Search Results

Search found 3310 results on 133 pages for 'policy compliance'.

Page 60/133 | < Previous Page | 56 57 58 59 60 61 62 63 64 65 66 67  | Next Page >

  • The Business Case for a Platform Approach

    - by Naresh Persaud
    Most customers have assembled a collection of Identity Management products over time, as they have reacted to industry regulations, compliance mandates and security threats, typically selecting best of breed products.  The resulting infrastructure is a patchwork of systems that has served the short term IDM goals, but is overly complex, hard to manage and cannot scale to meets the needs of the future social/mobile enterprise. The solution is to rethink Identity Management as a Platform, rather than individual products. Aberdeen Research has shown that taking a vendor integrated platform approach to Identity Management can reduce cost, make your IT organization more responsive to the needs of a changing business environment, and reduce audit deficiencies.  View the slide show below to see how companies like Agilent, Cisco, ING Bank and Toyota have all built the business case and embraced the Oracle Identity Management Platform approach. Biz case-keynote-final copy View more PowerPoint from OracleIDM

    Read the article

  • Already have Merchant Account, what info will my Gateway need?

    - by Anonymous Coward
    I have a client who already has a merchant account for their physical store. What specific information about the merchant account will my client need to get from his bank to link it up to an online payment gateway that we will be using for the store? -----edits below -"my merchant account" changed to "the merchant account" -It is noted that my client will need to get a "high-risk" merchant account separate from his existing physical stores merchant account. -Though the question is essentially answered, for clarification: We plan to minimize our PCI compliance needs by utilizing something like Braintree's Transparent Redirect or the CRESecure iForm. So the gateway we would need to give the merchant account info to would be either of those two. Though, the CRESecure method would have yet one more step added into the mix since they would forward data to another payment provider. It is now assumed that the best place to field this question is to the support team at Braintree or CRESecure.

    Read the article

  • The convergence of Risk and Performance Management

    Historically, the market has viewed Enterprise Performance Management (EPM) and Governance, Risk and Compliance (GRC) as separate processes and solutions. But these two worlds are coming together – in fact industry analyst firms such as AMR Research believe that by the end of 2009, risk management will be part of every EPM discussion. Tune into this conversation with John O'Rourke, VP of Product Marketing for Oracle Enterprise Performance Management Solutions, and Karen dela Torre, Senior Director of Product Marketing for Financial Applications to learn how EPM and GRC are converging, what the integration points are, and what Oracle is doing to help customers perform more effective risk and performance management.

    Read the article

  • On-Site Factors that Affect CPC

    - by ashes999
    I have a few websites on various niche topics, all running Adsense. The most promising one currently has a CPC that hovers around $1; the rest have CPCs of $0.25-$0.50. I'm curious to know what on-site factors affect CPC. That is to say, what I can do, legally (in white-hat compliance) to increase my CPC? Some factors that affect CPC but are not within my control (and therefore, beyond the scope of my question -- they're just examples) include: What advertisers are paying for keywords on my site What pages people are landing on etc.

    Read the article

  • Finding it Hard to Deliver Right Customer Experience: Think BPM!

    - by Ajay Khanna
    Our relationship with our customers is not a just a single interaction and we should not treat it like one. A customer’s relationship with a vendor is like a journey which starts way before customer makes a purchase and lasts long after that. The journey may start with customer researching a product that may lead to the eventual purchase and may continue with support or service needs for the product. A typical customer journey can be represented as shown below: As you may notice, customers tend to use multiple channels to interact with a company throughout their journey.  They also expect that they should get consistent experience, no matter what interaction channel they may choose. Customers do not like to repeat the information they have already provided and expect companies to remember their preferences, and offer them relevant products and services. If the company fails to meet this expectation, customers not only will abandon the purchase and go to the competitor but may also influence others’ purchase decision. Gone are the days when word of mouth was the only medium, and the customer could influence “Six” others. This is the age of social media and customer’s good or bad experience, especially bad get highly amplified and may influence hundreds of others. Challenges that face B2C companies today include: Delivering consistent experience: The reason that delivering consistent experience is challenging is due to fragmented data, disjointed systems and siloed multichannel interactions. Customers tend to get different service quality if they use web vs. phone vs. store. They get different responses from different service agents or get inconsistent answers if they call sales vs. service group in the company. Such inconsistent experiences result in lower customer satisfaction or NPS (net promoter score) numbers. Increasing Revenue: To stay competitive companies frequently introduce new products and services. Delay in launching such offerings has a significant impact on revenue realization. In addition to new product revenue, there are multiple opportunities to up-sell and cross-sell that impact bottom line. If companies are not able to identify such opportunities, bring a product to market quickly, or not offer the right product to the right customer at the right time, significant loss of revenue may occur. Ensuring Compliance: Companies must be compliant to ever changing regulations, these could be about Know Your Customer (KYC), Export/Import regulations, or taxation policies. In addition to government agencies, companies also need to comply with the SLA that they have committed to their customers. Lapse in meeting any of these requirements may lead to serious fines, penalties and loss in business. Companies have to make sure that they are in compliance will all such regulations and SLA commitments, at any given time. With the advent of social networks and mobile technology, companies not only need to focus on process efficiency but also on customer engagement. Improving engagement means delivering the customer experience as the customer is expecting and interacting with the customer at right time using right channel. Customers expect to be able to contact you via any channel of their choice (web, email, chat, mobile, social media), purchase via any viable channel (web, phone, store, mobile). Customers expect companies to understand their particular needs and remember their preferences on repeated visits. To deliver such an integrated, consistent, and contextual experience, power of BPM in must. Your company may be organized in departments like Marketing, Sales, Service. You may hold prospect data in SFA, order information in ERP, customer issues in CRM. However, the experience delivered to the customer must not be constrained by your system legacy. BPM helps in designing the right experience for the right customer and integrates all the underlining channels, systems, applications to make sure right information will be delivered to the right knowledge worker or to the customer every single time.     Orchestrating information across all systems (MDM, CRM, ERP), departments (commerce, merchandising, marketing service) and channels (Email, phone, web, social)  is the key, and that’s what BPM delivers. In addition to orchestrating systems and channels for consistency, BPM also provides an ability for analysis and decision management. By using data from historical transactions, social media and from other systems, users can determine the customer preferences, customer value, and churn propensity. This information, in the context, is then used while making a decision at a process step. Working with real-time decision management system can also suggest right up-sell or cross-sell offers, discounts or next-best-action steps for a particular customer. Timely action on customer issues or request is also a key tenet of a good customer experience. BPM’s complex event processing capabilities help companies to take proactive actions before issues get escalated. BPM system can be designed to listen to a certain event patters then deduce from those customer situations (credit card stolen, baggage lost, change of address) and do a triage before situation goes out of control. If such a situation arises you can send alerts to right people or immediately invoke corrective actions. Last but not least one of BPM’s key values is to drive continuous improvement. Learning about customers past experiences, interactions and social conversations, provide valuable insight. Such insight can be used to improve products, customer facing processes, and customer experience. You may take these insights as an input to design better more efficient and customer friendly sales, contact center or self-service processes. If customer experience is important for your business, make sure you have incorporated BPM as a part of your strategy to design, orchestrate and improve your customer facing processes.

    Read the article

  • Laptop in-built Web Cam stopped working HP Probook

    - by Dave A
    My laptop (HP Probook) webcam has always worked. When I upgraded to 13.10 it stopped working. No solution found then so gave up. Recently upgraded to 14.04 still not working so thought I would ask anyone again if a solution had been found. lsusb Bus 001 Device 004: ID 0c45:62c0 Microdia Sonix USB 2.0 Camera dmesg | grep uvcvideo` [ 765.466575] uvcvideo: Found UVC 1.00 device USB 2.0 Camera (0c45:62c0) [ 765.467305] uvcvideo: UVC non compliance - GET_DEF(PROBE) not supported. Enabling workaround. [ 765.467954] uvcvideo: Failed to query (129) UVC probe control : -32 (exp. 26). [ 765.467960] uvcvideo: Failed to initialize the device (-5). [ 765.468022] usbcore: registered new interface driver uvcvideo Tried searching everywhere but there does not appear to be any clear solution to the driver issue - very weird as my camera is listed as supported by uvcvideo and it has always worked.

    Read the article

  • New Beta of GhostDoc v4

    - by TATWORTH
    A new beta of GhostDoc v4 is available at http://submain.com/download/ghostdoc/beta/The updated license key is at http://submain.com/blog/GhostDocV4Beta2IsAvailable.aspxHere are some of the excellent features of GhostDoc v4"Version 4 is a major milestone for us with great new features and rewrites that we have done over the last year. Here are the most significant additions to the GhostDoc feature set: Visual Studio 2012 support (Pro) Source code Spell Checker C/C++ language support XML Comment Preview StyleCop Compliance – comments generated by GhostDoc are now pass StyleCop validation Exception Documentation - exceptions raised within a method are documented in the XML Comment (Pro) File Header menu and template (Pro) Visual Studio toolbar with commands for documenting, comment preview and spell-checking (Pro) Options -> Global Properties - allows to reference custom configured user properties within T4 templates (CodeIt.Right users will find this very familiar) (Pro) IntelliSense in the T4 template editor Version update notification – you won’t miss new version release ever again!"

    Read the article

  • Is IE9 a modern browser?

    - by TATWORTH
    At http://people.mozilla.com/~prouget/ie9/ there is a very provocative article entitled "Is IE9 a modern browser?". There is a rebuttal by Tim Sneath at http://blogs.msdn.com/b/tims/archive/2011/02/15/a-modern-browser.aspx that is well worth a look. Certainly IE9 is already superior to its predecessors. My comment on the matter is that those that consider IE9 to be non-standards compliant, should submit tests to the W3C to demonstrate the non-compliance. Upon acceptance by the W3C, all the competing browsers can then be re-tested. I prefer objective tests to subjective opinion. I have used IE9 and on some sites such as Hotmail, it is noticeably faster. I have so far been unable to apply the promised IE9 lockout of spyware cookies. With Firefox, I just instal NoScript and never enable spyware sites.

    Read the article

  • XHTML fix solution republished

    - by TATWORTH
    As a post VS2010 SP1 installation activity, I am recompiling all my open source projects. The first is XHTMLFIX at http://xhtmlfix.codeplex.com/ This LGPL project has simple fixes to ASP.NET 2.0/4.0 to achieve XHTML compliance as measured by the W3C tests at http://validator.w3.org/ The XHTML project shows as untrue the commonly held belief that MVP or MVC are necessary for producing XHTML compliant web pages. Incidentally the other supposed advantage of MVP and MVC over web forms of easier testing is also very dubious as web forms can be tested by systems such as Selenium or WaTiN. I have used NUnitASP (alas sadly discontinued) with web forms and found it be more effective than unit testing MVP. Now if you prefer the MVP and / or MVC approach over Web forms then fine, that is your preferance. Now if you can find an example where ASP.NET 4.0 Web forms properly written do not produce XHTML compliant markup, I would be glad of your example and will look at ways of modifying the markup to be XHTML compliant.

    Read the article

  • Reading the tea leaves from Windows Azure support

    - by jamiet
    A few idle thoughts… Three months ago I had an issue regarding Windows Azure where I was unable to login to the management portal. At the time I contacted Azure support, the issue was soon resolved and I thought no more about it. Until today that is when I received an email from Azure support providing a detailed analysis of the root cause, the fix and moreover precise details about when and where things occurred. The email itself is interesting and I have included the entirety of it below. A few things were interesting to me: The level of detail and the diligence in investigating and reporting the issue I found really rather impressive. They even outline the number of users that were affected (127 in case you can’t be bothered reading). Compare this to the quite pathetic support that another division within Microsoft, Skype, provided to Greg Low recently: Skype support and dead parrot sketches   This line: “Windows Azure performed a planned change from using the Microsoft account service (formerly Windows Live ID) to the Azure Active Directory (AAD) as its primary authentication mechanism on August 24th. This change was made to enable future innovation in the area of authentication – particularly for organizationally owned identities, identity federation, stronger authentication methods and compliance certification. ” I also found to be particularly interesting. I have long thought that one of the reasons Microsoft has proved to be such a money-making machine in the enterprise is because they provide the infrastructure and then upsell on top of that – and nothing is more infrastructural than Active Directory. It has struck me of late that they are trying to make the same play of late in the cloud by tying all their services into Azure Active Directory and here we see a clear indication of that by making AAD the authentication mechanism for anyone using Windows Azure. I get the feeling that we’re going to hear much much more about AAD in the future; isn’t it about time we could log on to SQL Azure Windows Azure SQL Database without resorting to SQL authentication, for example? And why do Microsoft have two identity providers – Microsoft Account (aka Windows Live ID) and AAD – isn’t it about time those things were combined? As I said, just some idle thoughts. Below is the transcript of the email if you are interested. @Jamiet  This is regarding the support request <redacted> where in you were not able to login into the windows azure management portal with live id. We are providing you with the summary, root cause analysis and information about permanent fix: Incident Title: You were unable to access Windows Azure Portal after Microsoft Account to Azure Active Directory account Migration. Service Impacted: Management Portal Incident Start Date and Time: 8/24/2012 4:30:00 PM Date and Time Service was Restored: 10/17/2012 12:00:00 AM Summary: Windows Azure performed a planned change from using the Microsoft account service (formerly Windows Live ID) to the Azure Active Directory (AAD) as its primary authentication mechanism on August 24th.   This change was made to enable future innovation in the area of authentication – particularly for organizationally owned identities, identity federation, stronger authentication methods and compliance certification.   While this migration was largely transparent to Windows Azure users, a small number of users whose sign-in names were part of a Windows Live Custom Domain were unable to login.   This incompatibility was not discovered during the Quality Assurance testing phase prior to the migration. Customer Impact: Customers whose sign-in names were part of a Windows Live Custom Domain were unable to sign-in the Management Portal after ~4:00 p.m. PST on August 24th, 2012.   We determined that the issue did impact at least 127 users in 98 of these Windows Live Custom Domains and had a maximum potential impact of 1,110 users in total. Root Cause: The root cause of the issue was an incompatibility in the AAD authentication service to handle logins from Microsoft accounts whose sign-in names were part of a Windows Live Custom Domains.  This issue was not discovered during the Quality Assurance testing phase prior to the migration from Microsoft Account (MSA) to AAD. Mitigations: The issue was mitigated for the majority of affected users by 8:20 a.m. PST on August 25th, 2012 by running some internal scripts to correct many known Windows Live Custom Domains.   The remaining affected domains fell into two categories: Windows Live Custom Domains that were not corrected by 8/25/2012. An additional 48 Windows Live Custom Domains were fixed in the weeks following the incident within 2 business days after the AAD team received an escalation from product support regarding those accounts. Windows Live Custom domains that were also provisioned in Office365. Some of the affected Windows Live Custom Domains had already been provisioned in AAD because their owners signed up for Office365 which is a service that also uses AAD.   In these cases the Azure customers had to work around the issue by renaming their Microsoft Account or using a different Microsoft Account to administer their Azure subscription. Permanent Fix: The Azure Active Directory team permanently fixed the issue for all customers on 10/17/2012 in an upgraded release of the AAD service.

    Read the article

  • The Convergence of Risk and Performance Management

    Historically, the market has viewed Enterprise Performance Management (EPM) and Governance, Risk and Compliance (GRC) as separate processes and solutions. But these two worlds are coming together-in fact industry analyst firms such as AMR Research believe that by the end of 2009, risk management will be part of every EPM discussion. Tune into this conversation with John O'Rourke, VP of Product Marketing for Oracle Enterprise Performance Management Solutions, and Karen dela Torre, Senior Director of Product Marketing for Financial Applications to learn how EPM and GRC are converging, what the integration points are, and what Oracle is doing to help customers perform more effective risk and performance management.

    Read the article

  • Quality Assurance tools discrepancies

    - by Roudak
    It is a bit ironic, yesterday I answered a question related to this topic that was marked to be good and today I'm the one who asks. These are my thoughts and a question: Also let's agree on the terms: QA is a set of activities that defines and implements processes during SW development. The common tool is the process audit. However, my colleague at work agrees with the opinion that reviews and inspections are also quality assurance tools, although most sources classify them as quality control. I would say both sides are partially right: during inspections, we evaluate a physical product (clearly QC) but we see it as a white box so we can check its compliance with set processes (QA). Do you think it is the reason of the dichotomy among the authors? I know it is more like an academic question but it deserves the answer :)

    Read the article

  • WebCenter in Action: ResCare

    - by Kellsey Ruppel
    Register Now for this webcast. ResCare Solves Content Lifecycle Challenges with Oracle WebCenter Complex documents must be created, assembled, reviewed, and tracked. To avoid fragmented, chaotic information processes, organizations must adopt an integrated set of strategies, standards, best practices, and technologies for managing information. Attend this webcast to learn how Oracle WebCenter has allowed ResCare to: Solve content lifecycle challenges Reduce compliance and business risks Increase adoption of intranet as primary business communication tool Register now for this webcast.  REGISTER NOW Register now for this exclusive event. Tuesday, October 30, 2012 10:00 a.m. PT / 1:00 p.m. ET Presented by: Joe Lichtefeld, VP of Application Services & PMO, ResCare Wayne Boerger, Product Manager, TEAM Informatics Doug Thompson, EVP Global Development, TEAM Informatics Presented by : Copyright © 2012, Oracle and/or its affiliates. All rights reserved. Contact Us | Legal Notices and Terms of Use | Privacy Statement

    Read the article

  • Oracle Private Cloud Solutions

    - by user462034
    To enable organizations to have complete control and visibility over security, compliance, and service levels, Oracle also helps organizations build, deploy, and manage their own cloud environments, including integrated application, platform, and infrastructure products and solutions. Oracle’s private cloud offerings include Oracle Cloud Applications. A complete and modular set of enterprise applications, engineered from the ground up to be cloud-ready and to coexist seamlessly in mixed environments. Oracle Cloud Platform. A shared and elastically scalable platform for consolidation of existing applications and new application development and deployment. Oracle Cloud Infrastructure. A complete selection of servers, storage, networking fabric, virtualization software, operating systems, and management software to support diverse public and private cloud applications. 

    Read the article

  • JavaOne Latin America Call for Papers Deadline Extended

    - by Tori Wieldt
    It may have gotten lost in the JavaOne San Francisco noise, but the JavaOne Latin America call for papers deadline has been extended to this Friday, October 12, at 11:59 pm local time.? We invite you to submit a paper to present at the JavaOne Latin America 2012 conference. We are looking for submissions from the community to present to the Latin American Java developer community in the following tracks: Core Java Platform JavaFX and Rich User Experiences  Java EE, Web Services, and the Cloud Java ME, Java Embedded, and Java Card Speakers on accepted submissions will receive a complimentary pass! The pass provides access to all conference sessions. (Acceptance of the pass must be in compliance with the policies of your employer, including conflict, ethics and gift policies. Oracle employee speakers do not qualify.) We look forward to hearing from you.

    Read the article

  • Please help me to improve Re-Sharper

    - by TATWORTH
    Re-Sharper is an excellent aid to producing good code in either C# or VB.NET. Recently through using Resharper and StyleCop, I have found three area where ReSharper needs to be improved. Please log into the YouTrack at http://youtrack.jetbrains.net and vote for the following: RSRP-268868 Improvement to removal of redundant else and invert if optimisations for enhanced stylecop compliance. When Resharper removes a redundant else, there needs to be a blank line added. Currently there is no provision to specify this. Please vote for this! RSRP-272286 Resharper Feature Request to move initialisation to static constructor Currently ReSharper offers moving initialisation of of non-static variable to a constructor. Why not offer the same for a static constructor?  Please vote for this! RSRP-272285 Expansion of Switch Statement by Resharper Currently ReSharper will fill an empty switch statement based upon an enumeration but will not add missing enumeration values to such a switch statement.   Can't code withoutCoding assistance, smart code editing and code completion for C# and VB.NET

    Read the article

  • Where can I learn to write my own database?

    - by Buttons840
    I'm interested in writing my own database - a triple-store. Are there any good resources to help with the challenges of such a project? Or more generally: How can I learn to write my own database? Some specific issues I'm unsure of: How is the data actually stored on the file-system? A flat-file seems easy enough, but a database is a lot more then a flat-file. What kinds of things are typically stored (or cached) in memory? How are indexes created and stored? How is ACID compliance achieved? Etc. This is a big topic, but knowing how to store large amounts of data in a reliable way is good to know. (My investigation into existing triple-stores was summarized back in 2008; not much has changed in 4 years it seems. This is why I want write my own.)

    Read the article

  • If I am developing a hosted payments page, what should the infrastructure look like?

    - by marcamillion
    If I am not storing credit card info, do I have to be concerned with PCI-compliance? I will be using a payment processor with a bank in my country. Literally just taking the credit card info and passing it to the gateway and processor. I would love to get an idea of the various technologies I might need to consider from an software architectural point of view. What are the best practices in terms of accepting credit cards and reducing fraud risk on my end? I will be creating the app in Rails.

    Read the article

  • Best strategy for supporting multiple server communication from iPhone/android app?

    - by tipycalFlow
    I'm making an app that will be used in multiple hospitals in the US. As per HIPAA compliance requirement, every hospital will have its own server that complies with these requirements of ensuring patient data security, etc. Now the task is that the app should communicate with a particular server based on the login info. An additional requirement is that new hospitals(servers) are likely to be added along the way, even after the app is available on the market. So basically, according to some login credentials, the app should communicate with the server of the hospital assigned to that person. One pretty crude way is to set up our own server which links the hospitals with the login info and accordingly, provides a base-url for data exchange. Is there a more efficient way to handle this?

    Read the article

  • On what name should I claim copyright in open source software?

    - by ONOZ
    When I want to use the Apache 2.0 licence in my project, I should include this in the comments of my source code: Copyright [yyyy] [name of copyright owner] Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. What name should I fill in for [name of copyright owner]? I am currently working alone on this project, but I'm going to release the source code so there might be other contributors in the near future.

    Read the article

  • Credit Card Payment Processing which APIs do you use?

    - by user3330840
    It's for a Point of Sale Terminal where the customer will bring the physical credit card and it will be swiped through the terminal. The business has a merchant account on some banks. So, how do I start accepting credit cards in my app? The credit cards that needs to be accepted include: visa, master-card, amex, discover. Which APIs do I need to use? The programming language doesn't matter it can be in any programming languages Java/C#/C++/Python or anything. Will there be a single API or multiple APIs that need to be integrated? (I know some about PCI compliance and security encryption)

    Read the article

  • Live Webcast: Introducing Oracle Identity Management 11gR2

    - by B Shashikumar
    Please join Oracle and customer executives for the launch of Oracle Identity Management 11g R2, the breakthrough technology that dramatically expands the reach of identity management to cloud and mobile environments. Until now, businesses have been forced to piece together different kinds of technology to get comprehensive identity protection. The latest release of Oracle Identity Management 11g changes all that. Only Oracle Identity Management 11gR2 allows you to: Unlock the potential of cloud, mobile, and social applications Streamline regulatory compliance and reduce risk Improve quality of service and end user satisfaction Don't leave your identity at the office. Take it with you on your phone, in the cloud, and across the social world. Register now for the interactive launch Webcast and don’t miss this chance to have your questions answered by Oracle product experts.Date: Thursday, July 19, 2012 Time: 10am Pacific / 1pm Eastern

    Read the article

  • April 11: Live Webcast for Oracle Configuration Controls Governor (CCG) for PeopleSoft 9.1

    - by Theresa Hickman
    Are you a PeopleSoft 9.1 Financials, HCM, or Campus Solutions customer who would like to know how you can automatically track changes to key configurations of these applications? With increasing regulatory requirements and the complex reporting required to meet these corporate compliance objectives, manual tracking of changes is not the ideal option and is prone to error and increased risk for fraud. Speakers from Oracle, Accenture & FulcrumWay will explain the business benefits of Oracle GRC change management solutions and present a business use case using a leading Healthcare company.  When: April 11, 2012 Time: 11:00 am (PST); 2:00pm (EST) Duration: 1 hr Register Now!

    Read the article

  • Should I fork for a major re-write that uses a small amount of the original code?

    - by It'sNotALie.
    I'm writing a library. It's a completely rewritten version of another one, to suit my needs (PCL compatibility, mainly). However, the API will be completely rewritten, as I'll need to change a lot of stuff around for PCL compliance. Also, as it is a rewrite, I won't be able to just start from the library and just change it bit by bit, as I typically see with forks. I tried that, but it just didn't work. So what should I do? Should I fork here or should I make a new library?

    Read the article

  • Snort's problems in generating alert from Darpa 1998 intrusion detection dataset.

    - by manofseven2
    Hi. I’m working on DARPA 1998 intrusion detection dataset. When I run snort on this dataset (outside.tcpdump file), snort don’t generate complete list of alerts. It means snort start from last few hours of tcpdump file and generate alerts about this section of file and all of packets in first hours are ignored. Another problem in generatin alert is in time stamp of generated alerts. This means when I run snort on a specific day of dataset, snort insert incorrect time stamp for that alert. The configuration and command line statement and other information about my research are: Snort version: 2.8.6 Operating system: windows XP Rule version: snortrules-snapshot-2860_s.tar.gz -———————————————————————— Command line: snort_2.8.6 c D:\programs\Snort_2.8.6\snort\etc\snort.conf -r d:\users\amir\docs\darpa\training_data\week_3\monday\outside.tcpdump -l D:\users\amir\current-task\research\thesis\snort\890230 -————————————————————————— Snort.config Hi. I'm working on DARPA 1998 intrusion detection dataset. When I run snort on this dataset (outside.tcpdump file), snort don't generate complete list of alerts. It means snort start from last few hours of tcpdump file and generate alerts about this section of file and all of packets in first hours are ignored. Another problem in generatin alert is in time stamp of generated alerts. This means when I run snort on a specific day of dataset, snort insert incorrect time stamp for that alert. The configuration and command line statement and other information about my research are: Snort version: 2.8.6 Operating system: windows XP Rule version: snortrules-snapshot-2860_s.tar.gz Command line: snort_2.8.6 -c D:\programs\Snort_2.8.6\snort\etc\snort.conf -r d:\users\amir\docs\darpa\training_data\week_3\monday\outside.tcpdump -l D:\users\amir\current-task\research\thesis\snort\890230 Snort.config # Setup the network addresses you are protecting var HOME_NET any # Set up the external network addresses. Leave as "any" in most situations var EXTERNAL_NET any # List of DNS servers on your network var DNS_SERVERS $HOME_NET # List of SMTP servers on your network var SMTP_SERVERS $HOME_NET # List of web servers on your network var HTTP_SERVERS $HOME_NET # List of sql servers on your network var SQL_SERVERS $HOME_NET # List of telnet servers on your network var TELNET_SERVERS $HOME_NET # List of ssh servers on your network var SSH_SERVERS $HOME_NET # List of ports you run web servers on portvar HTTP_PORTS [80,1220,2301,3128,7777,7779,8000,8008,8028,8080,8180,8888,9999] # List of ports you want to look for SHELLCODE on. portvar SHELLCODE_PORTS !80 # List of ports you might see oracle attacks on portvar ORACLE_PORTS 1024: # List of ports you want to look for SSH connections on: portvar SSH_PORTS 22 # other variables, these should not be modified var AIM_SERVERS [64.12.24.0/23,64.12.28.0/23,64.12.161.0/24,64.12.163.0/24,64.12.200.0/24,205.188.3.0/24,205.188.5.0/24,205.188.7.0/24,205.188.9.0/24,205.188.153.0/24,205.188.179.0/24,205.188.248.0/24] var RULE_PATH ../rules var SO_RULE_PATH ../so_rules var PREPROC_RULE_PATH ../preproc_rules # Stop generic decode events: config disable_decode_alerts # Stop Alerts on experimental TCP options config disable_tcpopt_experimental_alerts # Stop Alerts on obsolete TCP options config disable_tcpopt_obsolete_alerts # Stop Alerts on T/TCP alerts config disable_tcpopt_ttcp_alerts # Stop Alerts on all other TCPOption type events: config disable_tcpopt_alerts # Stop Alerts on invalid ip options config disable_ipopt_alerts # Alert if value in length field (IP, TCP, UDP) is greater th elength of the packet # config enable_decode_oversized_alerts # Same as above, but drop packet if in Inline mode (requires enable_decode_oversized_alerts) # config enable_decode_oversized_drops # Configure IP / TCP checksum mode config checksum_mode: all config pcre_match_limit: 1500 config pcre_match_limit_recursion: 1500 # Configure the detection engine See the Snort Manual, Configuring Snort - Includes - Config config detection: search-method ac-split search-optimize max-pattern-len 20 # Configure the event queue. For more information, see README.event_queue config event_queue: max_queue 8 log 3 order_events content_length dynamicpreprocessor directory D:\programs\Snort_2.8.6\snort\lib\snort_dynamicpreprocessor dynamicengine D:\programs\Snort_2.8.6\snort\lib\snort_dynamicengine\sf_engine.dll # path to dynamic rules libraries #dynamicdetection directory /usr/local/lib/snort_dynamicrules preprocessor frag3_global: max_frags 65536 preprocessor frag3_engine: policy windows detect_anomalies overlap_limit 10 min_fragment_length 100 timeout 180 preprocessor stream5_global: max_tcp 8192, track_tcp yes, track_udp yes, track_icmp no preprocessor stream5_tcp: policy windows, detect_anomalies, require_3whs 180, \ overlap_limit 10, small_segments 3 bytes 150, timeout 180, \ ports client 21 22 23 25 42 53 79 109 110 111 113 119 135 136 137 139 143 \ 161 445 513 514 587 593 691 1433 1521 2100 3306 6665 6666 6667 6668 6669 \ 7000 32770 32771 32772 32773 32774 32775 32776 32777 32778 32779, \ ports both 80 443 465 563 636 989 992 993 994 995 1220 2301 3128 6907 7702 7777 7779 7801 7900 7901 7902 7903 7904 7905 \ 7906 7908 7909 7910 7911 7912 7913 7914 7915 7916 7917 7918 7919 7920 8000 8008 8028 8080 8180 8888 9999 preprocessor stream5_udp: timeout 180 preprocessor http_inspect: global iis_unicode_map unicode.map 1252 compress_depth 20480 decompress_depth 20480 preprocessor http_inspect_server: server default \ chunk_length 500000 \ server_flow_depth 0 \ client_flow_depth 0 \ post_depth 65495 \ oversize_dir_length 500 \ max_header_length 750 \ max_headers 100 \ ports { 80 1220 2301 3128 7777 7779 8000 8008 8028 8080 8180 8888 9999 } \ non_rfc_char { 0x00 0x01 0x02 0x03 0x04 0x05 0x06 0x07 } \ enable_cookie \ extended_response_inspection \ inspect_gzip \ apache_whitespace no \ ascii no \ bare_byte no \ directory no \ double_decode no \ iis_backslash no \ iis_delimiter no \ iis_unicode no \ multi_slash no \ non_strict \ u_encode yes \ webroot no preprocessor rpc_decode: 111 32770 32771 32772 32773 32774 32775 32776 32777 32778 32779 no_alert_multiple_requests no_alert_large_fragments no_alert_incomplete preprocessor bo preprocessor ftp_telnet: global inspection_type stateful encrypted_traffic no preprocessor ftp_telnet_protocol: telnet \ ayt_attack_thresh 20 \ normalize ports { 23 } \ detect_anomalies preprocessor ftp_telnet_protocol: ftp server default \ def_max_param_len 100 \ ports { 21 2100 3535 } \ telnet_cmds yes \ ignore_telnet_erase_cmds yes \ ftp_cmds { ABOR ACCT ADAT ALLO APPE AUTH CCC CDUP } \ ftp_cmds { CEL CLNT CMD CONF CWD DELE ENC EPRT } \ ftp_cmds { EPSV ESTA ESTP FEAT HELP LANG LIST LPRT } \ ftp_cmds { LPSV MACB MAIL MDTM MIC MKD MLSD MLST } \ ftp_cmds { MODE NLST NOOP OPTS PASS PASV PBSZ PORT } \ ftp_cmds { PROT PWD QUIT REIN REST RETR RMD RNFR } \ ftp_cmds { RNTO SDUP SITE SIZE SMNT STAT STOR STOU } \ ftp_cmds { STRU SYST TEST TYPE USER XCUP XCRC XCWD } \ ftp_cmds { XMAS XMD5 XMKD XPWD XRCP XRMD XRSQ XSEM } \ ftp_cmds { XSEN XSHA1 XSHA256 } \ alt_max_param_len 0 { ABOR CCC CDUP ESTA FEAT LPSV NOOP PASV PWD QUIT REIN STOU SYST XCUP XPWD } \ alt_max_param_len 200 { ALLO APPE CMD HELP NLST RETR RNFR STOR STOU XMKD } \ alt_max_param_len 256 { CWD RNTO } \ alt_max_param_len 400 { PORT } \ alt_max_param_len 512 { SIZE } \ chk_str_fmt { ACCT ADAT ALLO APPE AUTH CEL CLNT CMD } \ chk_str_fmt { CONF CWD DELE ENC EPRT EPSV ESTP HELP } \ chk_str_fmt { LANG LIST LPRT MACB MAIL MDTM MIC MKD } \ chk_str_fmt { MLSD MLST MODE NLST OPTS PASS PBSZ PORT } \ chk_str_fmt { PROT REST RETR RMD RNFR RNTO SDUP SITE } \ chk_str_fmt { SIZE SMNT STAT STOR STRU TEST TYPE USER } \ chk_str_fmt { XCRC XCWD XMAS XMD5 XMKD XRCP XRMD XRSQ } \ chk_str_fmt { XSEM XSEN XSHA1 XSHA256 } \ cmd_validity ALLO \ cmd_validity EPSV \ cmd_validity MACB \ cmd_validity MDTM \ cmd_validity MODE \ cmd_validity PORT \ cmd_validity PROT \ cmd_validity STRU \ cmd_validity TYPE preprocessor ftp_telnet_protocol: ftp client default \ max_resp_len 256 \ bounce yes \ ignore_telnet_erase_cmds yes \ telnet_cmds yes preprocessor smtp: ports { 25 465 587 691 } \ inspection_type stateful \ normalize cmds \ normalize_cmds { MAIL RCPT HELP HELO ETRN EHLO EXPN VRFY ATRN SIZE BDAT DEBUG EMAL ESAM ESND ESOM EVFY IDENT NOOP RSET SEND SAML SOML AUTH TURN DATA QUIT ONEX QUEU STARTTLS TICK TIME TURNME VERB X-EXPS X-LINK2STATE XADR XAUTH XCIR XEXCH50 XGEN XLICENSE XQUE XSTA XTRN XUSR } \ max_command_line_len 512 \ max_header_line_len 1000 \ max_response_line_len 512 \ alt_max_command_line_len 260 { MAIL } \ alt_max_command_line_len 300 { RCPT } \ alt_max_command_line_len 500 { HELP HELO ETRN EHLO } \ alt_max_command_line_len 255 { EXPN VRFY ATRN SIZE BDAT DEBUG EMAL ESAM ESND ESOM EVFY IDENT NOOP RSET } \ alt_max_command_line_len 246 { SEND SAML SOML AUTH TURN ETRN DATA RSET QUIT ONEX QUEU STARTTLS TICK TIME TURNME VERB X-EXPS X-LINK2STATE XADR XAUTH XCIR XEXCH50 XGEN XLICENSE XQUE XSTA XTRN XUSR } \ valid_cmds { MAIL RCPT HELP HELO ETRN EHLO EXPN VRFY ATRN SIZE BDAT DEBUG EMAL ESAM ESND ESOM EVFY IDENT NOOP RSET SEND SAML SOML AUTH TURN DATA QUIT ONEX QUEU STARTTLS TICK TIME TURNME VERB X-EXPS X-LINK2STATE XADR XAUTH XCIR XEXCH50 XGEN XLICENSE XQUE XSTA XTRN XUSR } \ xlink2state { enabled } preprocessor ssh: server_ports { 22 } \ autodetect \ max_client_bytes 19600 \ max_encrypted_packets 20 \ max_server_version_len 100 \ enable_respoverflow enable_ssh1crc32 \ enable_srvoverflow enable_protomismatch preprocessor dcerpc2: memcap 102400, events [co ] preprocessor dcerpc2_server: default, policy WinXP, \ detect [smb [139,445], tcp 135, udp 135, rpc-over-http-server 593], \ autodetect [tcp 1025:, udp 1025:, rpc-over-http-server 1025:], \ smb_max_chain 3 preprocessor dns: ports { 53 } enable_rdata_overflow preprocessor ssl: ports { 443 465 563 636 989 992 993 994 995 7801 7702 7900 7901 7902 7903 7904 7905 7906 6907 7908 7909 7910 7911 7912 7913 7914 7915 7916 7917 7918 7919 7920 }, trustservers, noinspect_encrypted # SDF sensitive data preprocessor. For more information see README.sensitive_data preprocessor sensitive_data: alert_threshold 25 output alert_full: alert.log output database: log, mysql, user=root password=123456 dbname=snort host=localhost include classification.config include reference.config include $RULE_PATH/local.rules include $RULE_PATH/attack-responses.rules include $RULE_PATH/backdoor.rules include $RULE_PATH/bad-traffic.rules include $RULE_PATH/chat.rules include $RULE_PATH/content-replace.rules include $RULE_PATH/ddos.rules include $RULE_PATH/dns.rules include $RULE_PATH/dos.rules include $RULE_PATH/exploit.rules include $RULE_PATH/finger.rules include $RULE_PATH/ftp.rules include $RULE_PATH/icmp.rules include $RULE_PATH/icmp-info.rules include $RULE_PATH/imap.rules include $RULE_PATH/info.rules include $RULE_PATH/misc.rules include $RULE_PATH/multimedia.rules include $RULE_PATH/mysql.rules include $RULE_PATH/netbios.rules include $RULE_PATH/nntp.rules include $RULE_PATH/oracle.rules include $RULE_PATH/other-ids.rules include $RULE_PATH/p2p.rules include $RULE_PATH/policy.rules include $RULE_PATH/pop2.rules include $RULE_PATH/pop3.rules include $RULE_PATH/rpc.rules include $RULE_PATH/rservices.rules include $RULE_PATH/scada.rules include $RULE_PATH/scan.rules include $RULE_PATH/shellcode.rules include $RULE_PATH/smtp.rules include $RULE_PATH/snmp.rules include $RULE_PATH/specific-threats.rules include $RULE_PATH/spyware-put.rules include $RULE_PATH/sql.rules include $RULE_PATH/telnet.rules include $RULE_PATH/tftp.rules include $RULE_PATH/virus.rules include $RULE_PATH/voip.rules include $RULE_PATH/web-activex.rules include $RULE_PATH/web-attacks.rules include $RULE_PATH/web-cgi.rules include $RULE_PATH/web-client.rules include $RULE_PATH/web-coldfusion.rules include $RULE_PATH/web-frontpage.rules include $RULE_PATH/web-iis.rules include $RULE_PATH/web-misc.rules include $RULE_PATH/web-php.rules include $RULE_PATH/x11.rules include threshold.conf -————————————————————————————- Can anyone help me to solve this problem? Thanks.

    Read the article

< Previous Page | 56 57 58 59 60 61 62 63 64 65 66 67  | Next Page >