Thursday, June 28, 2012
Wednesday, June 27, 2012
Tuesday, June 26, 2012
Sunday, June 24, 2012
Creating a Board aka Forum on your own PC !
First of all you need Apache Server, PHP,
MySQL and a Forum Script i.e. phpBB or Invision or vBulletin.
Download
phpDev here
http://keihanna.dl.sourceforge.net/sourceforge/phpdev5/phpdev423.exe
and you
get a bundle of all the things above.
exttract
& install php dev. start the apache server,its 90% done.
upload
the forum script to X:/phpdev/www/public
(x is
your drive, usually C: )
now to
access the forum through internet you will not know your IP address thru
ipconfig command..
go to
http://www.whatismyip.com
see whats
your IP address.
now go to
http://your
ip address/public/your forum directory/install.php
thats it!
Create One-click Shutdown And Reboot Shortcuts
Create One-Click Shutdown and Reboot Shortcuts:
First, create a shortcut on your desktop by right-clicking on the desktop, choosing New, and then choosing Shortcut. The Create Shortcut Wizard appears. In the box asking for the location of the shortcut, type shutdown. After you create the shortcut, double-clicking on it will shut down your PC.
But you can do much more with a shutdown shortcut than merely shut down your PC. You can add any combination of several switches to do extra duty, like this:
shutdown -r -t 01 -c "Rebooting your PC"
Double-clicking on that shortcut will reboot your PC after a one-second delay and display the message "Rebooting your PC." The shutdown command includes a variety of switches you can use to customize it. Table 1-3 lists all of them and describes their use.
I use this technique to create two shutdown shortcuts on my desktop—one for turning off my PC, and one for rebooting. Here are the ones I use:
shutdown -s -t 03 -c "Bye Bye m8!"
shutdown -r -t 03 -c "Ill be back m8 ;)!"
Switch
What it does
-s
Shuts down the PC.
-l
Logs off the current user.
-t nn
Indicates the duration of delay, in seconds, before performing the action.
-c "messagetext"
Displays a message in the System Shutdown window. A maximum of 127 characters can be used. The message must be enclosed in quotation marks.
-f
Forces any running applications to shut down.
-r
Reboots the PC.
First, create a shortcut on your desktop by right-clicking on the desktop, choosing New, and then choosing Shortcut. The Create Shortcut Wizard appears. In the box asking for the location of the shortcut, type shutdown. After you create the shortcut, double-clicking on it will shut down your PC.
But you can do much more with a shutdown shortcut than merely shut down your PC. You can add any combination of several switches to do extra duty, like this:
shutdown -r -t 01 -c "Rebooting your PC"
Double-clicking on that shortcut will reboot your PC after a one-second delay and display the message "Rebooting your PC." The shutdown command includes a variety of switches you can use to customize it. Table 1-3 lists all of them and describes their use.
I use this technique to create two shutdown shortcuts on my desktop—one for turning off my PC, and one for rebooting. Here are the ones I use:
shutdown -s -t 03 -c "Bye Bye m8!"
shutdown -r -t 03 -c "Ill be back m8 ;)!"
Switch
What it does
-s
Shuts down the PC.
-l
Logs off the current user.
-t nn
Indicates the duration of delay, in seconds, before performing the action.
-c "messagetext"
Displays a message in the System Shutdown window. A maximum of 127 characters can be used. The message must be enclosed in quotation marks.
-f
Forces any running applications to shut down.
-r
Reboots the PC.
Create Bootable Win XP SP1 CD(nero)
How to create a bootable Windows XP SP1 CD (Nero):
Step 1
Create 3 folders - C:\WINXPSP1, C:\SP1106 and C:\XPBOOT
Step 2
Copy the entire Windows XP CD into folder C:\WINXPSP1
Step 3
You will have to download the SP1 Update, which is 133MB.
Rename the Service Pack file to XP-SP1.EXE
Extract the Service Pack from the Run Dialog using the command:
C:\XP-SP1.EXE -U -X:C:\SP1106
Step 4
Open Start/Run... and type the command:
C:\SP1106\update\update.exe -s:C:\WINXPSP1
Click OK
Folder C:\WINXPSP1 contains: Windows XP SP1
How to Create a Windows XP SP1 CD Bootable
Step 1
Download xpboot.zip
Code:
Code:
http://thro.port5.com/xpboot.zip
( no download manager !! )
Extract xpboot.zip file (xpboot.bin) in to the folder C:\XPBOOT
Step 2
Start Nero - Burning Rom.
Select File > New... from the menu.
1.) Select CD-ROM (Boot)
2.) Select Image file from Source of boot image data
3.) Set Kind of emulation: to No Emulation
4.) Set Load segment of sectors (hex!): to 07C0
5.) Set Number of loaded sectors: to 4
6.) Press the Browse... button
Step 3
Select All Files (*.*) from File of type:
Locate boot.bin in the folder C:\XPBOOT
Step 4
Click ISO tab
Set File-/Directory length to ISO Level 1 (Max. of 11 = 8 + 3 chars)
Set Format to Mode 1
Set Character Set to ISO 9660
Check all Relax ISO Restrictions
Step 5
Click Label Tab
Select ISO9660 from the drop down box.
Enter the Volume Label as WB2PFRE_EN
Enter the System Identifier as WB2PFRE_EN
Enter the Volume Set as WB2PFRE_EN
Enter the Publisher as MICROSOFT CORPORATION
Enter the Data Preparer as MICROSOFT CORPORATION
Enter the Application as WB2PFRE_EN
* For Windows XP Professional OEM substitute WB2PFRE_EN with WXPOEM_EN
* For Windows XP Home OEM substitute WB2PFRE_EN with WXHOEM_EN
Step 6
Click Burn tab
Check Write
Check Finalize CD (No further writing possible!)
Set Write Method to Disk-At-Once
Press New button
Step 7
Locate the folder C:\WINXPSP1
Select everything in the folder and drag it to the ISO compilation panel.
Click the Write CD Dialog button.
Press Write
You're done.
Step 1
Create 3 folders - C:\WINXPSP1, C:\SP1106 and C:\XPBOOT
Step 2
Copy the entire Windows XP CD into folder C:\WINXPSP1
Step 3
You will have to download the SP1 Update, which is 133MB.
Rename the Service Pack file to XP-SP1.EXE
Extract the Service Pack from the Run Dialog using the command:
C:\XP-SP1.EXE -U -X:C:\SP1106
Step 4
Open Start/Run... and type the command:
C:\SP1106\update\update.exe -s:C:\WINXPSP1
Click OK
Folder C:\WINXPSP1 contains: Windows XP SP1
How to Create a Windows XP SP1 CD Bootable
Step 1
Download xpboot.zip
Code:
Code:
http://thro.port5.com/xpboot.zip
( no download manager !! )
Extract xpboot.zip file (xpboot.bin) in to the folder C:\XPBOOT
Step 2
Start Nero - Burning Rom.
Select File > New... from the menu.
1.) Select CD-ROM (Boot)
2.) Select Image file from Source of boot image data
3.) Set Kind of emulation: to No Emulation
4.) Set Load segment of sectors (hex!): to 07C0
5.) Set Number of loaded sectors: to 4
6.) Press the Browse... button
Step 3
Select All Files (*.*) from File of type:
Locate boot.bin in the folder C:\XPBOOT
Step 4
Click ISO tab
Set File-/Directory length to ISO Level 1 (Max. of 11 = 8 + 3 chars)
Set Format to Mode 1
Set Character Set to ISO 9660
Check all Relax ISO Restrictions
Step 5
Click Label Tab
Select ISO9660 from the drop down box.
Enter the Volume Label as WB2PFRE_EN
Enter the System Identifier as WB2PFRE_EN
Enter the Volume Set as WB2PFRE_EN
Enter the Publisher as MICROSOFT CORPORATION
Enter the Data Preparer as MICROSOFT CORPORATION
Enter the Application as WB2PFRE_EN
* For Windows XP Professional OEM substitute WB2PFRE_EN with WXPOEM_EN
* For Windows XP Home OEM substitute WB2PFRE_EN with WXHOEM_EN
Step 6
Click Burn tab
Check Write
Check Finalize CD (No further writing possible!)
Set Write Method to Disk-At-Once
Press New button
Step 7
Locate the folder C:\WINXPSP1
Select everything in the folder and drag it to the ISO compilation panel.
Click the Write CD Dialog button.
Press Write
You're done.
Create Bootable XP SP integrated CD
Slipstreaming Windows XP Service Pack 1a and Create Bootable CD
Slipstreaming a Service Pack, is the process to integrate the Service Pack into the installation so that with every new installation the Operating System and Service Pack are installed at the same time.
Slipstreaming is usually done on network shares on corporate systems. But with the advent of CD burners, it does actually make some sense for the home user or small business user to do the same.
Microsoft added the ability to Slipstream a Service Pack to Windows 2000 and Windows XP. It not only has the advantage that when you (re)install your OS, you don't have to apply the Service Pack later, also if you update any Windows component later, you'll be sure that you get the correct installation files if Windows needs any.
Slipstream Windows XP Service Pack 1a:
CODE
http://download.microsoft.com/download/5/4/f/54f8bcf8-bb4d-4613-8ee7-db69d01735ed/xpsp1a_en_x86.exe
Download the (full) "Network Install" of the Service Pack (English version [125 MB]), and save it to a directory (folder) on your hard drive (in my case D:\XP-SP1). Other languages can be downloaded from the Windows XP Web site.
Microsoft recently released Windows XP SP1a. The only difference is that this Service Pack does no longer include Microsoft's dated Java version. If you have already installed Windows XP SP1, there is no reason to install SP1a, but the "older" SP1 (with MS Java) is no longer available for download.
Next copy your Windows XP CD to your hard drive. Just create a folder (I used \XP-CD), and copy all the contents of your Windows XP CD in that folder.
Now create a folder to hold the Service Pack 1a (SP1a) files you are about to extract. I named it \XP-SP1. Next, open a Command Prompt (Start > Run > cmd), and go to the folder where you downloaded SP1a (cd \foldername). Type the command: servicepack filename -x. A small window will appear, and you need to point it to the folder where you want to extract the SP1 files. Click Ok to start extracting the SP1a files.
Once the SP1a files are extracted, change to the update folder of the SP1a files (cd update), and type the following command: update /s:path to WinXP CD files. In my example the command is update /s:D:\XP-CD).
Windows XP Update will do its thing:
When ready, you should get a confirmation. Windows XP Service Pack 1a has now been Slipstreamed into your original Windows XP files.
It is also possible to add the Windows XP Rollup 1 Update. For instructions, please read Adding Windows XP Rollup 1 Hotfix.
Creating a Bootable CD
For this part I used ISO Buster
CODE
http://www.smart-projects.net/isobuster/
and Nero Burning.
Start to extract the boot loader from the original Windows XP CD. Using ISO Buster, select the "folder" Bootable CD, and right-click Microsoft Corporation.img. From the menu choose Extract Microsoft Corporation.img, and extract it to the folder on your hard drive where you have your Windows XP files (D:\XP-CD in my case).
Next, start Nero Burning ROM, and choose CD-ROM (Boot) in the New Compilation window. On the Boot tab, select Image file under Source of boot image data, and browse to the location of the Microsoft Corporation.img file. Also enable Expert Settings, choosing No Emulation, and changing the Number of loaded sectors to 4 (otherwise it won't boot!)
If you have an older version of Nero you won't have the option Do Not Add ";1" ISO file version extention under Relax ISO Restrictions. You won't be able to boot your new CD, so update Nero!
You can configure the Label tab to your liking, I would however recommend that you keep the Volume Label the same as on your original Windows XP CD.
Next press New, and drag & drop the files and folders from your Windows XP hard drive location into Nero.
Next, burn your new CD.
You now have a Bootable, Slipstreamed Windows XP Service Pack 1a CD!
Slipstreaming a Service Pack, is the process to integrate the Service Pack into the installation so that with every new installation the Operating System and Service Pack are installed at the same time.
Slipstreaming is usually done on network shares on corporate systems. But with the advent of CD burners, it does actually make some sense for the home user or small business user to do the same.
Microsoft added the ability to Slipstream a Service Pack to Windows 2000 and Windows XP. It not only has the advantage that when you (re)install your OS, you don't have to apply the Service Pack later, also if you update any Windows component later, you'll be sure that you get the correct installation files if Windows needs any.
Slipstream Windows XP Service Pack 1a:
CODE
http://download.microsoft.com/download/5/4/f/54f8bcf8-bb4d-4613-8ee7-db69d01735ed/xpsp1a_en_x86.exe
Download the (full) "Network Install" of the Service Pack (English version [125 MB]), and save it to a directory (folder) on your hard drive (in my case D:\XP-SP1). Other languages can be downloaded from the Windows XP Web site.
Microsoft recently released Windows XP SP1a. The only difference is that this Service Pack does no longer include Microsoft's dated Java version. If you have already installed Windows XP SP1, there is no reason to install SP1a, but the "older" SP1 (with MS Java) is no longer available for download.
Next copy your Windows XP CD to your hard drive. Just create a folder (I used \XP-CD), and copy all the contents of your Windows XP CD in that folder.
Now create a folder to hold the Service Pack 1a (SP1a) files you are about to extract. I named it \XP-SP1. Next, open a Command Prompt (Start > Run > cmd), and go to the folder where you downloaded SP1a (cd \foldername). Type the command: servicepack filename -x. A small window will appear, and you need to point it to the folder where you want to extract the SP1 files. Click Ok to start extracting the SP1a files.
Once the SP1a files are extracted, change to the update folder of the SP1a files (cd update), and type the following command: update /s:path to WinXP CD files. In my example the command is update /s:D:\XP-CD).
Windows XP Update will do its thing:
When ready, you should get a confirmation. Windows XP Service Pack 1a has now been Slipstreamed into your original Windows XP files.
It is also possible to add the Windows XP Rollup 1 Update. For instructions, please read Adding Windows XP Rollup 1 Hotfix.
Creating a Bootable CD
For this part I used ISO Buster
CODE
http://www.smart-projects.net/isobuster/
and Nero Burning.
Start to extract the boot loader from the original Windows XP CD. Using ISO Buster, select the "folder" Bootable CD, and right-click Microsoft Corporation.img. From the menu choose Extract Microsoft Corporation.img, and extract it to the folder on your hard drive where you have your Windows XP files (D:\XP-CD in my case).
Next, start Nero Burning ROM, and choose CD-ROM (Boot) in the New Compilation window. On the Boot tab, select Image file under Source of boot image data, and browse to the location of the Microsoft Corporation.img file. Also enable Expert Settings, choosing No Emulation, and changing the Number of loaded sectors to 4 (otherwise it won't boot!)
If you have an older version of Nero you won't have the option Do Not Add ";1" ISO file version extention under Relax ISO Restrictions. You won't be able to boot your new CD, so update Nero!
You can configure the Label tab to your liking, I would however recommend that you keep the Volume Label the same as on your original Windows XP CD.
Next press New, and drag & drop the files and folders from your Windows XP hard drive location into Nero.
Next, burn your new CD.
You now have a Bootable, Slipstreamed Windows XP Service Pack 1a CD!
Create A Personal Screen Saver In Win Xp!
This isnt a tweak, but a great little feature! For a great way to put your digital photos to work, try creating a slide show presentation for use as a screen saver. Here's how:
1. Right-click an empty spot on your desktop and then click Properties.
2. Click the Screen Saver tab.
3. In the Screen saver list, click My Pictures Slideshow.
4. Click Settings to make any adjustments, such as how often the pictures should change, what size they should be, and whether you'll use transition effects between pictures, and then click OK.
Now your screen saver is a random display of the pictures taken from your My Pictures folder.
1. Right-click an empty spot on your desktop and then click Properties.
2. Click the Screen Saver tab.
3. In the Screen saver list, click My Pictures Slideshow.
4. Click Settings to make any adjustments, such as how often the pictures should change, what size they should be, and whether you'll use transition effects between pictures, and then click OK.
Now your screen saver is a random display of the pictures taken from your My Pictures folder.
Create A Huge File
Create A Huge File
You can create a file of any size using nothing more than what's supplied with Windows. Start by converting the desired file size into hexadecimal notation. You can use the Windows Calculator in Scientific mode do to this. Suppose you want a file of 1 million bytes. Enter 1000000 in the calculator and click on the Hex option to convert it (1 million in hex is F4240.) Pad the result with zeroes at the left until the file size reaches eight digits—000F4240.
Now open a command prompt window. In Windows 95, 98, or Me, you can do this by entering COMMAND in the Start menu's Run dialog; in Windows NT 4.0, 2000, or XP enter CMD instead. Enter the command DEBUG BIGFILE.DAT and ignore the File not found message. Type RCX and press Enter. Debug will display a colon prompt. Enter the last four digits of the hexadecimal number you calculated (4240, in our example). Type RBX and press Enter, then enter the first four digits of the hexadecimal size (000F, in our example). Enter W for Write and Q for Quit. You've just created a 1-million-byte file using Debug. Of course you can create a file of any desired size using the same technique.
You can create a file of any size using nothing more than what's supplied with Windows. Start by converting the desired file size into hexadecimal notation. You can use the Windows Calculator in Scientific mode do to this. Suppose you want a file of 1 million bytes. Enter 1000000 in the calculator and click on the Hex option to convert it (1 million in hex is F4240.) Pad the result with zeroes at the left until the file size reaches eight digits—000F4240.
Now open a command prompt window. In Windows 95, 98, or Me, you can do this by entering COMMAND in the Start menu's Run dialog; in Windows NT 4.0, 2000, or XP enter CMD instead. Enter the command DEBUG BIGFILE.DAT and ignore the File not found message. Type RCX and press Enter. Debug will display a colon prompt. Enter the last four digits of the hexadecimal number you calculated (4240, in our example). Type RBX and press Enter, then enter the first four digits of the hexadecimal size (000F, in our example). Enter W for Write and Q for Quit. You've just created a 1-million-byte file using Debug. Of course you can create a file of any desired size using the same technique.
Cracking Zip Password Files
Cracking Zip Password Files
Tut On Cracking Zip Password Files..
What is FZC? FZC is a program that cracks zip files (zip is a method of compressing multiple files into one smaller file) that are password-protected (which means you're gonna need a password to open the zip file and extract files out of it). You can get it anywhere - just use a search engine such as altavista.com.
FZC uses multiple methods of cracking - bruteforce (guessing passwords systematically until the program gets it) or wordlist attacks (otherwise known as dictionary attacks. Instead of just guessing passwords systematically, the program takes passwords out of a "wordlist", which is a text file that contains possible passwords. You can get lots of wordlists at www.theargon.com.).
FZC can be used in order to achieve two different goals: you can either use it to recover a lost zip password which you used to remember but somehow forgot, or to crack zip passwords which you're not supposed to have. So like every tool, this one can be used for good and for evil.
The first thing I want to say is that reading this tutorial... is the easy way to learn how to use this program, but after reading this part of how to use the FZC you should go and check the texts that come with that program and read them all. You are also going to see the phrase "check name.txt" often in this text. These files should be in FZC's directory. They contain more information about FZC.
FZC is a good password recovery tool, because it's very fast and also support resuming so you don't have to keep the computer turned on until you get the password, like it used to be some years ago with older cracking programs. You would probably always get the password unless the password is longer than 32 chars (a char is a character, which can be anything - a number, a lowercase or undercase letter or a symbol such as ! or &) because 32 chars is the maximum value that FZC will accept, but it doesn't really matter, because in order to bruteforce a password with 32 chars you'll need to be at least immortal..heehhe.. to see the time that FZC takes with bruteforce just open the Bforce.txt file, which contains such information.
FZC supports brute-force attacks, as well as wordlist attacks. While brute-force attacks don't require you to have anything, wordlist attacks require you to have wordlists, which you can get from www.theargon.com. There are wordlists in various languages, various topics or just miscellaneous wordlists. The bigger the wordlist is, the more chances you have to crack the password.
Now that you have a good wordlist, just get FZC working on the locked zip file, grab a drink, lie down and wait... and wait... and wait...and have good thoughts like "In wordlist mode I'm gonna get the password in minutes" or something like this... you start doing all this and remember "Hey this guy started with all this bullshit and didn't say how I can start a wordlist attack!..." So please wait just a little more, read this tutorial 'till the end and you can do all this "bullshit".
We need to keep in mind that are some people might choose some really weird passwords (for example: 'e8t7@$^%*gfh), which are harder to crack and are certainly impossible to crack (unless you have some weird wordlist). If you have a bad luck and you got such a file, having a 200MB list won't help you anymore. Instead, you'll have to use a different type of attack. If you are a person that gives up at the first sign of failure, stop being like that or you won't get anywhere. What you need to do in such a situation is to put aside your sweet xxx MB's list and start using the Brute Force attack.
If you have some sort of a really fast and new computer and you're afraid that you won't be able to use your computer's power to the fullest because the zip cracker doesn't support this kind of technology, it's your lucky day! FZC has multiple settings for all sorts of hardware, and will automatically select the best method.
Now that we've gone through all the theoretical stuff, let's get to the actual commands.
--------------------------------------------------------------------------------
Bruteforce
--------------------------------------------------------------------------------
The command line you'll need to use for using brute force is:
fzc -mb -nzFile.zip -lChr Lenght -cType of chars
Now if you read the bforce.txt that comes with fzc you'll find the description of how works Chr Lenght and the Type of chars, but hey, I'm gonna explain this too. Why not, right?... (but remember look at the bforce.txt too)
For Chr Lenght you can use 4 kind of switches...
-> You can use range -> 4-6 :it would brute force from 4 Chr passwors to 6 chr passwords
-> You can use just one lenght -> 5 :it would just brute force using passwords with 5 chars
-> You can use also the all number -> 0 :it would start brute forcing from passwords with lenght 0 to lenght 32, even if you are crazy i don't think that you would do this.... if you are thinking in doing this get a live...
-> You can use the + sign with a number -> 3+ :in this case it would brute force from passwords with lenght 3 to passwords with 32 chars of lenght, almost like the last option...
For the Type of chars we have 5 switches they are:
-> a for using lowercase letters
-> A for using uppercase letters
-> ! for using simbols (check the Bforce.txt if you want to see what simbols)
-> s for using space
-> 1 for using numbers
Example:
If you want to find a password with lowercase and numbers by brute force you would just do something like:
fzc -mb -nzTest.zip -l4-7 -ca1
This would try all combinations from passwords with 4 chars of lenght till 7 chars, but just using numbers and lowercase.
*****
hint
*****
You should never start the first brute force attack to a file using all the chars switches, first just try lowercase, then uppercase, then uppercase with number then lowercase with numbers, just do like this because you can get lucky and find the password much faster, if this doesn't work just prepare your brain and start with a brute force that would take a lot of time. With a combination like lowercase, uppercase, special chars and numbers.
--------------------------------------------------------------------------------
Wordlis
--------------------------------------------------------------------------------
Like I said in the bottom and like you should be thinking now, the wordlist is the most powerfull mode in this program. Using this mode, you can choose between 3 modes, where each one do some changes to the text that is in the wordlist, I'm not going to say what each mode does to the words, for knowing that just check the file wlist.txt, the only thing I'm going to tell you is that the best mode to get passwords is mode 3, but it takes longer time too.
To start a wordlist attak you'll do something like.
fzc -mwMode number -nzFile.zip -nwWordlist
Where:
Mode number is 1, 2 or 3 just check wlist.txt to see the changes in each mode.
File.zip is the filename and Wordlist is the name of the wordlist that you want to use. Remember that if the file or the wordlist isn't in the same directory of FZC you'll need to give the all path.
You can add other switches to that line like -fLine where you define in which line will FZC start reading, and the -lChar Length where it will just be read the words in that char length, the switche works like in bruteforce mode.
So if you something like
fzc -mw1 -nztest.zip -nwMywordlist.txt -f50 -l9+
FZC would just start reading at line 50 and would just read with length >= to 9.
Example:
If you want to crack a file called myfile.zip using the "theargonlistserver1.txt" wordlist, selecting mode 3, and you wanted FZC to start reading at line 50 you would do:
fzc -mw3 -nzmyfile.zip -nwtheargonlistserver1.txt -f50
--------------------------------------------------------------------------------
Resuming
--------------------------------------------------------------------------------
Other good feature in FZC is that FZC supports resuming. If you need to shutdown your computer and FZC is running you just need to press the ESC key, and fzc will stop. Now if you are using a brute force attack the current status will be saved in a file called resume.fzc but if you are using a wordlist it will say to you in what line it ended (you can find the line in the file fzc.log too).
To resume the bruteforce attack you just need to do:
fzc -mr
And the bruteforce attack will start from the place where it stopped when you pressed the ESC key.
But if you want to resume a wordlist attack you'll need to start a new wordlist attack, saying where it's gonna start. So if you ended the attack to the file.zip in line 100 using wordlist.txt in mode 3 to resume you'll type
fzc -mw3 -nzfile.zip -nwwordlist.txt -f100
Doing this FZC would start in line 100, since the others 99 lines where already checked in an earlier FZC session.
Well, it looks like I covered most of what you need to know. I certainly hope it helped you... don't forget to read the files that come with the program
Tut On Cracking Zip Password Files..
What is FZC? FZC is a program that cracks zip files (zip is a method of compressing multiple files into one smaller file) that are password-protected (which means you're gonna need a password to open the zip file and extract files out of it). You can get it anywhere - just use a search engine such as altavista.com.
FZC uses multiple methods of cracking - bruteforce (guessing passwords systematically until the program gets it) or wordlist attacks (otherwise known as dictionary attacks. Instead of just guessing passwords systematically, the program takes passwords out of a "wordlist", which is a text file that contains possible passwords. You can get lots of wordlists at www.theargon.com.).
FZC can be used in order to achieve two different goals: you can either use it to recover a lost zip password which you used to remember but somehow forgot, or to crack zip passwords which you're not supposed to have. So like every tool, this one can be used for good and for evil.
The first thing I want to say is that reading this tutorial... is the easy way to learn how to use this program, but after reading this part of how to use the FZC you should go and check the texts that come with that program and read them all. You are also going to see the phrase "check name.txt" often in this text. These files should be in FZC's directory. They contain more information about FZC.
FZC is a good password recovery tool, because it's very fast and also support resuming so you don't have to keep the computer turned on until you get the password, like it used to be some years ago with older cracking programs. You would probably always get the password unless the password is longer than 32 chars (a char is a character, which can be anything - a number, a lowercase or undercase letter or a symbol such as ! or &) because 32 chars is the maximum value that FZC will accept, but it doesn't really matter, because in order to bruteforce a password with 32 chars you'll need to be at least immortal..heehhe.. to see the time that FZC takes with bruteforce just open the Bforce.txt file, which contains such information.
FZC supports brute-force attacks, as well as wordlist attacks. While brute-force attacks don't require you to have anything, wordlist attacks require you to have wordlists, which you can get from www.theargon.com. There are wordlists in various languages, various topics or just miscellaneous wordlists. The bigger the wordlist is, the more chances you have to crack the password.
Now that you have a good wordlist, just get FZC working on the locked zip file, grab a drink, lie down and wait... and wait... and wait...and have good thoughts like "In wordlist mode I'm gonna get the password in minutes" or something like this... you start doing all this and remember "Hey this guy started with all this bullshit and didn't say how I can start a wordlist attack!..." So please wait just a little more, read this tutorial 'till the end and you can do all this "bullshit".
We need to keep in mind that are some people might choose some really weird passwords (for example: 'e8t7@$^%*gfh), which are harder to crack and are certainly impossible to crack (unless you have some weird wordlist). If you have a bad luck and you got such a file, having a 200MB list won't help you anymore. Instead, you'll have to use a different type of attack. If you are a person that gives up at the first sign of failure, stop being like that or you won't get anywhere. What you need to do in such a situation is to put aside your sweet xxx MB's list and start using the Brute Force attack.
If you have some sort of a really fast and new computer and you're afraid that you won't be able to use your computer's power to the fullest because the zip cracker doesn't support this kind of technology, it's your lucky day! FZC has multiple settings for all sorts of hardware, and will automatically select the best method.
Now that we've gone through all the theoretical stuff, let's get to the actual commands.
--------------------------------------------------------------------------------
Bruteforce
--------------------------------------------------------------------------------
The command line you'll need to use for using brute force is:
fzc -mb -nzFile.zip -lChr Lenght -cType of chars
Now if you read the bforce.txt that comes with fzc you'll find the description of how works Chr Lenght and the Type of chars, but hey, I'm gonna explain this too. Why not, right?... (but remember look at the bforce.txt too)
For Chr Lenght you can use 4 kind of switches...
-> You can use range -> 4-6 :it would brute force from 4 Chr passwors to 6 chr passwords
-> You can use just one lenght -> 5 :it would just brute force using passwords with 5 chars
-> You can use also the all number -> 0 :it would start brute forcing from passwords with lenght 0 to lenght 32, even if you are crazy i don't think that you would do this.... if you are thinking in doing this get a live...
-> You can use the + sign with a number -> 3+ :in this case it would brute force from passwords with lenght 3 to passwords with 32 chars of lenght, almost like the last option...
For the Type of chars we have 5 switches they are:
-> a for using lowercase letters
-> A for using uppercase letters
-> ! for using simbols (check the Bforce.txt if you want to see what simbols)
-> s for using space
-> 1 for using numbers
Example:
If you want to find a password with lowercase and numbers by brute force you would just do something like:
fzc -mb -nzTest.zip -l4-7 -ca1
This would try all combinations from passwords with 4 chars of lenght till 7 chars, but just using numbers and lowercase.
*****
hint
*****
You should never start the first brute force attack to a file using all the chars switches, first just try lowercase, then uppercase, then uppercase with number then lowercase with numbers, just do like this because you can get lucky and find the password much faster, if this doesn't work just prepare your brain and start with a brute force that would take a lot of time. With a combination like lowercase, uppercase, special chars and numbers.
--------------------------------------------------------------------------------
Wordlis
--------------------------------------------------------------------------------
Like I said in the bottom and like you should be thinking now, the wordlist is the most powerfull mode in this program. Using this mode, you can choose between 3 modes, where each one do some changes to the text that is in the wordlist, I'm not going to say what each mode does to the words, for knowing that just check the file wlist.txt, the only thing I'm going to tell you is that the best mode to get passwords is mode 3, but it takes longer time too.
To start a wordlist attak you'll do something like.
fzc -mwMode number -nzFile.zip -nwWordlist
Where:
Mode number is 1, 2 or 3 just check wlist.txt to see the changes in each mode.
File.zip is the filename and Wordlist is the name of the wordlist that you want to use. Remember that if the file or the wordlist isn't in the same directory of FZC you'll need to give the all path.
You can add other switches to that line like -fLine where you define in which line will FZC start reading, and the -lChar Length where it will just be read the words in that char length, the switche works like in bruteforce mode.
So if you something like
fzc -mw1 -nztest.zip -nwMywordlist.txt -f50 -l9+
FZC would just start reading at line 50 and would just read with length >= to 9.
Example:
If you want to crack a file called myfile.zip using the "theargonlistserver1.txt" wordlist, selecting mode 3, and you wanted FZC to start reading at line 50 you would do:
fzc -mw3 -nzmyfile.zip -nwtheargonlistserver1.txt -f50
--------------------------------------------------------------------------------
Resuming
--------------------------------------------------------------------------------
Other good feature in FZC is that FZC supports resuming. If you need to shutdown your computer and FZC is running you just need to press the ESC key, and fzc will stop. Now if you are using a brute force attack the current status will be saved in a file called resume.fzc but if you are using a wordlist it will say to you in what line it ended (you can find the line in the file fzc.log too).
To resume the bruteforce attack you just need to do:
fzc -mr
And the bruteforce attack will start from the place where it stopped when you pressed the ESC key.
But if you want to resume a wordlist attack you'll need to start a new wordlist attack, saying where it's gonna start. So if you ended the attack to the file.zip in line 100 using wordlist.txt in mode 3 to resume you'll type
fzc -mw3 -nzfile.zip -nwwordlist.txt -f100
Doing this FZC would start in line 100, since the others 99 lines where already checked in an earlier FZC session.
Well, it looks like I covered most of what you need to know. I certainly hope it helped you... don't forget to read the files that come with the program
Cracking Bios, use the followin' code
Here is the best way to crack the bios password in win 95/98:
Follow the steps below:
1) Boot up windows.
2) go to dos-prompt or go to command prompt directly from the windows start up menu.
3) type the command at the prompt: "debug" (without quotes ninja.gif )
4) type the following lines now exactly as given.......
o 70 10
o 71 20
quit
exit
4) exit from the dos prompt and restart the machine
password protection gone!!!!!!!!!!!!! biggrin.gif
EnjoYYYYYYYYYY
PS: I tested this in Award Bios........
There seems to be some issue regarding display drivers on some machines if this is used. Just reinstall the drivers, Everything will be fine...........
I have not found any other trouble if the codes are used.
To be on safe side, just back up your data..........
The use of this code is entirely at ur risk.......... It worked fine for me..........
Follow the steps below:
1) Boot up windows.
2) go to dos-prompt or go to command prompt directly from the windows start up menu.
3) type the command at the prompt: "debug" (without quotes ninja.gif )
4) type the following lines now exactly as given.......
o 70 10
o 71 20
quit
exit
4) exit from the dos prompt and restart the machine
password protection gone!!!!!!!!!!!!! biggrin.gif
EnjoYYYYYYYYYY
PS: I tested this in Award Bios........
There seems to be some issue regarding display drivers on some machines if this is used. Just reinstall the drivers, Everything will be fine...........
I have not found any other trouble if the codes are used.
To be on safe side, just back up your data..........
The use of this code is entirely at ur risk.......... It worked fine for me..........
COPY X BOX GAMES!
BURNING X-BOX & GAMECUBE GAMES USEING CDRWIN
------------------------------------------------------
1) Insert your original in your CD-ROM.
2) Open CDRWin (or any other image extractor) to make an iso image of the game
on your hard disc. Click on 'Extract Disc/Tracks/Sectors'
3) Here are the settings which work for me (!):
Disc Image/Cue sheet
File-Format: Automatic
Reading-Options:
RAW, CD+G, CD-TEXT and MCN/USRC all Unchecked
Error Recovery: Ignore
Jitter Correction: Auto
Subcode Analyses: Fixed
Data-Speed: MAX
Read Retry Count: 10
Audio Speed: MAX
Subcode Threshold: 900
There are a lot of reports, that Raw reading also works, but I had problems with it enabled.
4) Click on 'Start'
--------------------------------------------------------------------------------
RECORDING TO A DISC
--------------------------------------------------------------------------------
1) Install Fireburner
2) Double click on the Cue File For The Game
3) Right Click And select burn To CD
That?s all there is record DAO, and you can try to burn it fast at 2X
Using PNY Black Diamond CDR'
------------------------------------------------------
1) Insert your original in your CD-ROM.
2) Open CDRWin (or any other image extractor) to make an iso image of the game
on your hard disc. Click on 'Extract Disc/Tracks/Sectors'
3) Here are the settings which work for me (!):
Disc Image/Cue sheet
File-Format: Automatic
Reading-Options:
RAW, CD+G, CD-TEXT and MCN/USRC all Unchecked
Error Recovery: Ignore
Jitter Correction: Auto
Subcode Analyses: Fixed
Data-Speed: MAX
Read Retry Count: 10
Audio Speed: MAX
Subcode Threshold: 900
There are a lot of reports, that Raw reading also works, but I had problems with it enabled.
4) Click on 'Start'
--------------------------------------------------------------------------------
RECORDING TO A DISC
--------------------------------------------------------------------------------
1) Install Fireburner
2) Double click on the Cue File For The Game
3) Right Click And select burn To CD
That?s all there is record DAO, and you can try to burn it fast at 2X
Using PNY Black Diamond CDR'
Converting to NTFS
Converting to NTFS
Your hard drive must be formatted with a file system such as FAT, FAT32 or NTFS so that Windows can be installed on to it. This system determines how files are named, organised and stored on the drive. If you’re not using it already, NTFS (New Technology File System) is recommended for Windows XP because of the additional functionality it offers. If your PC came with Windows XP pre-installed then there’s a chance that you’re already using NTFS. If you’ve upgraded from Windows 98 or Windows Me you may still be using FAT or FAT 32. The option to change over to NTFS would have been available during the upgrade process. Don’t worry if you skipped this as it’s possible to convert at any time from within Windows XP without losing any data.
The recommended option
There are a number of features in Windows XP that will only work if the NTFS file system is present, which is why it’s suggested you make use of it. File and folder permissions, encryption and privacy options are just some of those you’ll be able to access. In particular, those of you who have set up user accounts will find NTFS invaluable. For instance, if you continue to use FAT or FAT32 anyone with physical access to the drive will be able to access the files and folders that are stored there. However, with NTFS you’ll be able to use a level of encryption (Professional Edition only) that will enable you to protect your data.
You’ll also find NTFS more reliable in that it’s more able to recover from disk errors than its FAT or FAT32 counterparts. A log of all disk activity is kept so should a crash occur, Windows XP can use this information to repair the file system when your PC boots up again. To find out what file system you’re using, open My Computer, right-click your main hard drive and choose Properties. Take a look at the General tab to see confirmation of the file system that’s in use.
Convert now
You can use the convert tool in Windows XP to change the file system on your hard disk from FAT or FAT32 to NTFS. The whole process is safe and your existing data won’t be destroyed. To begin, click Start -> Run, type cmd and press [Return]. At the command prompt type convert c: /fs:ntfs and press [Return] (where ‘c’ is the letter of the drive you’re converting). When you try and run the convert utility, it’s likely that Windows XP will be using your paging file so the process won’t be completed immediately. Therefore, you’ll see a brief message on screen informing you that the conversion will take place instead the next time Windows starts up. Having restarted, the Check Disk utility will run, the conversion will be performed automatically and you may find that your PC will reboot twice more.
The benefits
With your drive now running NTFS, it’s time to take advantage of the new options that are available. Having created a number of different user accounts you can now control the level of access that’s granted to individual users. For example, there are going to be certain files and folders that you’ll want some users to be able to access but not others. If you have Windows XP Professional Edition you can do this immediately.
Right-click any file or folder, choose Properties and select the Security tab. A dialog will be displayed showing the names of all your users. Alongside will be two columns which enable you to select levels of access for each of them, the permissions include Full Control, Modify, Read and Write. You can then check the appropriate box to determine whether or not to Allow or Deny a particular permission. For Windows XP Home Edition users, the Security tab won’t be immediately available. To access this option you’ll need to restart your PC, pressing [F8] until a menu appears. Next select Safe Mode and wait for Windows XP to start up. You can then set your options in the same way.
Another feature is NTFS compression. It’s quick and seamless as your file or folder is decompressed automatically when you access it. (Don’t confuse this with a Zip compression utility where the files need to be extracted before they can be accessed.) Although you may have used NTFS compression on a file or folder, there’s no way of telling just by looking at it. To remedy this, open My Computer, click Tools -> Folder Options and select the View tab. Under Advanced settings, scroll down and check the option ‘Show encrypted or compressed NTFS files in color’, then click Apply and OK. Take a look at your compressed items in My Computer and you’ll see the text label has changed from black to blue. Something else that’s exclusive to Professional Edition users is the Encrypting File System (EFS). You can use this to protect your important data so that no one else can read it. Your encrypted files and folders will only be accessible when you have logged into your user account successfully.
Your hard drive must be formatted with a file system such as FAT, FAT32 or NTFS so that Windows can be installed on to it. This system determines how files are named, organised and stored on the drive. If you’re not using it already, NTFS (New Technology File System) is recommended for Windows XP because of the additional functionality it offers. If your PC came with Windows XP pre-installed then there’s a chance that you’re already using NTFS. If you’ve upgraded from Windows 98 or Windows Me you may still be using FAT or FAT 32. The option to change over to NTFS would have been available during the upgrade process. Don’t worry if you skipped this as it’s possible to convert at any time from within Windows XP without losing any data.
The recommended option
There are a number of features in Windows XP that will only work if the NTFS file system is present, which is why it’s suggested you make use of it. File and folder permissions, encryption and privacy options are just some of those you’ll be able to access. In particular, those of you who have set up user accounts will find NTFS invaluable. For instance, if you continue to use FAT or FAT32 anyone with physical access to the drive will be able to access the files and folders that are stored there. However, with NTFS you’ll be able to use a level of encryption (Professional Edition only) that will enable you to protect your data.
You’ll also find NTFS more reliable in that it’s more able to recover from disk errors than its FAT or FAT32 counterparts. A log of all disk activity is kept so should a crash occur, Windows XP can use this information to repair the file system when your PC boots up again. To find out what file system you’re using, open My Computer, right-click your main hard drive and choose Properties. Take a look at the General tab to see confirmation of the file system that’s in use.
Convert now
You can use the convert tool in Windows XP to change the file system on your hard disk from FAT or FAT32 to NTFS. The whole process is safe and your existing data won’t be destroyed. To begin, click Start -> Run, type cmd and press [Return]. At the command prompt type convert c: /fs:ntfs and press [Return] (where ‘c’ is the letter of the drive you’re converting). When you try and run the convert utility, it’s likely that Windows XP will be using your paging file so the process won’t be completed immediately. Therefore, you’ll see a brief message on screen informing you that the conversion will take place instead the next time Windows starts up. Having restarted, the Check Disk utility will run, the conversion will be performed automatically and you may find that your PC will reboot twice more.
The benefits
With your drive now running NTFS, it’s time to take advantage of the new options that are available. Having created a number of different user accounts you can now control the level of access that’s granted to individual users. For example, there are going to be certain files and folders that you’ll want some users to be able to access but not others. If you have Windows XP Professional Edition you can do this immediately.
Right-click any file or folder, choose Properties and select the Security tab. A dialog will be displayed showing the names of all your users. Alongside will be two columns which enable you to select levels of access for each of them, the permissions include Full Control, Modify, Read and Write. You can then check the appropriate box to determine whether or not to Allow or Deny a particular permission. For Windows XP Home Edition users, the Security tab won’t be immediately available. To access this option you’ll need to restart your PC, pressing [F8] until a menu appears. Next select Safe Mode and wait for Windows XP to start up. You can then set your options in the same way.
Another feature is NTFS compression. It’s quick and seamless as your file or folder is decompressed automatically when you access it. (Don’t confuse this with a Zip compression utility where the files need to be extracted before they can be accessed.) Although you may have used NTFS compression on a file or folder, there’s no way of telling just by looking at it. To remedy this, open My Computer, click Tools -> Folder Options and select the View tab. Under Advanced settings, scroll down and check the option ‘Show encrypted or compressed NTFS files in color’, then click Apply and OK. Take a look at your compressed items in My Computer and you’ll see the text label has changed from black to blue. Something else that’s exclusive to Professional Edition users is the Encrypting File System (EFS). You can use this to protect your important data so that no one else can read it. Your encrypted files and folders will only be accessible when you have logged into your user account successfully.
Saturday, June 23, 2012
Converting Movies To Psp Format
Converting Movies To Psp Format.
Hey again, this is a real quick guide for anyone interested to get a movie onto there PSP without all the fluff i have seen elsewhere. I just watched Africa the Serengeti on my PSP and heres is the lowdown.
Movie - approx 40 minutes - dvd
Saved to hard drive - 2.6GIG - using DVD Decryptor (free program) try google
Transfered to avi format - 377MB- using Super DVD Ripper (9 FREE trial uses) then you must buy
Transfered to MP4 - 37MB - using the (basically free) Image convertor 2
Average movie breakdown - using above as a guide only.
so im guessing the average movie may be 4.5gig for example
saved to 800MB
CONVERTED TO 70-80MB
Ok use DVD decryptor to save the movie to your hard drive eg. C:\africa (it will save it for you as described)
When completed find the folder c:\africa on your computer and find the vob file in that folder - generally the largest one and right click and play it with your dvd program to see what part it is. If its the correct movie part you now know thats the one you need.
Once you have located the vob file you want to transfer open DVD Ripper and go to wizard icon. There you will see an icon of VOB to AVI button. Click it and then it will ask to locate the file. Locate the file and click it. It will SCAN THE FILE(just wait till that finishes) a parameter box opens next and just click the arrow. It then askes to choose output file, click the file icon and locate the correct fob file. It then askes for file compression - choose microsoft windows media and then click ok Then press the start button. It will now convert the vob into avi format.
(there are also other opions ie;dvd to avi etc) I have only used the vob to avi for this test.
After DVD ripper has transferred the file it will save it to the same folder as the original move was in eg: c:\africa\viteots. Open the file and you will now see an AVI icon containing the movie.
Make sure you PSP is on and in usb mode then Open Image convertor 2 and press on movie / add to list. For this example i click on C:drive the found the folder Africa and opened it and there was my converted AVI file. Click the file press ok and it will be transfered to your PSP for viewing pleasure.
*****Note**** i only converted one VOB file as thatS all there was for this particular movie. If you have more then one vob file you may need to try the dvd to avi when you rip. This is just a guide i worked out to compress dvd into the smallest possible file so you can get value out of a 512 card.
QUOTE
http://www.crazyhatsoftware.com/ImageConverter2.1.exe
Image Converter 2.1 JAP translated to ENG.
Hey again, this is a real quick guide for anyone interested to get a movie onto there PSP without all the fluff i have seen elsewhere. I just watched Africa the Serengeti on my PSP and heres is the lowdown.
Movie - approx 40 minutes - dvd
Saved to hard drive - 2.6GIG - using DVD Decryptor (free program) try google
Transfered to avi format - 377MB- using Super DVD Ripper (9 FREE trial uses) then you must buy
Transfered to MP4 - 37MB - using the (basically free) Image convertor 2
Average movie breakdown - using above as a guide only.
so im guessing the average movie may be 4.5gig for example
saved to 800MB
CONVERTED TO 70-80MB
Ok use DVD decryptor to save the movie to your hard drive eg. C:\africa (it will save it for you as described)
When completed find the folder c:\africa on your computer and find the vob file in that folder - generally the largest one and right click and play it with your dvd program to see what part it is. If its the correct movie part you now know thats the one you need.
Once you have located the vob file you want to transfer open DVD Ripper and go to wizard icon. There you will see an icon of VOB to AVI button. Click it and then it will ask to locate the file. Locate the file and click it. It will SCAN THE FILE(just wait till that finishes) a parameter box opens next and just click the arrow. It then askes to choose output file, click the file icon and locate the correct fob file. It then askes for file compression - choose microsoft windows media and then click ok Then press the start button. It will now convert the vob into avi format.
(there are also other opions ie;dvd to avi etc) I have only used the vob to avi for this test.
After DVD ripper has transferred the file it will save it to the same folder as the original move was in eg: c:\africa\viteots. Open the file and you will now see an AVI icon containing the movie.
Make sure you PSP is on and in usb mode then Open Image convertor 2 and press on movie / add to list. For this example i click on C:drive the found the folder Africa and opened it and there was my converted AVI file. Click the file press ok and it will be transfered to your PSP for viewing pleasure.
*****Note**** i only converted one VOB file as thatS all there was for this particular movie. If you have more then one vob file you may need to try the dvd to avi when you rip. This is just a guide i worked out to compress dvd into the smallest possible file so you can get value out of a 512 card.
QUOTE
http://www.crazyhatsoftware.com/ImageConverter2.1.exe
Image Converter 2.1 JAP translated to ENG.
Convert To Basic And Dynamic Disks In Windows Xp
Windows XP Professional supports two types of disk storage: basic and dynamic. Basic disk storage uses partition-oriented disks. A basic disk contains basic volumes (primary partitions, extended partitions, and logical drives).
Dynamic disk storage uses volume-oriented disks, and includes features that basic disks do not, such as the ability to create volumes that span multiple disks (spanned and striped volumes).
General Notes
Before you change a basic disk to a dynamic disk, note these items:
You must have at least 1 megabyte (MB) of free space on any master boot record (MBR) disk that you want to convert. This space is automatically reserved when the partition or volume is created in Microsoft Windows 2000 or Windows XP Professional. However, it may not be available on partitions or volumes that are created in other operating systems.
When you convert to a dynamic disk, the existing partitions or logical drives on the basic disk are converted to simple volumes on the dynamic disk.
After you convert to a dynamic disk, the dynamic volumes cannot be changed back to partitions. You must first delete all dynamic volumes on the disk, and then convert the dynamic disk back to a basic disk. If you want to keep your data, you must first back up or move the data to another volume.
After you convert to a dynamic disk, local access to the dynamic disk is limited to Windows XP Professional and Windows 2000.
If your disk contains multiple installations of Windows XP Professional or Windows 2000, do not convert to a dynamic disk. The conversion operation removes partition entries for all partitions on the disk with the exception of the system and boot volumes for the current operating system.
Dynamic disks are not supported on portable computers or Microsoft Windows XP Home Edition.
Before you change a dynamic disk back to a basic disk, note that all existing volumes must be deleted from the disk before you can convert it back to a basic disk. If you want to keep your data, back up the data, or move your data to another volume.
How to Convert a Basic Disk to a Dynamic Disk
To convert a basic disk to a dynamic disk:
1) Log on as Administrator or as a member of the Administrators group.
2) Click Start, and then click Control Panel.
3) Click Performance and Maintenance, click Administrative Tools, and then double-click Computer Management.
4) In the left pane, click Disk Management.
5) In the lower-right pane, right-click the basic disk that you want to convert, and then click Convert to Dynamic Disk.
NOTE:You must right-click the gray area that contains the disk title on the left side of the Details pane. For example, right-click Disk 0.
6) Select the check box that is next to the disk that you want to convert (if it is not already selected), and then clickOK.
7) Click Details if you want to view the list of volumes in the disk.
8) Click Convert.
9) Click Yes when you are prompted to convert, and then click OK.
How to Convert a Dynamic Disk to a Basic Disk
To change a dynamic disk back to a basic disk:
1) Back up all the data on all the volumes on the disk you want to convert to a basic disk.
2) Log on as Administrator or as a member of the Administrators group.
3) Click Start, and then click Control Panel.
4) Click Performance and Maintenance, click Administrative Tools, and then double-click Computer Management.
5) In the left pane, click Disk Management.
6) Right-click a volume on the dynamic disk that you want to change to a basic disk, and then click Delete Volume.
7) Click Yes when you are prompted to delete the volume.
8) Repeat steps 4 and 5 for each volume on the dynamic disk.
9) After you have deleted all the volumes on the dynamic disk, right-click the dynamic disk that you want to change to a basic disk, and then click Convert to Basic Disk.
NOTE:You must right-click the gray area that contains the disk title on the left side of the Details pane. For example, right-click Disk 1.
Dynamic disk storage uses volume-oriented disks, and includes features that basic disks do not, such as the ability to create volumes that span multiple disks (spanned and striped volumes).
General Notes
Before you change a basic disk to a dynamic disk, note these items:
You must have at least 1 megabyte (MB) of free space on any master boot record (MBR) disk that you want to convert. This space is automatically reserved when the partition or volume is created in Microsoft Windows 2000 or Windows XP Professional. However, it may not be available on partitions or volumes that are created in other operating systems.
When you convert to a dynamic disk, the existing partitions or logical drives on the basic disk are converted to simple volumes on the dynamic disk.
After you convert to a dynamic disk, the dynamic volumes cannot be changed back to partitions. You must first delete all dynamic volumes on the disk, and then convert the dynamic disk back to a basic disk. If you want to keep your data, you must first back up or move the data to another volume.
After you convert to a dynamic disk, local access to the dynamic disk is limited to Windows XP Professional and Windows 2000.
If your disk contains multiple installations of Windows XP Professional or Windows 2000, do not convert to a dynamic disk. The conversion operation removes partition entries for all partitions on the disk with the exception of the system and boot volumes for the current operating system.
Dynamic disks are not supported on portable computers or Microsoft Windows XP Home Edition.
Before you change a dynamic disk back to a basic disk, note that all existing volumes must be deleted from the disk before you can convert it back to a basic disk. If you want to keep your data, back up the data, or move your data to another volume.
How to Convert a Basic Disk to a Dynamic Disk
To convert a basic disk to a dynamic disk:
1) Log on as Administrator or as a member of the Administrators group.
2) Click Start, and then click Control Panel.
3) Click Performance and Maintenance, click Administrative Tools, and then double-click Computer Management.
4) In the left pane, click Disk Management.
5) In the lower-right pane, right-click the basic disk that you want to convert, and then click Convert to Dynamic Disk.
NOTE:You must right-click the gray area that contains the disk title on the left side of the Details pane. For example, right-click Disk 0.
6) Select the check box that is next to the disk that you want to convert (if it is not already selected), and then clickOK.
7) Click Details if you want to view the list of volumes in the disk.
8) Click Convert.
9) Click Yes when you are prompted to convert, and then click OK.
How to Convert a Dynamic Disk to a Basic Disk
To change a dynamic disk back to a basic disk:
1) Back up all the data on all the volumes on the disk you want to convert to a basic disk.
2) Log on as Administrator or as a member of the Administrators group.
3) Click Start, and then click Control Panel.
4) Click Performance and Maintenance, click Administrative Tools, and then double-click Computer Management.
5) In the left pane, click Disk Management.
6) Right-click a volume on the dynamic disk that you want to change to a basic disk, and then click Delete Volume.
7) Click Yes when you are prompted to delete the volume.
8) Repeat steps 4 and 5 for each volume on the dynamic disk.
9) After you have deleted all the volumes on the dynamic disk, right-click the dynamic disk that you want to change to a basic disk, and then click Convert to Basic Disk.
NOTE:You must right-click the gray area that contains the disk title on the left side of the Details pane. For example, right-click Disk 1.
Configuring ZoneAlarm Pro Security Settings, A ZoneAlarm Pro Tutorial
Configuring ZoneAlarm Security Settings
(
If you're running ZoneAlarm Pro you will probably have considered that most of the "advanced" settings might as well be in Chinese for all the use they are. User friendly they are not!
If you are not on a LAN (connected to another computer in a network) you can use this guide to give your firewall some real muscle and a new lease of life:
Launch ZoneAlarm Pro and click to highlight the "Firewall" tab on the left hand side . In the pane that appears on the right hand side in the section "Internet Zone Security" set the slider control to "High" Then click the "Custom" button in the same section.
The next settings page is divided into two sections with tabs Internet Zone and Trusted Zone at the top of the page. Under the Internet Zone tab there is a list of settings that can be accessed by scrolling. At the top is the high security settings and the only thing that should check from there is "allow broadcast/multicast". The rest should be unchecked.
Scroll down until you get to the medium security settings area. Check all the boxes in this section until you get to "Block Incomming UDP Ports". When you check that you will be asked to supply a list of ports, and in the field at the bottom of the page enter 1-65535
Then go back to the list and check the box alongside "Block Outgoing UDP Ports" and at the bottom of the page enter 1-19, 22-79, 82-7999, 8082-65535
Repeat this proceedure for the following settings
"Block Incomming TCP Ports": 1-65535
"Block Outgoing TCP Ports": 1-19, 22-79, 82-7999, 8082-65535
Then click "Apply", "Ok" at the bottom of the page.
Back in the right hand "Firewall" pane go next to the yellow "Trusted Zone Security" section and set it to "high" with the slider. Click "Custom" and repeat the above proceedure this time choosing the Trusted Zone tab at the top of the settings page.
These settings will stop all incoming packets @ports 1-65535 and also block all pings, trojans etc... this will also stop all spyware or applications from phoning home from your drive without your knowledge!
(
If you're running ZoneAlarm Pro you will probably have considered that most of the "advanced" settings might as well be in Chinese for all the use they are. User friendly they are not!
If you are not on a LAN (connected to another computer in a network) you can use this guide to give your firewall some real muscle and a new lease of life:
Launch ZoneAlarm Pro and click to highlight the "Firewall" tab on the left hand side . In the pane that appears on the right hand side in the section "Internet Zone Security" set the slider control to "High" Then click the "Custom" button in the same section.
The next settings page is divided into two sections with tabs Internet Zone and Trusted Zone at the top of the page. Under the Internet Zone tab there is a list of settings that can be accessed by scrolling. At the top is the high security settings and the only thing that should check from there is "allow broadcast/multicast". The rest should be unchecked.
Scroll down until you get to the medium security settings area. Check all the boxes in this section until you get to "Block Incomming UDP Ports". When you check that you will be asked to supply a list of ports, and in the field at the bottom of the page enter 1-65535
Then go back to the list and check the box alongside "Block Outgoing UDP Ports" and at the bottom of the page enter 1-19, 22-79, 82-7999, 8082-65535
Repeat this proceedure for the following settings
"Block Incomming TCP Ports": 1-65535
"Block Outgoing TCP Ports": 1-19, 22-79, 82-7999, 8082-65535
Then click "Apply", "Ok" at the bottom of the page.
Back in the right hand "Firewall" pane go next to the yellow "Trusted Zone Security" section and set it to "high" with the slider. Click "Custom" and repeat the above proceedure this time choosing the Trusted Zone tab at the top of the settings page.
These settings will stop all incoming packets @ports 1-65535 and also block all pings, trojans etc... this will also stop all spyware or applications from phoning home from your drive without your knowledge!
Computer Matinence
You may not realize it, but your computer and your car have something in common: they both need regular maintenance. No, you don't need to change your computer's oil. But you should be updating your software, keeping your antivirus subscription up to date, and checking for spyware. Read on to learn what you can do to help improve your computer's security.
Getting started
Here are some basics maintenance tasks you can do today to start improving your computer's security. Be sure you make these part of your ongoing maintenance as well.
* Sign up for software update e-mail notices. Many software companies will send you e-mail whenever a software update is available. This is particularly important for your operating system (e.g., Microsoft VV!|VD0VV$® or Macintosh), your antivirus program, and your firewall.
* Register your software. If you still have registration forms for existing software, send them in. And be sure to register new software in the future. This is another way for the software manufacturer to alert you when new updates are available.
* Install software updates immediately.
When you get an update notice, download the update immediately and install it. (Remember, downloading and installing are two separate tasks.)
An ounce of prevention
A few simple steps will help you keep your files safe and clean.
* Step 1: Update your software
* Step 2: Backup your files
* Step 3: Use antivirus software and keep it updated
* Step 4: Change your passwords
Developing ongoing maintenance practices
Now that you've done some ground work, it's time to start moving into longer term maintenance tasks. These are all tasks that you should do today (or as soon as possible) to get started. But for best results, make these a part of a regular maintenance schedule. We recommend setting aside time each week to help keep your computer secure.
* Back up your files. Backing up your files simply means creating a copy of your computer files that you can use in the event the originals are lost. (Accidents can happen.) To learn more read our tips for backing up information.
* Scan your files with up to date antivirus software. Use your antivirus scan tool regularly to search for potential computer viruses and worms. Also, check your antivirus program's user manual to see if you can schedule an automatic scan of your computer. To learn more, read our tips for reducing your virus risk
.
* Change your passwords. Using the same password increases the odds that someone else will discover it. Change all of your passwords regularly (we recommend monthly) to reduce your risk. Also, choose your passwords carefully. To learn more, read our tips for creating stronger passwords
.
Making a schedule
One of the best ways to help protect your computer is to perform maintenance regularly. To help you keep track, we suggest making a regular "appointment" with your computer. Treat it like you would any other appointment. Record it in your datebook or online calendar, and if you cannot make it, reschedule. Remember, you are not only helping to improve your computer, you are also helping to protect your personal information.
Getting started
Here are some basics maintenance tasks you can do today to start improving your computer's security. Be sure you make these part of your ongoing maintenance as well.
* Sign up for software update e-mail notices. Many software companies will send you e-mail whenever a software update is available. This is particularly important for your operating system (e.g., Microsoft VV!|VD0VV$® or Macintosh), your antivirus program, and your firewall.
* Register your software. If you still have registration forms for existing software, send them in. And be sure to register new software in the future. This is another way for the software manufacturer to alert you when new updates are available.
* Install software updates immediately.
When you get an update notice, download the update immediately and install it. (Remember, downloading and installing are two separate tasks.)
An ounce of prevention
A few simple steps will help you keep your files safe and clean.
* Step 1: Update your software
* Step 2: Backup your files
* Step 3: Use antivirus software and keep it updated
* Step 4: Change your passwords
Developing ongoing maintenance practices
Now that you've done some ground work, it's time to start moving into longer term maintenance tasks. These are all tasks that you should do today (or as soon as possible) to get started. But for best results, make these a part of a regular maintenance schedule. We recommend setting aside time each week to help keep your computer secure.
* Back up your files. Backing up your files simply means creating a copy of your computer files that you can use in the event the originals are lost. (Accidents can happen.) To learn more read our tips for backing up information.
* Scan your files with up to date antivirus software. Use your antivirus scan tool regularly to search for potential computer viruses and worms. Also, check your antivirus program's user manual to see if you can schedule an automatic scan of your computer. To learn more, read our tips for reducing your virus risk
.
* Change your passwords. Using the same password increases the odds that someone else will discover it. Change all of your passwords regularly (we recommend monthly) to reduce your risk. Also, choose your passwords carefully. To learn more, read our tips for creating stronger passwords
.
Making a schedule
One of the best ways to help protect your computer is to perform maintenance regularly. To help you keep track, we suggest making a regular "appointment" with your computer. Treat it like you would any other appointment. Record it in your datebook or online calendar, and if you cannot make it, reschedule. Remember, you are not only helping to improve your computer, you are also helping to protect your personal information.
Create An Ftp Server On Your Pc With Serv-u
Create An Ftp Server On Your Pc With Serv-u
Requirements:
Serv-U
No-IP.com Website
Quote:
Step 1. Getting a static IP address.
Get a static address for your FTP server. You will want to do this as opposed to using your IP address for several reasons. First, it’s easier keeping up-to-date. Imagine having to change all of your setting every time your IP changed. With No-IP, the No-IP service runs in background on your computer and updates your current IP address with your FTP server’s URL (for example, you get ftp://rkchoolie.serveftp.com). Second reason, you don’t want your IP address posted out there for everyone to see.
1. Go to www.No-IP.com to create a new user account.
2. Fill in the information that is required and the click Register button.
3. Your account has now been created and your account password has been emailed to you.
4. Check your email mailbox and wait for the mail that contains your password
5. Go back to www.No-IP.com and type your email address and password to login to your account.
6. Once in your account, click on Add a host in the left menu
7. Type in the Hostname you want (example: rkchoolie) and pick a Domain from the list (example: ftpserve.com)
8. Check Allow Wildcards and click the Submit button
9. You now have your static address (example: rkchoolie.serveftp.com)
10. Click on your OS link in the Dyn-Update Client in the bottom right menu and follow links to download the client
11. Once downloaded, install the software and type in your email address and password when asked.
12. Finally tick the checkbox near your static address.
You now have a static web address .
Quote:
Step 2. Installing and setting the FTP server
1. Install Serv-U 4.0.
2. Start Serv-U and use the wizard to setup your ftp.
3. Click next until you're asked for an IP address, leave it blank and then click next.
4. Type the domain name you've just registered above (example: preacher.serveftp.com) in the domain name field and then click Next.
5. You are asked if you want to allow anonymous access, select No and then click next.
6. You are then asked to create a named account, check yes and then click next.
7. Type in the user name you wish for this account (example: Harrie) and click next.
8. Type a password for this account (example: $p3c1aL). For security reasons, try to create a password with some letters, numbers and special characters. Then click next.
9. You will then be asked for the Home directory of the account you just created. Select the directory and then click next.
10. Select yes to lock this account to the Home directory. You want to do this so that the user can not go any further up that his home directory. Click next.
11. The account is now set so click finish.
Quote:
Step 3. Configuring user accounts
1. In the left tree-menu, select the account you've just created and then click on the General tab.
2. Check Hide ‘Hidden’ Files.
3. Check Allow only and enter the number one in the box.
4. Set the Max. download speed to what ever you want. If this is an account that many will be using, set it low to save on your bandwidth. I usually have mine set between 10 – 20. If you leave it blank, users will be able to download from you at full bandwidth.
5. Set the Max no. of users to how many you want to be able to log on at one time. This depends on your connection speed but try these (56 - 1, ISDN - 3, ADSL or cable - 5-6 users.)
6. Now, click on the Dir Access tab.
7. You should see the home folder in there. Highlight it and make your permissions.
8. If you only want users to be able to download check only Read, List, & Inherit.
9. If you want users to be able to upload, but to only one particular folder but not download, click the add button and then select that folder. Now highlight the folder and set these permissions on that folder. Check Write, Append, List, Create, & Inherit. Once you have made the permissions click on the up arrow that is located at the bottom right-hand corner. You want this special upload folder to be list first, before the home folder.
10. If there is a folder that you don’t want anyone to have access to, but it is inside the home folder, then click the add button and then select that folder. Now highlight the folder and make sure that all checkboxes are left. Once you have made the permissions click on the up arrow that is located at the bottom right-hand corner. You want this no access folder to be listed at the very top.
11. There are many other different sets of permissions you can play with. I just covered your basics.
12. Your server is now set!
13. Try logging on with the username and password and see if it works.
Requirements:
Serv-U
No-IP.com Website
Quote:
Step 1. Getting a static IP address.
Get a static address for your FTP server. You will want to do this as opposed to using your IP address for several reasons. First, it’s easier keeping up-to-date. Imagine having to change all of your setting every time your IP changed. With No-IP, the No-IP service runs in background on your computer and updates your current IP address with your FTP server’s URL (for example, you get ftp://rkchoolie.serveftp.com). Second reason, you don’t want your IP address posted out there for everyone to see.
1. Go to www.No-IP.com to create a new user account.
2. Fill in the information that is required and the click Register button.
3. Your account has now been created and your account password has been emailed to you.
4. Check your email mailbox and wait for the mail that contains your password
5. Go back to www.No-IP.com and type your email address and password to login to your account.
6. Once in your account, click on Add a host in the left menu
7. Type in the Hostname you want (example: rkchoolie) and pick a Domain from the list (example: ftpserve.com)
8. Check Allow Wildcards and click the Submit button
9. You now have your static address (example: rkchoolie.serveftp.com)
10. Click on your OS link in the Dyn-Update Client in the bottom right menu and follow links to download the client
11. Once downloaded, install the software and type in your email address and password when asked.
12. Finally tick the checkbox near your static address.
You now have a static web address .
Quote:
Step 2. Installing and setting the FTP server
1. Install Serv-U 4.0.
2. Start Serv-U and use the wizard to setup your ftp.
3. Click next until you're asked for an IP address, leave it blank and then click next.
4. Type the domain name you've just registered above (example: preacher.serveftp.com) in the domain name field and then click Next.
5. You are asked if you want to allow anonymous access, select No and then click next.
6. You are then asked to create a named account, check yes and then click next.
7. Type in the user name you wish for this account (example: Harrie) and click next.
8. Type a password for this account (example: $p3c1aL). For security reasons, try to create a password with some letters, numbers and special characters. Then click next.
9. You will then be asked for the Home directory of the account you just created. Select the directory and then click next.
10. Select yes to lock this account to the Home directory. You want to do this so that the user can not go any further up that his home directory. Click next.
11. The account is now set so click finish.
Quote:
Step 3. Configuring user accounts
1. In the left tree-menu, select the account you've just created and then click on the General tab.
2. Check Hide ‘Hidden’ Files.
3. Check Allow only and enter the number one in the box.
4. Set the Max. download speed to what ever you want. If this is an account that many will be using, set it low to save on your bandwidth. I usually have mine set between 10 – 20. If you leave it blank, users will be able to download from you at full bandwidth.
5. Set the Max no. of users to how many you want to be able to log on at one time. This depends on your connection speed but try these (56 - 1, ISDN - 3, ADSL or cable - 5-6 users.)
6. Now, click on the Dir Access tab.
7. You should see the home folder in there. Highlight it and make your permissions.
8. If you only want users to be able to download check only Read, List, & Inherit.
9. If you want users to be able to upload, but to only one particular folder but not download, click the add button and then select that folder. Now highlight the folder and set these permissions on that folder. Check Write, Append, List, Create, & Inherit. Once you have made the permissions click on the up arrow that is located at the bottom right-hand corner. You want this special upload folder to be list first, before the home folder.
10. If there is a folder that you don’t want anyone to have access to, but it is inside the home folder, then click the add button and then select that folder. Now highlight the folder and make sure that all checkboxes are left. Once you have made the permissions click on the up arrow that is located at the bottom right-hand corner. You want this no access folder to be listed at the very top.
11. There are many other different sets of permissions you can play with. I just covered your basics.
12. Your server is now set!
13. Try logging on with the username and password and see if it works.
Create A Personal Screen Saver In Win Xp!
This isnt a tweak, but a great little feature! For a great way to put your digital photos to work, try creating a slide show presentation for use as a screen saver. Here's how:
1. Right-click an empty spot on your desktop and then click Properties.
2. Click the Screen Saver tab.
3. In the Screen saver list, click My Pictures Slideshow.
4. Click Settings to make any adjustments, such as how often the pictures should change, what size they should be, and whether you'll use transition effects between pictures, and then click OK.
Now your screen saver is a random display of the pictures taken from your My Pictures folder.
1. Right-click an empty spot on your desktop and then click Properties.
2. Click the Screen Saver tab.
3. In the Screen saver list, click My Pictures Slideshow.
4. Click Settings to make any adjustments, such as how often the pictures should change, what size they should be, and whether you'll use transition effects between pictures, and then click OK.
Now your screen saver is a random display of the pictures taken from your My Pictures folder.
CMD Prompt here, add to folder context menu windows xp
add the open cmd prompt to folder context menus
also drives and My Computer
copy what's in the code area to notepad and save as cmd here.reg
CODE
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\Drive\shell\cmd]
@="Command Prompt"
[HKEY_CLASSES_ROOT\Drive\shell\cmd\command]
@="cmd.exe /k \"cd %L\""
[HKEY_CLASSES_ROOT\Directory\shell\cmd]
@="Command Prompt"
[HKEY_CLASSES_ROOT\Directory\shell\cmd\command]
@="cmd.exe /k \"cd %L\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\cmd]
@="Command Prompt"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\cmd\command]
@="cmd.exe /k \"cd %L\""
also drives and My Computer
copy what's in the code area to notepad and save as cmd here.reg
CODE
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\Drive\shell\cmd]
@="Command Prompt"
[HKEY_CLASSES_ROOT\Drive\shell\cmd\command]
@="cmd.exe /k \"cd %L\""
[HKEY_CLASSES_ROOT\Directory\shell\cmd]
@="Command Prompt"
[HKEY_CLASSES_ROOT\Directory\shell\cmd\command]
@="cmd.exe /k \"cd %L\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\cmd]
@="Command Prompt"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\cmd\command]
@="cmd.exe /k \"cd %L\""
Change Your Ip In Less Then 1 Minute
How To: Change Your Ip In Less Then 1 Minute
1. Click on "Start" in the bottom left hand corner of screen
2. Click on "Run"
3. Type in "command" and hit ok
You should now be at an MSDOS prompt screen.
4. Type "ipconfig /release" just like that, and hit "enter"
5. Type "exit" and leave the prompt
6. Right-click on "Network Places" or "My Network Places" on your desktop.
7. Click on "properties"
You should now be on a screen with something titled "Local Area Connection", or something close to that, and, if you have a network hooked up, all of your other networks.
8. Right click on "Local Area Connection" and click "properties"
9. Double-click on the "Internet Protocol (TCP/IP)" from the list under the "General" tab
10. Click on "Use the following IP address" under the "General" tab
11. Create an IP address (It doesn't matter what it is. I just type 1 and 2 until i fill the area up).
12. Press "Tab" and it should automatically fill in the "Subnet Mask" section with default numbers.
13. Hit the "Ok" button here
14. Hit the "Ok" button again
You should now be back to the "Local Area Connection" screen.
15. Right-click back on "Local Area Connection" and go to properties again.
16. Go back to the "TCP/IP" settings
17. This time, select "Obtain an IP address automatically"
tongue.gif 18. Hit "Ok"
19. Hit "Ok" again
20. You now have a new IP address
With a little practice, you can easily get this process down to 15 seconds.
P.S:
This only changes your dynamic IP address, not your ISP/IP address. If you plan on hacking a website with this trick be extremely careful, because if they try a little, they can trace it back
1. Click on "Start" in the bottom left hand corner of screen
2. Click on "Run"
3. Type in "command" and hit ok
You should now be at an MSDOS prompt screen.
4. Type "ipconfig /release" just like that, and hit "enter"
5. Type "exit" and leave the prompt
6. Right-click on "Network Places" or "My Network Places" on your desktop.
7. Click on "properties"
You should now be on a screen with something titled "Local Area Connection", or something close to that, and, if you have a network hooked up, all of your other networks.
8. Right click on "Local Area Connection" and click "properties"
9. Double-click on the "Internet Protocol (TCP/IP)" from the list under the "General" tab
10. Click on "Use the following IP address" under the "General" tab
11. Create an IP address (It doesn't matter what it is. I just type 1 and 2 until i fill the area up).
12. Press "Tab" and it should automatically fill in the "Subnet Mask" section with default numbers.
13. Hit the "Ok" button here
14. Hit the "Ok" button again
You should now be back to the "Local Area Connection" screen.
15. Right-click back on "Local Area Connection" and go to properties again.
16. Go back to the "TCP/IP" settings
17. This time, select "Obtain an IP address automatically"
tongue.gif 18. Hit "Ok"
19. Hit "Ok" again
20. You now have a new IP address
With a little practice, you can easily get this process down to 15 seconds.
P.S:
This only changes your dynamic IP address, not your ISP/IP address. If you plan on hacking a website with this trick be extremely careful, because if they try a little, they can trace it back
Change The Default Location For Installing Apps
As the size of hardrives increase, more people are using partitions to seperate and store groups of files.
XP uses the C:\Program Files directory as the default base directory into which new programs are installed. However, you can change the default installation drive and/ or directory by using a Registry hack.
Run the Registry Editor (regedit)and go to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
Look for the value named ProgramFilesDir. by default,this value will be C:\Program Files. Edit the value to any valid drive or folder and XP will use that new location as the default installation directory for new programs.
XP uses the C:\Program Files directory as the default base directory into which new programs are installed. However, you can change the default installation drive and/ or directory by using a Registry hack.
Run the Registry Editor (regedit)and go to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion
Look for the value named ProgramFilesDir. by default,this value will be C:\Program Files. Edit the value to any valid drive or folder and XP will use that new location as the default installation directory for new programs.
CMD Prompt here, add to folder context menu windows xp
add the open cmd prompt to folder context menus
also drives and My Computer
copy what's in the code area to notepad and save as cmd here.reg
CODE
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\Drive\shell\cmd]
@="Command Prompt"
[HKEY_CLASSES_ROOT\Drive\shell\cmd\command]
@="cmd.exe /k \"cd %L\""
[HKEY_CLASSES_ROOT\Directory\shell\cmd]
@="Command Prompt"
[HKEY_CLASSES_ROOT\Directory\shell\cmd\command]
@="cmd.exe /k \"cd %L\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\cmd]
@="Command Prompt"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\cmd\command]
@="cmd.exe /k \"cd %L\""
also drives and My Computer
copy what's in the code area to notepad and save as cmd here.reg
CODE
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\Drive\shell\cmd]
@="Command Prompt"
[HKEY_CLASSES_ROOT\Drive\shell\cmd\command]
@="cmd.exe /k \"cd %L\""
[HKEY_CLASSES_ROOT\Directory\shell\cmd]
@="Command Prompt"
[HKEY_CLASSES_ROOT\Directory\shell\cmd\command]
@="cmd.exe /k \"cd %L\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\cmd]
@="Command Prompt"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\cmd\command]
@="cmd.exe /k \"cd %L\""
Closing Open Holes, System Security How to close open holes
Closing Open Holes
September 27, 2000
By Ankit Fadia
With the spread of Hackers and Hacking incidents, the time has come, when not only system administrators of servers of big companies, but also people who connect to the Internet by dialing up into their ISP, have to worry about securing their system. It really does not make much difference whether you have a static IP or a dynamic one, if your system is connected to the Internet, then there is every chance of it being attacked.
This manual is aimed at discussing methods of system security analysis and will shed light on as to how to secure your standalone (also a system connected to a LAN) system.
Open Ports: A Threat to Security?
In the Netstat Tutorial we had discussed how the netstat -a command showed the list of open ports on your system. Well, anyhow, before I move on, I would like to quickly recap the important part. So here goes, straight from the netstat tutorial:
Now, the ??a? option is used to display all open connections on the local machine. It also returns the remote system to which we are connected to, the port numbers of the remote system we are connected to (and the local machine) and also the type and state of connection we have with the remote system.
For Example,
C:\windows>netstat -a
Active Connections
Proto Local Address Foreign Address State
TCP ankit:1031 dwarf.box.sk:ftp ESTABLISHED
TCP ankit:1036 dwarf.box.sk:ftp-data TIME_WAIT
TCP ankit:1043 banners.egroups.com:80 FIN_WAIT_2
TCP ankit:1045 mail2.mtnl.net.in:pop3 TIME_WAIT
TCP ankit:1052 zztop.boxnetwork.net:80 ESTABLISHED
TCP ankit:1053 mail2.mtnl.net.in:pop3 TIME_WAIT
UDP ankit:1025 *:*
UDP ankit:nbdatagram *:*
Now, let us take a single line from the above output and see what it stands for:
Proto Local Address Foreign Address State
TCP ankit:1031 dwarf.box.sk:ftp ESTABLISHED
Now, the above can be arranged as below:
Protocol: TCP (This can be Transmission Control Protocol or TCP, User Datagram Protocol or UDP or sometimes even, IP or Internet Protocol.)
Local System Name: ankit (This is the name of the local system that you set during the Windows setup.)
Local Port opened and being used by this connection: 1031
Remote System: dwarf.box.sk (This is the non-numerical form of the system to which we are connected.)
Remote Port: ftp (This is the port number of the remote system dwarf.box.sk to which we are connected.)
State of Connection: ESTABLISHED
?Netstat? with the ??a? argument is normally used, to get a list of open ports on your own system i.e. on the local system. This can be particularly useful to check and see whether your system has a Trojan installed or not. Yes, most good Antiviral software are able to detect the presence of Trojans, but, we are hackers, and need to software to tell us, whether we are infected or not. Besides, it is more fun to do something manually than to simply click on the ?Scan? button and let some software do it.
The following is a list of Trojans and the port numbers which they use, if you Netstat yourself and find any of the following open, then you can be pretty sure, that you are infected.
Port 12345(TCP) Netbus
Port 31337(UDP) Back Orifice
For complete list, refer to the Tutorial on Trojans at: hackingtruths.box.sk/trojans.txt
----
Now, the above tutorial resulted in a number of people raising questions like: If the 'netstat -a' command shows open ports on my system, does this mean that anyone can connect to them? Or, How can I close these open ports? How do I know if an open port is a threat to my system's security of not? Well, the answer to all these question would be clear, once you read the below paragraph:
Now, the thing to understand here is that, Port numbers are divided into three ranges:
The Well Known Ports are those from 0 through 1023. This range or ports is bound to the services running on them. By this what I mean is that each port usually has a specific service running on it. You see there is an internationally accepted Port Numbers to Services rule, (refer RFC 1700 Here) which specifies as to on what port number a particular service runs. For Example, By Default or normally FTP runs on Port 21. So if you find that Port 21 is open on a particular system, then it usually means that that particular system uses the FTP Protocol to transfer files. However, please note that some smart system administrators delibrately i.e. to fool lamers run fake services on popular ports. For Example, a system might be running a fake FTP daemon on Port 21. Although you get the same interface like the FTP daemon banner, response numbers etc, however, it actually might be a software logging your prescence and sometimes even tracing you!!!
The Registered Ports are those from 1024 through 49151. This range of port numbers is not bound to any specific service. Actually, Networking utlites like your Browser, Email Client, FTP software opens a random port within this range and starts a communication with the remote server. A port number within this range is the reason why you are able to surf the net or check your email etc.
If you find that when you give the netstat -a command, then a number of ports within this range are open, then you should probably not worry. These ports are simply opened so that you can get your software applications to do what you want them to do. These ports are opened temporarily by various applications to perform tasks. They act as a buffer transfering packets (data) received to the application and vis-a-versa. Once you close the application, then you find that these ports are closed automatically. For Example, when you type www.hotmail.com in your browser, then your browser randomly chooses a Registered Port and uses it as a buffer to communicate with the various remote servers involved.
The Dynamic and/or Private Ports are those from 49152 through 65535. This range is rarely used, and is mostly used by trojans, however some application do tend to use such high range port numbers. For Example,Sun starts their RPC ports at 32768.
So this basically brings us to what to do if you find that Netstat gives you a couple of open ports on your system:
1. Check the Trojan Port List and check if the open port matches with any of the popular ones. If it does then get a trojan Removal and remove the trojan.
2. If it doesn't or if the Trojan Remover says: No trojan found, then see if the open port lies in the registered Ports range. If yes, then you have nothing to worry, so forget about it.
***********************
HACKING TRUTH: A common technique employed by a number of system administrators, is remapping ports. For example, normally the default port for HTTP is 80. However, the system administrator could also remap it to Port 8080. Now, if that is the case, then the homepage hosted at that server would be at:
http://domain.com:8080 instead of
http://domain.com:80
The idea behind Port Remapping is that instead of running a service on a well known port, where it can easily be exploited, it would be better to run it on a not so well known port, as the hacker, would find it more difficult to find that service. He would have to port scan high range of numbers to discover port remapping.
The ports used for remapping are usually pretty easy to remember. They are choosen keeping in mind the default port number at which the service being remapped should be running. For Example, POP by default runs on Port 110. However, if you were to remap it, you would choose any of the following: 1010, 11000, 1111 etc etc
Some sysadmins also like to choose Port numbers in the following manner: 1234,2345,3456,4567 and so on... Yet another reason as to why Port Remapping is done, is that on a Unix System to be able to listen to a port under 1024, you must have root previledges.
************************
Firewalls
Use of Firewalls is no longer confined to servers or websites or commerical companies. Even if you simply dial up into your ISP or use PPP (Point to Point Protocol) to surf the net, you simply cannot do without a firewall. So what exactly is a firewall?
Well, in non-geek language, a firewall is basically a shield which protects your system from the untrusted non-reliable systems connected to the Internet. It is a software which listens to all ports on your system for any attempts to open a connection and when it detects such an attempt, then it reacts according to the predefined set of rules. So basically, a firewall is something that protects the network(or systen) from the Internet. It is derived from the concept of firewalls used in vehicles which is a barrier made of fire resistant material protecting the vehicle in case of fire.
Now, for a better 'according to the bible' defination of a firewall: A firewall is best described as a software or hardware or both Hardware and Software packet filter that allows only selected packets to pass through from the Internet to your private internal network. A firewall is a system or a group of systems which guard a trusted network( The Internal Private Network from the untrusted network (The Internet.)
NOTE: This was a very brief desciption of what a firewall is, I would not be going into the details of their working in this manual.
Anyway,the term 'Firewalls', (which were generally used by companies for commerical purposes) has evolved into a new term called 'Personal Firewalls'. Now this term is basically used to refer to firewalls installed on a standalone system which may or may not be networked i.e. It usually connects to an ISP. Or in other words a personal firewall is a firewall used for personal use.
Now that you have a basic desciption as to what a firewall is, let us move on to why exactly you need to install a Firewall? Or, how can not installing a firewall pose a threat to the security of your system?
You see, when you are connected to the Internet, then you have millions of other untrusted systems connected to it as well. If somehow someone found out your IP address, then they could do probably anything to your system. They could exploit any vulnerability existing in your system, damage your data, and even use your system to hack into other computers.
Finding out someone'e IP Address is not very difficult. Anybody can find out your IP, through various Chat Services, Instant Messengers (ICQ, MSN, AOL etc), through a common ISP and numerous other ways. Infact finding out the IP Address of a specific person is not always the priority of some hackers.
What I mean to say by that is that there are a number of Scripts and utilities available which scan all IP addresses between a certain range for predefined common vulnerabilities. For Example, Systems with File Sharing Enabled or a system running an OS which is vulnerable to the Ping of Death attack etc etc As soon as a vulnerable system is found, then they use the IP to carry out the attacks.
The most common scanners look for systems with RAT's or Remote Administration Tools installed. They send a packet to common Trojan ports and display whether the victim's system has that Trojan installed or not. The 'Scan Range of IP Addresses' that these programs accept are quite wide and one can easily find a vulnerable system in the matter of minutes or even seconds.
Trojan Horses like Back Orifice provide remote access to your system and can set up a password sniffer. The combination of a back door and a sniffer is a dangerous one: The back door provides future remote access, while the sniffer may reveal important information about you like your other Passwords, Bank Details, Credit Card Numbers, Social Security Number etc If your home system is connected to a local LAN and the attacker manages to install a backdoor on it, then you probably have given the attacker the same access level to your internal network, as you have. This wouls also mean that you will have created a back door into your network that bypasses any firewall that may be guarding the front door.
You may argue with me that as you are using a dial up link to your ISP via PPP, the attacker would be able to access your machine only when you are online. Well, yes that is true, however, not completely true. Yes, it does make access to your system when you reconnect, difficult, as you have a dynamic Internet Protocol Address. But, although this provides a faint hope of protection, routine scanning of the range of IP's in which your IP lies, will more often than not reveal your current Dynamic IP and the back door will provide access to your system.
*******************
HACKING TRUTH: Microsoft Says: War Dialer programs automatically scan for modems by trying every phone number within an exchange. If the modem can only be used for dial-out connections, a War Dialer won't discover it. However, PPP changes the equation, as it provides bidirectional transportmaking any connected system visible to scanners?and attackers.
*******************
So how do I protect myself from such Scans and unsolicitated attacks? Well, this is where Personal Firewalls come in. They just like their name suggests, protect you from unsolicitated connection probes, scans, attacks.
They listen to all ports for any connection requests received (from both legitimate and fake hosts) and sent (by applications like Browser, Email Client etc.) As soon as such an instance is recorded, it pops up a warning asking you what to do or whether to allow the connection to initiate or not. This warning message also contains the IP which is trying to initiate the connection and also the Port Number to which it is trying to connect i.e. the Port to which the packet was sent. It also protects your system from Port Scans, DOS Attacks, Vulnerability attacks etc. So basically it acts as a shield or a buffer which does not allow your system to communicate with the untrusted systems directly.
Most Personal Firewalls have extensive logging facilities which allows you to track down the attackers. Some popular firewalls are:
1.BlackICE Defender : An IDS for PC's. It's available at http://www.networkice.com.
2. ZoneAlarm: The easiest to setup and manage firewall. Get it for free at: www.zonelabs.com
Once you have installed a firewall on your system, you will often get a number of Warnings which might seem to be as if someone is trying to break into your system, however, they are actually bogus messages, which are caused by either your OS itself or due to the process called Allocation of Dynamic IP's. For a details description of these two, read on.
Many people complain that as soon as they dial into their ISP, their firewall says that such and such IP is probing Port X. What causes them?
Well, this is quite common. The cause is that somebody hung up just before you dialed in and your ISP assigned you the same IP address. You are now seeing the remains of communication with the previous person. This is most common when the person to which the IP was assigned earlier was using ICQ or chat programs, was connected to a Game Server or simply turned off his modem before his communication with remote servers was complete.
You might even get a message like: Such and Such IP is trying to initaite a Netbios Session on Port X. This again is extrememly common. The following is an explanation as to why it happens, which I picked up a couple of days ago: NetBIOS requests to UDP port 137 are the most common item you will see in your firewall reject logs. This comes about from a feature in Microsoft's Windows: when a program resolves an IP address into a name, it may send a NetBIOS query to IP address. This is part of the background radiation of the Internet, and is nothing to be concerned about.
What Causes them? On virtually all systems (UNIX, Macintosh, Windows), programs call the function 'gethostbyaddr()' with the desired address. This function will then do the appropriate lookup, and return the name. This function is part of the sockets API. The key thing to remember about gethostbyaddr() is that it is virtual. It doesn't specify how it resolves an address into a name. In practice, it will use all available mechanisms. If we look at UNIX, Windows, and Macintosh systems, we see the following techniques:
DNS in-addr.arpa PTR queries sent to the DNS server
NetBIOS NodeStatus queries sent to the IP address
lookups in the /etc/hosts file
AppleTalk over IP name query sent to the IP address
RPC query sent to the UNIX NIS server
NetBIOS lookup sent to the WINS server
Windows systems do the /etc/hosts, DNS, WINS, and NodeStatus techniques. In more excruciating detail, Microsoft has a generic system component called a naming service. All the protocol stacks in the system (NetBIOS, TCP/IP, Novel IPX, AppleTalk, Banyan, etc.) register the kinds of name resolutions they can perform. Some RPC products will likewise register an NIS naming service. When a program requests to resolve an address, this address gets passed onto the generic naming service. Windows will try each registered name resolution subsystem sequentially until it gets an answer.
(Side note: User's sometimes complained that accessing Windows servers is slow. This is caused by installing unneeded protocol stacks that must timeout first before the real protocol stack is queried for the server name.).
The order in which it performs these resolution steps for IP addresses can be configured under the Windows registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\ServiceProvider.
Breaking Through Firewalls
Although Firewalls are meant to provide your complete protection from Port Scan probes etc there are several holes existing in popular firewalls, waiting to be exploited. In this issue, I will discuss a hole in ZoneAlarm Version 2.1.10 to 2.0.26, which allows the attacker to port scan the target system (Although normally it should stop such scans.)
If one uses port 67 as the source port of a TCP or UDP scan, ZoneAlarm will let the packet through and will not notify the user. This means, that one can TCP or UDP port scan a ZoneAlarm protected computer as if there were no firewall there IF one uses port 67 as the source port on the packets.
Exploit:
UDP Scan:
You can use NMap to port scan the host with the following command line:
nmap -g67 -P0 -p130-140 -sU 192.168.128.88
(Notice the -g67 which specifies source port).
TCP Scan:
You can use NMap to port scan the host with the following command line:
nmap -g67 -P0 -p130-140 -sS 192.168.128.88
(Notice the -g67 which specifies source port).
Ankit Fadia
September 27, 2000
By Ankit Fadia
With the spread of Hackers and Hacking incidents, the time has come, when not only system administrators of servers of big companies, but also people who connect to the Internet by dialing up into their ISP, have to worry about securing their system. It really does not make much difference whether you have a static IP or a dynamic one, if your system is connected to the Internet, then there is every chance of it being attacked.
This manual is aimed at discussing methods of system security analysis and will shed light on as to how to secure your standalone (also a system connected to a LAN) system.
Open Ports: A Threat to Security?
In the Netstat Tutorial we had discussed how the netstat -a command showed the list of open ports on your system. Well, anyhow, before I move on, I would like to quickly recap the important part. So here goes, straight from the netstat tutorial:
Now, the ??a? option is used to display all open connections on the local machine. It also returns the remote system to which we are connected to, the port numbers of the remote system we are connected to (and the local machine) and also the type and state of connection we have with the remote system.
For Example,
C:\windows>netstat -a
Active Connections
Proto Local Address Foreign Address State
TCP ankit:1031 dwarf.box.sk:ftp ESTABLISHED
TCP ankit:1036 dwarf.box.sk:ftp-data TIME_WAIT
TCP ankit:1043 banners.egroups.com:80 FIN_WAIT_2
TCP ankit:1045 mail2.mtnl.net.in:pop3 TIME_WAIT
TCP ankit:1052 zztop.boxnetwork.net:80 ESTABLISHED
TCP ankit:1053 mail2.mtnl.net.in:pop3 TIME_WAIT
UDP ankit:1025 *:*
UDP ankit:nbdatagram *:*
Now, let us take a single line from the above output and see what it stands for:
Proto Local Address Foreign Address State
TCP ankit:1031 dwarf.box.sk:ftp ESTABLISHED
Now, the above can be arranged as below:
Protocol: TCP (This can be Transmission Control Protocol or TCP, User Datagram Protocol or UDP or sometimes even, IP or Internet Protocol.)
Local System Name: ankit (This is the name of the local system that you set during the Windows setup.)
Local Port opened and being used by this connection: 1031
Remote System: dwarf.box.sk (This is the non-numerical form of the system to which we are connected.)
Remote Port: ftp (This is the port number of the remote system dwarf.box.sk to which we are connected.)
State of Connection: ESTABLISHED
?Netstat? with the ??a? argument is normally used, to get a list of open ports on your own system i.e. on the local system. This can be particularly useful to check and see whether your system has a Trojan installed or not. Yes, most good Antiviral software are able to detect the presence of Trojans, but, we are hackers, and need to software to tell us, whether we are infected or not. Besides, it is more fun to do something manually than to simply click on the ?Scan? button and let some software do it.
The following is a list of Trojans and the port numbers which they use, if you Netstat yourself and find any of the following open, then you can be pretty sure, that you are infected.
Port 12345(TCP) Netbus
Port 31337(UDP) Back Orifice
For complete list, refer to the Tutorial on Trojans at: hackingtruths.box.sk/trojans.txt
----
Now, the above tutorial resulted in a number of people raising questions like: If the 'netstat -a' command shows open ports on my system, does this mean that anyone can connect to them? Or, How can I close these open ports? How do I know if an open port is a threat to my system's security of not? Well, the answer to all these question would be clear, once you read the below paragraph:
Now, the thing to understand here is that, Port numbers are divided into three ranges:
The Well Known Ports are those from 0 through 1023. This range or ports is bound to the services running on them. By this what I mean is that each port usually has a specific service running on it. You see there is an internationally accepted Port Numbers to Services rule, (refer RFC 1700 Here) which specifies as to on what port number a particular service runs. For Example, By Default or normally FTP runs on Port 21. So if you find that Port 21 is open on a particular system, then it usually means that that particular system uses the FTP Protocol to transfer files. However, please note that some smart system administrators delibrately i.e. to fool lamers run fake services on popular ports. For Example, a system might be running a fake FTP daemon on Port 21. Although you get the same interface like the FTP daemon banner, response numbers etc, however, it actually might be a software logging your prescence and sometimes even tracing you!!!
The Registered Ports are those from 1024 through 49151. This range of port numbers is not bound to any specific service. Actually, Networking utlites like your Browser, Email Client, FTP software opens a random port within this range and starts a communication with the remote server. A port number within this range is the reason why you are able to surf the net or check your email etc.
If you find that when you give the netstat -a command, then a number of ports within this range are open, then you should probably not worry. These ports are simply opened so that you can get your software applications to do what you want them to do. These ports are opened temporarily by various applications to perform tasks. They act as a buffer transfering packets (data) received to the application and vis-a-versa. Once you close the application, then you find that these ports are closed automatically. For Example, when you type www.hotmail.com in your browser, then your browser randomly chooses a Registered Port and uses it as a buffer to communicate with the various remote servers involved.
The Dynamic and/or Private Ports are those from 49152 through 65535. This range is rarely used, and is mostly used by trojans, however some application do tend to use such high range port numbers. For Example,Sun starts their RPC ports at 32768.
So this basically brings us to what to do if you find that Netstat gives you a couple of open ports on your system:
1. Check the Trojan Port List and check if the open port matches with any of the popular ones. If it does then get a trojan Removal and remove the trojan.
2. If it doesn't or if the Trojan Remover says: No trojan found, then see if the open port lies in the registered Ports range. If yes, then you have nothing to worry, so forget about it.
***********************
HACKING TRUTH: A common technique employed by a number of system administrators, is remapping ports. For example, normally the default port for HTTP is 80. However, the system administrator could also remap it to Port 8080. Now, if that is the case, then the homepage hosted at that server would be at:
http://domain.com:8080 instead of
http://domain.com:80
The idea behind Port Remapping is that instead of running a service on a well known port, where it can easily be exploited, it would be better to run it on a not so well known port, as the hacker, would find it more difficult to find that service. He would have to port scan high range of numbers to discover port remapping.
The ports used for remapping are usually pretty easy to remember. They are choosen keeping in mind the default port number at which the service being remapped should be running. For Example, POP by default runs on Port 110. However, if you were to remap it, you would choose any of the following: 1010, 11000, 1111 etc etc
Some sysadmins also like to choose Port numbers in the following manner: 1234,2345,3456,4567 and so on... Yet another reason as to why Port Remapping is done, is that on a Unix System to be able to listen to a port under 1024, you must have root previledges.
************************
Firewalls
Use of Firewalls is no longer confined to servers or websites or commerical companies. Even if you simply dial up into your ISP or use PPP (Point to Point Protocol) to surf the net, you simply cannot do without a firewall. So what exactly is a firewall?
Well, in non-geek language, a firewall is basically a shield which protects your system from the untrusted non-reliable systems connected to the Internet. It is a software which listens to all ports on your system for any attempts to open a connection and when it detects such an attempt, then it reacts according to the predefined set of rules. So basically, a firewall is something that protects the network(or systen) from the Internet. It is derived from the concept of firewalls used in vehicles which is a barrier made of fire resistant material protecting the vehicle in case of fire.
Now, for a better 'according to the bible' defination of a firewall: A firewall is best described as a software or hardware or both Hardware and Software packet filter that allows only selected packets to pass through from the Internet to your private internal network. A firewall is a system or a group of systems which guard a trusted network( The Internal Private Network from the untrusted network (The Internet.)
NOTE: This was a very brief desciption of what a firewall is, I would not be going into the details of their working in this manual.
Anyway,the term 'Firewalls', (which were generally used by companies for commerical purposes) has evolved into a new term called 'Personal Firewalls'. Now this term is basically used to refer to firewalls installed on a standalone system which may or may not be networked i.e. It usually connects to an ISP. Or in other words a personal firewall is a firewall used for personal use.
Now that you have a basic desciption as to what a firewall is, let us move on to why exactly you need to install a Firewall? Or, how can not installing a firewall pose a threat to the security of your system?
You see, when you are connected to the Internet, then you have millions of other untrusted systems connected to it as well. If somehow someone found out your IP address, then they could do probably anything to your system. They could exploit any vulnerability existing in your system, damage your data, and even use your system to hack into other computers.
Finding out someone'e IP Address is not very difficult. Anybody can find out your IP, through various Chat Services, Instant Messengers (ICQ, MSN, AOL etc), through a common ISP and numerous other ways. Infact finding out the IP Address of a specific person is not always the priority of some hackers.
What I mean to say by that is that there are a number of Scripts and utilities available which scan all IP addresses between a certain range for predefined common vulnerabilities. For Example, Systems with File Sharing Enabled or a system running an OS which is vulnerable to the Ping of Death attack etc etc As soon as a vulnerable system is found, then they use the IP to carry out the attacks.
The most common scanners look for systems with RAT's or Remote Administration Tools installed. They send a packet to common Trojan ports and display whether the victim's system has that Trojan installed or not. The 'Scan Range of IP Addresses' that these programs accept are quite wide and one can easily find a vulnerable system in the matter of minutes or even seconds.
Trojan Horses like Back Orifice provide remote access to your system and can set up a password sniffer. The combination of a back door and a sniffer is a dangerous one: The back door provides future remote access, while the sniffer may reveal important information about you like your other Passwords, Bank Details, Credit Card Numbers, Social Security Number etc If your home system is connected to a local LAN and the attacker manages to install a backdoor on it, then you probably have given the attacker the same access level to your internal network, as you have. This wouls also mean that you will have created a back door into your network that bypasses any firewall that may be guarding the front door.
You may argue with me that as you are using a dial up link to your ISP via PPP, the attacker would be able to access your machine only when you are online. Well, yes that is true, however, not completely true. Yes, it does make access to your system when you reconnect, difficult, as you have a dynamic Internet Protocol Address. But, although this provides a faint hope of protection, routine scanning of the range of IP's in which your IP lies, will more often than not reveal your current Dynamic IP and the back door will provide access to your system.
*******************
HACKING TRUTH: Microsoft Says: War Dialer programs automatically scan for modems by trying every phone number within an exchange. If the modem can only be used for dial-out connections, a War Dialer won't discover it. However, PPP changes the equation, as it provides bidirectional transportmaking any connected system visible to scanners?and attackers.
*******************
So how do I protect myself from such Scans and unsolicitated attacks? Well, this is where Personal Firewalls come in. They just like their name suggests, protect you from unsolicitated connection probes, scans, attacks.
They listen to all ports for any connection requests received (from both legitimate and fake hosts) and sent (by applications like Browser, Email Client etc.) As soon as such an instance is recorded, it pops up a warning asking you what to do or whether to allow the connection to initiate or not. This warning message also contains the IP which is trying to initiate the connection and also the Port Number to which it is trying to connect i.e. the Port to which the packet was sent. It also protects your system from Port Scans, DOS Attacks, Vulnerability attacks etc. So basically it acts as a shield or a buffer which does not allow your system to communicate with the untrusted systems directly.
Most Personal Firewalls have extensive logging facilities which allows you to track down the attackers. Some popular firewalls are:
1.BlackICE Defender : An IDS for PC's. It's available at http://www.networkice.com.
2. ZoneAlarm: The easiest to setup and manage firewall. Get it for free at: www.zonelabs.com
Once you have installed a firewall on your system, you will often get a number of Warnings which might seem to be as if someone is trying to break into your system, however, they are actually bogus messages, which are caused by either your OS itself or due to the process called Allocation of Dynamic IP's. For a details description of these two, read on.
Many people complain that as soon as they dial into their ISP, their firewall says that such and such IP is probing Port X. What causes them?
Well, this is quite common. The cause is that somebody hung up just before you dialed in and your ISP assigned you the same IP address. You are now seeing the remains of communication with the previous person. This is most common when the person to which the IP was assigned earlier was using ICQ or chat programs, was connected to a Game Server or simply turned off his modem before his communication with remote servers was complete.
You might even get a message like: Such and Such IP is trying to initaite a Netbios Session on Port X. This again is extrememly common. The following is an explanation as to why it happens, which I picked up a couple of days ago: NetBIOS requests to UDP port 137 are the most common item you will see in your firewall reject logs. This comes about from a feature in Microsoft's Windows: when a program resolves an IP address into a name, it may send a NetBIOS query to IP address. This is part of the background radiation of the Internet, and is nothing to be concerned about.
What Causes them? On virtually all systems (UNIX, Macintosh, Windows), programs call the function 'gethostbyaddr()' with the desired address. This function will then do the appropriate lookup, and return the name. This function is part of the sockets API. The key thing to remember about gethostbyaddr() is that it is virtual. It doesn't specify how it resolves an address into a name. In practice, it will use all available mechanisms. If we look at UNIX, Windows, and Macintosh systems, we see the following techniques:
DNS in-addr.arpa PTR queries sent to the DNS server
NetBIOS NodeStatus queries sent to the IP address
lookups in the /etc/hosts file
AppleTalk over IP name query sent to the IP address
RPC query sent to the UNIX NIS server
NetBIOS lookup sent to the WINS server
Windows systems do the /etc/hosts, DNS, WINS, and NodeStatus techniques. In more excruciating detail, Microsoft has a generic system component called a naming service. All the protocol stacks in the system (NetBIOS, TCP/IP, Novel IPX, AppleTalk, Banyan, etc.) register the kinds of name resolutions they can perform. Some RPC products will likewise register an NIS naming service. When a program requests to resolve an address, this address gets passed onto the generic naming service. Windows will try each registered name resolution subsystem sequentially until it gets an answer.
(Side note: User's sometimes complained that accessing Windows servers is slow. This is caused by installing unneeded protocol stacks that must timeout first before the real protocol stack is queried for the server name.).
The order in which it performs these resolution steps for IP addresses can be configured under the Windows registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\ServiceProvider.
Breaking Through Firewalls
Although Firewalls are meant to provide your complete protection from Port Scan probes etc there are several holes existing in popular firewalls, waiting to be exploited. In this issue, I will discuss a hole in ZoneAlarm Version 2.1.10 to 2.0.26, which allows the attacker to port scan the target system (Although normally it should stop such scans.)
If one uses port 67 as the source port of a TCP or UDP scan, ZoneAlarm will let the packet through and will not notify the user. This means, that one can TCP or UDP port scan a ZoneAlarm protected computer as if there were no firewall there IF one uses port 67 as the source port on the packets.
Exploit:
UDP Scan:
You can use NMap to port scan the host with the following command line:
nmap -g67 -P0 -p130-140 -sU 192.168.128.88
(Notice the -g67 which specifies source port).
TCP Scan:
You can use NMap to port scan the host with the following command line:
nmap -g67 -P0 -p130-140 -sS 192.168.128.88
(Notice the -g67 which specifies source port).
Ankit Fadia
Choosing A Good Domain Name, ya..good name is important!
Another good tip for successful web experience..injoy it!
Choosing A Good Domain Name
Choosing a domain name for your site is one of the most important steps towards creating the perfect internet presence. If you run an on-line business, picking a name that will be marketable and achieve success in search engine placement is paramount. Many factors must be considered when choosing a good domain name. This article summarizes all the different things to consider before making that final registration step!
Short and Sweet
Domain names can be really long or really short (1 - 67 characters). In general, it is far better to choose a domain name that is short in length. The shorter your domain name, the easier it will be for people remember. Remembering a domain name is very important from a marketability perspective. As visitors reach your site and enjoy using it, they will likely tell people about it. And those people may tell others, etc. As with any business, word of mouth is the most powerful marketing tool to drive traffic to your site (and it's free too!). If your site is long and difficult to pronounce, people will not remember the name of the site and unless they bookmark the link, they may never return.
Consider Alternatives
Unless a visitor reaches your site through a bookmark or a link from another site, they have typed in your domain name. Most people on the internet are terrible typists and misspell words constantly. If your domain name is easy to misspell, you should think about alternate domain names to purchase. For example, if your site will be called "MikesTools.com", you should also consider buying "MikeTools.com" and "MikeTool.com". You should also secure the different top level domain names besides the one you will use for marketing purposes ("MikesTools.net", "MikesTools.org", etc.) You should also check to see if there are existing sites based on the misspelled version of the domain name you are considering. "MikesTools.com" may be available, but "MikesTool.com" may be home to a graphic pornography site. You would hate for a visitor to walk away thinking you were hosting something they did not expect.
Also consider domain names that may not include the name of your company, but rather what your company provides. For example, if the name of your company is Mike's Tools, you may want to consider domain names that target what you sell. For example: "buyhammers.com" or "hammer-and-nail.com". Even though these example alternative domain names do not include the name of your company, it provides an avenue for visitors from your target markets. Remember that you can own multiple domain names, all of which can point to a single domain. For example, you could register "buyhammers.com", "hammer-and-nail.com", and "mikestools.com" and have "buyhammers.com" and "hammer-and-nail.com" point to "mikestools.com".
Hyphens: Your Friend and Enemy
Domain name availability has become more and more scant over the years. Many single word domain names have been scooped up which it makes it more and more difficult to find a domain name that you like and is available. When selecting a domain name, you have the option of including hyphens as part of the name. Hyphens help because it allows you to clearly separate multiple words in a domain name, making it less likely that a person will accidentally misspell the name. For example, people are more likely to misspell "domainnamecenter.com" than they are "domain-name-center.com". Having words crunched together makes it hard on the eyes, increasing the likelihood of a misspelling. On the other hand, hyphens make your domain name longer. The longer the domain name, the easier it is for people to forget it altogether. Also, if someone recommends a site to someone else, they may forget to mention that each word in the domain name is separated by a hyphen. If do you choose to leverage hyphens, limit the number of words between the hyphens to three. Another advantage to using hyphens is that search engines are able to pick up each unique word in the domain name as key words, thus helping to make your site more visible in search engine results.
Dot What?
There are many top level domain names available today including .com, .net, .org, and .biz. In most cases, the more unusual the top level domain, the more available domain names are available. However, the .com top level domain is far and away the most commonly used domain on the internet, driven by the fact that it was the first domain extension put to use commercially and has received incredible media attention. If you cannot lay your hands on a .com domain name, look for a .net domain name, which is the second most commercially popular domain name extension.
Long Arm of the Law
Be very careful not to register domain names that include trademarked names. Although internet domain name law disputes are tricky and have few cases in existence, the risk of a legal battle is not a risk worth taking. Even if you believe your domain name is untouchable by a business that has trademarked a name, do not take the chance: the cost of litigation is extremely high and unless you have deep pockets you will not likely have the resources to defend yourself in a court of law. Even stay away from domain names in which part of the name is trademarked: the risks are the same.
Search Engines and Directories
All search engines and directories are different. Each has a unique process for being part of the results or directory listing and each has a different way of sorting and listing domain names. Search engines and directories are the most important on-line marketing channel, so consider how your domain name choice affects site placement before you register the domain. Most directories simply list links to home pages in alphabetical order. If possible, choose a domain name with a letter of the alphabet near the beginning ("a" or "b"). For example, "aardvark-pest-control.com" will come way above "joes-pest-control.com". However, check the directories before you choose a domain name. You may find that the directories you would like be in are already cluttered with domain names beginning with the letter "a". Search engines scan websites and sort results based on key words. Key words are words that a person visiting a search engine actually search on. Having key words as part of your domain name can help you get better results.
Choosing A Good Domain Name
Choosing a domain name for your site is one of the most important steps towards creating the perfect internet presence. If you run an on-line business, picking a name that will be marketable and achieve success in search engine placement is paramount. Many factors must be considered when choosing a good domain name. This article summarizes all the different things to consider before making that final registration step!
Short and Sweet
Domain names can be really long or really short (1 - 67 characters). In general, it is far better to choose a domain name that is short in length. The shorter your domain name, the easier it will be for people remember. Remembering a domain name is very important from a marketability perspective. As visitors reach your site and enjoy using it, they will likely tell people about it. And those people may tell others, etc. As with any business, word of mouth is the most powerful marketing tool to drive traffic to your site (and it's free too!). If your site is long and difficult to pronounce, people will not remember the name of the site and unless they bookmark the link, they may never return.
Consider Alternatives
Unless a visitor reaches your site through a bookmark or a link from another site, they have typed in your domain name. Most people on the internet are terrible typists and misspell words constantly. If your domain name is easy to misspell, you should think about alternate domain names to purchase. For example, if your site will be called "MikesTools.com", you should also consider buying "MikeTools.com" and "MikeTool.com". You should also secure the different top level domain names besides the one you will use for marketing purposes ("MikesTools.net", "MikesTools.org", etc.) You should also check to see if there are existing sites based on the misspelled version of the domain name you are considering. "MikesTools.com" may be available, but "MikesTool.com" may be home to a graphic pornography site. You would hate for a visitor to walk away thinking you were hosting something they did not expect.
Also consider domain names that may not include the name of your company, but rather what your company provides. For example, if the name of your company is Mike's Tools, you may want to consider domain names that target what you sell. For example: "buyhammers.com" or "hammer-and-nail.com". Even though these example alternative domain names do not include the name of your company, it provides an avenue for visitors from your target markets. Remember that you can own multiple domain names, all of which can point to a single domain. For example, you could register "buyhammers.com", "hammer-and-nail.com", and "mikestools.com" and have "buyhammers.com" and "hammer-and-nail.com" point to "mikestools.com".
Hyphens: Your Friend and Enemy
Domain name availability has become more and more scant over the years. Many single word domain names have been scooped up which it makes it more and more difficult to find a domain name that you like and is available. When selecting a domain name, you have the option of including hyphens as part of the name. Hyphens help because it allows you to clearly separate multiple words in a domain name, making it less likely that a person will accidentally misspell the name. For example, people are more likely to misspell "domainnamecenter.com" than they are "domain-name-center.com". Having words crunched together makes it hard on the eyes, increasing the likelihood of a misspelling. On the other hand, hyphens make your domain name longer. The longer the domain name, the easier it is for people to forget it altogether. Also, if someone recommends a site to someone else, they may forget to mention that each word in the domain name is separated by a hyphen. If do you choose to leverage hyphens, limit the number of words between the hyphens to three. Another advantage to using hyphens is that search engines are able to pick up each unique word in the domain name as key words, thus helping to make your site more visible in search engine results.
Dot What?
There are many top level domain names available today including .com, .net, .org, and .biz. In most cases, the more unusual the top level domain, the more available domain names are available. However, the .com top level domain is far and away the most commonly used domain on the internet, driven by the fact that it was the first domain extension put to use commercially and has received incredible media attention. If you cannot lay your hands on a .com domain name, look for a .net domain name, which is the second most commercially popular domain name extension.
Long Arm of the Law
Be very careful not to register domain names that include trademarked names. Although internet domain name law disputes are tricky and have few cases in existence, the risk of a legal battle is not a risk worth taking. Even if you believe your domain name is untouchable by a business that has trademarked a name, do not take the chance: the cost of litigation is extremely high and unless you have deep pockets you will not likely have the resources to defend yourself in a court of law. Even stay away from domain names in which part of the name is trademarked: the risks are the same.
Search Engines and Directories
All search engines and directories are different. Each has a unique process for being part of the results or directory listing and each has a different way of sorting and listing domain names. Search engines and directories are the most important on-line marketing channel, so consider how your domain name choice affects site placement before you register the domain. Most directories simply list links to home pages in alphabetical order. If possible, choose a domain name with a letter of the alphabet near the beginning ("a" or "b"). For example, "aardvark-pest-control.com" will come way above "joes-pest-control.com". However, check the directories before you choose a domain name. You may find that the directories you would like be in are already cluttered with domain names beginning with the letter "a". Search engines scan websites and sort results based on key words. Key words are words that a person visiting a search engine actually search on. Having key words as part of your domain name can help you get better results.
Burning Bin & Cue Using Nero
Step 1 -
Modify Explorer.exe File
In order
to make the changes, the file explorer.exe located at C:\Windows needs to be
edited. Since explorer.exe is a binary file it requires a special editor. For
purposes of this article I have used Resource Hacker. Resource HackerTM is a
freeware utility to view, modify, rename, add, delete and extract resources in 32bit
Windows executables and resource files (*.res). It incorporates an internal
resource script compiler and decompiler and works on Microsoft Windows
95/98/ME, Windows NT, Windows 2000 and Windows XP operating systems.
get this
from h**p://delphi.icm.edu.pl/ftp/tools/ResHack.zip
The first
step is to make a backup copy of the file explorer.exe located at
C:\Windows\explorer. Place it in a folder somewhere on your hard drive where it
will be safe. Start Resource Hacker and open explorer.exe located at C:\Windows\explorer.exe.
The
category we are going to be using is "String Table". Expand it by
clicking the plus sign then navigate down to and expand string 37 followed by
highlighting 1033. If you are using the Classic Layout rather than the XP
Layout, use number 38. The right hand pane will display the stringtable. We’re
going to modify item 578, currently showing the word “start” just as it
displays on the current Start button.
There is
no magic here. Just double click on the word “start” so that it’s highlighted,
making sure the quotation marks are not part of the highlight. They need to
remain in place, surrounding the new text that you’ll type. Go ahead and type
your new entry. In my case I used Click Me!
You’ll
notice that after the new text string has been entered the Compile Script
button that was grayed out is now active. I won’t get into what’s involved in
compiling a script, but suffice it to say it’s going to make this exercise
worthwhile. Click Compile Script and then save the altered file using the Save
As command on the File Menu. Do not use the Save command – Make sure to use the
Save As command and choose a name for the file. Save the newly named file to
C:\Windows.
Step 2 –
Modify the Registry
!!!make a
backup of your registry before making changes!!!
Now that
the modified explorer.exe has been created it’s necessary to modify the
registry so the file will be recognized when the user logs on to the system. If
you don’t know how to access the registry I’m not sure this article is for you,
but just in case it’s a temporary memory lapse, go to Start (soon to be
something else) Run and type regedit in the Open field. Navigate to:
HKEY_LOCAL_MACHINE\
SOFTWARE\ Microsoft\ Windows NT\ CurrentVersion\ Winlogon
In the
right pane, double click the "Shell" entry to open the Edit String
dialog box. In Value data: line, enter the name that was used to save the
modified explorer.exe file. Click OK.
Close
Registry Editor and either log off the system and log back in, or reboot the
entire system if that’s your preference. If all went as planned you should see
your new Start button with the revised text.[/b]
Change Music In The Malibu And The Pole Position, GTA Vice Modders
TOOLS YOU WILL NEED (ADOBE AUDITION)
in your Grand Theft Auto Vice City / Audio folder you will see a bunch of mp3's
you wanna find
malibu.mp3
strip.mp3
stripa.mp3 (short clip only needs to be half of a song)
open a few songs for each clip you want to make.. (fade the beginning or end of the songs if you want to) and open multitrack view.. you can have them fade into eachother. once you have the multitrack session finished go to "FILE" then "SAVE MIXDOWN AS"
you want to save as a 128k 32000 Hz MONO FIle (the same type as the originals) but normal internet 128k 44.1 stereo should work also.. just save as say malibu.mp3 and then replace the one in your audio folder for the one you created.
when i walk into the Malibu i hear david banner and lil' jon singing
"YEEEAAAEEEHH!! OK!!..... WHAT!!..... WHAT!!"
in your Grand Theft Auto Vice City / Audio folder you will see a bunch of mp3's
you wanna find
malibu.mp3
strip.mp3
stripa.mp3 (short clip only needs to be half of a song)
open a few songs for each clip you want to make.. (fade the beginning or end of the songs if you want to) and open multitrack view.. you can have them fade into eachother. once you have the multitrack session finished go to "FILE" then "SAVE MIXDOWN AS"
you want to save as a 128k 32000 Hz MONO FIle (the same type as the originals) but normal internet 128k 44.1 stereo should work also.. just save as say malibu.mp3 and then replace the one in your audio folder for the one you created.
when i walk into the Malibu i hear david banner and lil' jon singing
"YEEEAAAEEEHH!! OK!!..... WHAT!!..... WHAT!!"
Caught A Virus
Caught A Virus?
If you've let your guard down--or even if you haven't--it can be hard to tell if your PC is infected. Here's what to do if you suspect the worst.
Heard this one before? You must run antivirus software and keep it up to date or else your PC will get infected, you'll lose all your data, and you'll incur the wrath of every e-mail buddy you unknowingly infect because of your carelessness.
You know they're right. Yet for one reason or another, you're not running antivirus software, or you are but it's not up to date. Maybe you turned off your virus scanner because it conflicted with another program. Maybe you got tired of upgrading after you bought Norton Antivirus 2001, 2002, and 2003. Or maybe your annual subscription of virus definitions recently expired, and you've put off renewing.
It happens. It's nothing to be ashamed of. But chances are, either you're infected right now, as we speak, or you will be very soon.
For a few days in late January, the Netsky.p worm was infecting about 2,500 PCs a day. Meanwhile the MySQL bot infected approximately 100 systems a minute (albeit not necessarily desktop PCs). As David Perry, global director of education for security software provider Trend Micro, puts it, "an unprotected [Windows] computer will become owned by a bot within 14 minutes."
Today's viruses, worms, and so-called bots--which turn your PC into a zombie that does the hacker's bidding (such as mass-mailing spam)--aren't going to announce their presence. Real viruses aren't like the ones in Hollywood movies that melt down whole networks in seconds and destroy alien spacecraft. They operate in the background, quietly altering data, stealing private operations, or using your PC for their own illegal ends. This makes them hard to spot if you're not well protected.
Is Your PC "Owned?"
I should start by saying that not every system oddity is due to a virus, worm, or bot. Is your system slowing down? Is your hard drive filling up rapidly? Are programs crashing without warning? These symptoms are more likely caused by Windows, or badly written legitimate programs, rather than malware. After all, people who write malware want to hide their program's presence. People who write commercial software put icons all over your desktop. Who's going to work harder to go unnoticed?
Other indicators that may, in fact, indicate that there's nothing that you need to worry about, include:
* An automated e-mail telling you that you're sending out infected mail. E-mail viruses and worms typically come from faked addresses.
* A frantic note from a friend saying they've been infected, and therefore so have you. This is likely a hoax. It's especially suspicious if the note tells you the virus can't be detected but you can get rid of it by deleting one simple file. Don't be fooled--and don't delete that file.
I'm not saying that you should ignore such warnings. Copy the subject line or a snippet from the body of the e-mail and plug it into your favorite search engine to see if other people have received the same note. A security site may have already pegged it as a hoax.
Sniffing Out an Infection
There are signs that indicate that your PC is actually infected. A lot of network activity coming from your system (when you're not actually using Internet) can be a good indicator that something is amiss. A good software firewall, such as ZoneAlarm, will ask your permission before letting anything leave your PC, and will give you enough information to help you judge if the outgoing data is legitimate. By the way, the firewall that comes with Windows, even the improved version in XP Service Pack 2, lacks this capability.
To put a network status light in your system tray, follow these steps: In Windows XP, choose Start, Control Panel, Network Connections, right-click the network connection you want to monitor, choose Properties, check "Show icon in notification area when connected," and click OK.
If you're interested in being a PC detective, you can sniff around further for malware. By hitting Ctrl-Alt-Delete in Windows, you'll bring up the Task Manager, which will show you the various processes your system is running. Most, if not all, are legit, but if you see a file name that looks suspicious, type it into a search engine and find out what it is.
Want another place to look? In Windows XP, click Start, Run, type "services.msc" in the box, and press Enter. You'll see detailed descriptions of the services Windows is running. Something look weird? Check with your search engine.
Finally, you can do more detective work by selecting Start, Run, and typing "msconfig" in the box. With this tool you not only see the services running, but also the programs that your system is launching at startup. Again, check for anything weird.
If any of these tools won't run--or if your security software won't run--that in itself is a good sign your computer is infected. Some viruses intentionally disable such programs as a way to protect themselves.
What to Do Next
Once you're fairly sure your system is infected, don't panic. There are steps you can take to assess the damage, depending on your current level of protection.
* If you don't have any antivirus software on your system (shame on you), or if the software has stopped working, stay online and go for a free scan at one of several Web sites. There's McAfee FreeScan, Symantec Security Check, and Trend Micro's HouseCall. If one doesn't find anything, try two. In fact, running a free online virus scan is a good way to double-check the work of your own local antivirus program. When you're done, buy or download a real antivirus program.
* If you have antivirus software, but it isn't active, get offline, unplug wires-- whatever it takes to stop your computer from communicating via the Internet. Then, promptly perform a scan with the installed software.
* If nothing seems to be working, do more research on the Web. There are several online virus libraries where you can find out about known viruses. These sites often provide instructions for removing viruses--if manual removal is possible--or a free removal tool if it isn't. Check out GriSOFT's Virus Encyclopedia, Eset's Virus Descriptions, McAffee's Virus Glossary, Symantec's Virus Encyclopedia, or Trend Micro's Virus Encyclopedia.
A Microgram of Prevention
Assuming your system is now clean, you need to make sure it stays that way. Preventing a breach of your computer's security is far more effective than cleaning up the mess afterwards. Start with a good security program, such Trend Micro's PC-Cillin, which you can buy for $50.
Don't want to shell out any money? You can cobble together security through free downloads, such as AVG Anti-Virus Free Edition, ZoneAlarm (a personal firewall), and Ad-Aware SE (an antispyware tool).
Just make sure you keep all security software up to date. The bad guys constantly try out new ways to fool security programs. Any security tool without regular, easy (if not automatic) updates isn't worth your money or your time.
Speaking of updating, the same goes for Windows. Use Windows Update (it's right there on your Start Menu) to make sure you're getting all of the high priority updates. If you run Windows XP, make sure to get the Service Pack 2 update. To find out if you already have it, right-click My Computer, and select Properties. Under the General tab, under System, it should say "Service Pack 2."
Here are a few more pointers for a virus-free life:
* Be careful with e-mail. Set your e-mail software security settings to high. Don't open messages with generic-sounding subjects that don't apply specifically to you from people you don't know. Don't open an attachment unless you're expecting it.
* If you have broadband Internet access, such as DSL or cable, get a router, even if you only have one PC. A router adds an extra layer of protection because your PC is not connecting directly with the Internet.
* Check your Internet ports. These doorways between your computer and the Internet can be open, in which case your PC is very vulnerable; closed, but still somewhat vulnerable; or stealthed (or hidden), which is safest. Visit Gibson Research's Web site and run the free ShieldsUP test to see your ports' status. If some ports show up as closed--or worse yet, open--check your router's documentation to find out how to hide them.
If you've let your guard down--or even if you haven't--it can be hard to tell if your PC is infected. Here's what to do if you suspect the worst.
Heard this one before? You must run antivirus software and keep it up to date or else your PC will get infected, you'll lose all your data, and you'll incur the wrath of every e-mail buddy you unknowingly infect because of your carelessness.
You know they're right. Yet for one reason or another, you're not running antivirus software, or you are but it's not up to date. Maybe you turned off your virus scanner because it conflicted with another program. Maybe you got tired of upgrading after you bought Norton Antivirus 2001, 2002, and 2003. Or maybe your annual subscription of virus definitions recently expired, and you've put off renewing.
It happens. It's nothing to be ashamed of. But chances are, either you're infected right now, as we speak, or you will be very soon.
For a few days in late January, the Netsky.p worm was infecting about 2,500 PCs a day. Meanwhile the MySQL bot infected approximately 100 systems a minute (albeit not necessarily desktop PCs). As David Perry, global director of education for security software provider Trend Micro, puts it, "an unprotected [Windows] computer will become owned by a bot within 14 minutes."
Today's viruses, worms, and so-called bots--which turn your PC into a zombie that does the hacker's bidding (such as mass-mailing spam)--aren't going to announce their presence. Real viruses aren't like the ones in Hollywood movies that melt down whole networks in seconds and destroy alien spacecraft. They operate in the background, quietly altering data, stealing private operations, or using your PC for their own illegal ends. This makes them hard to spot if you're not well protected.
Is Your PC "Owned?"
I should start by saying that not every system oddity is due to a virus, worm, or bot. Is your system slowing down? Is your hard drive filling up rapidly? Are programs crashing without warning? These symptoms are more likely caused by Windows, or badly written legitimate programs, rather than malware. After all, people who write malware want to hide their program's presence. People who write commercial software put icons all over your desktop. Who's going to work harder to go unnoticed?
Other indicators that may, in fact, indicate that there's nothing that you need to worry about, include:
* An automated e-mail telling you that you're sending out infected mail. E-mail viruses and worms typically come from faked addresses.
* A frantic note from a friend saying they've been infected, and therefore so have you. This is likely a hoax. It's especially suspicious if the note tells you the virus can't be detected but you can get rid of it by deleting one simple file. Don't be fooled--and don't delete that file.
I'm not saying that you should ignore such warnings. Copy the subject line or a snippet from the body of the e-mail and plug it into your favorite search engine to see if other people have received the same note. A security site may have already pegged it as a hoax.
Sniffing Out an Infection
There are signs that indicate that your PC is actually infected. A lot of network activity coming from your system (when you're not actually using Internet) can be a good indicator that something is amiss. A good software firewall, such as ZoneAlarm, will ask your permission before letting anything leave your PC, and will give you enough information to help you judge if the outgoing data is legitimate. By the way, the firewall that comes with Windows, even the improved version in XP Service Pack 2, lacks this capability.
To put a network status light in your system tray, follow these steps: In Windows XP, choose Start, Control Panel, Network Connections, right-click the network connection you want to monitor, choose Properties, check "Show icon in notification area when connected," and click OK.
If you're interested in being a PC detective, you can sniff around further for malware. By hitting Ctrl-Alt-Delete in Windows, you'll bring up the Task Manager, which will show you the various processes your system is running. Most, if not all, are legit, but if you see a file name that looks suspicious, type it into a search engine and find out what it is.
Want another place to look? In Windows XP, click Start, Run, type "services.msc" in the box, and press Enter. You'll see detailed descriptions of the services Windows is running. Something look weird? Check with your search engine.
Finally, you can do more detective work by selecting Start, Run, and typing "msconfig" in the box. With this tool you not only see the services running, but also the programs that your system is launching at startup. Again, check for anything weird.
If any of these tools won't run--or if your security software won't run--that in itself is a good sign your computer is infected. Some viruses intentionally disable such programs as a way to protect themselves.
What to Do Next
Once you're fairly sure your system is infected, don't panic. There are steps you can take to assess the damage, depending on your current level of protection.
* If you don't have any antivirus software on your system (shame on you), or if the software has stopped working, stay online and go for a free scan at one of several Web sites. There's McAfee FreeScan, Symantec Security Check, and Trend Micro's HouseCall. If one doesn't find anything, try two. In fact, running a free online virus scan is a good way to double-check the work of your own local antivirus program. When you're done, buy or download a real antivirus program.
* If you have antivirus software, but it isn't active, get offline, unplug wires-- whatever it takes to stop your computer from communicating via the Internet. Then, promptly perform a scan with the installed software.
* If nothing seems to be working, do more research on the Web. There are several online virus libraries where you can find out about known viruses. These sites often provide instructions for removing viruses--if manual removal is possible--or a free removal tool if it isn't. Check out GriSOFT's Virus Encyclopedia, Eset's Virus Descriptions, McAffee's Virus Glossary, Symantec's Virus Encyclopedia, or Trend Micro's Virus Encyclopedia.
A Microgram of Prevention
Assuming your system is now clean, you need to make sure it stays that way. Preventing a breach of your computer's security is far more effective than cleaning up the mess afterwards. Start with a good security program, such Trend Micro's PC-Cillin, which you can buy for $50.
Don't want to shell out any money? You can cobble together security through free downloads, such as AVG Anti-Virus Free Edition, ZoneAlarm (a personal firewall), and Ad-Aware SE (an antispyware tool).
Just make sure you keep all security software up to date. The bad guys constantly try out new ways to fool security programs. Any security tool without regular, easy (if not automatic) updates isn't worth your money or your time.
Speaking of updating, the same goes for Windows. Use Windows Update (it's right there on your Start Menu) to make sure you're getting all of the high priority updates. If you run Windows XP, make sure to get the Service Pack 2 update. To find out if you already have it, right-click My Computer, and select Properties. Under the General tab, under System, it should say "Service Pack 2."
Here are a few more pointers for a virus-free life:
* Be careful with e-mail. Set your e-mail software security settings to high. Don't open messages with generic-sounding subjects that don't apply specifically to you from people you don't know. Don't open an attachment unless you're expecting it.
* If you have broadband Internet access, such as DSL or cable, get a router, even if you only have one PC. A router adds an extra layer of protection because your PC is not connecting directly with the Internet.
* Check your Internet ports. These doorways between your computer and the Internet can be open, in which case your PC is very vulnerable; closed, but still somewhat vulnerable; or stealthed (or hidden), which is safest. Visit Gibson Research's Web site and run the free ShieldsUP test to see your ports' status. If some ports show up as closed--or worse yet, open--check your router's documentation to find out how to hide them.
Subscribe to:
Posts (Atom)
