How To Change Default Folder of Windows Explorer

It’s a common feature for Windows to open the Libraries views on default, but most of the times, we may be requiring some other folder to open in default view and here’s how you do it :
1. Open any folder and right click on the folder icon in the task bar. Then again right click over the “Windows Explorer” and select “properties“. or
Search “Windows Explorer” in start menu and right click on it and select “properties“.

2.In the Properties tab, select the “shortcut” tab. Here you can see the Default location of the Explorer in the “Target” Field. We just need to change that field for our required purpose.

The new locations which needs to be entered are GUIDs (Globally Unique Identifier’s) which can be obtained for any folder through the Registry Directory. It was these codes which we have used in our earlier part to enable hidden God-Modes.Click Here To View How to Enable God Mode.

This is how you obtain them :
1. Open “Run” from start menu and enter “Regedit” to enter the registry editor. Go to Edit >> Find and type in a example key like the one below :
{E96F5460-09CE-4f46-88B1-F4B6B4A8E252}
This key refers to the Windows Media Player. but you can dig around for more pre-set default folder locations
2. Copy the key of the desired folder and enter the target field with a vale like this :
%windir%\explorer.exe ::{208D2C60-3AEA-1069-A2D7-08002B30309D}
The example shown above opens the “Network” folder. Just change the Key value and keep the first part ” %windir%\explorer.exe ::” as it is.
3. You can also open Specific folders without the need of keys by replacing the “FOLDER” name with your desired folder location like this :
%windir%\explorer.exe C:\FOLDER
Just change the location “C:\FOLDER” to any desired location and save your settings.

Read More

Hide Drives Using Command Prompt

This method is much more easy and simplified. Just make sure you do it correctly. Here are the steps:
Serach cmd and run it as Administrator.
Type mountvol in command prompt and press enter. It will show the ID of drives, note the ID of drive you want to hide.

• We noted down for F:, viz 
• \\?\Volume{14394d58-7caf-11e2-af9b-806e6f6e6963}\
  • F:\
• To hide the drive, you have to type in command prompt:mountvol F: /d
• To bring it back, you have to type:mountvol f: [volume id] (The volume id is the one we noted down earlier), our command was:
• mountvol f: \\?\Volume{14394d58-7caf-11e2-af9b-806e6f6e6963}\

Note : Be careful while noting down volume ID, if you do it wrong, you will lose all the data of that drive. You should not try this with your system drive.

Read More

How To Copy Text From Any Image

Sometimes we come across a image in which some useful text is written and we want to copy that text but it takes too much time to type text from the image so now this post is going to save your time. I'll show you to copy text from any image very easily just read and follow these given steps to copy text from any image and please share this post with your friends also to spread information.
1: First of all you need Microsoft OneNote. It comes with Microsoft Office package.
2: Now open Microsoft OneNote 2010.
3: Copy-Paste any image to Microsoft OneNote 2010 from which you want to copy the text
4: Now right click on pasted image and click on Copy Text From Picture as shown in below screenshot.
5: Now open notepad or any your favorite text editor and press CTRL + V to paste text.

Read More

Make Applications Password protected in Pc

Here Is a trick to make your pc softwares password protected. It means whenever anyone open any software in your pc then he/she will be asked for a password if the user don't know the password then he can not use the software. If you are interested to protect your pc softwares with password then just follow below steps

First of all download a software named Password Door to your pc [Download: 594.85 KB]
2:
Now install it to your pc, while installing , it will ask you to enter a password which will be used to open the password protected softwares.
3:
Now open Password Door with the help of password which you have entered while installing
Now Click on protect a program.
4:
Now You'll see a list of all program on which you can set password.

Select the app from the list and make it password protect.
Now whenever you or any other user open password protected app, app will ask for the password. if you know the password only then you can access the application.
You can remove password from apps anytime.

Important To Read: If you are thinking, your little bro or sis uninstall Password Door to access the application, then they can't do it, because this program will ask for the same password to uninstall it from pc.

Read More

Make File Size Bigger

You can create a file of any size using nothing more than what's supplied with Windows. Start by converting the desired file size into hexadecimal notation. You can use the Windows Calculator in Scientific mode do to this. Suppose you want a file of 1 million bytes. Enter 1000000 in the calculator and click on the Hex option to convert it (1 million in hex is F4240.) Pad the result with zeroes at the left until the file size reaches eight digits—000F4240.

Now open the command prompt window by entering cmd in the Start menu's Run dialog; in 

• Enter the command DEBUG BIGFILE.DAT and 
• ignore the File not found message. 
• Type RCX and press Enter. 
• Debug will display a colon prompt. 
• Enter the last four digits of the hexadecimal number you calculated (4240, in our example) and press enter. 
• Type RBX and press Enter, 
• then enter the first four digits of the hexadecimal size (000F, in our example) and press enter. 
• Enter W for Write and Q for Quit in capitals. 

You've just created a 1-million-byte file using Debug. Of course you can create a file of any desired size using the same technique.

Read More

How to Remove Write Protection Error In Usb Drive

In the Write Protected error, we can’t write or copy any data in our flash drives and even can’t format the drive.There are many reasons that cause this problem, let’s see solutions of them.

Solutions:
• First of all try to locate a small switch (if any, that you may have not noticed) at some place on the drive or memory card reader. This is the prime reason for this error. If there is one, switch it to the other side to turn the protection off.
• Yes I know this problem is also occurring these days without this switch but not to worry. Just download this helpful software from here and run it to execute a “low-level format” on the drive. This software is quite handy and may take few attempts to actually remove the error.
• The problem can also be caused by some virus activity so just get it scanned by some updated good anti virus which may solve your problem.
• BUT if none of the methods listed above solves your problem then your pen drive might have gone corrupted, so just get it replaced.

Try these first :
1: After the low level format, you may need to “Partition the drive“. Dont worry, partitioning a pen drive means allocating it its File System and Cluster Size that was lost after the Low Level Format.
For that:
Run diskmgmt.msc in Run.
In the disk management window, select the pen drive, right click on it and click on Format.
Now choose the File System and Allocation Unit Size and do not check the boxes below.
or
Download this program : Hard-Disk-Utils
(AND PLEASE verify you are formatting your USB flash and not anyother drive with important data)
AND.. Verify this problem is your USB by
So to verify if its gone bad or if you cant really write to it. Put it in another computer and see if your problem still happens.
If it still does, its either
1) Theres a switch on it to manually set it to write protect or off
2) The Device has become corrupt.
The computer may say, Write Protect error, cant write to usb flash drive. So at this point, its still detecting the device itself, but whats really happening is "Broken/dead/corrupt". The Computer can only communicate to you, it cant write to it. At this point you can grab your data off the flash drive and I would suggest you do so.

Here's a program you will find useful Repair_v2.9.1.1
And if its a switch you are looking for , its a tiny on inside the plastic near the side to where you insert it to the usb.

Getting more detailed,
, people have seen the following errors when their thumbs drives, memory card etc becomes write protected.
Cannot copy files and folders, drive is write protected
Cannot format the drive, drive is write protected
The disk is write protected
Remove write protection or use another disk
Media is write protected
Some times people say that suddenly their drive become write protected and they are not able to delete any files and folder on the drive and also not able to copy new files and folder to USB portable drive.
Let’s see how can you remove write protection on your portable devices like pen drives, memory cards, iPod and other USB mass storage devices.

Fix:
Write Protection on any portable USB Device can be applied by the physical lock provided on the card adjuster or some times provided on the pen drives, so make sure to make your drive not write protected by moving the lock in right direction.
But even after moving the physical lock for write protection the problem can happen due to some virus action. This happens when some virus or script which applies the registry hack to make any drive write protect when connected to the computer, In that case follow the procedure below to remove write protection from your pen drive.

Registry Trick To Remove Write Protection From Usb Flash Drive (works for few cases only).

According to the mails we had received about this problem, people have seen the following errors when their thumbs drives, memory card etc becomes write protected.
Cannot copy files and folders, drive is write protected
Cannot format the drive, drive is write protected
The disk is write protected
Remove write protection or use another disk
Media is write protected
Some times people say that suddenly their drive become write protected and they are not able to delete any files and folder on the drive and also not able to copy new files and folder to USB portable drive.
Let’s see how can you remove write protection on your portable devices like pen drives, memory cards, iPod and other USB mass storage devices.

Fix:
Write Protection on any portable USB Device can be applied by the physical lock provided on the card adjuster or some times provided on the pen drives, so make sure to make your drive not write protected by moving the lock in right direction.
But even after moving the physical lock for write protection the problem can happen due to some virus action. This happens when some virus or script which applies the registry hack to make any drive write protect when connected to the computer, In that case follow the procedure below to remove write protection from your pen drive.
1. Open Start Menu >> Run, type regedit and press Enter, this will open the registry editor.
2. Navigate to the following path:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\StorageDevicePolicies
3. Double click the key WriteProtect in the right pane and set the value to 0 in the Value Data Box and press OK button
4. Exit Registry, restart your computer and then again re-connect your USB pen drive on your computer. That is it, done.

Read More

How to Copy The CopyProtected Cd/Dvd

Ever since CD burners became inexpensive enough to be an attractive upgrade for most PC owners, CD production companies have been concerned with piracy. Because of this, CDs manufactures frequently alter the way they produce CDs so that copying them is more challenging. CDs come packaged with many different types of copying protection.
At TopTenREVIEWS We Do the Research So You Don't Have To.
Since 2002, millions of copy-protected CDs have been released; not all of these CDs will work on all types of hardware. Some work only on CD players and not on CD-ROM players, DVD players, game consoles or car stereos. Consumers aren't able to back up their music from these CDs or even convert them to the poplar MP3 format.One common method that has been used in the USA to protect CDs from being copied includes adding data to the CD copy that makes it unreadable to copiers; a second method includes altering the way the files are listed in the table of contents so that the CD can't be read by a CD-ROM.
No matter how frequently the video or music industries attempt to build the ultimate CD copy blocking system, enterprising people will find ways around them. For example, a student at Princeton University discovered a method to disable new copy protection that the CD manufacturer BMC is developing. This student found if you hold down the shift key while the CD begins to load onto your machine the Microsoft Windows AutoRun feature prevents the anti-piracy software from loading. This doesn't delete the program but bypasses the copy protection installation, making the music available for copying. Once such a discovery is made public on the Internet, the rest is history.

A Few Different Types of Common CD Protection:
Alcatraz, CD-Cops, CD-Protect, LaserLock, LockBlocks, Phenoprotect, ProtectCD, Ring PROTECH, Roxxe, SafeCast, SecuROM, SmarteCD, SoftLock, Star Force, TAGES, The Bongle

Read More

How To Upload and Download Binary files to Usenet

HOW TO UPLOAD

The purpose of this article is to explain how to upload and download binary files to a newsgroup, with a particular attention to large files sent in multiple posts. Since most newservers limit the size of binary files attached to the messages, you may split a large file into smaller chunks and attack them to several messages. As a general rule, if the file you want to send is larger than 1Mb you'll have to split it into smaller files.
The most popular tool to split large files into chunks in the Windows environment is Mastersplitter, which purpose is "to split large files in order to move them via floppies or for transmission via E-mail." It also can Join chunks or Compare them to verify they are the same of the original file. All you have to do is to launch Mastersplitter, enter the name of the large file you want to split, enter the size (for example, 700Kb).
Anyway, splitting files is not so hard, and you can easily write by yourself a file splitter in C or in QBasic.
It's better not to create too many small chunks because some of them could be lost passing from newsserver to newsserver, and you'll have to repost them, in order to satisfy all the audience. A size of about 700Kb should be good, considering that binaries attachment are encoded, and grows of 1/4 of their original size, and the addictional bytes required for the header and the rest of the body of the message, so that the total size of the message will be lower than 1Mb.
Once you have splitted the file, you can post it to the newsgroup. Make sure the newsserver to which you'll send your messages accepts posting (i.e. it's not a read-only newsserver), and accepts binary attachments. Here you can find a list of free NNTP servers: http://www.ElfQrin.com/mine/nntpserv.html
Since attaching every chunk to a message and then send it it's a long and boring duty, you can use an automatic tool such as Autopost. With Autopost you can put all the files (single files or chunks of a larger file) you want to post in a directory, for example C:\TEMP, then you can launch the program and click on the "Settings" button to enter the option window in which you can enter the NNTP server you want to use (Host), login info (username and password) in case you are not useing a free server, the Header information (Name, Reply-To, Organization), and a prefix to the Subject (the Subject of every post will be made by your Prefix, followed by the file name and [1/1] that means the message has 1 binary attachment. Sadly autopost doesn't add the size of the attachment which is an useful information, especially if who downloads it has a slow connection), the directory containing the files you want to send, and the destination newsgroup. When you are finished with the options, you can click on OK, and then you can start posting by pressing the "Post" button.
If you are doing it for the first time, you can try to post something to alt.test or even better, since they are binary files, to alt.binaries.test : it's not a Good Thing to send binary files to non-binary newsgroups, even if the server allows you to do that. Also when you'll make your actual post, make sure that it's "on topic" with the newsgroup you choose. You'd better lurk in a newsgroup for at least one/two weeks before to make your first post.
A last note about netiquette: make sure you are not using ALL CAPITAL LETTERS not only in the body of your message, but also in your name and subject.

HOW TO DOWNLOAD

To download files from a newsgroup, of course you need to have access to that newsgroup first. So you'll need a program to read newsgroups and a NNTP server that carries the newsgroup you want to open. If your ISP doesn't have a NNTP server, or it has but it doesn't carry the newsgroup you like, or it only gets a few posts for that newsgroup, you can try one of the free NNTP servers from the list at the URL provided above.
For what concerns the application, a browser like Netscape or IE is good enough. If you want to try a specific news agent, you may try Forte Agent. Forte Agent can also automatically split and rejoin large files. To open a newsgroup from a browser, you have to enter in the location field (the one in where you normally enter the URL of a webpage) the "news" protocol followed by the DNS or the IP address of the NNTP server you intend to use, and the name of the newsgroup you want to open, such as in this example: news://news.unina.it/alt.binaries.pictures.animated.gifs
The content of a newsgroup looks similar to your normal mailbox: you can read the posts by clicking on them. If they have an attachment it usually will appear as a link at the bottom of the message. All you have to do is to right click it and save it to disk. If they are chunks of a large file, name them with a progressive number (for example "File1", "File2", "File3", or just "1", "2", "3"...), to make things easier when you'll have to rejoin them. If the attachment is a picture it will be shown directly, unless it is encoded, or you have disabled this function, in case your news agent allows it (on Netscape 4.5+ you can disable image loading with Edit|Preferences...|Advanced| and then uncheck "Automatically load images"). Anyway, in this case you also can right click the picture and save it to disk.
It may happen that the message you opened is not what you expected to, for it has nothing to do with the topic of the newsgroup, because it can be a message posted or crossposted to the wrong newsgroup, or more likely spam (commercial message), or a message posted by a "troll" (annoying person who don't believe in free speech online and flood newsgroups he doesn't like with fake messages). In this case ignore the message and open another one, as a general rule don't even reply to trolls: that's what they want to enhance their otherwise low self-esteem (because they are happy to know someone considered them) and increase flood on the newsgroup. Send your complains to his ISP, instead. If the newsgroup is moderated, moderators will simply delete posts from spammers and trolls (however moderation is generally not a Good Thing, because it's anyway a form of censorship). If you are using a browser, you'd better disable JavaScript inside the messages to prevent spammers to redirect your browser to their website. On Netscape 4.5+ you can do that with Edit|Preferences...|Advanced| and then uncheck "Enable JavaScript for Mail and News".
Binary attachments for their same nature (as they are binary files attached to an otherwise pure text file) are encoded in some way, but generally your news agent can decode them automatically, in a transparent way for you, still some encoding can't be decoded "on the fly" (like Base64) and if you are downloading a picture, you'll see a link to save instead of the picture, even if you enabled the images. Some agents, such as Netscape, don't have a direct support for UUencoded (one of the first encoding systems. UU means "Unix to Unix") attachments, and you'll receive it as a file in this format:

begin PERMISSION_MODE FILENAME
UUencoded data
`
end

as in the following example:

begin 644 europe.jpg
M;2XN+BXN+R\N+B\O+BXN+BXN+R\N+B\O+BXO+RXO+RXN+B\ON+B\O+BXN
M"AM;-#LV2"`@("`@+R`@7`H;6S$[,3%("AM;,CLQ,4@@("`@<("\*&ULS
`
end

The encoded data is a series of lines of ASCII text characters which are normally 60 characters long and begin with the letter "M". When UUencoded files are saved as stand alone files, generally have an ".uu" or ".uue" extension.
If you get this kind of attachment, and your agent doesn't offer a support for it, you have to decode it "manually" first. You have to proceed this way: Copy the whole body of the message (usually with CTRL+A to select all, followed by CTRL+C to copy it), then paste it (CTRL+V) on a good text editor. Don't use the standard Windows Notepad because it can't handle large text files and have problems with some special characters. The best Notepad replacement I ever found (and I've tried them all) is JGsoft EditPad which is also almost freeware (actually Postcardware: the author expects that you send him a postcard if you decide to keep his software, even if there's no expiry time nor nag screens). Download it, unzip it, rename editplus.exe as notepad.exe, copy it in your Windows directory (normally C:\WINDOWS) overwriting the original file, and forget the ugly Windows Notepad as ever existed (note: if you want to keep a copy of the original Notepad, copy it elsewhere but don't move or rename it, because Windows will redirect the File Types to the renamed/moved program). Another excellent text editor mainly meant for coders is EditPlus (shareware), but it has too many functions to be considered a simple Notepad replacement, so I'd rather install it as a second text editor.
However, once you have it in your text editor, delete all the lines which aren't part of the UUencoded file (everything above the "begin" line and below the "end" line) and save it to disk with the name you want. Now you can decode it with Shell Decode Extension or Aladdin Expander. Remember to delete the UUencoded file you saved after decoding it, for it will be only a waste of space on your hard disk.
If the file you are downloading has been UUencoded and then split in multiple chunks, it may happen that single chunks doesn't have the "begin" and the "end" lines. In this case, after you have deleted all the useless lines, leaving only the ones that begin with a "M", manually add the begin/end lines, as in the following example:

begin 644 File2
M;2XN+BXN+R\N+B\O+BXN+BXN+R\N+B\O+BXO+RXO+RXN+B\ON+B\O+BXN
M"AM;-#LV2"`@("`@+R`@7`H;6S$[,3%("AM;,CLQ,4@@("`@<("\*&ULS
end

If you have several chunks of a large files on your hard disk, now it's time to rejoin them. You can do that with a tool such as MasterSplitter, or manually, from the MS-DOS command line. In this case you can use the COPY command like in the following example:

COPY /B File1+File2+File3+File4+FileN DestFile.ext

Where DestFile.ext is the name of the destination file name with the appropriate extension (.MPG for MPEG movies, .MP3 for MP3 audio files, .JPG or .GIF for pictures, and so on...)
The option /B is necessary because you are joining Binary files. If you try to join binary files without the /B option, they will be treated as ASCII (pure text) files, and the copy process will end as soon as the computer will meet a byte with a value of 0, because it will consider it as an End-Of-File (EOF) marker.
If you have several chuncks and you can't put all of their names in a single MS-DOS command line (there's a limit of 127 characters for a single command line), you'd better join them in larger chunks first, as in the following example:

COPY /B File1+File2+File3+File4+File5+File6 File1-6
COPY /B File7+File8+File9+File10+File11+File12 File7-12

COPY /B File1-6+File7-12 TheMovie.mpg

If there are some missing chunks, you can post a message asking to the original poster or to someone else who got all the posts, to post the missing chunks again. It would be nice to have a second newsgroup dedicated only to reposts (a kind of "subnewsgroup"), to don't bother people that got all the parts of the file. Before to ask, you can try to open that newsgroup from another NNTP server. Since news posts are passed from a server to another, it may happen that your server didn't get all the posts, but you could find them in another one which has a better "feed" (it gets posts from more newsservers) and a longer history (it keeps old posts for a longer time).
However, if you can't get all the chunks but the file you were downloading is an MPEG movie, still you can join the chunks you got, if you have at least the first chunk which contains the MPEG header information. You'll notice some weird effects when two non contiguos chunks join. Another interesting peculiarity of MPEG files is that you can view them during the downloading. When you open a message containing a MPEG video, stop it as soon as the link with its file name appear (on Netscape), then right click on the link and save it to disk, so that the file will be saved directly from the Internet to the disk. Now you can make a copy of the file (click on the file name, then press CTRL+C followed by CTRL+V) and launch it while the rest of the file is still to be downloaded. This is useful to see if the video you are downloading is actually what you expect, rather than a video you already have with a different name, spam, or something that could be inconvenient for you.
To see at least a frame of the MPEG video, you should wait until you got at least the first 35Kb (actually it depends from the width/height, color depth and resolution of the video), while if you want to have a more precise idea of the first second of animation, you should wait until you got 75/100Kb. The same peculiarity apply to MP3 audio files and also to JPEG images.
If the file you have downloaded is an executable file, DELETE IT AT ONCE. Never run executable program files downloaded from a newsgroup. They are VERY likely to be trojans or viruses (especially if the program was posted in a newsgroup in which are expressed unpopular ideas). Even if you trust the sender, you can't be sure if instead is someone who forged his identity.
A trojan can format your hard disk, work as a hidden server that keeps a "back door" open to intruders, or send your e-mail address and other personal information to someone else on the Internet, if you are online, or next time you are online. If for some reason you think you have absolutely to try that file, and you can't download it from somewhere else at least check it with an Antivirus such as McAfee before, which however is a good thing to do for any executable file you downloaded from the Internet, or more specifically from a website you've never been before.

HOW TO VIEW A FILE DOWNLOADED FROM A NEWSGROUP

If the file is compressed, you have to decompress it first. There are many compression formats but most common one is ZIP that might be associated with other kind of compressions. However the extension of the file will look like .ZIP, .GZIP, or .TAR.ZIP . WinZip can handle them all, and if you installed the WinZip shell extension you can right click on the file and choose Extract to... from the context menu. For more compression types you can try Aladdin Expander, which also handles typical Mac compressed files such as .HQX or .SIT (StuffIt).
Now that you have uncompressed the file, you can open it.
Microsoft Windows MediaPlayer handles almost all the audio/video formats. Be sure to have the latest version installed. Another freeware alternative is TornaPlayer. If the file is an MP3 you may want to use a better and most specific player as WinAmp.
Pictures in almost any format can be opened with ACD-See (shareware) or IrfanView (freeware). For more (and uncommon) graphic formats you can try a professional application as Corel Photo-Paint. With PhotoPaint you can also edit pictures to adjust colors, contrast, or sharpness. In this case you should save the file with the same name, but adding an "r" as a suffix to the file name: is a good rule to don't never change the name of a picture, especially if it's part of a series.

Read More

How To Close Open Holes

As We Know That  netstat -a command showed the list of open ports on your system. If Anyone Did not know see The Below.
The ‘–a’ option is used to display all open connections on the local machine. It also returns the remote system to which we are connected to, the port numbers of the remote system we are connected to (and the local machine) and also the type and state of connection we have with the remote system.

For Example,

C:\windows>netstat -a

Active Connections
  Proto  Local Address          Foreign Address              State  TCP    ankit:1031             dwarf.box.sk:ftp                       ESTABLISHED  TCP    ankit:1036             dwarf.box.sk:ftp-data                 TIME_WAIT  TCP    ankit:1043             banners.egroups.com:80    FIN_WAIT_2  TCP    ankit:1045             mail2.mtnl.net.in:pop3       TIME_WAIT  TCP    ankit:1052             zztop.boxnetwork.net:80   ESTABLISHED  TCP    ankit:1053             mail2.mtnl.net.in:pop3       TIME_WAIT  UDP    ankit:1025             *:*  UDP    ankit:nbdatagram       *:* Now, let us take a single line from the above output and see what it stands for:

Proto  Local Address          Foreign Address              StateTCP    ankit:1031                dwarf.box.sk:ftp              ESTABLISHED

Now, the above can be arranged as below:

Protocol: TCP (This can be Transmission Control Protocol or TCP, User Datagram Protocol or UDP or sometimes even, IP or Internet Protocol.)

Local System Name: ankit (This is the name of the local system that you set during the Windows setup.)

Local Port opened and being used by this connection: 1031  

Remote System: dwarf.box.sk (This is the non-numerical form of the system to which we are connected.)

Remote Port: ftp (This is the port number of the remote system dwarf.box.sk to which we are connected.)

State of Connection: ESTABLISHED

‘Netstat’ with the ‘–a’ argument is normally used, to get a list of open ports on your own system i.e. on the local system. This can be particularly useful to check and see whether your system has a Trojan installed or not. Yes, most good Antiviral software are able to detect the presence of Trojans, but, we are hackers, and need to software to tell us, whether we are infected or not. Besides, it is more fun to do something manually than to simply click on the ‘Scan’ button and let some software do it.

The following is a list of Trojans and the port numbers which they use, if you Netstat yourself and find any of the following open, then you can be pretty sure, that you are infected.
Port 12345(TCP)                   NetbusPort 31337(UDP)                 Back Orifice

For complete list, refer to the Tutorial on Trojans at: hackingtruths.box.sk/trojans.txt

Now, the above tutorial resulted in a number of people raising questions like: If the 'netstat -a' command shows open ports on my system, does this mean that anyone can connect to them? Or, How can I close these open ports? How do I know if an open port is a threat to my system's security of not? Well, the answer to all these question would be clear, once you read the below paragraph:

Now, the thing to understand here is that, Port numbers are divided into three ranges:

The Well Known Ports are those from 0 through 1023. This range or ports is bound to the services running on them. By this what I mean is that each port usually has a specific service running on it. You see there is an internationally accepted Port Numbers to Services rule, (refer RFC 1700 Here) which specifies as to on what port number a particular service runs. For Example, By Default or normally FTP runs on Port 21. So if you find that Port 21 is open on a particular system, then it usually means that that particular system uses the FTP Protocol to transfer files. However, please note that some smart system administrators delibrately i.e. to fool lamers run fake services on popular ports. For Example, a system might be running a fake FTP daemon on Port 21. Although you get the same interface like the FTP daemon banner, response numbers etc, however, it actually might be a software logging your prescence and sometimes even tracing you!!!

The Registered Ports are those from 1024 through 49151. This range of port numbers is not bound to any specific service. Actually, Networking utlites like your Browser, Email Client, FTP software opens a random port within this range and starts a communication with the remote server. A port number within this range is the reason why you are able to surf the net or check your email etc.

If you find that when you give the netstat -a command, then a number of ports within this range are open, then you should probably not worry. These ports are simply opened so that you can get your software applications to do what you want them to do. These ports are opened temporarily by various applications to perform tasks. They act as a buffer transfering packets (data) received to the application and vis-a-versa. Once you close the application, then you find that these ports are closed automatically. For Example, when you type www.hotmail.com in your browser, then your browser randomly chooses a Registered Port and uses it as a buffer to communicate with the various remote servers involved.

The Dynamic and/or Private Ports are those from 49152 through 65535. This range is rarely used, and is mostly used by trojans, however some application do tend to use such high range port numbers. For Example,Sun starts their RPC ports at 32768.

So this basically brings us to what to do if you find that Netstat gives you a couple of open ports on your system:

1. Check the Trojan Port List and check if the open port matches with any of the popular ones. If it does then get a trojan Removal and remove the trojan.

2. If it doesn't or if the Trojan Remover says: No trojan found, then see if the open port lies in the registered Ports range. If yes, then you have nothing to worry, so forget about it.
HACKING TRUTH: A common technique employed by a number of system administrators, is remapping ports. For example, normally the default port for HTTP is 80. However, the system administrator could also remap it to Port 8080. Now, if that is the case, then the homepage hosted at that server would be at:

http://domain.com:8080 instead of
http://domain.com:80

The idea behind Port Remapping is that instead of running a service on a well known port, where it can easily be exploited, it would be better to run it on a not so well known port, as the hacker, would find it more difficult to find that service. He would have to port scan high range of numbers to discover port remapping.

The ports used for remapping are usually pretty easy to remember. They are choosen keeping in mind the default port number at which the service being remapped should be running. For Example, POP by default runs on Port 110. However, if you were to remap it, you would choose any of the following: 1010, 11000, 1111 etc etc

Some sysadmins also like to choose Port numbers in the following manner: 1234,2345,3456,4567 and so on... Yet another reason as to why Port Remapping is done, is that on a Unix System to be able to listen to a port under 1024, you must have root previledges. 

Firewalls
Use of Firewalls is no longer confined to servers or websites or commerical companies. Even if you simply dial up into your ISP or use PPP (Point to Point Protocol) to surf the net, you simply cannot do without a firewall. So what exactly is a firewall?

Well, in non-geek language, a firewall is basically a shield which protects your system from the untrusted non-reliable systems connected to the Internet. It is a software which listens to all ports on your system for any attempts to open a connection and when it detects such an attempt, then it reacts according to the predefined set of rules. So basically, a firewall is something that protects the network(or systen) from the Internet. It is derived from the concept of firewalls used in vehicles which is a barrier made of fire resistant material protecting the vehicle in case of fire.

Now, for a better 'according to the bible' defination of a firewall: A firewall is best described as a software or hardware or both Hardware and Software packet filter that allows only selected packets to pass through from the Internet to your private internal network. A firewall is a system or a group of systems which guard a trusted network( The Internal Private Network from the untrusted network (The Internet.)

NOTE: This was a very brief desciption of what a firewall is, I would not be going into the details of their working in this manual.

Anyway,the term 'Firewalls', (which were generally used by companies for commerical purposes) has evolved into a new term called 'Personal Firewalls'. Now this term is basically used to refer to firewalls installed on a standalone system which may or may not be networked i.e. It usually connects to an ISP. Or in other words a personal firewall is a firewall used for personal use.

Now that you have a basic desciption as to what a firewall is, let us move on to why exactly you need to install a Firewall? Or, how can not installing a firewall pose a threat to the security of your system?

You see, when you are connected to the Internet, then you have millions of other untrusted systems connected to it as well. If somehow someone found out your IP address, then they could do probably anything to your system. They could exploit any vulnerability existing in your system, damage your data, and even use your system to hack into other computers.

Finding out someone'e IP Address is not very difficult. Anybody can find out your IP, through various Chat Services, Instant Messengers (ICQ, MSN, AOL etc), through a common ISP and numerous other ways. Infact finding out the IP Address of a specific person is not always the priority of some hackers.

What I mean to say by that is that there are a number of Scripts and utilities available which scan all IP addresses between a certain range for predefined common vulnerabilities. For Example, Systems with File Sharing Enabled or a system running an OS which is vulnerable to the Ping of Death attack etc etc As soon as a vulnerable system is found, then they use the IP to carry out the attacks.

The most common scanners look for systems with RAT's or Remote Administration Tools installed. They send a packet to common Trojan ports and display whether the victim's system has that Trojan installed or not. The 'Scan Range of IP Addresses' that these programs accept are quite wide and one can easily find a vulnerable system in the matter of minutes or even seconds.

Trojan Horses like Back Orifice provide remote access to your system and can set up a password sniffer. The combination of a back door and a sniffer is a dangerous one: The back door provides future remote access, while the sniffer may reveal important information about you like your other Passwords, Bank Details, Credit Card Numbers, Social Security Number etc If your home system is connected to a local LAN and the attacker manages to install a backdoor on it, then you probably have given the attacker the same access level to your internal network, as you have. This wouls also mean that you will have created a back door into your network that bypasses any firewall that may be guarding the front door.

You may argue with me that as you are using a dial up link to your ISP via PPP, the attacker would be able to access your machine only when you are online. Well, yes that is true, however, not completely true. Yes, it does make access to your system when you reconnect, difficult, as you have a dynamic Internet Protocol Address. But, although this provides a faint hope of protection, routine scanning of the range of IP's in which your IP lies, will more often than not reveal your current Dynamic IP and the back door will provide access to your system.

HACKING TRUTH: Microsoft Says: War Dialer programs automatically scan for modems by trying every phone number within an exchange. If the modem can only be used for dial-out connections, a War Dialer won't discover it. However, PPP changes the equation, as it provides bidirectional transportmaking any connected system visible to scanners—and attackers.

So how do I protect myself from such Scans and unsolicitated attacks? Well, this is where Personal Firewalls come in. They just like their name suggests, protect you from unsolicitated connection probes, scans, attacks.

They listen to all ports for any connection requests received (from both legitimate and fake hosts) and sent (by applications like Browser, Email Client etc.) As soon as such an instance is recorded, it pops up a warning asking you what to do or whether to allow the connection to initiate or not. This warning message also contains the IP which is trying to initiate the connection and also the Port Number to which it is trying to connect i.e. the Port to which the packet was sent. It also protects your system from Port Scans, DOS Attacks, Vulnerability attacks etc. So basically it acts as a shield or a buffer which does not allow your system to communicate with the untrusted systems directly.

Most Personal Firewalls have extensive logging facilities which allows you to track down the attackers. Some popular firewalls are:

1.BlackICE Defender : An IDS for PC's. It's available at http://www.networkice.com.
2. ZoneAlarm: The easiest to setup and manage firewall. Get it for free at: www.zonelabs.com

Once you have installed a firewall on your system, you will often get a number of Warnings which might seem to be as if someone is trying to break into your system, however, they are actually bogus messages, which are caused by either your OS itself or due to the process called Allocation of Dynamic IP's. For a details description of these two, read on.

Many people complain that as soon as they dial into their ISP, their firewall says that such and such IP is probing Port X. What causes them?
Well, this is quite common. The cause is that somebody hung up just before you dialed in and your ISP assigned you the same IP address. You are now seeing the remains of communication with the previous person. This is most common when the person to which the IP was assigned earlier was using ICQ or chat programs, was connected to a Game Server or simply turned off his modem before his communication with remote servers was complete.

You might even get a message like: Such and Such IP is trying to initaite a Netbios Session on Port X. This again is extrememly common. The following is an explanation as to why it happens, which I picked up a couple of days ago: NetBIOS requests to UDP port 137 are the most common item you will see in your firewall reject logs. This comes about from a feature in Microsoft's Windows: when a program resolves an IP address into a name, it may send a NetBIOS query to IP address. This is part of the background radiation of the Internet, and is nothing to be concerned about.

What Causes them? On virtually all systems (UNIX, Macintosh, Windows), programs call the function 'gethostbyaddr()' with the desired address. This function will then do the appropriate lookup, and return the name. This function is part of the sockets API. The key thing to remember about gethostbyaddr() is that it is virtual. It doesn't specify how it resolves an address into a name. In practice, it will use all available mechanisms. If we look at UNIX, Windows, and Macintosh systems, we see the following techniques:

DNS in-addr.arpa PTR queries sent to the DNS server
NetBIOS NodeStatus queries sent to the IP address
lookups in the /etc/hosts file
AppleTalk over IP name query sent to the IP address
RPC query sent to the UNIX NIS server
NetBIOS lookup sent to the WINS server

Windows systems do the /etc/hosts, DNS, WINS, and NodeStatus techniques. In more excruciating detail, Microsoft has a generic system component called a naming service. All the protocol stacks in the system (NetBIOS, TCP/IP, Novel IPX, AppleTalk, Banyan, etc.) register the kinds of name resolutions they can perform. Some RPC products will likewise register an NIS naming service. When a program requests to resolve an address, this address gets passed onto the generic naming service. Windows will try each registered name resolution subsystem sequentially until it gets an answer.

(Side note: User's sometimes complained that accessing Windows servers is slow. This is caused by installing unneeded protocol stacks that must timeout first before the real protocol stack is queried for the server name.).
The order in which it performs these resolution steps for IP addresses can be configured under the Windows registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\ServiceProvider. 

Breaking Through Firewalls
Although Firewalls are meant to provide your complete protection from Port Scan probes etc there are several holes existing in popular firewalls, waiting to be exploited. In this issue, I will discuss a hole in ZoneAlarm Version 2.1.10 to 2.0.26, which allows the attacker to port scan the target system (Although normally it should stop such scans.)

If one uses port 67 as the source port of a TCP or UDP scan, ZoneAlarm will let the packet through and will not notify the user. This means, that one can TCP or UDP port scan a ZoneAlarm protected computer as if there were no firewall there IF one uses port 67 as the source port on the packets.

Exploit:
UDP Scan:
You can use NMap to port scan the host with the following command line:
nmap -g67 -P0 -p130-140 -sU 192.168.128.88
(Notice the -g67 which specifies source port).

TCP Scan:
You can use NMap to port scan the host with the following command line:
nmap -g67 -P0 -p130-140 -sS 192.168.128.88
(Notice the -g67 which specifies source port).

Read More

23 Ways To Speed WinXP

Since defragging the disk won't do much to improve Windows XP performance, here are 23 suggestions that will. Each can enhance the performance and reliability of your customers' PCs. Best of all, most of them will cost you nothing.
1.) To decrease a system's boot time and increase system performance, use the money you save by not buying defragmentation software -- the built-in Windows defragmenter works just fine -- and instead equip the computer with an Ultra-133 or Serial ATA hard drive with 8-MB cache buffer.
2.) If a PC has less than 512 MB of RAM, add more memory. This is a relatively inexpensive and easy upgrade that can dramatically improve system performance.
3.) Ensure that Windows XP is utilizing the NTFS file system. If you're not sure, here's how to check: First, double-click the My Computer icon, right-click on the C: Drive, then select Properties. Next, examine the File System type; if it says FAT32, then back-up any important data. Next, click Start, click Run, type CMD, and then click OK. At the prompt, type CONVERT C: /FS:NTFS and press the Enter key. This process may take a while; it's important that the computer be uninterrupted and virus-free. The file system used by the bootable drive will be either FAT32 or NTFS. I highly recommend NTFS for its superior security, reliability, and efficiency with larger disk drives.
4.) Disable file indexing. The indexing service extracts information from documents and other files on the hard drive and creates a "searchable keyword index." As you can imagine, this process can be quite taxing on any system.
The idea is that the user can search for a word, phrase, or property inside a document, should they have hundreds or thousands of documents and not know the file name of the document they want. Windows XP's built-in search functionality can still perform these kinds of searches without the Indexing service. It just takes longer. The OS has to open each file at the time of the request to help find what the user is looking for.
Most people never need this feature of search. Those who do are typically in a large corporate environment where thousands of documents are located on at least one server. But if you're a typical system builder, most of your clients are small and medium businesses. And if your clients have no need for this search feature, I recommend disabling it.
Here's how: First, double-click the My Computer icon. Next, right-click on the C: Drive, then select Properties. Uncheck "Allow Indexing Service to index this disk for fast file searching." Next, apply changes to "C: subfolders and files," and click OK. If a warning or error message appears (such as "Access is denied"), click the Ignore All button.
5.) Update the PC's video and motherboard chipset drivers. Also, update and configure the BIOS. For more information on how to configure your BIOS properly, see this article on my site.
6.) Empty the Windows Prefetch folder every three months or so. Windows XP can "prefetch" portions of data and applications that are used frequently. This makes processes appear to load faster when called upon by the user. That's fine. But over time, the prefetch folder may become overloaded with references to files and applications no longer in use. When that happens, Windows XP is wasting time, and slowing system performance, by pre-loading them. Nothing critical is in this folder, and the entire contents are safe to delete.
7.) Once a month, run a disk cleanup. Here's how: Double-click the My Computer icon. Then right-click on the C: drive and select Properties. Click the Disk Cleanup button -- it's just to the right of the Capacity pie graph -- and delete all temporary files.
8.) In your Device Manager, double-click on the IDE ATA/ATAPI Controllers device, and ensure that DMA is enabled for each drive you have connected to the Primary and Secondary controller. Do this by double-clicking on Primary IDE Channel. Then click the Advanced Settings tab. Ensure the Transfer Mode is set to "DMA if available" for both Device 0 and Device 1. Then repeat this process with the Secondary IDE Channel.
9.) Upgrade the cabling. As hard-drive technology improves, the cabling requirements to achieve these performance boosts have become more stringent. Be sure to use 80-wire Ultra-133 cables on all of your IDE devices with the connectors properly assigned to the matching Master/Slave/Motherboard sockets. A single device must be at the end of the cable; connecting a single drive to the middle connector on a ribbon cable will cause signaling problems. With Ultra DMA hard drives, these signaling problems will prevent the drive from performing at its maximum potential. Also, because these cables inherently support "cable select," the location of each drive on the cable is important. For these reasons, the cable is designed so drive positioning is explicitly clear.
10.) Remove all spyware from the computer. Use free programs such as AdAware by Lavasoft or SpyBot Search & Destroy. Once these programs are installed, be sure to check for and download any updates before starting your search. Anything either program finds can be safely removed. Any free software that requires spyware to run will no longer function once the spyware portion has been removed; if your customer really wants the program even though it contains spyware, simply reinstall it. For more information on removing Spyware visit this Web Pro News page.
11.) Remove any unnecessary programs and/or items from Windows Startup routine using the MSCONFIG utility. Here's how: First, click Start, click Run, type MSCONFIG, and click OK. Click the StartUp tab, then uncheck any items you don't want to start when Windows starts. Unsure what some items are? Visit the WinTasks Process Library. It contains known system processes, applications, as well as spyware references and explanations. Or quickly identify them by searching for the filenames using Google or another Web search engine.
12.) Remove any unnecessary or unused programs from the Add/Remove Programs section of the Control Panel.
13.) Turn off any and all unnecessary animations, and disable active desktop. In fact, for optimal performance, turn off all animations. Windows XP offers many different settings in this area. Here's how to do it: First click on the System icon in the Control Panel. Next, click on the Advanced tab. Select the Settings button located under Performance. Feel free to play around with the options offered here, as nothing you can change will alter the reliability of the computer -- only its responsiveness.
14.) If your customer is an advanced user who is comfortable editing their registry, try some of the performance registry tweaks offered at Tweak XP.
15.) Visit Microsoft's Windows update site regularly, and download all updates labeled Critical. Download any optional updates at your discretion.
16.) Update the customer's anti-virus software on a weekly, even daily, basis. Make sure they have only one anti-virus software package installed. Mixing anti-virus software is a sure way to spell disaster for performance and reliability.
17.) Make sure the customer has fewer than 500 type fonts installed on their computer. The more fonts they have, the slower the system will become. While Windows XP handles fonts much more efficiently than did the previous versions of Windows, too many fonts -- that is, anything over 500 -- will noticeably tax the system.
18.) Do not partition the hard drive. Windows XP's NTFS file system runs more efficiently on one large partition. The data is no safer on a separate partition, and a reformat is never necessary to reinstall an operating system. The same excuses people offer for using partitions apply to using a folder instead. For example, instead of putting all your data on the D: drive, put it in a folder called "D drive." You'll achieve the same organizational benefits that a separate partition offers, but without the degradation in system performance. Also, your free space won't be limited by the size of the partition; instead, it will be limited by the size of the entire hard drive. This means you won't need to resize any partitions, ever. That task can be time-consuming and also can result in lost data.
19.) Check the system's RAM to ensure it is operating properly. I recommend using a free program called MemTest86. The download will make a bootable CD or diskette (your choice), which will run 10 extensive tests on the PC's memory automatically after you boot to the disk you created. Allow all tests to run until at least three passes of the 10 tests are completed. If the program encounters any errors, turn off and unplug the computer, remove a stick of memory (assuming you have more than one), and run the test again. Remember, bad memory cannot be repaired, but only replaced.
20.) If the PC has a CD or DVD recorder, check the drive manufacturer's Web site for updated firmware. In some cases you'll be able to upgrade the recorder to a faster speed. Best of all, it's free.
21.) Disable unnecessary services. Windows XP loads a lot of services that your customer most likely does not need. To determine which services you can disable for your client, visit the Black Viper site for Windows XP configurations.
22.) If you're sick of a single Windows Explorer window crashing and then taking the rest of your OS down with it, then follow this tip: open My Computer, click on Tools, then Folder Options. Now click on the View tab. Scroll down to "Launch folder windows in a separate process," and enable this option. You'll have to reboot your machine for this option to take effect.
23.) At least once a year, open the computer's cases and blow out all the dust and debris. While you're in there, check that all the fans are turning properly. Also inspect the motherboard capacitors for bulging or leaks. For more information on this leaking-capacitor phenomena, you can read numerous articles on my site.
Following any of these suggestions should result in noticeable improvements to the performance and reliability of your customers' computers. If you still want to defrag a disk, remember that the main benefit will be to make your data more retrievable in the event of a crashed drive.

Read More

A Proxy - An Overview

What is a Proxy Server?
A proxy server is a kind of buffer between your computer and the Internet resources you are accessing. The data you request come to the proxy first, and only then it transmits the data to you. I know many are looking for IP Maskers or Scramblers, but honestly, it aint real easy for the simple fact that any website that you visit needs your IP to send the info packets too. If its scrambled, you will get alot of errors and crazy redirects :P My solution? Read on for a good list of Proxy servers try here: http://www.multiproxy.org

Why do I need to use proxy servers?
Transfer speed improvement. Proxy servers accumulate and save files that are most often requested by thousands of Internet users in a special database, called “cache”. Therefore, proxy servers are able to increase the speed of your connection to the Internet. The cache of a proxy server may already contain information you need by the time of your request, making it possible for the proxy to deliver it immediately.
Security and privacy. Anonymous proxy servers that hide your IP address thereby saving you from vulnerabilities concerned with it. 
Sometimes you may encounter problems while accessing to web server when server administrator restricted access from your IP or even from wide IP range (for example restricting access from certain countries or geographical regions). So you try to access those pages using an anonymous proxy server. 

What is a public proxy server?
It is a proxy server which is free and open for everybody on the Internet. Unfortunately most of them are not anonymous.
Free service trying to provide list of public HTTP proxy servers. Usually provide small list of proxies with low percent of functioning servers due to hosting restrictions on CPU time (they simply can't allow themselves to check many proxies every second especially in parallel). 

The Solution?

When using an anonymous proxy server you don’t give a anybody chance to find out your IP address to use it in their own interests. ;) If there is a need to make an (inner) proxy connect to the outside world via another (outer) proxy server, you can use the same environment variables as are used to redirect clients to the proxy to make inner proxy use the outer one: 
http_proxy 
ftp_proxy 
gopher_proxy 
wais_proxy 
E.g. your (inner) proxy server's startup script could look like this: 
#!/bin/sh
http_proxy=http://outer.proxy.server:8082/
export http_proxy
/usr/etc/httpd -r /etc/inner-proxy.conf -p 8081

This is a little ugly, so there are also the following directives in the configuration file: 
http_proxy http://outer.proxy.server/ 
ftp_proxy http://outer.proxy.server/ 
gopher_proxy http://outer.proxy.server/ 
wais_proxy http://outer.proxy.server

Read More

How To find Which Computer is Using NetBios ?

Any computer that is running something on port 139 is likely (but not certain) to be using NetBIOS. Most crackers use nmap to port scan. This tool runs on Unix/Linux type computers. You can get it at http://www.insecurity.org. There is also a Windows version of nmap, but it isn't very good. A better choice for Windows is Whats Up from http://www.ipswitch.com. You can get a one month free trial of it.
Here's an example of an nmap scan of Oldguy:
test-box:/home/cmeinel # nmap -sTU 10.0.0.2
Starting nmap V. 3.00 ( www.insecure.org/nmap/ )
Interesting ports on (10.0.0.2):
(The 3060 ports scanned but not shown below are in state: closed)
Port State Service
21/tcp open ftp
70/tcp open gopher
80/tcp open http
135/tcp open loc-srv
135/udp open loc-srv
137/udp open netbios-ns
138/udp open netbios-dgm
139/tcp open netbios-ssn
500/udp open isakmp
Nmap run completed -- 1 IP address (1 host up) scanned in 8 seconds
As you can see from this scan, three ports are identified with NetBIOS. This tells us that we could set nmap to scan a large number of Internet addresses, only looking for port 139 on each. To learn how to set up nmap to run this way, in your Unix or Linux shell give the command "man nmap".
For more on what crackers do once they break into a computer using NetBIOS (like installing back doors), see http://happyhacker.org/gtmhh/vol3no10.shtml <vol3no10.shtml>.

You can get punched in the nose warning: if you use a port scanner against networks that haven't given you permission to scan, you will be waving a red flag that says "Whaddaya wanna bet I'm a computer criminal?" You can't get arrested for merely port scanning, but people who don't like being scanned might get you kicked off your Internet service provider.
You can get really, big time, punched in the nose warning: If you visit the same computer or LAN really often to see what's new and to try different things, even if you don't break the law you'd better be doing it with the permission of the owner. Otherwise you may make enemies who might crash or destroy your operating system. And that is only what they may do when feeling mellow. After a night of hard drinking - well, you don't want to find out.

Read More