Over the past few years TCP sequence number prediction attacks have become a
real threat against unprotected networks, taking advantage of the inherent
trust relationships present in many network installations. TCP sequence
number prediction attacks have most commonly been implemented by opening a
series of connections to the target host, and attempting to predict the
sequence number which will be used next. Many operating systems have
therefore attempted to solve this problem by implementing a method of
generating sequence numbers in unpredictable fashions. This method does
not solve the problem.
This advisory introduces an alternative method of obtaining the initial
sequence number from some common trusted services. The attack presented here
does not require the attacker to open multiple connections, or flood a port
on the trusted host to complete the attack. The only requirement is that
source routed packets can be injected into the target network with fake
source addresses.
This advisory assumes that the reader already has an understanding of how
TCP sequence number prediction attacks are implemented.
The impact of this advisory is greatly diminished due to the large number of
organizations which block source routed packets and packets with addresses
inside of their networks. Therefore we present the information as more of
a 'heads up' message for the technically inclined, and to re-iterate that
the randomization of TCP sequence numbers is not an effective solution
against this attack.
Technical Details
~~~~~~~~~~~~~~~~~
The problem occurs when particular network daemons accept connections
with source routing enabled, and proceed to disable any source routing
options on the connection. The connection is allowed to continue, however
the reverse route is no longer used. An example attack can launched against
the in.rshd daemon, which on most systems will retrieve the socket options
via getsockopt() and then turn off any dangerous options via setsockopt().
An example attack follows.
Host A is the trusted host
Host B is the target host
Host C is the attacker
Host C initiates a source routed connection to in.rshd on host B, pretending
to be host A.
Host C spoofing Host A <SYN> --> Host B in.rshd
Host B receives the initial SYN packet, creates a new PCB (protocol
control block) and associates the route with the PCB. Host B responds,
using the reverse route, sending back a SYN/ACK with the sequence number.
Host C spoofing Host A <-- <SYN/ACK> Host B in.rshd
Host C responds, still spoofing host A, acknowledging the sequence number.
Source routing options are not required on this packet.
Host C spoofing Host A <ACK> --> Host B in.rshd
We now have an established connection, the accept() call completes, and
control is now passed to the in.rshd daemon. The daemon now does IP
options checking and determines that we have initiated a source routed
connection. The daemon now turns off this option, and any packets sent
thereafter will be sent to the real host A, no longer using the reverse
route which we have specified. Normally this would be safe, however the
attacking host now knows what the next sequence number will be. Knowing
this sequence number, we can now send a spoofed packet without the source
routing options enabled, pretending to originate from Host A, and our
command will be executed.
In some conditions the flooding of a port on the real host A is required
if larger ammounts of data are sent, to prevent the real host A from
responding with an RST. This is not required in most cases when performing
this attack against in.rshd due to the small ammount of data transmitted.
It should be noted that the sequence number is obtained before accept()
has returned and that this cannot be prevented without turning off source
routing in the kernel.
As a side note, we're very lucky that TCP only associates a source route with
a PCB when the initial SYN is received. If it accepted and changed the ip
options at any point during a connection, more exotic attacks may be possible.
These could include hijacking connections across the internet without playing
a man in the middle attack and being able to bypass IP options checking
imposed by daemons using getsockopt(). Luckily *BSD based TCP/IP stacks will
not do this, however it would be interesting to examine other implementations.
Impact
~~~~~~
The impact of this attack is similar to the more complex TCP sequence
number prediction attack, yet it involves fewer steps, and does not require
us to 'guess' the sequence number. This allows an attacker to execute
arbitrary commands as root, depending on the configuration of the target
system. It is required that trust is present here, as an example, the use
of .rhosts or hosts.equiv files.
Solutions
~~~~~~~~~
The ideal solution to this problem is to have any services which rely on
IP based authentication drop the connection completely when initially
detecting that source routed options are present. Network administrators
and users can take precautions to prevent users outside of their network
from taking advantage of this problem. The solutions are hopefully already
either implemented or being implemented.
1. Block any source routed connections into your networks
2. Block any packets with internal based address from entering your network.
Network administrators should be aware that these attacks can easily be
launched from behind filtering routers and firewalls. Internet service
providers and corporations should ensure that internal users cannot launch
the described attacks. The precautions suggested above should be implemented
to protect internal networks.
Example code to correctly process source routed packets is presented here
as an example. Please let us know if there are any problems with it.
This code has been tested on BSD based operating systems.
u_char optbuf[BUFSIZ/3];
int optsize = sizeof(optbuf), ipproto, i;
struct protoent *ip;
if ((ip = getprotobyname("ip")) != NULL)
ipproto = ip->p_proto;
else
ipproto = IPPROTO_IP;
if (!getsockopt(0, ipproto, IP_OPTIONS, (char *)optbuf, &optsize) &&
optsize != 0) {
for (i = 0; i < optsize; ) {
u_char c = optbuf[i];
if (c == IPOPT_LSRR || c == IPOPT_SSRR)
exit(1);
if (c == IPOPT_EOL)
break;
i += (c == IPOPT_NOP) ? 1 : optbuf[i+1];
}
}
One critical concern is in the case where TCP wrappers are being used. If
a user is relying on TCP wrappers, the above fix should be incorporated into
fix_options.c. The problem being that TCP wrappers itself does not close
the connection, however removes the options via setsockopt(). In this case
when control is passed to in.rshd, it will never see any options present,
and the connection will remain open (even if in.rshd has the above patch
incorporated). An option to completely drop source routed connections will
hopefully be provided in the next release of TCP wrappers. The other option
is to undefine KILL_IP_OPTIONS, which appears to be undefined by default.
This passes through IP options and allows the called daemon to handle them
accordingly.
Disabling Source Routing
~~~~~~~~~~~~~~~~~~~~~~~~
We believe the following information to be accurate, however it is not
guaranteed.
--- Cisco
To have the router discard any datagram containing an IP source route option
issue the following command:
no ip source-route
This is a global configuration option.
--- NetBSD
Versions of NetBSD prior to 1.2 did not provide the capability for disabling
source routing. Other versions ship with source routing ENABLED by default.
We do not know of a way to prevent NetBSD from accepting source routed packets.
NetBSD systems, however, can be configured to prevent the forwarding of packets
when acting as a gateway.
To determine whether forwarding of source routed packets is enabled,
issue the following command:
# sysctl net.inet.ip.forwarding
# sysctl net.inet.ip.forwsrcrt
The response will be either 0 or 1, 0 meaning off, and 1 meaning it is on.
Forwarding of source routed packets can be turned off via:
# sysctl -w net.inet.ip.forwsrcrt=0
Forwarding of all packets in general can turned off via:
# sysctl -w net.inet.ip.forwarding=0
--- BSD/OS
BSDI has made a patch availible for rshd, rlogind, tcpd and nfsd. This
patch is availible at:
ftp://ftp.bsdi.com/bsdi/patches/patches-2.1
OR via their patches email server <patches@bsdi.com>
The patch number is
U210-037 (normal version)
D210-037 (domestic version for sites running kerberized version)
BSD/OS 2.1 has source routing disabled by default
Previous versions ship with source routing ENABLED by default. As far as
we know, BSD/OS cannot be configured to drop source routed packets destined
for itself, however can be configured to prevent the forwarding of such
packets when acting as a gateway.
To determine whether forwarding of source routed packets is enabled,
issue the following command:
# sysctl net.inet.ip.forwarding
# sysctl net.inet.ip.forwsrcrt
The response will be either 0 or 1, 0 meaning off, and 1 meaning it is on.
Forwarding of source routed packets can be turned off via:
# sysctl -w net.inet.ip.forwsrcrt=0
Forwarding of all packets in general can turned off via:
# sysctl -w net.inet.ip.forwarding=0
--- OpenBSD
Ships with source routing turned off by default. To determine whether source
routing is enabled, the following command can be issued:
# sysctl net.inet.ip.sourceroute
The response will be either 0 or 1, 0 meaning that source routing is off,
and 1 meaning it is on. If source routing has been turned on, turn off via:
# sysctl -w net.inet.ip.sourceroute=0
This will prevent OpenBSD from forwarding and accepting any source routed
packets.
--- FreeBSD
Ships with source routing turned off by default. To determine whether source
routing is enabled, the following command can be issued:
# sysctl net.inet.ip.sourceroute
The response will be either 0 or 1, 0 meaning that source routing is off,
and 1 meaning it is on. If source routing has been turned on, turn off via:
# sysctl -w net.inet.ip.sourceroute=0
--- Linux
Linux by default has source routing disabled in the kernel.
--- Solaris 2.x
Ships with source routing enabled by default. Solaris 2.5.1 is one of the
few commercial operating systems that does have unpredictable sequence
numbers, which does not help in this attack.
We know of no method to prevent Solaris from accepting source routed
connections, however, Solaris systems acting as gateways can be prevented
from forwarding any source routed packets via the following commands:
# ndd -set /dev/ip ip_forward_src_routed 0
You can prevent forwarding of all packets via:
# ndd -set /dev/ip ip_forwarding 0
These commands can be added to /etc/rc2.d/S69inet to take effect at bootup.
--- SunOS 4.x
We know of no method to prevent SunOS from accepting source routed
connections, however a patch is availible to prevent SunOS systems from
forwarding source routed packets.
This patch is availible at:
ftp://ftp.secnet.com/pub/patches/source-routing-patch.tar.gz
To configure SunOS to prevent forwarding of all packets, the following
command can be issued:
# echo "ip_forwarding/w 0" | adb -k -w /vmunix /dev/mem
# echo "ip_forwarding?w 0" | adb -k -w /vmunix /dev/mem
The first command turns off packet forwarding in /dev/mem, the second in
/vmunix.
--- HP-UX
HP-UX does not appear to have options for configuring an HP-UX system to
prevent accepting or forwarding of source routed packets. HP-UX has IP
forwarding turned on by default and should be turned off if acting as a
firewall. To determine whether IP forwarding is currently on, the following
command can be issued:
# adb /hp-ux
ipforwarding?X <- user input
ipforwarding:
ipforwarding: 1
#
A response of 1 indicates IP forwarding is ON, 0 indicates off. HP-UX can
be configured to prevent the forwarding of any packets via the following
commands:
# adb -w /hp-ux /dev/kmem
ipforwarding/W 0
ipforwarding?W 0
^D
#
--- AIX
AIX cannot be configured to discard source routed packets destined for itself,
however can be configured to prevent the forwarding of source routed packets.
IP forwarding and forwarding of source routed packets specifically can be
turned off under AIX via the following commands:
To turn off forwarding of all packets:
# /usr/sbin/no -o ipforwarding=0
To turn off forwarding of source routed packets:
# /usr/sbin/no -o nonlocsrcroute=0
Note that these commands should be added to /etc/rc.net
If shutting off source routing is not possible and you are still using
services which rely on IP address authentication, they should be disabled
immediately (in.rshd, in.rlogind). in.rlogind is safe if .rhosts and
/etc/hosts.equiv are not used.
Attributions
~~~~~~~~~~~~
Thanks to Niels Provos <provos@physnet.uni-hamburg.de> for providing
the information and details of this attack. You can view his web
site at http://www.physnet.uni-hamburg.de/provos
Thanks to Theo de Raadt, the maintainer of OpenBSD for forwarding this
information to us. More information on OpenBSD can be found at
http://www.openbsd.org
Thanks to Keith Bostic <bostic@bsdi.com> for discussion and a quick
solution for BSD/OS.
Thanks to Brad Powell <brad.powell@west.sun.com> for providing information
for Solaris 2.x and SunOS 4.x operating systems.
Thanks go to CERT and AUSCERT for recommendations in this advisory.
You can contact the author of this advisory at oliver@secnet.com
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3ia
mQCNAzJATn0AAAEEAJeGbZyoCw14fCoAMeBRKiZ3L6JMbd9f4BtwdtYTwD42/Uz1
A/4UiRJzRLGhARpt1J06NVQEKXQDbejxGIGzAGTcyqUCKH6yNAncqoep3+PKIQJd
Kd23buvbk7yUgyVlqQHDDsW0zMKdlSO7rYByT6zsW0Rv5JmHJh/bLKAOe7p9AAUR
tCVPbGl2ZXIgRnJpZWRyaWNocyA8b2xpdmVyQHNlY25ldC5jb20+iQCVAwUQMkBO
fR/bLKAOe7p9AQEBOAQAkTXiBzf4a31cYYDFmiLWgXq0amQ2lsamdrQohIMEDXe8
45SoGwBzXHVh+gnXCQF2zLxaucKLG3SXPIg+nJWhFczX2Fo97HqdtFmx0Y5IyMgU
qRgK/j8KyJRdVliM1IkX8rf3Bn+ha3xn0yrWlTZMF9nL7iVPBsmgyMOuXwZ7ZB8=
=xq4f
-----END PGP PUBLIC KEY BLOCK-----
Copyright Notice
~~~~~~~~~~~~~~~~
The contents of this advisory are Copyright (C) 1997 Secure Networks Inc,
and may be distributed freely provided that no fee is charged for
distribution, and that proper credit is given.
You can find Secure Networks papers at ftp://ftp.secnet.com/pub/papers
and advisories at ftp://ftp.secnet.com/advisories
You can browse our web site at http://www.secnet.com
You can subscribe to our security advisory mailing list by sending mail to
majordomo@secnet.com with the line "subscribe sni-advisories"
accordion menu or extend the following way installation,
this menu from the abu Farhan
example:
you try to click on a category below
This script:
<script src="http://abu-farhan.com/script/acctoc/daftarisiv2-pack.js">Replace http://Your-Link.com/ with your link,.
</script>
<script src="http://Your-Link.com/feeds/posts/summary?max-results=1000&alt=json-in-script&callback=loadtoc">
</script>
<script type="text/javascript">
var accToc=true;
</script>
<script src="http://abu-farhan.com/script/acctoc/accordion-pack.js" type="text/javascript">
</script>
put on your blog with widgets menmbahkan script / text javascript
whatever you want in the store at the Manah in your log.
after complete store and see the results.
http://www.pcmag.com/article2/0,4149,1306756,00.asp
excl.gif No Active Links, Read the Rules - Edit by Ninja excl.gif
Google is clearly the best general-purpose search engine on the Web (see
www.pcmag.com/searchengines
But most people don't use it to its best advantage. Do you just plug in a keyword or two and hope for the best? That may be the quickest way to search, but with more than 3 billion pages in Google's index, it's still a struggle to pare results to a manageable number.
But Google is an remarkably powerful tool that can ease and enhance your Internet exploration. Google's search options go beyond simple keywords, the Web, and even its own programmers. Let's look at some of Google's lesser-known options.
Syntax Search Tricks
Using a special syntax is a way to tell Google that you want to restrict your searches to certain elements or characteristics of Web pages. Google has a fairly complete list of its syntax elements at
www.google.com/help/operators.html
. Here are some advanced operators that can help narrow down your search results.
Intitle: at the beginning of a query word or phrase (intitle:"Three Blind Mice") restricts your search results to just the titles of Web pages.
Intext: does the opposite of intitle:, searching only the body text, ignoring titles, links, and so forth. Intext: is perfect when what you're searching for might commonly appear in URLs. If you're looking for the term HTML, for example, and you don't want to get results such as
www.mysite.com/index.html
, you can enter intext:html.
Link: lets you see which pages are linking to your Web page or to another page you're interested in. For example, try typing in
link:http://www.pcmag.com
Try using site: (which restricts results to top-level domains) with intitle: to find certain types of pages. For example, get scholarly pages about Mark Twain by searching for intitle:"Mark Twain"site:edu. Experiment with mixing various elements; you'll develop several strategies for finding the stuff you want more effectively. The site: command is very helpful as an alternative to the mediocre search engines built into many sites.
Swiss Army Google
Google has a number of services that can help you accomplish tasks you may never have thought to use Google for. For example, the new calculator feature
(www.google.com/help/features.html#calculator)
lets you do both math and a variety of conversions from the search box. For extra fun, try the query "Answer to life the universe and everything."
Let Google help you figure out whether you've got the right spelling—and the right word—for your search. Enter a misspelled word or phrase into the query box (try "thre blund mise") and Google may suggest a proper spelling. This doesn't always succeed; it works best when the word you're searching for can be found in a dictionary. Once you search for a properly spelled word, look at the results page, which repeats your query. (If you're searching for "three blind mice," underneath the search window will appear a statement such as Searched the web for "three blind mice.") You'll discover that you can click on each word in your search phrase and get a definition from a dictionary.
Suppose you want to contact someone and don't have his phone number handy. Google can help you with that, too. Just enter a name, city, and state. (The city is optional, but you must enter a state.) If a phone number matches the listing, you'll see it at the top of the search results along with a map link to the address. If you'd rather restrict your results, use rphonebook: for residential listings or bphonebook: for business listings. If you'd rather use a search form for business phone listings, try Yellow Search
(www.buzztoolbox.com/google/yellowsearch.shtml).
Extended Googling
Google offers several services that give you a head start in focusing your search. Google Groups
(http://groups.google.com)
indexes literally millions of messages from decades of discussion on Usenet. Google even helps you with your shopping via two tools: Froogle
CODE
(http://froogle.google.com),
which indexes products from online stores, and Google Catalogs
CODE
(http://catalogs.google.com),
which features products from more 6,000 paper catalogs in a searchable index. And this only scratches the surface. You can get a complete list of Google's tools and services at
www.google.com/options/index.html
You're probably used to using Google in your browser. But have you ever thought of using Google outside your browser?
Google Alert
(www.googlealert.com)
monitors your search terms and e-mails you information about new additions to Google's Web index. (Google Alert is not affiliated with Google; it uses Google's Web services API to perform its searches.) If you're more interested in news stories than general Web content, check out the beta version of Google News Alerts
(www.google.com/newsalerts).
This service (which is affiliated with Google) will monitor up to 50 news queries per e-mail address and send you information about news stories that match your query. (Hint: Use the intitle: and source: syntax elements with Google News to limit the number of alerts you get.)
Google on the telephone? Yup. This service is brought to you by the folks at Google Labs
(http://labs.google.com),
a place for experimental Google ideas and features (which may come and go, so what's there at this writing might not be there when you decide to check it out). With Google Voice Search
(http://labs1.google.com/gvs.html),
you dial the Voice Search phone number, speak your keywords, and then click on the indicated link. Every time you say a new search term, the results page will refresh with your new query (you must have JavaScript enabled for this to work). Remember, this service is still in an experimental phase, so don't expect 100 percent success.
In 2002, Google released the Google API (application programming interface), a way for programmers to access Google's search engine results without violating the Google Terms of Service. A lot of people have created useful (and occasionally not-so-useful but interesting) applications not available from Google itself, such as Google Alert. For many applications, you'll need an API key, which is available free from
CODE
www.google.com/apis
. See the figures for two more examples, and visit
www.pcmag.com/solutions
for more.
Thanks to its many different search properties, Google goes far beyond a regular search engine. Give the tricks in this article a try. You'll be amazed at how many different ways Google can improve your Internet searching.
Online Extra: More Google Tips
Here are a few more clever ways to tweak your Google searches.
Search Within a Timeframe
Daterange: (start date–end date). You can restrict your searches to pages that were indexed within a certain time period. Daterange: searches by when Google indexed a page, not when the page itself was created. This operator can help you ensure that results will have fresh content (by using recent dates), or you can use it to avoid a topic's current-news blizzard and concentrate only on older results. Daterange: is actually more useful if you go elsewhere to take advantage of it, because daterange: requires Julian dates, not standard Gregorian dates. You can find converters on the Web (such as
CODE
http://aa.usno.navy.mil/data/docs/JulianDate.html
excl.gif No Active Links, Read the Rules - Edit by Ninja excl.gif
), but an easier way is to do a Google daterange: search by filling in a form at
www.researchbuzz.com/toolbox/goofresh.shtml or www.faganfinder.com/engines/google.shtml
. If one special syntax element is good, two must be better, right? Sometimes. Though some operators can't be mixed (you can't use the link: operator with anything else) many can be, quickly narrowing your results to a less overwhelming number.
More Google API Applications
Staggernation.com offers three tools based on the Google API. The Google API Web Search by Host (GAWSH) lists the Web hosts of the results for a given query
(www.staggernation.com/gawsh/).
When you click on the triangle next to each host, you get a list of results for that host. The Google API Relation Browsing Outliner (GARBO) is a little more complicated: You enter a URL and choose whether you want pages that related to the URL or linked to the URL
(www.staggernation.com/garbo/).
Click on the triangle next to an URL to get a list of pages linked or related to that particular URL. CapeMail is an e-mail search application that allows you to send an e-mail to google@capeclear.com with the text of your query in the subject line and get the first ten results for that query back. Maybe it's not something you'd do every day, but if your cell phone does e-mail and doesn't do Web browsing, this is a very handy address to know.
Source:
CODE
http://www.extrememhz.com/dlcomp-p1.shtml
Since the introduction of double layer DVD writers, the interest has been quite overwhelming and is why we keep bringing you reviews of these highly popular drives. The anticipation has now turned into down right obsession and it has become a key component in any current or new system build, thanks to the declining prices and continued media hype. Manufacturers are quite aware of the fascination and is why they have each been releasing their own products which excel in at least one area of the testing methodology used in most reviews. This has led to some confusion as to which drive is best suited for the individuals needs. Today, we compare four 16x double layer drives and highlight both the strong and weak points in order to give you a better idea of which drive is best suited for you.
In this comparison guide, we will be looking at four of the top 16x drives to hit the market, the Pioneer DVR-108, NEC ND3500A, Lite-On SOHW-1633s and the new LG GSA-4160B. We will cover everything from design and features to performance and price. Let's begin with a quick look at each of these drives.
As far as the front bezel design goes, the LG-GSA4160B is by far the most attractive drive of the bunch. However, for those who are looking for a headphone jack, the Lite-On drive is the only DL writer offering a headphone jack, as well as volume control. The Pioneer and NEC drives, in my opinion, are the ugliest drives, with a very plain look that just wants to make you hide the drive period. Although we only obtained the 4160B in black, all these drives are offered with both white and black bezels. If you opt for the more expensive Pioneer "XL" model, it has the most impressive looks of any drive in the market. However, this will come at a very hefty price tag, considering they contain different firmware as well that offer a few extra features.
So, we have determined which is the sexiest-looking drive, but what about performance? I've done some extensive testing on each model to determine which is indeed the most impressive of the bunch. But before we show you performance results, let's briefly look at the features and what they have to offer.
Features
Each one of these drives has there disappointments when it comes to features. Let's compare each to see what they really offer.
DVD Writing
DVD+R DVD-R DVD+RW DVD-RW
LG GSA-4160B 16x 8x 4x 4x
Lite-On SOHW-1633s 16x 8x 4x 4x
NEC ND-3500A 16x 16x 4x 4x
Pioneer DVR-108 16x 16x 4x 4x
While all these drives are indeed 16x models, only two will write to both formats at this speed. The LG GSA-4160B and the Lite-On SOHW-1633s only support 8x DVD-R writing. So if you are one who only prefers this format, the NEC or Pioneer would be the best choice. All of these drives support writing to DVD re-writable media at 4x.
DVD+R9 Double Layer Writing
Write Speed
LG GSA-4160B 2.4x
Lite-On SOHW-1633s 2.4x
NEC ND-3500A 4x
Pioneer DVR-108 4x
The major disappointment with both the LG and the Lite-On 16x drives is the lack of 4x double layer writing support. Pioneer and NEC seem to be the only manufacturers to jump in and release second generation double layer drives supporting much faster 4x writing. In fact, the jump from 2.4x to 4x is quite substantial as we will show you a bit later in this comparison.
DVD-RAM Support
Supported Read Write
LG GSA-4160B YES 5x 5x
Lite-On SOHW-1633s NO NO NO
NEC ND-3500A NO NO NO
Pioneer DVR-108 YES 2x NO
Now this is where both the LG GSA-4120B and GSA-4160B shine above the rest. In fact, it is what has made these drives the most popular DVD writers on the market. Unlike the rest in the roundup, it is a triple format burner, offering full support for DVD-RAM media. The other drives do not support it, with the exception of the Pioneer DVR-108 which supports reading of DVD-RAM discs at 2x. I personally don't see the point in offering only read capabilities, but it's at least one extra feature added to distinguish it from the rest. Fast 5x support of the LG GSA-4160 will actually be tested a bit later in this article.
CDR Writing
CDR CDRW
LG GSA-4160B 40x 24x
Lite-On SOHW-1633s 48x 24x
NEC ND-3500A 48x 24x
Pioneer DVR-108 32x 24x
The fastest CDR writers of the bunch are the Lite-On SOHW-1633s and the NEC ND-3500A. With their support for 48x writing, they make a great all-in-one drive for many users. The only drive lacking in this lineup is the Pioneer DVR-108. Why they opted for only 32x writing is still quite puzzling and is actually why I have found that many are choosing the NEC over the Pioneer. The LG GSA-4160B should not be left out of consideration though. We will show you later that the difference in write times between 40x and 48x is not much to brag about.
Bitsetting Support
One feature I've found that is most important for many users is bitsetting support. Let's compare these drives and see what they offer.
DVD+R/RW Support DVD+R DL Support
LG GSA-4160B NO NO
Lite-On SOHW-1633s YES NO
NEC ND-3500A NO YES
Pioneer DVR-108 NO YES
The LG GSA-4160B does not offer bitsetting support out of the box. However, it is very likely that you will be able to obtain support through an excellent third-party tool called DVDInfo Pro. Right now, they only support the GSA-4120B, but I'm confident with the author that support for this drive will be likely. LG firmware is very hard to hack, however some select few have been able to do so. Using Lite-On's booktype utility, you can change the booktype of DVD+R/RW media, however, the firmware does not automatically change booktype of DVD+R DL discs to DVD-ROM like the NEC and Pioneer models do.
Additional Features
As far as other features go, all these drives have a 2MB buffer but offer some sort of buffer under-run protection, which all work exceptionally well. This is especially useful if you will be burning discs at 16x, which I personally don't recommend just yet. As our individual tests of these drives revealed, burning at this speed is quite unstable, with the exception of the Lite-On SOHW-1633s.
Over the past few years TCP sequence number prediction attacks have become a
real threat against unprotected networks, taking advantage of the inherent
trust relationships present in many network installations. TCP sequence
number prediction attacks have most commonly been implemented by opening a
series of connections to the target host, and attempting to predict the
sequence number which will be used next. Many operating systems have
therefore attempted to solve this problem by implementing a method of
generating sequence numbers in unpredictable fashions. This method does
not solve the problem.
This advisory introduces an alternative method of obtaining the initial
sequence number from some common trusted services. The attack presented here
does not require the attacker to open multiple connections, or flood a port
on the trusted host to complete the attack. The only requirement is that
source routed packets can be injected into the target network with fake
source addresses.
This advisory assumes that the reader already has an understanding of how
TCP sequence number prediction attacks are implemented.
The impact of this advisory is greatly diminished due to the large number of
organizations which block source routed packets and packets with addresses
inside of their networks. Therefore we present the information as more of
a 'heads up' message for the technically inclined, and to re-iterate that
the randomization of TCP sequence numbers is not an effective solution
against this attack.
Technical Details
~~~~~~~~~~~~~~~~~
The problem occurs when particular network daemons accept connections
with source routing enabled, and proceed to disable any source routing
options on the connection. The connection is allowed to continue, however
the reverse route is no longer used. An example attack can launched against
the in.rshd daemon, which on most systems will retrieve the socket options
via getsockopt() and then turn off any dangerous options via setsockopt().
An example attack follows.
Host A is the trusted host
Host B is the target host
Host C is the attacker
Host C initiates a source routed connection to in.rshd on host B, pretending
to be host A.
Host C spoofing Host A <SYN> --> Host B in.rshd
Host B receives the initial SYN packet, creates a new PCB (protocol
control block) and associates the route with the PCB. Host B responds,
using the reverse route, sending back a SYN/ACK with the sequence number.
Host C spoofing Host A <-- <SYN/ACK> Host B in.rshd
Host C responds, still spoofing host A, acknowledging the sequence number.
Source routing options are not required on this packet.
Host C spoofing Host A <ACK> --> Host B in.rshd
We now have an established connection, the accept() call completes, and
control is now passed to the in.rshd daemon. The daemon now does IP
options checking and determines that we have initiated a source routed
connection. The daemon now turns off this option, and any packets sent
thereafter will be sent to the real host A, no longer using the reverse
route which we have specified. Normally this would be safe, however the
attacking host now knows what the next sequence number will be. Knowing
this sequence number, we can now send a spoofed packet without the source
routing options enabled, pretending to originate from Host A, and our
command will be executed.
In some conditions the flooding of a port on the real host A is required
if larger ammounts of data are sent, to prevent the real host A from
responding with an RST. This is not required in most cases when performing
this attack against in.rshd due to the small ammount of data transmitted.
It should be noted that the sequence number is obtained before accept()
has returned and that this cannot be prevented without turning off source
routing in the kernel.
As a side note, we're very lucky that TCP only associates a source route with
a PCB when the initial SYN is received. If it accepted and changed the ip
options at any point during a connection, more exotic attacks may be possible.
These could include hijacking connections across the internet without playing
a man in the middle attack and being able to bypass IP options checking
imposed by daemons using getsockopt(). Luckily *BSD based TCP/IP stacks will
not do this, however it would be interesting to examine other implementations.
Impact
~~~~~~
The impact of this attack is similar to the more complex TCP sequence
number prediction attack, yet it involves fewer steps, and does not require
us to 'guess' the sequence number. This allows an attacker to execute
arbitrary commands as root, depending on the configuration of the target
system. It is required that trust is present here, as an example, the use
of .rhosts or hosts.equiv files.
Solutions
~~~~~~~~~
The ideal solution to this problem is to have any services which rely on
IP based authentication drop the connection completely when initially
detecting that source routed options are present. Network administrators
and users can take precautions to prevent users outside of their network
from taking advantage of this problem. The solutions are hopefully already
either implemented or being implemented.
1. Block any source routed connections into your networks
2. Block any packets with internal based address from entering your network.
Network administrators should be aware that these attacks can easily be
launched from behind filtering routers and firewalls. Internet service
providers and corporations should ensure that internal users cannot launch
the described attacks. The precautions suggested above should be implemented
to protect internal networks.
Example code to correctly process source routed packets is presented here
as an example. Please let us know if there are any problems with it.
This code has been tested on BSD based operating systems.
u_char optbuf[BUFSIZ/3];
int optsize = sizeof(optbuf), ipproto, i;
struct protoent *ip;
if ((ip = getprotobyname("ip")) != NULL)
ipproto = ip->p_proto;
else
ipproto = IPPROTO_IP;
if (!getsockopt(0, ipproto, IP_OPTIONS, (char *)optbuf, &optsize) &&
optsize != 0) {
for (i = 0; i < optsize; ) {
u_char c = optbuf[i];
if (c == IPOPT_LSRR || c == IPOPT_SSRR)
exit(1);
if (c == IPOPT_EOL)
break;
i += (c == IPOPT_NOP) ? 1 : optbuf[i+1];
}
}
One critical concern is in the case where TCP wrappers are being used. If
a user is relying on TCP wrappers, the above fix should be incorporated into
fix_options.c. The problem being that TCP wrappers itself does not close
the connection, however removes the options via setsockopt(). In this case
when control is passed to in.rshd, it will never see any options present,
and the connection will remain open (even if in.rshd has the above patch
incorporated). An option to completely drop source routed connections will
hopefully be provided in the next release of TCP wrappers. The other option
is to undefine KILL_IP_OPTIONS, which appears to be undefined by default.
This passes through IP options and allows the called daemon to handle them
accordingly.
Disabling Source Routing
~~~~~~~~~~~~~~~~~~~~~~~~
We believe the following information to be accurate, however it is not
guaranteed.
--- Cisco
To have the router discard any datagram containing an IP source route option
issue the following command:
no ip source-route
This is a global configuration option.
--- NetBSD
Versions of NetBSD prior to 1.2 did not provide the capability for disabling
source routing. Other versions ship with source routing ENABLED by default.
We do not know of a way to prevent NetBSD from accepting source routed packets.
NetBSD systems, however, can be configured to prevent the forwarding of packets
when acting as a gateway.
To determine whether forwarding of source routed packets is enabled,
issue the following command:
# sysctl net.inet.ip.forwarding
# sysctl net.inet.ip.forwsrcrt
The response will be either 0 or 1, 0 meaning off, and 1 meaning it is on.
Forwarding of source routed packets can be turned off via:
# sysctl -w net.inet.ip.forwsrcrt=0
Forwarding of all packets in general can turned off via:
# sysctl -w net.inet.ip.forwarding=0
--- BSD/OS
BSDI has made a patch availible for rshd, rlogind, tcpd and nfsd. This
patch is availible at:
ftp://ftp.bsdi.com/bsdi/patches/patches-2.1
OR via their patches email server <patches@bsdi.com>
The patch number is
U210-037 (normal version)
D210-037 (domestic version for sites running kerberized version)
BSD/OS 2.1 has source routing disabled by default
Previous versions ship with source routing ENABLED by default. As far as
we know, BSD/OS cannot be configured to drop source routed packets destined
for itself, however can be configured to prevent the forwarding of such
packets when acting as a gateway.
To determine whether forwarding of source routed packets is enabled,
issue the following command:
# sysctl net.inet.ip.forwarding
# sysctl net.inet.ip.forwsrcrt
The response will be either 0 or 1, 0 meaning off, and 1 meaning it is on.
Forwarding of source routed packets can be turned off via:
# sysctl -w net.inet.ip.forwsrcrt=0
Forwarding of all packets in general can turned off via:
# sysctl -w net.inet.ip.forwarding=0
--- OpenBSD
Ships with source routing turned off by default. To determine whether source
routing is enabled, the following command can be issued:
# sysctl net.inet.ip.sourceroute
The response will be either 0 or 1, 0 meaning that source routing is off,
and 1 meaning it is on. If source routing has been turned on, turn off via:
# sysctl -w net.inet.ip.sourceroute=0
This will prevent OpenBSD from forwarding and accepting any source routed
packets.
--- FreeBSD
Ships with source routing turned off by default. To determine whether source
routing is enabled, the following command can be issued:
# sysctl net.inet.ip.sourceroute
The response will be either 0 or 1, 0 meaning that source routing is off,
and 1 meaning it is on. If source routing has been turned on, turn off via:
# sysctl -w net.inet.ip.sourceroute=0
--- Linux
Linux by default has source routing disabled in the kernel.
--- Solaris 2.x
Ships with source routing enabled by default. Solaris 2.5.1 is one of the
few commercial operating systems that does have unpredictable sequence
numbers, which does not help in this attack.
We know of no method to prevent Solaris from accepting source routed
connections, however, Solaris systems acting as gateways can be prevented
from forwarding any source routed packets via the following commands:
# ndd -set /dev/ip ip_forward_src_routed 0
You can prevent forwarding of all packets via:
# ndd -set /dev/ip ip_forwarding 0
These commands can be added to /etc/rc2.d/S69inet to take effect at bootup.
--- SunOS 4.x
We know of no method to prevent SunOS from accepting source routed
connections, however a patch is availible to prevent SunOS systems from
forwarding source routed packets.
This patch is availible at:
ftp://ftp.secnet.com/pub/patches/source-routing-patch.tar.gz
To configure SunOS to prevent forwarding of all packets, the following
command can be issued:
# echo "ip_forwarding/w 0" | adb -k -w /vmunix /dev/mem
# echo "ip_forwarding?w 0" | adb -k -w /vmunix /dev/mem
The first command turns off packet forwarding in /dev/mem, the second in
/vmunix.
--- HP-UX
HP-UX does not appear to have options for configuring an HP-UX system to
prevent accepting or forwarding of source routed packets. HP-UX has IP
forwarding turned on by default and should be turned off if acting as a
firewall. To determine whether IP forwarding is currently on, the following
command can be issued:
# adb /hp-ux
ipforwarding?X <- user input
ipforwarding:
ipforwarding: 1
#
A response of 1 indicates IP forwarding is ON, 0 indicates off. HP-UX can
be configured to prevent the forwarding of any packets via the following
commands:
# adb -w /hp-ux /dev/kmem
ipforwarding/W 0
ipforwarding?W 0
^D
#
--- AIX
AIX cannot be configured to discard source routed packets destined for itself,
however can be configured to prevent the forwarding of source routed packets.
IP forwarding and forwarding of source routed packets specifically can be
turned off under AIX via the following commands:
To turn off forwarding of all packets:
# /usr/sbin/no -o ipforwarding=0
To turn off forwarding of source routed packets:
# /usr/sbin/no -o nonlocsrcroute=0
Note that these commands should be added to /etc/rc.net
If shutting off source routing is not possible and you are still using
services which rely on IP address authentication, they should be disabled
immediately (in.rshd, in.rlogind). in.rlogind is safe if .rhosts and
/etc/hosts.equiv are not used.
Attributions
~~~~~~~~~~~~
Thanks to Niels Provos <provos@physnet.uni-hamburg.de> for providing
the information and details of this attack. You can view his web
site at http://www.physnet.uni-hamburg.de/provos
Thanks to Theo de Raadt, the maintainer of OpenBSD for forwarding this
information to us. More information on OpenBSD can be found at
http://www.openbsd.org
Thanks to Keith Bostic <bostic@bsdi.com> for discussion and a quick
solution for BSD/OS.
Thanks to Brad Powell <brad.powell@west.sun.com> for providing information
for Solaris 2.x and SunOS 4.x operating systems.
Thanks go to CERT and AUSCERT for recommendations in this advisory.
You can contact the author of this advisory at oliver@secnet.com
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.3ia
mQCNAzJATn0AAAEEAJeGbZyoCw14fCoAMeBRKiZ3L6JMbd9f4BtwdtYTwD42/Uz1
A/4UiRJzRLGhARpt1J06NVQEKXQDbejxGIGzAGTcyqUCKH6yNAncqoep3+PKIQJd
Kd23buvbk7yUgyVlqQHDDsW0zMKdlSO7rYByT6zsW0Rv5JmHJh/bLKAOe7p9AAUR
tCVPbGl2ZXIgRnJpZWRyaWNocyA8b2xpdmVyQHNlY25ldC5jb20+iQCVAwUQMkBO
fR/bLKAOe7p9AQEBOAQAkTXiBzf4a31cYYDFmiLWgXq0amQ2lsamdrQohIMEDXe8
45SoGwBzXHVh+gnXCQF2zLxaucKLG3SXPIg+nJWhFczX2Fo97HqdtFmx0Y5IyMgU
qRgK/j8KyJRdVliM1IkX8rf3Bn+ha3xn0yrWlTZMF9nL7iVPBsmgyMOuXwZ7ZB8=
=xq4f
-----END PGP PUBLIC KEY BLOCK-----
Copyright Notice
~~~~~~~~~~~~~~~~
The contents of this advisory are Copyright (C) 1997 Secure Networks Inc,
and may be distributed freely provided that no fee is charged for
distribution, and that proper credit is given.
You can find Secure Networks papers at ftp://ftp.secnet.com/pub/papers
and advisories at ftp://ftp.secnet.com/advisories
You can browse our web site at http://www.secnet.com
You can subscribe to our security advisory mailing list by sending mail to
majordomo@secnet.com with the line "subscribe sni-advisories"
· Getting Started window for new or inexperienced users.
· User-friendly Microsoft Office 2007-style interface.
· In-depth help documentation.
· Industry leading customer support services.
http://?can6vyiq5lqttdg
http://file/can6vyiq5lqttdg/Nitro.PDF.Professional.6.1.2.1.devilsfunhouse.org.rar
====================================================================
http://download/13476930/Nitro.PDF.Professional-Crack.rar.html
new features:
Change your language easily
High-quality video calls
New ways to sort your contacts
See your friends’ latest updates from Yahoo!, Flickr, Twitter and more with the new “Updates” view
Hello friends
May be this might be useful. I install 98 with backup/restore utility.
My way of auto installation of XP.
Then on second partition or the same partition XP without pagefile.sys.
Then i get a dual boot. So after booting into XP, Install all ur fav progies
n games. Test each of them, to make sure they work... etc etc... all
ur drivers also. Tweak ur xp.
make sure u unhide all files relates to win xp dir and progra files.
Then boot into 98 > goto backup utility of 98.
Select the folders used by XP, eg
my documents and settings
winxp (or windows- what ever name u gave to windows dir)
check all files in the root
program files folder
and like this all folders and files used by xp.
then start the backup process.
make sure u have ~ > 3gb of free space on the disk / partition
u r planning to save the image file.
Then when ur XP crashes or U crash it ... lol
then just boot into 98, goto restore option,
and click ok. Over write old files or new ones as u like.
It takes ~20min to install
Windows Xp including
Office Xp
Interdev
.net framework
winzip
winrar
tweaks
easy cleaner
adobe
gif animator
acdess 6
service pack1 , and now service pack 2b
lan settings
mcafee antivirus
zone alarm
cute ftp3 pro
Easy CD-DA Extractor 7
Eraser
Ahead
Links Organizer
Bulk Rename Utility
BitStrike Software
Mozilla Firefox
Microsoft Visual Studio
Opera
Onlinetimer
Nokia
Ulead Systems
UltraISO
Virtual CD v4
SlimBrowser
Yahoo!
Msn
Webroot
Spamihilator
inetpub
U can exclude any folder, u think is not needed at that time for reinstallation.
The whole task id completed in 20 minutes ... in the mean while
I make a nice cup of tea for myself and wait for XP to start
PS: dont forget to include boot.ini file.
Hope it will help.
Xp Folder View Does Not Stay To You're Setting., Grab your registry editor and join in
Why Doesn't Windows Remember My Folder View Settings?
If you've changed the view settings for a folder, but Windows "forgets" the settings when you open the folder again, or if Windows doesn't seem to remember the size or position of your folder window when you reopen it, this could be caused by the default limitation on storing view settings data in the registry; by default Windows only remembers settings for a total of 200 local folders and 200 network folders.
To work around this problem, create a BagMRU Size DWORD value in both of the following registry keys, and then set the value data for both values to the number of folders that you want Windows to remember the settings for. For example, for Windows to remember the settings for 5000 local folders and 5000 network folders, set both values to 5000.
Here is how:
Follow these steps, and then quit Registry Editor:
1. Click Start, click Run, type regedit, and then click OK.
2. Locate and then click the following key in the registry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\Shell
3. On the Edit menu, point to New, and then click DWORD Value.
4. Type BagMRU Size, and then press ENTER.
5. On the Edit menu, click Modify.
6. Type 5000, and then click OK.
AND:
1. Locate and then click the following key in the registry:
HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam
2. On the Edit menu, point to New, and then click DWORD Value.
3. Type BagMRU Size, and then press ENTER.
4. On the Edit menu, click Modify.
5. Type 5000, and then click OK.
Note:
When you use roaming user profiles, registry information is copied to a server when you log off and copied to your local computer when you log on. Therefore, you may have performance issues if you increase the BagMRU Size values for roaming user profiles.
XP REPAIR INSTALL
1. Boot the computer using the XP CD. You may need to change the
boot order in the system BIOS. Check your system documentation
for steps to access the BIOS and change the boot order.
2. When you see the "Welcome To Setup" screen, you will see the
options below This portion of the Setup program prepares Microsoft
Windows XP to run on your computer:
To setup Windows XP now, press ENTER.
To repair a Windows XP installation using Recovery Console, press R.
To quit Setup without installing Windows XP, press F3.
3. Press Enter to start the Windows Setup.
do not choose "To repair a Windows XP installation using the
Recovery Console, press R", (you do not want to load Recovery
Console). I repeat, do not choose "To repair a Windows XP
installation using the Recovery Console, press R".
4. Accept the License Agreement and Windows will search for existing
Windows installations.
5. Select the XP installation you want to repair from the list and
press R to start the repair. If Repair is not one of the options,
read this Warning!!
6. Setup will copy the necessary files to the hard drive and reboot.
Do not press any key to boot from CD when the message appears.
Setup will continue as if it were doing a clean install, but your
applications and settings will remain intact.
Blaster worm warning: Do not immediately activate over the internet
when asked, enable the XP firewall
[ http://support.microsoft.com/?kbid=283673 ]
before connecting to the internet. You can activate after the
firewall is enabled. Control Panel - Network Connections. Right click
the connection you use, Properties, and there is a check box on the
Advanced [ http://michaelstevenstech.com/xpfirewall1.jpg ] page.
7. Reapply updates or service packs applied since initial Windows XP
installation. Please note that a Repair Install from the Original
install XP CD will remove SP1/SP2 and service packs will need to be
reapplied.
Service Pack 2
http://www.microsoft.com/downloads/details.aspx?FamilyId=049C9DBE-3B8E-
4F30-8245-9E368D3CDB5A&displaylang=en
An option I highly recommend is creating a Slipstreamed XP CD with SP2.
Slipstreaming Windows XP with Service Pack 2 (SP2)
http://www.winsupersite.com/showcase/windowsxp_sp2_slipstream.asp
______________________________________________________________________
Warning!!
If the option to Repair Install is not available and you continue
with the install;you will delete your Windows folder and Documents
and Settings folder. All applications that place keys in the registry
will need to be re-installed. You should exit setup if the repair
option is not available and consider other options.
Try the link below if the repair option is not available.
Windows XP Crashed?
http://www.digitalwebcast.com/2002/03_mar/tutorials/cw_boot_toot.htm
Here's Help.
A salvage mission into the depths of Windows XP, explained by a
non-geek
by Charlie White
http://www.digitalwebcast.com/2002/03_mar/tutorials/cw_boot_toot.htm
Related links
You May Lose Data or Program Settings After Reinstalling, Repairing,
or Upgrading Windows XP (Q312369)
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q312369
System Restore "Restore Points" Are Missing or Deleted (Q301224)
http://support.microsoft.com/default.aspx?scid=kb;en-us;Q301224
How to Perform an In-Place Upgrade (Reinstallation) of Windows XP
(Q315341)
http://support.microsoft.com/search/preview.aspx?scid=kb;en-us;Q315341
Warning!! If the Repair Option is not Available
What should I do? Most important do not ignore the information below!
If the option to Repair Install is NOT available and you continue
with the install; you will delete your Windows folder, Documents and
Settings folders. All Applications that place keys in the registry
will need to be re-installed.
You should exit setup if the repair option is not available and
consider other options. I have found if the Repair option is not
available, XP is usually not repairable and will require a Clean
install.http://michaelstevenstech.com/cleanxpinstall.html
If you still have the ability to access the Windows XP installation,
backup all important files not restorable from other sources before
attempting any recovery console trouble shooting attempts.
Possible Fix by reconfiguring boot.ini using Recovery Console.
1.Boot with XP CD or 6 floppy boot disk set.
2. Press R to load the Recovery Console.
3. Type bootcfg.
4. This should fix any boot.ini errors causing setup not to see the
XP OS install.
5. Try the repair install.
One more suggestion from MVP Alex Nichol
"Reboot, this time taking the immediate R option, and if the CD
letter is say K: give these commands
COPY K:\i386\ntldr C:\
COPY K:\i386\ntdetect.com C:\
(two other files needed - just in case)
1. Type: ATTRIB -H -R -S C:\boot.ini DEL C:\boot.ini
2. Type: BootCfg /Rebuild
which will get rid of any damaged boot.ini, search the disk for
systems and make a new one. This might even result in a damaged
windows reappearing; but gives another chance of getting at the
repair"
Feedback on success or failure of the above fixes would be greatly
appreciated.
Feedback on success or failure of the above fix would be greatly
appreciated.
xpnews@michaelstevenstech.com
Michael Stevens MS-MVP XP
Publishing of this document without permission of the author is
forbidden.
4-29-2003
Revised 11-05-2004
Win XP Tweaks
-----------
STARTUP
-----------
Windows Prefetcher
******************
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ Session Manager \ Memory Management \ PrefetchParameters]
Under this key there is a setting called EnablePrefetcher, the default setting of which is 3. Increasing this number to 5 gives the prefetcher system more system resources to prefetch application data for faster load times. Depending on the number of boot processes you run on your computer, you may get benefits from settings up to 9. However, I do not have any substantive research data on settings above 5 so I cannot verify the benefits of a higher setting. This setting also may effect the loading times of your most frequently launched applications. This setting will not take effect until after you reboot your system.
Master File Table Zone Reservation
**********************************
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ FileSystem]
Under this key there is a setting called NtfsMftZoneReservation, the default setting of which is 1. The range of this value is from 1 to 4. The default setting reserves one-eighth of the volume for the MFT. A setting of 2 reserves one-quarter of the volume for the MFT. A setting of 3 for NtfsMftZoneReservation reserves three-eighths of the volume for the MFT and setting it to 4 reserves half of the volume for the MFT. Most users will never exceed one-quarter of the volume. I recommend a setting of 2 for most users. This allows for a "moderate number of files" commensurate with the number of small files included in most computer games and applications. Reboot after applying this tweak.
Optimize Boot Files
*******************
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Dfrg \ BootOptimizeFunction]
Under this key is a text value named Enable. A value of Y for this setting enables the boot files defragmenter. This setting defragments the boot files and may move the boot files to the beginning (fastest) part of the partition, but that last statement is unverified. Reboot after applying this tweak.
Optimizing Startup Programs [msconfig]
**************************************
MSConfig, similar to the application included in Win9x of the same name, allows the user to fine tune the applications that are launched at startup without forcing the user to delve deep into the registry. To disable some of the applications launched, load msconfig.exe from the run command line, and go to the Startup tab. From there, un-ticking the checkbox next to a startup item will stop it from launching. There are a few application that you will never want to disable (ctfmon comes to mind), but for the most part the best settings vary greatly from system to system.
As a good rule of thumb, though, it is unlikely that you will want to disable anything in the Windows directory (unless it's a third-party program that was incorrectly installed into the Windows directory), nor will you want to disable anything directly relating to your system hardware. The only exception to this is when you are dealing with software, which does not give you any added benefits (some OEM dealers load your system up with software you do not need). The nice part of msconfig is that it does not delete any of the settings, it simply disables them, and so you can go back and restart a startup application if you find that you need it. This optimization won't take effect until after a reboot.
Bootvis Application
*******************
The program was designed by Microsoft to enable Windows XP to cold boot in 30 seconds, return from hibernation in 20 seconds, and return from standby in 10 seconds. Bootvis has two extremely useful features. First, it can be used to optimize the boot process on your computer automatically. Second, it can be used to analyze the boot process for specific subsystems that are having difficulty loading. The first process specifically targets the prefetching subsystem, as well as the layout of boot files on the disk. When both of these systems are optimized, it can result in a significant reduction in the time it takes for the computer to boot.
Before attempting to use Bootvis to analyze or optimize the boot performance of your system, make sure that the task scheduler service has been enabled – the program requires the service to run properly. Also, close all open programs as well – using the software requires a reboot.
To use the software to optimize your system startup, first start with a full analysis of a fresh boot. Start Bootvis, go to the Tools menu, and select next boot. Set the Trace Repetition Settings to 2 repetitions, Start at 1, and Reboot automatically. Then set the trace into motion. The system will fully reboot twice, and then reopen bootvis and open the second trace file (should have _2 in the name). Analyze the graphs and make any changes that you think are necessary (this is a great tool for determining which startup programs you want to kill using msconfig). Once you have made your optimizations go to the Trace menu, and select the Optimize System item. This will cause the system to reboot and will then make some changes to the file structure on the hard drive (this includes a defragmentation of boot files and a shifting of their location to the fastest portion of the hard disk, as well as some other optimizations). After this is done, once again run a Trace analysis as above, except change the starting number to 3. Once the system has rebooted both times, compare the charts from the second trace to the charts for the fourth trace to show you the time improvement of the system's boot up.
The standard defragmenter included with Windows XP will not undo the boot optimizations performed by this application.
-----------------------------------
General Performance Tweaks
-----------------------------------
IRQ Priority Tweak
******************
[HKEY_LOCAL_MACHINE \ System \ CurrentControlSet \ Control \ PriorityControl]
You will need to create a new DWORD: IRQ#Priority (where # is the number of the IRQ you want to prioritize) and give it a setting of 1. This setting gives the requisite IRQ channel priority over the other IRQs on a software level. This can be extremely important for functions and hardware subsystems that need real-time access to other parts of the system. There are several different subsystems that might benefit from this tweak. Generally, I recommend giving either the System CMOS or the video card priority. The System CMOS generally has an IRQ setting of 8, and giving it priority enhances the I/O performance of the system. Giving priority to the video card can increase frame rates and make AGP more effective.
You can give several IRQs priority, but I am not entirely certain how the system interacts when several IRQs are given priority – it may cause random instabilities in the system, although it is more likely that there's a parsing system built into Windows XP to handle such an occurrence. Either way, I would not recommend it.
QoS tweak
*********
QoS (Quality of Service) is a networking subsystem which is supposed to insure that the network runs properly. The problem with the system is that it eats up 20% of the total bandwidth of any networking service on the computer (including your internet connection). If you are running XP Professional, you can disable the bandwidth quota reserved for the system using the Group Policy Editor [gpedit.msc].
You can run the group policy editor from the Run command line. To find the setting, expand "Local Computer Policy" and go to "Administrative Templates" under "Computer Configuration." Then find the "Network" branch and select "QoS Packet Scheduler." In the right hand box, double click on the "Limit Reservable Bandwidth." From within the Settings tab, enable the setting and then go into the "Bandwidth Limit %" and set it to 0%. The reason for this is that if you disable this setting, the computer defaults to 20%. This is true even when you aren't using QoS.
Free Idle Tasks Tweak
*********************
This tweak will free up processing time from any idle processes and allow it to be used by the foreground application. It is useful particularly if you are running a game or other 3D application. Create a new shortcut to "Rundll32.exe advapi32.dll,ProcessIdleTasks" and place it on your desktop. Double-click on it anytime you need all of your processing power, before opening the application.
Windows Indexing Services
Windows Indexing Services creates a searchable database that makes system searches for words and files progress much faster – however, it takes an enormous amount of hard drive space as well as a significant amount of extra CPU cycles to maintain the system. Most users will want to disable this service to release the resources for use by the system. To turn off indexing, open My Computer and right click on the drive on which you wish to disable the Indexing Service. Enter the drive's properties and under the general tab, untick the box for "Allow the Indexing Service to index this disk for fast file searching."
Priority Tweak
**************
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ PriorityControl]
This setting effectively runs each instance of an application in its own process for significantly faster application performance and greater stability. This is extremely useful for users with stability problems, as it can isolate specific instances of a program so as not to bring down the entire application. And, it is particularly useful for users of Internet Explorer, for if a rogue web page crashes your browser window, it does not bring the other browser windows down with it. It has a similar effect on any software package where multiple instances might be running at once, such as Microsoft Word. The only problem is that this takes up significantly more memory, because such instances of a program cannot share information that is in active memory (many DLLs and such will have to be loaded into memory multiple times). Because of this, it is not recommended for anyone with less than 512 MB of RAM, unless they are running beta software (or have some other reason for needing the added stability).
There are two parts to this tweak. First is to optimize XP's priority control for the processes. Browse to HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ PriorityControl and set the "Win32PrioritySeparation" DWORD to 38. Next, go into My Computer and under Tools, open the Folder Options menu. Select the View tab and check the "Launch folder windows in separate process" box. This setting actually forces each window into its own memory tread and gives it a separate process priority.
Powertweak application
**********************
xxx.powertweak.com
Powertweak is an application, which acts much like a driver for our chipsets. It optimizes the communication between the chipset and the CPU, and unlocks several "hidden" features of the chipset that can increase the speed of the system. Specifically, it tweaks the internal registers of the chipset and processor that the BIOS does not for better communication performance between subsystems. Supported CPUs and chipsets can see a significant increase in I/O bandwidth, increasing the speed of the entire system. Currently the application supports most popular CPUs and chipsets, although you will need to check the website for your specific processor/chipset combo – the programmer is working on integrating even more chipsets and CPUs into the software.
Offload Network Task Processing onto the Network Card
*****************************************************
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services \ Tcpip \ Parameters]
Many newer network cards have the ability of taking some of the network processing load off of the processor and performing it right on the card (much like Hardware T&L on most new video cards). This can significantly lower the CPU processes needed to maintain a network connection, freeing up that processor time for other tasks. This does not work on all cards, and it can cause network connectivity problems on systems where the service is enabled but unsupported, so please check with your NIC manufacturer prior to enabling this tweak. Find the DWORD "DisableTaskOffload" and set the value to 0 (the default value is 1). If the key is not already available, create it.
Force XP to Unload DLLs
***********************
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer]
"AlwaysUnloadDLL"=dword:00000001
XP has a bad habit of keeping dynamic link libraries that are no longer in use resident in memory. Not only do the DLLs use up precious memory space, but they also tend to cause stability problems in some systems. To force XP to unload any DLLs in memory when the application that called them is no longer in memory, browse to HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer and find the DWORD "AlwaysUnloadDLL". You may need to create this key. Set the value to 1 to force the operating system to unload DLLs.
Give 16-bit apps their own separate processes
*********************************************
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ WOW]
"DefaultSeparateVDM"="Yes"
By default, Windows XP will only open one 16-bit process and cram all 16-bit apps running on the system at a given time into that process. This simulates how MS-DOS based systems viewed systems and is necessary for some older applications that run together and share resources. However, most 16-bit applications work perfectly well by themselves and would benefit from the added performance and stability of their own dedicated resources. To force Windows XP to give each 16-bit application it's own resources, browse to HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control \ WOW and find the String "DefaultSeparateVDM". If it is not there, you may need to create it. Set the value of this to Yes to give each 16-bit application its own process, and No to have the 16-bit application all run in the same memory space.
Disable User Tracking
*********************
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer]
"NoInstrumentation"=dword:00000001
The user tracking system built into Windows XP is useless to 99% of users (there are very few uses for the information collected other than for a very nosy system admin), and it uses up precious resources to boot, so it makes sense to disable this "feature" of Windows XP. To do so, browse to HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer and find the DWORD "NoInstrumentation". You may need to create this key if it is not there. The default setting is 0, but setting it to 1 will disable most of the user tracking features of the system.
Thumbnail Cache
***************
[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Advanced]
"DisableThumbnailCache"=dword:00000001
Windows XP has a neat feature for graphic and video files that creates a "thumbnail" of the image or first frame of the video and makes it into an oversized icon for the file. There are two ways that Explorer can do this, it can create them fresh each time you access the folder or it can load them from a thumbnail cache. The thumbnail caches on systems with a large number of image and video files can become staggeringly large. To disable the Thumbnail Cache, browse to HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Advanced and find the DWORD "DisableThumbnailCache". You may need to create this key. A setting of 1 is recommended for systems where the number of graphic and video files is large, and a setting of 0 is recommended for systems not concerned about hard drive space, as loading the files from the cache is significantly quicker than creating them from scratch each time a folder is accessed.
Like the BrTurbo links... there's a little bit to know what the links from Yahoo/Geocities do... or how they work...
Maybe this can be pinned here as the BrTurbo post thread is posted here as well !?
===================================
The Beginning :
You must use a downloading program like flashget. 150+ Kbps download speeds
There is a lot of people downloading from these servers so don't be surprised
if it's hard to get the files lickity split, it will take time, maybe up to 24hours or longer.
Error 503 (Service Temporarily Unavailable), 508 (Unused) or 999 (Not available)
will be a Normal Response
( Error 404 is the only response you DON'T want = File deleted )
The following are tips for downloading from Yahoo/Geocities, you will get
what you want quicker and easier by following them.
A few restrictions that I've figured out by downloading from the Y/G servers:
You Must only use 1 jet (split part) per file, each extra jet added acts like a
separate file and you will have to do the IP change more often (see below).
Example: file.zip with 8 jets or split parts seems like 8 separate files
to the server yet you've only downloaded 1 file (IP change range 10 to 15 files)
If you don't mind changing your IP every 5 minutes then use all the jets you want, LoL
but I recommend just leaving at 1 jet per file.
(MOST Important)
You MUST change the Referrer on every file so it is Blank, if it isn't set correctly
you will get a 403 (forbidden error)
(Tip from DarkKnightz)
_____________________________________________________________________
The next section in most cases won't need to be read, But if
you do have a problem come back and read the rest, LoL
_____________________________________________________________________
Your downloads will stop at times with a code 999, 503 Service Temporarily Unavailable
or 508 Unused, be patient it will restart but give it some time, But if it doesn't
restart after 10 or so retries try pausing the download for 5 to 15 minutes, or
move on to another file and come back to it later. Keep bouncing around because
sooner or later they will start.
Most times if you pause your downloads for 5 to 15 minutes, they will restart,
But this is a last resort (IP Change)
Before doing this make sure you gave the files plenty of retries (approximately
25 No starts) If No more of the files will start downloading and your getting a
503 Service Temporarily Unavailable, 508 Unused or 999 Not available,
all you need to do is change your IP number.
#1 by re-dialing (Dial-up)
OR
#2 disconnect your modem from the net (disconnect your modem in the setup interface)
for about 30 seconds, reconnect the modem and you'll have a new IP.
Unless you have a static IP, in which you'll have to use proxies like with BRTurbo
to evade the max bandwidth restriction.
Any files that continue to be a problem Re-check to make sure you have the proper
referrer set, if they're all OK then you may have to wait a few hours and start where
you left off.
If you have a static IP use a proxy like when you download from BRTurbo links.
/join [room] go to what ever room you wish
/invite [buddys name] sends invitation request
/tell [user] [message] private messages a friend
/follow [user] follows a friend
/stopfollow [user] stop following someone
/stopfollow [yourname] to stop them from following you
/goto [user] enters the room the user is in
/away [off] turn your private messages back on
/think [message] (type this to think what you want
/ignore [list] list everyone who you are ignoring
/ignore add [user] add someone to your ignoring list
/ignore [add all] ignores everything going on
I went into the system registery and found out that Yahoo! moved the 'banner url' key to a slightly different location. Than what it used in version 5.5!
Yahoo! IM no longer uses 'YUrl', but uses 'View' instead. You gotta click on each key inside of 'View' and edit the 'banner url' string to anything you want... I simply cleared mine out completely and it works flawlessly!
Here is what you gotta do:
Run regedit
Goto HKEY_CURRENT_USER -> Software -> Yahoo -> Pager -> View
Inside the 'View' key there are a several other keys... go through each one and edit the 'banner url' string to your liking. It even works if the string is left blank (this causes it to look as if ads were never even implemented)!
Restart Yahoo! IM for the effect to take hold.
This is great for Yahoo! IM 5.6 users who don't want to be bothered with ads.
You probably sometimes spend hours, maybe days to create one simple logo for your website. Hopefully, there are many logo generators online which can help you to easily create nice text logos. All you need to do is to add the text you want and the generator will create a logo for you. You can choose the font size, background,image height and width; all you need for a good logo text. Below you can find links for 25 simple but effective logo generators.
Free Logo Design : One of the better logo generators is FreeLogoServices.com they provide free logo design
*have fun ...... ///
let me introduce with the all in one installer. That is also available for free and only requires additional internet connection to go the setup process further.
Ninite.com’s easy all in one installer will make this thing possible and flexible. From Ninite’s home page, you can choose large list of applications that you often install in your fresh or upgraded version of Windows.
Choosing the application to be added in all in one time installer is rather easy. Just choose the applications you want to install from their large list.
