android OS, however, many analysts see emerging trends that point in Google’s favor. AdMob’s own mobile metrics report (http://metrics.admob.com/2010/06/may-2010-mobile-metrics-report/) shows Android’s operating system share rising to over 25%, with Apple holding steady at around 40%, Nokia at just over 20% and Blackberry at just under 10%. In terms of the ability to scale, Android provides developers and handset manufacturers with a compelling alternative to the closed Apple ecosystem, potentially increasing the rivalry in the battle over wireless airwaves.

While consumers will continue to decide which handsets meet their own hardware needs, the larger battle remains in terms of functionality through the growing number of mobile applications. The Apple store remains the leader in adoption by developers worldwide but Android is rapidly gaining momentum for its open source platform, long term revenue potential and multi-device approach that can scale across a variety of mobile devices. One major reason for developer migration to Android is the tight ecosystem which Apple has built around iOS. The most recent Android version 2.2 (Froyo) has a professional team at Google overseeing the development as well as thousands of independent developers submitting bug fixes and code contributions (http://android-developers.blogspot.com/2010/06/froyo-code-drop.html). The availability of fully transparent developer tools, emulators and testing kits offers developers an opportunity to see under the hood of Android and keep their applications ahead of the game, rather than trying to respond to updates as they do with Apple.

As Apple continues to utilize its own proprietary closed coding base (similar in that regard to Facebook), Android utilizes Java and C++ code bases, making it easy to port existing C++ code to the platform. As a result, software developers can greatly benefit from the streamlined process of shifting from desktop to mobile development. Perhaps the greatest advantage for Android coders is a set of standards that allows applications to work on a variety of existing and emerging devices, potentially vastly increasing the user base over time. Within the Android Software Development Kit you can specify particular types of hardware features required, allowing the marketplace to filter your application for installation on a wide variety of devices that meet your needs. Developers can specify required and optional hardware features so they can scale their applications across all applicable devices:

<uses-feature android:name="android.hardware.{feature}" 
        android:required="true/false" />

One of the major advantages of Android over iOS is the wide range of devices you can potentially develop for. The wealth and diversity of Java libraries make it easy to create variants and unique approaches to the market for phones, netbooks and emerging devices. Rather than independently writing an app for the iPad, Mac and iPhone you can easily customize and scale you application for a wide variety of hardware with a core code base. The royalty free, open source platform provides insight into the architecture as well as financial advantages in terms of licensing and royalty costs. A combination of development and financial incentives makes Android increasingly attractive for both consumers and developers.

  • Share/Bookmark

No comments »

Posted in android, apple

LearnComputer! Tags: ,

Technorati Tags: ,

Google AdWords – Top 10 Mistakes to Avoid

August 5th, 2010 adminLeave a comment

While the return on investment from AdWords makes it an attractive marketing opportunity, many beginning advertisers gloss over important details when launching a campaign. This guide provides a convenient way to get up to speed with the latest trends, technology and insights into search marketing. By highlighting ten common mistakes in Google AdWords you can save time, money and accelerate your path to progress in your search marketing campaigns.

1. Not defining conversion goals clearly

Before you launch or expand a search marketing campaign you should clearly define goals of what you want your users to do. Whether you want to sell a product or get users to engage with content on your site, you should fully tag and optimize your campaigns based upon conversion goals including those from Google Analytics:

Conversions

2. Relying upon default match types

By default, AdWords targeting broad match keywords which potentially can link your ads to unwanted keywords that Google deems related. Instead, you should tier your campaign with phrase and exact match keywords to further refine your targeting options, and continuously review the performance of each keyword to meet your ROAS goals.

3. Not segmenting content and search network campaigns

Building out your content and search network campaigns independently can make tracking, reporting and optimizing much easier. Since your targeting options within the networks are unique, properly segmenting your campaigns can provide greater visibility into areas of opportunity for expansion, whether they are sites (content) or keywords (search).

4. Ignoring day-part settings

Running your ad 24 hours a day might make sense for certain business models, but other firms may find there is a “sweet spot” during the day. Linking your account to Google Analytics can provide insights into hour-level conversions to help you spend your budget more effectively:

Ad Schedule

5. Setting bids at the ad-group level

Each keyword has its own quality score and conversion rate so why are you bidding at the group level? By adjusting keyword-level bids you can prioritize better performers and increase the overall performance of your campaign.

6. Spending all of your budget on certain keywords

By structuring your campaigns in a way that segments off brand terms from generic and each product group from another you can better define campaign-level budgets. If a few select keywords are draining your budget make sure to fully evaluate the return on investment, and segment them into their own ad-groups so you can properly monitor and set keyword level bids. Without a broad campaign structure you can set bids at the campaign level to keep your coverage over a wider targeting area.

7. Increasing bids on low quality score keywords

If you identify a keyword you want to target strategically but which requires a high minimum bid then you should evaluate ways to improve the quality score. Keep in mind the formula to maintain front page position is:

Ad Ranking = CPC Bid * Quality Score Factors

8. Targeting an entire region

You know you prime markets for prospects, so why target the entire region through search marketing? Defining your campaign geo-targeting settings can help improve the targeting and effectiveness of your ads.

9. Always bidding for position 1

While bidding wars can get the heart racing, they’ll empty the wallet even faster. Take a steady, long-term, disciplined approach to bidding by focusing on the return from your campaign, rather than competitive positions on generic keywords – brand terms are another story.

10. Not protecting your trademarks

Are there other ads diluting your name brand? Kick them out of the headlines by claiming your trademark exclusivity through AdWords: http://services.google.com/inquiry/aw_tmcomplaint.

Trademark Complaint Form

  • Share/Bookmark

No comments »

Posted in google adwords

LearnComputer! Tags: ,

Technorati Tags: ,

Google AdWords Click Fraud – Are YOU Vulnerable?

August 2nd, 2010 adminLeave a comment

Googel AdWords Click Fraud

Paying only for clicks for online search advertising seems like an efficient proposition, but it can quickly become expensive when you factor in the broad array of variables involved in the equation. In particular, you risk potentially fraudulent clicks from your competitors and publishers who are seeking to earn financial advantages in the process (while harming your pocket book.) While many advertisers just write off click fraud as “the cost of doing business online”, it is important to understand the risks and, more importantly, ways to avoid becoming a victim of click fraud in the first place.

As a starting point, you should always assume you are potentially vulnerable to click fraud as an online advertiser, since there are nearly unlimited ways in which you can potentially incur unwanted costs. While there are some elements of click fraud within AdWords that are hard to avoid, you can actively take steps to lower your risk and potentially increase the return on your ad spend over time. While there are vendors that can provide expensive click monitoring services, these are only really viable for large scale advertisers who stand to benefit from the vast scale of the service in the first place. Since most advertisers don’t fall in this category, this guide provides an overview of how you can protect yourself through some basic steps to get more value out of your search marketing clicks.

Ensure Quality Clicks through Geo-Targeting

Googel AdWords Target by Location

One of the most important steps you can take as an advertiser is to properly geo-target your campaign to a target market. While Google has a click filter that prevents certain types of clicks from costing your campaigns, you can open yourself to unwanted (if not fraudulent) clicks by opting for the default national (or regional) targeting on your campaigns. By focusing your geographical area within your target market you can immediately lower the potential risk from unwanted clicks by excluding IP regions that cannot readily become customers. For example, you can target by zip code, state, city (DMA) or a radius around a certain location – each of these options offer potential for ensuring real clicks to your marketing campaign.

Refine the Targeting Settings

While you are limited in your ability to exclude certain clicks from IPs you can limit the scope of clicks by also refining the targeting settings in your campaigns. You can show ads directly on only Google, opting out of “Search Partners” and “Content Networks” which can potentially show lower conversion rates due to click fraud. When publishing partners are involved in the search ads, this opens up potential for problems and can pose challenges to nearly any search campaign. As a result, you can better refine the targeting of your campaigns so you can ensure quality clicks from genuine potential customers. Importantly, there will be some clicks that come from prospects which don’t convert – optimizing your ads and landing pages can further help qualify potential visitors, even if the clicks are real. Taking a series of calibrated steps to improve your overall campaign performance can truly help to improve the Return on Invsetment (ROI) you get from your AdWords.

  • Share/Bookmark

No comments »

Posted in google adwords

LearnComputer! Tags: ,

Technorati Tags: ,

Secure Apache Web Server – Top 10 Ways

July 28th, 2010 adminLeave a comment 2 comments

Secure Apache

The Apache web server is an extremely stable and secure piece of software. With Apache powering close to 70 percent of the web sites on the Internet today, it has been well tested. It has become clear over the last decade that no software is 100% secure. Fortunately, there are several simple steps you can take to make your Apache installation more secure.

Keep Current

The single biggest cause of security breaches is software that was out of date. As bugs and exploits are found in the Apache web server, patches are released to correct them. The single biggest step you can take to securing your Apache server is to install the patches or upgrade to the latest release of Apache.

Security By Obscurity

The default Apache installation options cause the server to add a signature that shows what version of Apache you are running, what operating system it is running on and even what modules you are using in your Apache configuration. Providing this information makes it easier to exploit your system since hackers will have a great deal of information about the types and versions of your software and can easily search for vulnerabilities. While security by obscurity is not enough by itself, it is a good way to improve the security of your server. To disable Apache’s signature and reduce the information included in the HTTP header, add the following options to your default httpd.conf file:

ServerSignature Off
ServerTokens Prod

Run Under the Right User and Group

Often, the default installation of Apache has the web server to run under the user nobody and the group nobody. While this is definitely better than some older configurations that ran the server as root, it can still be problematic. This is because on some systems the nobody user and group are used by several systems. If one of these other systems is comprised, the attackers would also have access to your Apache server and files. Likewise, if Apache were comprised, the attackers could do added damage to other subsystems. Using a separate user and group for Apache is recommended. You can set these in httpd.conf using the following:

User apache
Group apache

Control Directory and File Access

Apache has access controls that can be used to tighten your security. In particular, you want to block access to access to any files outside of your web root. This prevents users from downloading system files or reading configuration files for your web application if your server were to be mis-configured. Accomplishing this takes two steps. The first is to add the following to your default httpd.conf file:

<Directory />
	Order Deny,Allow
	Deny from All
	Options None
</Directory>

This configuration effectively block access to all files on your file system. The next step is to selectively enable access to the files in your web root directory. If you are running multiple virtual hosts, you will need to include this in each virtual host configuration. For this example, lets say that your web root is /home/user/web. To enable access to the files in the web root, add this to your configuration:

<Directory /home/user/web>
	Order Allow,Deny
	Allow from All 
</Directory>

Similarly, you may need to selectively block access to certain files. A common technique is to block access to .htaccess. However, there are also often other files for which you want to block access. You might want to block access to all files with a .inc extensions (PHP includes) since they may contain sensitive information (such as database details) or if you use the Subversion source control system, you may need to block the .svn files generated when doing a code checkout. To block a specific file such as .htaccess, add this to your httpd.conf:

<Files ~"^/.htacces">
	Order Deny,Allow
	Deny from All 
</Files>

To hide all files that end in .svn, you can use the following:

<Files ~"/.svn$">
	Order Deny,Allow
	Deny from All 
</Files>

Turn Off Unneeded Modules

Often, when it comes to security, less is more. This especially applies when it comes to Apache modules. You should disable any modules that you do not need and are not specifically using. There is always a risk that the default configuration for an unused module will allow something that you did not intend. The easiest solution is to disable the module. If you are using DSO modules, simply remove or comment out the LoadModule line in httpd.conf for any modules that you are not using. If your modules are compiled into your web server, you will need to recompile to remove them. To find out what modules are compiled into your Apache web server, use the following command:

httpd -l

Beware of .htaccess

We have already mentioned the importance of protecting your .htaccess file from being downloaded. However, .htaccess can also create other security problems. Depending on what options are enabled in Apache, .htaccess can override a number of Apache’s configuration settings. This can sometimes lead to well-meaning users setting things in .htaccess that lower the overall security of your Apache server. You can use the Options directive to disable overrides in .htaccess. You need to set this within a directory block. For example if your web root was /home/user/web, you would use the following in your Apache configuration:

<Directory /home/user/web>
	AllowOverride None
</Directory>

There are, of course,times when overrides are needed. For example, in order to support various pretty permalinks, WordPress needs to use .htaccess. If you do allow overrides through .htaccess, make sure you protect it as described above.

Control Permissions on Configuration Files

Turning off overrides and protecting .htaccess won’t do a lot of good if your configuration files aren’t locked down. Even if you know that your users are all trustworthy, you never want to make it easy for an attacker who gains access to change your configuration to make your system less secure. When Apache starts up, it is typically started as root and then switches to its own user and group. As a result, you should make all of the Apache configuration files readable by root only. This prevents users from snooping in your configuration files.

Don’t Allow Writing in Executable Directories

If you have a directory that hosts executable code such as CGI programs, it should not be writable by anyone but root. The reason of this is that if an attacker manages to write a file into this directory, they could upload a malicious program and then get your Apache server to run the program simply by browsing to the file’s URL. Make all directories that host executable code writable by root only. If you have a CGI or other executable that needs to write to a file, place these files in a separate directory outside of Apache.

Disable FollowSymLinks

Symbolic links can expose files and directories on your file system that you did not intend to expose. Apache supports FollowSymLinks as a setting for Options. When this option is set, Apache will allow a user to follow a symbolic link to a file that is outside of the web root. You can stop this behavior by using:

Options None

within a Directory block. Or if you are enabling other options you can use:

Options -FollowSymLinks

Consider Using ModSecurity

ModSecurity is an open source Apache module that acts as a web application firewall. It can operate in an embedded mode where it runs within Apache just like any other module. It also supports a reverse proxy mode in which ModSecurity can hide the details of your network and configuration from the outside world. ModSecurity provides a number of security features for web applications including intrusion detection and traffic logging. It can be configured to block known malicious attacks (negative security mode) or to only allow certain valid requests (positive security mode). What is really unique about ModSecurity is that it allows you to create rules that do things such as blocking the downloading of credit card numbers of social security numbers. ModSecurity is a must have for any serious e-commerce company today. It is developed and supported by Breach Security, who offers commercial support and products based on ModSecurity. You can learn more about it at http://www.modsecurity.org.

We have looked at 10 methods for improving the security of your Apache web server. There are, of course, many other ways to harden your Apache web servers. Feel free to comment and share your favorite tips for improving the security of your Apache server.

  • Share/Bookmark

2 comments »

Posted in apache

LearnComputer! Tags:

Technorati Tags:

Data Mining with MySQL – Finding Value in Numbers

July 24th, 2010 adminLeave a comment 1 comment

Data Mining

When it comes to full scale database analysis, many servers have integrated software packages such as SSIS for Microsoft and dedicated business intelligence tools from SAP, SAS and other forms. Analyzing data with open source technology however requires a bit more work when it comes to implementing an end to end Business Intelligence (BI) tool. While there are a variety of ways to export MySQL data into software packages that can handle modeling, it is important to understand how the process works and the technology required.

How MySQL can work with PMML

Working with broad patterns and intuition on raw database technology can be challenging, which is why developing models through Predictive Model Markup Language (PMML) is an ideal way to start with exported data from MySQL. While database administrators can handle basic tasks in working with data, properly creating predictive models requires first understanding how the development process works from beginning to end.

To determine potential outcomes and possibilities from database information, you can properly score MySQL data in order to segment forecasted outcomes. Data mining allows you to process raw MySQL data in a way that makes it accessible for predictive modeling. While MySQL is a great solution for storing and computing with data, you will need another step in your model in order to make this possible with PMML modeling techniques.

Segmenting Analytics Data

This flows directly into the process of segmenting your data according to defined rules. With PMML you can work directly with MySQL in order to define discrete segments of data rather than working with continuous variables that may not have proper labels. For developers familiar with basic markup languages, PMML will flow naturally in with your coding style. You can write direct commands which can define the data before you input it into a statistical package. Working with raw files in statistical programs can be challenging, so processing your SQL data in advance can save you substantial time. Suppose you want to define two segments of existing site users in your database based upon the frequency of their visits in the past 365 days. You could sort this data and define your variables after the fact but you can just as easily categorize your MySQL data in PMML:

<Discretize field="value">
  <DiscretizeBin binValue="frequent">
    <Interval closure="openclosed" leftmargin="10" rightmargin="100" />
  </DiscretizeBin>
</Discretize>

You could then define a “power user” with leftmargin=”100″ and interval closure “open” so that any users who have visited more than 100 times become power users and can be segmented properly for offers, site features and campaigns. Properly scoring prospects with MySQL data for input into statistical packages can provide substantial insights into the complete process of scoring and segmenting analytics data.

There are a number of different transformations you can work on for your database information so you can add a layer of intelligence on top of your database. While MySQL can provide impressive calculations and has the potential for a wide range of applications, it is best paired with a computation engine that allows you to determine correlations based upon parameters. With an open source base you can build your own BI unit from scratch.

  • Share/Bookmark

1 comment »

Posted in data mining, mysql

LearnComputer! Tags: ,

Technorati Tags: ,

Need High Levels of Concurrency? Try Stackless Python

July 19th, 2010 adminLeave a comment

Stackless Python

Cloud computing has led to the development of applications that need a very high level of concurrency. Objects and routines need to support the ability to suspend their state and then continue running at a later time. In cloud computing, it may even be necessary to continue on a different server than the one the routine began on. Python does support traditional threading but threading does not provide enough concurrency for many of today’s distributed applications. Fortunately, there is a solution: stackless Python.

What is it?

Stackless Python is an implementation of Python that does not use the “C” call stack. In traditional Python, the state of the interpreter and the currently executing code are both stored on the stack. This can affect concurrency. Additionally, the stack is limited to an area of memory. Stackless Python uses the heap which removes the memory limits associated with the stack.

You can download stackless Python from http://www.stackless.com. Typically you will need to install a separate stackless implementation of Python as not all extensions will be stable with the level of concurrency that stacless provides. Stackless provides a number of features to support high levels of concurrency.

Tasklets

Stackless Python provides microthreads in the form of objects called tasklets. A tasklet is a small, portable and lightweight task. In all stackless Python applications there is one main tasklet. Tasklets can be pickled and unpickled like other Python objects. This makes it possible to save and restore their state. Tasklets provide the concurrency in stackless Python and replace traditional threads.

Channels

Tasklets communicate with one another using channels. A channel is a bi-directional communication interface for tasklets. In stackless Python, a channel transmits an object between the sender and a receiving tasklet. Channels implement a queue so that multiple tasklets can be queued to send or receive. When an object is sent, the receiving tasklet is resumed. If no receiver is available to resume, the sender is suspended and queued. This is one of the mechanisms used in stackless Python to avoid blocking, a condition where a sender and receiver enter an infinite loop waiting on one another.

Continuation

Stackless Python implements the concept of continuation. Essentially, continuation is when you save the state of a routine and then later restore that state, allowing the routine to continue running as though it had never been suspended. By extending continuation, you get the concept of coroutines. Greatly simplified, coroutines are continuations that call each other instead of themselves. Basically a coroutine is when a routine resumes another suspended routine. This can even take place over the network, allowing a routine on one server to resume a task running on another.

Scheduler

Finally, stackless Python includes a scheduler that keeps a list of tasklets and allows each one a turn to run. This scheduler provides for multitasking and concurrency. Since stackless Python does not use the C call stack, the overhead of moving running code on and off the stack is eliminated. This reduces the overhead associated with context switching under conventional threading models. As a result, stackless Python’s scheduler is very efficient.

Ideal Usage

The features of stackless Python make it an ideal platform for applications where a number of small autonomous tasks must interact with one another. Simulators are one example of this type of application. In a simulator, such as the one you might find in the Sims game, a number of autonomous processes are running at once. They perform some work and then sleep until another variable in the simulation requires them again. This is an ideal example of how an application may use continuation and coroutines. Agent based systems are another area where stackless Python makes sense.

The largest commercial use of stackless Python is the MMORPG EVE Online. EVE Online differs from other massively multiplayer online games in that its game world is not segemented into a series of game servers. Instead EVE runs a single game universe that is shared by all players. CCP, EVE’s creators, are large supporters and users of stackless Python and the EVE Online game is built with stackless Python. EVE, in particular, demonstrates that stackless Python is a viable choice for building highly concurrent, distributed applications. It seems that stackless Python would be an ideal platform for building cloud based applications.

  • Share/Bookmark

No comments »

Posted in python

LearnComputer! Tags: ,

Technorati Tags: ,

Google AdWords – 10 Proven Ways to Target Traffic

July 9th, 2010 adminLeave a comment

AdWord

AdWords provides an effective, scalable way to target business prospects with textual ads based upon search queries. In many ROI studies of multiple media, search targeting has emerged as one of the single most efficiency drivers of commercial revenue today. While reaching potential customers through search, it is important to qualify the visitors with the right targeting settings, methods and tactics.

With the right targeting settings you can vastly improve your ability to turn clicks into conversions, resulting in a higher ROI across your campaign as you further refine the settings for better performance. This guide can help both beginning and intermediate search marketers to understand ten concrete methods to improve search targeting through AdWords.

Set your GEO-targeting settings based upon your target market

At the settings level of each campaign you can identify which geographical markets are best suited to targeting. By default, AdWords will target your entire regional market (such as North America) which can potentially lower your ROI by extending the reach of your ads beyond your service base.

Refine GEO-targeting based upon performance data

You can identify which markets you want to target based upon city DMA, zip code, a radius around a core location or even select a basket of applicable markets with custom targeting. Since there are custom geography reports you can run through Adwords you’ll want to continually review and revise these settings once you identify which markets are converting most effectively into leads or sales.

Make account updates based upon statistical significance

If you have identified a change that may have improved campaign performance, it is important to evaluate the effectiveness by determining whether the change was statistically significant. Suppose you changed your ad variations and noticed an increase click through rate (CTR) – you will need to collect enough impressions to determine whether it’s statistically significant. Suppose you are comparing two ads for improvements in conversion rate and find:

Ad One: 5,000 clicks, 87 orders, CVR = 1.74%
Ad Two: 5,000 clicks, 69 orders, CVR= 1.38%

Before we conclude that Ad One is the winner we must determine whether this difference is statistically significance – you should run the ad until you have confidence in the winner with enough data. In this case the standard deviation is 1.452681, giving us only 90% confidence in Ad One – you should run the test until you have 95% confidence.

Pay close attention to quality score on your keywords

The actual price you pay for a click is a function of your bid, those of your competitors as well as the quality score of your keyword:

CPC = Ad Rank + .01
where Ad Rank = Max CPC x Quality Score

To improve your quality scores, write more targeted text ads, select well-defined keywords and have relevant, high quality landing pages.

Test Multiple Ad Variations Over Time

Implementing multiple different text ads within each ad group can provide insight into which messages are most effective. Your quality score is largely determined by your click through rate and the relevance of your ad – testing unique ads can help you identify the best performing ads.

Group Your Keywords around core themes

Integrating multiple ad-groups around core keyword themes can help you more tightly group keywords with the corresponding ad variations. For example, if you are a service company you may want o segment your offerings into Service-Consumers and Service-Business so you can write targeted ads and select keywords tailored to a unique audience.

Provide a quality user experience after the click through testing

Paying close attention to user experience after the click is an important part the quality of your search campaigns. The relevance, quality and structure of your landing pages can influence your quality score so create pages based upon quality and take a long term approach to information architecture.

Build your pages for both sponsored and organic search

With a long-term approach to search targeting, you should utilize pages for search which are structured for best practices in organic as well as paid search. This includes having a privacy policy, proper meta tags and clear user navigation in addition to a lead or sales flow.

Check your search queries for negative keywords

AdWord Search

Running a search query report can help you identify the exact searches which matched your keywords. As a result you can identify unwanted modify terms which can skew your conversion results. Let’s assume you sell custom T-Shirts. You execute a search query report to find the queries that triggered your ad. You may find that when the query contains the word “Macy’s”, your conversion rate is 0%. The users still click on your ad, but all it does is waste your money. To remedy this, you simply add the word “Macy’s” as a negative keyword. If you are looking to sell a product, common negative keywords would include “free” and “jobs”.

Have a unique selling point for your ads and products

To stand out from your competition, make sure your brand positioning and perspective is particularly unique. Name your product and promote it in a way that makes it stand out in the market – getting consumers interested in your offerings requires both a rational connection in terms of pricing and quality messaging in your campaign from the ad to the landing pages, as well as an emotional element to make your product unique.

  • Share/Bookmark

No comments »

Posted in google adwords

LearnComputer! Tags: ,

Technorati Tags: ,

Proven Ways to Secure PHP

July 6th, 2010 adminLeave a comment 3 comments

Secure PHP

PHP is one of the most popular languages for web development today. As a result, hackers are always looking for ways to exploit PHP scripts to gain unauthorized access or cause damage to systems. Securing your PHP code is essential in any web application that you develop.

When looking at securing your PHP application there are two main categories of methods for securing your code. The first category involves settings in PHP itself, via php.ini, that affect the overall security of your application. The second category deals with coding best practices and writing secure code to prevent exploits.

Securing PHP via php.ini

There are a number of setting within PHP itself that can affect the security of your applications. These settings can be controlled through the php.ini file. By controlling the default behavior of PHP itself, you reduce the potential damage that coding errors might cause.

Kill Register Globals

Before version 4.2.0, PHP used global variables to provide access to input variables from GET and POST requests. This feature was done away with because it provided a security loophole. Attackers could use it to manipulate variables under a variety of scenarios. To provide backward compatibility, however, PHP provides the register_globals setting in php.ini. When this is on, PHP will provide the earlier behavior and register global variables for the input values. To secure your PHP, installation you should always turn this off. Avoid scripts that require register_globals as it is usually a sign of a potentially insecure script or one that has not been maintained or updated recently.

Controlling File Access

PHP scripts can use the fopen function to read and write files on the server filesystem. This is, of course, a necessary and desirable capability. However, it can also be a security risk. A coding error in a PHP script could allow a malicious user to read system files or overwrite files. Fortunately, there are a number of settings in PHP that allow you to control which files PHP can access.

One option you can use in php.ini is open_basedir. This option takes a sub-directory as its value such as /home/user/html/. It restricts PHP’s I/O to that sub-directory which prevents PHP from reading or writing files outside of that sub-directory.

You can also use safe_mode in php.ini to control access to files. In safe mode, PHP is only able to open files that are owned by the same user as your web server. It also prevents PHP from executing binaries. If you need to allow PHP to access files that are owned by different owners you can use safe_mode_gid. This limits PHP’s access to only files that are owned by the group that your web server runs under.

Hiding PHP

While security by obscurity is not sufficient to protect your application, it does make it harder for potential hackers to exploit your site if they do not know what technologies are behind it. PHP exposes itself in a number of ways including inside the Apache headers and in the Apache footer signature. You can turn off this behavior with expose_php = off in php.ini.

Another way that PHP exposes its presence is through the display of errors. These errors often include path information and other settings that a hacker will find invaluable. These error messages are invaluable during development for testing and debugging but they should be turned off on production sites. You can turn them off by setting: display_errors = Off in php.ini. A useful feature is to have the error messages logged to a log file instead which you can do by setting: log_errors = On in php.ini.

Finally, you can configure use Apache to rewrite your URLs so as to hide the .php ending. Many PHP frameworks such as CakePHP also hide the file extension through their URL routing. This helps hide the presence of PHP. It also makes your site more flexible. What happens if you change technologies in the future? You do not want to have to change all your URLs. For more thoughts on this see Cool URIs Don’t Change by Tim Berners-Lee.

Securing PHP Through Good Coding Practices

Once you have secured your base PHP installation by configuring php.ini, you should look at your code itself. The other method of securing PHP is to implement good coding practices. There are a number of coding practices to use and many to avoid. We are going to look at a few categories where good coding practices can secure your PHP code. Feel free to comment with other methods as well.

Controlling POST & Form Submissions

Form spoofing is a common exploit on web sites. Form spoofing is when someone makes a submission to your form from somewhere you did not expect. Typically this is done by crafting a POST request and sending it to the URL in the action attribute of your form. Most often, form spoofing is harmless but annoying such as when spammers use scripts to submit spam to the script that processes your contact form. However, form spoofing can be dangerous. Some developers feel that using selects on an HTML form can limit user input. They then do not validate the user input because they believe that the form has done the validation for them. This can be dangerous if someone submits to your script without using your form. They are no longer limited to the choices you provided.

One way to protect against form spoofing is to use a one-time token. Generate a random token and store it in your session. Then using a hidden input field send the one-time token as part of your form. When you process the form, compare the token in the session to the token on the form. If they match, process the form and if they don’t, present an error message. Clear the token from the session after processing so that it is truly a one-time token.

One-time tokens are not one hundred percent. Hackers can still lift the token and use it to submit to your form from another site. However, it is an extra hurdle to overcome. As a result, they are more likely to pick easier targets rather than make the effort to code around your tokens. Even if you use a token system, always validate your input when processing forms just to be on the cautious side.

Protecting Your Databases

Your databases have important information in them. You want to guard these carefully by using good coding practices. In particular, you should not use dynamic SQL statements that are based on user input. This creates a real opportunity for malicious users to send invalid data to your database. Sometimes, you have to utilize user input in a SQL query. When you do, make sure you validate any user input before using it in a query. If your database is MySQL, you can utilize mysql_real_escape_string(). This function will remove invalid characters, effectively sanitizing user input. If your code relies on the PHP magic_quotes_gpc functionality, now is the time to re-purpose your code. This functionality will be deprecated in PHP version 6.

Securing PHP takes some diligence. There are two main areas where PHP can be secured. You can use php.ini to control the settings for your PHP installation. There are a number of settings that can lead to a more secure PHP environment. Once your PHP installation is secure, use good coding practices to write secure code. There are a number of techniques for writing secure code. Share some of your favorites in the comments.

  • Share/Bookmark

3 comments »

Posted in php

LearnComputer! Tags:

Technorati Tags: