There will be a third service pack for SQL Server 2005 released by Microsoft, just before the next software version of the server is due for release.

The release of SQL Server 2008 is scheduled to happen in the third quarter of this year - service pack 3 for SQL server 2005 is expected to come out after that.

What the service pack would include is uncertain as Microsoft did not disclose this information, but they did say in a Tuesday blog post that it will have cumulative updates to the software included in it plus some additional fixes to bugs.

The Incremental Servicing Model that Microsoft introduced last year, in July, will not be changed by the release of service pack 3. The model introduced a regular update process for SQL Server 2005. It works by Microsoft issuing a cumulative update for SQL Server 2005 every two months that includes all critical fixes that had been discovered during that time.

Microsoft will continue using the model since customers enjoy its predictability, said Francois Ajenstat, the director of marketing for SQL Server at Microsoft. Many users say there’s a need for a third service pack, he said.

Secure Sockets Layer or SSL is a security protocol originally created by Netscape that has become an international standard for exchanging sensitive information on the Internet. The sensitive information is usually sent between a website and the ‘client’ computer communicating with it.

The standard known as SSL is built in to all popular browsers, and we don’t even notice it engage itself automatically when a user connects to a web server that is an SSL web server. It’s incredibly easy to notice when a server is using SSL security because the web address in the web address field of your browser will start with https://. The ‘s’ is a sign of the Secure connection. There is usually a yellow padlock that appears somewhere in the web browser window.

A browser automatically asks the server for a digital Certificate of Authority (CA) when it connects to an SSL server. This digital certificate authenticates the server’s identity to make sure you are not sending sensitive data to a hacker site. The CA is issued by an authorised body that ensures the owners of the website are legitimate by performing a number of checks against them. The browser also makes sure the web address or domain name of the site matches the domain name on the CA. You will not even be aware of this handshake taking place as it happens seamlessly unless there is an issue to report to the client.

If there is a problem with the CA, even if it is only out of date, your web browser will inform you of the exact problem and allow you to quit the website or continue at your own risk.

RAID stands for Redundant Array of Independent/Inexpensive Disks. RAID is a set of one or more hard disk drives put in place usually by the administrators of a computer system, usually in a server environment. It is important to remember that hard disk drives are moving parts, and like any other moving part they will wear and tear and malfunction. Typically a hard disk can last from 4-10 years depending on its usage. Of course because of the unknown life span of a hard disk it is important that the data stored on it is protected in some way because as soon as a hard disk fails, it becomes increasingly difficult to retrieve that data.

The cost in the 80s and 90s of hard disks was considerably high which makes it hard to explain why the word Inexpensive appears in the acronym “RAID”. However for large organisations who can lose thousands of pounds for every minute or hour that a computer server is not working happily spent money buying extra hard disks to form this RAID system. More recently though the cost of computer hardware has reduced dramatically making a RAID system viable for even small to medium sized enterprises.

There are a few ways of deploying a RAID system on to a server, and they are all put in place for practical purposes. The main two RAID deployments used are called Striped and Mirrored, also referred to as RAID 0 (pronounced “RAID zero”) and RAID 1. A Striped RAID system means that the capacities of all the hard disks are amalgamated to create a larger hard disk totalling the capacities of all the hard disks in that RAID. This of course serves no practical purpose with regards to backing up data, as if one of the hard disk fails the whole RAID is lost. Another backup solution would need to be in place, but that suits some organisations.

A Mirrored RAID system means that two or more hard disks are exact copies of one another, and should one of them fail therefore an exact copy of the data is available to administrators on one of the other hard disks in the RAID.

The File Transfer Protocol (FTP) is a network protocol in computing that is used to move data from one computer to another computer over a network, for example, over the Internet.

The File Transfer Protocol (FTP) is a protocol (which means a set of agreed rules) for files to be exchanged over any TCP/IP based network (such as the internet) to manipulate files on a second computer on that network. It is irrelevant which operating systems (windows 95, xp, Linux, Unix, Sun) are involved (if the computers permit FTP access), because they all have adhered to the FTP specification/protocol.

In a web server environment context, the files you would transfer are from your computer to your web space on the web server. The files you would be likely to transfer up are the images and web pages you have probably created for your website.

There are lots of existing FTP server and client programs available, some are free but the feature rich ones that make some laborious tasks efficient are usually available on licence. An FTP server can be set up for lots of practical applications such as between voice servers, game servers, Internet hosts, and other physical servers.

All of the websites on a shared server share the operating system and resources (such as CPU time allowance and delays, bandwidth, RAM memory). If your neighbours have problems with their sites this can temporarily slow down the server’s performance and therefore your website’s performance. On the other hand a Virtual Private Server provides a partitioned environment. Every partition has a separate operating system installed on it and a guaranteed share of hardware resources (as above). Whilst the server does have multiple operating systems and partitions, each of the partitions behaves the same as a dedicated server; but at a much lower cost to you.

Dedicated servers, because of the higher level of control they offer growing websites, are often considered as an option. The cost can be difficult to justify despite the attraction of added control. The same functionality of a dedicated server is provided by a VPS Plan but at a lower cost. Using a VPS Plan, Webmasters can use many of the self-management tools such as the ability to start, stop, and reboot a server without technical support from the web hosting team.

In business it is of course important to have contingencies. A business will typically have a backup printer or have temporary staff they can call upon in a crisis. Why do they have these contingencies in place? A good manager would have identified the risk and spent time, prior to the risk actually turning into a problem, preparing a contingency plan for when the expected problems arise.

It is the same for data contingencies. A mirrored RAID system is great for backing up and preventing loss of data. However what happens if data placed onto a RAID system is overwritten by mistake with invalid data or the data is deleted? Ultimately these problems described occur through human error. They are though, real risks that have to be identified and managed.

A RAID system will not help in these scenarios, because a RAID system has no sense of time. They will only help a business to retrieve the data that was on them at the point in time that one of their hard disks fail. Whether that data is correct or not is another matter because, for example, 3 weeks earlier a member of staff might have deleted some crucial data by mistake.

The solution is to deploy a point-in-time backup system that backs up the data that is held in the RAID array to a third party device or hard disk at specified intervals. When a business discovers that its current data is not valid it can “roll back the clock” and look at that data at an earlier point in time. How far back the backup system can go depends on the backup system’s available memory.

For larger businesses that have hundreds of Gigabytes of data and who want to be able to roll back up to 7 years, this might sound expensive. There are some products available that can perform differential backups, which means it only backs up the sections of the data that have changed since the last backup. Which saves a lot of backup hard disk space.

If you are thinking about changing your business’ domain name to a brand new domain, should you be worried about losing your Google rankings? The bottom line is you are going to lose your rankings for a period of time, because it is a brand new domain and Google will see it as such so you cannot expect your website to be in the same position as it is now immediately.

The advice is to avoid that scenario at all costs, because one of the contributing attributes to a domain’s ranking in Google is the age of your website. That is without mentioning the fact that all the web pages on the internet that are linking to your old domain name will still be linking to it, and it is incredibly difficult to update all those links on other websites.

One solution that has been offered by Google is to place a permanent 301 redirect on your old domain’s web pages that redirects crawlers to the equivalent page on your new domain. This is not an automated task. Essentially you may need to edit each web page on your old domain to redirect visitors to its equivalent page on the new domain. Depending on the technology used to implement your website this can be made easier. If you have created your website on a Linux server you can edit the .htaccess file. If for example you have created your website using asp.net technology then each page needs to be edited manually.

The Government of Australia has defended moves to give bosses in Australia new powers to monitor their workers’ email and internet traffic.

Attorney-General Robert McClelland is seeking advice on introducing new internet surveillance laws for businesses involved in critical infrastructure such as financial networks and water, electricity and transport.

This would mean companies would not have to request the consent of staff before monitoring their internet usage to detect potential security threats.

Deputy Prime Minister Julia Gillard said that the new powers would help protect against new terrorist strikes yesterday.

“We want to make sure that they are safe from terrorist attack,” she told the Nine Network.

“Part of doing that is making sure we’ve got the right powers to ensure that we can tell if there’s something unusual going on in the system.

“So it’s a national security move, not a move about an unseemly interest in people’s private emails.”

The Opposition seemed parted on the proposal.

Opposition Leader Brendan Nelson said the idea seemed to have merit but he would need to take further advice before supporting it.

“I think all of us would be concerned about the privacy implications of this,” Dr Nelson said.

“What I will be looking for is a full briefing from the Government and the relevant security agencies so we can actually have a look at what is being proposed, what the consequences might be for everyday Australians.”

However shadow Attorney-General George Brandis took a tougher stance, saying private companies should not be given the responsibility or power to monitor staff emails and internet traffic to detect security threats.

“We would be most concerned if, as appears implicit in Mr McClelland’s remarks, the effect of any such proposed changes was to impose on companies and employers a supervisory obligation which currently does not exist,” he said.

The Government has promised to consult widely before introducing the new laws in Parliament.

Although FTP is incredibly useful and simple to use it is not without its critics.

File contents and passwords and are sent in plain text format, which therefore could be intercepted by eavesdroppers or ‘sniffers’ as they are technically known. There are now protocol enhancements that get round this, for instance by using SSL (Secure Sockets Layer) or TLS (Transport Layer Security).

Whilst files are being moved around, multiple TCP/IP connections are used by the server. One connection is used for controlling the connection, and one for every download, upload, or directory listing. The firewalls in between your computer and the FTP server may need additional logic or configuration changes to manage these connections.

It is possible for a hacker to abuse the FTP protocol’s built-in proxy features. They could tell a server to send data to a particular port of a third computer.

The File Transfer Protocol has a high latency due to the volume of commands needed to initiate a transfer.
When the files arrive at the destination computer there is no integrity check on the whole file itself. So when a file transfer is interrupted, the receiver cannot know if the received file is whole or not. The result is a file on the destination side that is perhaps not the same size as the original file on the sender side.

IPv6 is an upgrade to the existing IPv4 internet technology and promises to allow vastly more IP addresses to be used on the internet. Each public facing computer, server or computer device on the Internet needs to have a unique number assigned to it when it logs on. This is known as the IP (Internet Protocol) address. Without it a computer would not be able to communicate with other computers on the internet.

U.S. federal government officials are under pressure to meet a June 30 deadline but they commented that they are confident they will meet it in time to support IPv6 on their backbone networks.

The IETF (Internet Engineering Task Force) saw the need for this upgrade back in 1995 and invented the IPv6 specification to combat the very real risk of running out of IP addresses due to the popular uptake of the Internet.

In 2005 the Office of Management and Budget (OMB) gave a requirement that all U.S. federal agencies must be capable of passing IPv6 packets on their backbone networks by June 30, 2008.

Working under similar deadline to migrate to IPv6 is the Department of Defense, who have been under-going a five-year transition to IPv6 since 2003. By September 2008, the department has promised to have all of its core networks able to process IPv6 traffic.

“We will meet the OMB mandate,” says Kris Strance, who is the leader of IPv6 transition for the Defense Department and works in the Office of the Secretary of Defense CIO. “The OMB mandate only requires that you pass IPv6 packets across the network. It does not require the infrastructure, for example the DNS servers, the security devices and such, to be IPv6 capable.”