ReadMe: "Continuing Education"
|O'Reilly - 802.11 Wireles Networks The Definitive Guide.pdf||O'Reilly - Essential Blogging.chm|
|O'Reilly - Active Directory 2nd Edition.chm||O'Reilly - Ethernet Definitive Guide.pdf|
|O'Reilly - Active Directory Cookbook for Windows Server 2003 and Windows 2000.chm||O'Reilly - HTML & XHTML The Definitive Guide 5th Edition.chm|
|O'Reilly - C Pocket Reference.chm||O'Reilly - Internet Core Protocols The Definitive Guide 2000.chm|
|O'Reilly - Cascading Style Sheets The Definitive Guide 2nd Edition.chm||O'Reilly - Knoppix Hacks.chm|
|O'Reilly - CSS Cookbook.chm||O'Reilly - Network Security Assessment.chm|
|O'Reilly - Designing Active Server Pages.pdf||O'Reilly - Network Security Hacks.chm|
|O'Reilly - Designing Large-Scale LANs.pdf||O'Reilly - Network Troubleshooting Tools.pdf|
|O'Reilly - DHCP for Windows 2000.pdf||O'Reilly - PC Hardware in a Nutshell 3rd Edition.chm|
|O'Reilly - Digital Photography Hacks.chm||O'Reilly - Windows XP Annoyances.chm|
|O'Reilly - Digital Photography Pocket Guide.pdf||O'Reilly - Windows XP Hacks.chm|
|O'Reilly - Dynamic HTML The Definitive Reference.pdf||O'Reilly - Windows XP Pocket Reference.chm|
Sample Hosts file
Building an XP-SP2 Recovery Disc. By: Karp, David A.. PC Magazine, 2/8/2005, Vol. 24 Issue 2, p76, 2p, 3c
Protect Sensitive Files in Windows XP
August 2003(PC Magazine)
If you share a computer with others, you may want a bit more protection for your personal files than Windows XP offers by default. There are two easy ways to achieve this: Create a password-protected compressed folder or encrypt an existing folder.
Password-protected compressed folders can be created on NTFS or FAT32 partitions. Opening a password-protected folder requires the right password. To protect files using a compressed folder, right-click in the desired location and choose New | Compressed (zipped) folder. Name the folder and move the files into it. Open the compressed folder and select File | Add password.
Encrypted folders are supported only on NTFS partitions. Rather than requiring you to enter a password, these folders are available only to you. If you want to encrypt a folder and its contents, right-click on the folder, choose Sharing and Security from the Context menu, click on the General tab, and click on the Advanced button. In the Advanced Attributes dialog, check the box Encrypt contents to secure data. Click on OK and then OK again. Win XP will encrypt the folder and its contents.
You won't notice any change except that the folder name displays in a different color. Other users, however, will no longer have access to the folder.
Create Start-Up Disks in Windows XP
August 2003 (PC Magazine)
There are times when you can't boot your system from the hard drive, thanks to either a system problem, a lost password, or the simple fact that the OS hasn't been installed. Windows XP offers a number of options for booting from floppy disks, but you must prepare them before they're needed.
A computer with no operating system installed will usually boot from the Windows XP CD. For that rare system that won't, Microsoft offers downloadable programs to create the necessary set of bootable floppy disks. Navigate to http://support.microsoft.com and search for article 310994. Find the download link for your Win XP version and language. The downloaded program will create six setup disks, which can be used to start your system up and begin installing the OS from a CD in a nonbootable drive.
If something goes wrong with the boot drive, you may be able to recover the system using a bootable floppy disk. Don't just format a disk with the box Create an MS-DOS Startup disk checked; you want to boot Windows XP, not MS-DOS. Start by formatting the disk without checking that box. Then copy the three files Boot.ini, Ntdetect.com, and Ntldr from the root directory of the boot drive (C:\) to the floppy disk. Boot the computer from this disk and verify that Windows XP starts (this may require that you change BIOS settings to boot from a floppy disk). Label the disk clearly and store it in a safe place.
If you ever forget your password, a password reset floppy disk can save the day. This isn't the same as writing down your password and storing it in a safe. The password reset disk lets you reset your password without revealing what the previous password was. The precise technique for creating and using a password reset disk varies by account type and log-on type. Search on password reset disk in the Help and Support applet for details specific to your situation.
Use the Windows XP Recovery Console
The Recovery Console, which has a DOS-like interface, is a flexible tool that lets you access and save data when your system won't boot. Using the Recovery Console, you can copy and delete files on FAT32 and NTFS partitions or even access the CD-ROM drive.
There are three main ways to load the Recovery Console. You can install it on your hard drive and access it when booting your system, you can launch it from the Windows XP start-up disks, or you can use the Windows XP CD.
To install the Recovery Console on your system, put your Windows XP installation CD in your CD drive, click on Start | Run, and type d:\ i386\winnt32.exe/cmdcons, where d is your CD-ROM drive letter. Press OK and you will be asked whether you want to install the Recovery Console. Click on Yes. Once this application is installed, it will add Microsoft Windows Recovery Console as an option on the boot menu.
To start the Recovery Console using the Windows XP CD, boot your system from the CD (be sure your BIOS is set to boot from CD-ROM before the hard drive). Once you're past the welcome screen, press R and the Recovery Console will start.
Inside the Recovery Console you can obtain a list of possible commands by typing recovery console commands or help at the command prompt and pressing Enter. For more information about a specific command, type help commandname. From here, you can copy important data off your hard drive or, if you are a more advanced user, troubleshoot and replace corrupt files that are preventing your system from booting properly.
Securing Your Wireless Network
By Scott Nesbitt
March 04, 2007
A home wireless network is an easy and convenient way to share an Internet connection and other resources among the computers in your home. While some people choose to leave their wireless networks available to anyone and everyone, most of us want to keep our home wireless networks private. If you're looking at wireless home networking for the first time, please continue to read.
The core of your wireless network is the router. By carrying out some easy-to-do configuration on your router, you can ensure that only the people who you want to have access to your network will be able to.
Note: The procedures in this article for configuring a router are for a Linksys WRT54GS router. You'll probably have to modify the specific instructions if you're using a router from another vendor, but the concepts are the same.
Passwords on Your Router
You configure most routers using a Web browser. When connect to the router, you need to log in. Every router has a default password, like admin. As this article points out, most people don't bother to change that password. Doing that is simple, though.
Log into your router. Then, click Administration > Management. Enter a password in the Router Password and Re-enter to confirm fields. You should rotate this password regularly. I generally do it every two weeks to a month. If you need to create a strong and secure password, then check out the Strong Password Generator Web site.
Locking Down MAC Addresses
All Ethernet adapters, which enable users to access a network, each have a unique 12-digit identifier called a MAC address. MAC is short for Media Access Control, and it's a way for the network to ensure that a computer is allowed to access a network. Most routers allow you to specify which MAC addresses are allowed to connect to your network.
How do you find a MAC address? If you're using a computer with a wireless card, you can find the MAC address by flipping the card over and looking for a block of characters like this: 00:A0:C9:14:C8:29.
If, on the other hand, your computer has a built-in wireless card, and the MAC address isn't on the sticker on the bottom, you can use the tools on the system to find the MAC address. In Windows, click Start > Run. In the Run dialog box, type cmd and then click OK. This opens a command prompt. At the command prompt, type ipconfig /all. Look for the section Ethernet Adapter Wireless Network Connection. Your MAC address is the third entry, beside the heading Physical Address.
On a Mac running OS X, do this: select About this Mac from the Apple menu. On the dialog box that appears, click More Info. Then, select Network from the menu on the side of the dialog box. Look for the Wireless Address setting.
you have the MAC address, you can enter it into your router.
Select Wireless > MAC Address >
Filter. Then, click Enable. Click
the Permit only PCs listed to access the wireless
network option, and then click the Edit MAC
Filter List button.
Type the MAC addresses, one to a field, in this dialog box. Then, click Save Settings.
The beauty of using this method is that you can give friends or guests access to your network and then easily remove their access privileges later on.
If you want to keep your data safe, encryption is a must. Encryption not only enables authorized users to securely access your network, but it also ensures that their data is kept safe from prying eyes. Most routers give you a choice of two encryption schemes: WiFi Protected Access (WPA) and Wired Equivalent Privacy (WEP). Of the two, WPA is the more secure option.
WPA uses a password to encrypt data and to restrict access to your network. When someone tries to access your network for the first time, they'll have to enter the password.
Add or change the password by selecting Wireless > Wireless Security. Select Pre-Shared Key from the Security Mode dropdown list. Then, enter your passphrase in the WPA Shared Key field and click Save Settings.
As with the router password, it's a good idea to rotate your password frequently. Once again, the Strong Password Generator Web site comes in handy.
Enabling the Firewall
A firewall on your computer can help keep unwanted visitors out. The same applies to the firewall on a wireless router. And a router firewall is easy to set up. To do so, click Security > Firewall. Then, click the Firewall Protection: Enable option. Also, click the Block Anonymous Internet Requests option. This will ensure that any unsolicited attempts to access your router will be denied.
Keep in mind, though, that some cable Internet providers (like mine) don't play nicely with router firewalls. You might find that your connection gets intermittently dropped or you lose it all together.
Other Things You Can Do
All routers are identified by a Service Set Identifier (SSID). This is just the name of your network. Every router comes with a default SSID (mine was 'linksys'). People use the SSID to identify your network. And malicious users can use the SSID to break into your wireless network. So, you should change your router's SSID. Do this by selecting Wireless > Basic Wireless Settings. Enter a unique name in the Wireless Network Name (SSID) field.
To make it easy for others to jump aboard your wireless network, routers by default broadcast their SSIDs to the world. Once again, malicious users can take advantage of this information to jump on or take control of your wireless network. You can do this by clicking the Wireless SSID Broadcast: Disable option on the Basic Wireless Settings screen.
As I mentioned earlier, you log into your router using a Web browser. You can do this either from the computer directly connected to the router, or from anywhere on the Web. Being able to remotely administer your router can be useful, but it also opens the door to someone else logging on and gaining control of your router. You can disable remote administration by selecting Administration > Management and then selecting the Remote Administration: Disable option.
If, on the other hand, you really want to enable secure remote administration of your router click Administration > Management. Then, select the Remote Administration: Enable and Use https options. Selecting the Use https option creates a secure connection to your router from a browser.
Adding a bit of security to your wireless network is easy and doesn't take a lot of time. That said, one of the people who I talked to while researching this article commented that no matter how well you secure your wireless network, there will always be someone who can break in. But, that's true for any other kinds of security, too. If someone is determined enough, a deadbolt on your door won't stop them from entering your home. However, the fact that you've put some security in place will put off most people trying to illegally use or hijack your wireless network, and that alone is worth the effort.
© Copyright 1996-2007 Geeks.com™ All Rights Reserved
Wireless Security: WPA Step by Step
Published in PC MAGAZINE
ARTICLE DATE: 10.14.03
Odds are, your wireless network is not secure. Even if you've enabled WEP (Wired Equivalency Protocol) encryption, the flaws in that standard are well documented, and hackers can break WEP easily. You need WPA (Wi-Fi Protected Access), a far stronger protocol that fixes the weaknesses in WEP.
Here we'll take you through the process of upgrading your networking equipment and enabling WPA security for your home WLAN. To upgrade your wireless security to WPA, you must have three critical components:
WPA replaces WEP in small-office or home routers, so moving to WPA is an all-or-nothing proposition. For you to consider an upgrade, every wireless device on your network must have WPA capabilities. This includes any wireless bridges you might use for your Microsoft Xbox (or other gaming device), digital camera, home audio gateway, and print server.
If you haven't purchased wireless hardware already, buying WPA-capable networking equipment is easy. The Wi-Fi Alliance began certifying products for WPA interoperability in April. In addition, all new products submitted for certification after August 2003 must have WPA capability. Any product that passes Wi-Fi WPA compatibility testing will have the Wi-Fi Protected Access box checked on its package label (
If you already own wireless networking hardware, upgrading may not be possible. You must check the Web sites of your hardware makers for WPA upgrades. WPA is designed so that legacy wireless hardware can be upgraded via drivers, but with the product cycles of wireless gear being about six months, most manufacturers do not provide WPA upgrades for legacy products. If you find WPA support, it will probably be for relatively new products. If you don't find driver upgrades for your hardware, you'll either have to buy new equipment or live with WEP.
For this article, we selected the Linksys WRT54G broadband router and the Linksys WPC54G client card. Both products are widely available and have online driver and firmware upgrades for WPA.
Update Your OS
The easiest part of the process is adding WPA support to your OS. Microsoft provides a free WPA upgrade, but it works only with Windows XP. If you are running an OS other than Win XP, you'll need a third-party supplicant. The client software is available from either Funk Software (www.funk.com) or Meetinghouse Data Communications (www.mtghouse.com). For now, we'll assume that you're running Win XP.
The WPA client is not available as an automatic Windows update. You can find it in the Microsoft Knowledge Base Article 815485 (http://support.microsoft.com/default.aspx?scid=kb;en-us;815485). Download the file into a new directory. Double-click on it to install it. (The file is self-extracting and self-installing) Once you've installed the update, reboot your machine. The software adds additional dialog boxes to the Network Control Panel to support the new authentication and encryption options of WPA. You can check to be sure that the upgrade has been installed by opening the Control Panel, double-clicking on Add or Remove Programs, and checking for Windows XP Hotfix (SP2) Q815485.
Update the Firmware
Now you must download the upgrades for your router and network cards. We recommend that you download everything before upgrading anything. For the Linksys router, go to the company's Web site, click on Support | Downloads, select the product (WRT54G), and click on Downloads for this Product. When the page loads and click on Firmware.
From this page, you can choose to download the firmware file, manually update your router, or use an automatic update program. We'll use the automatic utility. If you need to download drivers for your wireless adapter, follow the same procedure and enter the name of your adapter (WPC54G), then download the file Wpc54g_driver_utility_v1.21.zip to an empty directory, such as C:\downloads\linksys. Click on the link to download the utility and save the file on your computer. Once the download is complete, click on Open.
After your router reboots, log on to it. If possible, use a wired connection to change the security settings, because if you change the settings wirelessly, you won't be able to communicate with your router until after you've configured your client.
Configure WPA Settings
Your router's home page will change as a result of the firmware upgrade. To set up the WPA encryption for your router, click on the Enable button and then Edit Security Settings. The following page has your WPA options.
Update Your Network Card
Now you're ready to update your network card.
Don't give up yet. We're almost finished!
Because you enabled WPA security on your AP previously, when you finish your client configuration, you should be able to associate with your access point and use the network as you did before. Only now you have a secure wireless link.
How to Enter a New Validation Key
Without Reinstalling Windows XP
The Genuine Advantage Product Key Update Tool is only valid for users attempting to change their current non-genuine Product Key to a genuine COA sticker or genuine Product Key - all without a reinstall.
Note: This is provided no core system
files are corrupted. If they are, a clean install of the system will be needed.
To verify the updated Product key has been accepted, run the WGA Diagnostics (downloaded from http://go.microsoft.com/fwlink/?linkid=52012)
Description of Svchost.exe in Windows XP Professional Edition http://support.microsoft.com/kb/314056
Svchost.exe groups are identified in the following registry key:
To view the list of services that are running in Svchost:
1. Click Start on the Windows taskbar, and then click
2. In the Open box, type CMD, and then press ENTER
3. Type Tasklist /SVC, and then press ENTER
Tasklist displays a list of active processes. The /SVC switch shows the list of active services in each process. For more information about a process, type the following command, and then press ENTER:
The following example of Tasklist output shows two instances of Svchost.exe that are running.
|Services.exe||208||AppMgmt,Browser,Dhcp,Dmserver,Dnscache, Eventlog,LanmanServer,LanmanWorkstation, LmHosts,Messenger,PlugPlay,ProtectedStorage, Seclogon,TrkWks,W32Time,Wmi|
The registry setting for the two groupings for this example are as follows:
Description of Svchost.exe in Windows 2000 http://support.microsoft.com/kb/250320/
To view the list of services that are running in Svchost:
1. From the Windows 2000 installation CD's Support\Tools folder, Extract the
Tlist.exe utility from the Support.cab file.
2. On the Start menu, click Run, and then type cmd.
3. Change folder to the location from which you extracted the Tlist.exe utility.
4. Type tlist -s.
Tlist.exe displays a list of active processes. The
-s switch shows the
list of active services in each process. For more information about the process,
type tlist pid.
The following sample Tlist output shows two instances of Svchost.exe running:
The registry setting for the two groupings for this example are as follows:
What is this SVCHOST.EXE and why is it [fill in the blank]?
FYI: SVCHOST.EXE is generic computer application that runs "background" computer processes. If that doesn't make any sense, just think of it as an application that helps make your computer run. Services don't directly have user interfaces -- they just run in the background, normally quiet and hopefully out of the way, but performing often critical functions that keep your computer running -- things like making your Internet connection work.
There are occasions when a
"SVCHOST.EXE" is using far too much CPU, causing the machine to
slow to a crawl. But, how does one know which service is causing
The tools are available in XP.
Go to a Command Prompt and type:
TASKLIST /SVC /FI "IMAGENAME EQ SVCHOST.EXE"
The output looks like this:
For each SVCHOST.EXE that is running on your machine, the PID (or process ID) is listed along with the named services running under that process. A number of services are actually all running under the same process. Process ID 364 is currently utilizing 82 threads which explains how all of those services are actually running under the same process (and interestingly enough, it's also consuming 91MB of RAM right now).
If there's a particular SVCHOST process you're interested in, you can extend the command line easily:
TASKLIST /SVC /FI "IMAGENAME EQ SVCHOST.EXE" /FI "PID EQ ###"
Where the highlighted ### represent the process ID (PID)
TASKLIST /SVC /FI "IMAGENAME EQ SVCHOST.EXE" /FI "PID EQ 364"
to see what services were running within the SVCHOST instance that is consuming so much memory and so many threads
To do a final match up of the somewhat cryptic service name to something more meaningful, you'll need to go to the service browser in Windows. An easy way to get there when running XP is to click the Start menu, right click on "My Computer", and select "Manage". This opens the "Computer Management" application. On the left side there is a variety of locations. Choose "Services and Applications"
Expand that (use the +), and click on the first item, "Services".
Now comes the tricky part. Use some intuition and logic to try to match the human readable name of the service with Windows' name of the service. For example, one of the named services in the list on was PID 700, BthServ. Look through the lists of names and the most likely service is "Bluetooth Support Service." Double-click on the entry which shows the properties for that service:
In this case, the "Service Name" exactly matches what I was looking for: BthServ. For further confirmation, double check the "Path to Executable" if you want to be more certain you've found the right service. What you want to see there is that the executable that is being run is "svchost.exe". In this case, it is. So, PID 700 is the Bluetooth Support Service.
Be ABSOLUTELY careful about starting/stopping/etc services. But at least one can locate which services are masquerading as SVCHOST.EXE.
To get a list all of the running services, regardless of whether they are running in SVCHOST.EXE, just type this:
This will display all of the services without filtering them (the /FI command line switch does the filtering). If there's a N/A in the column, it's not a service.