|
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
I modified a script for RunUO,
which is a software package that will allow you to run your own
gaming server akin to the Ultima Online
online roleplaying game. The
Emote
script will allow you to issue the command "[emote" to see
a list of emotions or actions your character can display or issue a specific
"[e
To set up your own RunUO server take the following steps:
private static TimeSpan m_Delay = TimeSpan.FromMinutes( 5.0 );
private static TimeSpan m_Delay = TimeSpan.FromMinutes( 30.0 );
public const string Address = null;
public const string Address = shard.anolonandpointsbeyond.com;
/* Address: * * The default setting, a value of 'null', will attempt to detect your IP address automatically: * private const string Address = null; * * This detection, however, does not work for servers behind routers. If you're running behind a router, put in your IP: * private const string Address = "12.34.56.78"; * * If you need to resolve a DNS host name, you can do that too: * private const string Address = "shard.host.com"; */
public const string ServerName = "RunUO Test Center";
public const string ServerName = "Anolon";
Listener.Port = 2593;
private static int MaxAccountsPerIP = 1;
private static int MaxAccountsPerIP = 5;
private static bool AutoAccountCreation = true;
private static bool AutoAccountCreation = false;
cmd and
hit enter). Then switch to the directory where the RunUO software is
stored and type server and hit enter to start the shard software.
A WebRamp Entree ISDN router can be configured to function as a
DHCP server.
This can be done through the router's command line configuration capability
by establishing a telnet connection to the router. When you have logged
into the router (the default userid is "wradmin"), you can check its dhcp
staruts by using the showdhcpopts command.
-> showdhcpopts
DHCP Module : Disabled
Domain Name : labyrinth.com
Gateway Address : 192.168. 1. 2
Subnetmask id : 255.255.255. 0
First DNS : 10. 22.111. 53
Second DNS : 205.197.182.100
Third DNS : 209.150.117.251
value = 0 = 0x0
In the above example, the router's DHCP server capability is disabled, though
it has already been set to provide a domain name, gateway address, subnet
mask, and DNS server addresses once the DHCP server capability is re-enabled.
You can change the information that it will provide to DHCP clients using the
setdhcpopts command. If you want help on the command you can isse
the command thelp "setdhcpopts (all arguments to the thelp
command must be includied in double quotes). Once you have set the
DHCP options, you can view them with the showdhcpopts command.
-> thelp "setdhcpopts"
Usage: setdhcpopts " { { -d < Domain Name > }
{ -g < Gateway Address > }
{ -n <-i> < ith DNS Address > } } "
Note : i = {1,2,3}
value = 0 = 0x0
-> setdhcpopts "-d labyrinth.com -g 192.168.1.2 -n -1 10.22.111.53"
value = 0 = 0x0
-> showdhcpopts
DHCP Module : Disabled
Domain Name : labyrinth.com
Gateway Address : 192.168. 1. 2
Subnetmask id : 255.255.255. 0
First DNS : 10. 22.111. 53
Second DNS : 205.197.182.100
Third DNS : 209.150.117.251
value = 0 = 0x0
With the "-d" option to setdhcpopts, you can set a domain
name to be assigned to DHCP clients. The "-g" option allows you to provide
the gateway address, in this case the address of of the router itself. The
"-n" option allows you to set the addresses of DNS servers to be assigned
to clients. The "-n" should be followed by another parameter, a dash
and a number that specifies which DNS server value is being assigned, e.g.
a "-1" for the first DNS server address or a "-2" for the second. That
parameter should be followed by the actual DNS server address.
To specify the range of IP addresses that the DHCP server will assign use
the setdhcp command.
-> thelp "setdhcp"
Usage: setdhcp " -a < Start of Address > -n < Number of Addresses > -f -p "
Note : The value of 'Number of Addresses' must be Greater than ZERO.
value = 0 = 0x0
-> setdhcp "-a 192.168.1.50 -n 10"
This operation may discard IP addresses that are previously assigned/reserved.
Are you sure you want to Continue?[y/n] :y
value = 0 = 0x0
The above setdhcp command sets the DHCP server to assign ten
addresses starting at 192.168.1.50.
To actually enable the router to start functioning as a DHCP server, you
need to use the enabledhcp. You need to follow that command with
the saveconfig command to make the change permanent.
-> enabledhcp
Do saveconfig to save changes
value = 0 = 0x0
-> saveconfig
value = 0 = 0x0
You can then exit from the router with the exitwr command.
-> exitwr
The Russian police have announced they've caught those responsible for the murder of the man deemed Russia's number one spammer. Vardan Kushnir, who headed the English learning centers the Center for American English, the New York English Center and the Center for Spoken English was brutally murdered on Sunday, July 25. His death was caused by repeated blows to the head.
Mr. Kushnir was responsible for the transmission of millions of spam messages to Russians and others outside the country advertising the services of the companies he headed. He was well-known as a spammer in Russia and various means of exacting revenge for his spam had been tried in Russia. The American English Center's telephone numbers were widely posted on the web to encourage people to tie up the lines with calls not pertaining to purchasing the services he was advertising and his personal data was also published.The Russian deputy minister of communication recorded a message urging American Language Center to stop spamming and Rambler, one of Russia.s biggest Internet holdings, set up a calling system in its office, that played the message non-stop to the American Learning Center call-center operators and answering machines.
And a complaint was filed against him by a Moscow lawyer with the Russian Antitrust Authority, which is charged with the enforcement of ad laws. At the Antitrust Authority hearing, Kushnir claimed he had no idea who might be sending out those millions of ads for his business and the case was closed.
His death was greeted almost with jubilation by many, with Russian-language media often suggesting he got what he deserved. Some of the headlines for articles about his death included "The Spammer Had it Coming", "Spam is Deadly", "Ignoble Death Becomes Russia.s Top Spammer", "An Ultimate Solution to the Spam Problem". There was speculation in the Russian media and western media that his death might have come at the hands of someone fed up with Kushnir's spam.
But on August 14, Russian police arrested a 15-year-old girl and two boys aged 18 and 17 years of age along with a 27-year-old accomplice in connection with Kushnir's deat. They were accused of breaking into his apartment with the intent to rob him. One of the boys supposedly wielded a baseball bat to kill Kushnir. The story from the youths was that Kushnir had invited them to his place where he made passes at the 15-year-old girl. They said they tried to stop him, but Kushnir grabbed a knife and they were forced to defend themselves by hitting him on the head with an empty bottle. Their story sounds about as credible as Kushnir's claim he had no idea where all of the spam orginated from that advertised his business.
References:
I've started creating my own Vi tips to help me remember commands that I may not use frequently, but am likely to need again.
While checking a system for adware/spyware, SpyCop Spyware Remover reported that cd_clint.dll, which was in c:\windows\system32 was part of "ADWARE: Cydoor". Bazooka Spyware Scanner also reported the file as being part of Cydoor.
Though cd_clint.dll is part of Cydoor, this particular file with an MD5 checksum of 65fd7ea79f626f7b57f4d6ced6339f32 is not. Instead it is a dummy file from CEXX Labs, which is intended to allow you to execute a spyware-dependent program without fear that the program is impeding the system's performance with adware/spyware. The dummy file can be downloaded from "Dummy files for neutering spyware".
The CEXX.Org webpage providing the download states that Pest Patrol 4 also gives a false positive result for this file.
For more information on Cydoor and CD_Clint.dll see Advertising Spyware: CyDoor CD_Load.exe and CD_Clint.dll"
In addition to differences in size and MD5 checksums, you can also easily distinguish the CEXX dummy version of cd_clint.dll from the Cydoor adware version by right-clicking on the file and choosing Properties and then Version. The differences between the files are listed below. It is possible Cydoor has released multiple versions of cd_clint.dll, so the size, checksum, and version information may differ for other versions of the Cydoor cd_clint.dll Dynamic Link Library (DLL) file.
| CEXX Dummy Version | Cydoor Adware Version | |
|---|---|---|
| Filename | cd_clint.dll | cd_clint.dll |
| Size | 48.0 KB (48,640) | 151 KB (154,624 bytes) |
| MD5 Checksum: | 65fd7ea79f626f7b57f4d6ced6339f32 | 8ca847eba88f8f6505956b0069983811 |
| Download Site #1 | CEXX.Org | Moonpoint Support |
| Download Site #2 | Moonpoint Support | |
| Properties | ||
| File Version | 1.0.0.0 | 3.2.1.0 |
| Description | DLL (GUI) | Cydoor Technologies ad-system |
| Copyright | CEXX Labs + Mike Dombrowski | Copyright (C) Cydoor Technologies, Inc. 1999 |
| Comments | "For that EXTRA comfort and protection" | This is a module of Cydoor's ad system. Additional information is available at http://www.cydoor.com |
| Company | CEXX Labs - www.cexx.org | Cydoor Technologies, Inc. |
| File Version | 1.0.0 | 3,2,1,0 |
| Internal Name | ProjectOne | CD_clint.dll |
| Language | English (United States) | English (United States) |
| Legal Trademarks | CYDOOR is a trademark of CYDOOR Technologies. CEXX.ORG is not affiliated with CYDOOR Technologies | Cydoor Technologies(tm) |
| Original File Name | project1.dll | CD_Clint.dll |
| Product Name | CEXX.ORG Spyware Condom (CYDOOR-Compatible) | Cydoor Technologies ad-system |
| Product Version | 1.0.0.0 | 3,2,1,0 |
| Special Build Description | 14 |
Some antispyware software will report a false positive for the CEXX cd_clint.dll, identifying it as being part of Cydoor adware, apparently from the name alone. Programs I've found report a false positive and those I've found not to report it as malware are listed below.
| Program | Program Version | Database/Definitions Version |
|---|---|---|
| False Positive Detection as Cydoor | ||
| Bazooka Scanner | 1.13.03 | 8/8/2005 |
| SpyCop | 6.21 | 08-11-2005 |
| Spy Sweeper | 4.0.4 (Build 430) | 492 (Updated on August 12, 2005) |
| No False Positive Detection | ||
| Ad-Aware SE Personal | Build 1.06r1 | SE1R61 10.08.2005 |
| ClamWin | 0.86.2 | 19:39 08 Aug 2005 (main: 33; daily 1010) |
| Microsoft AntiSpyware Beta1 | 1.0.615 | 5743 (8/8/2005 8:01:19 PM) |
| Spybot Search & Destroy | 1.4 | 2005-08-04 |
| Symantec AntiVirus | 9.0.0.338 | 8/10/2005 rev. 4 |
I also submitted the file to Jotti's Online Malware Scan, which scanned the file with 14 different antivirus programs all of which reported "found nothing" for the file.
References:
I've spent a few days trying to resolve a problem on a system where there was no web access, but I could ping IP addresses, except for the IP address of the system itself. I finally traced the problem to the Norton Internet Security 2002 firewall software running on the system.
[ More Info ]
While troubleshooting an Internet access problem on a system, I noticed a lot of entries for dubious sites in the registry under HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\. There were a lot of keys for domain names I know are associated with adware/spyware, such as 180solutions.com, brilliantdigital.com, and exactsearchbar.com. There were a lot of other dubious sounding domain names, such as casinoking.com, casinolasvegas.com, and casinodelrio.com. When I checked the values of the keys, I noticed they were all set as follows:
| Name | Type | Data |
|---|---|---|
| (Default) | REG_DWORD | 0x00000005 (5) |
At Microsoft's WinInet Registry settings webpage, I found the following:
Per Site Cookie Handling
To handle site-by-site cookies, per-domain cookie decisions are stored under the HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\P3P\History\<domain> key. The domains are added to the registry by WinInet when the user adds sites by using the Per Site Privacy Actions dialog box.
The default value of the <domain> key stores the decision value. The following table shows the possible values.
Value Description REG_DWORD: 1 (COOKIE_STATE_ACCEPT) Accept all cookies from this site. REG_DWORD: 5 (COOKIE_STATE_REJECT) Reject all cookies from this site.
So a value of five in the key will block cookies from a site listed with that value. The values were probably placed there by one of the antispyware programs I previously installed on the system.
Internet Explorer 6 apparently checks the P3P keys to determine whether to allow a site to place a cookie on the system as described in IE6 and cookies. P3P stands for Platform for Privacy Preferences.
References:
Amazon.com has been hoisted on its own petard. An Associated Press report on ABC News today states that Amazon paid $40 million to Soverain Software LLC to settle a software patent-infringement lawsuit. Soverain, a small Chicago-based company claimed that Amazon's website infringed on Soverain patents on network sales sysetms and Internet server access control and monitoring systems.
Amazon's own use of software patents to try and stymie competition prompted many to urge a boycott of Amazon a few years ago. Amazon claimed Barnes and Noble's use of a one-click shopping technique infringed on an Amazon software patent. Amazon settled that lawsuit in 2002, but didn't disclose details of the settlement.
Amazon essentially obtained a patent on the idea that a command from a web browser to a web server could carry with it identifying information about your identify, which is done by the use of a cookie. Unfortunately, the US Patent Office is willing to grant software patents for lots of obvious ideas and large corporations now seek to use such patents to stifle competition. And smaller ones can use such patents to reap large rewards for simply being the first to get a patent on the idea. When someone else does the hard part of actually implementing the idea, then the software patent holder takes the other company or individual to court hoping for rich rewards with little real effort involved on their part other than filing the patent application. Instead of fostering innovation as was the founding fathers' intent for patent law, the software patents limit innovation and enrich software patent lawyers and the companies who make a living from waiting on others to implement an obvious idea and then suing them or getting a patent specifically to stymie or harrass a competitor as Amazon did with the 1-Click patent.
Even one of Amazon's own founding programmers, Paul Barton Davis, labelled Amazon's 1-Click patent "a cynical and ungrateful use of an extremely obvious technology." He further stated "Amazon.com's early development relied on the use of tools that could not have been developed if other companies and individuals had taken the same approach to technological innovation that the company is now following."
But it isn't just software patents where the ridiculousness of the US Patent Office's practices is shown. Would you believe the US Patent Office granted a patent on a crustless peanut butter and jelly sandwich? Well they did. The J.M. Smucker Co. was granted a patent on a method for making "Uncrustables", which are just peanut butter and jelly sandwiches with no crust sealed in plastic. And the US Patent and Trademark Office (USPTO) has even allowed a patent on the method of moving side-to-side on a swing. No, I'm not making this up. None other than the Wall Street Journal reports this absurdity in an April 5, 2005 article at Patent No. 6,004,596: Peanut Butter and Jelly Sandwich.
Smuckers also filed a lawsuit based on its patent, going after a small grocer and caterer, Albie's Foods Inc. of Gaylord, Michigan, demanding they stop selling crustless peanut butter and jelly sandwiches.
Why are patents granted on ideas like 1-Click shopping or sealed crustless peanut butter and jelly sandwiches? One reason may be that the USPTO encourages patent examiners to approve patents quickly with minimal quibbling, since the USPTO is now supposed to be financially self-sufficent and charges per patent application processed. You can find further information on what has led to the current state of affairs with the USPTO at The Patent Trap.
References:
I noticed that a Solaris 5.7 system had run out of free space on the var partition. A "df -k" showed only a few bytes free.
# df -k
Filesystem kbytes used avail capacity Mounted on
/proc 0 0 0 0% /proc
/dev/dsk/c0t0d0s0 2052750 1420927 570241 72% /
fd 0 0 0 0% /dev/fd
/dev/dsk/c0t0d0s3 1015542 953786 824 100% /var
/dev/dsk/c0t0d0s4 5058110 3396738 1610791 68% /home
swap 212496 872 211624 1% /tmp
I checked /var/log and found that log files were not being rotated and several had grown quite large. So I moved those to another partition. I then used the touch command to create new empty copies of the files and changed their protection so only root, which owned the files, had access.
touch sshd.log
touch maillog
chmod 600 sshd.log
chmod 600 maillog
But the system didn't seem to realize that I had moved those large files elsewhere. It didn't show any increase in free space with "df -k" after I moved the files. I logged into a user account, brought up Pine, and deleted several messages with large attachments. The system then showed an increase in free space and email started coming into the account again. It hadn't been coming in because there was no room to store it on the /var partition.
I then noticed the system didn't seem to be using the new files I created with the touch command. The sshd.log and maillog files weren't growing. I logged into the system with sshd, but no entry was placed in /var/log/sshd.log file for the login. And, though, new mail was coming in, no entries were placed in /var/log/maillog. When I checked the /var/log/syslog file I found that mail entries were appearing there. I checked /etc/syslog.conf and found the following entry that should put entries for sendmail email deliveries in /var/log/maillog.
mail.info /var/log/maillog
And there was an entry that should have been putting entries in /var/log/sshd.log for ssh connections.
daemon.info /var/log/sshd.log
The system had been placing the appropriate entries in those two files until I moved the maillog and sshd.log files. I then realized I probably needed to restart syslog. When I restarted it, the system suddenly acknowledged that I had a great deal more free space on the var partition and an "ls -l /var/log" showed the sshd.log and maillog files growing. And when I checked them I saw that entries were being added again for ssh logins and email deliveries.
# /etc/init.d/syslog stop
# /etc/init.d/syslog start
syslog service starting.
Some antivirus vendors offer free online virus scanning services. Though in some cases you may have to purchase software from the vendor to remove the detected malware, you will at least be able to determine if the system is infected and the particular malware infecting it.
You can also use Jotti's Online Malware Scan service to submit individual files for immediate free analysis by 14 different antivirus programs.
[ More Info ]
The Windows XP Firewall, which is turned on by default on systems running Windows XP Service Pack 2, unless they are in a domain with a Windows SBS 2003 server with an early version of Windows SBS 2003, can be turned off from another machine in the domain by using "Computer Management".
[ More Info ]
Microsoft provides a prnmngr.vbs script with Windows XP and Small Business
Server (SBS) 2003 systems. This script can be found in %windir%\system32,
which will normally be c:\windows\system32. The script can be used to add,
delete, and list printers or printer connections. It can also be used to
set or display the default printer. If you run the script using cscript without
any parameters it will display the usage information shown below. If you are
unfamiliar with cscript, it provides a mechanism for running VBS scripts. The "/nologo" option
for cscript supresses the display of the Microsoft logo information normally
displayed when a script is run with cscript. You can run the script from
a command line. You need to change to the %windir%\system32 directory or
include the full path to the script when you run it, e.g.
cscript /nologo c:\windows\system32\prnmngr.vbs -l.
C:\WINDOWS\system32>cscript /nologo prnmngr.vbs
Usage: prnmngr [-adxgtl?][c] [-s server][-p printer][-m driver model]
[-r port][-u user name][-w password]
Arguments:
-a - add local printer
-ac - add printer connection
-d - delete printer
-g - get the default printer
-l - list printers
-m - driver model
-p - printer name
-r - port name
-s - server name
-t - set the default printer
-u - user name
-w - password
-x - delete all printers
-? - display command usage
Examples:
prnmngr -a -p "printer" -m "driver" -r "lpt1:"
prnmngr -d -p "printer" -s server
prnmngr -ac -p "\\server\printer"
prnmngr -d -p "\\server\printer"
prnmngr -x -s server
prnmngr -l -s server
prnmngr -g
prnmngr -t -p "\\server\printer"
If you want to view the default printer for a system you can use the
-g parameter.
C:\WINDOWS\system32>cscript /nologo prnmngr.vbs -g
The default printer is Microsoft Office Document Image Writer
If you want to view all of the printers for a system and save the output to a file, such as printers.txt, you could use the following command.
C:\Documents and Settings\Administrator>cscript /nologo
c:\windows\system32\prnmngr.vbs -l >printers.txt
The information that will be displayed for each printer when you use the
-l option will be similar to that shown below.
Server name
Printer name HP Business Inkjet 3000 PCL 6
Share name Pam HP3000
Driver name HP Business Inkjet 3000 PCL 6
Port name USB002
Comment
Location
Print processor WinPrint
Data type RAW
Parameters
Attributes 8776
Priority 1
Default priority 0
Status Unknown
Average pages per minute 0References:
On Unix and Linux systems, you can use the arch command to
display the application architecture of the host system. Systems can be
broadly classified by their architectures, which define what executables
will run on which machines. A distinction can be made between kernel
architecture and application architecture (or, commonly, just
"architecture"). Machines that run different kernels due to underlying
hardware differences may be able to run the same application program.
On current Linux systems, arch prints things such as "i386", "i486",
"i586", "alpha", "sparc", "arm", "m68k", "mips", "ppc" and is equivalent
to the uname -m command.
Due to extensive historical use of this command without any options,
all SunOS 5.x SPARC based systems will return "sun4" as their application
architecture. Sun discourages the use of this command and recommends the
use of the uname command instead.
The Solaris version accepts a -k option, which will display
the kernel architecture, such as sun4m, sun4c, etc. This defines which
specific SunOS kernel will run on the machine and has implications only
for programs that depend on the kernel explicitly.
Examples:
RedHat Linux 9 system with a 2.4.20-28.9 kernel
$ arch
i686
Sun Ultra 5 running Solaris 5.7
$ arch
sun4
$ arch -k
sun4u
