Converting Movies To Psp Format.
Hey again, this is a real quick guide for anyone interested to get a movie onto there PSP without all the fluff i have seen elsewhere. I just watched Africa the Serengeti on my PSP and heres is the lowdown.
Movie - approx 40 minutes - dvd
Saved to hard drive - 2.6GIG - using DVD Decryptor (free program) try google
Transfered to avi format - 377MB- using Super DVD Ripper (9 FREE trial uses) then you must buy
Transfered to MP4 - 37MB - using the (basically free) Image convertor 2
Average movie breakdown - using above as a guide only.
so im guessing the average movie may be 4.5gig for example
saved to 800MB
CONVERTED TO 70-80MB
Ok use DVD decryptor to save the movie to your hard drive eg. C:\africa (it will save it for you as described)
When completed find the folder c:\africa on your computer and find the vob file in that folder - generally the largest one and right click and play it with your dvd program to see what part it is. If its the correct movie part you now know thats the one you need.
Once you have located the vob file you want to transfer open DVD Ripper and go to wizard icon. There you will see an icon of VOB to AVI button. Click it and then it will ask to locate the file. Locate the file and click it. It will SCAN THE FILE(just wait till that finishes) a parameter box opens next and just click the arrow. It then askes to choose output file, click the file icon and locate the correct fob file. It then askes for file compression - choose microsoft windows media and then click ok Then press the start button. It will now convert the vob into avi format.
(there are also other opions ie;dvd to avi etc) I have only used the vob to avi for this test.
After DVD ripper has transferred the file it will save it to the same folder as the original move was in eg: c:\africa\viteots. Open the file and you will now see an AVI icon containing the movie.
Make sure you PSP is on and in usb mode then Open Image convertor 2 and press on movie / add to list. For this example i click on C:drive the found the folder Africa and opened it and there was my converted AVI file. Click the file press ok and it will be transfered to your PSP for viewing pleasure.
*****Note**** i only converted one VOB file as thatS all there was for this particular movie. If you have more then one vob file you may need to try the dvd to avi when you rip. This is just a guide i worked out to compress dvd into the smallest possible file so you can get value out of a 512 card.
QUOTE
http://www.crazyhatsoftware.com/ImageConverter2.1.exe
Image Converter 2.1 JAP translated to ENG.
Kamis, 25 September 2008
Beep Code error
After repeated requests for beep codes i have decided to post them here maybe they could be pinned
Standard Original IBM POST Error Codes
Code Description
1 short beep System is OK
2 short beeps POST Error - error code shown on screen No beep Power supply or system board problem Continuous beep Power supply, system board, or keyboard problem Repeating short beeps Power supply or system board problem
1 long, 1 short beep System board problem
1 long, 2 short beeps Display adapter problem (MDA, CGA)
1 long, 3 short beeps Display adapter problem (EGA)
3 long beeps 3270 keyboard card
IBM POST Diagnostic Code Descriptions
Code Description
100 - 199 System Board
200 - 299 Memory
300 - 399 Keyboard
400 - 499 Monochrome Display
500 - 599 Colour/Graphics Display
600 - 699 Floppy-disk drive and/or Adapter
700 - 799 Math Coprocessor
900 - 999 Parallel Printer Port
1000 - 1099 Alternate Printer Adapter
1100 - 1299 Asynchronous Communication Device, Adapter, or Port
1300 - 1399 Game Port
1400 - 1499 Colour/Graphics Printer
1500 - 1599 Synchronous Communication Device, Adapter, or Port
1700 - 1799 Hard Drive and/or Adapter
1800 - 1899 Expansion Unit (XT)
2000 - 2199 Bisynchronous Communication Adapter
2400 - 2599 EGA system-board Video (MCA)
3000 - 3199 LAN Adapter
4800 - 4999 Internal Modem
7000 - 7099 Phoenix BIOS Chips
7300 - 7399 3.5" Disk Drive
8900 - 8999 MIDI Adapter
11200 - 11299 SCSI Adapter
21000 - 21099 SCSI Fixed Disk and Controller
21500 - 21599 SCSI CD-ROM System
AMI BIOS Beep Codes
Code Description
1 Short Beep System OK
2 Short Beeps Parity error in the first 64 KB of memory
3 Short Beeps Memory failure in the first 64 KB
4 Short Beeps Memory failure in the first 64 KB Operational of memory
or Timer 1 on the motherboard is not functioning
5 Short Beeps The CPU on the motherboard generated an error
6 Short Beeps The keyboard controller may be bad. The BIOS cannot switch to protected mode
7 Short Beeps The CPU generated an exception interrupt
8 Short Beeps The system video adapter is either missing, or its memory is faulty
9 Short Beeps The ROM checksum value does not match the value encoded in the BIOS
10 Short Beeps The shutdown register for CMOS RAM failed
11 Short Beeps The external cache is faulty
1 Long, 3 Short Beeps Memory Problems
1 Long, 8 Short Beeps Video Card Problems
Phoenix BIOS Beep Codes
Note - Phoenix BIOS emits three sets of beeps, separated by a brief pause.
Code Description
1-1-3 CMOS read/write failure
1-1-4 ROM BIOS checksum error
1-2-1 Programmable interval timer failure
1-2-2 DMA initialisation failure
1-2-3 DMA page register read/write failure
1-3-1 RAM refresh verification failure
1-3-3 First 64k RAM chip or data line failure
1-3-4 First 64k RAM odd/even logic failure
1-4-1 Address line failure first 64k RAM
1-4-2 Parity failure first 64k RAM
2-_-_ Faulty Memory
3-1-_ Faulty Motherboard
3-2-4 Keyboard controller Test failure
3-3-4 Screen initialisation failure
3-4-1 Screen retrace test failure
3-4-2 Search for video ROM in progress
4-2-1 Timer tick interrupt in progress or failure
4-2-2 Shutdown test in progress or failure
4-2-3 Gate A20 failure
4-2-4 Unexpected interrupt in protected mode
4-3-1 RAM test in progress or failure>ffffh
4-3-2 Faulty Motherboard
4-3-3 Interval timer channel 2 test or failure
4-3-4 Time of Day clock test failure
4-4-1 Serial port test or failure
4-4-2 Parallel port test or failure
4-4-3 Math coprocessor test or failure
Low 1-1-2 System Board select failure
Low 1-1-3 Extended CMOS RAM failure
Standard Original IBM POST Error Codes
Code Description
1 short beep System is OK
2 short beeps POST Error - error code shown on screen No beep Power supply or system board problem Continuous beep Power supply, system board, or keyboard problem Repeating short beeps Power supply or system board problem
1 long, 1 short beep System board problem
1 long, 2 short beeps Display adapter problem (MDA, CGA)
1 long, 3 short beeps Display adapter problem (EGA)
3 long beeps 3270 keyboard card
IBM POST Diagnostic Code Descriptions
Code Description
100 - 199 System Board
200 - 299 Memory
300 - 399 Keyboard
400 - 499 Monochrome Display
500 - 599 Colour/Graphics Display
600 - 699 Floppy-disk drive and/or Adapter
700 - 799 Math Coprocessor
900 - 999 Parallel Printer Port
1000 - 1099 Alternate Printer Adapter
1100 - 1299 Asynchronous Communication Device, Adapter, or Port
1300 - 1399 Game Port
1400 - 1499 Colour/Graphics Printer
1500 - 1599 Synchronous Communication Device, Adapter, or Port
1700 - 1799 Hard Drive and/or Adapter
1800 - 1899 Expansion Unit (XT)
2000 - 2199 Bisynchronous Communication Adapter
2400 - 2599 EGA system-board Video (MCA)
3000 - 3199 LAN Adapter
4800 - 4999 Internal Modem
7000 - 7099 Phoenix BIOS Chips
7300 - 7399 3.5" Disk Drive
8900 - 8999 MIDI Adapter
11200 - 11299 SCSI Adapter
21000 - 21099 SCSI Fixed Disk and Controller
21500 - 21599 SCSI CD-ROM System
AMI BIOS Beep Codes
Code Description
1 Short Beep System OK
2 Short Beeps Parity error in the first 64 KB of memory
3 Short Beeps Memory failure in the first 64 KB
4 Short Beeps Memory failure in the first 64 KB Operational of memory
or Timer 1 on the motherboard is not functioning
5 Short Beeps The CPU on the motherboard generated an error
6 Short Beeps The keyboard controller may be bad. The BIOS cannot switch to protected mode
7 Short Beeps The CPU generated an exception interrupt
8 Short Beeps The system video adapter is either missing, or its memory is faulty
9 Short Beeps The ROM checksum value does not match the value encoded in the BIOS
10 Short Beeps The shutdown register for CMOS RAM failed
11 Short Beeps The external cache is faulty
1 Long, 3 Short Beeps Memory Problems
1 Long, 8 Short Beeps Video Card Problems
Phoenix BIOS Beep Codes
Note - Phoenix BIOS emits three sets of beeps, separated by a brief pause.
Code Description
1-1-3 CMOS read/write failure
1-1-4 ROM BIOS checksum error
1-2-1 Programmable interval timer failure
1-2-2 DMA initialisation failure
1-2-3 DMA page register read/write failure
1-3-1 RAM refresh verification failure
1-3-3 First 64k RAM chip or data line failure
1-3-4 First 64k RAM odd/even logic failure
1-4-1 Address line failure first 64k RAM
1-4-2 Parity failure first 64k RAM
2-_-_ Faulty Memory
3-1-_ Faulty Motherboard
3-2-4 Keyboard controller Test failure
3-3-4 Screen initialisation failure
3-4-1 Screen retrace test failure
3-4-2 Search for video ROM in progress
4-2-1 Timer tick interrupt in progress or failure
4-2-2 Shutdown test in progress or failure
4-2-3 Gate A20 failure
4-2-4 Unexpected interrupt in protected mode
4-3-1 RAM test in progress or failure>ffffh
4-3-2 Faulty Motherboard
4-3-3 Interval timer channel 2 test or failure
4-3-4 Time of Day clock test failure
4-4-1 Serial port test or failure
4-4-2 Parallel port test or failure
4-4-3 Math coprocessor test or failure
Low 1-1-2 System Board select failure
Low 1-1-3 Extended CMOS RAM failure
Beep Code Manual
Beep Code Manual, Better Than Gold Techies, American Megatrends Int. & Phoenix
(I'm IT, I use these codes to trouble shoot hardware issues at my job. Enjoy) cold.gif
BIOS Beep Codes
When a computer is first turned on, or rebooted, its BIOS performs a power-on self test (POST) to test the system's hardware, checking to make sure that all of the system's hardware components are working properly. Under normal circumstances, the POST will display an error message; however, if the BIOS detects an error before it can access the video card, or if there is a problem with the video card, it will produce a series of beeps, and the pattern of the beeps indicates what kind of problem the BIOS has detected.
Because there are many brands of BIOS, there are no standard beep codes for every BIOS.
The two most-used brands are AMI (American Megatrends International) and Phoenix.
Below are listed the beep codes for AMI systems, and here are the beep codes for Phoenix systems.
AMI Beep Codes
Beep Code Meaning
1 beep DRAM refresh failure. There is a problem in the system memory or the motherboard.
2 beeps Memory parity error. The parity circuit is not working properly.
3 beeps Base 64K RAM failure. There is a problem with the first 64K of system memory.
4 beeps System timer not operational. There is problem with the timer(s) that control functions on the motherboard.
5 beeps Processor failure. The system CPU has failed.
6 beeps Gate A20/keyboard controller failure. The keyboard IC controller has failed, preventing gate A20 from switching the processor to protect mode.
7 beeps Virtual mode exception error.
8 beeps Video memory error. The BIOS cannot write to the frame buffer memory on the video card.
9 beeps ROM checksum error. The BIOS ROM chip on the motherboard is likely faulty.
10 beeps CMOS checksum error. Something on the motherboard is causing an error when trying to interact with the CMOS.
11 beeps Bad cache memory. An error in the level 2 cache memory.
1 long beep, 2 short Failure in the video system.
1 long beep, 3 short A failure has been detected in memory above 64K.
1 long beep, 8 short Display test failure.
Continuous beeping A problem with the memory or video.
BIOS Beep Codes
Phoenix Beep Codes
Phoenix uses sequences of beeps to indicate problems. The "-" between each number below indicates a pause between each beep sequence. For example, 1-2-3 indicates one beep, followed by a pause and two beeps, followed by a pause and three beeps. Phoenix version before 4.x use 3-beep codes, while Phoenix versions starting with 4.x use 4-beep codes. Click here for AMI BIOS beep codes.
4-Beep Codes
Beep Code Meaning
1-1-1-3 Faulty CPU/motherboard. Verify real mode.
1-1-2-1 Faulty CPU/motherboard.
1-1-2-3 Faulty motherboard or one of its components.
1-1-3-1 Faulty motherboard or one of its components. Initialize chipset registers with initial POST values.
1-1-3-2 Faulty motherboard or one of its components.
1-1-3-3 Faulty motherboard or one of its components. Initialize CPU registers.
1-1-3-2
1-1-3-3
1-1-3-4 Failure in the first 64K of memory.
1-1-4-1 Level 2 cache error.
1-1-4-3 I/O port error.
1-2-1-1 Power management error.
1-2-1-2
1-2-1-3 Faulty motherboard or one of its components.
1-2-2-1 Keyboard controller failure.
1-2-2-3 BIOS ROM error.
1-2-3-1 System timer error.
1-2-3-3 DMA error.
1-2-4-1 IRQ controller error.
1-3-1-1 DRAM refresh error.
1-3-1-3 A20 gate failure.
1-3-2-1 Faulty motherboard or one of its components.
1-3-3-1 Extended memory error.
1-3-3-3
1-3-4-1
1-3-4-3 Error in first 1MB of system memory.
1-4-1-3
1-4-2-4 CPU error.
1-4-3-1
2-1-4-1 BIOS ROM shadow error.
1-4-3-2
1-4-3-3 Level 2 cache error.
1-4-4-1
1-4-4-2
2-1-1-1 Faulty motherboard or one of its components.
2-1-1-3
2-1-2-1 IRQ failure.
2-1-2-3 BIOS ROM error.
2-1-2-4
2-1-3-2 I/O port failure.
2-1-3-1
2-1-3-3 Video system failure.
2-1-1-3
2-1-2-1 IRQ failure.
2-1-2-3 BIOS ROM error.
2-1-2-4 I/O port failure.
2-1-4-3
2-2-1-1 Video card failure.
2-2-1-3
2-2-2-1
2-2-2-3 Keyboard controller failure.
2-2-3-1 IRQ error.
2-2-4-1 Error in first 1MB of system memory.
2-3-1-1
2-3-3-3 Extended memory failure.
2-3-2-1 Faulty motherboard or one of its components.
2-3-2-3
2-3-3-1 Level 2 cache error.
2-3-4-1
2-3-4-3 Motherboard or video card failure.
2-3-4-1
2-3-4-3
2-4-1-1 Motherboard or video card failure.
2-4-1-3 Faulty motherboard or one of its components.
2-4-2-1 RTC error.
2-4-2-3 Keyboard controller error.
2-4-4-1 IRQ error.
3-1-1-1
3-1-1-3
3-1-2-1
3-1-2-3 I/O port error.
3-1-3-1
3-1-3-3 Faulty motherboard or one of its components.
3-1-4-1
3-2-1-1
3-2-1-2 Floppy drive or hard drive failure.
3-2-1-3 Faulty motherboard or one of its components.
3-2-2-1 Keyboard controller error.
3-2-2-3
3-2-3-1
3-2-4-1 Faulty motherboard or one of its components.
3-2-4-3 IRQ error.
3-3-1-1 RTC error.
3-3-1-3 Key lock error.
3-3-3-3 Faulty motherboard or one of its components.
3-3-3-3
3-3-4-1
3-3-4-3
3-4-1-1
3-4-1-3
3-4-2-1
3-4-2-3
3-4-3-1
3-4-4-1
3-4-4-4 Faulty motherboard or one of its components.
4-1-1-1 Floppy drive or hard drive failure.
4-2-1-1
4-2-1-3
4-2-2-1 IRQ failure.
4-2-2-3
4-2-3-1
4-2-3-3
4-2-4-1 Faulty motherboard or one of its components.
4-2-4-3 Keyboard controller error.
4-3-1-3
4-3-1-4
4-3-2-1
4-3-2-2
4-3-3-1
4-3-4-1
4-3-4-3 Faulty motherboard or one of its components.
4-3-3-2
4-3-3-4 IRQ failure.
4-3-3-3
4-3-4-2 Floppy drive or hard drive failure.
3-Beep Codes
Beep Code Meaning
1-1-2 Faulty CPU/motherboard.
1-1-3 Faulty motherboard/CMOS read-write failure.
1-1-4 Faulty BIOS/BIOS ROM checksum error.
1-2-1 System timer not operational. There is a problem with the timer(s) that control functions on the motherboard.
1-2-2
1-2-3 Faulty motherboard/DMA failure.
1-3-1 Memory refresh failure.
1-3-2
1-3-3
1-3-4 Failure in the first 64K of memory.
1-4-1 Address line failure.
1-4-2 Parity RAM failure.
1-4-3 Timer failure.
1-4-4 NMI port failure.
2-_-_ Any combination of beeps after 2 indicates a failure in the first 64K of memory.
3-1-1 Master DMA failure.
3-1-2 Slave DMA failure.
3-1-3
3-1-4 Interrupt controller failure.
3-2-4 Keyboard controller failure.
3-3-1
3-3-2 CMOS error.
3-3-4 Video card failure.
3-4-1 Video card failure.
4-2-1 Timer failure.
4-2-2 CMOS shutdown failure.
4-2-3 Gate A20 failure.
4-2-4 Unexpected interrupt in protected mode.
4-3-1 RAM test failure.
4-3-3 Timer failure.
4-3-4 Time of day clock failure.
4-4-1 Serial port failure.
4-4-2 Parallel port failure.
4-4-3 Math coprocessor.
(I'm IT, I use these codes to trouble shoot hardware issues at my job. Enjoy) cold.gif
BIOS Beep Codes
When a computer is first turned on, or rebooted, its BIOS performs a power-on self test (POST) to test the system's hardware, checking to make sure that all of the system's hardware components are working properly. Under normal circumstances, the POST will display an error message; however, if the BIOS detects an error before it can access the video card, or if there is a problem with the video card, it will produce a series of beeps, and the pattern of the beeps indicates what kind of problem the BIOS has detected.
Because there are many brands of BIOS, there are no standard beep codes for every BIOS.
The two most-used brands are AMI (American Megatrends International) and Phoenix.
Below are listed the beep codes for AMI systems, and here are the beep codes for Phoenix systems.
AMI Beep Codes
Beep Code Meaning
1 beep DRAM refresh failure. There is a problem in the system memory or the motherboard.
2 beeps Memory parity error. The parity circuit is not working properly.
3 beeps Base 64K RAM failure. There is a problem with the first 64K of system memory.
4 beeps System timer not operational. There is problem with the timer(s) that control functions on the motherboard.
5 beeps Processor failure. The system CPU has failed.
6 beeps Gate A20/keyboard controller failure. The keyboard IC controller has failed, preventing gate A20 from switching the processor to protect mode.
7 beeps Virtual mode exception error.
8 beeps Video memory error. The BIOS cannot write to the frame buffer memory on the video card.
9 beeps ROM checksum error. The BIOS ROM chip on the motherboard is likely faulty.
10 beeps CMOS checksum error. Something on the motherboard is causing an error when trying to interact with the CMOS.
11 beeps Bad cache memory. An error in the level 2 cache memory.
1 long beep, 2 short Failure in the video system.
1 long beep, 3 short A failure has been detected in memory above 64K.
1 long beep, 8 short Display test failure.
Continuous beeping A problem with the memory or video.
BIOS Beep Codes
Phoenix Beep Codes
Phoenix uses sequences of beeps to indicate problems. The "-" between each number below indicates a pause between each beep sequence. For example, 1-2-3 indicates one beep, followed by a pause and two beeps, followed by a pause and three beeps. Phoenix version before 4.x use 3-beep codes, while Phoenix versions starting with 4.x use 4-beep codes. Click here for AMI BIOS beep codes.
4-Beep Codes
Beep Code Meaning
1-1-1-3 Faulty CPU/motherboard. Verify real mode.
1-1-2-1 Faulty CPU/motherboard.
1-1-2-3 Faulty motherboard or one of its components.
1-1-3-1 Faulty motherboard or one of its components. Initialize chipset registers with initial POST values.
1-1-3-2 Faulty motherboard or one of its components.
1-1-3-3 Faulty motherboard or one of its components. Initialize CPU registers.
1-1-3-2
1-1-3-3
1-1-3-4 Failure in the first 64K of memory.
1-1-4-1 Level 2 cache error.
1-1-4-3 I/O port error.
1-2-1-1 Power management error.
1-2-1-2
1-2-1-3 Faulty motherboard or one of its components.
1-2-2-1 Keyboard controller failure.
1-2-2-3 BIOS ROM error.
1-2-3-1 System timer error.
1-2-3-3 DMA error.
1-2-4-1 IRQ controller error.
1-3-1-1 DRAM refresh error.
1-3-1-3 A20 gate failure.
1-3-2-1 Faulty motherboard or one of its components.
1-3-3-1 Extended memory error.
1-3-3-3
1-3-4-1
1-3-4-3 Error in first 1MB of system memory.
1-4-1-3
1-4-2-4 CPU error.
1-4-3-1
2-1-4-1 BIOS ROM shadow error.
1-4-3-2
1-4-3-3 Level 2 cache error.
1-4-4-1
1-4-4-2
2-1-1-1 Faulty motherboard or one of its components.
2-1-1-3
2-1-2-1 IRQ failure.
2-1-2-3 BIOS ROM error.
2-1-2-4
2-1-3-2 I/O port failure.
2-1-3-1
2-1-3-3 Video system failure.
2-1-1-3
2-1-2-1 IRQ failure.
2-1-2-3 BIOS ROM error.
2-1-2-4 I/O port failure.
2-1-4-3
2-2-1-1 Video card failure.
2-2-1-3
2-2-2-1
2-2-2-3 Keyboard controller failure.
2-2-3-1 IRQ error.
2-2-4-1 Error in first 1MB of system memory.
2-3-1-1
2-3-3-3 Extended memory failure.
2-3-2-1 Faulty motherboard or one of its components.
2-3-2-3
2-3-3-1 Level 2 cache error.
2-3-4-1
2-3-4-3 Motherboard or video card failure.
2-3-4-1
2-3-4-3
2-4-1-1 Motherboard or video card failure.
2-4-1-3 Faulty motherboard or one of its components.
2-4-2-1 RTC error.
2-4-2-3 Keyboard controller error.
2-4-4-1 IRQ error.
3-1-1-1
3-1-1-3
3-1-2-1
3-1-2-3 I/O port error.
3-1-3-1
3-1-3-3 Faulty motherboard or one of its components.
3-1-4-1
3-2-1-1
3-2-1-2 Floppy drive or hard drive failure.
3-2-1-3 Faulty motherboard or one of its components.
3-2-2-1 Keyboard controller error.
3-2-2-3
3-2-3-1
3-2-4-1 Faulty motherboard or one of its components.
3-2-4-3 IRQ error.
3-3-1-1 RTC error.
3-3-1-3 Key lock error.
3-3-3-3 Faulty motherboard or one of its components.
3-3-3-3
3-3-4-1
3-3-4-3
3-4-1-1
3-4-1-3
3-4-2-1
3-4-2-3
3-4-3-1
3-4-4-1
3-4-4-4 Faulty motherboard or one of its components.
4-1-1-1 Floppy drive or hard drive failure.
4-2-1-1
4-2-1-3
4-2-2-1 IRQ failure.
4-2-2-3
4-2-3-1
4-2-3-3
4-2-4-1 Faulty motherboard or one of its components.
4-2-4-3 Keyboard controller error.
4-3-1-3
4-3-1-4
4-3-2-1
4-3-2-2
4-3-3-1
4-3-4-1
4-3-4-3 Faulty motherboard or one of its components.
4-3-3-2
4-3-3-4 IRQ failure.
4-3-3-3
4-3-4-2 Floppy drive or hard drive failure.
3-Beep Codes
Beep Code Meaning
1-1-2 Faulty CPU/motherboard.
1-1-3 Faulty motherboard/CMOS read-write failure.
1-1-4 Faulty BIOS/BIOS ROM checksum error.
1-2-1 System timer not operational. There is a problem with the timer(s) that control functions on the motherboard.
1-2-2
1-2-3 Faulty motherboard/DMA failure.
1-3-1 Memory refresh failure.
1-3-2
1-3-3
1-3-4 Failure in the first 64K of memory.
1-4-1 Address line failure.
1-4-2 Parity RAM failure.
1-4-3 Timer failure.
1-4-4 NMI port failure.
2-_-_ Any combination of beeps after 2 indicates a failure in the first 64K of memory.
3-1-1 Master DMA failure.
3-1-2 Slave DMA failure.
3-1-3
3-1-4 Interrupt controller failure.
3-2-4 Keyboard controller failure.
3-3-1
3-3-2 CMOS error.
3-3-4 Video card failure.
3-4-1 Video card failure.
4-2-1 Timer failure.
4-2-2 CMOS shutdown failure.
4-2-3 Gate A20 failure.
4-2-4 Unexpected interrupt in protected mode.
4-3-1 RAM test failure.
4-3-3 Timer failure.
4-3-4 Time of day clock failure.
4-4-1 Serial port failure.
4-4-2 Parallel port failure.
4-4-3 Math coprocessor.
Best Keyboard shortcut
Getting used to using your keyboard exclusively and leaving your mouse behind will make you much more efficient at performing any task on any Windows system. I use the following keyboard shortcuts every day:
Windows key + R = Run menu
This is usually followed by:
cmd = Command Prompt
iexplore + "web address" = Internet Explorer
compmgmt.msc = Computer Management
dhcpmgmt.msc = DHCP Management
dnsmgmt.msc = DNS Management
services.msc = Services
eventvwr = Event Viewer
dsa.msc = Active Directory Users and Computers
dssite.msc = Active Directory Sites and Services
Windows key + E = Explorer
ALT + Tab = Switch between windows
ALT, Space, X = Maximize window
CTRL + Shift + Esc = Task Manager
Windows key + Break = System properties
Windows key + F = Search
Windows key + D = Hide/Display all windows
CTRL + C = copy
CTRL + X = cut
CTRL + V = paste
Also don't forget about the "Right-click" key next to the right Windows key on your keyboard. Using the arrows and that key can get just about anything done once you've opened up any program.
Keyboard Shortcuts
[Alt] and [Esc] Switch between running applications
[Alt] and letter Select menu item by underlined letter
[Ctrl] and [Esc] Open Program Menu
[Ctrl] and [F4] Close active document or group windows (does not work with some applications)
[Alt] and [F4] Quit active application or close current window
[Alt] and [-] Open Control menu for active document
Ctrl] Lft., Rt. arrow Move cursor forward or back one word
Ctrl] Up, Down arrow Move cursor forward or back one paragraph
[F1] Open Help for active application
Windows+M Minimize all open windows
Shift+Windows+M Undo minimize all open windows
Windows+F1 Open Windows Help
Windows+Tab Cycle through the Taskbar buttons
Windows+Break Open the System Properties dialog box
acessability shortcuts
Right SHIFT for eight seconds........ Switch FilterKeys on and off.
Left ALT +left SHIFT +PRINT SCREEN....... Switch High Contrast on and off.
Left ALT +left SHIFT +NUM LOCK....... Switch MouseKeys on and off.
SHIFT....... five times Switch StickyKeys on and off.
NUM LOCK...... for five seconds Switch ToggleKeys on and off.
explorer shortcuts
END....... Display the bottom of the active window.
HOME....... Display the top of the active window.
NUM LOCK+ASTERISK....... on numeric keypad (*) Display all subfolders under the selected folder.
NUM LOCK+PLUS SIGN....... on numeric keypad (+) Display the contents of the selected folder.
NUM LOCK+MINUS SIGN....... on numeric keypad (-) Collapse the selected folder.
LEFT ARROW...... Collapse current selection if it's expanded, or select parent folder.
RIGHT ARROW....... Display current selection if it's collapsed, or select first subfolder.
Type the following commands in your Run Box (Windows Key + R) or Start Run
devmgmt.msc = Device Manager
msinfo32 = System Information
cleanmgr = Disk Cleanup
ntbackup = Backup or Restore Wizard (Windows Backup Utility)
mmc = Microsoft Management Console
excel = Microsoft Excel (If Installed)
msaccess = Microsoft Access (If Installed)
powerpnt = Microsoft PowerPoint (If Installed)
winword = Microsoft Word (If Installed)
frontpg = Microsoft FrontPage (If Installed)
notepad = Notepad
wordpad = WordPad
calc = Calculator
msmsgs = Windows Messenger
mspaint = Microsoft Paint
wmplayer = Windows Media Player
rstrui = System Restore
netscp6 = Netscape 6.x
netscp = Netscape 7.x
netscape = Netscape 4.x
waol = America Online
control = Opens the Control Panel
control printers = Opens the Printers Dialog
internetbrowser
type in u're adress "google", then press [Right CTRL] and [Enter]
add www. and .com to word and go to it
For Windows XP:
Copy. CTRL+C
Cut. CTRL+X
Paste. CTRL+V
Undo. CTRL+Z
Delete. DELETE
Delete selected item permanently without placing the item in the Recycle Bin. SHIFT+DELETE
Copy selected item. CTRL while dragging an item
Create shortcut to selected item. CTRL+SHIFT while dragging an item
Rename selected item. F2
Move the insertion point to the beginning of the next word. CTRL+RIGHT ARROW
Move the insertion point to the beginning of the previous word. CTRL+LEFT ARROW
Move the insertion point to the beginning of the next paragraph. CTRL+DOWN ARROW
Move the insertion point to the beginning of the previous paragraph. CTRL+UP ARROW
Highlight a block of text. CTRL+SHIFT with any of the arrow keys
Select more than one item in a window or on the desktop, or select text within a document. SHIFT with any of the arrow keys
Select all. CTRL+A
Search for a file or folder. F3
View properties for the selected item. ALT+ENTER
Close the active item, or quit the active program. ALT+F4
Opens the shortcut menu for the active window. ALT+SPACEBAR
Close the active document in programs that allow you to have multiple documents open simultaneously. CTRL+F4
Switch between open items. ALT+TAB
Cycle through items in the order they were opened. ALT+ESC
Cycle through screen elements in a window or on the desktop. F6
Display the Address bar list in My Computer or Windows Explorer. F4
Display the shortcut menu for the selected item. SHIFT+F10
Display the System menu for the active window. ALT+SPACEBAR
Display the Start menu. CTRL+ESC
Display the corresponding menu. ALT+Underlined letter in a menu name
Carry out the corresponding command. Underlined letter in a command name on an open menu
Activate the menu bar in the active program. F10
Open the next menu to the right, or open a submenu. RIGHT ARROW
Open the next menu to the left, or close a submenu. LEFT ARROW
Refresh the active window. F5
View the folder one level up in My Computer or Windows Explorer. BACKSPACE
Cancel the current task. ESC
SHIFT when you insert a CD into the CD-ROM drive Prevent the CD from automatically playing.
Use these keyboard shortcuts for dialog boxes:
To Press
Move forward through tabs. CTRL+TAB
Move backward through tabs. CTRL+SHIFT+TAB
Move forward through options. TAB
Move backward through options. SHIFT+TAB
Carry out the corresponding command or select the corresponding option. ALT+Underlined letter
Carry out the command for the active option or button. ENTER
Select or clear the check box if the active option is a check box. SPACEBAR
Select a button if the active option is a group of option buttons. Arrow keys
Display Help. F1
Display the items in the active list. F4
Open a folder one level up if a folder is selected in the Save As or Open dialog box. BACKSPACE
If you have a Microsoft Natural Keyboard, or any other compatible keyboard that includes the Windows logo key and the Application key , you can use these keyboard shortcuts:
Display or hide the Start menu. WIN Key
Display the System Properties dialog box. WIN Key+BREAK
Show the desktop. WIN Key+D
Minimize all windows. WIN Key+M
Restores minimized windows. WIN Key+Shift+M
Open My Computer. WIN Key+E
Search for a file or folder. WIN Key+F
Search for computers. CTRL+WIN Key+F
Display Windows Help. WIN Key+F1
Lock your computer if you are connected to a network domain, or switch users if you are not connected to a network domain. WIN Key+ L
Open the Run dialog box. WIN Key+R
Open Utility Manager. WIN Key+U
accessibility keyboard shortcuts:
Switch FilterKeys on and off. Right SHIFT for eight seconds
Switch High Contrast on and off. Left ALT+left SHIFT+PRINT SCREEN
Switch MouseKeys on and off. Left ALT +left SHIFT +NUM LOCK
Switch StickyKeys on and off. SHIFT five times
Switch ToggleKeys on and off. NUM LOCK for five seconds
Open Utility Manager. WIN Key+U
shortcuts you can use with Windows Explorer:
Display the bottom of the active window. END
Display the top of the active window. HOME
Display all subfolders under the selected folder. NUM LOCK+ASTERISK on numeric keypad (*)
Display the contents of the selected folder. NUM LOCK+PLUS SIGN on numeric keypad (+)
Collapse the selected folder. NUM LOCK+MINUS SIGN on numeric keypad (-)
Collapse current selection if it's expanded, or select parent folder. LEFT ARROW
Display current selection if it's collapsed, or select first subfolder. RIGHT ARROW
Windows key + R = Run menu
This is usually followed by:
cmd = Command Prompt
iexplore + "web address" = Internet Explorer
compmgmt.msc = Computer Management
dhcpmgmt.msc = DHCP Management
dnsmgmt.msc = DNS Management
services.msc = Services
eventvwr = Event Viewer
dsa.msc = Active Directory Users and Computers
dssite.msc = Active Directory Sites and Services
Windows key + E = Explorer
ALT + Tab = Switch between windows
ALT, Space, X = Maximize window
CTRL + Shift + Esc = Task Manager
Windows key + Break = System properties
Windows key + F = Search
Windows key + D = Hide/Display all windows
CTRL + C = copy
CTRL + X = cut
CTRL + V = paste
Also don't forget about the "Right-click" key next to the right Windows key on your keyboard. Using the arrows and that key can get just about anything done once you've opened up any program.
Keyboard Shortcuts
[Alt] and [Esc] Switch between running applications
[Alt] and letter Select menu item by underlined letter
[Ctrl] and [Esc] Open Program Menu
[Ctrl] and [F4] Close active document or group windows (does not work with some applications)
[Alt] and [F4] Quit active application or close current window
[Alt] and [-] Open Control menu for active document
Ctrl] Lft., Rt. arrow Move cursor forward or back one word
Ctrl] Up, Down arrow Move cursor forward or back one paragraph
[F1] Open Help for active application
Windows+M Minimize all open windows
Shift+Windows+M Undo minimize all open windows
Windows+F1 Open Windows Help
Windows+Tab Cycle through the Taskbar buttons
Windows+Break Open the System Properties dialog box
acessability shortcuts
Right SHIFT for eight seconds........ Switch FilterKeys on and off.
Left ALT +left SHIFT +PRINT SCREEN....... Switch High Contrast on and off.
Left ALT +left SHIFT +NUM LOCK....... Switch MouseKeys on and off.
SHIFT....... five times Switch StickyKeys on and off.
NUM LOCK...... for five seconds Switch ToggleKeys on and off.
explorer shortcuts
END....... Display the bottom of the active window.
HOME....... Display the top of the active window.
NUM LOCK+ASTERISK....... on numeric keypad (*) Display all subfolders under the selected folder.
NUM LOCK+PLUS SIGN....... on numeric keypad (+) Display the contents of the selected folder.
NUM LOCK+MINUS SIGN....... on numeric keypad (-) Collapse the selected folder.
LEFT ARROW...... Collapse current selection if it's expanded, or select parent folder.
RIGHT ARROW....... Display current selection if it's collapsed, or select first subfolder.
Type the following commands in your Run Box (Windows Key + R) or Start Run
devmgmt.msc = Device Manager
msinfo32 = System Information
cleanmgr = Disk Cleanup
ntbackup = Backup or Restore Wizard (Windows Backup Utility)
mmc = Microsoft Management Console
excel = Microsoft Excel (If Installed)
msaccess = Microsoft Access (If Installed)
powerpnt = Microsoft PowerPoint (If Installed)
winword = Microsoft Word (If Installed)
frontpg = Microsoft FrontPage (If Installed)
notepad = Notepad
wordpad = WordPad
calc = Calculator
msmsgs = Windows Messenger
mspaint = Microsoft Paint
wmplayer = Windows Media Player
rstrui = System Restore
netscp6 = Netscape 6.x
netscp = Netscape 7.x
netscape = Netscape 4.x
waol = America Online
control = Opens the Control Panel
control printers = Opens the Printers Dialog
internetbrowser
type in u're adress "google", then press [Right CTRL] and [Enter]
add www. and .com to word and go to it
For Windows XP:
Copy. CTRL+C
Cut. CTRL+X
Paste. CTRL+V
Undo. CTRL+Z
Delete. DELETE
Delete selected item permanently without placing the item in the Recycle Bin. SHIFT+DELETE
Copy selected item. CTRL while dragging an item
Create shortcut to selected item. CTRL+SHIFT while dragging an item
Rename selected item. F2
Move the insertion point to the beginning of the next word. CTRL+RIGHT ARROW
Move the insertion point to the beginning of the previous word. CTRL+LEFT ARROW
Move the insertion point to the beginning of the next paragraph. CTRL+DOWN ARROW
Move the insertion point to the beginning of the previous paragraph. CTRL+UP ARROW
Highlight a block of text. CTRL+SHIFT with any of the arrow keys
Select more than one item in a window or on the desktop, or select text within a document. SHIFT with any of the arrow keys
Select all. CTRL+A
Search for a file or folder. F3
View properties for the selected item. ALT+ENTER
Close the active item, or quit the active program. ALT+F4
Opens the shortcut menu for the active window. ALT+SPACEBAR
Close the active document in programs that allow you to have multiple documents open simultaneously. CTRL+F4
Switch between open items. ALT+TAB
Cycle through items in the order they were opened. ALT+ESC
Cycle through screen elements in a window or on the desktop. F6
Display the Address bar list in My Computer or Windows Explorer. F4
Display the shortcut menu for the selected item. SHIFT+F10
Display the System menu for the active window. ALT+SPACEBAR
Display the Start menu. CTRL+ESC
Display the corresponding menu. ALT+Underlined letter in a menu name
Carry out the corresponding command. Underlined letter in a command name on an open menu
Activate the menu bar in the active program. F10
Open the next menu to the right, or open a submenu. RIGHT ARROW
Open the next menu to the left, or close a submenu. LEFT ARROW
Refresh the active window. F5
View the folder one level up in My Computer or Windows Explorer. BACKSPACE
Cancel the current task. ESC
SHIFT when you insert a CD into the CD-ROM drive Prevent the CD from automatically playing.
Use these keyboard shortcuts for dialog boxes:
To Press
Move forward through tabs. CTRL+TAB
Move backward through tabs. CTRL+SHIFT+TAB
Move forward through options. TAB
Move backward through options. SHIFT+TAB
Carry out the corresponding command or select the corresponding option. ALT+Underlined letter
Carry out the command for the active option or button. ENTER
Select or clear the check box if the active option is a check box. SPACEBAR
Select a button if the active option is a group of option buttons. Arrow keys
Display Help. F1
Display the items in the active list. F4
Open a folder one level up if a folder is selected in the Save As or Open dialog box. BACKSPACE
If you have a Microsoft Natural Keyboard, or any other compatible keyboard that includes the Windows logo key and the Application key , you can use these keyboard shortcuts:
Display or hide the Start menu. WIN Key
Display the System Properties dialog box. WIN Key+BREAK
Show the desktop. WIN Key+D
Minimize all windows. WIN Key+M
Restores minimized windows. WIN Key+Shift+M
Open My Computer. WIN Key+E
Search for a file or folder. WIN Key+F
Search for computers. CTRL+WIN Key+F
Display Windows Help. WIN Key+F1
Lock your computer if you are connected to a network domain, or switch users if you are not connected to a network domain. WIN Key+ L
Open the Run dialog box. WIN Key+R
Open Utility Manager. WIN Key+U
accessibility keyboard shortcuts:
Switch FilterKeys on and off. Right SHIFT for eight seconds
Switch High Contrast on and off. Left ALT+left SHIFT+PRINT SCREEN
Switch MouseKeys on and off. Left ALT +left SHIFT +NUM LOCK
Switch StickyKeys on and off. SHIFT five times
Switch ToggleKeys on and off. NUM LOCK for five seconds
Open Utility Manager. WIN Key+U
shortcuts you can use with Windows Explorer:
Display the bottom of the active window. END
Display the top of the active window. HOME
Display all subfolders under the selected folder. NUM LOCK+ASTERISK on numeric keypad (*)
Display the contents of the selected folder. NUM LOCK+PLUS SIGN on numeric keypad (+)
Collapse the selected folder. NUM LOCK+MINUS SIGN on numeric keypad (-)
Collapse current selection if it's expanded, or select parent folder. LEFT ARROW
Display current selection if it's collapsed, or select first subfolder. RIGHT ARROW
Change Xp Button
Step 1 - Modify Explorer.exe File
In order to make the changes, the file explorer.exe located at C:\Windows needs to be edited. Since explorer.exe is a binary file it requires a special editor. For purposes of this article I have used Resource Hacker. Resource HackerTM is a freeware utility to view, modify, rename, add, delete and extract resources in 32bit Windows executables and resource files (*.res). It incorporates an internal resource script compiler and decompiler and works on Microsoft Windows 95/98/ME, Windows NT, Windows 2000 and Windows XP operating systems.
get this from h**p://delphi.icm.edu.pl/ftp/tools/ResHack.zip
The first step is to make a backup copy of the file explorer.exe located at C:\Windows\explorer. Place it in a folder somewhere on your hard drive where it will be safe. Start Resource Hacker and open explorer.exe located at C:\Windows\explorer.exe.
The category we are going to be using is "String Table". Expand it by clicking the plus sign then navigate down to and expand string 37 followed by highlighting 1033. If you are using the Classic Layout rather than the XP Layout, use number 38. The right hand pane will display the stringtable. We’re going to modify item 578, currently showing the word “start” just as it displays on the current Start button.
There is no magic here. Just double click on the word “start” so that it’s highlighted, making sure the quotation marks are not part of the highlight. They need to remain in place, surrounding the new text that you’ll type. Go ahead and type your new entry. In my case I used Click Me!
You’ll notice that after the new text string has been entered the Compile Script button that was grayed out is now active. I won’t get into what’s involved in compiling a script, but suffice it to say it’s going to make this exercise worthwhile. Click Compile Script and then save the altered file using the Save As command on the File Menu. Do not use the Save command – Make sure to use the Save As command and choose a name for the file. Save the newly named file to C:\Windows.
Step 2 – Modify the Registry
!!!make a backup of your registry before making changes!!!
Now that the modified explorer.exe has been created it’s necessary to modify the registry so the file will be recognized when the user logs on to the system. If you don’t know how to access the registry I’m not sure this article is for you, but just in case it’s a temporary memory lapse, go to Start (soon to be something else) Run and type regedit in the Open field. Navigate to:
HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows NT\ CurrentVersion\ Winlogon
In the right pane, double click the "Shell" entry to open the Edit String dialog box. In Value data: line, enter the name that was used to save the modified explorer.exe file. Click OK.
Close Registry Editor and either log off the system and log back in, or reboot the entire system if that’s your preference. If all went as planned you should see your new Start button with the revised text.[/b]
In order to make the changes, the file explorer.exe located at C:\Windows needs to be edited. Since explorer.exe is a binary file it requires a special editor. For purposes of this article I have used Resource Hacker. Resource HackerTM is a freeware utility to view, modify, rename, add, delete and extract resources in 32bit Windows executables and resource files (*.res). It incorporates an internal resource script compiler and decompiler and works on Microsoft Windows 95/98/ME, Windows NT, Windows 2000 and Windows XP operating systems.
get this from h**p://delphi.icm.edu.pl/ftp/tools/ResHack.zip
The first step is to make a backup copy of the file explorer.exe located at C:\Windows\explorer. Place it in a folder somewhere on your hard drive where it will be safe. Start Resource Hacker and open explorer.exe located at C:\Windows\explorer.exe.
The category we are going to be using is "String Table". Expand it by clicking the plus sign then navigate down to and expand string 37 followed by highlighting 1033. If you are using the Classic Layout rather than the XP Layout, use number 38. The right hand pane will display the stringtable. We’re going to modify item 578, currently showing the word “start” just as it displays on the current Start button.
There is no magic here. Just double click on the word “start” so that it’s highlighted, making sure the quotation marks are not part of the highlight. They need to remain in place, surrounding the new text that you’ll type. Go ahead and type your new entry. In my case I used Click Me!
You’ll notice that after the new text string has been entered the Compile Script button that was grayed out is now active. I won’t get into what’s involved in compiling a script, but suffice it to say it’s going to make this exercise worthwhile. Click Compile Script and then save the altered file using the Save As command on the File Menu. Do not use the Save command – Make sure to use the Save As command and choose a name for the file. Save the newly named file to C:\Windows.
Step 2 – Modify the Registry
!!!make a backup of your registry before making changes!!!
Now that the modified explorer.exe has been created it’s necessary to modify the registry so the file will be recognized when the user logs on to the system. If you don’t know how to access the registry I’m not sure this article is for you, but just in case it’s a temporary memory lapse, go to Start (soon to be something else) Run and type regedit in the Open field. Navigate to:
HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows NT\ CurrentVersion\ Winlogon
In the right pane, double click the "Shell" entry to open the Edit String dialog box. In Value data: line, enter the name that was used to save the modified explorer.exe file. Click OK.
Close Registry Editor and either log off the system and log back in, or reboot the entire system if that’s your preference. If all went as planned you should see your new Start button with the revised text.[/b]
how about Firewall
What is a Firewall?
A firewall is a tool that monitors communication to and from your computer. It sits between your computer and the rest of the network, and according to some criteria, it decides which communication to allow, and which communication to block. It may also use some other criteria to decide about which communication or communication request to report to you (either by adding the information to a log file that you may browse whenever you wish, or in an alert message on the screen), and what not to report.
What Is It Good For?
Identifying and blocking remote access Trojans. Perhaps the most common way to break into a home computer and gain control, is by using a remote access Trojan (RAT). (sometimes it is called "backdoor Trojan" or "backdoor program". Many people simply call it a "Trojan horse" although the term "Trojan horse" is much more generic). A Trojan horse, is a program that claims to do something really innocent, but in fact does something much less innocent. This goes to the days where the Greek soldiers succeeded to enter through the gates of Troy by building a big wooden horse, and giving it as a present to the king of Troy. The soldiers allowed the sculpture to enter through their gates, and then at night, when the soldiers were busy guarding against an outside attack, many Greek soldiers who were hiding inside the horse went out and attacked Troy from the inside. This story, which may or may not be true, is an example of something which looks like something innocent and is used for some less innocent purpose. The same thing happens in computers. You may sometimes get some program, via ICQ, or via Usenet, or via IRC, and believe this program to be something good, while in fact running it will do something less nice to your computer. Such programs are called Trojan horses. It is accepted to say that the difference between a Trojan horse and a virus, is that a virus has the ability to self-replicate and to distribute itself, while a Trojan horse lacks this ability. A special type of Trojan horses, is RATs (Remote Access Trojans, some say "remote admin Trojans"). These Trojans once executed in the victim's computer, start to listen to incoming communication from a remote matching program that the attacker uses. When they get instructions from the remote program, they act accordingly, and thus let the user of the remote program to execute commands on the victim's computer. To name a few famous RATs, the most common are Netbus, Back-Orifice, and SubSeven (which is also known as Backdoor-G). In order for the attacker to use this method, your computer must first be infected by a RAT.
Prevention of infections by RATs is no different than prevention of infection by viruses. Antivirus programs can identify and remove most of the more common RATs. Personal firewalls can identify and block remote communication efforts to the more common RATs and by thus blocking the attacker, and identifying the RAT.
Blocking/Identifying Other Types of Trojans and WQorms?
There are many other types of Trojan horses which may try to communicate with the outside from your computer. Whether they are e-mail worms trying to distribute themselves using their own SMTP engine, or they might be password stealers, or anything else. Many of them can be identified and blocked by a personal firewall.
Identifying/Blocking Spyware's/Adbots?
The term "spyware" is a slang which is not well defined. It is commonly used mainly for various adware (and adware is a program that is supported by presenting advertisements to the user), and that during their installation process, they install an independent program which we shall call "adbot". The adbot runs independently even if the hosting adware is not running, and it maintains the advertisements, downloads them from the remote server, and provides information to the remote server. The adbot is usually hidden. There are many companies that offer adbots, and advertisements services to adware. The information that the adbots deliver to their servers from the computer where the adbot is installed, is "how much time each advertisement is shown, which was the hosting adware, and whether the user clicked on the advertisement. This is important so that the advertisements server will be able to know how much money to get from each of the advertised companies, and how much from it to deliver to each of the adware maintainers. Some of the adbots also collect other information in order to better choose the advertisements to the users. The term "spyware" is more generic, but most of the spyware fall into this category. Many types of adbots can be identified and blocked by personal firewalls.
Blocking Advertisements?
Some of the better personal firewalls can be set to block communication with specific sites. This can be used in order to prevent downloading of advertisements in web pages, and thus to accelerate the download process of the web sites. This is not a very common use of a personal firewall, though.
Preventing Communication to Tracking Sites?
Some web pages contain references to tracking sites. e.g. instruct the web browser to download a small picture (sometimes invisible) from tracking sites. Sometimes, the pictures are visible and provide some statistics about the site. Those tracking sites will try to save a small text either as a small file in a special directory, or as a line in a special file (depending on what is your browser), and your browser will usually allow the saving site to read the text that it saved on your computer. This is called "web cookies" or sometimes simply "cookies". Cookies allow a web site to keep information that it saved some time when you entered it, to be read whenever you enter the site again. This allow the web site to customize itself for you, and to keep track on everything that you did on that site. It does not have to keep that information on your computer. All it has to save on your computer is a unique identifying number, and then it can keep in the server's side information regarding what has been done by the browser that used that cookie. Yet, by this method, a web site can get only information regarding your visits in it. Some sites such as "doubleclick" or "hitbox" can collect information from various affiliated sites, by putting a small reference in the affiliated pages to some picture on their servers. When you enter one of the affiliated web pages, your browser will communicate with the tracking site, and this will allow the tracking site to put or to read a cookie that identifies your computer uniquely, and it can also know what was the web page that referred to it, and any other information that the affiliated web site wanted to deliver to the tracking site. This way tracking sites can correlate information from many affiliated sites, to build information that for example will allow them to better customize the advertisements that are put on those sites when you browse them.
Some personal firewalls can be set to block communication to tracking sites. It is not a common use of a personal firewall, though, and a personal firewall is not the best tool for that, but if you already have one, this is yet another possible use of it.
Blocking or Limiting the NetBIOS Communication? (as well as other default services)
The two common methods of intruders to break into home computers, are through a RAT (which was discussed in II.3a) and through the NetBIOS communication. The NetBIOS is a standard for naming computers in small networks, developed long ago by IBM and Microsoft. There are a few communication standards which are used in relation to the NetBIOS. The ones that are relevant for Microsoft Windows operating systems, are: NBT (NetBIOS over TCP/IP), IPX/SPX, and NetBEUI. The communication standard which is used over the Internet, is NBT. If it is enabled, and there is no firewall or something else in the middle, it means that your computer is listening for communications over the Internet via this standard, and will react according to the different NBT commands that it gets from the remote programs. It is thus that the NBT (which sometimes loosely called "NetBIOS") is acting as a server. So the next question should be "what remote NBT commands the NBT server will do on the local computer". The answer to this question depends on the specific setting on your computer. You may set your computer to allow file and print sharing. If also NBT is enabled, it means that you allow remote users to share your files or printers. This is a big problem. It is true that in principle the remote user has to know your password for that computer, but many users do not set a password for their user on Windows, or set a trivial password. Older versions of Win95 had file and print sharing over NetBIOS enabled by default. On Win98, and WinMe it was disabled by default, but many technicians, when they set a home network, they enable the file and print sharing, without being aware that it influences also the authorizations of a remote Internet user. There are even worms and viruses who use the File sharing option to spread in the Internet. Anyway, no matter whether you need it for some reason or just are not aware of it, a personal firewall can identify and block any external effort to communicate with the NetBIOS server on your computer. The more flexible personal firewalls can be set to restrict the authorization to communicate with the NetBIOS. Some Windows operating systems, especially those which are not meant for home uses, offer other public services by default, such as RPC. A firewall can identify communication efforts to them, and block them. Since such services listen to remote communications, there is a potential risk when there are efforts to exploit security holes in the programs that offer the services, if there are such security holes. A firewall may block or limit the communication to those services.
Hiding Your Computer on the Internet?
Without a firewall, on a typical computer, even if well maintained, a remote person will still be able to know that the communication effort has reached some computer, and perhaps some information about the operating system on that computer. If that computer is handled well, the remote user will not be able to get much more information from your computer, but might still be able to identify also who your ISP is, and might decide to invest further time in cracking into your computer.
With a firewall, you can set the firewall so that any communication effort from remote users (in the better firewalls you may define an exception list) will not be responded at all. This way the remote user will not be able to even know that it reached a live computer. This might discourage the remote attacker from investing further time in effort to crack into your computer.
The Non-Firewall Defenses
We've discussed a few situations where a personal firewall can provide defense. Yet, in many cases a computer maintainer can deal with those situations even without a firewall. Those "alternative" defenses, in many cases are recommended regardless of whether you use a firewall or not.
Remote Access Trojans?
The best way to defend against remote access Trojans (RATs) is to prevent them from being installed in the first place on your computer. A RAT should first infect your computer in order to start to listen to remote communication efforts. The infection techniques are very similar to the infection techniques that viruses use, and hence the defense against Trojan horses is similar to the defense against viruses. Trojan horses do not distribute themselves (although they might be companions of another Internet worm or virus that distributes them. Yet, because in most cases they do not distribute themselves, it is likely that you will get them from anonymous sources, such as instant messengers, Kazaa, IRC, or a newsgroup. adopting a suspicious policy regarding downloads from such places, will save you not only from viruses but also from getting infected with Trojan horses, including RATs. Because Trojan horses are similar in some ways to viruses, almost all antivirus programs can identify, block from being installed, and remove most of the Trojan horses, including all the common ones. There are also some programs (sometimes called antiTrojan programs) which specialize in the identification and removal of Trojan horses. For a list of those programs, and for comparison on how well different antivirus, and antiTrojan programs identify different Trojan horses, see Hackfix (http://www.hackfix.org), under "Software test results". Hackfix also has information on the more common RATS (such as the Netbus and the Subseven) and on how to remove them manually. There are some tools and web sites, such port scanners, and some ways with a use of more generic tools such as telnet, msconfig, and netstat, which may help you to identify a RAT.
Other types of Trojans and worms?
Also here your main interest should be to prevent them from infecting your computer in the first place, rather than blocking their communication. A good antivirus and a good policy regarding the prevention of virus infections, should be the first and most important defense.
Spyware and Adbots?
The term spyware is sometimes misleading. In my view, it is the responsibility of the adware developer to present the fact that the adware installation will install or use an independent adbots, and to provide the information on how this adbot communicates, and which information it delivers, in a fair place and manner before the adware is installed. It is also a responsibility to provide this information in their web sites, so that people will be aware of that before they even download the software. Yet, in general, those adbots do not pose any security threat, and in many cases also their privacy threat is negligible for many people (e.g. the computer with adbot number 1127533 has been exposed to advertisements a, b, c, such and such times, while using adware x, while on computer with adbot number 1127534 has been exposed to advertisements a,d, and e, such amount of time, with the use of adware y, and clicked on ads number d). It should be fully legitimate for software developers to offer an advertisement supported programs, and it is up to the user to decide whether the use of the program worth the ads and the adbot, or not. Preventing adbot from communicating is generally not a moral thing. If you decide to use an adware, you should pay the price of letting the adbot work. If you don't want it, please remove the adware, and only if for some reason the adbot continue to work even if no hosting adware that uses it is installed, you may remove the adbot. Anyway, there are some very useful tools to identify whether a program is a "spyware", or whether a "spyware" is installed on your computer, and you are certainly entitled to this information. Two useful programs are "AdAware" which identifies "spyware" components on your computer and allows you to remove them, and Ad-Search which allows you to provide a name of a program, and it tells you whether this program is a "spyware" and which adbot it uses. It is useful to assist you in choosing whether to install a program or not. You may find those programs in http://www.lavasoft.nu (or, if it doesn't work, you may try http://www.lavasoftusa.com). Those programs are useful, mainly because many adware developers are not fair enough to present this information in a fair manner. AdAware allows you to also remove those adbot components from your computer. This might, however, terminate your license to use the hosting adware programs, and might even cause them to stop functioning. A website which offers to check whether a specific program that you wish to install is "spyware" or not, is http://www.spychecker.com .
Blocking Advertisements?
Leaving aside the moral aspect of blocking advertisements, a personal firewall is not the best tool for that anyway. This is not the main purpose of a firewall, and neither its main strength. Some of them can block some of the advertisements from being downloaded, if you know how to configure them for that. Yet, there are better tools for that, such as Proxomitron (http://www.proxomitron.org), CookieCop 2 (search for the word cookiecop on http://www.pcmag.com), or Naviscope (http://www.naviscope.com), and there are many other programs as well. You may check for other alternatives, e.g. in Tucows (http://www.tucows.com/adkiller95.html).
Blocking Tracking Sites?
Also here, a personal firewall is not the best tool for that, and there are other tools and ways which are more effective. These are cookie utilities. Since a tracking site uses a cookie to identify and relate the information gathered to the same person (or computer), by preventing the cookie from being installed. The tracking site will lose its ability to track things. There are plenty of cookie management utilities. Some of them are freeware, and some are not. CookieCop which was mentioned in the former section is one of them. WebWasher (http://www.webwasher.com) is another recommended one, and there are plenty of other alternatives such as cookie-crusher, cookie-pal, pop-up killer, etc. You may search for other alternatives, in Tucows (http://www.tucows.com/cookie95.html).
NetBIOS and Other Services?
The NetBIOS over TCP/IP (NBT) which is sometimes loosely called "NetBIOS", is a service which has some security problems with it. It is enabled by default in Windows default installations, and it is very common to see that a firewall does the job of preventing the efforts to get access to your computer via NBT. Yet, in almost all cases, this service is not needed, and thus can be disabled. To disable NBT in Win95/98/ME is not as simple as it is in Win2K/XP, but can still be done reliably. We explain how to do this in another article (#to be written soon). It is needless to say, that if NBT is disabled, there is no need for a firewall to block communication to it. Also, in the case of other services, such as RPC services, and others, in many cases you simply don't need those services and better disable them from within Windows rather than use the firewall to block them. There are various ways to know which services are running on your computer, and which of them are listening for communications from the outside. If there are ones that you don't need, they should be disabled.
Hiding the Computer?
In web sites of many personal firewall companies, they are putting a lot of weight on the ability of their firewall to hide the computer on the Internet. Yet, exposing your home computer on the Internet is by itself, neither a security nor a privacy threat. If you provide some services to the Internet on your computer, for example, you put a web server on your computer to allow other people to view web pages, then you might get rid of some of the crackers, by setting your firewall to unhide only this type of communications. Some attackers will not make a full scan of your computer, but only a partial scan, and if they did not scan for the specific service that you provided, they will not see your computer. Yet, if the service is a common one, there is a good chance for many of them to scan it and thus find the existence of your computer. If they "see" the existence of your computer, they might decide to scan it further, and find out the services you are providing, and scan it for security holes to use. Yet, there is no much meaning to it when we speak about simple home computers.
What a Firewall Cannot Do!
Another misconception about personal firewalls is that they are incorrectly thought as if they claim to give an overall protection against "hackers" (i.e. intrusions). They are not.
Defense Against Exploitation of Security Holes
A firewall can allow or deny access to your computer or from your computer according to the type of communication, its source and destination, and according to the question which program on your computer is handling the communication. Yet, its ability to understand the details of the communication is very limited. For example, you may set the firewall to allow or to deny your e-mail program from getting and/or sending messages. It may allow or deny your web browser from browsing the Internet. But if you allowed your e-mail program to communicate with the e-mail servers for sending and receiving messages, (and you are likely to allow it if you want to use your e-mail program), or if you set the firewall to allow your web browser to communicate with web sites, the firewall will not be able to understand the content of the communication much further, and if your web browser has a security hole, and some remote site will try to exploit it, your firewall will not be able to make a distinction between the communication that exploits the security hole, and legitimate communication. The same principle goes with e-mail program. A personal firewall may block you from receiving or sending e-mail messages, but if you allowed it to receive messages, the personal firewall will not make a distinction between a legitimate message and a non-legitimate one (such as a one that carries a virus or a Trojan horse). Security holes in legitimate programs can be exploited and a personal firewall can do practically nothing about it.
I should comment, however, that some personal firewalls come combined with some Trojan horse detection, or intrusion detection. This is not part of the classical definition of a firewall, but it might be useful. Such tasks are usually taken by other tools such as antivirus programs or antiTrojan programs.
Tricks to Bypass or Disable Personal Firewalls
There are also various ways to disable, or bypass personal firewalls. During the time a few tricks to bypass or disable were demonstrated by various programs. Especially, tricks for an internal program to communicate with the outside bypassing or tricking the firewall. For some of them such as the one demonstrated by the Leaktest, and in which a non-legitimate program disguises itself as Internet Explorer, practically today, all personal firewalls are immuned. For other tricks, such as a one demonstrated by Outbound, which uses some non-standard type of communication directly to the network adapters bypassing the components of the operating system which are suppose to deal with Internet communication, and by that bypassing the firewall, are only now being patched against by the various firewalls, and yet other methods, such as the one demonstrated by Tooleaky, which uses Internet Explorer as a messenger to communicate with the outside, and is thus identified as a mere legitimate browsing, are still waiting for most of the personal firewall to find a fix.
Firewalls CANNOT Decide for You What is a Legitimate Communication and What is Not
One of the main problems with personal firewalls, is that you cannot simply install them and forget them, counting on them to do their job. They can deny or permit various types of communications according to some criteria, but what is this criteria, and who decides what is the criteria for whether they should permit or deny some communication?
The answer, is that it is the computer user's job to define the exact criteria when the firewall should allow a communication and when it should block it. The firewall may make it easier for you, but it should not take the decisions. There are too many programs, too many versions, and it is not possible for the firewall to decide accurately when a communication is legitimate and when it is not. One person might think that it is legitimate for some program to deliver some information to the outside in order to get some service, while another will think that it is not. One version of a program might communicate with its home server in order to check whether there is an upgrade, and another version might also install the upgrade even if you do not wish. Some firewalls will try to identify communication efforts which are largely considered as legitimate, and will let you the information so that it will be easier for you to decide whether such should be allowed. Others will suffice with more basic information, making no suggestions (and thus - no incorrect recommendations). One way or another, once you installed a firewall, you will have better means to understand what types of communications are running on your computer, but you will also have to understand them in order to be able to configure your firewall so that it will correctly know which communications to allow and which to block.
Common Problems and Deficiencies Regarding Personal Firewalls
A personal firewall might be a good contribution to security. Yet, if you do not understand much about the topic, then you are likely to be confused and misled by its alerts and queries, and thus find yourself spending hours in chasing after imaginary crackers, fear from imaginary threats, and misconfigure it due to misunderstanding. You may find yourself blocking legitimate and important communication believing it to be cracking efforts, and thus surprised to see why things work slowly or why you are disconnected from the Internet, or you might be misled to allow a non-legitimate communication by some software that tricked you to believe that it is a legitimate one. On the other side, if you are quite knowledgeable on computers and security, then you are likely to effectively defend your computer even without a firewall (by means discussed in section II.4) and it is thus that the role of personal firewall in securing your computer, is extremely small and not much important. We discuss here in brief some of the problems that personal firewalls may generate.
A False Sense of Security
As we've already learned here, a firewall is limited in its ability to secure your computer. Yet, many people believe that if they will install a personal firewall they will be secured against the various security threats. I was even surprised to find out that there are people who believe that give much higher priority in installing a personal firewall than in installing an antivirus program. An always updated antivirus program plays a much more important role in the security of a personal home computer than installing and maintaining a personal firewall. A personal firewall should not come on account of any other security measure that you use.
A False Sense of Insecurity
When you install a firewall and you look at all the communication efforts through it, you might be surprised at the amount of communication efforts from the Internet to your computer. Most of them are blocked by a typically configured firewall. There are all the times efforts to try to communicate with various backdoor Trojans on your computers. If you are not infected, there will be nothing to listen and to respond to those communication efforts, and they are thus practically harmless. There are efforts to communicate with your NBT driver, to see if your computer by mistake allows file sharing. There are other types of probes to see if your computer exists, or various efforts of servers to probe your computer in order to find the best path for legitimate communication to it. There are sometimes remnants of communications that were supposed to go to other computers, but made their way to yours (for advanced readers: because the IP number that your computer uses, were used by some other computer earlier). Those communication efforts are blocked even without a firewall. If your computer is not infected with a RAT, and if your computer don't have NetBIOS over TCP/IP enabled or even it does not have file and print sharing enabled (and on most computers this is disabled by default), then none of these pose any security threat. If your computer is not infected with a SubSeven Trojan, then no matter how often there will be efforts to communicate with it, they are all doomed to be failed.
Yet, some personal firewall (such as Norton Personal Firewall or ZoneAlarm) by default proudly announce that they have just blocked an effort to crack into your computer. Norton may even define those efforts that were blocked as "high security threats" while they were not a threat at all even if your computer didn't have a personal firewall at all. Such firewalls give you the false impression that they save your computer again and again from extremely dangerous threats on the Internet, so that you wonder how did you survive so much time without noticing any intrusion before you installed the firewall. I usually say, that those personal firewalls are set their "report level" to "promotional mode". Namely, the personal firewall is set to give you the false impression that it is much more important than it really is.
Chasing After Ghosts
This is a side effect of the types of misunderstandings that were discussed in the previous subsection.
When a person who starts to learn about the jargon related to personal firewalls, is reported that some "dangerous" communication efforts persist from the same source, the person is decisive to locate and identify the "hacker", and perhaps report about it to the police or to its Internet service provider. However, since many people do not really understand thoroughly how things work, they may sometimes spend many hours in trying to locate a cracker that does not exist, or when the knowledge they need to have, in order to track the cracker, is much higher than what they have, and they might even suspect the wrong person due to lack of knowledge (e.g. the connection person on the Internet service provider that was used by the cracker). More knowledgeable people, usually do not bother to track those "hackers" (which are usually teenagers), but instead are concentrating on the security of their computer.
Blocking Legitimate Communications
No personal firewall is smart enough to decide for the user what is a legitimate communication and what is not. A personal firewall cannot make a distinction between a legitimate program trying to contact its server to check and notify the user when there is a newer version, and a non-legitimate program trying to communicate with its server in order deliver sensitive information such as passwords, unless the user tells it. It is thus up to the user to decide what should be considered as legitimate and what should not. Yet, can we count on the user to be knowledgeable enough to decide what is legitimate and what is not? In many cases the user is not knowledgeable enough, and may thus allow non-legitimate communication or disallow a legitimate and important communication. There are many types of communications handled just to manage other communications. Among this are various types of communications between your computer and the various servers of your Internet service provider. A not knowledgeable user may interpret those types of communications as cracking efforts, and will thus decide to block them. As a result, a connection might become slower, a connection to the Internet service provider might be disconnected quiet often and other types of communication problems.
Being Tricked by Trojans bbb
Just as less knowledgeable users may instruct the firewall to block legitimate communications, they can be tricked by various Trojans to allow them to communicate. Some Trojans are using names resembling or identical to names of legitimate programs, so that the user would think that it is a legitimate programs. Users should be aware of that.
Heavy Software, Buggy Software
Until now we discussed only problems related to lack of appropriate knowledge by the user. Yet, there are other problems regarding personal firewalls. For example, some of them are known to be quite heavy on computer resources, or slow down the communication speed. Different personal firewalls quite vary with regard to that. If you have a new computer with a slow Internet communication (such as regular dial-up networking) then it might not slow down your computer noticeably. Yet, if you use an older computer, and a fast communication, you might find that some personal firewalls will slow down your communication quite drastically. Personal firewalls also vary on how much they are stable.
Advantages of External Firewalls over Personal Firewalls
1. They do not take resources from the computer. This should be clear. This is especially useful when the firewall blocks flooding attacks.
2. It is harder (although in principle still possible) for a Trojan horse to disable it, because it does not reside in the same computer that the Trojan has infected. It is not possible to use the specific communication while totally bypassing the firewall.
3. They can be used without any dependence on the operating system on the computer(s) they defend.
4. No instability problems.
A firewall is a tool that monitors communication to and from your computer. It sits between your computer and the rest of the network, and according to some criteria, it decides which communication to allow, and which communication to block. It may also use some other criteria to decide about which communication or communication request to report to you (either by adding the information to a log file that you may browse whenever you wish, or in an alert message on the screen), and what not to report.
What Is It Good For?
Identifying and blocking remote access Trojans. Perhaps the most common way to break into a home computer and gain control, is by using a remote access Trojan (RAT). (sometimes it is called "backdoor Trojan" or "backdoor program". Many people simply call it a "Trojan horse" although the term "Trojan horse" is much more generic). A Trojan horse, is a program that claims to do something really innocent, but in fact does something much less innocent. This goes to the days where the Greek soldiers succeeded to enter through the gates of Troy by building a big wooden horse, and giving it as a present to the king of Troy. The soldiers allowed the sculpture to enter through their gates, and then at night, when the soldiers were busy guarding against an outside attack, many Greek soldiers who were hiding inside the horse went out and attacked Troy from the inside. This story, which may or may not be true, is an example of something which looks like something innocent and is used for some less innocent purpose. The same thing happens in computers. You may sometimes get some program, via ICQ, or via Usenet, or via IRC, and believe this program to be something good, while in fact running it will do something less nice to your computer. Such programs are called Trojan horses. It is accepted to say that the difference between a Trojan horse and a virus, is that a virus has the ability to self-replicate and to distribute itself, while a Trojan horse lacks this ability. A special type of Trojan horses, is RATs (Remote Access Trojans, some say "remote admin Trojans"). These Trojans once executed in the victim's computer, start to listen to incoming communication from a remote matching program that the attacker uses. When they get instructions from the remote program, they act accordingly, and thus let the user of the remote program to execute commands on the victim's computer. To name a few famous RATs, the most common are Netbus, Back-Orifice, and SubSeven (which is also known as Backdoor-G). In order for the attacker to use this method, your computer must first be infected by a RAT.
Prevention of infections by RATs is no different than prevention of infection by viruses. Antivirus programs can identify and remove most of the more common RATs. Personal firewalls can identify and block remote communication efforts to the more common RATs and by thus blocking the attacker, and identifying the RAT.
Blocking/Identifying Other Types of Trojans and WQorms?
There are many other types of Trojan horses which may try to communicate with the outside from your computer. Whether they are e-mail worms trying to distribute themselves using their own SMTP engine, or they might be password stealers, or anything else. Many of them can be identified and blocked by a personal firewall.
Identifying/Blocking Spyware's/Adbots?
The term "spyware" is a slang which is not well defined. It is commonly used mainly for various adware (and adware is a program that is supported by presenting advertisements to the user), and that during their installation process, they install an independent program which we shall call "adbot". The adbot runs independently even if the hosting adware is not running, and it maintains the advertisements, downloads them from the remote server, and provides information to the remote server. The adbot is usually hidden. There are many companies that offer adbots, and advertisements services to adware. The information that the adbots deliver to their servers from the computer where the adbot is installed, is "how much time each advertisement is shown, which was the hosting adware, and whether the user clicked on the advertisement. This is important so that the advertisements server will be able to know how much money to get from each of the advertised companies, and how much from it to deliver to each of the adware maintainers. Some of the adbots also collect other information in order to better choose the advertisements to the users. The term "spyware" is more generic, but most of the spyware fall into this category. Many types of adbots can be identified and blocked by personal firewalls.
Blocking Advertisements?
Some of the better personal firewalls can be set to block communication with specific sites. This can be used in order to prevent downloading of advertisements in web pages, and thus to accelerate the download process of the web sites. This is not a very common use of a personal firewall, though.
Preventing Communication to Tracking Sites?
Some web pages contain references to tracking sites. e.g. instruct the web browser to download a small picture (sometimes invisible) from tracking sites. Sometimes, the pictures are visible and provide some statistics about the site. Those tracking sites will try to save a small text either as a small file in a special directory, or as a line in a special file (depending on what is your browser), and your browser will usually allow the saving site to read the text that it saved on your computer. This is called "web cookies" or sometimes simply "cookies". Cookies allow a web site to keep information that it saved some time when you entered it, to be read whenever you enter the site again. This allow the web site to customize itself for you, and to keep track on everything that you did on that site. It does not have to keep that information on your computer. All it has to save on your computer is a unique identifying number, and then it can keep in the server's side information regarding what has been done by the browser that used that cookie. Yet, by this method, a web site can get only information regarding your visits in it. Some sites such as "doubleclick" or "hitbox" can collect information from various affiliated sites, by putting a small reference in the affiliated pages to some picture on their servers. When you enter one of the affiliated web pages, your browser will communicate with the tracking site, and this will allow the tracking site to put or to read a cookie that identifies your computer uniquely, and it can also know what was the web page that referred to it, and any other information that the affiliated web site wanted to deliver to the tracking site. This way tracking sites can correlate information from many affiliated sites, to build information that for example will allow them to better customize the advertisements that are put on those sites when you browse them.
Some personal firewalls can be set to block communication to tracking sites. It is not a common use of a personal firewall, though, and a personal firewall is not the best tool for that, but if you already have one, this is yet another possible use of it.
Blocking or Limiting the NetBIOS Communication? (as well as other default services)
The two common methods of intruders to break into home computers, are through a RAT (which was discussed in II.3a) and through the NetBIOS communication. The NetBIOS is a standard for naming computers in small networks, developed long ago by IBM and Microsoft. There are a few communication standards which are used in relation to the NetBIOS. The ones that are relevant for Microsoft Windows operating systems, are: NBT (NetBIOS over TCP/IP), IPX/SPX, and NetBEUI. The communication standard which is used over the Internet, is NBT. If it is enabled, and there is no firewall or something else in the middle, it means that your computer is listening for communications over the Internet via this standard, and will react according to the different NBT commands that it gets from the remote programs. It is thus that the NBT (which sometimes loosely called "NetBIOS") is acting as a server. So the next question should be "what remote NBT commands the NBT server will do on the local computer". The answer to this question depends on the specific setting on your computer. You may set your computer to allow file and print sharing. If also NBT is enabled, it means that you allow remote users to share your files or printers. This is a big problem. It is true that in principle the remote user has to know your password for that computer, but many users do not set a password for their user on Windows, or set a trivial password. Older versions of Win95 had file and print sharing over NetBIOS enabled by default. On Win98, and WinMe it was disabled by default, but many technicians, when they set a home network, they enable the file and print sharing, without being aware that it influences also the authorizations of a remote Internet user. There are even worms and viruses who use the File sharing option to spread in the Internet. Anyway, no matter whether you need it for some reason or just are not aware of it, a personal firewall can identify and block any external effort to communicate with the NetBIOS server on your computer. The more flexible personal firewalls can be set to restrict the authorization to communicate with the NetBIOS. Some Windows operating systems, especially those which are not meant for home uses, offer other public services by default, such as RPC. A firewall can identify communication efforts to them, and block them. Since such services listen to remote communications, there is a potential risk when there are efforts to exploit security holes in the programs that offer the services, if there are such security holes. A firewall may block or limit the communication to those services.
Hiding Your Computer on the Internet?
Without a firewall, on a typical computer, even if well maintained, a remote person will still be able to know that the communication effort has reached some computer, and perhaps some information about the operating system on that computer. If that computer is handled well, the remote user will not be able to get much more information from your computer, but might still be able to identify also who your ISP is, and might decide to invest further time in cracking into your computer.
With a firewall, you can set the firewall so that any communication effort from remote users (in the better firewalls you may define an exception list) will not be responded at all. This way the remote user will not be able to even know that it reached a live computer. This might discourage the remote attacker from investing further time in effort to crack into your computer.
The Non-Firewall Defenses
We've discussed a few situations where a personal firewall can provide defense. Yet, in many cases a computer maintainer can deal with those situations even without a firewall. Those "alternative" defenses, in many cases are recommended regardless of whether you use a firewall or not.
Remote Access Trojans?
The best way to defend against remote access Trojans (RATs) is to prevent them from being installed in the first place on your computer. A RAT should first infect your computer in order to start to listen to remote communication efforts. The infection techniques are very similar to the infection techniques that viruses use, and hence the defense against Trojan horses is similar to the defense against viruses. Trojan horses do not distribute themselves (although they might be companions of another Internet worm or virus that distributes them. Yet, because in most cases they do not distribute themselves, it is likely that you will get them from anonymous sources, such as instant messengers, Kazaa, IRC, or a newsgroup. adopting a suspicious policy regarding downloads from such places, will save you not only from viruses but also from getting infected with Trojan horses, including RATs. Because Trojan horses are similar in some ways to viruses, almost all antivirus programs can identify, block from being installed, and remove most of the Trojan horses, including all the common ones. There are also some programs (sometimes called antiTrojan programs) which specialize in the identification and removal of Trojan horses. For a list of those programs, and for comparison on how well different antivirus, and antiTrojan programs identify different Trojan horses, see Hackfix (http://www.hackfix.org), under "Software test results". Hackfix also has information on the more common RATS (such as the Netbus and the Subseven) and on how to remove them manually. There are some tools and web sites, such port scanners, and some ways with a use of more generic tools such as telnet, msconfig, and netstat, which may help you to identify a RAT.
Other types of Trojans and worms?
Also here your main interest should be to prevent them from infecting your computer in the first place, rather than blocking their communication. A good antivirus and a good policy regarding the prevention of virus infections, should be the first and most important defense.
Spyware and Adbots?
The term spyware is sometimes misleading. In my view, it is the responsibility of the adware developer to present the fact that the adware installation will install or use an independent adbots, and to provide the information on how this adbot communicates, and which information it delivers, in a fair place and manner before the adware is installed. It is also a responsibility to provide this information in their web sites, so that people will be aware of that before they even download the software. Yet, in general, those adbots do not pose any security threat, and in many cases also their privacy threat is negligible for many people (e.g. the computer with adbot number 1127533 has been exposed to advertisements a, b, c, such and such times, while using adware x, while on computer with adbot number 1127534 has been exposed to advertisements a,d, and e, such amount of time, with the use of adware y, and clicked on ads number d). It should be fully legitimate for software developers to offer an advertisement supported programs, and it is up to the user to decide whether the use of the program worth the ads and the adbot, or not. Preventing adbot from communicating is generally not a moral thing. If you decide to use an adware, you should pay the price of letting the adbot work. If you don't want it, please remove the adware, and only if for some reason the adbot continue to work even if no hosting adware that uses it is installed, you may remove the adbot. Anyway, there are some very useful tools to identify whether a program is a "spyware", or whether a "spyware" is installed on your computer, and you are certainly entitled to this information. Two useful programs are "AdAware" which identifies "spyware" components on your computer and allows you to remove them, and Ad-Search which allows you to provide a name of a program, and it tells you whether this program is a "spyware" and which adbot it uses. It is useful to assist you in choosing whether to install a program or not. You may find those programs in http://www.lavasoft.nu (or, if it doesn't work, you may try http://www.lavasoftusa.com). Those programs are useful, mainly because many adware developers are not fair enough to present this information in a fair manner. AdAware allows you to also remove those adbot components from your computer. This might, however, terminate your license to use the hosting adware programs, and might even cause them to stop functioning. A website which offers to check whether a specific program that you wish to install is "spyware" or not, is http://www.spychecker.com .
Blocking Advertisements?
Leaving aside the moral aspect of blocking advertisements, a personal firewall is not the best tool for that anyway. This is not the main purpose of a firewall, and neither its main strength. Some of them can block some of the advertisements from being downloaded, if you know how to configure them for that. Yet, there are better tools for that, such as Proxomitron (http://www.proxomitron.org), CookieCop 2 (search for the word cookiecop on http://www.pcmag.com), or Naviscope (http://www.naviscope.com), and there are many other programs as well. You may check for other alternatives, e.g. in Tucows (http://www.tucows.com/adkiller95.html).
Blocking Tracking Sites?
Also here, a personal firewall is not the best tool for that, and there are other tools and ways which are more effective. These are cookie utilities. Since a tracking site uses a cookie to identify and relate the information gathered to the same person (or computer), by preventing the cookie from being installed. The tracking site will lose its ability to track things. There are plenty of cookie management utilities. Some of them are freeware, and some are not. CookieCop which was mentioned in the former section is one of them. WebWasher (http://www.webwasher.com) is another recommended one, and there are plenty of other alternatives such as cookie-crusher, cookie-pal, pop-up killer, etc. You may search for other alternatives, in Tucows (http://www.tucows.com/cookie95.html).
NetBIOS and Other Services?
The NetBIOS over TCP/IP (NBT) which is sometimes loosely called "NetBIOS", is a service which has some security problems with it. It is enabled by default in Windows default installations, and it is very common to see that a firewall does the job of preventing the efforts to get access to your computer via NBT. Yet, in almost all cases, this service is not needed, and thus can be disabled. To disable NBT in Win95/98/ME is not as simple as it is in Win2K/XP, but can still be done reliably. We explain how to do this in another article (#to be written soon). It is needless to say, that if NBT is disabled, there is no need for a firewall to block communication to it. Also, in the case of other services, such as RPC services, and others, in many cases you simply don't need those services and better disable them from within Windows rather than use the firewall to block them. There are various ways to know which services are running on your computer, and which of them are listening for communications from the outside. If there are ones that you don't need, they should be disabled.
Hiding the Computer?
In web sites of many personal firewall companies, they are putting a lot of weight on the ability of their firewall to hide the computer on the Internet. Yet, exposing your home computer on the Internet is by itself, neither a security nor a privacy threat. If you provide some services to the Internet on your computer, for example, you put a web server on your computer to allow other people to view web pages, then you might get rid of some of the crackers, by setting your firewall to unhide only this type of communications. Some attackers will not make a full scan of your computer, but only a partial scan, and if they did not scan for the specific service that you provided, they will not see your computer. Yet, if the service is a common one, there is a good chance for many of them to scan it and thus find the existence of your computer. If they "see" the existence of your computer, they might decide to scan it further, and find out the services you are providing, and scan it for security holes to use. Yet, there is no much meaning to it when we speak about simple home computers.
What a Firewall Cannot Do!
Another misconception about personal firewalls is that they are incorrectly thought as if they claim to give an overall protection against "hackers" (i.e. intrusions). They are not.
Defense Against Exploitation of Security Holes
A firewall can allow or deny access to your computer or from your computer according to the type of communication, its source and destination, and according to the question which program on your computer is handling the communication. Yet, its ability to understand the details of the communication is very limited. For example, you may set the firewall to allow or to deny your e-mail program from getting and/or sending messages. It may allow or deny your web browser from browsing the Internet. But if you allowed your e-mail program to communicate with the e-mail servers for sending and receiving messages, (and you are likely to allow it if you want to use your e-mail program), or if you set the firewall to allow your web browser to communicate with web sites, the firewall will not be able to understand the content of the communication much further, and if your web browser has a security hole, and some remote site will try to exploit it, your firewall will not be able to make a distinction between the communication that exploits the security hole, and legitimate communication. The same principle goes with e-mail program. A personal firewall may block you from receiving or sending e-mail messages, but if you allowed it to receive messages, the personal firewall will not make a distinction between a legitimate message and a non-legitimate one (such as a one that carries a virus or a Trojan horse). Security holes in legitimate programs can be exploited and a personal firewall can do practically nothing about it.
I should comment, however, that some personal firewalls come combined with some Trojan horse detection, or intrusion detection. This is not part of the classical definition of a firewall, but it might be useful. Such tasks are usually taken by other tools such as antivirus programs or antiTrojan programs.
Tricks to Bypass or Disable Personal Firewalls
There are also various ways to disable, or bypass personal firewalls. During the time a few tricks to bypass or disable were demonstrated by various programs. Especially, tricks for an internal program to communicate with the outside bypassing or tricking the firewall. For some of them such as the one demonstrated by the Leaktest, and in which a non-legitimate program disguises itself as Internet Explorer, practically today, all personal firewalls are immuned. For other tricks, such as a one demonstrated by Outbound, which uses some non-standard type of communication directly to the network adapters bypassing the components of the operating system which are suppose to deal with Internet communication, and by that bypassing the firewall, are only now being patched against by the various firewalls, and yet other methods, such as the one demonstrated by Tooleaky, which uses Internet Explorer as a messenger to communicate with the outside, and is thus identified as a mere legitimate browsing, are still waiting for most of the personal firewall to find a fix.
Firewalls CANNOT Decide for You What is a Legitimate Communication and What is Not
One of the main problems with personal firewalls, is that you cannot simply install them and forget them, counting on them to do their job. They can deny or permit various types of communications according to some criteria, but what is this criteria, and who decides what is the criteria for whether they should permit or deny some communication?
The answer, is that it is the computer user's job to define the exact criteria when the firewall should allow a communication and when it should block it. The firewall may make it easier for you, but it should not take the decisions. There are too many programs, too many versions, and it is not possible for the firewall to decide accurately when a communication is legitimate and when it is not. One person might think that it is legitimate for some program to deliver some information to the outside in order to get some service, while another will think that it is not. One version of a program might communicate with its home server in order to check whether there is an upgrade, and another version might also install the upgrade even if you do not wish. Some firewalls will try to identify communication efforts which are largely considered as legitimate, and will let you the information so that it will be easier for you to decide whether such should be allowed. Others will suffice with more basic information, making no suggestions (and thus - no incorrect recommendations). One way or another, once you installed a firewall, you will have better means to understand what types of communications are running on your computer, but you will also have to understand them in order to be able to configure your firewall so that it will correctly know which communications to allow and which to block.
Common Problems and Deficiencies Regarding Personal Firewalls
A personal firewall might be a good contribution to security. Yet, if you do not understand much about the topic, then you are likely to be confused and misled by its alerts and queries, and thus find yourself spending hours in chasing after imaginary crackers, fear from imaginary threats, and misconfigure it due to misunderstanding. You may find yourself blocking legitimate and important communication believing it to be cracking efforts, and thus surprised to see why things work slowly or why you are disconnected from the Internet, or you might be misled to allow a non-legitimate communication by some software that tricked you to believe that it is a legitimate one. On the other side, if you are quite knowledgeable on computers and security, then you are likely to effectively defend your computer even without a firewall (by means discussed in section II.4) and it is thus that the role of personal firewall in securing your computer, is extremely small and not much important. We discuss here in brief some of the problems that personal firewalls may generate.
A False Sense of Security
As we've already learned here, a firewall is limited in its ability to secure your computer. Yet, many people believe that if they will install a personal firewall they will be secured against the various security threats. I was even surprised to find out that there are people who believe that give much higher priority in installing a personal firewall than in installing an antivirus program. An always updated antivirus program plays a much more important role in the security of a personal home computer than installing and maintaining a personal firewall. A personal firewall should not come on account of any other security measure that you use.
A False Sense of Insecurity
When you install a firewall and you look at all the communication efforts through it, you might be surprised at the amount of communication efforts from the Internet to your computer. Most of them are blocked by a typically configured firewall. There are all the times efforts to try to communicate with various backdoor Trojans on your computers. If you are not infected, there will be nothing to listen and to respond to those communication efforts, and they are thus practically harmless. There are efforts to communicate with your NBT driver, to see if your computer by mistake allows file sharing. There are other types of probes to see if your computer exists, or various efforts of servers to probe your computer in order to find the best path for legitimate communication to it. There are sometimes remnants of communications that were supposed to go to other computers, but made their way to yours (for advanced readers: because the IP number that your computer uses, were used by some other computer earlier). Those communication efforts are blocked even without a firewall. If your computer is not infected with a RAT, and if your computer don't have NetBIOS over TCP/IP enabled or even it does not have file and print sharing enabled (and on most computers this is disabled by default), then none of these pose any security threat. If your computer is not infected with a SubSeven Trojan, then no matter how often there will be efforts to communicate with it, they are all doomed to be failed.
Yet, some personal firewall (such as Norton Personal Firewall or ZoneAlarm) by default proudly announce that they have just blocked an effort to crack into your computer. Norton may even define those efforts that were blocked as "high security threats" while they were not a threat at all even if your computer didn't have a personal firewall at all. Such firewalls give you the false impression that they save your computer again and again from extremely dangerous threats on the Internet, so that you wonder how did you survive so much time without noticing any intrusion before you installed the firewall. I usually say, that those personal firewalls are set their "report level" to "promotional mode". Namely, the personal firewall is set to give you the false impression that it is much more important than it really is.
Chasing After Ghosts
This is a side effect of the types of misunderstandings that were discussed in the previous subsection.
When a person who starts to learn about the jargon related to personal firewalls, is reported that some "dangerous" communication efforts persist from the same source, the person is decisive to locate and identify the "hacker", and perhaps report about it to the police or to its Internet service provider. However, since many people do not really understand thoroughly how things work, they may sometimes spend many hours in trying to locate a cracker that does not exist, or when the knowledge they need to have, in order to track the cracker, is much higher than what they have, and they might even suspect the wrong person due to lack of knowledge (e.g. the connection person on the Internet service provider that was used by the cracker). More knowledgeable people, usually do not bother to track those "hackers" (which are usually teenagers), but instead are concentrating on the security of their computer.
Blocking Legitimate Communications
No personal firewall is smart enough to decide for the user what is a legitimate communication and what is not. A personal firewall cannot make a distinction between a legitimate program trying to contact its server to check and notify the user when there is a newer version, and a non-legitimate program trying to communicate with its server in order deliver sensitive information such as passwords, unless the user tells it. It is thus up to the user to decide what should be considered as legitimate and what should not. Yet, can we count on the user to be knowledgeable enough to decide what is legitimate and what is not? In many cases the user is not knowledgeable enough, and may thus allow non-legitimate communication or disallow a legitimate and important communication. There are many types of communications handled just to manage other communications. Among this are various types of communications between your computer and the various servers of your Internet service provider. A not knowledgeable user may interpret those types of communications as cracking efforts, and will thus decide to block them. As a result, a connection might become slower, a connection to the Internet service provider might be disconnected quiet often and other types of communication problems.
Being Tricked by Trojans bbb
Just as less knowledgeable users may instruct the firewall to block legitimate communications, they can be tricked by various Trojans to allow them to communicate. Some Trojans are using names resembling or identical to names of legitimate programs, so that the user would think that it is a legitimate programs. Users should be aware of that.
Heavy Software, Buggy Software
Until now we discussed only problems related to lack of appropriate knowledge by the user. Yet, there are other problems regarding personal firewalls. For example, some of them are known to be quite heavy on computer resources, or slow down the communication speed. Different personal firewalls quite vary with regard to that. If you have a new computer with a slow Internet communication (such as regular dial-up networking) then it might not slow down your computer noticeably. Yet, if you use an older computer, and a fast communication, you might find that some personal firewalls will slow down your communication quite drastically. Personal firewalls also vary on how much they are stable.
Advantages of External Firewalls over Personal Firewalls
1. They do not take resources from the computer. This should be clear. This is especially useful when the firewall blocks flooding attacks.
2. It is harder (although in principle still possible) for a Trojan horse to disable it, because it does not reside in the same computer that the Trojan has infected. It is not possible to use the specific communication while totally bypassing the firewall.
3. They can be used without any dependence on the operating system on the computer(s) they defend.
4. No instability problems.
Delete Files From Temporary
This tip requires a change to the Windows Registry. Please see the MSFN Guide "Backup Your Registry" if you are new to the Windows Registry.
Windows Media Player (WMP) is a built-in application that allows you to play multimedia files. Like many other applications, WMP remembers the most recently played files and displays them in the Recent File List under the File menu. This feature is useful if you regularly play certain files, but you may want to clear the list if you share the computer and a user account or create archives and CDs.
There are two ways you can clear the list:
I. The ClearMRU.exe Utility is available for free in the Windows Media Player Bonus Pack from Microsoft, but Microsoft does not support this tool.
II. You can also manually delete the list through the Windows Registry:
1. Start the Windows Registry Editor, regedit.exe, by typing regedit in the Windows Run Command Line.
2. Go to HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\RecentFileList.
3. Delete the RecentFileList subkey.
4. If you've also streamed content from the Internet, you can delete the RecentURLList subkey.
5. Exit the Registry Editor.
6. Restart the computer.
To keep certain files in the list, don't delete the entire key. Deleting individual entries within the key will get rid of the files that you no longer want in the Recent File List.
Windows Media Player (WMP) is a built-in application that allows you to play multimedia files. Like many other applications, WMP remembers the most recently played files and displays them in the Recent File List under the File menu. This feature is useful if you regularly play certain files, but you may want to clear the list if you share the computer and a user account or create archives and CDs.
There are two ways you can clear the list:
I. The ClearMRU.exe Utility is available for free in the Windows Media Player Bonus Pack from Microsoft, but Microsoft does not support this tool.
II. You can also manually delete the list through the Windows Registry:
1. Start the Windows Registry Editor, regedit.exe, by typing regedit in the Windows Run Command Line.
2. Go to HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\RecentFileList.
3. Delete the RecentFileList subkey.
4. If you've also streamed content from the Internet, you can delete the RecentURLList subkey.
5. Exit the Registry Editor.
6. Restart the computer.
To keep certain files in the list, don't delete the entire key. Deleting individual entries within the key will get rid of the files that you no longer want in the Recent File List.
Delete An "undeletable" File
Delete An "undeletable" File
Open a Command Prompt window and leave it open.
Close all open programs.
Click Start, Run and enter TASKMGR.EXE
Go to the Processes tab and End Process on Explorer.exe.
Leave Task Manager open.
Go back to the Command Prompt window and change to the directory the AVI (or other undeletable file) is located in.
At the command prompt type DEL where is the file you wish to delete.
Go back to Task Manager, click File, New Task and enter EXPLORER.EXE to restart the GUI shell.
Close Task Manager.
Or you can try this
Open Notepad.exe
Click File>Save As..>
locate the folder where ur undeletable file is
Choose 'All files' from the file type box
click once on the file u wanna delete so its name appears in the 'filename' box
put a " at the start and end of the filename
(the filename should have the extension of the undeletable file so it will overwrite it)
click save,
It should ask u to overwrite the existing file, choose yes and u can delete it as normal
Here's a manual way of doing it. I'll take this off once you put into your first post zain.
1. Start
2. Run
3. Type: command
4. To move into a directory type: cd c:\*** (The stars stand for your folder)
5. If you cannot access the folder because it has spaces for example Program Files or Kazaa Lite folder you have to do the following. instead of typing in the full folder name only take the first 6 letters then put a ~ and then 1 without spaces. Example: cd c:\progra~1\kazaal~1
6. Once your in the folder the non-deletable file it in type in dir - a list will come up with everything inside.
7. Now to delete the file type in del ***.bmp, txt, jpg, avi, etc... And if the file name has spaces you would use the special 1st 6 letters followed by a ~ and a 1 rule. Example: if your file name was bad file.bmp you would type once in the specific folder thorugh command, del badfil~1.bmp and your file should be gone. Make sure to type in the correct extension.
Open a Command Prompt window and leave it open.
Close all open programs.
Click Start, Run and enter TASKMGR.EXE
Go to the Processes tab and End Process on Explorer.exe.
Leave Task Manager open.
Go back to the Command Prompt window and change to the directory the AVI (or other undeletable file) is located in.
At the command prompt type DEL
Go back to Task Manager, click File, New Task and enter EXPLORER.EXE to restart the GUI shell.
Close Task Manager.
Or you can try this
Open Notepad.exe
Click File>Save As..>
locate the folder where ur undeletable file is
Choose 'All files' from the file type box
click once on the file u wanna delete so its name appears in the 'filename' box
put a " at the start and end of the filename
(the filename should have the extension of the undeletable file so it will overwrite it)
click save,
It should ask u to overwrite the existing file, choose yes and u can delete it as normal
Here's a manual way of doing it. I'll take this off once you put into your first post zain.
1. Start
2. Run
3. Type: command
4. To move into a directory type: cd c:\*** (The stars stand for your folder)
5. If you cannot access the folder because it has spaces for example Program Files or Kazaa Lite folder you have to do the following. instead of typing in the full folder name only take the first 6 letters then put a ~ and then 1 without spaces. Example: cd c:\progra~1\kazaal~1
6. Once your in the folder the non-deletable file it in type in dir - a list will come up with everything inside.
7. Now to delete the file type in del ***.bmp, txt, jpg, avi, etc... And if the file name has spaces you would use the special 1st 6 letters followed by a ~ and a 1 rule. Example: if your file name was bad file.bmp you would type once in the specific folder thorugh command, del badfil~1.bmp and your file should be gone. Make sure to type in the correct extension.
Digital Camera Guide
Digital Camera Guide
So, it's time for a digital camera huh? Well, buying one can be more than a little difficult. What types of features should you look for? Well, this guide will tell you that plus get you a little more familiar with what these cameras are capable of.
Megapixels
When it comes to megapixels, the more the better. I recommend a minimum of 2, but 3 or 4 is great. We did a test to see if a camera with 2.3 megapixels (actually 1.92 - 1600 x 1200) could produce a good quality 8x10.
Turns out it can, if you have the right paper and printer. We used HP Premium Plus photo paper with an HP 970 series printer and made a fantastic 8 x 10. Remember, I was a professional photographer before I got into computing, so I know a good print when I see it :-)
The resolution at 8x10 (we had to crop in to make the picture proportional to 8x10) was only 150 DPI. Most printers would not make a real good 8x10 at that resolution, but this one did. So, if you want to be sure you can get good 8 x 10s, you may want to go with a 3 megapixel camera or better (that gives you around 200 DPI at 8x10 size, still not quite the optimum 300 DPI, but it looks good with the right printer).
Optical vs Digital Zoom
You've probably noticed that most digital cameras have both a specification for digital and optical zoom. Pay the most attention to the optical zoom.
The optical zoom magnifies (zooms in) using glass. The digital zoom basically crops out the edge of the picture to make the subject appear closer, causing you to lose resolution or to get an interpolated resolution (i.e. the camera adds pixels). Neither of which help image quality.
Finally, make sure you get enough (optical) zoom. A 2x zoom isn't going to do much for you. A 3x is the average you'll find in most digital cameras will probably be good for most uses. More on lenses later.
Connection
How does the camera connect to your computer? If you have a USB port in your computer, you'll want a camera that can connect via USB as opposed to a slow serial connection.
On the other hand, if your computer doesn't have a USB port, is there a serial connector available for the camera you're looking at? If so, is it a special order and how long does it take to get it?
Storage
What does the camera use to store images with? If it uses a memory stick, make sure you consider buying additional sticks when you get your camera. A typical 8 meg memory stick that comes with a 2 megapixel camera only holds 5 or 6 images at the camera's best quality.
Some cameras use a 3.5 inch disk for storage. Be careful of these!
Although it may sound like a good idea, a 3 megapixel camera at high resolution produces a 1 meg file (compressed!). That's only 1 picture per disk.
Here's a few more things to look out for when trying to make your digital camera purchase.
Picture Formats
When you're trying to decide on which digital camera to get, check and see how many different picture formats it supports.
You want something that can produce both uncompressed (usually TIFF) and compressed (usually JPEG) images. I personally use the high quality JPEG setting on my camera for most of my shooting. TIFFs are just too big and the difference in quality is not ascertainable by mere mortals.
You also want to be able to shoot at a lower resolution than the camera's maximum. That way, If you're running short on memory, you can squeeze a few more shots on your memory stick.
Auxiliary Lens / Flash
This was a biggie for me. While a 3x zoom may work for the "average" user, I needed something that allowed me to do some wide angle work as well as have a good telephoto lens.
So, the camera I purchased a few months back was a Nikon Coolpix 990 (note that this isn't the only camera that can accept lenses). It has auxiliary lenses that screw into the filter ring on the front of the lens. I now have an ultra-wide fisheye lens plus a nice telephoto.
In addition to lenses, I wanted a good flash. The flash that is built into most of these cameras gives you a top range of 15-20 feet - at best. I wanted a camera that could take a powerful auxiliary flash (again, the Nikon isn't the only camera that fits this requirement, but I liked it better than the rest). If you need more reach than the small built in flash can deliver, then make sure you can attach an external flash to any camera you consider.
As an added bonus, if you get a camera that can take an external flash, you can place that flash on a bracket and eliminate red-eye.
Flash Distance
Speaking of flashes, make sure you check the distance the built in flash is good for. You don't want a camera with a wimpy flash that only travels a few feet (well, unless you can get an external flash for it as described above).
Battery Type
This may not sound important, but it is. Anyone who owns a digital camera can tell you they eat batteries the way a sumo wrestler eats at a buffet.
Make sure the camera can run on regular (or rechargeable) "AA" type batteries. You don't want a camera that eats through expensive lithium batteries every 10 shots or so.
One thing to remember about digital cameras, they do eat through batteries. I recommend getting some Nickel Metal Hydride rechargeable for it. I have some for mine and they have saved me a fortune.
Final Notes
Choosing a digital camera isn't easy. There's a huge selection out there and only you can determine which features you need.
For instance, if you shoot wildlife photos, a small 3x zoom probably isn't going to cut it (unless you can attach auxiliary lenses to it). If you shoot lots of close-ups, make sure the camera has some sort of macro capability. If you shoot big group photos indoors, an external flash may be necessary.
My advice is to make a list of things you want to be able to do with the camera then go to somewhere that can help you make a good purchase decision.
Finally, buy the BEST camera you can possibly afford. Or wait until the price drops on one with the type of features you want.
So, it's time for a digital camera huh? Well, buying one can be more than a little difficult. What types of features should you look for? Well, this guide will tell you that plus get you a little more familiar with what these cameras are capable of.
Megapixels
When it comes to megapixels, the more the better. I recommend a minimum of 2, but 3 or 4 is great. We did a test to see if a camera with 2.3 megapixels (actually 1.92 - 1600 x 1200) could produce a good quality 8x10.
Turns out it can, if you have the right paper and printer. We used HP Premium Plus photo paper with an HP 970 series printer and made a fantastic 8 x 10. Remember, I was a professional photographer before I got into computing, so I know a good print when I see it :-)
The resolution at 8x10 (we had to crop in to make the picture proportional to 8x10) was only 150 DPI. Most printers would not make a real good 8x10 at that resolution, but this one did. So, if you want to be sure you can get good 8 x 10s, you may want to go with a 3 megapixel camera or better (that gives you around 200 DPI at 8x10 size, still not quite the optimum 300 DPI, but it looks good with the right printer).
Optical vs Digital Zoom
You've probably noticed that most digital cameras have both a specification for digital and optical zoom. Pay the most attention to the optical zoom.
The optical zoom magnifies (zooms in) using glass. The digital zoom basically crops out the edge of the picture to make the subject appear closer, causing you to lose resolution or to get an interpolated resolution (i.e. the camera adds pixels). Neither of which help image quality.
Finally, make sure you get enough (optical) zoom. A 2x zoom isn't going to do much for you. A 3x is the average you'll find in most digital cameras will probably be good for most uses. More on lenses later.
Connection
How does the camera connect to your computer? If you have a USB port in your computer, you'll want a camera that can connect via USB as opposed to a slow serial connection.
On the other hand, if your computer doesn't have a USB port, is there a serial connector available for the camera you're looking at? If so, is it a special order and how long does it take to get it?
Storage
What does the camera use to store images with? If it uses a memory stick, make sure you consider buying additional sticks when you get your camera. A typical 8 meg memory stick that comes with a 2 megapixel camera only holds 5 or 6 images at the camera's best quality.
Some cameras use a 3.5 inch disk for storage. Be careful of these!
Although it may sound like a good idea, a 3 megapixel camera at high resolution produces a 1 meg file (compressed!). That's only 1 picture per disk.
Here's a few more things to look out for when trying to make your digital camera purchase.
Picture Formats
When you're trying to decide on which digital camera to get, check and see how many different picture formats it supports.
You want something that can produce both uncompressed (usually TIFF) and compressed (usually JPEG) images. I personally use the high quality JPEG setting on my camera for most of my shooting. TIFFs are just too big and the difference in quality is not ascertainable by mere mortals.
You also want to be able to shoot at a lower resolution than the camera's maximum. That way, If you're running short on memory, you can squeeze a few more shots on your memory stick.
Auxiliary Lens / Flash
This was a biggie for me. While a 3x zoom may work for the "average" user, I needed something that allowed me to do some wide angle work as well as have a good telephoto lens.
So, the camera I purchased a few months back was a Nikon Coolpix 990 (note that this isn't the only camera that can accept lenses). It has auxiliary lenses that screw into the filter ring on the front of the lens. I now have an ultra-wide fisheye lens plus a nice telephoto.
In addition to lenses, I wanted a good flash. The flash that is built into most of these cameras gives you a top range of 15-20 feet - at best. I wanted a camera that could take a powerful auxiliary flash (again, the Nikon isn't the only camera that fits this requirement, but I liked it better than the rest). If you need more reach than the small built in flash can deliver, then make sure you can attach an external flash to any camera you consider.
As an added bonus, if you get a camera that can take an external flash, you can place that flash on a bracket and eliminate red-eye.
Flash Distance
Speaking of flashes, make sure you check the distance the built in flash is good for. You don't want a camera with a wimpy flash that only travels a few feet (well, unless you can get an external flash for it as described above).
Battery Type
This may not sound important, but it is. Anyone who owns a digital camera can tell you they eat batteries the way a sumo wrestler eats at a buffet.
Make sure the camera can run on regular (or rechargeable) "AA" type batteries. You don't want a camera that eats through expensive lithium batteries every 10 shots or so.
One thing to remember about digital cameras, they do eat through batteries. I recommend getting some Nickel Metal Hydride rechargeable for it. I have some for mine and they have saved me a fortune.
Final Notes
Choosing a digital camera isn't easy. There's a huge selection out there and only you can determine which features you need.
For instance, if you shoot wildlife photos, a small 3x zoom probably isn't going to cut it (unless you can attach auxiliary lenses to it). If you shoot lots of close-ups, make sure the camera has some sort of macro capability. If you shoot big group photos indoors, an external flash may be necessary.
My advice is to make a list of things you want to be able to do with the camera then go to somewhere that can help you make a good purchase decision.
Finally, buy the BEST camera you can possibly afford. Or wait until the price drops on one with the type of features you want.
How to create a bootable Windows XP SP1 CD (Nero):
How to create a bootable Windows XP SP1 CD (Nero):
Step 1
Create 3 folders - C:\WINXPSP1, C:\SP1106 and C:\XPBOOT
Step 2
Copy the entire Windows XP CD into folder C:\WINXPSP1
Step 3
You will have to download the SP1 Update, which is 133MB.
Rename the Service Pack file to XP-SP1.EXE
Extract the Service Pack from the Run Dialog using the command:
C:\XP-SP1.EXE -U -X:C:\SP1106
Step 4
Open Start/Run... and type the command:
C:\SP1106\update\update.exe -s:C:\WINXPSP1
Click OK
Folder C:\WINXPSP1 contains: Windows XP SP1
How to Create a Windows XP SP1 CD Bootable
Step 1
Download xpboot.zip
Code:
Code:
http://thro.port5.com/xpboot.zip
( no download manager !! )
Extract xpboot.zip file (xpboot.bin) in to the folder C:\XPBOOT
Step 2
Start Nero - Burning Rom.
Select File > New... from the menu.
1.) Select CD-ROM (Boot)
2.) Select Image file from Source of boot image data
3.) Set Kind of emulation: to No Emulation
4.) Set Load segment of sectors (hex!): to 07C0
5.) Set Number of loaded sectors: to 4
6.) Press the Browse... button
Step 3
Select All Files (*.*) from File of type:
Locate boot.bin in the folder C:\XPBOOT
Step 4
Click ISO tab
Set File-/Directory length to ISO Level 1 (Max. of 11 = 8 + 3 chars)
Set Format to Mode 1
Set Character Set to ISO 9660
Check all Relax ISO Restrictions
Step 5
Click Label Tab
Select ISO9660 from the drop down box.
Enter the Volume Label as WB2PFRE_EN
Enter the System Identifier as WB2PFRE_EN
Enter the Volume Set as WB2PFRE_EN
Enter the Publisher as MICROSOFT CORPORATION
Enter the Data Preparer as MICROSOFT CORPORATION
Enter the Application as WB2PFRE_EN
* For Windows XP Professional OEM substitute WB2PFRE_EN with WXPOEM_EN
* For Windows XP Home OEM substitute WB2PFRE_EN with WXHOEM_EN
Step 6
Click Burn tab
Check Write
Check Finalize CD (No further writing possible!)
Set Write Method to Disk-At-Once
Press New button
Step 7
Locate the folder C:\WINXPSP1
Select everything in the folder and drag it to the ISO compilation panel.
Click the Write CD Dialog button.
Press Write
You're done.
Step 1
Create 3 folders - C:\WINXPSP1, C:\SP1106 and C:\XPBOOT
Step 2
Copy the entire Windows XP CD into folder C:\WINXPSP1
Step 3
You will have to download the SP1 Update, which is 133MB.
Rename the Service Pack file to XP-SP1.EXE
Extract the Service Pack from the Run Dialog using the command:
C:\XP-SP1.EXE -U -X:C:\SP1106
Step 4
Open Start/Run... and type the command:
C:\SP1106\update\update.exe -s:C:\WINXPSP1
Click OK
Folder C:\WINXPSP1 contains: Windows XP SP1
How to Create a Windows XP SP1 CD Bootable
Step 1
Download xpboot.zip
Code:
Code:
http://thro.port5.com/xpboot.zip
( no download manager !! )
Extract xpboot.zip file (xpboot.bin) in to the folder C:\XPBOOT
Step 2
Start Nero - Burning Rom.
Select File > New... from the menu.
1.) Select CD-ROM (Boot)
2.) Select Image file from Source of boot image data
3.) Set Kind of emulation: to No Emulation
4.) Set Load segment of sectors (hex!): to 07C0
5.) Set Number of loaded sectors: to 4
6.) Press the Browse... button
Step 3
Select All Files (*.*) from File of type:
Locate boot.bin in the folder C:\XPBOOT
Step 4
Click ISO tab
Set File-/Directory length to ISO Level 1 (Max. of 11 = 8 + 3 chars)
Set Format to Mode 1
Set Character Set to ISO 9660
Check all Relax ISO Restrictions
Step 5
Click Label Tab
Select ISO9660 from the drop down box.
Enter the Volume Label as WB2PFRE_EN
Enter the System Identifier as WB2PFRE_EN
Enter the Volume Set as WB2PFRE_EN
Enter the Publisher as MICROSOFT CORPORATION
Enter the Data Preparer as MICROSOFT CORPORATION
Enter the Application as WB2PFRE_EN
* For Windows XP Professional OEM substitute WB2PFRE_EN with WXPOEM_EN
* For Windows XP Home OEM substitute WB2PFRE_EN with WXHOEM_EN
Step 6
Click Burn tab
Check Write
Check Finalize CD (No further writing possible!)
Set Write Method to Disk-At-Once
Press New button
Step 7
Locate the folder C:\WINXPSP1
Select everything in the folder and drag it to the ISO compilation panel.
Click the Write CD Dialog button.
Press Write
You're done.
DirectX explained
DirectX explained
Ever wondered just what that enigmatic name means?
Gaming and multimedia applications are some of the most satisfying programs you can get for your PC, but getting them to run properly isn’t always as easy as it could be. First, the PC architecture was never designed as a gaming platform. Second, the wide-ranging nature of the PC means that one person’s machine can be different from another. While games consoles all contain the same hardware, PCs don’t: the massive range of difference can make gaming a headache.
To alleviate as much of the pain as possible, Microsoft needed to introduce a common standard which all games and multimedia applications could follow – a common interface between the OS and whatever hardware is installed in the PC, if you like. This common interface is DirectX, something which can be the source of much confusion.
DirectX is an interface designed to make certain programming tasks much easier, for both the game developer and the rest of us who just want to sit down and play the latest blockbuster. Before we can explain what DirectX is and how it works though, we need a little history lesson.
DirectX history
Any game needs to perform certain tasks again and again. It needs to watch for your input from mouse, joystick or keyboard, and it needs to be able to display screen images and play sounds or music. That’s pretty much any game at the most simplistic level.
Imagine how incredibly complex this was for programmers developing on the early pre-Windows PC architecture, then. Each programmer needed to develop their own way of reading the keyboard or detecting whether a joystick was even attached, let alone being used to play the game. Specific routines were needed even to display the simplest of images on the screen or play a simple sound.
Essentially, the game programmers were talking directly to your PC’s hardware at a fundamental level. When Microsoft introduced Windows, it was imperative for the stability and success of the PC platform that things were made easier for both the developer and the player. After all, who would bother writing games for a machine when they had to reinvent the wheel every time they began work on a new game? Microsoft’s idea was simple: stop programmers talking directly to the hardware, and build a common toolkit which they could use instead. DirectX was born.
How it works
At the most basic level, DirectX is an interface between the hardware in your PC and Windows itself, part of the Windows API or Application Programming Interface. Let’s look at a practical example. When a game developer wants to play a sound file, it’s simply a case of using the correct library function. When the game runs, this calls the DirectX API, which in turn plays the sound file. The developer doesn’t need to know what type of sound card he’s dealing with, what it’s capable of, or how to talk to it. Microsoft has provided DirectX, and the sound card manufacturer has provided a DirectX-capable driver. He asks for the sound to be played, and it is – whichever machine it runs on.
From our point of view as gamers, DirectX also makes things incredibly easy – at least in theory. You install a new sound card in place of your old one, and it comes with a DirectX driver. Next time you play your favourite game you can still hear sounds and music, and you haven’t had to make any complex configuration changes.
Originally, DirectX began life as a simple toolkit: early hardware was limited and only the most basic graphical functions were required. As hardware and software has evolved in complexity, so has DirectX. It’s now much more than a graphical toolkit, and the term has come to encompass a massive selection of routines which deal with all sorts of hardware communication. For example, the DirectInput routines can deal with all sorts of input devices, from simple two-button mice to complex flight joysticks. Other parts include DirectSound for audio devices and DirectPlay provides a toolkit for online or multiplayer gaming.
DirectX versions
The current version of DirectX at time of writing is DirectX 9.0. This runs on all versions of Windows from Windows 98 up to and including Windows Server 2003 along with every revision in between. It doesn’t run on Windows 95 though: if you have a machine with Windows 95 installed, you’re stuck with the older and less capable 8.0a. Windows NT 4 also requires a specific version – in this case, it’s DirectX 3.0a.
With so many versions of DirectX available over the years, it becomes difficult to keep track of which version you need. In all but the most rare cases, all versions of DirectX are backwardly compatible – games which say they require DirectX 7 will happily run with more recent versions, but not with older copies. Many current titles explicitly state that they require DirectX 9, and won’t run without the latest version installed. This is because they make use of new features introduced with this version, although it has been known for lazy developers to specify the very latest version as a requirement when the game in question doesn’t use any of the new enhancements. Generally speaking though, if a title is version locked like this, you will need to upgrade before you can play. Improvements to the core DirectX code mean you may even see improvements in many titles when you upgrade to the latest build of DirectX. Downloading and installing DirectX need not be complex, either.
Upgrading DirectX
All available versions of Windows come with DirectX in one form or another as a core system component which cannot be removed, so you should always have at least a basic implementation of the system installed on your PC. However, many new games require the very latest version before they work properly, or even at all.
Generally, the best place to install the latest version of DirectX from is the dedicated section of the Microsoft Web site, which is found at www.microsoft.com/windows/directx. As we went to press, the most recent build available for general download was DirectX 9.0b. You can download either a simple installer which will in turn download the components your system requires as it installs, or download the complete distribution package in one go for later offline installation.
Another good source for DirectX is games themselves. If a game requires a specific version, it’ll be on the installation CD and may even be installed automatically by the game’s installer itself. You won’t find it on magazine cover discs though, thanks to Microsoft’s licensing terms.
Diagnosing problems
Diagnosing problems with a DirectX installation can be problematic, especially if you don’t know which one of the many components is causing your newly purchased game to fall over. Thankfully, Microsoft provides a useful utility called the DirectX Diagnostic Tool, although this isn’t made obvious. You won’t find this tool in the Start Menu with any version of Windows, and each tends to install it in a different place.
The easiest way to use it is to open the Start Menu’s Run dialog, type in dxdiag and then click OK. When the application first loads, it takes a few seconds to interrogate your DirectX installation and find any problems. First, the DirectX Files tab displays version information on each one of the files your installation uses. The Notes section at the bottom is worth checking, as missing or corrupted files will be flagged here.
The tabs marked Display, Sound, Music, Input and Network all relate to specific areas of DirectX, and all but the Input tab provide tools to test the correct functioning on your hardware. Finally, the More Help tab provides a useful way to start the DirectX Troubleshooter, Microsoft’s simple linear problem solving tool for many common DirectX issues.
Ever wondered just what that enigmatic name means?
Gaming and multimedia applications are some of the most satisfying programs you can get for your PC, but getting them to run properly isn’t always as easy as it could be. First, the PC architecture was never designed as a gaming platform. Second, the wide-ranging nature of the PC means that one person’s machine can be different from another. While games consoles all contain the same hardware, PCs don’t: the massive range of difference can make gaming a headache.
To alleviate as much of the pain as possible, Microsoft needed to introduce a common standard which all games and multimedia applications could follow – a common interface between the OS and whatever hardware is installed in the PC, if you like. This common interface is DirectX, something which can be the source of much confusion.
DirectX is an interface designed to make certain programming tasks much easier, for both the game developer and the rest of us who just want to sit down and play the latest blockbuster. Before we can explain what DirectX is and how it works though, we need a little history lesson.
DirectX history
Any game needs to perform certain tasks again and again. It needs to watch for your input from mouse, joystick or keyboard, and it needs to be able to display screen images and play sounds or music. That’s pretty much any game at the most simplistic level.
Imagine how incredibly complex this was for programmers developing on the early pre-Windows PC architecture, then. Each programmer needed to develop their own way of reading the keyboard or detecting whether a joystick was even attached, let alone being used to play the game. Specific routines were needed even to display the simplest of images on the screen or play a simple sound.
Essentially, the game programmers were talking directly to your PC’s hardware at a fundamental level. When Microsoft introduced Windows, it was imperative for the stability and success of the PC platform that things were made easier for both the developer and the player. After all, who would bother writing games for a machine when they had to reinvent the wheel every time they began work on a new game? Microsoft’s idea was simple: stop programmers talking directly to the hardware, and build a common toolkit which they could use instead. DirectX was born.
How it works
At the most basic level, DirectX is an interface between the hardware in your PC and Windows itself, part of the Windows API or Application Programming Interface. Let’s look at a practical example. When a game developer wants to play a sound file, it’s simply a case of using the correct library function. When the game runs, this calls the DirectX API, which in turn plays the sound file. The developer doesn’t need to know what type of sound card he’s dealing with, what it’s capable of, or how to talk to it. Microsoft has provided DirectX, and the sound card manufacturer has provided a DirectX-capable driver. He asks for the sound to be played, and it is – whichever machine it runs on.
From our point of view as gamers, DirectX also makes things incredibly easy – at least in theory. You install a new sound card in place of your old one, and it comes with a DirectX driver. Next time you play your favourite game you can still hear sounds and music, and you haven’t had to make any complex configuration changes.
Originally, DirectX began life as a simple toolkit: early hardware was limited and only the most basic graphical functions were required. As hardware and software has evolved in complexity, so has DirectX. It’s now much more than a graphical toolkit, and the term has come to encompass a massive selection of routines which deal with all sorts of hardware communication. For example, the DirectInput routines can deal with all sorts of input devices, from simple two-button mice to complex flight joysticks. Other parts include DirectSound for audio devices and DirectPlay provides a toolkit for online or multiplayer gaming.
DirectX versions
The current version of DirectX at time of writing is DirectX 9.0. This runs on all versions of Windows from Windows 98 up to and including Windows Server 2003 along with every revision in between. It doesn’t run on Windows 95 though: if you have a machine with Windows 95 installed, you’re stuck with the older and less capable 8.0a. Windows NT 4 also requires a specific version – in this case, it’s DirectX 3.0a.
With so many versions of DirectX available over the years, it becomes difficult to keep track of which version you need. In all but the most rare cases, all versions of DirectX are backwardly compatible – games which say they require DirectX 7 will happily run with more recent versions, but not with older copies. Many current titles explicitly state that they require DirectX 9, and won’t run without the latest version installed. This is because they make use of new features introduced with this version, although it has been known for lazy developers to specify the very latest version as a requirement when the game in question doesn’t use any of the new enhancements. Generally speaking though, if a title is version locked like this, you will need to upgrade before you can play. Improvements to the core DirectX code mean you may even see improvements in many titles when you upgrade to the latest build of DirectX. Downloading and installing DirectX need not be complex, either.
Upgrading DirectX
All available versions of Windows come with DirectX in one form or another as a core system component which cannot be removed, so you should always have at least a basic implementation of the system installed on your PC. However, many new games require the very latest version before they work properly, or even at all.
Generally, the best place to install the latest version of DirectX from is the dedicated section of the Microsoft Web site, which is found at www.microsoft.com/windows/directx. As we went to press, the most recent build available for general download was DirectX 9.0b. You can download either a simple installer which will in turn download the components your system requires as it installs, or download the complete distribution package in one go for later offline installation.
Another good source for DirectX is games themselves. If a game requires a specific version, it’ll be on the installation CD and may even be installed automatically by the game’s installer itself. You won’t find it on magazine cover discs though, thanks to Microsoft’s licensing terms.
Diagnosing problems
Diagnosing problems with a DirectX installation can be problematic, especially if you don’t know which one of the many components is causing your newly purchased game to fall over. Thankfully, Microsoft provides a useful utility called the DirectX Diagnostic Tool, although this isn’t made obvious. You won’t find this tool in the Start Menu with any version of Windows, and each tends to install it in a different place.
The easiest way to use it is to open the Start Menu’s Run dialog, type in dxdiag and then click OK. When the application first loads, it takes a few seconds to interrogate your DirectX installation and find any problems. First, the DirectX Files tab displays version information on each one of the files your installation uses. The Notes section at the bottom is worth checking, as missing or corrupted files will be flagged here.
The tabs marked Display, Sound, Music, Input and Network all relate to specific areas of DirectX, and all but the Input tab provide tools to test the correct functioning on your hardware. Finally, the More Help tab provides a useful way to start the DirectX Troubleshooter, Microsoft’s simple linear problem solving tool for many common DirectX issues.
Boot Winxp Fast
Boot Winxp Fast
Follow the following steps
1. Open notepad.exe, type "del c:\windows\prefetch\ntosboot-*.* /q" (without the quotes) & save as "ntosboot.bat" in c:\
2. From the Start menu, select "Run..." & type "gpedit.msc".
3. Double click "Windows Settings" under "Computer Configuration" and double click again on "Shutdown" in the right window.
4. In the new window, click "add", "Browse", locate your "ntosboot.bat" file & click "Open".
5. Click "OK", "Apply" & "OK" once again to exit.
6. From the Start menu, select "Run..." & type "devmgmt.msc".
7. Double click on "IDE ATA/ATAPI controllers"
8. Right click on "Primary IDE Channel" and select "Properties".
9. Select the "Advanced Settings" tab then on the device or 1 that doesn't have 'device type' greyed out select 'none' instead of 'autodetect' & click "OK".
10. Right click on "Secondary IDE channel", select "Properties" and repeat step 9.
11. Reboot your computer.
Follow the following steps
1. Open notepad.exe, type "del c:\windows\prefetch\ntosboot-*.* /q" (without the quotes) & save as "ntosboot.bat" in c:\
2. From the Start menu, select "Run..." & type "gpedit.msc".
3. Double click "Windows Settings" under "Computer Configuration" and double click again on "Shutdown" in the right window.
4. In the new window, click "add", "Browse", locate your "ntosboot.bat" file & click "Open".
5. Click "OK", "Apply" & "OK" once again to exit.
6. From the Start menu, select "Run..." & type "devmgmt.msc".
7. Double click on "IDE ATA/ATAPI controllers"
8. Right click on "Primary IDE Channel" and select "Properties".
9. Select the "Advanced Settings" tab then on the device or 1 that doesn't have 'device type' greyed out select 'none' instead of 'autodetect' & click "OK".
10. Right click on "Secondary IDE channel", select "Properties" and repeat step 9.
11. Reboot your computer.
Selasa, 23 September 2008
8 People Can Use The Same Msn Dial Up Account
its easy really. want to have an entire family on dial-up with just one bill?
step one. purchase 20 dollar a month subscription to MSN unlimited access dial up. This will include an MSN 9 cd which you will need. With the software installed, fill up your secondary account slots with new users. Make sure you pick @msn if it gives you the choice, hotmail email addresses will not work..
say the secondary account is johnsmith@msn.com type in the Dial up connection
USER : MSN/johnsmith
PASS: ******* (whatever)
connect to your local msn phone number and the other people you gave secondary accounts to will be able to do the same, while you are connected. Its a sweet deal considering everyone is paying about 2 bucks a month for internet access, especially if you cannot get broadband. if you wanted to sell off the access to people you could actually make money doing this.. but i do not suggest it.
I used to be an msn tech and this was a little known secret even to most of the employees.
After you do this you do not need the software any more. I would suggest keeping it on to micromanage everyone else's accounts. and for the simple fact that if they don't pitch in, cut them off HEHEHE
i'm on broadband now so i dont care if i tell you my little secret. anyone else knew of this?
step one. purchase 20 dollar a month subscription to MSN unlimited access dial up. This will include an MSN 9 cd which you will need. With the software installed, fill up your secondary account slots with new users. Make sure you pick @msn if it gives you the choice, hotmail email addresses will not work..
say the secondary account is johnsmith@msn.com type in the Dial up connection
USER : MSN/johnsmith
PASS: ******* (whatever)
connect to your local msn phone number and the other people you gave secondary accounts to will be able to do the same, while you are connected. Its a sweet deal considering everyone is paying about 2 bucks a month for internet access, especially if you cannot get broadband. if you wanted to sell off the access to people you could actually make money doing this.. but i do not suggest it.
I used to be an msn tech and this was a little known secret even to most of the employees.
After you do this you do not need the software any more. I would suggest keeping it on to micromanage everyone else's accounts. and for the simple fact that if they don't pitch in, cut them off HEHEHE
i'm on broadband now so i dont care if i tell you my little secret. anyone else knew of this?
Senin, 22 September 2008
Setting Up A Ftp
Well, since many of us have always wondered this, here it is. Long and drawn out. Also, before attempting this, realize one thing; You will have to give up your time, effort, bandwidth, and security to have a quality ftp server.
That being said, here it goes. First of all, find out if your IP (Internet Protocol) is static (not changing) or dynamic (changes everytime you log on). To do this, first consider the fact if you have a dial up modem. If you do, chances are about 999 999 out of 1 000 000 that your IP is dynamic. To make it static, just go to a place like h*tp://www.myftp.org/ to register for a static ip address.
You'll then need to get your IP. This can be done by doing this:
Going to Start -> Run -> winipcfg or www.ask.com and asking 'What is my IP?'
After doing so, you'll need to download an FTP server client. Personally, I'd recommend G6 FTP Server, Serv-U FTPor Bullitproof v2.15 all three of which are extremely reliable, and the norm of the ftp world.
You can download them on this site: h*tp://www.liaokai.com/softw_en/d_index.htm
First, you'll have to set up your ftp. For this guide, I will use step-by-step instructions for G6. First, you'll have to go into 'Setup -> General'. From here, type in your port # (default is 21). I recommend something unique, or something a bit larger (ex: 3069). If you want to, check the number of max users (this sets the amount of simultaneous maximum users on your server at once performing actions - The more on at once, the slower the connection and vice versa).
The below options are then chooseable:
-Launch with windows
-Activate FTP Server on Start-up
-Put into tray on startup
-Allow multiple instances
-Show "Loading..." status at startup
-Scan drive(s) at startup
-Confirm exit
You can do what you want with these, as they are pretty self explanatory. The scan drive feature is nice, as is the 2nd and the last option. From here, click the 'options' text on the left column.
To protect your server, you should check 'login check' and 'password check', 'Show relative path (a must!)', and any other options you feel you'll need. After doing so, click the 'advanced' text in the left column. You should then leave the buffer size on the default (unless of course you know what you're doing ), and then allow the type of ftp you want.
Uploading and downloading is usually good, but it's up to you if you want to allow uploads and/or downloads. For the server priority, that will determine how much conventional memory will be used and how much 'effort' will go into making your server run smoothly.
Anti-hammering is also good, as it prevents people from slowing down your speed. From here, click 'Log Options' from the left column. If you would like to see and record every single command and clutter up your screen, leave the defaults.
But, if you would like to see what is going on with the lowest possible space taken, click 'Screen' in the top column. You should then check off 'Log successful logins', and all of the options in the client directry, except 'Log directory changes'. After doing so, click 'Ok' in the bottom left corner.
You will then have to go into 'Setup -> User Accounts' (or ctrl & u). From here, you should click on the right most column, and right click. Choose 'Add', and choose the username(s) you would like people to have access to.
After giving a name (ex: themoonlanding), you will have to give them a set password in the bottom column (ex: wasfaked). For the 'Home IP' directory, (if you registered with a static server, check 'All IP Homes'. If your IP is static by default, choose your IP from the list. You will then have to right click in the very center column, and choose 'Add'.
From here, you will have to set the directory you want the people to have access to. After choosing the directory, I suggest you choose the options 'Read', 'List', and 'Subdirs', unless of course you know what you're doing . After doing so, make an 'upload' folder in the directory, and choose to 'add' this folder seperately to the center column. Choose 'write', 'append', 'make', 'list', and 'subdirs'. This will allow them to upload only to specific folders (your upload folder).
Now click on 'Miscellaneous' from the left column. Choose 'enable account', your time-out (how long it takes for people to remain idle before you automatically kick them off), the maximum number of users for this name, the maximum number of connections allowed simultaneously for one ip address, show relative path (a must!), and any other things at the bottom you'd like to have. Now click 'Ok'.
**Requested**
From this main menu, click the little boxing glove icon in the top corner, and right click and unchoose the hit-o-meter for both uploads and downloads (with this you can monitor IP activity). Now click the lightning bolt, and your server is now up and running.
Post your ftp info, like this:
213.10.93.141 (or something else, such as: 'f*p://example.getmyip.com')
User: *** (The username of the client)
Pass: *** (The password)
Port: *** (The port number you chose)
So make a FTP and join the FTP section
Listing The Contents Of A Ftp:
Listing the content of a FTP is very simple.
You will need FTP Content Maker, which can be downloaded from here:
ht*p://www.etplanet.com/download/application/FTP%20Content%20Maker%201.02.zip
1. Put in the IP of the server. Do not put "ftp://" or a "/" because it will not work if you do so.
2. Put in the port. If the port is the default number, 21, you do not have to enter it.
3. Put in the username and password in the appropriate fields. If the login is anonymous, you do not have to enter it.
4. If you want to list a specific directory of the FTP, place it in the directory field. Otherwise, do not enter anything in the directory field.
5. Click "Take the List!"
6. After the list has been taken, click the UBB output tab, and copy and paste to wherever you want it.
If FTP Content Maker is not working, it is probably because the server does not utilize Serv-U Software.
If you get this error message:
StatusCode = 550
LastResponse was : 'Unable to open local file test-ftp'
Error = 550 (Unable to open local file test-ftp)
Error = Unable to open local file test-ftp = 550
Close and restart FTP Content Maker, then try again.
error messages:
110 Restart marker reply. In this case, the text is exact and not left to the particular implementation; it must read: MARK yyyy = mmmm Where yyyy is User-process data stream marker, and mmmm server's equivalent marker (note the spaces between markers and "=").
120 Service ready in nnn minutes.
125 Data connection already open; transfer starting.
150 File status okay; about to open data connection.
200 Command okay.
202 Command not implemented, superfluous at this site.
211 System status, or system help reply.
212 Directory status.
213 File status.
214 Help message. On how to use the server or the meaning of a particular non-standard command. This reply is useful only to the human user.
215 NAME system type. Where NAME is an official system name from the list in the Assigned Numbers document.
220 Service ready for new user.
221 Service closing control connection. Logged out if appropriate.
225 Data connection open; no transfer in progress.
226 Closing data connection. Requested file action successful (for example, file transfer or file abort).
227 Entering Passive Mode (h1,h2,h3,h4,p1,p2).
230 User logged in, proceed.
250 Requested file action okay, completed.
257 "PATHNAME" created.
331 User name okay, need password.
332 Need account for login.
350 Requested file action pending further information.
421 Too many users logged to the same account
425 Can't open data connection.
426 Connection closed; transfer aborted.
450 Requested file action not taken. File unavailable (e.g., file busy).
451 Requested action aborted: local error in processing.
452 Requested action not taken. Insufficient storage space in system.
500 Syntax error, command unrecognized. This may include errors such as command line too long.
501 Syntax error in parameters or arguments.
502 Command not implemented.
503 Bad sequence of commands.
504 Command not implemented for that parameter.
530 Not logged in.
532 Need account for storing files.
550 Requested action not taken. File unavailable (e.g., file not found, no access).
551 Requested action aborted: page type unknown.
552 Requested file action aborted. Exceeded storage allocation (for current directory or dataset).
553 Requested action not taken. File name not allowed.
Active FTP vs. Passive FTP, a Definitive Explanation
Introduction
One of the most commonly seen questions when dealing with firewalls and other Internet connectivity issues is the difference between active and passive FTP and how best to support either or both of them. Hopefully the following text will help to clear up some of the confusion over how to support FTP in a firewalled environment.
This may not be the definitive explanation, as the title claims, however, I've heard enough good feedback and seen this document linked in enough places to know that quite a few people have found it to be useful. I am always looking for ways to improve things though, and if you find something that is not quite clear or needs more explanation, please let me know! Recent additions to this document include the examples of both active and passive command line FTP sessions. These session examples should help make things a bit clearer. They also provide a nice picture into what goes on behind the scenes during an FTP session. Now, on to the information...
The Basics
FTP is a TCP based service exclusively. There is no UDP component to FTP. FTP is an unusual service in that it utilizes two ports, a 'data' port and a 'command' port (also known as the control port). Traditionally these are port 21 for the command port and port 20 for the data port. The confusion begins however, when we find that depending on the mode, the data port is not always on port 20.
Active FTP
In active mode FTP the client connects from a random unprivileged port (N > 1024) to the FTP server's command port, port 21. Then, the client starts listening to port N+1 and sends the FTP command PORT N+1 to the FTP server. The server will then connect back to the client's specified data port from its local data port, which is port 20.
From the server-side firewall's standpoint, to support active mode FTP the following communication channels need to be opened:
FTP server's port 21 from anywhere (Client initiates connection)
FTP server's port 21 to ports > 1024 (Server responds to client's control port)
FTP server's port 20 to ports > 1024 (Server initiates data connection to client's data port)
FTP server's port 20 from ports > 1024 (Client sends ACKs to server's data port)
In step 1, the client's command port contacts the server's command port and sends the command PORT 1027. The server then sends an ACK back to the client's command port in step 2. In step 3 the server initiates a connection on its local data port to the data port the client specified earlier. Finally, the client sends an ACK back as shown in step 4.
The main problem with active mode FTP actually falls on the client side. The FTP client doesn't make the actual connection to the data port of the server--it simply tells the server what port it is listening on and the server connects back to the specified port on the client. From the client side firewall this appears to be an outside system initiating a connection to an internal client--something that is usually blocked.
Active FTP Example
Below is an actual example of an active FTP session. The only things that have been changed are the server names, IP addresses, and user names. In this example an FTP session is initiated from testbox1.slacksite.com (192.168.150.80), a linux box running the standard FTP command line client, to testbox2.slacksite.com (192.168.150.90), a linux box running ProFTPd 1.2.2RC2. The debugging (-d) flag is used with the FTP client to show what is going on behind the scenes. Everything in red is the debugging output which shows the actual FTP commands being sent to the server and the responses generated from those commands. Normal server output is shown in black, and user input is in bold.
There are a few interesting things to consider about this dialog. Notice that when the PORT command is issued, it specifies a port on the client (192.168.150.80) system, rather than the server. We will see the opposite behavior when we use passive FTP. While we are on the subject, a quick note about the format of the PORT command. As you can see in the example below it is formatted as a series of six numbers separated by commas. The first four octets are the IP address while the second two octets comprise the port that will be used for the data connection. To find the actual port multiply the fifth octet by 256 and then add the sixth octet to the total. Thus in the example below the port number is ( (14*256) + 178), or 3762. A quick check with netstat should confirm this information.
testbox1: {/home/p-t/slacker/public_html} % ftp -d testbox2
Connected to testbox2.slacksite.com.
220 testbox2.slacksite.com FTP server ready.
Name (testbox2:slacker): slacker
---> USER slacker
331 Password required for slacker.
Password: TmpPass
---> PASS XXXX
230 User slacker logged in.
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
ftp: setsockopt (ignored): Permission denied
---> PORT 192,168,150,80,14,178
200 PORT command successful.
---> LIST
150 Opening ASCII mode data connection for file list.
drwx------ 3 slacker users 104 Jul 27 01:45 public_html
226 Transfer complete.
ftp> quit
---> QUIT
221 Goodbye.
Passive FTP
In order to resolve the issue of the server initiating the connection to the client a different method for FTP connections was developed. This was known as passive mode, or PASV, after the command used by the client to tell the server it is in passive mode.
In passive mode FTP the client initiates both connections to the server, solving the problem of firewalls filtering the incoming data port connection to the client from the server. When opening an FTP connection, the client opens two random unprivileged ports locally (N > 1024 and N+1). The first port contacts the server on port 21, but instead of then issuing a PORT command and allowing the server to connect back to its data port, the client will issue the PASV command. The result of this is that the server then opens a random unprivileged port (P > 1024) and sends the PORT P command back to the client. The client then initiates the connection from port N+1 to port P on the server to transfer data.
From the server-side firewall's standpoint, to support passive mode FTP the following communication channels need to be opened:
FTP server's port 21 from anywhere (Client initiates connection)
FTP server's port 21 to ports > 1024 (Server responds to client's control port)
FTP server's ports > 1024 from anywhere (Client initiates data connection to random port specified by server)
FTP server's ports > 1024 to remote ports > 1024 (Server sends ACKs (and data) to client's data port)
In step 1, the client contacts the server on the command port and issues the PASV command. The server then replies in step 2 with PORT 2024, telling the client which port it is listening to for the data connection. In step 3 the client then initiates the data connection from its data port to the specified server data port. Finally, the server sends back an ACK in step 4 to the client's data port.
While passive mode FTP solves many of the problems from the client side, it opens up a whole range of problems on the server side. The biggest issue is the need to allow any remote connection to high numbered ports on the server. Fortunately, many FTP daemons, including the popular WU-FTPD allow the administrator to specify a range of ports which the FTP server will use. See Appendix 1 for more information.
The second issue involves supporting and troubleshooting clients which do (or do not) support passive mode. As an example, the command line FTP utility provided with Solaris does not support passive mode, necessitating a third-party FTP client, such as ncftp.
With the massive popularity of the World Wide Web, many people prefer to use their web browser as an FTP client. Most browsers only support passive mode when accessing ftp:// URLs. This can either be good or bad depending on what the servers and firewalls are configured to support.
Passive FTP Example
Below is an actual example of a passive FTP session. The only things that have been changed are the server names, IP addresses, and user names. In this example an FTP session is initiated from testbox1.slacksite.com (192.168.150.80), a linux box running the standard FTP command line client, to testbox2.slacksite.com (192.168.150.90), a linux box running ProFTPd 1.2.2RC2. The debugging (-d) flag is used with the FTP client to show what is going on behind the scenes. Everything in red is the debugging output which shows the actual FTP commands being sent to the server and the responses generated from those commands. Normal server output is shown in black, and user input is in bold.
Notice the difference in the PORT command in this example as opposed to the active FTP example. Here, we see a port being opened on the server (192.168.150.90) system, rather than the client. See the discussion about the format of the PORT command above, in the Active FTP Example section.
testbox1: {/home/p-t/slacker/public_html} % ftp -d testbox2
Connected to testbox2.slacksite.com.
220 testbox2.slacksite.com FTP server ready.
Name (testbox2:slacker): slacker
---> USER slacker
331 Password required for slacker.
Password: TmpPass
---> PASS XXXX
230 User slacker logged in.
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> passive
Passive mode on.
ftp> ls
ftp: setsockopt (ignored): Permission denied
---> PASV
227 Entering Passive Mode (192,168,150,90,195,149).
---> LIST
150 Opening ASCII mode data connection for file list
drwx------ 3 slacker users 104 Jul 27 01:45 public_html
226 Transfer complete.
ftp> quit
---> QUIT
221 Goodbye.
Summary
The following chart should help admins remember how each FTP mode works:
Active FTP :
command : client >1024 -> server 21
data : client >1024 <- server 20
Passive FTP :
command : client >1024 -> server 21
data : client >1024 -> server >1024
A quick summary of the pros and cons of active vs. passive FTP is also in order:
Active FTP is beneficial to the FTP server admin, but detrimental to the client side admin. The FTP server attempts to make connections to random high ports on the client, which would almost certainly be blocked by a firewall on the client side. Passive FTP is beneficial to the client, but detrimental to the FTP server admin. The client will make both connections to the server, but one of them will be to a random high port, which would almost certainly be blocked by a firewall on the server side.
Luckily, there is somewhat of a compromise. Since admins running FTP servers will need to make their servers accessible to the greatest number of clients, they will almost certainly need to support passive FTP. The exposure of high level ports on the server can be minimized by specifying a limited port range for the FTP server to use. Thus, everything except for this range of ports can be firewalled on the server side. While this doesn't eliminate all risk to the server, it decreases it tremendously.
That being said, here it goes. First of all, find out if your IP (Internet Protocol) is static (not changing) or dynamic (changes everytime you log on). To do this, first consider the fact if you have a dial up modem. If you do, chances are about 999 999 out of 1 000 000 that your IP is dynamic. To make it static, just go to a place like h*tp://www.myftp.org/ to register for a static ip address.
You'll then need to get your IP. This can be done by doing this:
Going to Start -> Run -> winipcfg or www.ask.com and asking 'What is my IP?'
After doing so, you'll need to download an FTP server client. Personally, I'd recommend G6 FTP Server, Serv-U FTPor Bullitproof v2.15 all three of which are extremely reliable, and the norm of the ftp world.
You can download them on this site: h*tp://www.liaokai.com/softw_en/d_index.htm
First, you'll have to set up your ftp. For this guide, I will use step-by-step instructions for G6. First, you'll have to go into 'Setup -> General'. From here, type in your port # (default is 21). I recommend something unique, or something a bit larger (ex: 3069). If you want to, check the number of max users (this sets the amount of simultaneous maximum users on your server at once performing actions - The more on at once, the slower the connection and vice versa).
The below options are then chooseable:
-Launch with windows
-Activate FTP Server on Start-up
-Put into tray on startup
-Allow multiple instances
-Show "Loading..." status at startup
-Scan drive(s) at startup
-Confirm exit
You can do what you want with these, as they are pretty self explanatory. The scan drive feature is nice, as is the 2nd and the last option. From here, click the 'options' text on the left column.
To protect your server, you should check 'login check' and 'password check', 'Show relative path (a must!)', and any other options you feel you'll need. After doing so, click the 'advanced' text in the left column. You should then leave the buffer size on the default (unless of course you know what you're doing ), and then allow the type of ftp you want.
Uploading and downloading is usually good, but it's up to you if you want to allow uploads and/or downloads. For the server priority, that will determine how much conventional memory will be used and how much 'effort' will go into making your server run smoothly.
Anti-hammering is also good, as it prevents people from slowing down your speed. From here, click 'Log Options' from the left column. If you would like to see and record every single command and clutter up your screen, leave the defaults.
But, if you would like to see what is going on with the lowest possible space taken, click 'Screen' in the top column. You should then check off 'Log successful logins', and all of the options in the client directry, except 'Log directory changes'. After doing so, click 'Ok' in the bottom left corner.
You will then have to go into 'Setup -> User Accounts' (or ctrl & u). From here, you should click on the right most column, and right click. Choose 'Add', and choose the username(s) you would like people to have access to.
After giving a name (ex: themoonlanding), you will have to give them a set password in the bottom column (ex: wasfaked). For the 'Home IP' directory, (if you registered with a static server, check 'All IP Homes'. If your IP is static by default, choose your IP from the list. You will then have to right click in the very center column, and choose 'Add'.
From here, you will have to set the directory you want the people to have access to. After choosing the directory, I suggest you choose the options 'Read', 'List', and 'Subdirs', unless of course you know what you're doing . After doing so, make an 'upload' folder in the directory, and choose to 'add' this folder seperately to the center column. Choose 'write', 'append', 'make', 'list', and 'subdirs'. This will allow them to upload only to specific folders (your upload folder).
Now click on 'Miscellaneous' from the left column. Choose 'enable account', your time-out (how long it takes for people to remain idle before you automatically kick them off), the maximum number of users for this name, the maximum number of connections allowed simultaneously for one ip address, show relative path (a must!), and any other things at the bottom you'd like to have. Now click 'Ok'.
**Requested**
From this main menu, click the little boxing glove icon in the top corner, and right click and unchoose the hit-o-meter for both uploads and downloads (with this you can monitor IP activity). Now click the lightning bolt, and your server is now up and running.
Post your ftp info, like this:
213.10.93.141 (or something else, such as: 'f*p://example.getmyip.com')
User: *** (The username of the client)
Pass: *** (The password)
Port: *** (The port number you chose)
So make a FTP and join the FTP section
Listing The Contents Of A Ftp:
Listing the content of a FTP is very simple.
You will need FTP Content Maker, which can be downloaded from here:
ht*p://www.etplanet.com/download/application/FTP%20Content%20Maker%201.02.zip
1. Put in the IP of the server. Do not put "ftp://" or a "/" because it will not work if you do so.
2. Put in the port. If the port is the default number, 21, you do not have to enter it.
3. Put in the username and password in the appropriate fields. If the login is anonymous, you do not have to enter it.
4. If you want to list a specific directory of the FTP, place it in the directory field. Otherwise, do not enter anything in the directory field.
5. Click "Take the List!"
6. After the list has been taken, click the UBB output tab, and copy and paste to wherever you want it.
If FTP Content Maker is not working, it is probably because the server does not utilize Serv-U Software.
If you get this error message:
StatusCode = 550
LastResponse was : 'Unable to open local file test-ftp'
Error = 550 (Unable to open local file test-ftp)
Error = Unable to open local file test-ftp = 550
Close and restart FTP Content Maker, then try again.
error messages:
110 Restart marker reply. In this case, the text is exact and not left to the particular implementation; it must read: MARK yyyy = mmmm Where yyyy is User-process data stream marker, and mmmm server's equivalent marker (note the spaces between markers and "=").
120 Service ready in nnn minutes.
125 Data connection already open; transfer starting.
150 File status okay; about to open data connection.
200 Command okay.
202 Command not implemented, superfluous at this site.
211 System status, or system help reply.
212 Directory status.
213 File status.
214 Help message. On how to use the server or the meaning of a particular non-standard command. This reply is useful only to the human user.
215 NAME system type. Where NAME is an official system name from the list in the Assigned Numbers document.
220 Service ready for new user.
221 Service closing control connection. Logged out if appropriate.
225 Data connection open; no transfer in progress.
226 Closing data connection. Requested file action successful (for example, file transfer or file abort).
227 Entering Passive Mode (h1,h2,h3,h4,p1,p2).
230 User logged in, proceed.
250 Requested file action okay, completed.
257 "PATHNAME" created.
331 User name okay, need password.
332 Need account for login.
350 Requested file action pending further information.
421 Too many users logged to the same account
425 Can't open data connection.
426 Connection closed; transfer aborted.
450 Requested file action not taken. File unavailable (e.g., file busy).
451 Requested action aborted: local error in processing.
452 Requested action not taken. Insufficient storage space in system.
500 Syntax error, command unrecognized. This may include errors such as command line too long.
501 Syntax error in parameters or arguments.
502 Command not implemented.
503 Bad sequence of commands.
504 Command not implemented for that parameter.
530 Not logged in.
532 Need account for storing files.
550 Requested action not taken. File unavailable (e.g., file not found, no access).
551 Requested action aborted: page type unknown.
552 Requested file action aborted. Exceeded storage allocation (for current directory or dataset).
553 Requested action not taken. File name not allowed.
Active FTP vs. Passive FTP, a Definitive Explanation
Introduction
One of the most commonly seen questions when dealing with firewalls and other Internet connectivity issues is the difference between active and passive FTP and how best to support either or both of them. Hopefully the following text will help to clear up some of the confusion over how to support FTP in a firewalled environment.
This may not be the definitive explanation, as the title claims, however, I've heard enough good feedback and seen this document linked in enough places to know that quite a few people have found it to be useful. I am always looking for ways to improve things though, and if you find something that is not quite clear or needs more explanation, please let me know! Recent additions to this document include the examples of both active and passive command line FTP sessions. These session examples should help make things a bit clearer. They also provide a nice picture into what goes on behind the scenes during an FTP session. Now, on to the information...
The Basics
FTP is a TCP based service exclusively. There is no UDP component to FTP. FTP is an unusual service in that it utilizes two ports, a 'data' port and a 'command' port (also known as the control port). Traditionally these are port 21 for the command port and port 20 for the data port. The confusion begins however, when we find that depending on the mode, the data port is not always on port 20.
Active FTP
In active mode FTP the client connects from a random unprivileged port (N > 1024) to the FTP server's command port, port 21. Then, the client starts listening to port N+1 and sends the FTP command PORT N+1 to the FTP server. The server will then connect back to the client's specified data port from its local data port, which is port 20.
From the server-side firewall's standpoint, to support active mode FTP the following communication channels need to be opened:
FTP server's port 21 from anywhere (Client initiates connection)
FTP server's port 21 to ports > 1024 (Server responds to client's control port)
FTP server's port 20 to ports > 1024 (Server initiates data connection to client's data port)
FTP server's port 20 from ports > 1024 (Client sends ACKs to server's data port)
In step 1, the client's command port contacts the server's command port and sends the command PORT 1027. The server then sends an ACK back to the client's command port in step 2. In step 3 the server initiates a connection on its local data port to the data port the client specified earlier. Finally, the client sends an ACK back as shown in step 4.
The main problem with active mode FTP actually falls on the client side. The FTP client doesn't make the actual connection to the data port of the server--it simply tells the server what port it is listening on and the server connects back to the specified port on the client. From the client side firewall this appears to be an outside system initiating a connection to an internal client--something that is usually blocked.
Active FTP Example
Below is an actual example of an active FTP session. The only things that have been changed are the server names, IP addresses, and user names. In this example an FTP session is initiated from testbox1.slacksite.com (192.168.150.80), a linux box running the standard FTP command line client, to testbox2.slacksite.com (192.168.150.90), a linux box running ProFTPd 1.2.2RC2. The debugging (-d) flag is used with the FTP client to show what is going on behind the scenes. Everything in red is the debugging output which shows the actual FTP commands being sent to the server and the responses generated from those commands. Normal server output is shown in black, and user input is in bold.
There are a few interesting things to consider about this dialog. Notice that when the PORT command is issued, it specifies a port on the client (192.168.150.80) system, rather than the server. We will see the opposite behavior when we use passive FTP. While we are on the subject, a quick note about the format of the PORT command. As you can see in the example below it is formatted as a series of six numbers separated by commas. The first four octets are the IP address while the second two octets comprise the port that will be used for the data connection. To find the actual port multiply the fifth octet by 256 and then add the sixth octet to the total. Thus in the example below the port number is ( (14*256) + 178), or 3762. A quick check with netstat should confirm this information.
testbox1: {/home/p-t/slacker/public_html} % ftp -d testbox2
Connected to testbox2.slacksite.com.
220 testbox2.slacksite.com FTP server ready.
Name (testbox2:slacker): slacker
---> USER slacker
331 Password required for slacker.
Password: TmpPass
---> PASS XXXX
230 User slacker logged in.
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
ftp: setsockopt (ignored): Permission denied
---> PORT 192,168,150,80,14,178
200 PORT command successful.
---> LIST
150 Opening ASCII mode data connection for file list.
drwx------ 3 slacker users 104 Jul 27 01:45 public_html
226 Transfer complete.
ftp> quit
---> QUIT
221 Goodbye.
Passive FTP
In order to resolve the issue of the server initiating the connection to the client a different method for FTP connections was developed. This was known as passive mode, or PASV, after the command used by the client to tell the server it is in passive mode.
In passive mode FTP the client initiates both connections to the server, solving the problem of firewalls filtering the incoming data port connection to the client from the server. When opening an FTP connection, the client opens two random unprivileged ports locally (N > 1024 and N+1). The first port contacts the server on port 21, but instead of then issuing a PORT command and allowing the server to connect back to its data port, the client will issue the PASV command. The result of this is that the server then opens a random unprivileged port (P > 1024) and sends the PORT P command back to the client. The client then initiates the connection from port N+1 to port P on the server to transfer data.
From the server-side firewall's standpoint, to support passive mode FTP the following communication channels need to be opened:
FTP server's port 21 from anywhere (Client initiates connection)
FTP server's port 21 to ports > 1024 (Server responds to client's control port)
FTP server's ports > 1024 from anywhere (Client initiates data connection to random port specified by server)
FTP server's ports > 1024 to remote ports > 1024 (Server sends ACKs (and data) to client's data port)
In step 1, the client contacts the server on the command port and issues the PASV command. The server then replies in step 2 with PORT 2024, telling the client which port it is listening to for the data connection. In step 3 the client then initiates the data connection from its data port to the specified server data port. Finally, the server sends back an ACK in step 4 to the client's data port.
While passive mode FTP solves many of the problems from the client side, it opens up a whole range of problems on the server side. The biggest issue is the need to allow any remote connection to high numbered ports on the server. Fortunately, many FTP daemons, including the popular WU-FTPD allow the administrator to specify a range of ports which the FTP server will use. See Appendix 1 for more information.
The second issue involves supporting and troubleshooting clients which do (or do not) support passive mode. As an example, the command line FTP utility provided with Solaris does not support passive mode, necessitating a third-party FTP client, such as ncftp.
With the massive popularity of the World Wide Web, many people prefer to use their web browser as an FTP client. Most browsers only support passive mode when accessing ftp:// URLs. This can either be good or bad depending on what the servers and firewalls are configured to support.
Passive FTP Example
Below is an actual example of a passive FTP session. The only things that have been changed are the server names, IP addresses, and user names. In this example an FTP session is initiated from testbox1.slacksite.com (192.168.150.80), a linux box running the standard FTP command line client, to testbox2.slacksite.com (192.168.150.90), a linux box running ProFTPd 1.2.2RC2. The debugging (-d) flag is used with the FTP client to show what is going on behind the scenes. Everything in red is the debugging output which shows the actual FTP commands being sent to the server and the responses generated from those commands. Normal server output is shown in black, and user input is in bold.
Notice the difference in the PORT command in this example as opposed to the active FTP example. Here, we see a port being opened on the server (192.168.150.90) system, rather than the client. See the discussion about the format of the PORT command above, in the Active FTP Example section.
testbox1: {/home/p-t/slacker/public_html} % ftp -d testbox2
Connected to testbox2.slacksite.com.
220 testbox2.slacksite.com FTP server ready.
Name (testbox2:slacker): slacker
---> USER slacker
331 Password required for slacker.
Password: TmpPass
---> PASS XXXX
230 User slacker logged in.
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> passive
Passive mode on.
ftp> ls
ftp: setsockopt (ignored): Permission denied
---> PASV
227 Entering Passive Mode (192,168,150,90,195,149).
---> LIST
150 Opening ASCII mode data connection for file list
drwx------ 3 slacker users 104 Jul 27 01:45 public_html
226 Transfer complete.
ftp> quit
---> QUIT
221 Goodbye.
Summary
The following chart should help admins remember how each FTP mode works:
Active FTP :
command : client >1024 -> server 21
data : client >1024 <- server 20
Passive FTP :
command : client >1024 -> server 21
data : client >1024 -> server >1024
A quick summary of the pros and cons of active vs. passive FTP is also in order:
Active FTP is beneficial to the FTP server admin, but detrimental to the client side admin. The FTP server attempts to make connections to random high ports on the client, which would almost certainly be blocked by a firewall on the client side. Passive FTP is beneficial to the client, but detrimental to the FTP server admin. The client will make both connections to the server, but one of them will be to a random high port, which would almost certainly be blocked by a firewall on the server side.
Luckily, there is somewhat of a compromise. Since admins running FTP servers will need to make their servers accessible to the greatest number of clients, they will almost certainly need to support passive FTP. The exposure of high level ports on the server can be minimized by specifying a limited port range for the FTP server to use. Thus, everything except for this range of ports can be firewalled on the server side. While this doesn't eliminate all risk to the server, it decreases it tremendously.
Langganan:
Postingan (Atom)