Tumbling on the trampoline caught on like wildfire in the
early 1960s, and still enjoys great popularity today, but
the sport also still involves the same potential dangers.
Trampolines in the last 45 years have gone from being an
institutional or recreation center piece of equipment, to
something that is found in many homes, in a variety of
sizes and quality.

From a simple, round trampoline of relatively small
dimensions, to the large, outdoor models sold for family
fun, every trampoline represents the possibility of injury,
if not used properly, or if used by those not experienced
in tumbling or acrobatics.

Here are some simple tips to make your sure that you enjoy
the fun of a trampoline, while eliminating many of the
risks.

* Placement

Never set up even a small, exercise trampoline indoors
where there is a risk of hitting light fixtures or the
ceiling. Outdoors, place trampolines well away from
clotheslines, tree limbs, fences, outdoor furniture, and
other objects that can cause injury when someone falls off.

If at all possible, secure your trampoline by setting its
legs/supports down into the ground, thereby reducing the
distance of a fall. At the same time, it’s advisable to
provide padding to a depth of 10″ or more, for at least 10′
around the trampoline.

* Clothing

Anyone using the trampoline should wear clothing loose
enough to allow freedom of movement, but not the chance
that limbs could become entangled in extra folds. Jewelry
should be removed before getting on, as should the contents
of any pockets, and eyeglasses that are not secured by a
headband. If you do not have trampoline footwear, then bare
feet are best, as socks can cause you to slip.

* Training and Supervision

No child or adult, should be allowed to attempt complicated
tumbling such as summersaults, when they have not had
adequate training. Incorrect landing positions can cause
serious and disabling injuries. Supervision should be
provided for everyone who is learning to use a trampoline
for the first time.

Ideally, there should be someone on hand who can instruct
them in simple maneuvers, and who is also versed in first
aid for injuries. Alternately, it may benefit everyone, to
join a gym for a class in proper trampoline use, including
mounts and dismounts.

* One At a Time

The chance of injury soars when more than one person gets
on a trampoline at the same time. This can be the result of
collisions, or upsetting another person’s balance, causing
them to fall. Unless you are a trained “spotter”, all
others waiting a turn, should stand away from the
trampoline while someone else is using it.

===========================================================

Discover valuable advice and information about trampolines
– which model to choose, what you should look for and what
you should avoid. Click
http://www.trampolines-info.com/trampoline-pads.html

Paul Johnson works as a software developer, often working
long hours under great stress. He considers exercise
crucial to his health. When purchasing his own fintess
equipment he researched all available products. Now he’s
written a series of useful articles on choosing (and using)
exercise equipment.

So, you’ve bought a new Macintosh, and now you may be wondering how to make it safer. There are several things that you can do which will protect your Mac from viruses and hackers. Macs are already very difficult to hack, but don’t let that fact allow you to become lenient with your security.

1. Download all of the software updates available. This seems like a no-brainer, but some Mac users forget to download the newest updates. You can even set your computer to automatically download new updates. However, some dial-up users encounter trouble when trying to downloaded updates. If you are a dial-up user, the best suggestion is to leave your Mac on overnight and let it download. Apple releases many programs that fix bugs in iLife applications, and in Mac OS X. Probably the most important of these updates are the security updates. Apple periodically offers security updates for its operating systems (Panther and Tiger).

2. Be careful what you download. Some people use P2P downloads for Macintosh (I.E. Poisoned). Be careful when downloading using a P2P because you do not know where the music or file is coming from. Some P2P users specifically make corrupted files to send via music downloading programs. Generally, it is a good idea to stick to iTunes, because those files are ACC Protected and offered through Apple so they certainly won’t have viruses.

3. Choose the best and safest Internet Browser. Safari comes standard on all new Macs as part of iLife. However, some people do not enjoy Safari as much as others. Some say that Safari is not as safe from hackers as other browsers. Safari can also be a problem if you are going to a web page that requires a version of Internet Explorer or Netscape to view it. You can download Internet Explorer and Netscape for Mac, but again, some believe that these browsers are not as safe from hackers. Many people believe that Mozilla Firefox (my personal favorite) is the safest browser to use because of its customizable features. Firefox is available for downloading on the Macintosh.

4. Don’t be afraid to buy anti-virus software. If you have to download files from the internet as part of a job or hobby, then it is probably a good idea to have some sort of anti-virus software on your Macintosh. Apple provides a wide-variety of anti-virus software that is constantly updated.

5. Finally, keep an eye on those e-mail attachments and instant messages. Some hackers have programmed viruses to IM you from one of your friends’ screen names. Don’t click on any link without knowing what it is first. Most e-mail providers use virus scans automatically, but you should always be extra careful when downloading an attachment. If it is from someone you do not know, don’t trust it.

Apple computers are very safe from hackers, but they can always be improved. Keeping a computer safe, and running well requires a great amount of time and energy. Just remember that if your computer is safe, your Apple experience will be much more rewarding.

Paulo Fretowski enjoys writing about computers because he uses them for his job with BizNicheMedia.

Nail guns represents newer technology taking over the traditional nail and hammer in most construction projects of a large scale. Where the project is huge or consists of repetitive similar designs of individual housing units, the use of a nail gun in woodwork for these housing units have proven to be effective, reducing the construction time and lessening the labor cost component.

Nail guns are simply powerful machines that launch nails at high speed, fully embedding them in a piece of wood, concrete and even steelwork in only a fraction of a second.

Nail guns not only enable fast nailing, but saves labor cost and reduces inaccuracies in nailing and hammer accidents at the same time.

There are a wide variety of nail guns on the market, employing a range of physical principles.

With a high launching speed, how can nail guns be safe and help reduce accidents? Isn’t it easier to have nailing accidents?

The answer to this question can be found in its design.

Nail guns are designed basically to be used with the muzzle touching the target. They are extremely short-range targeting tools. Place them touching a target and launch the nails, and they produce accurate nailing second to none. Furthermore, its design as a hand tool with a easy to grasp handle makes nailing an easier, simpler task.

Nailing inaccuracies will only occur when the user goes beyond its intended distance, or use it to project nails from a distance. In fact, nail guns are never designed as a weapon, and it is wildly inaccurate if a user tries to use it to shoot as a projectile.

Nail guns are usually driven by electromagnetism, compressed air or a small explosive charge.

There are two broad categories of nail guns, the direct drive or high velocity drives and the indirect drive or low velocity drives.

These two categories of nail guns are similar as far as they are power actuated driven, and differs only from the velocity of drive.

The direct drive nail gun uses gas pressure that acts directly onto the head of the nail to drive it into its intended object. Conversely, the indirect drive system will use gas pressure to act on a piston that in turn drives the nail indirectly.

Irrespective of the type, both of them are powerful tools that can drive a nail or other fastener into woodwork, hard concrete, stone and rolled steelwork easily.

It is not without its share of accidents in the workplace though. With nail guns being used widely in the workplace, there have been accidents related to nail guns, and this has led to some nail gun litigation involving specialist nail gun accident attorneys.

Where nail guns are used properly, and work safety rules are followed, they are a boon to the construction industry and represents how technology can help bring about savings in construction costs and reducing workplace accidents.

Peter Lim is the webmaster of the “Online Guide To Nail Gun Resources”. Visit the website for more information on nail guns including nail gun litigation at http://nail-gun.best-online-guides.info

During the release of a new software product specialized to track spam, ACME Software
Inc notice that there was not as much traffic as they hoped to receive. During further
investigation, they found that they could not view their own website. At that moment, the
VP of sales received a call from the company’s broker stating that ACME Software Inc
stock fell 4 point due to lack of confidence. Several states away, spammers didn’t like the
idea of lower profit margins do to an easy to install spam blocking software so they
thought they would fight back. Earlier that day, they took control of hundreds of
compromised computers and used them as DoS zombies to attack ACME Software Inc’s
Internet servers in a vicious act of cyber assault. During an emergency press conference
the next morning, ACME Software Inc’s CIO announced his resignation as a result of a
several million dollar corporate loss.

Scenarios like the one above happen a more then people think and are more costly
then most will admit. Denial of Service (DoS) attacks are designed to deplete the
resources of a target computer system in an attempt to take a node off line by crashing or
overloading it. Distributed Denial of Service (DDoS) is a DoS attack that is engaged by
many different locations. The most common DDoS attacks are instigated through viruses
or zombie machines. There are many reasons that DoS attacks are executed, and most of
them are out of malicious intent. DoS attacks are almost impossible to prevent if you are
singled out as a target. It’s difficult to distinguish the difference between a legitimate
packet and one used for a DoS attack.

The purpose of this article is to give the reader with basic network knowledge a
better understanding of the challenges presented by Denial of Service attacks, how they
work, and ways to protect systems and networks from them.

Instigation:

Spoofing – Falsifying an Internet address (know as spoofing) is the method an attacker
uses to fake an IP address. This is used to reroute traffic to a target network node or used
to deceive a server into identifying the attacker as a legitimate node. When most of us
think of this approach of hacking, we think of someone in another city essentially
becoming you. The way TCP/IP is designed, the only way a criminal hacker or cracker
can take over your Internet identity in this fashion is to blind spoof. This means that the
impostor knows exactly what responses to send to a port, but will not get the
corresponding response since the traffic is routed to the original system. If the spoofing is
designed around a DoS attack, the internal address becomes the victim. Spoofing is used
in most of the well-known DoS attacks. Many attackers will start a DoS attack to drop a
node from the network so they can take over the IP address of that device. IP Hijacking is
the main method used when attacking a secured network or attempting other attacks like
the Man in the Middle attack.

SYN Flood – Attackers send a series of SYN requests to a target (victim). The target
sends a SYN ACK in response and waits for an ACK to come back to complete the
session set up. Instead of responding with an ACK, the attacker responds with another
SYN to open up a new connection. This causes the connection queues and memory buffer
to fill up, thereby denying service to legitimate TCP users. At this time, the attacker can
hijack the system’s IP address if that is the end goal. Spoofing the “source” IP address
when sending a SYN flood will not only cover the offender’s tracks, but is also a method
of attack in itself. SYN Floods are the most commonly used DoS in viruses and are easy
to write. See http://www.infosecprofessionals.com/code/synflood.c.txt

Smurf Attack- Smurf and Fraggle attacks are the easiest to prevent. A perpetrator sends a
large number of ICMP echo (ping) traffic at IP broadcast addresses, using a fake source
address. The “source” or spoofed address will be flooded with simultaneous replies (See
CERT Advisory: CA-1998-01). This can be prevented by simply blocking broadcast
traffic from remote network sources using access control lists.

Fraggle Attack – This types of attack is the same as a Smurf attack except using UDP
instead if TCP. By sending an UDP echo (ping) traffic to IP broadcast addresses, the
systems on the network will all respond to the spoofed address and affect the target
system. This is a simple rewrite of the Smurf code. This can be prevented by simply
blocking broadcast traffic from remote IP address.

Ping of Death – An attacker sends illegitimate ICMP (ping) packets larger than 65,536
bytes to a system with the intention of crashing it. These attacks have been outdated since
the days of NT4 and Win95.

Teardrop – Otherwise known as an IP fragmentation attack, this DoS attack targets
systems that are running Windows NT 4.0, Win95 , Linux up to 2.0.32. Like the Ping of
Death, the Teardrop is no longer effective.

Application Attack – Thess are DoS attacks that involve exploiting an application
vulnerability causing the target program to crash or restart the system.

Kazaa and Morpheus have a known flaw that will allow an attacker to consume all
available bandwidth without being logged.
See http://www.infosecprofessionals.com/code/kazaa.pl.txt

Microsoft’s IIS 5 SSL also has an easy way to exploit vulnerability. Most exploits like
these are easy to find on the Internet and can be copied and pasted as working code.
There are thousands of exploits that can be used to DoS a target system/application. See
http://www.infosecprofessionals.com/code/IIS5SSL.c.txt

Viruses, Worms, and Antivirus – Yes, Antivirus. Too many cases where the antivirus
configuration is wrong or the wrong edition is installed. This lack of foresight causes an
unintentional DDoS attack on the network by taking up valuable CPU resources and
bandwidth. Viruses and worms also cause DDoS attacks by the nature of how they
spread. Some purposefully attack an individual target after a system has been infected.
The Blaster worm that exploits the DCOM RPC vulnerability (described in Microsoft
Security Bulletin MS03-026) using TCP port 135 is a great example of this. The Blaster
targeted Microsoft’s windows update site by initiating a SYN FLOOD. Because of this,
Microsoft decided to no longer resolve the DNS for ‘windowsupdate.com’.

DoS attacks are impossible to stop. However, there are things you can do to
mitigate potential damages they may cause to your environment. The main thing to
remember is that you always need to keep up-to-date on the newest threats.

Mitigation:

Antivirus software – Installing an antivirus software with the latest virus definitions will
help prevent your system from becoming a DoS zombie. Now, more then ever, this is an
important feature that you must have. With lawsuits so prevalent, not having the proper
protection can leave you open for downstream liability.

Software updates – Keep your software up to date at all times. This includes antivirus,
email clients, and network servers. You also need to keep all network Operating Systems
installed with the latest security patches. Microsoft has done a great job with making
these patches available for their Windows distributions. Linux has been said to be more
secure, but the patches are far more scarce. RedHat is planning on incorporating the
NSA’s SE Linux kernel into future releases. This will give Mandatory Access Control
(MAC) capabilities to the Linux community.

Network protection – Using a combination of firewalls and Intrusion Detection Systems
(IDS) can cut down on suspicious traffic and can make the difference between logged
annoyance and your job. Firewalls should be set to deny all traffic that is not specifically
designed to pass through. Integrating an IDS will warn you when strange traffic is present
on your network. This will assist you in finding and stopping attacks.

Network device configuration – Configuring perimeter devices like routers can detect
and in some cases prevent DoS attacks. Cisco routers can be configured to actively
prevent SYN attacks starting in Cisco IOS 11.3 and higher using the TCP intercept
command in global configuration mode.

Access-list number {deny | permit} tcp any destination destination-wildcard
ip tcp intercept list access-list-number
ip tcp intercept ? (will give you a good list of other options.)

Cisco routers can prevent Smurf and Fraggle attacks by blocking broadcast traffic. Since
Cisco IOS 12.0, this is the default configuration. ACLs or access control lists should also
be configured on all interfaces.

No ip directed-broadcast

The Cisco router can also be used to prevent IP spoofing.
ip access-group list in interface
access-list number deny icmp any any redirect
access-list number deny ip 127.0.0.0 0.255.255.255 any
access-list number deny ip 224.0.0.0 31.255.255.255 any
access-list number deny ip host 0.0.0.0 any
See Improving Security on Cisco Routers – www.cisco.com/warp/public/707/21.html

Old Cisco IOS versions are vulnerable to several DoS attacks. The “Black Angels” wrote
a program called Cisco Global Exploiter. This is a great software to use when testing the
security of your Cisco router version and configuration and can be found at
http://www.blackangels.it/Projects/cge.htm

Security is not as mystical as people believe. DoS attacks come in many different
types and can be devastating if you don’t take the proper precautions. Keep up to date and
take steps to secure network nodes. Keeping security in mind can minimize damages,
downtime, and save your career.

Security Resources:
Black Angels: http://www.blackangels.it/
Cisco: http://www.cisco.com
Microsoft: http://www.microsoft.com/technet/security/current.aspx
Forum of Incident Response and Security Teams: http://www.first.org/
SANS Institute: http://www.sans.org/resources/

Author: Jeremy Martin CISSP, ISSMP, ISSAP, CEI, CEH, CHS-III, CCNA, Network+, A+
http://www.infosecwriter.com

Member of:
BECCA – Business Espionage Controls & Countermeasures Association
ISACA