Shashank's Blog

Six Sigma

2007-10-19T13:59:00.017+05:30

Six Sigma is a Rigorous and disciplined problem solving methodology that uses data and statistical analysis to measue and improve a company's operating performance by identifying and eliminating defects in manufacturing and service related processes.
In Statistical Parlence Six Sigma is commonly defined as 3.4 defects per million opportunities(DPMO) or 2 defects per billion opportunities.
Six sigma can be understood at three different levels.........
1. Metric-it is a scale or level of quality which defined not more than 3.4 defects per million opportunities(DPMO).rule of thumb is to consider atleast three opportunities for a physical part-one for the form,one for and one for function
2.Methodology-there are several structural problem solving roadmaps and tools like
DMAIC,DMAIV,DMADV,PIDOV etc.
DMIAC=define,measure,analyze,improve and control
DMAIV=define,measure,analyze,improve and verify
DMADV= define,measure,analyze,design and verify
PIDOV=plan,identify,design,optimize and validate
it is a business improvement methodology that focus on..............
a.understanding customer requirement
b.aligning key busines processes to achieve the requirements
c.rigorous data analysis to minimize variations
d.sustainable improvement to business processes
3.Management-Reduce variation and take customer focussed data driven decisions.like...
a.align business strategy
b.accelerate improved business results
c.govern to ensure that results are sustained
where sigma denotes standard deviation
6 sigma means six standard deviations between the process mean and the nearest specification limit.
From where does the name Six Sigma formulated?
Bill Smith a quality engineer at Motorola was entrusted the task of suggesting measures to improve the manufacturing process,bill smith coined the improvement mesurements as Six Sigma in 1986

what is 1.5 sigma shift?

six sigma really corresponds to a sigma value of 4.5.where does this 1.5 sigma difference come from?Motorola has determined through years of process and data collection,that processes vary and drift over time-what they call the long term dynamic mean variation.this variation typically falls between 1.4 and 1.6, average comes to be 1.5.
After the process have been improved using the six sigma DMAIC methodology,we calculate the process standard deviation and sigma value.they are considered to be short term value because the data only contains common cause variation and not the special cause variation
where as the long term data contains both types of variation.since short term data does not contain special cause variation,it will typically be of higher process capability than the long term data.this difference is 1.5 sigma shift
the reporting convention of six sigma requires the process capability to be reported in short term sigma.

Why six sigma is implemented?
1.Improve customer satisfaction
2.Increase profitability
3.Increase Productivity

why an organization uses six sigma?
1. improve customer satisfaction
2.Lower cost
3.Grow revenue
4.increase capacity
5.Increase capability
6.Reduce complexity
7.Lower cycle time
8.Minimize defects and error

six sigma action occurs at two level
1.Managerial level-it includes
a.people
b.technologies
c.project
d.schedule
e.details to be managed and co-ordinated
2.Technical level-
a.set proper management orientation

Statistical tools
1.Measure of centeral tendency
2.Regresion analysis
3.co-relation
4.sampling Distribution
5.Hypothesis
6.design of experiments and ANOVA
7.goodness of fit
8.Control charts

Miscellaneous
1.critical to quality-attribute most important to customer
2.defect-failing to deliver what customer wants
3.variation-what customer sees and feels
4.Process capability-what our process can deliver
5. stable operations-ensuring consistent,predictable processes to improve the
variation
6.design of six sigma- designing to met customer needs and process capability

2007-10-09T18:15:00.004+05:30

TOTAL QUALITY MANAGEMENT

ISO 8402:1994 All activities of the overall management function that determines the quality policy,objective and responsibilities,and implement them by means such as quality planning,quality assurance and quality improvement within the quality system.

TQM Elements

1.Ethics

2.Integrity

3.Trust

4.Training

5.Teamwork

6.Leadership

7.Recognition

8.Communication

TQM tools for Goal setting

1.Specific

2.Measurement

3.Attinable

4.Realistic

5.Time-Bound

Tools and Techneques for Process Improvement

1.Problem solving Methodology such as DRIVE

2.Process Mapping

3.Process Flowcharting

4.Field Force Analysis

5.cause and effect Diagram

6.CEDAC

7.Brainstorming

8.Pareto Analysis

9.Statistical Process Control

10.Control Charts

11.Check Sheets

12.Bar Charts

13.Scatter Diagram

14.Matrix Analysis

15.Dot Plot or Tally Chart

16.Histograms

Guide to Telnet

2007-09-14T08:30:00.000+05:30

Guide to Telnet

Telnet is probablay one of the most confusing things for a newbie. You see alot of guides on it, but then still newbies post questions. Hopefully, I've created a guide that will explain telnet and aleviate the need for questions to be asked (although i doubt it). okay enough talk, lets get to it!
Telnet is a terminal emulation program. You see once upon a time, terminals were hardwired next to a console. Then with the rise of the PC and the Internet, a standard was needed. so they made telnet. nowadays telnet is pretty much obsolete. with the world wide web, you just use a browser, and SSH is used to login to shell accounts. but telnet is still a good thing to know.
there are several ways to start your telnet client. if your on windows 9x click start then programs, and then MS-DOS Prompt. once in the DOS prompt type telnet at the prompt. there that GUI windows is your telnet screen. or you can just click start>run and then type telnet and press . either way it will be the same. on Win2K/XP you can start telnet 2 ways. the first is to start a shell (start>run and type cmd and press ) and then type telnet at the prompt. the prompt will change to somthing like: Microsoft telnet> or you can do the start>run and type telnet and press method. either way will work. on Linux start a shell and type telnet. okay now that the telnet client is open we're ready to connect. well, almost. if you're on windows we need to make some configuration changes first. for windows 9x click prefrences and check "Localecho on". on widows 2K/XP type the following at the prompt:
Microsoft telnet> set term vt100
Microsoft telnet> set localecho
there now we're ready to go. what we just did was turn on the localecho. there is a bug(?) in MS telnet that won't display the text you type unless localecho is on. and also the telnet client in Win 2K/XP ships with the deafult term type as ANSI. but vt100 is the preferrerd term type. Linux telnet clients ship all set up and ready to go. now lets connect. for the Win 9x useres click connect>remote system. then in the host box type www.google.com. in the port box type 80. for the rest of us, just type the following (NOTE: in this part of the guide to telnet we're using the HTTP port. this port is used for the Internet. its number is 80. the deamon that runs on it is called the HTTPD):
telnet> open www.google.com 80

now hit connect or press and wait to connect. when your connected you will see a message like:

Trying 64.233.161.104...Connected to www.google.com.Escape character is '^]'.

it may be a little different. now what this all mean? well, 64.233.161.104 is google's IP. the thing about the escape character means that if you push ctrl+] it will cump you back in the shell on you machine at the telnet prompt. you can then type close to close the connection. the reason for this is because sometimes the service you connected to wont do anything when you type a command, co you need to close the connection, but quit, close, exit, and kill don't bring about a reply. so thats when you hit the escape character (win 9x useres: you dont have an escape character. to close your connection connect>disconnect). now by this time the connection will have probably timed out, do we have co connect again. after connecting again let's try out some HTTP requests. the first HTTP request to learn is the GET request (NOTE: HTTP is case sensitive). to issue a GET request type the following:
GET / HTTP/1.0
now press twice. whoa look at all that stuff!! that is the codee to google's main page, just like we would get if we did a right click>view source. now why did google close our connection? well its because HTTP is a stateless protocal (like UDP). so since there is no actual connection between you and the site (accept at the moment of transfer) your browser needs to reconnect every time you request a new page. however, there is a way to stay connected. did you know why you had to press twice after you connected? well, its because after the request (that was the GET) you are supposed to issue HTTP commands. there tell the server many things, including your user agent, browser type, and conection type (and alot more!). but before we get into those, lets take a closer look at that HTTP request we just issued:
GET = The request type. there are many of these. (i've included a list later in the guide)/ = the page. now when you tpye in a site name (http://www.google.com/) the computer connects to that site. now even if you dont type the / after .com its still the same site. you see the / is the sites homepage.HTTP/1.0 = this is the protocol type. a GET request is a HTTP/1.0 request, so thats what you type.
heres a list of some common requests:
name usage what it does
---- ----- ------------
CONNECT CONNECT proxy-server HTTP/1.1 sets up a tunnel through proxys (useful to avoid web-filters)
Host: site.to.connect.to
DELETE DELETE /uri HTTP/1.1 deletes the file specified by /uri
GET GET /uri HTTP/1.0 gets the file specified by /uriHEAD HEAD /uri HTTP/1.0 returns the header of /uri. used in a technique called a banner grab; which is used to identify the OS being ran onthe server.
OPTIONS OPTIONS * HTTP/1.1 returns info about the target host. if "*" is specified it Host: localhost returns info abouit the server it self. other wise it return-=OR=- info associated with the specified /uriOPTIONS /uri HTTP/1.1Host: localhost
POST POST /uri HTTP/1.1 adds data to /uri. the request defines content length. it mayHost: localhost include binary data.Content-length: N
n
n

PUT PUT /uri HTTP/1.1 adds data in the path specified by /uri (data like a new pageHost: localhost etc)Content-Length: N
n
n

TRACE TRACE / HTTP/1.1 causes a server to respond with all the headers contained in Host: localhost the original request.
TRACK TRACK / HTTP/1.1 an alias for TRACE. its only used in IIS.Host: localhost
okay now you should be able to do a lot of stuff but just using telnet to connect to the site. okay lets get on to those HTTP commands that i mentioned. now as i stated earlier, these comamnds do lost of stuff. the most useful would probably be theConnection: keep-alive command. this makes the connection stay alive so you can pump through command after comamnd. lets try it:
telnet> open www.google.com 80
Trying 64.233.161.99...
Connected to www.google.com.
Escape character is '^]'.
oaky, now lets try out the HEAD request combined with the Connection: Keep-alive command:
HEAD / HTTP/1.0
Connection: Keep-alive
HTTP/1.0 200 OK
Cache-Control: private
Content-Type: text/html
Set-Cookie:
PREF=ID=752b22c0c0526756:TM=1109357543:LM=1109357543:S=ntZTEgMD7QQDP6cP; expires=Sun, 17-Jan-2038 19:14:07 GMT; path=/; domain=.google.com
Server: GWS/2.1
Content-Length: 0
Date: Fri, 25 may 2007 18:52:23 GMT
Connection: Keep-Alive
kewl, the connection didn't drop. so now we can issue more requests with out having to reconnect. however to keep the connection alive, we need to specifiy this after every request. another common HTTP command sets your user-agent. the user-agent is used to identify the OS and browser that the client (you) is running. heres a log of a telnet session to google in which I issue a full HTTP request and specify all the parameters:
telnet> open www.google.com 80
Trying 64.233.161.99...
Connected to www.google.com.
Escape character is '^]'.
HEAD / HTTP/1.0
Connectiion: Keep-Alive
Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, */*
Accept-Charset: iso-8859-1,*,utf-8
Accept-Language:en
Host: localhost
User-Agent: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040913
HTTP/1.0 200 OK
Cache-Control: private
Content-Type: text/html
Set-Cookie: PREF=ID=2e727971cb330368:TM=1109358158:LM=1109358158:S=IpSi5XsS1Eqo7hby; expires=Sun, 17-Jan-2038 19:14:07 GMT;
path=/; domain=.google.com
Server: GWS/2.1
Content-Length: 0
Date: Fri, 25 May 2007 19:02:38 GMT
Connection: Keep-Alive
okay there, that was a proper session, just like your browser would do. but we mostly dont bother with all that stuff, just a Connection: Keep-Alive will do just fine ;). anyways; here are some HTTP response headers:
name what it means---- -------------
Accept-Ranges The server indicates it will accept partial requests (requests within the accepted range) for the resource.
Age the servers guess in seconds of how old the cached object is
ETag Entity Tag. Used in cache control when the server doesnt track time-stamps. a strongvalidator when the browser is deciding if it should refresh a cached object
Location Redirects the client to a different source to a URI
Proxy-Authenticate carrys authentication creditals for proxy servers
Referer Specifies the URI from which the request was generated. it shouldnt be relied upon forsecurity testing.
Server identify the server product, OS, and other info. usually modded to block unsofisticated attacks and incompetent attackers.
Vary used to control the caching of objects
WWW-Authenticate Get user Authentication
so now you know what all that stuff in the servers reply means. now you may wonder what the "HTTP/1.0 200 OK" means. well this is called the status code. 200 indicates a successful transfer. heres what the ranges mean:
1xx: i'm not sure what this means; its rarley used
2xx: successful completion of the HTTP request
3xx: unsuccessful due to moving of ducuments (URIs)
4xx: client side error (an error on your end)
5xx: server side error
the 2 most common status codes returned are 200 OK (you get this every time a connection works and you successfuly retreive a page) and 404 which means file not found (you clicked on a bad link, etc). well now that you know a good deal about HTTP and port 80 in general, lets duscuss the most common use of these commands proxy tunneling. have you ever been at school and you try to show your friend a cool website and its blocked for sum bogus reason? wouldn't you like to get around that damn web-content filter? well trust me you can. the first thing to do is open up internet explorer. then click tools>>internet options>>LAN settings. (or sumthing similar) now you should see somthing like 'Address: webproxy Port: 80'. this is the arddress of your web proxy that the school makes you pipe all your requests through. but what if it wont let you access the tools tab in IE? what then? the first thing to do in that case is to open a shell (use you imagination on how to do this). later i will make a paper on how to get command line access when your not supposed to have it ;). now type netstat -n at the prompt. you should get some results. one of them will look something like this:
10.1.44.5:80 ESTABLISHED
the IP will probably not be the same at your school as it is at mine, but it does not matter. the important part is what comes after the colon. thats the port number. in this case it is the standard HTTP port (80). but what if you dont see one that has the port as 80? well look for 8080. thats a common proxy port. if you are absolutly stumped, you can simply telnet yo all the ports on all the computers that you are connected to under the netstat -n screen and issue a HEAD request. when you get a positive reply, you're in business! now that we have identified the webproxy lets tunnel out. issue the follow commands after connection:
CONNECT http://www.blockedsite.com HTTP/1.1
Host: localhost
now press enter.
you should see "HTTP/1.1 200 OK Connection established" from the proxy. and boom we're connected to www.blockedsite.com. now just use the different requests discussed earlier to get the HTML source code of the site and its various pages and compy and paste them into notepad. save it as a .html file, open up 'My Computer' and click on the newly created .html file to view the site as you normally would. when you want to click on a link (lets say its called 'hacking') reconnect to the proxy, tunnel out and request the source of the hacking link (for instance: GET /hacking HTTP/1.0). there, now that annoying web filter cant stop us!! of course we can connect to any port on a computer not just 80. so lets look at another one of my personal favorites, port 25 (SMTP).port 25 is the port used to send email. it runs the Simple Mail Transfer Protocal Deamon (SMTPD). with this port we can do lots of kewl stuff, including
1) verifying user accounts on the system
2) preforming a banner grab to determin the OS being run on the system
3) sending forged email
now the most exciting one for you right now would be sending forged email. haven't you ever wanted to send an email to someone but wanted to use a fake name? well its pretty easy to do! the first thing to do is to connect to a mail server over port 25 (NOTE: because most sysadmins don't like people abuing thier mail servers to send fake email, i'm not using any real mail servers in this section. you'll have to find some on your own. [well, i'll tell you in a minuet how to find a vulnerable mail server]. also don't even consider using hotmail.com or gmail.google.com or another big company for this purpose. if you do you will get into deep dark shit! period). the hard part is finding a mail server to connect to. however there are ways:the first thing to do is to type nslookup at the prompt. then type "set type=all". okay now consider your friend email addres. it is split up into 2 parts the user name and the host. say you wanna send a fake email to buddy@yahoo.com . so now we know that we wanna goto yahoo.com over port 25 (NOTE: that warning i gave earlier was just my attempt at getting you tto read the part on nslookup. you can relax now :) . but seriously, pls dont use the expan and verfy commands! they get logged as suspicious!) so now type "yahoo.com" (no quotes). see all those entries? well if you see one like: mx1.yahoo.com thats a mail server. generally if its mail.example.com or mx.example.com its a mail server.
NOTE: for those of us who use linux, our nslookup uses different commands to get the right resource record use the type
"set type=any" and then yahoo.com
okay so now we know the mail server. time to fire up telnet. this time though point it at port 25.
NOTE: theres an even eaiser way to telnet. just open up a shell and type "telnet www.site.com XX" where www.site.com is a hostname or IP and XX is a port number to connect to.
So to telnet to the mail server using our new method we would type the following at the prompt: telnet mx1.yahoo.com 25
yay now we're connected. so now the kewl thing about the SMTP deamon is that you can ask it for help (unlike the HTTPD). for this paper i set up a sendmail server on my home LAN (its not connected to the internet!!). sendmail is probably the buggiest deamon, and one of the most helpful. nowadays, sendmail isnt that common, but hey just look around and you might find a sendmail deamon around. okay so after connection, we see somthing like:
220-localhost.localdomain sendmail 8.6.12/8.9.6
ready at Fri, 25May 2007 19:34:53 GMT
220 ESMTP spoken here
what is all this? it is called the deamon banner. it tells us what version of sendmail the server is running and with a littel hunting on google we can use this info to identify the OS of the server. okay lets ask it for help:
HELP
214- Commands:
214- HELO HELO MAIL RCPT DATA
214- RSET NOOP QUIT HELP VRFY
214- EXPN VERB
214- for more info use "HELP "
214- to report bugs
214- for
214- end of help info
there now we no what commands are avalible. the second to last and the third to last lines i snipped their output, because i felt like it :). oaky again heres the commands along with what they do:
SMTP command What it does------------ ------------
HELO/HELO greets the server
RCPT specifies the recipent of the mail
MAIL specifies the sender of mail
DATA body of email
VERB turn on verbose mode
EXPN expand and email alias to full list of recipents
VRFY verify that the account exists
HELP display a help message
QUIT exit the server
NOOP do nothing

How To Set Up Proxies In Your Browser

2007-09-09T22:11:00.000+05:30

How To Set Up Proxies In Your Browser

This is a small Tutor - try it out!

===================================
How to set up proxies in your browser, (!!!!be anonymous and make the passes last longer...!!!!!!

===================================
In Internet Explorer
===================================
Click "Tools", then "Internet Options", the in the "connections" Tab, click the "LAN Setup" Button in the bottom. There is a "Proxy Servers", tick the "Use a proxy....." and then enter the proxy in the bigger textbox and the port (the part that comes after the ":") in the smaller textbox. Hit okay, and then go to(obtain proxy from the websites I have mentioned )
http://www.whatismyip.com

this is how the proxy works when it is configured

to see if the proxy is now your IP.

===================================
In OPERA
===================================
Click "Files", then "Preferences", then "Network", then click the button "Proxy Servers", tick "HTTP", fill in with the proxy:port, click okay and that's it! Don't forget to check with

http://www.whatismyip.com

===================================
In Firefox
===================================
Tools -> Options
Then click the General Icon
Then the "Connection Settings..." button
Then click the "manually configure proxies" radio button, and enter the proxy address and port in the HTTP Proxy area.
Don't forget to check with

http://www.whatismyip.com

check proxies with these sites……………………….

http://www.proxy4free.com

http://www.safeproxy.org

http://www.megaproxy.com

http://www.guardster.com

http://www.silenter.com

http://www.anonymizer.com

http://www.aliveproxy.com/high-anonymity-proxy-list/ (best proxies-high anonymous proxies)

Happy Anonymous surfing!

To be clear: if I give you 255.255.255.255:8080, that means 255.255.255.255 is the proxy and 8080 is the port

To Optain Fresh and new proxies,u can always check Google...

How to use RAT (Remote accessing tool)

2007-09-09T21:26:00.000+05:30

RAT{remote accessing tools}how to use

well this is a short description on how to access remote pcs and perform control of victims pc using RAT tools.

types of RAT:

1)has a server n a client
2)just has a client

working of all RAT is same.
--------------------------
well the working is like this:
the server file is a combination of certain commands and operations.
most of the server files perform these activities.
1)disables firewall
2)disables antivirus
3)opens a port to link to the host
4)allows connection to host via ftp,http n telnet.
5)allows whole system sharing
6)allows system activities.

------------------------
how to use a RAT
-----------------------
in case the server file is not with the client.
then open the client and choose create server option and choose your req.
after you have created the server file..... follow these steps.

1) first open client and click on connector.check that the ip is 127.0.0.1 after that click on connect in the client see if you are connected to you own pc.
*- 127.0.0.1 is the default machine adress of every pc used to refer your own pc.
2)if you connect to your own pc then the RAT works fine now follow the rest.
3)send the server file to victim.
4)after victim runs the server file then open your client and then start the connector.
5)now type ip in the ip adress column and the port used by the server file(let it remain whatever it is mentioned as it is the port used by server file). click on connect.
6)now it will connect to victims pc nad you can retrieve passwords from his pc, control system activities.

this is how the prorat looks like.............

________________________________________

how to hack an IP

2007-09-08T22:24:00.000+05:30

IP Address Hack, n all bt it !!

n here I have figure out some very easy but cool ways to trace out the geographical location and various other infos like ISP details etc of a remote computer using its IP.

Well I guess its one of the most important must learn manul for boys out there if you want to impress your friends particularly gals whom you’ll meet online in a chat room and tell them their geographical locations and ISP details and make them surprised and impressed .

In the practical execution of this manual you don’t have to work much as it is very simple only you have to use your brain to understand some symbols and some format of expressions and use your IQ to execute things the right way.

What is IP and how to get the IP of a remote system::

Getting the IP or Internet Protocol of a remote system is the most important and the first step of hacking into it. Probably it is the first thing a hacker do to get info for researching on a system. Well IP is a unique number assigned to each computer on a network. It is this unique address which represents the system on the network. Generally the IP of a particular system changes each time you log on to the network by dialing to your ISP and it is assigned to you by your ISP. IP of a system which is always on the network remains generally the same. Generally those kind of systems are most likely to suffer a hacking attack because of its stable IP. Using IP you can even execute system commands on the victim’s computer.

Lets take the example of the following IP address: 202.144.49.110 Now the first part, the numbers before the first decimal i.e. 209 is the Network number or the Network Prefix.. This means that it identifies the number of the network in which the host is. The second part i.e. 144 is the Host Number that is it identifies the number of the host within the Network. This means that in the same Network, the network number is same. In order to provide flexibility in the size of the Network, here are different classes of IP addresses:

Address Class Dotted Decimal Notation Ranges

Class A ( /8 Prefixes) 1.xxx.xxx.xxx through 126.xxx.xxx.xxx

Class B ( /16 Prefixes) 128.0.xxx.xxx through 191.255.xxx.xxx

Class C ( /24 Prefixes) 192.0.0.xxx through 223.255.255.xxx

The various classes will be clearer after reading the next few lines.

Each Class A Network Address contains a 8 bit Network Prefix followed by a 24-bit host number. They are considered to be primitive. They are referred to as "/8''s" or just "8's" as they have an 8-bit Network prefix.

In a Class B Network Address there is a 16 bit Network Prefix followed by a 16-bit Host number. It is referred to as "16's".

A class C Network address contains a 24-bit Network Prefix and a 8 bit Host number. It is referred to as

"24's" and is commonly used by most ISP's.

Due to the growing size of the Internet the Network Administrators faced many problems. The Internet routing tables were beginning to grow and now the administrators had to request another network number from the Internet before a new network could be installed at their site. This is where sub-netting came in.

Now if your ISP is a big one and if it provides you with dynamic IP addresses then you will most probably see that whenever you log on to the net, your IP address will have the same first 24 bits and only the last 8 bits will keep changing. This is due to the fact that when sub-netting comes in then the IP Addresses structure becomes:

xxx.xxx.zzz.yyy

where the first 2 parts are Network Prefix numbers and the zzz is the Subnet number and the yyy is the host number. So you are always connected to the same Subnet within the same Network. As a result the first 3 parts will remain the same and only the last part i.e. yyy is variable.

***********************

For Example, if say an ISP xyz is given the IP: 203.98.12.xx Network address then you can be awarded any IP, whose first three fields are 203.98.12. Get it?

So, basically this means that each ISP has a particular range in which to allocate all its subscribers. Or in other words, all subscribers or all people connected to the internet using the same ISP, will have to be in this range. This in effect would mean that all people using the same ISP are likely to have the same first three fields of their IP Addresses.

This means that if you have done a lot of (By this I really mean a lot) of research, then you could figure out which ISP a person is using by simply looking at his IP. The ISP name could then be used to figure out the city and the country of the person. Right? Let me take an example to stress as to how cumbersome but easy (once the research is done) the above method can be.

In my country, say there are three main ISP’s:

ISP Name Network Address Allotted

ISP I 203.94.47.xx

ISP II 202.92.12.xx

ISP III 203.91.35.xx

Now, if I get to know the IP of an e-pal of mine, and it reads: 203.91.35.12, then I can pretty easily figure out that he uses ISP III to connect to the internet. Right? You might say that any idiot would be able to do this. Well, yes and no. You see, the above method of finding out the ISP of a person was successful only because we already had the ISP and Network Address Allotted list with us. So, what my point is, that the above method can be successful only after a lot of research and experimentation. And, I do think such research can be helpful sometimes.

Also, this would not work, if you take it all on in larger scale. What if the IP that you have belongs to someone living in a remote igloo in the North Pole? You could not possibly get the Network Addresses of all the ISP’s in the world, could you? If yes please send it to me

Well now I guess you have pretty good knowledge about what an IP is and what you can do by knowing the IP of a remote system. Now lets come to the point of finding out the IP of remote system.

Well you can easily figure out the IP of a remote system using the netstat utility available in the microsoft’s version of DOS. The netstat command shows the connections in which your system is engaged to and the ports they are using. Suppose you are checking your mail in hotmail and you want to find out the IP of msn. All you need to do is to open a dos window (command.com) and type netstat. You will see all the open connections of your system. There you will see something :

Proto Local Address Foreign Address State

TCP shashank:1031 64.4.xx.xx:80 ESTABLISHED

Now you got the IP address of hotmail ass 64.4.xx.xx .

Similarly you can figure out the IP address of most http or ftp connections.

To know your own IP type the following command in a dos windows

C:\netstat –n

[this commands converts the IP name into IP addresses]

this is what you will probably see on typing the above command :

Local Address : It shows the local address ie the local IP. When the netstat command is executed without –n switch then the name of the local system is displayed and when the netstat is executed with –n switch then the IP of the local system is displayed. Here you can also find out the port used by the connection.

xxx.yyy.zzz.aaa:1024

in this format you will see the local address. Here 1024 is the port to which the remote system is connected in your system

Foreign Address :: It shows the IP address of the remote system to which your system is connected. In this case also if the netstat command is excuted with –n switch then you directly get the IP of the victim but if the netstat is executed without –n switch then you will get the address of the remote system. Something like

C:\netstat

Proto Local Address Foreign Address State

TCP shashank:1031 msgr.lw4.gs681.hotmail.com:80 ESTABLISHED

Here msgr.lw4.gs681.hotmail.com is the address of the foreign system . putting this address in any IP lookup program and doing a whois lookup will reveal the IP of the remote system.

Note: The port to which your system is connected can be found from this in the same way as I have shown in the case of local address. The difference is that, this is the port of the remote system to which your computer is connected to.

Below I have produced a list of ports and popular services generally found to be running.

21 :: FTP port

80 :: http port

23 :: Telnet port

Note: If your execute the netstat command and find ports like 12345,27374 are open and are in use then make it sure that your sweat heart computer is infected with her boyfriend.. J J J J I mean your computer is infected with some sort of Trojan.

Below I have produced a list of commonly known Trojans and the ports they use by default. So if you find these ports open then get a good virus buster and get these stupid servers of the Trojans kicked out. Well if you want to play with these Trojan by keeping them in your computer but not letting them ruin your system performance then just disble it from the system registry run and they wont be loaded to memory each time when windows starts up[This trick doesn’t work for all Trojans].

Netbus :: 12345(TCP)

Subseven :: 27374(TCP)

Girl Friend :: 21554(TCP)

Back Oriface :: 31337 (UDP)

Well guys and gals I hope you are now well familiar with the term IP and what is the utility of IP in cyber world and how to get the IP of a remote system to which you are connected. I hope you find my writings very easy to undertstand. I know I lack the capacity of explaining myself but I try my level best to make things very easy and clear for you’ll.

Broadband Hacking

2007-09-08T22:17:00.000+05:30

Broadband Hacking

This is for broadband ADSL in india and think is working on all BroadBand .Some ISPs will bind username to specific router so this trick mite not work on those ISPs.

Step 1: Download any port Scanner (i preffer Super Scan or IPscanner)

Step 2: First Get your ip from
http://www.whatismyip.com
Asume your IP to be 59.x.x.17

Step 3: copy your ip in IPscanner Software and scan for alive IPs in the below range
start:59.x.x.1 to End:59.x.x.255

Step 4: Then check in your scanner which alive IPs has the port 80 open or somthing

Step 5: Enter that IP in your web browser

Step 6: It asks for user , pass
type user=admin password=admin
It is the default password for most of the routers.

if denied then use on another alive IP

Step 7: If success then it will show router settings page of tht IP user
There goto Home -> Wan Setting and the username and password of his account will appear there.

Step 8: use ShowPassword or Revelation software to view the password in asterisks

now you have username/password

How to Open Ports

2007-09-08T21:48:00.000+05:30

Part 1
Go to -> My Network Places -> View Network Connections
*Now right click on the LAN Connection that provides your internet access and select Properties:

----------------------------------------------
Click Advanced -> Settings

-------------------------------------------------
Now click Advanced -> Highlight your internet Connection -> Click settings
A window should open similar to the one below but would more than likely have existing ports open on your system listed.

--------------------------------------------------
Click add and you will see this set settings windows appear

-----------------------------------------------------
*Description of Service: Usually the program name (abbr.) and/or the port number being opened
* Name or IP address: Just what is says. If you don’t know your PC’s name just put the IP address.
Note: If you don’t have a Static IP address on your PC then everything you’re doing can and will be ineffective if and when your IP address changes. Set a Static IP for your system
*External Port/Internal Port number for this service: Unless you know exactly what having two different ports here consist of, keep them the same.
*TCP: TCP enables two hosts to establish a connection and exchange streams of data.
*UDP: provides very few error recovery services, offering instead a direct way to send and receive datagram’s over an IP network.
NOTE: Between TCP & UDP make sure you set the port for the type you need. If one port needs both types then you’ll have to the go through these settings twice.
-------------------------------------------------------

Part 2

This section was will show you how to forward ports you’ve just opened to your router. Since I don’t own every router in existence, I’ll show you what it takes for the LinsysWireless Broadband Router to have ports forwarded to it. The concept is the same for all routers and once you familiarize yourself with the steps, you should be able to navigate through your router settings with ease.

First you need to access your router. Open Enter. A user name and password boxInternet Explorer and type 192.168.1.1 should appear like the one below. The factory password for this router is “admin” (without the quotes), leave the user name blank. Some routers may be "admin" as the user name with the password area blank. Check the documentation that came with your router or refer yourself to the company website to figure out what this is for your router.
NOTE: I highly recommend you changing that password from the factory setting ASAP if it still exists.

------------------------------------------
Once you type your password, the router settings should be displayed

-----------------------------------------
Select Application & Gaming ->

------------------------------------------
This screen is very easy to handle once you get familiar with it.
*Application: Input a small abbreviation so you know what program you’re forwarding the ports for
*Start to End
Many times, a program will need a range of ports forwarded (i.e. 21000-21005)
Under start, type the initial port and under end type the last port of the range.
*Protocol: I explained what TCP & UDP were earlier, here all you do is select the one that the port utilizes
*IP Address: I can’t stress enough “create yourself a Static IP”. Here you input your current IP. Like was saying before; you complete this process and reboot your PC, the IP might change. Therefore, this setting would not be accurate and your ports will no longer be forwarded.
*Enable: Self Explanatory

Here is one good thing about the forwarding part. Let’s say you have a range of 10 consecutive ports to forwards (1100 – 1110). For the router settings you just type the start and finish but you’ll have to do each individual one and if the selection is both for all, you just doubled your work. No biggie, right?!

Save your settings and restart your system.
_____________________________________________________________________

MESSAGE:

Obviously various people have different routers. So, if you post what your router's type and model number are as well as what
program(s) you are trying to access and I will do my best to PM you the info you need to get set up properly.

How to create a Fake Login page

2007-09-08T21:42:00.000+05:30

Creat a fake login page

{1} Open http://www.jotform.com and Sign Up.

{2} Then Login there with your newly registered account.

{3} Now click on ' Create your first form'.

{4} Now delete all the pre-defined entries, just leave 'First Name:'. (To delete entries, select the particular entry and then click on the cross sign.)

{5} Now Click on 'First Name:' (Exactly on First Name). Now the option to Edit the First Name is activated, type there "username:" (for gmail) or YahooId: (for Yahoo)

{6} Now Click on 'Power Tool' Option (In right hand side...)

{7} Double click on 'PasswordBox'. Now Click the newly form password entry to edit it. Rename it as 'Password:'

{8} Now Click on 'Properties' Option (In right hand side...). These are the form properties.

{9} You can give any title to your form. This title is used to distinguish your forms. This Title cannot be seen by the victim.

{10} Now in ThankYou URL you must put some link, like http://www.google.com or anything. Actually after entering username & password, user will get redirect to this url.(Don't leave it blank...)

{11} Now Click on 'Save'. After saving, click on 'Source' Option.

{12} Now you can see two Options, namely 'Option1' & 'Option2'. Copy the full code of 'Option2'.

{13} Now open Notepad text editor and write the following code their.

Ecard
Paste the Option2 code here

{14} And now save this as index.html. Now we have to put this index.html on internet. I mean now we are going to host this file. For this we will use FREE hosting provider service. You can try the following FREE hosting providers. Make a free hosting account and come back here...

http://www.webng.com
http://www.atspace.com
{15} I hope u have succesfully created a free hosting account. Now Login in your hosting account. And then Open 'File Manager'.

{16} Upload this index.html there... now u can see your index.html online by typing the url (url will be given to you by your free hosting provider..)
FINISHED

2007-07-09T18:46:00.000+05:30

Trojan Ports list

port 0 REx
port 1 (UDP) - Sockets des Troie
port 2 Death
port 5 yoyo
port 11 Skun
port 16 Skun
port 17 Skun
port 18 Skun
port 19 Skun
port 20 Amanda
port 21 ADM worm, Back Construction, Blade Runner,
BlueFire, Bmail, Cattivik FTP Server,
CC Invader,Dark FTP, Doly Trojan, FreddyK,
Invisible FTP, KWM,MscanWorm, NerTe,
NokNok, Pinochet, Ramen,Reverse Trojan,
RTB 666, The Flu,
WinCrash, Voyager Alpha Force
port 22 InCommand, Shaft, Skun
port 23 ADM worm, Aphex's Remote Packet Sniffer ,
AutoSpY,ButtMan, Fire HacKer, My Very Own trojan,
Pest, RTB 666,Tiny Telnet Server - TTS, Truva Atl
port 25 Antigen, Barok, BSE, Email Password Sender , Gip,
Laocoon, Magic Horse, MBT , Moscow Email trojan,
Nimda,Shtirlitz, Stukach, Tapiras, WinPC
port 27 Assasin
port 28 Amanda
port 30 Agent 40421
port 31 Agent 40421, Masters Paradise, Skun
port 37 ADM worm
port 39 SubSARI
port 41 Deep Throat , Foreplay
port 44 Arctic
port 51 Fuck Lamers Backdoor
port 52 MuSka52, Skun
port 53 ADM worm, li0n, MscanWorm, MuSka52
port 54 MuSka52
port 66 AL-Bareki
port 69 BackGate Kit, Nimda, Pasana, Storm, Storm worm, Theef
port 69 (UDP) - Pasana
port 70 ADM worm
port 79 ADM worm, Firehotcker
port 80 711 trojan (Seven Eleven), AckCmd, BlueFire, Cafeini,
Duddie, Executor, God Message, Intruzzo , Latinus,
Lithium,MscanWorm, NerTe, Nimda, Noob, Optix Lite,
Optix Pro ,Power, Ramen, Remote Shell ,
Reverse WWW Tunnel Backdoor ,RingZero, RTB 666,
Scalper, Screen Cutter , Seeker, Slapper,
Web Server CT , WebDownloader
port 80 (UDP) - Penrox
port 81 Asylum
port 101 Skun
port 102 Delf, Skun
port 103 Skun
port 105 NerTe
port 107 Skun
port 109 ADM worm
port 110 ADM worm
port 111 ADM worm, MscanWorm
port 113 ADM worm, Alicia, Cyn, DataSpy Network X,
Dosh, Gibbon, Taskman
port 120 Skun
port 121 Attack Bot, God Message, JammerKillah
port 123 Net Controller
port 137 Chode, Nimda
port 137 (UDP) - Bugbear, Msinit, Opaserv, Qaz
port 138 Chode, Nimda
port 139 Chode, Fire HacKer, Msinit, Nimda, Opaserv, Qaz
port 143 ADM worm
port 146 Infector
port 146 (UDP) - Infector
port 166 NokNok
port 170 A-trojan
port 171 A-trojan
port 200 CyberSpy
port 201 One Windows Trojan
port 202 One Windows Trojan, Skun
port 211 One Windows Trojan
port 212 One Windows Trojan
port 221 Snape
port 222 NeuroticKat, Snape
port 230 Skun
port 231 Skun
port 232 Skun
port 285 Delf
port 299 One Windows Trojan
port 334 Backage
port 335 Nautical
port 370 NeuroticKat
port 400 Argentino
port 401 One Windows Trojan
port 402 One Windows Trojan
port 411 Backage
port 420 Breach
port 443 Slapper
port 445 Nimda
port 455 Fatal Connections
port 511 T0rn Rootkit
port 513 ADM worm
port 514 ADM worm
port 515 MscanWorm, Ramen
port 520 (UDP) - A UDP backdoor
port 555 711 trojan (Seven Eleven), Phase Zero, Phase-0
port 564 Oracle
port 589 Assasin
port 600 SweetHeart
port 623 RTB 666
port 635 ADM worm
port 650 Assasin
port 661 NokNok
port 666 Attack FTP, Back Construction, BLA trojan,
NokNok, Reverse Trojan, Shadow Phyre, Unicorn, yoyo
port 667 NokNok, SniperNet
port 668 Unicorn
port 669 DP trojan , SniperNet
port 680 RTB 666
port 692 GayOL
port 700 REx
port 777 Undetected
port 798 Oracle
port 808 WinHole
port 831 NeuroticKat
port 901 Net-Devil, Pest
port 902 Net-Devil, Pest
port 903 Net-Devil
port 911 Dark Shadow, Dark Shadow
port 956 Crat Pro
port 991 Snape
port 992 Snape
port 999 Deep Throat , Foreplay
port 1000 Der Sp?her / Der Spaeher, Direct Connection,
GOTHIC Intruder , Theef
port 1001 Der Sp?her / Der Spaeher, GOTHIC Intruder ,
Lula, One Windows Trojan, Theef
port 1005 Pest, Theef
port 1008 AutoSpY, li0n
port 1010 Doly Trojan
port 1011 Doly Trojan
port 1012 Doly Trojan
port 1015 Doly Trojan
port 1016 Doly Trojan
port 1020 Vampire
port 1024 Latinus, Lithium, NetSpy, Ptakks
port 1025 AcidkoR, BDDT, DataSpy Network X, Fraggle Rock ,
KiLo, MuSka52, NetSpy, Optix Pro , Paltalk, Ptakks,
Real 2000, Remote Anything, Remote Explorer Y2K,
Remote Storm, RemoteNC
port 1025 (UDP) - KiLo, Optix Pro , Ptakks, Real 2000,
Remote Anything, Remote Explorer Y2K,
Remote Storm, Yajing
port 1026 BDDT, Dark IRC, DataSpy Network X,
Delta Remote Access , Dosh, Duddie, IRC Contact,
Remote Explorer 2000, RUX The TIc.K
port 1026 (UDP) - Remote Explorer 2000
port 1027 Clandestine, DataSpy Network X, KiLo, UandMe
port 1028 DataSpy Network X, Dosh, Gibbon, KiLo, KWM,
Litmus, Paltalk, SubSARI
port 1028 (UDP) - KiLo, SubSARI
port 1029 Clandestine, KWM, Litmus, SubSARI
port 1029 (UDP) - SubSARI
port 1030 Gibbon, KWM
port 1031 KWM, Little Witch, Xanadu, Xot
port 1031 (UDP) - Xot
port 1032 Akosch4, Dosh, KWM
port 1032 (UDP) - Akosch4
port 1033 Dosh, KWM, Little Witch, Net Advance
port 1034 KWM
port 1035 Dosh, KWM, RemoteNC, Truva Atl
port 1036 KWM
port 1037 Arctic , Dosh, KWM, MoSucker
port 1039 Dosh
port 1041 Dosh, RemoteNC
port 1042 BLA trojan
port 1042 (UDP) - BLA trojan
port 1043 Dosh
port 1044 Ptakks
port 1044 (UDP) - Ptakks
port 1047 RemoteNC
port 1049 Delf, The Hobbit Daemon
port 1052 Fire HacKer, Slapper, The Hobbit Daemon
port 1053 The Thief
port 1054 AckCmd, RemoteNC
port 1080 SubSeven 2.2, WinHole
port 1081 WinHole
port 1082 WinHole
port 1083 WinHole
port 1092 Hvl RAT
port 1095 Blood Fest Evolution, Hvl RAT,
port 1097 Blood Fest Evolution, Hvl RAT,
port 1098 Blood Fest Evolution, Hvl RAT,
port 1099 Blood Fest Evolution, Hvl RAT,
port 1104 (UDP) - RexxRave
port 1111 Daodan, Ultors Trojan
port 1111 (UDP) - Daodan
port 1115 Lurker, Protoss
port 1116 Lurker
port 1116 (UDP) - Lurker
port 1122 Last 2000, Singularity
port 1122 (UDP) - Last 2000, Singularity
port 1133 SweetHeart
port 1150 Orion
port 1151 Orion
port 1160 BlackRat
port 1166 CrazzyNet
port 1167 CrazzyNet
port 1170 Psyber Stream Server , Voice
port 1180 Unin68
port 1183 Cyn, SweetHeart
port 1183 (UDP) - Cyn, SweetHeart
port 1200 (UDP) - NoBackO
port 1201 (UDP) - NoBackO
port 1207 SoftWAR
port 1208 Infector
port 1212 Kaos
port 1215 Force
port 1218 Force
port 1219 Force
port 1221 Fuck Lamers Backdoor
port 1222 Fuck Lamers Backdoor
port 1234 KiLo, Ultors Trojan
port 1243 BackDoor-G, SubSeven , Tiles
port 1245 VooDoo Doll
port 1255 Scarab
port 1256 Project nEXT, RexxRave
port 1272 The Matrix
port 1313 NETrojan
port 1314 Daodan
port 1349 BO dll
port 1369 SubSeven 2.2
port 1386 Dagger
port 1415 Last 2000, Singularity
port 1433 Voyager Alpha Force
port 1441 Remote Storm
port 1492 FTP99CMP
port 1524 Trinoo
port 1560 Big Gluck, Duddie
port 1561 (UDP) - MuSka52
port 1600 Direct Connection
port 1601 Direct Connection
port 1602 Direct Connection
port 1703 Exploiter
port 1711 yoyo
port 1772 NetControle
port 1772 (UDP) - NetControle
port 1777 Scarab
port 1826 Glacier
port 1833 TCC
port 1834 TCC
port 1835 TCC
port 1836 TCC
port 1837 TCC
port 1905 Delta Remote Access
port 1911 Arctic
port 1966 Fake FTP
port 1967 For Your Eyes Only , WM FTP Server
port 1978 (UDP) - Slapper
port 1981 Bowl, Shockrave
port 1983 Q-taz
port 1984 Intruzzo , Q-taz
port 1985 Black Diver, Q-taz
port 1985 (UDP) - Black Diver
port 1986 Akosch4
port 1991 PitFall
port 1999 Back Door, SubSeven , TransScout
port 2000 A-trojan, Der Sp?her / Der Spaeher, Fear, Force,
GOTHIC Intruder , Last 2000, Real 2000,
Remote Explorer 2000, Remote Explorer Y2K,
Senna Spy Trojan Generator, Singularity
port 2000 (UDP) - GOTHIC Intruder , Real 2000,
Remote Explorer 2000, Remote Explorer Y2K
port 2001 Der Sp?her / Der Spaeher, Duddie, Glacier, Protoss,
Senna Spy Trojan Generator, Singularity, Trojan Cow
port 2001 (UDP) - Scalper
port 2002 Duddie, Senna Spy Trojan Generator, Sensive
port 2002 (UDP) - Slapper
port 2004 Duddie
port 2005 Duddie
port 2023 Ripper Pro
port 2060 Protoss
port 2080 WinHole
port 2101 SweetHeart
port 2115 Bugs
port 2130 (UDP) - Mini BackLash
port 2140 The Invasor
port 2140 (UDP) - Deep Throat , Foreplay , The Invasor
port 2149 Deep Throat
port 2150 R0xr4t
port 2156 Oracle
port 2222 SweetHeart, Way
port 2222 (UDP) - SweetHeart, Way
port 2281 Nautical
port 2283 Hvl RAT
port 2300 Storm
port 2311 Studio 54
port 2330 IRC Contact
port 2331 IRC Contact
port 2332 IRC Contact, Silent Spy
port 2333 IRC Contact
port 2334 IRC Contact, Power
port 2335 IRC Contact
port 2336 IRC Contact
port 2337 IRC Contact, The Hobbit Daemon
port 2338 IRC Contact
port 2339 IRC Contact, Voice Spy
port 2339 (UDP) - Voice Spy
port 2343 Asylum
port 2345 Doly Trojan
port 2407 yoyo
port 2418 Intruzzo
port 2555 li0n, T0rn Rootkit
port 2565 Striker trojan
port 2583 WinCrash
port 2589 Dagger
port 2600 Digital RootBeer
port 2702 Black Diver
port 2702 (UDP) - Black Diver
port 2772 SubSeven
port 2773 SubSeven , SubSeven 2.1 Gold
port 2774 SubSeven , SubSeven 2.1 Gold
port 2800 Theef
port 2929 Konik
port 2983 Breach
port 2989 (UDP) - Remote Administration Tool - RAT
port 3000 InetSpy, Remote Shut, Theef
port 3006 Clandestine
port 3024 WinCrash
port 3031 MicroSpy
port 3119 Delta Remote Access
port 3128 Reverse WWW Tunnel Backdoor , RingZero
port 3129 Masters Paradise
port 3131 SubSARI
port 3150 Deep Throat , The Invasor, The Invasor
port 3150 (UDP) - Deep Throat , Foreplay , Mini BackLash
port 3215 XHX
port 3215 (UDP) - XHX
port 3292 Xposure
port 3295 Xposure
port 3333 Daodan
port 3333 (UDP) - Daodan
port 3410 Optix Pro
port 3417 Xposure
port 3418 Xposure
port 3456 Fear, Force, Terror trojan
port 3459 Eclipse 2000, Sanctuary
port 3505 AutoSpY
port 3700 Portal of Doom
port 3721 Whirlpool
port 3723 Mantis
port 3777 PsychWard
port 3791 Total Solar Eclypse
port 3800 Total Solar Eclypse
port 3801 Total Solar Eclypse
port 3945 Delta Remote Access
port 3996 Remote Anything
port 3996 (UDP) - Remote Anything
port 3997 Remote Anything
port 3999 Remote Anything
port 4000 Remote Anything, SkyDance
port 4092 WinCrash
port 4128 RedShad
port 4128 (UDP) - RedShad
port 4156 (UDP) - Slapper
port 4201 War trojan
port 4210 Netkey
port 4211 Netkey
port 4225 Silent Spy
port 4242 Virtual Hacking Machine - VHM
port 4315 Power
port 4321 BoBo
port 4414 AL-Bareki
port 4442 Oracle
port 4444 CrackDown, Oracle, Prosiak, Swift Remote
port 4445 Oracle
port 4447 Oracle
port 4449 Oracle
port 4451 Oracle
port 4488 Event Horizon
port 4567 File Nail
port 4653 Cero
port 4666 Mneah
port 4700 Theef
port 4836 Power
port 5000 Back Door Setup, Bubbel, Ra1d, Sockets des Troie
port 5001 Back Door Setup, Sockets des Troie
port 5002 Shaft
port 5005 Aladino
port 5011 Peanut Brittle
port 5025 WM Remote KeyLogger
port 5031 Net Metropolitan
port 5032 Net Metropolitan
port 5050 R0xr4t
port 5135 Bmail
port 5150 Pizza
port 5151 Optix Lite
port 5152 Laphex
port 5155 Oracle
port 5221 NOSecure
port 5250 Pizza
port 5321 Firehotcker
port 5333 Backage
port 5350 Pizza
port 5377 Iani
port 5400 Back Construction, Blade Runner, Digital Spy
port 5401 Back Construction, Blade Runner, Digital Spy , Mneah
port 5402 Back Construction, Blade Runner, Digital Spy , Mneah
port 5418 DarkSky
port 5419 DarkSky
port 5419 (UDP) - DarkSky
port 5430 Net Advance
port 5450 Pizza
port 5503 Remote Shell
port 5534 The Flu
port 5550 Pizza
port 5555 Daodan, NoXcape
port 5555 (UDP) - Daodan
port 5556 BO Facil
port 5557 BO Facil
port 5569 Robo-Hack
port 5650 Pizza
port 5669 SpArTa
port 5679 Nautical
port 5695 Assasin
port 5696 Assasin
port 5697 Assasin
port 5742 WinCrash
port 5802 Y3K RAT
port 5873 SubSeven 2.2
port 5880 Y3K RAT
port 5882 Y3K RAT
port 5882 (UDP) - Y3K RAT
port 5888 Y3K RAT
port 5888 (UDP) - Y3K RAT
port 5889 Y3K RAT
port 5933 NOSecure
port 6000 Aladino, NetBus , The Thing
port 6006 Bad Blood
port 6267 DarkSky
port 6400 The Thing
port 6521 Oracle
port 6526 Glacier
port 6556 AutoSpY
port 6661 Weia-Meia
port 6666 AL-Bareki, KiLo, SpArTa
port 6666 (UDP) - KiLo
port 6667 Acropolis, BlackRat, Dark FTP, Dark IRC,
DataSpy Network X, Gunsan, InCommand, Kaitex, KiLo,
Laocoon, Net-Devil, Reverse Trojan, ScheduleAgent,
SlackBot, SubSeven , Subseven 2.1.4 DefCon 8,
Trinity, Y3K RAT, yoyo
port 6667 (UDP) - KiLo
port 6669 Host Control, Vampire, Voyager Alpha Force
port 6670 BackWeb Server, Deep Throat , Foreplay , WinNuke eXtreame
port 6697 Force
port 6711 BackDoor-G, Duddie, KiLo, Little Witch,
Netkey, Spadeace, SubSARI, SubSeven , SweetHeart,
UandMe, Way, VP Killer
port 6712 Funny trojan, KiLo, Spadeace, SubSeven
port 6713 KiLo, SubSeven
port 6714 KiLo
port 6715 KiLo
port 6718 KiLo
port 6723 Mstream
port 6766 KiLo
port 6766 (UDP) - KiLo
port 6767 KiLo, Pasana, UandMe
port 6767 (UDP) - KiLo, UandMe
port 6771 Deep Throat , Foreplay
port 6776 2000 Cracks, BackDoor-G, SubSeven , VP Killer
port 6838 (UDP) - Mstream
port 6891 Force
port 6912 Shit Heep
port 6969 2000 Cracks, BlitzNet, Dark IRC, GateCrasher,
Kid Terror, Laphex, Net Controller, SpArTa, Vagr Nocker
port 6970 GateCrasher
port 7000 Aladino, Gunsan, Remote Grab, SubSeven ,
SubSeven 2.1 Gold, Theef
port 7001 Freak88, Freak2k
port 7007 Silent Spy
port 7020 Basic Hell
port 7030 Basic Hell
port 7119 Massaker
port 7215 SubSeven , SubSeven 2.1 Gold
port 7274 AutoSpY
port 7290 NOSecure
port 7291 NOSecure
port 7300 NetSpy
port 7301 NetSpy
port 7306 NetSpy
port 7307 NetSpy, Remote Process Monitor
port 7308 NetSpy, X Spy
port 7312 Yajing
port 7410 Phoenix II
port 7424 Host Control
port 7424 (UDP) - Host Control
port 7597 Qaz
port 7626 Glacier
port 7648 XHX
port 7673 Neoturk
port 7676 Neoturk
port 7677 Neoturk
port 7718 Glacier
port 7722 KiLo
port 7777 God Message
port 7788 Last 2000, Last 2000, Singularity
port 7788 (UDP) - Singularity
port 7789 Back Door Setup
port 7800 Paltalk
port 7826 Oblivion
port 7850 Paltalk
port 7878 Paltalk
port 7879 Paltalk
port 7979 Vagr Nocker
port 7983 (UDP) - Mstream
port 8011 Way
port 8012 Ptakks
port 8012 (UDP) - Ptakks
port 8080 Reverse WWW Tunnel Backdoor , RingZero, Screen Cutter
port 8090 Aphex's Remote Packet Sniffer
port 8090 (UDP) - Aphex's Remote Packet Sniffer
port 8097 Kryptonic Ghost Command Pro
port 8100 Back streets
port 8110 DLP
port 8111 DLP
port 8127 9_119, Chonker
port 8127 (UDP) - 9_119, Chonker
port 8130 9_119, Chonker, DLP
port 8131 DLP
port 8301 DLP
port 8302 DLP
port 8311 SweetHeart
port 8322 DLP
port 8329 DLP
port 8488 (UDP) - KiLo
port 8489 KiLo
port 8489 (UDP) - KiLo
port 8685 Unin68
port 8732 Kryptonic Ghost Command Pro
port 8734 AutoSpY
port 8787 Back Orifice 2000
port 8811 Fear
port 8812 FraggleRock Lite
port 8821 Alicia
port 8848 Whirlpool
port 8864 Whirlpool
port 8888 Dark IRC
port 9000 Netministrator
port 9090 Aphex's Remote Packet Sniffer
port 9117 Massaker
port 9148 Nautical
port 9301 DLP
port 9325 (UDP) - Mstream
port 9329 DLP
port 9400 InCommand
port 9401 InCommand
port 9536 Lula
port 9561 Crat Pro
port 9563 Crat Pro
port 9870 Remote Computer Control Center
port 9872 Portal of Doom
port 9873 Portal of Doom
port 9874 Portal of Doom
port 9875 Portal of Doom
port 9876 Rux
port 9877 Small Big Brother
port 9878 Small Big Brother, TransScout
port 9879 Small Big Brother
port 9919 Kryptonic Ghost Command Pro
port 9999 BlitzNet, Oracle, Spadeace
port 10000 Oracle, TCP Door, XHX
port 10000 (UDP) - XHX
port 10001 DTr, Lula
port 10002 Lula
port 10003 Lula
port 10008 li0n
port 10012 Amanda
port 10013 Amanda
port 10067 Portal of Doom
port 10067 (UDP) - Portal of Doom
port 10084 Syphillis
port 10084 (UDP) - Syphillis
port 10085 Syphillis
port 10086 Syphillis
port 10100 Control Total, GiFt trojan, Scalper
port 10100 (UDP) - Slapper
port 10167 Portal of Doom
port 10167 (UDP) - Portal of Doom
port 10498 (UDP) - Mstream
port 10520 Acid Shivers
port 10528 Host Control
port 10607 Coma
port 10666 (UDP) - Ambush
port 10887 BDDT
port 10889 BDDT
port 11000 DataRape, Senna Spy Trojan Generator
port 11011 Amanda
port 11050 Host Control
port 11051 Host Control
port 11111 Breach
port 11223 Progenic trojan, Secret Agent
port 11225 Cyn
port 11225 (UDP) - Cyn
port 11660 Back streets
port 11718 Kryptonic Ghost Command Pro
port 11831 DarkFace, DataRape, Latinus, Pest, Vagr Nocker
port 11977 Cool Remote Control
port 11978 Cool Remote Control
port 11980 Cool Remote Control
port 12000 Reverse Trojan
port 12310 PreCursor
port 12321 Protoss
port 12321 (UDP) - Protoss
port 12345 Ashley, BlueIce 2000, Mypic , NetBus ,
Pie Bill Gates, Q-taz , Sensive, Snape,
Vagr Nocker, ValvNet , Whack Job
port 12345 (UDP) - BlueIce 2000
port 12346 NetBus
port 12348 BioNet
port 12349 BioNet, The Saint
port 12361 Whack-a-mole
port 12362 Whack-a-mole
port 12363 Whack-a-mole
port 12623 ButtMan
port 12623 (UDP) - ButtMan, DUN Control
port 12624 ButtMan, Power
port 12631 Whack Job
port 12684 Power
port 12754 Mstream
port 12904 Rocks
port 13000 Senna Spy Trojan Generator, Senna Spy Trojan Generator
port 13013 PsychWard
port 13014 PsychWard
port 13028 Back streets
port 13079 Kryptonic Ghost Command Pro
port 13370 SpArTa
port 13371 Optix Pro
port 13500 Theef
port 13753 Anal FTP
port 14194 CyberSpy
port 14285 Laocoon
port 14286 Laocoon
port 14287 Laocoon
port 14500 PC Invader
port 14501 PC Invader
port 14502 PC Invader
port 14503 PC Invader
port 15000 In Route to the Hell, R0xr4t
port 15092 Host Control
port 15104 Mstream
port 15206 KiLo
port 15207 KiLo
port 15210 (UDP) - UDP remote shell backdoor server
port 15382 SubZero
port 15432 Cyn
port 15485 KiLo
port 15486 KiLo
port 15486 (UDP) - KiLo
port 15500 In Route to the Hell
port 15512 Iani
port 15551 In Route to the Hell
port 15695 Kryptonic Ghost Command Pro
port 15845 (UDP) - KiLo
port 15852 Kryptonic Ghost Command Pro
port 16057 MoonPie
port 16484 MoSucker
port 16514 KiLo
port 16514 (UDP) - KiLo
port 16515 KiLo
port 16515 (UDP) - KiLo
port 16523 Back streets
port 16660 Stacheldraht
port 16712 KiLo
port 16761 Kryptonic Ghost Command Pro
port 16959 SubSeven , Subseven 2.1.4 DefCon 8
port 17166 Mosaic
port 17449 Kid Terror
port 17499 CrazzyNet
port 17500 CrazzyNet
port 17569 Infector
port 17593 AudioDoor
port 17777 Nephron
port 18753 (UDP) - Shaft
port 19191 BlueFire
port 19216 BackGate Kit
port 20000 Millenium, PSYcho Files, XHX
port 20001 Insect, Millenium, PSYcho Files
port 20002 AcidkoR, PSYcho Files
port 20005 MoSucker
port 20023 VP Killer
port 20034 NetBus 2.0 Pro, NetBus 2.0 Pro Hidden, Whack Job
port 20331 BLA trojan
port 20432 Shaft
port 20433 (UDP) - Shaft
port 21212 Sensive
port 21544 GirlFriend, Kid Terror
port 21554 Exploiter, FreddyK, Kid Terror, Schwindler, Sensive, Winsp00fer
port 21579 Breach
port 21957 Latinus
port 22115 Cyn
port 22222 Donald Dick, G.R.O.B., Prosiak, Ruler, RUX The TIc.K
port 22223 RUX The TIc.K
port 22456 Clandestine
port 22554 Schwindler
port 22783 Intruzzo
port 22784 Intruzzo
port 22785 Intruzzo
port 23000 Storm worm
port 23001 Storm worm
port 23005 NetTrash, Oxon
port 23006 NetTrash, Oxon
port 23023 Logged
port 23032 Amanda
port 23321 Konik
port 23432 Asylum
port 23456 Clandestine, Evil FTP, Vagr Nocker, Whack Job
port 23476 Donald Dick
port 23476 (UDP) - Donald Dick
port 23477 Donald Dick
port 23777 InetSpy
port 24000 Infector
port 24289 Latinus
port 25002 MOTD
port 25002 (UDP) - MOTD
port 25123 Goy'Z TroJan
port 25555 FreddyK
port 25685 MoonPie
port 25686 DarkFace, MoonPie
port 25799 FreddyK
port 25885 MOTD
port 25982 DarkFace, MoonPie
port 26274 (UDP) - Delta Source
port 26681 Voice Spy
port 27160 MoonPie
port 27184 Alvgus trojan 2000
port 27184 (UDP) - Alvgus trojan 2000
port 27373 Charge
port 27374 Bad Blood, Fake SubSeven, li0n, Ramen, Seeker,
SubSeven , SubSeven 2.1 Gold, Subseven 2.1.4 DefCon 8,
SubSeven 2.2, SubSeven Muie, The Saint
port 27379 Optix Lite
port 27444 (UDP) - Trinoo
port 27573 SubSeven
port 27665 Trinoo
port 28218 Oracle
port 28431 Hack′a′Tack
port 28678 Exploiter
port 29104 NETrojan, NetTrojan
port 29292 BackGate Kit
port 29559 AntiLamer BackDoor , DarkFace, DataRape,
Ducktoy, Latinus, Pest, Vagr Nocker
port 29589 KiLo
port 29589 (UDP) - KiLo
port 29891 The Unexplained
port 29999 AntiLamer BackDoor
port 30000 DataRape, Infector
port 30001 Err0r32
port 30005 Litmus
port 30100 NetSphere
port 30101 NetSphere
port 30102 NetSphere
port 30103 NetSphere
port 30103 (UDP) - NetSphere
port 30133 NetSphere
port 30303 Sockets des Troie
port 30331 MuSka52
port 30464 Slapper
port 30700 Mantis
port 30947 Intruse
port 31320 Little Witch
port 31320 (UDP) - Little Witch
port 31335 Trinoo
port 31336 Butt Funnel
port 31337 ADM worm, Back Fire, Back Orifice (Lm),
Back Orifice russian, BlitzNet, BO client,
BO Facil, BO2, Freak88, Freak2k, NoBackO
port 31337 (UDP) - Back Orifice, Deep BO
port 31338 Back Orifice, Butt Funnel, NetSpy (DK)
port 31338 (UDP) - Deep BO, NetSpy (DK)
port 31339 Little Witch, NetSpy (DK), NetSpy (DK)
port 31339 (UDP) - Little Witch
port 31340 Little Witch
port 31340 (UDP) - Little Witch
port 31382 Lithium
port 31415 Lithium
port 31416 Lithium
port 31416 (UDP) - Lithium
port 31557 Xanadu
port 31745 BuschTrommel
port 31785 Hack′a′Tack
port 31787 Hack′a′Tack
port 31788 Hack′a′Tack
port 31789 Hack′a′Tack
port 31789 (UDP) - Hack′a′Tack
port 31790 Hack′a′Tack
port 31791 Hack′a′Tack
port 31791 (UDP) - Hack′a′Tack
port 31792 Hack′a′Tack
port 31887 BDDT
port 32000 BDDT
port 32001 Donald Dick
port 32100 Peanut Brittle, Project nEXT
port 32418 Acid Battery
port 32791 Acropolis, Rocks
port 33270 Trinity
port 33333 Prosiak
port 33545 G.R.O.B.
port 33567 li0n, T0rn Rootkit
port 33568 li0n, T0rn Rootkit
port 33577 Son of PsychWard
port 33777 Son of PsychWard
port 33911 Spirit 2000, Spirit 2001
port 34312 Delf
port 34313 Delf
port 34324 Big Gluck
port 34343 Osiris
port 34444 Donald Dick
port 34555 (UDP) - Trinoo (for Windows)
port 35000 Infector
port 35555 (UDP) - Trinoo (for Windows)
port 35600 SubSARI
port 36794 Bugbear
port 37237 Mantis
port 37651 Charge
port 38741 CyberSpy
port 38742 CyberSpy
port 40071 Ducktoy
port 40308 SubSARI
port 40412 The Spy
port 40421 Agent 40421, Masters Paradise
port 40422 Masters Paradise
port 40423 Masters Paradise
port 40425 Masters Paradise
port 40426 Masters Paradise
port 41337 Storm
port 41666 Remote Boot Tool , Remote Boot Tool
port 43720 (UDP) - KiLo
port 44014 Iani
port 44014 (UDP) - Iani
port 44444 Prosiak
port 44575 Exploiter
port 44767 School Bus
port 44767 (UDP) - School Bus
port 45092 BackGate Kit
port 45454 Osiris
port 45632 Little Witch
port 45673 Acropolis, Rocks
port 46666 Taskman
port 46666 (UDP) - Taskman
port 47017 T0rn Rootkit
port 47262 (UDP) - Delta Source
port 47698 KiLo
port 47785 KiLo
port 47785 (UDP) - KiLo
port 47891 AntiLamer BackDoor
port 48004 Fraggle Rock
port 48006 Fraggle Rock
port 48512 Arctic
port 49000 Fraggle Rock
port 49683 Fenster
port 49683 (UDP) - Fenster
port 49698 (UDP) - KiLo
port 50000 SubSARI
port 50021 Optix Pro
port 50130 Enterprise
port 50505 Sockets des Troie
port 50551 R0xr4t
port 50552 R0xr4t
port 50766 Schwindler
port 50829 KiLo
port 50829 (UDP) - KiLo
port 51234 Cyn
port 51966 Cafeini
port 52365 Way
port 52901 (UDP) - Omega
port 53001 Remote Windows Shutdown - RWS
port 54283 SubSeven , SubSeven 2.1 Gold
port 54320 Back Orifice 2000
port 54321 Back Orifice 2000, School Bus , yoyo
port 55165 File Manager trojan, File Manager trojan
port 55555 Shadow Phyre
port 55665 Latinus, Pinochet
port 55666 Latinus, Pinochet
port 56565 Osiris
port 57163 BlackRat
port 57341 NetRaider
port 57785 G.R.O.B.
port 58134 Charge
port 58339 Butt Funnel
port 59211 Ducktoy
port 60000 Deep Throat , Foreplay , Sockets des Troie
port 60001 Trinity
port 60008 li0n, T0rn Rootkit
port 60068 The Thing
port 60411 Connection
port 60551 R0xr4t
port 60552 R0xr4t
port 60666 Basic Hell
port 61115 Protoss
port 61337 Nota
port 61348 Bunker-Hill
port 61440 Orion
port 61603 Bunker-Hill
port 61746 KiLo
port 61746 (UDP) - KiLo
port 61747 KiLo
port 61747 (UDP) - KiLo
port 61748 (UDP) - KiLo
port 61979 Cool Remote Control
port 62011 Ducktoy
port 63485 Bunker-Hill
port 64101 Taskman
port 65000 Devil, Sockets des Troie, Stacheldraht
port 65289 yoyo
port 65421 Alicia
port 65422 Alicia
port 65432 The Traitor (= th3tr41t0r)
port 65432 (UDP) - The Traitor (= th3tr41t0r)
port 65530 Windows Mite
port 65535 RC1 trojan

2007-07-09T18:38:00.000+05:30

UDP LIST
224 masqdialer
242 Direct
243 Survey Measurement
244 inbusiness
245 LINK
246 Display Systems Protocol
247 SUBNTBCST_TFTP
248 bhfhs
256 RAP
257 Secure Electronic Transaction
258 Yak Winsock Personal Chat
259 Efficient Short Remote Operations
260 Openport
261 IIOP Name Service over TLS/SSL
262 Arcisdms
263 HDAP
264 BGMP
265 X-Bone CTL
266 SCSI on ST
267 Tobit David Service Layer
268 Tobit David Replica
280 HTTP-mgmt
281 Personal Link
282 Cable Port A/X
283 rescap
284 corerjd
286 FXP-1
287 K-BLOCK
308 Novastor Backup
309 EntrustTime
310 bhmds
311 AppleShare IP WebAdmin
312 VSLMP
313 Magenta Logic
314 Opalis Robot
315 DPSI
316 decAuth
317 Zannet
318 PKIX TimeStamp
319 PTP Event
320 PTP General
321 PIP
322 RTSPS
333 Texar Security Port
344 Prospero Data Access Protocol
345 Perf Analysis Workbench
346 Zebra server
347 Fatmen Server
348 Cabletron Management Protocol
349 mftp
350 MATIP Type A
351 bhoetty
352 bhoedap4
353 NDSAUTH
354 bh611
355 DATEX-ASN
356 Cloanto Net 1
357 bhevent
358 Shrinkwrap
359 Tenebris Network Trace Service
360 scoi2odialog
361 Semantix
362 SRS Send
363 RSVP Tunnel
364 Aurora CMGR
365 DTK
366 ODMR
367 MortgageWare
368 QbikGDP
369 rpc2portmap
370 codaauth2
371 Clearcase
372 ListProcessor
373 Legent Corporation
374 Legent Corporation
375 Hassle
376 Amiga Envoy Network Inquiry Proto
377 NEC Corporation
378 NEC Corporation
379 TIA/EIA/IS-99 modem client
380 TIA/EIA/IS-99 modem server
381 hp performance data collector
382 hp performance data managed node
383 hp performance data alarm manager
384 A Remote Network Server System
385 IBM Application
386 ASA Message Router Object Def.
387 Appletalk Update-Based Routing Pro.
388 Unidata LDM
389 Lightweight Directory Access Protocol
390 UIS
391 SynOptics SNMP Relay Port
392 SynOptics Port Broker Port
393 Data Interpretation System
394 EMBL Nucleic Data Transfer
395 NETscout Control Protocol
396 Novell Netware over IP
397 Multi Protocol Trans. Net.
398 Kryptolan
399 ISO Transport Class 2 Non-Control over TCP
400 Workstation Solutions
401 Uninterruptible Power Supply
402 Genie Protocol
403 decap
404 nced
405 ncld
406 Interactive Mail Support Protocol
407 Timbuktu
408 Prospero Resource Manager Sys. Man.
409 Prospero Resource Manager Node Man.
410 DECLadebug Remote Debug Protocol
411 Remote MT Protocol
412 Trap Convention Port
413 SMSP
414 InfoSeek
415 BNet
416 Silverplatter
417 Onmux
418 Hyper-G
419 Ariel
420 SMPTE
421 Ariel
422 Ariel
423 IBM Operations Planning and Control Start
424 IBM Operations Planning and Control Track
425 ICAD
426 smartsdp
427 Server Location
428 OCS_CMU
429 OCS_AMU
430 UTMPSD
431 UTMPCD
432 IASD
433 NNSP
434 MobileIP-Agent
435 MobilIP-MN
436 DNA-CML
437 comscm
438 dsfgw
439 dasp
440 sgcp
441 decvms-sysmgt
442 cvc_hostd
443 HTTP protocol over TLS/SSL
444 Simple Network Paging Protocol
445 Microsoft-DS
446 DDM-RDB
447 DDM-RFM
448 DDM-SSL
449 AS Server Mapper
450 TServer
451 Cray Network Semaphore server
452 Cray SFS config server
453 CreativeServer
454 ContentServer
455 CreativePartnr
456 macon-udp
457 scohelp
458 apple quick time
459 ampr-rcmd
460 skronk
461 DataRampSrv
462 DataRampSrvSec
463 alpes
464 kpasswd
465 smtp protocol over TLS/SSL
466 digital-vrc
467 mylex-mapd
468 proturis
469 Radio Control Protocol
470 scx-proxy
471 Mondex
472 ljk-login
473 hybrid-pop
474 tn-tl-w2
475 tcpnethaspsrv
476 tn-tl-fd1
477 ss7ns
478 spsc
479 iafserver
480 iafdbase
481 Ph service
482 bgs-nsi
483 ulpnet
484 Integra Software Management Environment
485 Air Soft Power Burst
486 avian
487 saft Simple Asynchronous File Transfer
488 gss-HTTP
489 nest-protocol
490 micom-pfs
491 go-login
492 Transport Independent Convergence for FNA
493 Transport Independent Convergence for FNA
494 POV-Ray
495 intecourier
496 PIM-RP-DISC
497 dantz
498 siam
499 ISO ILL Protocol
500 isakmp
501 STMF
502 asa-appl-proto
503 Intrinsa
504 citadel
505 mailbox-lm
506 ohimsrv
507 crs
508 xvttp
509 snare
510 FirstClass Protocol
511 PassGo
512 used by mail system to notify users
513 maintains data bases showing who's
514 BSD syslogd
515 spooler
516 videotex
517 like tenex link but across
518 talkd
519 unixtime
520 Routing Information Protocol
521 ripng
522 ULP
523 IBM-DB2
524 NCP
525 timeserver
526 newdate
527 Stock IXChange
528 Customer IXChange
529 IRC-SERV
530 rpc
531 chat
532 readnews
533 for emergency broadcasts
534 MegaMedia Admin
535 iiop
536 opalis-rdv
537 Networked Media Streaming Protocol
538 gdomap
539 Apertus Technologies Load Determination
540 uucpd
541 uucp-rlogin
542 commerce
543 kerberos (v4/v5)
544 krcmd
545 appleqtcsrvr
546 DHCPv6 Client
547 DHCPv6 Server
548 AFP over TCP
549 IDFP
550 new-who
551 cybercash
552 deviceshare
553 pirp
554 Real Time Stream Control Protocol
555 phAse Zero backdoor (Windows) / dsf
556 rfs server
557 openvms-sysipc
558 SDNSKMP
559 TEEDTAP
560 rmonitord
561 monitor
562 chcmd
563 nntp protocol over TLS/SSL
564 plan 9 file service
565 whoami
566 streettalk
567 banyan-rpc
568 microsoft shuttle
569 microsoft rome
570 demon
571 udemon
572 sonar
573 banyan-vip
574 FTP Software Agent System
575 VEMMI
576 ipcd
577 vnas
578 ipdd
579 decbsrv
580 SNTP HEARTBEAT
581 Bundle Discovery Protocol
582 SCC Security
583 Philips Video-Conferencing
584 Key Server
585 IMAP4+SSL
586 Password Change
587 Submission
588 CAL
589 EyeLink
590 TNS CML
591 FileMaker Inc. - HTTP Alternate
592 Eudora Set
593 HTTP RPC Ep Map
594 TPIP
595 CAB Protocol
596 SMSD
597 PTC Name Service
598 SCO Web Server Manager 3
599 Aeolon Core Protocol
600 Sun IPC server
606 Cray Unified Resource Manager
607 nqs
608 Sender-Initiated/Unsolicited File Transfer
609 npmp-trap
610 npmp-local
611 npmp-gui
612 HMMP Indication
613 HMMP Operation
614 SSLshell
615 Internet Configuration Manager
616 SCO System Administration Server
617 SCO Desktop Administration Server
618 DEI-ICDA
619 Digital EVM
620 SCO WebServer Manager
621 ESCP
622 Collaborator
623 Aux Bus Shunt
624 Crypto Admin
625 DEC DLM
626 ASIA
627 PassGo Tivoli
628 QMQP
629 3Com AMP3
630 RDA
631 IPP (Internet Printing Protocol)
632 bmpp
633 Service Status update (Sterling Software)
634 ginad
635 RLZ DBase
636 ldap protocol over TLS/SSL
637 lanserver
638 mcns-sec
639 MSDP
640 entrust-sps
641 repcmd
642 ESRO-EMSDP V1.3
643 SANity
644 dwr
645 PSSC
646 LDP
647 DHCP Failover
648 Registry Registrar Protocol (RRP)
649 Aminet
650 OBEX
651 IEEE MMS
652 UDLR_DTCP
653 RepCmd
654 AODV
655 TINC
656 SPMP
657 RMC
658 TenFold
659 URL Rendezvous
660 MacOS Server Admin
661 HAP
662 PFTP
663 PureNoise
664 Secure Aux Bus
665 Sun DR
666 doom Id Software
667 campaign contribution disclosures - SDR Technologies
668 MeComm
669 MeRegister
670 VACDSM-SWS
671 VACDSM-APP
672 VPPS-QUA
673 CIMPLEX
674 ACAP
675 DCTP
676 VPPS Via
677 Virtual Presence Protocol
678 GNU Generation Foundation NCP
679 MRM
680 entrust-aaas
681 entrust-aams
682 XFR
683 CORBA IIOP
684 CORBA IIOP SSL
685 MDC Port Mapper
686 Hardware Control Protocol Wismar
687 asipregistry
688 REALM-RUSD
689 NMAP
690 VATP
691 MS Exchange Routing
692 Hyperwave-ISP
693 connendp
694 ha-cluster
695 IEEE-MMS-SSL
696 RUSHD
697 UUIDGEN
698 OLSR
704 errlog copy/server daemon
705 AgentX
706 SILC
707 Borland DSJ
709 Entrust Key Management Service Handler
710 Entrust Administration Service Handler
711 Cisco TDP
729 IBM NetView DM/6000 Server/Client
730 IBM NetView DM/6000 send/tcp
731 IBM NetView DM/6000 receive/tcp
740 (old) NETscout Control Protocol (old)
741 netGW
742 Network based Rev. Cont. Sys.
744 Flexible License Manager
747 Fujitsu Device Control
748 Russell Info Sci Calendar Manager
749 kerberos administration
750 kerberos version iv
751 pump
752 Kerberos password server
753 Kerberos userreg server
754 send
758 nlogin
759 con
760 ns
761 rxe
762 quotad
763 cycleserv
764 omserv
765 webster
767 phone
769 vid
770 cadlock
771 rtip
772 cycleserv2
773 notify
774 acmaint_dbd
775 acmaint_transd
776 wpages
777 Multiling HTTP
780 wpgs
781 HP performance data collector
782 node HP performance data managed node
783 HP performance data alarm manager
786 Concert
787 QSC
800 mdbs_daemon
801 device
810 FCP Datagram
828 itm-mcell-s
829 PKIX-3 CA/RA
873 rsync
886 ICL coNETion locate server
887 ICL coNETion server info
888 AccessBuilder
900 OMG Initial Refs
901 SMPNAMERES
902 IDEAFARM-CHAT
903 IDEAFARM-CATCH
911 xact-backup
989 ftp protocol data over TLS/SSL
990 ftp protocol control over TLS/SSL
991 Netnews Administration System
992 telnet protocol over TLS/SSL
993 imap4 protocol over TLS/SSL
994 irc protocol over TLS/SSL
995 pop3 protocol over TLS/SSL
996 vsinet
997 maitrd
998 puparp
999 Applix ac
1000 ock
1008 Solaris
1010 surf
1012 This is rstatd on a openBSD box
1023 Reserved
1024 Reserved
1025 network blackjack
1030 BBN IAD
1031 BBN IAD
1032 BBN IAD
1047 Sun's NEO Object Request Broker
1048 Sun's NEO Object Request Broker
1049 Tobit David Postman VPMN
1050 CORBA Management Agent
1051 Optima VNET
1052 Dynamic DNS Tools
1053 Remote Assistant (RA)
1054 BRVREAD
1055 ANSYS - License Manager
1056 VFO
1057 STARTRON
1058 nim
1059 nimreg
1060 POLESTAR
1061 KIOSK
1062 Veracity
1063 KyoceraNetDev
1064 JSTEL
1065 SYSCOMLAN
1066 FPO-FNS
1067 Installation Bootstrap Proto. Serv.
1068 Installation Bootstrap Proto. Cli.
1069 COGNEX-INSIGHT
1070 GMRUpdateSERV
1071 BSQUARE-VOIP
1072 CARDAX
1073 BridgeControl
1074 FASTechnologies License Manager
1075 RDRMSHC
1076 DAB STI-C
1077 IMGames
1078 eManageCstp
1079 ASPROVATalk
1080 Socks
1081 PVUNIWIEN
1082 AMT-ESD-PROT
1083 Anasoft License Manager
1084 Anasoft License Manager
1085 Web Objects
1086 CPL Scrambler Logging
1087 CPL Scrambler Internal
1088 CPL Scrambler Alarm Log
1089 FF Annunciation
1090 FF Fieldbus Message Specification
1091 FF System Management
1092 OBRPD
1093 PROOFD
1094 ROOTD
1095 NICELink
1096 Common Name Resolution Protocol
1097 Sun Cluster Manager
1098 RMI Activation
1099 RMI Registry
1100 MCTP
1101 PT2-DISCOVER
1102 ADOBE SERVER 1
1103 ADOBE SERVER 2
1104 XRL
1105 FTRANHC
1106 ISOIPSIGPORT-1
1107 ISOIPSIGPORT-2
1108 ratio-adp
1110 Client status info
1111 LM Social Server
1112 Intelligent Communication Protocol
1114 Mini SQL
1115 ARDUS Transfer
1116 ARDUS Control
1117 ARDUS Multicast Transfer
1123 Murray
1155 Network File Access
1161 Health Polling
1162 Health Trap
1167 conference calling
1169 TRIPWIRE
1180 Millicent Client Proxy
1188 HP Web Admin
1200 SCOL
1201 Nucleus Sand
1202 caiccipc
1203 License Validation
1204 Log Request Listener
1205 Accord-MGC
1206 Anthony Data
1207 MetaSage
1208 SEAGULL AIS
1209 IPCD3
1210 EOSS
1211 Groove DPP
1212 lupa
1213 MPC LIFENET
1214 KAZAA
1215 scanSTAT 1.0
1216 ETEBAC 5
1217 HPSS-NDAPI
1218 AeroFlight-ADs
1219 AeroFlight-Ret
1220 QT SERVER ADMIN
1221 SweetWARE Apps
1222 SNI R&D network
1223 TGP
1224 VPNz
1225 SLINKYSEARCH
1226 STGXFWS
1227 DNS2Go
1228 FLORENCE
1229 Novell ZFS
1234 Infoseek Search Agent
1239 NMSD
1248 hermes
1300 H323 Host Call Secure
1310 Husky
1311 RxMon
1312 STI Envision
1313 BMC_PATROLDB
1314 Photoscript Distributed Printing System
1319 Panja-ICSP
1320 Panja-AXBNET
1321 PIP
1335 Digital Notary Protocol
1345 VPJP
1346 Alta Analytics License Manager
1347 multi media conferencing
1348 multi media conferencing
1349 Registration Network Protocol
1350 Registration Network Protocol
1351 Digital Tool Works (MIT)
1352 Lotus Note
1353 Relief Consulting
1354 RightBrain Software
1355 Intuitive Edge
1356 CuillaMartin Company
1357 Electronic PegBoard
1358 CONNLCLI
1359 FTSRV
1360 MIMER
1361 LinX
1362 TimeFlies
1363 Network DataMover Requester
1364 Network DataMover Server
1365 Network Software Associates
1366 Novell NetWare Comm Service Platform
1367 DCS
1368 ScreenCast
1369 GlobalView to Unix Shell
1370 Unix Shell to GlobalView
1371 Fujitsu Config Protocol
1372 Fujitsu Config Protocol
1373 Chromagrafx
1374 EPI Software Systems
1375 Bytex
1376 IBM Person to Person Software
1377 Cichlid License Manager
1378 Elan License Manager
1379 Integrity Solutions
1380 Telesis Network License Manager
1381 Apple Network License Manager
1382 udt_os
1383 GW Hannaway Network License Manager
1384 Objective Solutions License Manager
1385 Atex Publishing License Manager
1386 CheckSum License Manager
1387 Computer Aided Design Software Inc LM
1388 Objective Solutions DataBase Cache
1389 Document Manager
1390 Storage Controller
1391 Storage Access Server
1392 Print Manager
1393 Network Log Server
1394 Network Log Client
1395 PC Workstation Manager software
1396 DVL Active Mail
1397 Audio Active Mail
1398 Video Active Mail
1399 Cadkey License Manager
1400 Cadkey Tablet Daemon
1401 Goldleaf License Manager
1402 Prospero Resource Manager
1403 Prospero Resource Manager
1404 Infinite Graphics License Manager
1405 IBM Remote Execution Starter
1406 NetLabs License Manager
1407 DBSA License Manager
1408 Sophia License Manager
1409 Here License Manager
1410 HiQ License Manager
1411 AudioFile
1412 InnoSys
1413 Innosys-ACL
1414 IBM MQSeries
1415 DBStar
1416 Novell LU6.2
1417 Timbuktu Service 1 Port
1418 Timbuktu Service 2 Port
1419 Timbuktu Service 3 Port
1420 Timbuktu Service 4 Port
1421 Gandalf License Manager
1422 Autodesk License Manager
1423 Essbase Arbor Software
1424 Hybrid Encryption Protocol
1425 Zion Software License Manager
1426 Satellite-data Acquisition System 1
1427 mloadd monitoring tool
1428 Informatik License Manager
1429 Hypercom NMS
1430 Hypercom TPDU
1431 Reverse Gossip Transport
1432 Blueberry Software License Manager
1433 Microsoft-SQL-Server
1434 Microsoft-SQL-Monitor
1435 IBM CICS
1436 Satellite-data Acquisition System 2
1437 Tabula
1438 Eicon Security Agent/Server
1439 Eicon X25/SNA Gateway
1440 Eicon Service Location Protocol
1441 Cadis License Management
1442 Cadis License Management
1443 Integrated Engineering Software
1444 Marcam License Management
1445 Proxima License Manager
1446 Optical Research Associates License Manager
1447 Applied Parallel Research LM
1448 OpenConnect License Manager
1449 PEport
1450 Tandem Distributed Workbench Facility
1451 IBM Information Management
1452 GTE Government Systems License Man
1453 Genie License Manager
1454 interHDL License Manager
1455 ESL License Manager
1456 DCA
1457 Valisys License Manager
1458 Nichols Research Corp.
1459 Proshare Notebook Application
1460 Proshare Notebook Application
1461 IBM Wireless LAN
1462 World License Manager
1463 Nucleus
1464 MSL License Manager
1465 Pipes Platform mfarlin@peerlogic.com
1466 Ocean Software License Manager
1467 CSDMBASE
1468 CSDM
1469 Active Analysis Limited License Manager
1470 Universal Analytics
1471 csdmbase
1472 csdm
1473 OpenMath
1474 Telefinder
1475 Taligent License Manager
1476 clvm-cfg
1477 ms-sna-server
1478 ms-sna-base
1479 dberegister
1480 PacerForum
1481 AIRS
1482 Miteksys License Manager
1483 AFS License Manager
1484 Confluent License Manager
1485 LANSource
1486 nms_topo_serv
1487 LocalInfoSrvr
1488 DocStor
1489 dmdocbroker
1490 insitu-conf
1491 anynetgateway
1492 stone-design-1
1493 netmap_lm
1494 ica
1495 cvc
1496 liberty-lm
1497 rfx-lm
1498 Sybase SQL Any
1499 Federico Heinz Consultora
1500 VLSI License Manager
1501 Satellite-data Acquisition System 3
1502 Shiva
1503 Databeam
1504 EVB Software Engineering License Manager
1505 Funk Software Inc.
1506 Universal Time daemon (utcd)
1507 symplex
1508 diagmond
1509 Robcad Ltd. License Manager
1510 Midland Valley Exploration Ltd. Lic. Man.
1511 3l-l1
1512 Microsoft's Windows Internet Name Service
1513 Fujitsu Systems Business of America Inc
1514 Fujitsu Systems Business of America Inc
1515 ifor-protocol
1516 Virtual Places Audio data
1517 Virtual Places Audio control
1518 Virtual Places Video data
1519 Virtual Places Video control
1520 atm zip office
1521 nCube License Manager
1522 Ricardo North America License Manager
1523 cichild
1524 ingres
1525 Prospero Directory Service non-priv
1526 Prospero Data Access Prot non-priv
1527 oracle
1528 micautoreg
1529 oracle
1530 rap-service
1531 rap-listen
1532 miroconnect
1533 Virtual Places Software
1534 micromuse-lm
1535 ampr-info
1536 ampr-inter
1537 isi-lm
1538 3ds-lm
1539 Intellistor License Manager
1540 rds
1541 rds2
1542 gridgen-elmd
1543 simba-cs
1544 aspeclmd
1545 vistium-share
1546 abbaccuray
1547 laplink
1548 Axon License Manager
1549 Shiva Sound
1550 Image Storage license manager 3M Company
1551 HECMTL-DB
1552 pciarray
1553 sna-cs
1554 CACI Products Company License Manager
1555 livelan
1556 AshWin CI Tecnologies
1557 ArborText License Manager
1558 xingmpeg
1559 web2host
1560 asci-val
1561 facilityview
1562 pconnectmgr
1563 Cadabra License Manager
1564 Pay-Per-View
1565 WinDD
1566 CORELVIDEO
1567 jlicelmd
1568 tsspmap
1569 ets
1570 orbixd
1571 Oracle Remote Data Base
1572 Chipcom License Manager
1573 itscomm-ns
1574 mvel-lm
1575 oraclenames
1576 moldflow-lm
1577 hypercube-lm
1578 Jacobus License Manager
1579 ioc-sea-lm
1580 tn-tl-r2
1581 MIL-2045-47001
1582 MSIMS
1583 simbaexpress
1584 tn-tl-fd2
1585 intv
1586 ibm-abtact
1587 pra_elmd
1588 triquest-lm
1589 VQP
1590 gemini-lm
1591 ncpm-pm
1592 commonspace
1593 mainsoft-lm
1594 sixtrak
1595 radio
1596 radio-bc
1597 orbplus-iiop
1598 picknfs
1599 simbaservices
1600 issd
1601 aas
1602 inspect
1603 pickodbc
1604 icabrowser
1605 Salutation Manager (Salutation Protocol)
1606 Salutation Manager (SLM-API)
1607 stt
1608 Smart Corp. License Manager
1609 isysg-lm
1610 taurus-wh
1611 Inter Library Loan
1612 NetBill Transaction Server
1613 NetBill Key Repository
1614 NetBill Credential Server
1615 NetBill Authorization Server
1616 NetBill Product Server
1617 Nimrod Inter-Agent Communication
1618 skytelnet
1619 xs-openstorage
1620 faxportwinport
1621 softdataphone
1622 ontime
1623 jaleosnd
1624 udp-sr-port
1625 svs-omagent
1626 Shockwave
1627 T.128 Gateway
1628 LonTalk normal
1629 LonTalk urgent
1630 Oracle Net8 Cman
1631 Visit view
1632 PAMMRATC
1633 PAMMRPC
1634 Log On America Probe
1635 EDB Server 1
1636 CableNet Control Protocol
1637 CableNet Admin Protocol
1638 CableNet Info Protocol
1639 cert-initiator
1640 cert-responder
1641 InVision
1642 isis-am
1643 isis-ambc
1644 Satellite-data Acquistion Systems 4
1645 datametrics
1646 sa-msg-port
1647 rsap
1648 concurrent-lm
1649 kermit
1650 nkd
1651 shiva_confsrvr
1652 xnmp
1653 alphatech-lm
1654 stargatealerts
1655 dec-mbadmin
1656 dec-mbadmin-h
1657 fujitsu-mmpdc
1658 sixnetudr
1659 Silicon Grail License Manager
1660 skip-mc-gikreq
1661 netview-aix-1
1662 netview-aix-2
1663 netview-aix-3
1664 netview-aix-4
1665 netview-aix-5
1666 netview-aix-6
1667 netview-aix-7
1668 netview-aix-8
1669 netview-aix-9
1670 netview-aix-10
1671 netview-aix-11
1672 netview-aix-12
1673 Intel Proshare Multicast
1674 Intel Proshare Multicast
1675 Pacific Data Products
1676 netcomm2
1677 groupwise
1678 prolink
1679 darcorp-lm
1680 microcom-sbp
1681 sd-elmd
1682 lanyon-lantern
1683 ncpm-hip
1684 SnareSecure
1685 n2nremote
1686 cvmon
1687 nsjtp-ctrl
1688 nsjtp-data
1689 firefox
1690 ng-umds
1691 empire-empuma
1692 sstsys-lm
1693 rrirtr
1694 rrimwm
1695 rrilwm
1696 rrifmm
1697 rrisat
1698 RSVP-ENCAPSULATION-1
1699 RSVP-ENCAPSULATION-2
1700 mps-raft
1701 l2tp
1702 deskshare
1703 hb-engine
1704 bcs-broker
1705 slingshot
1706 jetform
1707 vdmplay
1708 gat-lmd
1709 centra
1710 impera
1711 pptconference
1712 resource monitoring service
1713 ConferenceTalk
1714 sesi-lm
1715 houdini-lm
1716 xmsg
1717 fj-hdnet
1718 h323gatedisc
1719 h323gatestat
1720 h323hostcall
1721 caicci
1722 HKS License Manager
1723 pptp
1724 csbphonemaster
1725 iden-ralp
1726 IBERIAGAMES
1727 winddx
1728 TELINDUS
1729 CityNL License Management
1730 roketz
1731 MSICCP
1732 proxim
1733 SIMS - SIIPAT Protocol for Alarm Transmission
1734 Camber Corporation License Management
1735 PrivateChat
1736 street-stream
1737 ultimad
1738 GameGen1
1739 webaccess
1740 encore
1741 cisco-net-mgmt
1742 3Com-nsd
1743 Cinema Graphics License Manager
1744 ncpm-ft
1745 remote-winsock
1746 ftrapid-1
1747 ftrapid-2
1748 oracle-em1
1749 aspen-services
1750 Simple Socket Library's PortMaster
1751 SwiftNet
1752 Leap of Faith Research License Manager
1753 Translogic License Manager
1754 oracle-em2
1755 ms-streaming
1756 capfast-lmd
1757 cnhrp
1758 tftp-mcast
1759 SPSS License Manager
1760 www-ldap-gw
1761 cft-0
1762 cft-1
1763 cft-2
1764 cft-3
1765 cft-4
1766 cft-5
1767 cft-6
1768 cft-7
1769 bmc-net-adm
1770 bmc-net-svc
1771 vaultbase
1772 EssWeb Gateway
1773 KMSControl
1774 global-dtserv
1776 Federal Emergency Management Information System
1777 powerguardian
1778 prodigy-internet
1779 pharmasoft
1780 dpkeyserv
1781 answersoft-lm
1782 hp-hcip
1783 Port 04/14/00 fujitsu.co.jp
1784 Finle License Manager
1785 Wind River Systems License Manager
1786 funk-logger
1787 funk-license
1788 psmond
1789 hello
1790 Narrative Media Streaming Protocol
1791 EA1
1792 ibm-dt-2
1793 rsc-robot
1794 cera-bcm
1795 dpi-proxy
1796 Vocaltec Server Administration
1797 UMA
1798 Event Transfer Protocol
1799 NETRISK
1800 ANSYS-License manager
1801 Microsoft Message Que
1802 ConComp1
1803 HP-HCIP-GWY
1804 ENL
1805 ENL-Name
1806 Musiconline
1807 Fujitsu Hot Standby Protocol
1808 Oracle-VP2
1809 Oracle-VP1
1810 Jerand License Manager
1811 Scientia-SDB
1812 RADIUS
1813 RADIUS Accounting
1814 TDP Suite
1815 MMPFT
1816 HARP
1817 RKB-OSCS
1818 Enhanced Trivial File Transfer Protocol
1819 Plato License Manager
1820 mcagent
1821 donnyworld
1822 es-elmd
1823 Unisys Natural Language License Manager
1824 metrics-pas
1825 DirecPC Video
1826 ARDT
1827 ASI
1828 itm-mcell-u
1829 Optika eMedia
1830 Oracle Net8 CMan Admin
1831 Myrtle
1832 ThoughtTreasure
1833 udpradio
1834 ARDUS Unicast
1835 ARDUS Multicast
1836 ste-smsc
1837 csoft1
1838 TALNET
1839 netopia-vo1
1840 netopia-vo2
1841 netopia-vo3
1842 netopia-vo4
1843 netopia-vo5
1844 DirecPC-DLL
1850 GSI
1851 ctcd
1860 SunSCALAR Services
1861 LeCroy VICP
1862 techra-server
1863 MSNP
1864 Paradym 31 Port
1865 ENTP
1870 SunSCALAR DNS Service
1871 Cano Central 0
1872 Cano Central 1
1873 Fjmpjps
1874 Fjswapsnp
1881 IBM MQSeries
1895 Vista 4GL
1899 MC2Studios
1900 UPnP SSDP
1901 Fujitsu ICL Terminal Emulator Program A
1902 Fujitsu ICL Terminal Emulator Program B
1903 Local Link Name Resolution
1904 Fujitsu ICL Terminal Emulator Program C
1905 Secure UP.Link Gateway Protocol
1906 TPortMapperReq
1907 IntraSTAR
1908 Dawn
1909 Global World Link
1910 ultrabac
1911 Starlight Networks Multimedia Transport Protocol
1912 rhp-iibp
1913 armadp
1914 Elm-Momentum
1915 FACELINK
1916 Persoft Persona
1917 nOAgent
1918 Candle Directory Service - NDS
1919 Candle Directory Service - DCH
1920 Candle Directory Service - FERRET
1921 NoAdmin
1922 Tapestry
1923 SPICE
1924 XIIP
1930 Drive AppServer
1931 AMD SCHED
1944 close-combat
1945 dialogic-elmd
1946 tekpls
1947 hlserver
1948 eye2eye
1949 ISMA Easdaq Live
1950 ISMA Easdaq Test
1951 bcs-lmserver
1952 mpnjsc
1953 Rapid Base
1961 BTS APPSERVER
1962 BIAP-MP
1963 WebMachine
1964 SOLID E ENGINE
1965 Tivoli NPM
1966 Slush
1967 SNS Quote
1972 Cache
1973 Data Link Switching Remote Access Protocol
1974 DRP
1975 TCO Flash Agent
1976 TCO Reg Agent
1977 TCO Address Book
1978 UniSQL
1979 UniSQL Java
1984 BB
1985 Hot Standby Router Protocol
1986 cisco license management
1987 cisco RSRB Priority 1 port
1988 cisco RSRB Priority 2 port
1989 MHSnet system
1990 cisco STUN Priority 1 port
1991 cisco STUN Priority 2 port
1992 IPsendmsg
1993 cisco SNMP TCP port
1994 cisco serial tunnel port
1995 cisco perf port
1996 cisco Remote SRB port
1997 cisco Gateway Discovery Protocol
1998 cisco X.25 service (XOT)
1999 cisco identification port
2000 callbook
2001 curry
2002 globe
2004 CCWS mm conf
2005 oracle
2006 raid
2007 raid-am
2008 terminaldb
2009 whosockami
2010 pipe-server
2011 servserv
2012 raid-ac
2013 raid-cd
2014 raid-sf
2015 raid-cs
2016 bootserver
2017 bootclient
2018 rellpack
2019 about
2020 xinupageserver
2021 xinuexpansion1
2022 xinuexpansion2
2023 xinuexpansion3
2024 xinuexpansion4
2025 xribs
2026 scrabble
2027 shadowserver
2028 submitserver
2030 device2
2032 blackboard
2033 glogger
2034 scoremgr
2035 imsldoc
2038 objectmanager
2040 lam
2041 interbase
2042 isis
2043 isis-bcast
2044 rimsl
2045 cdfunc
2046 sdfunc
2047 dls
2048 dls-monitor
2049 Network File System - Sun Microsystems
2065 Data Link Switch Read Port Number
2067 Data Link Switch Write Port Number
2090 Load Report Protocol
2091 PRP
2092 Descent 3
2093 NBX CC
2094 NBX AU
2095 NBX SER
2096 NBX DIR
2097 Jet Form Preview
2098 Dialog Port
2099 H.225.0 Annex G
2100 amiganetfs
2101 rtcm-sc104
2102 Zephyr server
2103 Zephyr serv-hm connection
2104 Zephyr hostmanager
2105 MiniPay
2106 MZAP
2107 BinTec Admin
2108 Comcam
2109 Ergolight
2110 UMSP
2111 DSATP
2112 Idonix MetaNet
2113 HSL StoRM
2114 NEWHEIGHTS
2115 KDM
2116 CCOWCMR
2117 MENTACLIENT
2118 MENTASERVER
2119 GSIGATEKEEPER
2120 Quick Eagle Networks CP
2121 SCIENTIA-SSDB
2122 CauPC Remote Control
2123 GTP-Control Plane (3GPP)
2124 ELATELINK
2125 LOCKSTEP
2126 PktCable-COPS
2127 INDEX-PC-WB
2128 Net Steward Control
2129 cs-live.com
2130 SWC-XDS
2131 Avantageb2b
2132 AVAIL-EPMAP
2133 ZYMED-ZPP
2134 AVENUE
2135 Grid Resource Information Server
2136 APPWORXSRV
2137 CONNECT
2138 UNBIND-CLUSTER
2139 IAS-AUTH
2140 IAS-REG / Deep Throat / 2 (Windows Trojan)
2141 IAS-ADMIND
2142 TDM-OVER-IP
2143 Live Vault Job Control
2144 Live Vault Fast Object Transfer
2145 Live Vault Remote Diagnostic Console Support
2146 Live Vault Admin Event Notification
2147 Live Vault Authentication
2148 VERITAS UNIVERSAL COMMUNICATION LAYER
2149 ACPTSYS
2150 DYNAMIC3D
2151 DOCENT
2152 GTP-User Plane (3GPP)
2165 X-Bone API
2166 IWSERVER
2180 Millicent Vendor Gateway Server
2181 eforward
2200 ICI
2201 Advanced Training System Program
2202 Int. Multimedia Teleconferencing Cosortium
2213 Kali
2220 Ganymede
2221 Rockwell CSP1
2222 Rockwell CSP2
2223 Rockwell CSP3
2232 IVS Video default
2233 INFOCRYPT
2234 DirectPlay
2235 Sercomm-WLink
2236 Nani
2237 Optech Port1 License Manager
2238 AVIVA SNA SERVER
2239 Image Query
2240 RECIPe
2241 IVS Daemon
2242 Folio Remote Server
2243 Magicom Protocol
2244 NMS Server
2245 HaO
2279 xmquery
2280 LNVPOLLER
2281 LNVCONSOLE
2282 LNVALARM
2283 LNVSTATUS
2284 LNVMAPS
2285 LNVMAILMON
2286 NAS-Metering
2287 DNA
2288 NETML
2294 Konshus License Manager (FLEX)
2295 Advant License Manager
2296 Theta License Manager (Rainbow)
2297 D2K DataMover 1
2298 D2K DataMover 2
2299 PC Telecommute
2300 CVMMON
2301 Compaq HTTP
2302 Bindery Support
2303 Proxy Gateway
2304 Attachmate UTS
2305 MT ScaleServer
2306 TAPPI BoxNet
2307 pehelp
2308 sdhelp
2309 SD Server
2310 SD Client
2311 Message Service
2313 IAPP (Inter Access Point Protocol)
2314 CR WebSystems
2315 Precise Sft.
2316 SENT License Manager
2317 Attachmate G32
2318 Cadence Control
2319 InfoLibria
2320 Siebel NS
2321 RDLAP
2322 ofsd
2323 3d-nfsd
2324 Cosmocall
2325 Design Space License Management
2326 IDCP
2327 xingcsm
2328 Netrix SFTM
2329 NVD
2330 TSCCHAT
2331 AGENTVIEW
2332 RCC Host
2333 SNAPP
2334 ACE Client Auth
2335 ACE Proxy
2336 Apple UG Control
2337 ideesrv
2338 Norton Lambert
2339 3Com WebView
2340 WRS Registry
2341 XIO Status
2342 Seagate Manage Exec
2343 nati logos
2344 fcmsys
2345 dbm
2346 Game Connection Port
2347 Game Announcement and Location
2348 Information to query for game status
2349 Disgnostics Port
2350 psbserver
2351 psrserver
2352 pslserver
2353 pspserver
2354 psprserver
2355 psdbserver
2356 GXT License Managemant
2357 UniHub Server
2358 Futrix
2359 FlukeServer
2360 NexstorIndLtd
2361 TL1
2362 digiman
2363 Media Central NFSD
2364 OI-2000
2365 dbref
2366 qip-login
2367 Service Control
2368 OpenTable
2369 ACS2000 DSP
2370 L3-HBMon
2381 Compaq HTTPS
2382 Microsoft OLAP
2383 Microsoft OLAP
2384 SD-REQUEST
2389 OpenView Session Mgr
2390 RSMTP
2391 3COM Net Management
2392 Tactical Auth
2393 MS OLAP 1
2394 MA OLAP 2
2395 LAN900 Remote
2396 Wusage
2397 NCL
2398 Orbiter
2399 FileMaker Inc. - Data Access Layer
2400 OpEquus Server
2401 cvspserver
2402 TaskMaster 2000 Server
2403 TaskMaster 2000 Web
2404 IEC870-5-104
2405 TRC Netpoll
2406 JediServer
2407 Orion
2408 OptimaNet
2409 SNS Protocol
2410 VRTS Registry
2411 Netwave AP Management
2412 CDN
2413 orion-rmi-reg
2414 Interlingua
2415 COMTEST
2416 RMT Server
2417 Composit Server
2418 cas
2419 Attachmate S2S
2420 DSL Remote Management
2421 G-Talk
2422 CRMSBITS
2423 RNRP
2424 KOFAX-SVR
2425 Fujitsu App Manager
2426 Appliant UDP
2427 Media Gateway Control Protocol Gateway
2428 One Way Trip Time
2429 FT-ROLE
2430 venus
2431 venus-se
2432 codasrv
2433 codasrv-se
2434 pxc-epmap
2435 OptiLogic
2436 TOP/X
2437 UniControl
2438 MSP
2439 SybaseDBSynch
2440 Spearway Lockser
2441 pvsw-inet
2442 Netangel
2443 PowerClient Central Storage Facility
2444 BT PP2 Sectrans
2445 DTN1
2446 bues_service
2447 OpenView NNM daemon
2448 hpppsvr
2449 RATL
2450 netadmin
2451 netchat
2452 SnifferClient
2453 madge-om
2454 IndX-DDS
2455 WAGO-IO-SYSTEM
2456 altav-remmgt
2457 Rapido_IP
2458 griffin
2459 Community
2460 ms-theater
2461 qadmifoper
2462 qadmifevent
2463 Symbios Raid
2464 DirecPC SI
2465 Load Balance Management
2466 Load Balance Forwarding
2467 High Criteria
2468 qip_msgd
2469 MTI-TCS-COMM
2470 taskman port
2471 SeaODBC
2472 C3
2473 Aker-cdp
2474 Vital Analysis
2475 ACE Server
2476 ACE Server Propagation
2477 SecurSight Certificate Valifation Service
2478 SecurSight Authentication Server (SSL)
2479 SecurSight Event Logging Server (SSL)
2480 Lingwood's Detail
2481 Oracle GIOP
2482 Oracle GIOP SSL
2483 Oracel TTC
2484 Oracle TTC SSL
2485 Net Objects1
2486 Net Objects2
2487 Policy Notice Service
2488 Moy Corporation
2489 TSILB
2490 qip_qdhcp
2491 Conclave CPP
2492 GROOVE
2493 Talarian MQS
2494 BMC AR
2495 Fast Remote Services
2496 DIRGIS
2497 Quad DB
2498 ODN-CasTraq
2499 UniControl
2500 Resource Tracking system server
2501 Resource Tracking system client
2502 Kentrox Protocol
2503 NMS-DPNSS
2504 WLBS
2505 torque-traffic
2506 jbroker
2507 spock
2508 JDataStore
2509 fjmpss
2510 fjappmgrbulk
2511 Metastorm
2512 Citrix IMA
2513 Citrix ADMIN
2514 Facsys NTP
2515 Facsys Router
2516 Main Control
2517 H.323 Annex E call signaling transport
2518 Willy
2519 globmsgsvc
2520 pvsw
2521 Adaptec Manager
2522 WinDb
2523 Qke LLC V.3
2524 Optiwave License Management
2525 MS V-Worlds
2526 EMA License Manager
2527 IQ Server
2528 NCR CCL
2529 UTS FTP
2530 VR Commerce
2531 ITO-E GUI
2532 OVTOPMD
2533 SnifferServer
2534 Combox Web Access
2535 MADCAP
2536 btpp2audctr1
2537 Upgrade Protocol
2538 vnwk-prapi
2539 VSI Admin
2540 LonWorks
2541 LonWorks2
2542 daVinci
2543 REFTEK
2544 Novell ZEN novell.com
2545 sis-emt
2546 vytalvaultbrtp
2547 vytalvaultvsmp
2548 vytalvaultpipe
2549 IPASS
2550 ADS
2551 ISG UDA Server
2552 Call Logging
2553 efidiningport
2554 VCnet-Link v10
2555 Compaq WCP
2556 nicetec-nmsvc
2557 nicetec-mgmt
2558 PCLE Multi Media
2559 LSTP
2560 labrat
2561 MosaixCC
2562 Delibo
2563 CTI Redwood
2565 Coordinator Server
2566 pcs-pcw
2567 Cisco Line Protocol
2568 SPAM TRAP
2569 Sonus Call Signal
2570 HS Port
2571 CECSVC
2572 IBP
2573 Trust Establish
2574 Blockade BPSP
2575 HL7
2576 TCL Pro Debugger
2577 Scriptics Lsrvr
2578 RVS ISDN DCP
2579 mpfoncl
2580 Tributary
2581 ARGIS TE
2582 ARGIS DS
2583 MON
2584 cyaserv
2585 NETX Server
2586 NETX Agent
2587 MASC
2588 Privilege
2589 quartus tcl
2590 idotdist
2591 Maytag Shuffle
2592 netrek
2593 MNS Mail Notice Service
2594 Data Base Server
2595 World Fusion 1
2596 World Fusion 2
2597 Homestead Glory
2598 Citrix MA Client
2599 Meridian Data
2600 HPSTGMGR
2601 discp client
2602 discp server
2603 Service Meter
2604 NSC CCS
2605 NSC POSA
2606 Dell Netmon
2607 Dell Connection
2608 Wag Service
2609 System Monitor
2610 VersaTek
2611 LIONHEAD
2612 Qpasa Agent
2613 SMNTUBootstrap
2614 Never Offline
2615 firepower
2616 appswitch-emp
2617 Clinical Context Managers
2618 Priority E-Com
2619 bruce
2620 LPSRecommender
2621 Miles Apart Jukebox Server
2622 MetricaDBC
2623 LMDP
2624 Aria
2625 Blwnkl Port
2626 gbjd816
2627 Moshe Beeri
2628 DICT
2629 Sitara Server
2630 Sitara Management
2631 Sitara Dir
2632 IRdg Post
2633 InterIntelli
2634 PK Electronics
2635 Back Burner
2636 Solve
2637 Import Document Service
2638 Sybase Anywhere
2639 AMInet
2640 Sabbagh Associates Licence Manager
2641 HDL Server
2642 Tragic
2643 GTE-SAMP
2644 Travsoft IPX Tunnel
2645 Novell IPX CMD
2646 AND License Manager
2647 SyncServer
2648 Upsnotifyprot
2649 VPSIPPORT
2650 eristwoguns
2651 EBInSite
2652 InterPathPanel
2653 Sonus
2654 Corel VNC Admin
2655 UNIX Nt Glue
2656 Kana
2657 SNS Dispatcher
2658 SNS Admin
2659 SNS Query
2660 GC Monitor
2661 OLHOST
2662 BinTec-CAPI
2663 BinTec-TAPI
2664 Command MQ GM
2665 Command MQ PM
2666 extensis
2667 Alarm Clock Server
2668 Alarm Clock Client
2669 TOAD
2670 TVE Announce
2671 newlixreg
2672 nhserver
2673 First Call 42
2674 ewnn
2675 TTC ETAP
2676 SIMSLink
2677 Gadget Gate 1 Way
2678 Gadget Gate 2 Way
2679 Sync Server SSL
2680 pxc-sapxom
2681 mpnjsomb
2682 SRSP
2683 NCDLoadBalance
2684 mpnjsosv
2685 mpnjsocl
2686 mpnjsomg
2687 pq-lic-mgmt
2688 md-cf-HTTP
2689 FastLynx
2690 HP NNM Embedded Database
2691 IT Internet
2692 Admins LMS
2693 belarc-HTTP
2694 pwrsevent
2695 VSPREAD
2696 Unify Admin
2697 Oce SNMP Trap Port
2698 MCK-IVPIP
2699 Csoft Plus Client
2700 tqdata
2701 SMS RCINFO
2702 SMS XFER
2703 SMS CHAT
2704 SMS REMCTRL
2705 SDS Admin
2706 NCD Mirroring
2707 EMCSYMAPIPORT
2708 Banyan-Net
2709 Supermon
2710 SSO Service
2711 SSO Control
2712 Axapta Object Communication Protocol
2713 Raven1
2714 unified-technologies.com
2715 HPSTGMGR2
2716 Inova IP Disco
2717 PN REQUESTER
2718 PN REQUESTER 2
2719 Scan & Change
2720 wkars
2721 Smart Diagnose
2722 Proactive Server
2723 WatchDog NT
2724 qotps
2725 MSOLAP PTP2
2726 TAMS
2727 Media Gateway Control Protocol Call Agent
2728 SQDR
2729 TCIM Control
2730 NEC RaidPlus
2731 NetDragon Messanger
2732 G5M
2733 Signet CTF
2734 CCS Software
2735 Monitor Console
2736 RADWIZ NMS SRV
2737 SRP Feedback
2738 NDL TCP-OSI Gateway
2739 TN Timing
2740 Alarm
2741 TSB
2742 TSB2
2743 murx
2744 honyaku
2745 URBISNET
2746 CPUDPENCAP
2747 yk.fujitsu.co.jp
2748 yk.fujitsu.co.jp
2749 yk.fujitsu.co.jp
2750 yk.fujitsu.co.jp
2751 yk.fujitsu.co.jp
2752 RSISYS ACCESS
2753 de-spot
2754 APOLLO CC
2755 Express Pay
2756 simplement-tie
2757 CNRP
2758 APOLLO Status
2759 APOLLO GMS
2760 Saba MS
2761 DICOM ISCL
2762 DICOM TLS
2763 Desktop DNA
2764 Data Insurance
2765 qip-audup
2766 Compaq SCP
2767 UADTC
2768 UACS
2769 Single Point MVS
2770 Veronica
2771 Vergence CM
2772 auris
2773 PC Backup
2774 PC Backup
2775 SMMP
2776 Ridgeway Systems & Software
2777 Ridgeway Systems & Software
2778 Gwen-Sonya
2779 LBC Sync
2780 LBC Control
2781 whosells
2782 everydayrc
2783 AISES
2784 world wide web - development
2785 aic-np
2786 aic-oncrpc - Destiny MCD database
2787 piccolo - Cornerstone Software
2788 NetWare Loadable Module - Seagate Software
2789 Media Agent
2790 PLG Proxy
2791 MT Port Registrator
2792 f5-globalsite
2793 initlsmsad
2794 aaftp
2795 LiveStats
2796 ac-tech
2797 esp-encap
2798 TMESIS-UPShot
2799 ICON Discover
2800 ACC RAID
2801 IGCP
2802 Veritas UDP1
2803 btprjctrl
2804 Telexis VTU
2805 WTA WSP-S
2806 cspuni
2807 cspmulti
2808 J-LAN-P
2809 CORBA LOC
2810 Active Net Steward
2811 GSI FTP
2812 atmtcp
2813 llm-pass
2814 llm-csv
2815 LBC Measurement
2816 LBC Watchdog
2817 NMSig Port
2818 rmlnk
2819 FC Fault Notification
2820 UniVision
2821 vml_dms
2822 ka0wuc
2823 CQG Net/LAN
2826 slc systemlog
2827 slc ctrlrloops
2828 ITM License Manager
2829 silkp1
2830 silkp2
2831 silkp3
2832 silkp4
2833 glishd
2834 EVTP
2835 EVTP-DATA
2836 catalyst
2837 Repliweb
2838 Starbot
2839 NMSigPort
2840 l3-exprt
2841 l3-ranger
2842 l3-hawk
2843 PDnet
2844 BPCP POLL
2845 BPCP TRAP
2846 AIMPP Hello
2847 AIMPP Port Req
2848 AMT-BLC-PORT
2849 FXP
2850 MetaConsole
2851 webemshttp
2852 bears-01
2853 ISPipes
2854 InfoMover
2856 cesdinv
2857 SimCtIP
2858 ECNP
2859 Active Memory
2860 Dialpad Voice 1
2861 Dialpad Voice 2
2862 TTG Protocol
2863 Sonar Data
2864 main 5001 cmd
2865 pit-vpn
2866 lwlistener
2867 esps-portal
2868 NPEP Messaging
2869 ICSLAP
2870 daishi
2871 MSI Select Play
2872 CONTRACT
2873 PASPAR2 ZoomIn
2874 dxmessagebase1
2875 dxmessagebase2
2876 SPS Tunnel
2877 BLUELANCE
2878 AAP
2879 ucentric-ds
2880 synapse
2881 NDSP
2882 NDTP
2883 NDNP
2884 Flash Msg
2885 TopFlow
2886 RESPONSELOGIC
2887 aironet
2888 SPCSDLOBBY
2889 RSOM
2890 CSPCLMULTI
2891 CINEGRFX-ELMD License Manager
2892 SNIFFERDATA
2893 VSECONNECTOR
2894 ABACUS-REMOTE
2895 NATUS LINK
2896 ECOVISIONG6-1
2897 Citrix RTMP
2898 APPLIANCE-CFG
2899 POWERGEMPLUS
2900 QUICKSUITE
2901 ALLSTORCNS
2902 NET ASPI
2903 SUITCASE
2904 M2UA
2905 M3UA
2906 CALLER9
2907 WEBMETHODS B2B
2908 mao
2909 Funk Dialout
2910 TDAccess
2911 Blockade
2912 Epicon
2913 Booster Ware
2914 Game Lobby
2915 TK Socket
2916 Elvin Server
2917 Elvin Client
2918 Kasten Chase Pad
2919 ROBOER
2920 ROBOEDA
2921 CESD Contents Delivery Management
2922 CESD Contents Delivery Data Transfer
2923 WTA-WSP-WTP-S
2924 PRECISE-VIP
2925 Firewall Redundancy Protocol
2926 MOBILE-FILE-DL
2927 UNIMOBILECTRL
2928 REDSONTE-CPSS
2929 PANJA-WEBADMIN
2930 PANJA-WEBLINX
2931 Circle-X
2932 INCP
2933 4-TIER OPM GW
2934 4-TIER OPM CLI
2935 QTP
2936 OTPatch
2937 PNACONSULT-LM
2938 SM-PAS-1
2939 SM-PAS-2
2940 SM-PAS-3
2941 SM-PAS-4
2942 SM-PAS-5
2943 TTNRepository
2944 Megaco H-248
2945 H248 Binary
2946 FJSVmpor
2947 GPSD
2948 WAP PUSH
2949 WAP PUSH SECURE
2950 ESIP
2951 OTTP
2952 MPFWSAS
2953 OVALARMSRV
2954 OVALARMSRV-CMD
2955 CSNOTIFY
2956 OVRIMOSDBMAN
2957 JAMCT5
2958 JAMCT6
2959 RMOPAGT
2960 DFOXSERVER
2961 BOLDSOFT-LM
2962 IPH-POLICY-CLI
2963 IPH-POLICY-ADM
2964 BULLANT SRAP
2965 BULLANT RAP
2966 IDP-INFOTRIEVE
2967 SSC-AGENT / Norton Antivirus
2968 ENPP
2969 ESSP
2970 INDEX-NET
2971 Net Clip
2972 PMSM Webrctl
2973 SV Networks
2974 Signal
2975 Fujitsu Configuration Management Service
2976 CNS Server Port
2977 TTCs Enterprise Test Access Protocol - NS
2978 TTCs Enterprise Test Access Protocol - DS
2979 H.263 Video Streaming
2980 Instant Messaging Service
2981 MYLXAMPORT
2982 IWB-WHITEBOARD
2983 NETPLAN
2984 HPIDSADMIN
2985 HPIDSAGENT
2986 STONEFALLS
2987 IDENTIFY
2988 CLASSIFY
2989 ZARKOV
2990 BOSCAP
2991 WKSTN-MON
2992 ITB301
2993 VERITAS VIS1
2994 VERITAS VIS2
2995 IDRS
2996 vsixml
2997 REBOL
2998 Real Secure
2999 RemoteWare Unassigned
3000 RemoteWare Client
3001 Redwood Broker
3002 RemoteWare Server
3003 CGMS
3004 Csoft Agent
3005 Genius License Manager
3006 Instant Internet Admin
3007 Lotus Mail Tracking Agent Protocol
3008 Midnight Technologies
3009 PXC-NTFY
3010 Telerate Workstation
3011 Trusted Web
3012 Trusted Web Client
3013 Gilat Sky Surfer
3014 Broker Service
3015 NATI DSTP
3016 Notify Server
3017 Event Listener
3018 Service Registry
3019 Resource Manager
3020 CIFS
3021 AGRI Server
3022 CSREGAGENT
3023 magicnotes
3024 NDS_SSO
3025 Arepa Raft
3026 AGRI Gateway
3027 LiebDevMgmt_C
3028 LiebDevMgmt_DM
3029 LiebDevMgmt_A
3030 Arepa Cas
3031 AgentVU
3032 Redwood Chat
3033 PDB
3034 Osmosis AEEA
3035 FJSV gssagt
3036 Hagel DUMP
3037 HP SAN Mgmt
3038 Santak UPS
3039 Cogitate Inc.
3040 Tomato Springs
3041 di-traceware
3042 journee
3043 BRP
3045 ResponseNet
3046 di-ase
3047 Fast Security HL Server
3048 Sierra Net PC Trader
3049 NSWS
3050 gds_db
3051 Galaxy Server
3052 APCPCNS
3053 dsom-server
3054 AMT CNF PROT
3055 Policy Server
3056 CDL Server
3057 GoAhead FldUp
3058 videobeans
3059 earlhaig.com
3060 interserver
3061 cautcpd
3062 ncacn-ip-tcp
3063 ncadg-ip-udp
3065 slinterbase
3066 NETATTACHSDMP
3067 FJHPJP
3068 ls3 Broadcast
3069 ls3
3070 MGXSWITCH
3075 Orbix 2000 Locator
3076 Orbix 2000 Config
3077 Orbix 2000 Locator SSL
3078 Orbix 2000 Locator SSL
3079 LV Front Panel
3080 stm_pproc
3081 TL1-LV
3082 TL1-RAW
3083 TL1-TELNET
3084 ITM-MCCS
3085 PCIHReq
3086 JDL-DBKitchen
3105 Cardbox
3106 Cardbox HTTP
3130 ICPv2
3131 Net Book Mark
3141 VMODEM
3142 RDC WH EOS
3143 Sea View
3144 Tarantella
3145 CSI-LFAP
3147 RFIO
3148 NetMike Game Administrator
3149 NetMike Game Server
3150 NetMike Administrator/Deep Throat/2 (Windows Trojan)
3151 NetMike Assessor
3180 Millicent Broker Server
3181 BMC Patrol Agent
3182 BMC Patrol Rendezvous
3262 NECP
3264 cc:mail/lotus
3265 Altav Tunnel
3266 NS CFG Server
3267 IBM Dial Out
3268 Microsoft Global Catalog
3269 Microsoft Global Catalog with LDAP/SSL
3270 Verismart
3271 CSoft Prev Port
3272 Fujitsu User Manager
3273 Simple Extensible Multiplexed Protocol
3274 Ordinox Server
3275 SAMD
3276 Maxim ASICs
3277 AWG Proxy
3278 LKCM Server
3279 admind
3280 VS Server
3281 SYSOPT
3282 Datusorb
3283 Net Assistant
3284 4Talk
3285 Plato
3286 E-Net
3287 DIRECTVDATA
3288 COPS
3289 ENPC
3290 CAPS LOGISTICS TOOLKIT - LM
3291 S A Holditch & Associates - LM
3292 Cart O Rama
3293 fg-fps
3294 fg-gip
3295 Dynamic IP Lookup
3296 Rib License Manager
3297 Cytel License Manager
3298 Transview
3299 pdrncs
3301 Unathorised use by SAP R/3
3302 MCS Fastmail
3303 OP Session Client
3304 OP Session Server
3305 ODETTE-FTP
3306 MySQL
3307 OP Session Proxy
3308 TNS Server
3309 TND ADV
3310 Dyna Access
3311 MCNS Tel Ret
3312 Application Management Server
3313 Unify Object Broker
3314 Unify Object Host
3315 CDID
3316 AICC/CMI
3317 VSAI PORT
3318 Swith to Swith Routing Information Protocol
3319 SDT License Manager
3320 Office Link 2000
3321 VNSSTR
3325 isi.edu
3326 SFTU
3327 BBARS
3328 Eaglepoint License Manager
3329 HP Device Disc
3330 MCS Calypso ICF
3331 MCS Messaging
3332 MCS Mail Server
3333 DEC Notes
3334 Direct TV Webcasting
3335 Direct TV Software Updates
3336 Direct TV Tickers
3337 Direct TV Data Catalog
3338 OMF data b
3339 OMF data l
3340 OMF data m
3341 OMF data h
3342 WebTIE
3343 MS Cluster Net
3344 BNT Manager
3345 Influence
3346 Trnsprnt Proxy
3347 Phoenix RPC
3348 Pangolin Laser
3349 Chevin Services
3350 FINDVIATV
3351 BTRIEVE
3352 SSQL
3353 FATPIPE
3354 SUITJD
3355 Ordinox Dbase
3356 UPNOTIFYPS
3357 Adtech Test IP
3358 Mp Sys Rmsvr
3359 WG NetForce
3360 KV Server
3361 KV Agent
3362 DJ ILM
3363 NATI Vi Server
3364 Creative Server
3365 Content Server
3366 Creative Partner
3371 ccm.jf.intel.com
3372 TIP 2
3373 Lavenir License Manager
3374 Cluster Disc
3375 VSNM Agent
3376 CD Broker
3377 Cogsys Network License Manager
3378 WSICOPY
3379 SOCORFS
3380 SNS Channels
3381 Geneous
3382 Fujitsu Network Enhanced Antitheft function
3383 Enterprise Software Products License Manager
3384 Hardware Management
3385 qnxnetman
3386 GPRS SIG
3387 Back Room Net
3388 CB Server
3389 MS WBT Server
3390 Distributed Service Coordinator
3391 SAVANT
3392 EFI License Management
3393 D2K Tapestry Client to Server
3394 D2K Tapestry Server to Server
3395 Dyna License Manager (Elam)
3396 Printer Agent
3397 Cloanto License Manager
3398 Mercantile
3399 CSMS
3400 CSMS2
3401 filecast
3421 Bull Apprise portmapper
3454 Apple Remote Access Protocol um.cc.umich.edu
3455 RSVP Port
3456 Microsoft IIS Server / VAT default data
3457 VAT default control
3458 DsWinOSFI
3459 TIP Integral
3460 EDM Manger
3461 EDM Stager
3462 EDM STD Notify
3463 EDM ADM Notify
3464 EDM MGR Sync
3465 EDM MGR Cntrl
3466 WORKFLOW
3467 RCST
3468 TTCM Remote Controll
3469 Pluribus
3470 jt400
3471 jt400-ssl
3535 MS-LA
3563 Watcom Debug
3572 harlequin.co.uk
3672 harlequinorb
3802 VHD
3845 V-ONE Single Port Proxy
3862 GIGA-POCKET
3875 PNBSCADA
3900 Unidata UDT OS
3984 MAPPER network node manager
3985 MAPPER TCP/IP server
3986 MAPPER workstation server
3987 Centerline
4000 Terabase
4001 NewOak
4002 pxc-spvr-ft
4003 pxc-splr-ft
4004 pxc-roid
4005 pxc-pin
4006 pxc-spvr
4007 pxc-splr
4008 NetCheque accounting
4009 Chimera HWM
4010 Samsung Unidex
4011 Alternate Service Boot
4012 PDA Gate
4013 ACL Manager
4014 TAICLOCK
4015 Talarian Mcast
4016 Talarian Mcast
4017 Talarian Mcast
4018 Talarian Mcast
4019 Talarian Mcast
4045 NFS lock daemon/manager
4096 BRE (Bridge Relay Element)
4097 Patrol View
4098 drmsfsd
4099 DPCP
4132 NUTS Daemon
4133 NUTS Bootp Server
4134 NIFTY-Serve HMI protocol
4141 Workflow Server
4142 Document Server
4143 Document Replication
4144 Compuserve pc windows (unoffically)
4160 Jini Discovery
4199 EIMS ADMIN
4299 earth.path.net
4300 Corel CCam
4321 Remote Who Is
4343 UNICALL
4344 VinaInstall
4345 Macro 4 Network AS
4346 ELAN LM
4347 LAN Surveyor
4348 ITOSE
4349 File System Port Map
4350 Net Device
4351 PLCY Net Services
4353 F5 iQuery
4442 Saris
4443 Pharos
4444 NV Video default
4445 UPNOTIFYP
4446 N1-FWP
4447 N1-RMGMT
4448 ASC Licence Manager
4449 PrivateWire
4450 Camp
4451 CTI System Msg
4452 CTI Program Load
4453 NSS Alert Manager
4454 NSS Agent Manager
4455 PR Chat User
4456 PR Chat Server
4457 PR Register
4500 sae-urn
4501 urn-x-cdchoice
4545 WorldScores
4546 SF License Manager (Sentinel)
4547 Lanner License Manager
4567 TRAM
4568 BMC Reporting
4600 Piranha1
4601 Piranha2
4665 eDonkey
4672 remote file access server
4800 Icona Instant Messenging System
4801 Icona Web Embedded Chat
4802 Icona License System Server
4827 HTCP
4837 Varadero-0
4838 Varadero-1
4839 Varadero-2
4868 Photon Relay
4869 Photon Relay Debug
4885 ABBS
4983 AT&T Intercom
5000 filmaker.com
5001 filmaker.com
5002 radio free ethernet
5003 FileMaker Inc. - Proprietary name binding
5004 avt-profile-1
5005 avt-profile-2
5006 wsm server
5007 wsm server ssl
5010 TelepathStart
5011 TelepathAttack
5020 zenginkyo-1
5021 zenginkyo-2
5042 asnaacceler8db
5050 multimedia conference control tool
5051 ITA Agent
5052 ITA Manager
5055 UNOT
5060 SIP
5069 I/Net 2000-NPR
5071 PowerSchool
5093 Sentinel LM
5099 SentLM Srv2Srv
5145 RMONITOR SECURE
5150 Ascend Tunnel Management Protocol
5151 ESRI SDE Remote Start
5152 ESRI SDE Instance Discovery
5165 ife_1corp
5190 America-Online
5191 AmericaOnline1
5192 AmericaOnline2
5193 AmericaOnline3
5200 Targus AIB 1
5201 Targus AIB 2
5202 Targus TNTS 1
5203 Targus TNTS 2
5236 padl2sim
5272 PK
5300 HA cluster heartbeat
5301 HA cluster general services
5302 HA cluster configuration
5303 HA cluster probing
5304 HA Cluster Commands hp.com
5305 HA Cluster Test hp.com
5306 Sun MC Group
5307 SCO AIP
5308 CFengine
5309 J Printer
5310 Outlaws
5311 TM Login
5400 Excerpt Search
5401 Excerpt Search Secure
5402 MFTP
5403 HPOMS-CI-LSTN
5404 HPOMS-DPS-LSTN
5405 NetSupport
5406 Systemics Sox
5407 Foresyte-Clear
5408 Foresyte-Sec
5409 Salient Data Server
5410 Salient User Manager
5411 ActNet
5412 Continuus
5413 WWIOTALK
5414 StatusD
5415 NS Server
5416 SNS Gateway
5417 SNS Agent
5418 MCNTP
5419 DJ-ICE
5420 Cylink-C
5421 Net Support 2
5422 Salient MUX
5423 VIRTUALUSER
5426 DEVBASIC
5427 SCO-PEER-TTA
5428 TELACONSOLE
5429 Billing and Accounting System Exchange
5430 RADEC CORP
5431 PARK AGENT
5435 Data Tunneling Transceiver Linking (DTTL)
5454 apc-tcp-udp-4
5455 apc-tcp-udp-5
5456 apc-tcp-udp-6
5461 SILKMETER
5462 TTL Publisher
5465 NETOPS-BROKER
5500 fcp-addr-srvr1
5501 fcp-addr-srvr2
5502 fcp-srvr-inst1
5503 fcp-srvr-inst2
5504 fcp-cics-gw1
5540 ACE/Server Services
5554 SGI ESP HTTP
5555 Personal Agent
5599 Enterprise Security Remote Install
5600 Enterprise Security Manager
5601 Enterprise Security Agent
5602 A1-MSC
5603 A1-BS
5604 A3-SDUNode
5605 A4-SDUNode
5631 pcANYWHEREdata
5632 pcANYWHEREstat
5678 Remote Replication Agent Connection
5679 Direct Cable Connect Manager
5713 proshare conf audio
5714 proshare conf video
5715 proshare conf data
5716 proshare conf request
5717 proshare conf notify
5729 Openmail User Agent Layer
5741 IDA Discover Port 1
5742 IDA Discover Port 2
5745 fcopy-server
5746 fcopys-server
5755 OpenMail Desk Gateway server
5757 OpenMail X.500 Directory Server
5766 OpenMail NewMail Server
5767 OpenMail Suer Agent Layer (Secure)
5768 OpenMail CMTS Server
5771 NetAgent
5813 ICMPD
5859 WHEREHOO
5968 mppolicy-v5
5969 mppolicy-mgr
5999 CVSup
6063 X Windows System mit.edu
6064 NDL-AHP-SVC
6065 WinPharaoh
6066 EWCTSP
6067 SRB
6068 GSMP
6069 TRIP
6070 Messageasap
6071 SSDTP
6072 DIAGNOSE-PROC
6073 DirectPlay8
6100 SynchroNet-db
6101 SynchroNet-rtc
6102 SynchroNet-upd
6103 RETS
6104 DBDB
6105 Prima Server
6106 MPS Server
6107 ETC Control
6108 Sercomm-SCAdmin
6109 GLOBECAST-ID
6110 HP SoftBench CM
6111 HP SoftBench Sub-Process Control
6112 dtspcd
6123 Backup Express
6141 Meta Corporation License Manager
6142 Aspen Technology License Manager
6143 Watershed License Manager
6144 StatSci License Manager - 1
6145 StatSci License Manager - 2
6146 Lone Wolf Systems License Manager
6147 Montage License Manager
6148 Ricardo North America License Manager
6149 tal-pod
6253 CRIP
6321 Empress Software Connectivity Server 1
6322 Empress Software Connectivity Server 2
6389 clariion-evr01
6400 saegatesoftware.com
6401 saegatesoftware.com
6402 saegatesoftware.com
6403 saegatesoftware.com
6404 saegatesoftware.com
6405 saegatesoftware.com
6406 saegatesoftware.com
6407 saegatesoftware.com
6408 saegatesoftware.com
6409 saegatesoftware.com
6410 saegatesoftware.com
6455 osmosys.incog.com
6456 osmosys.incog.com
6471 LVision License Manager
6500 BoKS Master
6501 BoKS Servc
6502 BoKS Servm
6503 BoKS Clntd
6505 BoKS Admin Private Port
6506 BoKS Admin Public Port
6507 BoKS Dir Server Private Port
6508 BoKS Dir Server Public Port
6547 apc-tcp-udp-1
6548 apc-tcp-udp-2
6549 apc-tcp-udp-3
6550 fg-sysupdate
6558 xdsxdm
6669 Internet Relay Chat acrux.com
6670 Vocaltec Global Online Directory
6672 vision_server
6673 vision_elmd
6699 Napster
6700 Napster
6701 KTI/ICAD Nameserver
6702 Carracho (client)
6767 BMC PERFORM AGENT
6768 BMC PERFORM MGRD
6790 HNMP
6831 ambit-lm
6838 DDOS communication UDP
6841 Netmo Default
6842 Netmo HTTP
6850 ICCRUSHMORE
6888 MUSE
6961 JMACT3
6962 jmevt2
6963 swismgr1
6964 swismgr2
6965 swistrap
6966 swispol
6969 acmsoda
6998 IATP-highPri
6999 IATP-normalPri
7000 file server itself
7001 callbacks to cache managers
7002 users & groups database
7003 volume location database
7004 AFS/Kerberos authentication service
7005 volume managment server
7006 error interpretation service
7007 basic overseer process
7008 server-to-server updater
7009 remote cache manager service
7010 onlinet uninterruptable power supplies
7011 Talon Discovery Port
7012 Talon Engine
7013 Microtalon Discovery
7014 Microtalon Communications
7015 Talon Webserver
7020 DP Serve
7021 DP Serve Admin
7070 ARCP
7099 lazy-ptop
7100 X Font Service
7121 Virtual Prototypes License Manager
7141 vnet.ibm.com
7170 Audio (inclusive) for incoming traffic only
7174 Clutild
7200 FODMS FLIP
7201 DLIP
7390 The Swiss Exchange swx.ch
7395 winqedit
7426 OpenView DM Postmaster Manager
7427 OpenView DM Event Agent Manager
7428 OpenView DM Log Agent Manager
7429 OpenView DM rqt communication
7430 OpenView DM xmpv7 api pipe
7431 OpenView DM ovc/xmpv3 api pipe
7437 Faximum
7491 telops-lmd
7511 pafec-lm
7544 FlowAnalyzer DisplayServer
7545 FlowAnalyzer UtilityServer
7566 VSI Omega
7570 Aries Kfinder
7588 Sun License Manager
7597 TROJAN WORM
7633 PMDF Management
7640 CUSeeMe
7648 CUCME live video/audio server
7649 CUCME live video/audio server
7650 CUCME live video/audio server
7651 CUCME live video/audio server
7777 cbt
7778 Interwise
7781 accu-lmgr
7786 MINIVEND
7932 Tier 2 Data Resource Manager
7933 Tier 2 Business Rules Manager
7967 Supercell
7979 Micromuse-ncps
7980 Quest Vista
7983 DDOS communication UDP
7999 iRDMI2
8000 iRDMI
8001 VCOM Tunnel
8002 Teradata ORDBMS
8008 HTTP Alternate
8032 ProEd
8033 MindPrint
8080 HTTP
8130 INDIGO-VRMI
8131 INDIGO-VBCP
8160 Patrol
8161 Patrol SNMP
8200 TRIVNET
8201 TRIVNET
8204 LM Perfworks
8205 LM Instmgr
8206 LM Dta
8207 LM SServer
8208 LM Webwatcher
8351 Server Find
8376 Cruise ENUM
8377 Cruise SWROUTE
8378 Cruise CONFIG
8379 Cruise DIAGS
8380 Cruise UPDATE
8400 cvd
8401 sabarsd
8402 abarsd
8403 admind
8450 npmp
8473 Virtual Point to Point
8554 RTSP Alternate (see port 554)
8733 iBus
8763 MC-APPSERVER
8764 OPENQUEUE
8765 Ultraseek HTTP
8804 truecm
8880 CDDBP
8888 NewsEDGE server UDP (UDP 1)
8889 NewsEDGE server broadcast
8890 NewsEDGE client broadcast
8891 Desktop Data UDP 3: NESS application
8892 Desktop Data UDP 4: FARM product
8893 Desktop Data UDP 5: NewsEDGE/Web application
8894 Desktop Data UDP 6: COAL application
8900 JMB-CDS 1
8901 JMB-CDS 2
9000 CSlistener
9090 WebSM
9160 NetLOCK1
9161 NetLOCK2
9162 NetLOCK3
9163 NetLOCK4
9164 NetLOCK5
9200 WAP connectionless session service
9201 WAP session service
9202 WAP secure connectionless session service
9203 WAP secure session service
9204 WAP vCard
9205 WAP vCal
9206 WAP vCard Secure
9207 WAP vCal Secure
9321 guibase
9325 DDOS communication UDP
9343 MpIdcMgr
9344 Mphlpdmc
9374 fjdmimgr
9396 fjinvmgr
9397 MpIdcAgt
9500 ismserver
9535 Remote man server
9594 Message System
9595 Ping Discovery Service
9600 MICROMUSE-NCPW
9753 rasadv
9876 Session Director
9888 CYBORG Systems
9898 MonkeyCom
9899 SCTP TUNNELING
9900 IUA
9909 domaintime
9950 APCPCPLUSWIN1
9951 APCPCPLUSWIN2
9952 APCPCPLUSWIN3
9992 Palace
9993 Palace
9994 Palace
9995 Palace
9996 Palace
9997 Palace
9998 Distinct32
9999 distinct
10000 Network Data Management Protocol
10001 rscsl
10002 rscs2
10003 rscs3
10004 rscs4
10005 rscs5
10006 rscs6
10007 MVS Capacity
10008 rscs8
10009 rscs9
10010 rscsa
10011 rscsb
10012 qmaster
10067 Portal of Doom remote access backdoor
10080 Amanda
10113 NetIQ Endpoint
10114 NetIQ Qcheck
10115 Ganymede Endpoint
10128 BMC-PERFORM-SERVICE DAEMON
10167 Portal of Doom remote access backdoor
10288 Blocks
10498 DDOS Communication UDP
11000 IRISA
11001 Metasys
11111 Viral Computing Environment (VCE)
11367 ATM UHAS
11720 h323 Call Signal Alternate
12000 IBM Enterprise Extender SNA XID Exchange
12001 IBM Enterprise Extender SNA COS Network Priority
12002 IBM Enterprise Extender SNA COS High Priority
12003 IBM Enterprise Extender SNA COS Medium Priority
12004 IBM Enterprise Extender SNA COS Low Priority
12172 HiveP
12753 tsaf port
13160 I-ZIPQD
13223 PowWow Client
13224 PowWow Server
13720 BPRD Protocol (VERITAS NetBackup)
13721 BPBRM Protocol (VERITAS NetBackup)
13722 BP Java MSVC Protocol
13782 VERITAS NetBackup
13783 VOPIED Protocol
13818 DSMCC Config
13819 DSMCC Session Messages
13820 DSMCC Pass-Thru Messages
13821 DSMCC Download Protocol
13822 DSMCC Channel Change Protocol
14001 ITU SCCP (SS7)
16360 netserialext1
16361 netserialext2
16367 netserialext3
16368 netserialext4
16991 INTEL-RCI-MP
17007 isode-dua
17219 Chipper
18000 Beckman Instruments Inc.
18181 OPSEC CVP
18182 OPSEC UFP
18183 OPSEC SAM
18184 OPSEC LEA
18185 OPSEC OMI
18187 OPSEC ELA
18463 AC Cluster
18753 Shaft distributed attack tool handler agent
18888 APCNECMP
19283 Key Server for SASSAFRAS
19315 Key Shadow for SASSAFRAS
19410 hp-sco
19411 hp-sca
19412 HP-SESSMON
19541 JCP Client
20000 DNP
20432 Shaft distributed attack agent
20670 Track
20999 AT Hand MMP
21590 VoFR Gateway
21845 webphone
21846 NetSpeak Corp. Directory Services
21847 NetSpeak Corp. Connection Services
21848 NetSpeak Corp. Automatic Call Distribution
21849 NetSpeak Corp. Credit Processing System
22000 SNAPenetIO
22001 OptoControl
22273 wnn6
22555 Vocaltec Internet Phone
22800 Telerate Information Platform LAN
22951 Telerate Information Platform WAN
24000 med-ltp
24001 med-fsp-rx
24002 med-fsp-tx
24003 med-supp
24004 med-ovw
24005 med-ci
24006 med-net-svc
24386 Intel RCI
24554 BINKP
25000 icl-twobase1
25001 icl-twobase2
25002 icl-twobase3
25003 icl-twobase4
25004 icl-twobase5
25005 icl-twobase6
25006 icl-twobase7
25007 icl-twobase8
25008 icl-twobase9
25009 icl-twobase10
25793 Vocaltec Address Server
26000 quake
26208 wnn6-ds
27010 Half-Life Server Master
27011 Half-Life Mod Master
27374 Linux.Ramen.Worm (RedHat Linux)
27444 Trinoo distributed attack tool Master
27999 Attribute Certificate Services
31335 Trinoo / Bcast Daemon registration port
31337 Back Orifice (Windows Trojan)
31338 Deep Back Orifice (Windows Trojan)
31789 Hack-A-Tack Remote Access Trojan (Windows Trojan)
31791 Hack-A-Tack Remote Access Trojan (Windows Trojan)
32768 Filenet TMS
32769 Filenet RPC
32770 Filenet NCH
32780 RPC
33270 Trinity v3 distributed attack tool
33434 traceroute use
34555 Trinoo distributed attack tool Handler
36865 KastenX Pipe
40841 CSCP
43981 Netware IP
44818 Rockwell Encapsulation
45678 EBA PRISE
45966 SSRServerMgr
47557 Databeam Corporation
47624 Direct Play Server
47806 ALC Protocol
47808 Building Automation and Control Networks
48000 Nimbus Controller
48001 Nimbus Spooler
48002 Nimbus Hub
48003 Nimbus Gateway
54321 Orifice 2000 (UDP)

2007-07-09T18:11:00.000+05:30

Well Known TCP Ports

The well-known port numbers are the port numbers that are reserved for assignment by the Internet Corporation for Assigned Names and Numbers (ICANN) for use by the application end points that communicate using the Internet's Transmission Control Protocol (TCP) or the User Datagram Protocol (UDP).
TCP List
Service Multiplexer (TCPMUX)
5 Remote Job Entry (RJE)
7 ECHO
18 Message Send Protocol (MSP)
20 FTP -- Data
21 FTP -- Control
22 SSH Remote Login Protocol
23 Telnet
25 Simple Mail Transfer Protocol (SMTP)
29 MSG ICP
37 Time
42 Host Name Server (Nameserv)
43 WhoIs
49 Login Host Protocol (Login)
53 Domain Name System (DNS)
69 Trivial File Transfer Protocol (TFTP)
70 Gopher Services
79 Finger
80 HTTP
103 X.400 Standard
108 SNA Gateway Access Server
109 POP2
110 POP3
115 Simple File Transfer Protocol (SFTP)
118 SQL Services
119 Newsgroup (NNTP)
137 NetBIOS Name Service
139 NetBIOS Datagram Service
143 Interim Mail Access Protocol (IMAP)
150 NetBIOS Session Service
156 SQL Server
161 SNMP
179 Border Gateway Protocol (BGP)
190 Gateway Access Control Protocol (GACP)
194 Internet Relay Chat (IRC)
197 Directory Location Service (DLS)
389 Lightweight Directory Access Protocol (LDAP)
396 Novell Netware over IP
443 HTTPS
444 Simple Network Paging Protocol (SNPP)
445 Microsoft-DS
458 Apple QuickTime
546 DHCP Client
547 DHCP Server
563 SNEWS
569 MSN
1080 Socks

2007-07-09T17:53:00.000+05:30

ALL ABOUT COOKIES

A “cookie” is a small piece of information sent by a web server to be stored on a web browser so that it can later be read back from that browser. This becomes useful for having the browser remember specific information about a visitor to a particular website. The cookie is a text file that is saved in the bowser’s directory and is stored in RAM while the browser is running. The cookie may also be stored on the computer’s hard drive once a user logs off from that website or web server.
Cookies are a very important method for maintaining ‘state’ on the Web. What does that mean? ‘State’ refers to the application ability to work interactively with the user. For example, when you book yourself for a train/bus you get a ticket. On the date of journey, when you show this ticket, you will be allowed to enter the train/bus else the ticket collector will not know if you are the right person or a new customer. Here ticket is critical to maintain state between you and ticket collector.
HTTP is a ‘stateless’ protocol. This means that each visit to a site (or clicks within a site) is seen by the server as the first visit by the user. That means the server forgets everything after each request, unless it can somehow mark a visitor ( i.e ‘Yes he is the right traveler’) to help it remember. Cookies do this job.

Cookies can only tell a web server if you have been there before and can pass short bits of information (such as a user number) from the web server back to itself the next time you visit. Most cookies last only until you quit your browser and then are destroyed. A second type of cookie known as a persistent cookie has an expiration date and is stored on your disk until that date. A persistent cookie can be used to track a user's browsing habits by identifying him whenever he returns to a site. Information about where you come from and what web pages you visit already exists in a web server's log files and could also be used to track users browsing habits, cookies just make it easier.

	How do I examine Persistent Cookies already my own System? Persistent cookies are stored in different places on your system depending on which web browser and browser version you are using. Netscape stores all its persistent cookies in a single file named cookies.txt on the PC . Both files are in the Netscape directory. You can open and edit this file with a text editor and delete any cookies that you don't want to keep or delete the file itself to get rid of all of your cookies. Internet Explorer stores persistent cookies in separate files named with the user's name and the domain name of the site that sent the cookie. For example: yourname@ciac.txt. The cookie files are stored in /Windows/cookies or in /Windows/profiles/cookies directories, where ‘yourname’ is replaced with the user's login name. If your operating system directory is not named Windows (such as Winnt for Windows NT) then look in that directory instead of the Windows directory. You can delete any of these files you do not want to keep. You can open these files to see where they came from and what information they contain. For example, the following are the contents of an Internet Explorer cookie file. WEBTRENDS_ID 61.1.129.58-1041789995.121030 www.bazee.com/ 1024 3872737152 30271763 3731731632 29537508 * This particular cookie file was named Nikhil@www.bazee.txt (Nikhil is my user name, I logged in). Cookie may contain different information; it depends on cookie to cookie. Here my IP address is stored(61.1.129.58) . We will not go into details now.
	What Are Cookies Used For? One use of cookies is for storing passwords and user ID’s for specific websites. Also, they are used to store preferences of start pages. On sites with personalized viewing, your web browser will be requested to utilize a small amount of space on your computer’s hard drive to store these preferences. That way, each time you log on to that website, your browser will check to see if you have any pre-defined preferences (a cookie) for that unique server. If you do, the browser will send the cookie to the server along with your request for a web page. Microsoft and Netscape use cookies to create personal start pages on their websites. Common uses for which companies utilize cookies include: on-line ordering systems, site personalization, and website tracking. Cookies have some beneficial things. Site personalization is one of the most beneficial uses for cookies. For example, a person comes to the CNN or even Yahoo!(My Yahoo) site, but does not want to see any business news. The site allows the person to select this choice as an option. >From then on (or until the cookie expires), the person would not see business news when they access the CNN web pages. You must have also seen in some websites that when you log in (using a User ID & Password), there is an option for ‘remember me when I visit next time’; that’s possible because it stored your password and id on your machine in a cookie. Some visitors feel it is an invasion of privacy for a website to track their progress on a site. It helps to get you the information or services you seek as quickly as possible and allow you to get back to work without delay. Site navigation statistics are critical to the continuing redesign of the site. Site administrator might need to know if 100 different people visited his site or if one person (or robot) continuously hit the reload button 100 times..
	Cookies also have some demerits. Let me give you a example(real life). The DoubleClick Network is a system created by the DoubleClick Corporation to create profiles of individuals using the World Wide Web and to present them with advertising banners customized to their interests. DoubleClick's primary customers are Web sites looking to advertise their services. Each member of the DoubleClick Network becomes a host for the advertising of other members of the network. When a Web site joins DoubleClick it creates advertisements for its services and submits them to DoubleClick's server. The Web site then modifies its HTML pages to include an graphic that points to DoubleClick. When a user goes to view one of these modified HTML pages, her browser makes a call to DoubleClick's server to retrieve the graphic. The server chooses one of its member's advertisements and returns it to the browser. If the user reloads the page, a different advertisement appears. If the user clicks on the graphic, her browser jumps to the advertised site. Currently many hundreds of sites belong to DoubleClick. >From the user's point of view DoubleClick's graphics appear no different from any other Web advertisement, and there's no visible indication of anything special about the graphic. However, there is an important difference. When a user first connects to the DoubleClick server to retrieve a graphic, the server assigns the browser a cookie that contains a unique identification number.
	From that time forward whenever the user connects to any Web site that subscribes to the DoubleClick Network, her browser returns the identification number to DoubleClick's server, allowing the server to recognize her. Over a period of time DoubleClick compiles a list of which member sites the user has visited and revisited, using this information to create a profile of the user's tastes and interests. With this profile in hand the DoubleClick server can select advertising that is likely to be of interest to the user. It can also use this information to compile valuable feedback for its member Web sites, such as providing them with audience profiles and rating the effectiveness of the advertisements. So how do I know that I have been tracked by DoubleClick ? Well to find out whether you have been tracked by DoubleClick, examine your browser's cookies file in cookies directory . There will be something like this ad.doubleclick.net FALSE / FALSE 942195440 IAA d2bbd5
	How Do These Cookies Work? A command line in the HTML code of a document tells the browser to set a cookie of a certain name or value. The following is a general example of a script used to set a cookie. Set-Cookie: name = VALUE; expires = DATE; path = PATH; domain = DOMAIN_NAME; secure Lets go a bit detail of all these attributes…. name=VALUE This string is a sequence of characters excluding semi-colon, comma and white space. If there is a need to place such data in the name or value, some encoding method such as URL style %XX encoding is recommended, though no encoding is defined or required. This is the only required attribute on the Set-Cookie header. expires = DATE The expires attribute specifies a date string that defines the valid life time of that cookie. Once the expiration date has been reached, the cookie will no longer be stored or given out. The date string is formatted as: Wdy, DD-Mon-YYYY HH:MM:SS GMT expires is an optional attribute. If not specified, the cookie will expire when the user's session ends. domain = DOMAIN_NAME When searching the cookie list for valid cookies, a comparison of the domain attributes of the cookie is made with the Internet domain name of the host from which the URL will be fetched. If there is a tail match, then the cookie will go through path matching to see if it should be sent. "Tail matching" means that domain attribute is matched against the tail of the fully qualified domain name of the host. A domain attribute of "internet.com" would match host names "people.internet.com" as well as "shipping.computer.internet.com".
	Only hosts within the specified domain can set a cookie for a domain and domains must have at least two (2) or three (3) periods in them to prevent domains of the form: ".com", ".edu", and "lu.in". Any domain that fails within one of the seven special top level domains listed below only require two periods. Any other domain requires at least three. The seven special top level domains are: "COM", "EDU", "NET", "ORG", "GOV", "MIL", and "INT". The default value of domain is the host name of the server which generated the cookie response. Path = PATH The path attribute is used to specify the subset of URLs in a domain for which the cookie is valid. If a cookie has already passed domain matching, then the pathname component of the URL is compared with the path attribute, and if there is a match, the cookie is considered valid and is sent along with the URL request. The path "/foo" would match "/foobar" and "/foo/bar.html". The path "/" is the most general path. If the path is not specified, it as assumed to be the same path as the document being described by the header which contains the cookie. secure If a cookie is marked secure, it will only be transmitted if the communications channel with the host is a secure one. Currently this means that secure cookies will only be sent to HTTPS (HTTP over SSL) servers. If secure is not specified, a cookie is considered safe to be sent in the clear over unsecured channels.
	An HTTP Cookie cannot be used to retrieve personal data from your hard drive, install a virus, get your email address, or steal sensitive information about who you are; however, an HTTP Cookie may be used to track where you travel over a particular site. Site tracking cannot easily be done without the use of cookies as you have seen in the above example. As with everything else about the Internet, you are only as anonymous as you wish to be. No website knows who you are until you reveal to it who you are. In the meantime, a cookie is simply a means of tracking site statistics in order to better understand usage patterns and to improve visitor productivity. A cookie is the way of remembering that information. If a website designer desires to make web pages become more interactive with visitors, or if the designer plans on letting visitors customize the appearance of the site, then they will need cookies. Also, if you want your site visits to change appearances under certain circumstances, cookies provide a quick and easy way to let your HTML pages change as required. The newest servers use cookies to help with database interactivity, which can improve the overall interactivity of the website.

2007-07-09T17:46:00.000+05:30

Mobile Cheat Codes

Tips on accessing some unknown stuff on most cellphones

You can do many things with cellphone codes, and here are a few of them. Not all of them will work on all models though, so don’t feel disheartened if that happens. The way to make these codes work is like this: punch them in blindly, and your phone will perform the function mentioned.

Nokia phones
*#06# IMEI (International Mobile Equipment Identity) information
*#0000# 1st Line: software version. 2nd line: date of software release. 3rd line: phone type
*#746025625# Checks if the SIM clock can be stopped. It is a kind of standby mode that will save battery. However, the clock automatically gets activated when the phone is switched off and on
*#92702689# Here is a big one! A menu will come up with six choices. First, it’ll display the serial number. Second, the month and year of manufacture. Third, the date of purchase. Fourth, the last repair date. Fifth, the option to transfer user data if you have the hardware for it. Sixth, the number of hours the phone has been on. Some of these dates might not be displayed if the information doesn’t exist
*3370# Enhanced Full Rate (EFR) codec activation
#3370# EFR codec deactivation
*4370# Half Rate codec activation
#4730# Half Rate codec deactivation

EFR gives better voice quality compared to the half rate codec, but can cut down on the battery life. Your phone will automatically restart after you feed in any of the above codecs

xx# Here is a harmless little one. This will automatically display the number at the ‘xx’ position in your phone book

Motorola phones
*#06# Displays IMEI
[][][] 119 [] 1 [] OK Enable EFR
[][][] 119 [] 0 [] OK Disable EFR

Samsung SGH-2100/600
*#06# Displays IMEI
*#9999# Software version
*#0324# Technical menu
*#0523# Lets you adjust the screen contrast
*#0228# Battery status (capacity, voltage, temperature)
Caution - starting from here the codes are "dangerous"
*#7370925538#
*#Res0Wallet#
... is to delete the code around the "wallet"
Input like normal telephone number (not in wallet code inquiry windows).
NOTE! Afterwards the "wallet" is empty, can again be put on however with new code.

*#7780# - Reset to original settings
NOTE! Afterwards various "attitudes" are away - among other things these:
Points of entrance (Provider dependent points of entrance and attitudes)
Bluetooth attitudes
Favorite
Allocation of the two keys (beside Navi keys) in the main menue
Profiles are "neglected" (as with distribution) - still there however new bell tones, etc. are...
SMS/MMS/E Mail attitudes
Logos and spielstaende (allegedly) also deleted...
Programs, calendars and contacts, etc. not changed...

*#7370# - Soft format - resets all the telefone Memory (like Formatting a disk
NOTE! Battery should be full up to at least 75%, do not accomplish during the procedure under any circumstances ! The procedure takes some minutes (approx. 3-4)

Green, * 3 - Hard format: If the Mobile (only telephone memory) formats, puts back the attitudes (see * to # 7780 #) and implements a RESET.
NOTE! Battery should be full up to at least 75%, do not accomplish during the procedure under any circumstances ! The procedure takes some minutes (approx. 3-4)

Proceeding: Equipment switch off, keep "green key" (take off) at the same time pressed, "*" and to "3" key and switch the equipment on (the keys thereby keep further pressed)... to "Formatting" on the display appears...
HOW? Again there are two ways:

1) *#7370#

2) When unable to startup your phone: press and hold the green (talk) key on the left + number 3 on the keypad + the * key and then turn the phone on. This trick works on every S60 v7.0 and it works fine on my 6630 too but without formatting screen...
Tip 11: Check if the recepients phone is on
Delivery reports
or
Type *0# your message in the message composer window space then write your msgTry it !!!
ALL NOKIA PHONES

*3370# -This Nokia code activates Enhanced Full Rate Codec (EFR) - Your Nokia cell phone uses the best sound quality but talk time is reduced my approx. 5%

#3370# - Deactivate Enhanced Full Rate Codec (EFR)

*#4720# - Activate Half Rate Codec - Your phone uses a lower quality sound but you should gain approx 30% more Talk Time

*#4720# With this Nokia code you can deactivate the Half Rate Codec

*#0000# Displays your phones software version, 1st Line : Software Version, 2nd Line : Software Release Date, 3rd Line : Compression Type

*#9999# Phones software version if *#0000# does not work

*#06# For checking the International Mobile Equipment Identity (IMEI Number)

#pw+1234567890+1# Provider Lock Status. (use the "*" button to obtain the "p,w" and "+" symbols)

#pw+1234567890+2# Network Lock Status. (use the "*" button to obtain the "p,w" and "+" symbols)

#pw+1234567890+3# Country Lock Status. (use the "*" button to obtain the "p,w" and "+" symbols)

2007-07-09T17:16:00.003+05:30

REGISTRY TWEAKS

Renaming The Recycle Bin icon:
To change the name of the Recycle Bin desktop icon, click Start then goto Run, write Regedit and press Enter. It opens Registry Editor. Now in Registry Editor go to:

[HKEY_CLASSES_ROOT/CLSID/{645FF040-5081-101B-9F08-00AA002F954E}]
and change the name "Recycle Bin" to whatever you want (don't type any quotes).
Removing Shared Documents folder From My Computer

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ My Computer \ NameSpace \ DelegateFolders]

You must see a sub-key named {59031a47-3f72-44a7-89c5-5595fe6b30ee}. If you delete this key, you have effectively removed the my shared documents folder.

Removing the Shortcut arrow from Desktop Icons:
HKEY_CLASSES_ROOTlnkfile. Delete the IsShortcut registry value. You may need to restart Windows XP.
Disabling Display of Drives in My Computer
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer] Now in the right pane create a new DWORD item and name it NoDrives. Now modify it's value and set it to 3FFFFFF (Hexadecimal) Now press F5 to refresh. When you click on My Computer, no drives will be shown. To enable display of drives in My Computer, simply delete this DWORD item.
Branding WINDOWS With U R Name

open notepad dump the following lines into it and save it with the name OEMINFO.INI in the c:\windows\system32 directory:

[General]
Manufacturer=Your Name Here
Model=Your Model Here
[Support Information]
Line1=Your Name Here
Line2=Your Address Here
Line3=Your Email Address Here

Save the file, then make a right click on my computer select properties, in the general tab a button will be highlighted (support information) make a click on it, you will be able to see the changes.
Now if you want to display some more information then simply increase the line in the file.
ex: Line4=Your Working Hours Here
Boosting ur broadband speed
A nice little tweak for XP Pro. Microsoft reserve 20% of your available bandwidth for their own purposes (suspect for updates and interrogating your machine etc..)

Here's how to get it back:

Click Start-->Run-->type "gpedit.msc" without the "

This opens the group policy editor. Then go to:

Local Computer Policy-->Computer Configuration-->Administrative Templates-->Network-->QOS Packet Scheduler-->Limit Reservable Bandwidth

Double click on Limit Reservable bandwidth. It will say it is not configured, but the truth is under the 'Explain' tab. I am Quoting it for Reference:

"By default, the Packet Scheduler limits the system to 20 percent of the bandwidth of a connection, but you can use this setting to override the default."

So the trick is to ENABLE reservable bandwidth, then set it to ZERO.

This will allow the system to reserve nothing, rather than the default 20%.

works on XP Pro, and 2000
Speedup Browsing
This tip works with ALL Windows 95/98/NT4/2000/ME/XP/2003 releases AND MS Internet Explorer 4/5/6/7. This Registry fix speeds up internet/remote (using Windows Explorer and/or Internet Explorer) browsing process considerably on most MS Windows 32-bit machines connected to a network/remote computer(s).
This actually fixes a BUG in MS Windows operating System Uses, that scan shared (remote) folders/files across network/s for Scheduled Tasks and Shared Printers, and can add a delay as long as 30 seconds/s, because it uses extra time to search the remote computers (thats very sad). :(
Note -: Before performing this make sure all Windows Explorer and MS IE instances are closed.
Then run Regedit and go to:
HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerRemoteComputerNameSpace
In the left hand pane highlight these 2 subkeys:
{D6277990-4C6A-11CF-8D87-00AA0060F5BF} = Scheduled Tasks
{2227A280-3AEA-1069-A2DE-08002B30309D} = Shared Printers
and delete them: right-click on each -> select Delete -> click OK.
RECOMMENDED: Export (BACKUP) this Registry key to a REG file FIRST, to be able to restore it (by running the REG file) if necessary. In Regedit: highlight the key name in the left hand pane -> click “Registry” from the menu -> select “Export Registry File…” -> type a file name in the “File name” field -> browse to the destination of your choice -> push the Save button. Thts it u need to do …Enjoy High Speeds
This Registry change takes effect immediately.
Registery Tweakz
Guys here are some of the Best registry Tweaks , if u wanna activate any of them just Follow these easy steps :-
1.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management]
“DisablePagingExecutive”=dword:00000001
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management]
“DisablePagingExecutive”=dword:00000001
2. Force DLL files to unload from memory
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\AlwaysUnloadDLL]
@=”1″
3. Increase IoPageLockLimit
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management]
“IoPageLockLimit”=dword:00020000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\FileSystem]
“NtfsDisable8dot3NameCreation”=dword:00000001
“NtfsDisableLastAccessUpdate”=dword:00000001
“Win95TruncatedExtensions”=dword:00000001
“Win31FileSystem”=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\stisvc]
“Start”=dword:00000004
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
“NoSaveSettings”=dword:00000000
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
“NoNetCrawling”=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer]
“NoRemoteRecursiveEvents”=dword:00000001
4. Removes Explore from the right-click menu of My Computer, Drives, and Folders
[HKEY_CLASSES_ROOT\Folder\shell\explore]
5. Removes Manage from the right-click menu of My Computer
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Manage]
6. Removes Search from the right-click menu of My Computer
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\find]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Device Manager]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Device Manager\command]
@=”mmc.exe %%systemroot%%\\System32\\devmgmt.msc”
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Registry Editor]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Registry Editor\command]
@=”regedit.exe”
7. Adds Services to the right-click menu of My Computer
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Services]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\Services\command]
@=”mmc.exe %%systemroot%%\\System32\\services.msc”
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\[Log Off]]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\[Log Off]\command]
@=”shutdown -l -f -t 5″
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\[Restart]]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\[Restart]\command]
@=”shutdown -r -f -t 5″
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\[Shutdown]]
[HKEY_CLASSES_ROOT\CLSID\{20D04FE0-3AEA-1069-A2D8-08002B30309D}\shell\[Shutdown]\command]
@=”shutdown -s -f -t 5″
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
“NoNetConnectDisconnect”=dword:00000001
8. Remove Browse web for program to open unknown file extension
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
“NoInternetOpenWith”=dword:00000001
[HKEY_CLASSES_ROOT\Drive\shellex\ContextMenuHandlers\Sharing]
[HKEY_CLASSES_ROOT\Directory\shellex\ContextMenuHandlers\Sharing]
[HKEY_CLASSES_ROOT\*\shellex\ContextMenuHandlers\Open With]
@=”"
[HKEY_CLASSES_ROOT\CLSID\{F1B9284F-E9DC-4e68-9D7E-42362A59F0FD}]
[HKEY_CLASSES_ROOT\CLSID\{8DD448E6-C188-4aed-AF92-44956194EB1F}]
[HKEY_CLASSES_ROOT\CLSID\{7D4734E6-047E-41e2-AEAA-E763B4739DC4}]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\InternetShortcut\shell\print][HKEY_CLASSES_ROOT\SystemFileAssociations\image\shell\print]
[HKEY_CLASSES_ROOT\SystemFileAssociations\text\shell\print]
9. Remove Print from the right-click menu of Text Files
[HKEY_CLASSES_ROOT\txtfile\shell\print]
[HKEY_CLASSES_ROOT\regfile\shell\print]
[HKEY_CLASSES_ROOT\cmdfile\shell\print]
[HKEY_CLASSES_ROOT\batfile\shell\print]
[HKEY_CLASSES_ROOT\inifile\shell\print]
[HKEY_CLASSES_ROOT\FoxitReader.Document.Document\shell\print]

Registery Tweakz

Guys here are some of the Best registry Tweaks , if u wanna activate any of them just Follow these easy steps :-
1.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management]
“DisablePagingExecutive”=dword:00000001
2. Remove the Eraser text from the right-click menu of Recycle Bin
[HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\Erasext]
3. Remove Optimize with Perfect Disk from the right-click menu of Drive Icons
[HKEY_CLASSES_ROOT\Drive\shell\Optimize using PerfectDisk]
4. Remove Record from the right-click menu of Wave Files
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\SoundRec\shell\record]
5. Remove Search from the right-click menu of Drive Icons
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Drive\shell\find]
6. Remove Search from the right-click menu of Folders
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Directory\shell\find]
7. Remove Winamp Bookmark from the right-click menu of folders
[HKEY_CLASSES_ROOT\Directory\shell\Winamp.Bookmark]
8. Remove Winamp Bookmark from the right-click menu of files
[HKEY_CLASSES_ROOT\Winamp.File\shell\ListBookmark]
9. Remove Winamp Enqueue from the right-click menu of folders
[HKEY_CLASSES_ROOT\Directory\shell\Winamp.Enqueue]
10. Remove Winamp Enqueue from the right-click menu of files
[HKEY_CLASSES_ROOT\Winamp.File\shell\Enqueue]
11. Remove Winamp Enqueue from the right-click menu of playlists
[HKEY_CLASSES_ROOT\Winamp.Playlist\shell\Enqueue]
12. Add Open With Notepad to the right-click menu of Unknown Files
[HKEY_CLASSES_ROOT\*\shell\open]
@=”Open With Notepad”
[HKEY_CLASSES_ROOT\*\shell\open\command]
@=”notepad.exe \”%1\”"
13. Add register and unregister to the right-click menu of DLL files
[HKEY_CLASSES_ROOT\.dll]
“Content Type”=”application/x-msdownload”
@=”dllfile”
[HKEY_CLASSES_ROOT\dllfile]
@=”Application Extension”
[HKEY_CLASSES_ROOT\dllfile\Shell\Register\command]
@=”regsvr32.exe \”%1\”"
[HKEY_CLASSES_ROOT\dllfile\Shell\UnRegister\command]
@=”regsvr32.exe /u \”%1\”"
14. Add register and unregister to the right-click menu of OCX files
[HKEY_CLASSES_ROOT\.ocx]
@=”ocxfile”
[HKEY_CLASSES_ROOT\ocxfile]
@=”OCX”
[HKEY_CLASSES_ROOT\ocxfile\Shell\Register\command]
@=”regsvr32.exe \”%1\”"
[HKEY_CLASSES_ROOT\ocxfile\Shell\UnRegister\command]
@=”regsvr32.exe /u \”%1\”"
[HKEY_CLASSES_ROOT\Directory\shell\Command Prompt Here]
[HKEY_CLASSES_ROOT\Directory\shell\Command Prompt Here\command]
@=”cmd /k cd \”%1\”"
15. Add Open In New Window to the right-click menu of Directories
[HKEY_CLASSES_ROOT\Directory\shell\Open In New Window]
@=”Open In New Window”
[HKEY_CLASSES_ROOT\Directory\shell\Open In New Window\command]
@=”explorer \”%1\”"
16.Change default Command Prompt colors and starting directory
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Command Processor]
“AutoRun”=”title %username% @ %computername% - %date% &&color 1a &&prompt $s$p$b$s&& cd %systemdrive%\\ &&cls &&ECHO. &&ECHO Windows XP Pro - %time%”
17. Configure the Command Prompt (Tab key completes paths and filenames, Turn UNC checks off)
[HKEY_LOCAL_MACHINE\Software\Microsoft\Command Processor]
“CompletionChar”=dword:00000008
“PathCompletionChar”=dword:00000008
“DisableUNCCheck”=dword:00000001
18. Use ClearType Fonts on the Welcome Screen and set the default Screensaver and Wallpaper
[HKEY_USERS\.DEFAULT\Control Panel\Desktop]
“FontSmoothing”=”2″
“SCRNSAVE.EXE”=”XPize.scr”
“Wallpaper”=”%systemroot%\\Web\\Wallpaper\\Wallpaper.jpg”
19. Change the defualt search options
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer]
“SearchSystemDirs”=dword:00000001
“SearchHidden”=dword:00000001
“IncludeSubFolders”=dword:00000001
“CaseSensitive”=dword:00000000
“SearchSlowFiles”=dword:00000000
20.Search all file types
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\ContentIndex]
“FilterFilesWithUnknownExtensions”=dword:00000001
21. Launch new Internet Explorer windows in a seperate process
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\BrowseNewProcess]
“BrowseNewProcess”=”Yes”
22.Reduce the size of index.dat in cookies
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Cookies]
“CacheLimit”=dword:00000100
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\History]
“CacheLimit”=dword:00000800
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Content]
“CacheLimit”=dword:00000800
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\Cookies]
“CacheLimit”=dword:00000100
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache\History]
“CacheLimit”=dword:00000800
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Content]
“PerUserItem”=dword:00000001
“CachePrefix”=”"
“CacheLimit”=dword:00000800
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\Cookies]
“PerUserItem”=dword:00000001
“CachePrefix”=”Cookie:”
“CacheLimit”=dword:00000100
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\5.0\Cache\History]
“PerUserItem”=dword:00000001
“CachePrefix”=”Visited:”
“CacheLimit”=dword:00000800
23. Delete Temporary Internet files when Internet Explorer is closed
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Cache]
“Persistent”=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Cache]
“Persistent”=dword:00000000
24.Configure Internet Explorer for fast-browsing
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
“Show_ChannelBand”=”No”
“Cache_Update_Frequency”=”Once_Per_Session”
“Show_StatusBar”=”yes”
“Show_ToolBar”=”yes”
“Show_URLinStatusBar”=”yes”
“Show_URLToolBar”=”yes”
“Start Page”=”about:blank”
“Use_DlgBox_Colors”=”yes”
“FullScreen”=”no”
“Show_FullURL”=”no”
“ShowedCheckBrowser”=”Yes”
“Check_Associations”=”No”
25. Close unused folders in History and Favorites
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
“NscSingleExpand”=dword:00000001
26. Use Smooth Scrolling in Internet Explorer
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
“SmoothScroll”=dword:00000001
27. Disable the Script Debugger
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
“Disable Script Debugger”=”yes”
28. Disable the Internet Explorere Image Toolbar
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
“Enable_MyPics_Hoverbar”=”no”
[HKEY_CURRENT_USER\Software\Microsoft\Ftp]
“Use Web Based FTP”=”yes”
“Use PASV”=”yes”
29. Remove the Internet Explorer Help Menu items
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer]
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Internet Explorer\Restrictions]
“NoHelpItemNetscapeHelp”=dword:00000001
“NoHelpItemSendFeedback”=dword:00000001
“NoHelpItemTipOfTheDay”=dword:00000001
30. Power-Off computer after shutdown
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
“PowerdownAfterShutdown”=”1″
31. Use Classic Control Panel
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
“ForceClassicControlPanel”=dword:00000001
32. Disable the Security Center
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
“AntiVirusDisableNotify”=dword:00000001
“AntiVirusOverride”=dword:00000001
“FirewallDisableNotify”=dword:00000001
“FirewallOverride”=dword:00000001
“FirstRunDisabled”=dword:00000001
“UpdatesDisableNotify”=dword:00000001
33. Set Recycle Bin to only use 3% of disk space
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\BitBucket]
“Percent”=dword:00000003
34. Launch 16-bit applications in a separate process
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\WOW]
“DefaultSeparateVDM”=”Yes”
35. Disable Windows Installer Rollback
[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\Installer]
“DisableRollback”=dword:00000001
36. Remove More Themes Online… option from the Themes dropdown box
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Themes\DownloadSites]
37.Speed-up access to AVI files
[HKEY_CLASSES_ROOT\CLSID\{87D62D94-71B3-4b9a-9489-5FE6850DC73E}]
[HKEY_CLASSES_ROOT\SystemFileAssociations\.avi\shellex\PropertyHandler]
38.Auto accept Windows Media Player EULA
[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsMediaPlayer]
“GroupPrivacyAcceptance”=dword:00000001
39. Windows Media Player Setup
[HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Preferences]
“AcceptedPrivacyStatement”=dword:00000001
“FirstRun”=dword:00000000
40.Disable automatic codec downloads
“UpgradeCodecPrompt”=dword:00000001
“StartInMediaGuide”=dword:00000000
“ShowAppTitlebar”=dword:00000000
“AlwaysOnTop”=dword:00000000
“DoNotShowAnchor”=dword:00000001
“EnableScreenSaver”=dword:00000000
“PromptLicenseBackup”=dword:00000001
“PlayerScriptCommandsEnabled”=dword:00000000
“WebScriptCommandsEnabled”=dword:00000000
“WebStreamsEnabled”=dword:00000001
“MetadataRetrieval”=dword:00000000
41. Disable Media Player identification (track-back) through internet sites
“SendUserGUID”=hex:00

42.Do Not Receive Media Player Licences automatically without prompt
“SilentAcquisition”=dword:00000000
“UsageTracking”=dword:00000000
“DisableMRU”=dword:00000001
“SaveDRMMusic”=dword:00000000
“LibraryHasBeenRun”=dword:00000001
“FullmodeTaskbar”=dword:00000001
“UpgradeCheckFrequency”=dword:00000002
“StretchToFit”=dword:00000001
“LaunchIndex”=dword:00000003
“Maximized”=”0″
“ShrinkToFit”=dword:00000000
“ShowEffects”=dword:00000001
“ShowFullScreenPlaylist”=dword:00000000
“NowPlayingQuickHide”=dword:00000000
“ShowTitles”=dword:00000001
“ShowCaptions”=dword:00000001
“TitlebarMouseover”=dword:00000000
“ForceOnline”=dword:00000000
“NowPlayingPlaylist”=dword:00000001
“NowPlayingMetadata”=dword:00000001
“NowPlayingSettings”=dword:00000000
“VizAutoSelect”=dword:00000001
“CurrentDisplayView”=”VizView”
“CurrentDisplayPreset”=dword:00000000
“CurrentSettingsPreset”=dword:00000000
“CurrentMetadataPreset”=dword:00000000
“UserDisplayView”=”VizView”
“UserWMPDisplayView”=”VizView”
“UserWMPSettingsView”=”EQView”
“UserWMPMetadataView”=”MediaInfoView”
“UserDisplayPreset”=dword:00000000
“UserWMPDisplayPreset”=dword:00000000
“UserWMPSettingsPreset”=dword:00000000
“UserWMPMetadataPreset”=dword:00000000
“UserWMPShowSettings”=dword:00000000
“UserWMPShowMetadata”=dword:00000000
“CDRecordMP3″=dword:00000001
“CDRecordMode”=dword:00000000
“WMARecordRate”=dword:0000fa00
“WMARecordQuality”=dword:00000000
“MP3RecordRate”=dword:0002ee00
“CDRecordDRM”=dword:00000000
“AutoCopyCD”=dword:00000000
“AutoEjectCD”=dword:00000000
“AutoAddRemovable”=dword:00000000
“AutoAddMusicToLibrary”=dword:00000000
43. Disable codec downloads
[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\WindowsMediaPlayer]
“PreventCodecDownload”=dword:00000000
[HKEY_CURRENT_USER\Software\Policies\Microsoft\WindowsMediaPlayer]
“PreventCodecDownload”=dword:00000000
44. Enable DVD in Windows Media Player
[HKEY_CURRENT_USER\Software\Microsoft\MediaPlayer\Player\Settings]
“EnableDVDUI”=”Yes”
45.Show the real CD-recording speed in Nero
[HKEY_CURRENT_USER\Software\Ahead\Nero - Burning Rom\Recorder]
“ShowSingleRecorderSpeed”=dword:00000001
46. Remove the Office 2003 System Tray icon
[HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Common\Internet]
“UseOnlineContent”=dword:00000002
[HKEY_CURRENT_USER\Software\Microsoft\Office\Common]
“QMEnable”=dword:00000000

Registery Tweakz

Here You Will find Tweaks Relating to: Security and Privacy .If you want to activate any of them just Follow these easy steps:-
1. Disabling Ctrl+Alt+Del
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
;”DisableCAD”=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
;”DisableCAD”=dword:00000001
2. Disable Registry Editing Tools
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System]
;”DisableRegistryTools”=dword:00000001

3. Disable Windows Installer
;0=default, 1=admin only, 2=disabled
[HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows\Installer]
;”DisableMSI”=dword:00000002

4. Disable the Ability to Right Click on the Desktop
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
;”NoViewContextMenu”=dword:00000001
;
;[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
;”NoViewContextMenu”=dword:00000001

5. Change the Logon Window to Classic
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
;”LogonType”=dword:00000000

6. Hide the Last User Name
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
;”DontDisplayLastUserName”=dword:00000001

7. Legal Notice Dialog Box Before Logon
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
;”LegalNoticeCaption”=”Type the caption for your message here”
;”LegalNoticeText”=”Type your message here”

8. Show Administrator on the Welcome Screen
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList]
;”Administrator”=dword:00000001

9. Disable the Auto Logon Shift Override Feature
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
;”IgnoreShiftOverride”=”1″

10.Hide Usernames from the Logon Screen
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList]
;”Name of a user”=dword:00000000
;”Name of another user”=dword:00000000
;”Name of third user”=dword:00000000
; etc…
11.Disable the Windows Key
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Keyboard Layout]
;”Scancode Map”=hex:00,00,00,00,00,00,00,00,03,00,00,00,00,00,5b,e0,00,00,5c,e0,\
; 00,00,00,00

12. Disable Windows Script Host
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows Script Host\Settings]
;”Enable”=dword:00000000

13. Disable Windows File Protection (WFP) (to enable, change to 0)
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Add]
;”SFCDisable”=dword:FFFFFF9D

14. To make Windows use virtual memory only as a last resort HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\
Control\Session Manager\Memory Management.
Double-click the Disable, Paging,Executive icon in the right pane. Change the ‘0′ in the Value data box to 1, click OK, and restart your computer.

15. Free Proxy This trick is for Win9x HKEY_LOCAL_MACHINE\Config\0001\Software\Microsoft\windows\CurrentVersion\Internet Settings
First, set “EnableAutodial” to 1 if you use a dialup proxy service. Next, double-click “ProxyEnable” and replace the Decimal value of 0 with 1.
Your proxy is now fully enabled

16. Change windows installation files
[KEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Setup]
Edit the value next to SourcePath

17. MAKING MENU OPENING FAST
[HKEY_CURRENT_USER\Control Panel\Desktop\]
Select "MenuShowDelay"
Right click and select "Modify'
Reduce the number to around "100"
This is the delay time before a menu is opened

2007-07-09T17:11:00.000+05:30

You've been hacked: What to do first!

What should you do in the first five minutes after you discover your system has been hacked?
Sitting at your desk, you notice some odd activity in a log while you're looking into a user problem. The more you step through it, the more you are convinced that something is just not right. Your heart skips a beat when you realise that the system has been hacked.

At this point, you enter a stage of shock as you ask yourself, "How could this happen?" and "What do I do now?"

Although you'll find plenty of advice on how to keep your systems from being hacked, there are relatively few articles that will help you sort things out in the aftermath of an attack. So for the next three weeks, I'll present a series of articles that will explain what you should do in the first five minutes, in the first hour, and in the first week after you've discovered that an interloper has compromised your systems. This article will focus on the most immediate actions you must take to secure your system: evaluate, communicate, and disconnect.

Evaluate
The first question that you must answer after an attack (or preferably before) is what your objectives are. In most cases, the objectives are simple: prevent further intrusion and resolve the problem. However, in some cases, you will want to be able to positively identify the intruder and, in others, you will be focused on figuring out which vulnerability the hacker exploited.

Identify the intruder
It may be necessary to positively identify the intruder so that you can refer the matter to the police for further investigation and possible prosecution. Of course, this is not the most expedient way to get the systems back online and prevent further infection. Identifying intruders can be difficult, particularly if they have covered their tracks well. Despite Hollywood's portrayal of hackers easily being traced, someone who is routing traffic through several systems is not only difficult to find, but might be -- in all practical terms -- impossible to track down.

Identify the vulnerability
Another approach that some organisations take is to try to identify the specific vulnerability exploited. The thinking is that you want to patch the specific hole that allowed this intruder to gain access. By and large, this approaches the problem from a suboptimal perspective. A far better strategy is to attempt to identify all vulnerabilities and prevent any intruder from gaining access to your systems, rather than focusing on the one vulnerability this particular hacker exploited.

Many of today's security assessment tools will allow you to quickly test and resolve all vulnerabilities.

Return systems to operation
If this is the first time you have been attacked, you may find it simpler to forgo trying to pinpoint the intruder or the specific vulnerability that was exploited. In general, it is unlikely that you will be able to easily generate the logs you might need to target the origin of the intrusion.

Patching the vulnerabilities and returning systems to operation as soon as possible is the most straightforward approach. It reduces your risk and allows you to fortify your defences without worrying about the intruder continuing to take advantage of your systems.

Plan ahead
In many cases, organisations determine their course of action prior to an attack. But in an equal number of cases, organisations must make this their first order of business after an attack. In addition to determining your specific goals after an attack, you should consider executing a disaster recovery plan, if one exists for your organisation. Depending on the severity of the situation, it may make sense to treat the situation as if the data centre had been destroyed.

The one unique complication to activating a disaster recovery plan for an organisation is that it is typically centred on a known event with a known time. But with an intrusion into your network, you may not know exactly when the system was first compromised. This can complicate the recovery process because it may not be clear what set of backups should be restored for each system. Further complicating matters is the fact that some systems may have been compromised before others, so it may be necessary to repeat the restoration process several times while trying to determine when the first intrusion occurred and on which system.

Communicate
Once you have decided on your approach, you need to communicate to upper management what is happening -- or what you suspect is happening. This is perhaps the most difficult step and, because of that, it is one that is often skipped or delayed. But despite the potential for internal political problems, it is important to let business leadership understand what is happening so that everyone can plan for the steps required to resolve the problem. It will also give business leadership an opportunity to reaffirm the goal for problem resolution, whether that goal is to go after the intruder, target the vulnerability, or simply solve the problem as quickly as possible.

You should also communicate with your IT peers about the problem. You need everyone on the team to look for suspicious activity to ensure that the network is not further compromised. To that end, the more professionals involved who are aware of the problem, the more likely it is that nothing will slip through the cracks and be missed.

Conversely, you should not communicate with your users that you have detected an intrusion. An employee may have caused the breach, either by providing a password to a friend with the intention of allowing a breach or through something more innocent. It is a good idea to hold off on notifying employees until the HR department can communicate the company policy along with the message.

Finally, if you have a security infrastructure partner, communicate with it immediately that you have a potential situation. Even if you have only engaged the organisation in the past to perform a security audit, you should call it to indicate that you suspect that you have a problem. The intent here is not at this point to ask for help but rather to inform the partner so that it can be prepared to assist if necessary.

Disconnect
If you are not planning on attempting to identify the intruder or the vulnerability, you should disconnect the system or the entire internal network from the Internet as soon as possible. This prevents the intruder from working against you as you try to clean up the mess and also prevents further infections or data loss while you work on the systems.

One of the downsides of disconnecting is that people who want to use the system internally and externally will be unable to do so until the problem is resolved. This can exert substantial internal pressure to take shortcuts to get the systems back up again. But the natural desire to reconnect systems before a thorough evaluation of their status has been conducted is ill advised and typically leads to repeated intrusions while the problems with each of the servers are identified and resolved one-by-one.

The decision to disconnect the entire organisation from the Internet or to disconnect just one system or a few systems is a difficult call, particularly in the first five minutes. You will not have had time to evaluate which, if any, other systems have been compromised, so it is possible that removing a single system from the Internet may not resolve the problem. On the other hand, you may want the organisation to continue to function with as little disruption as possible.

Ultimately, the decision comes down to one of risk tolerance. How much risk is the organisation willing to accept to avoid some downtime? In most organisations, the risk of potential intruders greatly outweighs the desire to maintain availability of all systems. In other words, most organisations agree that it is important to disconnect from the Internet immediately so that the systems can be checked for signs of intrusion without the possibility of intruders attempting to cover their tracks.

Conclusion
The first few minutes after you discover an attack are likely to be stressful and confused, so it's important to have a plan of action in place before it happens. When you realise you've been attacked, make sure you identify your objectives in resolving the situation, communicate the situation promptly to business leadership and peers, and determine whether the problem requires you to disconnect one or more systems from the Internet. Deciding how to react to an attack is tricky, at best. The actions you take (or don't take) can have a huge impact on your organisation -- and on your reputation. However, following a plan for controlling the situation can make things less chaotic and start you down the right path to get things back on track.

2007-07-09T16:41:00.001+05:30

How to navigate the Internet safely

1. Introduction
2. Browser Security
3. Browser Check
4. Steps for Finding an Anonymous Proxy
5. NetBios
6. Cookies
7. WebBugs
8. Good Housekeeping
9. Firewalls

1. Introduction
Safe Surfing consists in minimizing your profile and identity trail as you surf on the Internet. Every site you visit will record your machines unique Internet protocol number or ip address. Cookies can act as remote identifiers, and the values can be returned from within html web pages using e-mail or post commands. Any of the web pages that you download may contain either Active-x or Java applets both of which can be programmed to access the Windows System or your registry. Embedded Gifs or Web-Bugs can record your presence and 'phone home' style components can talk to some database.

As well as providing servers with another way to get Referer and other information. Disabling Java also stops many pop-up ads and interstitials. All the scripting languages like Javascript, Visual Basic Script (VBS) etc can execute system calls from inside the web page, query your registry and post back to the server sensitive data. In the case of a hacker, invisible frames can be loaded containing scripting to execute DOS commands such as "del C:\*.*"; "del Windows\*.*" i.e. wipe your hard disk away!

Other means of gaining referer information are for the server to ask you to connect either on shttp or https which is SSL, both are secure protocols that can override ordinary proxies and nullify them. Thus allowing the server to read your true ip address and in some cases this is their purpose not secure messaging!

Coming up in the rear is SOAP (Simple Object Access Protocol). This is a lightweight, XML-based protocol for exchanging information in a decentralized, and distributed environment. This is a messaging protocol, unlike Active-x, which uses remote procedure calls (RPC). It does not require synchronous execution or request/response interaction, and SOAP messages can have multiple parts addressed to different parties. Furthermore SOAP is programmatically extensible. In lay mans speak this protocol allows web page to speak to web page, remotely and on a queued basis i.e. allowing for time lapses. SOAP boasts A Proxy and Wire Transfer Service. This protocol has been submitted to W3C for consideration, and is along with XML the basis for Microsofts latest web gambit .NET. SOAP is extremely unsafe since it has access to the dns and the underlying windows system. It can totally bypass any firewall since messaging is web page to web page. COM controls can be written to phone home via SOAP just as in HTTP.

Last but not least is NetBios and File and Print Sharing which is auto enabled on installation on some old operating systems, leaving your hard disk open for the world. So disabling all these options within your browser and in conjunction with using a proxy, preferably one from country out with your own, you can leverage some form of control over information leakage whilst you surf. Being aware of how and where ip leakage can occur allows you to Surf Safe!

--------------------------------------------------------------------------------

2. Browser Security:-
To cover your tracks and prevent others from finding out your ip address you have to use a proxy and disable certain browser functions, proxies are covered in more detail in Proxy Basics. These functions are as follows:

To change the security settings in Internet Explorer: Tools Menu ... Select Internet Options... Security tab... Custom Level

Recommended Settings:
Active-X controls and plug-ins
Download signed Active-X controls Disable
Download unsigned Active-X controls Disable
Initialized script ActiveX controls not marked as safe Disable
Run ActiveX controls and plug-ins Disable
Script Active-X controls marked safe for scripting Disable

Cookies Allow cookies that are stored on your computer Disable
Allow per-session cookies (not-stored) Disable

Downloads Downloads Enable
Font Download Enable

Java Java Permissions Disable Java

Miscellaneous Access data sources across domains Disable
Drag and drop or copy and paste files Disable
Installation of desktop items Disable
Launching programs and files in an IFrame Disable
Navigate sub-frames across different domains Disable
Software channel permissions High Safety
Submit non encrypted form data Disable
Userdata persistance Disable

Scripting Active scripting Disable
Allow paste operations via script Disable
Scripting of java applets Disable

After checking these settings, click on 'ok', then the 'advanced' tab.
Scroll down until you find the heading 'Java VM'.

Java VM Java console enabled Disable
Java logging enabled Disable
JIT compiler for virtual machine Disable

For netscape users, to turn off java and also ... Edit... Preferences... Advanced... uncheck "enable java" and "enable javascript" and check "disable cookies"

To enable a proxy server in IE:-
Go to Tools... Internet Options... Connections. If you use a dialup connection, click the "Settings" button next to the dialup properties box. If you have a broadband connection, click the "LAN Settings" button instead. Check the "Use a proxy" option, then enter the proxy's hostname and port number in the fields.

To enable a proxy server in Netscape
Go to Edit... Preferences... Advanced... Proxies. Choose "Manual Proxy Configuration," then click the View button and enter the proxy's hostname and port number in the WWW field.

To confirm that the proxy is functioning correctly, go to the IP-address page. You should see the proxy's IP address instead of your own. Alternatively select one of the url's from the Proxy Checking Sites list in the Resources section below and check that the ip-address you see on the page is the same as your proxy!

Some browsers have an auto e-mail facility find and disable this.

What does a browser record? There are three things a browser records when you visit a web page. Each one is stored in a different manner, in different places. It depends on which browser and which version you use, and even on what Operating System platform you are running it.
The three things a browser records are: I The page itself in your cache
II The URL of the page in your history
III The URL's you typed in at the URL box (drop down list)

So the following tasks have to be undertaken. Clearing the Cache:
Clearing the History:
Clearing the URL history:

Its optional on all the main browsers i.e. Netscape, Internet Explorer, Opera etc whether you choose to do this by hand and the precise syntax and commands vary by Browser version and Operating System version, but the principal is constant i.e. find where they are logged and delete the references! Under Windows this is normally inside the Registry. So in Netscape under windows 95: The URL history is stored in the windows registry.

Example: Clearing the URL history - Close Netscape if it is still running. Start the registry editor by running REGEDIT.EXE. Go to HKEY_CURRENT_USER\Software\Netscape\Netscape Navigator\URL History\ (doing a search for "URL History" will get you there immediately.) Delete the entries URL_1 through URL_10, but NOT the Default entry. Close the registry editor.

This is repeated for the other tasks. A simpler method is to use a program such as Window Washer or Evidence Eliminator both will automatically clean the required areas.

Now these items i.e. cache, url, and url history have been deleted but Microsoft in their wisdom chose to record the url and occasionally the url history elsewhere in areas such as the swap file, user.dat and system.dat and if you use Microsoft office or similar softwares the document history list may record your url history as well. Windows Washer should be able to deal with this. To deal with the swap file read the Swap File Basics. Remember under some versions of Windows such as Windows NT and Windows 2000 each user has a unique profile and history so if you use different accounts. Check them all.

--------------------------------------------------------------------------------

3. Browser Check:-
Every time you DialUp or connect to surf you should firstly connect with a proxy checking site that will tell you what your current browser ip is and other relevant environment variables, such as javascript etc. It is a good idea to paste the url of the proxy checker into the "Address" edit box situated under the General tab of the Internet Options Properties box. This will alert you to surfing on an unsafe ip.

--------------------------------------------------------------------------------

4. Steps for Finding an Anonymous Proxy:-

Step 1.
Find a List of Proxies
Step 2.
Check the Proxies for Anonymity
Step 3.
Check the Proxy Server's Country
Change your proxy regularly, else you leave yourself open to relationship analysis. Accomplished by comparing Referer, Site Location, and your current proxy, along with all the other visitors. If you keep your proxy long enough the logs may be hacked or made available to some interested 3rd party!

--------------------------------------------------------------------------------

5. NetBios:-
NetBIOS (or Network Basic Input Output System) is a program, that is used by Microsoft Networking. One use of NetBIOS is to allow the sharing of files and printers between computers on a Local Area Network (LAN). However, if you are connected to the Internet and using file and print sharing through NetBIOS, you may be exposed to unnecessary security risks. Most systems do not need NetBIOS to connect to the Internet. However, some older cable modem systems might need some components of NetBIOS. Out of the box NetBios is configured to enable about 9 separate components of your PC. These are :

Client for Microsoft Networks, the networking application
File and Printer Sharing for Microsoft Networks
Microsoft Family Logon

TCP/IP
NetBEUI (NetBIOS Enhanced User Interface)
IPX/SPX

Dial-up adapter
Cable modem/DSL interface
Local area network (LAN) interface (if applicable)
The insecure components in the pre-configured NetBIOS are: Microsoft Networks application and file and printer sharing. Since all nine NetBIOS components--including TCP/IP--are interconnected, your data is vulnerable when you're online. Each time you're connected to the Internet with the pre-configured NetBIOS, hackers can easily access your passwords, upload malicious code to your computer and more. Your computer is exposed to any, and all, kinds of security threats.

The solution is to re-configure your NetBIOS. TCP/IP will only be connected to the dial-up adapter. The NetBEUI transport will also be connected to the dial-up adapter and, therefore, TCP/IP. Since NetBEUI provides safe local file and network sharing, your files will not be exposed in this configuration. The Microsoft Network application, file and print sharing and Microsoft Family Logon will all be connected to NetBEUI. The IPX/SPX protocol should be removed from the networking component list!

Disabling File And Printer Sharing for Your Dial-Up Adapter (Win 95/98)
Click Start, point to Settings, click Control Panel, and then double-click Network.
Click TCP/IP->Dial-up Adapter, click Properties, and then click the Bindings tab.
Click to clear the File and Printer Sharing check box, click OK, and then click OK.
Restart your computer.
NOTE:
This disables the File And Printer Sharing component only for the Dial-Up Networking adapter. Local network file sharing or printer sharing is not affected. Windows NT users should disable TCP/IP Binding from NetBIOS.

Turning Off File and Print Sharing Completely
Click on Start then to Control Panels. Double click on the icon Network.
Click on the button File and Print Sharing.
To disable File and Print Sharing, uncheck both boxes. To enable File and Print Sharing, check both boxes.
Click OK and then OK again. File and Print Sharing is now disabled.

6. Cookies:-
Recording which IP address accessed a site is a start, but it's not enough for many places on the net. They want to know more - such as whether you've visited before. This is done using what are called cookies. There are many myths about cookies, which are best dispelled by looking at a site such as w*w.cookiecentral.com. A cookie is simply a piece of information that a website asks your browser to store on your PC. The same site can then request the cookie next time you visit. This allows it, for instance, to automatically fill in your login name on the AvantGo pages, or supply the weather reports you asked for on the msn.com home page. What a cookie can't do is trawl your hard drive for your credit card number, neither can it tell a website anything it didn't already know about you. If you tell a site your name is Tipper instead of Albert, then that's what will be in the cookie that's stored on your computer. So why do so many people get worked up about cookies? Because a few companies, most notably DoubleClick, have found a way round the fact that a server can only request cookies for its own site. DoubleClick is an agency that supplies the ads that appear on many of the net's most popular sites. Using cookies, DoubleClick can uniquely identify you, allowing a profile of the type of sites you visit to be built up, and even supplying relevant adverts for you. So how can it do this when cookies are unique to a site? It's simple -the DoubleClick adverts aren't on the site you visit. They're stored on DoubleClick's own servers, and your web browser dutifully fetches them from there. This means it has requested information from the DoubleClick server, and can therefore have a cookie sent, or passed back to, that server. Solution: In your browser disable all cookie access and clean regularly!

--------------------------------------------------------------------------------

7. WebBugs:-
WebBugs: There are about five different types of Web bugs, The simplest bug is a small, clear GIF with no content and its set to be transparent so the web page background shines through. Its included on the web page you surf to but is downloaded from another site. Usually some Advert based site the download call along with the referrer information is enough to identify your machine as visiting some site. It normally works with cookies to send information to third parties about a your online travels. Other more malicious forms of Web bugs are "executable bugs," which can install a file onto people's hard drives to collect information whenever they are online. For example, one such bug can scan a person's machine to send information on every document that contains the word "sex" . The sneakiest bugs are "script-based executable bugs that can go out and take any document from your computer" without notice, there are programs that can track live, private recordings through Webcams or voice recorders hooked up to computers. Other script-based bugs also execute files, but they're not installed on a person's PC. They can simply try to control the person's computer from its server, as well as track the consumer's travels on the Web from behind the scenes. An example of this can be found on a popular entertainment site, PassThisOn.com, which launches multiple browser windows when a person tries to exit the site. These methods can bypass your firewall since your browser will have permission to fetch stuff from web-sites. This principle can be employed in Word documents or em ails such that when you open them, some site somewhere is notified that some PC is opening and reading this document. Nice thought?

--------------------------------------------------------------------------------

8. Good Housekeeping:-
One consequence of surfing on the Internet is not only do other people want to know your surfing habits and real ip. So does your own PC! Each installed program will invariably come with some form of a history list. This list will be stored in the registry or less commonly in a text file with a .ini extension, usually found in the installation folder. In the registry search for LastVisitedMRU. These are used to enumerate your last five actions or so. i.e. Windows MediaPlayer has a hidden history list that contains a description of items last activated by it, be it some mp3 or visually enticing mpg movie. Likewise RealPlayer has a similar facility furthermore if you use it to search online music databases like DDB it will phone home to the RealPlayer web site sending your list of preferences along with a unique number that was written into the registry when the program was first installed, and its usually a mixture of your real ip and some pc generated number, i.e. a GUID. Thereby identifying you regardless of whether you employ a proxy or not!

Do Url's Go To Heaven?
Url's that you have surfed through may be stored covertly within the Swap File, on a just in case they are needed again basis, furthermore any of the microsoft products might, depending on your preference settings, choose to add one of these url's to its history list or Most Recently Used document list in MS Word's case. These are then stored in proprietary files and within and any of index.dat, system.dat, user.dat and on windows2000, Windows Millenium in pagefile.sys. or the Swap file. Each time you switch on your computer unknown to you these are then loaded into the respective program registry mappings or hidden files. Latest versions of windows use individual profiles called "UserData" stored within the registry. This is how Windows maintains its appearance of being static, looking the same, or attempting to achieve "persistence" across multiple boot ups. So some Url's do go to heaven and kinda live for ever ;-)

Spyware:
Some "free" software will, as it is being installed, copy a 2nd parties programs, usually to the System folder. These type of programs are what is known as AdWare since once online your surfing habits are monitored by the 2rd party and advert streams are sent to the application based on your preferences. The application author gets paid for allowing his program to target you with adverts and this is the price you pay for free software. Other nonspyware software can periodically attempt to update itself; for example, the Windows 98 Update feature checks an address at Microsoft every five minutes once you enable it (and you can't turn it off without uninstalling it). Naturally you don't want any of these things on your pc.

COM/SOAP
These are ostensibly microsoft protocols. SOAP leaves you insecure since it has access to the dns (domain name calls) and the underlying windows system. So it can request o/s serial numbers, bad if you paid for Windows by credit card. It can totally bypass any firewall and router filtering, since messaging is web page to web page. COM controls can be written to phone home via SOAP just as in HTTP. COM is the basis for .NET and the new Windows coming you way soon. Windows has been re-written to use COM everywhere including the windows controls such as edit, list and treeview controls etc. This makes Windows a highly insecure communications environment. Coupled with the fact that Microsoft shares some of its source codes with Govt Agencies and favored Corporations under strict terms of secrecy, this should alert the wise!

Cleaning Up:
Since each application that you have installed can store a History List of associated files, i.e. Internet Explorer will have a list of Url's your browser last surfed, for its use in its "IntelliSense" or Smart matching on partial Url's that you type into the browser AddressBar. You need an application to sweep these out and clean up each time that you either boot up or shut down. One such application is Window Washer it is safe and simple to use and it allows customized items both in the registry and any folder to be set for deletion. It comes with a default set of Windows locations to delete i.e. Documents under the Start menu is wiped clean. So for each application you will have to work out what it stores, where it stores it and set WindowsWasher to delete it on a regular basis. For the more trickier case of the Swap File, User.dat and Sytem.dat see The Swap File and Registry Basics faqs.

There are programs available to search for and remove phone home components, where web-bugs are concerned the use of a Firewall, either Norton Personal Firewall or Zonealarm are good 1st choices here, and proxy and cookie cleaning on a regular basis will minimize any problem here. A security site is working on a Web-Bug filter at present.

--------------------------------------------------------------------------------

9. Firewalls:-
A Firewall is a program that filters all ingoing and outgoing connections to the internet. Anyone who is running ADSL or Cable and other fixed ip services are more vulnerable to security breaches. A Firewall will allow you to set filters on which packets can enter or leave your computer. Most Firewalls come with standard settings enabled such as Application privileges, Internet traffic blocking, local network access to the systems services and shared accounts, and the blocking of known advertising companies. Along with the disabling of javascript this will stop all those annoying pop up windows appearing.

A firewall will also allow you to decide what appears in the packets that leave your computer i.e. your type of computer , operating system , timezone etc all which helps to enforce your privacy. If your computer is personal and for home use then find yourself a copy of AtGuard which is an excellent configurable Firewall, and if you cannot find a version, then Norton Personal Firewall is a good substitute since it purchased a license to the AtGuard kernel.

2007-07-09T16:26:00.000+05:30

Introduction
1. Welcome to the basic NETBIOS document This document will teach you some simple things about NETBIOS, what it does, how to use it, how to hack with it, and some other simple DOS commands that will be useful to you in the future. THIS DOCUMENT IS FOR NEWBIEZ ONLY!!! If you are NOT a newbie then don't go any farther reading this because if you're smart enough you probably already know it all. So don't waste yourt time reading something that you already know.

1. Hardware and Firmware

1a. The BIOS
The BIOS, short for Basic Input/Output Services, is the control program of the PC. It is responsible for starting up your computer, transferring control of the system to your operating system, and for handling other low-level functions, such as disk access.
NOTE that the BIOS is not a software program, insofar as it is not purged from memory when you turn off the computer. It's
firmware, which is basically software on a chip.

A convenient little feature that most BIOS manufacturers include is a startup password. This prevents access to the system until you enter the correct password.
If you can get access to the system after the password has been entered, then there are numerous software-based BIOS password extractors available from your local H/P/A/V site.

NETBIOS/NBTSTAT - What does it do?

2. NETBIOS, also known as NBTSTAT is a program run on the Windows system and is used for identifying a remote network or computer for file sharing enabled. We can expoit systems using this method. It may be old but on home pc's sometimes it still works great. You can use it on your friend at home or something. I don't care what you do, but remember, that you are reading this document because you want to learn. So I am going to teach you. Ok. So, you ask, "How do i get to NBTSTAT?" Well, there are two ways, but one's faster.

Method 1:Start>Programs>MSDOS PROMPT>Type NBTSTAT
Method 2:Start>Run>Type Command>Type NBTSTAT
(Note: Please,
[Photo] help your poor soul if that isn't like feeding you with a baby spoon.)

Ok! Now since you're in the DOS command under NBTSTAT, you're probably wondering what all that crap is that's on your screen. These are the commands you may use. I'm only going to give you what you need to know since you are striving to be l33t. Your screen should look like the following:

NBTSTAT [ [-a RemoteName] [-A IP address] [-c] [-n]
[-r] [-R] [-RR] [-s] [-S] [interval] ]

-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its IP address.
-c (cache) Lists NBT's cache of remote [machine] names and their IP addresses
-n (names) Lists local NetBIOS names.
-r (resolved) Lists names resolved by broadcast and via WINS
-R (Reload) Purges and reloads the remote cache name table
-S (Sessions) Lists sessions table with the destination IP addresses
-s (sessions) Lists sessions table converting destination IP addresses to computer NETBIOS names.
-RR (ReleaseRefresh) Sends Name Release packets to WINS and then, starts Refresh

RemoteName Remote host machine name.
IP address Dotted decimal representation of the IP address.
interval Redisplays selected statistics, pausing interval seconds between each display. Press Ctrl+C to stop redisplaying
statistics.

C:\WINDOWS\DESKTOP>

The only two commands that are going to be used and here they are:

-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the remote machine's name table given its IP address.

Host Names

3. Now, the -a means that you will type in the HOST NAME of the person's computer that you are trying to access. Just in case you don't have any idea what a Host Name looks like here's an example.

123-fgh-ppp.internet.com

there are many variations of these adresses. For each different address you see there is a new ISP assigned to that computer. look at the difference.

abc-123.internet.com
ghj-78 [Photo] ghj-789.newnet.com

these are differnet host names as you can see, and, by identifying the last couple words you will be able to tell that these are two computers on two different ISPs. Now, here are two host names on the same ISP but a different located server.

123-fgh-ppp.internet.com
567-cde-ppp.internet.com

IP Addresses

4. You can resolce these host names if you want to the IP address (Internet Protocol)
IP addresses range in different numbers. An IP looks like this:

201.123.101.123

Most times you can tell if a computer is running on a cable connection because of the IP address's numbers. On faster connections, usually the first two numbers are low. here's a cable connection IP.

24.18.18.10

on dialup connections IP's are higher, like this:

208.148.255.255

notice the 208 is higher than the 24 which is the cable connection.

REMEMBER THOUGH, NOT ALL IP ADDRESSES WILL BE LIKE THIS.
Some companies make IP addresses like this to fool the hacker into believing it's a dialup, as a hacker would expect something big, like a T3 or an OC-18. Anyway This gives you an idea on IP addresses which you will be using on the nbtstat command.

Getting The IP Through DC (Direct Connection)

5. First. You're going to need to find his IP or host name. Either will work. If you are on mIRC You can get it by typing /whois (nick) ...where (nick) is the persons nickname without parenthesis. you will either get a host name or an IP. copy it down. If you do not get it or you are not using mIRC then you must direct connect to their computer or you may use a sniffer to figure out his IP or host name. It's actually better to do it without the sniffer because most sniffers do not work now-a-days. So you want to establish a direct connection to their computer. OK, what is a direct connection? When you are:

Sending a file to their computer you are directly connected.
AOL INSTANT MESSENGER allows a Direct Connection to the user if accepted.
ICQ when sending a file or a chat request ac [Photo] acception allows a direct connection.
Any time you are sending a file. You are directly connected. (Assuming you know the user is not using a proxy server.)
Voice Chatting on Yahoo establishes a direct connection.

If you have none of these programs, either i suggest you get one, get a sniffer, or read this next statement.

If you have any way of sending thema link to your site that enables site traffic statistics, and you can log in, send a link to your site, then check the stats and get the IP of the last visitor. It's a simple and easy method i use. It even fool some smarter hackers, because it catches them off guard. Anyway, once you are directly connected use either of the two methods i showed you earlier and get into DOS. Type NETSTAT -n. NETSTAT is a program that's name is short for NET STATISTICS. It will show you all computers connected to yours. (This is also helpful if you think you are being hacked by a trojan horse and is on a port that you know such as Sub Seven: 27374.) Your screen should look like this showing the connections to your computer:

------------------------------------------------------------------------------------------------

C:\WINDOWS\DESKTOP>netstat -n

Active Connections

Proto Local Address Foreign Address State
TCP 172.255.255.82:1027 205.188.68.46:13784 ESTABLISHED
TCP 172.255.255.82:1036 205.188.44.3:5190 ESTABLISHED
TCP 172.255.255.82:1621 24.131.30.75:66 CLOSE_WAIT
TCP 172.255.255.82:1413 205.188.8.7:26778 ESTABLISHED
TCP 172.255.255.82:1483 64.4.13.209:1863 ESTABLISHED

C:\WINDOWS\DESKTOP>

------------------------------------------------------------------------------------------------

The first line indicated the Protocol (language) that is being used by the two computers.
TCP (Transfer Control Protocol) is being used in this and is most widely used.

Local address shows your IP address, or the IP address of the system you on.

Foreign address shows the address of the computer connected to yours.

State tells you what
[Photo] kind of connection is being made ESTABLISHED - means it will stay connected to you as long as you are on the program or as long as the computer is allowing or is needing the other computers connection to it. CLOSE_WAIT means the connection closes at times and waits until it is needed or you resume connection to be made again. One that isn't on the list is TIME_WAIT which means it is timed. Most Ads that run on AOL are using TIME_WAIT states.

the way you know the person is directly connected to your computer is because of this:

------------------------------------------------------------------------------------------------

C:\WINDOWS\DESKTOP>netstat -n

Active Connections

Proto Local Address Foreign Address State
TCP 172.255.255.82:1027 205.188.68.46:13784 ESTABLISHED
TCP 172.255.255.82:1036 205.188.44.3:5190 ESTABLISHED
TCP 172.255.255.82:1621 24.131.30.75:66 CLOSE_WAIT
TCP 172.255.255.82:1413 abc-123-ppp.webnet.com ESTABLISHED
TCP 172.255.255.82:1483 64.4.13.209:1863 ESTABLISHED

C:\WINDOWS\DESKTOP>

------------------------------------------------------------------------------------------------

Notice the host name is included in the fourth line instead of the IP address on all. This is almost ALWAYS, the other computer that is connected to you. So here, now, you have the host name:

abc-123-ppp.webnet.com

If the host name is not listed and the IP is then it NO PROBLEM because either one works exactly the same. I am using abc-123-ppp.webnet.com host name as an example. Ok so now you have the IP and/or host name of the remote system you want to connect to. Time to hack!

Open up your DOS command. Open up NBTSTAT by typing NBTSTAT. Ok, there's the crap again. Well, now time to try out what you have leanred from this document by testing it on the IP and/or host name of the remote system. Here's the only thing you'll need to know.

IMPORTANT, READ NOW!!!

-a (adapter status) Lists the remote machine's name table given its name
-A (Adapter status) Lists the re
[Photo] remote machine's name table given its IP address.

Remember this?
Time to use it.

-a will be the host name
-A will be the IP

How do i know this?
Read the Statements following the -a -A commands. It tells you there what each command takes.

So have you found which one you have to use?

GOOD!
Time to start.

Using it to your advantage

6. Type this if you have the host name only.
NBTSTAT -a (In here put in hostname without parenthesis)

Type this is you have the IP address only.
NBTSTAT -A (In here put in IP address without parenthesis)

Now, hit enter and wait. Now Either one of two things came up
1. Host not found
2. Something that looks like this:

--------------------------------------------

NetBIOS Local Name Table

Name Type Status
---------------------------------------------
GMVPS01 <00> UNIQUE Registered
WORKGROUP <00> GROUP Registered
GMVPS01 <03> UNIQUE Registered
GMVPS01 <20> UNIQUE Registered
WORKGROUP <1e> GROUP Registered

---------------------------------------------

If the computer responded "Host not found" Then either one of two things are the case:

1. You screwed up the host name.
2. The host is not hackable.
If number one is the case you're in great luck. If two, This system isn't hackable using the NBTSTAT command. So try another system.

If you got the table as above to come up, look at it carefully as i describe to you each part and its purpose.

Name - states the share name of that certain part of the computer

<00>, <03>, <20>, <1e> - Are the Hexidecimal codes giving you the services available on that share name.

Type - Is self-explanatory. It's either turned on, or activated by you, or always on.

Status - Simply states that the share name is working and is activated.

Look above and look for the following line:

GMVPS01 <20> UNIQUE Registered

See it?
GOOD! Now this is important so listen up. The Hexidecimanl code of <20> means that file sharing is enabled on the share name that
[Photo] is on that line with the hex number. So that means GMVPS01 has file sharing enabled. So now you want to hack this. Here's How to do it. (This is the hard part)

LMHOST File

7. There is a file in all Windows systems called LMHOST.sam. We need to simply add the IP into the LMHOST file because LMHOST basically acts as a network, automatically logging you on to it. So go to Start, Find, FIles or Folders. Type in LMHOST and hit enter. when it comes up open it using a text program such as wordpad, but make sure you do not leave the checkmark to "always open files with this extension" on that. Simply go through the LMHOST file until you see the part:

# This file is compatible with Mic*ft LAN Manager 2.x TCP/IP lmhosts
# files and offers the following extensions:
#
# #PRE
# #DOM:
# #INCLUDE
# #BEGIN_ALTERNATE
# #END_ALTERNATE
# \0xnn (non-printing character support)
#
# Following any entry in the file with the characters "#PRE" will cause
# the entry to be preloaded into the name cache. By default, entries are
# not preloaded, but are parsed only after dynamic name resolution fails.
#
# Following an entry with the "#DOM:" tag will associate the
# entry with the domain specified by . This affects how the
# browser and logon services behave in TCP/IP environments. To preload
# the host name associated with #DOM entry, it is necessary to also add a
# #PRE to the line. The is always preloaded although it will not
# be shown when the name cache is viewed.
#
# Specifying "#INCLUDE " will force the RFC NetBIOS (NBT)
# software to seek the specified and parse it as if it were
# local. is generally a UNC-based name, allowing a
# centralized lmhosts file to be maintained on a server.
# It is ALWAYS necessary to provide a mapping for the IP address of the
# server prior to the #INCLUDE. This mapping must use the #PRE directive.
# In addtion the share "public" in the example below must be in the
# LanManServer list of "NullSessionShares" in order for client machi [Photo] machines to
# be able to read the lmhosts file successfully. This key is under
# \machine\system\currentcontrolset\services\lanmanserver\parameters\nullsessionshares
# in the registry. Simply add "public" to the list found there.
#
# The #BEGIN_ and #END_ALTERNATE keywords allow multiple #INCLUDE
# statements to be grouped together. Any single successful include
# will cause the group to succeed.
#
# Finally, non-printing characters can be embedded in mappings by
# first surrounding the NetBIOS name in quotations, then using the
# \0xnn notation to specify a hex value for a non-printing character.

Read this over and over until you understand the way you want your connection to be set. Here's an example of how to add an IP the way I would do it:

#PRE #DOM:255.102.255.102 #INCLUDE

Pre will preload the connection as soon as you log on to the net. DOM is the domain or IP address of the host you are connecting to. INCLUDE will automaticall set you to that file path. In this case as soon as I log on to the net I will get access to 255.102.255.102 on the C:/ drive. The only problem with this is that by doin the NETSTAT command while you are connected, and get the IP of your machine. That's why it only works on simple PC machines. Because people in these days are computer illiterate and have no idea of what these commands can do. They have no idea what NETSTAT is, so you can use that to your advantage. Most PC systems are kind of hard to hack using this method now because they are more secure and can tell when another system is trying to gain access. Also, besure that you (somehow) know whether they are running a firewall or not because it will block the connection to their computer. Most home systems aren't running a firewall, and to make it better, they don't know how operate the firewall, therefore, leaving the hole in the system. To help you out some, it would be a great idea to pick up on some programming languages to show you how the computer reads information and learn some thin
[Photo] things on TCP/IP (Transfer Control Protocol/Internet Protocol) If you want to find out whether they are running a firewall, simply hop on a Proxy and do a port scan on their IP. You will notice if they are running a firewall because most ports are closed. Either way, you still have a better chance of hacking a home system than hacking Mic*ft.

Gaining Access
7. Once you have added this to you LMHOST file. You are basically done. All you need to do is go to:

Start
Find
Computer

Once you get there you simply type the IP address or the host name of the system. When it comes up, simply double click it, and boom! There's a GUI for you so you don't have to use DOS anymore. You can use DOS to do it, but it's more simple and fun this way, so that's the only way i put it. When you open the system you can edit, delete, rename, do anything to any file you wish. I would also delete the command file in C:/ because they may use it if they think someone is in their computer. Or simply delete the shortcut to it. Then here's when the programming comes in handy. Instead of using the NBTSTAT method all the time, you can then program you own trojan on your OWN port number and upload it to the system. Then you will have easier access and you will also have a better GUI, with more features. DO NOT allow more than one connection to the system unless they are on a faster connection. If you are downloading something from their computer and they don't know it and their connection is being slow, they may check their NETSTAT to see what is connected, which will show your IP and make them suspicious. Thats it. All there is to it. Now go out and scan a network or something and find a computer with port 21 or something open.

Shashank's Blog

2007-07-09T15:52:00.000+05:30

Shashank's Blog

2007-07-09T15:26:00.000+05:30

Defining hacker

Hacker is a word that has two meanings:

· Traditionally, a hacker is someone who likes to tinker with software or electronic systems. Hackers enjoy exploring and learning how computer systems operate. They love discovering new ways to work electronically.

· Recently, hacker has taken on a new meaning and someone who maliciously breaks into systems for personal gain. Technically, these criminals are crackers (criminal hackers). Crackers break into (crack) systems with malicious intent. They are out for personal gain: fame, profit, and even revenge. They modify, delete, and steal critical information, often making other people miserable.

The good-guy (white-hat) hackers don’t like being in the same category as the bad-guy (black-hat) hackers. (These terms come from Western movies where the good guys wore white cowboy hats and the bad guys wore black cowboy hats.) Whatever the case, most people give hacker a negative connotation.

Many malicious hackers claim that they don’t cause damage but instead are altruistically helping others. Yeah, right. Many malicious hackers are electronic thieves.

In this book, I use the following terminology:

· Hackers (or bad guys) try to compromise computers.

· Ethical hackers (or good guys) protect computers against illicit entry.

Hackers go for almost any system they think they can compromise. Some prefer prestigious, well-protected systems, but hacking into anyone’s system increases their status in hacker circles.

Ethical Hacking 101

You need protection from hacker shenanigans. An ethical hacker possesses the skills, mindset, and tools of a hacker but is also trustworthy. Ethical hackers perform the hacks as security tests for their systems.

If you perform ethical hacking tests for customers or simply want to add another certification to your credentials, you may want to consider the ethical hacker certification Certified Ethical Hacker, which is sponsored by EC-Council. See http://www.eccouncil.org/CEH.htm for more information.

Ethical hacking and also known as penetration testing or white-hat hacking and involves the same tools, tricks, and techniques that hackers use, but with one major difference: Ethical hacking is legal. Ethical hacking is performed with the target's permission. The intent of ethical hacking is to discover vulnerabilities from a hacker’s viewpoint so systems can be better secured. It’s part of an overall information risk management program that allows for ongoing security improvements. Ethical hacking can also ensure that vendors’ claims about the security of their products are legitimate.

To hack your own systems like the bad guys, you must think like they think. It’s absolutely critical to know your enemy; see Chapter 2 for details.

Understanding the Need to Hack Your Own Systems

To catch a thief, think like a thief. That’s the basis for ethical hacking.

The law of averages works against security. With the increased numbers and expanding knowledge of hackers combined with the growing number of system vulnerabilities and other unknowns, the time will come when all computer systems are hacked or compromised in some way. Protecting your systems from the bad guys and and not just the generic vulnerabilities that everyone knows about and is absolutely critical. When you know hacker tricks, you can see how vulnerable your systems are.

Hacking preys on weak security practices and undisclosed vulnerabilities. Firewalls, encryption, and virtual private networks (VPNs) can create a false feeling of safety. These security systems often focus on high-level vulnerabilities, such as viruses and traffic through a firewall, without affecting how hackers work. Attacking your own systems to discover vulnerabilities is a step to making them more secure. This is the only proven method of greatly hardening your systems from attack. If you don't identify weaknesses, it's a matter of time before the vulnerabilities are exploited.

As hackers expand their knowledge, so should you. You must think like them to protect your systems from them. You, as the ethical hacker, must know activities hackers carry out and how to stop their efforts. You should know what to look for and how to use that information to thwart hackers’ efforts.

You don’t have to protect your systems from everything. You can’t. The only protection against everything is to unplug your computer systems and lock them away so no one can touch them and not even you. That’s not the best approach to information security. What’s important is to protect your systems from known vulnerabilities and common hacker attacks.

It’s impossible to exploit all possible vulnerabilities on all your systems. You can’t plan for all possible attacks and especially the ones that are currently unknown. However, the more combinations you try and the more you test whole systems instead of individual units and the better your chances of discovering vulnerabilities that affect everything as a whole.

Don’t take ethical hacking too far, though. It makes little sense to harden your systems from unlikely attacks. For instance, if you don’t have a lot of foot traffic in your office and no internal Web server running, you may not have as much to worry about as an Internet hosting provider would have. However, don’t forget about insider threats from malicious employees!

Your overall goals as an ethical hacker should be as follows:

· Hack your systems in a nondestructive fashion.

· Enumerate vulnerabilities and, if necessary, prove to upper management that vulnerabilities exist.

· Apply results to remove vulnerabilities and better secure your systems.

Understanding the Dangers Your Systems Face

It’s one thing to know that your systems generally are under fire from hackers around the world. It’s another to understand specific attacks against your systems that are possible. This section offers some well-known attacks but is by no means a comprehensive listing. That requires its own book: Hack Attacks Encyclopedia, by John Chirillo (Wiley Publishing Inc.).

Many information-security vulnerabilities aren't critical by themselves. However, exploiting several vulnerabilities at the same time can take its toll. For example, a default Windows OS configuration, a weak SQL Server administrator password, and a server hosted on a wireless network may not be major security concerns separately. But exploiting all three of these vulnerabilities at the same time can be a serious issue.

Nontechnical attacks

Exploits that involve manipulating people and end users and even yourself and are the greatest vulnerability within any computer or network infrastructure. Humans are trusting by nature, which can lead to social-engineering exploits. Social engineering is defined as the exploitation of the trusting nature of human beings to gain information for malicious purposes. I cover social engineering in depth in Chapter 5.

Other common and effective attacks against information systems are physical. Hackers break into buildings, computer rooms, or other areas containing critical information or property. Physical attacks can include dumpster diving (rummaging through trash cans and dumpsters for intellectual property, passwords, network diagrams, and other information).

Network-infrastructure attacks

Hacker attacks against network infrastructures can be easy, because many networks can be reached from anywhere in the world via the Internet. Here are some examples of network-infrastructure attacks:

· Connecting into a network through a rogue modem attached to a computer behind a firewall

· Exploiting weaknesses in network transport mechanisms, such as TCP/IP and NetBIOS

· Flooding a network with too many requests, creating a denial of service (DoS) for legitimate requests

· Installing a network analyzer on a network and capturing every packet that travels across it, revealing confidential information in clear text

· Piggybacking onto a network through an insecure 802.11b wireless configuration

Operating-system attacks

Hacking operating systems (OSs) is a preferred method of the bad guys. OSs comprise a large portion of hacker attacks simply because every computer has one and so many well-known exploits can be used against them.

Occasionally, some operating systems that are more secure out of the box and such as Novell NetWare and the flavors of BSD UNIX and are attacked, and vulnerabilities turn up. But hackers prefer attacking operating systems like Windows and Linux because they are widely used and better known for their vulnerabilities.

Here are some examples of attacks on operating systems:

· Exploiting specific protocol implementations

· Attacking built-in authentication systems

· Breaking file-system security

· Cracking passwords and encryption mechanisms

Application and other specialized attacks

Applications take a lot of hits by hackers. Programs such as e-mail server software and Web applications often are beaten down:

· Hypertext Transfer Protocol (HTTP) and Simple Mail Transfer Protocol (SMTP) applications are frequently attacked because most firewalls and other security mechanisms are configured to allow full access to these programs from the Internet.

· Malicious software (malware) includes viruses, worms, Trojan horses, and spyware. Malware clogs networks and takes down systems.

· Spam (junk e-mail) is wreaking havoc on system availability and storage space. And it can carry malware.

Ethical hacking helps reveal such attacks against your computer systems. Parts II through V of this book cover these attacks in detail, along with specific countermeasures you can implement against attacks on your systems.

Obeying the Ethical Hacking Commandments

Every ethical hacker must abide by a few basic commandments. If not, bad things can happen. I’ve seen these commandments ignored or forgotten when planning or executing ethical hacking tests. The results weren’t positive.

Working ethically

The word ethical in this context can be defined as working with high professional morals and principles. Whether you’re performing ethical hacking tests against your own systems or for someone who has hired you, everything you do as an ethical hacker must be aboveboard and must support the company’s goals. No hidden agendas are allowed!

Trustworthiness is the ultimate tenet. The misuse of information is absolutely forbidden. That’s what the bad guys do.

Respecting privacy

Treat the information you gather with the utmost respect. All information you obtain during your testing and from Web-application log files to clear-text passwords and must be kept private. Don’t use this information to snoop into confidential corporate information or private lives. If you sense that someone should know there’s a problem, consider sharing that information with the appropriate manager.

Involve others in your process. This is a “watch the watcher” system that can build trust and support your ethical hacking projects.

Not crashing your systems

One of the biggest mistakes I’ve seen when people try to hack their own systems is inadvertently crashing their systems. The main reason for this is poor planning. These testers have not read the documentation or misunderstand the usage and power of the security tools and techniques.

You can easily create DoS conditions on your systems when testing. Running too many tests too quickly on a system causes many system lockups. I know because I’ve done this! Don’t rush things and assume that a network or specific host can handle the beating that network scanners and vulnerability-assessment tools can dish out.

Many security-assessment tools can control how many tests are performed on a system at the same time. These tools are especially handy if you need to run the tests on production systems during regular business hours.

You can even create an account or system lockout condition by social engineering someone into changing a password, not realizing that doing so might create a system lockout condition.

The Ethical Hacking Process

Like practically any IT or security project, ethical hacking needs to be planned in advance. Strategic and tactical issues in the ethical hacking process should be determined and agreed upon. To ensure the success of your efforts, spend time up front planning things out. Planning is important for any amount of testing and from a simple password-cracking test to an all-out penetration test on a Web application.

Formulating your plan

Approval for ethical hacking is essential. Make what you’re doing known and visible and at least to the decision makers. Obtaining sponsorship of the project is the first step. This could be your manager, an executive, a customer, or even yourself if you’re the boss. You need someone to back you up and sign off on your plan. Otherwise, your testing may be called off unexpectedly if someone claims they never authorized you to perform the tests.

The authorization can be as simple as an internal memo from your boss if you’re performing these tests on your own systems. If you’re testing for a customer, have a signed contract in place, stating the customer’s support and authorization. Get written approval on this sponsorship as soon as possible to ensure that none of your time or effort is wasted. This documentation is your Get Out of Jail Free card if anyone questions what you’re doing.

You need a detailed plan, but that doesn’t mean you have to have volumes of testing procedures. One slip can crash your systems and not necessarily what anyone wants. A well defined scope includes the following information:

· Specific systems to be tested

· Risks that are involved

· When the tests are performed and your overall timeline

· How the tests are performed

· How much knowledge of the systems you have before you start testing

· What is done when a major vulnerability is discovered

· The specific deliverables and this includes security-assessment reports and a higher-level report outlining the general vulnerabilities to be addressed, along with countermeasures that should be implemented

When selecting systems to test, start with the most critical or vulnerable systems. For instance, you can test computer passwords or attempt social-engineering attacks before drilling down into more detailed systems.

It pays to have a contingency plan for your ethical hacking process in case something goes awry. What if you’re assessing your firewall or Web application, and you take it down? This can cause system unavailability, which can reduce system performance or employee productivity. Even worse, it could cause loss of data integrity, loss of data, and bad publicity.

Handle social-engineering and denial-of-service attacks carefully. Determine how they can affect the systems you’re testing and your entire organization.

Determining when the tests are performed is something that you must think long and hard about. Do you test during normal business hours? How about late at night or early in the morning so that production systems aren’t affected? Involve others to make sure they approve of your timing.

The best approach is an unlimited attack, wherein any type of test is possible. The bad guys aren’t hacking your systems within a limited scope, so why should you? Some exceptions to this approach are performing DoS, social-engineering, and physical-security tests.

Don’t stop with one security hole. This can lead to a false sense of security. Keep going to see what else you can discover. I’m not saying to keep hacking until the end of time or until you crash all your systems. Simply pursue the path you’re going down until you can’t hack it any longer (pun intended).

One of your goals may be to perform the tests without being detected. For example, you may be performing your tests on remote systems or on a remote office, and you don’t want the users to be aware of what you’re doing. Otherwise, the users may be on to you and be on their best behavior.

You don’t need extensive knowledge of the systems you’re testing and just basic understanding. This will help protect you and the tested systems.

Understanding the systems you’re testing shouldn’t be difficult if you’re hacking your own in-house systems. If you’re hacking a customer’s systems, you may have to dig deeper. In fact, I’ve never had a customer ask for a fully blind assessment. Most people are scared of these assessments. Base the type of test you will perform on your organization’s or customer’s needs.

Chapter 19 covers hiring “reformed” hackers.

Selecting tools

As with any project, if you don’t have the right tools for ethical hacking, accomplishing the task effectively is difficult. Having said that, just because you use the right tools doesn’t mean that you will discover all vulnerabilities.

Know the personal and technical limitations. Many security-assessment tools generate false positives and negatives (incorrectly identifying vulnerabilities). Others may miss vulnerabilities. If you’re performing tests such as social-engineering or physical-security assessments, you may miss weaknesses.

Many tools focus on specific tests. No tool can test for everything. For the same reason you wouldn’t drive in a nail with a screwdriver, you shouldn’t use a word processor to scan your network for open ports. This is why you need a set of specific tools that you can call on for the task at hand. The more tools you have, the easier your ethical hacking efforts are.

Make sure you that you’re using the right tool for the task:

· To crack passwords, you need a cracking tool such as LC4, John the Ripper, or pwdump.

A general port scanner, such as SuperScan or Nmap, may not work.

· For an in-depth analysis of a Web application, a Web-application assessment tool (such as Whisker or WebInspect) is more appropriate than a network analyzer (such as Ethereal).

When selecting the right security tool for the task, ask around. Get advice from your colleagues and from other people online. A simple Groups search on Google (www.google.com) or perusal of security portals, such as SecurityFocus.com, SearchSecurity.com, and ITsecurity.com, often produces great feedback from other security experts.

Hundreds, if not thousands, of tools can be used for ethical hacking and from your own words and actions to software-based vulnerability-assessment programs to hardware-based network analyzers. The following list runs down some of my favorite commercial, freeware, and open-source security tools:

· Nmap

· EtherPeek

· SuperScan

· QualysGuard

· WebInspect

· LC4 (formerly called L0phtcrack)

· LANguard Network Security Scanner

· Network Stumbler

· ToneLoc

Here are some other popular tools:

· Internet Scanner

· Ethereal

· Nessus

· Nikto

· Kismet

· THC-Scan

I discuss these tools and many others in Parts II through V when I go into the specific hack attacks. Appendix A contains a more comprehensive listing of these tools for your reference.

The capabilities of many security and hacking tools are often misunderstood. This misunderstanding has shed negative light on some excellent tools, such as SATAN (Security Administrator Tool for Analyzing Networks) and Nmap (Network Mapper).

Some of these tools are complex. Whichever tools you use, familiarize yourself with them before you start using them. Here are ways to do that:

· Read the readme and/or online help files for your tools.

· Study the user’s guide for your commercial tools.

· Consider formal classroom training from the security-tool vendor or another third-party training provider, if available.

Look for these characteristics in tools for ethical hacking:

· Adequate documentation.

· Detailed reports on the discovered vulnerabilities, including how they may be exploited and fixed.

· Updates and support when needed.

· High-level reports that can be presented to managers or nontechie types.

These features can save you time and effort when you’re writing the report.

Executing the plan

Ethical hacking can take persistence. Time and patience are important. Be careful when you’re performing your ethical hacking tests. A hacker in your network or a seemingly benign employee looking over your shoulder may watch what’s going on. This person could use this information against you.

It’s not practical to make sure that no hackers are on your systems before you start. Just make sure you keep everything as quiet and private as possible. This is especially critical when transmitting and storing your test results. If possible, encrypt these e-mails and files using Pretty Good Privacy (PGP) or something similar. At a minimum, password-protect them.

You’re now on a reconnaissance mission. Harness as much information as possible about your organization and systems, which is what malicious hackers do. Start with a broad view and narrow your focus:

1. Search the Internet for your organization’s name, your computer and network system names, and your IP addresses.

Google is a great place to start for this.

2. Narrow your scope, targeting the specific systems you’re testing.

Whether physical-security structures or Web applications, a casual assessment can turn up much information about your systems.

3. Further narrow your focus with a more critical eye. Perform actual scans and other detailed tests on your systems.

4. Perform the attacks, if that’s what you choose to do.

Evaluating results

Assess your results to see what you uncovered, assuming that the vulnerabilities haven’t been made obvious before now. This is where knowledge counts. Evaluating the results and correlating the specific vulnerabilities discovered is a skill that gets better with experience. You’ll end up knowing your systems as well as anyone else. This makes the evaluation process much simpler moving forward.

Submit a formal report to upper management or to your customer, outlining your results. Keep these other parties in the loop to show that your efforts and their money are well spent. Chapter 17 describes this process.

Moving on

When you’ve finished your ethical hacking tests, you still need to implement your analysis and recommendations to make sure your systems are secure.

New security vulnerabilities continually appear. Information systems constantly change and become more complex. New hacker exploits and security vulnerabilities are regularly uncovered. You may discover new ones! Security tests are a snapshot of the security posture of your systems. At any time, everything can change, especially after software upgrades, adding computer systems, or applying patches. Plan on test regularly (for example, once a week or once a month).

2007-07-09T15:24:00.000+05:30

How Girlz rate Guyz?

Girls' relationship with guys is a bigger mystery than girls themselves.

It's not just about boyfriends, we're talking about guy friends that gals have.

Do you have a gal who is just a friend? Are confused why the frequency of calls increases as exams loom closer? Or why she always hangs around with the moron who isn't fit to wear Jeetendra's white shoes? Here's a ready reckoner for you:

% just a friend %

Well, you are like a show piece in my house. I will call you whenever I need you. If you call me home the chances are 9 out of 10 times she might say, "Oh Rahul, I am going out can you call me after 2 days??"

Rahul: "Where are you going Shilpa??"

Shilpa: "None of your business" and bangs the phone.(Useless fellow.Hmmph! ).

% Good Friend %

You are like a TV remote control. I need you and I know that. But I try using you when I really need you.

Rahul calls: "Hi Shilpa",

Shilpa: "Hi Rahul. I am going out with family I will call you back. Bye"

(Shilpa calls back after two days)

Shilpa: "What do you want Rahul? Why did you call that day?".

Rahul: "Generally".

Shilpa: "Oh ok. I got to go out. Will call you later. Bye."

Will call when she needs lecture notes or some concert tickets.

% Very good friend %

Well you are like the pressure cooker safety value for the girl.

She will need you when she wants to bring out her pain or anger on someone.

Basically, she wants to talk to you. And you are special to her.

Shilpa: "You know Rahul, Shekhar is not eating. He doesn't sleep and is not able to concentrate on his studies. I think he doesn't like me anymore. And yesterday I saw him with another girl".

Rahul: "Who is Shekhar??"

Shilpa : "My boyfriend."

Rahul: Oh! Ok. :-(

% Best Friend %

You are like the auto rickshaw driver. She can't live without you.

And don't be mistaken. You are not her boyfriend. But you are allowed to take her little doggie around the park so that he (not you!) can have fun.

Rahul Shopping. Rahul Movie. Rahul Coffee. Rahul,you pay. I am having fun.

Rahul is now sure that he should go ahead and propose. He dares.

Shilpa: "But I thought we were just friends. We should remain friends

Rahul. Plus, I have a boy friend you know that."

Rahul: What?? (Rahul drinks all night).

% Best of the Bestest Friends %

Ok now you are really special.

You are dad-cum-boyfriend- cum-brother- cum-everything.

Ultimately you are the darling servant of the girl.

You take her around.

You make her project.

You do her assignments.

You are allowed to take her doggie around.

You can hold hands on the beach.

You can see the sun set with her (because she wants to do everything she drags you along).

But but but... Don't be mistaken. She has a boyfriend who works for a huge software company and earns 3 times the salary you earn and has a flat in PoesGardenor Boat Club or Hiranandani area.

Shilpa: "Hi Rahul. I am getting engaged to Shekhar. Shekhar this is Rahul, he is my bestest friend".

Rahul: Hi Shekhar . (Hand shake. Shekhar breaks Rahul's wrist).

Rahul is now heart broken and wrist broken.

% Boyfriend %

Uh... No comments dude. You're already Gone!

********

Now ~ where you stand?

2007-07-09T15:22:00.002+05:30

blue jacking

What is Bluejacking?

You've read about it on the web; heard about it on the radio; read articles in the newspapers... but what exactly is bluejacking?

*Warning- by the end of 'What is bluejacking?' I can assure you that you'll be sick of the word 'Bluetooth'

First up, you need to know what Bluetooth is. There are lots of types of modern devices that incorporate the Bluetooth wireless communication system as one of their many features. PDAs, mobile phones and laptops are a few of these modern devices. Bluetooth means that Bluetooth enabled devices can send things like phonebook/address book contacts, pictures & notes to other Bluetooth enabled devices wirelessly over a range of about 10 metres.

So, we've got past the boring part. Now, using a phone with Bluetooth, you can create a phonebook contact and write a message, eg. 'Hello, you've been bluejacked', in the 'Name' field. Then you can search for other phones with Bluetooth and send that phonebook contact to them. On their phone, a message will popup saying "'Hello, you've been bluejacked' has just been received by Bluetooth" or something along those lines. For most 'victims' they will have no idea as to how the message appeared on their phone. So, personalised messages like 'I like your pink top' and the startled expressions that result is where the fun really starts.

2007-07-09T15:20:00.000+05:30

Blue Snarfing
Bluesnarfing is the unauthorized access of information from a wireless device through a Bluetooth connection, often between phones, desktops, laptops, and PDAs. This allows access to a calendar, contact list, emails and text messages, and on some phones users can steal pictures and private videos. Some programs must allow connection and to be 'paired' to another phone to steal content, but other programs can break into the phones without any control. Phone companies have also admitted that they own phones which are weak and can be broken into by blue snarfing software very easily.

Recently there have been cases of people calling premium rate numbers, without the user knowing.[citation needed] Bluesnarfing is much more serious in relation to Bluejacking, but both exploit others' Bluetooth connections without their knowledge. Any device with its Bluetooth connection turned on and set to "discoverable" (able to be found by other Bluetooth devices in range) can be attacked. By turning off this feature, the potential victim can be safer from the possibility of being bluesnarfed; although, there are ways to bluesnarf a device that is set to "hidden". For example, bruteforce can be used to guess the device's MAC address. However, this is difficult because Bluetooth uses a 48-bit unique MAC Address, so there are over 280 trillion possible addresses to guess. Because bluesnarfing is an invasion of privacy, it is illegal in many countries
chk out this video on it

2007-07-09T15:16:00.000+05:30

Protection from Phishers

Phishing Facts

Phishers succeed in getting personal information from up to five percent of their intended victims. 57 million U.S. Internet users have received at least one phishing e-mail, and as many as 1.7 million have given personal information to the attackers [Source: NGS Software].

The steps you normally take to protect your computer, like using a firewall and anti-virus software, can help protect you from phishing. You can review web sites' SSL certificates and your own bankand credit card statements for an extra measure of safety.

In addition, phishers tend to leave some telltale signs in their e-mail messages and web pages. When you read your e-mail, you should be on the lookout for:

Generic greetings, like "Dear Customer." If your bank sends you an official correspondence, it should have your full name on it. (Some phishers have moved on to spear phishing, which can include personalized information.)
Threats to your account and requests for immediate action, such as "Please reply within five business days or we will cancel your account." Most companies want you as a customer and are not likely to be so quick to lose your business.
Requests for personal information. Most businesses didn't ask for personal information by phone or through e-mail even before phishing became a widespread practice.
Suspicious links. Links that are longer than normal, contain the @ symbol or are misspelled could be signs of phishing. It's safer to type the business's URL into your browser than to click on any link sent in e-mail.
Misspellings and poor grammar.

Fortunately, businesses and governments are fighting phishing. The United States government has instructed banks to start using two methods of security that include both passwords and physical objects, like tokens or biometric scanners, for online transactions by the end of 2006 [Source: Wired]. Many Internet service providers (ISP) and software developers offer phishing toolbars that verify security certificates, tell you the location where the site you visit is registered and analyze links. They also provide tools for reporting phishing attempts. Other programs use visual cues to confirm that you've reached a legitimate site.

Responding to Phishing
If you get an e-mail that you believe is a phishing attempt, you should not reply to it, click on the links or provide your personal information. Instead, you should report the attempt to the business being spoofed. Use their web site or phone number rather than following links in the suspect e-mail. You can also inform the National Fraud Information Center and the Anti-Phishing Working Group.

If you believe you may have given your personal information to a phisher, you should report the incident to:

· The company that was spoofed.

· Any bank, lending or credit institution for which you have disclosed your personal information.

· At least one of the three major credit reporting companies (Equifax, Experian and TransUnion).

· Your local police department.

· The Federal Trade Commission.

· The Federal Trade CommissionThe Federal Bureau of Investigation (FBI) via the Internet Crime Complaint Center

You should also change your passwords for the site you believe was spoofed. If you use the same password at other sites, you should change your passwords there, too.

2007-07-09T14:52:00.000+05:30

It is one of the most frequently reproduced graphs in information
system security. The horizontal axis is a time line; the
vertical axis is marked from ‘‘low’’ to ‘‘high’’. There are two
trawls. The first, starting ‘‘low’’ in the 1980s and increasing
to ‘‘high’’ as we move forward in time is marked ‘‘Sophistication
of Attacker Tools’’. The second starts ‘‘high’’ and decreases
to ‘‘low’’ over time and is marked ‘‘Required
Knowledge of Attackers’’.
The graph first appeared (the author believes) in a GAO Report
in May 1996
1. and took the story in terms of hacking tools
as far as sniffers, packet spoofing and tools with GUIs. Today
the tools would include virus generators, DNS polluters, botnet
control tools as well as versions of older tools which are
now much more sophisticated.
It is not surprising that there should have been demands to
criminalize hacking toolsdproduction, sale, even possession.
These demands were reflected in the 2001 Council of
Europe Cybercrime Treaty.
2.The difficulty is that many hacking tools are indistinguishable
from utilities that are essential for the maintenance and
security of computers and networks. Eleven years ago, in April
1995, Dan Farmer and Wietze Venema released a program
called Security Administrator Tool for Analyzing Networks, which
resolves for better or worse to the acronym SATAN. It was
designed to automate the process of testing systems for security
vulnerabilities. Written largely in perl it adopted the then
relatively novel technique of using a web browser as an interface.
In essence it was a rule-based engine backed by a database
of vulnerabilities. As well as reporting the presence of
vulnerabilities, SATAN also gathered large amounts of general
network information, such as which hosts are connected to
subnets, what types of machines they are and which services
they offer.
As soon as it was announced, critics rushed in to complain
that although not intended as such, it was in essence a series
of gifts to hackers. Farmer and Venema went on to write the
Coroner’sToolkit,a series ofUnix-basedforensicsutilities.They
are also the authors of the book Forensic Discovery.
3. SATAN and another similar automated testing tool, ISS (whichfor some reason
never attracted the same level of ire from security professionals),
soon started to turn up on the hacker bulletin boards,
IRC channels and indeed on the hard-disks of hackers who
had been raided by the authorities. ISS in an early form, for
example, was used by the UK hacker ‘‘DataStream Cowboy’’ in
his attacks on sensitive USmilitary sites in March 1994.
4.If we look at the range of security and hacking tools available
at the moment (Table 1), we can see the extent of the
problem of ‘‘dual use’’.
There are of course a number of hacking tools which are
non dual-use and these might include:
virus creation kits
phishing kits
DDOS kits
email bombers
Botnet management tools
Sometimes the intentions of a ‘‘remote administrator’’ tool
may be inferred from its name, graphic appearance and the
facilities actually offered. What is one to conclude about
Hack ‘a’Tack,
5. for example? Here are its advertised features:
FTP
Transmit IP
IP-scanner
General information, i.e. current user, country, time, OS and
CPU
Send messages
Open/close the CDROM
Hide/show the taskbar
Disable/enable the monitor
Disable keys
Swap and click mouse buttons
Set/freeze the cursor at a position you can adjust by
coordinates
Window events allowing you to kill, focus, hide, show and
rename a process
You can also see what the remote computer has in its clipboard
and send text to the actually focused window (also in
intervals)
Boot operations, i.e. shut down, reboot, power off and log off
the remote computer here
Get passwords
Keyspy
File manager
Make screenshot
Hack ‘a’Tack, it must be said, does not normally show an
obvious presence, in the form of an icon or tray item, on a target
computer but operates stealthily.
The problem in designing an appropriate law is to separate
the sincere from the insincere. Criminal law requires clarity,
not generalised ambitions; a courtda judge or a jurydneeds
to know what tests to apply; investigators need to know
what evidence to assemble.
This is how clause 6 of the EU CyberCrime Treaty tackles
the matter:
1. Each Party shall adopt such legislative and other measures
as may be necessary to establish as criminal offences under
its domestic law, when committed intentionally and without
right:
a. the production, sale, procurement for use, import, distribution
or otherwise making available of:
i. a device, including a computer program, designed or
adapted primarily for the purpose of committing any
of the offences established in accordance with Articles
2 through 5;
ii. a computer password, access code, or similar data by
which the whole or any part of a computer system is
capable of being accessed, with intent that it be used
for the purpose of committing any of the offences
established in Articles 2 through 5; and
b. the possession of an item referred to in paragraphs a.i or
ii above, with intent that it be used for the purpose of
committing any of the offences established in Articles 2
through 5. A Party may require by law that a number of
such items be possessed before criminal liability
attaches.
2. This article shall not be interpreted as imposing criminal
liability where the production, sale, procurement for use,
import, distribution or otherwise making available or possession
referred to in paragraph 1 of this article is not for
the purpose of committing an offence established in accordance
with Articles 2 through 5 of this Convention, such as
for the authorised testing or protection of a computer
system.
3. Each Party may reserve the right not to apply paragraph 1 of
this article, provided that the reservation does not concern
the sale, distribution or otherwise making available of the
items referred to in paragraph 1 a.ii of this article.
Articles 2–5 of the Convention deal with, respectively: illegal
access, illegal interception, data interference and system
interference. The Convention requires signatories to ensure
that their local laws cover these aims, albeit within the framework
of the local criminal justice system. Where individual
countries do not already have adequate legislation they are
expected to create new laws.
The trouble with this wording, it might be argued, is that
it provides too wide a set of loopholes. A prosecutor would
need to be able to show that a tool was ‘‘designed or adapted
primarily for the purpose of committing any of the
offences .’’ This might include Hack ‘a’Tack, the graphic
interface of which is much more ‘‘informal and jokey’’
than is usual for professional utilities. Possession would
only be an offence ‘‘with intent that it be used for the purpose
of committing any of the offences’’, again a high
threshold for a prosecutor to have to achieve. The many
websites which host hacking tools but which announce,
tongue-in-cheek, that the aim was ‘‘for educational purposes’’
only, would probably be able to continue distribution
without much fear.
Contrast this with how the UK has been trying to implement
the legislation. It appears as proposed section 35 of the
Police and Justice Bill 2006.6 The Bill itself covers a wide range
of ‘‘criminal justice’’ matters. Section 33 increases the penalties
for offences under the Computer Misuse Act 1990, while
section 34 is an uncontroversial implementation of Article 5
of the CyberCrime Treaty; ‘‘data interference’’. The main
effect is to make an explicit offence of denial of service
attacksd‘‘unauthorised acts with intent to impair operation
of computer’’.
But section 35 shows the difficulties. In its original form it
read like this:
35 Making, supplying or obtaining articles for use in computer
misuse offences
After section 3 of the 1990 Act insertd
3A
(1) A person is guilty of an offence if he makes, adapts, supplies
or offers to supply any articled
(a) knowing that it is designed or adapted for use in the
course of or in connection with an offence under section
1 or 3; or
(b) intending it to be used to commit, or to assist in the
commission of, an offence under section 1 or 3.
(2) A person is guilty of an offence if he obtains any article
with a view to its being supplied for use to commit, or
to assist in the commission of, an offence under section
1 or 3.
(3) In this section ‘‘article’’ includes any program or data held
in electronic form.
(4) A person guilty of an offence under this section shall be
liabled
(a) on summary conviction in England and Wales, to imprisonment
for a term not exceeding 12months or to
a fine not exceeding the statutory maximum or to
both;
(b) on summary conviction in Scotland, to imprisonment
for a term not exceeding six months or to a fine not exceeding
the statutory maximum or to both;
(c) on conviction on indictment, to imprisonment for
a term not exceeding two years or to a fine or to
both.’’
There is no explicit defence of ‘‘legitimate use’’ and no unambiguous
protection for system administrators and penetration
testers. In the furore that followed, some critics pointed
out that even those who offered popular Linux distributions
were at risk of criminal charge because most of these contain
utilities such as tcpdump and ethereal, which can be used to
monitor network traffic and, in that process capture passwords
and other sensitive data which could be a precursor
to a system compromise. This first draft of UK legislation
had simply forgotten about the safeguards within the Cyber-
Crime Convention.
The Liberal Party proposed an amendment7:
3A Making, supplying or obtaining articles for use in offence
under section 1 or 3
(1) A person is guilty of an offence if he makes, adapts, supplies
or offers to supply any articled
(a) knowing that it is designed or adapted for use in the
course of or in connection with an offence under section
1 or 3; or
(b) intending it to be used to commit, or to assist in the
commission of, an offence under section 1 or 3.
But this was felt to provide too high a test of knowledge or
intent for a prosecutor to have to prove.
The governing Labour Party then offered:
(b) believing that it is likely to be so used.
This wording is slightly better than the original but still
potentially leaves tool writers and distributors exposed.
What happens, for example, if you prepare a tool for the sincere
purpose of testing system security but you become
aware that it is being used by hackers? Do you then need
to stop distribution? Or do you need to interrogate each customer
(that is, if you actually charge for the item as opposed
to making it available via open source?) Is the position different
if you only sell to those whom you have vetted but
you become aware that pirated or ‘‘cracked’’ versions have
become availableddo you have to increase the security on
later versions, for example?
There is perhaps some comfort to be drawn from the expressions
of intent for the legislation from the Parliamentary
debate8 and in UK legal practice the courts do sometimes go
back to the official record (Hansard) when faced with problems
of interpretation.
In the final analysis one must conclude that the noble
aim of restricting the availability of hacking tools is not
something that it is possible to resolve solely by finding an
appropriate form of words. Prosecutorial policy decisions
will have to be taken, balancing on the one hand the need
to make more difficult casual attack on information systems
against the need for tools to protect legitimate users. Where
bad prosecution decisions have been made one pities the lay
jury of ordinary citizens who may have to listen to opposing
experts arguing about the extent of ‘‘dual use’’ of a particular
tool and then having to infer what was going on in the mind
of a system administrator, penetration tester, or software
distributor.
On behalf of the legitimate activities of system administrators
and investigators, one would hope that the onus would be
on a Prosecutor to show ill intent. Skilled forensic technicians
have got used to using timelines of activity, web-email and
other types of traffic to show the intent and state of mind of
an accused. But these may not help in the present