Satellite TV has revolutionized the entertainment world by empowering users to enjoy TV as per their tastes and requirements. With the click of a button, a user can enjoy access to entertainment, news, sports and all kinds of. More and more people prefer satellite TV connection against traditional cable TV but even then some myths continue to plague this revolutionary technology.


Here are some of the popular myths related to satellite TV which this article attempts to bust:

Myth #1: Consumers have unlimited programming choices with satellite TV as compared to digital cable.

Fact: This is partially true as a subscriber gets to enjoy more channels than a digital cable, but it is not unlimited. With a satellite Internet connection, a subscriber can enjoy up to 260 channels of TV and music which means more value for their money.

Plus, they can also have access to many more movie and news channels available at the touch of a button. Apart from the vast amount of channel selections, there are many channels that can be accessed on demand which is something not possible with digital cable TV connection.

Myth #2: Satellite TV is more expensive than cable TV.

Fact: When you compare satellite TV to its cable counterpart, you will automatically notice a difference in the price factor. The amount of channels you get to enjoy with a satellite TV is much more as compared to cable TV. The harsh reality of satellite is that there are some added costs such as a one time installation fee for equipment, some service charges and so on asked by Satellite TV providers. But when you look at the benefits and extra features that come bundled with the connection, the price evens out.

Myth #3: Cable companies raise prices more than satellite TV companies

Fact: Both the cable TV companies and Satellite TV companies increase prices of their services depending upon the demand and market trends. But when there is a hike in prices, satellite TV providers, be it Dish Network TV or other satellite TV channels, ensure that the quality remains unhampered. Plus, they provide added features to keep their customers happy.

Myth #4: Satellite TV has less reliability and picture quality than Cable TV

Fact: Satellite TV subscribers get to enjoy high quality TV picture quality even during bad weather condition. Apart from that, a satellite internet connection is backed by service technicians of Satellite TV providers who are just a single call away and located in your neighborhood.

Myth#5: Satellite TV is not easy to install

Fact: Installation of satellite dishes is time consuming but not tough. Moreover the installation is taken care of by the satellite TV providers and subscribers don’t need to worry about it.

When one orders a new satellite TV connection, say a dish network TV connection or any other, it is installed by the professionals from the service providers itself. After installation, the service staff also gives a demo to the user on how to use the TV connection.

All these myths are misconceptions of people related to satellite TV. Forget these myths and get a satellite TV connection to see the difference yourself.

Author:-RON TAYLOR

Financial institutions are using technology to improve the quality of services being offered. LCD screens are prime contributors to quality improvement and improving the overall "look and feel" of various financial institutions like banks and stock markets trading centres.

For example, ICICI Bank in India is using LCD monitors to showcase the bank products and to show the token number for waiting clients, all on the same screen. New York Stock Exchange is using LCD Information Display screens to show stock information and news. The screens provide a clear, continuously updated status list of stock prices, currency exchange rates and other financial information

Financial institutions are also using LCD screen for security purposes where multiple security images are seen on one large screen to give a full panoramic picture of the activities happening in a bank branch or other financial institution.

When buying LCD screens financial institutions are purchasing LCD Information Displays and not LCD TVs. Below please find an analysis of why financial institutions are buying LCD Information Display and what they consider when purchasing theses screen.

What to Consider When Purchasing these LCD Screens for Financial Institutions?

LCD Screen Price: Price is always important however financial institutions are increasingly evaluating the Total Cost of Ownership. Even though LCD TVs are cheaper, their life span can be shorter, especially if operated for extended number of hours in a day. TVs unlike displays are meant for limited number of hour viewing unlike LCD information display that are meant for 24x7 operations.

Ruggedness and Extended Operation Capability: LCD Information Displays unlike LCD TVs are fan-less closed box units. As a result it is harder for dust and other contaminants to penetrate the box. Further LCD informational displays are made for 24x7 operations while LCD TVs are made for limited viewing. Ruggedness and life of the LCD screen is very important to reduce failures of the LCD screens. For financial institution operations where failure of a screen can create significant inconvenience or loss of business, it does not make sense to risk using a LCD TV.

LCD Network Capability: Please make sure that the LCD screen features RS-232 and LAN network connectivity. The network connectivity enables remote monitoring of diverse LCD screens. You can also set alarms if an LCD screen is switched off or not working. Remote monitoring of power and other controls can also be done easily. For example, incase there is no signal, a power save mode can be activated to reduce the brightness of the LCD backlight by activating an energy saving feature.

Picture Quality: Most large LCDs are high definition. High definition LCDs offers better picture resolution, contrast ratio, brightness, colour reproduction and fast response time which results in enhanced picture clarity. High definition, brightness and contrast ratio are vital features for LCDs to have in financial sectors as they have crucial pricing information and other related details. Further, the non glare feature of LCDs allows for easy viewing in ambient light or where there is background light being reflected on the screen. Most new LCDs have 176° viewing angle, making it easy for viewing. Check viewing details to ensure that it meets your quality requirements.

New LCD screen features are continuously emerging in order to attract the prospective users on a large scale. You can read other related articles in order to make the right decision for your LCD purchase.

Author:-SHWETA SHARMA

Parking sensors are becoming popular on an extremely rapid pace. The reason behind this popularity is the outstanding benefits that are associated with these parking sensors. Without having these parking sensors, it is extremely easy to damage your car by not seeing what is going behind your car.

To avoid any types of problems at the time of reversing or parking your car, you must never overlook the need and importance of installing parking sensors in your car. IF you still don’t know why you must opt for these sensors, you must consider following few benefits of this technological masterpiece.

• In today's world, it is not hard to face such situations where you have to park your car in congested parking lots. In this case, it is so easy to damage your car by parking amongst so many other cars. Parking sensors however can be your savior. They let you determine the distance between your car and the other objects so that you may stop your car right in time. What it means is that safety is the very first benefit of parking sensors.

• The other benefit is just related to the first one. As mentioned, the scene of a parking lot loaded with cars is becoming more common and in this situation it is essential to make use of small parking spaces. But, you just can not afford to do so in case you don’t have parking sensors as they allow you to find your way even amongst the so many cars. So, the other big benefit of parking sensors is the facility of parking your car in different angles without denting your car.

• A wonderful range of sensors are now available for you to install them on your car, trucks or RV. Availability of sensors for large vehicles can reduce the percentage of accidents by 75% and that’s another benefit of these sensors, not only for the driver but also for other travelers.

These are only few of the most basic benefits of installing parking sensors in your car but you will see many others soon after obtaining the services of these sensors. Here, it is also important to mention that if you think that these parking sensors are extremely expensive, you are totally wrong. There are several nice companies offering sensors based on innovative and latest technology at extremely competitive rates.

So, if you love your car, you must think about buying these sensors. You must always remember that these sensors can not only save your car from getting damaged but they can also help you to stay away from serious accidents. Most of these accidents take place while reversing your car and that’s when parking sensors can help a lot. But, if you are interested in foolproof safety, you must consider installing a reversing camera along with parking sensors to keep a close eye on what is going behind your car.

Author:-SAM LOYAL

Encrypted hard drive products are not new but encrypted data carrying devices are yet not very common. Lately, Bull Information Systems has unveiled a portable device designed globally to carry data, and even a self-contained work environment, while on the move. Bull’s 60GB digital vault with built-in AES encryption will be available from next month. Globally will be on display at the Info Security Europe 2009 exhibition in London from April 28 to 30, 2009. Globally is about the size of a PDA and features a small touch-screen display for user authentication. It contains a 60GB hard drive protected by a built-in security chip developed by Bull, which provides 256-bit AES encryption.

Globally enables users to access files by connecting it to the USB port of any Windows or Linux computer. It also supports a client virtualization environment in a protected partition of the disk, allowing workers to access a complete self-contained work environment,according to Bull.

Globule’s touch-screen interface avoids the need to type an access Pin into a computer in order to authenticate the user, so it cannot be intercepted by any lurking malware. The built-in security chip also offloads all encryption processing from the host computer. Centralized administration tools enable large numbers of Global devices to be configured and tracked.

Bull Information Systems has unveiled a portable device designed globally to carry data, and even a self-contained work environment, while on the move.

Bull Information Systems 1 of the valuable contribution in shape of carry data device to serve the nations. Comfortable handling data device along with friendly user environment increase its worth as well as become smart to serve the users.

Author:-TECHNO STATION

Be smart with your home security and install a wireless home security system. Wireless systems are easier than you think to install yourself so will save you time and money.

Making the decision to install a wireless home security system is one of the most sensible home improvements you will make. To protect your home and family from burglary is more or less a necessity in today’s economic climate as more and more people are carrying out law-breaking activities – just to put a meal on the table. Don’t be the next victim of crime and act now before it’s too late.

The main great advantage of a wireless alarm system is that you don’t need a professional alarm installer to carry out the installation work. It is a task that any reasonable, competent DIY enthusiast can carry out without any difficulty. All wireless systems come with setup instructions to ensure the correct installation – you can’t really go wrong.

The key to the correct alarm installation is planning. It is important to decide where the various components of the wireless alarm system will be situated. The main elements of an alarm system are the control panel, siren/sounder and the selection of different wireless sensors that are used to detect and trigger an alarm condition. The control panel needs to be situated close to the main entry/exit door of your property for easy access to arm/disarm the system via the control panel’s keypad (although this is not such an issue these days with the introduction of wireless feyfobs).

Next decide a suitable position for the siren/sounder unit on the outside of your property. Some people prefer it hidden from view as not to spoil the appearance of their property but most like the unit to be prominent and on view, so that the burglar can see the house has a burglar alarm system making them think twice about breaking in. Be sure to install the siren/sounder unit high up and out of the burglars reach so that it cannot be tampered with.

The final consideration in the planning process is the placement of the various wireless sensors that come with the wireless alarm kit. The main types of sensor are door/window magnetic sensor and PIR movement detector sensor although there are several other types that could be considered too. Make sure all exterior doors have magnetic sensors attached to them both upstairs and downstairs. There will be a delay door sensor in the kit so be sure this is installed on the main entry/exit door of your property. Install the PIR movement detectors in all rooms where you have the most valuable items. Ideally all rooms in your house should have a PIR detector but only concentrate on one or two rooms in the first instance. The beauty of a wireless system is that it is easily expandable – so you can add sensors at a later date with no trouble yourself – no need to call the installers back in.

Of course once you have planned and decided how many wireless sensors you need, make sure you purchase a suitable system that accommodates the number of sensors you require. Also make sure the system is further expandable beyond your current requirements – you may want to add additional sensors for your garage or shed or add on smoke alarms or carbon monoxide detectors.

Author:-ANDY JONES

Digital picture frames are a growing category of consumer electronic devices and people choose to replace their traditional static picture frames with dynamic digital frames that show off their digital pictures in homes, offices, and public places. Manufacturers of all types are now producing digital photo frames of all types and endless features, and one such brand that has quickly made a name in the market is Smartparts. Smartparts digital picture frames come in various types and sizes, mostly in the Optipix and Syncpix product lines, each with key features to consider.

The Syncpix line of Smartparts LCD frames is a more recent product line, and the key feature of these digital frames is the Syncpix software that runs directly on the frame. A key aspect to digital photo frames is transferring them from your camera to your computer and to your frame. The Syncpix software attempts to allow users to eliminate this step by enabling you to plug your memory card directly from your camera to your frame, and allowing you to perform all required steps of preparing a digital photo for display (for example, resizing, organizing into albums) directly on the frame itself. New versions of the Syncpix software can be downloaded from the Smartparts website which keeps it fresh with features. This is a not a mandatory approach, i.e. you can still manage your photos on you computer if you want and transfer them to your photo like you would with most frames, but the Syncpix approach is an interesting one.

Smartparts other main product line of digital photo frames are its Optipix digital frames. This wide range of digital frame sizes and models offer several great offerings. These frames will display digital pictures in crisp, clear colors, allow for various slideshow features, and generally will allow you to display other media such as video and music (great for adding background to your slideshows). As opposed to the Syncpix frames, Smartparts Optipix digital photo frames come with software that runs on your computer, which is used to manage your pictures before transferring them to a memory device that can be used with your Smartparts digital frame.

Regardless of the line of frames you choose, Optipix, Syncpix, or the other Smartparts family of frames, Smartparts gives you a choice of a variety of sizes. Smartparts has good choices in 5-inch, 7-inch, 8-inch, 10-inch, 11-inch, and 12-inch digital frames. You’ll soon ever hear about its groundbreaking 32-inch digital frame, thought to be the biggest yet on the market, and likely to be used for commercial uses like marketing and display (much like you see LCD TVs used in lobbies and restaurants).

Once you decide on a size, the other key features to consider are screen resolution, internal memory, and memory card ports. Screen resolution is closely tied to your screen size, but in general you’ll be safe choosing a Smartparts frame in that they provide an optimal resolution for the size of digital frame screen. This ensures your pictures appear with high quality and clarity. For example, their 8-inch frames are mostly 800 x 600 or 800 x 480 resolution which is great for most uses.

Internal memory defines whether or not you can store pictures directly on your frame, or if you’ll have to rely on a memory card connected to the frame. This varies on Smartparts frames, but for example many of the Syncpix frames come with 256MB internal memory which can store a few thousand pictures (depending on resolution) directly on the frame. Frames without internal memory require you to insert a memory device to the frame (usually a memory card or USB flash device). There are several types of memory cards and Smartparts does a good job supporting various types, and gives you multiple ports for connecting more than one card at a time (also useful for transferring from one device to another).

Another feature not totally unique to Smartparts, but certainly not standard in today’s digital photo albums is the remote control that comes with many Smartparts frames. Also look for an auto on/off capability - why should a frame be on when no one is in the room? This is a good for conserving energy. Some Smartparts frames do this with a motion sensor. Other features found on Smartparts digital frames: internal speakers, digital clock, and built-in alarms.

Digital picture frames are clearly changing how we display pictures. For those in the market for one of these new devices, considering a Smartparts digital picture frame is likely a wise choice.

Author:-GLEN VANLANDING

The Cisco ASA 5505 Firewall is the smallest model in the new 5500 Cisco series of hardware appliances. Although this model is suitable for small businesses, branch offices or even home use, its firewall security capabilities are the same as the biggest models (5510, 5520, 5540 etc). The Adaptive Security technology of the ASA firewalls offers solid and reliable firewall protection, advanced application aware security, denial of service attack protection and much more. Moreover, the performance of the ASA 5505 appliance supports 150Mbps firewall throughput and 4000 firewall connections per second, which is more than enough for small networks.

In this article I will explain the basic configuration steps needed to setup a Cisco 5505 ASA firewall for connecting a small network to the Internet. We assume that our ISP has assigned us a static public IP address (e.g 200.200.200.1 as an example) and that our internal network range is 192.168.1.0/24. We will use Port Address Translation (PAT) to translate our internal IP addresses to the public address of the outside interface. The difference of the 5505 model from the bigger ASA models is that it has an 8-port 10/100 switch which acts as Layer 2 only. That is, you can not configure the physical ports as Layer 3 ports, rather you have to create interface Vlans and assign the Layer 2 interfaces in each VLAN. By default, interface Ethernet0/0 is assigned to VLAN 2 and it's the outside interface (the one which connects to the Internet), and the other 7 interfaces (Ethernet0/1 to 0/7) are assigned by default to VLAN 1 and are used for connecting to the internal network. Let's see the basic configuration setup of the most important steps that you need to configure.

Step1: Configure the internal interface vlan
------------------------------------------------------
ASA5505(config)# interface Vlan 1
ASA5505(config-if)# nameif inside
ASA5505(config-if)# security-level 100
ASA5505(config-if)# ip address 192.168.1.1 255.255.255.0
ASA5505(config-if)# no shut

Step 2: Configure the external interface vlan (connected to Internet)
-------------------------------------------------------------------------------------
ASA5505(config)# interface Vlan 2
ASA5505(config-if)# nameif outside
ASA5505(config-if)# security-level 0
ASA5505(config-if)# ip address 200.200.200.1 255.255.255.0
ASA5505(config-if)# no shut

Step 3: Assign Ethernet 0/0 to Vlan 2
-------------------------------------------------
ASA5505(config)# interface Ethernet0/0
ASA5505(config-if)# switchport access vlan 2
ASA5505(config-if)# no shut

Step 4: Enable the rest interfaces with no shut
--------------------------------------------------
ASA5505(config)# interface Ethernet0/1
ASA5505(config-if)# no shut

Do the same for Ethernet0/1 to 0/7.

Step 5: Configure PAT on the outside interface
-----------------------------------------------------
ASA5505(config)# global (outside) 1 interface
ASA5505(config)# nat (inside) 1 0.0.0.0 0.0.0.0

Step 6: Configure default route towards the ISP (assume default gateway is 200.200.200.2)
---------------------------------------------------------------------------------------
ASA5505(config)# route outside 0.0.0.0 0.0.0.0 200.200.200.2 1

The above steps are the absolutely necessary steps you need to configure for making the Cisco ASA 5505 appliance operational. Of course there are much more configuration details that you need to implement in order to enhance the security and functionality of your appliance, such as Access Control Lists, Static NAT, DHCP, DMZ zones, authentication, IPSEC VPN etc.

Author:-HARRIS ANDREA

There has been some 25 software coding errors that helped the Cyber criminals helped them to have access the site and accounts to nearly 1.5 million security breaches.

The SANS Institute in Maryland said that in 2008, just two of the errors led to more than 1.5m web site security breaches.

The organisations, which helped making the list, include the US National Security Agency, the Department of Homeland Security, Microsoft, and Symantec published the document.

"The top 25 list gives developers a minimum set of coding errors that must be eradicated before software is used by customers," the BBC quoted Chris Wysopal, chief technology officer with Veracode.

SANS director, Mason Brown said: "There appears to be broad agreement on the programming errors. Now it is time to fix them. We need to make sure every programmer knows how to write code that is free of the top 25 errors."

While, most of the earlier advice focused on vulnerabilities that could have originated from programming errors, the 25 list examines the actual programming errors themselves.

The 25 Most Dangerous Programming Errors are:


CWE-116:Improper Encoding or Escaping of Output

CWE-89:Failure to Preserve SQL Query Structure

CWE-20:Improper Input Validation

CWE-79:Failure to Preserve Web Page Structure

CWE-78:Failure to Preserve OS Command Structure

CWE-319:Cleartext Transmission of Sensitive Information

CWE-352:Cross-Site Request Forgery

CWE-362:Race Condition

CWE-209:Error Message Information Leak

CWE-119:Failure to Constrain Operations within the Bounds of a Memory Buffer

CWE-642:External Control of Critical State Data

CWE-73:External Control of File Name or Path

CWE-665:Improper Initialization

CWE-426:Untrusted Search Path

CWE-94:Failure to Control Generation of Code

CWE-494:Download of Code Without Integrity Check

CWE-404:Improper Resource Shutdown or Release

CWE-682:Incorrect Calculation

CWE-285:Improper Access Control

CWE-327:Use of a Broken or Risky Cryptographic Algorithm

CWE-259:Hard-Coded Password

CWE-732:Insecure Permission Assignment for Critical Resource

CWE-330:Use of Insufficiently Random Values

CWE-250:Execution with Unnecessary Privileges

CWE-602:Client-Side Enforcement of Server-Side Security (ANI)

This List is produced by National Security Agency (NSA) and 30 other organisations to put forward the flaws.

MergePDF, like what the name suggests, is an online tool that you can use to merge PDF Documents into a single file. If you have multiple, small sized PDF documents that you want combined, you might want to try using this tool.

For each process, you are allowed to merge up to 10 PDFs with sizes not exceeding 5MB. If you think that the file size limit is rather small, you’ll have to do it using desktop applicatons such as Acrobat PRO or some other PDF related desktop software. If you’re merging large files, then most probably you don’t want them to be lurking around the internet anyway. Even if MergePDF stated that the files that are uploaded are removed right after the merge process is completed.

The only thing that is not safe in itself is the data transfer as we are not transferring through SSL. If our users send us an email requesting SSL, we will happily address that and provide upload over https.

This is a neat and simple tool for doing a simple task and it won’t cost you anything. It merges PDFs, no manipulating no editing,that’s as simple as it gets

OK, so might already know one or two of these tips and shortcuts to improving your iPhone experience, but hopefully a few of these following pointers will be news to you. Print out the list and give 'em a try, and feel free to post your own to the comments section.

Some of these iPhone tricks were revealed in a recent sit-down chat with Bob Borchers, senior product executive at Apple.



1. Two ways to save images
You're surfing the Internet in Safari and stumble upon a photo you'd like to save. Simply press and hold on a photo when on a website and you'll be prompted with a menu asked if you'd like to "Save Image." Once the photo is saved, you can view it offline, email it or set it as wallpaper.

On a related note, if you want to take a screenshot of a website or application, press down on the Home button and tap the Sleep button. You'll hear the camera click, see a white flash and the screenshot will be saved.

2. Oh those magic headphones
Those trendy white earbuds do more than you might realize. The iPhone's headphones have a small button on the microphone and it performs multiple functions. For example, press once to start the iPod and begin playing a song. Press again to pause the track or double-tap to skip to the next song.

If a call comes in, press the button once to answer or double-tap to send the call right to voicemail. During a call, press once to hang up.

3. Browser tricks
Want to know an easy way to scroll to the top of a website in Safari? Simply tap at the top of the phone screen, where the time, battery and signal bars are. Doing this works in most applications, but in Safari it also brings up the URL to type in a new website.

If your preferred search engine is set to Google in Safari you don't need type in the "www" and ".com" for many websites. For example, simply type "usatoday" (without the quotes) in the URL window. If you need to type a domain suffix (e.g. ".net"), press and hold the ".com" button for ".net," ".edu," ".org" shortcut keys and use your finger to slide between them.


4. No place like Home
There are many uses for that circular Home button, located in the center and bottom of your iPhone. If you've got ten pages of applications to peruse through, you can quickly go back to the first page by pressing the Home button once (here's where you should drag and drop your most used apps). By the way, you can also tap the bottom left or right corners of the screen to switch between pages instead of swiping your finger across.

Double-tapping the Home button brings up your phone's Favorites screen, where you can list the people you call the most. If you prefer, edit the Home button's function in Settings so when you double-tap the Home button it takes you right to your music playlists.


5. Little-known email tips
You can delete unwanted emails en masse rather than deleting one at a time. In your Inbox, simply click the Edit button and check off the emails you want to delete with your finger and then choose Delete. Otherwise, to delete a single email, simply swipe the email sideways and you'll see the red "Delete" button option.

One of the biggest issues iPhone users have is typing an email on the "soft keyboard" with the email's vertical screen layout. But there are a handful of free App Store downloads, such as EasyWriter, that can resolve this by letting you hold the phone horizontally (landscape view) and thus offering a wider keyboard with bigger buttons

Table of contents:
1.Introduction
2.Getting the program
3.Running the Scan
4.Finding the vulnerabilities
5.Understanding the program
6.Exploitation
7.Getting the Tables
8.Leaving your message


Disclaimer:
We by no means encourage or take responsibility of the tutorial of this program. Blah blah blah...don't do anything stupid guys.


Introduction:
Welcome to my second article, in this article basically we will be looking at the program: MySQLi Dumper, which is a SQL vulnerability Scanner
, that deals with the dumping of data through SQL injection. Now it has only been recently that i have discovered the uses of having a SQL scanner, and i have still not yet mastered it or configured it to a wider range of exploits. However, i had to spread the word.
Basically the role of a scanner is to use search engine's results (Google/Yahoo) to find pages that have queries that may be vulnerable. In this article, my goal is to basically run you through how to use MySQLi and also run through a bit of the theory behind the exploit/attack.

Getting the Program:
Before we begin scanning any sites, we must first all have our own copies of the program. To get the program, all we have to do is download it from this site: Click Me
Once u have it downloaded, extract the files and save it to a safe and secure folder and open the program.


Running the Scan:
Okay, well now you should have to program open and on the page you should see essentially a blank page, which at the top has a set of tabs:

- Scanner
- Num.Blind
- Dump MySQL
- ETC


Logically, if we are to have any chance of finding an exploit, we must first have our archive of possible, vulnerable sites. Hence, we come to the scanner tab.
This tab basically allows us to put in which criteria we want to scan for, and from what search engine we are going to do it from.
So for this example we are going to be searching for pages with SQL based queries. This is going to be our first search type:
Click Me

Here we have the following criteria:

- URL has ".php?newsid="
- From Google
- Timeout of 5 seconds (increase this if your internet is slow and vice versa)
- Results of 100pages


Once, we have our settings dialed right, we have to click "Start Scann SQLi" and away we go.

/* on a side note, you can change these values for different sites *\

Finding the Vulnerabilities:
Now comes the beauty of this program, the ability to inject chosen SQL into the archive to find a vulnerability.
- To get there click on the Vuln.SQLi tab
- Configure your settings to that of your internet standards.
- Also there is now a SQL injection drop down box, you can configure that to determine which SQL injection you want to produce the errors.
Now all you do is click Start Scan.

Understanding the program:
Now with all programs like these, it is essentially very easy to know the process of running the application, without actually knowing the theory of how the program is working.
When scanning for vulnerable sites, the program injects code into the database that will output an error.
A very common (and default) way of returning an error is to input something that is essentially incorrect.
A MYSQL page for example uses SQL queries to search a given database for given results. Now if we were to input an error after this, the database would return an error, and if the page is vulnerable, will also return that error.
In the SQL injection part of the Vuln.SQLi tab, we will find the default SQL injection as being:

CODE :
+and+0=1+union+select+


What this does is input corrupt data into the database and hope for a result.

CODE :
An example: www.vulnsite.com/index.php?id=0


Now this site has a PHP query for the variable id.
If we were to inject arbitrary code after it, we could possibly output and error and we would know we may exploit it.

So for hypothetical sake, we input the following:

CODE :
www.vulnsite.come/index.php?id=0+AND+0=1+UNION+SELECT+


And the page outputs an error, we know we have a probable:

CODE :
mysql_num_rows() line 255


Exploitation:
Alright, now at this point, we should have a list of vulnerable sites, and we now need to see if they are exploitable.
So, once we have these pages we copy and paste our first page, and we go to the "Num.Blind Tab".
Now we should have pasted the page into the main form and click GET.
Page should look like this:
Click Me

Now part of this exploitation is searching through errors to see when they disappear or when the error no longer applies. So the program will guide us through this process with the GET PAGE button.

OK to get started I'll make easy I'll do it in steps:
- Put page into the top bar and click GET PAGE
- The page should come up with an error of some sort on the screen, make note of it and click GET PAGE again.
- Keep clicking GET PAGE until the error disappears....WE have our point of exploitation
- Now since the code is now true we must change:
CODE :
id=1 to id=-1

- Once it's edited click 'GET PAGE MANUALLY'
- If you have done everything right, the errors should disappear and we should get an output... An example is here...Click Me


Making the attack:
Now we have found an insecure site, we need to go to the DUMP MYSQL tab, and paste in the top form.
Once it is pasted, you must remember the output for which the database echoed...In my example it was '3', however this will change.
So now where we have our vulnerable code, we must change it to look like this:

CODE :
www.vulnsite.com/index.php?id=1/**/union/**/all/**/select/**/1,2,[t],4--


- Now click 'Get Info' and it should dump the relevant data of the system.
- Now all you have to do is dump the necessary data from the database (databases, tables, columns etc)


Conclusion:
The rest of the program, is quite useful, but it's uses are beyond this article..(maybe i'll right another)
But i hope by showing you this program, maybe some of us can begin to understand vulnerabilities on the internet and give us power to fix them.

Another good way of finding MP3s (or other formats) is using Google and typing the following:

parent + directory + mp3 + OR + wma+ #dido#

Replace #dido# by whatever artist you wish to find, for example:

parent + directory + mp3 + OR + wma+ #Lamb#

You should get plenty of dirs with MP3s or WMA files (you could add OGG, etc, to the query). Cheers.

Step 1:
If you havn't already done so, pick the file you want to send

Step 2:
Visit

http://s20.yousendit.com/
Plug in your own email as the recipient's (A good way is to get a Gmail account. If you need one, PM me.) ,
select the file to send (up to 1GB).

Step 3: (The most important)
The normal is 25 downloads per file and then they disable it.
Here's what you do -
copy and paste this:

http://anonym.to/?

in front of the yousendit link it self.. so basicallly it will look like this when you are done

http://anonym.to/?http://s8.yousendit.com/d.aspx?id=7215CE3D0F56A6D328683E2C345DB9

This post will teach u how to send big files to email

This technic is really a newly powerfull way of downloading movies games... Nothing to worry about the fu***** deleters and all the jerks!

Enought bullshit lets get down to buisness:

First of all u need to have a big mail box. here are the one which we can cover. click on the icon to go to the website

• Gmail (Google mail)
• Storage space - upto 25gb
• Maximum attachment size - 10MB
Image
www.gmail.com

• Walla! mail (the best)
• Storage space - 1GB
• Maximum attachment size - 7MB
Image
www.walla.com

• Spymac Mail
• Storage space - 1GB
• Maximum attachment size - 10MB
Image
www.spymac.com

• Unitedemailsystems
• Storage space - 3GB
• Maximum attachment size - 10MB
Image
www.unitedemailsystems.com

• Xasamail
• Storage space - 2GB
• Maximum attachment size - 10MB
Image
www.xasamail.com


• Omnilect Mail
• Storage space - 2GB
• Maximum attachment size - 7MB
Image
www.omnilect.com

------------------------------------------------------------
Image

Then download the software called peer to mail:
http://dw.com.com/redir?pid=10351095&merid=72949&mfgid=72949&lop=link&edId=3&siteId=4&oId=3002-2196_4-10351095&ontId=2196&destUrl=http%3A%2F%2Fwww.peer2mail.com%2FP2MSetup.exe

official website:
http://www.peer2mail.com
--------------------------------------------------------------
Next step : configurate the soft

go in settings > SMTP server setting

and give an smtp adress that u know

Ex: smtp.laposte.net
user : HULK
pass: ******

Once configurated u don't need to touch it for the rest pf ur upload
Image

This is a critical step, if u are experimenting any pb of connexion this is were u need to have a look:

This is possible that temporaly ur internet provider dont allow u to use other smtp adress than his. So use it
ie:
smtp.free.fr
smtp.wanadoo.fr
(these are french one I don't know of which one u are using)
...

If u are experimenting any pb it is better to desactivate ur antivirus (the scanning mail option)

Image


----------------------------------------------------------

Image

1 - Click on Splint/Send File.
2 - Click on the icon (choose a file to send.....).
3 - select the archive that u want to upload it.
4 - type the address of ur account (email).
5 - It determines the size of the parts that the archive will be divided ( take a look at the max size used by ur mail) i advise u to put a size of 6MB.
6 - It determines the type of sending. "send via smtp server"

After all that, press OK.

===========

press the selected button in the figure:

Image

===========

After all the parts have been sent,go to ur account (email) and confirms, then u have to bring the Encrypted password follows the example below:

Image

===========


Always give the following information to the users:
follows the example below:

Email: GMail
Login: zezão
Password: |/kjds42d4sd24 \|

remmember:
- only Encrypted Password, never sends ur true password

--------------------------------------------------

Be careful : never post ur coordinates without having previously verifyed the content in the mailbox

sometimes peer2mail tells u that evrything is sent but It can happens that nothing is sent


---------------------------------------------------------------------------------------------------------

U want to download games and movies with a good speed ( thats what we all here for!)

So here is an easy way to download large files from mailbox

----------------------------------------------------
first download peer to mail

Image

official website:
http://www.peer2mail.com
----------------------------------------------------

Open it and go to the browse tab

---------------------------------------------------

then take the coordinates of the film/game u want to download

in this tutorial i'll use the film mulan :

mail: walla.com
login: dragon_mushu
pass: <(/++EiJPy)>

--------------------------------------------------
U noticed that the mail used is walla.com

so go to www.walla.com with the adress bar or with the prerecorded website (see picture)

Image

login with:
"dragon_mushu" & "<(/++EiJPy)>"

Image
----------------------------------------------------
go into the inbox then click on this icon:
Image

this wil do this:
Image

after uve retrieve all the segment click on "download"
------------------------------------------------------

If everithing is fine the movie will be merge automatically
and u won't need to care about the segments

------------------------------------------------------

If u look for a place to share/download movies/games using peer2mail just go to the peer2mail website www.peer2mail.com. Then go to the forum and click on "peer2mail related websites".

here is the direct link (may not work)
http://www.peer2mail.com/forums/viewforum.php?f=13

----------------------------------------------------------------------

Here u are now u should be an expert on peer2mail!!!




-----------------------------------------------------------------------------------------------------------------

Peer2Mail is the first software that let you store and share files on any web-mail account. If you have a web mail account with large storage space, you can use P2M to store files on it. Web-mail providers such as Gmail (Google Mail), Walla!, Yahoo and more, provide storage space that ranges from 100MB to 3GB.
P2M splits the file you want to share/store zips and encrypts it. P2M then sends the file segments one by one to your account. Once P2M uploaded all file segments, you can download them and use P2M to merge the segments back to the original file.

Sending a File

In order to send a file to an email account, Peer2Mail needs to split it into segments. Web-mail providers limit the size of an email attachment usually to a nominal 10Megs, but due to the size increase resulting from transport encodings, the limit works out to be a few MB less (Usually 7MB). Use the following dialog to prepare the file before sending:

* File Name - The file/s you want to send. You can use the Browse button to select a single or multiple files.

* Mail To - The recipients who will receive the file (Web-mail account). When using Direct Send you may enter only one email address. If you are sending Via MAPI then you can enter as many recipients as you like; Use the Recipients button to easily add email address separated by semi colon (icon_wink.gif.

* Optional Encryption Password - P2M automatically encrypts each segment to protect you privacy, however you can set a password (key) for the encryption to maximize the privacy. You will need this password when you merge the segments back.

* Segment Size - P2M splits the file into segments. Here you can determine the segment size, most of the web-mail providers limit the attachment size to a nominal 10Megs, but due to the size increase resulting from transport encodings, the limit works out to be a few MB less (Usually 7MB). It is recommended to test your web-mail provider for the size of an attachment it can receive.

Send Method -

o Direct Send - P2M has a built in SMTP component that sends the segments directly to the web-mail providers. You don't need to enter your ISP details in order to use P2M. If you are using this feature please make sure you enter a value in the 'From Email Address' because some web-mail providers reject email messages where there is no 'From' address. You can even enter a fake mail address.

o Send Via MAPI - P2M can send the segments using MAPI (Usually your outlook client). When you use this option P2M will split the files and move the sending responsibility to Outlook. Note that it will use your ISP SMTP server and details to send the files. You may enter as many recipients as you wish when using this option.

o Send Via SMTP Server - Send the segments using your ISP SMTP Server. If you are using this feature please make sure you enter a value in the 'From Email Address' because some web-mail providers reject email messages where there is no 'From' address. You can even enter a fake mail address. You may enter as many recipients as you wish when using this option.

* From Email Address - This is the source address of the mail. This address doesn't have to be valid, although sometimes web-mail providers reject emails where the domain
part of the address isn't valid.

Image

Once you are done, click on the Ok button. You can now choose if you want P2M to send all the segments or only specific few by checking/un-checking the checkboxes. Once you are ready, click on the Send button. It may take a few hours to complete the operation depending on the file size and your internet connection.
Note: If you are using an antivirus program that scans outgoing mail, it is recommended to disable this feature since it takes a long time for each segment to be scanned.


Plain Transfer

In case you don't want Peer2Mail to split, zip and encrypt your files, and just want to send the files "as is�" then you can use Plain Transfer. This option isn't secure. P2M just sends the file as an email attachment and some web mail providers might even block it.

Choose Plain Transfer from the drop down button: Image.
Once you are done filling the details as described above, click on the Ok button. Once you are ready, click on the Send button.
Note: If you are using an antivirus program that scans outgoing mail, it is recommended to disable this feature since it takes a long time for each segment to be scanned.


Downloading the Segments

P2M includes a built in browser so you can easily log into your web-mail account. Before you can merge the segments you need to download them. It is important that you will save all the segments into the same folder. The first segment name ends with the P2M extension and the rest follow with a serial number 001...00x.

Auto Download

Peer2Mail can automatically list and download files from web-mail accounts. Currently P2M supports auto-download from Gmail, Walla, Yahoo, Spymac, Unitedemailsystems, Xasamail, Gawab, Hriders and Omnilect. To use this feature, login to your account and click on the green download button (Image). P2M will then list the segments (may take a few minutes) and at any time you can tell P2M what segment to download by clicking on the checkboxes that appear next to them. Click on the Download button to begin downloading the selected segments.
If you checked the Auto Merge checkbox then Peer2Mail will automatically merge the segments once the download process is done
Image

The listing process can be a bit slow since P2M scans the mail account and gathers information about each attachment. Sometimes a server doesn't reply to a request so P2M might skip it. To fix that, once the listing process is over, click on the refresh button and P2M will re-index only the segments it didn't already list.
P2M scans for segments only in the inbox for Yahoo, Walla, Spymac, Unitedemailsystems, Xasamailand, Gawab, Hriders, Omnilect, and on all folders with Gmail.

Merging the Segments

Once you completed downloading all the segments, use P2M to merge it back to the original file. Choose the folder you want the file to be saved in and click on the Merge button. The Merge dialog:

# P2M File/s - use the Browse button to select the first segment of the file you wish to merge. The first segment extension is P2M.

# Decryption Password - If you used a password when you sent the file to your account, you must enter it now in order to merge it back. Incorrect password will result in a failure to merge the segments.

Some PDF documents prevent the user from copying and pasting or printing it's contents. This sometimes presents a problem since the creator of the PDF file might have used a font that is not available in the system trying to read it.

Ensode contains a free online utility that allows you to upload a PDF, once uploaded, a version of the PDF without printing or copying/pasting restrictions is displayed in a new browser window.
How to Remove Restrictions on Printing & Copying - Unlock the Pdf File

To unlock a PDF file, enter it's location in the "PDF file to unlock" field, by either typing it in the field or clicking on the "browse" button, then navigating to it's location.
See Screenshot Below

The unlocked version of the PDF will be displayed in a new browser window, opened in the default PDF application for your system (usually Adobe Acrobat Reader).

WinPatrol is known for many functions and is often classified as a spyware monitor or an AutoRun program manager. Over the years I’ve packed a number of important functions into two small program files that make up WinPatrol.

WinPatrol was a first of its kind intrustion detection program 11 years ago and continues to have many unique features not found in other utilities.

WinPatrol is a program I use personally on every computer I own. It really runs in the background without slowing down other applications. Its small foot print, robust proformance and new features are based on what I want myself and I hope you do too.

I’ve put together a list of features that some folks may not know about.

1. Delay Startup Programs
   While WinPatrol can be used as a one time tool to clean up your startup programs, perhaps you have some programs you’d like to keep. Using WinPatrol, you can schedule some programs to run once your system is up and running successfully.
   

2. Warn if Auto Update Status Changes
It’s not unusual for malware to change your auto update setting but some folks noticed that occasionally Microsoft has been known to change this value also. Either way WinPatrol is one of the only programs designed to alert you to this kind of change.


3. Track Date/Time Programs are First Detected
Have you ever wondered when you installed a new program? WinPatrol will keep track for you. This works best when, as many do, you install WinPatrol as the first application on your new or restored computer. If you’re ever infected with malware with random filenames this feature makes it easy to pick out all the related bad guys.


4. Automatically Remove Reoccuring AutoRun Programs
Many legitimate programs from Apple, Adobe, Google and Microsoft think they’re so important that just running the program they’ll add companion applications to your startup list. WinPatrol’s “Disable” button will tell WinPatrol to remove them automatically when added to your Startup list.


5. Prevents Changes to File Type Associations
This feature was originally designed to prevent malware from changing .exe and script settings. It has proved to be useful to stop programs that try to reassign themselves to play your MP3’s or edit your JPG files.


6. Kill Multiple Tasks in One Step
Unlike Windows Task Manager, WinPatrol uses the standard multiple select keys to highlight more than one program so you can kill multiple tasks in one step. This is especially useful for removing malware that reproduces itself


7. Twenty Thousand Program Descriptions
WinPatrol PLUS is designed to be educational. We now have over 20,000 program descriptions created so they can be understood by mere mortals. PLUS members can just double click for more information on any program they find.


8. Secret Startup Registry Entries
While MSConfig will show you the basic RUN registry startup locations, WinPatrol digs deeper into the registry to display programs using non-traditional locations commonly used by malware and even some legitimate programs.

9.Disable Vulnerable ActiveX Controls
You won’t have to wait for a Tuesday security patch when a new activex vulnerability is found. WinPatrol allows you to safely use the kill-bit function to disable any dangerous code objects.

10. Create Hijack Style Log Files
Many online helpers have become accustom to reading logs from HiJackThis. WinPatrol creates a log using this familiar format while including additional benefits.

If you haven’t looked at WinPatrol lately, I’m hoping you’ll give Scotty another look. It’s a small download at http://www.winpatrol.com/download.html.
(International versions available as well)

Thank you to everyone who has supported the development of WinPatrol by upgrading to WinPatrol PLUS.

#1: Trying to change everything all at once

When you come into a new job, or start working with a new technology, you may have all sorts of bright ideas. If you’re new to the workplace, you immediately hone in on those things that your predecessors were (or seem to have been) doing wrong. You’re full of all the best practices and tips and tricks that you learned in school. If you’re an experienced administrator coming from a different environment, you may be set in your ways and want to do things the way you did them before, rather than taking advantage of features of the new OS.

Either way, you’re likely to cause yourself a great deal of grief. The best bet for someone new to Windows networking (or to any other job, for that matter) is give yourself time to adapt, observe and learn, and proceed slowly. You’ll make your own job easier in the long run and make more friends (or at least fewer enemies) that way.

#2: Overestimating the technical expertise of end users
Many new administrators expect users to have a better understanding of the technology than they do. Don’t assume that end users realize the importance of security, or that they will be able to accurately describe the errors they’re getting, or that they know what you mean when you tell them to perform a simple (to you) task such as going to Device Manager and checking the status of the sound card.

Many people in the business world use computers every day but know very little about them beyond how to operate a few specific applications. If you get frustrated with them, or make them feel stupid, most of them will try to avoid calling you when there’s a problem. Instead they’ll ignore it (if they can) or worse, try to fix it themselves. That means the problem may be far worse when you finally do become aware of it.

#3: Underestimating the technical expertise of end users
Although the above applies to many of your users, most companies will have at least a few who are advanced computer hobbyists and know a lot about technology. They’re the ones who will come up with inventive workarounds to circumvent the restrictions you put in place if those restrictions inconvenience them. Most of these users aren’t malicious; they just resent having someone else in control of their computer use — especially if you treat them as if they don’t know anything.

The best tactic with these users is to show them that you respect their skills, seek out their input, and let them know the reasons for the rules and restrictions. Point out that even a topnotch racecar driver who has demonstrated the ability to safely handle a vehicle at high speed must abide by the speed limits on the public roads, and it’s not because you doubt his/her technology skills that you must insist on everyone following the rules.

#4: Not turning on auditing
Windows Server operating systems have built-in security auditing, but it’s not enabled by default. It’s also not one of the best documented features, so some administrators fail to take advantage of it. And that’s a shame, because with the auditing features, you can keep track of logon attempts, access to files and other objects, and directory service access.
Active Directory Domain Services (AD DS) auditing has been enhanced in Windows Server 2008 and can be done more granularly now. Without either the built-in auditing or third-party auditing software running, it can be almost impossible to pinpoint and analyze what happened in a security breach.

#5: Not keeping systems updated
This one ought to be a no-brainer: Keeping your servers and client machines patched with the latest security updates can go a long way toward preventing downtime, data loss, and other consequences of malware and attacks. Yet many administrators fall behind, and their networks are running systems that aren’t properly patched.

This happens for several reasons. Understaffed and overworked IT departments just may not get around to applying patches as soon as they’re released. After all, it’s not always a matter of “just doing it” — everyone knows that some updates can break things, bringing your whole network to a stop. Thus it’s prudent to check out new patches in a testbed environment that simulates the applications and configurations of your production network. However, that takes time — time you may not have.

Automating the processes as much as possible can help you keep those updates flowing. Have your test network ready each month, for instance, before Microsoft releases its regular patches. Use
Windows Server Update Services (WSUS) or other tools to simplify and automate the process once you’ve decided that a patch is safe to apply. And don’t forget that applications — not just the operating system — need to be kept updated, too.

#6: Getting sloppy about security
Many administrators enforce best security practices for their users but get sloppy when it comes to their own workstations. For example, IT pros who would never allow users to run XP every day logged on with administrative accounts think nothing about running as administrators themselves while doing routine work that doesn’t require that level of privileges. Some administrators seem to think they’re immune to malware and attacks because they “know better.” But this over confidence can lead to disaster, as it does in the case of police officers who have a high occurrence of firearms accidents because they’re around guns all the time and become complacent about the dangers.

#7: Not documenting changes and fixes
Documentation is one of the most important things that you, as a network admin, can do to make your own job easier and to make it easier for someone else to step in and take care of the network in your absence. Yet it’s also one of the most neglected of all administrative tasks.

You may think you’ll remember what patch you applied or what configuration change you made that fixed an exasperating problem, but a year later, you probably won’t. If you document your actions, you don’t have to waste precious time reinventing the wheel (or the fix) all over again.

Some admins don’t want to document what they do because they think that if they keep it all in their heads, they’ll be indispensible. In truth, no one is ever irreplaceable — and by making it difficult for anyone else to learn your job, you make it less likely that you’ll ever get promoted out of the job.

Besides, what if you got hit by a truck crossing the street? Do you really want the company to come to a standstill because nobody knows the passwords to the administrative accounts or has a clue about how you have things set up and what daily duties you have to perform to keep the network running smoothly?

#8: Failing to test backups
One of the things that home users end up regretting the most is forgetting to back up their important data — and thus losing it all when a hard drive fails. Most IT pros understand the importance of backing up and do it on a regular schedule. What some busy admins don’t remember to do regularly is test those backups to make sure that the data really is there and that it can be restored.

Remember that making the backup is only the first step. You need to ensure that those backups will work if and when you need them.

#9: Overpromising and underdelivering
When your boss is pressuring you for answers to questions like “When can you have all the desktop systems upgraded to the new version of the software?” or “How much will it cost to get the new database server up and running?”, your natural tendency may be to give a response that makes you look good. But if you make promises you can’t keep and come in late or over budget, you do yourself more damage than good.

A good rule of thumb in any business is to underpromise and overdeliver instead of doing the opposite. If you think it will take two weeks to deploy a new system, give yourself some wiggle room and promise it in three weeks. If you’re pretty sure you’ll be able to buy the hardware you need for $10,000, ask for $12,000 just in case. Your boss will be impressed when you get the project done days ahead of time or spend less money than expected.

#10: Being afraid to ask for help
Ego is a funny thing, and many IT administrators have a lot invested in theirs. When it comes to technology, you may be reluctant to admit that you don’t know it all, and thus afraid — or embarrassed — to ask for help. I’ve know MCSEs and MVPs who couldn’t bear to seek help from colleagues because they felt they were supposed to be the “experts” and that their reputations would be hurt if they admitted otherwise. But plunging ahead with a project when you don’t know what you’re doing can get you in hot water, cost the company money, and even cost you your job.

If you’re in over your head, be willing to admit it and seek help from someone more knowledgeable about the subject. You can save days, weeks, or even months of grief by doing so.

The Internet can be a confusing & dangerous place. While you’re enjoying the convenience of online shopping, Internet banking and subscription websites, nasty people lurk around every corner.Hackers, fraudsters, identity thieves and many others would love to get hold of your personal details. And what stands between you and a security disaster? A = Your password. Here are 10 tips for choosing and using bullet-proof passwords that will protect you from harm:

Tip 1 - Avoid the obvious
Passwords based on personal details are too easy to guess. Avoid using names, places, favorite sports teams, or “password”.

Tip 2 - Make it non-dictionary
One option a thief might try to crack your password is a brute-force dictionary attack. Choose something that you won’t find in any dictionary.

Tip 3 - Use the full 8 characters
The more characters a password contains the more secure it becomes, so fill that password field to the max.

Tip 4 - Mix the case
Deter thieves further by using a combination of upper and lower-case letters. A mIXeD cAsE password adds another layer of protection and is ever harder to guess.

Tip 5 - Include non-alphabetic characters
Adding numbers and non-alphabetic characters (like a hyphen) to your password makes it less likely to be cracked than something purely alphabetic.

Tip 6 - Don’t write it down
This should be obvious but it’s amazing how many scraps of paper surround the world’s PCs.

Tip 7 - Assign a different password to each login id
If thieves get hold of your password, they’ll try it in every online system available. Use a separate password at each website and you won’t have all your eggs in one basket.

Tip 8 - Employ a password manager
Remembering multiple secure passwords can be challenging. Specialist software like http://www.robo-form.com manages your passwords securely and automates the login process. Or my favorite Mac based one called “Yojimbo = http://www.barebones.com/products/yojimbo/ “

Tip 9 - Logout when you’re done
Always hit the logout button when you’ve finished using a secure site like online banking.

Tip 10 - Close that browser
Web pages and passwords can be cached in the browser, so close down your browser window for added security.

Follow these simple common-sense tips and you’ll enjoy greater online security while benefiting from the many advantages the Internet has brought.

A couple of quick tips for improving online banking security.