Saturday, September 27, 2008

23 Ways To Speed WinXP, Not only Defrag.txt

Since defragging the disk won't do much to improve Windows XP performance, here are 23 suggestions that will. Each can enhance the performance and reliability of your customers' PCs. Best of all, most of them will cost you nothing.
1.) To decrease a system's boot time and increase system performance, use the money you save by not buying defragmentation software -- the built-in Windows defragmenter works just fine -- and instead equip the computer with an Ultra-133 or Serial ATA hard drive with 8-MB cache buffer.

2.) If a PC has less than 512 MB of RAM, add more memory. This is a relatively inexpensive and easy upgrade that can dramatically improve system performance.

3.) Ensure that Windows XP is utilizing the NTFS file system. If you're not sure, here's how to check: First, double-click the My Computer icon, right-click on the C: Drive, then select Properties. Next, examine the File System type; if it says FAT32, then back-up any important data. Next, click Start, click Run, type CMD, and then click OK. At the prompt, type CONVERT C: /FS:NTFS and press the Enter key. This process may take a while; it's important that the computer be uninterrupted and virus-free. The file system used by the bootable drive will be either FAT32 or NTFS. I highly recommend NTFS for its superior security, reliability, and efficiency with larger disk drives.

4.) Disable file indexing. The indexing service extracts information from documents and other files on the hard drive and creates a "searchable keyword index." As you can imagine, this process can be quite taxing on any system.

The idea is that the user can search for a word, phrase, or property inside a document, should they have hundreds or thousands of documents and not know the file name of the document they want. Windows XP's built-in search functionality can still perform these kinds of searches without the Indexing service. It just takes longer. The OS has to open each file at the time of the request to help find what the user is looking for.

Most people never need this feature of search. Those who do are typically in a large corporate environment where thousands of documents are located on at least one server. But if you're a typical system builder, most of your clients are small and medium businesses. And if your clients have no need for this search feature, I recommend disabling it.

Here's how: First, double-click the My Computer icon. Next, right-click on the C: Drive, then select Properties. Uncheck "Allow Indexing Service to index this disk for fast file searching." Next, apply changes to "C: subfolders and files," and click OK. If a warning or error message appears (such as "Access is denied"), click the Ignore All button.

5.) Update the PC's video and motherboard chipset drivers. Also, update and configure the BIOS. For more information on how to configure your BIOS properly, see this article on my site.

6.) Empty the Windows Prefetch folder every three months or so. Windows XP can "prefetch" portions of data and applications that are used frequently. This makes processes appear to load faster when called upon by the user. That's fine. But over time, the prefetch folder may become overloaded with references to files and applications no longer in use. When that happens, Windows XP is wasting time, and slowing system performance, by pre-loading them. Nothing critical is in this folder, and the entire contents are safe to delete.

7.) Once a month, run a disk cleanup. Here's how: Double-click the My Computer icon. Then right-click on the C: drive and select Properties. Click the Disk Cleanup button -- it's just to the right of the Capacity pie graph -- and delete all temporary files.

8.) In your Device Manager, double-click on the IDE ATA/ATAPI Controllers device, and ensure that DMA is enabled for each drive you have connected to the Primary and Secondary controller. Do this by double-clicking on Primary IDE Channel. Then click the Advanced Settings tab. Ensure the Transfer Mode is set to "DMA if available" for both Device 0 and Device 1. Then repeat this process with the Secondary IDE Channel.

9.) Upgrade the cabling. As hard-drive technology improves, the cabling requirements to achieve these performance boosts have become more stringent. Be sure to use 80-wire Ultra-133 cables on all of your IDE devices with the connectors properly assigned to the matching Master/Slave/Motherboard sockets. A single device must be at the end of the cable; connecting a single drive to the middle connector on a ribbon cable will cause signaling problems. With Ultra DMA hard drives, these signaling problems will prevent the drive from performing at its maximum potential. Also, because these cables inherently support "cable select," the location of each drive on the cable is important. For these reasons, the cable is designed so drive positioning is explicitly clear.

10.) Remove all spyware from the computer. Use free programs such as AdAware by Lavasoft or SpyBot Search & Destroy. Once these programs are installed, be sure to check for and download any updates before starting your search. Anything either program finds can be safely removed. Any free software that requires spyware to run will no longer function once the spyware portion has been removed; if your customer really wants the program even though it contains spyware, simply reinstall it. For more information on removing Spyware visit this Web Pro News page.

11.) Remove any unnecessary programs and/or items from Windows Startup routine using the MSCONFIG utility. Here's how: First, click Start, click Run, type MSCONFIG, and click OK. Click the StartUp tab, then uncheck any items you don't want to start when Windows starts. Unsure what some items are? Visit the WinTasks Process Library. It contains known system processes, applications, as well as spyware references and explanations. Or quickly identify them by searching for the filenames using Google or another Web search engine.

12.) Remove any unnecessary or unused programs from the Add/Remove Programs section of the Control Panel.

13.) Turn off any and all unnecessary animations, and disable active desktop. In fact, for optimal performance, turn off all animations. Windows XP offers many different settings in this area. Here's how to do it: First click on the System icon in the Control Panel. Next, click on the Advanced tab. Select the Settings button located under Performance. Feel free to play around with the options offered here, as nothing you can change will alter the reliability of the computer -- only its responsiveness.

14.) If your customer is an advanced user who is comfortable editing their registry, try some of the performance registry tweaks offered at Tweak XP.

15.) Visit Microsoft's Windows update site regularly, and download all updates labeled Critical. Download any optional updates at your discretion.

16.) Update the customer's anti-virus software on a weekly, even daily, basis. Make sure they have only one anti-virus software package installed. Mixing anti-virus software is a sure way to spell disaster for performance and reliability.

17.) Make sure the customer has fewer than 500 type fonts installed on their computer. The more fonts they have, the slower the system will become. While Windows XP handles fonts much more efficiently than did the previous versions of Windows, too many fonts -- that is, anything over 500 -- will noticeably tax the system.

18.) Do not partition the hard drive. Windows XP's NTFS file system runs more efficiently on one large partition. The data is no safer on a separate partition, and a reformat is never necessary to reinstall an operating system. The same excuses people offer for using partitions apply to using a folder instead. For example, instead of putting all your data on the D: drive, put it in a folder called "D drive." You'll achieve the same organizational benefits that a separate partition offers, but without the degradation in system performance. Also, your free space won't be limited by the size of the partition; instead, it will be limited by the size of the entire hard drive. This means you won't need to resize any partitions, ever. That task can be time-consuming and also can result in lost data.

19.) Check the system's RAM to ensure it is operating properly. I recommend using a free program called MemTest86. The download will make a bootable CD or diskette (your choice), which will run 10 extensive tests on the PC's memory automatically after you boot to the disk you created. Allow all tests to run until at least three passes of the 10 tests are completed. If the program encounters any errors, turn off and unplug the computer, remove a stick of memory (assuming you have more than one), and run the test again. Remember, bad memory cannot be repaired, but only replaced.

20.) If the PC has a CD or DVD recorder, check the drive manufacturer's Web site for updated firmware. In some cases you'll be able to upgrade the recorder to a faster speed. Best of all, it's free.

21.) Disable unnecessary services. Windows XP loads a lot of services that your customer most likely does not need. To determine which services you can disable for your client, visit the Black Viper site for Windows XP configurations.

22.) If you're sick of a single Windows Explorer window crashing and then taking the rest of your OS down with it, then follow this tip: open My Computer, click on Tools, then Folder Options. Now click on the View tab. Scroll down to "Launch folder windows in a separate process," and enable this option. You'll have to reboot your machine for this option to take effect.

23.) At least once a year, open the computer's cases and blow out all the dust and debris. While you're in there, check that all the fans are turning properly. Also inspect the motherboard capacitors for bulging or leaks. For more information on this leaking-capacitor phenomena, you can read numerous articles on my site.


Following any of these suggestions should result in noticeable improvements to the performance and reliability of your customers' computers. If you still want to defrag a disk, remember that the main benefit will be to make your data more retrievable in the event of a crashed drive.

Sunday, September 21, 2008

Computer Acronyms

ADSL - Asymmetric Digital Subscriber Line
AGP - Accelerated Graphics Port
ALI - Acer Labs, Incorporated
ALU - Arithmetic Logic Unit
AMD - Advanced Micro Devices
APC - American Power Conversion
ASCII - American Standard Code for Information Interchange
ASIC - Application Specific Integrated Circuit
ASPI - Advanced SCSI Programming Interface
AT - Advanced Technology
ATI - ATI Technologies Inc.
ATX - Advanced Technology Extended

--- B ---
BFG - BFG Technologies
BIOS - Basic Input Output System
BNC - Barrel Nut Connector

--- C ---
CAS - Column Address Signal
CD - Compact Disk
CDR - Compact Disk Recorder
CDRW - Compact Disk Re-Writer
CD-ROM - Compact Disk - Read Only Memory
CFM - Cubic Feet per Minute (ft�/min)
CMOS - Complementary Metal Oxide Semiconductor
CPU - Central Processing Unit
CTX - CTX Technology Corporation (Commited to Excellence)

--- D ---

DDR - Double Data Rate
DDR-SDRAM - Double Data Rate - Synchronous Dynamic Random Access Memory
DFI - DFI Inc. (Design for Innovation)
DIMM - Dual Inline Memory Module
DRAM - Dynamic Random Access Memory
DPI - Dots Per Inch
DSL - See ASDL
DVD - Digital Versatile Disc
DVD-RAM - Digital Versatile Disk - Random Access Memory

--- E ---
ECC - Error Correction Code
ECS - Elitegroup Computer Systems
EDO - Extended Data Out
EEPROM - Electrically Erasable Programmable Read-Only Memory
EPROM - Erasable Programmable Read-Only Memory
EVGA - EVGA Corporation

--- F ---
FC-PGA - Flip Chip Pin Grid Array
FDC - Floppy Disk Controller
FDD - Floppy Disk Drive
FPS - Frame Per Second
FPU - Floating Point Unit
FSAA - Full Screen Anti-Aliasing
FS - For Sale
FSB - Front Side Bus

--- G ---
GB - Gigabytes
GBps - Gigabytes per second or Gigabits per second
GDI - Graphical Device Interface
GHz - GigaHertz

--- H ---
HDD - Hard Disk Drive
HIS - Hightech Information System Limited
HP - Hewlett-Packard Development Company
HSF - Heatsink-Fan

--- I ---
IBM - International Business Machines Corporation
IC - Integrated Circuit
IDE - Integrated Drive Electronics
IFS- Item for Sale
IRQ - Interrupt Request
ISA - Industry Standard Architecture
ISO - International Standards Organization

--- J ---
JBL - JBL (Jame B. Lansing) Speakers
JVC - JVC Company of America

- K ---
Kbps - Kilobits Per Second
KBps - KiloBytes per second

--- L ---
LG - LG Electronics
LAN - Local Area Network
LCD - Liquid Crystal Display
LDT - Lightning Data Transport
LED - Light Emitting Diode

--- M ---
MAC - Media Access Control
MB � MotherBoard or Megabyte
MBps - Megabytes Per Second
Mbps - Megabits Per Second or Megabits Per Second
MHz - MegaHertz
MIPS - Million Instructions Per Second
MMX - Multi-Media Extensions
MSI - Micro Star International

--- N ---
NAS - Network Attached Storage
NAT - Network Address Translation
NEC - NEC Corporation
NIC - Network Interface Card

--- O ---
OC - Overclock (Over Clock)
OCZ - OCZ Technology
OEM - Original Equipment Manufacturer

--- P ---
PC - Personal Computer
PCB - Printed Circuit Board
PCI - Peripheral Component Interconnect
PDA - Personal Digital Assistant
PCMCIA - Peripheral Component Microchannel Interconnect Architecture
PGA - Professional Graphics Array
PLD - Programmable Logic Device
PM - Private Message / Private Messaging
PnP - Plug 'n Play
PNY - PNY Technology
POST - Power On Self Test
PPPoA - Point-to-Point Protocol over ATM
PPPoE - Point-to-Point Protocol over Ethernet
PQI - PQI Corporation
PSU - Power Supply Unit

--- R ---
RAID - Redundant Array of Inexpensive Disks
RAM - Random Access Memory
RAMDAC - Random Access Memory Digital Analog Convertor
RDRAM - Rambus Dynamic Random Access Memory
ROM - Read Only Memory
RPM - Revolutions Per Minute

--- S ---
SASID - Self-scanned Amorphous Silicon Integrated Display
SCA - SCSI Configured Automatically
SCSI - Small Computer System Interface
SDRAM - Synchronous Dynamic Random Access Memory
SECC - Single Edge Contact Connector
SODIMM - Small Outline Dual Inline Memory Module
SPARC - Scalable Processor ArChitecture
SOHO - Small Office Home Office
SRAM - Static Random Access Memory
SSE - Streaming SIMD Extensions
SVGA - Super Video Graphics Array
S/PDIF - Sony/Philips Digital Interface

--- T ---
TB - Terabytes
TBps - Terabytes per second
Tbps - Terabits per second
TDK - TDK Electronics
TEC - Thermoelectric Cooler
TPC - TipidPC
TWAIN - Technology Without An Important Name

--- U ---
UART - Universal Asynchronous Receiver/Transmitter
USB - Universal Serial Bus
UTP - Unshieled Twisted Pair

--- V ---
VCD - Video CD
VPN - Virtual Private Network

--- W ---
WAN - Wide Area Network
WTB - Want to Buy
WYSIWYG - What You See Is What You Get

--- X ---
XGA - Extended Graphics Array
XFX - XFX Graphics, a Division of Pine
XMS - Extended Memory Specification
XT - Extended Technology

Thursday, September 18, 2008

Delete An undeletable File

Delete An "undeletable" File

Open a Command Prompt window and leave it open.
Close all open programs.
Click Start, Run and enter TASKMGR.EXE
Go to the Processes tab and End Process on Explorer.exe.
Leave Task Manager open.
Go back to the Command Prompt window and change to the directory the AVI (or other undeletable file) is located in.
At the command prompt type DEL where is the file you wish to delete.
Go back to Task Manager, click File, New Task and enter EXPLORER.EXE to restart the GUI shell.
Close Task Manager.


Or you can try this

Open Notepad.exe

Click File>Save As..>

locate the folder where ur undeletable file is

Choose 'All files' from the file type box

click once on the file u wanna delete so its name appears in the 'filename' box

put a " at the start and end of the filename
(the filename should have the extension of the undeletable file so it will overwrite it)

click save,

It should ask u to overwrite the existing file, choose yes and u can delete it as normal


Here's a manual way of doing it. I'll take this off once you put into your first post zain.

1. Start
2. Run
3. Type: command
4. To move into a directory type: cd c:\*** (The stars stand for your folder)
5. If you cannot access the folder because it has spaces for example Program Files or Kazaa Lite folder you have to do the following. instead of typing in the full folder name only take the first 6 letters then put a ~ and then 1 without spaces. Example: cd c:\progra~1\kazaal~1
6. Once your in the folder the non-deletable file it in type in dir - a list will come up with everything inside.
7. Now to delete the file type in del ***.bmp, txt, jpg, avi, etc... And if the file name has spaces you would use the special 1st 6 letters followed by a ~ and a 1 rule. Example: if your file name was bad file.bmp you would type once in the specific folder thorugh command, del badfil~1.bmp and your file should be gone. Make sure to type in the correct extension.

Disable Windows Logo Key

i was recently playing games and this nasty windos logo key keep annoying me , cause i often accidently clicked it , and i start to search a solution to solve my problem, and found the following article in microsfot website, and it did work, hope this helps, thanks!

CODE
http://support.microsoft.com/?kbid=181348


or in other articles, u can copy the following messages into ur notepad and save as *.reg, and use it..

Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
"Scancode Map"=hex:00,00,00,00,00,00,00,00,03,00,00,00,00,00,5b,e0,00,00,5c,e0,\
00,00,00,00

How to find Security Holes

Security holes manifest themselves in (broadly) four ways:

1) Physical Security Holes.

- Where the potential problem is caused by giving unauthorised persons
physical access to the machine, where this might allow them to perform
things that they shouldn't be able to do.

A good example of this would be a public workstation room where it would
be trivial for a user to reboot a machine into single-user mode and muck
around with the workstation filestore, if precautions are not taken.

Another example of this is the need to restrict access to confidential
backup tapes, which may (otherwise) be read by any user with access to
the tapes and a tape drive, whether they are meant to have permission or
not.

2) Software Security Holes

- Where the problem is caused by badly written items of "privledged"
software (daemons, cronjobs) which can be compromised into doing things
which they shouldn't oughta.

The most famous example of this is the "sendmail debug" hole (see
bibliography) which would enable a cracker to bootstrap a "root" shell.
This could be used to delete your filestore, create a new account, copy
your password file, anything.

(Contrary to popular opinion, crack attacks via sendmail were not just
restricted to the infamous "Internet Worm" - any cracker could do this
by using "telnet" to port 25 on the target machine. The story behind a
similar hole (this time in the EMACS "move-mail" software) is described
in [Stoll].)

New holes like this appear all the time, and your best hopes are to:

a: try to structure your system so that as little software as possible
runs with root/daemon/bin privileges, and that which does is known to
be robust.

b: subscribe to a mailing list which can get details of problems
and/or fixes out to you as quickly as possible, and then ACT when you
receive information.

>From: Wes Morgan
>
> c: When installing/upgrading a given system, try to install/enable only
> those software packages for which you have an immediate or foreseeable
> need. Many packages include daemons or utilities which can reveal
> information to outsiders. For instance, AT&T System V Unix' accounting
> package includes acctcom(1), which will (by default) allow any user to
> review the daily accounting data for any other user. Many TCP/IP packa-
> ges automatically install/run programs such as rwhod, fingerd, and
> tftpd, all of which can present security problems.
>
> Careful system administration is the solution. Most of these programs
> are initialized/started at boot time; you may wish to modify your boot
> scripts (usually in the /etc, /etc/rc, /etc/rcX.d directories) to pre-
> vent their execution. You may wish to remove some utilities completely.
> For some utilities, a simple chmod(1) can prevent access from unauthorized
> users.
>
> In summary, DON'T TRUST INSTALLATION SCRIPTS/PROGRAMS! Such facilities
> tend to install/run everything in the package without asking you. Most
> installation documentation includes lists of "the programs included in
> this package"; be sure to review it.

3) Incompatible Usage Security Holes

- Where, through lack of experience, or no fault of his/her own, the
System Manager assembles a combination of hardware and software which
when used as a system is seriously flawed from a security point of view.
It is the incompatibility of trying to do two unconnected but useful
things which creates the security hole.

Problems like this are a pain to find once a system is set up and
running, so it is better to build your system with them in mind. It's
never too late to have a rethink, though.

Some examples are detailed below; let's not go into them here, it would
only spoil the surprise.

4) Choosing a suitable security philosophy and maintaining it.

>From: Gene Spafford
>The fourth kind of security problem is one of perception and
>understanding. Perfect software, protected hardware, and compatible
>components don't work unless you have selected an appropriate security
>policy and turned on the parts of your system that enforce it. Having
>the best password mechanism in the world is worthless if your users
>think that their login name backwards is a good password! Security is
>relative to a policy (or set of policies) and the operation of a system
>in conformance with that policy.

---

From: Hacking
Subject: Hacking Ideas
Date: 11/10/93

( Please contribute by sending E-Mail to ... )

[ Many ideas taken from: HaxNet - APG V1.3 : Guide to finding new holes]

NOTE: I think this should be divided into general categories:
1) General principles
2) Looking for holes in src (most items here)
3) Looking in binary distributions
4) Looking in site specific configurations

The following general classifications suggest themselves:
1) SUID/SGID
2) Return codes/error conditions
3) unexpected input
4) race conditions
5) authentication
6) implicit trust
7) parameters
8) permissions
9) interrupts
10) I/O
11) symbolic links
12) Daemons, particularly those taking user input.
13) Kernel race conditions
14) what else? - please add categories

(Suggested splitting of above into main and sub-catagories)
I: Suid binaries and scripts
unexpected user interactions
flawed liberary calls
implicit assumptions of external conditions (sym links, loc. paths)
race conditions
II: daemons running with priviliged uid's
race conditions
poor file protectons
implicit file protections
trust
authentication
III: Kernel problems
Kernel race conditions
device driver code

The following four step method was created by System Development
Corporation, who report a 65% success rate on the flaw hypotheses
generated. Doing a comprehensive search for operating system flaws
requires four steps:

Step 1) Knowledge of system control structure.
===============================================
To find security holes, and identifying design weaknesses it is
necessary to understand the system control structure, and layers.
One should be able to list the:
A) security objects: items to be protected. ie: a users file.
B) control objects: items that protect security objects. ie: a i-node
C) mutual objects : objects in both classes. ie: the password file
With such a list, it is possible to graphically represent a control
hierarchy and identify potential points of attack. Making flow charts
to give a visual breakdown of relationships definitely helps.
Reading the various users, operators, and administrators manuals should
provide this information.
(following para's should probably be moved to a "legal" section)
Reading and greping source code should also prove valuable. For those
without a source licence, I would suggest we use LINUX, NET2, and BSD386
distributions in order to stay legal. At some future time we may be able
to form a working contract between someone or a company with legal access
to other distributions and members actively participating in this project.
It appears that extracts of proprietary code may be used for academic
study, so long as they are not reused in a commercial product - more
checking is necessary though.

Step 2) Generate an inventory of suspected flaws. (i.e. flaw hypotheses)
========================================================================
In particular we want:
Code history:
What UNIX src does a particular flavor derive from? This is important
for cross references (very often only one vendor patches certain code,
which may get reused, in it's unpatched reincarnation by others)
A solid cross reference:
Who checked which bug in what OS and what version prevents us from
duplicating work.

A good start would be listing all the suid binaries on the various OS
flavors/versions. Then try to work out why each program is suid. i.e.:
rcp is suid root because it must use a privilaged port to do user
name authentication.
Often code that was never designed to be suid, is made suid, durring
porting to solve file access problems.
We need to develope a data base that will be able to look at pairs and
triplets of data, specificly: program name, suid, sgid, object accessed
(why prog is suid/sgid), OS flavor/version, and flav/vers geniology.
Any sugestions on how to implement such a DB?

Step 3) Confirm hypotheses. (test and exploit flaws)
====================================================

Step 4) Make generalizations of the underlying system weaknesses, for
which the flaw represents a specific instance.
=====================================================================

Tool Box:
=========
AGREP: I suggest everyone obtain, and install agrep from:
ftp cs.arizona.edu /agrep/agrep.tar.Z
Agrep supports "windowing" so it can look for routines, and subroutines.
It also supports logical operators and is thus ideally suited to automating
the search for many of the following flaws. i.e.
agrep WINDOW {suid() NOT taintperl()} /usr/local/*.pl
or agrep WINDOW {[suid() OR sgid()] AND [system() OR popen() OR execlp()
OR execvp()]} /usr/local/src/*.c

PERMUTATION PROGRAM: Another tool worth producing is a program to generate
all possible permutations of command line flags/arguments in order to uncover
undocumented features, and try to produce errors.

TCOV:

CRASH: Posted to USENET (what FTP archive?) (descrip?)

PAPERS: There are several papers that discuss methods of finding flaws, and
present test suites.
1) An Emphirical Study of the reliability of UNIX Utilities, by Barton P.
Miller, Lars Fredriksen, and Bryan So, Comm ACM, v33 n12, pp32-44,
Dec '90. Describes a test suite for testing random input strings.
Results indicated that 25% of the programs hung, crashed, or misbehaved.
In one case the OS crashed. An understanding of buffer and register
layout on the environment in question, and the expected input is likely
to produce the desired results.
2) The Mothra tools set, in Proceedings of the 22nd Hawaii International
Conference on Systems and Software, pages 275-284, Kona, HI, January '89
3) Extending Mutation Testing to Find Environmental Bugs, by Eugene H.
Spafford, Software Practice and Experience, 20(2):181-189, Feb '90
4) A paper by IBM was mentioned that was submitted to USENIX a few years
ago. (Anyone have a citation?).

Specific Flaws to Check For:
============================
1) Look for routines that don't do boundary checking, or verify input.
ie: the gets() family of routines, where it is possible to overwrite
buffer boundaries. ( sprintf()?, gets(), etc. )
also: strcpy() which is why most src has:
#define SCYPYN((a)(b)) strcpy(a, b, sizeof(a))

2) SUID/SGID routines written in one of the shells, instead of C or
PERL.

3) SUID/SGID routines written in PERL that don't use the "taintperl"
program.)

4) SUID/SGID routines that use the system(), popen(), execlp(), or
execvp() calls to run something else.

5) Any program that uses relative path names inside the program.

6) The use of relative path names to specify dynamically linked libraries.
(look in Makefile).

7) Routines that don't check error return codes from system calls. (ie:
fork(2), suid(2), etc), setuid() rather, as in the famous rcp bug

8) Holes can often be found in code that:
A) is ported to a new environment.
B) receives unexpected input.
C) interacts with other local software.
D) accesses system files like passwd, L.sys, etc.
E) reads input from a publicly writable file/directory.
F) diagnostic programs which are typically not user-proofed.

9) Test code for unexpected input. Coverage, data flow, and mutation
testing tools are available.

10) Look in man pages, and users guides for warnings against doing X, and
try variations of X. Ditto for "bugs" section.

11) Look for seldom used, or unusual functions or commands - read backwards.
In particular looking for undocumented flags/arguments may prove useful.
Check flags that were in prior releases, or in other OS versions. Check
for options that other programs might use. For instance telnet uses -h
option to login ...
right, as most login.c's I've seen have:
if((getuid()) && hflag){
syslog()
exit()
}

12) Look for race conditions.

13) Failure of software to authenticate that it is really communicating
with the desired software or hardware module it wants to be accessing.

14) Lack or error detection to reset protection mechanisms following an
error.

15) Poor implementation resulting in, for example, condition codes being
improperly tested.

16) Implicit trust: Routine B assumes routine A's parameters are correct
because routine A is a system process.

17) System stores it's data or references user parameters in the users
address space.

18) Inter process communication: return conditions (passwd OK, illegal
parameter, segment error, etc) can provide a significant wedge, esp.
when combined with (17).

19) User parameters may not be adequately checked.

20) Addresses that overlap or refer to system areas.

21) Condition code checks may be omitted.

22) Failure to anticipate unusual or extraordinary parameters.

23) Look for system levels where the modules involved were written by
different programmers, or groups of programmers - holes are likely
to be found.

24) Registers that point to the location of a parameters value instead
of passing the value itself.

25) Any program running with system privileges. (too many progs are given
uid 0, to facilitate access to certain tables, etc.)

26) Group or world readable temporary files, buffers, etc.

27) Lack of threshold values, and lack of logging/notification once these
have been triggered.

28) Changing parameters of critical system areas prior to their execution
by a concurrent process. (race conditions)

29) Inadequate boundary checking at compile time, for example, a user
may be able to execute machine code disguised as data in a data area.
(if text and data areas are shared)

30) Improperly handling user generated asynchronous interrupts. Users
interrupting a process, performing an operation, and either returning
to continue the process or begin another will frequently leave the
system in an unprotected state. Partially written files are left open,
improper writing of protection infraction messages, improper setting
of protection bits, etc often occur.

31) Code that uses fopen(3) without setting the umask. ( eg: at(1), etc. )
In general, code that does not reset the real and effective uid before
forking.

32) Trace is your friend (or truss in SVR4) for helping figure out what
system calls a program is using.

33) Scan /usr/local fs's closely. Many admins will install software from
the net. Often you'll find tcpdump, top, nfswatch, ... suid'd root for
their ease of use.

34) Check suid programs to see if they are the ones originally put on the
system. Admins will sometimes put in a passwd replacement which is less
secure than the distributed version.

35) Look for programs that were there to install software or loadable
kernel modules.

36) Dynamically linked programs in general. Remember LD_PRELOAD, I think
that was the variable.

37) I/O channel programming is a prime target. Look for logical errors,
inconsistencies, and omissions.

38) See if it's possible for a I/O channel program to modify itself, loop
back, and then execute the newly modified code. (instruction pre-load
may screw this up)

39) If I/O channels act as independent processors they may have unlimited
access to memory, thus system code may be modified in memory prior to
execution.

40) Look for bugs requiring flaws in multiple pieces of software, i.e. say
program a can be used to change config file /etc/a now program b assumes
the information in a to be correct and this leads to unexpected results
(just look at how many programs trust /etc/utmp)

41) Any program, especially those suid/sgid, that allow shell escapes.

Monday, September 15, 2008

Change Your Ip In Less Then 1 Minute

How To: Change Your Ip In Less Then 1 Minute

1. Click on "Start" in the bottom left hand corner of screen
2. Click on "Run"
3. Type in "command" and hit ok

You should now be at an MSDOS prompt screen.

4. Type "ipconfig /release" just like that, and hit "enter"
5. Type "exit" and leave the prompt
6. Right-click on "Network Places" or "My Network Places" on your desktop.
7. Click on "properties"

You should now be on a screen with something titled "Local Area Connection", or something close to that, and, if you have a network hooked up, all of your other networks.

8. Right click on "Local Area Connection" and click "properties"
9. Double-click on the "Internet Protocol (TCP/IP)" from the list under the "General" tab
10. Click on "Use the following IP address" under the "General" tab
11. Create an IP address (It doesn't matter what it is. I just type 1 and 2 until i fill the area up).
12. Press "Tab" and it should automatically fill in the "Subnet Mask" section with default numbers.
13. Hit the "Ok" button here
14. Hit the "Ok" button again

You should now be back to the "Local Area Connection" screen.

15. Right-click back on "Local Area Connection" and go to properties again.
16. Go back to the "TCP/IP" settings
17. This time, select "Obtain an IP address automatically"
tongue.gif 18. Hit "Ok"
19. Hit "Ok" again
20. You now have a new IP address

With a little practice, you can easily get this process down to 15 seconds.

P.S:
This only changes your dynamic IP address, not your ISP/IP address. If you plan on hacking a website with this trick be extremely careful, because if they try a little, they can trace it back

Change Text on XP Start Button

Step 1 - Modify Explorer.exe File

In order to make the changes, the file explorer.exe located at C:\Windows needs to be edited. Since explorer.exe is a binary file it requires a special editor. For purposes of this article I have used Resource Hacker. Resource HackerTM is a freeware utility to view, modify, rename, add, delete and extract resources in 32bit Windows executables and resource files (*.res). It incorporates an internal resource script compiler and decompiler and works on Microsoft Windows 95/98/ME, Windows NT, Windows 2000 and Windows XP operating systems.

get this from h**p://delphi.icm.edu.pl/ftp/tools/ResHack.zip

The first step is to make a backup copy of the file explorer.exe located at C:\Windows\explorer. Place it in a folder somewhere on your hard drive where it will be safe. Start Resource Hacker and open explorer.exe located at C:\Windows\explorer.exe.

The category we are going to be using is "String Table". Expand it by clicking the plus sign then navigate down to and expand string 37 followed by highlighting 1033. If you are using the Classic Layout rather than the XP Layout, use number 38. The right hand pane will display the stringtable. We’re going to modify item 578, currently showing the word “start” just as it displays on the current Start button.

There is no magic here. Just double click on the word “start” so that it’s highlighted, making sure the quotation marks are not part of the highlight. They need to remain in place, surrounding the new text that you’ll type. Go ahead and type your new entry. In my case I used Click Me!

You’ll notice that after the new text string has been entered the Compile Script button that was grayed out is now active. I won’t get into what’s involved in compiling a script, but suffice it to say it’s going to make this exercise worthwhile. Click Compile Script and then save the altered file using the Save As command on the File Menu. Do not use the Save command – Make sure to use the Save As command and choose a name for the file. Save the newly named file to C:\Windows.


Step 2 – Modify the Registry

!!!make a backup of your registry before making changes!!!

Now that the modified explorer.exe has been created it’s necessary to modify the registry so the file will be recognized when the user logs on to the system. If you don’t know how to access the registry I’m not sure this article is for you, but just in case it’s a temporary memory lapse, go to Start (soon to be something else) Run and type regedit in the Open field. Navigate to:

HKEY_LOCAL_MACHINE\ SOFTWARE\ Microsoft\ Windows NT\ CurrentVersion\ Winlogon

In the right pane, double click the "Shell" entry to open the Edit String dialog box. In Value data: line, enter the name that was used to save the modified explorer.exe file. Click OK.

Close Registry Editor and either log off the system and log back in, or reboot the entire system if that’s your preference. If all went as planned you should see your new Start button with the revised text.[/b]

Cant See Secure Sites

Cant See Secure Sites

Fix the problem with seeing them secrue sites (banks or online stores) i found this very usefull to me at my work (isp backbone support lol, at the time i was regular support )

Any way... what u need to do is make a new notepad file and write in it the followng DLL's.. just copy-paste these



regsvr32 SOFTPUB.DLL
regsvr32 WINTRUST.DLL
regsvr32 INITPKI.DLL
regsvr32 dssenh.dll
regsvr32 Rsaenh.dll
regsvr32 gpkcsp.dll
regsvr32 sccbase.dll
regsvr32 slbcsp.dll
regsvr32 Cryptdlg.dll


and save it as > all file types, and make it something like securefix.bat.

then just run the file and ur problem shuld be gone.

cannot use my password to get back into Windows XP

Because of the security features built into Windows XP, it is virtually impossible to get back into the system without the password.
You have several options to try and get around this problem.


If you have access to another user account with administrator rights, you can use that account to change the password
of the account that is locked out. You can also use the default Administrator account that is built into Windows XP.

First you need to boot the system into Safe Mode.
1.Restart your system.
2.When you see the blue Dell globe or screen, press the ( F8 ) key about 3 times a second.
3.You should get the Windows startup menu. Use the (Up or Down) arrow keys to highlight (SafeMode)
4.Press (Enter) on (Safe Mode), then press (Enter) on (Windows XP).
5.The system should boot to Safe Mode.

Once you are at the Account Log on Screen, click on the icon
for the user account with administrator rights, or click on the icon
for the administrators account.
Note: For Home the Administrator account isn't normally shown & in Safe Mode you have to press Ctrl+Alt+Delete keys twice to show.
For PRO you can do this in normal mode

When the system has booted to the desktop, use the following steps to change the accounts password.
1.Click Start, Control Panel, Administrative Tools.
2.Click Computer Management.
3.Double click Local Users and Groups, double click the folder Users.
4.Right click on the account name that is locked out, and click on Set Password.
5.You may get a warning message about changing the password, simply click proceed.
6.Leave the New Password box blank, also leave the Confirm Password box blank.
7.Click OK, and OK again.
8.Then close all Windows, reboot the system and try to log in.


There are also applications that can recover the password for you.
The following companies provide these applications at a cost.
iOpus® Password Recovery XP here.
LostPassword.com, here.
Asterisk Password Recovery XP v1.89 here.
Windows XP / 2000 / NT Key here.


If the above information does not help in recovering the password, the only option left is to
format the hard drive then reinstall Windows and the system software.

Boot Block Recovery For Free

You don't need to pay a measly sum of dollars just to recover from a boot block mode. Here it is folks:

AWARD Bootblock recovery:

That shorting trick should work if the boot block code is not corrupted, and it should not be if /sb switch is used when flashing the bios (instead of /wb switch).

The 2 pins to short to force a checksum error varies from chip to chip. But these are usually the highest-numbered address pins (A10 and above).

These are the pins used by the system to read the System BIOS (original.bin for award v6), calculate the ROM checksum and see if it's valid before decompressing it into memory, and subsequently allow Bootblock POST to pass control over to the System BIOS.

You just have to fool the system into believing that the System BIOS is corrupt. This you do by giving your system a hard time reading the System BIOS by shorting the 2 high address pins. And when it could not read the System BIOS properly, ROM Checksum Error is detected "so to speak" and Bootblock recovery is activated.

Sometimes, any combination of the high address pins won't work to force a checksum error in some chips, like my Winbond W49F002U. But shorting the #WE pin with the highest-numbered address pin (A17) worked for this chip. You just have to be experimentative if you're not comfortable with "hot flashing" or "replacement BIOS".

But to avoid further damage to your chip if you're not sure which are the correct pins to short, measure the potential between the 2 pins by a voltmeter while the system is on. If the voltage reading is zero (or no potential at all), it is safe to short these pins.

But do not short the pins while the system is on. Instead, power down then do the short, then power up while still shorting. And as soon as you hear 3 beeps (1 long, 2 short), remove the short at once so that automatic reflashing from Drive A can proceed without errors (assuming you had autoexec.bat in it).

About how to do the shorting, the tip of a screwdriver would do. But with such minute pins on the PLCC chip, I'm pretty comfortable doing it with the tip of my multi-tester or voltmeter probe. Short the pins at the point where they come out of the chip.



AMIBIOS Recovery bootblock:
1. Copy a known working BIOS image for your board to a floppy and rename it to AMIBOOT.ROM.
2. Insert the floppy in your system's floppydrive.
3. Power on the system while holding CTRL+Home keys. Release the keys when you hear a beep and/or see the floppy light coming on.
4 . Just wait until you hear 4 beeps. When 4 beeps are heard the reprogramming of the System Block BIOS went succesfull, so then you may restart your system.

Some alternative keys that can be used to force BIOS update (only the System Block will be updated so it's quite safe):
CTRL+Home= restore missing code into system block and clear CMOS when programming went ok.
CTRL+Page Up= restore missing code into system block and clear CMOS or DMI when programming went ok.
CTRL+Page Down= restore missing code into system block and do not clear CMOS and DMI area when programming went ok
Btw: the alternative keys work only with AMIBIOS 7 or higher (so for example an AMI 6.26 BIOS can be only recovered by using CTRL+Home keys).
Boot Block Recovery for FREE

************************************************
BLACKOUT Flashing
*************************************************

Recovering a Corrupt AMI BIOS chip
With motherboards that use BOOT BLOCK BIOS it is possible to recover a corrupted BIOS because the BOOT BLOCK section of the BIOS, which is responsible for booting the computer remains unmodified. When an AMI BIOS becomes corrupt the system will appear to start, but nothing will appear on the screen, the floppy drive light will come on and the system will access the floppy drive repeatedly. If your motherboard has an ISA slot and you have an old ISA video card lying around, put the ISA video card in your system and connect the monitor. The BOOT BLOCK section of the BIOS only supports ISA video cards, so if you do not have an ISA video card or your motherboard does not have ISA slots, you will have to restore your BIOS blind, with no monitor to show you what’s going on.

AMI has integrated a recovery routine into the BOOT BLOCK of the BIOS, which in the event the BIOS becomes corrupt can be used to restore the BIOS to a working state. The routine is called when the SYSTEM BLOCK of the BIOS is empty. The restore routine will access the floppy drive looking for a BIOS file names AMIBOOT.ROM, this is why the floppy drive light comes on and the drive spins. If the file is found it is loaded into the SYSTEM BLOCK of the BIOS to replace the missing information. To restore your BIOS simply copy a working BIOS file to a floppy diskette and rename it AMIBOOT.ROM, then insert it into the computer while the power is on. The diskette does not need to be bootable or contain a flash utility. After about four minutes the system will beep four times. Remove the floppy diskette from the drive and reboot the computer. The BIOS should now be restored.

Recovering a Corrupt AWARD BIOS
With AWARD BIOS the process is similar but still a bit different. To recover an AWARD BIOS you will need to create a floppy diskette with a working BIOS file in .BIN format, an AWARD flash utility and an AUTOEXEC.BAT file. AWARD BIOS will not automatically restore the BIOS information to the SYSTEM BLOCK for this reason you will need to add the commands necessary to flash the BIOS in the AUTOEXEC.BAT file. The system will run the AUTOEXE.BAT file, which will in turn flash the BIOS. This is fairly easy. Here are the steps you need to take.

· Create a bootable floppy diskette
· Copy the BIOS file and flash utility to the diskette
· Create an text file with any standard text editor and add the following lines

@ECHO OFF
FLASH763 BIOSFILE.BIN /py

In the above example I am assuming that you are using the FLASH763.EXE flash utility. You will need to replace the FLASH763 with the name of whatever flash utility you are using, and replace the BIOSFILE.BIN with the name of the BIOS file you are using. You will also need to change the ‘/py’ to whatever the command is for your flash utility to automatically program the BIOS without user intervention. If you do not know the command to automatically flash your BIOS type the name of the flash utility with a space and then /? to display the utility’s help screen. The help screen should pecify the command switch to automatically flash your BIOS. If you are using the FLASH763.EXE utility then the switch to automatically flash your BIOS is ‘/py’.

10 Security Enhancements

Before you spend a dime on security, there are many precautions you can take that will protect you against the most common threats.

1. Check Windows Update and Office Update regularly (_http://office.microsoft.com/productupdates); have your Office CD ready. Windows Me, 2000, and XP users can configure automatic updates. Click on the Automatic Updates tab in the System control panel and choose the appropriate options.

2. Install a personal firewall. Both SyGate (_www.sygate.com) and ZoneAlarm (_www.zonelabs.com) offer free versions.


3. Install a free spyware blocker. Our Editors' Choice ("Spyware," April 22) was SpyBot Search & Destroy (_http://security.kolla.de). SpyBot is also paranoid and ruthless in hunting out tracking cookies.

4. Block pop-up spam messages in Windows NT, 2000, or XP by disabling the Windows Messenger service (this is unrelated to the instant messaging program). Open Control Panel | Administrative Tools | Services and you'll see Messenger. Right-click and go to Properties. Set Start-up Type to Disabled and press the Stop button. Bye-bye, spam pop-ups! Any good firewall will also stop them.

5. Use strong passwords and change them periodically. Passwords should have at least seven characters; use letters and numbers and have at least one symbol. A decent example would be f8izKro@l. This will make it much harder for anyone to gain access to your accounts.

6. If you're using Outlook or Outlook Express, use the current version or one with the Outlook Security Update installed. The update and current versions patch numerous vulnerabilities.

7. Buy antivirus software and keep it up to date. If you're not willing to pay, try Grisoft AVG Free Edition (Grisoft Inc., w*w.grisoft.com). And doublecheck your AV with the free, online-only scanners available at w*w.pandasoftware.com/activescan and _http://housecall.trendmicro.com.

8. If you have a wireless network, turn on the security features: Use MAC filtering, turn off SSID broadcast, and even use WEP with the biggest key you can get. For more, check out our wireless section or see the expanded coverage in Your Unwired World in our next issue.

9. Join a respectable e-mail security list, such as the one found at our own Security Supersite at _http://security.ziffdavis.com, so that you learn about emerging threats quickly and can take proper precautions.

10. Be skeptical of things on the Internet. Don't assume that e-mail "From:" a particular person is actually from that person until you have further reason to believe it's that person. Don't assume that an attachment is what it says it is. Don't give out your password to anyone, even if that person claims to be from "support."

Friday, September 12, 2008

Bandwidth Explained!

This is well written explanation about bandwidth, very useful info.



BandWidth Explained

Most hosting companies offer a variety of bandwidth options in their plans. So exactly what is bandwidth as it relates to web hosting? Put simply, bandwidth is the amount of traffic that is allowed to occur between your web site and the rest of the internet. The amount of bandwidth a hosting company can provide is determined by their network connections, both internal to their data center and external to the public internet.


Network Connectivity

The internet, in the most simplest of terms, is a group of millions of computers connected by networks. These connections within the internet can be large or small depending upon the cabling and equipment that is used at a particular internet location. It is the size of each network connection that determines how much bandwidth is available. For example, if you use a DSL connection to connect to the internet, you have 1.54 Mega bits (Mb) of bandwidth. Bandwidth therefore is measured in bits (a single 0 or 1). Bits are grouped in bytes which form words, text, and other information that is transferred between your computer and the internet.

If you have a DSL connection to the internet, you have dedicated bandwidth between your computer and your internet provider. But your internet provider may have thousands of DSL connections to their location. All of these connection aggregate at your internet provider who then has their own dedicated connection to the internet (or multiple connections) which is much larger than your single connection. They must have enough bandwidth to serve your computing needs as well as all of their other customers. So while you have a 1.54Mb connection to your internet provider, your internet provider may have a 255Mb connection to the internet so it can accommodate your needs and up to 166 other users (255/1.54).


Traffic

A very simple analogy to use to understand bandwidth and traffic is to think of highways and cars. Bandwidth is the number of lanes on the highway and traffic is the number of cars on the highway. If you are the only car on a highway, you can travel very quickly. If you are stuck in the middle of rush hour, you may travel very slowly since all of the lanes are being used up.

Traffic is simply the number of bits that are transferred on network connections. It is easiest to understand traffic using examples. One Gigabyte is 2 to the 30th power (1,073,741,824) bytes. One gigabyte is equal to 1,024 megabytes. To put this in perspective, it takes one byte to store one character. Imagine 100 file cabinets in a building, each of these cabinets holds 1000 folders. Each folder has 100 papers. Each paper contains 100 characters - A GB is all the characters in the building. An MP3 song is about 4MB, the same song in wav format is about 40MB, a full length movie can be 800MB to 1000MB (1000MB = 1GB).

If you were to transfer this MP3 song from a web site to your computer, you would create 4MB of traffic between the web site you are downloading from and your computer. Depending upon the network connection between the web site and the internet, the transfer may occur very quickly, or it could take time if other people are also downloading files at the same time. If, for example, the web site you download from has a 10MB connection to the internet, and you are the only person accessing that web site to download your MP3, your 4MB file will be the only traffic on that web site. However, if three people are all downloading that same MP at the same time, 12MB (3 x 4MB) of traffic has been created. Because in this example, the host only has 10MB of bandwidth, someone will have to wait. The network equipment at the hosting company will cycle through each person downloading the file and transfer a small portion at a time so each person's file transfer can take place, but the transfer for everyone downloading the file will be slower. If 100 people all came to the site and downloaded the MP3 at the same time, the transfers would be extremely slow. If the host wanted to decrease the time it took to download files simultaneously, it could increase the bandwidth of their internet connection (at a cost due to upgrading equipment).


Hosting Bandwidth

In the example above, we discussed traffic in terms of downloading an MP3 file. However, each time you visit a web site, you are creating traffic, because in order to view that web page on your computer, the web page is first downloaded to your computer (between the web site and you) which is then displayed using your browser software (Internet Explorer, Netscape, etc.) . The page itself is simply a file that creates traffic just like the MP3 file in the example above (however, a web page is usually much smaller than a music file).

A web page may be very small or large depending upon the amount of text and the number and quality of images integrated within the web page. For example, the home page for CNN.com is about 200KB (200 Kilobytes = 200,000 bytes = 1,600,000 bits). This is typically large for a web page. In comparison, Yahoo's home page is about 70KB.


How Much Bandwidth Is Enough?

It depends (don't you hate that answer). But in truth, it does. Since bandwidth is a significant determinant of hosting plan prices, you should take time to determine just how much is right for you. Almost all hosting plans have bandwidth requirements measured in months, so you need to estimate the amount of bandwidth that will be required by your site on a monthly basis

If you do not intend to provide file download capability from your site, the formula for calculating bandwidth is fairly straightforward:

Average Daily Visitors x Average Page Views x Average Page Size x 31 x Fudge Factor

If you intend to allow people to download files from your site, your bandwidth calculation should be:

[(Average Daily Visitors x Average Page Views x Average Page Size) +
(Average Daily File Downloads x Average File Size)] x 31 x Fudge Factor

Let us examine each item in the formula:

Average Daily Visitors - The number of people you expect to visit your site, on average, each day. Depending upon how you market your site, this number could be from 1 to 1,000,000.

Average Page Views - On average, the number of web pages you expect a person to view. If you have 50 web pages in your web site, an average person may only view 5 of those pages each time they visit.

Average Page Size - The average size of your web pages, in Kilobytes (KB). If you have already designed your site, you can calculate this directly.

Average Daily File Downloads - The number of downloads you expect to occur on your site. This is a function of the numbers of visitors and how many times a visitor downloads a file, on average, each day.

Average File Size - Average file size of files that are downloadable from your site. Similar to your web pages, if you already know which files can be downloaded, you can calculate this directly.

Fudge Factor - A number greater than 1. Using 1.5 would be safe, which assumes that your estimate is off by 50%. However, if you were very unsure, you could use 2 or 3 to ensure that your bandwidth requirements are more than met.

Usually, hosting plans offer bandwidth in terms of Gigabytes (GB) per month. This is why our formula takes daily averages and multiplies them by 31.


Summary

Most personal or small business sites will not need more than 1GB of bandwidth per month. If you have a web site that is composed of static web pages and you expect little traffic to your site on a daily basis, go with a low bandwidth plan. If you go over the amount of bandwidth allocated in your plan, your hosting company could charge you over usage fees, so if you think the traffic to your site will be significant, you may want to go through the calculations above to estimate the amount of bandwidth required in a hosting plan.

BIOS Update Procedure

All latest Motherboards today, 486/ Pentium / Pentium Pro etc.,ensure that upgrades are easily obtained by incorporating the system BIOS in a FLASH Memory component. With FLASH BIOS, there is no need to replace an EPROM component. Once downloaded, the upgrade utility fits on a floppy disc allowing the user to save, verify and update the system BIOS. A hard drive or a network drive can also be used to run the newer upgrade utilities. However, memory managers can not be installed while upgrading.

Most pre-Pentium motherboards do not have a Flash BIOS. The following instructions therefore do not apply to these boards. If your motherboard does not have a Flash BIOS (EEPROM) you will need to use an EPROM programmer to re-program the BIOS chip. See your dealer for more information about this.

Please read the following instructions in full before starting a Flash BIOS upgrade:
A. Create a Bootable Floppy (in DOS)

•With a non-formatted disk, type the following:

format a:/s

•If using a formatted disk, type:

sys a:

This procedure will ensure a clean boot when you are flashing the new BIOS.

B. Download the BIOS file

•Download the correct BIOS file by clicking on the file name of the BIOS file you wish to download.

•Save the BIOS file and the Flash Utility file in the boot disk you have created. Unzip the BIOS file and the flash utility file. If you don't have an "unzip" utility, download the WinZip for Windows 95 shareware/ evaluation copy for that one time use from _www.winzip.com or _www.pkware.com. Most CD ROMs found in computer magazines, have a shareware version of WinZip on them.

•You should have extracted two files:

Flash BIOS utility eg: flash7265.exe (for example)

BIOS eg: 6152J900.bin (example)

Use the latest flash utility available unless otherwise specified (either on the BIOS update page or in the archive file). This information is usually provided.

C. Upgrade the System BIOS

During boot up, write down the old BIOS version because you will need to use it for the BIOS backup file name.

Place the bootable floppy disk containing the BIOS file and the Flash Utility in drive a, and reboot the system in MS-DOS, preferably Version 6.22

•At the A:> prompt, type the corresponding Flash BIOS utility and the BIOS file with its extension.

For example:

flash625 615j900.bin

•From the Flash Memory Writer menu, select "Y" to "Do you want to save BIOS?" if you want to save (back up) your current BIOS (strongly recommended), then type the name of your current BIOS and its extension after FILE NAME TO SAVE: eg: a:\613J900.bin

Alternatively select "N" if you don't want to save your current BIOS. Beware, though, that you won't be able to recover from a possible failure.

•Select "Y" to "Are you sure to program?"

•Wait until it displays "Message: Power Off or Reset the system"

Once the BIOS has been successfully loaded, remove the floppy disk and reboot the system. If you write to BIOS but cannot complete the procedure, do not switch off, because the computer will not be able to boo, and you will not be given another chance to flash. In this case leave your system on until you resolve the problem (flashing BIOS with old file is a possible solution, provided you've made a backup before)

Make sure the new BIOS version has been loaded properly by taking note of the BIOS identifier as the system is rebooting.

For AMI BIOS
Once the BIOS has been successfully loaded, remove the floppy disk and reboot the system holding the "END" key prior to power on until you enter CMOS setup. If you do not do this the first time booting up after upgrading the BIOS, the system will hang.

BIOS Update Tips
note:
1.Make sure never to turn off or reset your computer during the flash process. This will corrupt the BIOS data. We also recommend that you make a copy of your current BIOS on the bootable floppy so you can reflash it if you need to. (This option is not available when flashing an AMI BIOS).

2. If you have problems installing your new BIOS please check the following:

Have you done a clean boot?
In other words, did you follow the above procedure for making a bootable floppy? This ensures that when booting from "A" there are no device drivers on the diskette. Failing to do a clean boot is the most common cause for getting a "Memory Insufficient" error message when attempting to flash a BIOS.

If you have not used a bootable floppy, insure a clean boot either by

a) pressing F5 during bootup

b) by removing all device drivers on the CONFIG.SYS including the HIMEM.SYS. Do this by using the EDIT command.

Have you booted up under DOS?
Booting in Windows is another common cause for getting a "Memory Insufficient" error message when attempting to flash a BIOS. Make sure to boot up to DOS with a minimum set of drivers. Important: Booting in DOS does not mean selecting "Restart computer in MS-DOS Mode" from Windows98/95 shutdown menu or going to Prompt mode in WindowsNT, but rather following the above procedure (format a: /s and rebooting from a:\).

Have you entered the full file name of the flash utility and the BIOS plus its extension?
Do not forget that often you will need to add a drive letter (a:\) before flashing the BIOS. Example: when asked for file name of new BIOS file which is on your floppy disk, in case you're working from c:\ your will need to type a:\615j900.bin, rather than 615j900.bin only.

Monday, September 8, 2008

Convert To Basic And Dynamic Disks In Windows Xp

Windows XP Professional supports two types of disk storage: basic and dynamic. Basic disk storage uses partition-oriented disks. A basic disk contains basic volumes (primary partitions, extended partitions, and logical drives).

Dynamic disk storage uses volume-oriented disks, and includes features that basic disks do not, such as the ability to create volumes that span multiple disks (spanned and striped volumes).

General Notes
Before you change a basic disk to a dynamic disk, note these items:


You must have at least 1 megabyte (MB) of free space on any master boot record (MBR) disk that you want to convert. This space is automatically reserved when the partition or volume is created in Microsoft Windows 2000 or Windows XP Professional. However, it may not be available on partitions or volumes that are created in other operating systems.

When you convert to a dynamic disk, the existing partitions or logical drives on the basic disk are converted to simple volumes on the dynamic disk.

After you convert to a dynamic disk, the dynamic volumes cannot be changed back to partitions. You must first delete all dynamic volumes on the disk, and then convert the dynamic disk back to a basic disk. If you want to keep your data, you must first back up or move the data to another volume.

After you convert to a dynamic disk, local access to the dynamic disk is limited to Windows XP Professional and Windows 2000.

If your disk contains multiple installations of Windows XP Professional or Windows 2000, do not convert to a dynamic disk. The conversion operation removes partition entries for all partitions on the disk with the exception of the system and boot volumes for the current operating system.

Dynamic disks are not supported on portable computers or Microsoft Windows XP Home Edition.

Before you change a dynamic disk back to a basic disk, note that all existing volumes must be deleted from the disk before you can convert it back to a basic disk. If you want to keep your data, back up the data, or move your data to another volume.

How to Convert a Basic Disk to a Dynamic Disk

To convert a basic disk to a dynamic disk:

1) Log on as Administrator or as a member of the Administrators group.

2) Click Start, and then click Control Panel.

3) Click Performance and Maintenance, click Administrative Tools, and then double-click Computer Management.

4) In the left pane, click Disk Management.

5) In the lower-right pane, right-click the basic disk that you want to convert, and then click Convert to Dynamic Disk.

NOTE:You must right-click the gray area that contains the disk title on the left side of the Details pane. For example, right-click Disk 0.

6) Select the check box that is next to the disk that you want to convert (if it is not already selected), and then clickOK.

7) Click Details if you want to view the list of volumes in the disk.

8) Click Convert.

9) Click Yes when you are prompted to convert, and then click OK.

How to Convert a Dynamic Disk to a Basic Disk

To change a dynamic disk back to a basic disk:

1) Back up all the data on all the volumes on the disk you want to convert to a basic disk.

2) Log on as Administrator or as a member of the Administrators group.

3) Click Start, and then click Control Panel.

4) Click Performance and Maintenance, click Administrative Tools, and then double-click Computer Management.

5) In the left pane, click Disk Management.

6) Right-click a volume on the dynamic disk that you want to change to a basic disk, and then click Delete Volume.

7) Click Yes when you are prompted to delete the volume.

8) Repeat steps 4 and 5 for each volume on the dynamic disk.

9) After you have deleted all the volumes on the dynamic disk, right-click the dynamic disk that you want to change to a basic disk, and then click Convert to Basic Disk.

NOTE:You must right-click the gray area that contains the disk title on the left side of the Details pane. For example, right-click Disk 1.

Thursday, September 4, 2008

Beep Codes Error Codes

After repeated requests for beep codes i have decided to post them here maybe they could be pinned

Standard Original IBM POST Error Codes
Code Description

1 short beep System is OK
2 short beeps POST Error - error code shown on screen No beep Power supply or system board problem Continuous beep Power supply, system board, or keyboard problem Repeating short beeps Power supply or system board problem
1 long, 1 short beep System board problem
1 long, 2 short beeps Display adapter problem (MDA, CGA)
1 long, 3 short beeps Display adapter problem (EGA)
3 long beeps 3270 keyboard card
IBM POST Diagnostic Code Descriptions
Code Description
100 - 199 System Board
200 - 299 Memory
300 - 399 Keyboard
400 - 499 Monochrome Display
500 - 599 Colour/Graphics Display
600 - 699 Floppy-disk drive and/or Adapter
700 - 799 Math Coprocessor
900 - 999 Parallel Printer Port
1000 - 1099 Alternate Printer Adapter
1100 - 1299 Asynchronous Communication Device, Adapter, or Port
1300 - 1399 Game Port
1400 - 1499 Colour/Graphics Printer
1500 - 1599 Synchronous Communication Device, Adapter, or Port
1700 - 1799 Hard Drive and/or Adapter
1800 - 1899 Expansion Unit (XT)
2000 - 2199 Bisynchronous Communication Adapter
2400 - 2599 EGA system-board Video (MCA)
3000 - 3199 LAN Adapter
4800 - 4999 Internal Modem
7000 - 7099 Phoenix BIOS Chips
7300 - 7399 3.5" Disk Drive
8900 - 8999 MIDI Adapter
11200 - 11299 SCSI Adapter
21000 - 21099 SCSI Fixed Disk and Controller
21500 - 21599 SCSI CD-ROM System

AMI BIOS Beep Codes
Code Description

1 Short Beep System OK
2 Short Beeps Parity error in the first 64 KB of memory
3 Short Beeps Memory failure in the first 64 KB
4 Short Beeps Memory failure in the first 64 KB Operational of memory
or Timer 1 on the motherboard is not functioning
5 Short Beeps The CPU on the motherboard generated an error
6 Short Beeps The keyboard controller may be bad. The BIOS cannot switch to protected mode
7 Short Beeps The CPU generated an exception interrupt
8 Short Beeps The system video adapter is either missing, or its memory is faulty
9 Short Beeps The ROM checksum value does not match the value encoded in the BIOS
10 Short Beeps The shutdown register for CMOS RAM failed
11 Short Beeps The external cache is faulty
1 Long, 3 Short Beeps Memory Problems
1 Long, 8 Short Beeps Video Card Problems

Phoenix BIOS Beep Codes
Note - Phoenix BIOS emits three sets of beeps, separated by a brief pause.

Code Description
1-1-3 CMOS read/write failure
1-1-4 ROM BIOS checksum error
1-2-1 Programmable interval timer failure
1-2-2 DMA initialisation failure
1-2-3 DMA page register read/write failure
1-3-1 RAM refresh verification failure
1-3-3 First 64k RAM chip or data line failure
1-3-4 First 64k RAM odd/even logic failure
1-4-1 Address line failure first 64k RAM
1-4-2 Parity failure first 64k RAM
2-_-_ Faulty Memory
3-1-_ Faulty Motherboard
3-2-4 Keyboard controller Test failure
3-3-4 Screen initialisation failure
3-4-1 Screen retrace test failure
3-4-2 Search for video ROM in progress
4-2-1 Timer tick interrupt in progress or failure
4-2-2 Shutdown test in progress or failure
4-2-3 Gate A20 failure
4-2-4 Unexpected interrupt in protected mode
4-3-1 RAM test in progress or failure>ffffh
4-3-2 Faulty Motherboard
4-3-3 Interval timer channel 2 test or failure
4-3-4 Time of Day clock test failure
4-4-1 Serial port test or failure
4-4-2 Parallel port test or failure
4-4-3 Math coprocessor test or failure
Low 1-1-2 System Board select failure
Low 1-1-3 Extended CMOS RAM failure

Monday, September 1, 2008

Disable The Send Error Report, to Microsoft!


To disable the stupid feature in WinXP which tries to send a report to microsoft every time a program crashes you will have to do this:

*************************************************************************

Open Control Panel
Click on Preformance and Maintenance.
Click on System.
Then click on the Advanced tab
Click on the error reporting button on the bottom of the windows.
Select Disable error reporting.
Click OK
Click OK

*************************************************************************

Create One-click Shutdown And Reboot Shortcuts!

Create One-Click Shutdown and Reboot Shortcuts:


First, create a shortcut on your desktop by right-clicking on the desktop, choosing New, and then choosing Shortcut. The Create Shortcut Wizard appears. In the box asking for the location of the shortcut, type shutdown. After you create the shortcut, double-clicking on it will shut down your PC.

But you can do much more with a shutdown shortcut than merely shut down your PC. You can add any combination of several switches to do extra duty, like this:

shutdown -r -t 01 -c "Rebooting your PC"
Double-clicking on that shortcut will reboot your PC after a one-second delay and display the message "Rebooting your PC." The shutdown command includes a variety of switches you can use to customize it. Table 1-3 lists all of them and describes their use.

I use this technique to create two shutdown shortcuts on my desktop—one for turning off my PC, and one for rebooting. Here are the ones I use:

shutdown -s -t 03 -c "Bye Bye m8!"
shutdown -r -t 03 -c "Ill be back m8 ;)!"

Switch
What it does

-s
Shuts down the PC.

-l
Logs off the current user.

-t nn
Indicates the duration of delay, in seconds, before performing the action.

-c "messagetext"
Displays a message in the System Shutdown window. A maximum of 127 characters can be used. The message must be enclosed in quotation marks.

-f
Forces any running applications to shut down.

-r
Reboots the PC.

Create Bootable Win XP SP1 CD(nero)

How to create a bootable Windows XP SP1 CD (Nero):
Step 1

Create 3 folders - C:\WINXPSP1, C:\SP1106 and C:\XPBOOT

Step 2

Copy the entire Windows XP CD into folder C:\WINXPSP1

Step 3

You will have to download the SP1 Update, which is 133MB.
Rename the Service Pack file to XP-SP1.EXE
Extract the Service Pack from the Run Dialog using the command:
C:\XP-SP1.EXE -U -X:C:\SP1106

Step 4

Open Start/Run... and type the command:
C:\SP1106\update\update.exe -s:C:\WINXPSP1

Click OK

Folder C:\WINXPSP1 contains: Windows XP SP1



How to Create a Windows XP SP1 CD Bootable

Step 1

Download xpboot.zip
Code:
Code:
http://thro.port5.com/xpboot.zip

( no download manager !! )

Extract xpboot.zip file (xpboot.bin) in to the folder C:\XPBOOT

Step 2

Start Nero - Burning Rom.
Select File > New... from the menu.
1.) Select CD-ROM (Boot)
2.) Select Image file from Source of boot image data
3.) Set Kind of emulation: to No Emulation
4.) Set Load segment of sectors (hex!): to 07C0
5.) Set Number of loaded sectors: to 4
6.) Press the Browse... button



Step 3

Select All Files (*.*) from File of type:
Locate boot.bin in the folder C:\XPBOOT

Step 4

Click ISO tab
Set File-/Directory length to ISO Level 1 (Max. of 11 = 8 + 3 chars)
Set Format to Mode 1
Set Character Set to ISO 9660
Check all Relax ISO Restrictions




Step 5

Click Label Tab
Select ISO9660 from the drop down box.
Enter the Volume Label as WB2PFRE_EN
Enter the System Identifier as WB2PFRE_EN
Enter the Volume Set as WB2PFRE_EN
Enter the Publisher as MICROSOFT CORPORATION
Enter the Data Preparer as MICROSOFT CORPORATION
Enter the Application as WB2PFRE_EN

* For Windows XP Professional OEM substitute WB2PFRE_EN with WXPOEM_EN
* For Windows XP Home OEM substitute WB2PFRE_EN with WXHOEM_EN

Step 6

Click Burn tab
Check Write
Check Finalize CD (No further writing possible!)
Set Write Method to Disk-At-Once

Press New button

Step 7

Locate the folder C:\WINXPSP1
Select everything in the folder and drag it to the ISO compilation panel.
Click the Write CD Dialog button.

Press Write

You're done.