Wednesday, November 10, 2010

Leading the LAB -an adventure

After trying for so long , me and my partner Ayushi Aggarwal, finally got a chance to lead the lab session -11 . I was really excited as it was for the first time that I was leading a group .

PREPARATION - Saturday training session held on 30th October 2010.It went off really well and all the group leaders did a pretty good job in explaining their parts. Training session took 2 long hours, but I thoroughly enjoyed while it lasted. Had it been any longer it would have acted as a sedative and I would have gone into deep sleep.The best part was the photo editing by Nikita and Shreyasi.

One of the hurdles we faced was that we didn't have admin rights so we couldn't install softwares and I wasn't very clear about setting up an SVN server.

Finally the day arrived and I utilised our lunch break to clear some doubts about the SVN server, well thanks to my partner for that!!We decided to keep image editing and video editing part at the end as it would have helped in keeping my group members interested till the end of the lab.


We covered the following topics in our lab:-

a) Image editing tool-PhotoImpact X3:-As provided in the lab handout we inlcuded the basic tools like
1 colouring tools such as bucket fill, linear gradient tool, colourize pen
2 image insertion
3 crop an image
4 smudge
5 blur
6 most interesting cloning
Everybody patiently listened to this part!!

b) Video editing tool - Videopad:- In this we taught the concept of splitting , effects , subtitles, narration regarding video and audio files.

c) Setting up an SVN server
d) Remote connection to a machine:- We taught how to establish remote connection in windows and in linux. We also gave the demo of remote connection with Teamviewer.

After having given the lecture , I asked my group if they had any queries. Surprisingly not even a single question was raised, which made me wonder if it was because that they understood everything or nothing at all? Whatever the reason may be , I had a really nice experience.

Thank You Sir for giving us such an opportunity .

Abhimanyu Khanna

Hey guys, all those who use nero and face a problem of max data limit. here is a simple tweak .


How do I overburn a CD with Nero?

 Start Nero

From the action-bar select File and select Preferences.
In the Preferences window, select Expert Features(1) and check the Enable overburn disc-at-once(2).
Choose a Maximum CD Length(3) and click OK(4) (*82:59:59 is the maximum value I suggest, but as you can see from the screen capture above I have set mine significantly higher. The reason is because I frequently use 99min 850 MB CD media).

For a more accurate test you can use a nero tool called nero speed test to see how much a specific CD is capable of being overburned . get it here

From the action-bar select File and select Write CD.



A window will appear when you have exceeded expected length, click OK to start the overburn copy.

Remember to set disk to burn Disc at Once, you cannot overburn in Track at Once Mode.

Abhimanyu Khanna

Hi . i will be again using Akshit's account this time on how to make a simple keygen .This is something i tried out during my holidays in Octuber as part of my innovative assignment.



Yea so basically this would be a tutorial. The keygen you would be making is a simple keygen, of a program called W3Filer 32 V1.1.3.
W3Filer is a pretty good web downloader...
I guess some of you might know the program.
I`ll assume you know:
A.How to use debugger (in this case, SoftIce).
B.How to crack, generally (finding protection routines,patching them,etc...).
C.How to use Disassembler (This knowledge can help).
D.Assembly.
E.How to code in Turbo Pascal ™.
Tools you`ll need:
A.SoftIce 3.00/01 or newer.
B.WD32Asm. (Not a must).
C.The program W3Filer V1.13 (if not provided in this package), can be found in
www.windows95.com I believe.
D.Turbo Pascal (ANY version).
Well, enough blah blah, let's go cracking...
Run W3Filer 32.
A nag screen pops, and , demands registration (Hmm, this sux ;-)) Now,
We notice this program has some kind of serial number (Mine is 873977046),
Let's keep the serial in mind, I bet we`ll meet it again while we're on
the debugger.
Well, now, let's put your name and a dummy reg code...
set a BP on GetDlgItemTextA, and, press OK.
We pop inside GetDlgItemTextA, Lets find the registration routine...
I`ll save you the work, the registration routine is this:
:00404DB2 8D95A8FAFFFF lea edx, dword ptr [ebp+FFFFFAA8]
:00404DB8 52 push edx ---> Your user name here.
:00404DB9 E80B550000 call 0040A2C9 ---> Registration routine.
:00404DBE 83C408 add esp, 00000008 ---> Dunno exactly what is it.
:00404DC1 85C0 test eax, eax ---> Boolean identifier, 0 if
:00404DC3 7D17 jge 00404DDC ---> registration failed, 1 if
OK.
Well, Let's enter the CALL 40A2C9, and see what's inside it:
(Please read my comments in the code).
* Referenced by a CALL at Addresses:
|:00404DB9 , :00407F76
|
:0040A2C9 55 push ebp
:0040A2CA 8BEC mov ebp, esp
:0040A2CC 81C4B0FEFFFF add esp, FFFFFEB0
:0040A2D2 53 push ebx
:0040A2D3 56 push esi
:0040A2D4 57 push edi
:0040A2D5 8B5508 mov edx, dword ptr [ebp+08]
:0040A2D8 8DB500FFFFFF lea esi, dword ptr [ebp+FFFFFF00]
:0040A2DE 33C0 xor eax, eax
:0040A2E0 EB16 jmp 0040A2F8
* Referenced by a (U)nconditional or ©onditional Jump at Address:
|:0040A2FB©
|
:0040A2E2 0FBE0A movsx ecx, byte ptr [edx] ----> Here Starts the
interesting part.
:0040A2E5 83F920 cmp ecx, 00000020 ----> ECX is the the current
char in the user name, Hmm, 20h=' '...
:0040A2E8 740D je 0040A2F7 ----> Let's see,
:0040A2EA 8A0A mov cl, byte ptr [edx] ----> Generally, all this loop
does, is copying
the user name from
[EDX], to [ESI], WITHOUT the spaces!
(Keep this in mind! ).
:0040A2EC 880C06 mov byte ptr [esi+eax], cl
:0040A2EF 42 inc edx
:0040A2F0 40 inc eax
:0040A2F1 C6040600 mov byte ptr [esi+eax], 00
:0040A2F5 EB01 jmp 0040A2F8
* Referenced by a (U)nconditional or ©onditional Jump at Address:
|:0040A2E8©
|
:0040A2F7 42 inc edx
* Referenced by a (U)nconditional or ©onditional Jump at Addresses:
|:0040A2E0(U), :0040A2F5(U)
|
:0040A2F8 803A00 cmp byte ptr [edx], 00
:0040A2FB 75E5 jne 0040A2E2 ----------------> This is the loop , we got
what it does,
Let's continue tracing
the code...
:0040A2FD 56 push esi --------> The user name is pushed, in order
to
Upcase it's chars.
* Reference To: USER32.CharUpperA, Ord:0000h
|
:0040A2FE E80F330000 Call User!CharUpper ---> After this, our name is in
upper case.
:0040A303 56 push esi -----> Our name in upper case here.
* Reference To: cw3220mt._strlen, Ord:0000h
|
:0040A304 E86F300000 Call 0040D378 ---> This is the length of our name.
:0040A309 59 pop ecx
:0040A30A 8BC8 mov ecx, eax ---> ECX=Length.
:0040A30C 83F904 cmp ecx, 00000004 ---> Length>=4 (MUST).
:0040A30F 7D05 jge 0040A316 ---> Let's go to this address...
:0040A311 83C8FF or eax, FFFFFFFF
:0040A314 EB67 jmp 0040A37D
* Referenced by a (U)nconditional or ©onditional Jump at Address:
|:0040A30F©
|
:0040A316 33D2 xor edx, edx
:0040A318 33C0 xor eax, eax
:0040A31A 3BC8 cmp ecx, eax
:0040A31C 7E17 jle 0040A335 ---> (Not important, just another useless
checking).
===================================================================================
============ FROM HERE AND ON, THE IMPORTANT CODE, PAY ATTENTION ==================
===================================================================================
One thing before we continue, EDX = 00000000h as we enter to the next instructions.
* Referenced by a (U)nconditional or ©onditional Jump at Address:
|:0040A333©
|
:0040A31E 0FBE1C06 movsx ebx, byte ptr [esi+eax] ---> EBX <--- char in user
name, offset EAX.
:0040A322 C1E303 shl ebx, 03 -----> Hmm, it shl's the char by 03h...
(Remember that).
:0040A325 0FBE3C06 movsx edi, byte ptr [esi+eax] ---> Now EDI <--- Char in
user name , offset EAX.
:0040A329 0FAFF8 imul edi, eax -----> It multiplies the char by the
offset in user name! (Remember that).
:0040A32C 03DF add ebx, edi -----> Adds the result to EBX (That was
Shelled (Ding Dong =)).
:0040A32E 03D3 add edx, ebx -----> EDX=EDX+EBX!!! - This is the CORE
of this registration routine!!!
:0040A330 40 inc eax -----> Increase EAX by one (next char).
:0040A331 3BC8 cmp ecx, eax
:0040A333 7FE9 jg 0040A31E ----> If ECX<EAX then, we leave the
loop.
* Referenced by a (U)nconditional or ©onditional Jump at Address:
|:0040A31C©
|
:0040A335 A120674100 mov eax, dword ptr [00416720] ---> HMMMMMM, What's in
here?????
:0040A33A C1F803 sar eax, 03 ---------> WAIT! Please type in SIce '?
EAX'
Does this number in EAX look
familiar to us? ;-)
If you still don`t understand,
than, It's
our SERIAL NUMBER! (PLEASE, take
your time, and check by
yourself - don`t trust me!). OK,
so now we know,
That it SHR's EAX by 03 (SAR is
almost identical to SHR).
:0040A33D 03D0 add edx, eax ---------> Hmm, it adds the result from the
loop, the serial number shr'd by 03h
:0040A33F 52 push edx -------> Let's continue. (At this point, I
can tell you , the reg number, is
in EDX - only that the reg number
is in HEX --> That's how you enter it).
* Possible StringData Ref from Data Obj ->"%lx"
|
:0040A340 685EF54000 push 0040F55E
:0040A345 8D95B0FEFFFF lea edx, dword ptr [ebp+FFFFFEB0]
:0040A34B 52 push edx
* Reference To: USER32.wsprintfA, Ord:0000h
|
:0040A34C E8E5320000 Call 0040D636 -------> This one, does HEX2STR (Takes
the value from EDX, and turns it to an hex string).
:0040A351 83C40C add esp, 0000000C
:0040A354 8D8DB0FEFFFF lea ecx, dword ptr [ebp+FFFFFEB0] -----> type 'd ecx' -
THIS is the reg number! That's enough for us, the rest of
the code, is
just for comparing the correct reg code with ours.
:0040A35A 51 push ecx
* Reference To: USER32.CharLowerA, Ord:0000h
|
:0040A35B E8B8320000 Call 0040D618
:0040A360 8D85B0FEFFFF lea eax, dword ptr [ebp+FFFFFEB0]
:0040A366 50 push eax
:0040A367 FF750C push [ebp+0C]
* Reference To: cw3220mt._strcmp, Ord:0000h
|
:0040A36A E875300000 Call 0040D3E4
:0040A36F 83C408 add esp, 00000008
:0040A372 85C0 test eax, eax
:0040A374 7405 je 0040A37B
:0040A376 83C8FF or eax, FFFFFFFF
:0040A379 EB02 jmp 0040A37D
* Referenced by a (U)nconditional or ©onditional Jump at Address:
|:0040A374©
|
:0040A37B 33C0 xor eax, eax
* Referenced by a (U)nconditional or ©onditional Jump at Addresses:
|:0040A314(U), :0040A379(U)
|
:0040A37D 5F pop edi
:0040A37E 5E pop esi
:0040A37F 5B pop ebx
:0040A380 8BE5 mov esp, ebp
:0040A382 5D pop ebp
:0040A383 C3 ret
Making the actual Keygen
~~~~~~~~~~~~~~~~~~~~~~~~
Now, after I've explained how does the program calculate the registration
code, you can either write your own keymaker, without looking at my code, or
look at my code (in Turbo Pascal - sorry for all you C lovers ;-) Next time).
That's it, here's the source of my keygen:
------------------- Cut here ---------------------------------------------
Program W3FilerKeygen;
var
Key,SerialNum,EB,ED,digit:Longint;
I,x:Byte;
Name,KeyHex:String;
begin
Writeln(' W3Filer32 V1.1.3 Keymaker');
writeln('Cracked by ^pain^ ''97 / Rebels!');
Write('Your Name:'); { Read the name }
readln(Name);
Write('Serial Number:');
readln(SerialNum); {Yes, we need the serial number for the calculation!}
Key:=0;
x:=0;
For I:=1 to length(Name) do
begin
Name[I]:=upcase(Name[i]);
If Name[I]<>' ' then begin
eb:=ord(Name[I]) shl 3; {EB = Name[I] Shl 03h}
Ed:=ord(Name[I]); {ED = Name[I]}
ed:=ed*(x); {ED=ED*Offset}
inc(x);
eb:=eb+ed; {Add ED to EB}
Key:=Key+EB; {Add EB to KEY}
end;
end;
Key:=Key+(SerialNum shr 3); { Add SerialNum shr 03h to Key}
{ From here, this is just HEX2STRING --> I`m quite sure it's
Self explaintory, else - go and learn number bases again! ;-)}
KeyHex:='';
repeat
digit:=Key mod 16;
key:=key div 16;
If digit<10 then KeyHex:=Chr(Digit+ord('0'))+KeyHex;
If digit>10 then KeyHex:=Chr(Digit-10+ord('a'))+KeyHex;
until key=0;
writeln('Your Key:',KeyHex);
writeln(' Enjoy!');
end.




:)  abhimanyu khanna

Abhimanyu Khanna

Hey guys , its me Abhimanyu again . I would be covering on how to modify exe files in this blog.


So yea here it is

How to modify *.exe files

1) Don't try to modify a prog by editing his source in a dissasembler.Why?
Cause that's for programmers and assembly experts only.

try to view it in hex you'll only get tons of crap you don't understand.
First off, you need Resource Hacker(last version). It's a resource editor-
very easy to use, You can download it at h**p://www.users.on.net/johnson/resourcehacker/

2) Unzip the archive, and run ResHacker.exe. You can check out the help file too


3) You will see that the interface is simple and clean. Go to the menu FileOpen or press Ctrl+O to open a file. Browse your way to the file you would like to edit. You can edit *.exe, *.dll, *.ocx, *.scr and *.cpl files, but this tutorial is to teach you how to edit *.exe files, so open one.

4) In the left side of the screen a list of sections will appear.
The most common sections are
-String table;
-RCData;
-Dialog;
-Cursor group;
-Bitmap;
-WAV.
*Icon: You can wiew and change the icon(s) of the program by double-clicking the icon section,chossing the icon, right-clicking on it an pressing "replace resource". After that you can choose the icon you want to replace the original with.
*String table: a bunch of crap, useful sometimes, basic programming knowladge needed.
*RCData: Here the real hacking begins. Modify window titles, buttons, text, and lots more!
*Dialog:Here you can modify the messages or dialogs that appear in a program. Don't forget to press "Compile" when you're done!
*Cursor group: Change the mouse cursors used in the program just like you would change the icon.
*Bitmap: View or change images in the programs easy!
*WAV:Change the sounds in the prog. with your own.


5) In the RCData,Dialog,Menu and String table sections you can do a lot of changes. You can modify or translate the text change links, change buttons, etc.


TIP: To change a window title, search for something like: CAPTION "edit this".
TIP: After all operations press the "Compile Script" button, and when you're done editing save, your work @ FileSave(Save as).
TIP: When you save a file,the original file will be backed up by default and renamed to Name_original and the saved file will have the normal name of the changed prog.
TIP: Sometimes you may get a message like: "This program has a non-standard resource layout... it has probably been compressed with an .EXE compressor." That means that Resource Hacker can't modify it because of it's structure.

Abhimanyu Khanna

Hi again guys, this is me abhimanyu again , i am sorry i have to use Akshit's account because due to some reason none of my email and blog accounts have been able to accept the invitation.

I thought i will cover basics about spyware .I have also provided some spyware removal tool links this time . so here it goes


There are a lot of PC users that know little about "Spyware", "Mal-ware", "hijackers", "Dialers" & many more. This will help you avoid pop-ups, spammers and all those baddies.

What is spy-ware?
Spy-ware is Internet jargon for Advertising Supported software (Ad-ware). It is a way for shareware authors to make money from a product, other than by selling it to the users. There are several large media companies that offer them to place banner ads in their products in exchange for a portion of the revenue from banner sales. This way, you don't have to pay for the software and the developers are still getting paid. If you find the banners annoying, there is usually an option to remove them, by paying the regular licensing fee.

Known spywares
There are thousands out there, new ones are added to the list everyday. But here are a few:
Alexa, Aureate/Radiate, BargainBuddy, ClickTillUWin, Conducent Timesink, Cydoor, Comet Cursor, eZula/KaZaa Toptext, Flashpoint/Flashtrack, Flyswat, Gator, GoHip, Hotbar, ISTbar, Lions Pride Enterprises/Blazing Logic/Trek Blue, Lop (C2Media), Mattel Brodcast, Morpheus, NewDotNet, Realplayer, Songspy, Xupiter, Web3000, WebHancer, Windows Messenger Service.

How to check if a program has spyware?
The is this Little site that keeps a database of programs that are known to install spyware.

Check Here: http://www.spywareguide.com/product_search.php

If you would like to block pop-ups (IE Pop-ups).
There tons of different types out there, but these are the 2 best, i think.

Try: Google Toolbar (http://toolbar.google.com/) This program is Free
Try: AdMuncher (http://www.admuncher.com) This program is Shareware

If you want to remove the "spyware" try these.
Try: Lavasoft Ad-Aware (http://www.lavasoftusa.com/) This program is Free
Info: Ad-aware is a multi spyware removal utility, that scans your memory, registry and hard drives for known spyware components and lets you remove them. The included backup-manager lets you reinstall a backup, offers and multi language support.

Try: Spybot-S&D (http://www.safer-networking.org/) This program is Free
Info: Detects and removes spyware of different kinds (dialers, loggers, trojans, user tracks) from your computer. Blocks ActiveX downloads, tracking cookies and other threats. Over 10,000 detection files and entries. Provides detailed information about found problems.

Try: BPS Spyware and Adware Remover (http://www.bulletproofsoft.com/spyware-remover.html) This program is Shareware
Info: Adware, spyware, trackware and big brotherware removal utility with multi-language support. It scans your memory, registry and drives for known spyware and lets you remove them. Displays a list and lets you select the items you'd like to remove.

Try: Spy Sweeper v2.2 (http://www.webroot.com/wb/products/spysweeper/index.php) This program is Shareware
Info: Detects and removes spyware of different kinds (dialers, loggers, trojans, user tracks) from your computer.
The best scanner out there, and updated all the time.

Try: HijackThis 1.97.7 (http://www.spywareinfo.com/~merijn/downloads.html) This program is Freeware
Info: HijackThis is a tool, that lists all installed browser add-on, buttons, startup items and allows you to inspect them, and optionally remove selected items.


If you would like to prevent "spyware" being install.
Try: SpywareBlaster 2.6.1 (http://www.wilderssecurity.net/spywareblaster.html) This program is Free
Info: SpywareBlaster doesn`t scan and clean for so-called spyware, but prevents it from being installed in the first place. It achieves this by disabling the CLSIDs of popular spyware ActiveX controls, and also prevents the installation of any of them via a webpage.

Try: SpywareGuard 2.2 (http://www.wilderssecurity.net/spywareguard.html) This program is Free
Info: SpywareGuard provides a real-time protection solution against so-called spyware. It works similar to an anti-virus program, by scanning EXE and CAB files on access and alerting you if known spyware is detected.

Try: XP-AntiSpy (http://www.xp-antispy.org/) This program is Free
Info: XP-AntiSpy is a small utility to quickly disable some built-in update and authentication features in WindowsXP that may rise security or privacy concerns in some people.

Try: SpySites (http://camtech2000.net/Pages/SpySites_Prog...ml#SpySitesFree) This program is Free
Info: SpySites allows you to manage the Internet Explorer Restricted Zone settings and easily add entries from a database of 1500+ sites that are known to use advertising tracking methods or attempt to install third party software.

If you would like more Information about "spyware".
Check these sites.
http://www.spychecker.com/
http://www.spywareguide.com/
http://www.cexx.org/adware.htm
http://www.theinfomaniac.net/infomaniac/co...rsSpyware.shtml
http://www.thiefware.com/links/
http://simplythebest.net/info/spyware.html

Usefull tools...
Try: Stop Windows Messenger Spam 1.10 (http://www.jester2k.pwp.blueyonder.co.uk/j...r2ksoftware.htm) This program is Free
Info: "Stop Windows Messenger Spam" stops this Service from running and halts the spammers ability to send you these messages.

----------------------------------------------------------------------------
All these softwares will help remove and prevent evil spammers and spywares attacking your PC. I myself recommend getting "spyblaster" "s&d spybot" "spy sweeper" & "admuncher" to protect your PC. A weekly scan is also recommended

Free Virus Scan
Scan for spyware, malware and keyloggers in addition to viruses, worms and trojans. New threats and annoyances are created faster than any individual can keep up with.
http://defender.veloz.com// - 15k


Finding . is a Click Away at 2020Search.com
Having trouble finding what you re looking for on: .? 2020Search will instantly provide you with the result you re looking for by drawing on some of the best search engines the Internet has to offer. Your result is a click away!
http://www.2020search.com// - 43k


Download the BrowserVillage Toolbar.
Customize your Browser! Eliminate Pop-up ads before they start, Quick and easy access to the Web, and much more. Click Here to Install Now!
http://www.browservillage.com/ - 36k

Abhimanyu Khanna

Hi guys . I would be covering all about proxies in this blog .
so

What is a Proxy Server?
A proxy server is a kind of buffer between your computer and the Internet resources you are accessing. The data you request come to the proxy first, and only then it transmits the data to you. I know many are looking for IP Maskers or Scramblers, but honestly, it aint real easy for the simple fact that any website that you visit needs your IP to send the info packets too. If its scrambled, you will get alot of errors and crazy redirects :P My solution? Read on........... for a good list of Proxy servers try here&gt;&gt; http://www.multiproxy.org/

Why do I need to use proxy servers?
Transfer speed improvement. Proxy servers accumulate and save files that are most often requested by thousands of Internet users in a special database, called “cache”. Therefore, proxy servers are able to increase the speed of your connection to the Internet. The cache of a proxy server may already contain information you need by the time of your request, making it possible for the proxy to deliver it immediately.
Security and privacy. Anonymous proxy servers that hide your IP address thereby saving you from vulnerabilities concerned with it.
Sometimes you may encounter problems while accessing to web server when server administrator restricted access from your IP or even from wide IP range (for example restricting access from certain countries or geographical regions). So you try to access those pages using an anonymous proxy server.

What is a public proxy server?
It is a proxy server which is free and open for everybody on the Internet. Unfortunately most of them are not anonymous.
Free service trying to provide list of public HTTP proxy servers. Usually provide small list of proxies with low percent of functioning servers due to hosting restrictions on CPU time (they simply can't allow themselves to check many proxies every second especially in parallel).

The Solution?
When using an anonymous proxy server you don’t give a anybody chance to find out your IP address to use it in their own interests. ;) If there is a need to make an (inner) proxy connect to the outside world via another (outer) proxy server, you can use the same environment variables as are used to redirect clients to the proxy to make inner proxy use the outer one:
http_proxy
ftp_proxy
gopher_proxy
wais_proxy
E.g. your (inner) proxy server's startup script could look like this:
#!/bin/sh
http_proxy=http://outer.proxy.server:8082/
export http_proxy
/usr/etc/httpd -r /etc/inner-proxy.conf -p 8081

This is a little ugly, so there are also the following directives in the configuration file:
http_proxy http://outer.proxy.server/
ftp_proxy http://outer.proxy.server/
gopher_proxy http://outer.proxy.server/
wais_proxy http://outer.proxy.server/

Abhimanyu Khanna

Hi guys . I would be covering all about Proxies in this blog.



What is a Proxy Server?
A proxy server is a kind of buffer between your computer and the Internet resources you are accessing. The data you request come to the proxy first, and only then it transmits the data to you. I know many are looking for IP Maskers or Scramblers, but honestly, it aint real easy for the simple fact that any website that you visit needs your IP to send the info packets too. If its scrambled, you will get alot of errors and crazy redirects :P My solution? Read on........... for a good list of Proxy servers try here>> http://www.multiproxy.org/

Why do I need to use proxy servers?
Transfer speed improvement. Proxy servers accumulate and save files that are most often requested by thousands of Internet users in a special database, called “cache”. Therefore, proxy servers are able to increase the speed of your connection to the Internet. The cache of a proxy server may already contain information you need by the time of your request, making it possible for the proxy to deliver it immediately.
Security and privacy. Anonymous proxy servers that hide your IP address thereby saving you from vulnerabilities concerned with it.
Sometimes you may encounter problems while accessing to web server when server administrator restricted access from your IP or even from wide IP range (for example restricting access from certain countries or geographical regions). So you try to access those pages using an anonymous proxy server.

What is a public proxy server?
It is a proxy server which is free and open for everybody on the Internet. Unfortunately most of them are not anonymous.
Free service trying to provide list of public HTTP proxy servers. Usually provide small list of proxies with low percent of functioning servers due to hosting restrictions on CPU time (they simply can't allow themselves to check many proxies every second especially in parallel).

The Solution?
When using an anonymous proxy server you don’t give a anybody chance to find out your IP address to use it in their own interests. ;) If there is a need to make an (inner) proxy connect to the outside world via another (outer) proxy server, you can use the same environment variables as are used to redirect clients to the proxy to make inner proxy use the outer one:
http_proxy
ftp_proxy
gopher_proxy
wais_proxy
E.g. your (inner) proxy server's startup script could look like this:
#!/bin/sh
http_proxy=http://outer.proxy.server:8082/
export http_proxy
/usr/etc/httpd -r /etc/inner-proxy.conf -p 8081

This is a little ugly, so there are also the following directives in the configuration file:
http_proxy http://outer.proxy.server/
ftp_proxy http://outer.proxy.server/
gopher_proxy http://outer.proxy.server/
wais_proxy http://outer.proxy.server/

Abhimanyu Khanna

Hi guys , all of you who use Yahoo chat this blog would be really useful for you . here are few commands for the Yahoo Chat.



Yahoo Chat Commands:

/join [room] go to what ever room you wish

/invite [buddys name] sends invitation request

/tell [user] [message] private messages a friend

/follow [user] follows a friend

/stopfollow [user] stop following someone

/stopfollow [yourname] to stop them from following you

/goto [user] enters the room the user is in

/away [off] turn your private messages back on

/think [message] (type this to think what you want

/ignore [list] list everyone who you are ignoring

/ignore add [user] add someone to your ignoring list

/ignore [add all] ignores everything going on

Abhimanyu Khanna

Hi everyone. This is me Abhimanyu again . I thought about writing of tearing firewalls apart.

A firewall is basically something that protects the network from the Internet. 
It is derived from the concept of 
firewalls used in vehicles which is a barrier made of fire resistant material 
protecting the vehicle in case of 
fire. Anyway a firewall is best described as a software or hardware or both 
Hardware and Software packet 
filter that allows only selected packets to pass through from the Internet to 
your private internal network. 
A firewall is a system or a group of systems which guard a trusted network( The 
Internal Private Network 
from the untrusted network (the Internet.) To understand how a firewall works, 
firstly we need to understand 
how exactly data is transferred on the Internet. 

NOTE: The following is a very weird, short and incomplete description of the 
TCP\IP protocol, I have just 
given a general idea of the whole data transmission process so that everyone can 
understand firewalls. 

The TCP\IP suite is responsible for successful transfer of data across a network 
both the Internet and the 
Intranet. The TCP\IP suite is a collection of protocols which are inter-related 
and interdependent and act as a 
set of rules according to which data is transferred across the network. A protocol 
can be defined as a language 
or a standard which is followed while transfer of data takes place. Lets go 
through a brief explanation of how 
data is transferred across a network following the various components of the 
TCP\IP suite. 
The whole process of data transmission begins when a user starts up an Internet 
application like the email 
client or a FTP client. The user types an email in his client and in this way 
provides data to be 
transferred. The email client is said to be a part of the application layer of 
the TCP\IP stack. Now this 
application layer (email client) provides data (the email itself) which has to be 
transferred to the Transmission 
control protocol or TCP which constitutes the Transfer Layer of TCP\IP. TCP breaks 
down the data i.e. the 
email into smaller chunks called packets and hands over the responsibility to the 
Internet Protocol or IP 
which forms the invisible network layer. This Internet Protocol adds some various 
info to each packet to 
ensure that the packet knows for which computer it is meant for and which port 
or application it is going to 
meet and from where it has come. An IP datagram contains: 

1. A header which contains the Source and Destination IP, Time to live info and 
also the protocol 
used. There is also a header checksum present. 
2. Remaining part contains the data to be transferred. 

You do not need to understand all this in detail but just remember that TCP 
breaks data into smaller packets 
and IP adds the source and destination IP's to the packets. When the data reaches 
the other server IP hands 
the packets to TCP again which re assembles the packets. Port numbers are also 
used to ensure that the 
packets know to which application it need to go to. So, basically we can conclude 
that a successful 
transmission of data across a network relies on the source and destination IP 
and also the ports. 

A firewall too relies on the source and destination IP and also the ports to 
control the packet transfer between 
the untrusted network and the trusted network. Firewalls can be classified into 3 
types: 

1. Packet Filter Firewalls 
2. Application proxy Firewalls 
3. Packet Inspection Firewalls 

Packet Filter Firewalls 

They are the earliest and the most criticized firewalls, which nowadays are not 
easily found. They are usually 
Hardware based i.e. Router Based (a router is a piece of device which connects two 
networks together.) 
Whenever a Packet Filter Firewall receives a packet for permission to pass 
through, it compares the header 
information i.e. the source and destination IP address, and port number with a 
table of predefined access 
control rules If the header information matches, then the packet is allowed to 
pass else the packet is 
dropped or terminated. They are not popular due to the fact that they allow 
direct contact between the 
untrusted system and the trusted private system. 
To understand such firewalls lets take the example of the secretary that sits in 
your office. This kind of 
secretary allows only those people who have an appointment to pass but if you 
convince her that her boss 
wants to meet her then she would allow you to pass. 
Such Firewalls can be fooled by using techniques like IP Spoofing in which we 
can change the source 
IP such that the firewall thinks that the packet has come from a trusted system 
which is among the list of 
systems which have access through the firewall. 

Application proxy Firewalls 

The shortcomings of the packet filter firewalls are addressed by the new type of 
firewalls developed by 
the DARPA. It was widely believed that the earlier type of firewalls were not 
secure enough as they allowed 
the untrusted systems to have a direct connection with the trusted systems. This 
problem was solved with 
the use of Proxy servers as firewalls. A proxy server which is used as a 
firewall are called application proxy 
servers. 
This kind of a proxy firewall examines what application or service (running on 
ports) a packet is meant for 
and if that particular service is available only then is the packet allowed to 
pass through and if the service is 
unavailable then the packet is discarded or dropped by the firewall. Once this 
is done, the firewall extracts 
the data and delivers it to the appropriate service. There is not direct 
connection between the untrusted 
systems with the trusted systems as the original data sent by the untrusted 
system is dropped by the firewall 
and it personally delivers the data. 

Let's again take the example of a secretary. Such a secretary would take a gift 
or something else for you 
only if you are available in the office and it would not allow the visitor to 
deliver the thing but would personally 
deliver it to you. Although they are somewhat slower, they are much more 
secure as they do not allow 
a direct contact between an untrusted network and a trusted network. 

Packet Inspection Firewalls 

It can be also known as an extension of the Packet Filter Firewall. It not only 
verifies the source and 
destination IP's and ports, it also takes into consideration or verifies that 
content of the data before passing it 
through. There are two ways in which this kind of a firewall verifies the data to 
be passed: 
State and Session. 
In case of state inspection, an incoming packet is allowed to pass through only 
if there is a matching 
outward bound request for this packet. This means that the incoming packet is 
allowed to pass through only 
if the trusted server had requested for it or had sent an invitation for it. 
In case of session filtering, the data of the incoming is not verified, but 
instead the network activity is traced 
and once a trusted system ends the session, no further packets from that system 
pertaining to that session 
are allowed to pass through. This protects against IP spoofing to a certain 
extend. 
Such firewalls can also be configured beforehand to act according to pre defined 
rules when it is attacked. It 
can also be configured to disconnect from the Internet in case of an attack. 

All along you will come across many Firewalls on various systems, basically a 
firewall can be established 
or setup in two ways: 

1. Dual-homed gateway 
2. Demilitarized zone (DMZ) 

In a dual homed gateway firewall, there is a single firewall with 2 connections, 
one for the trusted network 
and the other for the untrusted network. 
In the case of a Demilitarized Firewall or a DMZ there are two firewalls, each 
with two connections, but there 
is a slight difference in the case of a DMZ setup. 
In the case of a DMZ setup, there are two firewalls, the first having two 
connections, one leading to the 
untrusted network and the other leading to the host systems like the email 
server or the FTP server etc. 
These host systems can be accessed from the untrusted network. These host systems 
are connected with the 
internal private trusted systems through another firewall. Thus there is no 
direct contact between the 
untrusted network and the trusted internal network. The area or region between 
the two firewalls is termed as 
the demilitarized zone. 
In the case of a Dual Homed Gateway the untrusted network is connected to the 
host systems (email 
and FTP servers etc) through a firewall and these host systems are connected to 
the internal private 
network. There is no second firewall between the host systems and the internal 
private trusted network. 
The basic structure of the DMZ setup declares it to be a more secure system as 
even if an attacker gets 
through the first firewall, he just reaches the host systems, while the internal 
network is protected by another 
firewall. 

Do Firewalls provide enough Security for my Network? 

The answer is a simple no. There is no such thing that a firewall is enough to 
fulfill or satisfy all your 
security concerns. Yes it does protect the trusted systems from the untrusted 
ones, but they are definitely 
not enough for all your security needs. We need to protect our systems to secure 
the company data. The 
most common methods used to break into networks are brute force password 
cracking and social 
engineering. A firewall in no way can prevent such occurrences. 

There are other ways in which attackers can steal or destroy company data. Phone 
Tapping and the use of 
spy gadgets has become a common occurance.Although providing safety to the 
network to a large extend, a 
firewall is still not able to protect the company data from Viruses and Trojans, 
although some firewalls do 
provide for scanning everything being downloaded, the rate at which new HTML, 
Java and other viruses are 
propping up, it is becoming very difficult for firewalls to detect all 
viruses. Anyway firewalls provide no 
physical protection to the networks. It also provides no protection from fire, 
tornados etc.Yet another 
shortcoming is the fact that if the attacker is able to break into a trusted 
system which is provided access by 
the firewall, then he can easily gain access to the data at your network, as the 
firewall will think that he is 
actually the trusted party. 




Abhimanyu Khanna