Windows Tips

_____________________________ ______________________I Topic: I_____________________ \ I I / \ HTML by: I Untold Windows Tips I Written by: / > I and Secrets I < / vinoth I_____________________________I vinoth \ /___________________________> <_________________________\

---

Welcome to another Hacking Truths Manual. This time I have a collection of Tips and Tricks which no body normally knows, the secrets which Microsoft is afraid to tell the people, the information which you will seldom find all gathered up and arranged in a single file. To fully reap this Manual you need to have a basic understanding of the Windows Registry, as almost all the Tricks and Tips involve this file.
****************
Important Note: Before you read on, you need to keep one thing in mind. Whenever you make changes to the Windows Registry you need to Refresh it before the changes take place. Simply press F5 to refresh the registry and enable the changes. If this does not work Restart your system
****************
Exiting Windows the Cool and Quick Way
Normally it takes a hell lot of time just Shutting down Windows, you have to move your mouse to the Start Button, click on it, move it again over Shut Down, click, then move it over the necessary option and click, then move the cursor over the OK button and once again (you guessed it) click.This whole process can be shortened by creating shortcuts on the Desktop which will shut down Windows at the click of a button. Start by creating a new shortcut( right click and select New> Shortcut). Then in the command line box, type (without the quotes.)
'C:\windows\rundll.exe user.exe,exitwindowsexec'
This Shortcut on clicking will restart Windows immediately without any Warning. To create a Shortcut to Restarting Windows, type the following in the Command Line box:
'c:\windows\rundll.exe user.exe,exitwindows'
This Shortcut on clicking will shut down Windows immediately without any Warning.
Ban Shutdowns : A trick to Play on Lamers
This is a neat trick you can play on that lamer that has a huge ego, in this section I teach you, how to disable the Shut Down option in the Shut Down Dialog Box. This trick involves editing the registry, so please make backups. Launch regedit.exe and go to :
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
In the right pane look for the NoClose Key. If it is not already there then create it by right clicking in the right pane and selecting New > String Value.(Name it NoCloseKey ) Now once you see the NoCloseKey in the right pane, right click on it and select Modify. Then Type 1 in the Value Data Box.
Doing the above on a Win98 system disables the Shut Down option in the Shut Down Dialog Box. But on a Win95 machine if the value of NoCloseKey is set to 1 then click on the Start > Shut Down button displays the following error message:
This operation has been cancelled due to restrictions in effect on this computer. Please contact your system administrator.
You can enable the shut down option by changing the value of NoCloseKey to 0 or simply deleting the particular entry i.e. deleting NoCloseKey.
Instead of performing the above difficult to remember process, simply save the following with an extension of .reg and add it's contents to the registry by double clicking on it.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoClose"="1"
Disabling Display of Drives in My Computer
This is yet another trick you can play on your geek friend. To disable the display of local or networked drives when you click My Computer go to :
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Now in the right pane create a new DWORD item and name it NoDrives. Now modify it's value and set it to 3FFFFFF (Hexadecimal) Now press F5 to refresh. When you click on My Computer, no drives will be shown. To enable display of drives in My Computer, simply delete this DWORD item. It's .reg file is as follows:
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoDrives"=dword:03ffffff
Take Over the Screen Saver
To activate and deactivate the screen saver whenever you want, goto the following registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\ScreenSavers
Now add a new string value and name it Mouse Corners. Edit this new value to -Y-N. Press F5 to refresh the registry. Voila! Now you can activate your screensaver by simply placing the mouse cursor at the top right corner of the screen and if you take the mouse to the bottom left corner of the screen, the screensaver will deactivate.
Pop a banner each time Windows Boots
To pop a banner which can contain any message you want to display just before a user is going to log on, go to the key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WinLogon
Now create a new string Value in the right pane named LegalNoticeCaption and enter the value that you want to see in the Menu Bar. Now create yet another new string value and name it: LegalNoticeText. Modify it and insert the message you want to display each time Windows boots. This can be effectively used to display the company's private policy each time the user logs on to his NT box. It's .reg file would be:
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Winlogon]
"LegalNoticeCaption"="Caption here."
Delete the Tips of the Day to save 5KB
Windows 95 had these tips of the day which appeared on a system running a newly installed Windows OS. These tips of the day are stored in the Windows Registry and consume 5K of space. For those of you who are really concerned about how much free space your hard disk has, I have the perfect trick.
To save 5K go to the following key in Regedit:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Tips
Now simply delete these tricks by selecting and pressing the DEL key.
Change the Default Locations
To change the default drive or path where Windows will look for it's installation files, go to the key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Setup\SourcePath
Now you can edit as you wish.
Secure your Desktop Icons and Settings
You can save your desktop settings and secure it from your nerdy friend by playing with the registry. Simply launch the Registry Editor go to:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
In the right pane create a new DWORD Value named NoSaveSettings and modify it's value to 1. Refresh and restart for the settings to get saved.
CLSID Folders Explained
Don't you just hate those stubborn stupid icons that refuse to leave the desktop, like the Network Neighborhood icon. I am sure you want to know how you can delete them. You may say, that is really simple, simply right click on the concerned icon and select Delete. Well not exactly, you see when you right click on these special folders( see entire list below)neither the rename nor the delete option does not appear. To delete these folders, there are two methods, the first one is using the System Policy Editor(Poledit in the Windows installation CD)and the second is using the Registry.
Before we go on, you need to understand what CLSID values are. These folders, like the Control Panel, Inbox, The Microsoft Network, Dial Up Networking etc are system folders. Each system folder has a unique CLSID key or the Class ID which is a 16-byte value which identifies an individual object that points to a corresponding key in the registry.
To delete these system Folders from the desktop simply go to the following registry key:
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Desktop\Namespace{xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx}
To delete an icon simply delete the 16 byte CLSID value within "NameSpace". The following are the CLSID values of the most commonly used icons:
My Briefcase:{85BBD920-42AO-1069-A2E4-08002B30309D}
Desktop: {00021400-0000-0000-C000-0000000000046}
Control Panel:{21EC2020-3AEA-1069-A2DD-08002B30309D}
Dial-Up-Networking:{992CFFA0-F557-101A-88EC-00DD01CCC48}
Fonts: {BD84B380-8CA2-1069-AB1D-08000948534}
Inbox :{00020D76-0000-0000-C000-000000000046}
My Computer :{20D04FE0-3AEA-1069-A2D8-08002B30309D}
Network Neighborhood:{208D2C60-3AEA-1069-A2D7-O8002B30309D}
Printers :{2227A280-3AEA-1069-A2DE-O8002B30309D}
Recycle Bin :{645FF040-5081-101B-9F08-00AA002F954E}
The Microsoft Network:{00028B00-0000-0000-C000-000000000046}
History: {FF393560-C2A7-11CF-BFF4-444553540000}
Winzip :{E0D79300-84BE-11CE-9641-444553540000}
For example, to delete the Recycle Bin, first note down it's CLSID value, which is: 645FF040-5081-101B-9F08-00AA002F954E. Now go to the Namespace key in the registry and delete the corresponding key.
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{645FF040-5081-101B-9F08-00AA002F954E}
Similarly to delete the History folder, delete the following key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Desktop\NameSpace\{FBF23B42-E3F0-101B-8488-00AA003E56F8}
Sometimes, you may need to play a trick on your brother or friend, well this one teaches you how to hide all icons from the Desktop. Go to the following registry key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
In the right pane create a new DWORD value by the name: NoDesktop and set its value to: 1. Reboot and you will find no icons on the desktop.
Till now you simply learnt how to delete the special system folders by deleting a registry key, but the hack would have been better if there was a way of adding the DELETE and RENAME option to the right click context menus of these special folders. You can actually change the right click context menu of any system folder and add any of the following options: RENAME, DELETE, CUT, COPY, PASTE and lots more.
This hack too requires you to know the CLSID value of the system folder whose menu you want to customize. In this section, I have taken up Recycle Bin as the folder whose context menu I am going to edit.
Firstly launch the registry editor and open the following registry key:
HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\ShellFolder.
In Case you want to edit some other folder like say the FONTS folder, then you will open the following key:
HKEY_CLASSES_ROOT\CLSID\{CLSID VALUE HERE}\ShellFolder.
In the right pane there will be a DWORD value names attributes. Now consider the following options:

1. To add the Rename option to the menu, change the value of Attributes to50 01 00 20
2. To add the Delete option to the menu, change the value of Attributes to

60 01 00 20
3. To add both the Rename & Delete options to the menu, change the value of Attributes to 70,01,00,20
4. Add Copy to the menu, change Attributes to 41 01 00 20
5. Add Cut to the menu, change Attributes to 42 01 00 20
6. Add Copy & Cut to the menu, change Attributes to 43 01 00 20
7. Add Paste to the menu, change Attributes to 44 01 00 20
8. Add Copy & Paste to the menu, change Attributes to 45 01 00 20
9. Add Cut & Paste to the menu, change Attributes to 46 01 00 20
10.Add all Cut, Copy & Paste to the menu, change Attributes to 47 01 00 20
We want to add only the Rename option to the right click context menu of the Recycle Bin, so change the value of attributes to: 50 01 00 20. Press F5 to refresh and then after rebooting you will find that when you right click on the Recycle Bin a RENAME option pops up too.
To reset the default Windows options change the value of Attributes back to
40 01 00 20
The Registry File which one can create for the above process would be something like the below:
REGEDIT4
[HKEY_CLASSES_ROOT\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell-Folder]
"Attributes"=hex:50,01,00,20
To access say the Modem Properties in the Control Panel Folder, the normal procedure is: Click on Start, Click on Settings> Control Panel and then wait for the Control Panel window to pop up and then ultimately click on the Modems icon.
Wouldn't it be lovely if you could shorten the process to: Click on Start> Control Panel>Modems. Yes you can add the Control Panel and also all other Special System Folders directly to the first level Start Menu. Firstly collect the CLSID value of the folder you want to add to the start menu. I want to add Control Panel hence the CLSID value is: 21EC2020-3AEA-1069-A2DD-08002B30309D
Now right click on the Start Button and select Open. Now create a new folder and name it: Control Panel.{21EC2020-3AEA-1069-A2DD-08002B30309D}
NOTE: Do not forget the period after the 'l' in Panel. Similarly all system folders can be added to the Start Menu.(accept My Briefcase, I think)
Deleting System Options from the Start menu
You can actually remove the Find and Run options from the start menu by performing a simple registry hack. Again like always Launch the registry editor and scroll down to the below key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Right-click on the right pane and select New, DWORD Value. Name it NoFind.(To remove the RUN option name it NoRun). Double-click the newly create DWORD to edit it's value and enter 1 as its value. This will disable the FIND option of the Start Menu and will also disable the default Shortcut key(F3 for Find.)
To restore the Run or find command modify the value of the DWORD to 0 or simply Delete the DWORD value.
Fed Up of the boring Old Yellow Folder Icons?[Drive Icons Included]
NOTE: This trick hasn't been tried on Win98.
You can easily change the boring yellow folder icons to your own personalized icons. Simply create a text file and copy the following lines into it:
[.ShellClassInfo]
ICONFILE=Drive:\Path\Icon_name.extension
Save this text file by the name, desktop.ini in the folder, whose icon you want to change. Now to prevent this file from getting deleted change it's attributes to Hidden and Read Only by using the ATTRIB command.
To change the icon of a drive, create a text file containing the following lines:
[Autorun]
ICON=Drive:\Path\Icon_name.extension
Save this file in the root of the drive whose icon you want to change and name it autorun.inf For Example, if you want to change the icon of a floppy, SAVE THE icon in a:\icon_name.ico One can also create a kewl icon for the Hard Disk and create a text file [autorun.inf] and store it in "c:\".
 Securing NT
By default, NT 4.0 displays the last person who logged onto the system. This can be considered to be a security threat, especially in the case of those who choose their password to be same as their Username. To disable this bug which actually is a feature, go to the following key in the registry editor:
HKEY_LOCAL_MACHINE\Software\Microsoft\WindowsNT\CurrentVersion\Winlogon
Click and select the ReportBookOK item and create a new string value called DontDisplayLastUserName. Modify it and set it's value to 1.
As a system administrator, you can ensure that the passwords chosen by the users are not too lame or too easy to guess. NT has this lovely utility called the User Manager which allows the administrator to set the age limit of the password which forces the users to change the password after a certain number of days. You can also set the minimum length of passwords and prevent users to use passwords which already have been used earlier and also enable account lockouts which will deactivate an account after a specified number of failed login attempts.
When you log on to Win NT, you should disable Password Caching, this ensures Single NT Domain login and also prevents secondary Windows Logon screen.
Simply copy the following lines to a plain text ASCII editor like: Notepad and save it with an extension, .reg
----------------DISABLE.reg-----------------
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network]
"DisablePwdCaching"=dword:00000001
----------------DISABLE.reg-----------------
To Enable Password Caching use the following .reg file:
--------------Enable.reg-----------------
REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Network]
"DisablePwdCaching"=dword:00000000
--------------Enable.reg-----------------

Cleaning Recent Docs Menu and the RUN MRU
The Recent Docs menu can be easily disabled by editing the Registry. To do this go to the following Key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer
Now in the right pane, create a new DWORD value by the name: NoRecentDocsMenu and set it's value to 1. Restart Explorer to save the changes.
You can also clear the RUN MRU history. All the listings are stored in the key:
HKEY_USERS\.Default\Software\Microsoft\Windows\CurrentVersion\Explorer\RunMRU
You can delete individual listings or the entire listing. To delete History of Find listings go to:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Explorer\Doc Find Spec MRU
and delete.
Customizing the Right Click Context Menu of the Start Menu
When you right click on the start menu, only 3 options pop up: Open, Explore, and Find. You can add your own programs to this pop up menu( which comes up when we right click on it.) Open Regedit and go to the following registry key:
HKEY_CLASSES_ROOT\Directory\Shell
Right click on the shell and create a new Sub Key (You can create a new SubKey by right clicking on the Shell Key and selecting New > Key.). Type in the name of the application you want to add to the start menu. I want to add Notepad to the Start Menu and hence I name this new sub key, Notepad. Now right click on the new registry key that you just created and create yet another new key named Command. Enter the full path of the application, in this case Notepad in the default value of Command in the right
pane. So I Modify the value of the default string value and enter the full pathname of Notepad:
c:\wndows\notepad.exe.
Now press F5 to refresh. Now if you right click on the Start Button you will find a new addition to the Pop Up Menu called Notepad. Clicking on it will launch Notepad.
We can not only add but also remove the existing options in this pop up box.
To delete the Find option, go to the following registry key:
HKEY_CLASSES_ROOT\Directory\Shell\Find
Delete Find. DO NOT delete Open else you will not be able to open any folders in the Start Menu like Programs, Accessories etc.
BMP Thumbnail As Icon
You can actually change the default BMP icon to a thumbnail version of the actual BMP file. To do this simply go to HKCU\Paint.Picture\Default. In the right pane change the value of default to %1. Please note however that this will slow down the display rate in explorer if there are too many BMP thumbnails to display. You can use other icons too, simply enter the pathname.To restore back to the normal change the vale of default back to: C:\Progra~1\Access~1\MSPAINT.EXE,1.
Customizing The Shortcut Arrow
All shortcuts have a tiny black arrow attached to it's icon to distinguish from normal files. This arrow can sometimes be pretty annoying and as a Hacker should know how to change each and everything, here goes another trick. Launch the Registry Editor and go to:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\explorer\Shell Icons.
Now, on the right pane is a list of icons ( we found out that on some systems, Windows 98 especially, the right pane is blank. Don't worry, just add the value as required ). Find the value 29. If it isn't there, just add it. The value of this string should be C:\Windows\system\shell32.dll, 29 ( which means the 30th icon in shell32.dll - the first one begins with 0 ). Now, we need blank icon to do this. Just create one with white as the whole icon. Go here to learn how to create an icon. Once done just change the value to C:\xxx.ico, 0 where "xxx" is the full path of the icon file and "0" is the icon in it.
Now for some fun. If the blank icon is a bit boring, change it again. You will find that under shell32.dll there is a gear icon, a shared folder ( the hand ) and much more. Experiment for yourself!
Use Perl to Get List or Services Running on your NT box
Use the following Perl Script to get a list of Services running on your NT system
--------------script.pl-----------------
#!c:\per\bin\perl.exe
use Win32::Service;
my ($key, %service, %status, $part);
Win32::Service::GetServices(' ',\%services);
foreach $key (sort keys %services) {
print "Print Name\t: $key, $services{$key}\n";
Win32::Service::GetStatus( ' ',$services{$key};
\%status);
foreach $part (keys %status) {
print "\t$part : $status{$part}\n" if($part eq "CurrentState");
}
}
-------------script.pl-------------------
Internet Explorer Tricks and Tips
Resizable Full Screen Toolbar
The Full Screen option increases the viewable area and makes surfing more enjoyable but sometimes we need the Toolbar but also need to have extra viewing area. Now this hack teaches you how to change the size of the Internet Explorer toolbar. This registry hack is a bit complicated as it involves Binary values, so to make it simple, I have included the following registry file which will enable the resizable option of the Internet Explorer toolbar which was present in the beta version of IE.
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar]
"Theater"=hex:0c,00,00,00,4c,00,00,00,74,00,00,00,18,00,00,00,1b,00,00,00,5c,\
00,00,00,01,00,00,00,e0,00,00,00,a0,0f,00,00,05,00,00,00,22,00,00,00,26,00,\
00,00,02,00,00,00,21,00,00,00,a0,0f,00,00,04,00,00,00,01,00,00,00,a0,0f,00,\
00,03,00,00,00,08,00,00,00,00,00,00,00
*******************
HACKING TRUTH: Internet Explorer 5 displays the friendly version of HTTP errors like NOT FOUND etc . They are aimed at making things easier for newbies. If you would rather prefer to see the proper error pages for the web server you're using, go to Tools, Internet Options and select the Advanced tab. Then scroll down and uncheck the Show friendly http errors box.
*******************
Making the Internet Explorer & the Explorer Toolbars Fancy
The Internet Explorer toolbar looks pretty simple. Want to make it fancy and kewl? Why not add a background image to it. To do this kewl hack launch the Windows Registry Editor and go to the following key: HKEY_CURRENT_USER\SOFTWARE\Microsoft\ Internet Explorer\Toolbar\.
Now in the right pane create a new String Value and name it BackBitmap and modify it's value to the path of the Bitmap you want to dress it up with by rightclicking on it and choosing Modify. When you reboot the Internet Explorer and the Windows Explorer toolbars will have a new look.
Change Internet Explorer's Caption
Don't like the caption of Internet Explorer caption? Want to change it? Open the registry editor and go to
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main.
In the right pane create a new String Value names Window Title (Note the space between Window and Title). Right click on this newly created String Value and select Modify. Type in the new caption you want to be displayed. Restart for the settings to take place.
Now let's move on to some Outlook Express Tricks.
Colorful Background
Don't like the boring background colors of Outlook Express? To change it launch the Windows Registry Editor and scroll down to the
HKEY_CURRENT_USER\Software\Microsoft\Internet Mail And News key.
On the left pane, click on ColorCycle or select Edit and Modify in the menu. Now change the value to 1. Close and restart. Now, launch Outlook Express and whenever you open up a New Message, hold down ctrl-shift and tap the z key to scroll to change the background color. Repeat the keystroke to cycle through the colors.
Internet Explorer 5 Hidden Features

Microsoft Internet Explorer 5 has several hidden features which can be controlled using the Windows Registry. Open your registry and scroll down to the following key:
HKEY_CURRENT_USER\Software\Policies\Microsoft\Internet Explorer\Restrictions
Create a new DWORD value named x(See complete list of values of x below) and modify it's value to 1 to enable it and to 0 to disable it.
NoBrowserClose : Disable the option of closing Internet Explorer.
NoBrowserContextMenu : Disable right-click context menu.
NoBrowserOptions : Disable the Tools / Internet Options menu.
NoBrowserSaveAs : Disable the ability to Save As.
NoFavorites : Disable the Favorites.
NoFileNew : Disable the File / New command.
NoFileOpen : Disable the File / Open command.
NoFindFiles : Disable the Find Files command.
NoSelectDownloadDir : Disable the option of selecting a download directory.
NoTheaterMode : Disable the Full Screen view option.
Hacking Secrets
Almost all system administrators make certain changes and make the system restricted. System Administrators can hide the RUN option, the FIND command, the entire Control Panel, drives in My Computer like D: A: etc. They can even restrict activities of a hacker my disabling or hiding, even the tiniest options or tools.
Most commonly these restrictions are imposed locally and are controlled by the Windows Registry. But sometimes the smart system administrators control the activities of the hacker by imposing restrictions remotely through the main server.
Poledit or Policy Editor is a small kewl tool which is being commonly used by system administrators to alter the settings of a system. This utility is not installed by default by Windows. You need to install in manually from the Windows 98 Installation Kit from the Resource Kit folder. user.dat file that we saw earlier.
The Policy Editor tool imposes restrictions on the user's system by editing the user.dat file which in turn means that it edits the Windows Registry to change the settings. It can be used to control or restrict access to each and every folder and option you could ever think of. It has the power to even restrict access to individual folders, files, the Control Panel, MS DOS, the drives available etc. Sometimes this software does make life really hard for a Hacker. So how can we remove the restrictions imposed by the Policy Editor? Well read ahead to learn more.
You see the Policy Editor is not the only way to restrict a user's activities. As we already know that the Policy Editor edits the Windows Registry(user.dat) file to impose such restrictions. So this in turn would mean that we can directly make changes to the Windows Registry using a .reg file or directly to remove or add restrictions.
Launch Regedit and go to the following Registry Key:
HKEY_CURRENT_USER/Software/Microsoft/CurrentVersion/Policies
Under this key, there will definitely be a key named explorer. Now under this explorer key we can create new DWORD values and modify it's value to 1 in order to impose the restriction. If you want to remove the Restriction, then you can simply delete the respective DWORD values or instead change their values to 0. The following is a list of DWORD values that can be created under the Explorer Key-:
NoDeletePrinter: Disables Deletion of already installed Printers
NoAddPrinter: Disables Addition of new Printers
NoRun : Disables or hides the Run Command
NoSetFolders: Removes Folders from the Settings option on Start Menu (Control Panel, Printers, Taskbar)
NoSetTaskbar: Removes Taskbar system folder from the Settings option on Start Menu
NoFind: Removes the Find Tool (Start >Find)
NoDrives: Hides and does not display any Drives in My Computer
NoNetHood: Hides or removes the Network Neighborhood icon from the desktop
NoDesktop: Hides all items including, file, folders and system folders from the Desktop
NoClose: Disables Shutdown and prevents the user from normally shutting down Windows.
NoSaveSettings: Means to say, 'Don't save settings on exit'
DisableRegistryTools: Disable Registry Editing Tools (If you disable this option, the Windows Registry Editor(regedit.exe) too
will not work.)
NoRecentDocsHistory: Removes Recent Document system folder from the Start Menu (IE 4 and above)
ClearRecentDocsOnExit: Clears the Recent Documents system folder on Exit.
Nolnternetlcon: Removes the Internet (system folder) icon from the Desktop
Under the same key: HKEY_CURRENT_USER/Software/Microsoft/CurrentVersion/Policies you can create new subkeys other than the already existing Explorer key. Now create a new key and name it System. Under this new key, system we can create the following new DWORD values(1 for enabling the particular option and 0 for disabling the particular option):
NODispCPL: Hides Control Panel
NoDispBackgroundPage: Hides Background page.
NoDispScrsavPage: Hides Screen Saver Page
NoDispAppearancePage: Hides Appearance Page
NoDispSettingsPage: Hides Settings Page
NoSecCPL: Disables Password Control Panel
NoPwdPage: Hides Password Change Page
NoAdminPaqe: Hides Remote Administration Page
NoProfilePage: Hides User Profiles Page
NoDevMgrPage: Hides Device Manager Page
NoConfigPage: Hides Hardware Profiles Page
NoFileSysPage: Hides File System Button
NoVirtMemPage: Hides Virtual Memory Button
Similarly, if we create a new subkey named Network, we can add the following DWORD values under it(1 for enabling the particular option and 0 for disabling the particular option):
NoNetSetupSecurityPage: Hides Network Security Page
NoNelSetup: Hides or disables the Network option in the Control Panel
NoNetSetupIDPage: Hides the Identification Page
NoNetSetupSecurityPage: Hides the Access Control Page
NoFileSharingControl: Disables File Sharing Controls
NoPrintSharing: Disables Print Sharing Controls
Similarly, if we create a new subkey named WinOldApp, we can add the following DWORD values under it(1 for enabling the particular option and 0 for disabling the particular option):
Disabled: Disable MS-DOS Prompt
NoRealMode: Disable Single-Mode MS-DOS.
So you see if you have access to the Windows Registry, then you can easily create new DWORD values and set heir value to 1 for enabling the particular option and 0 for disabling the particular option. But Sometimes, access to the Windows Registry is blocked. So what do you do? Go to the Windows Directory and delete either user.dat or system.dat (These 2 files constitute the Windows Registry.) and reboot. As soon as Windows logs in, it will display a Warning Message informing you about an error in the Windows Registry. Simply ignore this Warning Message and Press CTRL+DEL+ALT to get out of this warning message.(Do not press OK) You will find that all restrictions have been removed.
The most kind of restriction found quite commonly is the Specific Folder Restriction, in which users are not allowed access to specific folders, the most common being the Windows folder, or sometimes even access to My Computer is blocked. In effect, you simply cannot seem to access the important kewl files which are needed by you to do remove restrictions. What do you? Well use the RUN command. (START >RUN). But unfortunately a system administrator who is intelligent enough to block access to specific folder, would definitely have blocked access to the RUN command. Again we are stuck.
Windows is supposed to be the most User Friendly Operating System on earth. (At least Microsoft Says so.)
It gives the User an option to do the same thing in various ways. You see the RUN command is only the most convenient option of launching applications, but not the only way. In Windows you can create shortcuts to almost anything from a file, folder to a Web URL. So say your system administrator has blocked access to the c:\windows\system folder and you need to access it. What do you do? Simply create a Shortcut to it. To do this right click anywhere on the desktop and select New > Shortcut. A new window titled Create Shortcut pops up. Type in the path of the restricted folder you wish to access, in this case c:\windows\system. Click Next, Enter the friendly name of the Shortcut and then click Finish. Now you can access the restricted folder by simply double clicking on the shortcut icon. Well that shows how protected and secure *ahem Windows *ahem is.
****************
HACKING TRUTH: Sometimes when you try to delete a file or a folder, Windows displays an error message saying that the file is protected. This simply means that the file is write protected, or in other words the R option is +. Get it? Anyway, you can stop Windows from displaying this error message and straightaway delete this file by changing its attributes to Non Read Only. This can be done by Right Clicking on the file, selecting Properties and then
unselecting the Read Only Option.
***************
There is yet another way of accessing restricted folders. Use see, DOS has a lovely command known as START. Its general syntax is:
START application_path
It does do what it seems to do, start applications. So in you have access to DOS then you can type in the START command to get access to the restricted folder. Now mostly access to DOS too would be blocked. So again you can use the shortcut trick to launch, c:\command.com or c:\windows\command.com. (Command.com is the file which launches MS DOS).
Accessing Restricted Drives.
The problem with most system administrators is that they think that the users or Hackers too are stupid. Almost all system administrators use the Registry Trick (Explained Earlier) to hide all drives in My Computer. So in order to unhide or display all drives, simply delete that particular key.(Refer to beginning of Untold Secrets Section.)
Some systems have the floppy disk disabled through the BIOS. On those systems if the BIOS is protected, you may need to crack the BIOS password. (For that Refer to the Windows Hacking Chapter). Sometimes making drives readable (Removing R +) and then creating Shortcuts to them also helps us to get access to them.
Further Changing your Operating System's Looks by editing .htt files
If you have installed Windows Desktop Update and have the view as Web Page option enabled, you can customise the way the folder looks by selecting View > Customise this folder. Here you can change the background and other things about that particular folder. Well that is pretty lame, right? We hackers already know things as lame as that. Read on for some kewl stuff.
Well, you could also change the default that is stored in a Hidden HTML Template file (I think so..) which is nothing but a HTML document with a .htt extension. This .htt file is found at: %systemroot%\web\folder.htt.
The %systemroot% stands for the drive in which Windows is Installed, which is normally C:
You can edit these .htt files almost just like you edit normal .HTM or .HTML files. Simply open them in an ASCII editor like Notepad. The following is a list of .htt files on your system which control various folders and which can be edited to customise the way various folders look.
controlp.htt Control Panel
printers.htt Printers
mycomp.htt My Computer
safemode.htt Safe Mode
All these files are found in the web folder in %systemfolder%. The folder.htt file has a line:
'Here's a good place to add a few lines of your own"
which is the place where you can add your own A HREF links. These links would then appear in the folder whose folder.htt file you edited. All this might sound really easy and simple, but you see these .htt files do not contain normal HTML code, instead they contain a mixture of HTML and web bots. Hence they can be difficult for newbies to understand.

Internet Architecture, Network Concepts and Facts

 

================================================
Internet Architecture, Network Concepts and Facts================================================

OverView==========------------------------------------------------------1. Short summary on the history of the Internet (boring yet vital)

2. Internet Protocols and Jargon 

3. Host Machines and Host Names

4. Architecture of the Internet and Packet Switching

5. Synchronous and Asynchronous Communication

6. Who is in Charge? (boring yet vital)

7. The future of the Internet

8. Further reading

------------------------------------------------------

This text won't make you an elite hacker or a cracker, but will clear up many misunderstandings you might have about the Internet and the way it is structured. Okay before you start reading, i will be summarizing most of this info because many other tutorials have been written in detail explaining the sections presented. This is just another way to say, IAM NOT GOING TO WASTE MY TIME TYPING. So i see you have downloaded this text to learn more about the wonderful tool the world has ever seen, but do you really understand the juicy info behind the Internet? Well after reading this you will!


1: Summary on the history of the Internet (boring yet vital)

Well every place i go i keep hearing ppl saying things like i was chatting, or i sent him/her an email, or i was checking his site on the INTERNET. Now when you are asked what is the Internet? you reply, Well the Internet is like a program i write a www.blahblah.com and i see stuff and i download it, not hard, probably took days to do, well someone is wrong, heheheh.

The Internet is a global assemblage of more than 20 million computers and growing in rapid intercommunication. These forms of communication links are made up of optical fibers, digital cables, satellite transmissions, and yup you guessed it, telephone lines. The Internet can be described in three terms, the hardware infrastructure that supports it, the software that powers it, and the people who populate it. 

When the Internet began, until the early 90s, the only guys who used it weren't normal ppl, but they were the scientists, academics, science students and the real deal computer programmers who were pursuing long-distance collaborations and research. The Internet isn't something that just popped out of nowhere, it has been around for decades, but was something overlooked by the media until 1990. Well the origin of the Internet dates back to 1970, when four computers, yes four, one each at The University of California at Los Angeles, The University of California at Santa Barbara, The Stanford Research Institute, and The University of Utah at Salt Lake City were hooked up over phone lines. 

From the first four computers that powered the first Internet, 13 years later 562 boxes were connected to it in 1983, and by 1993 that number has reached 1.2 million and in 1996 it was 12 million, and this number remains doubling every 12-14 months. One critical component underlying today's Internet is the software that supports network communications. In the Internets's beginning dayz, the software that powered the networks wasn't user friendly, they didn't have fancy crap with popup menus and fancy Graphical User Interfaces (GUI), they had cryptic programs which looked like hell for normal people. One reason for this is because the only people who used the net were scientists who didn't care about user friendly interfaces. The software they designed was difficult, which hindered the popularity of the net. 

The first tools that these cool guys made that innovated the Internet were, Telnet, yup the good old telnet, which was made in 1969 and second, the File Transfer Protocol (ftp), which was made in 1971 and is still in great use today. (i wasn't born yet, heh) Other popular communication programs have also evolved with the Internet, which are know by the names of: Usenet Newsgroups, Internet Relay Chat (IRC), Gophers, and Multi-user Dungeons (MUD's).


2: Internet Protocols and Jargon (what those 3 letter words mean) 


We computer guys tend to speak in acronyms, small words that have a lot of valuable info. Acronyms are ubiquitous on the Internet, and all this wonder will be explained here. 

Many Internet acronyms involve a "P" letter. Lets look at these, we have, SLIP, TCP, UDP, FTP, ICMP, SMTP, HTTP, PPP, IP, and Mikkkeee (only playing). Okay now you have witnessed the confusion, what does all this stuff mean. All of them stand for the word "protocol." So when ever you see a "P" at the end of a computer acronym, there is a big chance its stands for protocol. Now the tough part is what is this protocol? Well a protocol in computer science just refers to formalities and conventions observed by computers during cross computer communication. So its just like this, in order for boxes to share data, each box must use the same data transfer rules, or we won't have communication. Just like the old dayz when ppl used the telegraph, which communicated through the communication protocol called the Morse code. Then came the Ham radio operators who also had their protocols and now we have the Internet, which also needs its little protocols. 

(Now I am not going to kill you via boredom by explain the concept of protocols because they are already explained by the tutorials found at BSRF, but i will sprinkle the sprinkles on the cake.) 

The Internet Protocol (IP) is the cornerstone for all Internet communications. In fact, you can see if a box is alive (on the net) by asking for its IP, yah not going far as to doing something lame as DoSing the box! Now each computer on the Internet has a unique IP number that operates as its Internet address. When we say that there are 20 million computers on the Internet, that figure is really based on the number of IP addresses in use in that year. 

As you have begun to browser the net, or start your mission in becoming a hacker, you will most likely come across some reference to the Transfer Control Protocol/Internet Protocol(TCP/IP). TCP is nothing to be feared, it works closely with IP in order to prepare packets of data before an Internet data transfer. TCP also interprets those same packets at the receiving end after the transfer. 

Additional protocols are also used to power the net. These are, the File Transfer Protocol (FTP), which moves filz from one computer to another. The Simple Mail Transfer Protocol (SMTP) designed in 1982 to support e-mail communications. The HyperText Transfer Protocol (HTTP), made in 1990 so that web browsers could read documents on the web.

The Point-to-point protocol (PPP) and the Serial Line Internet Protocol (SLIP), which generally are terms used if you need to set up access to the Internet over a telephone line through an Internet Service Provider (ISP). These protocols are used when a computer wants to communicate over the Internet, over a serial transmission line, like an analog telephone line, and the user wants to use a browser such as Internet Explorer. So his isp will offer a ppp or a slip account to the users who want to view graphics on the net. (Now you might have noticed that I didn't go in depth but for further information on protocols check out the tuts at bsrf for further info.) 


3: Host Machines and Host Names

Now to gain good knowledge on how the net works you will need to know something about host machines/host names. 

Now a computer that has been assigned an IP address is called a HOST MACHINE. Each IP address is made up of four integers separated by periods. Lets take an example, my ip on the net yesterday was 150.211.39.128 just like zip codes tell a person where you live, IP addresses reveal not your geographical info, but your computer network's info. Now the numbers to the furthermost part to the left represent the large part of the Internet, while the numbers to the further part of the right represent a specific host machine. 

While all these numbers are fine for computer communications, long strings of numbers are not easy for us to remember so that's why we have substituted the long strings of numbers into symbolic names. Symbolic names look like this www.yahoo.com, which is easier to remember. Symbolic host names are always converted into their IP addresses for the purpose of network communications. The Domain Name Service (DNS) is responsible for this task of mapping symbolic names to their numerical equivalents, and symbolic host names are often called DNS names or addresses. Lets look at an example, DNS names, follow certain naming conventions that help us remember the names easily. so we have 

 

 " blah.cs.NYU.edu "

       |    |     |     |    

       |    |     |     |--->  this segment refers to an educational site.

       |    |     |-------->  this part stands for the school, here its NYU University.
       |    |------------->  this stands for Computer Science Department.      

       |----------------->  this stands for the name of the machine.



   

ohh one more thing, sometimes lamers talk about "HIGH LEVEL DOMAIN NAMES" so they think they are so smart well they are only referring to the final part of the full domain name. This means a high level domain name identifies the type of site and where the host machine resides. Here is a list:


-------------------------------------------
.com = a commercial organization
.edu = an educational site
.org = a nonprofit organization 
.net = a network site
.gov = a government agency
.mil = a military site 

These high level domain names can in many cases be followed by other suffixes, that will identify their geographical location by country. This list is very small, (ahh again a complete list can be found at BSRF) blahblah.net.lk = Sri Lanka blahblah.net.il = Isreal blahblah.net.gb = Great Britain okay that's enough!
-------------------------------------------


4: Architecture of the Internet and Packet Switching 

Well while you browse the Internet you might think every computer on it is equal well your wrong, not all computers are equal. Well to understand what i mean i have to explain to you how data gets moved across the Internet by PACKET SWITCHING.

In order to understand packet switching you will have to understand what packet switching tries to achieve. When the Department of Defense was paying for the original network research that led to the Internet, they wanted a strong network that could withstand regional power blackouts or other problems. So in order to achieve such a robust communication, it was vital to design a transmission protocol that could readily find new routes if its destination was dead for some reason. So those guys came up with a cool plan to design a form of DYNAMIC ROUTING, which will become the standard means of moving data across the network. Dynamic Routing just means that routes for data are always selected at the time of transmission, after taking current network conditions into consideration. 

The network designers also felt it was important to distribute route-selection capabilities throughout the network, so that no single site was responsible for the entire network. Let me explain this further, lets say like a network was designed " hierarchically " so that everything passes through that central routing site, so if anything happens to that central routing site well HOUSTON WE GOT A PROBLEM! 

This is how a hierarchically network would look like:





----------------------------------------------------------------------------                            ___
                           |___|

                           / \ / \       Well you can clearly see that the

                          /  /\   \      big box is the central routing site 

                        O O O  O    so if anything happens to the big 
                                          box then we got a big problem.



 ----------------------------------------------------------------------------

So since these guys were very smart they built the Internet in "heterarchically," which really means instead of having one central routing site, there are a large number of routing sites distributed all over the network. The hosts that decide how to route transmissions across the Internet are called ROUTERS. The Internet today is currently being run by thousands of these hosts called routers. 

 ---------------------------------------------------------------------------------


                          O-O     Okay the art sucks but you see the idea

                        / -O- \    there isn't one box there are many hosts
                       O-----O   so if one dies, others can still work

                         \ O /

 --------------------------------------------------------------------------------- 

So now you figured out the difference, dynamic heterarchical routing is what makes the Internet work so good, and the key idea that binds everything together is packet switching. All of the data moved across the Internet is moved in units called PACKETS. The traffic on the net is measured by counting the packets transferred in a period of time. 

If this concept is hard for you to understand let me explain. Lets say you are downloading a file from a server in California to your box in New York. The software running on the server breaks the huge file into packets. Lets say your file was 100k it might be broken down info 6 or 7 packets, then each packet is stamped with the IP address of its destination, as well as the IP address of the originating host. Packets will also be given instructions, these instructions describe the size of the original transmission and where each specific packet should be positioned when the original transmission is put together when it gets to my computer. Now the big deal is that each packet is sent out onto the Internet to find its way to the destination address. This means that the 6 or 7 packets don't have to travel together so they can go from California to other parts of the country then they find their way to New York. The packets are first given to a router, which looks at their destination address and decides where to send the packets. Now the router at that location then does the same thing. So when all the packets come to New York, they are then assembled into a single file. Each packet is checked first to see if it has arrived intact. If there was an error in a packet then a request to resend that packet is sent to the originating host. This form of sending files is the best way to work on a net, because it minimizes network load and by sending small packets the destination won't have to wait for the whole file to be sent if it had errors. Every computer running on the Internet uses this form of data transfer. 


Important newbie fact 

Well if your reading this you probably were alive in 1996, well what's the big deal you ask, lets put this concept of packet switching into the real world. On August 7, 1996, 6 million AOL customers were unable to access the Internet because AOL had recently loaded new software onto its network routers. This software contained incorrect routing information. As a result, AOL couldn't route packets on or off its gateway hosts. The 6 million guys waiting soon found out that their aol service was interrupted and for 19 hours these guys couldn't surf the net. Now since only AOL had this problem, the rest of the world who are smart enough not to use aol were checking their email and chatting and visiting sites, thanks to the architecture of the net not all of us suffered. 


5: Bandwith and Asynchronous Communication 

Okay, you're probably saying what's this topic Mike? Its nothing to fear, i'll explain in simple English a little child can understand. 

Online communication takes some time for normal people to understand or to just get used to. In the world you live in called off-line world communication is dominated by two way, real time communication, ie. you and a friend talking. This conversation is being operated in two directions, with questions/answers being talked about right away. Now in the computer sphere, a two way communication mediated by shared signals for beginning/ending conversations is called SYNCHRONOUS communication. Synchronous communication is like normal human/animal conversation. This form of communication relies on shared signals for starting and stopping. Examples of this communication would be like your browser sending a msg to a host and the host sends you something, a packet or a file. Programs which deal with this communication are software found on your box, Cu-Cms and RealVideo are some, which allow internet users with properly equipped hosts to converse with other internet users through a video channel. Problems arise in this form of communication, because as both of us know if you don't have the bandwidth, you will be staring at a video box with images that are jerky and stroboscopic (images which look like garbage). 

When a communication exchange does not rely on shared signals for starting and stopping, this communication is called ASYNCHRONOUS communication. Now your probably confused but don't be. This form of communication seen online is characterized by long waits for responses. This communication is seen in email messages which take some people forever to answer back. This doesn't have anything to do with the servers or the bandwidth, but has to do with the human being on the other side. Email messages are delivered in a matter of seconds, but there is no guarantee that an intended recipient will be ready and waiting to reply as soon as your message is received. So the reason for this is that it pays to think about what your are saying and how your saying because it will affect the outcome of the asynchronous communication. 


6: Who is in Charge?


Your probably wondering, yeah I always wanted an answer to that question, so explain to me plz. hehe! 

Okay I am not going to lie to you, questions about Internet management and maintenance are very boring so bare with me. You might also want to ask who pays for all this? Who fixes it when it messes up? Who is responsible for keeping everything working? Who makes the decisions about the future of this wonderful tool? Well I'll answer everything right here. 

As I explained in the previous parts of this text, the net is composed of thousands of smaller networks that are independent from one another, remember the heterarchical structure,heh. Now these smaller networks are managed by corporations, government agencies and universities with different hardware platforms and different network technologies. Now you see that I am going back and all these small and large networks are held together by a wonderful glue called TCP/IP. But I see your going to ask, okay, cool but what holds it together administratively, like how can this huge tool have no central authority? Okay let me answer your question, remember when i told you that the Internet was made by scientists and programmers, well those guys have always pushed the spirit of this wonderful tool. So when these guys made up TCP/IP they made it public so that TCP/IP could be placed on any hardware platform. Now the Department of Defense had a large part in this deal but like the Department of Defense, the university researchers also did a lot, and like the rest they also made their finding public. By doing this anyone who had access to the internet, could access these documents and put their own influence into the development of the net. Now you might think that all this public stuff is done with, well not. This way of life is still managed by a group that oversees the continuing growth of the Internet, this group is called, INTERNET SOCIETY (ISOC). This organization oversees a number of smaller groups also pursuing the growth of the net. These groups are: 

- Disaster Assistance Committee 
- Internet Operations Forum 
- Internet Architecture Board (IAB) 
- Internet Engineering Task Force (IETF) 
- Internet Assigned Number Authority (IANA) 
- Internet Engineering Steering Group (IESG) 
- Internet Research Task Force (IRTF) 
- k-12 Committee 

ISOC has no sanction or governmental power so it operates as a resource for ppl who want to participate in the growth of the net. 

The Internet's high-speed backbone is a key component of the net, and many different organizations have said they are responsible for maintaining the backbone. In the 70's, research parties funded by the Advanced Research Projects Agency (ARPA) were given access to ARPAnet. In the late 70's, the National Science Foundation (NSF) joined with ARPA to create a network that would be more available for computer scientists in the US. NSF then gave birth to CSnet in 1979. In 1982, a gateway was established between ARPAnet/CSnet, which demonstrated the viability of a network of networks like a small version of the Internet. After the joining of ARPAnet/CSnet, the term "INTERNET" was then adopted. 

By 1983, more networks began to do the same thing by expanding/establishing their own user communities. In San Francisco, FidoNet connected FidoBBS (Bulletin Board Systems) across the nation so that many users of local bulletin boards could exchange messages by email/discussion groups. In the same year, the Department of Defense switched all of its military networks to the TCP/IP protocol. By then, TCP/IP software was only included in all UNIX software distros out of the University of California at Berkley. UNIX was the operating system of choice for computer scientist, and it still is, so by doing this a huge jump was put in Internet expansion. 

BY 1985 the Internet was further expanded when NSF became a leader in network communication and they got funding from Congress to join 100 more universities to the Internet. By doing this NSF then connected five supercomputer sites in a new network called NSFnet. With all these costs and further spending the Federal Government, soon realized it couldn't afford to subsidize the Internet. So now it became a private industry. So the firms which made up the NSFnet backbone (IBM, MCI, MERIT) created a nonprofit company called Advanced Networks and Services (ANS). Then in 1992, ANS built a new backbone, ANSnet, with 30 times the bandwidth of the old NSFnet backbone. ANSnet is the current backbone for the Internet and the first one not maintained by the government but by private companies. 

Now since your probably bored and confused, let me finish off, since no federally sponsored organization oversees everything, there are some which monitor some parts. Lets look at Federal Communication Commission (FCC) they don't have any authority over the net, but they do regulate the billing practices of telephone companies. This is really cool, cause the FCC does not allow phone companies to bill ppl for digital communication differently than they do for voice communication. So the main deal is this, the net is operated by small spheres and ppl who impose on themselves to censor stuff or to protect ppl from the bad sides of the net. 


7: The future of the Internet 

Well I am going to let you do some work now. Since you just read the info on the net how big you think the info on Internet2 is going to be. let me give you a hint, it is going to be big. At the moment, a new upgraded version of the internet is in development, and its going to be called Internet 2 or simply I2. This will be a heaven when its complete so with out further interruption I have made a site dedicated to Internet 2. The site is good enough and is still up to date. Chk out the links for further news on it. The url of the site is http://i2.virtualave.net/ ahh man i forgot to kill the banners, well enjoy!!!


8: Further reading 


Okay I have chosen some books if you want to learn more, cause you know in 3 decades i summarized them in 7 or 8 pages so i think you might want to read more. 

Good books to read. 

Where Wizards Stay up Late, by Katie Hafner and matthew Lyon. Simon and shuster, New York, NY, 1996. (304 pages) 

Being Digital, by Nicholas Negroponte. Vintage Books, New York, Ny, 1995. (255 pages) 

The Internet 1997 Unleashed, by Jill Ellsworth and Billy Baron (Eds)Sams.net Publishing, Indianapolis, IN, 1996. (1,269 pages)

Bit Torrent Tutorials

Bit Torrent Tutorials

The first things you need to know about using Bit Torrent:
-- Bit Torrent is aimed at broadband users (or any connection better than dialup).
-- Sharing is highly appreciated, and sharing is what keeps bit torrent alive.
-- A bit torrent file (*.torrent) contains information about the piece structure of the download (more on this later)
-- The method of downloading is not your conventional type of download. Since downloads do not come in as one
big chunk, you are able to download from many people at once, increasing your download speeds. There may be
100 "pieces" to a file, or 20,000+ pieces, all depending on what you're downloading. Pieces are usually small (under 200kb)
-- The speeds are based upon people sharing as they download, and seeders. Seeders are people who constantly
share in order to keep torrents alive. Usually seeders are on fast connections (10mb or higher).


In this tutorial, I will be describing it all using a bit torrent client called Azureus. This client is used to decode the .torrent files into a useable format to download from other peers. From here on out, I will refer to Bit Torrent as BT.


Which BT client you use, is purely up to you. I have tried them all, and my personal favorite is Azureus for many reasons. A big problem with most BT clients out there, is that they are extremely CPU intensive, usually using 100% of your cpu power during the whole process. This is the number one reason I use Azureus. Another, is a recently released plug-in that enables you to browse all current files listed on suprnova.org (the #1 source for torrent downloads).


Before you use the plug-in, take a look at /http://www.suprnova.org, and browse the files. Hold your mouse over the links, and you'll notice every file ends in .torrent. This is the BT file extension. Usually, .torrent files are very small, under 200kb. They contain a wealth of information about the file you want to download. A .torrent file can contain just 1 single file, or a a directory full of files and more directories. But regardless, every download is split up into hundreds or thousands of pieces. The pieces make it much easier to download at higher speeds. Back to suprnova.org. Look at the columns:


Added | Name | Filesize | Seeds | DLs (and a few more which aren't very useful.)


I'll break this down.
Added: Self explanitory, its the date the torrent was added.
Name: Also self explanitory.
Filesize: Duh
Seeds: This is how many people are strictly UPLOADING, or sharing. These people are the ones that keep .torrent files alive. By "alive", I mean, if there's no one sharing the .torrent file, no one can download.
DLs: This is how many people currently downloading that particular torrent. They also help keep the torrent alive as they share while they download.


It's always best to download using a torrent that has a decent amount of seeders and downloaders, this way you can be assured there's a good chance your download will finish. The more the better.


Now that you should understand how torrent files work, and how to use them, on to Azureus!
First, get JAVA! You need this to run Azureus, as java is what powers it. Get Java here: /http://java.sun.com/j2se/1.4.2/download.html
Next, get Azureus at: /http://azureus.sourceforge.net
Next, get the Suprnovalister plugin from /http://s93732957.onlinehome.us/storage/suprnovalister.jar


Install Java JRE before you do ANYTHING.


Install Azureus, and then in the installation folder, create 2 more folders. ./Plugins/suprnovalister (For example, if you installed Azureus to C:\PROGRAM FILES\AZUREUS, create C:\PROGRAM FILES\AZUREUS\PLUGINS\SUPRNOVALISTER). Next, put the suprnovalister.jar file that you downloaded, in that folder.


Load up Azureus, and if you want, go through the settings and personalize it.


The tab labeled "My Torrents" is the section of Azureus you need the most often. That lists all your transfers, uploads and downloads. It shows every bit of information you could possibly want to know about torrents you download.


In the menu bar, go to View > Plugins > Suprnova Lister. This will open up a new tab in Azureus. Click on "Update Mirror". This will get a mirror site of suprnova.org containing all current torrent files available. Once a mirror is grabbed, choose a category from the drop-down box to the left and click "Update". Wah-lah, all the available downloads appear in the main chart above. Just double click a download you want, and bang its starting to download. Open the "My Torrents" tab again to view and make sure your download started.


After your download has finished, be nice, and leave the torrent transferring. So people can get pieces of the file from you, just as you got pieces from other people.


Alternatively, if you don't want to use the plugin... you can just head to suprnova.org and download files to any folder. Then go to File > Open > .torrent File in Azureus.


This should about wrap it up for the Bit Torrent Tutorial. If you guys think of anything I should add, or whatnot, just let me know and I'll check into it.

FIREWALL PROTECTION

What is a Firewall?

A firewall is a tool that monitors communication to and from your computer. It sits between your computer and the rest of the network, and according to some criteria, it decides which communication to allow, and which communication to block. It may also use some other criteria to decide about which communication or communication request to report to you (either by adding the information to a log file that you may browse whenever you wish, or in an alert message on the screen), and what not to report.

What Is It Good For?
Identifying and blocking remote access Trojans. Perhaps the most common way to break into a home computer and gain control, is by using a remote access Trojan (RAT). (sometimes it is called "backdoor Trojan" or "backdoor program". Many people simply call it a "Trojan horse" although the term "Trojan horse" is much more generic). A Trojan horse, is a program that claims to do something really innocent, but in fact does something much less innocent. This goes to the days where the Greek soldiers succeeded to enter through the gates of Troy by building a big wooden horse, and giving it as a present to the king of Troy. The soldiers allowed the sculpture to enter through their gates, and then at night, when the soldiers were busy guarding against an outside attack, many Greek soldiers who were hiding inside the horse went out and attacked Troy from the inside. This story, which may or may not be true, is an example of something which looks like something innocent and is used for some less innocent purpose. The same thing happens in computers. You may sometimes get some program, via ICQ, or via Usenet, or via IRC, and believe this program to be something good, while in fact running it will do something less nice to your computer. Such programs are called Trojan horses. It is accepted to say that the difference between a Trojan horse and a virus, is that a virus has the ability to self-replicate and to distribute itself, while a Trojan horse lacks this ability. A special type of Trojan horses, is RATs (Remote Access Trojans, some say "remote admin Trojans"). These Trojans once executed in the victim's computer, start to listen to incoming communication from a remote matching program that the attacker uses. When they get instructions from the remote program, they act accordingly, and thus let the user of the remote program to execute commands on the victim's computer. To name a few famous RATs, the most common are Netbus, Back-Orifice, and SubSeven (which is also known as Backdoor-G). In order for the attacker to use this method, your computer must first be infected by a RAT.
Prevention of infections by RATs is no different than prevention of infection by viruses. Antivirus programs can identify and remove most of the more common RATs. Personal firewalls can identify and block remote communication efforts to the more common RATs and by thus blocking the attacker, and identifying the RAT.

Blocking/Identifying Other Types of Trojans and WQorms?
There are many other types of Trojan horses which may try to communicate with the outside from your computer. Whether they are e-mail worms trying to distribute themselves using their own SMTP engine, or they might be password stealers, or anything else. Many of them can be identified and blocked by a personal firewall.

Identifying/Blocking Spyware's/Adbots?
The term "spyware" is a slang which is not well defined. It is commonly used mainly for various adware (and adware is a program that is supported by presenting advertisements to the user), and that during their installation process, they install an independent program which we shall call "adbot". The adbot runs independently even if the hosting adware is not running, and it maintains the advertisements, downloads them from the remote server, and provides information to the remote server. The adbot is usually hidden. There are many companies that offer adbots, and advertisements services to adware. The information that the adbots deliver to their servers from the computer where the adbot is installed, is "how much time each advertisement is shown, which was the hosting adware, and whether the user clicked on the advertisement. This is important so that the advertisements server will be able to know how much money to get from each of the advertised companies, and how much from it to deliver to each of the adware maintainers. Some of the adbots also collect other information in order to better choose the advertisements to the users. The term "spyware" is more generic, but most of the spyware fall into this category. Many types of adbots can be identified and blocked by personal firewalls.

Blocking Advertisements?
Some of the better personal firewalls can be set to block communication with specific sites. This can be used in order to prevent downloading of advertisements in web pages, and thus to accelerate the download process of the web sites. This is not a very common use of a personal firewall, though.

Preventing Communication to Tracking Sites?
Some web pages contain references to tracking sites. e.g. instruct the web browser to download a small picture (sometimes invisible) from tracking sites. Sometimes, the pictures are visible and provide some statistics about the site. Those tracking sites will try to save a small text either as a small file in a special directory, or as a line in a special file (depending on what is your browser), and your browser will usually allow the saving site to read the text that it saved on your computer. This is called "web cookies" or sometimes simply "cookies". Cookies allow a web site to keep information that it saved some time when you entered it, to be read whenever you enter the site again. This allow the web site to customize itself for you, and to keep track on everything that you did on that site. It does not have to keep that information on your computer. All it has to save on your computer is a unique identifying number, and then it can keep in the server's side information regarding what has been done by the browser that used that cookie. Yet, by this method, a web site can get only information regarding your visits in it. Some sites such as "doubleclick" or "hitbox" can collect information from various affiliated sites, by putting a small reference in the affiliated pages to some picture on their servers. When you enter one of the affiliated web pages, your browser will communicate with the tracking site, and this will allow the tracking site to put or to read a cookie that identifies your computer uniquely, and it can also know what was the web page that referred to it, and any other information that the affiliated web site wanted to deliver to the tracking site. This way tracking sites can correlate information from many affiliated sites, to build information that for example will allow them to better customize the advertisements that are put on those sites when you browse them.
Some personal firewalls can be set to block communication to tracking sites. It is not a common use of a personal firewall, though, and a personal firewall is not the best tool for that, but if you already have one, this is yet another possible use of it.

Blocking or Limiting the NetBIOS Communication? (as well as other default services)
The two common methods of intruders to break into home computers, are through a RAT (which was discussed in II.3a) and through the NetBIOS communication. The NetBIOS is a standard for naming computers in small networks, developed long ago by IBM and Microsoft. There are a few communication standards which are used in relation to the NetBIOS. The ones that are relevant for Microsoft Windows operating systems, are: NBT (NetBIOS over TCP/IP), IPX/SPX, and NetBEUI. The communication standard which is used over the Internet, is NBT. If it is enabled, and there is no firewall or something else in the middle, it means that your computer is listening for communications over the Internet via this standard, and will react according to the different NBT commands that it gets from the remote programs. It is thus that the NBT (which sometimes loosely called "NetBIOS") is acting as a server. So the next question should be "what remote NBT commands the NBT server will do on the local computer". The answer to this question depends on the specific setting on your computer. You may set your computer to allow file and print sharing. If also NBT is enabled, it means that you allow remote users to share your files or printers. This is a big problem. It is true that in principle the remote user has to know your password for that computer, but many users do not set a password for their user on Windows, or set a trivial password. Older versions of Win95 had file and print sharing over NetBIOS enabled by default. On Win98, and WinMe it was disabled by default, but many technicians, when they set a home network, they enable the file and print sharing, without being aware that it influences also the authorizations of a remote Internet user. There are even worms and viruses who use the File sharing option to spread in the Internet. Anyway, no matter whether you need it for some reason or just are not aware of it, a personal firewall can identify and block any external effort to communicate with the NetBIOS server on your computer. The more flexible personal firewalls can be set to restrict the authorization to communicate with the NetBIOS. Some Windows operating systems, especially those which are not meant for home uses, offer other public services by default, such as RPC. A firewall can identify communication efforts to them, and block them. Since such services listen to remote communications, there is a potential risk when there are efforts to exploit security holes in the programs that offer the services, if there are such security holes. A firewall may block or limit the communication to those services.

Hiding Your Computer on the Internet?
Without a firewall, on a typical computer, even if well maintained, a remote person will still be able to know that the communication effort has reached some computer, and perhaps some information about the operating system on that computer. If that computer is handled well, the remote user will not be able to get much more information from your computer, but might still be able to identify also who your ISP is, and might decide to invest further time in cracking into your computer.
With a firewall, you can set the firewall so that any communication effort from remote users (in the better firewalls you may define an exception list) will not be responded at all. This way the remote user will not be able to even know that it reached a live computer. This might discourage the remote attacker from investing further time in effort to crack into your computer.

The Non-Firewall Defenses

We've discussed a few situations where a personal firewall can provide defense. Yet, in many cases a computer maintainer can deal with those situations even without a firewall. Those "alternative" defenses, in many cases are recommended regardless of whether you use a firewall or not.

Remote Access Trojans?
The best way to defend against remote access Trojans (RATs) is to prevent them from being installed in the first place on your computer. A RAT should first infect your computer in order to start to listen to remote communication efforts. The infection techniques are very similar to the infection techniques that viruses use, and hence the defense against Trojan horses is similar to the defense against viruses. Trojan horses do not distribute themselves (although they might be companions of another Internet worm or virus that distributes them. Yet, because in most cases they do not distribute themselves, it is likely that you will get them from anonymous sources, such as instant messengers, Kazaa, IRC, or a newsgroup. adopting a suspicious policy regarding downloads from such places, will save you not only from viruses but also from getting infected with Trojan horses, including RATs. Because Trojan horses are similar in some ways to viruses, almost all antivirus programs can identify, block from being installed, and remove most of the Trojan horses, including all the common ones. There are also some programs (sometimes called antiTrojan programs) which specialize in the identification and removal of Trojan horses. For a list of those programs, and for comparison on how well different antivirus, and antiTrojan programs identify different Trojan horses, see Hackfix (http://www.hackfix.org), under "Software test results". Hackfix also has information on the more common RATS (such as the Netbus and the Subseven) and on how to remove them manually. There are some tools and web sites, such port scanners, and some ways with a use of more generic tools such as telnet, msconfig, and netstat, which may help you to identify a RAT.

Other types of Trojans and worms?
Also here your main interest should be to prevent them from infecting your computer in the first place, rather than blocking their communication. A good antivirus and a good policy regarding the prevention of virus infections, should be the first and most important defense.

Spyware and Adbots?
The term spyware is sometimes misleading. In my view, it is the responsibility of the adware developer to present the fact that the adware installation will install or use an independent adbots, and to provide the information on how this adbot communicates, and which information it delivers, in a fair place and manner before the adware is installed. It is also a responsibility to provide this information in their web sites, so that people will be aware of that before they even download the software. Yet, in general, those adbots do not pose any security threat, and in many cases also their privacy threat is negligible for many people (e.g. the computer with adbot number 1127533 has been exposed to advertisements a, b, c, such and such times, while using adware x, while on computer with adbot number 1127534 has been exposed to advertisements a,d, and e, such amount of time, with the use of adware y, and clicked on ads number d). It should be fully legitimate for software developers to offer an advertisement supported programs, and it is up to the user to decide whether the use of the program worth the ads and the adbot, or not. Preventing adbot from communicating is generally not a moral thing. If you decide to use an adware, you should pay the price of letting the adbot work. If you don't want it, please remove the adware, and only if for some reason the adbot continue to work even if no hosting adware that uses it is installed, you may remove the adbot. Anyway, there are some very useful tools to identify whether a program is a "spyware", or whether a "spyware" is installed on your computer, and you are certainly entitled to this information. Two useful programs are "AdAware" which identifies "spyware" components on your computer and allows you to remove them, and Ad-Search which allows you to provide a name of a program, and it tells you whether this program is a "spyware" and which adbot it uses. It is useful to assist you in choosing whether to install a program or not. You may find those programs in http://www.lavasoft.nu (or, if it doesn't work, you may try http://www.lavasoftusa.com). Those programs are useful, mainly because many adware developers are not fair enough to present this information in a fair manner. AdAware allows you to also remove those adbot components from your computer. This might, however, terminate your license to use the hosting adware programs, and might even cause them to stop functioning. A website which offers to check whether a specific program that you wish to install is "spyware" or not, is http://www.spychecker.com .

Blocking Advertisements?
Leaving aside the moral aspect of blocking advertisements, a personal firewall is not the best tool for that anyway. This is not the main purpose of a firewall, and neither its main strength. Some of them can block some of the advertisements from being downloaded, if you know how to configure them for that. Yet, there are better tools for that, such as Proxomitron (http://www.proxomitron.org), CookieCop 2 (search for the word cookiecop on http://www.pcmag.com), or Naviscope (http://www.naviscope.com), and there are many other programs as well. You may check for other alternatives, e.g. in Tucows (http://www.tucows.com/adkiller95.html).

Blocking Tracking Sites?
Also here, a personal firewall is not the best tool for that, and there are other tools and ways which are more effective. These are cookie utilities. Since a tracking site uses a cookie to identify and relate the information gathered to the same person (or computer), by preventing the cookie from being installed. The tracking site will lose its ability to track things. There are plenty of cookie management utilities. Some of them are freeware, and some are not. CookieCop which was mentioned in the former section is one of them. WebWasher (http://www.webwasher.com) is another recommended one, and there are plenty of other alternatives such as cookie-crusher, cookie-pal, pop-up killer, etc. You may search for other alternatives, in Tucows (http://www.tucows.com/cookie95.html).

NetBIOS and Other Services?
The NetBIOS over TCP/IP (NBT) which is sometimes loosely called "NetBIOS", is a service which has some security problems with it. It is enabled by default in Windows default installations, and it is very common to see that a firewall does the job of preventing the efforts to get access to your computer via NBT. Yet, in almost all cases, this service is not needed, and thus can be disabled. To disable NBT in Win95/98/ME is not as simple as it is in Win2K/XP, but can still be done reliably. We explain how to do this in another article (#to be written soon). It is needless to say, that if NBT is disabled, there is no need for a firewall to block communication to it. Also, in the case of other services, such as RPC services, and others, in many cases you simply don't need those services and better disable them from within Windows rather than use the firewall to block them. There are various ways to know which services are running on your computer, and which of them are listening for communications from the outside. If there are ones that you don't need, they should be disabled.

Hiding the Computer?
In web sites of many personal firewall companies, they are putting a lot of weight on the ability of their firewall to hide the computer on the Internet. Yet, exposing your home computer on the Internet is by itself, neither a security nor a privacy threat. If you provide some services to the Internet on your computer, for example, you put a web server on your computer to allow other people to view web pages, then you might get rid of some of the crackers, by setting your firewall to unhide only this type of communications. Some attackers will not make a full scan of your computer, but only a partial scan, and if they did not scan for the specific service that you provided, they will not see your computer. Yet, if the service is a common one, there is a good chance for many of them to scan it and thus find the existence of your computer. If they "see" the existence of your computer, they might decide to scan it further, and find out the services you are providing, and scan it for security holes to use. Yet, there is no much meaning to it when we speak about simple home computers.

What a Firewall Cannot Do!

Another misconception about personal firewalls is that they are incorrectly thought as if they claim to give an overall protection against "hackers" (i.e. intrusions). They are not.

Defense Against Exploitation of Security Holes
A firewall can allow or deny access to your computer or from your computer according to the type of communication, its source and destination, and according to the question which program on your computer is handling the communication. Yet, its ability to understand the details of the communication is very limited. For example, you may set the firewall to allow or to deny your e-mail program from getting and/or sending messages. It may allow or deny your web browser from browsing the Internet. But if you allowed your e-mail program to communicate with the e-mail servers for sending and receiving messages, (and you are likely to allow it if you want to use your e-mail program), or if you set the firewall to allow your web browser to communicate with web sites, the firewall will not be able to understand the content of the communication much further, and if your web browser has a security hole, and some remote site will try to exploit it, your firewall will not be able to make a distinction between the communication that exploits the security hole, and legitimate communication. The same principle goes with e-mail program. A personal firewall may block you from receiving or sending e-mail messages, but if you allowed it to receive messages, the personal firewall will not make a distinction between a legitimate message and a non-legitimate one (such as a one that carries a virus or a Trojan horse). Security holes in legitimate programs can be exploited and a personal firewall can do practically nothing about it.
I should comment, however, that some personal firewalls come combined with some Trojan horse detection, or intrusion detection. This is not part of the classical definition of a firewall, but it might be useful. Such tasks are usually taken by other tools such as antivirus programs or antiTrojan programs.

Tricks to Bypass or Disable Personal Firewalls
There are also various ways to disable, or bypass personal firewalls. During the time a few tricks to bypass or disable were demonstrated by various programs. Especially, tricks for an internal program to communicate with the outside bypassing or tricking the firewall. For some of them such as the one demonstrated by the Leaktest, and in which a non-legitimate program disguises itself as Internet Explorer, practically today, all personal firewalls are immuned. For other tricks, such as a one demonstrated by Outbound, which uses some non-standard type of communication directly to the network adapters bypassing the components of the operating system which are suppose to deal with Internet communication, and by that bypassing the firewall, are only now being patched against by the various firewalls, and yet other methods, such as the one demonstrated by Tooleaky, which uses Internet Explorer as a messenger to communicate with the outside, and is thus identified as a mere legitimate browsing, are still waiting for most of the personal firewall to find a fix.

Firewalls CANNOT Decide for You What is a Legitimate Communication and What is Not

One of the main problems with personal firewalls, is that you cannot simply install them and forget them, counting on them to do their job. They can deny or permit various types of communications according to some criteria, but what is this criteria, and who decides what is the criteria for whether they should permit or deny some communication?

The answer, is that it is the computer user's job to define the exact criteria when the firewall should allow a communication and when it should block it. The firewall may make it easier for you, but it should not take the decisions. There are too many programs, too many versions, and it is not possible for the firewall to decide accurately when a communication is legitimate and when it is not. One person might think that it is legitimate for some program to deliver some information to the outside in order to get some service, while another will think that it is not. One version of a program might communicate with its home server in order to check whether there is an upgrade, and another version might also install the upgrade even if you do not wish. Some firewalls will try to identify communication efforts which are largely considered as legitimate, and will let you the information so that it will be easier for you to decide whether such should be allowed. Others will suffice with more basic information, making no suggestions (and thus - no incorrect recommendations). One way or another, once you installed a firewall, you will have better means to understand what types of communications are running on your computer, but you will also have to understand them in order to be able to configure your firewall so that it will correctly know which communications to allow and which to block.

Common Problems and Deficiencies Regarding Personal Firewalls

A personal firewall might be a good contribution to security. Yet, if you do not understand much about the topic, then you are likely to be confused and misled by its alerts and queries, and thus find yourself spending hours in chasing after imaginary crackers, fear from imaginary threats, and misconfigure it due to misunderstanding. You may find yourself blocking legitimate and important communication believing it to be cracking efforts, and thus surprised to see why things work slowly or why you are disconnected from the Internet, or you might be misled to allow a non-legitimate communication by some software that tricked you to believe that it is a legitimate one. On the other side, if you are quite knowledgeable on computers and security, then you are likely to effectively defend your computer even without a firewall (by means discussed in section II.4) and it is thus that the role of personal firewall in securing your computer, is extremely small and not much important. We discuss here in brief some of the problems that personal firewalls may generate.

A False Sense of Security

As we've already learned here, a firewall is limited in its ability to secure your computer. Yet, many people believe that if they will install a personal firewall they will be secured against the various security threats. I was even surprised to find out that there are people who believe that give much higher priority in installing a personal firewall than in installing an antivirus program. An always updated antivirus program plays a much more important role in the security of a personal home computer than installing and maintaining a personal firewall. A personal firewall should not come on account of any other security measure that you use.

A False Sense of Insecurity

When you install a firewall and you look at all the communication efforts through it, you might be surprised at the amount of communication efforts from the Internet to your computer. Most of them are blocked by a typically configured firewall. There are all the times efforts to try to communicate with various backdoor Trojans on your computers. If you are not infected, there will be nothing to listen and to respond to those communication efforts, and they are thus practically harmless. There are efforts to communicate with your NBT driver, to see if your computer by mistake allows file sharing. There are other types of probes to see if your computer exists, or various efforts of servers to probe your computer in order to find the best path for legitimate communication to it. There are sometimes remnants of communications that were supposed to go to other computers, but made their way to yours (for advanced readers: because the IP number that your computer uses, were used by some other computer earlier). Those communication efforts are blocked even without a firewall. If your computer is not infected with a RAT, and if your computer don't have NetBIOS over TCP/IP enabled or even it does not have file and print sharing enabled (and on most computers this is disabled by default), then none of these pose any security threat. If your computer is not infected with a SubSeven Trojan, then no matter how often there will be efforts to communicate with it, they are all doomed to be failed.
Yet, some personal firewall (such as Norton Personal Firewall or ZoneAlarm) by default proudly announce that they have just blocked an effort to crack into your computer. Norton may even define those efforts that were blocked as "high security threats" while they were not a threat at all even if your computer didn't have a personal firewall at all. Such firewalls give you the false impression that they save your computer again and again from extremely dangerous threats on the Internet, so that you wonder how did you survive so much time without noticing any intrusion before you installed the firewall. I usually say, that those personal firewalls are set their "report level" to "promotional mode". Namely, the personal firewall is set to give you the false impression that it is much more important than it really is.

Chasing After Ghosts

This is a side effect of the types of misunderstandings that were discussed in the previous subsection.
When a person who starts to learn about the jargon related to personal firewalls, is reported that some "dangerous" communication efforts persist from the same source, the person is decisive to locate and identify the "hacker", and perhaps report about it to the police or to its Internet service provider. However, since many people do not really understand thoroughly how things work, they may sometimes spend many hours in trying to locate a cracker that does not exist, or when the knowledge they need to have, in order to track the cracker, is much higher than what they have, and they might even suspect the wrong person due to lack of knowledge (e.g. the connection person on the Internet service provider that was used by the cracker). More knowledgeable people, usually do not bother to track those "hackers" (which are usually teenagers), but instead are concentrating on the security of their computer.

Blocking Legitimate Communications

No personal firewall is smart enough to decide for the user what is a legitimate communication and what is not. A personal firewall cannot make a distinction between a legitimate program trying to contact its server to check and notify the user when there is a newer version, and a non-legitimate program trying to communicate with its server in order deliver sensitive information such as passwords, unless the user tells it. It is thus up to the user to decide what should be considered as legitimate and what should not. Yet, can we count on the user to be knowledgeable enough to decide what is legitimate and what is not? In many cases the user is not knowledgeable enough, and may thus allow non-legitimate communication or disallow a legitimate and important communication. There are many types of communications handled just to manage other communications. Among this are various types of communications between your computer and the various servers of your Internet service provider. A not knowledgeable user may interpret those types of communications as cracking efforts, and will thus decide to block them. As a result, a connection might become slower, a connection to the Internet service provider might be disconnected quiet often and other types of communication problems.

Being Tricked by Trojans bbb

Just as less knowledgeable users may instruct the firewall to block legitimate communications, they can be tricked by various Trojans to allow them to communicate. Some Trojans are using names resembling or identical to names of legitimate programs, so that the user would think that it is a legitimate programs. Users should be aware of that.

Heavy Software, Buggy Software

Until now we discussed only problems related to lack of appropriate knowledge by the user. Yet, there are other problems regarding personal firewalls. For example, some of them are known to be quite heavy on computer resources, or slow down the communication speed. Different personal firewalls quite vary with regard to that. If you have a new computer with a slow Internet communication (such as regular dial-up networking) then it might not slow down your computer noticeably. Yet, if you use an older computer, and a fast communication, you might find that some personal firewalls will slow down your communication quite drastically. Personal firewalls also vary on how much they are stable.

Advantages of External Firewalls over Personal Firewalls

1. They do not take resources from the computer. This should be clear. This is especially useful when the firewall blocks flooding attacks.
2. It is harder (although in principle still possible) for a Trojan horse to disable it, because it does not reside in the same computer that the Trojan has infected. It is not possible to use the specific communication while totally bypassing the firewall.
3. They can be used without any dependence on the operating system on the computer(s) they defend.
4. No instability problems.