Friday, October 15, 2010

Optional 11-point principle IDS


Currently, intrusion detection products on the market there are hundreds of large and small, how to choose their own products, is a place in the general security administrators and corporate technology decision-makers in front of a very complicated matter. Here we have a comprehensive performance based products, talk about basic principles of the procurement process.

1. The product of the number of attack detection? Whether to support the upgrade?

IDS's main index is that it found the number of invasive way, almost every week new vulnerabilities and attack methods appear the way in flexible product upgrade to its features directly affect the play. A good real-time detection of product should be able to regularly update, and through the Internet or download the upgrade package in the local upgrade.

2. For network intrusion detection system, the largest deal flow (PPS) is the number?

First, analysis of network intrusion detection systems deployed in the network environment, if 512K or 2M line on the deployment of network intrusion detection system, you do not need high-speed intrusion detection engine, and in high load environments, performance is a very important indicator.

3. Products easy to avoid the attacker do?

Some commonly used escape detection methods, such as: fragmentation, TTL deception, abnormal TCP segmentation, slow scanning, collaborative attacks. Whether the product design in mind.

4. Can a custom exception event?

IDS on the specific monitoring requirements only through the user's own custom monitor policy implementation. A good IDS products, must provide a flexible user-defined policy capacity, including services, visitors, were visitors, port, keywords, and the ways of the incident response strategy.

5. Product system structure is reasonable?

A mature product, must be an integrated network based on Fast, Gigabit-based network, the three host-based technologies and systems.

Most of the traditional IDS is a two-tier structure, namely "Control Panel 鈫?Detector" structure, a number of advanced three-tier IDS products began to be deployed, or "Control Panel 鈫?event collector + security database 鈫?Detector" structure, for large networks, the three-tier structure is more easy to implement distributed deployment and centralized management, thereby enhancing the safety of the concentration of decision-making. If there is no remote management capabilities, for large networks do not have the availability of basic.

6. Product of false positive and false negative rate how?

Some IDS systems often send many false alarm, false alarms are often masked real attack. The weight of these products in the next re-collapse of the false alarm, and when a real attack occurs, some IDS products can not capture the attack, while others report IDS products mixed in false alarms, it is easy to miss. Overly complicated interface to turn off the false alarm is very difficult, almost all IDS products under the default settings will have a lot of false alarms to the user much trouble.

7. The system itself is safe?

IDS system records the most sensitive business data, there must be self-protective mechanism to prevent a hacker target.

8. Products real-time monitoring performance?

IDS communication caused by the load on the network can not affect normal network operations, must be real-time analysis of data, or can not be offensive to protect the network, so network intrusion detection products must consider the maximum bandwidth of the number of normal working.

9. The system is easy to use?

System ease of use include five aspects:

Interface easy to use - all Chinese language interface to facilitate the easy to learn and easy to operate and flexible.

Help ease of use - to the unusual event in the monitor to instantly see the help of alarm information on events, while in the online help in a variety of ways to view the products according to help.

Policy Editor use - can provide a separate Policy Editor? Can also edit multiple strategy? Strategy is to provide printing functionality.

Use the log report - the report is to provide a flexible customization capabilities.

Optimization of alarm events - whether to optimize for the alarm event, the user logs in from the ocean of liberation, advanced IDS can be a similar event within a specified time after the merger through optimized alarm, so that the user log information face not only clarity but also to avoid missing important alerts.

10. Signature Upgrade and maintenance costs of what?

The same as anti-virus software, intrusion detection feature database must be constantly updated to detect new and emerging attack methods.

11. Product by the national authorities of the evaluation?

Evaluating the authority of the main institutions: the National Information Security Certification Center evaluation, Ministry of Public Security of Computer Information System Security Product Quality Supervision and Inspection Centre.

In addition, the purchase of IDS products need to consider many factors, the above is the basic point. As the user's actual situation is different, the user can according to their own security needs in consideration.






相关链接:



About Distributed IDS



MainMenu> Preprocessor> MaterialProps> Mooney-Rivlin> DefineTable Where?



To work without SELECTION, the problem you thought about it?



AVI TO FLV



Female Employment: Shuobo difficult job there is the cycle undergraduate



CLP Guangtong Proceedings To Recover 200 Million Loan Of China Cable



Wizard Launchers And Task Managers



Compare Accounting And Finance



cheat barn Buddy facebook find how to cheat barn



MKV to PSP



12 Large Companies In 2007-2008 Compared The Welfare State



Principles Of CD Burning Type Of Identification



Guide Registry Tools



Using De exterminate rabbits annoying ads RMVB movies



Symantec said the new storm worm detected



RM TO AVI



Tuesday, October 5, 2010

Harbin Engineering University, the world's five major classification societies in hand



Harbin Engineering University, the world's five major classification societies in hand

Recently, China held in Shanghai International Maritime Exhibition, Harbin Engineering University and Germanischer Lloyd signed a cooperation agreement, both sides will be in research, teaching, extensive cooperation. So far, the school and all the world's five classification societies to establish a cooperative relationship.

It is reported that GL is one of the world's five major classification societies in the world, more than 120 countries and has more than 400 offices throughout the ship inspection services, marine engineering, quality system certification and other areas, the is the first time the agency to cooperate with Chinese universities. Under the agreement, Kazakh University of Engineering and Germanischer Lloyd to conduct a joint scientific and industrial cooperation projects, organizing the exchange of lecturers and trainers; Germanischer Lloyd for ships and offshore engineering ha of outstanding undergraduate and graduate professional provide scholarships.







Recommended links:



MPEG to MOV



YUV To AVI



burn windows movie maker video to dvd with dvd



DV to AVI



Tuesday, September 28, 2010

Skyworth the secret of surviving


Nothing better than having a private business owner in trouble even worse things.

Late last year, Skyworth Digital (0751.HK) Stephen Wong, founder and leader of the legal issues encountered so many people can ride out the storm began to question the Skyworth. As private enterprises grew up fast, 10 years seems to have been troubled Skyworth, though always at a crucial moment before the head off, but the bosses who do not believe the trouble will not bring turmoil.

But after a few months but did not Skyworth performance as bad as people imagine. 2000, color TV market in China is still a small role in the Skyworth, 4-year period has been the first leap into the field Army. September 30, 2004 April 1, 2005 during the day, Skyworth's turnover of 4.349 billion Hong Kong dollars, the same period the previous year's 3.644 billion dollar increase of 30.86%; net profit of 187 million Hong Kong dollars, the same period the previous year's 081 million Hong Kong dollar soared 130%. Huang Hongsheng cause ridden in time, Skyworth has not stuck in mud, on the contrary, the high rate of business growth is actually rare in recent years, can be financially very rare that a good year.

At present, the past did not pay too much attention to competitors amazed Skyworth Skyworth excellent market performance, start it as a major competitor. "Skyworth took four years to nearly 5 billion yuan sales volume achieved from nearly 10 billion yuan, mainly R & D and market integration than good." Has more than one industry on the development of such a characterization of Skyworth. It usually does not Visible of Skyworth, R & D and the market in the end in what pattern?

Institute of multifunctional

Skyworth Research Institute at the New Komeito town Skyworth 15 mu production base in a corner, through the busy clutter of the workshop, the Institute three-storey building looks like a workshop. Boxes piled around the street, next to a plant in the workers are from the 4th floor, leaned out the window of a home-made using slide down to send foam packaging. This is probably the most we have seen crude research environment where, for comparison, many companies institute always has the most bright and comfortable office environment.

In fact, Skyworth Institute of itself really is a productive sector. In the third floor of the Institute has six different types on the production line, which is Skyworth Institute pilot and production departments. Original new product is a small trial and pilot on the production sector to carry out large-scale production line, once one part of the problem, a line of a hundred people had to stop to wait for changes. To avoid this, after the Institute of reform put into research and development testing phase, trying to design the product itself and in the R & D department to resolve the issue. As a result, the organizational structure of the Institute after the original innovation is simply engaged in scientific research, now transformed into an independent research entity, and entered the industrialization stage, not only do technology also start the process.

Skyworth Institute now has 700 people, about 200 developers, managers have twenty or thirty people, the rest are as skilled workers. New product came out, the first small-batch test and improve. That can be invested, and then into the pilot line production of 200 units to 2,000. Wait until sufficient production efficiency, process no problem, product maturity and then submitted to the production sector for large-scale production.

Skyworth's engineering strength of the weak, which is chosen to produce the phase section on the Institute to complete one of the reasons. Interestingly, the Institute's pilot line can support themselves, they do not test planned for the production department for processing, production departments to pay the appropriate fees, such as the Institute will make its annual funding of several million dollars.

In addition to volume production new products, the Institute will bear the test marketing of new products, such as pilot line to be first produced in 2000, sets new products to market for the first test market, the advantage of doing R & D in the first time to know how the sales of new products, there is any problems, shorten product development and industrialization process. Finished before the design transferred to production systems, production finished go to sales, production will become the information center and then back to R & D, but now simply open up a direct chain R & D and market access.

Dean Lihong An introduction, when Vice-President Zhang Zhihua, said with a smile Zhang Zhihua, "name pushed, name Tuitui Tui", research vice president Zhang Zhihua is responsible for promoting the veterans department, because the new products come out, the R & D also responsible for new technology and new product introductions to the production and sales. "Because the market a new product do not know what kind of advantage, so R & D personnel to branch offices around the country to go on all the technical training and introducing new products." Zhang Zhihua said.

Currently, Skyworth set up a special "product committee" members from R & D, marketing, sales, service department related to the composition, generally seven or eight individuals, each month there is joint production, supply and research and to communicate information. If a market product problems, marketing research and a team to go immediately to resolve.

Market Research Institute

Skyworth TV division president Zhang Xuebin recall a time when he assumed office, Stephen Wong called him in the past, the task entrusted to him the first thing is to let him start from the R & D department, investigate product quality problems and find solutions. Because at that time there's a lot of product quality has become a bottleneck in the system. Huang Hongsheng means let him first go to the months of R & D, Zhang Xuebin was spent on R & D department went to two weeks time to do a lap investigation.

In June 2001 long before the period of time, Skyworth's R & D by sector of the four groups; Institute of Software, Hardware Institute, Institute of Electronics Research Institute and HD, for each group by a boss. They would each go to the upper reaches of IC companies understand the new technology to the other experimental techniques are being developed to take over. Risks of doing so is either developed and market the products are out of touch, not the market needed products; or found out some products that do no use; or the IC itself is not mature, and blindly follow some of conceptual experimental products, the company invested huge, often for others to experiment, Guer losses.

In addition, the product developed, the R & D no further processes, such as a lack of first test and pilot the process and can not check the product R & D products directly out of production, something has gone wrong and come back again and again affected stability of product quality.

In fact, from June 2001 Skyworth Academia Sinica Lihong An now, was appointed chief scientist, has overall responsibility for research and development, to Zhang Xuebin to set up after the TV business unit during the period before, seems to have set out to find Skyworth solution. But wound up in the Skyworth, the solution has to be developed not just a part of the problem, but the entire business process and organizational structure of the adjustment, so until May 21, 2001 Zhang Xuebin the TV division was established integrated production and marketing research really began, and R & D innovation also will started.

It is said, after an extended stay, Zhang Xuebin first thing to do is to link research and development and sales. R & D personnel at the time of performance evaluation is not a standard, previously viewed not come to work, and whether the overtime was, and how each government department to do, and are more qualitative rather than quantitative indicators.

April 18, 2001 is the Skyworth annual technology conference in the conference relates to the recognition of science and technology R & D personnel, money allocated for the practice of Zhang Xuebin raised a new idea, based on the contribution of corporate profits to consider incentives for R & D personnel, new incentive program will be in accordance with the group who designed the designer of these products ultimately sold in the market to extract the ratio of the number of profit incentives. This new program has been supported by Lihong An Dean, because he started from 2000, tried to effective structural reform, trying to develop into a stable profit center.

"The designer of the technology and market profits bonuses linked to the completion of market-oriented, focus on efficiency change is the foundation of all." Xue-Bin Zhang recalls.

Risk and risk aversion

To open up R & D and market access, while the R & D personnel and market linked incentive mechanism makes R & D R & D project teams from product planning, technical solutions, such as matching production to market through the track in the end, can achieve rapid market reaction, but which also contains certain risks.

This risk is often competitors Skyworth question: This makes a certain product items may be over-dependent on one person or several people, the group's backbone once they left, the project may be paralyzed.

"We have been exploring this problem, and now a lot lower this risk. One is thinking of the design platform, the design of all the basic platform to share, many things are standardized, the second is to strengthen the management of each step completed, the results should be written into a file, people go, the file is still there; third of each project is not a person to do, is a group. in arranging a project consciously arrange replacement, in a project group where two people may or three people doing the same role, but for a different focus. Through these methods avoid the risk that the method from scratch with the end of the current would indeed greatly increase efficiency, researchers would be very concerned about his product, they often go to market see the technology has no problem selling status. "Lihong An said.

Zhang Xuebin said Skyworth Group R & D investment has accounted for sales of 1 / 4, but Skyworth Research Institute has been trying to save costs as much as possible through various channels. For example they will actively participate in national research and development projects, from a subsidy; joint upstream businesses invest in new product development, but also with the development of the joint tube factory dies. When they push "flat Storm" is the time to find manufacturers willing to do joint development of the mold tube. "Because of the high cost of a mold, tube manufacturers will be out some money, thus reducing our risk." Research vice president Zhang Zhihua said.

Skyworth Institute definition of innovation itself has been adjusted, and their principle is innovative but not too much ahead. "We think the year ahead after." Lihong An said, "As long as a year ahead to products, product technology R & D may be a few years to do well, we are likely to become victims of the industry." He felt that combining the actual situation of Skyworth and industrial location, put out the satellite products uneconomical. "Products ahead of 3 months to 6 months is the best time to market, rivals such as large-scale investment, the market matured, Skyworth and then accelerated forward, to obtain high profits."

Today, however, Skyworth is facing greater challenges Academy. In 2004, Skyworth Group, the purpose of the establishment of the Academia Sinica in the hope that they will not only TV division is responsible, but also for the new industrial technology research and development companies. Skyworth has always pursued "with fewer people doing more things," was only about 200 R & D team under enormous pressure. "This year, the pace of product development research institute to reach last year's 1.7 times." One researcher said, "We estimate that during the New Year I am afraid that can not rest."

In fact, Skyworth Institute now finds itself a bit confusing law and order, Gong Ming Town, attracting R & D personnel disadvantage. The Research Institute to meet the Group's 100 billion yuan in 2015 to achieve the scale of need in research and development to make some changes in the layout. Example, need to pay more attention to more sophisticated techniques, but "we are now considering a 3 to 5 years of product, but it does not take into account the product after 10 years; In fact, when conditions permit, we really hope that the Institute of Environment and equipment can be improved. "






Recommended links:



power nas campus network solution EDUCATION



Wizard Timers And Time Synch



New Year's gift wish Beijing won three business awards to



Of! The RELATIONSHIP between SEO and UCD



Pop-up window killer (on)



View from the MIS MIS success or failure of their OWN



AVI to FLV



Bonus OF sight [2]



MPEG To 3GPP



DivX To IPhone



Calm "fixed Monthly Fee," Such As: Put Off Indefinitely



Review Science - Screen Savers



Good Chat And Instant Messaging



3 Accounting in a drama, colorful festival Foshan accounting



BOE Holdings East TPV regulators have not yet Ratified Difficult



News About Trace And Ping Tools



Thursday, September 16, 2010

IDS weaknesses and limitations (2)




1.2.5 Intrusion variant
1.2.5.1 HTTP attack variant
Repeat the directory separator ,'/'' into'//''銆?br />The current directory, '/ cgi-bin/phf''into the' / cgi-bin/./phf''.
Parent directory, '/ cgi-bin/phf''into the' / cgi-bin/xxx/../phf''.
URL encoding, '/ cgi-bin /''becomes'% 2fcgi-bin /''.
Use TAB instead of spaces and other separators.
NULL method, 'GET% 00/cgi-bin/phf''.
GET outside use other methods such as POST.
Change the parameters of the order, add the unwanted parameters.
For IIS, there are the following:
DOS / Win under the directory separator, '/ winnt/system32/cmd.exe''into the' / winntsystem32cmd.exe''.
Case conversion, such as cmd.exe into CMD.EXE.
IIS second decoder, such as cmd.exe into% 2563md.exe,% 25 and then decoded to decode% 63''%'', as''c''.
UNICODE encoding, such as cmd.exe into the% c0% 63md.exe. UNICODE encoding more complex because there are very few NIDS can decode it.

1.2.5.2 Telnet attack variant
Use the backspace key.
Using the Tab key for command padded.
Use Shell to execute attack code.
Using macros.
Add a useless argument.
In fact very difficult to detect those NIDS Telnet to connect to the server through the local after the attack.

1.2.6 TCP / IP protocol limitations
As TCP / IP design did not consider good security, so now IPV4 security is worrying, in addition to the above problems arising due to network structure, there are some limitations below.

1.2.6.1 IP fragmentation
Packet fragmentation, some NIDS can not restructure IP fragmentation, or more than its capacity, you can bypass the NIDS.
A maximum of 8192 IP datagram fragmentation, NIDS performance parameters of a reorganization shall be able to slice the largest number of IP.
NIDS every IP received a new IP datagram fragmentation when the fragment will start a restructuring process, after the reorganization is complete, or timeout (typically 15 seconds of overtime) Close this restructuring process, NIDS performance parameters of a shall simultaneously restructuring the number of IP packets.
An IP datagram maximum 64K, as ready to receive a IP datagram, NIDS will be ready enough memory to accommodate the upcoming follow-up fragments, NIDS performance parameters of a reorganization shall be to the largest IP datagram .
Combining above three parameters, namely, in the time-out time NIDS (for example 15 seconds) while preparing for maximum internal energy (for example, 64K) The number of IP datagram reorganization.
If the NIDS received packets over the limit, NIDS have packet loss, which occurred DoS attacks.

1.2.6.2 IP fragment overlap
IP packet fragmentation in the reorganization of the time, if met, then overlapping fragments, each operating system is not the same approach, for example, some systems will use the first received fragment (Windows and Solaris), some will be adopted after the closing to the slice (BSD and Linux), if the overlapping fragment of data is not the same thing, and NIDS approach is different with the protected host, it will lead to NIDS packet after the reorganization of the protected host and the packet is inconsistent, NIDS to bypass the detection.
For example, TCP or UDP can overlap the destination port, and then penetrate through most firewalls now, and may bypass the NIDS.
You can also overlap TCP flags, so that NIDS can not correctly detect the TCP FIN packet, so that NIDS soon to be able to simultaneously monitor the maximum number of TCP connections; to NIDS can not correctly detect TCP SYN packet, so that NIDS can not detect TCP connection due.

1.2.6.3 TCP segmentation
If the NIDS can not be re-TCP stream, you can bypass the TCP segmentation to NIDS.
Some unusual TCP segmentation will confuse some of NIDS.

1.2.6.4 TCP un-sync
Sent the wrong in the TCP sequence number, send the duplicate serial number, reverse the order to send such, it is possible to bypass the NIDS.

1.2.6.5 OOB
Attacker to send OOB data is protected if the host application can handle OOB, as NIDS can not predict the protected buffer when the host received OOB data in the number of normal, they may bypass the NIDS.
Some systems, when dealing with OOB will be the beginning of a byte of data discarded (such as Linux, the Apache, but IIS is not), then by sending in more than one TCP segment, including options with OOB TCP segment, then NIDS may lead to the data stream after the reorganization of the host and the protected application is inconsistent, and thus bypass the NIDS.

1.2.6.6 T / TCP
If the destination host can handle things TCP (currently very few systems support), an attacker can send transaction TCP, NIDS may not be protected with the host application on the same treatment, which may bypass the NIDS.

1.3 Resource and capacity constraints

The DoS attack against the NIDS 1.3.1.

1.3.1.1 the impact of high flow
Attacker to the protected network to send large amounts of data, more than NIDS processing power is limited, the situation of packet loss will occur, which may lead to acts of omission of the invasion.
NIDS network packet capture capabilities associated with a number of factors. For example, 1500 bytes in each packet case, NIDS will be over 100MB / s of processing power, even to more than 500MB / s of processing power, but if only 50 bytes per packet, 100MB / s of traffic means that 2 million package / s, most of which will exceed the current handling capacity of cards and switches.

1.3.1.2 IP fragmentation attacks
Attacker to the protected network to send a large number of IP fragments (such as TARGA3 attacks), more than NIDS IP fragments can be simultaneously restructuring capacity, leading technology through IP fragmentation attacks omitted.

1.3.1.3 TCP Connect Flooding
Attacker to create or simulate a large number of TCP connections (described by the above method of IP fragment overlap), while more than NIDS to monitor the maximum number of TCP connections, resulting in unnecessary TCP connection can not be monitored.

1.3.1.4 Alert Flooding
Attacker can detect the light of the rules posted on the network, while the attack would deliberately send a large number of alarm caused by NIDS data (such as stick attack), may exceed the speed NIDS to send alarm, resulting in omission, and to network received a large number of alarm, it is difficult to distinguish real attacks.
If you send 100 bytes can generate an alarm, you can generate per second through dial-up 50 police, 10M LAN can produce 10 thousand per second alarm.

1.3.1.5 Log Flooding
The attacker will send large amounts of data caused by NIDS alarms and eventually led to the space NIDS to be depleted Log, Log to delete the previous record.

1.3.2 RAM and hard drive limit
If the NIDS to improving the ability to process the IP fragments and TCP connection monitoring capabilities restructuring, which will require more memory to do the buffer, if the NIDS's memory allocation and management is not good, will the system cost a lot of exceptional circumstances memory, if the start using virtual memory, it will shake the memory may occur.
Hard drive speed is usually far less than the speed of the network, if the alarm system to produce a large number of records to the hard drive, will cost enormous amounts of system capacity, if the system records the original network data, save a large and high-speed network data will require expensive large-capacity RAID.

1.4 NIDS related to the vulnerability of the system
NIDS itself should have very high security, generally used for monitoring the network cards are not IP addresses, and other card will not open any ports. However, associated with the NIDS system may be attacked.

1.4.1 Console host of security vulnerabilities
Some systems have a separate console, if the attacker can control the console to the host computer, you can control the entire NIDS system.

1.4.2 Sensor and the vulnerability of the console communication
If the communication between sensors and the console may be attacked by a successful attack, will affect the normal use of the system. Such as conducting ARP deception or SYN_Flooding.
If the communication between sensors and console explicit communication or simply use encryption, you may be subject to IP spoofing or replay attacks.

1.4.3 and the system alarm and other equipment related to the vulnerability of communications
If an attacker can successfully attack the system alarm and other related equipment, such as mail servers and so on, will affect the alarm message is sent.

2 HIDS weaknesses and limitations

2.1 Resource constraints
As HIDS installed on protected hosts, so the resources can not be too much occupied, thus limiting the detection method used and the processing performance.

2.2 operating system limitations
Unlike NIDS, manufacturers can customize their own operating system, a sufficient security to ensure their own security NIDS, HIDS where the security of the host operating system under its security restrictions, if the host system is compromised, HIDS will soon be cleared. If the HIDS as stand-alone, it is basically not successful attack can only be detected if the HIDS for the sensor / control panel structure, will be faced with the same NIDS attack on the related systems.
Some HIDS will consider increasing the security of the operating system itself (such as LIDS).

2.3 System log limit
HIDS will monitor the system log to discover through the suspicious behavior, but some procedures are not sufficiently detailed system logs, or no logs. Some of the invasion would not in itself be a system log of the proceedings recorded.
If the system does not install third-party logging system, the system's own log system will soon be intruders or modified, and intrusion detection systems typically do not support third-party logging systems.
If there is no real-time inspection system HIDS log, then use automated tools to attack will be entirely possible to complete the inspection interval and clear of all the attack works in the system log traces.

2.4 The core of the system was modified to fool the paper check
If an intruder to modify the system core, you can fool a tool based on file consistency check. It's like the beginning of certain viruses, when they think that by the time of inspection or to track the original documents or data will be available to the inspection tool or tracking tool.

Detection limit of 2.5 Network
Some HIDS can check the network status, but will face many problems facing the NIDS.







相关链接:



VIDEO conversion software



Health wine listed first off over five



ADO programming in the Definition of the problem encountered by ATL



ps3 Mov



MicroStrategy to SUPPORT Apple? IPhone?



F4V to flv



Effects Authorware word album (2)



Comment Password Managers



Competitive Strategy: Legal spying



best video format



MMS can REPLACE SMS?



Lack of experience quit difficult to do adjust ATTITUDE



XTools provoke the industry division of advertising on CCTV



REVIEWS Trace And Ping Tools



Semiconductor India vied with New Deal



Wednesday, August 4, 2010

CSS box model



CSS box model

Web design is a rectangular box for each element. What is the exact size of the box calculated, see the following figure:






If the user then Firebug (basic and front end will use the Firebug bar - sugar with tomatoes), will be very familiar with the chart below the.

This chart shows the role very well on any box on the page value.






Note that the above two examples, margin is white. Margin rather special, it does not affect the size of the box itself, but it will affect and the other contents of the box, so margin a box model of an important part.

The size of the box itself is calculated:

Width width + padding-left + padding-right + border-left + border-right

Height height + padding-top + padding-bottom + border-top + border-bottom

Value is not the case statement

If you do not declare padding or border, that they or the value is zero (css reset when used), or as the default browser (it may not be zero, especially those who often do not have to reset the form elements)

The default width of the block-level boxes

If you do not declare the width and the box is static or relative positioning, the width will remain 100% width, padding and border will promote inward rather than outward expansion.

However, if you explicitly set the width of the box 100%, then the padding will extend outward.






The lesson here being that the default width of a box isn't really 100% but a less tangible "whatever is left". This is particularly valuable to know, since there are lots of circumstances where it is immensely useful to either set or not set a width.

Note that the default width of the box is not really 100%, but the rest of the possible values (should be said that the width of the remaining real - sugar with tomatoes). Should understand the special value, because in many cases, it is to set / not set the width is very useful.

The biggest problem I encountered is the textarea (text box) elements, and they need to set the width to the desired "cols" attribute, and can not contain child elements. It is often necessary to set textarea width defined as 100%, but padding, they will extend the textarea width. Fixed-width environment, usually set to the appropriate pixel width, but widens the situation not so lucky.

The width of the box without absolute positioning

Not set the width of the performance of the absolute positioning of the box a little bit different. They just need to fit the width of the content they contain can be. Therefore, if the box is only one word, the box will be like as wide as the performance of that word. If the two words into the box width will increase accordingly. The situation is going to box the width of the width to 100% of the parent element (the nearest relative positioning of the parent element or browser window), then it will fold line.






On the box, the vertical expansion to accommodate the content contained is natural. Surprising, not only in the performance of different platforms with different text, different browsers handle this issue, there are many quirks.






No width of the floating box

Absolute positioning with no width as the box's performance. The width of the box contained only extended to the width of the content until the width of its parent element (parent element is not necessarily the relative positioning). As these non-vulnerability of the width of the box, we have to learn is the key mission mode when they can not rely, as the overall page layout. If floating a use as a sidebar, and expect that the internal elements (eg images) to be responsible for the width of containing it, you're asking for trouble.

Inline element is a box

Here has focused on block-level element box. It is easy to imagine the block-level elements of the box, but also inline element boxes. They can think for very long, narrow rectangle, they can have the same box as the other margin, padding he border






It looks bad to exercise off some understanding. As shown in the left margin to push the right side of the box, but only the first line effective, because it is the starting point of the box. the normal application of padding in the text of the upper or lower part, when folded it will ignore the row above the row to row padding and high (line-height) required position as a starting point. Transparent background effect to make look better.

Witnessed what

Composition of the page to see each individual "box" it? Try this line of code into the style sheet for the time being:

* (

border: 1px solid red! important;

)










Recommended links:



Games SIMULATION Catalogs



Visuanl C # 2005 Quick Start of the while statement (1)



Site Administration SPECIALIST



C language library function (G class letters) - 1



flv TO avi



How to Ubuntu equipment Chinese character library



C # LEARNING Notes (April 3)



"Digital water" wind and rain ahead



Shop Dictionaries Education



Flv to mp4 converter free download



Dialog box for further Study



Specialist Mathematics Education



What is mov



Removal of DW MX 2004 SUPPLEMENTARY table width



ps3 video Format



Thursday, July 15, 2010

Netac, shake hands suspense Huaqi


In the case of a duel 4 eventually to "vague" way of ending the reconciliation. July 8, Netac and Huaqi This "enemy" choose "equal reconciliation" approach curtain call, in Qingdao, China International Consumer Electronics Show announced on joint "reconciliation." Both sides indicated that they had reached a consensus on core issues, the future will be "unanimously." The two sides did not disclose the terms of settlement and agreement of the content. Although the shake hands, but the left is a series of questions.

Undoubtedly, such a result not only unexpected, it is expected. "Accident" is the legal stalemate for 4 years and was known as the IT industry, intellectual property rights outside the first case, but it was finally this "hasty end" approach end; "expected" is that patent litigation will be both reconciliation and an end, after all, who do not want to fight a protracted war, but Netac and Huaqi confrontation lasted too long, the two sides have dragged exhausted. So, Netac and Huaqi what is the way how the settlement? This may be a temporary frozen secret.

Netac and Huaqi the case dates back to 2002, the year Netac to the courts that such companies Huaqi flash drive products infringe its "flash for data processing systems and electronic devices outside the storage method "patent. In 2004, the Court of First Instance ruling in favor of Netac company, the defendant was sentenced to compensate Netac Huaqi companies and to stop selling the company one million yuan flash drive products. Then to the State Intellectual Property Office Huaqi review board of the "patent is invalid" application, the tug of war between the two sides entered a long waiting period.

Alleged that the company's settlement Netac Huaqi and will not involve any compensation costs and patent costs. Future Huaqi and other enterprises do not need to flash drive patent royalties paid to Netac, Netac Huaqi recognition based flash drive and flash MP3 patents, "only by inter-firm team to carry out international", the next two company with this situation, the joint more mobile storage companies, and jointly promote the mobile storage industry's sustained and healthy development. Obviously, this in itself becomes a contradiction, Huaqi Netac's patent recognition, but do not need to pay licensing fees, which seems to become more strange to the outside world, and Is Netac also simply to gain a " reputation? " Clearly, the results will not be as simple as announced.

Throughout, this last 4 years into the lawsuit involves too many third party. Review committee from the State Intellectual Property Office, Intermediate People's Court of Guangdong Province, Guangdong Province and other people's court to the Ministry of Information Industry of China Electronic Chamber of Commerce to discuss a peaceful settlement seems to be a third-party participant in any task. After numerous times in the middle of mediation, Netac and Huaqi litigation between the doomed fate of a negotiated settlement. But what is certain is that both sides may not be as simple as that shake hands. Speculated that the normal rules, Netac and Huaqi may reach a private peace treaty, but not easily disclosed.

Huaqi can finally relax. Huaqi CEO Feng Jun said that the flash drive after 4 years of patent disputes, and finally reached a settlement, is the China Electronic Chamber of Commerce, as well as Netac, aigo portable storage vendors to work together with all the results. Although the period experienced some ups and downs, but by friction with the adjustments, and these problems no longer exist.

The Netac president Deng Guoshun said, Netac "patent strategy has entered the third phase - the operational phase of the patent, the next step the use of international patent strategy." Words can be seen as a signal, in the "Chinese do not fight Chinese "mind, the Netac and Huaqi reconciliation is a war of attrition as far as possible, to target international companies. In the construction of "innovative country" macro-policy environment, the only way of reconciliation seems to be one.

Next, the story of how Netac interpretation of patent rights protection, the outside world need to wait and see. It is understood that the present lawsuit against the Japanese companies such as Sony and PNY U.S. patent infringement lawsuit in progress.






Recommand Link:



Convert avi to wmv



reviews PUZZLE And Word Games



How-to Flash To PSP



comments Text Or Document Editors



Recommend Source Editors



free download Mp4 to 3gp converter



Lohan DVD to PDA



Pazera Free FLV to AVI Converter



convert aac to Mp3



matroska file



Youtube Movie to Xbox Suite



Lohan MOV Converter



Domeru DVD to Zune CONVERTER



Audio TO Music Plus



Wednesday, July 7, 2010

RA Music to CD

RA Music to CD is an all-in-one sound recorder, editor, and converter. Streaming Audio Studio is everything you need to analyze, record, edit, and convert audio file, produce music loops, digitize, and clean-up old recordings. It enables you to record and modify any audio files as you wish, which means you can record and play sounds, import and export audio files, drag-and-drop, trim, copy, paste, split, and merge files.
Audio format conversion is performed directly without any temporary files, and thus enables high converting speed and economy of hard disk resource. You can convert many files in a batch regardless of their source formats and target formats. Right click on files in the Explorer or File Manager, select "Convert to Mp3(or CD, CDA, CD-R, DVD-Audio, AAC, AC3, ID3, M3U, M4A, M4P, MP3 ID3 Tag, OGG, RA, WAV, WMA, MP2, APE, VQF, MPC, AMR, Midi, WAVE, and RM)" and you are brought right into the Audio Converter. This is an very useful feature. This Audio Converter also supports playback of all the audio files with its built-in player. Start downloading the smartest converter now!



Recommand Link:



Youtube to Iphone Pro



Helpdesk And Remote PC Guide



convert mp3 To ogg



Movkit Mobile Video Converter



Converting mp3 to aac



Rmvb to avi



Jason DVD to Cell Phone Converter



Christmasgift DVD to PSP



Articles about Automation Tools



Christmas-Idea DVD Flash QT to QuickTime



Convert dvd to wmv



Music CD MP3 WAV Audio Converter



Audio Speech brief