How To Copy Text From Any Image

Sometimes we come across a image in which some useful text is written and we want to copy that text but it takes too much time to type text from the image so now this post is going to save your time. I'll show you to copy text from any image very easily just read and follow these given steps to copy text from any image and please share this post with your friends also to spread information.
1: First of all you need Microsoft OneNote. It comes with Microsoft Office package.
2: Now open Microsoft OneNote 2010.
3: Copy-Paste any image to Microsoft OneNote 2010 from which you want to copy the text
4: Now right click on pasted image and click on Copy Text From Picture as shown in below screenshot.
5: Now open notepad or any your favorite text editor and press CTRL + V to paste text.

Read More

How to Remove Write Protection Error In Usb Drive

In the Write Protected error, we can’t write or copy any data in our flash drives and even can’t format the drive.There are many reasons that cause this problem, let’s see solutions of them.

Solutions:
• First of all try to locate a small switch (if any, that you may have not noticed) at some place on the drive or memory card reader. This is the prime reason for this error. If there is one, switch it to the other side to turn the protection off.
• Yes I know this problem is also occurring these days without this switch but not to worry. Just download this helpful software from here and run it to execute a “low-level format” on the drive. This software is quite handy and may take few attempts to actually remove the error.
• The problem can also be caused by some virus activity so just get it scanned by some updated good anti virus which may solve your problem.
• BUT if none of the methods listed above solves your problem then your pen drive might have gone corrupted, so just get it replaced.

Try these first :
1: After the low level format, you may need to “Partition the drive“. Dont worry, partitioning a pen drive means allocating it its File System and Cluster Size that was lost after the Low Level Format.
For that:
Run diskmgmt.msc in Run.
In the disk management window, select the pen drive, right click on it and click on Format.
Now choose the File System and Allocation Unit Size and do not check the boxes below.
or
Download this program : Hard-Disk-Utils
(AND PLEASE verify you are formatting your USB flash and not anyother drive with important data)
AND.. Verify this problem is your USB by
So to verify if its gone bad or if you cant really write to it. Put it in another computer and see if your problem still happens.
If it still does, its either
1) Theres a switch on it to manually set it to write protect or off
2) The Device has become corrupt.
The computer may say, Write Protect error, cant write to usb flash drive. So at this point, its still detecting the device itself, but whats really happening is "Broken/dead/corrupt". The Computer can only communicate to you, it cant write to it. At this point you can grab your data off the flash drive and I would suggest you do so.

Here's a program you will find useful Repair_v2.9.1.1
And if its a switch you are looking for , its a tiny on inside the plastic near the side to where you insert it to the usb.

Getting more detailed,
, people have seen the following errors when their thumbs drives, memory card etc becomes write protected.
Cannot copy files and folders, drive is write protected
Cannot format the drive, drive is write protected
The disk is write protected
Remove write protection or use another disk
Media is write protected
Some times people say that suddenly their drive become write protected and they are not able to delete any files and folder on the drive and also not able to copy new files and folder to USB portable drive.
Let’s see how can you remove write protection on your portable devices like pen drives, memory cards, iPod and other USB mass storage devices.

Fix:
Write Protection on any portable USB Device can be applied by the physical lock provided on the card adjuster or some times provided on the pen drives, so make sure to make your drive not write protected by moving the lock in right direction.
But even after moving the physical lock for write protection the problem can happen due to some virus action. This happens when some virus or script which applies the registry hack to make any drive write protect when connected to the computer, In that case follow the procedure below to remove write protection from your pen drive.

Registry Trick To Remove Write Protection From Usb Flash Drive (works for few cases only).

According to the mails we had received about this problem, people have seen the following errors when their thumbs drives, memory card etc becomes write protected.
Cannot copy files and folders, drive is write protected
Cannot format the drive, drive is write protected
The disk is write protected
Remove write protection or use another disk
Media is write protected
Some times people say that suddenly their drive become write protected and they are not able to delete any files and folder on the drive and also not able to copy new files and folder to USB portable drive.
Let’s see how can you remove write protection on your portable devices like pen drives, memory cards, iPod and other USB mass storage devices.

Fix:
Write Protection on any portable USB Device can be applied by the physical lock provided on the card adjuster or some times provided on the pen drives, so make sure to make your drive not write protected by moving the lock in right direction.
But even after moving the physical lock for write protection the problem can happen due to some virus action. This happens when some virus or script which applies the registry hack to make any drive write protect when connected to the computer, In that case follow the procedure below to remove write protection from your pen drive.
1. Open Start Menu >> Run, type regedit and press Enter, this will open the registry editor.
2. Navigate to the following path:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies
3. Double click the key WriteProtect in the right pane and set the value to 0 in the Value Data Box and press OK button
4. Exit Registry, restart your computer and then again re-connect your USB pen drive on your computer. That is it, done.

Read More

List of some pc errors and solutions

You may came across of different error messages while using computer.Some are easy to understand and some are difficult.You wonder how to solve them.Here is list of common PC Error messages and their solutions.

Fatal exception error
Fatal exception errors are codes that are returned by a program in the following cases:
• Access to an illegal instruction has been encountered
• Invalid data or code has been accessed
• The privilege level of an operation is invalid
When any of these cases occurs, the processor returns an exception to the operating system, which in turn is handled as a fatal exception error. In many cases the exception is non-recoverable and the system must either be restarted or shut down, depending upon the severity of the error.

Illegal operation error
An application has experienced instability due to some type of error. This could also be caused by some other application interacting with the error producing program.

Registry/configuration error

Choose Command prompt only and run scan reg.
To restore the registry Windows 98:
1. Click Start and then click Shut Down.
2. Click Restart in MS-DOS mode, and then click Yes.
3. At the Ms-Dos prompt type scanreg/restore

Not enough memory to render page
This error appears when a document you sent to the printer is too big for the printer’s buffer memory.

Data Error Reading/Writing Drive C (or other drive)
The error messages given indicate hard drive failure or serious data corruption
This error can be caused by:
Hard drive not setup properly in CMOS.
Hard drive not connected.
Bad hard drive.
This program has performed an illegal operation and will be shut down. If the problem persists, contact the program vendor
Some type of software tried to communicate with the computer’s CPU, which didn’t understand the request or the request was an invalid action.
There is not enough free memory to run this program. Quit one or more programs, and then try again
You do not have enough memory (RAM) to run all the programs you want to open
There was an internal error, and one of the windows you were using will be closed. It is recommended that you save your work, close all programs, and then restart your computer
You most often see this when you open several windows from the same application, such as many open browser windows or several text documents running in separate windows. When one of the open windows experiences errors and crashes, this message pops up
Invalid system disk Replace the disk, and then press any key
That message means that your hard drive is no longer bootable. Likely causes are a defective drive, corrupted files, or a virus.

Not enough memory to render page
The printer driver may have determined the amount of printer memory incorrectly. This behavior can also occur if the printer does not have enough memory to render the page.
Stop 0x0000000A or IRQL_NOT_LESS_OR_EQUAL
This behavior can occur if there is incompatible hardware or an incompatible device driver on your computer. Try and restore your configuration using the Last Known Good Configuration option from Safe Mode. Remove any newly installed hardware.

Invalid Page Fault
An unexpected event has occurred in Windows.
A program has requested data that is not currently in virtual memory, and Windows attempts to retrieve the data from a storage device and load it into RAM.
An invalid page fault error message can occur when Windows cannot locate the data.
The virtual memory system has become unstable because of a shortage of RAM or hard drive space.
A program is attempting to access data that is being modified by another program that is running.
Windows Protection Error
This behavior can occur when a when your computer loads or unloads a virtual device driver (VxD)
Non-system disk or disk error. Replace and press any key when ready
You may see this message if your start device/disk (floppy disk drive, hard disk drive, or CD-ROM drive) does not contain boot files

Fatal error: An error has been encountered that prevents setup from continuing.
One of the components that Windows needs to continue setup could not be installed.
You may see this message if your hard disk is damaged or corrupted. You receive the error messages because the Setup program is trying to repair the problem on your hard disk.

System has recovered from a serious error
This problem occurs because after a Minidump file is written, the paging file continues to have a flag set that indicates that a Minidump file must be written.
The system is low on virtual memory. Windows is increasing the size of your virtual memory paging file
This issue may occur if there is not sufficient memory on the computer, and when the current virtual memory settings are not set high enough.
This application requires the Windows Installer to run
The Windows Installer is missing or damaged.

Internet Explorer. A runtime error has occurred. Do you wish to debug
Internet Explorer is displaying this message because it has encountered this error when trying to run some JavaScript on the page.
This message may appear when the Visual InterDev PageNavbar control tries to open a Web page whose name contains an apostrophe (').
The margins of section X are set outside the printable area of the page. Do you want to continue?
Your margins are set closer to the edge of the paper than your printer is capable of printing.

Read More

How to Copy The CopyProtected Cd/Dvd

Ever since CD burners became inexpensive enough to be an attractive upgrade for most PC owners, CD production companies have been concerned with piracy. Because of this, CDs manufactures frequently alter the way they produce CDs so that copying them is more challenging. CDs come packaged with many different types of copying protection.
At TopTenREVIEWS We Do the Research So You Don't Have To.
Since 2002, millions of copy-protected CDs have been released; not all of these CDs will work on all types of hardware. Some work only on CD players and not on CD-ROM players, DVD players, game consoles or car stereos. Consumers aren't able to back up their music from these CDs or even convert them to the poplar MP3 format.One common method that has been used in the USA to protect CDs from being copied includes adding data to the CD copy that makes it unreadable to copiers; a second method includes altering the way the files are listed in the table of contents so that the CD can't be read by a CD-ROM.
No matter how frequently the video or music industries attempt to build the ultimate CD copy blocking system, enterprising people will find ways around them. For example, a student at Princeton University discovered a method to disable new copy protection that the CD manufacturer BMC is developing. This student found if you hold down the shift key while the CD begins to load onto your machine the Microsoft Windows AutoRun feature prevents the anti-piracy software from loading. This doesn't delete the program but bypasses the copy protection installation, making the music available for copying. Once such a discovery is made public on the Internet, the rest is history.

A Few Different Types of Common CD Protection:
Alcatraz, CD-Cops, CD-Protect, LaserLock, LockBlocks, Phenoprotect, ProtectCD, Ring PROTECH, Roxxe, SafeCast, SecuROM, SmarteCD, SoftLock, Star Force, TAGES, The Bongle

Read More

No Device error On Micromax Modem In Window 8 Solved

All New Window 8 Users Are Getting This Error of No Device When They Insert There Micromax Modem In it.This Error Occurs only With Micromax Usb Modem And Vodafone Usb Modem, Idea Usb Modem Works Well. This Problem With Micromax Modem Is Due To Because Your System Doesn't Support Your Modem Driver.To Solve This Just Follow This Simple Steps.
1).Plug In Your Modem
2).Now Launch The Micromax Application
3).Wait For No Device.
4).When It Says No Device.Navigate To Device Manager By Clicking Right Clicking On My Computer Then Choose Manage And the Device Manager From The Navigation Box On your Left Side.
5).Here You Will See A Other Device Drop Down Menu With some Unknow Device.
6).Now uninstall All The Option you See In Other Device.
7).After Uninstalling Click On Action Button From The upper Taskbar And Click on Scan For Hardware Changes.
8).Now Just Wait For Something 5 Second And It's Done.
9).Now Turn On The Micromax Application And See you Will Sure Got The Network.

For More Help Relates To Windows 8 Error Post The Errors With Error Code And Get The Solution. You Can Also Contact Us On Facebook Here

Read More

How to Set up a Secure Anonymous FTP Site

Anonymous FTP FAQ

The following is a FAQ on setting up a secure FTP Site. FTP sites are known for much abuse by transferring illegal files. They also open many oppurtunities for intruders to gain access via misconfigured setups. And lastly many versions of ftp servers have had security holes. This FAQ is intended to clean up this abuse by allowing administrators to go through this check list of steps to make sure their FTP is correctly configured and that they are running the most current ftp daemon.

This is organized in the following fashion, I am breaking into several parts as follows: 

1. General Description of Setting up an "Anonymous" FTP server.
2. Setting up a chrooted Secure Anonymous FTP server.
3. OS Specific needed information and suggestions.
   • Older SVR2 and SVR3 system, RTU 6.0 (Masscomp, now Concurrent Real Time UNIX), and AT&T 3B1 and 3B2 machines
   • HPUX
   • Solaris 2.x
   • SunOS
4. Where to get other FTP daemons
5. How to Know if your Anonymous FTP Server is Secure
6. Archie

---

1. General Description of Setting up an "anonymous" ftp server.

1. Create the user ftp in /etc/passwd. Use a misc group. The user's home directory will be ~ftp where ~ftp is the root you wish anonymous users to see. Creating this user turns on anonymous ftp.Use an invalid password and user shell for better security. The entry in the passwd file should look something like:
   

   ftp:*:400:400:Anonymous FTP:/home/ftp:/bin/true

2. Create the home directory ~ftp. Make the directory owned by root (NOT ftp) with the same group as ftp. Thus, owner permissions are for root and group permissions are for the anonymous users. Set the permissions for ~ftp to 555 (read, nowrite, execute).Warning: Some MAN pages recommend making the ~ftp directory owned by ftp. This is a big NO-NO, if you want any type of security on your system.
   
3. Create the directory ~ftp/bin. This directory is owned by root (group e.g. wheel) with permissions 111 (noread, nowrite, execute).
4. Copy the program ls into ~ftp/bin. ls is owned by root with permissions 111 (noread, nowrite, execute). Any other commands you put in ~ftp/bin should have the same permissions as well.
5. Make the directory ~ftp/etc. This directory is owned by root with permissions 111.
6. Create from scratch the files /etc/passwd and /etc/group in ~ftp/etc. These files should be mode 444. The passwd file should only contain root, daemon, uucp, and ftp. The group file must contain ftp's group. Use your /etc/passwd and /etc/group files as a template for creating passwd and group files going to ~ftp/etc. You may even change the user names in this file, they are used only for 'ls' command. So for example if all files in your ~ftp/pub/linux hierarchy will be maintained by a real user 'balon' with uid=156 you may put

   linux:*:156:120:Kazik Balon::

   in the ~ftp/etc/passwd file (regardless of his real username). Leave only these users who will own files under ftp hierarchy (e.g. root, daemon, ftp...) and definitely remove *ALL* passwords by replacing them with '*' so the entry looks like:

   root:*:0:0:Ftp maintainer::
   ftp:*:400:400: Anonymous ftp::

   For more security, you can just remove ~ftp/etc/passwd and ~ftp/etc/group (the effect is that ls -l will not show the directories' group names). Wuarchive ftp daemon (and some others) have some extensions based on the contents of the group/passwd files, so read the appropriate documentation.
7. Make the directory ~ftp/pub. This directory is owned by you and has the same group as ftp with permissions 555. On most systems (like SunOS) you may want to make this directory 2555, ie. set-group-id, in order to create new files with the same group ownership.Files are left here for public distribution. All folders inside ~ftp/pub should have the same permissions as 555.
   Warning: Neither the home directory (~ftp) nor any directory below it should be owned by ftp! No files should be owned by ftp either. Modern ftp daemons support all kinds of useful commands, such as chmod, that allow outsiders to undo your careful permission settings. They also have configuration options like the following (WuFTP) to disable them:
   

   # all the following default to "yes" for everybody
   
   delete          no      guest,anonymous         # delete permission?
   
   overwrite       no      guest,anonymous         # overwrite permission?
   
   rename          no      guest,anonymous         # rename permission?
   
   chmod           no      anonymous               # chmod permission?
   
   umask           no      anonymous               # umask permission?
   
   

8. If you wish to have a place for anonymous users to leave files, create the directory ~ftp/pub/incoming. This directory is owned by root with permissions 733. Do a 'chmod +t ~ftp/pub/incoming'. The ftp daemon will normally not allow an anonymous user to overwrite an existing file, but a normal user of the system would be able to delete anything. By setting the mode to '1733' you prevent this from happening. In wuftpd you may configure the daemon to create new files with permissions '600' owned by root or any other user. Many times, incoming directories are abused by exchanging pirated and pornographic material. Abusers often create hidden directories there for this purpose. Making the incoming directory unreadable by anonymous ftp helps to some extent. With ordinary ftp severs there is no way to prevent directories being created in incoming. The WUarchive ftp server can limit uploads to certain directories and can restrict characters used in file names like this:

   # specify the upload directory information
   
   upload  /var/spool/ftp  *       no
   
   upload  /var/spool/ftp  /incoming       yes     ftp     staff   0600    nodirs
   
   
   
   # path filters                                                                                  # path-filter...
   
   path-filter  anonymous  /etc/msgs/pathmsg  ^[-A-Za-z0-9_\.]*$  ^\.  ^-
   
   path-filter  guest      /etc/msgs/pathmsg  ^[-A-Za-z0-9_\.]*$  ^\.  ^-
   
   

   Suggestion: Create an extra file-system for your ftp-area (or at least for your incoming-area) to prevent a denial-of-service attack by filling your disk with garbage (inside your incoming directory).
   If you have wuftpd you may want to add some ftp extensions like compression/decompression 'on the fly' or creation of tar files for the directory hierarchies. Get the appropriate sources (gzip, gnutar, compress), compile them and link statically, put in the ~ftp/bin directory and edit the appropriate file containing the definitions of the allowed conversions. /usr/bin/tar is already statically-linked. You may wish to use gnu tar anyway.
   Gary Mills wrote a small program to support the following:
   To do tar and compress, he wrote a tiny program called `pipe', and statically-linked it. His /etc/ftpconversions file looks like this:
   

   #strip prefix:strip postfix:addon prefix:addon postfix:external command:
   
   #types:options:description
   
   :.Z:  :  :/bin/compress -d -c %s:T_REG|T_ASCII:O_UNCOMPRESS:UNCOMPRESS
   
   :-z:  :  :/bin/compress -d -c %s:T_REG|T_ASCII:O_UNCOMPRESS:UNCOMPRESS
   
   :  :  :.Z:/bin/compress -c %s:T_REG:O_COMPRESS:COMPRESS
   
   :  :  :.tar:/bin/tar cf - %s:T_REG|T_DIR:O_TAR:TAR
   
   :  :  :.tar.Z:/bin/pipe /bin/tar cf - %s | /bin/compress -c:T_REG|T_DIR:O_COMPRESS|O_TAR:TAR+COMPRESS
   
   :  :  :.tar:/bin/gtar -c -f - %s:T_REG|T_DIR:O_TAR:TAR
   
   :  :  :.tar.Z:/bin/gtar -c -Z -f - %s:T_REG|T_DIR:O_COMPRESS|O_TAR:TAR+COMPRESS
   
   :  :  :.tar.gz:/bin/gtar -c -z -f - %s:T_REG|T_DIR:O_COMPRESS|O_TAR:TAR+GZIP
   
   

   Here it is:-----------------8<-------------cut---------------
   

   /* pipe.c: exec two commands in a pipe */
   
   
   
   #define NULL (char *)0
   
   #define MAXA 16
   
   
   
   main(argc, argv) int argc; char *argv[]; {
   
   char *av1[MAXA], *av2[MAXA];
   
   int i, n, p[2], cpid;                                                       
   
   
   
   i = 0; n = 0;
   
   while ( ++i < argc && n < MAXA ) {
   
   if ( *argv[i] == '|' && *(argv[i]+1) == '\0' ) break;
   
   av1[n++] = argv[i];
   
   }
   
   if ( n == 0 ) uexit();
   
   av1[n] = NULL;
   
   n = 0;
   
   while ( ++i < argc && n < MAXA )
   
   av2[n++] = argv[i];
   
   if ( n == 0 ) uexit();
   
   av2[n] = NULL;
   
   if ( pipe(p) != 0 ) exit(1);
   
   if ( ( cpid = fork() ) == (-1) ) exit(1);
   
   else if ( cpid == 0 ) {
   
   (void)close(p[0]);
   
   (void)close(1);
   
   (void)dup(p[1]);
   
   (void)close(p[1]);
   
   (void)execv(av1[0], av1);
   
   _exit(127);
   
   }
   
   else {
   
   (void)close(p[1]);
   
   (void)close(0);
   
   (void)dup(p[0]);
   
   (void)close(p[0]);
   
   (void)execv(av2[0], av2);
   
   _exit(127);                                                             
   
   }
   
   /*NOTREACHED*/
   
   }
   
   uexit() {
   
   (void)write(2, "Usage: pipe  | \n", 34);
   
   exit(1);
   
   }
   
   

   -------- CUT HERE ------------
9. Other things to do:as root:
   

   touch ~ftp/.rhosts
   touch ~ftp/.forward
   chmod 400 ~ftp/.rhosts
   chmod 400 ~ftp/.forward

   ie. make these files zero-length and owned by root.Due to the last /bin/mail bugs in SunOS:
   

   touch /usr/spool/mail/ftp; chmod 400 /usr/spool/mail/ftp

   Consider an email-alias for the ftp-admin(s) to provide an email-address for problems-reports.If you are mounting some disks from other machines (or even your own) to the ~ftp hierarchy, mount it read-only. The correct entry for the /etc/fstab (on the host with ftpd) is something like:
   

   other:/u1/linux /home/ftp/pub/linux nfs ro,noquota,nosuid,intr,bg 1 0

   This mounts under /home/ftp/pub/linux the disk from host 'other' with no quota, no 'suid' programs (just in case), interruptible (in case 'other' goes down) and 'bg' - so if 'other' is down when you reboot it will not stop you trying to mount /home/ftp/pub/linux all over again.

---

2. Setting up a chrooted Secure Anonymous ftp server.

This part was contributed by Marcus J Ranum <mjr@tis.com>

1. Build a statically linked version of ftpd and put it in ~ftp/bin. Make sure it's owned by root.
2. Build a statically linked version of /bin/ls if you'll need one. Put it in ~ftp/bin. If you are on a Sun, and need to build one, there's a ported version of the BSD net2 ls command for SunOs on ftp.tis.com: pub/firewalls/toolkit/patches/ls.tar.Z Make sure it's owned by root.
3. Chown ~ftp to root and make it mode 755 THIS IS VERY IMPORTANT
4. Set up copies of ~ftp/etc/passwd and ~ftp/etc/group just as you would normally, EXCEPT make 'ftp's home directory '/' -- make sure they are owned by root.
5. Write a wrapper to kick ftpd off and install it in /etc/inetd.conf The wrapper should look something like: (assuming ~ftp = /var/ftp)

   main()
   
   {
   
   if(chdir("/var/ftp")) {
   
   	perror("chdir /var/ftp");
   
   	exit(1);
   
   }
   
   if(chroot("/var/ftp")) {
   
   	perror("chroot /var/ftp");
   
   	exit(1);
   
   }
   
   /* optional: seteuid(FTPUID); */
   
   execl("/bin/ftpd","ftpd","-l",(char *)0);
   
   perror("exec /bin/ftpd");
   
   exit(1);
   
   }
   
   

   Options:You can use 'netacl' from the toolkit or tcp_wrappers to achieve the same effect.
   We use 'netacl' to switch so that a few machines that connect to the FTP service *don't* get chrooted first. This makes transferring files a bit less painful.
   You may also wish to take your ftpd sources and find all the places where it calls seteuid() and remove them, then have the wrapper do a setuid(ftp) right before the exec. This means that if someone knows a hole that makes them "root" they still won't be. Relax and imagine how frustrated they will be.
   If you're hacking ftpd sources, I suggest you turn off a bunch of the options in ftpcmd.y by unsetting the "implemented" flag in ftpcmd.y. This is only practical if your FTP area is read-only.
   
6. As usual, make a pass through the FTP area and make sure that the files are in correct modes and that there's nothing else in there that can be executed.
7. Note, now, that your FTP area's /etc/passwd is totally separated from your real /etc/passwd. This has advantages and disadvantages.
8. Some stuff may break, like syslog, since there is no /dev/log. Either build a version of ftpd with a UDP-based syslog() routine or run a second syslogd based on the BSD Net2 code, that maintains a unix-domain socket named ~ftp/dev/log with the -p flag.REMEMBER:
   If there is a hole in your ftpd that lets someone get "root" access they can do you some damage even chrooted. It's just lots harder. If you're willing to hack some code, making the ftpd run without permissions is a really good thing. The correct operation of your hacked ftpd can be verified by connecting to it and (while it's still at the user prompt) do a ps-axu and verify that it's not running as root.

---

3. OS Specific needed information and suggestions.

These machines may need dev/tcp:

• Older SVR2 and SVR3 system
• RTU 6.0 (Masscomp, now Concurrent Real Time UNIX),
• AT&T 3B1 and 3B2 machines

[dev/tcp]

These ftpd implementations may require a ~ftp/dev/tcp in order for anonymous ftp to work.You have to create a character special device with the appropriate major and minor device numbers. The appropriate major and minor numbers of ~ftp/dev/tcp are what the major and minor numbers of /dev/tcp are.
The ~ftp/dev is a directory and ~ftp/dev/tcp is a character special device. Make them owned and grouped by root. Permissions for ~ftp/dev is root read/write/exec and other & group read and exec. The permissions for ~ftp/dev/tcp is root read/write, other & group read.

HPUX

[Logging] If you're using HP's native ftpd, the line in /etc/inetd.conf should execute ftpd -l, which does extra logging.

Solaris 2.x

[Script] Solaris' man page contains a script for installing anonymous ftpd which saves time. You may still want to check over your anonymous ftpd for vulnerabilities.Command for reading the man page is:

$ man ftpd

SunOS

[Libraries] To set up SunOS to use its shared dynamic libraries, follow these steps:

1. Create the directory ~ftp/usr. This directory is owned by root with permissions 555.
2. Create the directory ~ftp/usr/lib. This directory is owned by root with permissions 555.
3. Copy the runtime loader ld.so into ~ftp/usr/lib for use by ls. ld.so is owned by root with permissions 555.
4. Copy the latest version of the shared C library, libc.so.* into ~ftp/usr/lib for use by ls.libc.so.* is owned by root with permissions 555.
   Note: 4.1.2(or above) users: you also need to copy /usr/lib/libdl.so.* to ~ftp/lib.
   
5. Create the directory ~ftp/dev. This directory is owned by root with permissions 111.
6. ~ftp/dev/zero is needed by the runtime loader. Move into the directory ~ftp/dev and create it with the command:

   mknod zero c 3 12

   chown ~ftp/dev/zero to root. Make sure it's readable.Warning: For novices: Don't try to copy /dev/zero to ~ftp/dev/zero! This is an endless file of zeroes and it will completely fill your filesystem!
   
7. If you want to have the local time showing when people connect, create the directory ~ftp/usr/share/lib/zoneinfo and copy /usr/share/lib/zoneinfo/localtime
8. If you are bothered by the need for copying your libraries so that you can use Sun's 'ls', which is dynamically linked, you can try to get a statically linked copy of 'ls' instead. The CD-ROM that contains Sun's OS has a statically-linked version of ls. In this case, you can dispense with steps #6-8.Statically linked versions may be available from the following sources:
   If you want a statically linked "ls" get the GNU fileutils off a archive site near you and statically link it.
   [Logging] Sun's standard ftpd logs *all* password information. To correct it, install patch:
   

   101640-03       SunOS 4.1.3: in.ftpd logs password info when -d option is
   
   used.   
   
   

   In /etc/inetd.conf find the line that starts with "ftp". At the end of that line, it should read "in.ftpd". Change that to "in.ftpd -dl". In /etc/syslog.conf, add a line that looks like:

                          
   
   daemon.*	               			/var/adm/daemonlog
   
   

   The information can be separated (or like SunOs4.1.1 does not recognize daemon.* so it requires the following form), such as:

   daemon.info                                    /var/adm/daemon.info
   
   daemon.debug                                   /var/adm/daemon.debug
   
   daemon.err                                     /var/adm/daemon.err
   
   

   Note that the whitespace between the two columns must include at least one TAB character, not just spaces, or it won't work. Of course your log file could be anything you want. Then, create the logfile (touch /var/adm/daemonlog should do). Finally, restart inetd and syslogd, either individually, or by rebooting the system. You should be good to go. If you do not install the patch, make sure the log file is owned by root and mode 600, as the ftp daemon will log *everything*, including users' passwords.Warning: You want to make all logs root only readable for security reasons If a user mistypes his password for his username, it could be compromised if anyone can read the log files.

---

4. Where to get other FTP daemons

• Wuarchive FTP 2.4- A secure FTP daemon that allows improved access-control, logging, pre-login banners, and is very configurable:Can be ftp'd from ftp.uu.net in "/networking/ftp/wuarchive-ftpd" directory. Be certain to verify the checksum information to confirm that you have retrieved a valid copy. [Warning: Older versions of Wu-FTP are extremely insecure and in some cases have been trojaned.]
  

                          BSD        SVR4         
  
       File               Checksum   Checksum    MD5 Digital Signature
  
       -----------------  --------   ---------   --------------------------------
  
       wu-ftpd-2.4.tar.Z  38213  181  20337 362  cdcb237b71082fa23706429134d8c32e
  
       patch_2.3-2.4.Z    09291    8  51092  16  5558a04d9da7cdb1113b158aff89be8f
  
  

• For DECWRL ftpd, sites can obtain version 5.93 via anonymous FTP from gatekeeper.dec.com in the "/pub/misc/vixie" directory.

                          BSD        SVR4         
  
       File               Checksum   Checksum    MD5 Digital Signature
  
       -----------------  --------   --------- --------------------------------
  
       ftpd.tar.gz        38443  60  1710 119  ae624eb607b4ee90e318b857e6573500
  
  

• For BSDI systems, patch 005 should be applied to version 1.1 of the BSD/386 software. You can obtain the patch file via anonymous FTP from ftp.bsdi.com in the "/bsdi/patches-1.1" directory.

                          BSD        SVR4         
  
       File               Checksum   Checksum    MD5 Digital Signature
  
       -----------------  --------   ---------   --------------------------------
  
       BU110-005          35337 272  54935 543   1f454d4d9d3e1397d1eff0432bd383cf
  
  
  
  

• Public Domain Sources:
  

  ftp.uu.net ~ftp/systems/unix/bsd-sources/libexec/ftpd
  gatekeeper.dec.com ~ftp/pub/DEC/gwtools/ftpd.tar.Z

---

5. How to Know if your Anonymous FTP Server is Secure

This section is intended for the administrator to go down a small check list of things to make sure his server is not easily compromised.

1. Check to make sure your ftp server does not have SITE EXEC command by telneting to port 21 and typing SITE EXEC. If your ftp daemon has SITE EXEC make sure it is the most current version (ie, Wu-FTP 2.4). In older versions this allows anyone to gain shell via port 21.
2. Check to make sure no one can log in and make files or directories in the main directory. If anyone can log in as anonymous FTP and make files such as .rhosts and .forward, instant access is granted to any intruder.
3. Check to make sure the main directory is NOT owned by ftp. If it is owned by FTP, an intruder could SITE CHMOD 777 the main directory and then plant files to give him instant access. SITE CHMOD command should be removed because anonymous users do not need any extra priviledges.
4. Check to make sure NO files or directories are owned by ftp. If they are, it is possible an intruder could replace them with his own trojan versions.
5. There were several bugs in old daemons, so it is very important to make sure you are running the most current ftp daemons.

   ---

   6. Archie

   Searches FTP sites for programs. Login into these sites as archie or use client software for faster access. To get your own anonymous site added to Archie's search list, e-mail archie-updates@bunyip.com.

       archie.ac.il               132.65.20.254    (Israel server)
   
       archie.ans.net             147.225.1.10     (ANS server, NY (USA))
   
       archie.au                  139.130.4.6      (Australian Server)
   
       archie.doc.ic.ac.uk        146.169.11.3     (United Kingdom Server)
   
       archie.edvz.uni-linz.ac.at 140.78.3.8       (Austrian Server)
   
       archie.funet.fi            128.214.6.102    (Finnish Server)
   
       archie.internic.net        198.49.45.10     (AT&T server, NY (USA))
   
       archie.kr                  128.134.1.1      (Korean Server)
   
       archie.kuis.kyoto-u.ac.jp  130.54.20.1      (Japanese Server)
   
       archie.luth.se             130.240.18.4     (Swedish Server)
   
       archie.ncu.edu.tw          140.115.19.24    (Taiwanese server)
   
       archie.nz                  130.195.9.4      (New Zealand server)
   
       archie.rediris.es          130.206.1.2      (Spanish Server)
   
       archie.rutgers.edu         128.6.18.15      (Rutgers University (USA))
   
       archie.sogang.ac.kr        163.239.1.11     (Korean Server)
   
       archie.sura.net            128.167.254.195  (SURAnet server MD (USA))
   
       archie.sura.net(1526)      128.167.254.195  (SURAnet alt. MD (USA))
   
       archie.switch.ch           130.59.1.40      (Swiss Server)
   
       archie.th-darmstadt.de     130.83.22.60     (German Server)
   
       archie.unipi.it            131.114.21.10    (Italian Server)
   
       archie.univie.ac.at        131.130.1.23     (Austrian Server)
   
       archie.unl.edu             129.93.1.14      (U. of Nebraska, Lincoln (USA))
   
       archie.univ-rennes1.fr                      (French Server)
   
       archie.uqam.ca             132.208.250.10   (Canadian Server)
   
       archie.wide.ad.jp          133.4.3.6        (Japanese Server)
   
   

Read More

How To Create a Simple Search Engine In PHP

Before we actually make the search engine, we need to create a basic webpage that will have an input field where the user can enter his or her search query. I'm going to keep mine simple; feel free to make an elaborate one with lots of bells and whistles. The code for my page is below:

<html> 
<head>
<title>Simple Search Engine version 1.0</title> 
</head> 
<body> 
<center> 
Enter the first, last, or middle name of the person you are looking for: <form action="search.php" method="post"> 
<input type="text" name="search_query" maxlength="25" size="15"><br> 
<input type="reset" name="reset" value="Reset"> 
<input type="text" name="submit" value="Submit"> 
</form> 
</center>
 </body>
 </html>

It's a pretty basic page so I'm not going to explain alot of it. Basically, the user will enter the first, middle, or last name of the person they are looking for and hit enter. The contents of the input field will be passed to a php script named “search.php” which will handle the rest.

Now that the page is out of the way, let's create the actual script. First, we need to connect to the database using mysql_pconnect() and select the table using mysql_select_db(). Next, we want to parse the value passed to the script to see if it contains any invalid input, such as numbers and funky characters like #&*^. You should always validate input, don't rely on things like JavaScript to do it for you, because once the user disables JavaScript all that fancy validation goes down the toilet. To check the input we are going to use a regular expression, they are a bit confusing and will be explained in a later tutorial. For now, all you need to know is that it will check to see if value passed is a string of characters. All right, enough chatter, here is the first part of the script:

<?php mysql_pconnect("host", "username", "password") or die("Can't connect!"); mysql_select_db("Names") or die("Can't select database!"); if (!eregi("[[:alpha:]]", $search_query)) { echo "Error: you have entered an invalid query, you can only use characters!<br>"; exit; }
Now that we've done that, we will form the search query.
$query= mysql_query("SELECT * FROM some_table WHERE First_Name= '$search_query' OR Middle_Name= '$search_query' OR Last_Name= '$search_query' ORDER BY Last_Name");

Look confusing? I'll explain, what's happening is, we're asking MySQL to search all the rows in First_Name, Middle_Name, and Last_Name for a match to the query entered by the user; then, take the results of that search, alphabetize the results by Last_Name.

The rest of the coding from now on is a breeze. We will get the results from the query using mysql_fetch_array( ), and check to see if there is a match using mysql_num_rows(). If there is a match, or matches, we will output it along with the number of matches found; if there isn't, we'll report to the user that we couldn't find anything.

$result= mysql_num_rows($query); if ($result == 0) { echo "Sorry, I couldn't find any user that matches your query ($search_query)"; exit; } else if ($result == 1) { echo "I've found <b>1</b> match!<br>"; } else { echo "I've found <b>$result</b> matches! <br>"; } while ($row= mysql_fetch_array($query)) { $first_name= $row["First_Name"]; $middle_name = $row["Middle_Name"]; $last_name = $row["Last_Name"]; echo "The first name of the user is: $first_name.<br>"; echo "The middle name of the user is: $middle_name.<br>"; echo "The last name of the user is: $last_name.<br>"; } ?>

I added that extra if statement so that when we report how many users we've found, its output will be in proper English. If I we don't, the script will echo "I've found 1 matches" which obviously isn't good grammar :P The rest of the script loops through the results and prints them to a webpage. That's all, we've finished the script! The entire script is included below:

<html> <head> <title>Simple Search Engine version 1.0 - Results </title> </head> <body> <?php mysql_pconnect("host", "username", "password") or die("Can't connect!"); mysql_select_db("Names") or die("Can't select database!"); if (!eregi("[[:alpha:]]", $search_query)) { echo "Error: you have entered an invalid query, you can only use characters!<br>"; exit; //No need to execute the rest of the script. } $query= mysql_query("SELECT * FROM some_table WHERE First_Name='$search_query' OR Middle_Name= '$search_query' OR Last_Name='$search_query' ORDER BY Last_Name"); $result= mysql_numrows($query); if ($result == 0) { echo "Sorry, I couldn't find any user that matches your query ($search_query)"; exit; //No results found, why bother executing the rest of the script? } else if ($result == 1) { echo "I've found <b>1</b> match!<br>"; } else { echo "I've found <b>$result</b> matches!<br>"; } while ($row= mysql_fetch_array($query)) { $first_name= $row["First_Name"]; $middle_name = $row["Middle_Name"]; $last_name = $row["Last_Name"]; echo "The first name of the user is: $first_name.<br>"; echo "The middle name of the user is: $middle_name.<br>"; echo "The last name of the user is: $last_name. <br>"; } ?> </body> </html>

It's All Done !!!

Read More

What is a Computer trojan horse

What is a trojan?
A trojan horse could be either:
a) Unauthorized instructions contained within a legitimate program. These instrcutions perform functions unknown to (and probably unwanted by) the user.
b) A legitimate program that has been altered by the placement of anauthorized instructions within it. These instructions perform functions unknown to (and probably unwanted by) the user.
c) Any program that appears to perform a desirable and necessary function but that (because of unauthorized instructions within it) performs functions unknown to (and probably unwanted by) the user.
Under a restricted environment (a restricted Unix shell or a restricted Windows computer), malicious trojans can't do much, since they are restricted in their actions. But on a home PC, trojans can be lethal and quite destructive.

Why the name 'trojan horse'?
In the 12th century B.C., Greece declared war on the city of Troy. The dispute erupted when the prince of Troy abducted the queen of Sparta and declared that he wanted to make her his wife, which made the Greeks and especially the queen of Sparta quite furious.
The Greeks gave chase and engaged Troy in a 10-year war, but unfortunately for them, all of their efforts went down the drain. Troy was simply too well fortified.
In a last effort, the Greek army pretended to be retreating, leaving behind a hude wooden horse. The people of Troy saw the horse, and, thinking it was some kind of a present from the Greeks, pulled the horse into their city, without knowing that the finest soldiers of Greece were sitting inside it, since the horse was hollow.
Under the cover of night, the soldiers snuck out and opened the gates of the city, and later, together with the rest of the army, killed the entire army of Troy.
This is why such a program is called a trojan horse - it pretends to do something while it does something completely different, or does what it is supposed to be and hides it's malicious actions from the user's prying eyes.
During the rest of this text, we will explain about the most common types of trojan horses.

Remote Administration Trojans
These trojans are the most popular trojans now. Everyone wants to have them trojan because they let you have access to your victim's hard drive, and also perform many functions on his computer (open and close his CD-ROM drive, put message boxes on his computer etc'), which will scare off most computer users and are also a hell lot of fun to run on your friends or enemies.
Modern RAT'S (remote administration trojans) are very simple to use. They come packaged with two files - the server file and the client file (if you don't know which is which, look for a help file, a FAQ, a readme or instructions on the trojan's homepage). Just fool someone into runnig the server file and get his IP and you have FULL control over his/her computer (some trojans are limited by their functions, but more functions also mean larger server files. Some trojans are merely ment for the attacker to use them to upload another trojan to his target's computer and run it, hence they take very little disk space). You can also bind trojans into other programs which appear to be legitimate.
RAT'S have the common remote access trojan functions like:
keylogging (logging the target's keystrokes (keyboard functions) and sometimes even interfering with them, thus being able to use your keyboard to type instead of the target and say weird things in chatrooms or scare the hell out of people), upload and download function, make a screenshot of the target's monitor and so on.
Some people use the trojans for malicious purposes. They either use them to irritate, scare or harm their enemies, scare the hell out of their friends or enemies and seem like a "super hacker" to them, getting information about people and spying on them or just get into people's computers and delete stuff. This is considered very lame.
There are many programs out there that detects the most common trojans (such as Nemesis at blacksun.box.sk, which also detects people trying to access your computer), but new trojans are released every day and it's pretty hard to keep track of things.
Trojans would usually want to automatically start whenever you boot-up your computer. If you use Windows, you can get b00tm0n from blacksun.box.sk (note: at the time this tutrial was released, b00tm0n was not ready yet, but it should be ready some time before year 2,000, so if you're reading this after Y2K, b00tm0n should probably be available at blacksun.box.sk). Under Unix, we suggest getting some sort of an IDS (Intrusion Detection System) programs to monitor your system.
Most Windows trojans hide from the Alt+Ctrl+Del menu (we havn't seen any Unix program that had the ability to hide itself from the processes list yet, but you can never know - one day someone might discover a way to do so. Hell, someone might have already did). This is bad because there are people who use the task list to see which process are running. There are programs that will tell me you exactly what processes are running on your computer (such as Wintop, which is the Windows version of the popular Unix program called top). Some trojans, however, use fake names and it's a little harder for certain people to realize that they are infected.
Also, some trojans might simply open an FTP server on your computer (usually NOT on port 21, the default FTP port, in order to be less noticable). The FTP server is, of course, unpassworded, or has a password which the attacker has determined, and allows the attacker to download, upload and execute files quickly and easily. For more info about FTP servers and FTP security.

How RATs work
Remote administration trojans open a port on your computer and bind themselves to it (make the server file listen to incoming connections and data going through these ports). Then, once someone runs his client program and enters the victim's IP, the trojan starts receiving commands from the attacker and runs them on the victim's computer.
Some trojans let you change this port into any other port and also put a password so only the person that infect this specific computer will be able to use the trojan. However, some of these password protections can be cracked due to bugs in the trojan (people who program RATs usually don't have much knowledge in the field of programming), and in some cases the creator of the trojan would also put a backdoor (which can be sometimes detected, under certain conditions) within the server file itself so he'll be able to access any computer running his trojan without the need to enter a password. This is called "a backdoor within a backdoor".
The most popular RATs are Netbus (because of it's simplicity), BO (has many functions and hides itself pretty good) and Sub7 (lots of functions and easy to use). These are all Windows RATs.
If you havn't done so already, it is advised to get some RAT and play around with it, just to see how the whole thing works. Using RATs for legitimate purposes
Some people use RATs to remotely administer computers they are allowed to have access to. This is all good and fine, but anyway, you should always be careful while working with RATs. Make sure you have legal access and the right to remotely administer a computer before using a RAT on it.

Password Trojans
Yes, password trojans. Password trojans scour your computer for password and then send them to the attacker or the author of the trojan. Whether it's your Internet password, your Hotmail password, your ICQ password or your IRC passwords, there is a trojan for every passsword. These trojans usually send the information back to the attacker via Email.

Priviledges-Elevating Trojans
These trojans would usually be used to fool system administrators. They can either be binded into a common system utility or pretend to be something unharmful and even quite useful and appealing. Once the administrator runs it, the trojan will give the attacker more priviledges on the system. These trojans can also be sent to less-priviledges users and give the attacker access to their account.

Keyloggers
These trojans are very simple. They log all of your keystrokes (including passwords), and then either save them on a file or Email them to the attacker once in a while.
Keyloggers usually don't take much disk space and can masquerade as important utilities, thus making them very hard to detect. Some keyloggers can also highlight passwords found in text boxes with titles such as 'enter password' or just the word password somewhere within the title text.

Destructive Trojans
These little fellows do nothing but damaging your computer. These trojans can destroy your entire hard drive, encrypt or just scramble important files and basically make you feel very unpleasent. I wouldn't want to bump into one in a dark alley.
Some might seem like joke programs, while they are actually tearing every file they encounter to pieces.

Joke Programs
Joke programs are nice, cute and unharmful. They can either pretend to be formatting your hard drive, sending all of your passwords to some evil cracker, self-destructing your computer, turning in all information about illegal and pirated software you might have on your computer to the FBI etc'. They are certainly no reason to worry about (except if you work in tech support, since unexperienced computer users tend to get scared off pretty easily by joke programs.

Protecting Yourself Against Trojans
Under Unix
If you are working on your PC, DO NOT work as root! If you run a trojan as root, you can endanger your entire system! The whole point in multi-users on a single-user system is limiting yourself in such cases (or in case you want to prevent yourself from doing anything stupid). Switch to root only when you NEED root, and when you know what you're running. Also, remember that even if you're working on a restricted environment, you still put the passwords and files you still have access to to risk. Also, if someone has a keylogger on your system, and you type in some passwords (especially the root password), they will be logged!
Also, DO NOT download any files from untrusted sources (small websites, underground websites, Usenet newsgroups, IRC etc'), even if it comes in the form of source code.

Under Windows
Windows is a whole lot different in this aspect. Limiting yourself under Windows is quite an annoyance. It is almost impossible to work like that, in comparison to Unix.
Also, make sure you don't run any untrusted software. There are much more evil Windows trojans for Windows than Unix, since people are more motivated to write trojans for Unix (because of all the security Unix imposes). Also, when running on a restricted Windows environment, you cannot just act like you're so protected and all. Remember that people can still steal passwords owned by the restricted user, and also, some trojans can break into administrator priviledges and then compromise your entire system, since Windows imposes such lame security.

Read More

Setting up DNS caching with Linux and Windows

This summary is not available. Please click here to view the post.

Read More