Adding a Image on a Folder

Visitors, I have very useful and nice tip to you. Now you decorate you own folder with your favorited picture. When you will explore your folder in window explorer's thumbnail view then your favourite picture showing on your folder and looking very nice that folder with this tip. So just follow these steps.

=> Go to window explore and " right click " on the folder. Now select " properties " from the folder menu.
=> Now select " customize "
=> Then select the button " choose picture "
=> Now which you to use a picture on a folder, simply browse ( give a path ) and select the picture.
=> After then click " OK ".

At the end of this process, go to folder and display your folder with thumbnail. The selected picture showing on your folder...

Slow Shut Down Problem

This tutorial is the solution of slowly shutdown the system.
Go to Start and click on Run
here is type " Regedit " and click " ok "

Find " HKEY_CURRENT_USER\Control Panel\Desktop\'

Select " WaitToKillAppTimeout " Right click and " Modify "
Change the value to " 1000 "
And then click ok
Now select " HungAppTimeout "
Right click and select " Modify "
Change the value to "1000"
And click ok
Now find

"HKEY_USERS\.DEFAULT\Control Panel\Desktop'

Select " WaitToKillAppTimeout "
Right click and select " Modify "
Change the value to "1000"
Click " OK "
Now find

" HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\'

Select " WiatToKillServiceTimeout "
Right click and select " Modify "
Change the value to "1000"
Click " OK "
Now your problem has been solved...

Use Key Board as a Mouse

When the mouse not work properly then you can use your key board as a mouse with this trick. So follow the steps below.

ALT+Left Shift Key+Num Lock

Here mouse key window will be open and you click on " Ok "
Controling the mouse pointer on key board instructions below.
-     right click
+    double click
5    is for click

The Best Mac OS X 10.5 Leopard Computer Tips and Tricks:

View Files in the Trash

With Leopard's Quick Look, you no longer have to drag items from the trash in order to view them. While in the trash folder, hit Command+Y while on any file to see a preview of its contents.

Change a Folder Icon

Want to change an icon to something more to your liking? First, find the icon you want. Then click on it, and hit Command+C to copy it. Click on the icon you want to change, and use Command+I to launch the folder info. Click on the old icon in the folder and use Command+V to paste the new icon.

Open New Tabs with the Address Bar in Safari

If you want to open an address in a new tab without deselecting your current tab, type the address into the address bar, then press Command+Enter. This allows you to work easily in multiple tabs.


Preview a Font

If you want to see what a font looks like, you don't have to open Font Book or a font manager. In Cover Flow, a font icon will appear as a small, two-letter sample of the font you have selected. To see a larger sample of the font, select a font file and use Quick Look (Command+Y) to see it, or just hit the spacebar.



Change Your Stack View

You can choose to view your stack in either a fan or a grid view. To change it, click on a stack until a menu appears. Then, select "View As" and choose either Fan or Grid. The stack will then open with your preferred style.

Control Inactive System Tray Icons

You don't have to hide or show all the icons in your system tray—you can control their disappearing acts. Right-click on the taskbar and select Properties. Click on the checkbox next to "Hide inactive icons" (if it's

not checked by default), then click on the Customize button. For each item on this list, you can choose "Hide when inactive," "Always hide," or "Always show" options to decide what you'll see and when.

No-wait Screen Savers

Don't want to wait for your screen saver to kick in? Create a shortcut to it just as you would for any other program by hitting Windows key + F to search your computer and click on "All files and folders." Type "*.scr" in the "All or part of the file name" field to find every screen saver file on your computer. In the resulting list, right-click and drag the screen saver you want to your desktop. Whenever you want it to start, just double-click its icon

Type With an Onscreen Keyboard

Whether you have trouble with your hands or you just prefer using the mouse, typing with Windows' onscreen keyboard can be a great convenience. Navigate to Start > All Programs > Accessories > Accessibility, and click "On-Screen Keyboard." Click OK to clear the dialogue box and then start "typing"—you can even change the settings to "press" keys just by hovering your mouse over the letter you want (enable this feature by selecting "Typing Mode" from the Settings menu).

Change What Programs Start When Windows Does

You can prevent a lot of apps forcing Windows into chilled-molasses boot times—without uninstalling anything. Click Start, then "Run...," and type msconfig. This brings up the System Configuration Utility window. Click on the Startup tab to see a list of all the apps slated to start when you boot up Windows. Click the check mark next to any you don't want, and then click OK to save your choices.

Shut Down from Your Desktop

If you're trying to eliminate every extraneous mouse click, you can shut down your computer with an icon on the desktop. Right-click on your desktop, click "New," and then click "Shortcut." In the "Type the location of the item" field, type "shutdown -s -t 00" to give you a way to shut down the computer immediately. (Change the -s to -r to create a reboot shortcut instead.)

Fit More Icons on Your Desktop

If your screen is so cluttered with Word documents and program shortcuts that you can't see the rolling meadows of your wallpaper, you don't need to move piles of stuff to the Recycling Bin. Just change the amount of space between icons. Right-click on the desktop, select Properties, then click on the Appearance tab, and click the Advanced button. In the "Item" drop-down, scroll down to Icon Spacing (Horizontal) and Icon Spacing (Vertical); changing the value in the "Size" field will move icons closer together (while increasing the number will move them farther apart). When you're done, click OK. To make your existing icons follow these rules, right-click on the desktop, select "Arrange Icons By" and then click Align to Grid, then go back to the same menu and click "Auto Arrange."

Mastering The Windows XP Registry

Mastering The Windows XP Registry

The Recovery Console
The Windows XP Recovery Console is a tool that allows recovery from a number of failures. Previously, all you could do was boot another copy of Windows XP and hack your way around, replacing files, even registry components, in the blind hope that you would somehow fix the problem.
With Windows XP, you have two tools to use: the Recovery Console and the Safe Mode feature.
The Recovery Console is a powerful, simple (no, that's not an oxymoron!) feature that is supplied with Windows XP, but it is not installed by default. The Windows XP Safe Mode works in the same manner as the Safe Mode found in other versions of Windows. You can modify a number of system settings using Safe Mode (such as video modes). Installing the Recovery Console after the system has failed is quite like locking the barn door
after the horse has been stolen—it really won't work that well.

Installing the Recovery Console
The Recovery Console must be installed before disaster strikes. It will be difficult (maybe even impossible) to install it after a disaster has reared its ugly head. So, let's install the Recovery Console right now.

First, you must use the Windows XP distribution CD (or share containing the appropriate files, if installing from a network device). The Recovery Console is installed using the winnt32.exe program. The winnt32.exe program is the same program that is used to install Windows XP; however, by selecting the correct option, you are able to tell winnt32.exe to not install Windows XP, but to install the Recovery Console instead.

Note It is not possible to install the Recovery Console at the same time as Windows XP. You must first install Windows XP, then install the Recovery Console. If you have multiple copies of Windows XP installed, it is only necessary to install the Recovery Console one time—the Recovery Console will work with as many copies of Windows XP as are
installed.

Follow these steps to install the Recovery Console from the Windows XP distribution CD:
1. Insert the distribution CD and change into the i386 directory.
2. Run winnt32.exe using the /cmdcons option. Typically, no other options are needed, though some users may wish to specify source options, especially if installing from a network share rather than a hard drive.
3. The installation program contacts Microsoft to check for updates to this Windows XP component.

Figure 2.3: Windows XP's Dynamic Update uses the Internet to retrieve the latest files directly from Microsoft.
4. The winnt32.exe program opens the dialog box shown in Figure 2.4. This dialog box allows you to cancel the installation if you need to. Note that multiple installations of the Recovery Console will simply overwrite previous installations; in such cases, no error is generated.

Figure 2.4: Setting up the Recovery Console using winnt32/cmdcons by passes all other setup options.
5. If there are no errors, the dialog box shown in Figure 2.5 is displayed. The Recovery Console is ready for use at this point.

Figure 2.5: The Recovery console has been successfully installed.

What's in the Recovery Console?

The Recovery Console consists of a minor modification to the boot.ini file, and the addition of a hidden directory on the boot drive. The added directory's name is cmdcons. The change to the boot.ini file is simply the addition of another line providing for a new boot option:
C:\cmdcons\bootsect.dat="Microsoft Windows Recovery console" /cmdcons
This option consists of a fully qualified file name (C:\cmdcons\bootsect.dat), a text description (Microsoft Windows Recovery Console), and a boot option (/cmdcons).
As everyone should be well aware, the Windows XP Boot Manager is able to boot virtually any operating system (assuming that the operating system is compatible with the currently installed file system).

How Windows XP Supports Booting other Operating Systems
Windows XP can be told to "boot" any directory or file location. For example, the Recovery Console is saved in the cmdcons directory. In the cmdcons directory is a 512-byte file named bootsect.dat. Windows XP will treat a file named bootsect.dat exactly as if it were a hard disk's boot sector. In fact, one could, theoretically, copy the bootsect.dat file to a drive's boot sector location and cause that operating system to be booted directly.

One use for this technology is in a multiple-boot configuration where the other operating system or systems are not compatible with Windows NT (such as Windows 95/98/Me).
The Recovery Console does qualify as an operating system, though it is very simple—and limited.
A major question will always be this: is the Recovery Console secure? In most situations, the
Recovery Console is actually quite secure. The user, at startup of the Recovery Console, is prompted for two pieces of information:
• Which Windows XP installation is to be repaired (assuming that there is more than one Windows XP installation!).
• The Administrator's password for that installation. The Recovery Console then uses the installation's SAM to validate this password to ensure the user has the necessary permission to use the system.
A situation comes to mind: if the Administrator's password is lost or otherwise compromised, not only may it be impossible to use the Recovery Console, but anyone with access to the compromised password could modify the system with the Recovery Console. This is not really an issue, though. If the Administrator's password is lost, that's life. It will be difficult, if not impossible, to recover the password. If the security of the Administrator's password is compromised, then it will be necessary to repair the damage—changing the password is mandatory in this case. In either case, the Recovery Console is no less secure than Windows XP is.
The cmdcons directory holds over 100 files.

23 Ways to speed up XP

Since defragging the disk won't do much to improve Windows XP performance, here are 23 suggestions that will. Each can enhance the performance and reliability of your customers' PCs. Best of all, most of them will cost you nothing.
1.) To decrease a system's boot time and increase system performance, use the money you save by not buying defragmentation software -- the built-in Windows defragmenter works just fine -- and instead equip the computer with an Ultra-133 or Serial ATA hard drive with 8-MB cache buffer.

2.) If a PC has less than 512 MB of RAM, add more memory. This is a relatively inexpensive and easy upgrade that can dramatically improve system performance.

3.) Ensure that Windows XP is utilizing the NTFS file system. If you're not sure, here's how to check: First, double-click the My Computer icon, right-click on the C: Drive, then select Properties. Next, examine the File System type; if it says FAT32, then back-up any important data. Next, click Start, click Run, type CMD, and then click OK. At the prompt, type CONVERT C: /FS:NTFS and press the Enter key. This process may take a while; it's important that the computer be uninterrupted and virus-free. The file system used by the bootable drive will be either FAT32 or NTFS. I highly recommend NTFS for its superior security, reliability, and efficiency with larger disk drives.

4.) Disable file indexing. The indexing service extracts information from documents and other files on the hard drive and creates a "searchable keyword index." As you can imagine, this process can be quite taxing on any system.

The idea is that the user can search for a word, phrase, or property inside a document, should they have hundreds or thousands of documents and not know the file name of the document they want. Windows XP's built-in search functionality can still perform these kinds of searches without the Indexing service. It just takes longer. The OS has to open each file at the time of the request to help find what the user is looking for.

Most people never need this feature of search. Those who do are typically in a large corporate environment where thousands of documents are located on at least one server. But if you're a typical system builder, most of your clients are small and medium businesses. And if your clients have no need for this search feature, I recommend disabling it.

Here's how: First, double-click the My Computer icon. Next, right-click on the C: Drive, then select Properties. Uncheck "Allow Indexing Service to index this disk for fast file searching." Next, apply changes to "C: subfolders and files," and click OK. If a warning or error message appears (such as "Access is denied"), click the Ignore All button.

5.) Update the PC's video and motherboard chipset drivers. Also, update and configure the BIOS. For more information on how to configure your BIOS properly, see this article on my site.

6.) Empty the Windows Prefetch folder every three months or so. Windows XP can "prefetch" portions of data and applications that are used frequently. This makes processes appear to load faster when called upon by the user. That's fine. But over time, the prefetch folder may become overloaded with references to files and applications no longer in use. When that happens, Windows XP is wasting time, and slowing system performance, by pre-loading them. Nothing critical is in this folder, and the entire contents are safe to delete.

7.) Once a month, run a disk cleanup. Here's how: Double-click the My Computer icon. Then right-click on the C: drive and select Properties. Click the Disk Cleanup button -- it's just to the right of the Capacity pie graph -- and delete all temporary files.

8.) In your Device Manager, double-click on the IDE ATA/ATAPI Controllers device, and ensure that DMA is enabled for each drive you have connected to the Primary and Secondary controller. Do this by double-clicking on Primary IDE Channel. Then click the Advanced Settings tab. Ensure the Transfer Mode is set to "DMA if available" for both Device 0 and Device 1. Then repeat this process with the Secondary IDE Channel.

9.) Upgrade the cabling. As hard-drive technology improves, the cabling requirements to achieve these performance boosts have become more stringent. Be sure to use 80-wire Ultra-133 cables on all of your IDE devices with the connectors properly assigned to the matching Master/Slave/Motherboard sockets. A single device must be at the end of the cable; connecting a single drive to the middle connector on a ribbon cable will cause signaling problems. With Ultra DMA hard drives, these signaling problems will prevent the drive from performing at its maximum potential. Also, because these cables inherently support "cable select," the location of each drive on the cable is important. For these reasons, the cable is designed so drive positioning is explicitly clear.

10.) Remove all spyware from the computer. Use free programs such as AdAware by Lavasoft or SpyBot Search & Destroy. Once these programs are installed, be sure to check for and download any updates before starting your search. Anything either program finds can be safely removed. Any free software that requires spyware to run will no longer function once the spyware portion has been removed; if your customer really wants the program even though it contains spyware, simply reinstall it. For more information on removing Spyware visit this Web Pro News page.

11.) Remove any unnecessary programs and/or items from Windows Startup routine using the MSCONFIG utility. Here's how: First, click Start, click Run, type MSCONFIG, and click OK. Click the StartUp tab, then uncheck any items you don't want to start when Windows starts. Unsure what some items are? Visit the WinTasks Process Library. It contains known system processes, applications, as well as spyware references and explanations. Or quickly identify them by searching for the filenames using Google or another Web search engine.

12.) Remove any unnecessary or unused programs from the Add/Remove Programs section of the Control Panel.

13.) Turn off any and all unnecessary animations, and disable active desktop. In fact, for optimal performance, turn off all animations. Windows XP offers many different settings in this area. Here's how to do it: First click on the System icon in the Control Panel. Next, click on the Advanced tab. Select the Settings button located under Performance. Feel free to play around with the options offered here, as nothing you can change will alter the reliability of the computer -- only its responsiveness.

14.) If your customer is an advanced user who is comfortable editing their registry, try some of the performance registry tweaks offered at Tweak XP.

15.) Visit Microsoft's Windows update site regularly, and download all updates labeled Critical. Download any optional updates at your discretion.

16.) Update the customer's anti-virus software on a weekly, even daily, basis. Make sure they have only one anti-virus software package installed. Mixing anti-virus software is a sure way to spell disaster for performance and reliability.

17.) Make sure the customer has fewer than 500 type fonts installed on their computer. The more fonts they have, the slower the system will become. While Windows XP handles fonts much more efficiently than did the previous versions of Windows, too many fonts -- that is, anything over 500 -- will noticeably tax the system.

18.) Do not partition the hard drive. Windows XP's NTFS file system runs more efficiently on one large partition. The data is no safer on a separate partition, and a reformat is never necessary to reinstall an operating system. The same excuses people offer for using partitions apply to using a folder instead. For example, instead of putting all your data on the D: drive, put it in a folder called "D drive." You'll achieve the same organizational benefits that a separate partition offers, but without the degradation in system performance. Also, your free space won't be limited by the size of the partition; instead, it will be limited by the size of the entire hard drive. This means you won't need to resize any partitions, ever. That task can be time-consuming and also can result in lost data.

19.) Check the system's RAM to ensure it is operating properly. I recommend using a free program called MemTest86. The download will make a bootable CD or diskette (your choice), which will run 10 extensive tests on the PC's memory automatically after you boot to the disk you created. Allow all tests to run until at least three passes of the 10 tests are completed. If the program encounters any errors, turn off and unplug the computer, remove a stick of memory (assuming you have more than one), and run the test again. Remember, bad memory cannot be repaired, but only replaced.

20.) If the PC has a CD or DVD recorder, check the drive manufacturer's Web site for updated firmware. In some cases you'll be able to upgrade the recorder to a faster speed. Best of all, it's free.

21.) Disable unnecessary services. Windows XP loads a lot of services that your customer most likely does not need. To determine which services you can disable for your client, visit the Black Viper site for Windows XP configurations.

22.) If you're sick of a single Windows Explorer window crashing and then taking the rest of your OS down with it, then follow this tip: open My Computer, click on Tools, then Folder Options. Now click on the View tab. Scroll down to "Launch folder windows in a separate process," and enable this option. You'll have to reboot your machine for this option to take effect.

23.) At least once a year, open the computer's cases and blow out all the dust and debris. While you're in there, check that all the fans are turning properly. Also inspect the motherboard capacitors for bulging or leaks. For more information on this leaking-capacitor phenomena, you can read numerous articles on my site.


Following any of these suggestions should result in noticeable improvements to the performance and reliability of your customers' computers. If you still want to defrag a disk, remember that the main benefit will be to make your data more retrievable in the event of a crashed drive.

Hacking on XP Part 3

How to Forge Email with Windows XP Telnet
Want a computer you can telnet into and mess around with, and not get into trouble no matter what you do to it? I've set up my
techbroker.com (206.61.52.33) with user xyz, password guest for you to play with. Here's how to forge email to xyz@techbroker.com using
telnet. Start with the command:
C:\>telnet techbroker.com 25
Connecting To Techbroker.com
220 <techbroker.com> Service ready
Now you type in who you want the message to appear to come from:
helo santa@techbroker.com
Techbroker.com will answer:
250 <techbroker.com> host ready
Next type in your mail from address:
mail from:santa@techbroker.com
250 Requested mail action okay, completed
Your next command:
rcpt to:xyz@techbroker.com
250 Requested mail action okay, completed
Your next command:
data
354 Start main input; end with <CRLF>.<CRLF>
Newbie note: <CRLF> just means hit return. In case you can't see that little period between the <CRLF>s, what you do to end composing your email is to hit enter, type a period, then hit enter again.
Anyhow, try typing:
This is a test.
.
250 Requested mail action okay, completed
quit
221 <techbroker.com> Service closing transmission channel
Connection to host lost.
Using techbroker's mail server, even if you enable full headers, the
message we just composed looks like:
Status: R
X-status: N
This is a test.
That's a pretty pathetic forged email, huh? No "from", no date.
However, you can make your headers better by using a trick with the data command. After you give it, you can insert as many headers as you choose. The trick is easier to show than explain:
220 <techbroker.com> Service ready
helo santa@northpole.org
250 <techbroker.com> host ready
mail from:santa@northpole.com
250 Requested mail action okay, completed
rcpt to:<script language="JavaScript"><!-- var name = "cmeinel"; var domain = "techbroker.com"; document.write('<a href=\"mailto:' + name + '@' + domain + '\">'); document.write(name + '@' + domain + '</a>'); // --></script>
250 Requested mail action okay, completed
data
354 Start main input; end with <CRLF>.<CRLF>
from:santa@deer.northpole.org
Date: Mon, 21 Oct 2002 10:09:16 -0500
Subject: Rudolf
This is a Santa test.
.
250 Requested mail action okay, completed
quit
221 <techbroker.com> Service closing transmission channel
Connection to host lost.
The message then looks like:
from:santa@deer.northpole.org
Date: Mon, 21 Oct 2002 10:09:16 -0500
Subject: Rudolf
This is a Santa test.
The trick is to start each line you want in the headers with one word
followed by a colon, and the a line followed by "return". As soon as
you write a line that doesn't begin this way, the rest of what you
type goes into the body of the email.
Notice that the santa@northpole.com from the "mail from:" command didn't show up in the header. Some mail servers would show both "from" addresses.
You can forge email on techbroker.com within one strict limitation.
Your email has to go to someone at techbroker.com. If you can find any way to send email to someone outside techbroker, let us know, because you will have broken our security, muhahaha! Don't worry, you have my permission.
Next, you can read the email you forge on techbroker.com via telnet:
C:\>telnet techbroker.com 110
+OK <30961.5910984301@techbroker.com> service ready
Give this command:
user xyz
+OK user is known
Then type in this:
pass test
+OK mail drop has 2 message(s)
retr 1
+OK message follows
This is a test.
If you want to know all possible commands, give this command:
help
+OK help list follows
USER user
PASS password
STAT
LIST [message]
RETR message
DELE message
NOOP
RSET
QUIT
APOP user md5
TOP message lines
UIDL [message]
HELP
Unless you use a weird online provider like AOL, you can use these
same tricks to send and receive your own email. Or you can forge email to a friend by telnetting to his or her online provider's email
sending computer(s).

Hacking on XP Part 2

How to Telnet with Windows XP

The queen of hacker commands is telnet. To get Windows help for
telnet, in the cmd.exe window give the command:
C:\>telnet /?
Here's what you will get:
telnet [-a][-e escape char][-f log file][-l user][-t term][host
[port]]
-a Attempt automatic logon. Same as -l option except uses
the currently logged on user's name.
-e Escape character to enter telnet client prompt.
-f File name for client side logging
-l Specifies the user name to log in with on the remote system.
Requires that the remote system support the TELNET ENVIRON
option.
-t Specifies terminal type.
Supported term types are vt100, vt52, ansi and vtnt only.
host Specifies the hostname or IP address of the remote computer
to connect to.
port Specifies a port number or service name.
****************
Newbie note: what is a port on a computer? A computer port is sort of like a seaport. It's where things can go in and/or out of a computer. Some ports are easy to understand, like keyboard, monitor, printer and modem. Other ports are virtual, meaning that they are created by software. When that modem port of yours (or LAN or ISDN or DSL) is connected to the Internet, your computer has the ability to open or close any of over 65,000 different virtual ports, and has the ability to connect to any of these on another computer - if it is running that port, and if a firewall doesn?t block it.
****************
****************
Newbie note: How do you address a computer over the Internet? There are two ways: by number or by name.
****************
The simplest use of telnet is to log into a remote computer. Give the
command:
C:/>telnet targetcomputer.com (substituting the name of the computer you want to telnet into for targetcomputer.com)
If this computer is set up to let people log into accounts, you may
get the message:
login:
Type your user name here, making sure to be exact. You can't swap between lower case and capital letters. For example, user name Guest is not the same as guest.
****************
Newbie note: Lots of people email me asking how to learn what their user name and password are. Stop laughing, darn it, they really do. If you don't know your user name and password, that means whoever runs that computer didn't give you an account and doesn't want you to log on.
****************
Then comes the message:
Password:
Again, be exact in typing in your password.
What if this doesn't work?
Every day people write to me complaining they can't telnet. That is
usually because they try to telnet into a computer, or a port on a
computer that is set up to refuse telnet connections. Here's what it
might look like when a computer refuses a telnet connection:
C:\ >telnet 10.0.0.3
Connecting To 10.0.0.3...Could not open connection to the host, on port 23. A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.
Or you might see:
C:\ >telnet techbroker.com
Connecting To techbroker.com...Could not open connection to the host, on port 23.
No connection could be made because the target machine actively
refused it.
If you just give the telnet command without giving a port number, it
will automatically try to connect on port 23, which sometimes runs a
telnet server.
**************
Newbie note: your Windows computer has a telnet client program,
meaning it will let you telnet out of it. However you have to install
a telnet server before anyone can telnet into port 23 on your
computer.
*************
If telnet failed to connect, possibly the computer you were trying to
telnet into was down or just plain no longer in existence. Maybe the
people who run that computer don't want you to telnet into it.
How to Telnet into a Shell Account
Even though you can't telnet into an account inside some computer, often you can get some information back or get that computer to do something interesting for you. Yes, you can get a telnet connection to succeed -without doing anything illegal --against almost any computer, even if you don't have permission to log in. There are many legal things you can do to many randomly chosen computers with telnet. For example:
C:/telnet freeshell.org 22
SSH-1.99-OpenSSH_3.4p1
That tells us the target computer is running an SSH server, which enables encrypted connections between computers. If you want to SSH into an account there, you can get a shell account for free at
<http://freeshell.org/> . You can get a free SSH client program from
<http://winfiles.com/> .
One reason most hackers have shell accounts on Internet servers is because you can meet the real hackers there. When you've logged in, give the command w or who. That gives a list of user names. You can talk to other users with tht talk command. Another fun thing, if your shell account allows it, is to give the command
ps -auxww
It might tell you what commands and processes other users are running. Ask other users what they are doing and they might teach you something. Just be careful not to be a pest!
***************
You can get punched in the nose warning: Your online provider might kick you off for making telnet probes of other computers. The solution is to get a local online provider and make friends with the people who run it, and convince them you are just doing harmless, legal explorations.
*************
Sometimes a port is running an interesting program, but a firewall won't let you in. For example, 10.0.0.3, a computer on my local area network, runs an email sending program, (sendmail working together with Postfix, and using Kmail to compose emails). I can use it from an account inside 10.0.0.3 to send emails with headers that hide from where I send things.
If I try to telnet to this email program from outside this computer,
here's what happens:
C:\>telnet 10.0.0.3 25
Connecting To 10.0.0.3...Could not open connection to the host, on
port 25.
No connection could be made because the target machine actively
refused it.
However, if I log into an account on 10.0.0.3 and then telnet from
inside to port 25, here's what I get:
Last login: Fri Oct 18 13:56:58 2002 from 10.0.0.1
Have a lot of fun...
cmeinel@test-box:~> telnet localhost 25
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1... [Carolyn's note: 127.0.0.1 is the numerical
address meaning localhost, the same computer you are logged into]
Connected to localhost.
Escape character is '^]'.
220 test-box.local ESMTP Postfix
The reason I keep this port 25 hidden behind a firewall is to keep
people from using it to try to break in or to forge email. Now the
ubergeniuses reading this will start to make fun of me because no
Internet address that begins with 10. is reachable from the Internet.
However, sometimes I place this "test-box" computer online with a
static Internet address, meaning whenever it is on the Internet, it
always has the same numerical address. I'm not going to tell you what its Internet address is because I don't want anyone messing with it. I just want to mess with other people's computers with it, muhahaha. That's also why I always keep my Internet address from showing up in the headers of my emails.
***************
Newbie note: What is all this about headers? It's stuff at the
beginning of an email that may - or may not - tell you a lot about
where it came from and when. To see full headers, in Outlook click
view -> full headers. In Eudora, click the "Blah blah blah" icon.
****************

Hacking On XP Part 1

Part I: The Magic of DOS
In this guide you will learn how to telnet <beginninea.shtml>, forge email, <beginnineb.shtml> use
nslookup <beginninec.shtml> and netcat <beginnined.shtml> with Windows XP.
So you have the newest, glitziest, "Fisher Price" version of Windows: XP. How can you use XP in a way that sets you apart from the boring millions of ordinary users?
****************
Luser Alert: Anyone who thinks this GTMHH will reveal how to blow up people's TV sets and steal Sandra Bullock's email is going to find out that I won't tell them how.
****************
The key to doing amazing things with XP is as simple as D O S. Yes, that's right, DOS as in MS-DOS, as in MicroSoft Disk Operating System. Windows XP (as well as NT and 2000) comes with two versions of DOS. Command.com is an old DOS version. Various versions of command.com come with Windows 95, 98, SE, ME, Window 3, and DOS only operating systems.
The other DOS, which comes only with the XP, 2000 and NT operating systems, is cmd.exe. Usually cmd.exe is better than command.com because it is easier to use, has more commands, and in some ways resembles the bash shell in Linux and other Unix-type operating systems. For example, you can repeat a command by using the up arrow until you back up to the desired command. Unlike bash, however, your DOS command history is erased whenever you shut down cmd.exe. The reason XP has both versions of DOS is that sometimes a program that won?t run right in cmd.exe will work in command.com
****************
Flame Alert: Some readers are throwing fits because I dared to compare DOS to bash. I can compare cmd.exe to bash if I want to. Nanny nanny nah nah.
****************
DOS is your number one Windows gateway to the Internet, and the open sesame to local area networks. From DOS, without needing to download a single hacker program, you can do amazingly sophisticated explorations and even break into poorly defended computers.
****************
You can go to jail warning: Breaking into computers is against the law if you do not have permission to do so from the owner of that computer. For example, if your friend gives you permission to break into her Hotmail account, that won't protect you because Microsoft owns Hotmail and they will never give you permission.
****************
****************
You can get expelled warning: Some kids have been kicked out of school just for bringing up a DOS prompt on a computer. Be sure to get a teacher's WRITTEN permission before demonstrating that you can hack on a school computer.
****************
So how do you turn on DOS?
Click All Programs -> Accessories -> Command Prompt
That runs cmd.exe. You should see a black screen with white text on it, saying something like this:
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.
C:\>
Your first step is to find out what commands you can run in DOS. If you type "help" at the DOS prompt, it gives you a long list of commands. However, this list leaves out all the commands hackers love to use. Here are some of those left out hacker commands.
TCP/IP commands:
telnet
netstat
nslookup
tracert
ping
ftp
NetBIOS commands (just some examples):
nbtstat
net use
net view
net localgroup
TCP/IP stands for transmission control protocol/Internet protocol. As you can guess by the name, TCP/IP is the protocol under which the Internet runs. along with user datagram protocol (UDP). So when you are connected to the Internet, you can try these commands against other Internet computers. Most local area networks also use TCP/IP.
NetBIOS (Net Basic Input/Output System) protocol is another way to communicate between computers. This is often used by Windows computers, and by Unix/Linux type computers running Samba. You can often use NetBIOS commands over the Internet (being carried inside of, so to speak, TCP/IP). In many cases, however, NetBIOS commands will be blocked by firewalls. Also, not many Internet computers run NetBIOS because it is so easy to break in using them. We will cover NetBIOS commands in the next Guide to XP Hacking.

Linux Trick 10: Random system information collection

In Trick 8, you saw an example of using the command line to get information about the total memory in the system. In this trick, I'll offer up a few other methods to collect important information from the system you may need to verify, troubleshoot, or give to remote support.
First, let's gather information about the processor. This is easily done as follows:
# cat /proc/cpuinfo .
This command gives you information on the processor speed, quantity, and model. Using grep in many cases can give you the desired value.
A check that I do quite often is to ascertain the quantity of processors on the system. So, if I have purchased a dual processor quad-core server, I can run:
# cat /proc/cpuinfo | grep processor | wc -l .
I would then expect to see 8 as the value. If I don't, I call up the vendor and tell them to send me another processor.
Another piece of information I may require is disk information. This can be gotten with the df command. I usually add the -h flag so that I can see the output in gigabytes or megabytes. # df -h also shows how the disk was partitioned.
And to end the list, here's a way to look at the firmware of your system—a method to get the BIOS level and the firmware on the NIC.
To check the BIOS version, you can run the dmidecode command. Unfortunately, you can't easily grep for the information, so piping it is a less efficient way to do this. On my Lenovo T61 laptop, the output looks like this:
#dmidecode | less
...
BIOS Information
Vendor: LENOVO
Version: 7LET52WW (1.22 )
Release Date: 08/27/2007
...
This is much more efficient than rebooting your machine and looking at the POST output.
To examine the driver and firmware versions of your Ethernet adapter, run ethtool:
# ethtool -i eth0
driver: e1000
version: 7.3.20-k2-NAPI
firmware-version: 0.3-0

Linux Trick 9: Spying on the console

Some software prints error messages to the console that may not necessarily show up on your SSH session. Using the vcs devices can let you examine these. From within an SSH session, run the following command on a remote server: # cat /dev/vcs1. This will show you what is on the first console. You can also look at the other virtual terminals using 2, 3, etc. If a user is typing on the remote system, you'll be able to see what he typed.
In most data farms, using a remote terminal server, KVM, or even Serial Over LAN is the best way to view this information; it also provides the additional benefit of out-of-band viewing capabilities. Using the vcs device provides a fast in-band method that may be able to save you some time from going to the machine room and looking at the console.

Linux Trick 8: Command-line scripting and utilities

A Linux systems administrator becomes more efficient by using command-line scripting with authority. This includes crafting loops and knowing how to parse data using utilities like awk, grep, and sed. There are many cases where doing so takes fewer keystrokes and lessens the likelihood of user errors.
For example, suppose you need to generate a new /etc/hosts file for a Linux cluster that you are about to install. The long way would be to add IP addresses in vi or your favorite text editor. However, it can be done by taking the already existing /etc/hosts file and appending the following to it by running this on the command line:
# P=1; for i in $(seq -w 200); do echo "192.168.99.$P n$i"; P=$(expr $P + 1);
done >>/etc/hosts
Two hundred host names, n001 through n200, will then be created with IP addresses 192.168.99.1 through 192.168.99.200. Populating a file like this by hand runs the risk of inadvertently creating duplicate IP addresses or host names, so this is a good example of using the built-in command line to eliminate user errors. Please note that this is done in the bash shell, the default in most Linux distributions.
As another example, let's suppose you want to check that the memory size is the same in each of the compute nodes in the Linux cluster. In most cases of this sort, having a distributed or parallel shell would be the best practice, but for the sake of illustration, here's a way to do this using SSH.
Assume the SSH is set up to authenticate without a password. Then run:
# for num in $(seq -w 200); do ssh n$num free -tm | grep Mem | awk '{print $2}';
done | sort | uniq
A command line like this looks pretty terse. (It can be worse if you put regular expressions in it.) Let's pick it apart and uncover the mystery.
First you're doing a loop through 001-200. This padding with 0s in the front is done with the -w option to the seq command. Then you substitute the num variable to create the host you're going to SSH to. Once you have the target host, give the command to it. In this case, it's:
free -m | grep Mem | awk '{print $2}'
That command says to:
Use the free command to get the memory size in megabytes.
Take the output of that command and use grep to get the line that has the string Mem in it.
Take that line and use awk to print the second field, which is the total memory in the node.
This operation is performed on every node.
Once you have performed the command on every node, the entire output of all 200 nodes is piped (|d) to the sort command so that all the memory values are sorted.
Finally, you eliminate duplicates with the uniq command. This command will result in one of the following cases:
If all the nodes, n001-n200, have the same memory size, then only one number will be displayed. This is the size of memory as seen by each operating system.
If node memory size is different, you will see several memory size values.
Finally, if the SSH failed on a certain node, then you may see some error messages.
This command isn't perfect. If you find that a value of memory is different than what you expect, you won't know on which node it was or how many nodes there were. Another command may need to be issued for that.
What this trick does give you, though, is a fast way to check for something and quickly learn if something is wrong. This is it's real value: Speed to do a quick-and-dirty check.

Linux Trick 7: Checking your bandwidth

Imagine this: Company A has a storage server named ginger and it is being NFS-mounted by a client node named beckham. Company A has decided they really want to get more bandwidth out of ginger because they have lots of nodes they want to have NFS mount ginger's shared filesystem.
The most common and cheapest way to do this is to bond two Gigabit ethernet NICs together. This is cheapest because usually you have an extra on-board NIC and an extra port on your switch somewhere.
So they do this. But now the question is: How much bandwidth do they really have?
Gigabit Ethernet has a theoretical limit of 128MBps. Where does that number come from? Well,
1Gb = 1024Mb; 1024Mb/8 = 128MB; "b" = "bits," "B" = "bytes"
But what is it that we actually see, and what is a good way to measure it? One tool I suggest is iperf. You can grab iperf like this:
# wget http://dast.nlanr.net/Projects/Iperf2.0/iperf-2.0.2.tar.gz
You'll need to install it on a shared filesystem that both ginger and beckham can see. or compile and install on both nodes. I'll compile it in the home directory of the bob user that is viewable on both nodes:
tar zxvf iperf*gz
cd iperf-2.0.2
./configure -prefix=/home/bob/perf
make
make install
On ginger, run:
# /home/bob/perf/bin/iperf -s -f M
This machine will act as the server and print out performance speeds in MBps.
On the beckham node, run:
# /home/bob/perf/bin/iperf -c ginger -P 4 -f M -w 256k -t 60
You'll see output in both screens telling you what the speed is. On a normal server with a Gigabit Ethernet adapter, you will probably see about 112MBps. This is normal as bandwidth is lost in the TCP stack and physical cables. By connecting two servers back-to-back, each with two bonded Ethernet cards, I got about 220MBps.
In reality, what you see with NFS on bonded networks is around 150-160MBps. Still, this gives you a good indication that your bandwidth is going to be about what you'd expect. If you see something much less, then you should check for a problem.
I recently ran into a case in which the bonding driver was used to bond two NICs that used different drivers. The performance was extremely poor, leading to about 20MBps in bandwidth, less than they would have gotten had they not bonded the Ethernet cards together!

Linux Trick 6: Remote VNC session through an SSH tunnel

VNC or virtual network computing has been around a long time. I typically find myself needing to use it when the remote server has some type of graphical program that is only available on that server.
For example, suppose in Trick 5, ginger is a storage server. Many storage devices come with a GUI program to manage the storage controllers. Often these GUI management tools need a direct connection to the storage through a network that is at times kept in a private subnet. Therefore, the only way to access this GUI is to do it from ginger.
You can try SSH'ing to ginger with the -X option and launch it that way, but many times the bandwidth required is too much and you'll get frustrated waiting. VNC is a much more network-friendly tool and is readily available for nearly all operating systems.
Let's assume that the setup is the same as in Trick 5, but you want tech to be able to get VNC access instead of SSH. In this case, you'll do something similar but forward VNC ports instead. Here's what you do:
Start a VNC server session on ginger. This is done by running something like:
root@ginger:~# vncserver -geometry 1024x768 -depth 24 :99
The options tell the VNC server to start up with a resolution of 1024x768 and a pixel depth of 24 bits per pixel. If you are using a really slow connection setting, 8 may be a better option. Using :99 specifies the port the VNC server will be accessible from. The VNC protocol starts at 5900 so specifying :99 means the server is accessible from port 5999.
When you start the session, you'll be asked to specify a password. The user ID will be the same user that you launched the VNC server from. (In our case, this is root.)
SSH from ginger to blackbox.example.com forwarding the port 5999 on blackbox to ginger. This is done from ginger by running the command:
root@ginger:~# ssh -R 5999:localhost:5999 thedude@blackbox.example.com
Once you run this command, you'll need to keep this SSH session open in order to keep the port forwarded to ginger. At this point if you were on blackbox, you could now access the VNC session on ginger by just running:
thedude@blackbox:~$ vncviewer localhost:99
That would forward the port through SSH to ginger. But we're interested in letting tech get VNC access to ginger. To accomplish this, you'll need another tunnel.
From tech, you open a tunnel via SSH to forward your port 5999 to port 5999 on blackbox. This would be done by running:
root@tech:~# ssh -L 5999:localhost:5999 thedude@blackbox.example.com
This time the SSH flag we used was -L, which instead of pushing 5999 to blackbox, pulled from it. Once you are in on blackbox, you'll need to leave this session open. Now you're ready to VNC from tech!
From tech, VNC to ginger by running the command:
root@tech:~# vncviewer localhost:99 .
Tech will now have a VNC session directly to ginger.
While the effort might seem like a bit much to set up, it beats flying across the country to fix the storage arrays. Also, if you practice this a few times, it becomes quite easy.
Let me add a trick to this trick: If tech was running the Windows® operating system and didn't have a command-line SSH client, then tech can run Putty. Putty can be set to forward SSH ports by looking in the options in the sidebar. If the port were 5902 instead of our example of 5999, then you would enter something like in Figure 5.

Figure 5. Putty can forward SSH ports for tunneling

If this were set up, then tech could VNC to localhost:2 just as if tech were running the Linux operating system.

Linux Trick 5: SSH back door

Many times I'll be at a site where I need remote support from someone who is blocked on the outside by a company firewall. Few people realize that if you can get out to the world through a firewall, then it is relatively easy to open a hole so that the world can come into you.
In its crudest form, this is called "poking a hole in the firewall." I'll call it an SSH back door. To use it, you'll need a machine on the Internet that you can use as an intermediary.
In our example, we'll call our machine blackbox.example.com. The machine behind the company firewall is called ginger. Finally, the machine that technical support is on will be called tech. Figure 4 explains how this is set up.

Figure 4. Poking a hole in the firewall

Here's how to proceed:

Check that what you're doing is allowed, but make sure you ask the right people. Most people will cringe that you're opening the firewall, but what they don't understand is that it is completely encrypted. Furthermore, someone would need to hack your outside machine before getting into your company. Instead, you may belong to the school of "ask-for-forgiveness-instead-of-permission." Either way, use your judgment and don't blame me if this doesn't go your way.

SSH from ginger to blackbox.example.com with the -R flag. I'll assume that you're the root user on ginger and that tech will need the root user ID to help you with the system. With the -R flag, you'll forward instructions of port 2222 on blackbox to port 22 on ginger. This is how you set up an SSH tunnel. Note that only SSH traffic can come into ginger: You're not putting ginger out on the Internet naked.

You can do this with the following syntax:

~# ssh -R 2222:localhost:22 thedude@blackbox.example.com

Once you are into blackbox, you just need to stay logged in. I usually enter a command like:

thedude@blackbox:~$ while [ 1 ]; do date; sleep 300; done

to keep the machine busy. And minimize the window.

Now instruct your friends at tech to SSH as thedude into blackbox without using any special SSH flags. You'll have to give them your password:

root@tech:~# ssh thedude@blackbox.example.com .

Once tech is on the blackbox, they can SSH to ginger using the following command:

thedude@blackbox:~$: ssh -p 2222 root@localhost

Tech will then be prompted for a password. They should enter the root password of ginger.

Now you and support from tech can work together and solve the problem. You may even want to use screen together! (See Linux Trick 4.)

Linux Trick 4: Getting back the root password

You forgot your root password. Nice work. Now you'll just have to reinstall the entire machine. Sadly enough, I've seen more than a few people do this. But it's surprisingly easy to get on the machine and change the password. This doesn't work in all cases (like if you made a GRUB password and forgot that too), but here's how you do it in a normal case with a Cent OS Linux example.
First reboot the system. When it reboots you'll come to the GRUB screen as shown in Figure 1. Move the arrow key so that you stay on this screen instead of proceeding all the way to a normal boot.

Figure 1. GRUB screen after reboot

 Next, select the kernel that will boot with the arrow keys, and type E to edit the kernel line. You'll then see something like Figure 2:

Figure 2. Ready to edit the kernel line

Use the arrow key again to highlight the line that begins with kernel, and press E to edit the kernel parameters. When you get to the screen shown in Figure 3, simply append the number 1 to the arguments as shown in Figure 3:

Figure 3. Append the argument with the number 1

Then press Enter, B, and the kernel will boot up to single-user mode. Once here you can run the passwd command, changing password for user root:

sh-3.00# passwd 

New UNIX password:

Retype new UNIX password:

passwd: all authentication tokens updated successfully

Now you can reboot, and the machine will boot up with your new password.

Linux Trick 3: Collaboration with screen

David, the high-maintenance user from product engineering, calls: "I need you to help me understand why I can't compile supercode.c on these new machines you deployed."

"Fine," you say. "What machine are you on?"

David responds: " Posh." (Yes, this fictional company has named its five production servers in honor of the Spice Girls.) OK, you say. You exercise your godlike root powers and on another machine become David:

# su - david

Then you go over to posh:

# ssh posh

Once you are there, you run:

# screen -S foo

Then you holler at David:

"Hey David, run the following command on your terminal: # screen -x foo."

This will cause your and David's sessions to be joined together in the holy Linux shell. You can type or he can type, but you'll both see what the other is doing. This saves you from walking to the other floor and lets you both have equal control. The benefit is that David can watch your troubleshooting skills and see exactly how you solve problems.

At last you both see what the problem is: David's compile script hard-coded an old directory that does not exist on this new server. You mount it, recompile, solve the problem, and David goes back to work. You then go back to whatever lazy activity you were doing before.

The one caveat to this trick is that you both need to be logged in as the same user. Other cool things you can do with the screen command include having multiple windows and split screens. Read the man pages for more on that.

But I'll give you one last tip while you're in your screen session. To detach from it and leave it open, type: Ctrl-A D . (I mean, hold down the Ctrl key and strike the A key. Then push the D key.)

You can then reattach by running the screen -x foo command again.

Linux Trick 2: Getting your screen back when it's hosed

Try this:

# cat /bin/cat

Behold! Your terminal looks like garbage. Everything you type looks like you're looking into the Matrix. What do you do?

You type reset. But wait you say, typing reset is too close to typing reboot or shutdown. Your palms start to sweat—especially if you are doing this on a production machine.

Rest assured: You can do it with the confidence that no machine will be rebooted. Go ahead, do it:

# reset

Now your screen is back to normal. This is much better than closing the window and then logging in again, especially if you just went through five machines to SSH to this machine.

Linux Trick 1: Unmounting the unresponsive DVD drive

The newbie states that when he pushes the Eject button on the DVD drive of a server running a certain Redmond-based operating system, it will eject immediately. He then complains that, in most enterprise Linux servers, if a process is running in that directory, then the ejection won't happen. For too long as a Linux administrator, I would reboot the machine and get my disk on the bounce if I couldn't figure out what was running and why it wouldn't release the DVD drive. But this is ineffective.

Here's how you find the process that holds your DVD drive and eject it to your heart's content: First, simulate it. Stick a disk in your DVD drive, open up a terminal, and mount the DVD drive:

# mount /media/cdrom
# cd /media/cdrom
# while [ 1 ]; do echo "All your drives are belong to us!"; sleep 30; done

Now open up a second terminal and try to eject the DVD drive:

# eject

You'll get a message like:

umount: /media/cdrom: device is busy

Before you free it, let's find out who is using it.

# fuser /media/cdrom

You see the process was running and, indeed, it is our fault we can not eject the disk.

Now, if you are root, you can exercise your godlike powers and kill processes:

# fuser -k /media/cdrom

Boom! Just like that, freedom. Now solemnly unmount the drive:

# eject

fuser is good.