Openwrt in VMware

I'm doing my final year project in network security. For that I have to create a virtual network to work with. I have chosen VMware. And for router firmware I decided OpenWRT, a GNU/Linux based firmware for devices like gateways.

But When I tried to run OpenWRT in VMware, I found a big problem. Actually OpenWRT comes in the format of raw image (.image). It can't be directly installed directly in VMware. So I need to find alternatives. But I'm new to both VMware and also OpenWRT. So I'm stuck first. After I read so many forums, I got some idea. But no method given in those forums worked. Each and every one has come with its own fault. So I started doing myself things. Finally I got it. I just do the following...

• Install VMware
• Download Openwrt 
• Install qemu, commend line virtual emulator. Here It will be used to convert the raw image into vmdk image.
• now convert the raw image into vmdk format by issuing the following commend

  qemu-img convert -f raw <source_file_name> -O vmdk <desitination_file_name>

• For example, If you have downloaded openwrt-x86-ext2.image, run the following commend in terminal. 

  qemu-img convert -f raw openwrt-x86-ext2.image -O vmdk openwrt-x86-ex2.vmdk

• Now start VMware. 
• Create a new virtual machine. In the first dialogue, select custom installation
• In the next dialogue, select other linux, and select memory, network adaptor, and other things as you like. 
• And finally It will ask for the hard disk. Then select "use existing hard disk" and browse it towards the vmdk file created previously.
• Give finish. Your work is over. Now run OpenWRT from VMware.      
• Its default IP address is 192.168.1.1. So use this IP address to connect  the firmware.

ubuntu 10.10

After a short period I'm returning back here. Actually I was busy about my exams and followed by my campus interviews. Now got some time. But even now I'm busy with my project. But whatever I'm here now to say I'm enjoying Ubuntu 10.10 and try to make you people happy.

A month before I downloaded it. I was somewhat away from Ubuntu after its April 09 release as I become stick with Windows 7. And another problem is that after 9.04, Ubuntu's releases never support my wireless adaptor. But now I bought my new USB modem (tata photon+). So now I came back to Ubuntu. Actually I have installed both Windows 7 and Ubuntu 10.10in my computer.

Still it doesn't support my wireless adaptor but it supports my modem. Actually this is an added feature from its early version. In Ubuntu 10.04 there is no inbuilt configuration for tata photon. We have to do it manually. But now its become easy. Just select and go. Everything becomes easy.

As like its other versions it comes with Firefox as default browser. Its fair enough for an end user like me as well as developers like Cibin. And for email client, it still depends on Evolution mail. I wonder why it doesn't go for Thunder bird. Actually I don't like Evolution. But I don't know the reason may be it is unable to delete an account once created in GUI. Also its task management is not so well. So I installed tasque for me.

Instant messaging is done here by Empathy. It works fine. I'm using it for my Gmail and Facebook chat (Please social engineering guys, don't use this information to hack me). But to login Facebook, you have to create your username for facebook. You can create your username here. With this you can login into you facebook account through Empathy.

As usual it comes with the Open office bundle and a dictionary. But that dictionary will work only while you are connected to Internet. One important thing, if you are not connected with Internet, I won't recommend Ubuntu for you. Because, it will have only things which are purely open source. So you are not even able hear you favourite songs in mp3 format. And the accessories, sound & videos, games are same. Graphics is included with Shotwell photo manager. But still I don't work with it. So don't ask anything about it.

One special thing has to be underlined is all who installed Ubuntu 10.10 are give a free Ubuntu one account. With this account you can store your files online. You can synchronise you folder with online. Upto 2GB space is freely available. For premium accounts, additional space will be provided. 

And finally a screen shot of my desktop,

Email spoofing 2

In the last post we have seen about mail spoofing using SMTP server. But the problem is, many email providers won't allow mails coming from untrusted IP address. In this method we are going to hire a trusted IP to send spoofed mail.

There are a number of web hosting servers available online and they have mail sever installed in them. The IP of these servers will be trusted by any mail providers. And many of the web hosting severs are available for free. So simply use them to send your spoofed mail. 

There is a function mail() in php to send mail through mail server. We are going to use that function to send our mail. I have already written the code and uploaded it in 4shared website. There are two files. One is a html form that will ask you for the information about the mail. And the second is the php file, that is going to sent the mail. So register for a web hosting having mail server. And upload the files, can be downladed from this link. Now open the mail.html page. Send your mail.

For example, consider as you are registering at x10hosting.com. And you choose the sub domain name as ihacked, then your website will be ihacked.x10hosting.com. Now login in the cpanel of your site and upload the file can be downloaded from the above link. Now open ihacked.x10hosting/mail.html. There will be form appear  asking for the mail details. Just fill the form and have fun.

You can test this in the page I have created. Find the page at here.You can send anonymous from that page. Please don't misuse it. Just have fun ;-P.

Email spoofing 1

E-mail spoofing is nothing but sending mail anonymous. Also you can send mail as coming from some one else  email. This is very old method. This is not a hack actually. When e-mail was introduced, people sent email only by this method. 

For this you need a SMTP server (Simple Mail Transfer Protocol). You can use any SMTP server. You can download one here. And install it in your machine. Actually a SMTP server will run in the port 25. That is the default port for any mail server.

After installing it, connect it via telnet in command prompt using the command "telnet 127.0.0.1 25". Here the IP address refers your own machine. If you type 127.0.0.1 IP from any machine, it will refer only the machine itself. And the 25 is port number. But most of the times Windows don't allow telnet. So it may automatically close. In this situation, use some telnet client. You can download one here. Its a free utility and also portable, so it doesn't need any installation. 

Run it. Fill the required field and open the connection with the SMTP server. And use the following commands in the order to send mail.

helo /any name/

This is just introducing you to the SMTP server. Here you can use any name. It won't affect the mail you are going send. It is just saying hello to the server.

mail from:/from address/

This is the from address of the mail. You can use any mail address. That will appear as the from address of the mail. There should be no space between the colon (:) and the from address.

rcpt to:/to address/

This is the receiver address. The mail will be delivered only to this address. Here also no space between colon and the to address. 

data

This is the data portion of the mail. You can add any number of header required in this part. All the headers will be in the format /header name/:/header value/. Also no space between the colon and the values. Each header should be typed in a separate line. After adding all the headers, give two line break (type enter for two times). Now type the message. After finishing the mail type ctrl and dot then again ctrl ( ctrl.ctrl ) to represent the end of the mail. The mail will be sent to the receptant address. Type exit to close the program.

eg:

• helo hacker
• mail from:billg@microsoft.com
• rcpt to:kumaran.4353@gmail.com
• data
  
  • sub:please help me
  Mr.Balakumaran, Microsoft corporation is hacked by some hackers and all the control is now with them. Here we can't do anything. So please help our corporation to get out of the hand of those hackers. /ctrl/./ctrl/
• exit

But the problem with this method, is nowadays many standard mail providers like Gmail are not accepting mails from all IP addresses. So most of the times your mail won't be sent. Also if sent, probably it will be saved in spam. So read the next post to overcome these problems.

Windows backdoor hack

You know to hack Windows. But this is a time consuming process. If you need to crack the same machine often, you better set a backdoor in the machine. A backdoor is nothing but an alternate way to enter. Read more about backdoor.

First know the concept. In Windows there is an option known as sticky key. That is for physically challenged people. It extends the life time of shift, ctrl, alt keys. To enable this, click shift key for five times. The program that is responsible for this is sethc.exe. The location of the file is "c:\windows\system32\sethc.exe". The specialty of this program is you can run this even before you login the machine. Thus if you click shift key for five times at the login screen, sethc.exe program will run.

If you able to run cmd.exe before logging in, you can change the password with "net user" command. So do the following.

• Copy cmd.exe from "c:\windows\system32\cmd.exe" to Desktop
• Rename the file to sethc.exe
• Now replace the original file with the name replaced cmd.exe file.
• Its over.

Now reboot the Windows machine. When the login screen appears, press shift for five times. Oh ****! the command prompt will appear. Hack the password with "net user administrator" command.

windows password hack 4

This is the attack that have 100% success rate. It is very simple. You know that the SAM file is the file containing password hashes. So simply replace that file with a password known SAM file. Attack over. But you can do this only with another OS. To do this,

• Boot the password known Windows machine with any Linux live CD, or your bootable USB.
• Make a copy of the SAM file.
• Now boot the machine that to be cracked with any Linux as live. 
• Replace the SAM file with the file already copied.
• Thats all. The machine is HACKED!

But usually I replace the entire config folder not only the SAM file. Thus the username also will be changed. Because the folder config manages all the user related information.

Windows password hack 3

In this third method you need a software named Ophcrack. There are many software available for cracking windows password. But I always prefer this one. Because it never ask you to do anything. It will simply give the password in your hand.

Ophcrack is a freely available opensource software. You can download it here. The software itself is very small one. But it needs some dictionary to crack. Those will be more weight. These dictionaries are the heart of this attack. They have a table consisting all permutations of all keyboard characters and their corresponding hashes. Actually these hashes will be compared with the password hash present in the SAM file. If a match found, the equallent word will be returned. This is known as dictionary attack.

To crack any Windows password, 

• Download Ophcrack as an ISO file. Download it here.
• Now write it in a CD or make your USB drive bootable with Ophcrack. Know how to make a USB bootable here. 
• And boot the Windows machine with Ophcrack.
• Wait till boot complete. You will have the password in minutes.

But the problem here is, your attack is limited with the dictionary you use. The dictionaries that are permutation of alphabet are free to download. But those consisting special character are not free. And also you have to download them. Read next post for a better hack.

Windows password hack 2

In our last post we have seen about the SAM file, which contains the password hash. In this post we are going to see about some simple steps to hack the password.

Consider you are in the position that you can access the administrator account but you don't know the password. Like in your college library where the system admin will type the password for you or you are checking mails at your friend's computer. You have accessed the admin account. You want to change the password. But you don't know the password. You have two ways.

First one is, create a new admin account and choose your desired password for it. Now logout from the current administrator account and login with the new administrator account created by you. From this account, you can delete the other account where you have logged in before. Also you can have a backup of the files belongs to the deleted administrator.

The second way is without knowing the password of the current account, changing it using command prompt. This can be performed only with administrator privilege. For this do the following steps.

1. Open command prompt by typing cmd in run. In Windows Vista and Windows 7, open it as administrator ( in start type cmd. it will appear. now right click it and give open as administrator ).
2. Type the command " net user \user name\ * " without cots. replace \user name\ with the username of the current account.
3. Now it will ask for new password. Type new password. Your typing won't appear in the screen. Type enter.
4. Retype the password. and click enter.
5. Now the password will be changed.

Read further to know more...

Disclaimer

All the posts in this blog are only for educational purpose. Any activities done by the reader is only performed by   his own risk. The writer is not responsible for any activities done by any reader.

Windows password hack 1

Windows, the most widely used desktop operating system stores its password as a hash in a file. The file is named as SAM. You can find that file at the location C:\windows\system32\config\SAM. SAM file is not accessible by any user even the administrator. If you try to open this file, you will receive an error message as that file is being used by another program like this.

When a user adds his new password or changes his password to a new one, Windows generates the hash of that new password and stores it in the SAM file. When the user, boots the Windows machine, the process winlogon.exe ( you can see this in task manager ) will prompt him for the password. It generates the hash of the entered password and compares it with the saved hash at the SAM file. If only both are same, the user will be allowed to enter inside.

I found many of the people reading this bolg, looking at this blog. actually i gave just a simple introduction here about hacking windows password. the main dish is inside not here. read also other three articles in this series here. you will surely become a devil to microsoft-windows ;-)

DNS spoofing

DNS spoofing is nothing but while resolving the host name, instead of taking to the legitimate page taking to some other page. I know we everyone is not capable of hacking a Domain name server. But we can do it in our system. To do this you should have administrator privilege. 

In Windows there is a file at location c:\windows\system32\drivers\etc\hosts which is the first reference for any DNS resolving. Thus the Windows machine first look into that file before sending any DNS request. If any entry for the corresponding host is present, that particular IP address will be directly requested. No additional DNS lookup is needed. You can open that file in notepad and edit. But open as administrator.

That file will look like this (Microsoft copyrighted file)

# Copyright (c) 1993-2009 Microsoft Corp.

#

# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.

#

# This file contains the mappings of IP addresses to host names. Each

# entry should be kept on an individual line. The IP address should

# be placed in the first column followed by the corresponding host name.

# The IP address and the host name should be separated by at least one

# space.

#

# Additionally, comments (such as these) may be inserted on individual

# lines or following the machine name denoted by a '#' symbol.

#

# For example:

#

#      102.54.94.97     rhino.acme.com          # source server

#       38.25.63.10     x.acme.com              # x client host

# localhost name resolution is handled within DNS itself.

# 127.0.0.1       localhost

# ::1             localhost

At present this file has no effect as every line in this file are comment line (started with a # symbol). You can add a line at the end like,

66.249.89.99    yahoo.com

This line has the IP address of Google but the host name is yahoo.com. Just add this line and save the file. Now if you enter yahoo.com in your browser, it will take you to google.com. It may seem as not so effective. But if you use it in a intelligent way, it'll serve a lot. For example, if you add entries for websites you visit frequently, every time you enter those websites in your browser, it won't need to resolve the name. So you can have a faster performance. And also not limited with it, you can do more.

DISCLAIMER: Information provided in this page and any of the page of this blog is only for informational purposes. Any activities done by the reader or any other person, the blog or the writer or the blog owner is not responsible for that.

Compile and Run code online

Recently I visited a website where we can comple and run our code. We need no compiler or additional software other than the browser. Just enter the code and run it. It'll show the results. It also shows compile and run time errors. You can run code for C, C++ and many other languages. Really help ful for learning and instant testing of our code. The url is,

www.codepad.com

But unfortunately it doesn't support Java. I searched the web for such a pad for Java. But I can't find it. If anyone know, please tell me.

08-10-2010

The continuation of yesterday. I started working in the morning itself. As I heard network sharing is the best idea,  I installed samba server in Ubuntu. It was fine. I simply installed it using apt-get. After that I created a folder and shared in the network in Windows7. Now using samba I can open that shared folder. 

But also the copy paste between OSs functionality was working. So the shared folder never need anymore. I copied qemu for linux and the OpenWRT image into linux. But I don't know how to install qemu. Because I can't find any install file inside it. It was the souce. I have to compile and make it. I read about it only in the evening. As I don't know how to compile it, again I used apt-get to install qemo. Finally I converted the raw image into vmdk image. And I created the vmx file by copying the code provided in the post itself. 

I copied both vmdk and vmx file into window. Now I opened that in VMware. As usual, it didn't run. It has reported a syntax error. I'm exhausted. I searched for possibilities to convert binary file into iso image. The result came as there are software available to do  that. 

So now I started how to compile source code into binary file. I read in linux.org. Also searched many posts,  blogs, etc. Till didn't find anything valuable. Search will continue tomorow...                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            

07-10-2010

Today I started working for project, after a week gap. I tried to install OpenWRT in VMware. I read many posts about it. But I can't find the apt one. At last in the evening I found a Chinese post about it. I translated it into English (thanks to Google translation).

That told about another virtual cpu Qemu. It said that there is an option in Qemu to convert raw image into VMware image (vmdk). I thought that would work. Fortunately both Qemu and VMware image are small (Qemu is 3MB and VMware image is around 50MB). But mistakenly I downloaded the LInux version of Qemu. Then I started again the Windows version (7MB).

In that evening my modem's speed sucks. So I put the download and went to another work. My bother came and just closed the downloads. When I came back, my system was shutdown. When I booted it, the aero theme is not working. I had only the older type of visual experience. I try to look about the problem in Internet. So I started connecting my modem. Again there was an error that some service to make remote connection couldn't be run.

But fortunately that error helped. I opened msconfig to see the services which are allowed to run. There I saw that some services including that remote network connection service and the theme manager. I simply enabled all the services and restarted my system.

After restarting the system everything worked fine. I didn't know why that was happened. So I ran a full scan by panda cloud anti virus and at the same time I resumed the download (fortunately I do all my download using a download manager).

The scan as well as the download finishes around 11 o clock night. After that only I felt better. I ran the command to convert the raw OpenWRT image into vmdk image(qemu-img convert -f raw -O vmdk

). But again my time sucks.  Whenever I ran it a Windows dialogue box appeared and said that qemu-image is not responding so close the program. There was no alternate option.

As my good time I have already downloaded the linux version of Qemu. So I started my Ubuntu 10.04 in VMware. As doing copy and paste between Windows host and Windows guest, I can't do with Ubuntu and Windows 7. I installed VMware tools inside the guest Ubuntu (here I learned to use gzip, tar and how to install a .pl file).But that never helped.

I searched for solutions online. The best way they told is network sharing. But how to? This is not the right time to find the answer. Because now the time is 12.30AM. I was thinking about the butterfly effect (the chaos theory) and shuteddown my system...

Yeah! got the coders...

Some weeks before I have sent mails to the people who worked on the project. I was afraid, whether they will see my mail, as those email ids are their college ids. But fortunately, I received mails from two of them Andre and Luis. They told me that they'll help me in this project. Luis told me to learn to work with pointers in C. And Andre suggested me to learn how to install and configure OpenWRT in a router. I asked them whether any virtual environment to do the experiments that need a router. But they can't answer. They told me to buy a new router and work with it. Now I'm happy. Also I'll be very happy if they give their project documentation and the source code.... ;-D

Don't worry. Its just Csrss.exe

I told in my last blog about csrss.exe. When I searched, there is some pages telling that it is a trojan. But Microsoft's official website tells that it is the process necessary for maintaining LAN connection. But you can't just let it be. As it is maintaining network connections, it can be easily hacked by a network intruder. So always have a look at it. 

As a best practice, when you install a new Operating System, make a note of all the processes running in your computer and also the other details about those processes like memory usage, CPU usage, description, location etc,. Whenever you install new software some new processes will be added to your computer. So after installing a new software, update your note. I installed my new Windows-7(I have to rely on  windows. Because my usb modem is platform dependent) some days before. Now the file size of csrss.exe is 944 kb  and CPU usage is 00 (But no process can't run without using CPU) and having no description.

If you see csrss.exe is using very large memory and its CPU usage goes beyond 50%, you can conclude that, csrss.exe is infected with some viruses. Commonly the attack performed over csrss.exe is memory hijacking attack. The compromised csrss.exe will also use the memory space alloted for other programs. Because of less memory available, that program will run slowly. So you'll feel that your computer is getting slow. That is common. Also there are some trojan, that will run in the name of csrss.exe, which will steal you passwords and other sensitive information.

If you suspect csrss.exe is infected, immediately stop that process by running task manager in administrator mode. And scan your computer with a better anti virus program.

Commgr.exe! oh ****

Open task manager in your computer by hitting Ctrl+Alt+Del or Shift+Ctrl+Esc or by typing taskmgr.exe in command prompt or run. Now look into the processes running in your computer. If you see commgr.exe there (Not conmgr.exe, which is an important service), you are really in trouble. Today morning I saw that in my task manager. I felt something unwanted happening in my computer. Because I didn't install any new software. So how its been added. I asked my brother. He told he copied some songs form my computer to his friend's pen drive. Now a bulb glowing above my head, that it might be a virus. 

I immediately googled about it. Google always has answers. I found 26,200 results from Google and also a suggestion for conmgr.exe.  I moved to the first link Google present. It said commgr.exe is a malware program, and first detected ............. a lots of information. Thats not important to me. Its a virus. Its enough. I simply select the process and give end process. But what a ****, its appeared again. Now I tried end the whole process tree. But still. I tried with process explorer. But I can't do anything. Actually it was started by explore.exe. I felt that was really a bad time for me.

I restarted my computer in safe mode. Fortunately it was not running. I opened msconfig ( by typing msconfig in run). And searched for commgr.exe in the start-ups. It was there. I went to its location and deleted the source file.I searched in my registry for commgr.exe. Yes there was an entry in the run. I deleted that also. Now I searched Internet for the additional files added by that program. It told me some files would be created inside your C:\Recycler. I deleted that files. And restarted my computer in normal mode. 

Now in the task manager I can't find the process commgr.exe. But now another process named csrss.exe running, that has no description. I googled. The first result came as "It is process registered as a torjan" :-( But now I gotta go. So I let that to run for some time...

Location for commgr.exe is

C:\Users\[username]\appdata\temp\commgr.exe

You better run a search in your full hard disk for this program.

The files added by commgr.exe are

c:\recycler\[some directory] sorry i forgot it. :-/

Don't blame your Computer

Today I went to dad's office. There was a guy typing something and shouting "you damn old computer ate all my files...... **** ...  **** ...". He was really upset. I have no job there, I just went to give a document to my dad. I went near that guy and asked what happened. He said that the previous day, the computer never get boot. They called the technician. That damn old guy (actually not the computer) simply format the hard disk and installed a new WindowsXP (he is still two version back. So its correct to say damn old guy). So all the files he saved went to the outer space.

Not only him, most of my college friends do the same (me too, a couple of times). They think if the OS get crashed, everything has gone. And the only solution is to reinstall the OS. Its not correct actually. In Windows itself they gave an option to recover their OS, if its crashed (But most of the time it won't work. Because it is Windows). But you no need to loss your saved files. You will have to leave only the software those are installed in your computer. If you have a back-up for it, you'll never.

I hardly recommend to use more than one partition in your computer. One is for your Operating System and others, use as you wish. Store all your files, documents, songs, movies, etc in the other partition, not the one where the OS is installed. Even Windows provide My Pictures, My Movies like stuffs, don't trust. Because it is Windows. So if your OS get crashed (its common, as it is Windows), you can reinstall the OS in the old partition and the files saved in other partition are safe (even the viruses. But they won't run).

Even if you saved some data in the operating system's partition, you no need to worry. Always there is Linux to help you. Nowadays most of the Linux operating system comes as live Cd. It means you no need to install them. You can directly run them from the CD. Download such a live CD. You can write it into a CD, DVD or even in your pen drive (I'm not kidding. You can run OS from your pen drive) and boot from it. Now you can browse you hard disk and copy the required files to another media. Thats all. Now you can install your all time favorite Windows once again.

You can find link to download most of the Linux distribution here.

Don't blame your Computer

Today I went to dad's office. There was a guy typing something and shouting "you damn old computer ate all my files...... **** ...  **** ...". He was really upset. I have no job there, I just went to give a document to my dad. I went near that guy and asked what happened. He said that the previous day, the computer never get boot. They called the technician. That damn old guy (actually not the computer) simply format the hard disk and installed a new WindowsXP (he is still two version back. So its correct to say damn old guy). So all the files he saved went to the outer space.

Not only him, most of my college friends do the same (me too, a couple of times). They think if the OS get crashed, everything has gone. And the only solution is to reinstall the OS. Its not correct actually. In Windows itself they gave an option to recover their OS, if its crashed (But most of the time it won't work. Because it is Windows). But you no need to loss your saved files. You will have to leave only the software those are installed in your computer. If you have a back-up for it, you'll never.

I hardly recommend to use more than one partition in your computer. One is for your Operating System and others, use as you wish. Store all your files, documents, songs, movies, etc in the other partition, not the one where the OS is installed. Even Windows provide My Pictures, My Movies like stuffs, don't trust. Because it is Windows. So if your OS get crashed (its common, as it is Windows), you can reinstall the OS in the old partition and the files saved in other partition are safe (even the viruses. But they won't run).

Even if you saved some data in the operating system's partition, you no need to worry. Always there is Linux to help you. Nowadays most of the Linux operating system comes as live Cd. It means you no need to install them. You can directly run them from the CD. Download such a live CD. You can write it into a CD, DVD or even in your pen drive (I'm not kidding. You can run OS from your pen drive) and boot from it. Now you can browse you hard disk and copy the required files to another media. Thats all. Now you can install your all time favorite Windows once again.

You can find link to download most of the Linux distribution here.

Bom sobado!

Yesterday evening there was a buzz by Sathya about worm named BOM SOBADO. She wrote that it was a worm that would write a scrap in your orkut scrap book. If you try to reply it, your account will be hacked. But I didn't think it was true. I simply logged in my orkut account and searched for scraps. But unfortunately or fortunately there is no new scraps :-(. And I wrote a comment to her buzz as there is nothing like that and that may be a rumour.

But today morning I received forward messages to my mobile about Bom Sabado as it is a orkut hacking virus. So I immediately googled it. I never found any official announcement from Google. But there was a post about Bom Sabado and some people discussed on it. Also a person wrote that he saw such a scrap in his orkut scrap book. So it may be true. But some people says its now fixed and no more threat.

But whatever, if you saw any such scrap named as Bom Sabado, do the following...

1. Delete all your scraps (may leave some important scraps but at-least the suspicious one)
2. Sign out from your Orkut account or close the browser window
3. Now open your browser once again and delete your browser history, cookies, saved passwords and also temporary files.
4. You better run an anti-virus program. (But this is optional)
5. Restart your browser and login your Orkut account and enjoy.................

zeroth review

Yeah today the zeroth review. We planned a lot and we create slides make it better. Fortunately our team is called only after lunch. Before entering the lab we discussed more than three times about the concept we are going to implement. But the review was so simple. Mr.Mohan was there. He asked some simple question even before we start, by seeing the title itself. We explained them is a good way they simply accepted. Actually we carried a ieee conference paper not the transaction paper. And the concept we used is totally new. But they never care about them. It was simply over and all our worries went off. At last we reported at our project guide Miss.Rekha and came.

Jolly

This is the name we selected for our project, just for fun. Actually its about defacing arp poisoning attack using a linux destro called openwrt, an embedded operating system that will be run in a router. I, Lakshman, Pranav are doing this project together. We got the base paper from ieee. We have registered with it. We are clear in the concept. But we know nothing about the hardware or software implementation. Now we are zero in technical knowledge, that required to implement this project. Tomorrow zeroth review. I don't know whether ours will be selected or not. But we have confidence. We believe in us. ALL IS WELL :-)

This is the first post about our project. I'll add posts daily about our every activity regarding to this project. I think this will be an unformated document for our project.

2. Advanced Operators

Google has some advanced operators which can directly speak to the engine. For example if you are searching for a book "Google Hacking" in pdf form, you can use this operators rather giving a plain query like "Google Hacking ebook". Some advanced operators are briefly explained here which may optimize your everyday search result.

1. inurl, allinurl

syntax: inurl:(parameter) / allinurl:(parameters)
These operators tells the engine to search only the url's for the word given as parameter. They both work similar but have one simple difference. inurl will search only for the word immediately follows the colon. Thus the first word after the colon is taken as parameter. But allinurl takes all the words following the colon.
eg: inurl:google
will search for those sites which are all having the word "google" as part of its url.

2. intitle, allintitle

syntax:intitle:(parameter) / allintitle:(parameters)
These operators tells the engine to search only in the title of the pages. If you see the source of a html page you can see some lines between and tages. These lines will be displayed in the title screen of your browser. Google will search only in this lines if you specify intitle operator. As the above intitle takes the first word as the parameter and allintitle takes all words as parameter.
eg:
intitle:google
will search for those pages having the word google in its title.
nly for the word immediately follows the colon. Thus the first word after the colon is taken as parameter. But allinurl takes all the words following the colon.

3.allintext

syntax:allintext:(parameters)
Like the above two it tells the engine to search only in the text area not in other places like url, title. It has no intext operator. So it includes all the words after the colon.
eg:
allintext:google
will search for the pages having "google" in its body.

4.filetype

syntax:filetype:(parameter)
This operator tells the engine to take only the specified type files. It will be helpful many times to search for a particular type files. Here the parameter should be any file type.
eg:
filetype:pdf
search only for pdf files.

5. site

syntax:site:(paremeter)
If you give this operator, the engine will search only in that site. Thus it will return all the pages in that site crawled by Google. The parameter should be any site (jeppiaarcollege.org) or domain (.edu, .com, .org).
eg:
site:jeppiaarcollege.org
returns only the pages crawled at jeppiaarcollege.org website. At the time of writing it returns 299 results.

6. phonebook, rphonebook, bphonebook

syntax:phonebook:(parameters) / rphonebook:(parameters) / bphonebook:(parameters)
If you are looking for phone number of a person who resides in USA, you can use this for search. The parameter should be the firstname or lastname or both of a person. Also the short form the city of the person can be giver. Phonebook search gives all the results related to the person. But rphonebook looks only in residential lists while bphonebook looks only in the business records.

eg:
phonebook:James Bond ny
will search for the person whose firstname is James and last name is Bond. And as we specified the city as New York (ny), it will only look at the New York city records.


Actually there are more than twenty advanced operators presented by Google. But these are the most used and very much helpful operators. And you have to follow some rules while using this operators.

1. There should not be any space between the operator, colon and the parameter.
2. Valid parameter should be supplied to the operator. Otherwise the result may be irrelevant.
3. More than one operators may be combined in a search. But you should logically thing before using them.
4. Logical operators also can be used with this advanced operators.

1.Some basics

Some basic aspects about Google

1. Google is case insensitive
2. Google accepts maximum of 32 key words for searching. If you give more than 32 keywords Google will simply ignore it.
3. Some common words like "is", "a", "are" are ignored by Google.
4. The wild card character in Google is '*'. This can be used only for a full word. And this is not included in the word limit. There is no wild card character for a single letter or postfix or prefix for a single word.
5. Logical operators can be used for searching.
6. The logical operators are AND, OR and NOT.
   
7. Not like our maths all the logical operators are having the same preference.
8. OR search includes results for either this or that (one OR two). This can be replaced with '|' one | two)
9. AND returns result having both the key terms (one AND two)
10. NOT operation is performed with the operator '-'. This filters the pages having the word after '-' from the result for the searched term. For example, the search for one -two returns all the pages containing one and not having two.
    

Googling...

Most of us started our travel in Internet from Google. And now whatever we have a question in our mind we just go to Google and ask there. Most of us why all are using Google daily isn't it? It became a part of my life I think the same would happened for you also.

But what happened if we submit a query at Google? It returns a million results which are seems related for our query. And many people spend most of their time in just finding appropriate result for them by manually surfing the results one by one.

It may be a better thing but I think it is not the appropriate. Because we have a lots of things provided by Google to optimize our result. Thus we can make Google more focus on what we actually need. This simply reduces the number of results which makes our work easy.

This series is being created in the mood of making Google search better. The following posts are related to Google searching telling some techniques to get better result. But you have to pardon me for my English. I'm not well versed in English but tried to give my points clearly as possible i can.

Going to buy a new computer...?

If you are in idea of buying a new laptop, just spend a few minutes here. Before choosing your configuration or model, first talk with somebody who is trusty and having some knowledge in this field. Also you better surf Internet (while surfing, check the page's date it may be an year before).

The most common configuration specified in ads is intel core 2 duo processor, 2GB RAM, 360GB hard disk and other peripherals which costs around Rs.36,000. It is good configuration but not current. It is just one step before one.

Even Core 2 duo is a very good processor, you can find the latest one core i3 or core i5 in market today. This processors are faster than the previous one and use less power. Also the price is same. So according to me a good Laptop on the date 9th march 2010 is the one having

• intel core i3/i5 processer
• 2GB RAM
• 360GB hard disk
• in built modem,
• wireless modem, bluetooth
• DVD writer
• Camera, mike and good speakers

in Rs.35,000 (around) with one year warranty.