tansqrx

I’m starting to have a real problem in my forums. Apparently “midget anal porn” is the hottest new thing. I didn’t think midgets were into that kind of thing but apparently I’m wrong (apologies to any midgets out there). I knew that spam may be a problem on my board but I didn’t think that I would be a target just yet. I only have 16 registered users (including the spam bots). How in the world did they find me? Just like junk mail I figure this problem is only going to get worst since I am now apparently on the list. Does anyone have a solution to this problem?I am using phpBB. Perhaps a plug-in is out there for this type of thing? Also does anyone know how to get the IP of a user that registered? If I had that then I could ban the subnet.

Since I am below a newbie on Linux, how would one do this from the command line?

I don’t know of any patches for this. If nothing else works you may want to change your CMOS battery. It’s a long shot but worth trying.

This sounds like a great idea, I will have to try it out. Although I don’t know if I like the idea of my firewall starting 5 minutes later.Another thing that may make life better for startup programs is a new feature in Vista. I was listening to one of the Microsoft podcasts and one of the Vista developers was talking about a new “permission” that can be applied to files. It is a low priority load bit. It is basically for programs that do not need to be started immediately (read startup programs).

I am very open to correction here as I may be wrong. When I first saw UMASK I thought you had mistakenly posted a Unix question in the Windows forum. Unix is really the only OS a UMASK has a place and windows doesn’t really have an equal at least not directly.Conceptually UMASK is where a newly created file gets its permissions. On Unix systems this can be set at the system or user levels. From experience, setting the UMASK can be tricky (as a Windows guy) as the values are reversed from setting a file permission directly. The question is where does Windows get the information to set default permissions on a newly created file? The answer is from the parent directory, the permissions are inherited. In most cases this is the direct answer but things can get tricky. Below are a few exceptions1. Certain system folders have permissions that are not inherited and have specific “security” build into them. Examples include c:\windows\system32 and the recycle bin.2. You can set the permissions to not inherit from parent. Right click on a file>properties>security>advanced button. There is a check box that allows you to do this.3. I’m not completely sure about this but I believe that there are some group policies that can be set if you are part of a domain.4. Files are not the only thing that can have permissions. Registry entries can also be restricted.I suppose the finial answer is this. There is no direct correlation between a UMASK in Unix and Windows. The closest thing is file permissions that are inherited in Windows.

I think the proper term should be upgrade to Professional and not downgrade as Professional is more expensive.

Wow I have to admit that I am impressed. Never heard of this one before.

Thank you for your great suggestions. The purpose of the application is to query remote Internet resources so in short it will be on the Internet at all times. I don’t think that using the IP address would be much good because the IP can change at any time. I used to have a DSL line that changed everyday. As for the CPU ID, it is also not a hard and fast rule. If you remember a few years ago Intel had a big controversy over enabling the ID on Pentium 4 chips. From that point on I think that Intel has disabled the ID.I suppose the SQL database would be the best way to go but I have absolutely no experience with SQL and I would rather not go down that path, at least not yet.Great response so far.

I have to somewhat disagree with your observations that VB.NET is only a server language. I have written many standalone Windows Forms applications. The current program is 10K+ SLOC and I have had no problems with VB.NET yet (in the sense of being a poor programming language). With the advent of the .NET Framework, VB.NET is just as powerful and has 99.9% of the features as C#. It is true that the majority of uses of VB.NET have been with ASP and database applications but I don’t think this is because it is a “server” language.I guess the bottom line is this. The choice between VB.NET and C# is only what you are used to program in. If you came from C++ then C# is naturally your choice, if coming from VB then you will feel quite at home with VB.NET.

I am currently developing a program that I would like to protect from unauthorized users (copy protection). The software itself is free but I want my users to register before they can use it. Because the software is free, I can’t really use a third-party solution such as eSellerate because they take payment as a percentage of sales (which is zero).I have played around with several ideas but the one that keeps sticking is using the hard drive serial number as a basis for protection. I’m not a big fan of this idea because I have been the victim of such schemes in the past. For example, I have a removable hard drive and every time I insert the drive a particular piece of software goes crazy and I have to reenter the activation code. Another problem with this software is I have a hybrid SATA and PATA system. For some reason the software (or maybe Windows) sees the PATA drives as primary when in reality a SATA drive is the boot drive.Has anyone had experience in a similar situation and have any suggestions? Also does anyone have any example code for reliably retrieving the hard drive serial? I went over to Code Project (http://forums.xisto.com/no_longer_exists/) and found a nice article about finding the serial number. The big problem with this code is it sees my Zip drive as the first device and you may understand that this could be a problem. Any help or suggestions are welcome.

I was wondering the same thing about being able to change the registry without administrator access. I was able to open regedit so I was hopeful. As it turns out I was able to change the registry entry without any problems. Thank you szupie for a great answer.

I need to change the internet Explorer favorites folder on a Windows XP machine. In the past I have used TweekUI. One small problem, I don’t have administrator right on the machine. I figure that there is a registry key that holds this information I just can’t find it. I have Googled on the subject but I only get references to TweekUI. Any suggestions?

I took a look at the DES class and I had flashbacks of writing a DES cipher myself. In away the process is straight forward but there are a lot of transformations that you have to do to the keys and message and the code can get big quick.From just a quick glance everything looks really well done but as any security expert will tell you, never trust code that you haven’t verified yourself, especially encryption algorithms. It would take me several days for each algorithm to verify. To whoever did these, good job. I know it was a lot of hard work.An alternate to using these would be to use the built-in classes in the .NET framework. I’m not sure if all of these algorithms are included but I do know all the major ones such as AES, DES, and MD5 are there and work well. Of course this assumes that you have moved your project to .NET.

I just heard of site that offers web based Yahoo! Messenger access (plus MSN and AOL) without the Yahoo! Server. http://www.ebuddy.com/ is the site. Maybe you should stop by and investigate.

Jetico (http://www.jetico.com/) makes a product called BCWipe that will do similar to what you are talking about. If you want to delete the swap file then BCWipe will use the DoD wiping standard to do it. The feature that I use (or used to) is the encrypt swap file. BCWipe uses AES encryption to always keep the swap encrypted. I couldn’t tell any slow downs while using it. Another thing to consider it to set your swap file to a fixed size. Windows defaults to a dynamic size which can leave the swap all over the hard drive.

This is true if you boot into Windows but the whole point of Knoppix is to not boot into Windows. This can also be accomplished if you remove the hard drive and install it into another Windows machine. I donât think I would ever try and generate my own. Just download them from a torrent site. Its quicker and easier and I have never had any problems out of them. This is true. The rainbow tables are only useful on the less secure LMAN hashes which originated out of Windows 95. The later versions of hashes are nearly impossible to crack. The upside (depending on which side of the fence you are on) is that all current versions of Windows will accept the less secure LMAN hashes by default. Only if you really dig into the machine security settings will you be able to disable LMAN hashes. Essentially Windows has two hashes by default, LMAN and Kerberos.

Are you trying to break into a folder that was encrypted using the built in Windows encryption (EFS)? If so then there may be hope for you. This can be hard and complicated so you should be very dedicated to this idea. First off I have never used EFS because I think the security completely stinks. I have adopted PGP Whole Disk encryption as my standard method. Letâs take this scenario for example. You are the administrator on a computer and have a child. You have given your kid his own account and they are fairly responsible and computer literate so you donât think anything else of it. One day as you are browsing through âC:\documents and setting\kids nameâ you notice some encrypted files. For what ever reason you decide you really need to know what is in them without your kid knowing. Even though you maybe logged on as administrator you are not able to access the encrypted files. As a side note this is not the case if the administrator has been named the recovery agent, but we will assume you are not that lucky (https://support.microsoft.com/en-us/products/windows). Now note that your kid does not have to do anything special under his account. The encryption password or key is his Windows account username and password. So what you really need is to get his password and then login as him. According to your circumstances this can take several forms. You could possibly use a key logger to get the account if you have local access. The more robust way is to grab the SAM database and brute force the password. I have already given several tutorials on how to do this. Go to http://forums.xisto.com/no_longer_exists/ for a detailed talk on how to get the password. Now the next and much more involved step is to retrieve the password. There are various tools that will retrieve the Windows password from the SAM but the best by far are rainbow tables. Go to Google and search for ârainbow tablesâ and in the first few links you will find a site that has torrents for the tables. Now the hard part. Rainbow tables are precompiled hashes of every possible password. As such there are a lot of possible passwords. It took me about a month to get my tables and they take about 50 Gb of hard drive space. As long as the password is under 32 characters that are typeable from the keyboard you WILL get the password. Once you have the tables the finding of the passwords usually only takes a few hours. As a disclaimer this information should only be used for good. This technique has its valid purposes and I have used it several times to retrieve data for customers that simply forgot their passwords. Do the right thing.

I would believe the resources used would be marginal even on an older machine. That is unless you are opening 100 different windows. My current version is XP Pro but I believe this has been around since Windows 98, and for sure since Windows 2000.

A good way to get around filters is to use a proxy server. The problem is that many free public proxy IPs are filtered also. One way of getting around this is to setup your own proxy server on your home machine. There are several open source projects on the web that will allow you to do this. Install the proxy on your home machine and then add the proxy settings to your school browser. I will be just like surfing at your home computer. An added benefit is that you can password protect your proxy so no one else could use it. I would highly doubt that your school would filter private ISP address. The down side to this is there is quite a bit of setup and configuration to do on the home machine, I would only recommend this to experienced users. Also you may have problems with a dynamic IP on your home computer, especially if you have DSL. There are also site on the web that will help you get around this. The upshot is it will work every time, from everywhere, is cheep, good bandwidth, and you are not at the mercy of public proxies.

You may be able to get back to you original configuration by deleting the second user. Right click My Computer>Manage>Local Users and Groups>Users. From there just delete the second user. If XP still asks for a password then you can go into properties for the user and set the password to nothing. In any case I highly discourage this practice as this makes your machine have weaker security.Another alternative is to launch TweakUI and find a section that shows the users that are displayed on the welcome page. I don’t know if it will auto login with more than one user account but it is worth a try.

I have been around the block a few times and my current and all time favorite is FileZilla. The best part is it works well and it’s free.I have also tried the FileZilla Server but I wouldn’t recommend it to anyone because its still in beta and the late time I downloaded it had major bugs. I am currently using Serv-U as my server.

I am glad that you found us also. I will try and lend my limited expertise in this area.From everything I have seen so far there is no way of directly connecting to the Yahoo! Messenger service via a HTTP type protocol. At the very least I would assume that you would need a server side script that would translate for you. One avenue that you may want to explore is using the web based Messenger. I don’t have the address at hand but if you go to messenger.yahoo.com, you should be able to find the link on that page (as I remember it is on the very bottom information bar). I suppose the first thing I would try is to capture the packets between the server and your machine as you log on and then try and reverse engineer them. There may be some cookie data that you can save and then masquerade as the client. The web messenger only offers very basic functionality such as PMs.I have thought about this problem a bit myself and the way that I would implement it is to write a proxy program on my machine. The program would accept requests on a particular port and then translate the requests to Yahoo! Of course I already have most of the backend code so I’m not sure how much help this will give you. When I get home and if I have time I may look at the problem myself. If you do find something or develop your code, please let me know. I would love to post it to my Yahoo! site so others may benefit. Also more information can be found at my site, http://www.ycoderscookbook.com/.

There is a way to launch each explorer process separately. This most likely will not fix the root cause of the problem but it might help in diagnostics. From My computerTools>Folder Options>ViewCheck Launch folder windows in separate process

While you are on the subject of .NET in Vista, I ran across this blog awhile back. I couldnât help but laugh. Apparently Red Hat Fedora Core 5 will have more managed code than Vista. Fedora Core 5 ships with Mono, a .NET platform for Linux. As such, three applications are bundled with the OS, Beagle, F-Spot, and Tomboy. Read the entire article for yourself and have a good chuckle. http://forums.xisto.com/no_longer_exists/

Has anyone got Fedora Core 5 running under Microsoftâs Virtual PC? I have been using http://vpc.visualwin.com/ as a reference which says it is possible. I lowered my RAM to 624 MB and finally got the installation to work. My problem now is when it start up the login screen is very distorted. I suspect a bad video card driver but I have no idea on how to change it. P.S. I know this is not directly related to this group but I figured this was the best place.