Pages

Monday, January 24, 2011

iframe

"iframe" redirects here. For other uses, see IFrame (disambiguation).
Main article: Framing (World Wide Web)
Frames allow a visual HTML Browser window to be split into segments, each of which can show a different document. This allows for lower bandwidth use, as repeating parts of a layout can be used in one frame, while variable content is displayed in another. This comes at a significant usability cost, especially in non-visual user agents. Because of this cost, frames (excluding the iframe element) are only allowed in HTML 4.01 Frameset.
In HTML 4.01, a document may contain a head and a body or a head and a frameset, but not both a body and a frameset. However, iframe can be used in a normal document body.
Contains the frameset. The frames layout is given by comma separated lists in the rows and cols attributes.
Standardised in HTML 4.0 Frameset, obsolete in HTML 5.
or
Delimits a single frame, or region, within the frameset. A separate document linked with the src attribute appears inside.
Standardised in HTML 4.0 Frameset, obsolete in HTML 5.
…
Contains normal HTML content for user agents that don't support frames.
Standardised in HTML 4.0 Transitional, obsolete in HTML 5.
An inline frame places another HTML document in a frame. Unlike an object element, an inline frame can be the "target" frame for links defined by other elements and it can be selected by the user agent as the focus for printing, viewing its source, etc.
The content of the element is used as alternative text to be displayed if the browser does not support iframes.
First introduced by Microsoft Internet Explorer in 1997, standardised in HTML 4.0 Transitional, allowed in HTML 5.

(source:wikipedia)

At least 31 killed in apparent suicide blast at Moscow airport

Update at 10: 57 a.m. ET An apparent suicide bombing at Moscow's busiest airport has killed at least 31 people and injured at least 130, according to the Russian Health Ministry, Russia Today reports. There are reports that the bomb was packed with shrapnel, RT reports.


CAPTIONBy Pavel Golovkin, AP
Heavy smoke at the scene of the blast has hampered the search by emergency workers for more victims, a ministry spokesperson says, according to RT.

Airport workers have broken down a brick wall near the luggage claim area to let the passengers leave the area.

Earlier postings: The Russian Investigative Committee is treating the incident as a terrorist act and has opened a criminal case in the matter, Vladimir Markin of the Investigative Committee tells Interfax.

Update at 9:35 a.m. ET: At least 23 people have been killed and 130 injured in an apparent suicide bombing at a Moscow airport, the Russian media reports, according to the Associated Press.

Earlier posting: At least 10 people have been killed and scores injured in an apparent suicide bombing at Moscow's Domodedovo airport, the Russian media reports.

The Interfax News Agency, quoting unidentified medical sources, says at least 10 people were killed. It quotes the Russian Investigative Committee as saying at least 20 people were injured in the explosion at Russia's busiest airport.

Interfax says the explosion occurred in the airport luggage area of international arrivals.

Russia Today says Moscow police have been put on alert for possible terror attacks in the capital.

RT also reports that international flights are being redirected to other Moscow area airports.

It says more than 20 emergency teams are already on the scene at the airport about 25 miles southeast of Moscow and that hospitals have put 170 places on standby to handle the injured.

(source:usatoday.com)

Suicide bomber kills 31, injures at least 100 at Moscow airport

[Updated at 10:51 a.m.] Footage from inside Moscow's Domodedovo Airport showed several police in a smoke-filled section of the airport.

There were several bodies lying on the floor, and video from another part of the airport showed paramedics rushing by with people on stretchers.

[Updated at 10:38 a.m.] A suicide bomber was responsible for the blast at Moscow's Domodedovo Aiport on Monday, Russian state TV reported.

The station said the handmade bomb was stuffed with metal objects to increase shrapnel from the explosion.

The state-run ITAR-TASS news agency said the explosion occurred at the international arrivals section of the airport. Another state media outlet earlier said it happened at a baggage claim area.

[Updated at 10:33 a.m.] As police went on high alert around the capital city, Russian President Dmitry Medvedev called security chiefs to an emergency meeting at the Kremlin to discuss the situation.

[Updated at 10:06 a.m.] Flights destined for Moscow's Domodedovo Airport are being redirected to other airports in Moscow, either Sheremetyevo or Vnukovo, according to Russian TV.

Domodedovo is located about 14 miles southeast of Moscow, and the airport's website says it's the largest and busiest of the airports in the capital.

[Updated at 10:04 a.m.] State TV is reporting that the blast at a Moscow airport erupted at the baggage claim area, killing 31 people.

The Health Ministry provided the media outlet with the death toll, it said.

CNN is seeking details on the Russian Investigative Committee report that terrorists are responsible for the explosion.

[Updated at 9:53 a.m.] The Russian government is confirming the death toll of 31 people and says 130 people were injured in the Moscow airport blast.

[Updated at 9:48 a.m.] Russian state TV reported 31 people are dead and more than 100 others were injured in an explosion at Domodedovo Airport in Moscow.

In a post on its website, the Russian Investigative Committee is blaming terrorists for the attack.

[Updated at 9:37 a.m.] The explosion at Moscow's Domodedovo Airport killed at least two people and injured 20 others, according to the official RIA Novosti news agency.

Russia's Investigative Committee confirmed the blast, saying 20 people were affected, although the extent of their injuries was unclear.

State TV said the explosion occurred at the baggage claim area of the airport.

The explosion occured at 4:40 p.m. in Moscow, RIA Novosti said.

[Posted at 9:24 a.m.] An explosion has occurred at Domodedovo Airport in Moscow, Russia's Investigative Committee said.

There are conflicting reports of deaths and injuries.


(source:cnn.com)

Deadly Blast Strikes in Moscow’s Main Airport

MOSCOW — An explosion rocked an international terminal of Moscow’s busiest airport on Monday afternoon in what Russian officials described as an apparent terrorist attack. The Health Ministry reported that at least 30 people had been killed and 130 injured, according to Russian state media.
Russian news agencies, citing witnesses, said the airport’s halls were filled with so much smoke that it was difficult to count the dead.

The blast occurred in the arrivals hall of Domodedovo airport, according to a spokeswoman. Investigators said the explosion occurred at 4:32 p.m. local time.

An eyewitness who gave his name as Yuri said the blast was intense and sent 200 people scrambling for safety.

“There were many people; if I were two meters to the side I would have been badly hurt,” he told the news channel Pervy Kanal. “There was a bang, and all I remember is that the shock wave pushed me to the floor. My hat flew away, and I put my jacket over my head. Five seconds later, when the smoke cleared, I saw people running out.”

Irina Tsvei, who was at the airport for a flight to Geneva, told the news channel that she saw the wounded being carried out of the airport and that the surrounding roads were jammed with ambulances and fire trucks.

In televised remarks, the Russian president, Dmitri A. Medvedev, said: “At Domodedovo an explosion has occurred, and according to preliminary information it was a terrorist attack. There are dead and there are wounded.”

He admonished officials for their failure to prevent the attack, and ordered the police to boost security at all airports and on public transportation.

International arrivals were being diverted to nearby airports, according to local news media reports.

The airport, southeast of the capital, is Russia’s largest airline hub, with more than 20 million passengers passing through last year.

If investigators find that the explosion was the result of terrorism, it would be the first such attack to hit Moscow since March, when two suicide bombers detonated explosives on the city’s subway during rush hour. More than 40 people were killed in that attack, which was traced to two women from Dagestan who had ridden buses into the capital.

The rebel leader Doku Umarov took responsibility for the March attack. In 2009, Mr. Umarov revived a suicide battalion linked to the most notorious attacks of the last decade. In a video apparently made hours after the blast, Mr. Umarov said “the war will come to your streets, and you will feel it in your own lives and on your own skin.”

In August 2004, two Chechen suicide bombers boarded separate planes at Domodedovo airport before killing themselves and 88 others in midair. The attack exposed holes in security at the airport: the two bombers, both women, had been detained shortly before boarding, but were released by a police supervisor. The authorities have since worked to improve procedures at Domodedovo.

(source:nytimes.com)

Domain Name System

The Domain Name System (DNS) is a hierarchical naming system built on a distributed database for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. Most importantly, it translates domain names meaningful to humans into the numerical identifiers associated with networking equipment for the purpose of locating and addressing these devices worldwide.
An often-used analogy to explain the Domain Name System is that it serves as the phone book for the Internet by translating human-friendly computer hostnames into IP addresses. For example, the domain name www.example.com translates to the addresses 192.0.32.10 (IPv4) and 2620:0:2d0:200::10 (IPv6).
The Domain Name System makes it possible to assign domain names to groups of Internet resources and users in a meaningful way, independent of each entity's physical location. Because of this, World Wide Web (WWW) hyperlinks and Internet contact information can remain consistent and constant even if the current Internet routing arrangements change or the participant uses a mobile device. Internet domain names are easier to remember than IP addresses such as 208.77.188.166 (IPv4) or 2001:db8:1f70::999:de8:7648:6e8 (IPv6). Users take advantage of this when they recite meaningful Uniform Resource Locators (URLs) and e-mail addresses without having to know how the computer actually locates them.
The Domain Name System distributes the responsibility of assigning domain names and mapping those names to IP addresses by designating authoritative name servers for each domain. Authoritative name servers are assigned to be responsible for their particular domains, and in turn can assign other authoritative name servers for their sub-domains. This mechanism has made the DNS distributed and fault tolerant and has helped avoid the need for a single central register to be continually consulted and updated.
In general, the Domain Name System also stores other types of information, such as the list of mail servers that accept email for a given Internet domain. By providing a worldwide, distributed keyword-based redirection service, the Domain Name System is an essential component of the functionality of the Internet.
Other identifiers such as RFID tags, UPC codes, International characters in email addresses and host names, and a variety of other identifiers could all potentially use DNS.
The Domain Name System also specifies the technical functionality of this database service. It defines the DNS protocol, a detailed definition of the data structures and communication exchanges used in DNS, as part of the Internet Protocol Suite.

Overview

The Internet maintains two principal namespaces, the domain name hierarchy[3] and the Internet Protocol (IP) address system. The Domain Name System maintains the domain namespace and provides translation services between these two namespaces. Internet name servers and a communication protocols implement the Domain Name System. A DNS name server is a server that stores the DNS records for a domain name, such as address (A) records, name server (NS) records, and mail exchanger (MX) records (see also List of DNS record types); a DNS name server responds with answers to queries against its database.

History

The practice of using a name as a humanly more meaningful abstraction of a host's numerical address on the network dates back to the ARPANET era. Before the DNS was invented in 1983, each computer on the network retrieved a file called HOSTS.TXT from a computer at SRI (now SRI International). The HOSTS.TXT file mapped names to numerical addresses. A hosts file still exists on most modern operating systems by default and generally contains a mapping of the IP address 127.0.0.1 to "localhost". Many operating systems use name resolution logic that allows the administrator to configure selection priorities for available name resolution methods.
The rapid growth of the network made a centrally maintained, hand-crafted HOSTS.TXT file unsustainable; it became necessary to implement a more scalable system capable of automatically disseminating the requisite information.
At the request of Jon Postel, Paul Mockapetris invented the Domain Name System in 1983 and wrote the first implementation. The original specifications were published by the Internet Engineering Task Force in RFC 882 and RFC 883, which were superseded in November 1987 by RFC 1034[3] and RFC 1035.Several additional Request for Comments have proposed various extensions to the core DNS protocols.
In 1984, four Berkeley students—Douglas Terry, Mark Painter, David Riggle, and Songnian Zhou—wrote the first Unix implementation, called The Berkeley Internet Name Domain (BIND) Server. In 1985, Kevin Dunlap of DEC significantly re-wrote the DNS implementation. Mike Karels, Phil Almquist, and Paul Vixie have maintained BIND since then. BIND was ported to the Windows NT platform in the early 1990s.
BIND was widely distributed, especially on Unix systems, and is the dominant DNS software in use on the Internet.With the heavy use and resulting scrutiny of its open-source code, as well as increasingly more sophisticated attack methods, many security flaws were discovered in BIND. This contributed to the development of a number of alternative name server and resolver programs. BIND version 9 was written from scratch and now has a security record comparable to other modern DNS software.

Structure

Domain name space
The domain name space consists of a tree of domain names. Each node or leaf in the tree has zero or more resource records, which hold information associated with the domain name. The tree sub-divides into zones beginning at the root zone. A DNS zone may consist of only one domain, or may comprise many domains and sub-domains, depending on the administrative authority delegated to the manager.

The hierarchical domain name system, organized into zones, each served by a name server
Administrative responsibility over any zone may be divided by creating additional zones. Authority is said to be delegated for a portion of the old space, usually in form of sub-domains, to another nameserver and administrative entity. The old zone ceases to be authoritative for the new zone.
[edit]Domain name syntax
The definitive descriptions of the rules for forming domain names appear in RFC 1035, RFC 1123, and RFC 2181. A domain name consists of one or more parts, technically called labels, that are conventionally concatenated, and delimited by dots, such as example.com.
The right-most label conveys the top-level domain; for example, the domain name www.example.com belongs to the top-level domain com.
The hierarchy of domains descends from right to left; each label to the left specifies a subdivision, or subdomain of the domain to the right. For example: the label example specifies a subdomain of the com domain, and www is a sub domain of example.com. This tree of subdivisions may consist of 127 levels.
Each label may contain up to 63 characters. The full domain name may not exceed a total length of 253 characters in its external dotted-label specification. In the internal binary representation of the DNS the maximum length requires 255 octets of storage. In practice, some domain registries may have shorter limits.
DNS names may technically consist of any character representable in an octet. However, the allowed formulation of domain names in the DNS root zone, and most other sub domains, uses a preferred format and character set. The characters allowed in a label are a subset of the ASCII character set, and includes the characters a through z, A through Z, digits 0 through 9, and the hyphen. This rule is known as the LDH rule (letters, digits, hyphen). Domain names are interpreted in case-independent manner. Labels may not start or end with a hyphen.
A hostname is a domain name that has at least one IP address associated. For example, the domain names www.example.com and example.com are also hostnames, whereas the com domain is not.

Internationalized domain names
The permitted character set of the DNS prevented the representation of names and words of many languages in their native alphabets or scripts. ICANN has approved the Internationalizing Domain Names in Applications (IDNA) system, which maps Unicode strings into the valid DNS character set using Punycode. In 2009 ICANN approved the installation of IDN country code top-level domains. In addition, many registries of the existing TLDs have adopted IDNA.

Name servers
The Domain Name System is maintained by a distributed database system, which uses the client-server model. The nodes of this database are the name servers. Each domain has at least one authoritative DNS server that publishes information about that domain and the name servers of any domains subordinate to it. The top of the hierarchy is served by the root nameservers, the servers to query when looking up (resolving) a top-level domain name (TLD).

Authoritative name server
An authoritative name server is a name server that gives answers that have been configured by an original source, for example, the domain administrator or by dynamic DNS methods, in contrast to answers that were obtained via a regular DNS query to another name server. An authoritative-only name server only returns answers to queries about domain names that have been specifically configured by the administrator.
An authoritative name server can either be a master server or a slave server. A master server is a server that stores the original (master) copies of all zone records. A slave server uses an automatic updating mechanism of the DNS protocol in communication with its master to maintain an identical copy of the master records.
Every DNS zone must be assigned a set of authoritative name servers that are installed in NS records in the parent zone.
When domain names are registered with a domain name registrar their installation at the domain registry of a top level domain requires the assignment of a primary name server and at least one secondary name server. The requirement of multiple name servers aims to make the domain still functional even if one name server becomes inaccessible or inoperable. The designation of a primary name server is solely determined by the priority given to the domain name registrar. For this purpose generally only the fully qualified domain name of the name server is required, unless the servers are contained in the registered domain, in which case the corresponding IP address is needed as well.
Primary name servers are often master name servers, while secondary name server may be implemented as slave servers.
An authoritative server indicates its status of supplying definitive answers, deemed authoritative, by setting a software flag (a protocol structure bit), called the Authoritative Answer (AA) bit in its responses. This flag is usually reproduced prominently in the output of DNS administration query tools (such as dig) to indicate that the responding name server is an authority for the domain name in question.

Recursive and caching name server
In principle, authoritative name servers are sufficient for the operation of the Internet. However, with only authoritative name servers operating, every DNS query must start with recursive queries at the root zone of the Domain Name System and each user system must implement resolver software capable of recursive operation.
To improve efficiency, reduce DNS traffic across the Internet, and increase performance in end-user applications, the Domain Name System supports DNS cache servers which store DNS query results for a period of time determined in the configuration (time-to-live) of the domain name record in question. Typically, such caching DNS servers, also called DNS caches, also implement the recursive algorithm necessary to resolve a given name starting with the DNS root through to the authoritative name servers of the queried domain. With this function implemented in the name server, user applications gain efficiency in design and operation.
The combination of DNS caching and recursive functions in a name server is not mandatory, the functions can be implemented independently in servers for special purposes.
Internet service providers typically provide recursive and caching name servers for their customers. In addition, many home networking routers implement DNS caches and recursors to improve efficiency in the local network.

DNS resolvers
See also: resolv.conf
The client-side of the DNS is called a DNS resolver. It is responsible for initiating and sequencing the queries that ultimately lead to a full resolution (translation) of the resource sought, e.g., translation of a domain name into an IP address.
A DNS query may be either a non-recursive query or a recursive query:
A non-recursive query is one in which the DNS server provides a record for a domain for which it is authoritative itself, or it provides a partial result without querying other servers.
A recursive query is one for which the DNS server will fully answer the query (or give an error) by querying other name servers as needed. DNS servers are not required to support recursive queries.
The resolver, or another DNS server acting recursively on behalf of the resolver, negotiates use of recursive service using bits in the query headers.
Resolving usually entails iterating through several name servers to find the needed information. However, some resolvers function simplistically and can communicate only with a single name server. These simple resolvers (called "stub resolvers") rely on a recursive name server to perform the work of finding information for them.

Operation

Address resolution mechanism
Domain name resolvers determine the appropriate domain name servers responsible for the domain name in question by a sequence of queries starting with the right-most (top-level) domain label.

A DNS recursor consults three nameservers to resolve the address www.wikipedia.org.
The process entails:
A network host is configured with an initial cache (so called hints) of the known addresses of the root nameservers. Such a hint file is updated periodically by an administrator from a reliable source.
A query to one of the root servers to find the server authoritative for the top-level domain.
A query to the obtained TLD server for the address of a DNS server authoritative for the second-level domain.
Repetition of the previous step to process each domain name label in sequence, until the final step which returns the IP address of the host sought.
The diagram illustrates this process for the host www.wikipedia.org.
The mechanism in this simple form would place a large operating burden on the root servers, with every search for an address starting by querying one of them. Being as critical as they are to the overall function of the system, such heavy use would create an insurmountable bottleneck for trillions of queries placed every day. In practice caching is used in DNS servers to overcome this problem, and as a result, root nameservers actually are involved with very little of the total traffic.

Circular dependencies and glue records
Name servers in delegations are identified by name, rather than by IP address. This means that a resolving name server must issue another DNS request to find out the IP address of the server to which it has been referred. If the name given in the delegation is a subdomain of the domain for which the delegation is being provided, there is a circular dependency. In this case the nameserver providing the delegation must also provide one or more IP addresses for the authoritative nameserver mentioned in the delegation. This information is called glue. The delegating name server provides this glue in the form of records in the additional section of the DNS response, and provides the delegation in the answer section of the response.
For example, if the authoritative name server for example.org is ns1.example.org, a computer trying to resolve www.example.org first resolves ns1.example.org. Since ns1 is contained in example.org, this requires resolving example.org first, which presents a circular dependency. To break the dependency, the nameserver for the org top level domain includes glue along with the delegation for example.org. The glue records are address records that provide IP addresses for ns1.example.org. The resolver uses one or more of these IP addresses to query one of domain's authoritative servers, which allows it to complete the DNS query.

Record caching
Because of the large volume of requests generated in the DNS for the public Internet, the designers wished to provide a mechanism to reduce the load on individual DNS servers. To this end, the DNS resolution process allows for caching of records for a period of time after an answer. This entails the local recording and subsequent consultation of the copy instead of initiating a new request upstream. The time for which a resolver caches a DNS response is determined by a value called the time to live (TTL) associated with every record. The TTL is set by the administrator of the DNS server handing out the authoritative response. The period of validity may vary from just seconds to days or even weeks.
As a noteworthy consequence of this distributed and caching architecture, changes to DNS records do not propagate throughout the network immediately, but require all caches to expire and refresh after the TTL. RFC 1912 conveys basic rules for determining appropriate TTL values.
Some resolvers may override TTL values, as the protocol supports caching for up to 68 years or no caching at all. Negative caching, i.e. the caching of the fact of non-existence of a record, is determined by name servers authoritative for a zone which must include the Start of Authority (SOA) record when reporting no data of the requested type exists. The value of the MINIMUM field of the SOA record and the TTL of the SOA itself is used to establish the TTL for the negative answer.

Reverse lookup
A reverse lookup is a query of the DNS for domain names when the IP address is known. Multiple domain names may be associated with an IP address. The DNS stores IP addresses in the form of domain names as a specially formatted names in pointer (PTR) records within the infrastructure top-level domain arpa. For IPv4, the domain is in-addr.arpa. For IPv6, the reverse lookup domain is ip6.arpa. The IP address is represented as a name in reverse-ordered octet representation for IPv4, and reverse-ordered nibble representation for IPv6.
When performing a reverse lookup, the DNS client converts the address into these formats, and then queries the name for a PTR record following the delegation chain as for any DNS query. For example, the IPv4 address 208.80.152.2 is represented as a DNS name as 2.152.80.208.in-addr.arpa. The DNS resolver begins by querying the root servers, which point to ARIN's servers for the 208.in-addr.arpa zone. From there the Wikimedia servers are assigned for 152.80.208.in-addr.arpa, and the PTR lookup completes by querying the wikimedia nameserver for 2.152.80.208.in-addr.arpa, which results in an authoritative response.

Client lookup
DNS resolution sequence
Users generally do not communicate directly with a DNS resolver. Instead DNS resolution takes place transparently in applications programs such as web browsers, e-mail clients, and other Internet applications. When an application makes a request that requires a domain name lookup, such programs send a resolution request to the DNS resolver in the local operating system, which in turn handles the communications required.
The DNS resolver will almost invariably have a cache (see above) containing recent lookups. If the cache can provide the answer to the request, the resolver will return the value in the cache to the program that made the request. If the cache does not contain the answer, the resolver will send the request to one or more designated DNS servers. In the case of most home users, the Internet service provider to which the machine connects will usually supply this DNS server: such a user will either have configured that server's address manually or allowed DHCP to set it; however, where systems administrators have configured systems to use their own DNS servers, their DNS resolvers point to separately maintained nameservers of the organization. In any event, the name server thus queried will follow the process outlined above, until it either successfully finds a result or does not. It then returns its results to the DNS resolver; assuming it has found a result, the resolver duly caches that result for future use, and hands the result back to the software which initiated the request.

Broken resolvers
An additional level of complexity emerges when resolvers violate the rules of the DNS protocol. A number of large ISPs have configured their DNS servers to violate rules (presumably to allow them to run on less-expensive hardware than a fully compliant resolver), such as by disobeying TTLs, or by indicating that a domain name does not exist just because one of its name servers does not respond.
As a final level of complexity, some applications (such as web-browsers) also have their own DNS cache, in order to reduce the use of the DNS resolver library itself. This practice can add extra difficulty when debugging DNS issues, as it obscures the freshness of data, and/or what data comes from which cache. These caches typically use very short caching times—on the order of one minute.
Internet Explorer represents a notable exception: versions up to IE 3.x cache DNS records for 24 hours by default. Internet Explorer 4.x and later versions (up to IE 8) decrease the default time out value to half an hour, which may be changed in corresponding registry keys.

Other applications
The system outlined above provides a somewhat simplified scenario. The Domain Name System includes several other functions:
Hostnames and IP addresses do not necessarily match on a one-to-one basis. Many hostnames may correspond to a single IP address: combined with virtual hosting, this allows a single machine to serve many web sites. Alternatively a single hostname may correspond to many IP addresses: this can facilitate fault tolerance and load distribution, and also allows a site to move physical location seamlessly.
There are many uses of DNS besides translating names to IP addresses. For instance, Mail transfer agents use DNS to find out where to deliver e-mail for a particular address. The domain to mail exchanger mapping provided by MX records accommodates another layer of fault tolerance and load distribution on top of the name to IP address mapping.
E-mail Blacklists: The DNS system is used for efficient storage and distribution of IP addresses of blacklisted e-mail hosts. The usual method is putting the IP address of the subject host into the sub-domain of a higher level domain name, and resolve that name to different records to indicate a positive or a negative. A hypothetical example using blacklist.com,
102.3.4.5 is blacklisted => Creates 5.4.3.102.blacklist.com and resolves to 127.0.0.1
102.3.4.6 is not => 6.4.3.102.blacklist.com is not found, or default to 127.0.0.2
E-mail servers can then query blacklist.com through the DNS mechanism to find out if a specific host connecting to them is in the blacklist. Today many of such blacklists, either free or subscription-based, are available mainly for use by email administrators and anti-spam software.
Software Updates: many anti-virus and commercial software now use the DNS system to store version numbers of the latest software updates so client computers do not need to connect to the update servers every time. For these types of applications, the cache time of the DNS records are usually shorter.
Sender Policy Framework and DomainKeys, instead of creating their own record types, were designed to take advantage of another DNS record type, the TXT record.
To provide resilience in the event of computer failure, multiple DNS servers are usually provided for coverage of each domain, and at the top level, thirteen very powerful root servers exist, with additional "copies" of several of them distributed worldwide via Anycast.
Dynamic DNS (also referred to as DDNS) provides clients the ability to update their IP address in the DNS after it changes due to mobility, e.g.

Protocol details

DNS primarily uses User Datagram Protocol (UDP) on port number 53 to serve requests.DNS queries consist of a single UDP request from the client followed by a single UDP reply from the server. The Transmission Control Protocol (TCP) is used when the response data size exceeds 512 bytes, or for tasks such as zone transfers. Some operating systems, such as HP-UX, are known to have resolver implementations that use TCP for all queries, even when UDP would suffice.

DNS resource records

Further information: List of DNS record types
A Resource Record (RR) is the basic data element in the domain name system. Each record has a type (A, MX, etc.), an expiration time limit, a class, and some type-specific data. Resource records of the same type define a resource record set. The order of resource records in a set, returned by a resolver to an application, is undefined, but often servers implement round-robin ordering to achieve load balancing. DNSSEC, however, works on complete resource record sets in a canonical order.
When sent over an IP network, all records use the common format specified in RFC 1035:
RR (Resource record) fields
Field Description Length (octets)
NAME Name of the node to which this record pertains (variable)
TYPE Type of RR in numeric form (e.g. 15 for MX RRs) 2
CLASS Class code 2
TTL Count of seconds that the RR stays valid (The maximum is 231-1, which is about 68 years.) 4
RDLENGTH Length of RDATA field 2
RDATA Additional RR-specific data (variable)
NAME is the fully qualified domain name of the node in the tree. On the wire, the name may be shortened using label compression where ends of domain names mentioned earlier in the packet can be substituted for the end of the current domain name.
TYPE is the record type. It indicates the format of the data and it gives a hint of its intended use. For example, the A record is used to translate from a domain name to an IPv4 address, the NS record lists which name servers can answer lookups on a DNS zone, and the MX record specifies the mail server used to handle mail for a domain specified in an e-mail address (see also List of DNS record types).
RDATA is data of type-specific relevance, such as the IP address for address records, or the priority and hostname for MX records. Well known record types may use label compression in the RDATA field, but "unknown" record types must not (RFC 3597).
The CLASS of a record is set to IN (for Internet) for common DNS records involving Internet hostnames, servers, or IP addresses. In addition, the classes Chaos (CN) and Hesiod (HS) exist.[16] Each class is an independent name space with potentially different delegations of DNS zones.
In addition to resource records defined in a zone file, the domain name system also defines several request types that are used only in communication with other DNS nodes (on the wire), such as when performing zone transfers (AXFR/IXFR) or for EDNS (OPT).

Wildcard DNS records
Main article: Wildcard DNS record
The domain name system supports wildcard domain names which are names that start with the asterisk label, '*', e.g., *.example. DNS records belonging to wildcard domain names specify rules for generating resource records within a single DNS zone by substituting whole labels with matching components of the query name, including any specified descendants. For example, in the DNS zone x.example, the following configuration specifies that all subdomains (including subdomains of subdomains) of x.example use the mail exchanger a.x.example. The records for a.x.example are needed to specify the mail exchanger. As this has the result of excluding this domain name and its subdomains from the wildcard matches, all subdomains of a.x.example must be defined in a separate wildcard statement.
X.EXAMPLE. MX 10 A.X.EXAMPLE.
*.X.EXAMPLE. MX 10 A.X.EXAMPLE.
*.A.X.EXAMPLE. MX 10 A.X.EXAMPLE.
A.X.EXAMPLE. MX 10 A.X.EXAMPLE.
A.X.EXAMPLE. AAAA 2001:db8::1
The role of wildcard records was refined in RFC 4592, because the original definition in RFC 1034 was incomplete and resulted in misinterpretations by implementers.

Protocol extensions

The original DNS protocol had limited provisions for extension with new features. In 1999, Paul Vixie published in RFC 2671 an extension mechanism, called Extension mechanisms for DNS (EDNS) that introduced optional protocol elements without increasing overhead when not in use. This was accomplished through the OPT pseudo-resource record that only exists in wire transmissions of the protocol, but not in any zone files. Initial extensions were also suggested (EDNS0), such as increasing the DNS message size in UDP datagrams.

Dynamic zone updates

Dynamic DNS updates use the UPDATE DNS opcode to add or remove resource records dynamically from a zone data base maintained on an authoritative DNS server. The feature is described in RFC 2136. This facility is useful to register network clients into the DNS when they boot or become otherwise available on the network. Since a booting client may be assigned a different IP address each time from a DHCP server, it is not possible to provide static DNS assignments for such clients.

Security issues

DNS was not originally designed with security in mind, and thus has a number of security issues.
One class of vulnerabilities is DNS cache poisoning, which tricks a DNS server into believing it has received authentic information when, in reality, it has not.
DNS responses are traditionally not cryptographically signed, leading to many attack possibilities; the Domain Name System Security Extensions (DNSSEC) modifies DNS to add support for cryptographically signed responses. There are various extensions to support securing zone transfer information as well.
Even with encryption, a DNS server could become compromised by a virus (or for that matter a disgruntled employee) that would cause IP addresses of that server to be redirected to a malicious address with a long TTL. This could have far-reaching impact to potentially millions of Internet users if busy DNS servers cache the bad IP data. This would require manual purging of all affected DNS caches as required by the long TTL (up to 68 years).
Some domain names can spoof other, similar-looking domain names. For example, "paypal.com" and "paypa1.com" are different names, yet users may be unable to tell the difference when the user's typeface (font) does not clearly differentiate the letter l and the numeral 1. This problem is more serious in systems that support internationalized domain names, since many character codes in ISO 10646, may appear identical on typical computer screens. This vulnerability is occasionally exploited in phishing.
Techniques such as forward-confirmed reverse DNS can also be used to help validate DNS results.

Domain name registration

The right to use a domain name is delegated by domain name registrars which are accredited by the Internet Corporation for Assigned Names and Numbers (ICANN), the organization charged with overseeing the name and number systems of the Internet. In addition to ICANN, each top-level domain (TLD) is maintained and serviced technically by an administrative organization, operating a registry. A registry is responsible for maintaining the database of names registered within the TLD it administers. The registry receives registration information from each domain name registrar authorized to assign names in the corresponding TLD and publishes the information using a special service, the whois protocol.
ICANN publishes the complete list of TLD registries and domain name registrars. Registrant information associated with domain names is maintained in an online database accessible with the WHOIS service. For most of the more than 240 country code top-level domains (ccTLDs), the domain registries maintain the WHOIS (Registrant, name servers, expiration dates, etc.) information. For instance, DENIC, Germany NIC, holds the DE domain data. Since about 2001, most gTLD registries have adopted this so-called thick registry approach, i.e. keeping the WHOIS data in central registries instead of registrar databases.
For COM and NET domain names, a thin registry model is used: the domain registry (e.g. VeriSign) holds basic WHOIS (registrar and name servers, etc.) data. One can find the detailed WHOIS (registrant, name servers, expiry dates, etc.) at the registrars.
Some domain name registries, often called network information centers (NIC), also function as registrars to end-users. The major generic top-level domain registries, such as for the COM, NET, ORG, INFO domains, use a registry-registrar model consisting of many domain name registrars In this method of management, the registry only manages the domain name database and the relationship with the registrars. The registrants (users of a domain name) are customers of the registrar, in some cases through additional layers of resellers.

Internet standards

The Domain Name System is defined by Request for Comments (RFC) documents published by the Internet Engineering Task Force (Internet standards). The following is a list of RFCs that define the DNS protocol.
RFC 920, Domain Requirements – Specified original top-level domains
RFC 1032, Domain Administrators Guide
RFC 1033, Domain Administrators Operations Guide
RFC 1034, Domain Names - Concepts and Facilities
RFC 1035, Domain Names - Implementation and Specification
RFC 1101, DNS Encodings of Network Names and Other Types
RFC 1123, Requirements for Internet Hosts—Application and Support
RFC 1178, Choosing a Name for Your Computer (FYI 5)
RFC 1183, New DNS RR Definitions
RFC 1591, Domain Name System Structure and Delegation (Informational)
RFC 1912, Common DNS Operational and Configuration Errors
RFC 1995, Incremental Zone Transfer in DNS
RFC 1996, A Mechanism for Prompt Notification of Zone Changes (DNS NOTIFY)
RFC 2100, The Naming of Hosts (Informational)
RFC 2136, Dynamic Updates in the domain name system (DNS UPDATE)
RFC 2181, Clarifications to the DNS Specification
RFC 2182, Selection and Operation of Secondary DNS Servers
RFC 2308, Negative Caching of DNS Queries (DNS NCACHE)
RFC 2317, Classless IN-ADDR.ARPA delegation (BCP 20)
RFC 2671, Extension Mechanisms for DNS (EDNS0)
RFC 2672, Non-Terminal DNS Name Redirection
RFC 2845, Secret Key Transaction Authentication for DNS (TSIG)
RFC 3225, Indicating Resolver Support of DNSSEC
RFC 3226, DNSSEC and IPv6 A6 aware server/resolver message size requirements
RFC 3597, Handling of Unknown DNS Resource Record (RR) Types
RFC 3696, Application Techniques for Checking and Transformation of Names (Informational)
RFC 4343, Domain Name System (DNS) Case Insensitivity Clarification
RFC 4592, The Role of Wildcards in the Domain Name System
RFC 4635, HMAC SHA TSIG Algorithm Identifiers
RFC 4892, Requirements for a Mechanism Identifying a Name Server Instance (Informational)
RFC 5001, DNS Name Server Identifier (NSID) Option
RFC 5395, Domain Name System (DNS) IANA Considerations (BCP 42)
RFC 5452, Measures for Making DNS More Resilient against Forged Answers
RFC 5625, DNS Proxy Implementation Guidelines (BCP 152)
RFC 5890, Internationalized Domain Names for Applications (IDNA):Definitions and Document Framework
RFC 5891, Internationalized Domain Names in Applications (IDNA): Protocol
RFC 5892, The Unicode Code Points and Internationalized Domain Names for Applications (IDNA)
RFC 5893, Right-to-Left Scripts for Internationalized Domain Names for Applications (IDNA)
RFC 5894, Internationalized Domain Names for Applications (IDNA):Background, Explanation, and Rationale (Informational)
RFC 5895, Mapping Characters for Internationalized Domain Names in Applications (IDNA) 2008 (Informational)

Security
RFC 4033, DNS Security Introduction and Requirements
RFC 4034, Resource Records for the DNS Security Extensions
RFC 4035, Protocol Modifications for the DNS Security Extensions
RFC 4509, Use of SHA-256 in DNSSEC Delegation Signer (DS) Resource Records
RFC 4470, Minimally Covering NSEC Records and DNSSEC On-line Signing
RFC 5011, Automated Updates of DNS Security (DNSSEC) Trust Anchors
RFC 5155, DNS Security (DNSSEC) Hashed Authenticated Denial of Existence
RFC 5702, Use of SHA-2 Algorithms with RSA in DNSKEY and RRSIG Resource Records for DNSSEC
RFC 5910, Domain Name System (DNS) Security Extensions Mapping for the Extensible Provisioning Protocol (EPP)
RFC 5933, Use of GOST Signature Algorithms in DNSKEY and RRSIG Resource Records for DNSSEC

(source:wikipedia)

Sunday, January 23, 2011

Digital Marketing


Digital Marketing is the promoting of brands using all forms of digital advertising channels to reach consumers. This now includes Television, Radio, Internet, mobile and any other form of digital media.
Whilst digital marketing does include many of the techniques and practices contained within the category of Internet Marketing, it extends beyond this by including other channels with which to reach people that do not require the use of The Internet. As a result of this non-reliance on the Internet, the field of digital marketing includes a whole host of elements such as mobile phones, sms/mms, display / banner ads and digital outdoor.
Previously seen as a stand-alone service in its own right, it is frequently being seen as a domain that can and does cover most, if not all, of the more traditional marketing areas such as Direct Marketing by providing the same method of communicating with an audience but in a digital fashion. Digital is now being broadened to support the "servicing" and "engagement" of customers.

Digital Marketing – Pull vs. Push

There are 2 different forms of digital marketing, each of which has its pros and cons.

Pull
Pull digital marketing technologies involve the user having to seek out and directly select (or pull) the content, often via web search. Web site/blogs and streaming media (audio and video) are good examples of this. In each of these examples, users have a specific link (URL) to view the content.
Pros:
Digital Marketing and Power Users of the internet are an integral aspect to the united states economy. Interactive Media is a form of art and creative inspiration.
Since requests are inherently opt-in, the size of content is generally unlimited.
No advanced technology required to send static content, only to store/display it.
Cons:
Considerable marketing effort required for users to find the message/content.
Some types of marketing content may be blocked in mixed content scenarios (i.e.: Flash blockers)

Push
Push digital marketing technologies involve both the marketer (creator of the message) as well as the recipients (the user). Email, SMS, RSS are examples of push digital marketing. In each of these examples, the marketer has to send (push) the messages to the users (subscribers) in order for the message to be received. In the case of RSS, content is actually pulled on a periodic basis (polling), thus simulating a push.
Pros:
Faster delivery - push technologies can deliver content immediately as it becomes available.
Consistent delivery - some push platforms have single content types, making it difficult for the user to block content by type.
Better targeting - since push technology usually justifies subscription, more specific marketing data may be collected during registration, which allows for better targeting and more personalization.
Better data - marketing data can be correlated to each request for content, allowing marketers to see information such as user name as well as demographic and psychographic data.
Cons:
Smaller audience - push technology not implemented on common platforms generally need client and/or server software before content can be created, distributed, and/or viewed.
Higher cost - less popular platforms may have higher implementation costs.
Lesser discoverability - smaller audiences mean fewer views mean less visibility in search engines.

Digital Marketing and Multi-Channel Communications

While digital marketing is effective using one message type, it is much more successful when a marketer combines multiple channels in the message campaigns. For example, if a company is trying to promote a new product release, they could send out an email message or text campaign individually. This, if properly executed, could yield positive results. However, this same campaign could be exponentially improved if multiple message types are implemented.
An email could be sent to a list of potential customers with a special offer for those that also include their cell phone number. A couple of days later, a follow up campaign would be sent via text message (SMS) with the special offer.
Push and pull message technologies can also be used in conjunction with each other. For example, an email campaign can include a banner ad or link to a content download. This enables a marketer to have the best of both worlds in terms of their marketing method.

Digital Marketing Terms

Banner Ad
An advertisement that appears on a Web page, most commonly at the top (header) or bottom (footer) of the page. Designed to have the user click on it for more information (see Microsite)

Blacklisted
A blacklisted notice means that the message may not have been delivered due to be flagged on one of the major lists that keep tabs of known spammers. Different ISPs use different blacklists to block mailings from being delivered to their clients. It can be a temporary ban or a permanent one, depending upon the list.

Blocked
A blocked notice means that the message did not get through due to being considered spam by the subscriber’s ISP. This may be due to being on a blacklist or because the message contains a domain that is already being blocked.

Blog
Shortened from “web log” a blog is a user-generated Web site where entries are made in journal style and displayed in a reverse chronological order.

Campaign
A campaign is a specific message being sent to a specific group of recipients.

CAN-SPAM Act of 2003
The CAN SPAM ACT is a series of federal laws that must be followed by all email marketers. Those found in violation of the laws can be subjected to major penalties.

Click Through
The number of times people clicked on the links in your message. This is often referred to as CTR (Click Through Rate). Note: you must have enabled click through tracking in the campaign in order for this to be recorded.

Cost Per Click
Refers to the amount of money an advertiser pays search engines and other Internet publishers for a single click on its advertisement that brings one visitor to its website.

Digital Brand Engagement
Brand and consumer interaction through the Internet. This includes all aspects of dialogue through the social web and on the brand's own website.

DMA Market
DMA stands for Designated Market Area, which is often associated with the entertainment industry. DMAs are usually counties (or sometimes split counties) that contain a large population that can be targeted, such as New York City, Los Angeles or Chicago.

Email Service Provider (ESP)
Outside companies that send bulk emails on behalf of their clients to prevent their messages as being labeled as spam or blocked entirely.

False Positives
Legitimate messages being labeled as “spam”. Can cost companies potentially millions in potential lost revenue if not dealt with correctly.

GPRL
The Global Permanent Removal List consists of records that are automatically removed from a particular database. Almost all email service providers (ESP) or multi-channel messaging companies maintain these lists for their clients.

Instant Messaging
Instant messaging (often shortened to IM) is a type of communications service that enables you to create a kind of private chat room with another individual in order to communicate in real time over the Internet.

Keywords
Used in conjunction with SMS messages. A user types a short code and matching keyword in order to be added to a mobile club or database.

Microsite
A mini Web site design to promote a specific portion or brand from a larger corporate site. Used often with contests or as a landing page for a specific promotion.

Open Rate
This is a ratio determined by the number of people who opened your email against the total number of people to whom you sent the message. Typically, this number will be low for large campaigns and higher for more targeted campaigns.

Opt-In List
Email marketers have databases of subscribers to their newsletters, featuring these subscribers' email addresses and names. Such a list is known as an opt-in list (and is thus CAN-SPAM compliant; see above for info on the CAN-SPAM act) because users choose to receive the emails. This is in contrast to spam email, which is unsolicited.

Personalization
Personalization gives you the ability to create a customized message for each person in your database. Can be addressed by first/last name, city, state, zip, etc.

RSS
RSS or Real Simple Syndication is technology designed to allow users to subscribe to a specific content feed and be automatically alerted when new updates are available.

RSS Reader
Application used to subscribe and monitor selected RSS content feeds.

Short Code
A short code is a 5 or 6 digit number that is used to send and respond to text messages. They can either be a random set of numbers or a “vanity” number tied to a specific brand or number pattern.

SMS
SMS (Short Message Service) is a one-way text message sent via a cell phone. It is usually received via the subscribers' text message inbox on their cell phone and can be a maximum of 160 characters per message.

Social Bookmarking
Social Bookmarking is a popular way to store, classify, share and search links that are combined into a single site for easy access.

Spam
An email message that is unwanted by the recipient. Legitimate emails can sometimes be incorrectly identified as spam and is a growing problem.

Streaming Technologies
Communication channel such as video and audio that is accessed online. Can be a pre-stored clip to access as well as a live feed that is streamed like an online broadcast.

Subscriber
A person who signs up to receive messages from a particular company or entity.

Targeting
Targeting allows you to send a message to people based on specific criteria from your subscriber database.

Voice Broadcast
Sending a pre-recorded voice messages to a large set of phone numbers at the time same. Can either be a voice call (meaning the recipient must answer the call for the message to play) or voice mail (meaning the message will play only if the recipient doesn’t answer )

Widget
A small graphical device that does a highly focused, often single, specific task. Web widgets can be embedded in web pages or run on the desktop of a PC (Windows or Mac) using software such as Apple's Dashboard software or Yahoo! Widgets Engine.

Web Video


(source:wikipedia)