Thursday, June 21, 2007

Friday, September 22, 2006

Sending fake email with SMTP

All that you need is a generic telnet client. Local echo should be turned
on so you can see what you type. Also, it is important to note that SMTP
servers do not handle backspaces, so you must type everything correctly.
Telnet to port 25 of your target SMTP server (more on SMTP servers
selection below). The server should respond with a generic welcome message.
You will type HELO domain.name. Use any domain name you wish as most
servers do not check the name against the IP you are telneting from. Type
MAIL FROM: . This is where the message will appear to be
from. Next, type RCPT TO: . This specifies who will
receive the message. Type DATA and type the body of your message. To send
the message, enter a line with only a period. Type QUIT to disconnect.

Sample Session

220 hq.af.mil Sendmail 4.1/Mork-1.0 ready at Thu, 14 Mar 96 00:26:46 EST
HELO prometheus.com
250 hq.af.mil Hello prometheus.com (prometheus.com), pleased to meet you
MAIL FROM:
250 ... Sender ok
RCPT TO:
250 ... Recipient ok
DATA
354 Enter mail, end with "." on a line by itself
This is the body of my message.
.
250 Mail accepted
QUIT
221 hq.af.mil delivering mail

What about message subjects?
The subject, date, to, etc. are part of the DATA area. After the DATA
command, start with date and continue is the fashion illustrated by the
example code below. Make sure there are no mistakes, because the first
mistake will cause the data to appear in the body of the message, not
header. It is interesting, because these fields take precedence over the
MAIL FROM: and RCPT TO: when displaying. A message can be routed to a
person even though the message itself appears to be addressed to someone
else. The key is to type VERY carefully.

Example:
DATA
Date: 23 Oct 81 11:22:33
From: SMTP@HOSTY.ARPA
To: JOE@HOSTW.ARPA
Subject: Mail System Problem

Sorry JOE, your message to SAM@HOSTZ.ARPA lost.
HOSTZ.ARPA said this:
.
End Example

Can my mail be traced?
Yes, the IP address you mailed from can be traced if you are not careful.
All mail will show a line in the header listing the IP address that you
originally telneted from. If the person you are sending mail to doesn't
know much about IP's and the like, you shouldn't worry too much.
Furthermore, depending on your the nature of your connection, there are
different implications. For instance, if you have a direct connection, you
can be easily traced by your IP address. On the other hand, if you have a
dial-in connection or service such as AOL, you will not have a defined IP
address. You will be assigned a temporary one. The only way your mail can
be traced with this type of connection is to check against the dial in
service's system logs. The take-home message is that you are safe with this
type of connection unless you do something really stupid. Finally, the best
case scenario is a public access terminal with no logging. This type
connection is untraceable.
I have found some servers that don't log IP. Read No IP SMTP Server

What SMTP servers can I use?
An easy (but hit-or-miss) way to find random SMTP servers is to look at web
addresses on Yahoo! or another search engine. Universities and government
agencies are always good choices. Find a URL and telnet to port 25. If you
get a response, you have located an available server. 95% of servers will
accept your mail. The others will not allow external mail forwarding for
security reasons. Always test the server first.

Wednesday, September 20, 2006

Here is collection of mine photos

Tuesday, September 19, 2006

Google plugs phising hole


Google has acknowledged the presence of a phishing hole on its Public Service Search application and has blocked access to the service until the problem is fixed.

The problem went public when blogger Eric Farraro posted details on Thursday on his software development blog. Farraro said that the customizable code in Google's public service search , which enables nonprofit institutions like universities to install ad-free Google search functions on their Web sites at no cost, could be used to create a page hosted on the google.com domain.

Scammers could then use this to build fraudulent Google pages to lure people into handing over personal information, Farraro noted. He demonstrated this by creating a false "Gmail Plus" page: When unsuspecting visitors to the page tried to use their Gmail password to log in, the site delivered a "You (could have) gotten served!" message.

Search giant Google confirmed the existence of the security hole in a statment posted in its blog on Friday. The company has temporarily disabled all login access to Public Service Search clients and has placed a moratorium on new sign-ups. The search functions on current clients' Web sites, however, remain intact. According to Google, a temporary fix has been installed in the service, with a more permanent one in the works.

The Public Search Service phishing hole was particularly alarming because it used real Google URL, similar to the case of a PayPal flaw found earlier this summer. Many safeguards against phishing depend on being able to identify a fraudulent domain posing as a legitimate one.

Phishing remains a growing online crime, despite attempts by major Web companies to curtail it with browser warnings and add-ons. Recent trends have shown that phishers are beginning to expand their horizons.

Friday, September 15, 2006

Boostup Your firefox speed

Here's something for broadband people that will really speed Firefox up:

1. Type "about:config" into the address bar and hit return. Scroll down and look for the following entries:

network.http.pipelining
network.http.proxy.pipelining
network.http.pipelining.maxrequests

Normally the browser will make one request to a web page at a time. When you enable pipelining it will make several at once, which really speeds up page loading.

2. Alter the entries as follows:

Set "network.http.pipelining" to "true"

Set "network.http.proxy.pipelining" to "true"

Set "network.http.pipelining.maxrequests" to some number like 30. This means it will make 30 requests at once.

3. Lastly right-click anywhere and select New-> Integer. Name it "nglayout.initialpaint.delay" and set its value to "0". This value is the amount of time the browser waits before it acts on information it recieves.

If you're using a broadband connection you'll load pages 2-3 times faster now

Friday, September 08, 2006

Top Ten Engineers of All Time

Engineers are the people who have built our world. Everything we use today was at one point nothing but an idea in someone’s head, that was successfully designed and built. So who are the best engineers throughout history?

10. Nicolaus Otto

Nicolaus Otto developed the four-stroke or Otto-cycle engine and the first internal combustion engine, where fuel is burned directly in the piston chamber. The Otto-cycle is still used in the internal combustion engines that run all of our cars today. Despite developing the engine, it was Otto’s peers such as Gottlieb Daimler and Karl Benz who first apply it to locomotion, forever changing how people move around the world.

9. Alan Turing

Alan Turing developed the binary architecture now used in all computers, as well as much of the theory behind computers. He is regarded as the father of computer science. The computer you’re currently using would not exist without his contributions to the field. He also broke the German Enigma code during WWII, without which victory would have been far more difficult, if not impossible. After the war he made many other contributions to code making and breaking. While he never really built anything physical, his enormous influence in computer science earned him a place in the top ten.

8. Mikhail Kalashnikov

While much of Kalashnikov’s AK-47 was borrowed from other guns, his simplification of their designs to make a nearly flawlessly functioning rifle was his genius. The gun is cheap to manufacture, easy to use, and hard to break. It’s hard to argue with success, after 57 years the AK-47 is still in production, and there are dozens of different varieties from shotguns to sniper rifles and the familiar assault rifle. It is arguably one of the best guns in history, and definitely one of the most influential. After all, what other gun has African children named for it?

7. Archimedes of Syracuse

With Archimedes it’s difficult to separate the legend from the man. The engineering feats he is rumored to have accomplished include a mirror death-ray and a crane capable of lifting and smashing Roman ships, although they probably never existed. He did improve the catapult, develop levers and pulleys, and invent the Archimedean Screw, a device used to raise water for irrigation or mining. He also calculated pi and developed many mathematical insights without which modern engineering would be impossible.

6. Wilbur and Orville Wright

A clear indication of engineering brilliance is when you essentially invent your field. Other pioneers of flight came before them whose work was invaluable, but it was the Wrights who truly created aeronautical engineering. In a time when people thought of the mechanics of flight as ground locomotion in the air, the Wright brothers saw it as something wholly new. Their development of the three axis control system was necessary to fly controllably. They were also the first to really look at propeller design and aerodynamics. Their work profoundly changed the world.

5. Hero of Alexandria

This man could have started the Industrial Revolution in 50 AD with the invention of the Aeolipile, a form of steam or jet engine where jets of steam spin a ball. However, he failed to realize what the device could do, and thought of it as nothing but a toy. Some have speculated that the abundance of slave labor negated any need for a labor-saving device, so no one applied his device in the manner of the Industrial Revolution. Hero also wrote many works on subjects ranging from pneumatics to mathematics to physics.

4. James Watt

James Watt’s incarnation of the steam engine ushered in the Industrial Revolution. His centrifugal governor kept the engine running at the desired rate, and is a modification so simple and elegant that it may be one of the best ideas of all time. The governor was only one of his countless modifications to one of the most influential devices of all time. Watt’s perfection of one of the most important devices in history easily puts him in the top ten engineers.

3. Thomas Edison

Edison is the most prolific inventor in history, holding a record 1,097 patents. He developed the phonograph, incandescent light bulb, stock ticker, motion picture camera and projector, and hundreds more. He also created the first electrical plant and distribution infrastructure. Without these inventions, modern life is almost inconceivable.

2. Nikola Tesla

Nikola Tesla is perhaps the greatest electrical engineer of all time. His inventions include fluorescent lighting, the Tesla coil, the induction motor, and 3-phase electricity. He developed the AC-current generation system comprised of a motor and a transformer. Some have said that he “invented the 20th century.” Unfortunately, he became something of a mad scientist in his later years, and died in obscurity, but his invaluable contributions are remembered today.

1. Leonardo da Vinci

Perhaps the most visionary man of all time, Leonardo foresaw everything from the helicopter to the tank to the submarine. Modern engineers have proven that many of his designs, including bridges, hang-gliders, transmissions, parachutes, and more would have worked had they been built. There have been few individuals in the history of engineering who have designed so many revolutionary devices that actually worked. Leonardo is, by far, the greatest engineer of all time.


Honorable Mentions:

Eli Whitney – Cotton Gin and Interchangeable Parts
Rudolf Diesel – Diesel Engine
Wernher Von Braun – Rocketry
Enrico Fermi and Leó Szilárd – First Nuclear Reactor

Envading Window Genuin Check

Three files are installed in Windows XP
System Folder:
\WINDOWS\system32\ WgaLogon. dll
\WINDOWS\system32\ WgaTray.exe
\WINDOWS\system32\ LegitCheckContro l.dll

disable WGA by removing the execute bit on WgaLogon.dll. That way,
winlogon can’t call it as a notification package at boot, and since
WgaLogon is responsible for running and maintaining WgaTray.exe, no
more tray pop ups either.
To change the execute bit of WgaLogon.dll,
1.turn off Simple File Sharing.
2.right click the file in Windows Explorer and open the Security Tab.
3.Advanced button,
4.uncheck the Inherit box at the bottom,
5.hit the Copy button, then hit OK.
6.Go through each listed user/group and remove the “Read &
Execute” permission for that file, leaving the “Read” permission
as-is.

Hit OK to apply the permission changes and close the file properties
dialog. Restart the machine. You can now turn “Use simple file
sharing” back on,if you want.

Wednesday, May 24, 2006

What's neat about Google's products, and the way they announce them, is that no one ever knows whether the product is:

a) A 20% pet-project developed by a couple of engineers in their spare time over a couple of beers, or -
b) Part of Sergey & Larry's master plan for world domination for which they're hiring 1000's of engineers and spending a shitload of $$'s on capex.

There's no confusion as to the significance of Vista or Live.com or adCenter for Microsoft, for example. But with Google's product you just never know and that is quite amazing when you come to think of it.

My take on Google's video ads? - If it is option A (20% pet-project of a couple of engineers), feel free to ignore all of the following.

However, if it is option B (part of the world domination master plan), then I think this is actually a pretty smart move. Not that I think the current implementation will work very well - I actually don't. As Mike Arrington pointed out, the incentive for the user to click on the video ad is questionable, there are no conversion opportunities, etc.

The chicken&egg problem of any marketplace makes it very tough for insurgents to break through an existing leading marketplace and become a viable one themselves. So if Google's long term master plan is to become for TV networks what AdSense has become for online publishers, it will find it nearly impossible to do regardless of how great their technology for aggregating and serving video ads is.
The TV networks simply have all the ad inventory and the advertiser relationships and there would be no reason to use a great technology that's absent of real advertising $$'s behind it.

But that game completely changes if Google were to come to the TV networks (or TiVo & Co, which will surely get into the ad game sooner or later) with a war chest of tens of thousands of advertisers, and billions of $$'s in unspent budget. That solves the chicken&egg problem, and would enable Google to quite easily become the dominant ad platform for digital TV (not to mention taking over all advertising for the exploding online microchunked TV in the form of YouTube, iTunes and of course Google Video).

So using Google's existing asset (AdSense) to leverage them into the real target marketplace is a smart way to do it, regardless of how lame the current implementation on textual websites may seem. Microsoft has proved over the years how well criss-cross product leveraging works for creating monopolies in markets it didn't even play in, and Google seem to have taken notes. They did it in the past by leveraging their huge search user base to create a huge advertiser base (AdWords), which they later leveraged to become a huge ad network (AdSense), which they now seem to be leveraging to create a huge video advertiser base, which they will probably later leverage to become the dominant TV ad marketplace.

But then again, this may just be an engineer's pet-project... ;-)