The Hindu Business Line : IT infrastructure is like an elephant...

Zombies, you know, as those lacking the ability to think independently. What are zombie computers? "Machines compromised by viruses that contain secret programs that allow them to remotely control the computer," explains The Secure Online Business Handbook, from Kogan Page (www.vivagroupindia.com) .

These machines are not loners but often linked together in networks known as `botnets' that can then be used to crash the victim's Web site, and thus cause a distributed DOS or denial-of-service attack, alarms the chapter on `recent attack trends', written by the Fraud Advisory Panel's Cybercrime Working Group.

It informs that in 2004, organised gangs of criminals and extortionists regularly used the DOS threat to extract money from companies. The modus operandi was as follows: The perpetrators would overload the servers of a business, such as an online one with no physical retail outlets, with data sent from zombie computers, "and then contact the business and threaten to cause a similar problem again unless the business pays a large sum of money."

Another attack described in the chapter is `cybergriping'. This is not the same as cybersquatting, in which domain names identical or similar to popular brands are registered by people who then look for money to vacate the sites they have squatted upon.

Read this example of cybergriping: "A disgruntled Chase Manhattan customer in New York started a site to complain about errors on his bank account. As a result the bank quickly secured the rights to chasesucks, chasestinks and ihatechase."

The book, edited by Jonathan Reuvid, and endorsed by the Institute of Directors, has chapters on dozens of themes, written by experts. Like Chris Knowles, who explains `the fine art of elephant husbandry - a practical guide to patch management'.

IT (information technology) infrastructure today is like elephants, he explains. "Big, unwieldy, expensive to look after, and they cause a lot of damage when they're down." Dauntingly, the challenge for many organisations is to ensure, at the cost of time and money, that their elephants are healthy and free from viruses.

"In early 2003, a particular vulnerability was discovered in SQL (structured query language) that could cause serious damage to a herd; it took several months before an antidote was released but another six months before the elephant hunters started to exploit the vulnerability, so the majority of organisations had immunised the herds." Thus reads a narrative from the IT jungle!

Knowles observes that an organisation can take eight weeks to immunise just one-third of its overall elephant herd for each new vulnerability that emerges. And the cost can be £4,00,000, he estimates.

"All of this means that the window available to an organisation to successfully protect its herd has become extremely constrained. This limited amount of time often means that emphasis is put on getting the immunisation patches out as quickly as possible."

Essential survival guide.

Oracle, inside out

Oracle database is "a collection of related operating system files that Oracle uses to store and manage a set of related information."

With the introduction of Oracle Database 10g Express Edition, you can download, develop, deploy, and distribute your applications for free. Thus assures Tom Kyte (asktom.oracle.com) in his foreword to Hands-On Oracle Database 10g Express Edition for Windows, by Steve Bobrowski, from Tata McGraw-Hill (www.tatamcgrawhill.com) .

"The book you are looking at now is the roadmap to exploiting this free software offering, the guide you need to successfully learn the ins and outs of this thing called Oracle," recommends Kyte.

And, you can bet on Bobrowski to handhold you through the basics of database. "Databases come in many varieties. Inverted list, hierarchic, and network database models are older types of database systems designed primarily for prescribed transactions that input data; they are not suitable for dynamic environments in which interactive data analysis is critical," he explains.

Relational databases overcome the weaknesses of the earlier systems. How? "Relational databases are easy to understand, design, and build. Relational databases store and present all information in tables, an easily understood concept. Furthermore, relational databases hide the complexities of data access from the user, making application development relatively simple when compared to other types of database systems."

Oracle database, you'd learn, is "a collection of related operating system files that Oracle uses to store and manage a set of related information." Structurally, an Oracle database has three primary types of files, viz. data, log and control, elucidates Bobrowski. Oracle database and database instance make up an Oracle DBMS or database management system.

"A database instance or database server is the Oracle software that manages physical database access." Before you can use the data in an Oracle database, you need to `start up' an instance.

Part II of the book deals with `fundamentals of application development'. And part III is on `database administration', with chapters on securing database access, managing database space, and protecting the database. The final chapter in the book is about tuning application and database instance performance.

"The most appreciable measure of a computer application system's performance is its ability to adequately serve corresponding users so as not to detract from their productivity," notes Bobrowski.

How to measure how well an application performs overall? Ask around how long application users have to wait before they can continue doing work after they submit an operation, instructs the author.

Two specific measures you must focus on are response time and throughput. The first is `the amount of time that a user waits while an application handles a request and returns data or a result.' And the second, that is, throughput, refers to `the number of requests that the database system handles in a given time period'.

A system is well-tuned with respect to throughput when the system can handle the load placed on it by an application `without hampering the productivity of its users or the performance of other applications on the same computer.'

However, don't waste time on unrealistic performance goals, advises the author. Thus, rather than `trying to squeeze every last bit of performance out of an application', you can achieve `all noticeable performance gains' quickly and easily `by attending to a relatively small subset of issues.'

True to the foreword!

Tailpiece

"The company has been so long in the red that we are trying out... "

"All possible measures to turn around?"

"Yes. Such as, changing all our off-white computers to new black ones!"