February 2010 - Archive
CONTENTS
- Avoiding Commmon Weaknesses
- Happenings
- Tech Tip: Crawling file servers with your Search Appliance
- Subscription/Unsubscription and Contacts
AVOIDING COMMON WEAKNESSES
The 2010 CWE/SANS Top 25 Most Dangerous Programming Errors was just released. Many of these most common errors can be avoided by using Vortex properly in your applications. For example:
- The use of parameters when constructing SQL statements avoids SQL injection problems, as well as greatly simplifying code.
- Vortex removes the need to worry about buffer sizes and array indexes, preventing overflows.
- The default Vortex settings are designed to limit resource utilization when crawling and searching. These can of course be changed to suit your needs.
No programming language can prevent all errors, so you are encouraged to use the CWE/SANS list as a checklist when developing your application. If you have any questions about the functions that can help, for example by sanitizing input and output data, you can search our manual or call tech support.
HAPPENINGS
THUNDERSTONE ADDS A NEW PARTNER FOR SEARCH APPLIANCE, WEBINATOR AND TEXIS CATALOG SOLUTION SALES IN NORTH AMERICA AND THE ASIA PACIFIC MARKETS
We welcome the following organization to our growing Thunderstone Reseller/Channel Partner Program:
CustomWare Asia Pacific Pty Ltd
+1 888 707 0088
http://www.customware.net
Sudbury, MA-based freelance writer Paul Korzeniowski quoted Thunderstone's CEO John Turnbull in a January 6, 2010 Network Computing article entitled "Best And Worst Of Times For Enterprise Search." Korzeniowski wrote, in part:
Data expansion has been driving user interest in search systems. In most enterprises, storage requirements have been increasing at healthy rates, 10 percent on the low end and 100 percent in certain cases. "Many companies have generated information that can help employees do their job more efficiently, but often they cannot easily locate that data," stated John Turnbull, president and CEO of Thunderstone Software LLC. Consequently, search system design has been changing.
See http://www.networkcomputing.com/enterprise-search/the-enterprise-search-dichotomy.php for the full article.
TECH TIP: CRAWLING FILE SERVERS WITH YOUR SEARCH APPLIANCE
The Thunderstone Search Appliance isn't just for websites. You can also use it to crawl your file servers. The process is very similar — directories are crawled as "pages" with "links" to other directories and files, and the files themselves are processed just as if they were on a website.
Setup via "Network Filesystems & Shares"
The one difference is any file share needs to be mounted before it can be used in a crawl. The "Network Filesystems & Shares" section is where you manage your various mounts. You specify the server, the share, and the credentials that should be used to crawl it.
Once it's mounted, you'll see a Base URL you can use to crawl that file share. You can specify a subdirectory of the share as the starting point of your crawl, and you can crawl the same share in multiple profiles.
For example, you can mount the "officeDocs" share on your "files3" file server, and have the "hr" profile crawl "file://files3/officeDocs/hr/archive" while the "sales" profile crawls "file://files3/officeDocs/clients", etc.
Next month we'll talk about Results Authorization, which ensures your search users only get results for pages and files they're allowed to see.
Feedback, suggestions and questions are welcome. Send your email to .