Saturday, November 8, 2008

Firefox Speed Tweaks!

Yes, firefox is already pretty damn fast but did you know that you can tweak it and improve the speed even more?

That's the beauty of this program being open source.
Here's what you do:
In the URL bar, type “about:config” and press enter. This will bring up the configuration “menu” where you can change the parameters of Firefox.

Note that these are what I’ve found to REALLY speed up my Firefox significantly - and these settings seem to be common among everybody else as well. But these settings are optimized for broadband connections - I mean with as much concurrent requests we’re going to open up with pipelining… lol… you’d better have a big connection.

Double Click on the following settins and put in the numbers below - for the true / false booleans - they’ll change when you double click.

Code:
browser.tabs.showSingleWindowModePrefs – true
network.http.max-connections – 48
network.http.max-connections-per-server – 16
network.http.max-persistent-connections-per-proxy – 8
network.http.max-persistent-connections-per-server – 4
network.http.pipelining – true
network.http.pipelining.maxrequests – 100
network.http.proxy.pipelining – true
network.http.request.timeout – 300


One more thing… Right-click somewhere on that screen and add a NEW -> Integer. Name it “nglayout.initialpaint.delay” and set its value to “0”. This value is the amount of time the browser waits before it acts on information it receives. Since you’re broadband - it shouldn’t have to wait.

Now you should notice you’re loading pages MUCH faster now!

Have Notepad In Send To

Many apply a registry tweak to have notepad as an option for unknown file types. We frequently see such files which are actually just text, but named with some odd file-extension. And then, some suspicious files which we want to make sure what the contents are. Well, in such cases where the registry tweak is applied, the downside happens to be that even some known files get associated with notepad - but no, all we want is to be able to open a file with notepad - the association part in such cases is unwanted interference. Also, notepad becomes a permanent fixture on the right-click menu - which is again an annoyance.

So what we do, is to have notepad as an option in the Send-To options, of the right-click menu in explorer. It fulfils the purpose to perfection (atleast, in my case). Here's what we do:

1. right-click desktop, choose "New >> Shortcut"
2. Type the location of the item - "notepad" - (that's all, no need to give path)
3. Next >> type name for shortcut - "Edit with Notepad"
4. Click finish
5. Now right-click this shortcut on the desktop, and choose properties.
6. Confirm that the "target" and "start in" fields are using variables - "%windir%\system32\notepad.exe" - (absolute paths will be problematic if you use this .LNK on machines other than your own)
7. Now, browse to "%UserProfile%\SendTo" in explorer (which means "C:\Documents and Settings\User_Name\SendTo\" folder)
8. And copy the "Edit with Notepad.lnk" file which you already created, to that folder.
9. So now, you can right-click on ANY file-type, and be offered an option to open with notepad, from the SendTo sub-menu.

So now, you just right-click on an .nfo or .eml or .diz file (which are associated with other programs, and are sometimes just plain-text files), and choose "Send To >> Edit with Notepad" and it will open in notepad!
No more botheration of applying registry tweaks for something as simple as this.

Create An Ftp Server On Your Pc With Serv-u

Quote:
Step 1. Getting a static IP address.
Get a static address for your FTP server. You will want to do this as opposed to using your IP address for several reasons. First, it’s easier keeping up-to-date. Imagine having to change all of your setting every time your IP changed. With No-IP, the No-IP service runs in background on your computer and updates your current IP address with your FTP server’s URL (for example, you get ftp://rkchoolie.serveftp.com). Second reason, you don’t want your IP address posted out there for everyone to see.

1. Go to www.No-IP.com to create a new user account.
2. Fill in the information that is required and the click Register button.
3. Your account has now been created and your account password has been emailed to you.
4. Check your email mailbox and wait for the mail that contains your password
5. Go back to www.No-IP.com and type your email address and password to login to your account.
6. Once in your account, click on Add a host in the left menu
7. Type in the Hostname you want (example: rkchoolie) and pick a Domain from the list (example: ftpserve.com)
8. Check Allow Wildcards and click the Submit button
9. You now have your static address (example: rkchoolie.serveftp.com)
10. Click on your OS link in the Dyn-Update Client in the bottom right menu and follow links to download the client
11. Once downloaded, install the software and type in your email address and password when asked.
12. Finally tick the checkbox near your static address.

You now have a static web address .


Quote:
Step 2. Installing and setting the FTP server
1. Install Serv-U 4.0.
2. Start Serv-U and use the wizard to setup your ftp.
3. Click next until you're asked for an IP address, leave it blank and then click next.
4. Type the domain name you've just registered above (example: preacher.serveftp.com) in the domain name field and then click Next.
5. You are asked if you want to allow anonymous access, select No and then click next.
6. You are then asked to create a named account, check yes and then click next.
7. Type in the user name you wish for this account (example: Harrie) and click next.
8. Type a password for this account (example: $p3c1aL). For security reasons, try to create a password with some letters, numbers and special characters. Then click next.
9. You will then be asked for the Home directory of the account you just created. Select the directory and then click next.
10. Select yes to lock this account to the Home directory. You want to do this so that the user can not go any further up that his home directory. Click next.
11. The account is now set so click finish.

Quote:
Step 3. Configuring user accounts
1. In the left tree-menu, select the account you've just created and then click on the General tab.
2. Check Hide ‘Hidden’ Files.
3. Check Allow only and enter the number one in the box.
4. Set the Max. download speed to what ever you want. If this is an account that many will be using, set it low to save on your bandwidth. I usually have mine set between 10 – 20. If you leave it blank, users will be able to download from you at full bandwidth.
5. Set the Max no. of users to how many you want to be able to log on at one time. This depends on your connection speed but try these (56 - 1, ISDN - 3, ADSL or cable - 5-6 users.)
6. Now, click on the Dir Access tab.
7. You should see the home folder in there. Highlight it and make your permissions.
8. If you only want users to be able to download check only Read, List, & Inherit.
9. If you want users to be able to upload, but to only one particular folder but not download, click the add button and then select that folder. Now highlight the folder and set these permissions on that folder. Check Write, Append, List, Create, & Inherit. Once you have made the permissions click on the up arrow that is located at the bottom right-hand corner. You want this special upload folder to be list first, before the home folder.
10. If there is a folder that you don’t want anyone to have access to, but it is inside the home folder, then click the add button and then select that folder. Now highlight the folder and make sure that all checkboxes are left. Once you have made the permissions click on the up arrow that is located at the bottom right-hand corner. You want this no access folder to be listed at the very top.
11. There are many other different sets of permissions you can play with. I just covered your basics.
12. Your server is now set!
13. Try logging on with the username and password and see if it works.

Friday, October 17, 2008

How to hack-change your Windows XP Boot Screen

This is a very simple trick to do if you have done the same for the logon screen and the start button. There are 2 ways to do this trick that I know about one is doing it manually and the other is using a program called bootxp. I am going to tell you the manual way to do it, but if you want to know the other way just let me know, so I can do an update to the guide. Now once you have downloaded your ntoskrnl.exe file save it a general location so that you will have easy access to it, like my folder.



Once you have ntoskrnl.exe file in an easy access folder, restart your pc into safe mode. Once into safe mode go to the folder where your files are located.



Now that you are there copy the file that you want to change your boot screen too. Once you have copied that file, hit the window key + r or type %windir%\system32 in the run command, so that folder as follows.



Once there paste your new file into the folder and overwrite the existing folder.



Now that you have your new file in the folder restart your pc as you normally would and your new boot screen should appear. You can download this bootscreen here.



ALWAYS BACKUP EVERYTHING YOU EDIT OR DELETE. I'M NOT RESPONSIBLE IF YOU MESS YOUR COMPUTER UP BY DOING THIS HACK OR ANY TYPE OF HACK. DO IT AT YOUR OWN RISK.

Image and ntoskrnl.exe files provided by www.themexp.org

or
u can go to

code:

http://www.overclockersclub.com/guides/hackxpbootscreen.php

IP Addressing

The intent of this paper is to document the background
behind the current IP address assignments which I have offered to
coordinate. The proposed scheme has been reviewed by Phil Karn,
Bdale Garbee and (verbally with) Mike Chepponis, all of whom have
encouraged that it be used.

Phil's code does NOT currently support the subnetwork
aspects of the scheme but will do so in the future. There is no
real reason for any national coordination of these addresses
until actual networks or at least geographically coordinated
groups of experimenters are formed.

I have offered to issue and keep track of SUBNET addresses
and their "owners" who are presumably responsible *NETWORK*
implementors and managers.

The basic premise behind the proposed plan is that amateur
radio networks will be politically defined. The plan is based
upon the presumption that current voice networks serve as a
proper analog by which to predict general characteristics of the
as yet unconstructed digital networks. Political entities will
build networks; funded, controlled, maintained and used primarily
by their own members and guests.

Each of these separately managed networks should be viewed
as a subnetwork of AMPRNET (with the idea being to somehow
rationally partition the 044.xxx.xxx.xxx AMPRNET address space).
Each subnetwork within AMPRNET will maintain routing tables for
its own constituents. Each will provide its own hosts (TACs,
Gateways, i.e. the mechanism by which users with simple terminals
and AX25 level 2 boxes will access network resources), switches,
rules (network administration), security measures and quite
possibly its own link level protocols.

The natural limitations on span of control will probably
limit the service area of each of these networks. This is
another factor leading to the partitioning of the AMPRNET address
space with respect to separate subnetworks.

This partitioning of the address space will allow for
much simplified routing tables in each host. Internetworking
gateways will connect these independently controlled subnetworks.
Each gateway will maintain routing tables only for local hosts
and for gateways to other networks. Hosts and relay switches on
a given subnet will need to maintain routing information
regarding only members of that subnet and gateways to other
networks. The required routing tables should prove to be very
manageable and make any kind of geographically based hueristic
addressing schemes such as ZIP codes, area codes etc. moot.




1



I would also like to propose that we coordinate logical
network names and their corresponding addresses based on these
political network subdivisions. The concept of a naming
convention which maps directly into an IP address is purely for
the convenience of network developers and is not considered
necessary. There is, however, some good reasoning behind making
network and host names hierarchical and meaningful to end users.
It will considerably aid in bootstrapping the initial networks
and in being comprehensible to the non-network folks who will be
the primary users of these networks. The naming convention
proposed is of the form USERID@HOST.SUBNET[.AMPRNET.RES].
WESTNET, SBARCnet (Santa Barbara ARC) and GFRN-net represent
three hypothetical networks with which this writer could be
involved, perhaps as a provider of gateway and/or host services.

Each of these subnetwork entities could have a distinct
address and perhaps several internally administered host/user
addresses.

[NOTE: Throughout this paper, Host or Host/User represents
any host or any user running IP protocols that has direct
network access. Also, for the purposes of the following
example, WA6JPR is not a network address, rather it
represents a user-id on a local host. It is the writer's
opinion that the majority of packet users for the forseeable
future will be using simple TNCs connected to hosts via
AX.25 level 2 protocols.]

WA6JPR may be "a user" on hosts on more than one network
such that a station in Washington D.C.,logged onto an AMPRNET
host, may send internet traffic successfully to
WA6JPR@JPRHOST.WESTNET (this traffic would be routed to Westnet
via various AMPRNET gateways and subnetwork level relays and then
to a Santa Barbara host known internally by Westnet to be
reachable via the W6AMT-2 switch). Traffic could also be
directed to Wally@SBARC (presuming that the Santa Barbara
Amateur Radio Club maintains a message server host gatewayed to
the AMPRNET catenet).

Based upon the presumption of the AMPRNET/SUBNET/HOST
hierarchy, it would seem that we could easily decide how to
allocate the 044.xxx.xxx.xxx 24 bit IP address field such that
there are bits allocated for a sufficient number of individually
managed subnetworks while leaving a correspondingly adequate
number of assignable bits for the internal addressing needs of
each individual subnetwork.

Accordingly, the following is proposed as an initial
addressing scheme and methodology for address assignment. [Bit
numbering is per RFC-960 Pg.2]







2



Bit 8 to be 0 for USA stations and 1 for non-USA stations.
[Note. This is not meant to imply a geographic basis for
assignments. It is meant to provide a very quick means for
segregating FCC controlled participants from non-FCC stations.]

Bits 9 - 18 to represent politically separate subnetworks within
AMPRNET. These bits are to be assigned in an inverse binary
sequence (see example below) beginning with the *MOST
SIGNIFICANT* bit first.

Bits 19 - 23 to be unassigned and reserved for future allocation
as network addresses, to network administrations for internally
assigned host and/or user addresses, to a combination of the
above or to a completely new intermediate class of addresses.

Bits 24 - 31 to be used within politically separate AMPRNET
subnetworks for individual hosts, switches, workstations etc. as
determined by local network administration. It would be
recommended that these bits be assigned in binary sequence with
the *LEAST SIGNIFICANT* bits being assigned first.

The resulting network addresses would be as follows:

AMPRNET
||
|| SUBNET----+
|| | |
|| | | HOST--+
|| | | | |
44:0...127:000:0...255------- 32,768 addresses assignable
44:0...127:001:0...255--+
| +- 1,015,808 addresses reserved
44:0...127:031:0...255--+
44:0...127:032:0...255------- 32,768 addresses assignable
44:0...127:033:0...255--+
| +- 1,015,808 addresses reserved
44:0...127:063:0...255--+
44:0...127:064:0...255------- 32,768 addresses assignable
44:0...127:065:0...255--+
| +- 1,015,808 addresses reserved
44:0...127:095:0...255--+
44:0...127:096:0...255------- 32,768 addresses assignable
44:0...127:097:0...255--+
| +- 1,015,808 addresses reserved
44:0...127:127:0...255--+
44:0...127:128:0...255------- 32,768 addresses assignable
44:0...127:129:0...255--+
| +- 1,015,808 addresses reserved
44:0...127:159:0...255--+
44:0...127:160:0...255------- 32,768 addresses assignable
44:0...127:161:0...255--+
| +- 1,015,808 addresses reserved
44:0...127:191:0...255--+
44:0...127:192:0...255------- 32,768 addresses assignable



3



44:0...127:193:0...255--+
| +- 1,015,808 addresses reserved
44:0...127:223:0...255--+
44:0...127:224:0...255------- 32,768 addresses assignable
44:0...127:225:0...255--+
| +- 1,015,808 addresses reserved
44:0...127:255:0...255--+

44:128:xxx:xxx----------+
| +- 8,388,608 addresses assignable (non USA)
44:255:xxx:xxx----------+


The above allocation and assignment scheme allows network
(subnet) and intranet (host/user) addresses to begin to be
immediately assigned to experimenters while retaining the largest
possible contiguous block of unassigned bits whose assignments
can be defined in the future with little or no impact on
previously allocated addresses. The USER @ HOSTNAME .
SUBNET/ADMINISTRATION naming scheme represents a human-friendly
network naming convention which maps easily into numerical
network addresses. I believe that the above approach is in
general conformance with the requirements of RFC-950, "Internet
Standard Subnetting Procedure."

The numbering scheme as initially proposed allows for up to
1024 AMPRNET subnetworks of up to 256 hosts in the USA while
retaining five bits for future expansion. That's 262,144
individual AMPRNET addressable entities. If the proposed method
of address assignment is followed and we run out of Host/User
addresses before we run out of network addresses, we can simply
pick up the least significant reserved bit and assign more
Host/User addresses. Conversely, if network addresses are more
popular we could easily expand by taking the most significant
reserved bit and allocating it for network addressing.

If it should become clear that every user on a network needs his
or her own IP address, each network could allocate user blocks in
256 user increments from the least significant reserved bits.
Possible combinations are 1024 networks each with up to 8192
individually addressable units or 2048 networks each with 4096
hosts/users (8,388,608 individually addressable entities).

The writer presumes that 8 million plus addresses ought to
last the US amateur population for some time to come. All we need
to do to avoid painting ourselves in a corner is to assign them
in a logical sequence rather than randomly.










4



The following table serves as an example of the "high bit
first" network address assignment table and some actual and
requested initial networking assignments.

"this" 44.000.000.xxx ;special case
KARNnet 44.064.000.xxx ;network admin: KA9Q
BDALEnet 44.032.000.xxx ;network admin: N3EUA
DCnet1 44.096.000.xxx ;network admin: WB6RQN
SOCALnet1 44.016.000.xxx ;network admin: WB5EKU
DCnet2 44.080.000.xxx ;network admin: WB6RQN
SOCALnet2 44.048.000.xxx ;network admin: WA6JPR
PITTNET 44.112.000.xxx ;network admin: N3CVL
next 44.008.000.xxx
next 44.072.000.xxx
.
.
.
last 44.063.000.xxx
"all" 44.127.000.xxx ;special case

Monday, October 13, 2008

Hard drive Gone Bad

The most common problems originate
from corruption of the master boot record, FAT, or directory.
Those are soft problems which can usually be taken care of
with a combination of tools like Fdisk /mbr to refresh the
master boot record followed by a reboot and Norton disk doctor
or Spinneret.

The most common hardware problems are a bad controller, a bad
drive motor, or a bad head mechanism.

1. Can the BIOS see and identify the hard drive correctly? If
it can't, then the hard drives onboard controller is bad.

2. Does the drive spin and maintain a constant velocity? If it
does, that's good news. The motor is functioning.

3. If the drive surges and dies, the most likely cause is a
bad controller (assuming the drive is cool). A gate allowing
the current to drive the motor may not be staying open. The
drive needs a new controller.

4. Do you hear a lot of head clatter when the machine is
turned on and initialized (but before the system attempts to
access the hard drive). Head clatter would indicate that the
spindle bearings are sloppy or worn badly. Maybe even lose and
flopping around inside.

5. There is always the possibility that the controller you are
using in the machine has gone south.

1. If the drive spins, try booting to the A> prompt, run Fdisk
and check to see if Fdisk can see a partition on the hard
drive. If Fdisk can see the partition, that means that it can
access the drive and that the controller electronics are
functioning correctly. If there is no head clatter, it may be
just a matter of disk corruption which commonly occurs when a
surge hits you machine and overwhelms the power supply voltage
regulator. It commonly over whelms the system electronics
allowing an EM pulse to wipe out the master boot record, file
allocations table, and primary directory. Fdisk can fix the
master boot record and Norton Disk Doctor can restore the FAT
and Directory from the secondaries.
2. The drive spins but Fdisk can't see it. Try the drive in
another system and repeat the test to confirm that Fdisk can't
read through the drives onboard controller. If it sees it in
another system, then your machines hard drive interface is
bad. You can try an upgraded or replacement controller card
like a Promise or CMD Technologies (there are others) in you
machine after disabling the integrated controller in the BIOS,
but if the integrated controller went south, it may just be
symptomatic of further failures and you'd be wise to replace
the motherboard. Trying the drive in another machine also
eliminates the variable that your machines 12 volt power
output being bad

3. If you get head clatter but a constant velocity on the
drive motor (no surging), you might try sticking the hard
drive in the freezer for about 12 hours. This is an old trick
from back in the days of the MFM/ESDI driver era. This can
cause the drive components to shrink enough to make the track
marker align with the tracks. We don't see that kind of
platter spindle wear much anymore, but back in the old days,
the balancing and bearings weren't as good. Still, under the
right circumstances, it might help. It would depend on how old
the drive is and how many hours of wear have occurred. You
have to be quick to get your info off the drive when it works.
Back then, the drives were much smaller, so there wasn't so
much to copy. So, go after the important data first.

4. The drive doesn't spin. Either the onboard controller is
bad or the motor is bad (assuming you did try the drive in
another machine). It's time to hit the net and local
independent shops to see if you can locate another drive of
the same make and model that's good. Since the drive is
probably an older drive and no longer in distribution, your
best bet is to find an identical used drive. If you know
someone with the same make and model, you might be wise to try
and persuade them to sell you their drive with an offer of
providing them with a free upgraded drive. If you can locate
an identical drive, start with the controller replacement ...
this is the simplest and least invasive. If swapping the
controller doesn't produce the desire result, you can tear
into the drive and swap the motors. While you have both drive
opened up to accomplish this, scrutinize the platters, heads
and armatures. You might even hook the drive up and power it
from a system with both drives attached. This way, you could
see anything that deviates between the actions of both drives
when they are initialized. Swapping patters is unlikely to
produce any positive result. They are a balanced system like
the tires on your car and I suspect that the balance will be
different for each drive as will other variables.

5. There's always Ontrack Corp. who will attempt to recoup
your info starting at $500 and going up from there. They don't
fix and return the drive either.

If the info is all that important to you, I would seek some
professional and experience technician in your locality who
makes his living from servicing and building computer systems
... not just selling them. If you have had much experience
salvaging information from bad hard drives, your likelihood of
success is low. In the case of soft corruption, all utilities
have their eccentricities. Often times, Norton Disk Doctor
will go too far (if you let it). It's wise to just let those
utilities small steps and then have a look at the drive and
see if you can copy it off. Norton will go so far as to rename
directories and files, and even delete them or break them up
into fragments which are useless.
_________________

Easily Find Serial Numbers,Search; On Google..

let's pretend you need a serial number for windows xp pro.

in the search bar type in just like this - "Windows XP Professional" 94FBR

the key is the 94FBR code.. it was included with many MS Office registration codes so this will help you dramatically reduce the amount of 'fake' porn sites that trick you.

or if you want to find the serial for winzip 8.1 - "Winzip 8.1" 94FBR

just try it out, it's very quick and it works nicely..

-----------------------------------------------------------

here is another trick that works fairly decent for finding mp3's on the web (which is hard to do normally, to say the least)

say you want to get, for example, a Garth Brooks song. type this in the search bar - "index of/" "garth brooks" .mp3 the ones you want to check out first are the ones that say "Index of/" in the title of the search result. this technique allows you to easily pull up web folders with direct downloads. it will look the same as if you were logging into a ftp url.. i'm sure you can be pretty flexible on how you type that in, so long as you include "index of/"

i'm sure you can use this for more than just mp3's (it's not perfect but it has worked for me on a few occasions)

always make sure to use the quotations where i placed them. they help pinpoint the correct search results more accurately. just try it out, also if you want to learn how to do more with google look up "google hacks"

Directx Explained

DirectX explained

Ever wondered just what that enigmatic name means?

Gaming and multimedia applications are some of the most satisfying programs you can get for your PC, but getting them to run properly isn’t always as easy as it could be. First, the PC architecture was never designed as a gaming platform. Second, the wide-ranging nature of the PC means that one person’s machine can be different from another. While games consoles all contain the same hardware, PCs don’t: the massive range of difference can make gaming a headache.


To alleviate as much of the pain as possible, Microsoft needed to introduce a common standard which all games and multimedia applications could follow – a common interface between the OS and whatever hardware is installed in the PC, if you like. This common interface is DirectX, something which can be the source of much confusion.

DirectX is an interface designed to make certain programming tasks much easier, for both the game developer and the rest of us who just want to sit down and play the latest blockbuster. Before we can explain what DirectX is and how it works though, we need a little history lesson.

DirectX history
Any game needs to perform certain tasks again and again. It needs to watch for your input from mouse, joystick or keyboard, and it needs to be able to display screen images and play sounds or music. That’s pretty much any game at the most simplistic level.

Imagine how incredibly complex this was for programmers developing on the early pre-Windows PC architecture, then. Each programmer needed to develop their own way of reading the keyboard or detecting whether a joystick was even attached, let alone being used to play the game. Specific routines were needed even to display the simplest of images on the screen or play a simple sound.

Essentially, the game programmers were talking directly to your PC’s hardware at a fundamental level. When Microsoft introduced Windows, it was imperative for the stability and success of the PC platform that things were made easier for both the developer and the player. After all, who would bother writing games for a machine when they had to reinvent the wheel every time they began work on a new game? Microsoft’s idea was simple: stop programmers talking directly to the hardware, and build a common toolkit which they could use instead. DirectX was born.

How it works
At the most basic level, DirectX is an interface between the hardware in your PC and Windows itself, part of the Windows API or Application Programming Interface. Let’s look at a practical example. When a game developer wants to play a sound file, it’s simply a case of using the correct library function. When the game runs, this calls the DirectX API, which in turn plays the sound file. The developer doesn’t need to know what type of sound card he’s dealing with, what it’s capable of, or how to talk to it. Microsoft has provided DirectX, and the sound card manufacturer has provided a DirectX-capable driver. He asks for the sound to be played, and it is – whichever machine it runs on.

From our point of view as gamers, DirectX also makes things incredibly easy – at least in theory. You install a new sound card in place of your old one, and it comes with a DirectX driver. Next time you play your favourite game you can still hear sounds and music, and you haven’t had to make any complex configuration changes.

Originally, DirectX began life as a simple toolkit: early hardware was limited and only the most basic graphical functions were required. As hardware and software has evolved in complexity, so has DirectX. It’s now much more than a graphical toolkit, and the term has come to encompass a massive selection of routines which deal with all sorts of hardware communication. For example, the DirectInput routines can deal with all sorts of input devices, from simple two-button mice to complex flight joysticks. Other parts include DirectSound for audio devices and DirectPlay provides a toolkit for online or multiplayer gaming.

DirectX versions
The current version of DirectX at time of writing is DirectX 9.0. This runs on all versions of Windows from Windows 98 up to and including Windows Server 2003 along with every revision in between. It doesn’t run on Windows 95 though: if you have a machine with Windows 95 installed, you’re stuck with the older and less capable 8.0a. Windows NT 4 also requires a specific version – in this case, it’s DirectX 3.0a.

With so many versions of DirectX available over the years, it becomes difficult to keep track of which version you need. In all but the most rare cases, all versions of DirectX are backwardly compatible – games which say they require DirectX 7 will happily run with more recent versions, but not with older copies. Many current titles explicitly state that they require DirectX 9, and won’t run without the latest version installed. This is because they make use of new features introduced with this version, although it has been known for lazy developers to specify the very latest version as a requirement when the game in question doesn’t use any of the new enhancements. Generally speaking though, if a title is version locked like this, you will need to upgrade before you can play. Improvements to the core DirectX code mean you may even see improvements in many titles when you upgrade to the latest build of DirectX. Downloading and installing DirectX need not be complex, either.

Upgrading DirectX
All available versions of Windows come with DirectX in one form or another as a core system component which cannot be removed, so you should always have at least a basic implementation of the system installed on your PC. However, many new games require the very latest version before they work properly, or even at all.

Generally, the best place to install the latest version of DirectX from is the dedicated section of the Microsoft Web site, which is found at www.microsoft.com/windows/directx. As we went to press, the most recent build available for general download was DirectX 9.0b. You can download either a simple installer which will in turn download the components your system requires as it installs, or download the complete distribution package in one go for later offline installation.

Another good source for DirectX is games themselves. If a game requires a specific version, it’ll be on the installation CD and may even be installed automatically by the game’s installer itself. You won’t find it on magazine cover discs though, thanks to Microsoft’s licensing terms.

Diagnosing problems

Diagnosing problems with a DirectX installation can be problematic, especially if you don’t know which one of the many components is causing your newly purchased game to fall over. Thankfully, Microsoft provides a useful utility called the DirectX Diagnostic Tool, although this isn’t made obvious. You won’t find this tool in the Start Menu with any version of Windows, and each tends to install it in a different place.

The easiest way to use it is to open the Start Menu’s Run dialog, type in dxdiag and then click OK. When the application first loads, it takes a few seconds to interrogate your DirectX installation and find any problems. First, the DirectX Files tab displays version information on each one of the files your installation uses. The Notes section at the bottom is worth checking, as missing or corrupted files will be flagged here.

The tabs marked Display, Sound, Music, Input and Network all relate to specific areas of DirectX, and all but the Input tab provide tools to test the correct functioning on your hardware. Finally, the More Help tab provides a useful way to start the DirectX Troubleshooter, Microsoft’s simple linear problem solving tool for many common DirectX issues.

Change The Default Location For Installing Apps

As the size of hardrives increase, more people are using partitions to seperate and store groups of files.

XP uses the C:\Program Files directory as the default base directory into which new programs are installed. However, you can change the default installation drive and/ or directory by using a Registry hack.

Run the Registry Editor (regedit)and go to

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion

Look for the value named ProgramFilesDir. by default,this value will be C:\Program Files. Edit the value to any valid drive or folder and XP will use that new location as the default installation directory for new programs.

Change The Storage Location Of 'my Documents', a bit safer for when your PC crashes...

I just found out about this today, and I use Windows XP for some time now, so i guess there are others out there who don't know about this yet.

But normally windows saves the "My Documents" folder on your C-drive. But when you right-click on it and go to properties, you can change the location where you want windows to save your Documents folder.
I have a partition set up with just windows on it, and all my things i want to keep are on different partitions/disks. So now I put My Documents on another partition than where I have windows installed. If windows screws up and you have to format your C-drive again, your documents will be spared at least...

Saturday, September 27, 2008

23 Ways To Speed WinXP, Not only Defrag.txt

Since defragging the disk won't do much to improve Windows XP performance, here are 23 suggestions that will. Each can enhance the performance and reliability of your customers' PCs. Best of all, most of them will cost you nothing.
1.) To decrease a system's boot time and increase system performance, use the money you save by not buying defragmentation software -- the built-in Windows defragmenter works just fine -- and instead equip the computer with an Ultra-133 or Serial ATA hard drive with 8-MB cache buffer.

2.) If a PC has less than 512 MB of RAM, add more memory. This is a relatively inexpensive and easy upgrade that can dramatically improve system performance.

3.) Ensure that Windows XP is utilizing the NTFS file system. If you're not sure, here's how to check: First, double-click the My Computer icon, right-click on the C: Drive, then select Properties. Next, examine the File System type; if it says FAT32, then back-up any important data. Next, click Start, click Run, type CMD, and then click OK. At the prompt, type CONVERT C: /FS:NTFS and press the Enter key. This process may take a while; it's important that the computer be uninterrupted and virus-free. The file system used by the bootable drive will be either FAT32 or NTFS. I highly recommend NTFS for its superior security, reliability, and efficiency with larger disk drives.

4.) Disable file indexing. The indexing service extracts information from documents and other files on the hard drive and creates a "searchable keyword index." As you can imagine, this process can be quite taxing on any system.

The idea is that the user can search for a word, phrase, or property inside a document, should they have hundreds or thousands of documents and not know the file name of the document they want. Windows XP's built-in search functionality can still perform these kinds of searches without the Indexing service. It just takes longer. The OS has to open each file at the time of the request to help find what the user is looking for.

Most people never need this feature of search. Those who do are typically in a large corporate environment where thousands of documents are located on at least one server. But if you're a typical system builder, most of your clients are small and medium businesses. And if your clients have no need for this search feature, I recommend disabling it.

Here's how: First, double-click the My Computer icon. Next, right-click on the C: Drive, then select Properties. Uncheck "Allow Indexing Service to index this disk for fast file searching." Next, apply changes to "C: subfolders and files," and click OK. If a warning or error message appears (such as "Access is denied"), click the Ignore All button.

5.) Update the PC's video and motherboard chipset drivers. Also, update and configure the BIOS. For more information on how to configure your BIOS properly, see this article on my site.

6.) Empty the Windows Prefetch folder every three months or so. Windows XP can "prefetch" portions of data and applications that are used frequently. This makes processes appear to load faster when called upon by the user. That's fine. But over time, the prefetch folder may become overloaded with references to files and applications no longer in use. When that happens, Windows XP is wasting time, and slowing system performance, by pre-loading them. Nothing critical is in this folder, and the entire contents are safe to delete.

7.) Once a month, run a disk cleanup. Here's how: Double-click the My Computer icon. Then right-click on the C: drive and select Properties. Click the Disk Cleanup button -- it's just to the right of the Capacity pie graph -- and delete all temporary files.

8.) In your Device Manager, double-click on the IDE ATA/ATAPI Controllers device, and ensure that DMA is enabled for each drive you have connected to the Primary and Secondary controller. Do this by double-clicking on Primary IDE Channel. Then click the Advanced Settings tab. Ensure the Transfer Mode is set to "DMA if available" for both Device 0 and Device 1. Then repeat this process with the Secondary IDE Channel.

9.) Upgrade the cabling. As hard-drive technology improves, the cabling requirements to achieve these performance boosts have become more stringent. Be sure to use 80-wire Ultra-133 cables on all of your IDE devices with the connectors properly assigned to the matching Master/Slave/Motherboard sockets. A single device must be at the end of the cable; connecting a single drive to the middle connector on a ribbon cable will cause signaling problems. With Ultra DMA hard drives, these signaling problems will prevent the drive from performing at its maximum potential. Also, because these cables inherently support "cable select," the location of each drive on the cable is important. For these reasons, the cable is designed so drive positioning is explicitly clear.

10.) Remove all spyware from the computer. Use free programs such as AdAware by Lavasoft or SpyBot Search & Destroy. Once these programs are installed, be sure to check for and download any updates before starting your search. Anything either program finds can be safely removed. Any free software that requires spyware to run will no longer function once the spyware portion has been removed; if your customer really wants the program even though it contains spyware, simply reinstall it. For more information on removing Spyware visit this Web Pro News page.

11.) Remove any unnecessary programs and/or items from Windows Startup routine using the MSCONFIG utility. Here's how: First, click Start, click Run, type MSCONFIG, and click OK. Click the StartUp tab, then uncheck any items you don't want to start when Windows starts. Unsure what some items are? Visit the WinTasks Process Library. It contains known system processes, applications, as well as spyware references and explanations. Or quickly identify them by searching for the filenames using Google or another Web search engine.

12.) Remove any unnecessary or unused programs from the Add/Remove Programs section of the Control Panel.

13.) Turn off any and all unnecessary animations, and disable active desktop. In fact, for optimal performance, turn off all animations. Windows XP offers many different settings in this area. Here's how to do it: First click on the System icon in the Control Panel. Next, click on the Advanced tab. Select the Settings button located under Performance. Feel free to play around with the options offered here, as nothing you can change will alter the reliability of the computer -- only its responsiveness.

14.) If your customer is an advanced user who is comfortable editing their registry, try some of the performance registry tweaks offered at Tweak XP.

15.) Visit Microsoft's Windows update site regularly, and download all updates labeled Critical. Download any optional updates at your discretion.

16.) Update the customer's anti-virus software on a weekly, even daily, basis. Make sure they have only one anti-virus software package installed. Mixing anti-virus software is a sure way to spell disaster for performance and reliability.

17.) Make sure the customer has fewer than 500 type fonts installed on their computer. The more fonts they have, the slower the system will become. While Windows XP handles fonts much more efficiently than did the previous versions of Windows, too many fonts -- that is, anything over 500 -- will noticeably tax the system.

18.) Do not partition the hard drive. Windows XP's NTFS file system runs more efficiently on one large partition. The data is no safer on a separate partition, and a reformat is never necessary to reinstall an operating system. The same excuses people offer for using partitions apply to using a folder instead. For example, instead of putting all your data on the D: drive, put it in a folder called "D drive." You'll achieve the same organizational benefits that a separate partition offers, but without the degradation in system performance. Also, your free space won't be limited by the size of the partition; instead, it will be limited by the size of the entire hard drive. This means you won't need to resize any partitions, ever. That task can be time-consuming and also can result in lost data.

19.) Check the system's RAM to ensure it is operating properly. I recommend using a free program called MemTest86. The download will make a bootable CD or diskette (your choice), which will run 10 extensive tests on the PC's memory automatically after you boot to the disk you created. Allow all tests to run until at least three passes of the 10 tests are completed. If the program encounters any errors, turn off and unplug the computer, remove a stick of memory (assuming you have more than one), and run the test again. Remember, bad memory cannot be repaired, but only replaced.

20.) If the PC has a CD or DVD recorder, check the drive manufacturer's Web site for updated firmware. In some cases you'll be able to upgrade the recorder to a faster speed. Best of all, it's free.

21.) Disable unnecessary services. Windows XP loads a lot of services that your customer most likely does not need. To determine which services you can disable for your client, visit the Black Viper site for Windows XP configurations.

22.) If you're sick of a single Windows Explorer window crashing and then taking the rest of your OS down with it, then follow this tip: open My Computer, click on Tools, then Folder Options. Now click on the View tab. Scroll down to "Launch folder windows in a separate process," and enable this option. You'll have to reboot your machine for this option to take effect.

23.) At least once a year, open the computer's cases and blow out all the dust and debris. While you're in there, check that all the fans are turning properly. Also inspect the motherboard capacitors for bulging or leaks. For more information on this leaking-capacitor phenomena, you can read numerous articles on my site.


Following any of these suggestions should result in noticeable improvements to the performance and reliability of your customers' computers. If you still want to defrag a disk, remember that the main benefit will be to make your data more retrievable in the event of a crashed drive.

Sunday, September 21, 2008

Computer Acronyms

ADSL - Asymmetric Digital Subscriber Line
AGP - Accelerated Graphics Port
ALI - Acer Labs, Incorporated
ALU - Arithmetic Logic Unit
AMD - Advanced Micro Devices
APC - American Power Conversion
ASCII - American Standard Code for Information Interchange
ASIC - Application Specific Integrated Circuit
ASPI - Advanced SCSI Programming Interface
AT - Advanced Technology
ATI - ATI Technologies Inc.
ATX - Advanced Technology Extended

--- B ---
BFG - BFG Technologies
BIOS - Basic Input Output System
BNC - Barrel Nut Connector

--- C ---
CAS - Column Address Signal
CD - Compact Disk
CDR - Compact Disk Recorder
CDRW - Compact Disk Re-Writer
CD-ROM - Compact Disk - Read Only Memory
CFM - Cubic Feet per Minute (ft�/min)
CMOS - Complementary Metal Oxide Semiconductor
CPU - Central Processing Unit
CTX - CTX Technology Corporation (Commited to Excellence)

--- D ---

DDR - Double Data Rate
DDR-SDRAM - Double Data Rate - Synchronous Dynamic Random Access Memory
DFI - DFI Inc. (Design for Innovation)
DIMM - Dual Inline Memory Module
DRAM - Dynamic Random Access Memory
DPI - Dots Per Inch
DSL - See ASDL
DVD - Digital Versatile Disc
DVD-RAM - Digital Versatile Disk - Random Access Memory

--- E ---
ECC - Error Correction Code
ECS - Elitegroup Computer Systems
EDO - Extended Data Out
EEPROM - Electrically Erasable Programmable Read-Only Memory
EPROM - Erasable Programmable Read-Only Memory
EVGA - EVGA Corporation

--- F ---
FC-PGA - Flip Chip Pin Grid Array
FDC - Floppy Disk Controller
FDD - Floppy Disk Drive
FPS - Frame Per Second
FPU - Floating Point Unit
FSAA - Full Screen Anti-Aliasing
FS - For Sale
FSB - Front Side Bus

--- G ---
GB - Gigabytes
GBps - Gigabytes per second or Gigabits per second
GDI - Graphical Device Interface
GHz - GigaHertz

--- H ---
HDD - Hard Disk Drive
HIS - Hightech Information System Limited
HP - Hewlett-Packard Development Company
HSF - Heatsink-Fan

--- I ---
IBM - International Business Machines Corporation
IC - Integrated Circuit
IDE - Integrated Drive Electronics
IFS- Item for Sale
IRQ - Interrupt Request
ISA - Industry Standard Architecture
ISO - International Standards Organization

--- J ---
JBL - JBL (Jame B. Lansing) Speakers
JVC - JVC Company of America

- K ---
Kbps - Kilobits Per Second
KBps - KiloBytes per second

--- L ---
LG - LG Electronics
LAN - Local Area Network
LCD - Liquid Crystal Display
LDT - Lightning Data Transport
LED - Light Emitting Diode

--- M ---
MAC - Media Access Control
MB � MotherBoard or Megabyte
MBps - Megabytes Per Second
Mbps - Megabits Per Second or Megabits Per Second
MHz - MegaHertz
MIPS - Million Instructions Per Second
MMX - Multi-Media Extensions
MSI - Micro Star International

--- N ---
NAS - Network Attached Storage
NAT - Network Address Translation
NEC - NEC Corporation
NIC - Network Interface Card

--- O ---
OC - Overclock (Over Clock)
OCZ - OCZ Technology
OEM - Original Equipment Manufacturer

--- P ---
PC - Personal Computer
PCB - Printed Circuit Board
PCI - Peripheral Component Interconnect
PDA - Personal Digital Assistant
PCMCIA - Peripheral Component Microchannel Interconnect Architecture
PGA - Professional Graphics Array
PLD - Programmable Logic Device
PM - Private Message / Private Messaging
PnP - Plug 'n Play
PNY - PNY Technology
POST - Power On Self Test
PPPoA - Point-to-Point Protocol over ATM
PPPoE - Point-to-Point Protocol over Ethernet
PQI - PQI Corporation
PSU - Power Supply Unit

--- R ---
RAID - Redundant Array of Inexpensive Disks
RAM - Random Access Memory
RAMDAC - Random Access Memory Digital Analog Convertor
RDRAM - Rambus Dynamic Random Access Memory
ROM - Read Only Memory
RPM - Revolutions Per Minute

--- S ---
SASID - Self-scanned Amorphous Silicon Integrated Display
SCA - SCSI Configured Automatically
SCSI - Small Computer System Interface
SDRAM - Synchronous Dynamic Random Access Memory
SECC - Single Edge Contact Connector
SODIMM - Small Outline Dual Inline Memory Module
SPARC - Scalable Processor ArChitecture
SOHO - Small Office Home Office
SRAM - Static Random Access Memory
SSE - Streaming SIMD Extensions
SVGA - Super Video Graphics Array
S/PDIF - Sony/Philips Digital Interface

--- T ---
TB - Terabytes
TBps - Terabytes per second
Tbps - Terabits per second
TDK - TDK Electronics
TEC - Thermoelectric Cooler
TPC - TipidPC
TWAIN - Technology Without An Important Name

--- U ---
UART - Universal Asynchronous Receiver/Transmitter
USB - Universal Serial Bus
UTP - Unshieled Twisted Pair

--- V ---
VCD - Video CD
VPN - Virtual Private Network

--- W ---
WAN - Wide Area Network
WTB - Want to Buy
WYSIWYG - What You See Is What You Get

--- X ---
XGA - Extended Graphics Array
XFX - XFX Graphics, a Division of Pine
XMS - Extended Memory Specification
XT - Extended Technology

Thursday, September 18, 2008

Delete An undeletable File

Delete An "undeletable" File

Open a Command Prompt window and leave it open.
Close all open programs.
Click Start, Run and enter TASKMGR.EXE
Go to the Processes tab and End Process on Explorer.exe.
Leave Task Manager open.
Go back to the Command Prompt window and change to the directory the AVI (or other undeletable file) is located in.
At the command prompt type DEL where is the file you wish to delete.
Go back to Task Manager, click File, New Task and enter EXPLORER.EXE to restart the GUI shell.
Close Task Manager.


Or you can try this

Open Notepad.exe

Click File>Save As..>

locate the folder where ur undeletable file is

Choose 'All files' from the file type box

click once on the file u wanna delete so its name appears in the 'filename' box

put a " at the start and end of the filename
(the filename should have the extension of the undeletable file so it will overwrite it)

click save,

It should ask u to overwrite the existing file, choose yes and u can delete it as normal


Here's a manual way of doing it. I'll take this off once you put into your first post zain.

1. Start
2. Run
3. Type: command
4. To move into a directory type: cd c:\*** (The stars stand for your folder)
5. If you cannot access the folder because it has spaces for example Program Files or Kazaa Lite folder you have to do the following. instead of typing in the full folder name only take the first 6 letters then put a ~ and then 1 without spaces. Example: cd c:\progra~1\kazaal~1
6. Once your in the folder the non-deletable file it in type in dir - a list will come up with everything inside.
7. Now to delete the file type in del ***.bmp, txt, jpg, avi, etc... And if the file name has spaces you would use the special 1st 6 letters followed by a ~ and a 1 rule. Example: if your file name was bad file.bmp you would type once in the specific folder thorugh command, del badfil~1.bmp and your file should be gone. Make sure to type in the correct extension.

Disable Windows Logo Key

i was recently playing games and this nasty windos logo key keep annoying me , cause i often accidently clicked it , and i start to search a solution to solve my problem, and found the following article in microsfot website, and it did work, hope this helps, thanks!

CODE
http://support.microsoft.com/?kbid=181348


or in other articles, u can copy the following messages into ur notepad and save as *.reg, and use it..

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
"Scancode Map"=hex:00,00,00,00,00,00,00,00,03,00,00,00,00,00,5b,e0,00,00,5c,e0,\
00,00,00,00

How to find Security Holes

Security holes manifest themselves in (broadly) four ways:

1) Physical Security Holes.

- Where the potential problem is caused by giving unauthorised persons
physical access to the machine, where this might allow them to perform
things that they shouldn't be able to do.

A good example of this would be a public workstation room where it would
be trivial for a user to reboot a machine into single-user mode and muck
around with the workstation filestore, if precautions are not taken.

Another example of this is the need to restrict access to confidential
backup tapes, which may (otherwise) be read by any user with access to
the tapes and a tape drive, whether they are meant to have permission or
not.

2) Software Security Holes

- Where the problem is caused by badly written items of "privledged"
software (daemons, cronjobs) which can be compromised into doing things
which they shouldn't oughta.

The most famous example of this is the "sendmail debug" hole (see
bibliography) which would enable a cracker to bootstrap a "root" shell.
This could be used to delete your filestore, create a new account, copy
your password file, anything.

(Contrary to popular opinion, crack attacks via sendmail were not just
restricted to the infamous "Internet Worm" - any cracker could do this
by using "telnet" to port 25 on the target machine. The story behind a
similar hole (this time in the EMACS "move-mail" software) is described
in [Stoll].)

New holes like this appear all the time, and your best hopes are to:

a: try to structure your system so that as little software as possible
runs with root/daemon/bin privileges, and that which does is known to
be robust.

b: subscribe to a mailing list which can get details of problems
and/or fixes out to you as quickly as possible, and then ACT when you
receive information.

>From: Wes Morgan
>
> c: When installing/upgrading a given system, try to install/enable only
> those software packages for which you have an immediate or foreseeable
> need. Many packages include daemons or utilities which can reveal
> information to outsiders. For instance, AT&T System V Unix' accounting
> package includes acctcom(1), which will (by default) allow any user to
> review the daily accounting data for any other user. Many TCP/IP packa-
> ges automatically install/run programs such as rwhod, fingerd, and
> tftpd, all of which can present security problems.
>
> Careful system administration is the solution. Most of these programs
> are initialized/started at boot time; you may wish to modify your boot
> scripts (usually in the /etc, /etc/rc, /etc/rcX.d directories) to pre-
> vent their execution. You may wish to remove some utilities completely.
> For some utilities, a simple chmod(1) can prevent access from unauthorized
> users.
>
> In summary, DON'T TRUST INSTALLATION SCRIPTS/PROGRAMS! Such facilities
> tend to install/run everything in the package without asking you. Most
> installation documentation includes lists of "the programs included in
> this package"; be sure to review it.

3) Incompatible Usage Security Holes

- Where, through lack of experience, or no fault of his/her own, the
System Manager assembles a combination of hardware and software which
when used as a system is seriously flawed from a security point of view.
It is the incompatibility of trying to do two unconnected but useful
things which creates the security hole.

Problems like this are a pain to find once a system is set up and
running, so it is better to build your system with them in mind. It's
never too late to have a rethink, though.

Some examples are detailed below; let's not go into them here, it would
only spoil the surprise.

4) Choosing a suitable security philosophy and maintaining it.

>From: Gene Spafford
>The fourth kind of security problem is one of perception and
>understanding. Perfect software, protected hardware, and compatible
>components don't work unless you have selected an appropriate security
>policy and turned on the parts of your system that enforce it. Having
>the best password mechanism in the world is worthless if your users
>think that their login name backwards is a good password! Security is
>relative to a policy (or set of policies) and the operation of a system
>in conformance with that policy.

---

From: Hacking
Subject: Hacking Ideas
Date: 11/10/93

( Please contribute by sending E-Mail to ... )

[ Many ideas taken from: HaxNet - APG V1.3 : Guide to finding new holes]

NOTE: I think this should be divided into general categories:
1) General principles
2) Looking for holes in src (most items here)
3) Looking in binary distributions
4) Looking in site specific configurations

The following general classifications suggest themselves:
1) SUID/SGID
2) Return codes/error conditions
3) unexpected input
4) race conditions
5) authentication
6) implicit trust
7) parameters
8) permissions
9) interrupts
10) I/O
11) symbolic links
12) Daemons, particularly those taking user input.
13) Kernel race conditions
14) what else? - please add categories

(Suggested splitting of above into main and sub-catagories)
I: Suid binaries and scripts
unexpected user interactions
flawed liberary calls
implicit assumptions of external conditions (sym links, loc. paths)
race conditions
II: daemons running with priviliged uid's
race conditions
poor file protectons
implicit file protections
trust
authentication
III: Kernel problems
Kernel race conditions
device driver code

The following four step method was created by System Development
Corporation, who report a 65% success rate on the flaw hypotheses
generated. Doing a comprehensive search for operating system flaws
requires four steps:

Step 1) Knowledge of system control structure.
===============================================
To find security holes, and identifying design weaknesses it is
necessary to understand the system control structure, and layers.
One should be able to list the:
A) security objects: items to be protected. ie: a users file.
B) control objects: items that protect security objects. ie: a i-node
C) mutual objects : objects in both classes. ie: the password file
With such a list, it is possible to graphically represent a control
hierarchy and identify potential points of attack. Making flow charts
to give a visual breakdown of relationships definitely helps.
Reading the various users, operators, and administrators manuals should
provide this information.
(following para's should probably be moved to a "legal" section)
Reading and greping source code should also prove valuable. For those
without a source licence, I would suggest we use LINUX, NET2, and BSD386
distributions in order to stay legal. At some future time we may be able
to form a working contract between someone or a company with legal access
to other distributions and members actively participating in this project.
It appears that extracts of proprietary code may be used for academic
study, so long as they are not reused in a commercial product - more
checking is necessary though.

Step 2) Generate an inventory of suspected flaws. (i.e. flaw hypotheses)
========================================================================
In particular we want:
Code history:
What UNIX src does a particular flavor derive from? This is important
for cross references (very often only one vendor patches certain code,
which may get reused, in it's unpatched reincarnation by others)
A solid cross reference:
Who checked which bug in what OS and what version prevents us from
duplicating work.

A good start would be listing all the suid binaries on the various OS
flavors/versions. Then try to work out why each program is suid. i.e.:
rcp is suid root because it must use a privilaged port to do user
name authentication.
Often code that was never designed to be suid, is made suid, durring
porting to solve file access problems.
We need to develope a data base that will be able to look at pairs and
triplets of data, specificly: program name, suid, sgid, object accessed
(why prog is suid/sgid), OS flavor/version, and flav/vers geniology.
Any sugestions on how to implement such a DB?

Step 3) Confirm hypotheses. (test and exploit flaws)
====================================================

Step 4) Make generalizations of the underlying system weaknesses, for
which the flaw represents a specific instance.
=====================================================================

Tool Box:
=========
AGREP: I suggest everyone obtain, and install agrep from:
ftp cs.arizona.edu /agrep/agrep.tar.Z
Agrep supports "windowing" so it can look for routines, and subroutines.
It also supports logical operators and is thus ideally suited to automating
the search for many of the following flaws. i.e.
agrep WINDOW {suid() NOT taintperl()} /usr/local/*.pl
or agrep WINDOW {[suid() OR sgid()] AND [system() OR popen() OR execlp()
OR execvp()]} /usr/local/src/*.c

PERMUTATION PROGRAM: Another tool worth producing is a program to generate
all possible permutations of command line flags/arguments in order to uncover
undocumented features, and try to produce errors.

TCOV:

CRASH: Posted to USENET (what FTP archive?) (descrip?)

PAPERS: There are several papers that discuss methods of finding flaws, and
present test suites.
1) An Emphirical Study of the reliability of UNIX Utilities, by Barton P.
Miller, Lars Fredriksen, and Bryan So, Comm ACM, v33 n12, pp32-44,
Dec '90. Describes a test suite for testing random input strings.
Results indicated that 25% of the programs hung, crashed, or misbehaved.
In one case the OS crashed. An understanding of buffer and register
layout on the environment in question, and the expected input is likely
to produce the desired results.
2) The Mothra tools set, in Proceedings of the 22nd Hawaii International
Conference on Systems and Software, pages 275-284, Kona, HI, January '89
3) Extending Mutation Testing to Find Environmental Bugs, by Eugene H.
Spafford, Software Practice and Experience, 20(2):181-189, Feb '90
4) A paper by IBM was mentioned that was submitted to USENIX a few years
ago. (Anyone have a citation?).

Specific Flaws to Check For:
============================
1) Look for routines that don't do boundary checking, or verify input.
ie: the gets() family of routines, where it is possible to overwrite
buffer boundaries. ( sprintf()?, gets(), etc. )
also: strcpy() which is why most src has:
#define SCYPYN((a)(b)) strcpy(a, b, sizeof(a))

2) SUID/SGID routines written in one of the shells, instead of C or
PERL.

3) SUID/SGID routines written in PERL that don't use the "taintperl"
program.)

4) SUID/SGID routines that use the system(), popen(), execlp(), or
execvp() calls to run something else.

5) Any program that uses relative path names inside the program.

6) The use of relative path names to specify dynamically linked libraries.
(look in Makefile).

7) Routines that don't check error return codes from system calls. (ie:
fork(2), suid(2), etc), setuid() rather, as in the famous rcp bug

8) Holes can often be found in code that:
A) is ported to a new environment.
B) receives unexpected input.
C) interacts with other local software.
D) accesses system files like passwd, L.sys, etc.
E) reads input from a publicly writable file/directory.
F) diagnostic programs which are typically not user-proofed.

9) Test code for unexpected input. Coverage, data flow, and mutation
testing tools are available.

10) Look in man pages, and users guides for warnings against doing X, and
try variations of X. Ditto for "bugs" section.

11) Look for seldom used, or unusual functions or commands - read backwards.
In particular looking for undocumented flags/arguments may prove useful.
Check flags that were in prior releases, or in other OS versions. Check
for options that other programs might use. For instance telnet uses -h
option to login ...
right, as most login.c's I've seen have:
if((getuid()) && hflag){
syslog()
exit()
}

12) Look for race conditions.

13) Failure of software to authenticate that it is really communicating
with the desired software or hardware module it wants to be accessing.

14) Lack or error detection to reset protection mechanisms following an
error.

15) Poor implementation resulting in, for example, condition codes being
improperly tested.

16) Implicit trust: Routine B assumes routine A's parameters are correct
because routine A is a system process.

17) System stores it's data or references user parameters in the users
address space.

18) Inter process communication: return conditions (passwd OK, illegal
parameter, segment error, etc) can provide a significant wedge, esp.
when combined with (17).

19) User parameters may not be adequately checked.

20) Addresses that overlap or refer to system areas.

21) Condition code checks may be omitted.

22) Failure to anticipate unusual or extraordinary parameters.

23) Look for system levels where the modules involved were written by
different programmers, or groups of programmers - holes are likely
to be found.

24) Registers that point to the location of a parameters value instead
of passing the value itself.

25) Any program running with system privileges. (too many progs are given
uid 0, to facilitate access to certain tables, etc.)

26) Group or world readable temporary files, buffers, etc.

27) Lack of threshold values, and lack of logging/notification once these
have been triggered.

28) Changing parameters of critical system areas prior to their execution
by a concurrent process. (race conditions)

29) Inadequate boundary checking at compile time, for example, a user
may be able to execute machine code disguised as data in a data area.
(if text and data areas are shared)

30) Improperly handling user generated asynchronous interrupts. Users
interrupting a process, performing an operation, and either returning
to continue the process or begin another will frequently leave the
system in an unprotected state. Partially written files are left open,
improper writing of protection infraction messages, improper setting
of protection bits, etc often occur.

31) Code that uses fopen(3) without setting the umask. ( eg: at(1), etc. )
In general, code that does not reset the real and effective uid before
forking.

32) Trace is your friend (or truss in SVR4) for helping figure out what
system calls a program is using.

33) Scan /usr/local fs's closely. Many admins will install software from
the net. Often you'll find tcpdump, top, nfswatch, ... suid'd root for
their ease of use.

34) Check suid programs to see if they are the ones originally put on the
system. Admins will sometimes put in a passwd replacement which is less
secure than the distributed version.

35) Look for programs that were there to install software or loadable
kernel modules.

36) Dynamically linked programs in general. Remember LD_PRELOAD, I think
that was the variable.

37) I/O channel programming is a prime target. Look for logical errors,
inconsistencies, and omissions.

38) See if it's possible for a I/O channel program to modify itself, loop
back, and then execute the newly modified code. (instruction pre-load
may screw this up)

39) If I/O channels act as independent processors they may have unlimited
access to memory, thus system code may be modified in memory prior to
execution.

40) Look for bugs requiring flaws in multiple pieces of software, i.e. say
program a can be used to change config file /etc/a now program b assumes
the information in a to be correct and this leads to unexpected results
(just look at how many programs trust /etc/utmp)

41) Any program, especially those suid/sgid, that allow shell escapes.

Monday, September 15, 2008

Change Your Ip In Less Then 1 Minute

How To: Change Your Ip In Less Then 1 Minute

1. Click on "Start" in the bottom left hand corner of screen
2. Click on "Run"
3. Type in "command" and hit ok

You should now be at an MSDOS prompt screen.

4. Type "ipconfig /release" just like that, and hit "enter"
5. Type "exit" and leave the prompt
6. Right-click on "Network Places" or "My Network Places" on your desktop.
7. Click on "properties"

You should now be on a screen with something titled "Local Area Connection", or something close to that, and, if you have a network hooked up, all of your other networks.

8. Right click on "Local Area Connection" and click "properties"
9. Double-click on the "Internet Protocol (TCP/IP)" from the list under the "General" tab
10. Click on "Use the following IP address" under the "General" tab
11. Create an IP address (It doesn't matter what it is. I just type 1 and 2 until i fill the area up).
12. Press "Tab" and it should automatically fill in the "Subnet Mask" section with default numbers.
13. Hit the "Ok" button here
14. Hit the "Ok" button again

You should now be back to the "Local Area Connection" screen.

15. Right-click back on "Local Area Connection" and go to properties again.
16. Go back to the "TCP/IP" settings
17. This time, select "Obtain an IP address automatically"
tongue.gif 18. Hit "Ok"
19. Hit "Ok" again
20. You now have a new IP address

With a little practice, you can easily get this process down to 15 seconds.

P.S:
This only changes your dynamic IP address, not your ISP/IP address. If you plan on hacking a website with this trick be extremely careful, because if they try a little, they can trace it back

Change Text on XP Start Button

Step 1 - Modify Explorer.exe File

In order to make the changes, the file explorer.exe located at C:\Windows needs to be edited. Since explorer.exe is a binary file it requires a special editor. For purposes of this article I have used Resource Hacker. Resource HackerTM is a freeware utility to view, modify, rename, add, delete and extract resources in 32bit Windows executables and resource files (*.res). It incorporates an internal resource script compiler and decompiler and works on Microsoft Windows 95/98/ME, Windows NT, Windows 2000 and Windows XP operating systems.

get this from h**p://delphi.icm.edu.pl/ftp/tools/ResHack.zip

The first step is to make a backup copy of the file explorer.exe located at C:\Windows\explorer. Place it in a folder somewhere on your hard drive where it will be safe. Start Resource Hacker and open explorer.exe located at C:\Windows\explorer.exe.

The category we are going to be using is "String Table". Expand it by clicking the plus sign then navigate down to and expand string 37 followed by highlighting 1033. If you are using the Classic Layout rather than the XP Layout, use number 38. The right hand pane will display the stringtable. We’re going to modify item 578, currently showing the word “start” just as it displays on the current Start button.

There is no magic here. Just double click on the word “start” so that it’s highlighted, making sure the quotation marks are not part of the highlight. They need to remain in place, surrounding the new text that you’ll type. Go ahead and type your new entry. In my case I used Click Me!

You’ll notice that after the new text string has been entered the Compile Script button that was grayed out is now active. I won’t get into what’s involved in compiling a script, but suffice it to say it’s going to make this exercise worthwhile. Click Compile Script and then save the altered file using the Save As command on the File Menu. Do not use the Save command – Make sure to use the Save As command and choose a name for the file. Save the newly named file to C:\Windows.


Step 2 – Modify the Registry

!!!make a backup of your registry before making changes!!!

Now that the modified explorer.exe has been created it’s necessary to modify the registry so the file will be recognized when the user logs on to the system. If you don’t know how to access the registry I’m not sure this article is for you, but just in case it’s a temporary memory lapse, go to Start (soon to be something else) Run and type regedit in the Open field. Navigate to:

HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows NT\ CurrentVersion\ Winlogon

In the right pane, double click the "Shell" entry to open the Edit String dialog box. In Value data: line, enter the name that was used to save the modified explorer.exe file. Click OK.

Close Registry Editor and either log off the system and log back in, or reboot the entire system if that’s your preference. If all went as planned you should see your new Start button with the revised text.[/b]

Cant See Secure Sites

Cant See Secure Sites

Fix the problem with seeing them secrue sites (banks or online stores) i found this very usefull to me at my work (isp backbone support lol, at the time i was regular support )

Any way... what u need to do is make a new notepad file and write in it the followng DLL's.. just copy-paste these



regsvr32 SOFTPUB.DLL
regsvr32 WINTRUST.DLL
regsvr32 INITPKI.DLL
regsvr32 dssenh.dll
regsvr32 Rsaenh.dll
regsvr32 gpkcsp.dll
regsvr32 sccbase.dll
regsvr32 slbcsp.dll
regsvr32 Cryptdlg.dll


and save it as > all file types, and make it something like securefix.bat.

then just run the file and ur problem shuld be gone.

cannot use my password to get back into Windows XP

Because of the security features built into Windows XP, it is virtually impossible to get back into the system without the password.
You have several options to try and get around this problem.


If you have access to another user account with administrator rights, you can use that account to change the password
of the account that is locked out. You can also use the default Administrator account that is built into Windows XP.

First you need to boot the system into Safe Mode.
1.Restart your system.
2.When you see the blue Dell globe or screen, press the ( F8 ) key about 3 times a second.
3.You should get the Windows startup menu. Use the (Up or Down) arrow keys to highlight (SafeMode)
4.Press (Enter) on (Safe Mode), then press (Enter) on (Windows XP).
5.The system should boot to Safe Mode.

Once you are at the Account Log on Screen, click on the icon
for the user account with administrator rights, or click on the icon
for the administrators account.
Note: For Home the Administrator account isn't normally shown & in Safe Mode you have to press Ctrl+Alt+Delete keys twice to show.
For PRO you can do this in normal mode

When the system has booted to the desktop, use the following steps to change the accounts password.
1.Click Start, Control Panel, Administrative Tools.
2.Click Computer Management.
3.Double click Local Users and Groups, double click the folder Users.
4.Right click on the account name that is locked out, and click on Set Password.
5.You may get a warning message about changing the password, simply click proceed.
6.Leave the New Password box blank, also leave the Confirm Password box blank.
7.Click OK, and OK again.
8.Then close all Windows, reboot the system and try to log in.


There are also applications that can recover the password for you.
The following companies provide these applications at a cost.
iOpus® Password Recovery XP here.
LostPassword.com, here.
Asterisk Password Recovery XP v1.89 here.
Windows XP / 2000 / NT Key here.


If the above information does not help in recovering the password, the only option left is to
format the hard drive then reinstall Windows and the system software.

Boot Block Recovery For Free

You don't need to pay a measly sum of dollars just to recover from a boot block mode. Here it is folks:

AWARD Bootblock recovery:

That shorting trick should work if the boot block code is not corrupted, and it should not be if /sb switch is used when flashing the bios (instead of /wb switch).

The 2 pins to short to force a checksum error varies from chip to chip. But these are usually the highest-numbered address pins (A10 and above).

These are the pins used by the system to read the System BIOS (original.bin for award v6), calculate the ROM checksum and see if it's valid before decompressing it into memory, and subsequently allow Bootblock POST to pass control over to the System BIOS.

You just have to fool the system into believing that the System BIOS is corrupt. This you do by giving your system a hard time reading the System BIOS by shorting the 2 high address pins. And when it could not read the System BIOS properly, ROM Checksum Error is detected "so to speak" and Bootblock recovery is activated.

Sometimes, any combination of the high address pins won't work to force a checksum error in some chips, like my Winbond W49F002U. But shorting the #WE pin with the highest-numbered address pin (A17) worked for this chip. You just have to be experimentative if you're not comfortable with "hot flashing" or "replacement BIOS".

But to avoid further damage to your chip if you're not sure which are the correct pins to short, measure the potential between the 2 pins by a voltmeter while the system is on. If the voltage reading is zero (or no potential at all), it is safe to short these pins.

But do not short the pins while the system is on. Instead, power down then do the short, then power up while still shorting. And as soon as you hear 3 beeps (1 long, 2 short), remove the short at once so that automatic reflashing from Drive A can proceed without errors (assuming you had autoexec.bat in it).

About how to do the shorting, the tip of a screwdriver would do. But with such minute pins on the PLCC chip, I'm pretty comfortable doing it with the tip of my multi-tester or voltmeter probe. Short the pins at the point where they come out of the chip.



AMIBIOS Recovery bootblock:
1. Copy a known working BIOS image for your board to a floppy and rename it to AMIBOOT.ROM.
2. Insert the floppy in your system's floppydrive.
3. Power on the system while holding CTRL+Home keys. Release the keys when you hear a beep and/or see the floppy light coming on.
4 . Just wait until you hear 4 beeps. When 4 beeps are heard the reprogramming of the System Block BIOS went succesfull, so then you may restart your system.

Some alternative keys that can be used to force BIOS update (only the System Block will be updated so it's quite safe):
CTRL+Home= restore missing code into system block and clear CMOS when programming went ok.
CTRL+Page Up= restore missing code into system block and clear CMOS or DMI when programming went ok.
CTRL+Page Down= restore missing code into system block and do not clear CMOS and DMI area when programming went ok
Btw: the alternative keys work only with AMIBIOS 7 or higher (so for example an AMI 6.26 BIOS can be only recovered by using CTRL+Home keys).
Boot Block Recovery for FREE

************************************************
BLACKOUT Flashing
*************************************************

Recovering a Corrupt AMI BIOS chip
With motherboards that use BOOT BLOCK BIOS it is possible to recover a corrupted BIOS because the BOOT BLOCK section of the BIOS, which is responsible for booting the computer remains unmodified. When an AMI BIOS becomes corrupt the system will appear to start, but nothing will appear on the screen, the floppy drive light will come on and the system will access the floppy drive repeatedly. If your motherboard has an ISA slot and you have an old ISA video card lying around, put the ISA video card in your system and connect the monitor. The BOOT BLOCK section of the BIOS only supports ISA video cards, so if you do not have an ISA video card or your motherboard does not have ISA slots, you will have to restore your BIOS blind, with no monitor to show you what’s going on.

AMI has integrated a recovery routine into the BOOT BLOCK of the BIOS, which in the event the BIOS becomes corrupt can be used to restore the BIOS to a working state. The routine is called when the SYSTEM BLOCK of the BIOS is empty. The restore routine will access the floppy drive looking for a BIOS file names AMIBOOT.ROM, this is why the floppy drive light comes on and the drive spins. If the file is found it is loaded into the SYSTEM BLOCK of the BIOS to replace the missing information. To restore your BIOS simply copy a working BIOS file to a floppy diskette and rename it AMIBOOT.ROM, then insert it into the computer while the power is on. The diskette does not need to be bootable or contain a flash utility. After about four minutes the system will beep four times. Remove the floppy diskette from the drive and reboot the computer. The BIOS should now be restored.

Recovering a Corrupt AWARD BIOS
With AWARD BIOS the process is similar but still a bit different. To recover an AWARD BIOS you will need to create a floppy diskette with a working BIOS file in .BIN format, an AWARD flash utility and an AUTOEXEC.BAT file. AWARD BIOS will not automatically restore the BIOS information to the SYSTEM BLOCK for this reason you will need to add the commands necessary to flash the BIOS in the AUTOEXEC.BAT file. The system will run the AUTOEXE.BAT file, which will in turn flash the BIOS. This is fairly easy. Here are the steps you need to take.

· Create a bootable floppy diskette
· Copy the BIOS file and flash utility to the diskette
· Create an text file with any standard text editor and add the following lines

@ECHO OFF
FLASH763 BIOSFILE.BIN /py

In the above example I am assuming that you are using the FLASH763.EXE flash utility. You will need to replace the FLASH763 with the name of whatever flash utility you are using, and replace the BIOSFILE.BIN with the name of the BIOS file you are using. You will also need to change the ‘/py’ to whatever the command is for your flash utility to automatically program the BIOS without user intervention. If you do not know the command to automatically flash your BIOS type the name of the flash utility with a space and then /? to display the utility’s help screen. The help screen should pecify the command switch to automatically flash your BIOS. If you are using the FLASH763.EXE utility then the switch to automatically flash your BIOS is ‘/py’.

10 Security Enhancements

Before you spend a dime on security, there are many precautions you can take that will protect you against the most common threats.

1. Check Windows Update and Office Update regularly (_http://office.microsoft.com/productupdates); have your Office CD ready. Windows Me, 2000, and XP users can configure automatic updates. Click on the Automatic Updates tab in the System control panel and choose the appropriate options.

2. Install a personal firewall. Both SyGate (_www.sygate.com) and ZoneAlarm (_www.zonelabs.com) offer free versions.


3. Install a free spyware blocker. Our Editors' Choice ("Spyware," April 22) was SpyBot Search & Destroy (_http://security.kolla.de). SpyBot is also paranoid and ruthless in hunting out tracking cookies.

4. Block pop-up spam messages in Windows NT, 2000, or XP by disabling the Windows Messenger service (this is unrelated to the instant messaging program). Open Control Panel | Administrative Tools | Services and you'll see Messenger. Right-click and go to Properties. Set Start-up Type to Disabled and press the Stop button. Bye-bye, spam pop-ups! Any good firewall will also stop them.

5. Use strong passwords and change them periodically. Passwords should have at least seven characters; use letters and numbers and have at least one symbol. A decent example would be f8izKro@l. This will make it much harder for anyone to gain access to your accounts.

6. If you're using Outlook or Outlook Express, use the current version or one with the Outlook Security Update installed. The update and current versions patch numerous vulnerabilities.

7. Buy antivirus software and keep it up to date. If you're not willing to pay, try Grisoft AVG Free Edition (Grisoft Inc., w*w.grisoft.com). And doublecheck your AV with the free, online-only scanners available at w*w.pandasoftware.com/activescan and _http://housecall.trendmicro.com.

8. If you have a wireless network, turn on the security features: Use MAC filtering, turn off SSID broadcast, and even use WEP with the biggest key you can get. For more, check out our wireless section or see the expanded coverage in Your Unwired World in our next issue.

9. Join a respectable e-mail security list, such as the one found at our own Security Supersite at _http://security.ziffdavis.com, so that you learn about emerging threats quickly and can take proper precautions.

10. Be skeptical of things on the Internet. Don't assume that e-mail "From:" a particular person is actually from that person until you have further reason to believe it's that person. Don't assume that an attachment is what it says it is. Don't give out your password to anyone, even if that person claims to be from "support."

Friday, September 12, 2008

Bandwidth Explained!

This is well written explanation about bandwidth, very useful info.



BandWidth Explained

Most hosting companies offer a variety of bandwidth options in their plans. So exactly what is bandwidth as it relates to web hosting? Put simply, bandwidth is the amount of traffic that is allowed to occur between your web site and the rest of the internet. The amount of bandwidth a hosting company can provide is determined by their network connections, both internal to their data center and external to the public internet.


Network Connectivity

The internet, in the most simplest of terms, is a group of millions of computers connected by networks. These connections within the internet can be large or small depending upon the cabling and equipment that is used at a particular internet location. It is the size of each network connection that determines how much bandwidth is available. For example, if you use a DSL connection to connect to the internet, you have 1.54 Mega bits (Mb) of bandwidth. Bandwidth therefore is measured in bits (a single 0 or 1). Bits are grouped in bytes which form words, text, and other information that is transferred between your computer and the internet.

If you have a DSL connection to the internet, you have dedicated bandwidth between your computer and your internet provider. But your internet provider may have thousands of DSL connections to their location. All of these connection aggregate at your internet provider who then has their own dedicated connection to the internet (or multiple connections) which is much larger than your single connection. They must have enough bandwidth to serve your computing needs as well as all of their other customers. So while you have a 1.54Mb connection to your internet provider, your internet provider may have a 255Mb connection to the internet so it can accommodate your needs and up to 166 other users (255/1.54).


Traffic

A very simple analogy to use to understand bandwidth and traffic is to think of highways and cars. Bandwidth is the number of lanes on the highway and traffic is the number of cars on the highway. If you are the only car on a highway, you can travel very quickly. If you are stuck in the middle of rush hour, you may travel very slowly since all of the lanes are being used up.

Traffic is simply the number of bits that are transferred on network connections. It is easiest to understand traffic using examples. One Gigabyte is 2 to the 30th power (1,073,741,824) bytes. One gigabyte is equal to 1,024 megabytes. To put this in perspective, it takes one byte to store one character. Imagine 100 file cabinets in a building, each of these cabinets holds 1000 folders. Each folder has 100 papers. Each paper contains 100 characters - A GB is all the characters in the building. An MP3 song is about 4MB, the same song in wav format is about 40MB, a full length movie can be 800MB to 1000MB (1000MB = 1GB).

If you were to transfer this MP3 song from a web site to your computer, you would create 4MB of traffic between the web site you are downloading from and your computer. Depending upon the network connection between the web site and the internet, the transfer may occur very quickly, or it could take time if other people are also downloading files at the same time. If, for example, the web site you download from has a 10MB connection to the internet, and you are the only person accessing that web site to download your MP3, your 4MB file will be the only traffic on that web site. However, if three people are all downloading that same MP at the same time, 12MB (3 x 4MB) of traffic has been created. Because in this example, the host only has 10MB of bandwidth, someone will have to wait. The network equipment at the hosting company will cycle through each person downloading the file and transfer a small portion at a time so each person's file transfer can take place, but the transfer for everyone downloading the file will be slower. If 100 people all came to the site and downloaded the MP3 at the same time, the transfers would be extremely slow. If the host wanted to decrease the time it took to download files simultaneously, it could increase the bandwidth of their internet connection (at a cost due to upgrading equipment).


Hosting Bandwidth

In the example above, we discussed traffic in terms of downloading an MP3 file. However, each time you visit a web site, you are creating traffic, because in order to view that web page on your computer, the web page is first downloaded to your computer (between the web site and you) which is then displayed using your browser software (Internet Explorer, Netscape, etc.) . The page itself is simply a file that creates traffic just like the MP3 file in the example above (however, a web page is usually much smaller than a music file).

A web page may be very small or large depending upon the amount of text and the number and quality of images integrated within the web page. For example, the home page for CNN.com is about 200KB (200 Kilobytes = 200,000 bytes = 1,600,000 bits). This is typically large for a web page. In comparison, Yahoo's home page is about 70KB.


How Much Bandwidth Is Enough?

It depends (don't you hate that answer). But in truth, it does. Since bandwidth is a significant determinant of hosting plan prices, you should take time to determine just how much is right for you. Almost all hosting plans have bandwidth requirements measured in months, so you need to estimate the amount of bandwidth that will be required by your site on a monthly basis

If you do not intend to provide file download capability from your site, the formula for calculating bandwidth is fairly straightforward:

Average Daily Visitors x Average Page Views x Average Page Size x 31 x Fudge Factor

If you intend to allow people to download files from your site, your bandwidth calculation should be:

[(Average Daily Visitors x Average Page Views x Average Page Size) +
(Average Daily File Downloads x Average File Size)] x 31 x Fudge Factor

Let us examine each item in the formula:

Average Daily Visitors - The number of people you expect to visit your site, on average, each day. Depending upon how you market your site, this number could be from 1 to 1,000,000.

Average Page Views - On average, the number of web pages you expect a person to view. If you have 50 web pages in your web site, an average person may only view 5 of those pages each time they visit.

Average Page Size - The average size of your web pages, in Kilobytes (KB). If you have already designed your site, you can calculate this directly.

Average Daily File Downloads - The number of downloads you expect to occur on your site. This is a function of the numbers of visitors and how many times a visitor downloads a file, on average, each day.

Average File Size - Average file size of files that are downloadable from your site. Similar to your web pages, if you already know which files can be downloaded, you can calculate this directly.

Fudge Factor - A number greater than 1. Using 1.5 would be safe, which assumes that your estimate is off by 50%. However, if you were very unsure, you could use 2 or 3 to ensure that your bandwidth requirements are more than met.

Usually, hosting plans offer bandwidth in terms of Gigabytes (GB) per month. This is why our formula takes daily averages and multiplies them by 31.


Summary

Most personal or small business sites will not need more than 1GB of bandwidth per month. If you have a web site that is composed of static web pages and you expect little traffic to your site on a daily basis, go with a low bandwidth plan. If you go over the amount of bandwidth allocated in your plan, your hosting company could charge you over usage fees, so if you think the traffic to your site will be significant, you may want to go through the calculations above to estimate the amount of bandwidth required in a hosting plan.