Troyano bancario, keylogger + captura de pantalla

Fuente Enviado por admin
27/09/2006

Descubierto un nuevo troyano bancario que combina la captura del teclado físico con una técnica optimizada para los teclados virtuales.
Está diseñado específicamente contra los usuarios de diversas entidades de Argentina, Bolivia, Brasil, Cabo Verde, España, Estados Unidos, Paraguay, Portugal, Uruguay y Venezuela.
La principal novedad de este troyano reside en la combinación de la técnica keylogger tradicional con un método de captura de pantalla optimizado para los teclados virtuales. Esta combinación le permite atacar a una gran variedad de páginas de autenticación de acceso a la banca electrónica, de manera independiente a si utilizan o no teclados virtuales.
El método que utiliza contra los teclados virtuales consiste en realizar una pequeña captura de un área de pantalla, alrededor del cursor del ratón, en el momento que el usuario hace click en la tecla virtual. Adicionalmente, y para que el atacante no tenga la menor duda, el troyano incluye en la imagen capturada una señal en color rojo que indica el punto exacto donde el usuario pinchó con el ratón.
Tanto el log del keylogger en formato texto, como los archivos de imágenes capturadas en formato JPG, son enviadas por FTP al ordenador del atacante. Una vez recibe los datos, el atacante puede hacerse pasar por la víctima y suplantar su identidad en la web de la entidad bancaria.
Este troyano, aunque también afecta a bancos de EE.UU o Portugal, entre otros países, tiene su objetivo mayoritario en entidades españolas y latinoamericanas.
Según países, el troyano se dirige a las siguientes entidades:
ARGENTINA: Banco Hipotecario, Banco de La Pampa, Banco de la Provincia de Buenos Aires, Banco Credicoop Coop. Ltdo., Banco Ciudad de Buenos Aires, Banca Nazionale del Lavoro, ABN AMRO Argentina, Banco Itaú del Buen Ayre, Banco Patagonia, Banco Macro Bansud, BankBoston, Banco RIO, Banco Comafi y Banco del Chubut.

BOLIVIA: Banco Ganadero, Banco BISA, Banco de Crédito de Bolivia, Banco Santa Cruz, Banco Solidario y Banco Central de Bolivia.

BRASIL: Caixa Econômica Federal, Banrisul, Banco do Estado de Santa Catarina, Banco Rural, Santander Banespa, Banco do Brasil, Banparanet, e-tim y CitiBank Brasil.
CABO VERDE: Banco de Cabo Verde
ESPAÑA: Banca March, Bancaja, BBVA, Fibanc, Banco de Valencia, Banesto, Banco Finantia Sofinloc, Banco Espirito Santo, Banco Cetelem, Banco Gallego, Banco Guipuzcoano, Banco Urquijo, Barclays, Banco Popular, Bankoa, Bansacar, Santander Central Hispano, Bbk, Caixa Laietana, Caja Castilla La Mancha, Caja de Extremadura, Caja Granada, Caixa Girona y Caja Murcia.
ESTADOS UNIDOS: Bank of America y Citibank.
PARAGUAY: Interbanco, Banco Amambay, Banco Continental SAECA, Banco Regional, Banco Sudameris, Abogacía del Tesoro y BBVA.
PORTUGAL: Banco de Portugal, Millennium bcp, Banif - Banco Internacional do Funchal, BBVA Portugal, Banco Finantia, Barclays Bank, CitiBank Portugal y Banco Invest.
URUGUAY: BBVA, Nuevo Banco Comercial, Banco Surinvest, BankBoston y CitiBank.
VENEZUELA: Banco Mercantil y Banco Banesco.

Más información del troyano

Winsock -Layered Service Provider (LSP)

Fuente

Hay Anti-spyware que rompe, borra o modifica el Winsock por Layered Service Provider (LSP), lo que origina que no se pueda conectar a Internet, el programa en si no tiene muchas opciones pero vamos a detallar un poco como funciona.
LSP-fix leerá la lista de módulos LSP desde el registro de Windows y verificará que cada módulo esté presente. Si falta  o no encuentra un módulo, es colocado en la lista "Remove" para removerlo del registro de windows.
Los usuarios que no tengan experiencia deberian dejar todo como esta, pero los usuarios con conocimientos podran modificar que modulos remover y cuales no activado la casilla de "I know what I'm doing". REPITO ESTA OPCION ES PARA USUARIOS AVANZADOS, si no sabes lo que haces no lo actives, puedes inutilizar más aún el sistema.

A continuacion pulsa en el boton "Finish",conseguiendo que las entradas no deseadas sean eliminadas, y las entradas restantes serán reenumeradas para hacerlas consecutivas.
El total de módulos contados es actualizado.
Al final el LSP-Fix nos mostrada un detalle de los cambios que hemos realizado.
Para que los cambios surgan efecto debera reiniciar la maquina.

IMPORTANTE
Antes de utilizar el programa es recomendable que haga una copia de seguridad del registro.
1. Haga clic en Inicio y, a continuación, en Ejecutar.
2. En el cuadro Abrir, escriba regedit y, después, haga clic en Aceptar.
3. Localice y, después, haga clic en la subclave que contiene los valores que desea modificar.
4. En el menú Archivo, haga clic en Exportar.
5. En el cuadro Guardar en, seleccione una ubicación donde desea guardar el archivo Entradas de registro (.reg), escriba un nombre de archivo en el cuadro Nombre de archivo y, a continuación, haga clic en Guardar. 

Descargar LSP-Fix

Eli -minadores SATINFO.es

Utilidades Satinfo

ELIFRAME.EXE 1.1

UTILIDAD ESPECIFICA PARA LIMPIAR IFRAME HTM L DEL FINAL DE LOS FICHEROS .GIF Y .JPG INFECTADOS POR POP-UP UNDER ---v1.0--- [sigue]

ELIGEDZA 1.6

Utilidad para combatir virus de Gedzac Labs, especialmente el CAZDEG que presenta en pantalla un mensaje de no ser virus... [sigue]

ELISERV.EXE 1.0

Utilidad para eliminar clave de servicios O23 cuando, tras eliminar fichero correspondiente, no se deja eliminar con FIX CHEC [sigue]

Mcafee Rootkit Detective 1.1

UTILIDAD DE DETECCION DE ROOTKITS Tras descargarla en una carpeta y ejecutarla desde allí, postearnos el contenido del fiche [sigue]

ELIPEN.EXE 1.08

UTILIDAD PARA PROTEGER CONTRA PROPAGACION DE VIRUS DE PENDRIVE A TRAVES DE DICHAS UNIDADES  Ante la progresion de estos viru [sigue]

ELISHELL.EXE 1.0

ELISHELL.EXE ---v1.0---(17 de Julio del 2007)   Comprueba el valor "Shell" de la Clave "HKLM Software Micr [sigue]

ELILESLI.EXE 1.1

Utilidad ELILESLI.EXE para eliminar virus LESLIE (alias ELILES, ITZAR, ELPERFECTO) que llega como MSN.EXE y modifica el TASKM [sigue]

ELINUJA.EXE 1.1

VIRUS NUJAMA alias SPYBOT HISTORIAL del EliNujama Este virus llamado por algunos SPYBOT, nombre que se presta a confusion [sigue]

ELIMALUS.EXE 1.00

ELIMALUS: ELIMINA MALWARE EN USER.INIT UTILIDAD PARA NUEVO MALWARE QUE SE LANZA DESDE EL USER.INIT De bastante dificultad de [sigue]

ELISTRAT.EXE 3.9

ELISTRAT.EXE Utilidad para detecccion y eliminacion virus W32/STRATION @ MM Virus polimorfico que se propaga por e.mail anexa [sigue]  ELRSTRUI.EXE 1.0      ERSTRUI.EXE     "Utillida para acceso a la utilidad de Windows para restaurar un punto de registro de sistema  [sigue]  FIXMS615.EXE 1.0       Tras los problemas ocasionados con el parche MS06-015, como comentamos en Microsoft alerta de problemas con HP despue [sigue]  ELIKLEZ.EXE 1.7     PARA ELIMINACION DEL VIRUS KLEZ SEGUN INDICACIONES: 1.- Bajar el ELIKLEZ.EXE al directorio raiz de C:2.- Desconectar las maq [sigue]  ELIFEEBA.EXE 1.6     Descargas > Utilidades SATINFO ELIFEEBA.EXE 1.4Enviado por msc ho [sigue]  ELIBACTA.EXE 1.2     utilidad para eliminar el virus de P2P W32/BACTERA ---v1.0---( 5 de Marzo del 2006) (para el W32/Bactera.worm!p2p de McAfee [sigue]  ELIAUTO.EXE 1.0     UTILIDAD EXPERIMENTAL ELIAUTO.EXE Para eliminacion de claves de servicios en XP y W2000 que esten instaladas pero no tengan [sigue]  ELIMYWIF.EXE 1.1    Para la familia MYWIFE, especialmente para el MYWIFE.D, dados los múltiples nombres con que es detectado segun cada antivirus, [sigue]  ANTIWMF.EXE 1.0     Eliminador/Restaurador de clave de registro, inicialmente para Windows XP, para evitat con ello la vulnerabilidad del EXPLOIT [sigue]  ELINOTIF.DLL 9.15     DLL COMPLEMENTARIA AL ELISTARA ---v1.5.12.19---(19 de Diciembre del 2005) (Para el VUNDO)---v1.5.12.27---(27 de Diciembre de [sigue]  SPROCESS.EXE 3.1     Utilidad de investigación para visualizar procesos y módulos utilizados por los mismos. CREA LOG DE SALIDA EN C:SPROCLOG.TXT [sigue]

EliLesli

Utilidad ELILESLI para eliminar virus LESLIE (alias ELILES, ITZAR, ELPERFECTO) que llega como MSN.EXE y modifica el TASKMGR.EXE firmandolo al final con el nombre LESLIE y añadiendose al principio el codigo virico, pasando a tener mas de 200 KB.

Crea en la carpeta principal una copia del gusano como C: EL_69.EXE
Además modifica claves del registro que impiden editar el REGEDIT, acceder al TASKMANAGER, ejecutar ficheros desde Inicio->Ejecutar, acceder a MIPC, y cambia el nombre del usuario y organizacion por LESLIE y ELILES, todo lo cual es eliminado por nuestra utilidad

---v1.1---(17 de Septiembre del 2007) (Anulada la Eliminación de "%WinSys%CatRoot2TMP.EDB")

CONDICIONES DE LAS DESCARGAS de UTILIDADES de SATINFO
ESTAS UTILIDADES NO PUEDEN SER OFRECIDAS POR CUALQUIER OTRO MEDIO NI POR NINGUNA OTRA WEB SIN EL CONTRATO POR ESCRITO DE SATINFO AL RESPECTO. EN ESTA WEB SE OFRECEN EN CONCEPTO DE EVALUACION EN EL FORO DE ZONAVIRUS, SIENDO COMO SON, NO COMO PUDIERA PENSARSE QUE DEBERIAN SER, O DESEARSE QUE FUERAN, QUEDANDO ZONAVIRUS.com Y SATINFO, AL IGUAL QUE LOS QUE LAS SUGIRIERAN USAR EN EL FORO de ZONAVIRUS.com, EXIMIDOS DE CUALQUIER RESPONSABILIDAD POR LOS PERJUICIOS QUE PUDIERAN OCASIONAR, Y EN CUALQUIER CASO ES RESPONSABILIDAD DEL USUARIO EL PROBARLAS, SIENDO NECESARIO CONTRATAR CON SATINFO LA LICENCIA DE USO DE LAS MISMAS, PARA SU USO FUERA DE ZONAVIRUS.com

Descargar EliLesli

EliStarA

Satinfo.es
Zonavirus.com

Lista parcial de Malware que elimina.

---
---v16.90-(
8 de Septiembre del 2008) (Muestras de Trojan.Agent.ABUE
"SERVICEPANEL.EXE", Trojan.Agent.ZRE "SVRSE.EXE" y Añadida la Extension
.ZIP a la Exploración de Ficheros)
---v16.91-( 9 de
Septiembre del 2008) (Muestras de (4)PWS-OnLineGames.CKVO, CrackAVNOD
"CRAK.EXE", AdWare.Agent.BN o Vapsup "VANWXEMGNFW.DLL",
Morphine(notify) "__C00B400C.DAT", AutoRun(Recycle) "SERVICE.EXE" y
(2)Exploit.Java.Gimsh.A  "VMAIN y BAAAABAA.CLASS")
---v16.92-(10
de Septiembre del 2008) (Muestras de (3)PWS-OnLineGames.AMVO,
FakeAlert(braviax) "BRAVIAX.EXE", Blackster.B "LPHC*.EXE",
Malware.Cpl32ver, PWS.Y "RUNMGR.EXE", DownLoader.Cutwail "UKBAUB.DLL",
Trojan.Agent.ABUE "SYSPREP.EXE", Spy.Goldun.AXA "MSSQLDB.DLL" y
Trojan.FraudPack "TI87612.EXE")
---v16.93-(12 de
Septiembre del 2008) (Muestras de Dropper(ConHook) "FND0.EXE",
BackDoor.CVT "WIN***32.DLL", AutoRun(Recycle) "SERVICE.EXE",
Trojan.Agent.ABUE "SYMBOOTER.EXE", Trojan.Mondera "TKKYGH.EXE",
Boaxxe(BHO) "CLUSAP.DLL", Trojan.FraudPack "AV2009.EXE" y
Exploit.Wmfap.A "DJIK.EXE")
---v16.94-(12 de Septiembre
del 2008) Versión de emergencia mejorando la anterior en lo que
respecta al DownLoader.Cutwail, incluyendo últimas novedades.
---v16.95-(15
de Septiembre del 2008) (Muestras de (6)PWS-OnLineGames.CKVO,
(3)PWS-OnLineGames.KAVO, (2)Blackster.B "LPHC*.EXE y BLPHC*.EXE",
Malware.Cpl32ver, AutoRun.LWX "WUAUCLT.EXE", Trojan.Agent.BUI
"ADMXPROX32.DLL", Trojan.Agent.ABUE "SYMCFGSRV.EXE", AntiVirus2009
"SCUI.CPL", Trojan.Agent.FPP "NORTON.EXE", Excluido "WinLogonNotify
HBLOGON" y Mejoras para el DownLoader.Cutwail)
---v16.96-(16
de Septiembre del 2008) (Muestras de DownLoader.ConHook,
FakeAlert(braviax) "BRAVIAX.EXE", DownLoader.Cutwail "LUGQGRJK.DLL",
(2)CrawlerToolbar "CTBR.EXE", WinAntispyware2008(dldr) "WINIVSTR.EXE",
RiskTool.PrcView "PROCESS.EXE" y Añadida la Eliminación de los ficheros
"OEMBIOS.EXE y .DLL")
---v16.97-(16 de Septiembre del
2008) (Muestras de (11)PWS-OnLineGames.CKVO, Blackster.B "LPHC*.EXE",
Obfuscated.GX "BALYBELQ.EXE" y (2)Fakealert.Renos.AY "VIDEO1109.CFG.EXE
y MSXML71.DLL")
---v16.98-(17 de Septiembre del 2008)
(Muestras de DownLoader.ConHook, Blackster.B "LPHC*.EXE",
(2)DownLoader.Small.ACES "SVCHOST.EXE", DownLoader.Cutwail
"WINCTRL32.DLL", (2)Trojan.Agent.ABUE "SYMLNSVC y SYMLSMD.EXE",
Spy.Zbot.OemBios "OEMBIOS.EXE" y Fakealert.Renos.AY "MSXML71.DLL")
---v16.99-(18
de Septiembre del 2008) (Muestras de (3)PWS-OnLineGames.AMVO,
(6)PWS-OnLineGames.CKVO, (4)PWS-OnLineGames.KXVO, (2)Blackster.B
"LPHC*.EXE y BLPHC*.EXE", FraudTool.XPAntivirus08(dldr) "RHC*.EXE",
AutoRun.LWX "WUAUCLT.EXE", JuanSearch "NDKJJC.DLL", (2)AutoRun(Recycle)
"SYSTEM y LALALAX.EXE" y DownLoader.BShooterEgypt "BRICKSHOOTER.EXE")
---v17.00-(19
de Septiembre del 2008) (Muestras de (4)PWS-OnLineGames.AMVO,
(18)PWS-OnLineGames.CKVO, (2)PWS-OnLineGames.KAVO y DownLoader.Cutwail
"OHHTOGO.DLL")
---v17.01-(22 de Septiembre del 2008)
(Muestras de Vundo9, (6)Vundo5, (2)DownLoader.ConHook,
(3)PWS-OnLineGames.CKVO, Blackster.B "LPHC*.EXE",
FraudTool.XPAntivirus08(dldr) "RHC*.EXE", (2)JuanSearch,
AutoRun(Recycle) "EMACS.EXE", MyWebSearch "NPMYWEBS.DLL",
InvisibleKeyLogger.R "ZIPDLL.DLL", VunDrop "MSPDTC.DLL",
Trojan.Agent.AEAW "DSD.EXE" y Corregida Falsa Detección con MZVKDB.DLL
de Kaspersky)
---v17.02-(23 de Septiembre del 2008)
(Muestras de Vundo5, (2)DownLoader.ConHook, (2)PWS-OnLineGames.CKVO,
Blackster.B "LPHC*.EXE", Trojan.Agent.ABUE "SYMCLIENT.EXE")
---v17.03-(23
de Septiembre del 2008) (Muestras de (3)PWS-OnLineGames.AMVO y
AutoRun.NZ "SSDPDISCOVV.EXE", FraudTool.XPAntivirus08(dldr) "RHC*.EXE"
y YahLover "LOCALE.EXE")

---v17.04-(25 de Septiembre del
2008) (Muestras de (2)Vundo5, (2)Blackster.B "LPHC*.EXE",
DownLoader.Small.UYL "CFTMON.EXE", DownLoader.Small.ACES "SVCHOST.EXE",
Malware.Cpl32ver, AutoRun.LWX "WUAUCLT.EXE", Sfkeylogger "KLG.EXE" y
Malware.Heuric "VIRUS W32.HEURIC.EXE")
---v17.05-(26 de
Septiembre del 2008) (Muestras de PWS-OnLineGames.CKVO,
FraudTool.XPAntivirus08(dldr) "RHC*.EXE", AdWare.BHO.CRZ(dropper)
"UOYZSYDZ.EXE", Kobcka "RS32NET.EXE" y Dropper.SID "AUTORUNME.EXE")
---v17.06-(26
de Septiembre del 2008) (Muestras de NaviPromo, (4)FakeAlert.YUR
"YUR*.EXE", (4)AdWare.Agent.BN o Vapsup y (2)ZangoSA "JOLIN.DLL y
ALOJA.EXE")
---v17.07-(29 de Septiembre del 2008)
(Muestras de NaviPromo, Blackster.B "LPHC*.EXE", AdWare.Agent.BN o
Vapsup, AntiVirus2009 "AV2009.EXE", Fakealert.Renos.AY "MSXML71.DLL",
DownLoader.Agent.AHQZ "SYSTEMINIT.EXE", FraudPack.ADA
"IEEXPLORER32.EXE", Obfuscator.BE "WINSRC.DLL" y (2)DownLoader.Renos.DU
"C-SETUP.EXE y GPATBS.DLL")
---v17.08-(30 de Septiembre
del 2008) (Muestras de Vundo9, Vundo5, (3)PWS-OnLineGames.AMVO,
Blackster.B "LPHC*.EXE", JuanSearch, DownLoader.Small.ACES
"SVCHOST.EXE", AutoRun(Recycle) "GRINDER.EXE", MediaBack.G "ROOT.DLL",
Dialer-RAS "SCDATA.DLL", (6)Malware.TDSS, Rootkit.EIG "HUADIO.TMP" y
Malware.PRScheduler)

CONDICIONES DE LAS DESCARGAS de UTILIDADES de SATINFO

ESTAS UTILIDADES NO PUEDEN SER OFRECIDAS POR CUALQUIER OTRO MEDIO NI POR NINGUNA OTRA WEB SIN EL CONTRATO POR ESCRITO DE SATINFO AL RESPECTO. EN ESTA WEB SE OFRECEN EN CONCEPTO DE EVALUACION EN EL FORO DE ZONAVIRUS, SIENDO COMO SON, NO COMO PUDIERA PENSARSE QUE DEBERIAN SER, O DESEARSE QUE FUERAN, QUEDANDO ZONAVIRUS.com Y SATINFO, AL IGUAL QUE LOS QUE LAS SUGIRIERAN USAR EN EL FORO de ZONAVIRUS.com, EXIMIDOS DE CUALQUIER RESPONSABILIDAD POR LOS PERJUICIOS QUE PUDIERAN OCASIONAR, Y EN CUALQUIER CASO ES RESPONSABILIDAD DEL USUARIO EL PROBARLAS, SIENDO NECESARIO CONTRATAR CON SATINFO LA LICENCIA DE USO DE LAS MISMAS, PARA SU USO FUERA DE ZONAVIRUS.com

Descargar EliStarA  Tamaño: 409,01 Kb.

Defragmenters

Source

Unlike Linux file systems, NTFS gets fragmented over time and use.
To develope a decent file system that doesn't need defragging is something
that should definitely be sorted out. Its definitely Microsoft's fault... no
doubt.
Larger and faster drives have minimized the impact of fragmentation.
The Windows file system tends to fragment files all on its own to a
small degree, but fragmentation starts for real when the drive starts
to get full—as in over 70%.
As the drive fills up, the larger areas of
free space become scarce and the file system has no choice but to
splatter large files around the disk.
As the drive gets really full
(over 90%), the file system then starts to fragment the MFT and the
Pagefile.
Now you've got a full drive, with lots of fragmented files,
making the job of the defragmenter nearly impossible because it also
needs space to do its job.
A drive more than 80%
full is fast not defragmentable. You can see that effect with huge hard disk
drives, since they generally use smaller percentages of the drive's
total free space. A side-effect is that the overall fragmentation is
reduced, and the fact that these drives have faster seek times makes
the effect even less noticeable.

Special comparison:

I have 3 partitions, system C, data D & E on a single HDD on this
PC. Uncompressed, unshadowed, just the plain old NTFS. The partitions
were never defragged in a life of HD (1,5 years). Here's the
"Fragmentation Analysis" results from a couple of popular defraggers
(latest versions of course) - C, D and E respectively -

1. SmartDefrag - 55%, 42%, 44%
2. PerfectDisk - 4%, 5.5%, 7%
3. Diskeeper - 32%, 14%, 78%

Defraggers:
Puran, PerfectDisk, SmartDefrag, O&O, JKDefrag, UltimateDefrag, Diskkeeper, Defraggler
Best combination?: Puran+UltimateDefrag
Maybe: O&O and JKDEFRAG
My defragger: Defraggler

Smart Placement orders the files from the oldest created/modified to
the newest. It does not take in account the last access date.

This means that on the faster tracks will be placed those files that
are almost never modified and in the slower tracks will be placed your
newly created files and those that are modified more frequently.

With PD you do not gain speed at your most often tasks on the contrary you loose it.

PD defragmentation method is great for servers but is almost useless on a common use modern system.


On the other hand Puran Defrag and Smart Defrag will speed your drive,
since they place 1st the directories, 2nd the last accessed files, 3rd
a small free space (1-2gb) which will be used for the temp files and
the more frequently modified files, 4th every other file and 5th a
large free space chunk.


O&O gives detailed advice on what strategy to use. The choices are far more
than what other defraggers offer and when done right, O&O excels in
terms of performance. German Software, was soll denn!

Minimalistic solution:
Use Contig together with the Power Defragmenter GUI for Contig. Plus Pagedefrag when necessary. Also wipe free space with Blowfish Advanced.

Contig 1.54
Power Defragmenter GUI for Contig
Pagedefrag

Freeware for modifying the attributes of
files and directories:

Attribute Changer 6.0a


SetFileDate 2.0

The safest browser in Windows

"Browsers are as good as their users"

The browser is only as safe as the user who use adecuately all the possible security mechanismus of the browser!

Firefox can be very unsafe if someone (who doesnt know anything) does not configure it.


Opera performed better when tried/tested by visiting the "Darkest side of the Net":
i.e. heavily infected Russian, Chinese, XXX sites, etc.
And the rest of browsers: Crashed or frozen.
Special security add-ons as NoScript, AdBlock/Plus, etc. make Firefox the safest browser.
Under Linux and other GNU/Unix variants (all BSDs or perhaps OSX) and their browsers you can explore the web without the typical viral problems of the MS world!

SmitFraudFix

SmitFraudFix v2.xxx (WinXP, Win2K)

This tool removes Desktop Hijack malware:

Advanced Antivirus, AdwarePunisher, AdwareSheriff, AlphaCleaner, AntiSpyCheck, AntiSpyware Expert, Antispyware Soldier, AntiVermeans, AntiVermins, AntiVerminser, AntiVirGear, Antivirus 2009, AntiVirus Lab 2009, Antivirus Master, Antivirus XP 2008, AntivirusGolden, AVGold, Awola, BraveSentry, IE Defender, Internet Antivirus, MalwareCrush, MalwareWipe, MalwareWiped, MalwaresWipeds, MalwareWipePro, MalwareWiper, Micro Antivirus 2009, MS Antivirus, PestCapture, PestTrap, Power Antivirus, Power-Antivirus-2009, PSGuard, quicknavigate.com, Registry Cleaner, Security iGuard, Smart Antivirus 2009, Smitfraud, SpyAxe, SpyCrush, SpyDown, SpyFalcon, SpyGuard, SpyHeal, SpyHeals, SpyLocked, SpyMarshal, SpySheriff, SpySoldier, Spyware Vanisher, Spyware Soft Stop, SpywareLocked, SpywareQuake, SpywareKnight, SpywareRemover, SpywareSheriff, SpywareStrike, Startsearches.net, System Antivirus 2008, TheSpyBot, TitanShield Antispyware, Total Secure 2009, Trust Cleaner, Ultimate Antivirus 2008, UpdateSearches.com, Virtual Maid, Virus Heat, Virus Protect, Virus Protect Pro, VirusBlast, VirusBurst, VirusRay, VirusResponse Lab 2009, Win32.puper, WinHound, Vista Antivirus 2008, XP Security Center, XPert Antivirus, Brain Codec, ChristmasPorn, DirectAccess, DirectVideo, EliteCodec, eMedia Codec, EZVideo, FreeVideo, Gold Codec, HQ Codec, iCodecPack, IECodec, iMediaCodec, Image ActiveX Object, Image Add-on, IntCodec, iVideoCodec, JPEG Encoder, Key Generator, LookForPorn, Media-Codec, MediaCodec, MMediaCodec, MovieCommander, MPCODEC, My Pass Generator, NetProject, Online Image Add-on, Online Video Add-on, PCODEC, Perfect Codec, PowerCodec, PornPass Manager, PornMag Pass, PrivateVideo, QualityCodec, Silver Codec, SearchPorn, SiteEntry, SiteTicket, SoftCodec, strCodec, Super Codec, TrueCodec, VideoAccess, VideoBox, VidCodecs, Video Access ActiveX Object, Video ActiveX Object, Video Add-on, VideoCompressionCodec, VideoKeyCodec, VideosCodec, WinAntiSpyPro, WinMediaCodec, X Password Generator, X Password Manager, ZipCodec...

Download:

Use this URL to download the latest version (the file contains both English and French versions):
http://siri.urz.free.fr/Fix/SmitfraudFix.exe

Mirrors: Alternate official download locations for Smitfraudfix.zip
http://siri.geekstogo.com/SmitfraudFix.exe
http://downloads.securitycadets.com/SmitfraudFix.exe
Zebulon.fr

Use:

• Search:

  • Double-click SmitfraudFix.exe
  • Select 1 and hit Enter to create a report of the infected files. The report can be found at the root of the system drive, usually at C:\rapport.txt



• Clean:

  • Reboot your computer in Safe Mode (before the Windows icon appears, tap the F8 key continually)
  • Double-click SmitfraudFix.exe
  • Select 2 and hit Enter to delete infect files.
  • You will be prompted: Do you want to clean the registry ? answer Y (yes) and hit Enter in order to remove the Desktop background and clean registry keys associated with the infection.
  • The tool will now check if wininet.dll is infected. You may be prompted to replace the infected file (if found): Replace infected file ? answer Y (yes) and hit Enter to restore a clean file.
  • A reboot may be needed to finish the cleaning process. The report can be found at the root of the system drive, usually at C:\rapport.txt



• Optional:

  • To restore Trusted and Restricted site zone, select 3 and hit Enter.
  • You will be prompted: Restore Trusted Zone ? answer Y (yes) and hit Enter to delete trusted zone.

Note:

process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool". It is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.

http://www.beyondlogic.org/consulting/processutil/processutil.htm

Ewido | AVG anti-spyware

How to remove Ewido anti-spyware

---

Did you use the ewido or AVG Anti-Spyware Software in the past?

For the case you used the ewido Software, please check in your program
files folder for the ewido installation folder.
Default path is
(Example here for english Version of Windows):

C:\program files\ewido anti-spyware 4.0

older ewido Versions have other Installations folders, e.g:

C:\program files\ewido anti-malware

For the case you used AVG Anti-Spyware, then please locate the
installation folder of AVG Anti-Spyware in your program files folder:

C:\program files\Grisoft\AVG Anti-Spyware 7.5

and then run there the uninstall.exe file to start the uninstallation
of the Software, if you deleted manually the Folders and files, but you
still get Errors during the Installation of AVG 8, please follow there
steps:

If you want to uninstall the ewido Software:

- Download the Setup for the ewido Anti-Spyware Version 4 from this website:

http://filehippo.com/download_avg_antispyware/1331/

- Run the downloaded installer and install the ewido Software on your System

- Restart Windows.

- After the restart and if there are any open ewido Windows or System Tray Icons, please close them.

- Now locate the installation folder of the ewido Software in your
program files folder (C:\program files\ewido anti-spyware) and run the
uninstall.exe file to start the uninstallation process.

- Now restart Windows again.

---------------------------------------------------------

If you want to uninstall the AVG Anti-Spyware Software:

The same steps, but instead of downloading and installing the ewido
Software, you have to download and install the AVG Anti-Spyware
Software from an other URL:

http://filehippo.com/download_avg_antispyware/

Residential gateway

From DSL router

This article is about the types of network routers and modems found in many homes, known colloquially as "residential gateways".

There are multiple devices that have been described as "residential
gateways," each with a quite different function. Each type of device
allows the connection of a LAN (used in the home) to a WAN (wide area network).
The WAN can be the "Internet" or can merely be a larger LAN of which
the home is a part (such as a municipal WAN that provides connectivity
to the residences within the municipality).

The term "residential gateway" was originally used to distinguish
the inexpensive networking devices designated for use in the home from
similar devices used in corporate LAN environments (which generally
offered a greater array of capabilities). In recent years, however, the
less expensive "residential gateways" have gained many of the
capabilities of corporate gateways and the distinctions are fewer. Many
home LANs now are able to provide most of the functions of small
corporate LANs.
Therefore the term "residential gateway" is becoming obsolete and
merely implies a less expensive, lower capability networking device.
Multiple devices have been described as "residential gateways":

• Cable Modems
• DSL modems
• Routers or wireless routers
• Switch
• VoIP ATA
• Wireless access points
• Or, Any combination of the above

Types
A router provides:

• IP address routing
• network address translation (NAT)
• DHCP functions
• firewall functions
• LAN connectivity like a network switch

Most routers are self-contained components, using internally-stored
firmware. They are generally OS-independent (i.e. can be used with any operating system).

________________________________________

• Wireless routers
  perform the same functions as a router, but also allows connectivity
  for wireless devices with the LAN, or between the wireless router and
  another wireless router. (The wireless router-wireless router
  connection can be within the LAN or can be between the LAN and a WAN).
• A modem (or ADSL modem)
  provides none of the functions of a router. It merely allows digital
  Ethernet data traffic to be modulated into analogue information
  suitable for transmission across telephone lines, cable wires, optical
  fibers, or wireless radio frequencies. On the receiving end is another
  modem that re-converts the transmission format back into digital data
  packets.
• This allows network bridging using telephone, cable, optical, and
  radio connection methods. The modem also provides handshake protocols,
  so that the devices on each end of the connection are able to recognize
  each other. However, a modem generally provides few other network
  functions.

• A USB
  modem plugs into a single PC and allow connection of that single PC to
  a WAN. If properly configured, the PC can also function as the router
  for a home LAN.
• An internal modem can be installed on a single PC (e.g. on a PCI card), also allowing that single PC to connect to a WAN. Again, the PC can be configured to function as a router for a home LAN.

• A wireless access point
  can function in a similar fashion to a modem. It can allow a direct
  connection from a home LAN to a WAN, if a wireless router or access
  point is present on the WAN as well.

Source

Super Ubuntu is an operating system based on Ubuntu. Its main goal is to provide an ‘Out of the Box’ experience, containing various enhancements over Ubuntu. It is made with remastersys

Features

• Updated frequently: Super Ubuntu is released every month, including new updates for the operating system and also for the additional software.
• Multimedia support: Super Ubuntu is prepackaged with support for MP3 files and video-DVDs by default, it also includes additional codecs, and additional media players (VLC Media Player and MPlayer)
• Support for Microsoft Office 2007 file formats: Super Ubuntu includes odf-converter-integrator, which allows users to open files created with Microsoft Office 2007.
• Improved Internet Experience: It includes an additional web browser (Opera), Adobe Flash Player, more communication software (aMSN, Skype and Mozilla Thunderbird) and P2P software (aMule)
• Additional software: It also includes Adobe Reader, GParted, Wine, the GUI for Uncomplicated Firewall, and other software.

Super Ubuntu is available as an ISO image, but also as a VMware image (VMDK) and VirtualBox image.

SOHO connectivity devices

Small Office Home Office (SOHO)
Main article: Residential gateway

Residential gateways (often called routers) are frequently used in homes to connect to a broadband service, such as IP over cable or DSL. A home router may allow connectivity to an enterprise via a secure Virtual Private Network.
While functionally similar to routers, residential gateways use port address translation in addition to routing. Instead of connecting local computers to the remote network directly, a residential gateway makes multiple local computers appear to be a single computer.

A wireless router is a network device that performs the functions of a router but also includes the functions of a wireless access point. It is commonly used to allow access to the Internet or a computer network without the need for a cabled connection. It can function in a wired LAN (local area network), a wireless only LAN, or a mixed wired/wireless network. Most current wireless routers have the following characteristics:

• LAN ports, which function in the same manner as the ports of a network switch
• A WAN port, to connect to a wider area network. The routing functions are filtered using this port. If it is not used, many functions of the router will be bypassed.
• Wireless antennae. These allow connections from other wireless devices (NICs (network interface cards), wireless repeaters, wireless access points, and wireless bridges, for example).

Wireless routers have become popular in recent years because they allow you to connect to a network from anywhere in your home or office, and you don't have to worry about the large mess of cables and wires which are associated with traditional wired networks. In addition to this, many wired networks require holes to be drilled in walls so the network can be transferred from one floor or room to another, an expensive and time consuming process.
A wireless network bypasses these issues entirely. For many people, a wireless network is the only way they can route their internet connection from one location to another. A wireless network is excellent for situations where you wish to use your laptop in any location of your home, whether it is the kitchen or the bathroom.The wireless router can be thought of as the very heart of the wireless network, and it unctions in the same manner as a cordless phone base station. What most people refer to as being a wireless router is actually a device that has dual functions, which includes the access point, and the router itself.
The access point will be responsible for connecting the computers in the facility to one another, and it will then connect all of these to the Internet. An office which is substantially large in size may have access points or routers which are stored in distinct boxes to obtain a larger range via the network. However, these are more expensive than the typical wireless router, because they have a much larger range.

WAP functions
The wireless functions operate as a separate nested "mini-LAN" within the router. The devices that connect wirelessly use the wireless router as their hub, and the wireless router presents that "mini-LAN" as a single device to the rest of the LAN. This mini-LAN has the same features as discrete WAPs have.
Wireless routers, access points, and bridges are available that utilize each of the commonly used wireless frequencies (used in the Wireless-B, Wireless-A (and -G), and Wireless-N standards). The frequency bands for these wireless standards can be used license-free in most countries.
Wireless routers can work with devices in a point-to-point mode, but more commonly functions in a point to multipoint mode.
Wireless devices used that communicate with the wireless router must be set to the same service set identifier (SSID) and radio channel.

Firewalls: History, types and technique

Firewall technology emerged in the late 1980s when the Internet was a fairly new technology in terms of its global use and connectivity. The predecessors to firewalls for network security were the routers used in the late 1980s to separate networks from one another. The view of the Internet as a relatively small community of compatible users who valued openness for sharing and collaboration was ended by a number of major internet security breaches, which occurred in the late 1980s:

• Clifford Stoll's discovery of German spies tampering with his system

• Bill Cheswick's "Evening with Berferd" 1992 in which he set up a simple electronic jail to observe an attacker

• In 1988 an employee at the NASA Ames Research Center in California sent a memo by email to his colleagues that read,

“

We are currently under attack from an Internet VIRUS! It has hit Berkeley, UC San Diego, Lawrence Livermore, Stanford, and NASA Ames.

”

• The Morris Worm spread itself through multiple vulnerabilities in the machines of the time. Although it was not malicious in intent, the Morris Worm was the first large scale attack on Internet security; the online community was neither expecting an attack nor prepared to deal with one.

First generation - packet filters
The first paper published on firewall technology was in 1988, when engineers from Digital Equipment Corporation (DEC) developed filter systems known as packet filter firewalls. This fairly basic system was the first generation of what would become a highly evolved and technical internet security feature. At AT&T Bell Labs, Bill Cheswick and Steve Bellovin were continuing their research in packet filtering and developed a working model for their own company based upon their original first generation architecture.
Packet filters act by inspecting the "packets" which represent the basic unit of data transfer between computers on the Internet. If a packet matches the packet filter's set of rules, the packet filter will drop (silently discard) the packet, or reject it (discard it, and send "error responses" to the source).
This type of packet filtering pays no attention to whether a packet is part of an existing stream of traffic (it stores no information on connection "state"). Instead, it filters each packet based only on information contained in the packet itself (most commonly using a combination of the packet's source and destination address, its protocol, and, for TCP and UDP traffic, the port number).
TCP and UDP protocols comprise most communication over the Internet, and because TCP and UDP traffic by convention uses well known ports for particular types of traffic, a "stateless" packet filter can distinguish between, and thus control, those types of traffic (such as web browsing, remote printing, email transmission, file transfer), unless the machines on each side of the packet filter are both using the same non-standard ports.

Second generation - "stateful" filters
Main article: stateful firewall
From 1989-1990 three colleagues from AT&T Bell Laboratories, Dave Presetto, Janardan Sharma, and Kshitij Nigam developed the second generation of firewalls, calling them circuit level firewalls.
Second Generation firewalls in addition regard placement of each individual packet within the packet series. This technology is generally referred to as a stateful firewall as it maintains records of all connections passing through the firewall and is able to determine whether a packet is either the start of a new connection, a part of an existing connection, or is an invalid packet. Though there is still a set of static rules in such a firewall, the state of a connection can in itself be one of the criteria which trigger specific rules.
This type of firewall can help prevent attacks which exploit existing connections, or certain Denial-of-service attacks.

Third generation - application layer
Main article: application layer firewall
Publications by Gene Spafford of Purdue University, Bill Cheswick at AT&T Laboratories, and Marcus Ranum described a third generation firewall known as an application layer firewall, also known as a proxy-based firewall. Marcus Ranum's work on the technology spearheaded the creation of the first commercial product. The product was released by DEC who named it the DEC SEAL product. DEC’s first major sale was on June 13, 1991 to a chemical company based on the East Coast of the USA.
The key benefit of application layer filtering is that it can "understand" certain applications and protocols (such as File Transfer Protocol, DNS, or web browsing), and it can detect whether an unwanted protocol is being sneaked through on a non-standard port or whether a protocol is being abused in a known harmful way.

Subsequent developments
In 1992, Bob Braden and Annette DeSchon at the University of Southern California (USC) were refining the concept of a firewall. The product known as "Visas" was the first system to have a visual integration interface with colours and icons, which could be easily implemented to and accessed on a computer operating system such as Microsoft's Windows or Apple's MacOS. In 1994 an Israeli company called Check Point Software Technologies built this into readily available software known as FireWall-1.
The existing deep packet inspection functionality of modern firewalls can be shared by Intrusion-prevention systems (IPS).
Currently, the Middlebox Communication Working Group of the Internet Engineering Task Force (IETF) is working on standardizing protocols for managing firewalls and other middleboxes.

Types
There are several classifications of firewalls depending on where the communication is taking place, where the communication is intercepted and the state that is being traced.

Network layer and packet filters
Network layer firewalls, also called packet filters, operate at a relatively low level of the TCP/IP protocol stack, not allowing packets to pass through the firewall unless they match the established rule set. The firewall administrator may define the rules; or default rules may apply. The term "packet filter" originated in the context of BSD operating systems.
Network layer firewalls generally fall into two sub-categories, stateful and stateless. Stateful firewalls maintain context about active sessions, and use that "state information" to speed packet processing. Any existing network connection can be described by several properties, including source and destination IP address, UDP or TCP ports, and the current stage of the connection's lifetime (including session initiation, handshaking, data transfer, or completion connection). If a packet does not match an existing connection, it will be evaluated according to the ruleset for new connections. If a packet matches an existing connection based on comparison with the firewall's state table, it will be allowed to pass without further processing.
Stateless firewalls require less memory, and can be faster for simple filters that require less time to filter than to look up a session. They may also be necessary for filtering stateless network protocols that have no concept of a session. However, they cannot make more complex decisions based on what stage communications between hosts have reached.
Modern firewalls can filter traffic based on many packet attributes like source IP address, source port, destination IP address or port, destination service like WWW or FTP. They can filter based on protocols, TTL values, netblock of originator, domain name of the source, and many other attributes.
Commonly used packet filters on various versions of Unix are ipf (various), ipfw (FreeBSD/Mac OS X), pf (OpenBSD, and all other BSDs), iptables/ipchains (Linux).

Application-layer
Main article: Application layer firewall
Application-layer firewalls work on the application level of the TCP/IP stack (i.e., all browser traffic, or all telnet or ftp traffic), and may intercept all packets traveling to or from an application. They block other packets (usually dropping them without acknowledgement to the sender). In principle, application firewalls can prevent all unwanted outside traffic from reaching protected machines.
On inspecting all packets for improper content, firewalls can restrict or prevent outright the spread of networked computer worms and trojans. In practice, however, this becomes so complex and so difficult to attempt (given the variety of applications and the diversity of content each may allow in its packet traffic) that comprehensive firewall design does not generally attempt this approach.
The XML firewall exemplifies a more recent kind of application-layer firewall.

Proxies
Main article: Proxy server
A proxy device (running either on dedicated hardware or as software on a general-purpose machine) may act as a firewall by responding to input packets (connection requests, for example) in the manner of an application, whilst blocking other packets.
Proxies make tampering with an internal system from the external network more difficult and misuse of one internal system would not necessarily cause a security breach exploitable from outside the firewall (as long as the application proxy remains intact and properly configured). Conversely, intruders may hijack a publicly-reachable system and use it as a proxy for their own purposes; the proxy then masquerades as that system to other internal machines. While use of internal address spaces enhances security, crackers may still employ methods such as IP spoofing to attempt to pass packets to a target network.

Network address translation
Main article: Network address translation
Firewalls often have network address translation (NAT) functionality, and the hosts protected behind a firewall commonly have addresses in the "private address range", as defined in RFC 1918

. Firewalls often have such functionality to hide the true address of protected hosts. Originally, the NAT function was developed to address the limited number of IPv4 routable addresses that could be used or assigned to companies or individuals as well as reduce both the amount and therefore cost of obtaining enough public addresses for every computer in an organization. Hiding the addresses of protected devices has become an increasingly important defense against network reconnaissance.

See: Comparison of firewalls

Computer security is a branch of technology known as information security as applied to computers.
The objective of computer security varies and can include protection of
information from theft or corruption, or the preservation of
availability, as defined in the security policy.
Computer security imposes requirements on computers that are
different from most system requirements because they often take the
form of constraints on what computers are not supposed to do. This
makes computer security particularly challenging because it is hard
enough just to make computer programs do everything they are designed
to do correctly. Furthermore, negative requirements are deceptively
complicated to satisfy and require exhaustive testing to verify, which
is impractical for most computer programs. Computer security provides a
technical strategy to convert negative requirements to positive
enforceable rules. For this reason, computer security is often more
technical and mathematical than some computer science fields.
Typical approaches to improving computer security (in approximate order of strength) can include the following:

• Physically limit access to computers to only those who will not compromise security.
• Hardware mechanisms that impose rules on computer programs, thus avoiding depending on computer programs for computer security.
• Operating system mechanisms that impose rules on programs to avoid trusting computer programs.
• Programming strategies to make computer programs dependable and resist subversion.

1.Secure Operating Systems
One use of the term computer security refers to technology to implement a secure operating system.
Much of this technology is based on science developed in the 1980s and
used to produce what may be some of the most impenetrable operating
systems ever. Though still valid, the technology is in limited use
today, primarily because it imposes some changes to system management
and also because it is not widely understood. Such ultra-strong secure
operating systems are based on operating system kernel
technology that can guarantee that certain security policies are
absolutely enforced in an operating environment. An example of such a Computer security policy is the
Bell-LaPadula model: The strategy is based on a coupling of special microprocessor hardware features, often involving the memory management unit,
to a special correctly implemented operating system kernel. This forms
the foundation for a secure operating system which, if certain critical
parts are designed and implemented correctly, can ensure the absolute
impossibility of penetration by hostile elements. This capability is
enabled because the configuration not only imposes a security policy,
but in theory completely protects itself from corruption. Ordinary
operating systems, on the other hand, lack the features that assure
this maximal level of security. The design methodology to produce such
secure systems is precise, deterministic and logical.

Systems designed with such methodology represent the state of the
art of computer security although products using such security are not
widely known. In sharp contrast to most kinds of software, they meet
specifications with verifiable certainty comparable to specifications
for size, weight and power. Secure operating systems designed this way
are used primarily to protect national security information, military
secrets, and the data of international financial institutions. These
are very powerful security tools and very few secure operating systems
have been certified at the highest level (Orange Book
A-1) to operate over the range of "Top Secret" to "unclassified"
(including Honeywell SCOMP, USAF SACDIN, NSA Blacker and Boeing MLS
LAN.) The assurance of security depends not only on the soundness of
the design strategy, but also on the assurance of correctness of the
implementation, and therefore there are degrees of security strength
defined for COMPUSEC. The Common Criteria
quantifies security strength of products in terms of two components,
security functionality and assurance level (such as EAL levels), and
these are specified in a Protection Profile for requirements and a Security Target
for product descriptions. None of these ultra-high assurance secure
general purpose operating systems have been produced for decades or
certified under the Common Criteria.

In USA parlance, the term High Assurance usually suggests the system
has the right security functions that are implemented robustly enough
to protect DoD and DoE classified information. Medium assurance
suggests it can protect less valuable information, such as income tax
information. Secure operating systems designed to meet medium
robustness levels of security functionality and assurance have seen
wider use within both government and commercial markets. Medium robust
systems may provide the same the security functions as high assurance
secure operating systems but do so at a lower assurance level (such as
Common Criteria levels EAL4 or EAL5). Lower levels mean we can be less
certain that the security functions are implemented flawlessly, and
therefore less dependable. These systems are found in use on web
servers, guards, database servers, and management hosts and are used
not only to protect the data stored on these systems but also to
provide a high level of protection for network connections and routing
services.

2.Security Architecture
Security Architecture can be defined as the design artifacts that
describe how the security controls (security countermeasures) are
positioned, and how they relate to the overall information technology
architecture. These controls serve the purpose to maintain the system's
quality attributes, among them confidentiality, integrity, availability, accountability and assurance."^[1].
In simpler words, a security architecture is the plan that shows where
security measures need to be placed. If the plan describes a specific
solution then, prior to building such a plan, one would make a risk
analysis. If the plan describes a generic high level design (reference
architecture) then the plan should be based on a threat analysis.

3.Security by Design
The technologies of computer security are based on logic.
There is no universal standard notion of what secure behavior is.
"Security" is a concept that is unique to each situation. Security is
extraneous to the function of a computer application, rather than
ancillary to it, thus security necessarily imposes restrictions on the
application's behavior.
There are several approaches to security in computing, sometimes a combination of approaches is valid:

1. Trust all the software to abide by a security policy but the software is not trustworthy (this is computer insecurity).
2. Trust all the software to abide by a security policy and the
   software is validated as trustworthy (by tedious branch and path
   analysis for example).
3. Trust no software but enforce a security policy with mechanisms that are not trustworthy (again this is computer insecurity).
4. Trust no software but enforce a security policy with trustworthy mechanisms.

Many systems have unintentionally resulted in the first possibility.
Since approach two is expensive and non-deterministic, its use is very
limited. Approaches one and three lead to failure. Because approach
number four is often based on hardware mechanisms and avoids
abstractions and a multiplicity of degrees of freedom, it is more
practical. Combinations of approaches two and four are often used in a
layered architecture with thin layers of two and thick layers of four.
There are myriad strategies and techniques used to design security
systems. There are few, if any, effective strategies to enhance
security after design.
One technique enforces the principle of least privilege to great extent, where an entity has only the privileges that are needed for its function. That way even if an attacker gains access to one part of the system, fine-grained security ensures that it is just as difficult for them to access the rest.
Furthermore, by breaking the system up into smaller components, the
complexity of individual components is reduced, opening up the
possibility of using techniques such as automated theorem proving to prove the correctness of crucial software subsystems. This enables a closed form solution
to security that works well when only a single well-characterized
property can be isolated as critical, and that property is also
assessable to math. Not surprisingly, it is impractical for generalized
correctness, which probably cannot even be defined, much less proven.
Where formal correctness proofs are not possible, rigorous use of code review and unit testing represent a best-effort approach to make modules secure.
The design should use "defense in depth",
where more than one subsystem needs to be violated to compromise the
integrity of the system and the information it holds. Defense in depth
works when the breaching of one security measure does not provide a
platform to facilitate subverting another. Also, the cascading
principle acknowledges that several low hurdles does not make a high
hurdle. So cascading several weak mechanisms does not provide the
safety of a single stronger mechanism.
Subsystems should default to secure settings, and wherever possible
should be designed to "fail secure" rather than "fail insecure" (see fail safe
for the equivalent in safety engineering). Ideally, a secure system
should require a deliberate, conscious, knowledgeable and free decision
on the part of legitimate authorities in order to make it insecure.
In addition, security should not be an all or nothing issue. The
designers and operators of systems should assume that security breaches
are inevitable. Full audit trails
should be kept of system activity, so that when a security breach
occurs, the mechanism and extent of the breach can be determined.
Storing audit trails remotely, where they can only be appended to, can
keep intruders from covering their tracks. Finally, full disclosure helps to ensure that when bugs are found the "window of vulnerability" is kept as short as possible.

Early history of security by design
The early Multics
operating system was notable for its early emphasis on computer
security by design, and Multics was possibly the very first operating
system to be designed as a secure system from the ground up. In spite
of this, Multics' security was broken, not once, but repeatedly. The
strategy was known as 'penetrate and test' and has become widely known
as a non-terminating process that fails to produce computer security.
This led to further work on computer security that prefigured modern security engineering techniques producing closed form processes that terminate.

4.Secure coding
Seacord, "Secure Coding in C and C++"

5.Capabilities vs. ACLs
Within computer systems, the two fundamental means of enforcing privilege separation are access control lists (ACLs) and capabilities. The semantics of ACLs have been proven to be insecure in many situations (e.g., Confused deputy problem).
It has also been shown that ACL's promise of giving access to an object
to only one person can never be guaranteed in practice. Both of these
problems are resolved by capabilities. This does not mean practical
flaws exist in all ACL-based systems, but only that the designers of
certain utilities must take responsibility to ensure that they do not
introduce flaws.
Unfortunately, for various historical reasons, capabilities have been mostly restricted to research operating systems
and commercial OSs still use ACLs. Capabilities can, however, also be
implemented at the language level, leading to a style of programming
that is essentially a refinement of standard object-oriented design. An
open source project in the area is the E language.
First the Plessey System 250 and then Cambridge CAP computer
demonstrated the use of capabilities, both in hardware and software, in
the 1970s, so this technology is hardly new. A reason for the lack of
adoption of capabilities may be that ACLs appeared to offer a 'quick
fix' for security without pervasive redesign of the operating system
and hardware.
The most secure computers are those not connected to the Internet
and shielded from any interference. In the real world, the most
security comes from operating systems where security is not an add-on, such as OS/400 from IBM.
This almost never shows up in lists of vulnerabilities for good reason.
Years may elapse between one problem needing remediation and the next.
A good example of a secure system is EROS.
But see also the article on secure operating systems.
TrustedBSD is an example of an open source project with a goal, among other things, of building capability functionality into the FreeBSD operating system. Much of the work is already done.

Applicattions
Computer security is critical in almost any technology-driven
industry which operates on computer systems. The issues of computer
based systems and addressing their countless vulnerabilities are an
integral part of maintaining an operational industry. [3]

Lightning, power fluctuations, surges, brown-outs,
blown fuses, and various other power outages instantly disable all
computer systems, since they are dependent on electrical source. Other
accidental and intentional faults have caused significant disruption of
safety critical systems throughout the last few decades and dependence
on reliable communication and electrical power only jeopardizes
computer safety.

Terminology
The following terms used in engineering secure systems are explained below.

• Firewalls
  can either be hardware devices or software programs. They provide some
  protection from online intrusion, but since they allow some
  applications (e.g. web browsers) to connect to the Internet, they don't
  protect against some unpatched vulnerabilities in these applications
  (e.g. lists of known unpatched holes from Secunia and SecurityFocus).

• Automated theorem proving
  and other verification tools can enable critical algorithms and code
  used in secure systems to be mathematically proven to meet their
  specifications.
• Thus simple microkernels can be written so that we can be sure they don't contain any bugs: eg EROS and Coyotos.

A bigger OS, capable of providing a standard API like POSIX,
can be built on a secure microkernel using small API servers running as
normal programs. If one of these API servers has a bug, the kernel and
the other servers are not affected: e.g. Hurd or Minix 3.

• Cryptographic
  techniques can be used to defend data in transit between systems,
  reducing the probability that data exchanged between systems can be
  intercepted or modified.
• Strong authentication techniques can be used to ensure that communication end-points are who they say they are.

Secure cryptoprocessors can be used to leverage physical security techniques into protecting the security of the computer system.

• Chain of trust techniques can be used to attempt to ensure that all software loaded has been certified as authentic by the system's designers.
• Mandatory access control
  can be used to ensure that privileged access is withdrawn when
  privileges are revoked. For example, deleting a user account should
  also stop any processes that are running with that user's privileges.
• Capability and access control list techniques can be used to ensure privilege separation and mandatory access control.
  

SW firewall or/and router?

A firewall is a device or set of devices configured to permit, deny, encrypt, decrypt, or proxy all computer traffic between different security domains based upon a set of rules and other criteria.
A firewall is a dedicated appliance, or software
running on another computer, which inspects network traffic passing
through it, and denies or permits passage based on a set of rules.
A firewall's basic task is to regulate some of the flow of traffic between computer networks of different trust levels.
Typical examples are the Internet which is a zone with no trust and an internal network
which is a zone of higher trust.
A zone with an intermediate trust
level, situated between the Internet and a trusted internal network, is
often referred to as a "perimeter network" or Demilitarized zone (DMZ).
Without proper configuration, a firewall can often become worthless.

Standard security practices dictate a "default-deny" firewall ruleset,
in which the only network connections which are allowed are the ones
that have been explicitly allowed. Unfortunately, such a configuration
requires detailed understanding of the network applications and
endpoints required for the organization's day-to-day operation.
Many
businesses lack such understanding, and therefore implement a
"default-allow" ruleset, in which all traffic is allowed unless it has
been specifically blocked. This configuration makes inadvertent network
connections and system compromise much more likely.
Firewalls permit a Stateful Packet Inspection (SPI) and give DoS attack protection
===============================
A router is a computer whose software and hardware are usually tailored to the tasks of routing and forwarding information.
Routers generally contain a specialized operating system (e.g. Cisco's IOS or Juniper Networks JUNOS and JUNOSe or Extreme Networks XOS), RAM, NVRAM, flash memory, and one or more processors, as well as two or more network interfaces.
High-end routers contain many processors and specialized Application-specific integrated circuits (ASIC) and do a great deal of parallel processing.
Chassis based systems like the Nortel MERS-8600 or ERS-8600 routing switch have multiple ASICs on every module and allow for a wide variety of LAN, MAN, METRO, and WAN port technologies or other connections that are customizable.
Much simpler routers are used where cost is important and the demand is low, for example in providing a home internet service.
With appropriate software (such as Untangle, SmoothWall, XORP or Quagga), a standard PC can act as a router.
Routers connect two or more logical subnets, which do not necessarily map one-to-one to the physical interfaces of the router.
The term layer 3 switch often is used interchangeably with router, but switch is really a general term without a rigorous technical definition. In marketing usage, it is generally optimized for Ethernet LAN interfaces and may not have other physical interface types.
Routers operate in two different planes:

• Control Plane, in which the router learns the outgoing interface that is most appropriate for forwarding specific packets to specific destinations,
• Forwarding Plane, which is responsible for the actual process of sending a packet received on a logical interface to an outbound logical interface.

===============================

If you want outbound protection then install a software firewall.
If you have not set any rules with the router the default allow all outbound will apply (default inbound is block all).
You don't necessary need a software firewall behind a router and many don't use one it may depend on experience.
Firewalls in routers can be configured with rules for inbound and outbound or another tool may be used. If you feel it will help with and take care of the outbound then why not - something light and unobtrusive.
The issue of having an outbound FW depend on the risk profile you have on the www. If you just do email and light surfing for receipts and weather then everything you are doing is fine. Security trumps speed.
If on the other hand you keep financial and private information on your PC and purchase items on credit and do on line banking then your risk of identity theft is higher.
In the latter case leave the firewall ON.
Outbound protection is a must when bank transactions are involved.
Problems in PC security terms are of different kind and the worst of them are never spotted. 
Keep the SW firewall (e.g.ComodoPF) and don't let anything except browser, downloader and other safe apps out.

All the malware writers put the best of their skill to make trojans, keyloggers, etc. undetectable.
Hundreds of thousands of PCs are part of zombie networks and the owners think everything is OK.

TrueSpace7

trueSpace7.6 is a fully-featured 3D authoring package that
will let you model, texture, light, animate and render 3D content.
As well as traditional images and movies, you can also make
3D content for online shared spaces, and for Virtual Earth.

Anotarse y bajar el software gratuito!

Knowledge: Firewalls (2)

Stem 

Firewall Moderator
January 1st, 2007

Firewall Questions for beginners

This is just a follow up post to explain some of the connections that a firewall will try to make (for the services/ internet connections mentioned, and rules that can be put in place.)
Quote:

Originally Posted by Paranoid2000 If you are running Windows XP, the following applies: C:\WINDOWS\System32\Svchost.exe Allow access for DNS and DHCP protocols in order to connect to the Internet (required). Allow access for NTP (to time.windows.com, time.nist.gov) for clock synchronisation (optional); Allow access for HTTP, HTTPS (to *.microsoft.com) to access online Windows Help (optional).

________________________________________

Dhcp client
Service Name: Dhcp
Process Name: svchost.exe -k netsvcs
Microsoft Service Description: Manages network configuration by registering and updating IP addresses and DNS names
(This is how your computer gets a Dynamic IP address so you can connect to the internet. If Internet Connection Sharing is enabled, you need DHCP Client. Also required for most DSL/Cable connections.)
UDP Ports 67:68
Allow UDP Local port 68 Remote port 67
________________________________________

DNS Client
Service Name: DNS
Process Name: svchost.exe -k NetworkService
Microsoft Service Description: Resolves and caches Domain Name System (DNS) names for this computer. If this service is stopped, this computer will not be able to resolve DNS names and locate Active Directory domain controllers. If this service is disabled, any services that explicitly depend on it will fail to start.
(With this service enabled, svchost will perform all the DNS lookups, if disabled, then any program that requires this service will perform this itself.)
UDP Port 53
Allow UDP Remote port 53
________________________________________

Windows Time Service
Service Name: W32Time
Process Name: svchost.exe -k Netsvcs
Microsoft Service Description: Maintains date and time synchronization on all clients and servers in the network. If this service is stopped, date and time synchronization will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
(If you like to synchronize your PC clock to a time server, this is one way to go)

UDP Port 123
Allow UDP Remote port 123 (time.windows.com)
________________________________________

Help and Support Service
Service Name: helpsvc
Process Name: svchost.exe
Microsoft Service Description: Enables Help and Support Center to run on this computer. If this service is stopped, Help and Support Center will be unavailable. If this service is disabled, any services that explicitly depend on it will fail to start.
(some like this service, and its ability to connect out to microsoft for help, but please note, this does not need to connect to the internet to work correctly, and is optional)
TCP outbound, Ports 80:443
Allow TCP (outbound connection): Local ports 1024-4999: Remote Ports 80:443
________________________________________
Quote:

Originally Posted by Paranoid2000 Block access if any is requested for the RPC protocol to any address (a good indication of a compromised system) and for SSDP/UPnP (Universal Plug and Play) unless you are sure that you need it. Block access for any other incoming traffic (known as Server access in ZoneAlarm or Sygate) - this is to prevent Windows Messenger spam which targets svchost.

________________________________________

Remote Procedure Call (RPC) Locator Service
Service Name: RpcLocator
Process Name: locator.exe
Microsoft Service Description: Manages the RPC name service database.
(When searching for RPC Services on the network a Windows RPC client will connect to the domain controller over TCP port 139/445 (the SMB ports) and search for services/servers through the "locator" named pipe. The need for this on an home PC I have yet to find, as mentioned, best to block this.)
________________________________________

SSDP Discovery Service (UPnP)
Service Name: SSDPSRV
Process Name: svchost.exe -k LocalService
Microsoft Service Description: Enables discovery of UPnP devices on your home network.
(This is NOT the Plug`n`play as you may at first think, this is used for finding external devices. Example is a Router which can be UPnP, applications can, by using UPnP open inbound ports (port forward), this was possibly a good idea for ease of use, but can also be used by Trojans etc)

[Signs of SSDP/UPnP activity: svchost will attempt to send UDP out to remote IP 239.255.255.250 remote port 1900 and will attempt to listen on local port 1900 (as well as listen on localhost(127.0.0.1:1900))]
________________________________________
Quote:

Originally Posted by Paranoid2000 C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Firefox\firefox.exe C:\Program Files\Opera\opera.exe Allow access for FTP, HTTP, HTTPS protocols to be able to view webpages and download files (apply to whichever browsers you use) Allow access for POP3, IMAP, SMTP protocols to be able to read and send emails for Opera if using its M2 email client;

________________________________________

HTTP (HyperText Transfer Protocol)
This is the basic connection made by your browser (http(remote port 80)) when connecting to the internet. There is some confusion at times due to the way the PC uses Local posts, as the PC will use local ports somewhere between 1024-5000 when connecting out, so a typical firewall rule for HTTP could be:
Allow outbound TCP local ports 1024-5000 remote port 80
________________________________________

HTTPS
This is basically the same as HTTP but uses encryption on connection, and connects to remote port 443.
Once again the local ports used can be between 1024-5000, so a typical firewall rule for HTTPS could be:
Allow outbound TCP local ports 1024-5000 remote port 443
________________________________________

FTP (File Transfer Protocol)
This is a commonly used protocol for exchanging files over any network, to connect out this protocol will connect to remote port 21.
Allow outbound TCP local ports 1024-5000 remote port 21.
FTP uses 2 ways of connection, one known as "Active FTP" and one as "Passive FTP", I will not go into a full explanation of this at this time, I just feel that "a need to know" that when connecting via FTP other remote ports can be asked for, with the dreaded popup from the firewall, or if the firewall as a "block all rule" at the end of the ruleset, a "The connection was reset" page.
So at this time I will just say, that, when an FTP connection is made, some firewalls will allow these other ports to be used, but some will require an extra rule for the "Passive" connection.
Possible extra rule:
Allow outbound TCP local ports 1024-65535 remote ports 1024-65535
________________________________________

POP3 (Post Office Protocol 3)
This is the most recent version of a standard protocol for receiving e-mail. POP3 is a client/server protocol in which e-mail is received and held for you by your Internet server. Periodically, you (or your client e-mail receiver) check your mail-box on the server and download any mail, probably using POP3. This standard protocol is built into most popular e-mail products, such as Eudora and Outlook Express.
Allow outbound TCP local ports 1024-5000 remote port 110.
________________________________________

IMAP (Interactive Mail Access Protocol)
This is another way that e-mails are collected, but as more advanced options for access/retrieval.
(a more detailed explanation will be given later).
Allow outbound TCP local ports 1024-5000 remote port 143.
________________________________________

SMTP (Simple Mail Transfer Protocol)
This is a protocol for sending e-mail messages between servers. Most e-mail systems that send mail over the Internet use SMTP to send messages from one server to another; the messages can then be retrieved with an e-mail client using either POP or IMAP. In addition, SMTP is generally used to send messages from a mail client to a mail server. This is why you need to specify both the POP or IMAP server and the SMTP server when you configure your e-mail application.
Allow outbound TCP local ports 1024-5000 remote port 25.

Knowledge: Firewalls

Paranoid2000

Security Expert in North West, United Kingdom
Firewall Questions for beginners
Thanks for the good information, Paranoid2000!

Information useful to people unfamiliar with firewalls or networking.
What is a firewall?
A firewall controls network traffic, allowing or blocking it according to rules you specify (rather like a doorman at a nightclub, with rules on who to allow entry to). This can either be a special program running on your computer ("software firewall") or a separate box connected between your computer and the Internet ("hardware or firmware firewall").
What benefits does it offer?
Connecting to the Internet is like opening the door to your house - anyone can come in, anyone can go out. Sadly, it is also now like entering a war zone due to the number of unscrupulous individuals seeking to hijack others' computers for a variety of reasons. An unprotected Windows system is therefore likely to be broken into within 10-15 minutes when connected.
Both software and hardware firewalls can block such attempts - often with the option of alerting you or taking other action like blocking any further traffic from the attacker.
Firewalls can also control what programs on your computer can access the Internet (though hardware firewalls are fairly limited here).
This is useful for two reasons - first it allows you to protect your privacy by blocking programs that try to "phone home" unnecessarily and secondly it can provide warning if your system has been compromised by malware undetected by your anti-virus scanner (since virtually allmalware needs to connect to the Internet to function properly).
Many software firewalls also include features like ad-filtering (removing adverts from web pages), web-filtering (removing any content from a web page that may pose a security or privacy risk) or parental controls (blocking access to known adult websites). These features can all be provided by other software so should not be regarded as essential, but they may be useful to have.
Which one should I use? (Is there a 'best'?)
There is no best product overall since factors like simplicity, flexibility, speed and features can conflict (a "simple" firewall has to compromise on "flexibility" for example). In addition, your own technical experience and desire for control need to be considered - you may prefer a firewall that alerts you to anything remotely suspicious or instead want one that stays in the background. Furthermore, it is possible for a particular firewall to conflict with other security or network software on your computer.
However, almost every product has a free trial so the best advice is to visit the websites, review the documentation and then create a shortlist of products to try out. Then download and install the trial versions - only committing to a purchase once you are certain that the firewall works on your system and that you are happy configuring and using it.
How good is Windows' firewall?
Microsoft provided a very simple firewall with Windows 2000 which was then significantly improved with Windows XP Service Pack 2. This version can provide good protection from incoming attacks but cannot be relied upon to control outgoing traffic. Older versions of Windows (95, 98, ME, NT) have no firewall.
How can I test my firewall?
To test your firewall's ability to protect against incoming attacks and scans, visit one or more of the following sites. Note that if you are using a router, the test will target the router, not any software firewall your PC is running.
Shields UP!
PCFlank
Sygate Online Scan
HackerWhacker
Please note that while your firewall may report these scans as an "attack", you should notOnline Scans - What to do with Open and Closed Ports has more information about what the results mean and what action to take.
To test your firewall's ability to detect outgoing connections, special programs called "leaktests" have been developed which you can download and run on your system. FirewallLeaktester
is the best source of information here, containing copies of the current leaktests plus reviews of firewall performance against them.
Can I use multiple firewalls?
For software firewalls (programs running on your PC), only one should ever be installed. Multiple software firewalls may cause system crashes (blue screen errors) or interfere with each other, leaving your system unprotected.
Multiple hardware firewalls can be used (for example, having 2 or more routers connected in series) but this offers little extra security benefit while increasing the amount of work you have to do to set everything up.
A software and hardware firewall can be used together and this provides the best of both worlds - the hardware firewall will block intruders leaving the software firewall free to control program network access.
I have several computers - does each one need a firewall?
If the computers are sharing an Internet connection using Windows' Internet Connection Sharing (where one computer, the "gateway", is connected directly to the Internet), then you can protect them by either installing a firewall on each one or by using a firewall on the gateway machine. Internet Connection Sharing is quite complex however so the gateway firewall may need some adjustment to work properly.
If you have a router with its own (hardware) firewall, then that will protect every connected computer from outside attack.
How do I decide what to allow and what to block?
Most firewalls will ask you the first time a program tries to connect to the Internet whether or not to allow it. If the program is one you have installed and has legitimate need for Internet access (a web browser needs to connect to websites, email software needs to connect to your ISPs email server), then you should allow it. If you are unsure, block it and look up the details on the program using a search engine like Google.
The following list covers programs that, for most people, should be allowed access (the first letter may vary, depending on your system setup): report this to any ISP. The Outpost forum thread

• Windows SystemIf you are running Windows XP, the following applies:
  C:\WINDOWS\System32\Svchost.exe
  Allow access for DNS and DHCP protocols in order to connect to the Internet (required).
  Allow access for NTP (to time.windows.com, time.nist.gov) for clock synchronisation (optional);
  Allow access for HTTP, HTTPS (to *.microsoft.com) to access online Windows Help (optional).
  Block access if any is requested for the RPC protocol to any address (a good indication of a compromised system) and for SSDP/UPnP (Universal Plug and Play) unless you are sure that you need it.
  Block access for any other incoming traffic (known as Server access in ZoneAlarm or Sygate) - this is to prevent Windows Messenger spam which targets svchost.
  Do not allow any network access to files named svchost.exe in other folders - they are likely to be malware
  If you are running Windows 2000, the following applies:
  C:\WINNT\System32\Services.exe
  Allow access for DNS and DHCP protocols in order to connect to the Internet (required).;
• Web Browsers
  C:\Program Files\Internet Explorer\iexplore.exe
  C:\Program Files\Firefox\firefox.exe
  C:\Program Files\Opera\opera.exe
  Allow access for FTP, HTTP, HTTPS protocols to be able to view webpages and download files (apply to whichever browsers you use)
  Allow access for POP3, IMAP, SMTP protocols to be able to read and send emails for Opera if using its M2 email client;
• Email Programs
  C:\Program Files\Outlook Express\msimn.exe
  C:\Program Files\Thunderbird\thunderbird.exe
  Allow access for POP3, IMAP, SMTP protocols to be able to read and send emails (apply to whichever email programs you use)
  Block access for HTTP, HTTPS protocols since these are more likely to be used by email "tracking" systems that allow the sender to tell if you have read an email, plus your address

How can a firewall tell me if my system has been compromised?
Almost all malware (a general term covering viruses, spyware and trojans) needs Internet access - to inform their creator of their existence, to receive orders on how to exploit your system or to send back private information. If your firewall alerts you to a new program trying to connect out that you have not installed or the connection looks suspicious in other ways (connecting to a dynamic domain rather than a website, to a domain in a country you don't normally access or using a protocol commonly abused like Internet Relay Chat), then this should be blocked and you should run a full scan of your system with an up-to-date anti-virus utility.
Often malware will attempt to bypass firewalls by hijacking trusted programs - many firewalls can detect such techniques and will alert on them. While some software uses such methods legitimately (mouse/keyboard/touchpad software most notably), it is safer to block if in doubt and do an online search for details of the program concerned.
What limits are there to a firewall's security?
Firewalls cannot provide protection for programs allowed network access. To fully secure your system, you need to look at each program allowed access and consider how it could be used to compromise your system. For example, email software could download attachments containing malware - to prevent this either use anti-virus software or disable attachments completely. A web browser could be affected by a malicious website - anti-virus web scanners or web-filters would prevent this. A downloaded file could contain malware - an anti-virus/anti-malware scanner would be the best protection.
Special care needs to be taken with programs allowed to accept incoming traffic from the Internet (known as "server access" in ZoneAlarm or Sygate) since these would be open to attackers - examples include many file-sharing programs and any "server" software (webserver, mailserver, game server). Such programs need to be kept updated with any patches to fix security problems and it may be worth considering other security software (like a "system firewall") to restrict their access - or running them under a Limited User account.
What are Internet Addresses and Domain Names?
Every system on the Internet has a unique numeric address which needs to be known before connecting to it (rather like a telephone number).
This consist of 4 numbers, each in the range 0-255 - for example 192.168.0.1. However most people find names easier and more meaningful so almost every system has a name also (like wilderssecurity.com) which is known as a Domain Name.
Before connecting to a Domain Name, your computer must look up this numeric address (known as an Internet Protocol or IP address - wilderssecurity.com had the IP address 65.175.38.194 at the time of writing) and it uses a system called the Domain Name System (DNS) to find this. DNS can be thought of as a giant phone directory split into thousands of sections, spread around the Internet. This is why it is necessary to allow DNS traffic for so many programs.
Almost all firewalls allow you to set access restrictions by IP address and many allow domain name restrictions also (for example, you could limit your email software to access your ISP email servers only, allowing it to read and send emails while preventing it from contacting any websites linked to in HTML emails, an increasingly popular technique by marketeers for tracking users).
Note: Due to a shortage of IP numbers, a new addressing system called IPv6 has been created which uses 32 numbers for an address rather than just 4. This is not in widespread use currently (and not many firewalls support it), but this is likely to change in the future.
Hardware Firewalls
With hardware firewalls, the type of Internet connection you use may affect the choice available. While it is possible to have a "2-box" setup with a modem (xDSL, Cable or Satellite) being connected to a router (which has multiple network connections and a firewall), most users would find a single box (providing the connection to their ISP, a firewall plus one or more connections for their PCs) easier to manage.
However while such systems are readily available for DSL users (known as DSL routers - ensure you use the correct type like ADSL or SDSL for your connection), cable or satellite users may be limited to routers offered and supported by their ISP. If you use cable or satellite, you should first contact your ISP for advice on supported units.
Aside from that, most units will provide adequate security from incoming attack - the key features to look out for are:
* the ability to share an Internet connection (using a technique called NAT - Network Address Translation). Even without a firewall, NAT will block most incoming attacks due to the way it works;
* a firewall able to provide details of any attacks blocked (and ideally with some visible indicator when this occurs);
* enough network connections (known as ports) to cover all your computers plus one or two spare for future use;
* a straightforward and simple way of setting up the router (most can be done using your browser but some have strange interfaces);
* for wireless networking, comprehensive support for the strongest encryption available (128-bit WEP as a minimum with WPA strongly recommended).
Some routers offer extra features like virus filters, content blocking (mainly to prevent access to adult websites) or traffic prioritization (also known as Quality of Service). Filtering can be quite easily bypassed so should not be considered a key feature while prioritization can be done via software also. Faster wireless technologies may be worth paying extra for, but every computer will need a wireless network card that supports the same protocol (e.g. 802.11g, 802.11a or
80.2.11n).
Where else can I find more information?
The Other Firewalls Sticky Posts contains links to sites covering configuration and support for several firewalls.

EICAR test

En un BLOC DE NOTAS copian esto:

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
Guardarlo como “testXXX.com” (da lo mismo el nombre, lo que importa es la extensión com)
O mejor bajar el archivo de eicar.org
El antivirus activo o instalado debe detectar este patrón típico del más simple EICAR Test en menos de un minuto (o segundos al tratar de abrir el archivo)
Si lo encuentra, se puede considerar al antivirus o antiparásitos como aceptable.
Si el antivirus no lo detecta... Llámenme!
Puede que el antivirus reconoce el EICAR test como una prueba de tontos ;-)

The Anti-Virus or Anti-Malware test file

(read the complete text, it contains important information)
Version of 7 September 2006
If you are active in the anti-virus research field, then you will regularly receive requests for virus samples. Some requests are easy to deal with: they come from fellow-researchers whom you know well, and whom you trust. Using strong encryption, you can send them what they have asked for by almost any medium (including across the Internet) without any real risk.
Other requests come from people you have never heard from before. There are relatively few laws (though some countries do have them) preventing the secure exchange of viruses between consenting individuals, though it is clearly irresponsible for you simply to make viruses available to anyone who asks. Your best response to a request from an unknown person is simply to decline politely.
A third set of requests come from exactly the people you might think would be least likely to want viruses "users of anti-virus software".
They want some way of checking that they have deployed their software correctly, or of deliberately generating a "virus incident in order to test their corporate procedures, or of showing others in the organisation what they would see if they were hit by a virus".
Obviously, there is considerable intellectual justification for testing anti-virus software against real viruses. If you are an anti-virus vendor, then you do this (or should do it!) before every release of your product, in order to ensure that it really works. However, you do not (or should not!) perform your tests in a "real" environment. You use (or should use!) a secure, controlled and independent laboratory environment within which your virus collection is maintained.
Using real viruses for testing in the real world is rather like setting fire to the dustbin in your office to see whether the smoke detector is working. Such a test will give meaningful results, but with unappealing, unacceptable risks.
Since it is unacceptable for you to send out real viruses for test or demonstration purposes, you need a file that can safely be passed around and which is obviously non-viral, but which your anti-virus software will react to as if it were a virus.
If your test file is a program, then it should also produce sensible results if it is executed. Also, because you probably want to avoid shipping a pseudo-viral file along with your anti-virus product, your test file should be short and simple, so that your customers can easily create copies of it for themselves.
The good news is that such a test file already exists. A number of anti-virus researchers have already worked together to produce a file that their (and many other) products "detect" as if it were a virus.
Agreeing on one file for such purposes simplifies matters for users: in the past, most vendors had their own pseudo-viral test files which their product would react to, but which other products would ignore.
This test file has been provided to EICAR for distribution as the "EICAR Standard Anti-Virus Test File", and it satisfies all the criteria listed above. It is safe to pass around, because it is not a virus, and does not include any fragments of viral code. Most products react to it as if it were a virus (though they typically report it with an obvious name, such as "EICAR-AV-Test").
The file is a legitimate DOS program, and produces sensible results when run (it prints the message "EICAR-STANDARD-ANTIVIRUS-TEST-FILE!").
It is also short and simple - in fact, it consists entirely of printable ASCII characters, so that it can easily be created with a regular text editor. Any anti-virus product that supports the EICAR test file should detect it in any file providing that the file starts with the following 68 characters, and is exactly 68 bytes long:
X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*

The first 68 characters is the known string. It may be optionally appended by any combination of whitespace characters with the total file length not exceeding 128 characters. The only whitespace characters allowed are the space character, tab, LF, CR, CTRL-Z. To keep things simple the file uses only upper case letters, digits and punctuation marks, and does not include spaces. The only thing to watch out for when typing in the test file is that the third character is the capital letter "O", not the digit zero.
You are encouraged to make use of the EICAR test file. If you are aware of people who are looking for real viruses "for test purposes", bring the test file to their attention. If you are aware of people who are discussing the possibility of an industry-standard test file, tell them about www.eicar.org, and point them at this article.
In order to facilitate various scenarios, we provide 4 files for download. The first, eicar.com, contains the ASCII string as described above. The second file, eicar.com.txt, is a copy of this file with a different filename. Some readers reported problems when downloading the first file, which can be circumvented when using the second version. Just download and rename the file to "eicar.com". That will do the trick. The third version contains the test file inside a zip ARCHIVEe. A good anti-virus scanner will spot a 'virus' inside an ARCHIVEe. The last version is a zip ARCHIVEes containing the third file. This file can be used to see whether the virus scanner checks ARCHIVEes more than only one level deep.
Once downloaded run your AV scanner. It should detect at least the file "eicar.com". Good scanners will detect the 'virus' in the single zip ARCHIVEe and may be even in the double zip ARCHIVEe. Once detected the scanner might not allow you any access to the file(s) anymore. You might not even be allowed by the scanner to delete these files. This is caused by the scanner which puts the file into quarantaine. The test file will be treated just like any other real virus infected file. Read the user's manual of your AV scanner what to do or contact the vendor/manufacturer of your AV scanner.
Important note: EICAR cannot be held responsible when these files or your AV scanner in combination with these files cause any damage to your computer. YOU DOWNLOAD THESE FILES AT YOUR OWN RISK. Download these files only if you are sufficiently secure in the usage of your AV scanner. EICAR cannot and will not provide any help to remove these files from your computer. Please contact the manufacturer/vendor of your AV scanner to seek such help.

Download area using the standard protocol http
eicar.com 68 Bytes eicar.com.txt 68 Byteeicar_com.zip 184 Bytes eicarcom2.zip 308 Bytes
Download area using the secure, SSL enabled protocol https

How to delete the test file from your PC

We understand (from the many emails we receive) that it might be difficult for you to delete the test file from your PC. After all, your scanner believes it is a virus infected file and does not allow you to access it anymore. At this point we must refer to our standard answer concerning support for the test file. We are sorry to tell you that EICAR cannot and will not provide AV scanner specific support. The best source to get such information from is the vendor of the tool which you purchased.
Please contact the support people of your vendor. They have the required expertise to help you in the usage of the tool. Needless to say that you should have read the user's manual first before contacting them.

Experimento con Ubuntu

Fuente Mayo 23, 2008 by Deidad

Hoy se cumplen 10 meses del experimento y desde mi punto de vista, ha resultado todo un exito, ya que sin lugar a dudas llegara al año sin ningun problema.
Les contare rapidamente de que se trata y despues unos pocos detalles de como se fue desarrollando la historia.
Hace 10 meses convenci a una persona a que aceptara que le instalara en su laptop la (en aquel entonces) ultima version de Ubuntu, despues de que esta persona me solicitara ayuda para que le instalara algunos programas que necesitaba. Leer el resto...

Windows XP Service Pack 3 en Español

Desde el dia 29 de abril se puede descargar la actualización para Windows XP (32bit)
Descargar de aquí

Microsoft update & Windows update

Actualización para Windows XP(KB927891)

Desde hace un par de semanas hemos notado como el servicio svchost.exe desde el inicio del sistema consume gran parte de los recursos, incluyendo memoria y procesador y a veces asi se queda durante periodos prolongados de tiempo. El caso es mas notorio cuando nuestros sistemas estan preparados para trabajar con “Microsoft Update” en lugar de con “Windows Update“.

Los que han tratado de solucionar el problema se han dado cuenta que el culpable es un servicio que lanza el propio svchost.exe relacionado con las actualizaciones automaticas, y algunos simplemente las desactivaron y otros desactivamos el servicio de Microsoft Update y dejamos solo el de Windows Update.

La actualizacion KB927891 corrige ese problema que hacia incluso que algunos sistemas se colgaran y llegaran a presentar mensajes de error referentes al lanzador de servicios svchost.exe.

Esta actualizacion es importante y fue automatica el dia de ayer, pero si ustedes son de los que tienen desactivados los servicios de actualizacion, es necesario que la descarguen e instalen para corregir el problema.

Después de esto ya podran volver a activar las actualizaciones en su mas alto nivel que es “Microsoft Update” y asi poder recibir automaticamente todos los parches de una gran mayoria de productos Microsoft incluyendo a Office.

Pueden leer mas del tema en el siguiente enlace:
http://support.microsoft.com/kb/927891/en-us

Aqui pueden descargar la actualizacion para instalarla manualmente:
http://www.microsoft.com/downloads/details.aspx?displaylang=es&FamilyID=7a81b0cd-a0b9-497e-8a89-404327772e5a

Si no tienen instalada esta actualizacion y quieren comprobar que los esta afectando es tan simple como ver si una de las instancias de svchost.exe despues de iniciar el sistema esta consumiendo gran parte de los recursos, ya sea memoria o procesador (incluso ambos) en el administrador de tareas de Windows.

Problemas con impresoras

No eres el único, esta es una solución profesional:

EICAR test

En un BLOC DE NOTAS copian esto:

X5O!P%@AP[4\PZX54(P^)7CC)7}$EICAR-STANDARD-ANTIVIRUS-TEST-FILE!$H+H*
Guardarlo como “testXXX.com” (da lo mismo el nombre, lo que importa es la extensión com)

El antivirus activo o instalado debe detectar en menos de un minuto (o segundos al tratar de abrir el archivo) este patrón típico del más simple EICAR Test
Si lo encuentra podrá considerarlo como aceptable
Si el antivirus no lo detecta... Llámenme!
Puede que el antivirus reconoce el EICAR test como una prueba ;-)

Max One, México

El sitio original y el de desarrollo
Mx One es un proyecto de:

NOTA BENE: Sitio con pésimo español, pésima traducción al inglés. Espero que la aplicación funcione como deba...
Están avisados: Hecho en México, o sea... por latinos!
Specs
+Protection against: Virus, Trojanos, Worms, etc.
+Compatible with any antivirus resident like for example: Nod32.., Kaspersky.,Bitdefender., AVG., Norton., Panda., Etc.

+ Protection in realtime with.



--System "Check and Block" * it neutralizes all the viruses that are
about infecting itsdevice while this connected one in an infected PC,
even unknown virus.

--Protection system modulates "Guardian" protect its PC of virus
included stranger of those devices USB that are connected without
caring if has installed Mx One.



+ Protection against unknown virus with the system "Check and Block"*

+ It is very small alone it is needed 1Mb of space diponible.

+ 100% free



Max One version 3.8



- Now compatibility for externos and internal hard disks.

- Fast Starting but.

- Improvements in speed for equipment of low resources.

- Changes in the graphic interface.

- Disinfection and elimination in memory of the system with the new system (Stop and Destroy)

- Now unit guardian has major cover in the devices.

- New folder of exceptions " Portables" where they are podran to have all the portable programs of confidence.

- Optimizations to the motor of I scan customized.

- Now he is but easy to differentiate to unit guardian from the USB.

- Automatic Update of unit guardian.

- No longer it is necessary to insert a device to execute unit guardian.

- Menu of unit desing guardian real time and with new options.

Características
+Protección contra: Virus, Trojanos, Gusanos, etc.
+Compatible con
cualquier antivirus recidente como por ejemplo: Nod32™., Kaspersky™.,
Bitdefender™., AVG™., Norton™., Panda™., Etc.

+ Protección en tiempo real con..

• 
  --Sistema "Check and Block"* neutraliza todos los virus que traten de
  infectar su dispositivo mientras esta conectado en una PC infectada,
  incluso virus desconocidos.
• 
  --Sistema de protección modulo "Guardián" proteje su PC de virus
  incluso desconocido de los dispositivos USB que se conecten sin
  importar si tiene Mx One instalado

+ Protección contra virus desconocidos con el sistema "Check and Block"

+ Es muy pequeño solo se necesita 1Mb de espacio diponible.

+ Completamente gratuito.

Novedades en esta version 3.8
- Ahora compatibilidad para discos duros externos e internos.

- Arranque mas rapido.

- Mejoras en velocidad para equipos de bajos recursos.

- Cambios en la interfaz grafica.

- Desinfeccion y eliminacion en memoria del sistema con el nuevo sistema ( Stop and Destroy )

- Ahora el modulo guardian tiene mayor cobertura en los dispositivos.

- Nueva carpeta de exepciones "Portables" donde se podran tener todos los programas portables de confianza.

- Optimizaciones al motor de escaneo personalizado.

- Ahora es mas facil diferenciar al modulo guardian del USB.

- Actualizacion automatica de el modulo guardian.

- Ya no es necesario insertar un dispositivo para ejecutar el modulo guardian.

- Menu del modulo guardian tiempo real reediseñado y con nuevas opciones.

Mensaje de servidor ocupado

"No se puede completar esta acción porque el otro programa está ocupado. Elija cambiar a... para activar el programa ocupado y corregir el problema"

Fuente
Causa:
Este problema ocurre si el programa se conecta a una dirección de bucle  127.0.0.1. Service Pack 2 de Windows XP (SP2) impide conexiones a todas las direcciones IP que están en el intervalo de direcciones de bucle de retroceso excepto 127.0.0.1.  
Para más data: 
http://www.wilkinsonpc.com.co/free/KB884020.html
http://www.configurarequipos.com/tema28518-8-0.html

Nada de virus ni similares, sólo es M$Windows!
No hay que olvidar que W XP es un W2K con  bonita superficie ...y W2K es un sistema operativo semi-optimizado para la red.
Ya se ha comentado que el emule, en especial las ultimas versiones consumen gran cantidad de recursos y de memoria. A veces parece colgado el emule cuando en realidad está ocupado, windows trata de acceder y avisa que el programa ha dejado de responder...., sin que en realidad esté colgado y transcurrido un tiempo funciona normalmente (esto sucede en especial cuando nos acercamos al límite del ancho de banda y hay muchas URLs que gestionar. El problema mencionado es similar, tratas de abrir un  programa, con el emule funcionando, y el sistema no tiene sufientes recursos, windows se vuelve loco y se cree que, dado que corres W XP, es un servidor o que trata de acceder a un servidor, y te sale el mensaje de marras.
La solucion es "cambiar a" o "reintentar", hasta que el programa arranque.
Error con el ACDsee cuando corre el emule:
http://forum.emule-project.net/lofiversion/index.php/t40602.html
Ésta y otras explicaciones son referentes al uso del e-mule, por supuesto no está configurado para iniciar con windows
Por cierto: http://www.wilkinsonpc.com.co/free/KB884020.html no soluciona el problema
También puede ser infección del "Backdoor.IRCBot"

Solución
Realizar los siguientes pasos en este orden:
1º » Actualizar el sistema  opèrativo Aqui
2º » Borrar todas las cookies y limpiar el registro con CCleaner
3º »Inicio- Panel de Control--> Java y eliminar todos los archivos temporales. (si usas Java)
4º » Usar AVG Antispyware. ( Actualizar, explorar por malware , elegir la opcion eliminar, leer el reporte)
5º » Usar también el ElistarA (No necesita instalación, optar por SI a todo) Los resultados aparecen en el archivo C:\Infosat.txt

DriverMax

DriverMax is a powerful free utility which helps you download, backup and restore the drivers installed on your Windows Vista or Windows XP computer and check if newer versions are available. Download all drivers from one place in just a few steps. Or back them up so you will have all of them in a single place and will be able to reinstall them in a few minutes. This tool can save you a lot of time when reinstalling Windows, especially on older computers for which the original CDs containing the drivers have been lost. You no longer have to track down old driver installation CDs, insert one installation CD after another or spend hours searching for drivers on the Internet.
DriverMax is also able to display a detailed report about all drivers (versions, release dates) installed on your system. Identify unknown devices in your computer and get Windows Vista rating information before you purchase new hardware.

Trojan horse Delf

Source
Description
Delf is a family of Trojan horse programs which allow a cracker to take complete control over infected PCs. Some versions log your keystrokes, allowing the cracker to review your passwords, credit card numbers, and any other information that you type. Backdoor.Delf.B is one common variant of this troublesome Trojan horse. Delf can install on a PC when you unwittingly run an infected email attachment or an infected file downloaded from a file sharing service.

If Delf.B Is On Your PC
Delf tries to disable several common antivirus applications, so you may notice that your antivirus utility has stopped working properly. You may also notice slow-loading Web pages or other unexpected Internet activity.
A Delf.B-infected PC will have files named Kernel32.exe in the Windows system directory (C:\WINDOWS\SYSTEM or C:\WINNT\SYSTEM32, depending on the operating system). However, several other viruses and Trojan horse programs use that same file name in the same location. Having the file is always trouble, but the culprit is not necessarily Delf. To prove definitively that the uninvited visitor is Delf.B, use the Registry Editor (click Start and Run, type regedit in the Open box, and click OK) to look at the following keys:

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNSERVICES

HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN
If both contain the value LoadWindowsFile, then Delf.B is the culprit.

WARNING: The following section includes step-by-step information on how to edit the Windows Registry, a large database containing system and program settings that are essential to how the OS (operating system) operates. Follow Registry-editing instructions to the letter and be sure to make a backup of your Registry before you begin (Registry errors can render your computer inoperable if you don't have a backup). This procedure differs depending on the OS you use. For more information on backing up and editing the Registry, see these articles: "Protect Yourself" and "Register Here."

How To Get Rid Of Backdoor.Delf.B
There are many versions of Delf; offshoots of this particular malware may require unique removal processes.
If you use the System Restore feature in Windows Me/XP, a copy of Delf could remain in the System Restore backup folder. To remove it, disable System Restore. To do this in WinXP, click Start and Control Panel, double-click the System icon, select the System Restore tab, check the Turn Off System Restore checkbox, and click Apply. Confirm that you want to disable System Restore, and the infected backups will be deleted.

To remove the System Restore feature's backup files in WinMe, right-click the My Computer icon on the Desktop, select Properties, and select the Performance tab. Click File System and Troubleshooting. Select Disable System Restore and click OK. The infected backups will be deleted. Restart your computer.
To remove Delf.B manually, start Windows in Safe Mode by pressing the F8 key as Windows begins to boot. Open Windows Explorer, navigate to the Windows system directory (C:\WINDOWS\SYSTEM or C:\WINNT\SYSTEM32, depending on the operating system) and delete the Kernel32.exe file.

Next, use the Registry Editor to remove Delf's remains from the Windows Registry. Click Start and Run, type regedit in the Open box, and click OK. In the Registry Editor, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN. In the right pane, look for an item called LoadWindowsFile. Right-click it and select Delete. Next, navigate to HKEY_LOCAL_MACHINE\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUNSERVICES. In the right pane, there should also be an item called LoadWindowsFile. Right-click it and select Delete. Close the Registry Editor to save your changes and restart the computer.

If you prefer, you can use an antivirus utility such as Symantec's Norton AntiVirus 2005 to remove Delf. Launch the program and click the LiveUpdate button to download the latest updates. Next, restart the computer. Start Windows in Safe Mode by pressing the F8 key when Windows begins to boot. Start Norton AntiVirus 2005 again, click the Scan button, and wait for the utility to find and remove the offending files. When the program is done, restart the PC.

After removing Delf using either method, WinMe/XP users should re-enable the System Restore feature.
by Kevin Savetz
==============================
Source
This parasite is a trojan; this means that it doesn't strive to make as many copies of it as possible and send them to various addresses, but concentrates on one single machine. Delf Trojan is able to give the hacker a remote access to the infected computer and a possibility of making various destructive actions. Some of these actions may seriously harm security and stability of the infected machine, that's why it's strongly recommended to remove this pest as soon as possible.
Delf Trojan properties:
• Allows remote user connection
• Logs keystrokes
• Connects itself to the internet
• Hides from the user
• Stays resident in background

Automatic Delf Trojan removal:

remover for Delf Trojan

Delf Trojan manual removal:

Kill processes:
gadugadu.exe, project1.exe
HELP:
how to kill malicious processes
Delete files:
gadugadu.exe, project1.exe
HELP:
how to remove harmful files

Other programs to remove Delf Trojan:

• SUPERAntiSpyware - Download

==============================
Source

This easy-to-use application will help you detect and eliminate trojan threats from your computer.
cleandelf.exe will detect and remove W32/Delf Trojan and its variants completely, from your system.
Double click on cleandelf.exe to execute it.
Follow the user-friendly instructions in order to detect and remove this trojan from your computer.
==============================
Eliminar:

C:\Archivos de programa\GbPluggin\gbiehdst.dll
C:\Archivos de programa\GbPluggin\gbppdist.dll
C:\Archivos de programa\GbPluggin\gbppsv.exe

C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\933XHVIM\gbiehdst[1].js
C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\DLMA5EUF\gbppsv[1].js
C:\Documents and Settings\Administrador\Configuración local\Archivos temporales de Internet\Content.IE5\DLMA5EUF\Geremias_IIII_AVI[1].zip

Qué es un friki (freak)?

Fuente

16.- ¿Quien es el hombre mas friki del mundo?
R: Este de la foto.Fíjate en su cara; es el crío de Solo en Casa con 30 años mas y con pinta de haber estado diseñando tostadoras toda su vida. No se puede ser más friki…

Telefónicas de Bolivia -- DNS cache poisoning

Source
DNS

DNS cache poisoning
Básicamente, la explotación del fallo puede permitir a un usuario malintencionado, redirigir cualquier nombre de dominio a una web falsa.
Hay que recalcar lo de "cualquier nombre de dominio".
O sea, cualquiera podría caer en el engaño y cualquier página (por ejemplo: banca virtual accedida a través del servidor o servidores Domain Name Server del portal de Cotas) podría no ser legítima.

Dan Kaminsky fue el primero que encontró y reportó el problema, en su sitio web hay un test que permite comprobar si el proveedor del servicio de Internet ha aplicado el parche.
Cuándo se encargarán de arreglar eso los bien pagados ingenieros de Cotas?
Controlen los DNS de Entel, AXS, Telecel y los demás proveedores de Internet
Para hacer el test tuve que cambiar a los DNS de COTAS mis DNS de opendns.org :
208.67.222.222 y
208.67.220.220
(que uso desde 2005 y recomiendo a todo conectado con cualquier proveedor de internet en Bolivia)

DNS Checker
Recently, a significant threat to DNS, the system that translates names you can remember (such as www.doxpara.com) to numbers the Internet can route (66.240.226.139) was discovered, that would allow malicious people to impersonate almost any website on the Internet. Software companies across the industry have quietly collaborated to simultaneously release fixes for all affected name servers. To find out if the DNS server you use is vulnerable, click below.

RESULTS:
Your name server, at 200.58.161.25, appears vulnerable to DNS Cache Poisoning.

All requests came from the following source port: 32769
Due to events outside our control, details of the vulnerability have been leaked. Please consider using a safe DNS server, such as OpenDNS.
Note: Comcast users should not worry.

---

Por lo tanto, provecho con el servicio de Cotas! Pienso que las otras telefónicas también están en las mismas.
Eso se llama seguridad informática a la boliviana!

Dial-Up Networking Errors

(RAS Error Codes | Remote Access Service Error Code List)

A listing in numeric order of Microsoft Dial-Up Networking (DUNS) Error codes with the Microsoft error message follows. If there's a hyperlink, you can follow it for more information on what to do about the error. If you are getting an error that does not have more information here, please let me know! The list includes error codes for Windows 95, 98, Me, NT, 2000, XP, and Vista.

In later versions of operating systems (NT, 2000, XP and Vista) some of the errors can occur for connections other than traditional dial-up modem connections: they may occur with DSL and VPN (virtual private networking) connections that do not involve dial-up.

NOTE: Some solutions indicate to re-install DUNs and/or TCP/IP. See this Microsoft KB article for Win 95/98 instructions to Remove & Re-install DUNS & TCP/IP. Newer versions of Windows don't allow DUNS uninstall: see Reset DUNS (TCP/IP) in Windows 2000 & XP.

Windows Vista: Dialing directly from the 'Connect To' menu or other shortcuts will not display DUNs error codes - instead, particularly large and unhelpful dialog boxes are shown as detailed here.
In order to see any DUNs error codes, you must dial from the 'Manage Network Connections' Window.

ALSO SEE: Connectoids. In many cases, DUNs Errors can be solved by correcting the properties for your dial-up networking connections.

Error list

W32.Spybot | Backdoor.IRCBot | PWSstealer

Fuente
Download SDFix.exe.
Double click SDFix.exe and it will extract the files to %systemdrive%
(Drive that contains the Windows Directory, typically C:\SDFix)

Then reboot your computer in Safe Mode

• Choose your usual account with administrative rights
• Open the extracted SDFix folder and double click RunThis.bat to start the script.
• Type Y to begin the cleanup process.
• It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
• Press any Key and it will restart the PC.
• When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
• Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
• Launch Hijack This.

-----------------------------------------------
Alternative method:
0. disable system restore
1. disable winsystems16 with task manager
2. remove winsystems16 from startup processes
3. disable system resotre
4. delete winsystems16.exe
5. delete winsystems16.exe from system registry entries
6. delete any startup files of size 0 bytes
7. reenable system restore

=========================
Fuente
La utilidad SDFix (sólo para Windows 2000/XP) es capaz de eliminar los siguientes tipos de troyanos:

• Backdoor.IRCBot y variantes.
• Todas las variantes del troyano Ranky.
• Troyanos W32.Downloader, Proxy, Backdoor, PWSStealer/Keylog.
• HackerDefender/SpamBot.
• Trojan.RootKit Components.

Andy Manchesta nos da una amplia descripción de lo que puede eliminar la utilidad SDFix en este enlace, basándose en cómo se manifestarían los síntomas de esos troyanos en un log del programa HijackThis.

*NOTA: Algunos antivirus y/o programas anti-malware detectan el proceso process.exe" como malicioso Mis Documentos o carpeta donde has descargado "SDFix\SDFix.zip\SDFix.exe\Process.exe" y en "C:\SDFix\apps\Process.exe" (Risktool.Win32.Processor.20) Debes ignorar esas alertas y desactivar el antivirus temporalmente para permitir que SDFix lleve a cabo el proceso de desinfección.

• Haga doble clic en el archivo SDFix.exe y que va a extraer los archivos en %systemdrive%
• (Esta es la unidad que contiene el directorio de Windows, normalmente C:\SDFix).
• NO lo use todavía

• Inicia su PC, en "Modo a prueba de fallos" (modo seguro)

• Abra la carpeta C:\SDFix y hágale doble-clic sobre el archivo "RunThis.bat".

• En la pantalla en modo MS-DOS (modo con símbolo del sistema), teclea "Y" para empezar la ejecución del programa. Aparecerá una ventana mostrando los siguientes textos:

Please wait...
"Checking Running Processes"
"Checking Running Services"

Se eliminarán todos los servicios (entradas 023 del log de HijackThis) relacionados con el troyano en cuestión y se realizarán las reparaciones pertinentes en el registro del sistema.

• Cuando haya terminado, presiona cualquier tecla para reiniciar. Notarás que el sistema tardará algo más en reiniciar.

Esto es normal.

• Cuando el PC haya reiniciado, aparecerá una ventana indicando lo siguiente:

"Stage Two"
"This may take 4-5 Minutes..."
"Please be patient as this may take a few minutes..."
"Checking for Remaining Files and Services..."

Se paciente y espera a que transcurran los 4 ó 5 minutos necesarios para completar el proceso de desinfección.
Por último, aparecerá la ventana "The FixTool has finished".

• Presiona cualquier tecla para finalizar el script y cargar los iconos del Escritorio normalmente.

Se habrá generado un informe detallado "report.txt" en la carpeta C:\SDFix indicando los resultados de la limpieza y eliminación de los troyanos detectados, así como cualquier referencia de los mismos en el registro del sistema.

Para que el antivirus y/o programa anti-spyware no sigan alertándote, elimina las carpetas "SDFix" en las ubicaciones mencionadas anteriormente: Mis Documentos o carpeta donde descargaste "SDFix" y C:\SDFix.

Reduciendo Winsxs

Según MS

Vista Winsxs size more than 6 GB

Get Vlited Vista Cut off up to 3.2GB

Optimización para expertos (harddisk)

Fuente plagiada

(solo usuarios de Windows 2000 y XP)

Muchos de los pasos acá mencionados requieren un cierto conocimiento en el campo sino podría terminar en una pérdida parcial o total del sistema operativo y de los datos de usuario con lo que no se recomienda a usuarios no avanzados.
Para muchos de nosotros la optimización del sistema es una de las cosas fundamentales por lo que no siempre estamos satisfechos, una buena forma de agilizar un poco las cosas es teniendo orden y realizando un particionamiento de la unidad adecuado, esto produce que Windows tenga más rápido y fácil acceso a los datos agilizando así las tareas de lectura de la unidad.
Un correcto particionamiento de una unidad aumenta la seguridad de nuestro datos antes caidas de eléctricidad, aumenta la agilidad de acceso a los archivos y ordena todos los ficheros. Depende del usuario y sus necesidades por lo que cada uno debe tener en cuenta esto y aplicarlo de acuerdo al uso que se le da al computador.
Para particionar correctamente un sistema debemos hacerlo de la siguiente forma:

• Una partición para el sistema y sus programas: Esta partición puede variar de tamaño de acuerdo a la cantidad de programas que se instalen, puede usar como mínimo 10Gb como puede usar más, pero recuerde, la idea es tener una partición pequeña pero justa para lo que la necesitamos es que el tamaño del cluster será más pequeño por lo que el acceso a los datos será más agilizado y rápido.
  
• Una partición para el Swap o archivo de intercambio del sistema (memoria Virtual): esta partición puede ser de 500Mb hasta 1.5Gb, depende de la cantidad de aplicaciones que ejecute simultaneamente y de la cantidad de memoria virtual que usted necesite. El archivo de intercambio como bien saben está constantemente aumentando de tamaño y disminuyendo por lo que produce fragmentación en la unidad donde esté alojado (normalmente en el Root principal), al colocarlo en una partición única para él evitariamos esta fragmentación.
  
• Una partición para datos personales: Esta partición está hecha para alojar todos los datos del usuario, se recomienda pasar la carpeta de "Mi Documentos" de todos los usuarios a esta así como guardar toda la música, documentos e información personal en esta partición..

Se recomienda desactivar el restaurar sistema en la unidad principal para evitar la fragmentación de archivos y el uso de espacio en disco.
Una vez hecho una buena gestión de particiones se deben hacer los primeros pasos de este tema:
Al tener todo arreglado la próxima vez que vaya a hacer limpieza al sistema va a ser mucho más rápida y eficiente ya que la desfragmentación y el análisis de la unidad principal será muy rápida por lo que la pérdida de tiempo es inferior.

Otro tipo de gestión de particiones:
Algunos «Geeks» de la informática prefieren un particionamiento más complejo como el siguiente:
Una partición únicamente para la carpeta de Windows
Una partición para la carpeta Documents And Settings
Una partición para la carpeta de archivos temporales
Una partición para los programas instalados
Una partición para La memoria virtual del sistema
Este tipo de gestión de particiones requiere un conocimiento muy exacto de cuántos programas se instalarán y de cuanto espacio verdaderamente le hace falta al sistema para funcionar, eso se hace en base al uso que se le de. A parte de que aumenta por mucho el nivel de seguridad de los datos y la agilidad de acceder a todo.

Problema con SVCHOST.EXE, CPU 100%

Fuente del texto plagiado!

Ha sido publicado un aviso de seguridad para el componente de instalación de Windows, Microsoft Windows Installer (MSI).
En una actualización automática (KB927891), Microsoft soluciona un problema existente con el SVCHOST.EXE. El mismo consume los recursos del procesador cuando controla a Windows Update o Microsoft Update.
SVCHOST gestiona servicios o grupos de servicios en los sistemas operativos Windows. Al manejar el componente de instalaciones puede llegar a ocupar los recursos existentes causando un enlentecimiento del ordenador.

Son afectados:
Microsoft Windows 2000 Service Pack 4
Microsoft Windows XP Service Pack 2
Microsoft Windows XP Professional x64 Edition
Microsoft Windows XP Professional x64 Edition SP2
Microsoft Windows Server 2003 Service Pack 1
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 x64 Edition SP1
Microsoft Windows Server 2003 x64 Edition SP2

La actualización mencionada es parte de las que ya fueron publicadas anteriormente, estando clasificadas como alta prioridad.
Desde aquí recomendamos actualizar el S.O. y el I.E. así como poner en automático las actualizaciones.

----------------------------------------------
Fuente.

Esta descarga está disponible para clientes que utilizan Microsoft Windows original. Haga clic en el botón Continuar para comenzar la validación de Windows. Tal y como se describe en nuestra declaración de privacidad, Microsoft no utilizará la información recopilada durante el proceso de validación para identificarle o ponerse en contacto con usted. Los usuarios de Windows Vista deben superar los requisitos de validación de Microsoft Genuine para habilitar determinadas características del producto y para obtener actualizaciones no relacionadas con la seguridad y soporte técnico del producto de. Si desea conocer más información, vaya a la sección P+F del Programa de Ventajas de Windows Original

Optimización sistema operativo

Plagio total: Gracias, Hobbit!
Una de las razones principales por el cual el sistema operativo se hace lento e inestable es la falta de mantenimiento, esto se puede evitar realizando por lo menos 1 vez al mes estos pasos y en el mismo orden en que se le presentan:

• Limpie cookies, temporales y algunos archivos innecesarios con, CCleaner(gratuito).
  
• Elimine programas, aplicaciones, o datos de usuario que no necesite, para eliminar los programas debe hacerlo con su respectivo desinstalador o desde Agregar o quitar programas desde el Panel de control.
  
• Limpie el registro de entradas innecesarias con el CCleaner(gratuito).
  
• Realice un diagnóstico completo del disco duro con ScanDisk (para Windows 9x) o CHKDSK (para Windows NT) para identificar errores en el disco duro o posibles fallos. Vease Realizar examen de disco para hacer el diagnóstico completo.
  
• Realice una desfragmentación de todas las unidades de disco duro presentes, esto organizará los datos en el disco duro, con esto logrará que se consigan más rápidamente los archivos y carpetas y el sistema acceda más rápido a los datos. Para conocer el desfragmentador siga el siguiente enlace ¿Para qué sirve y cómo se utiliza el Desfragmentador de disco?
  
• Libere el escritorio de Windows de íconos, esto permitirá que el escritorio cargue más rápidamente.
  
• Libere el menú inicio de programas o agrupe todos los programas similares o sueltos en una sola carpeta, esto acelerará el despliegue del menú Inicio.

Otras optimizaciones

• Para Windows XP:
  Disminuya la cantidad de efectos gráficos, si no le importa el
  aspecto de Windows XP podría colocar el tema clásico de
  Windows (como el de Windows 98/ME/2000), al hacer esto la velocidad
  aumentará muy considerablemente, pero esto no es lo único
  que puede disminuir, en las opciones de rendimiento (clic derecho a MI PC / Propiedades / Pestaña Opciones avanzadas / Clic en el botón Configuración de la zona Rendimiento)
  tenemos la posibilidad disminuir los efectos gráficos como
  sombras, colores, los efectos Smoot y muchos más, lo que
  hará que el sistema vuele :). Recomendaciones de efectos a
  desactivar:
  
  Atenuar o deslizar los menús en la vista
  Mostrar contenido de la ventana mientras se arrastra
  Mostrar sombras bajo los menús
  Usar imagen de fondo para cada tipo de carpeta
  
  
• Todos menos Windows 2000:
  Quite aplicaciones del inicio mediante el MSCONFIG, se recomienda
  quitar aquellas que se ejecutan automáticamente al inicio del
  sistema, que tengan que ver con actualizaciones automáticas y
  programas que no use. Si tiene dudas de alguna aplicación, no
  sabe para que sirve o no conoce el proceso puede buscar el nombre del
  proceso en Google . Véase Uso del MSCONFIG para conocer su funcionamiento en XP.
  
  
• Para Windows XP:
  Desactive servicios innecesarios del sistema, si logra hacerlo con
  éxito el sistema se iniciará más
  rápidamente y tendrá a su disposición mayor
  cantidad de memoria disponible. Véase Los Servicios De Windows XP para información de servicios de Windows.

La memoria no se puede "written"

Source

Descarga CCleaner y ejecútalo usando primero su opción de "Limpiador" para borrar Todas las opciones de Internet Explorer, Explorador de Windows y Sistema,(menos
el historial de autocompletado) luego usa su opción de "Registro" para
limpiar todo el registro de Windows (haciendo copia de seguridad).
Una vez que este termine de limpiar todo, actualiza "Java",
hace una Desfragmentación del disco con la opción de Windows y pasa por
www.windowsupdate.com para descargar todos los parches disponibles (si
tu sistema lo permite)
Descarga y ejecuta la utilidad Advanced WindowsCare, para reparar y optimizar a fondo tu PC.

Reinicia el PC.

Reparar Windows Update

Si el mensaje de error persiste:

• 1. Revisa la configuración de los servicios Windows Update y BITS:
  • a. Ve al menú Inicio/Ejecutar, escribe “services.msc” y haz clic en Aceptar
  • b. Haz doble clic en el servicio “Actualizaciones automáticas”
  • c. Ve a la pestaña “Iniciar sesión”, asegúrate de que “Cuenta del sistema local” esté seleccionada y que la opción “Permitir a los servicios que interactúen con el escritorio esté desmarcada”
  • d) Verifica que el “Perfil de hardware” (en general perfil 1) esté Activado. Si no, haz clic en “Activar”
  • e) Regresa a la pestaña “General”, verifica que el “Tipo de inicio” sea Automático. Si el estado del servicio no está en Iniciado, haz clic en Iniciar
  • f. Repite cada etapa de estas operaciones con el servicio “Servicio de transferencia inteligente en segundo plano” (Background Intelligent Transfer Service ou BITS)
• 2. Guarda las DLL de Windows Update:
  • a. Abre el menú Inicio/Ejecutar, escribe “cmd” y haz clic en Aceptar
  • b. En el prompt, REGSVR32 WUAPI.DLL y presiona Enter. Cuando aparezca el mensaje DllRegisterServer in WUAPI.DLL succeeded, haz clic en OK
  • c. repite estas operaciones para cada uno de los siguientes comandos:

    REGSVR32 WUAUENG.DLL</pre><pre>REGSVR32 WUAUENG1.DLL REGSVR32 ATL.DLL </pre><pre>REGSVR32 WUCLTUI.DLL REGSVR32 WUPS.DLL REGSVR32 WUPS2.DLL REGSVR32 WUWEB.DLL

  • d. Luego detén el servicio de Windows Update, escribe: net stop WuAuServ
• 3. Renombra la carpeta de Windows Update: haz clic en el menú Inicio/Ejecutar, escribe %windir% y pulsa Aceptar. En la ventana renombra la carpeta SoftwareDistribution en SD_Old
• 4. Reinicia el servicio Windows Update, para ello abre el menú Inicio/Ejecutar, escribe net start WuAuServ y haz clic en Aceptar
• 5. Reinicia completamente el PC
• 6. Ve al sitio de Windows Update para proceder manualmente a las actualizaciones de los productos Microsoft.

Si todo esto no funciona, prueba con este método:

• 1. Ve al menú Inicio, haz clic derecho sobre Mi PC y selecciona “Propiedades”.
• 2. Ve a la pestaña “Actualizaciones automáticas”
• 3. Marca “Desactivar Actualizaciones automáticas” y pulsa “Aceptar”
• 4. Reinicia el PC
• 5. Ve al menú Inicio/Todos los programas, abre Windows Update para actualizar Windows manualmente.
• 6. Regresa a las Propiedades de Mi PC para reponer la opción “Automática (recomendado)” de las actualizaciones automáticas.

UFD, autorun.inf y virus

La propagacion de virus y demás malware mediante CDs, DVDs, memorias y discos USB.


En windows existe la funcion de autoejecutar aplicaciones cuando se
desea entrar en algun disco (cd, dvd, memoria USB, HD) mediante el uso
de un archivo llamado autorun.inf
Este archivo contiene simples instrucciones como texto plano que refieren o vinculan a algun archivo (batch file) o ejecutable en el mismo disco o carpeta determinada
Cuando el reconocimiento automático está activado el sistema operativo usa la información contenida en autorun.inf y ejecuta el (los) archivo(s)
ahí enumerados.


esto es bastante practico cuando se tiene un cd de instalacion de algun
programa porque al hacer doble clic sobre la unidad donde se encuentra
el cd se autoejecuta la instalacion de dicho programa ya que se ha
creado un archivo autorun.ini en dicho cd que señala al ejecutable que
inicia la instalacion del programa..


esta particularidad es usada por virus que modifican el archivo
autorun.ini para que este señale a algun ejecutable nocivo, el cual al
acceder a la memoria se ejecuta en segundo plano e infecta el sistema y
este a su vez modifica todos lor archivos autorun.ini de todos los
discos dentro del el equipo, por lo que si tienes una memoria limpia en
tu equipo esta se contaminara tambien.


el FD lo que hace es generar un archivo autorun.ini en tu memoria el
cual esta bloqueado a la escritura y no puede borrarse para que desde
tu memoria USB no se puede autoejecutar nada al ingresarla a algun
equipo.


con esto el FD evita la propagacion del virus PERO no evita que tu
memoria USB tenga dentro de ellas archivos nocivos como virus, pero en
este caso estos archivos no se podran autoejecutar y para que puedan
infectar el equipo tienen que ser ejecutados manualmente..


es decir que si ejecutaste el FD en tu equipo con tu memoria USB
conectada esta queda "vacunada" para que no siga propagando los virus
pero puede contener dentro de ella algun virus por lo que como
complemente al FD es recomendable que escanees tu memoria USB para
limpiar cualquier virus que haya quedado en tu equipo..


el FD elimina los archivos de muchas variantes de virus que se
transmiten por memorias USB ya que posee en sus firmas una base datos
con los nombres de dichos virus, pero igual es recomendable scanear la
memoria con un antivirus..


es decir que si ejecutaste el FD puedes estar tranquilo de que no se
propagaran mas virus desde tu USB pero puedes tener algun archivo
nocivo en la misma por lo que debes hacer un analisis con tu antivirus.

update.exe ha detectado un problema...

... y debe cerrarse
Solución
Importante: el contenido de esta entrada se refiere a
un problema específico de Internet Explorer 6 sobre Windows XP de 32
bits con Service Pack 2.

Pierre Bézier

Source   Monday September 1, 2008

Today is the birthday of Pierre Bézier, the French mathematician and engineer who developed the Bézier curves method of computer drawing in the late 1960s while working for the car manufacturer Renault.
Today, most graphics software includes a pen tool for drawing paths with Bézier curves.

• More About Bezier Curves and Pierre Bézier

• Vector Drawing Terms: The Language of Curves

• Paint Shop Pro Vector Basics and Path Anatomy Tutorial

• Bezier Curves and Paths in Illustration Software

Pleasentville "single-color" effect

How to achieve the Pleasantville "single-color" effect, which isolates a single color of an object and black and white the rest to the photo.

Photoshop CS
HowtoI
HowtoII

HowtoIII

• Re: Pleasantville Effect in Photoshop CS
• Re: Pleasantville Effect in Photoshop CS
  
• Re: Pleasantville Effect in Photoshop CS

Photo Shop Pro

Open the photo in Paint Shop Pro, then duplicate it either by
Layers>Duplicate or right click in the layer palette and duplicate.

On the background copy layer, you want to desaturate it, make it black and white. You can do this from Adjust>Hue & Saturation>Hue/Saturation/Lightness. Pull the saturation slider to 0, the other sliders should be zero as well.

Now do Layer>New Mask Layer>Show All, and then choose the Paint Brush with white as the
fill and background color and Black in the foreground/stroke color box.

With black, paint on the layer mask where you want the color to show, if you make a mistake you can switch the color to white and fix it, just repaint with white.

When you're happy with it,  flatten the layers(Layers>Merge>Merge All) and save.

Photoshop's Save for Web command

Source

Enter Gallery

Introducing Save for Web

Save for Web Views and Presets

Comparing Optimized Versions

Save for Web Toolbar

Save For Web Optimization Options

Save For Web Color Table

More Save for Web Controls

http://webresizer.com/resizer/

Best Resolution for Publishing Photos

How to calculate  the best possible resolution for Publishing Photos

By Sue Chastain, About.com
See More About:

• image resolution
• printing digital photos
• resampling images
• ppi
• dpi

Real-world problem of dealing with image resolution for an image to use in publication...

"Someone wants to buy a photo from me. They need it to be 300 DPI, 5x8 inches. The photo I have is a 702K, 1538 x 2048 jpeg. I figure it has to be big enough! But how do I tell? The only photo program I have is Paint.NET, and I'm not sure it's telling me what I want to know. If I don't mess with it, it tells me that my resolution is 180 pixels/inch, at a size of approximately 8 x 11. If I make it 300 pixels/inch (is that the same as DPI?) I can get a print
size that works, about 5 x 8, and it changes the pixel width to 1686 x 2248. Is that what I'm supposed to be doing??? It doesn't seem like much of a change to the human eye."

A lot of this confusion is because most people don't use the right terminology. They say DPI when they should be saying PPI (pixels per inch). Your photo is 1538 x 2048 and you need a print size of 5x8 inches… the math you need is:

[pixels]/[inch]=[PPI]
1538/5=307
2048/8=256

That means that 256 is the maximum PPI you can get from this image to print the longest side at 8 inches without letting your software add new pixels. When your software has to add or take away pixels, it is called resampling,
and it does result in a loss of quality. The more drastic the change, the more obvious the loss in quality will be. In your example it is not very much, so the loss won't very noticeable… as you noted. In a case of this small of a change, I generally prefer to print the lower PPI image. It usually prints fine. But since you are sending this out to someone, you'll just have to accept the resampling to make it 300 PPI.

• More on Resampling
What you did in Paint.NET is fine as long as you know and understand that the software is going to resample the image. Anytime the pixel dimensions are changed, this is resampling. There are many different algorithms for resampling, and different software uses different methods. Some software even offers you a choice of different algorithms. Some methods work better for reducing image size (downsampling) and some work better for increasing image size (upsampling) like you want to do. "Best Quality" in Paint.NET should be fine for what you need to do.

• More on Upsampling Methods
My resizing practice exercise might help to make all this clearer to you. It was written as part of my Photoshop CS2 course, but the resize dialog box in other software may be similar enough that you can still follow along.

• Resizing Practice Exercise

Also see: How do I change the print size of a digital photo?
Another problem you have is that your dimensions are a different aspect ratiofrom the print size that has been requested. That means you'll have to crop the image yourself if you want control over what is shown in the final print.

• Aspect Ratio and Cropping to the Proper Print Dimensions

Here's some additional follow up clarification:

"When I tried to make the photo a higher PPI, I expected the pixels numbers to decrease rather than increase. I guess I thought that if there aren't enough pixels to get the size I want at the resolution I want, it would 'spread them out' somehow, not give me more. Now that I've read your resampling definition, I understand why there are more pixels, not less."

What you said about spreading out the pixels is basically what happens when you send a lower resolution file to the printer. At lower resolutions, the pixels get more spread out and you lose detail; at higher resolution pixels are squished closer together, creating more detail. Upsampling causes your software to create new pixels, but it can only make guesses as to what is accurate — it can't create any more detail than what was there originally.

Resolution Glossary

PPI - Pixels per Inch
DPI - Dots per Inch
Resample

Resizing and Resampling for Print
Increasing Image Resolution
Change the Print Size of a Digital Photo
Aspect Ratio

More Resolution Tips
Image Size and Resolution
How Many Pixels Do I Need For Printing Photos?
Resizing Practice

Capturing a Screen Shot with the Snipping Tool

Source

Before Windows Vista, if you wanted a screen shot you had to use the less than intuitive method of pressing the print screen key
and pasting the screen shot into a graphics program to add markup and
save it.
With Windows Vista, Microsoft has included a utility called
the Snipping Tool to make capturing screen shots easier.
Of course, there are many free screen capture tools for all versions of Windows if you have not upgraded to Windows Vista yet.

Note: The Sniping tool is not available in Windows Vista Home Basic
Edition. It comes with Vista Home Premium, Business, Enterprise, or
Ultimate Editions.

Time Required: 1 minute

1. Click on the Start Menu and start typing "snipping" into the search box.
2. Snipping Tool should show up in the Programs list above the search box, and you can click on it to start it.
3. The
   Snipping Tool window will appear on your screen. You may move it to an
   edge of the screen so it's not in your way, but it will also disappear
   when you start dragging a selection area.
4. The Snipping
   Tool assumes you want to create a new clipping as soon as you open it.
   Your screen will dim, and you can click and drag your cursor to select
   an area to copy. As you drag, the selected area will be darker, and
   surrounded by a red border if you've never changed the Snipping Tool
   options.
5. When you release the mouse button, the captured
   area will open in the Snipping Tool window. If you're not happy with
   the selection and need to try again, click the "New" button.
6. When
   you are happy with your clipping, press the second button to save the
   screen shot as an image file. See the tips below for file format
   suggestions.

Tips:

1. If your screen
   shot contains a limited number of colors and you want to retain crisp
   lines and keep the file size small, save as a GIF file. If your screen
   shot contains many colors and you want to retain crisp lines and full
   quality, save as a PNG file. If your screen shot contains many colors
   and you want to make the file size small, save as a JPEG file.
2. Before
   saving your screen shot, you can use the Pen and Highlighter tools in
   the Snipping Tool toolbar to add markup to your screen shot. The eraser
   tool will remove marks made with the Pen and Highlighter Tools.
3. You may email a screen shot without saving it by using the "Send To" button on the Snipping Tool toolbar.
4. Go
   to Tools > Options to change the way the Snipping Tool operates. For
   instance, you can change the color of the selection outline by
   selecting a new ink color, or turn the outline off entirely by
   unchecking the box for "Show selection ink after snips are captured."
5. Enable the option "Display icon in the Quick Launch toolbar" if you want to keep the Snipping Tool handy for quick access.

History of free software

Main article: History of free software
Richard Stallman (2007)

In the 1950s, 1960s, and 1970s, it was normal for computer users to have the freedoms that are provided by free software.
Software was commonly shared by individuals who used computers and by hardware manufacturers who were glad that people were making software that made their hardware useful. In the 1970s and early 1980s, the software industry began using technical measures (such as only distributing binary copies of computer programs) to prevent computer users from being able to study and modify software. In 1980 copyright law was extended to computer programs.

In 1983, Richard Stallman, longtime member of the hacker community at the MIT Artificial Intelligence Laboratory, announced the GNU project, saying that he had become frustrated with the effects of the change in culture of the computer industry and its users. Software development for the GNU operating system began in January 1984, and the Free Software Foundation (FSF) was founded in October 1985. He developed a free software definition and the concept of "copyleft", designed to ensure software freedom for all.

Free software is a widespread international concept, producing software used by individuals, large organizations, and governmental administrations. Free software has a very high market penetration in server-side Internet applications such as the Apache web server, MySQL database, and PHP scripting language. Completely free computing environments are available as large packages of basic system software, such as the many GNU/Linux distributions and FreeBSD. Free software developers have also created free versions of almost all commonly used desktop applications, including Web browsers, office productivity suites, and multimedia players. It is important to note, however, that in many categories, free software for individual workstations or home users has only a fraction of the market share of its proprietary competitors. Most free software is distributed online without charge, or off-line at the marginal cost of distribution, but this pricing model is not required, and people may sell copies of free software programs for any price.

The economic viability of free software has been recognised by large corporations such as IBM, Red Hat, and Sun Microsystems. Many companies whose core business is not in the IT sector choose free software for their Internet information and sales sites, due to the lower initial capital investment and ability to freely customize the application packages. Also, some non-software industries are beginning to use techniques similar to those used in free software development for their research and development process; scientists, for example, are looking towards more open development processes, and hardware such as microchips are beginning to be developed with specifications released under copyleft licenses (see the OpenCores project, for instance). Creative Commons and the free culture movement have also been largely influenced by the free software movement.

Free Software (DEF)

Main articles: The Free Software Definition, Debian Free Software Guidelines, and Open Source Definition

The first formal definition of free software was published by FSF in February 1986.
That definition, written by Richard Stallman, is still maintained today
and states that software is free software if people who receive a copy
of the software have the following four freedoms:

• Freedom 0: The freedom to run the program for any purpose.
• Freedom 1: The freedom to study and modify the program.
• Freedom 2: The freedom to copy the program so you can help your neighbor.
• Freedom 3: The freedom to improve the program, and release your
  improvements to the public, so that the whole community benefits.

Freedoms 1 and 3 require source code to be available because studying and modifying software without its source code is highly impractical.
Thus, free software means that computer users
have the freedom to cooperate with whom they choose, and to control the
software they use. To summarize this into a remark distinguishing libre (freedom) software from gratis (zero price) software, Richard Stallman said: "Free software is a matter of liberty, not price. To understand the concept, you should think of 'free' as in 'free speech', not as in 'free beer'".
In the late 90s, other groups published their own definitions which
describe an almost identical set of software. The most notable are Debian Free Software Guidelines published in 1997, and the Open Source Definition, published in 1998.

The BSD-based operating systems, such as FreeBSD, OpenBSD, and NetBSD,
do not have their own formal definitions of free software. Users of
these systems generally find the same set of software to be acceptable,
but sometimes see copyleft as restrictive. They generally advocate permissive free software licenses,
which allow others to make software based on their source code, and
then release the modified result as proprietary software. Their view is
that this permissive approach is more free. The Kerberos, X.org, and Apache
software licenses are substantially similar in intent and
implementation. All of these software packages originated in academic
institutions interested in wide technology transfer (University of California, MIT, and UIUC).

Open Source Initiative

The Open Source Initiative is an organization dedicated to promoting open-source software.

The organization was founded in February 1998, by Bruce Perens and Eric S. Raymond, prompted by Netscape Communications Corporation publishing the source code for its flagship Netscape Communicator product.
Raymond was president from its founding until February 2005. The current president is Michael Tiemann.
Although born from the same history of Unix, Internet free software, and the hacker culture as the "Free Software" movement as defined by Richard Stallman, the formation of the Open Source Initiative, and the choice of the term "open source" was explicitly chosen to:

"...dump the moralizing and confrontational attitude that had been associated with 'free software' in the past and sell the idea strictly on the same pragmatic, business-case grounds that had motivated Netscape..."

Richard Stallman of the Free Software Foundation criticized this motivation, saying that pragmatic focus of the initiative distracts users from the central moral issues and the freedoms offered by free software, blurring the distinction with semi-free or wholly proprietary software. However, he describes the free software and the Open Source Initiative as separate political camps within the same free software community and says:

"We disagree on the basic principles, but agree more or less on the practical recommendations. So we can and do work together on many specific projects."

History
The movement was launched in 1998 by Jon "maddog" Hall, Larry Augustin, Eric S. Raymond, Bruce Perens, and others
Raymond is probably the single person most identified with the OSI and
the "open source" movement; he was and remains its self-described
principal theorist, but does not claim to lead it in any exclusive
sense. The open source movement is steered by a loose collegium of
elders that includes Raymond, its other co-founders, and such notables
as Linus Torvalds, Larry Wall, and Guido van Rossum.

The founders were dissatisfied with what they saw as the confrontational attitude of the free software
movement, and favored advocating free software exclusively on the
grounds of technical superiority (a claim previously made by Raymond in
his essay The Cathedral and the Bazaar).
It was hoped that open source and the associated propaganda would
become a more persuasive argument to businesses. Raymond's comment was "If you want to change the world, you have to co-opt the people who write the big checks." (Cygnus Support had been pursuing exactly this approach for a number of years already, but not advertising it widely.)

The group adopted the Open Source Definition for open-source software, based on the Debian Free Software Guidelines, which in turn was based on The Free Software Definition. They also established the Open Source Initiative (OSI) as a steward organization for the movement. However, they were unsuccessful in their attempt to secure a trademark
for 'open source', to act as an imprimatur and to prevent misuse of the
term. Despite this, the OSI developed considerable influence in the
corporate sphere and has been able to hold abuse of the term to a
tolerable minimum. With the Free Software Foundation (FSF), it has become one of the hacker community's two principal advocacy organizations.
The early period of the open-source movement coincided with and
partly drove the dot-com boom of 1998─2000, and saw a large growth in
the popularity of Linux
and the formation of many open-source-friendly companies. The movement
also caught the attention of the mainstream software industry, leading
to open-source software offerings by established software companies
such as Corel (Corel Linux), Sun Microsystems (OpenOffice.org), and IBM (OpenAFS).
By the time the dot-com boom busted in 2001, many of the early hopes of
open-source advocates had already borne fruit, and the movement
continued from strength to strength in the cost-cutting climate of the
2001─2003 recession.

Best SW of 2007

Taken from linuxquestions.org - complete poll


Desktop Distribution of the Year - Ubuntu (30.83%)

Server Distribution of the Year - Debian (30.30%)

Live Distribution of the Year - KNOPPIX (22.88%)

Database of the Year - MySQL (54.36%)

Office Suite of the Year - OpenOffice.org (89.50%)

Browser of the Year - Firefox (74.03%)

Desktop Environment of the Year - KDE (52.08%)

Window Manager of the Year - Compiz (33.65%)

Messaging App of the Year - Pidgin (53.90%)

Mail Client of the Year - Thunderbird (53.72%)

Virtualization Product of the Year - VirtualBox (41.58%)

Audio Media Player Application of the Year - Amarok (57.37%)

Audio Authoring Application of the Year - Audacity (68.24%)

Video Media Player Application of the Year - mplayer (41.78%)

Video Authoring Application of the Year - mencoder (24.21%)

Multimedia Utility of the Year - K3b (63.34%)

Graphics Application of the Year - GIMP (69.15%)

Network Security Application of the Year - nmap (24.95%)

Host Security Application of the Year - SELinux (30.69%)

Monitoring Application of the Year - Nagios (38.58%)

Windows on Linux App of the Year - Wine (84.76%)

IDE/Web Development Editor of the Year - Eclipse (22.29%)

Shell of the Year - bash (87.33%)

Text Editor of the Year - vi/vim (36.37%)

File Manager of the Year - Konqueror (38.00%)

Open Source Game of the Year - Battle for Wesnoth (21.74%)

Programming Language of the Year - Python (21.78%)

Sitios más visitados

1. Yahoo! www.yahoo.com Site info for yahoo.com

2. Google www.google.com Site info for google.com

3. YouTube www.youtube.com Site info for youtube.com

4. Windows Live www.live.com Site info for live.com

5. Facebook www.facebook.com Site info for facebook.com

6. Microsoft Network (MSN) www.msn.com Site info for msn.com

7. Myspace www.myspace.com Site info for myspace.com

8. Wikipedia www.wikipedia.org Site info for wikipedia.org

9. Blogger.com www.blogger.com Site info for blogger.com

10. Yahoo!カテゴリ www.yahoo.co.jp Site info for yahoo.co.jp

Malware domains

malware domain list

Analyzing malicious websites? Checkout Malzilla

Want a file analyzed? Checkout UploadMalware

C y sus hippies creadores

C es un lenguaje de programación creado en 1972 por Ken Thompson y Dennis M. Ritchie en los Laboratorios Bell como evolución del anterior lenguaje B, a su vez basado en BCPL. Al igual que B, es un lenguaje orientado a la implementación de Sistemas Operativos, concretamente Unix.
C es apreciado por la eficiencia del código que produce y es el lenguaje de programación más popular para crear software de sistemas, aunque también se utiliza para crear aplicaciones.

Se trata de un lenguaje débilmente tipificado de medio nivel pero con muchas características de bajo nivel. Dispone de las estructuras típicas de los lenguajes de alto nivel pero, a su vez, dispone de construcciones del lenguaje que permiten un control a muy bajo nivel. Los compiladores suelen ofrecer extensiones al lenguaje que posibilitan mezclar código en ensamblador con código C o acceder directamente a memoria o dispositivos periféricos.

La primera estandarización del lenguaje C fue en ANSI, con el estándar X3.159-1989. El lenguaje que define este estándar fue conocido vulgarmente como ANSI C. Posteriormente, en 1990, fue ratificado como estándar ISO (ISO/IEC 9899:1990). La adopción de este estándar es muy amplia por lo que, si los programas creados lo siguen, el código es portátil entre plataformas y/o arquitecturas. En la práctica, los programadores suelen usar elementos no-portátiles dependientes del compilador o del sistema operativo.

Filosofia
C es un lenguaje de programación relativamente minimalista. Uno de los objetivos de diseño de este lenguaje fue que sólo fueran necesarias unas pocas instrucciones en lenguaje máquina para traducir cada elemento del lenguaje, sin que hiciera falta un soporte intenso en tiempo de ejecución. Es muy posible escribir C a bajo nivel de abstracción; de hecho, C se usó como intermediario entre diferentes lenguajes.

En parte a causa de ser de relativamente bajo nivel y de tener un modesto conjunto de características, se pueden desarrollar compiladores de C fácilmente. En consecuencia, el lenguaje C está disponible en un amplio abanico de plataformas (seguramente más que cualquier otro lenguaje). Además, a pesar de su naturaleza de bajo nivel, el lenguaje se desarrolló para incentivar la programación independiente de la máquina. Un programa escrito cumpliendo los estándares e intentando que sea portátil puede compilarse en muchos computadores.

C se desarrolló originalmente (conjuntamente con el sistema operativo Unix, con el que ha estado asociado mucho tiempo) por programadores para programadores. Sin embargo, ha alcanzado una popularidad enorme, y se ha usado en contextos muy alejados de la programación de sistemas, para la que se diseñó originalmente.

C tiene las siguientes características de importancia:

• Un núcleo del lenguaje simple, con funcionalidades añadidas importantes, como funciones matemáticas y de manejo de ficheros, proporcionadas por bibliotecas.
• Es un lenguaje muy flexible que permite programar con múltiples estilos. Uno de los más empleados es el estructurado no llevado al extremo (permitiendo ciertas licencias rupturistas).
• Un sistema de tipos que impide operaciones sin sentido.
• Usa un lenguaje de preprocesado, el preprocesador de C, para tareas como definir macros e incluir múltiples ficheros de código fuente.
• Acceso a memoria de bajo nivel mediante el uso de punteros.
• Interrupciones al procesador con uniones.
• Un conjunto reducido de palabras clave.
• Por defecto, el paso de parámetros a una función se realiza por valor. El paso por referencia se consigue pasando explícitamente a las funciones las direcciones de memoria de dichos parámetros.
• Punteros a funciones y variables estáticas, que permiten una forma rudimentaria de encapsulado y polimorfismo.
• Tipos de datos agregados (struct) que permiten que datos relacionados (como un empleado, que tiene un id, un nombre y un salario) se combinen y se manipulen como un todo (en una única variable "empleado").

Algunas características de las que C carece que se encuentran en otros lenguajes:

• Recolección de basura.
• Soporte para programación orientada a objetos, aunque la implementación original de C++ fue un preprocesador que traducía código fuente de C++ a C.
• Encapsulación.
• Funciones anidadas, aunque GCC tiene esta característica como extensión.
• Polimorfismo en tiempo de código en forma de sobrecarga, sobrecarga de operadores y sólo dispone de un soporte rudimentario para la programación genérica.
• Soporte nativo para programación multihilo y redes de computadores.

Zero Assumption Digital Image Recovery

Source

Our flagship product ZAR 8.3 now includes the (freely available) mode to recover digital images. Generally, program should work with any media type (e.g. CompactFlash, MemoryStick, SmartMedia and so on) accessible by means of operating system. You need the use your camera or the appropriate card reader you normally use to transfer images from camera to PC.

Standalone Digital Image Recovery tool has been discontinued 30 December 2005. Scroll down for reasons as to why.

Current version (ZAR 8.3) supports digital photo recovery for the following file formats:

• GIF
• JPEG 
• TIFF
• CRW - Canon RAW data
• MOV, AVI movie
• WAV - Waveform audio
• CR2 - Canon CR2 RAW format (see notes below).
• ORF - Olympus RAW format

For a list of compatible camera models please check Zero Assumption Digital Image Recovery system requirements.

The following information is available regarding Canon .CR2 raw format, thanks to Jeff of Jeff Berner Photography and Art:

ZA Digital Image Recovery recovers Canon .CR2 files as TIFF. To open recovered files, Jeff used Photoshop CS "Open With" feature, which allows to specify image format override.

General usage instructions

1. Download, install, then run ZAR 8.3 (click here for zar83setup.exe).
2. Attach the camera or insert the memory card into the reader device.
3. On the first screen, no adjustment is required, just hit "Next>>".
4. Program will then prompt you for an operation mode. Select "Recover images from camera memory card", then hit "Next>>".
5. Select your camera from the list of the attached devices. You can identify the camera by its media size or by the model name (if available).
6. The rest is mostly automatic. When the analysis is done, select files to recover, specify the directory to place recovered files to, hit "Start copying" and you're done.

For a flash demo of a digital photo recovery, click here

Why did you discontinue the standalone tool?
This serves as the platform for future image recovery function enhancement. We decided that it would be much easier to implement some heavyweight image recovery algorithms this way.

Original Digital Image Recovery was freeware, but ZAR 8.3 seems not?
The digital picture recovery functions are implemented in the trial version of ZAR 8.3 in full. Hence you just need to download the evaluation version of ZAR 8.3 and it does the job at no charge. So, picture recovery functions are actually freeware. There are no plans to charge for it.

Install Fedora to a flash drive using Windows

Source

The following tutorial will show you how to install Fedora 8 or 9 to a USB flash drive using Windows. Fedora is a Linux distribution that is sponsored by Red Hat and is both driven and maintained by the community. It is comprised of only free and open source software and will always remain free to use, modify and redistribute. Recently, Luke Macken and Kushal Das, both active in the Fedora community have put together an intuitive and super easy to use liveusb-creator which can be used to make a Fedora Live USB flash drive. In addition, USB Fedora utilizes a Persistent feature, enabling a user to save and restore changes on subsequent boots. In the following, we will show you how it works.

Prerequisites for Creating a Live USB Fedora:

• Windows host PC (Tested on Windows XP)
• 1GB+ USB flash drive
• liveusb-creator-2.4.zip

How to install Fedora to a flash drive from Windows:

1. Download the Fedora liveusb-creator-2.4.zip
2. Extract the liveusb-creator-2.4.zip to your PC
3. Navigate to the liveusb-creator-2.4 folder and click liveusb-creator.exe to launch the tool
4. Even though the USB Fedora creation process is straight forward, here is a quick rundown of all the steps involved:
   
   1. Select either to Use existing Live CD or Download Fedora
   2. Set the Target Device to point to your USB flash drive
   3. Move the Persistent Overlay slider to set the capacity to use for the persistent image
   4. Click Create Live USB to begin the creation process

A nice progress bar will indicate the progress of your USB Fedora creation. Once the process has finished, simply restart your PC and set your System BIOS or Boot Menu to boot from the USB flash drive.
If all goes well, you should now be booting into your own portable Live USB Fedora 8 or 9.

Basic test for USB boot compatibility

Source

The following tutorial will enable a user to check if a computer system can boot from a USB device and ultimately help determine if the computer can boot a Linux version from USB. In most cases if the test is successful, you should have no problem running Linux portably. In addition to testing your PC for USB Linux boot capability, the "Memtest86" system memory diagnostics program that is included, allows the user to scan their system memory for errors by simply booting memtest from a USB device or flash drive.

Basic USB Boot Test Essentials:

• USB flash device
• USBTest.zip (includes Memtest, Syslinux and a custom batch file)

Installing Memtest on USB to test for USB Boot compatibility:

The following explains how to install Memtest on a USB device and further run Memtest from USB. Enabling us to test whether a system can boot from USB.

1. Download the USBTest.zip and extract the contents of the zip to your flash drive. See Screenshot below:



2. Navigate to your flash drive and click makeboot.bat (to make the drive bootable)
3. Reboot your computer and set your system BIOS to boot from USB-ZIP or USB-HDD. Or, set the hard disk boot priority to boot from the USB stick if your BIOS lists the device as a hard drive
4. Save your BIOS settings.

Upon reboot, you should have a successful launch of Memtest from the USB flash drive:

Memtest86 Screenshot:

This test concludes that your system is capable of booting from a USB device using Syslinux and it should be possible to run Linux from USB.

Notes: After booting Memtest from USB, it is not necessary to complete the system memory test. However, if you have the time, it can't hurt to ensure that your computers memory is in good shape.

This test does not guarantee that your computers hardware is supported with a particular Linux distribution. It is possible to pass this test and still have problems booting Linux. For example: A Video Card driver may not be available by default with a particular Linux distribution which could leave you at the shell after boot.

Video Card stability test

Source

	Video Card Stability Test 1.0.0.3
	Released: Apr 20, 2008 OS: MS-DOS/Windows NT/2000/XP License: Freeware Price: - User Rating: 100.00%
Free Video Card Stress Testing! + Free Benchmark the speed of your 3D graphics video card! + Free 3D Screensaver! ---------------------------------------------------------------------------- You must have a video card which is DirectX 9.0 compatible. Recommended: "GeForce2"/"Radeon 8500" or better. DirectX 9.0 or later must be installed on your computer.

Apple system-disk utilities

More at Source

• Spring Cleaning 10.0
  09/09/2008 Keep your Mac happy, healthy and fast. (Update)
  Download 40MB
  

  ---

  
  OnyX 1.9.7
  09/08/2008 Multifunction utility for Mac OS X . (Freeware)
  Download 15.4MB
  

  ---

  
  Renamer4Mac 3.5
  09/08/2008 Batch rename files quickly and easily. (Shareware)
  Download 3.3MB
  

  ---

  
  Maintenance 1.2.4
  09/08/2008 A system maintenance and cleaning utility. (Freeware)
  Download 3.7MB
  

  ---

  
  SuperDocker 3.0.1
  09/08/2008 Customize some aspects of Leopard. (Freeware)
  Download 8,14MB
  

  ---

  
  iTool 1.1.27
  09/08/2008
  A free multifunction utility for a complete system maintenance,
  it’s easy to use, also for “the first time” users;
  iTool is built around a tabbed interface that lets you find quickly the
  wanted task. (Freeware)
  Download 4MB
  

  ---

  
  MediaInfo Mac 0.7.7.52
  09/02/2008 It knows everything about your media files. (Freeware)
  Download 4.4MB
  

  ---

  
  iBench 1.0.2
  09/02/2008 The Cocoa benchmark. (Freeware)
  Download 2.8MB
  

  ---

  PreferenceCleaner 1.0.2
  09/02/2008 A utility which aims to simplify the process of deleting preference files. (Freeware)
  Download 64K
  

  ---

  
  Freezer 0.1
  09/02/2008 Freeze processor intensive apps. (Freeware)
  Download 497K
  

  ---

  GrandPerspective 0.9.13.1 | Staff Pick
  08/26/2008 A small utility application that graphically shows the disk usage within a file system. (Freeware)
  Download 408K
  

  ---

  Slimtool 1.2
  08/26/2008 A free application that strips unneeded architectures out of Universal Binary applications. (Freeware)
  Download 1.3MB
  

  ---

  NameChanger 2.2
  08/25/2008 Helps you rename a list of files quickly and easily. See the changes as you type. (Freeware)
  ownload 1.9MB

  ---

  Leopard Cache Cleaner 4.0.14
  08/21/2008 Award winning system maintenance, optimization, and antivirus. (Shareware)
  Download 12MB
  

  ---

  SMARTReporter 2.3.8
  08/20/2008 An application that can warn you of ATA hard-drive failures before they actually happen. (Freeware)
  Download 1.2MB
  

  ---

  USBCat 2.0.2
  08/18/2008 Your Mac meows when a USB peripheral is connected/disconnected.
  It does nothing much really, but just enjoy! (Freeware)
  Download 2.0MB
  

  ---

  
  Burn A Disc 1.0
  08/18/2008 Allows the user to convert any folder to a CD with a single click. (Created by Max Davis) (Freeware)
  Download 1.5MB
  

  ---

  
  

FTDI utilities

Source

The utilities page contains useful programs that are intended for use by manufacturers. Use of some of these utilities by an end user may result in a device being rendered useless.

Some of the supplied utilities (e.g. MProg) allow manufacturers to program EEPROM contents "on-site" - i.e. a blank EEPROM is soldered onto the PCB and the utility allows the manufacturer to configure and test the product as part of the production and test process.

Microsoft USBView - USB Connection Viewer
USBView is a free utility from Microsoft  that displays the USB connection tree and shows the USB devices that are connected to it together with their configuration data.  This is very useful for debugging USB enumeration errors.  USBView runs under Windows 98, ME, 2000 and XP.

USBView is available for download as a .zip file by clicking here.

USBView for Linux - USB Connection Viewer

A version of USBView is available for Linux from http://www.kroah.com/linux-usb/.  As with the Windows version, this displays a connection tree of all the USB devices connected to the PC.

MProg 3.0a - EEPROM Programming Utility

MProg supersedes the FTD2XXST utility and is the current EEPROM programming utility from FTDI.  MProg has the ability to erase, program, read and read and parse the EEPROM contents for FT232R, FT245R, FT2232, FT232B, FT245B, FT8U232AM and FT8U245AM devices.  MProg has a clear user interface for selecting settings and a facility to save EEPROM templates to file which can be loaded later for programming more devices.  Multiple devices may programmed at the same time, thus saving time in manufacturing.  Help files are included and explain all of the features available.  Please note that MProg 3.0a will not work correctly under Windows 98/ME with the latest D2XX drivers (3.1.4).

 

Unlike the FTD2XXST utility, MProg does not contain any test features other than confirming the EEPROM contents have been written correctly.

 

MProg is available for download by clicking here.  MProg requires FTDI's D2XX drivers to run correctly. 

The MProg User Guide is available for download as a .PDF by clicking here.

FTClean - Driver Removal Utility

Uninstalling Windows drivers should always be done by selecting to remove the drivers through the "Add/Remove Programs" utility.  It is possible however, to selectively remove devices with a specific VID and PID combination by running the FTDI uninstaller manually with edited INI files containing the desired VID and PID.  The FTClean utility provides the user with an easy way of running the uninstaller without having to edit INI files.  FTClean generates the required INI files and then runs the uninstaller automatically.

To download FTClean as a .zip file with the uninstaller executable, click here.

FTDI Port Monitor - Vista Gadget

FTDI have provided a simple Windows Vista Sidebar gadget to monitor which FTDI COM ports are available.  The list of ports continuously updates to display a list of the COM port numbers assigned to currently available FTDI devices. 

The gadget can be installed simply by double-clicking the file.

 

VCPTest - Windows CE Test Utility for USB UART Devices

The VCPTest program is intended to show how to communicate with an FTDI device from a Windows CE based system using FTDI's VCP drivers for Windows CE.  It sends and receives data through a loopback connector.

To download the program with C++ source code, click click here.

ST232R - Manufacturing Test Utility and Serialiser for FT232R Devices

The ST232R program is intended for use in a manufacturing test environment.  It has a single button user interface and returns a simple pass or fail for USB - RS232 designs.  The executable version is hard-coded for use with the default VID (0x0403) and PID (0x6001) and must be re-compiled to be used with other VID and PID combinations.  The source code for this program is provided on our C++ Builder examples page.  The test program also requires a special cable to work correctly.

To download the executable, click here.

To download the test cable specification, click here.

FT2232ST - Manufacturing Test Utility and Serialiser for FT2232C Devices

The FT2232ST program is intended for use in a manufacturing test environment.  It has a single button user interface and returns a simple pass or fail for USB - dual RS232 designs.  The executable version is hard-coded for use with the default VID (0x0403) and PID (0x6010) and must be re-compiled to be used with other VID and PID combinations.  The source code for this program is provided on our C++ Builder examples page.  The test program also requires a special cable to work correctly.

To download the executable, click here.

To download the test cable specification, click here.

ST232-245 - Manufacturing Test Utility and Serialiser for FT232BM Devices

The ST232-245 program is intended for use in a manufacturing test environment.  It has a single button user interface and returns a simple pass or fail for USB - RS232 designs.  The executable version is hard-coded for use with the default VID (0x0403) and PID (0x6001) and must be re-compiled to be used with other VID and PID combinations.  The source code for this program is provided on our C++ Builder examples page.  The test program also requires a special cable to work correctly.

To download the executable, click here.

To download the test cable specification, click here.

FTD2XXST - EEPROM Programmer and Test Utility for FT232/FT245 Devices

FTD2XXST is an EEPROM serialiser and testing utility for FT232 and FT245 devices.  FTD2XXST is based on our D2XX drivers and will work on Windows 98, ME, 2000 and XP platforms.  The latest release supports the extra features of the FT232BM and FT245BM devices as well as the AM series devices.

Please note that this utility has been superseded by MProg which will also program FT2232C devices.

FTD2XXST is available for download by clicking here.

The FTD2XXST User Guide is available for download as a .PDF by clicking here.

 

E2PROG - EEPROM Programmer and Test Utility for FT8U100AX

E2PROG is our EEPROM serialiser and testing utility for the FT8U100AX only.  It runs on a Windows 98 platform and requires the VCP drivers to be installed prior to use. 

To download the E2PROG utility, click here.

EEPROM Programmer Utility for FreeBSD

Our thanks to Bernd Walter (ticso@cicely8.cicely.de) who has provided a version of our EEPROM serialiser utility for FreeBSD.  It should also run on OpenBSD and NetBSD but has only been tested by the author using FreeBSD.  It is distributed free of charge under a FreeBSD style license and can be downloaded from the author's website at  location http://www.bwct.de/ftdi-eeprom-1.0.tar.gz

liveusb-creator

The liveusb-creator is a cross-platform tool for easily installing live operating systems on to USB flash drives.

Features

Completely non-destructive install. There is no need to deal with formatting or partitioning your USB key.

• Supports downloading various Fedora releases, including Fedora 9!
  
• Automatically detects all of your removable devices
  
• Persistent storage creation. This lets you to allocate extra
  space on your USB stick, allowing you to save files and make
  modifications to your live operating system that will persist after you
  reboot. This essentially lets you carry your own personalized Fedora
  with you at all times. (Note: only works with Fedora 9)
  
• SHA1 checksum verification of known releases, to ensure that you've downloaded the correct bits
  
• Works in Windows and Linux.
  

Download

Windows

• Windows executable: liveusb-creator-2.7.zip (8.9M) (ChangeLog)
  

Linux

• Linux Source: liveusb-linux-2.7.tar.gz (94K)
  
• Linux RPM: liveusb-creator-2.7-1.fc9.noarch.rpm (183K)
  

You should also have the following packages

# yum -y install syslinux PyQt4 usermode

X Window System

Source

El sistema de ventanas X fue desarrollado a mediados de los años 1980 en el MIT para dotar de una interfaz gráfica a los sistemas Unix.
Este protocolo permite la interacción gráfica en red entre un usuario y
una o más computadoras haciendo transparente la red para éste.
Generalmente se refiere a la versión 11 de este protocolo, X11, el que está en uso actualmente.

X es el encargado de mostrar la información gráfica y es totalmente independiente del sistema operativo. El sistema de ventanas X distribuye el procesamiento de aplicaciones especificando enlaces cliente-servidor.
El servidor provee servicios para acceder a la pantalla, teclado y
ratón, mientras que los clientes son las aplicaciones que utilizan
estos recursos para interacción con el usuario. De este modo mientras
el servidor se ejecuta de manera local, las aplicaciones pueden
ejecutarse remotamente desde otras máquinas, proporcionando así el
concepto de transparencia de red.

Debido a este esquema cliente-servidor, se puede decir que X se comporta como una terminal gráfica virtual.

El hecho que exista un estándar definido para X permite que
se desarrollen servidores X para distintos sistemas operativos y
plataformas, lo que hace que el código sea muy portable. Por ejemplo.
permite tener clientes X ejecutándose en un potente servidor UNIX
mientras los resultados son visualizados en una PC de escritorio con
cualquier otro sistema operativo funcionando.

La comunicación entre el cliente X y el servidor se realiza por medio de un protocolo conocido como Xprotocol,
que constituye una serie bytes interpretados como comandos básicos para
generar ventanas, posicionarlas, o controlar eventos. Los clientes X
acceden al Xprotocol mediante el uso de una librería llamada Xlib,
que evita al programador de clientes X tener que lidiar con el código
binario del Xprotocol. Sin embargo, los aspectos de decoración de
ventana y manejos de ventanas no están definidos en esta librería. X NO ES UN gestor de ventanas,
necesita de uno para controlar el manejo de ventanas. Esto trae la
ventaja de que permite al usuario instalar el administrador de ventanas
que más le agrade, e incluso tener varios instalados eligiendo el más
apropiado a la hora de acceder a X. También trae la ventaja de que hace de X
estrictamente un sistema gráfico, de tal modo que un cliente X podría
estar enviando un gráfico a una pantalla, a una impresora o a cualquier
otro hardware sin darse cuenta, flexibilizando la salida gráfica. Por
otro lado, la desventaja que trae el hecho de no tener un único gestor
de ventanas es que los programadores de clientes X que desean hacer uso
de los recursos de los gestores de ventanas (botones, barras de
deslizamientos, etc) deben elegir un gestor de ventanas específico para
programar y contar que el usuario tenga por los menos las librerías de
dicho gestor de ventanas instalado. Las librerías de los gestores de
ventanas se conocen como "Toolkits", el estándar X provee sólo
de un conjunto de herramientas básicas llamadas Xintrisics que permiten
a los programadores de los gestores de ventanas armar sus Toolkits
sobre éstas.

X Window System at start

Source
Edit (nano,leafpad) your /etc/inittab file, default runlevel should have been setted to 3...change that to 5...voila, X on reboot.

If you grabbed a box with 256MB memory, this might not be an issue. The
reason is all RH/fedora.

IIRC, newer anaconda incarnations require 256m
minimum to run in graphic mode. Since you installed in text mode (not
by choice is understood), the installer assumes you want to/need to run
in text mode and sets the runlevel accordingly, namely 3.

So I either installed on a equally memory-challenged
systems, or blag uses a text mode installer period. It doesn't matter,
the installer works.

Apt-get on a rpm-based system is nice, or so says a Debian
devotee. The bookmarks collection and unique wallpapers make it
worthwhile to check out. I will not be using BLAG 7000 however, because
it is based on Fedora7. IIRC, F7 will stop receiving attention (read:
bugfixes) in December 2007

"Of course, BLAG's greatest feature is its emphasis on freedom."
Wait a minute, isn't RH/fedora committed to the same ideals? I believe
it is, just not as vocal, perhaps.

BLAG was useful to me, in the past, as a single-disk install method
into a working fedora-ish system with X, back when fedora was a 3-5
disk download. Now that fedora comes on a single live/install disk,
what innovations will this distro bring to prevent it from becoming
'fedora-too'.

Boosting performance on Linux

A three-pronged attack on performance
(Related enhancements that can provide better overall speed for your Linux PC)
By Federico Kereki

A computer running Linux can outperform the same computer running Windows XP or Vista. Even so, you may be able to make your Linux system even faster. Here are three optimizations, at different levels, that can make your Linux system perform better.

As with all optimizations, you won't be able to tell whether you are really getting better results without doing some simple benchmarking. Many processes run on a normal Linux PC, and they can affect performance measurements. To minimize their impact, we will work at init 1 level -- single-user mode, in which only minimal processes run. Start a console (ALT-F1 will get you there), log in as root, and execute the init 1 command. This will shut down most services and applications, and let you get consistent results.

Even being in runlevel 1, you should then use the ps xaf command to check whether there's something running that shouldn't be; in my case, I discovered that the ddclient program was running (actually sleeping) and might have changed my results, so I ran kill ddclient to get rid of it.

Optimizing hard drive speed

Our first optimization targets the hard drive. In order to learn what hard drives you have, you can use cat /etc/fstab and mount commands. In my case, the first command produces:

/dev/hda3  /                    reiserfs   acl,user_xattr,noatime     1 1
/dev/hda1  /boot                ext2       acl,user_xattr             1 2
/dev/hda2  swap                 swap       defaults                   0 0
proc       /proc                proc       defaults                   0 0
sysfs      /sys                 sysfs      noauto                     0 0
debugfs    /sys/kernel/debug    debugfs    noauto                     0 0
usbfs      /proc/bus/usb        usbfs      noauto                     0 0
devpts     /dev/pts             devpts     mode=0620,gid=5            0 0
/dev/fd0   /media/floppy        auto       noauto,user,sync           0 0
/dev/hdd1  /media/disk2         reiserfs   defaults,noatime           1 2

while the second one says:

/dev/hda3 on / type reiserfs (rw,noatime,acl,user_xattr)
proc on /proc type proc (rw)
sysfs on /sys type sysfs (rw)
debugfs on /sys/kernel/debug type debugfs (rw)
udev on /dev type tmpfs (rw)
devpts on /dev/pts type devpts (rw,mode=0620,gid=5)
/dev/hda1 on /boot type ext2 (rw,acl,user_xattr)
/dev/hdd1 on /media/disk2 type reiserfs (rw,noatime)
securityfs on /sys/kernel/security type securityfs (rw)

This shows my main disk is /dev/hda, with three partitions -- /dev/hda1, /dev/hda2, and /dev/hda3 -- and I also have a secondary disk /dev/hdd with a single /dev/hdd1 partition. Let's optimize the first drive.

The hdparm command ("hdparm" stands for "hard disk parameters") allows you to examine and modify drive configuration. Not all modifications are good: some will lower the performance, and some can even be wildly destructive, leading to data loss. The man hdparm command shows you all the options, and highlights the dangerous ones.

Let's start by viewing the current performance. The command hdparm -t /dev/hda does a test of the transfer speed, and produces a result like:

/dev/hda:
Timing buffered disk reads:   10 MB in  3.14 seconds =   3.18 MB/sec

That indicates a slow disk. I usually run this command a dozen times, discard the lowest and highest values, and average the rest. To do this, you can use a shell loop:

for ((i=0;i<12;i++))>

will repeat the test 12 times. You could also use script commands to do the discarding and averaging, but a simple calculator is enough.

Now, let's see the current disk parameters by using hdparm -v /dev/hda:

/dev/hda:
multcount    =  0 (off)
IO_support   =  0 (default 16-bit)
unmaskirq    =  0 (off)
using_dma    =  0 (off)
keepsettings =  0 (off)
readonly     =  0 (off)
readahead    =  0 (off)
geometry     = 16383/255/63, sectors = 156301488, start = 0

Normally, the first optimization to try is using DMA (Direct Memory Access, which means that the drive can directly store data in memory, for a speedier transfer), which can produce impressive results by itself. In my case, after setting the drive to use DMA by executing hdparm -d1 /dev/hda (the -d0 option would have turned DMA off; bad for performance!) I measured the speed again and got an increase to 16.25 MB/sec: more than five times the original speed!

We can try more options. We can change the IO_support value with the -c3 option, as in hdparm -c3 /dev/hda. On my system this produced just a tiny enhancement, reaching a speed of about 16.4 MB/sec, but it's worth keeping.

The multcount parameter shows how many sectors can be read in a single operation. The command hdparm -i /dev/hda produces somewhat confusing output which includes maxMultSect=16, which indicates we should run hdparm -m16 /dev/hda to allow the drive to read at its maximum rate.

Another parameter that has to do with reading more sectors is readahead. To get the best results, you have to experiment with different values; in my case, using hdparm -a1024 /dev/hda worked best. The combination of these two enhancements led to a speed around 33 MB/sec. To get there, I tried different combinations, starting with -a128 and going up through -a256, -a512, -a1024, and -a2048, but the speed peaked at -a1024; your results may vary. Of course, I ran my dozen tests after each parameter change.

I also tried different multcount values, from -m1 to -m16, and opted for the latter; trying -m32 gave me an error, warning me that the drive couldn't handle that value.

With all those changes, I managed to speed up the disk almost 11 times -- not too shabby! There are a couple more options you can try, but they could be risky. For instance, you could meddle with interrupts with hdparm -u1 /dev/hda or change the transfer options with the hdparm -X command. After testing them out, I did not get any further speed-ups, so I opted for leaving things as they were.

You can keep your values by running hdparm -k1 /dev/hda, but do not do this until you are really sure that they are correct and optimal. As an alternative, you can include your hdparm commands in /etc/init.d/boot.local, a file that includes commands that are run at startup time, at least on my openSUSE system; the startup command file may vary on other distributions.

When you reach this point, your drive is working at its best speed. Now let's work at a somewhat higher level, and optimize file access.

Optimizing filesystem access

Linux records the times when files were created, last modified, and last accessed. The latter usually implies a penalty on file access, since even if you only read a file, the system will update the directory entry for the file to record the latest timestamp. Since writes can be somewhat slow, doing away with this update should result in performance gains.

To achieve this speedup, you must change the way the filesystem is mounted. Still as root, you can cat /etc/fstab to get:

/dev/hda3    /                    reiserfs   acl,user_xattr      1 1
/dev/hda1    /boot                ext2       acl,user_xattr      1 2
/dev/hda2    swap                 swap       defaults            0 0
proc         /proc                proc       defaults            0 0
sysfs        /sys                 sysfs      noauto              0 0
debugfs      /sys/kernel/debug    debugfs    noauto              0 0
usbfs        /proc/bus/usb        usbfs      noauto              0 0
devpts       /dev/pts             devpts     mode=0620,gid=5     0 0
/dev/fd0     /media/floppy        auto       noauto,user,sync    0 0
/dev/hdd1    /media/disk2         reiserfs   defaults            1 2

Disk drive partitions / and /dev/hdd1 are the best candidates for the optimization, since /boot is used only at boot time, /swap is out of bounds (Linux uses it for its own needs), and the others are not hard disks.

The change is easy: using any text editor add ",noatime" to the options in the fourth column, and remount everything with the mount -a command.

How to test the performance gain? I first tried using the bonnie++ package, but the results weren't conclusive, since its tests are not specifically oriented to file access.

Instead, I opted for a more "do-it-yourself" test. I created a thousand files and copied their contents to /dev/null, timing the copy. I did the former by

for ((i=0;i<1000;i++))>$i ; done

and the timing by

time cp * >/dev/null

both with and without the noatime option. The results showed a small performance enhancement, which is logical, because now the file access time isn't updated after every access.

Now that the drive is working as fast as possible, and that we optimized access to files, it's time for the last optimization: getting commands to load faster.

The rest of the article here

Federico Kereki is an Uruguayan systems engineer with more than 20 years' experience developing systems, doing consulting work, and teaching at universities.

Pendrivelinux2008

Source

Warnings:

• Do not attempt to use the USB drive while running Pendrivelinux via Qemu or you will corrupt the filesystem.
• By default, Pendrivelinux will setup user networking, so that you
  can mount shares on the host computer by pointing to smb://10.0.2.2.
  You have to set the network card to use DHCP.

All In One Pendrivelinux 2008 running Natively:

ALL In One Pendrivelinux 2008 running via Qemu:

USB drives: speed & write cycles

Source

Not all USB drives are created equal
Performance and reliability vary, but getting product specs for flash drives can be tricky.
Most USB 2.0 flash drives look the same, but that doesn't mean they perform the same.

Differences in the type of memory and, to a lesser extent, the type of I/O controllers used by USB drives can make one device perform two or three times faster and last (theoretically, at least) 10 times longer than another, even if both sport the USB 2.0 logo.

Unfortunately for the average user, there are no accepted industry standards or certifications to judge what's inside a USB 2.0 flash drive on a store shelf. Without checking reviews or running benchmarks, the only rule of thumb is that the more expensive drives (and those which post performance numbers on the packaging) will tend to be the fastest and, perhaps, last the longest.

The casual user may not ever notice. "For the average user, moving a few files around, or even 20-50MB of data, a slower drive is probably sufficient," says Cameron Crandall, a technology manager at memory vendor Kingston Technology Corp. And while the memory in less expensive drives has a shorter life span than that in more expensive drives, even that is enough to last the lifetime of the drive for an average user.

However, these differences can matter if you're storing large amounts of data, using the drives to store critical information or are using a USB drive to supplement system memory using the ReadyBoost feature in Windows Vista.

Key performance factors

The USB 2.0 standard supports a maximum throughput of 60MB/sec., although "nobody's pushing that limit" with the flash memory used in current USB drives, says Pat Wilkison, vice president of marketing and business development at STEC Inc., a Santa Ana, Calif., manufacturer of memory and storage products.

The single biggest factor in USB drive performance is whether it contains one of two types of memory: SLC (single-level cell) or MLC (multilevel cell). SLC stores one bit, and MLC stores two bits of data in each memory cell. SLC is twice as fast as MLC, says Wilkison, with maximum read speeds of about 14 MB/sec. and write speeds of about 10-12MB/sec. Not surprisingly, almost all current USB flash drives are built using MLC memory, since SLC costs about twice as much as MLC.

Users would see the greatest performance difference between SLC and MLC if they were performing many operations involving small files, rather than relatively few read/write operations on larger files, says John Whaley, principal engineer at MokaFive Inc., whose virtualization software makes it possible for virtual machines to be stored on USB flash drives.

SLC memory also lasts about 10 times as long as MLC, says Crandall, which means one cell in an SLC-based USB drive should last for about 100,000 cycles of writing and erasing data before it fails. However, this difference won't be of much concern to many users.

Have Your Say

Is the speed of your USB drive important -- or a nonissue?

"If you save a file out to your USB drive and use 100 bytes, you're probably not going to write to those same 100 bytes again for a long time, unless for some reason you decide to delete that file or change it," says Crandall. As a result, "the usable lifetime of the device will extend long beyond" the customary five-year warranty, says Mike Sager, vice president of public relations at Kingston.

When USB drives do begin to fail, they do so one cell at a time, not across the board, says Crandall. This is why an SLC-based drive might be worthwhile for a user storing, say, a virtual machine on a flash drive to restore their system after a disaster, according to Wilkison. If the drive began to fail, dropped bits might not be noticed in a photo or music track but could crash the system if they disappeared from a key part of an operating system.

There are features in the I/O controller that can boost performance in USB drives as well. One is the use of multiple channels to simultaneously move data to and from memory, says Brad Anderson, director of product marketing at USB flash drive vendor Lexar Media Inc. Another, he says, is interleaving, which intermixes data flows to and from multiple flash memory chips within the drive to ensure the channel is used to its maximum potential.

As with many other design details, it's difficult for consumers to determine which I/O controller is used in a specific drive and which features it provides. While a consumer could try to find out which I/O controller is used in a specific drive and investigate how that controller works, most buyers will, according to Wilkison, have to "extrapolate from the speed" of the drive what type of controller is in it.

No standard

Right now, possibly the only way to know whether you've bought a drive that uses SLC memory is how much it costs -- the more expensive the drive, the more likely it is to have been built using SLC.

There is one way to judge the quality of a drive besides the price: the Windows ReadyBoost logo, which indicates that the flash drive can be used to supplement system RAM and thus speed the performance of Windows Vista-equipped PCs.

However, the minimum specifications for Windows ReadyBoost are just 2.5MB/sec. for random reads of 4KB of data, and 1.75MB/sec. for random writes of 512KB of data, which Crandall says are typical of lower-priced and lower-speed USB flash drives. Customers who want the maximum benefit from Windows ReadyBoost should opt for a USB drive marketed as a high-performance device and probably priced at the high end of the average for its capacity.

The future

In the first half of 2009, Wilkison predicts, controller manufacturers will begin shipping drives with dual- and even four-channel controllers, which will increase speeds even for slower MLC memory by increasing the number of lanes through which data can be written to and from the memory cells. USB drives combining four-channel controllers with MLC memory will reach speeds of about 60MB/sec. for reads and 30MB/sec. for writes, coming closer to -- but not quite -- saturating the USB 2.0 interface.

For the average consumer for whom price is more important than speed or reliability, any reasonably priced USB drive should do. But if speed or longer life is critical, look for drives advertised as high performance, do your research online and expect to spend more. But even then, you can't be absolutely sure you're getting more speed for your money.

Robert L. Scheier is a freelance technology writer based in Boylston, Mass. He can be reached at bob@scheierassociates.com.

From old /home to new /home

mkdir /newhome

Add an fstab line something like this for the new disk.

/dev/hdb1 /newhome ext3 defaults 1 2

Now make sure that /home and /newhome are as expected.i.e. make sure you have not removed files you do not have copies of.
Next swap the rename the old /home dir to /oldhome or some such thing.
i.e. edit fstab to mount the old home space as /oldhome and the new as /newhome.
i.e. do not mount /home as /home yet. Let it be an empty dir or mount point.

Just mount /oldhome and /newhome...
If you have fstab lines like this you may find that you can be confused about the physical device under things.

LABEL=/home /home ext3 defaults 1 2

The above is important because a partition label can cause confusion.
You can orient yourself with tricks like "df ."

$ cd /home
$ df .
Filesystem 1K-blocks Used Available Use% Mounted on

/dev/hda5 10713248 247936 9921096 3% /home

When you have /oldhome and /newhome clearly identified and labeled then fix things so that /newhome is /home. Check and verify...
perhaps with:

# diff -d /home /oldhome

When all is right in /home remove /oldhome you can recover the space.
If it is an isolated partition removing the files will not 'add space' to /.
If you have multiple users. You can consider keeping the /oldhome partition as say /homeA and move some users there. I happen to have collected a lot of stuff in my 'src' dir. In the past I have made a link to another partition for bloat stuff like that.

Same for system documentation...

# df -s /*
might give you a good choice of stuff to move. Recall that some things are best located in the / files system.

The goal of the above is to be cautious so the recovery CD lets you recover by simply undoing a single step.

mounting NTFS partitions

what kernel?
uname -r

e2label (to label a partition with the label mydocs
edit fstab to contain:
LABEL=ublinux /dev/sda6 ext3 defaults,errors=remount-ro 0 2
but better don't use label, use UUID

To mount a NTFS partition (hda7)
#mkdir /mnt/DATA
#mount -t ntfs rw /dev/hda7 /mnt/DATA

to mount a NTFS partition (DATA in hda7) in fstab:
/dev/hda7 /DATA ntfs rw,users,gid=users,umask=0002,nls=iso8859-1 0 0

or:
/dev/hda7 /mnt/DATA ntfs auto,uid=user,defaults 0 0

or only read rights for a special user:
/dev/hda7 /DATA /dev/hda7 ntfs ro,uid=imbeculus,defaults 0 0

or:
/dev/hdb1 /mnt/hdb1 ntfs ro,uid=500,defaults 0 0

unmount and remount!

FAT32 partition:
mkdir /FAT32
/dev/hda8 /FAT32 vfat rw,auto,users,umask=000 0 0

burning ISOs

Linux command line
#cdrecord -pad -dao -data XXXXXX.iso
...

#cdrecord dev=0,0,0 -pad -dao -data XXXXXX.iso

Applications for USB Drives

Source
Editors/Readers

• Editor: Papyrus, EditPad, Atlantis,
• Office: AbiWord, OpenOffice (instructions in a PDF here)
• Outliner/note taker: TexNotes Pro
• PDF reader: FoxIt PDF
  Reader
• Web Authoring: NVU
• Wikis: MediaWiki

Web

• Browsers: Portable Firefox, OperaUSB, Portable Safari
  
• Offline browser: HtTrack, Webaroo (for U3)
• Instant messaging Miranda, Trillian Anywhere, Easy Message, AltMe
• Email: JBMail, Portable Thunderbird, EmailVoyager, PocoMail PE, FoxMail, i.Scribe / InScribe, Email Segway, Email Commander, Reach-a-Mail, a 'complete portable email system',
  
• FTP clients: FileZilla
• Bookmark manager: Bookmark Base

Utilities/OS

• Alternative Windows shell: BBLean
• File manager: Total Commander
• Network diagnostics: PingPlotter
• Operating Systems: Linux, Windows CE, VPM (Linux), Damn Small Linux
• Servers: The Uniform Server, MiniServer
• Start menus/launchers: Absolute Startup manager, Startup Control Panel, PStart,
  
• System information tool: SIW

Security

• Anti malware: Ad-Aware
• Encryption: CryptoAnywhere,
  Cryptainer, Portable Vault, TrueCrypt, useful guide on encrypting a drive from dekart, CryptoStick,
• Password
  manager/logon: Roboform
  Portable, DigiSAFE
  PassVault, Password
  Agent, Keepass, CyberScrub KeyChain (also files in forms), Arovax TraySafe, Proteg (from Inflexpoint), Password Manager, Blue Micro USB Flash Drive Logon, PasswordVault
  

Productivity

• Animation: Anim8or, PePaKuRa
• Calculator: Calc98
• PIMs/organisers: EssentialPIM, Sunbird , AZZ Cardfile
• Sticky notes: ATNotes
• Task Organisers:
  ToDoList
• Lotus Notes on a Stick
  

Leisure

• Games: Beneath A Steel Sky, Flight of the Amazon Queen
• Music: Zoom
  Player, XMPlay, Coolplayer, MPUI (frontend for MPlayer), foobar2000,
• Video player: Media
  Player Classic

Resources

• Medical: Angel Mobile
  Medical Profile, personal medical history (Med-a-Drive)

Hardware/packages

• Tax software: TaxCut
• A USB drive for the blind: Serotek's FreedomBox is a USB drive containing a text-to-speech and speech-to-text software as well as mainstream applications like Word, Firefox and Skype. This enables blind people to use any Windows computer just by plugging in their drive. Prices at $129 (or £69). (via isolani)
• Portable VoIP Phone:
  "Skype 2.5 has been built into the Virtual CD-Rom, no need to download Skype software to your computer, you only need to plug the Flash Drive Phone into any internet connected PC or laptop, the Skype 2.5 will pop-up automatically... [also] compatible with all kinds of softphones, including VoipBuster, VoipCheap, Voipstunt, Firefly, X-pro, Net2phone, Eyebeam, etc."
• One touch USB hard drive backup: Pexagon Store-It
• Lighting control software: Martin Lightjockey 512 USB,

Other directories/resources/blogs:

• kikizas.net
• TinyApps
  
• NoInstall
• USBspace.com
• USB Flash Drive Freak
• USBApps
  
• Portable Freeware
• Stand Alone
• What’s On My
  Pen Drive?
  
• Haxial (actually software
  written by them for XP and Macs: All work on USB drives)
  
• Engadget posting + comments

USB flash memory FACTS

USB type keys are technically limited to 100k writes before failure!!
How many times or how long can you use this device before wearing out the key?
Fencepost *
on October 21 2004, @03:21PM (#10590941)
Journal

The limitation on the number of writes to a particular area of memory has been known since flash memory first started to appear. Most devices or drivers should account for the issue by either rotating writes to avoid overusing one particular region or by remapping failing sections into other areas.
Remapping failing areas will cause the available capacity of formatted flash devices to gradually shrink, while rotating writes will attempt to keep any areas from wearing out too fast (making it more likely that multiple areas will start to fail around the same time).
Someone who's done more looking into this should be able to give a good idea which technique(s) are most widely used.

Well, if you set up a RAM disk and only store personal settings on the USB key -- then I suspect that it would last for quite some time. If you don't care about saving settings, then you can boot off the key as a read-only media and never write back to it. So I don't think this would be a major concern.

Privacy: Java, ActiveX, ssh

Java, ActiveX & Your Privacy
Tf you are truly concerned

about your online privacy, you will limit your exposure to Java and
ActiveX programs by turning off Java and ActiveX or forcing your
browser to ask permission before executing any Java or ActiveX program

NOTE: Firefox does not accept ActiveX controls, so you don't need to worry about ActiveX, only Java, when running Firefox.

To disable Java in Mozilla Firefox

1. Open Firefox
2. From the Tools menu, choose Options...
3. Click on the Web Features icon in the left sidebar.
4. Uncheck the Java checkbox.
5. Click OK in the Options window.

Logging in with One-Time Passwords via SSH
/>skeyinit
/>skey


The Free Portable Privacy Machine

Feature Overview

• v1.3 is Faster than before and usable for regular usage. (Based on DSL and QEMU releases.
• Runs on any rewriteable media (USB drives, Flash Memory cards, Secure Digital devices, iPods, etc.)
• Includes Firefox + Privacybar + NOSCRIPT Extensions
• Built in MetroPipe Anonymous Surfing for Tunneler Gold Customers.
• Carry your entire Internet communication system on a tiny USB drive.
• Contains a complete virtual Linux machine with privacy-enabled Open Source Internet applications.
• Carry your Internet applications, email, bookmarks, history, web cookies, download files in your pocket.
• Perfect for travellers - nothing to be scanned, started, poked, or prodded at the airport.
• Get English keyboard support no matter what computer you use.
• No installation needed - just plug the drive into any Windows or Linux computer, and click on the Virtual Privacy Machine icon and you're ready to go.
• The VPM's network connection will auto configure and run seamlessly on any machine with a working internet connection..
• All Internet session data (cookies, history, downloads, etc.) are stored on the VPM, not the host computer.
• Runs on any rewriteable media (USB drives, Flash Memory cards, Secure Digital devices, iPods, etc.)
• This PR1-2 release runs on Windows and Linux - OS X support is also possible, details in the readme.txt.
• Runs in full screen mode (CTRL-ALT to Exit Grab and CTRL-ALT f to Toggle Fullscreen)
• Includes the Latest Firefox 1.5.0.2 Browser with MetroPipe Privacybar for Firefox and the NOSCRIPT Extension Pre-installed.
• Includes Mozilla Thunderbird News/Email client (with Enigmail plugins for PGP email encryption)
• Persistent Home directory, changes, bookmarks are saved to the PVPM and available on next reboot.
• Created from 100% Open Source GPL code and binaries.

IPSpy

"Ecosystemas" de código abierto

Comprender los ecosistemas de codigo abierto