Copy Link
Add to Bookmark
Report
Analog.5 Issue 2
/------------------------------------------------------------------------\
| _______ |
| | | |
| ____ __ __ ____ __ _____ _____ | __| |
| / __ \ | \ | | / __ \ | | / _ \ / ___| | |__ |
| / __ \ | \| | / __ \ | |__ | |_| || |_---\ |___ \ |
| /__| |__\|__|\___|/__| |__\|_____| \_____/ \______| --__| | |
| | | |
| a n a l o g | | |
| \_______/ |
| |
\-----------------------------------------------------------------<sprx>-/
. Issue # 02 . | The Hak.5 | . .
: -----|---- |------------ | E - Zine | ------------| ----|--- :
|--------------|-- \--------------/ --|------------|
--------------------------------------------------------------
Analog.5 is a hacking eZine designed by the Hak5 community, for the Hak5
community. The editors of Analog.5 ask you to create articles to appear
in the ezine and help bring technolust to the masses. Articles can be any
size, and submitted by email. Almost all entries are instantly accepted.
This zine is licensed under the Attribution-NonCommercial-ShareAlike 2.5
license. If you don't want your work to be redistributed, do not submit.
Analog5@Live.com
Famicoman Mubix
Famicoman@live.com Jd.mubix@gmail.com
Editor-In-Chief Executive Editor
Table Of Contents.
Section.0.Analog.5: Update.....................................Famicoman
Section.1.Basic Networking.....................................gameman73
Section.2.Writing your own shell in C/C++.....................Nickisgod1
Section.3.A primer on PKI.........................................Cooper
Section.4.The Hackers conundrum By...........................FragUPlenty
Section.5.Rant.................................................gameman73
Section.6.A.C.R.O.N.Y.M. is an acronym.......................Bob.Chatman
Section.7.DVD to AVI: A brief How-to for Windows...................DigiP
Section.8.Keeping Your Windows Box Alive..........................Max302
The Amazing Analog.5 Logo and Ascii art was designed by Sprecker
|--------------|--------------\______________/--------------|------------|
: |-----|----------------/ \-----------------|---| :
. Section 0 . |--------------| |--------------| . .
Analog.5: Update
Well... I guess these updates are becoming a necessary thing. I don't
like the way they clutter the top of the zine like this, but they are
necessary. Anyways, I'll try and keep this one brief.
First off, I'd like to make a big thanks out to gameman73 and Nickisgod1.
This issue couldn't be possible without them, so if you see them on irc
or your instant messenger of choice, hell, if you're gonna go out to the
movies with one of them, be sure to thank them for their work and trying
to help me out.
A second thanks goes out to STox at http://binarycore.org STox over there
has a mirror of Analog5 and is even coming out with an ezine titled
"theCore" which I advise you all to check out when it is released. The
mirror hotlink is at http://binarycore.org/Analog5/
I also want to repeat what I said last issue. If you have ideas or need
ideas for articles, just head over to
http://hak5.org/wiki/Analog5:Requests
I'd love to see some people writing up columns. As always, if you have a
mirror, drop me an email or chat with me on the irc channel on
irc.hak5.org #analog5
So I say kudos to you and enjoy the ezine. I'm gonna go to sleep...
-Famicoman
Famicoman@live.com
http://hackinacan.siteled.com
|--------------|--------------\______________/--------------|------------|
: |-----|----------------/ \-----------------|---| :
. Section 1 . |--------------| |--------------| . .
Basic Networking
As per a request on the analog.5 wiki, and an idea I had planned anyway, I
present for your reading pleasure my network setup/general networking.
First off, Ill start with general networking. This is going to sound basic
to most readers, but I need to start somewhere :). First off, you have the
actual link type. In most cases, this is Ethernet, or can be other things
like fiber optics. This is the actual medium through which data moves
about. The next level up is the protocol. These are typically TCP/IP,
NetBIOS, and ipx/spx for windows (although windows XP comes with TCP/IP
setup out of the box) and AppleTalk, TCP/IP, and I think apples also have
NetBIOS and IPX support, but I'm not too sure. Over all, TCP/IP has pretty
much replaced most of these protocols, although the support was left over
for legacy reasons.
Alright, time for some poor ASCII art. For these examples, there is a
computer A and a computer B. When computer A wants to contact computer B,
computer A sends a packet to computer B, which gets routed through a
router (obvious name). When computer B receives the packet, it looks at
the packet to see which program it was sent to. Since computer A is trying
to connect to computer B, computer B must have some sort of port listening
to accept the connection on. The old example used to describe ports and
firewalls is a brick wall. Imagine a brick wall with 65535 bricks (there
are 65535 ports). Since there are bricks in between the service you want
to connect to, you cant get data to that service.
_______ ________
| | | |
| A | ------ | 22 | xxxxxxxx | B |
-------- ---------
In this example, "XX" represents a broken connection, "--" represents a
good connection, and "| 22 |" represents the firewall (the appropriate
rules for port 22). If that firewall wasn’t there, there would be a
connection. You can also set the firewall to allow connections.
NAT (network address translation) acts as a firewall when its being used
in its default mode. Essentially, NAT is what makes most home broadband
routers work. It allows multiple computers use 1 internet connection.
Lets see what happens when computer B is behind a NAT.
_______ ________
| | | |
| A | ------ | NAT | xxxxxxxx | B |
-------- ---------
The problem with Nat’s is that when it receives an incoming connection on
the public network, it has no idea what to do with it. Thus the need for
port forwarding.
Port forwarding tells the NAT that any incoming connections on such and
such port get redirected to some computer. Let’s see the previous example
with ports forwarded.
Ahh, I have a rule for this. Send to B
_______ ________
| | | |
| A | ------ | NAT | ---------- | B |
-------- ---------
And thus, the connection is established and both computers are happy.
Those are the basics of TCP/IP networking. Now I will brag a little bit
(it’s really not that impressive) about my network setup. *WARNING* bad
diagram time.
-------------- ------------ --------------
| DSL | -> | IPCOP | -> | NETWORK |
-------------- ------------ --------------
Alright, that’s the overall gist of how this works. The interesting part
(to me anyway) is how I have ipcop running with 2 routers, 1 not directly
connected to it, and all under the same networking scheme (ie, ipcop
controls dhcp leases, port forwarding, etc for all computers).
------------
| DLINK |
------------
Internet: Empty
1 : comp (family computer)
2 : NR041 (router, see below, make note of where this is connected)
3 : IPCOP
4 : Empty
Wireless: any and all wireless clients, including my laptop
Pretty standard setup here. I have DHCP turned off, and the ip address
set to be connectable from an IPCOP dhcp lease. Ill explain why/how in a
bit.
------------
| NR041 |
-------------
Internet: Empty
1 : Desktop
2 : laptop-server (yeah yeah laugh, it doesn’t get much use)
3 : DLINK (make a note of where this is connected)
4 : temporary network hookup for computers being serviced/laptop for
speed
No wireless. Again, no dhcp and an ip address change.
So why detail how this works. So that you can learn something ;). So
lets walk through this step by step, assuming we are connection from
the NR041.
1. Plug a computer in. Windows sees the link and sends a DHCP request on
broadcast (Broadcast is an ip address that basically tells the routers
to send this packet of data everywhere).
2. The NR041 sees the broadcast packet and forwards it to every port,
which ends up eventually in the hands of the dlink router.
3. The dlink router sees the broadcast request and resends it to all
ports.
4. The DHCP request eventually ends up in the hands of ipcop, which does
have a dhcp server running. It responds and it makes its way through
the routers.
As you can see, there is nothing special about both of these routers
(basic broadband routers). However, due to bugs in their programming (the
dlink requires a firmware update that makes it unstable, but includes the
features I want. The NR041 has the features I want, but has bugs (the most
noted one is http servers must be at the top of the dhcp clients list..
and network everywhere doesnt want to fix it). Even with these
limitations, these routers serve as perfectly find switches and wireless
access points.
-gameman73
|--------------|--------------\______________/--------------|------------|
: |-----|----------------/ \-----------------|---| :
. Section 2 . |--------------| |--------------| . .
Writing your own shell in C/C++
One might ask why, is there a need, is it useful? Well most likely the
answer is no, It's not needed, and in the long run it's only use is that
it introduces you to some very useful functions. However, It can be fun
if you have nothing to do and it is a great learning experience. That
being said, lets get a list of what we want our basic shell to do.
1) have a prompt which includes the host name
2) display the present working directory
3) change the present working directory
5) start other processes
6) start other processes in the background
7) basic piping.
8) quit on a certain string, lets say "exit"
I think this a pretty basic list of what a shell should do at its most
basic level, so lets get started. First lets build a simple frame that
gets input, and stores it in a string or c style array. For this example
well use a string, for no good reason other than i like them better.
However, seeing as most of the functions we will use later are C
functions it may be simpler and cleaner to use a C style array from the
get go. OK, lets include the standard I/O functions and the string
library to start with a simple while loop checking for exit, or a command
#include <iostream>
#include <string>
using namespace std;
int main(int argc, char *argv[])
{
string command;
do
{
cout<<"basic prompt: ";
getline(cin,command);
}while(command!="exit");
return EXIT_SUCCESS;
}
We now have a shell that display a prompt and waits for input, and quits
upon the string exit. All thats needed now is to parse our input for use
int main(int argc, char *argv[])
{
string command;
do
{
cout<<"basic prompt: ";
getline(cin,command);
string com;
//string to store switch
while(command[command.size()-1] == ' ' )
// trim tailing whitespace
{
command.erase(command.size()-1);
}
string::size_type pos = command.find(' ');
//find first command and isolate it
// if statement will find first command
if (pos == string::npos)
{
com=command;
}
else
{
com=command.substr(0,pos);
}
}while(command!="exit");
return EXIT_SUCCESS;
}
Now that we have a usable command it is time to start on our list.
Many of the functions used here are available from the unistd library,
so lets include that.
#include <unistd.h>
For the first entry on our list, we need to get the hostname and login
name, this can easily be done though calls to the functions
get_login_r(), and gethostname() used in something similar to this
char hostname[256];
gethostname(hostname, 256);
char user[256];
getlogin_r(user, 256);
Then we could then change our standard prompt to read something like
this
cout<<"["<<user<<"@"<<hostname<<"]$ ";
That solves list item one, now how about two, again there is a
function available to us to achieve this, getcwd(), it is used in this
fashion.
void pwdDisplay(){
char pwd[256];
getcwd(pwd, 256);
cout<<pwd<<endl;
}
Now we know what the pwd is, but how should we display it? Lets call this
our first built in function, we can either do this with if/else
statements, or use enumeration and switch on the string, for the sake of
simplicity we will use an if statement.
if(com=="pwd") getpid()pwdDisplay();
A note to the reader, although not always included here most, if not all,
of the functions I reference do set the errno, and return a negative value
on an error, error checking is good. Dont be afraid to use it.
Now the program can return the present directory, but what if the users
wishes to change it? This is the reason for our second built in function,
well call it cd. the ready built function we can use is also included with
unistd and is called chdir(), and takes a c style array as an argument, so
assuming we are using strings, we can do something similiar to this
void change_dir( string command)
{
string dir; //string to store directory
string::size_type pos = command.find(' ');
//find whitspace to look for directory
if (pos == string::npos) //no space means no directory
{
cerr << "you must enter a directory" << endl;
}
else
{
pos++; //move onespace up
dir=command.substr(pos,command.size()-pos);
//create a substring of the directory
if(chdir(dir.c_str())<0) //change to that dir
{
perror("chdir"); //error
}
}
}
Again don't forget your error checking and to add the function to your main
loop with something like
else if(com=="cd")
{
change_dir( command);
}
Alright first 2 done, any other functionality that the programmer would like
to add such as math ability, remembering history etc could be added here,
but since this does not really introduce new functions I will leave that as
an exercise to the reader. Now lets add the ability to start other processes.
To create the new process we will use fork(), which creates a clone of the
parent process, we can than replace the clone with our new process, for this
we will use a member the execve family. We will use execvp as it searches the
user path. For other examples in the family see man execvp and man execve.
The function takes a c style array as the first argument (the process we wish
to start) and an array of pointers(the process + its arguments). So again we
need to parse our command, sense I am using strings, and we need to get it
into an array of * char i used a string stream, but any way will work. We will
also assume that if the command given is not one of our prebuilt functions,
then it is an outside program, thus we will use the last else if in our loop
to call this function.
else if(com != "exit")
{prog_normal(command);}
and the basic function
void prog_normal(string command)
{
char argv2[10][128]; // c style to hold string to point at
char * argv[10]={NULL}; // array of pointers to char
string command1=command; // strings to maipulate
string command2;
stringstream ss(stringstream::in | stringstream::out);
// in out string stream for conversion
string::size_type pos = command1.find(' '); //find the first break
string arg1=command1.substr(0,pos); // this is the command
command1.erase(0,pos+1); //get rid of it
int c=1; // initialize counter
ss.str(arg1);
ss>>argv2[0];
argv[0]=argv2[0];
do
{
stringstream ss(stringstream::in | stringstream::out);
// in out string stream for conversion
if(c>9)
{
cout<<"error:To many arguements"<<endl;
break;
}
else if(pos == string::npos) // no args
{
break;
}
else
{
pos = command1.find(' '); // find the first arg
if(pos ==string::npos) // last arg?
{
ss.str(command1); //string to stream from
ss>>argv2[c];
//stream to a temp array to point at
argv[c]=argv2[c]; // point at array
}
else
{
command2=command1.substr(0,pos);
ss.str(command2); // see above
ss>>argv2[c];
argv[c]=argv2[c];
command1.erase(0,pos+1);
//remove stored command from copy of command
c++; // inc counter
ss<<' ';
}
};
}while(pos != string::npos);
pid_t child=fork(); // mk child
if(child==0)
{
if(execvp(arg1.c_str(), argv)==-1)
//run prog error out and kill if errors
{
perror("execvp");
pid_t curr_pid=getpid(); // get child pid
kill(curr_pid, 9); //kill with signal 9
}
}
else
{
wait(NULL); // wait till child completes
};
}
The same process can be used to start a process in the background, however
the parent need not wait for the child to finish. whether or not the program
should be started in the background can be determined with an if statement
checking if the last character in the command is an ampersand.
Now for the final function of our list, the piping, to do this we will need
to utilize two new functions, dup2() and pipe(). dup2() is used to copy a
file descriptor, and pipe creates a new pair of file descripters, which allow
the parent and child to communicate(0 is for writing, 1 for reading). For
dup2() 0 is stdin, 1 is stdout, and 2 is stderr. Therefore the first thing
we need to do is create our pipe.
int pipe_array[2];
pipe(pipe_array);
Now to add some functionality to the code. It is essentially the same as our
earlier function but we add this if statement after we get the command 2
substring
if(command2 =="|")
{
pos = command1.find(' '); // find the first arg
command1.erase(0,pos+1);
pid_1=fork();
if(pid_1==0)
{
// child
// redirect the stdout
if(dup2(pipe_array[1],1)==-1) //copy stdout to pipe_array write
{
perror("dup2");
}
if(execvp(arg1.c_str(), argv)==-1)//run prog
{
perror("execvp");
pid_t curr_pid=getpid(); // get child pid
kill(curr_pid, 9); //kill with signal 9
}
}
else //parent
{
wait(NULL);
close(pipe_array[1]);
prog_with_pipe(command1); // start second process
command1.clear();
};
}
and don't forget the file descriptor copy in the second parent added after
our while loop.
if(string::npos==command.find("|")) //if no more pipes execute final prog
{
pid_t child=fork(); // mk child
if(child==0)
{
if(dup2(pipe_array[0],0)==-1) // copy stdin to pipe read
{
perror("dup2");
}
if(execvp(arg1.c_str(), argv)==-1)
//run prog error out and kill if errors
{
perror("execvp");
pid_t curr_pid=getpid(); // get child pid
kill(curr_pid, 9); //kill with signal 9
}
}
else
{
close(pipe_array[0]);
wait(NULL); // wait till child completes
};
Since we are only going for basic piping here this code will only work with
one pipe, However it is quite possible to have multiple pipes, again this is
an exercise I leave to the reader, Just be sure to remember that pipes are
one way, and to mind your openings and closings.
We have now created a program, which has built in functions, can spawn
processes, and has single command piping. A very basic shell, but usable. I
invite the reader to add their own functions to make it usable for them.
Should you wish your new program can be set as you shell using the chsh
command. So play around with it, maybe you'll learn something new.
-Nick S. aka Nickisgod1
|--------------|--------------\______________/--------------|------------|
: |-----|----------------/ \-----------------|---| :
. Section 3 . |--------------| |--------------| . .
A primer on PKI
Suppose you need to transmit a private message to someone across an
untrusted network. What would you do?
Obviously you'll need to encrypt your message. But for that you need a
key, and the receiving party needs to know about that key so they can
decrypt your message. So you set up a meeting with this other individual,
and you two decide on a key to employ. You both take this key back with
you, and from that point on communicate in a secure manner by encrypting
all you data using that one key.
This is called symmetric cryptography, the symmetry being that both
parties know the key. The problem with this is that you need to trust the
other party to keep this key secure. The assumption is made that no other
person has access to this key, so when you receive a message encrypted
with this key you trust it to have come from the other person. When it's
only 1 key you have to worry about, this might still be doable. But what if
you've got a network of people you need to stay in touch with in a secure
way? All the people on this network need to be able to securely communicate
with each other. Having a special key for communicating between 2 people in
the network means each person's key repository will grow exponentially with
the size of the network. Meeting with all these individuals personally to
decide on a key becomes troublesome and may expose your relationship, and
if someone loses his keys the fun can really start.
The solution lies in the use of asymmetric cryptography, also referred to
as public key cryptography. The concept of asymmetric cryptography is that
each individual has a private and a public key. When you want to securely
transmit a private message to someone you can encrypt it using the
receiver's public key. The receiver must then use his private key to
decrypt the message. As he's the only person who has access to this
private key, you know the message will remain secure while in transit. But
since the public key is public in a rather literal sense of the word,
what's to stop someone from intercepting your message, throwing it away,
and sending a different message to the receiver, claiming to be you? The
answer lies in another function of public key cryptography: signing. You
can compute a signature over your message using your private key, and then
attach it to the outgoing message. The receiver can then verify the
contents of this message using your public key, and thus be assured that
the message was sent you, and has also not been tampered with while in
transit.
As always, there's a drawback to using public key cryptography. Typically
the keys needed considerably longer than those needed by symmetric
cryptography. More importantly, the algorithms used are considerably slower
than their symmetric counterparts. One popular way of dealing with this
last drawback is for the sender of the message to enrypt the message using
a secure one-time key and a symmetric encryption algorithm. He then
encrypts this one-time key with the public key of the recipient, and
attaches it to the sent message. When there are multiple recipients, simply
repeat this step for each recipient. The recipient can use his private key
to decrypt the one-time key and use that to decrypt the actual message.
So now that you know the difference between symmetric and asymmetric
cryptography, there's one more problem to fix. So you have this file that
contains someone's public key. How do you know it's in fact HIS public key?
Public keys are stored and transmitted as certificates, which combines the
public key value with the name of the person the certificate belongs to. But
people can still lie about who they are. So how do you know?
There are 2 ways to know. First is the old fashioned way of simply meeting
in person, proving to eachother that you are who you say you are, and
then exchanging self-signed public keys for future communication. You
should add this certificate to your system's trusted key repository, or
Truststore, to get your system to accept it for the encryption of outgoing
messages and verification of signatures on received messages.
The other way to know is via a trusted third party. This trusted third
party is called a Certificate Authority or CA. Instead of using self-signed
certificates a person would sent the CA a certificate request, which
contains his public key plus some additional, personal information about
the individual. The CA would then verify this information and if he is
satisfied the presented information matches that of the person requesting
the certificate, he would use his private key to sign the certificate of
this person. Now, this person can unsecurely send out this certificate,
and the recipient can, using the public key of the CA, verify its signature
to determine that this certificate belongs to you.
There are a number of big, commercial CA's out there that have very, very
strict rules and procedures that you need to follow to get your certificate
request signed. Their entire business is built around the idea that they
are trustworthy so getting them to trust you takes more than just some
money, a smile and a handshake. I'm sure people are familiar with Verisign
as a CA, but there are a number of others, including Comodo and Hak.5
sponsor GoDaddy.
For some groups, using one of the big CAs simply isn't practical. It costs
too much, the local, repressive goverment might look down on people that
seek to prevent others, including law enforcement, to view their messages,
and so on... An alternative is to simply assign one or several members of
your community as a CA. The requirements to getting your certificate signed
will probably be less but since the group is likely to be small there's a
good chance people already eachother anyway. This last way of organising a
CA has been coined the "Web Of Trust".
It's important to realise what signing someone else's certificate
signifies. Chances are that in all but the most private of conversations,
people will trust that a certain individual is person X because you as a CA
said so, and they trust you. This is why, for this trusted third party
thing to work, it's pivotal that you actually meet face to face with
someone who can present you with sufficient identification that attests to
his or her identity before you agree to sign their certificate. This is in
fact what the signing parties are all about. You don't (or shouldn't) trust
an untrusted distribution network like email to bring you certificates for
signing. It could be anybody who sent you that stream of bits!
The one remaining unexplained thing in this is just what exactly PKI is.
PKI is the abbreviation for Public Key Infrastructure, and it's the whole
package of dealing with the distribution and management of public keys.
The mechanism of assigning an person's identity via an intermediary like a
CA or a trusted third party from your community. As asymmetric cryptography
is such an integral part of PKI people often consider this part of PKI, but
as it has very little to do with infrastructure, it really should not be
seen as such.
If you want to start playing with certificates, look no further than the
OpenSSL suite of programs. You can get them at this URL:
http://www.openssl.org They only distribute their product in sourcecode
form. Most Unixes come with OpenSSL pre-packaged by default, so look at
your package manager to see if there are precompiled binaries for your
platform. Behind the 'Related' tab on the left of the OpenSSL website you
will find a link to precompiled binaries for the Windows platform.
The manual for these programs can be a bit daunting, so here are a few
commands to get you started:
openssl genrsa -des3 -out myname.key 2048
Generate a 2048-bit RSA key-pair (contains both the public and private
key), encrypted using des3. The result will be stored in a file named
myname.key and you'll be prompted for a passphrase:
openssl req -new -x509 -days 1001 -key myname.key -out myname.cer
Create a self-signed certificate for this personal key. This certificate
will remain valid for 1001 days, and be stored in a file named myname.cer.
You will be prompted for the passphrase of your private key and a number of
items like your country code, city, etc.
In order to sign other peoples' certificates, you need to set up a
directory structure that is described in your openssl.cnf file, and create
a new key-pair and certificate solely for your CA. You could use your own
key-pair and certificate, but it's more secure to have one set for signing
certificates and another for your day-to-day encryption and verification
needs. The directory structure to create with the current version of
OpenSSL's default openssl.cnf can be created with these commands:
mkdir demoCA
mkdir demoCA/newcerts
mkdir demoCA/crl
echo "" > ./demoCA/index.txt
echo "01" > ./demoCA/serial
On Windows, those slashes should of course be replaced by backslashes.
openssl req -new -key myname.key -out myname.csr
Generate a certificate request from our private key, to be sent to the CA
for singing. You will be prompted for the same information as with the
self-signed certificate, plus 2 extra fields which I left blank.
openssl ca -policy policy_anything -cert ca.cer -in myname.csr
-keyfile ca.key -days 360 -out result.cer
This is a single command that I split up over 2 lines. This command will
process the certificate request in 'myname.csr'. It will display the
information from the request to you, and ask if you really wish to sign it.
You should try to verify the data presented to you before selecting yes.
Afterwards it will ask if you want to update the database in which issued
certificates are being tracked (this is used for certificate revocation,
should that need arise). You should answer yes.
openssl x509 -in result.cer -text
Display the contents of this signed certificate. When compared to the
self-signed certificate created earlier you'll notice that the data in the
signature field is different.
openssl x509 -in result.cer -outform DER -out result.der
The certificates generated above are in the PEM format, but Windows tends
to prefer the DER format for some uses. The above command transforms
the certificate to DER format.
-Cooper
|--------------|--------------\______________/--------------|------------|
: |-----|----------------/ \-----------------|---| :
. Section 4 . |--------------| |--------------| . .
The Hackers conundrum By
I think the realization of who you are occurs in high school, and most
schools have a place to put you to help you realize your potential. An
athlete interested in football would probably want to join the football
team, if they are interested in soccer they join the soccer team. The
problem that we face is that there is no team for us. We quickly realize
that what we want cannot be satisfied by the programs that schools offer,
they do not offer something for us. The last time I checked, all the
computer courses did was teach you how to use Word and Powerpoint.
“I am a hacker, enter my world...
Mine is a world that begins with school... I'm smarter than most of the
other kids, this crap they teach us bores me...”
Hackers are quickly ostracized from the social structure that runs the
schools, you have a groups of people that hang out together. The athletes,
the preppy kids, the wanna be gangsters, the real gangsters, the stoners,
and of course we cant forget the rich kids that probably should go into
the preppy group. Heres our problem initially upon entry into the high
school world we almost immediately realize that we wont fit in.
“Damn kid. All he does is play games. They're all alike.
And then it happened... a door opened to a world... rushing through the
phone line like heroin through an addict's veins, an electronic pulse is
sent out, a refuge from the day-to-day incompetencies is sought... a board
is found. "This is it... this is where I belong..." I know everyone
here... even if I've never met them, never talked to them, may never hear
from them again... I know you all...”
Then we begin to realize the reason we do not fit into the high school
atmosphere. It is because the high school atmosphere was not intended for
us. It was intended to help people like the above mentioned groups succeed
in life and society. Hackers however are seen as unimportant, they are
seen as being the counter culture of success. Its not that we are anti
social, actually it is usually quite the opposite most will answer any
computer question you have, Usually in great detail and length. This is an
oddity because most people assume that in order to have knowledge of
something that you need a diploma or certification of some sort. This
results in us having a problem, where as we are unable to proceed with our
lives due to the fact that high school will totally turn you off of any
school in the future. Soon though A hacker finds an outlet, some way to
make a living off what they do. Usually this happens later in life though.
“This is our world now... the world of the electron and the switch, the
beauty of the baud. We make use of a service already existing without
paying for what could be dirt-cheap if it wasn't run by profiteering
gluttons, and you call us criminals. We explore... and you call us
criminals. We seek after knowledge... and you call us criminals. We exist
without skin color, without nationality, without religious bias... and you
call us criminals. You build atomic bombs, you wage wars, you murder,
cheat, and lie to us and try to make us believe it's for our own good, yet
we're the criminals.”
Eventually we realize this is our world that we can tap into the system
and use it to our advantage. We have the ability to do things that others
cannot, we can stare for hours at code, or hardware and without even
knowing what we are doing, fix it, or modify it to do something better. It
is almost as if our subconcious mind has been modified to allow us to
understand how computers work at a level others cannot.
“Yes, I am a criminal. My crime is that of curiosity. My crime is that of
judging people by what they say and think, not what they look like. My
crime is that of outsmarting you, something that you will never forgive me
for. I am a hacker, and this is my manifesto. You may stop this
individual, but you can't stop us all... after all, we're all alike.” All
quotes taken from “The Hacker Manifesto” By: The Mentor
-FragUPlentt
|--------------|--------------\______________/--------------|------------|
: |-----|----------------/ \-----------------|---| :
. Section 5 . |--------------| |--------------| . .
Rant
The Internet has come a long way, although it may not have been for the
best. It has seemingly gone from being a research/educational tool, to
being used as a weapon and for profit by many people. Governments,
corporations, and individual people have taken advantage of the trusting
nature of the internet and has turned it into something that people dread
to explore. I'm not an "old-timer" reminiscing on old days (been on the
internet since 2000ish), but one look at some of the more basic features
of the internet will tell you it wasn't designed to withstand the stress
we put on it. Take a look at POP3. Our beloved e-mail protocol has been
around since 1996*, yet is still in use today. Our e-mail is flying
around the Internet without mandatory encryption (by default is my
*GUESS*, however POP3 CAN be run with encryption). With simple software
programs, it is dead easy to sniff out passwords from wireless and wired
networks alike.
Now to set this back on course. By default, the internet has gotten to be
an insecure place. However, there are people who have chosen to capitalize
on this instead of helping the problem. It has gotten to be necessary to
use a firewall of some type. One could argue that it's stupid not to put
a firewall on your computer, but why is that? Someone on the other end
might own it? That's a good point, but as far as I know, its still
illegal in most countries to intrude into others' networks, yet it
happens day in and day out. In this day and age, with thousands upon
thousands of people using computers, it has gotten easier and easier to
"own" machines, and yet there are still people who believe that it is
"cool" to infect hundreds or thousands of computers for nothing more
than their personal enjoyment. Spammers flood the internet with their
junk, in hopes of snagging a few people to actually click on their
message, which usually gets sent to junk filters. Or, they may get hand
deleted, causing thousands if not millions of man-hours to be wasted.
And lets not even mention the bandwith they waste. Spyware/malware
vendors focus on new ways to embed their junk into the most obscure
parts of windows causing most people to pay for specialized services to
get rid of it. Usually costing them anywhere between $80 to $120 or more,
plus the possibility of data loss (if a format is deemed necessary). NONE
of this is hacking, this is exploiting.
So I suppose my point is who is to blame for this? Do we blame the simple
people who just want their computer to work? Or do be blame the people who
make this possible? Or how about the people who ACTUALLY do this and think
there is something to gain out of it? Or we could blame the people in
charge of making the decisions that lead to the security holes that allow
these to happen? Personally, I blame the people who use this maliciously.
I think Foxx from BSoD put it very nicely when he said "Hacking is the
exploration of a system." While I don't agree with everything he has said,
this makes sense. While exploring, you can look, poke, and do various
things. However, exploring is not exploiting. Exploiting vulnerabilities
only makes you a "cracker" (in the evil hacker sense), and with the
internet being designed to be a trusting place, that isn't a hard thing
to do.
When it comes to "white hat" "grey hat" or "black hat", the only real
choice when "hacking" in the traditional sense is white hat, or grey hat
if it's important information or the company isn't doing anything. Grey
hat does NOT mean make your own virus botnet to really show this company.
Do the responsible thing and post it somewhere where everyone can see and
for it to gain attention. Software bugs won't be going away any time soon,
so if you expect the situation to get better any time soon, think again.
Unfortunately for every 10 people with ethics or morals, theres 100 or
more people willing to exploit it for their own gain. The only viable
solution in my opinion is tougher enforcement of pre-existing laws or
convincing the main offenders that they need to back off. Right now, the
internet is in a position where no one person or country can control it.
Unfortunately, other than attempting to solve the problems one by one,
only to have them be broke again (in a similar fashion to drm), there
doesn't seem to be a real solution.
* POP3 RFC located at http://tools.ietf.org/html/rfc1939
Mad props to manuel and Moonlit for proofreading. Thanks guys.
-gameman73
|--------------|--------------\______________/--------------|------------|
: |-----|----------------/ \-----------------|---| :
. Section 6 . |--------------| |--------------| . .
Abbreviated Coded Rendition of Name Yielding Meaning. --
A.C.R.O.N.Y.M. is an acronym.
The camps are split, and the shoes are coming off. It's indeed time to
start a battle of biblical proportions. I really wish that this wasn't
something that needed to be said, but wow is it difficult to take part
in development of the interwebs and not be bombarded by this craziness
that some call pronunciation. Do you say SQL as ESS-QUE-EL or do you
say SeQuilL or SeQueL? Should you say Lahl or just those hippies say
that and laugh on your insides? Do you actually take the time to say
WWW at all? I suggest that you take a step back from this 'debate' and
take some time to actually think before you speak.
IRC – (EYE ARR SEE)
This debate came up first back in early high school when I used to
take part in EFnet back before it became a cess pool. One guy would
tell another guy, note that this is what we talked about in school,
that he was going to change his irk channel and a riot would ensue.
Fur would fly and folks would get heated and overly energetic, until
they realized that the person who had said it was actually out of his
mind and had never realized that IRC was an ACRONYM. What's that I
said?
Acronym - a word formed from the initials or other parts of several words.
What does this mean to you? Well, for what its worth, there are quite
a few acronyms that lend themselves to be pronounced, i.e. NATO, but
at the same time they are also more than one word, and for that matter
they are technically written differently, as period separated letters
to denote that they are infact acronyms – N.A.T.O. These periods are
there for a reason, to remind you that they are not a word. Keeping
that in mind it doesn't take much of a step of logic to be able to
realize that NATO is actually supposed to be En Aye Tee Owe.
Now I can hear your blood starting to boil. OMG WTF! Please don't make
me laugh at you. I assure you that I won't be forcing you to stop
looking like fools. IT, pronounced EYE TEE, is an industry that is
peppered with long and loosely named tools and features and it is
definitely easier to say Sequel than it is to say Standard Query
Language. The issue arises when someone says Sequel referring SQL when
they are actually referring to an application of the same name, and
mistaking it for the pronunciation of SQL, which is actually
pronounced as its spelled (ESS QUE EL), unlike many CIO's have been
bred into believing. Microshaft has done its part with its marketing
department actually instructing people to refer to its SQL server as
Sequel server. What a joke. It is only a larger shame because of the
lack of any traction and the perpetual circle of uninformed folks
making the mistake of trying to sound smart. May the lord smite him,
if he would take the time out of making folks think it's alright to
say LAWL at parties, instead of actually taking the time to laugh.
I doubt many of you would argue that saying something stupid as
STUHFOO at a party would constitute being a loser, but I have been at
parties (LAN & the ones girls actually show up to) and heard folks say
LAWL or OWE EMM GEE in the company of complete strangers. For one
reason or another, these people usually stand out like sore thumbs,
especially if you get them a shot of Jagermeister. Just think about
yourself being this fool as he spouts off this garbage he picked up
through AIM chat thinking he was hip with the latest lingo. He finds
out far too late that he has actually crossed the line, and made this
party, as all the others he has attempted to step into, into another
festival of making nerds look like losers.
Gamers United.
A few days back one of my colleagues took the time to utter something
that… to this day is completely unexplainable and I hope that I will
never be able to forgive him for it. After a meeting that I did
exceptionally well in he tapped me on the shoulder to get my
attention. I took my headphones off, listening to the floyd of all
things, and he looks at me in the eye. For a moment I thought I saw a
spark of intelligence in that miserable excuse for a brain that he has
been blessed to have. Without stammering in the slightest he nodded
his head and said GEE GEE. My heart skipped a beat; had I just heard
that?! Yes, my god there is nothing left for me to do on this planet.
He has left the building.
For those of you without mothers to steer you in the right direction,
and give you that pat on your back to let you know you are making
acceptable decisions, I suggest that you don't get your panties in a
bunch too much over this. FTW, for the win, and FTL, for the lose, are
not going to cause too much hooplah with me, although FTL is
definitely the wrong way to say something sucks. There is definitely
some grey area here, of course. But please keep in mind that your
actions impact the way the worlds young see all nerds. We never got to
have a football team to stick together, hell its hard enough to find a
group of five guys/gals to actually co exist and socialize with, let
alone actually do something productive with them. We are a group of
unimaginatively large size that are all impacting each others lives.
It is terrible when a manager turns to an employee and says "You know
what we need?! You should move us to the new Microshaft Sequel
Server," but it's a travesty when a fellow developer turns to you and
says GEE GEE.
-Robert (Bob) Chatman
bob@gneu.org
http://www.gneu.org
|--------------|--------------\______________/--------------|------------|
: |-----|----------------/ \-----------------|---| :
. Section 7 . |--------------| |--------------| . .
##################################################
#### .##########################- ####
#### +### ## ### -# #- ### ###
#### +#### ## ### ~######## ###- ~###
#### +### ### ##P ## ### ###- #########
#### ### ##- # #- #########
##################################################
DVD to AVI: A brief How-to for Windows by DigiP
Ok, a lot of people have asked this question, and I see that
there are many ways to do this. First, I want to stress that
I do not condone piracy. Copying DVD's from your own home videos
is more what this is intended for and you will need an UNLOCKED
dvd in order to do this. Cough...
So, you wanted to rip your home video dvds to your pc to put
clips on the web, like clips on youtube, etc, but your not
quite sure how to get it from your dvd to your pc in a useable
format. Mainly you will want this in either an mpeg or avi
format, but were talking about that AVI format just for its
common use on windows and the many codecs and programs for
compressing and editing them.
Get your tools ready:
(See also: http://nickyguides.digital-digest.com/synth-vdub.htm)
First things you will need are some Mpeg-2 filters to read a
DVD. Now, people with a software dvd player will notice they can
watch dvd's on their pc, but this is only because the program
can decoded the mpeg-2 video stream (VOB files are actually
mpegs) but copying them to the pc from the dvd itself
makes them unreadable because they are encrypted. You would need
a program to copy these from the dvd to an unlocked format on the
pc, but that would be against the law..google...cough..Most home
made dvds are already unlocked.
Second, you will need an AC3 filter (if you want to
keep original AC3 multichannel sound) or decoder for AC3 to stereo
output. This is because DVD's contain many different audio streams and
can have multiple languages on one disc.
And thirdly, you will need a program that can tie all of these
together in order to read the dvd files and output it to AVI (or mpeg
depending on the software you chose).
MPEG-2 video and audio Filters:
http://files.divx-digest.com/nicky/all-filters.zip
Virtual Dub : http://www.virtualdub.org/
AviSynth : http://avisynth.org/
xvid codec : http://www.xvid.org/Xvid-Codec.2.0.html
I personally use AVISynth and VirtualDub for all my editing of
DVD material, and most other formats that use DirectShow filters
for importing video files, but you can use others like T-Mpeg, etc.
(check google)
The first thing you will want to do is get those Mpeg filters and
reg them into windows. You can use regsvr32 from the Run prompt for
Multiple_MPEG2_Source.ax, Mpeg2Parser.ax and Mpeg2Decoder.ax or if
your not handy with that, drag and drop them onto RegDrop:
(http://files.divx-digest.com/nicky/regdrop.zip)
YOU DO NOT NEED THE DUMP.AX, WAVDEST.AX or IVIAUDIO.AX! Delete them!
Install AviSynth and Unzip/Compile/Install virtual Dub on your pc
or get an already compiled version.
Once you have everything installed, you will want to grab your dvd. Your
now going to write a simple script that will allow you to import the dvd
files to VirtualDub. Open any text editor. Type the following:
DirectShowSource("drive:\somefile.vob")
where drive is the drive the files are on and somefile.vob is the first
vob file you want to import. For ripped dvds on the hard drive that
contian extra content, you will have to see which files are for which in
your dvd once you open them in virtual dub.
Now save that file as "MyDvds.avs" and open it with Virtual Dub. For
advanced editing, I "Ask for extended options" when opeing a file. This
gives you some other things you can play with before opening the files,
like change frame rate, split interlaced video, etc. You will have to
experiment to see what works best for your needs, but you will usually
want to de-interlace the video, as well as resize them to a smaller screen
res for ease of use. You can also specify these commands in the avisynth
script we just made, so get familiar with the commands and making small clips.
Now that you have it loaded, you will see two video windows. The one on
the left is the original video, the one on the right is what your output
will look like when finished. Click play button and you will see the video.
Click stop, and then the second play button and you will see the original
and dubbed output. This gives you an idea of the basics. Now lets add some
compression. Go to the menu for VIDEO and then select COMPRESSION. Scroll
down to the xvid codec and click configure. Now this will be where you
set your compression levels. Each person has their own preference, but I
like to set it to a target bitrate of 800 (click the Target Quantizer to
toggle back and forth) This is great for smooth video and fast action as
well as keeping the size down on the avi putput. Now we need to change the
audio settings. Select AUDIO and then Full Processing on the menu. This
enables advanced audio editing features. You can now select COMPRESSION.
Check off MP3 and then on the right 48kB/24,000. This is where you will
save 90% of the file size when converting the files. Otherwise the AVI
file will be as large if not LARGER than the original file. You can also
add a video filter to reduce the size of the output as well, but that is
up to you. I personally would not suggest keeping the original size if it
is going to be uploaded to the web, but for personal viewing, this may
be ok on a fast pc. If reducing the size, start with the easiest setting
2:1 reduction High Quality. This will speed up the conversion as well.
Now save the file as an avi somewhere on your pc and your all done! You can
use virtual dub to delete certain parts and save just small clips, like 30
seconds, or whatever, but you will have to get used to the program and its
interface to do this. I am not going to go into it any further than what
I just showed you, but google is your friend, so get er' done.
A 148 meg vob file can usually be reduced to about 28 megs using the methods
I have shown here. You can achieve even smaller footprints by changing the
codec settings for both the video and audio, but you will start to degrade the
quality as you go down that road.
Any questions on any of these programs, see their respective sites for
notes, or check google.
-Digip
|--------------|--------------\______________/--------------|------------|
: |-----|----------------/ \-----------------|---| :
. Section 8 . |--------------| |--------------| . .
Keeping Your Windows Box Alive
Everybody hears the same thing over and over and over again on IRC,
podcasts, from friends, wherever:
I cant keep my Windows XP install on my PC longer than 3 months, it’s
friggin annoying.
You know what? Then you are doing something wrong. So instead of bitching
about Microsoft like everybody does, I’m going to deliver in this article
5 ways of optimizing your Windows XP box and avoid all that useless
bitching.
Step 1: Take Care of Your Registry
Everybody knows that the big flaw in Windows product is the registry. As
soon as you start installing software, hundreds of entries are created,
and after that, they are not necessarily well organized or maintained,
or even check for validity, which causes fragmentation of information,
and storage of useless data.
Since Microsoft did not thing beforehand of creating a registry cleaner
to be shipped with it’s products some third part software is necessary.
Usually, I opt for opensource or freeware solutions for my articles,
but in this field, there is no free alternative, so you might end up
spending a couple of bucks for a registry cleaner.
Basically, you have two choices. Well known registry cleaners are either
the AMUST Registry Cleaner or PCTool’s Registry Mechanic. The two are
basically the same thing, with easy scanning and repair as well as
compacting of your registry on all version of Windows from 95 to XP SP2,
with the only important difference being the price, which is 50 $USD for
Registry Mechanic and 30 $USD for AMUST’s product.
Personally, I have used the two and don’t have a specific recommendation.
It seems to me as the two do the exact same job, but considering the fact
that PCTools has received many awards for it’s software, you might want
to go with them if you have a couple more bucks to spend.
Once you have one of those purchased, scan every week or biweekly, or
pretty much everytime you feel like it or if you know you have been
installed and uninstalling stuff. The scan itself should take only about
10 minutes top on a slow system with lots of errors, and fixing is a
matter of seconds usually. As for performance gains, they are important
even on a machine with a relatively fresh install of XP. The changes are
usually felt as soon as you reboot. Another important thing is compacting
the registry, which should be done every 2 months or so. These makes you
registry much more consistant and the search time for entries is
decreased by much. Since pretty much every program that runs under
Windows uses the registry, this speeds up your computer LOTS.
Step 2: Defrag More Often
This is a simple thing that is very often neglected. The fact that
information is spread around your hard drive(s) can be a factor to a slow
machine, this is specially true if you don’t have NCQ on your disks,
which is still to be mass implemented, or if you have slower disks like
the 4200 or 5400 RPMs usually found in a laptop.
I suggest defragging every month or so, less if you have a tendency to
move less files around. Also, remember that to defrag properly, you must
have the least possible programs running on your machine at the time of
the defrag, to prevent files in use of being skipped. You might want to
do this overnight to not waste precious time.
Personally, I find that Microsoft’s built-in defrag tool is enough for
what has to be done, but if you want, you can Google up some commercial
solutions, at a cost.
A good practice would also be to regularly clean your disk with
Microsoft’s disk cleaning tool, found on the same panel as the defrag
tool. Looks like something useless, but I save 500-600 megabytes only by
clearing out my temporary files and MS Office install files.
Step 3: Manage Your RAM
Everybody knows that now, for the average user, the minimum required RAM
to run XP smoothly is 512 MB. However, even with the required 512, there
are still some limitations, and some machines may crash upon more memory
intensive applications such as games on these machines with less RAM. I
had this problem on my laptop, once every two times, my machine crashed
and froze when I connected to an Enemy Territory server and loaded the
maps.
Crashes can be caused by many things, including overheating hardware, a
possible scenario for a laptop, but I discovered that what made my
machine crash is the saturation of the RAM. To remedy this, I downloaded
a tool called FreeRAM XP Pro. This freeware tool is designed to watch on
your machine’s RAM usage, optimize it, and clear it when necessary,
saving you the crash that you would normally get on a case of memory
saturation.
As was said earlier, the tool is totally free, and available from
YourWareSolution’s website.
Step 4: Remove the Fluff
Windows XP comes loaded with services and features that most of us more
advanced users do not need. The obvious is course the XP theme, which in
itself does take up some system resources, but there are also less
obvious ways of increasing your machine’s performance by removing some
useless services and features.
First thing to look at is the visual options. Right click on My Computer
and go to Properties. Under the Advanced tab, you will find a button
entitled Performance. Click it, and explore the options. If you really
want to go total performance wise, then uncheck them all, at the cost
of the loss of some basic visual effects like character smoothing. In
general, everything that concerns animations and shadows are useless,
so you can uncheck them, and for the rest, you can experiment with it
at will, as they are reversible at all times.
Another tip that could increase your system performance by loads, but
this time is slightly more dangerous, is the managing of system
services. There are plenty of guides on the thing and that personally,
I haven’t tested them all, I can only point you to the lot, but chances
are that you will quickly find a good one. Be careful, removing a
critical service can possibly mean kill your machine.
Personally, since I did not need a huge gain for what I do with my
computer, I simply listen to the advice given to me by SiSoft Sandra’s
computer analysis tool. The tool looks at your system component by
component, and list the possible upgrades and configuration
improvements. Although in this case the services to be disabled list is
smaller than in other guides, but the suggested removals are much
safer. But Sandra doesn’t just give tips about services, lots of
hardware and BIOS setting recommendations can be found in a report.
Step 5: Protect Your Baby
Breaking news: Windows machines are vulnerable to viruses and spyware.
Scary. So get an Anti-virus. Many people, including advanced users
neglect the presence of a good AV on their system. Sure, you don’t need
to be bulletproof on your machine if you already have security devices
on your upstream network, but still, between bare and barricaded,
there is a balance. My AV suggestion would be Alwil’s Avast AV. Apart
from being totally free, it has pretty much the same feature as
Symantec’s Norton, without the firewall and the resource hogging.
Apart from a comprehensive list of virus that is frequently updated,
Avast also includes many live filters for potential Peer to Peer, Mail,
and Web threats that are very effective, detecting malware faster than you
can recognize it. Just like Norton, it scans everything real time
according to your specifications, and alerts you whenever it finds
something suspicious. It does not include a firewall, but in my opinion,
the Windows Firewall does a pretty good job of filtering unwanted traffic.
Usually, common sense will tell you if you have to scan files or not, but
a good in depth scan every 5-6 months is always good too.
There you are. Follow these steps, and I guarantee that scrapping your
Windows install will be much tougher.
-Max302
. -----|---- |--------------| |--------------| ----|--- .
|--------------|-- \--------------/ --|------------|
--------------------------------------------------------------
