Data înscrierii: 11 Mar 2005 Mesaje: 2633 Locație: [at] atlabs [dot] ro
Trimis: Sâm Iul 23, 2005 1:38 pm Titlul subiectului: Tips & Tricks in XP
Registry backup:
1) Inchideti toate programele care ruleaza pe desktop.
2) Click Start / Run , tastati regedit dupa care apasati OK.In fereastra nou deschisa apasati File --> Export.Aceasta comanda va va deschide o "cutie" , in care veti putea salva fisierul de Backup.
3) Salvati fisierul folosind o denumire luata la intamplare asigurandu-va insa ca , campul Export range este setat la ALL
4) Apasati save iar procesul este incheiat.In situatia in care doriti sa restaurati fisierele salvate urmati aceasi pasi doar ca de data aceasta apasati File -->Import dupa care tastati OK.
Servicii care functioneaza independent de ICF (Internet Connection Firewall)
1) Click Control Panel --> Network and Internet connections .
2) Click Network Connections.
3) Click dreapta pe conexiunea dumneavoastra la internet si selectati properties.
4) Selectati eticheta Advanced.
5) Click Settings in fereastra Advanced , deschisa.
6) De aici , puteti activa serviciile cele mai uzuale doar printr-un click pe ele , sau puteti adauga altele , accesand butonul Add.
Performanta
Marirea vitezei de boot prin dezactivarea programelor Auto-start
1) Click Start / Run , tastati msconfig dupa care apasati OK.
2) Apasati tasta Startup, din partea superioara a ferestrei care tocmai s-a deschis.Veti vedea o lista cu programele care pornesc automat , odata cu incarcarea Windows-ului.
3) Daca deselectati casuta din dreptul unuia dintre programele cuprinse in lista , acesta nu va mai porni automat.Resetati calculator si astfel setarea este completa.
Marirea vitezei de conectare la internet.
1) Asigurati-va ca sunteti logat ca si Administrator si aveti astfel de privilegii
2) Click Start --> Run dupa care tastati gpedit.msc si apasati Enter.
3) Extindeti coloana Local computer policy
4) Extindeti coloana Administrative templates
5) Extindeti coloana "network"
6) Selectati "QoS Packet Scheduler" in fereastra din stanga
7) In fereastra din dreapta , faceti dublu-click pe optiunea "limit reservable bandwidth"
In campul setting bifati optiunea 9 ca si "enabled"
9) Setati optiunea "Bandwidth limit %" dandu-i valoarea 0
10)Restartati sistemul.
Sporirea vitezei de boot prin defragmentarea fisierelor.
1) Apasati Start -->Run , tastati Regedit.
2) Extindeti coloana HKEY_LOCAL_MACHINE
3) Extindeti coloana Software
4) Extindeti coloana Microsoft
5) Faceti click pe Dfrg si apoi pe BootOptimizedFunction
6) In fereastra din dreapta , selectati optiunea Enable , dupa care introduceti valoarea Y.
Marirea vitezei de shutdown
1) Apasati Start --> Run si tastati regedit
2) Extindeti coloana HKEY_CURRENT_USER
3) Extindeti coloana Control panel
4) Selectati Desktop
5) In fereastra din dreapta , selectati AutoEndTasks , modificand valoarea 0 cu 1
Setari simple , performanta sporita.
1) Click dreapta pe My computer.
2) Apasati butonul Adavanced apoi , Performance --> Settings.
3) Selectati eticheta , Visual Efects , bifati Custom , dupa care deselectati setariile pe care le considerati nenecesare .
4) Selectati eticheta Advanced si bifati optiunea Background services. (!!!) Selectand aceasta optiune veti fi capabil sa rulati concomitent mai multe programe fara a influenta in mod negativ persormantele sistemului de operare . Fiecare aplicatie va folosi astfel , o cantitate egala de resurse.
Dezactivarea logoului de boot.
1) Click Start --> Run.
2) Tastati msconfig .
3) Selectati eticheta BOOT.INI si bifati casuta /NOGUIBOOT.
Marirea vitezei de afisare a meniurilor.
1) Click Start --> Run.
2) In fereastra de dialog , tastati regedit.
3) Extinedeti HKEY_CURRENT_USER\Control panel\Desktop.
4) In fereastra din dreapta , selectati MenuShowDelay si setati valoarea 1.
Marirea vitezei de incarcare a aplicatiilor.
1) Click pe entitatea dorita (director , fisier , fisier executabil , etc)
2) Executati click dreapta pe aceasta si selectati properties.
3) In campul target , adaugati /prefetch: 1
Practic
Scurtaturi (Shortcuts) in Windows XP.
[Windows Key] + [Q] =Schimbarea rapida a utilizatorilor (Switch users)
[Windows Key] + [E] = Deschide Windows Explorer
[Windows Key] + [R] = Deschide fereastra Run.
[Windows Key] + [F] = Deschide fereastra Find.
[Windows Key] + [L] = Blocheaza accesul la Desktop si deschide fereastra Login.
[Windows Key] + [U] = Deschide programul Utility Manager
[Ctrl] + [A] = marcheaza tot
[Ctrl] + [C] = copiaza
[Ctrl] + [V] = insereaza
[Ctrl] + [X] = decupeaza
[Ctrl] + [Z] = anuleaza
[Ctrl] = copierea unui element la tragerea acestuia
[Ctrl] + [Shift] = realizarea unui link spre un element la tragera acestuia
[F2] = redenumire
[F3] = cautarea unui fisier sau director
[Alt] + F4 = inchiderea aplicatiei curente
[Ctrl] + [F4] = inchiderea unui document
[F5] = actualizarea ferestrei curente
[Alt] + [Tab] = comutare intre programe
[Alt] + [Enter] = afisarea proprietatiilor unui element
[Esc] = intreruperea operatiei
[Del] = stergere in Recycle Bin
[Shift] + [Del] = stergere permanenta
Sporirea vitezei de boot prin defragmentarea fisierelor.
1) Apasati Start -->Run , tastati Regedit.
2) Extindeti coloana HKEY_LOCAL_MACHINE
3) Extindeti coloana Software
4) Extindeti coloana Microsoft
5) Faceti click pe Dfrg si apoi pe BootOptimizedFunction
6) In fereastra din dreapta , selectati optiunea Enable , dupa care introduceti valoarea Y.
Curatarea directorului "Prefetch"
Windows-ul salveaza la anumite intervale de timp, fisiere care contin informatii despre felul in care functioneaza anumite aplicatii.Acestea sunt stocate in fisierul "Prefetch" din directorul "Windows" dar care devin nenecesare dupa o anumita perioada.Acesta trebuie astfel, curatat regulat.
Dezactivarea programului de inscriptionare a CD-urilor
1) Accesati My computer
2) Click dreapta pe unitatea de inscriptionare a Cd-urilor.
3) Selectati optiunea Properties
4) Faceti click pe casuta Recording
5) Dezactivati optiunea "Enable CD recording on this drive"
Aplicatii fara erori
1) Apasati Strat --> Run si tastati regedit
2) Extindeti coloana HKEY_CURRENTUSER
3) Extindeti Control Panel
4) Selectati Desktop
5) In fereastra din dreapta adaugati valoarea String "LowLevelHooksTimeout"
6) Tastati in campul Value data , valoarea 3000 , unde 3000 este timpul , in milisecunde dupa care , o aplicatie care contine erori se va inchide automat
Dezactivarea atentionarii "Low Space"
1) Deschideti regedit
2) Extindeti coloana HKEY_CURRENT_USER
3) Extindeti coloana software (faceti acelasi lucru si cu coloanele Microsoft ; Windows Policies )
4) Selectati explorer
5) In fereastra din dreapta , faceti click dreapta --> New --> DWORD value
6) Salvati inregistrarea dandu-i numele NoLowDiskSpaceChecks si valoarea 1
7) Inchideti regedit si restartati calculatorul
Imbunatatirea stabilitatii , lui Internet Explorer
1) Deschideti regedit
2) Extindeti coloana HKEY_CURRENT_USER\software\Microsoft\Windows\Current version\Explorer
3) Adaugati valoarea , string , "BrowseNewProcess" , careia ii dati valoarea YES.
Alfabetizarea meniului START.
Stiati ca programele nou instalate , apar la sfarsitul meniului START -- > Prorgrams. Daca doriti sa aranjati lista acestora , in ordine alafabetica nu trebuie sa faceti altceva decat , un click dreapta pe meniu si sa selectati optiunea SORT BY NAME.
Managementul sistemului de operare.
1) Folositi Disk Defragmenter de cel putin , o data pe saptamana , dupa ce ati instalat un program nou sau dupa ce ati dezinstalat altul.Evitati instalrea prea multor programe.
2) Folositi Chkdsk (Check disk utility - Program de verificare a integritatii harddisk-ului) de cel putin o data pe saptamana.Calea catre acesta este urmatoarea:Start --> Run , tastati command.com sau deschideti direct fereastra MS - DOS din meniu Program / Accessories / MS-DOS.Ajunsi aici tastati chkdsk x: unde "x" este litera corespunzatoare drive-ului pe care doriti sa-l verificati.
3) Sterge fisierele Internet temporare accesand meniul Tools/Internet Options/General/Temporary internet files , din fereastra Internet explorer.(Delete cookies ; history)
4) Sterge regulat fisierele ale caror extensie este : .tmp ; .gid ; .fts ; .dmp
5) Deselecteaza programele Auto-start , nefolositoare , utilizand msconfig. Vezi sectiunea Tips&Tricks
6) Foloseste SFC /scannow de cel putin o data pe luna (comanda MS-DOS).Procesul dureaza aproximativ 20 de minute.
7) Stergeti programele vechi pe care nu le mai folositi.(Control panel / Add Remove programs)
Creaza saptamanal un punct de restaurare folosind "unealta" System restore.
9) Reactualizati sistemul de operare , ori de cate ori este posibil.
10) In situatia in care va hotarati sa mai instalati inca un sistem de operare , folositi alt Hard drive , altul decat cel pe care este instalat sistemul vechi.
11) Folositi de fiecare data Add / Remove programs din Control Panel pentru a dezinstala programele nefolositoare.
12) In situatia in care memoria RAM a PC-ului este mai mica de 256 Mb straduiti-va sa o aduceti la aceasta valoare.
13) Dezactivati Hibernarea daca pentru un motiv sau altul , nu aveti nevoie de ea.(Calea este Control panel/Power options/Hibernate)
14) Folositi Disc cleanup ori de cate ori este nevoie , cu conditia insa sa ocoliti fisierele compresate.
15) Economiseste spatiu.Folositi un CD Writer pe care sa inscriptionati informatii care necesita mult spatiu pe Hard disk.
16) Incearcati sa nu utilizati mai multe programe simultan , in cazul in care memoria RAM nu va permite acest lucru.
Tricks
Deschiderea aplicatiei "System Restore" din linia de comanda.
1) Restartati calculatorul.
2) Tineti apasata , tasta F8 , pentru a intra in meniul de configurare.
3) Selectati optiunea "Start Windows in Safe Mode with Command Prompt". (ATENTIE: Trebuie sa va logati ca si administrator sau asigurati-va ca user-ul pe care-l folositi are astfel de privilegii)
4) In linia de comanda , tastati , %systemroot%\system32\restore\rstrui.exe , dupa care apasati ENTER.
5) Urmati instructiuniile de pe ecran.
Micsorati marimea fisierelor.
Metoda 1.
1) Click dreapta pe directorul care urmeaza a fi compresat.
2) Selectati Send To --> Compressed (zipped) folder.
Metoda 2.
1) Click dreapta pe desktop.
2) Selectati New.
3) Deschideti directorul si copiati , in acesta fisierele ce urmeaza a fi compresate.
Dezactivarea folosirii sistemului de operare de catre mai multi utilizatori.
1) Click START --> Control Panel sau START --> Settings --> Control panel.
2) Selectati User Accounts.
3) Selectati Change the way , users , log on and log off
4) Debifati optiunea Fast User Switching.
Data înscrierii: 31 Mai 2005 Mesaje: 477 Locație: Uita-te in spatele tau!
Trimis: Mie Iul 27, 2005 3:29 pm Titlul subiectului: Tips & Tricks pentru optimizarea Windows Xp Pro.
Tips & Tricks pentru optimizarea Windows Xp Pro.
Sa incepem:
Control Panel -> Administrative Tools-> Services
De aici dezactivate urmatoarele servicii (in functie de necesitati puteti lasa unele dintre ele); serviciul se dezactiveaza cu un dublu click pe el, daca e pornit atunci se opreste apasand butonul "STOP" si selectand de la Start-up Type: "Disabled"
Automatic Updates: acestea e mai sigur sa se faca manual (nu toate update-urile sunt necesare; in schimb cele critice trebuie sa le aveti)
COM+ Event System
COM+ System Application
Computer Browser
Distributed Transaction Coordinator
Error Reporting Service
Fast User Switching: serviciul care "mananca" cea mai multa memorie RAM. Daca aveti un singur user pe calculator nu mai este necesar sa folositi serviciul. Oricum recomand sa aveti un singur user.
Help and Support
Indexing Service
Messenger: in cazul in care folositi MSN Messenger NU dezactivati serviciul
Net Logon
NetMeeting Remote Desktop Sharing
Network DDE
Network Location Awareness
NT LM Security Support Provider
Performance Logs and Alerts
Print Spooler: in cazul in care folositi imprimanta NU dezactivati serviciul
Remote Desktop Help Session Manager
Remote Registry
Secondary Logon
Server
Smart Card
Smart Card Helper
SSDP Discovery Service
System Event Notification
System Restore Service: incercati sa evitati backup-ul de Windows. Eu unul il urasc. Folositi Norton Ghost. E mult mai practic.
Task Scheduler
Telnet
Terminal Services
Uninteruptable Power Supply: daca folositi UPS atunci NU dezactivati serviciul
Upload Manager
Wireless Zero Configuration: daca aveti o retea wireless NU dezactivati serviciul.
Dupa aceste modificari veti vedea ca viteza de incarcare a Windows-ului s-a marit considerabil; in plus daca dati un ALT+CTRL+DEL si monitorizati memoria RAM veti vedea ca si aceasta a scazut considerabil.
Continuam:
Pentru marirea vitezei de operare prin optimizarea librariilor pe care Windows-ul le incarca si care ocupa iarasi din memoria RAM. Ce trebuie sa faceti:
Start -> Run dupa care scrieti comanda: regedit
Aceasta va deschide registrii Windows. Cautati urmatoarea sectiune:
Dupa ce ati localizat-o cu click dreapta creati un sub-key pe care-l numiti AlwaysUnloadDLL si setati Value egal cu 1
Ultimul pas: restartati Windows-ul _________________ If the answer is Micro$oft, u probably ask the wrong question.
Data înscrierii: 31 Mai 2005 Mesaje: 477 Locație: Uita-te in spatele tau!
Trimis: Mie Iul 27, 2005 3:33 pm Titlul subiectului:
Daca sunteti curiosi de ce va ocupa directorul Windows in cele mai multe cazuri mai mult de 1GB, si vreti sa stiti daca se poate sterge ceva din el...pai se poate.
Eu am obtinut o marime a directorului Windows de 585 MB Si ruleaza stabil.
Cum ? Foarte simplu.
In cazul in care directoarele la care fac referinta nu exista, puteti sari peste pasul respectiv.
1. C:\Windows\system32\dllcache
Directorul se poate sterge in intregime, contine cate o copie de backup a fiecarui fisier sistem folosit de Windows. Deci e imens (400-500MB). Efectul cauzat de stergerea directorului este aparitia unei erori in momentul in care incercati sa modificati/stergeti/inlocuiti un fisier sistem. In cazul in care lasati intact directorul, in locul fisierului in cauza se va copia cel original gasit in director.
Atentie, nu stergeti directorul in sine, doar intreg continutul lui!
2. C:\Windows\ServicePackFiles\i386
Acest director exista numai in cazul in care v-ati instalat un Service Pack pe XP. Contine fisierele noi care au fost updatate de service pack.
Atentie, nu stergeti directorul in sine, doar intreg continutul lui!
3. C:\Windows\$Uninstall----$
Directoarele cu aceasta denumire sunt folosite doar pentru a dezinstala un update la Windows. De obicei nu veti dezinstala aceste updateuri, deci directorul poate fi sters.
4. C:\Windows\Driver cache\i386
Aici se afla driverele pe care le va folosin Windows atunci cand adaugati o componenta hardware noua in sistem. Daca toate componentele sunt instalate, puteti considera ca nu mai aveti nevoie de drivere. Ocupa aproximativ 80MB (sau mai mult daca sunt instalate service packuri).
Atentie, nu stergeti directorul in sine, doar intreg continutul lui!
5. C:\Windows\Help
Numele ii spune atat rostul cat si rata de utilizare Deci daca nu folositi niciodata Help and Support, puteti economisi alti 50MB.
Atentie, nu stergeti directorul in sine, doar intreg continutul lui!
6. C:\Windows\inf
Contine multe drivere de windows. Cand adaugati o componenta hard noua in sistem, Windows cauta prima data aici un driver corespunzator. De obicei componentele noi vin cu kituri de instalare proprii, deci nu veti avea nevoie de aceste drivere impicite. Daca doriti totusi sa le pastrati, stergi doar driverele pt modemuri, pt ca sunt cele mai multe (del mdm*.*).
Atentie, nu stergeti directorul in sine, doar intreg continutul lui!
7. C:\Windows\srchasst
Search Assistant, interfata animata folosita pentru Search. Daca il stergeti, cautarea se va face folosind interfata veche (din windows 2000).
8. C:\Windows\system32\restore
Daca doriti sa scapati definitiv de amenintarea System Restore, aici este aplicatia malefica Inainte de a sterge directorul, asigurati-va ca System Restore este deja dezactivat.
9. C:\Windows\system32\usmt
File and Settings Transfer Wizard. Daca stiti la ce foloseste si nu aveti nevoie de acest serviciu, se poate sterge. Daca n-ati auzit de el, atunci cu siguranta nu-l veti folosit, deci este in siguranta sa-l stergetii.
10. C:\Windows\system32\oobe
Out Of Box Experience - ecranele care apar dupa instalrea Windows, referitoare la inregistrarea si activarea produsului, etc.
Atentie, nu stergeti directorul in sine, doar intreg continutul lui!
11. C:\Windows\msagent
O aplicatie complet nefolositoare, MS Agent.
12. C:\Windows\java
Componente Java furnizate de Microsoft. In prezent Microsoft nu mai le distribuie si nu mai ofera suport integrat pt Java. Daca folositi totusi Java, va recomand instalarea Sun Java VM.
13. C:\Windows\mui
Aplicatie ce ofera switching intre mai multe limbi. Daca singura folosita este cea implicita, nu aveti nevoie de aplicatie.
Happy Tunning! _________________ If the answer is Micro$oft, u probably ask the wrong question.
Trimis: Lun Aug 22, 2005 10:32 am Titlul subiectului: Protectie la atacuti tip DoS (denial of service) pentru XP.
Windows (ca orice sistem de operare) are vulnerabilitatile lui. In general, datorita codului care nu acopera toate situatiile, la diverse atacuri Windows "ingheatza", kernel-ul neputand suporta si trata diversele iesiri din peisaj ale programelor. Comunitatea hackerilor (vorbesc de artisti, nu de mârtani care stiu sa foloseasca exploit-uri de arome Linux), adanc emotionata in fata slabiciunilor Windows, nu mai pridineste cu scoaterea la iveala a acestor slabiciuni. DoS este modalitatea prin care un sistem de operare este fortat sa nu mai serveasca cereri pe conexiunile deschise.
Pentru XP, anularea catorva cai de atac se poate face prin cateva setari in registrii sistemului.
EnableDeadGWDetect = "0" (default = 1)
Disables dead-gateway detection as an attack could force the server to switch gateways.
EnableICMPRedirect = "0" (default = 1)
Stops Windows from altering its route table in response to ICMP redirect messages. Some documentation has this listed as "EnableICMPRedirects" but according to Microsoft it should be "EnableICMPRedirect" no "s".
EnablePMTUDiscovery = "0" (default = 1)
Disables maximum transmission unit (MTU) discovery as an attacker could force the MTU value to a very small value and overwork the stack.
KeepAliveTime = "300,000" (default = 7,200,000)
Reduces how often TCP attempts to verify that an idle connection is still intact by sending a keep-alive packet.
NoNameReleaseOnDemand = "1" (default = 0)
Protects the computer against malicious NetBIOS name-release attacks.
PerformRouterDiscovery = "0" (default = 1)
Disables ICMP Router Discovery Protocol (IRDP) where an an attacker may remotely add default route entries on a remote system.
SynAttackProtect = "2" (default = 0)
Automatically adds additional delays to connection indications, and TCP connection requests quickly timeout when a SYN attack is in progress.
Nu sunt o necesitate daca un comp nu este "public", in sensul ca IP-ul lui sa fie afisat pe toate gardurile. Daca e vorba de un server mai mult sau mai putin public, sunt bune.
Oricum... server cu XP..... Cam aiurea. Aici, Linux rulz....
Trimis: Lun Aug 22, 2005 10:47 am Titlul subiectului: Cresterea vitezei de transfer pe internet: cable modem/XP
Intai studiati si acest topic pentru a dezactiva "QoS Packet Scheduler" pe conexiunea de internet. (Acest "QoS Packet Scheduler" e binevenit pentru job-uri in reteaua locala).
Pentru Cable Modem/XP:
In regedit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters:
DefaultTTL = "80" hex (or 128 decimal)
Specifies the default time to live (TTL) for TCP/IP packets. The default is 32.
EnablePMTUBHDetect = "0"
Specifies whether the stack will attempt to detect Maximum Transmission Unit (MTU) routers that do not send back ICMP fragmentation-needed messages. The default is 0.
EnablePMTUDiscovery = "1"
Specifies whether the TCP/IP stack will attempt to perform path MTU discovery as specified in RFC 1191. The default is 1.
GlobalMaxTcpWindowSize = "7FFF" hex (or 32767 decimal)
Specifies the system maximum receive window size advertised by the TCP/IP stack.
TcpMaxDupAcks = "2"
Determines the number of duplicate ACKs that must be received for the same sequence number of sent data before "fast retransmit" is triggered.
SackOpts = "1"
Enables support for selective acknowledgements as documented by Request for Comment (RFC) 2018. Default is 0.
Tcp1323Opts = "1"
Controls RFC 1323 time stamps and window scaling options. Possible values are: "0" = disable RFC 1323 options, "1" = window scale enabled only, "2" = time stamps enabled only and "3" = both options enabled.
TcpWindowSize = "7FFF" hex (or 32767 decimal)
Specifies the receive window size advertised by the TCP/IP stack. If you have a latent network you can try increasing the value to 93440, 186880, or 372300.
***********
EnablePMTUDiscovery cu toate ca optimizeaza conexiunile prin modificarea dinamica a marimii MTU, creaza o cale pentru un atac DoS prin faptul ca un atacator poate pacali sistemul sa aloce o valoare foarte mica a MTU asa incat stiva va fi supraincarcata. Pentru evitare, se poate seta pe "0" (disabled).
Sursa: www.winguides.com _________________ If you can help, DO IT!...
Trimis: Mie Aug 31, 2005 4:29 pm Titlul subiectului:
Citat:
Clarification about QoS in End Computers That Are Running Windows XP
As in Windows 2000, programs can leverage QoS through the QoS application programming interfaces (APIs) in Windows XP. One hundred percent of the network bandwidth is available to be shared by all programs unless a program specifically requests priority bandwidth. This "reserved" bandwidth is still available to other programs unless the requesting program is sending data. By default, programs can reserve up to an aggregate bandwidth of 20 percent of the underlying link speed on each interface on an end computer. If the program that reserved the bandwidth is not sending enough data to utilize it completely, the unused portion of the reserved bandwidth is available for other data flows on the same host.
For more information about the QoS packet scheduler, refer to Windows XP Help. Additional information about Windows 2000 QoS is available in the Windows 2000 technical library.
Correcting Some Incorrect Claims About Windows XP QoS Support
There have been claims in various published technical articles and newsgroup postings that Windows XP always reserves 20 percent of the available bandwidth for QoS. These claims are incorrect. The information in the "Clarification about QoS in End Computers That Are Running Windows XP" section of this article correctly describes the behavior of Windows XP systems.
Trimis: Mie Aug 31, 2005 4:30 pm Titlul subiectului:
Citat:
Like a lot of online talk, this is misinformed. Windows 2000 introduced QoS (quality of service) features using an Admission Control Service and the Internet Engineering Task Force's RSVP signaling. XP doesn't support these two protocols but provides its own QoS components. The QoS Packet Scheduler dialog box in XP Professional shows a default "bandwidth limit" of 20 percent. This created a buzz on the Web to the effect that XP artificially withheld one-fifth of your bandwidth, even if its Packet Scheduler was turned off.
Not to worry. There's no restriction unless your network specifically supports XP-style QoS and it's requested by an application, such as a streaming media player. Even then, by default only 20 percent is set aside. (See www.techtv.com/screensavers/windowstips/story/0,24330,3365585,00.html .)
But it is worth looking into QoS, because some applications can benefit from increasing it or, conversely, terminating it. For example, high-speed Internet access through the DirecTV satellite service will not work unless XP's QoS is disabled. (See www.direcpc.com/xpinstall/install.htm .)
Trimis: Mie Aug 31, 2005 4:37 pm Titlul subiectului:
Sa facem loc pe hdd
-toate programele care le folosim mananca spatiu pe hdd ... unele chiar destul de mult ... insa si Windows-ul binevoieste sa pape niste GB fara sa ne ajute in vreun fel ... ce e de facut?
a. Mai intai, duceti-va in Start->Settings->Control Panel->Power Options, iar in fereastra de Power Options, selectati tab-ul Hibernate si debifati casuta care e acolo ... tocmai v-ati eliberat spatiu pe hdd egal cu memoria voastra disponibila ... ori daca aveti 512 sau mai mult, asta e ceva.
b. Da-ti un click dreapta pe My Computer, apoi pe properties ... in noua fereastra care s-a deschis, selectati tab-ul System Restore si binevoiti sa dezactivati acest minunat serviciu, care mananca estimativ vreo 20-30% din HDD ... nu de alta, dar ce-i frumos la XP e ca atunci cand e sa crape, crapa de tot :fadein: .. nu va mai ajuta nici System Restore-ul, nici nimic ... poate doar un Norton Ghost ... insa important e ca e bine sa dezactivati acest serviciu.
c. Tot aici aveti un tab numit Windows Updates pe care e bine sa-l dezactivati ... valabil ptr cei care au XP-ul luat pe cai ,,oculte"
Cum se efectueaza uninstall la MSN Messenger 4.7:
Start>Run si scrieti
RunDll32 advpack.dll,LaunchINFSection %windir%\INF\msmsgs.inf,BLC.Remove
Restart Windows
In cazuri rare se intampla ca setarile pentru Folder View sa devina corupte, astfel incat folder-ele nu sunt afisate corect sau nu retin preferintele vizuale. Pentru a rezolva problema: 1. Start>Run>Regedit
2. Stergeti toate valorile din: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\BagMRU\ (de obicei maxim de 5 sau 6 valori diferite)
3. Stergeti toate valorile din: HKEY_CURRENT_USER\Software\Microsoft\Windows\ShellNoRoam\Bags\ (posibil uneori sa fie foarte multe, chiar si 400)
Un mic truc pentru atunci cand explorer.exe se blocheaza in XP/2k sau provoaca procesorul sa stea in full load pentru aparent nici un motiv: -se inchid cat mai multe programe posibile ce ruleaza in taskbar
-alt+ctrl+del
-in task manager, end task la explorer.exe [daca acesta e cel ce indica full load la procesor]
-tot in task manager: File > New Task > explorer
Voila! Restart la explorer.exe fara a necesita restart la sistem
Nota: explorer.exe si iexplore.exe sunt diferite.
iexplore e Internet Explorer, pe cand explorer.exe este ... well, explorerul din Windows, including taskbar-ul
Trimis: Joi Sep 01, 2005 6:22 pm Titlul subiectului:
Imi cer scuze de la inceput pentru dimensiunea postului meu
INTERNET EXPLORER LIGHTING-FAST STARTUP.
Isn't it annoying when you want to go to a new website, or any other site but your homepage, and you have to wait for your 'home' to load?
This tweak tells Internet Explorer to simply 'run', without loading any webpages. (If you use a 'blank' page, that is still a page, and slows access. Notice the 'about:blank' in the address bar. The blank html page must still be loaded..). To load IE with 'nothing' [nothing is different than blank]:
1. Right-click on any shortcut you have to IE
[You should create a shortcut out of your desktop IE icon, and delete the original icon]
2. Click Properties
3. Add ' -nohome' [with a space before the dash] after the endquotes in the Target field.
4. Click OK
Fire up IE from your modified shortcut, and be amazed by how fast you are able to use IE!
SPEED UP DETAILED VIEW IN WINDOWS EXPLORER.
If you like to view your files in Windows Explorer using the "Details" view here is a tweak to speed up the listing of file attributes:
Viewing files in Windows Explorer using the "Details" mode shows various attributes associated with each file shown. Some of these must be retrieved from the individual files when you click on the directory for viewing. For a directory with numerous and relatively large files (such as a folder in which one stores media, eg: *.mp3's, *.avi's etc.) Windows Explorer lags as it reads through each one. Here's how to disable viewing of unwanted attributes and speed up file browsing:
1. Open Windows Explorer
2. Navigate to the folder which you wish to optimize.
3. In "Details" mode right click the bar at the top which displays the names of the attribute columns.
4. Uncheck any that are unwanted/unneeded.
Explorer will apply your preferences immediately, and longs lists of unnecessary attributes will not be displayed.
Likewise, one may choose to display any information which is regarded as needed, getting more out of Explorer.
FIX IE 6 SLOWDOWNS AND HANGS.
1. Open a command prompt window on the desktop (Start/Run/command).
2. Exit IE and Windows Explorer (iexplore.exe and explorer.exe, respectively, in Task Manager, i.e - Ctrl-Alt-Del/Task Manager/Processes/End Process for each).
3. Use the following command exactly from your command prompt window to delete the corrupt file:
C:>del "%systemdrive%Documents and Settings%username%Local
SettingsTemporary Internet FilesContent.IE5index.dat"
4. Restart Windows Explorer with Task Manager (Ctrl-Alt-Del/Task Manager/Applications/New Task/Browse/C:Windowsexplorer.exe[or your path]) or Shutdown/Restart the computer from Task Manager.
ALLOW MORE THAN 2 SIMULTANEOUS DOWNLOADS ON IEXPLORER 6.
This is to increase the the number of max downloads to 10.
1. Start Registry Editor (Regedt32.exe).
2. Locate the following key in the registry:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings
3. On the Edit menu, click Add Value , and then add the following registry values:
"MaxConnectionsPer1_0Server"=Dword:0000000a
"MaxConnectionsPerServer"=Dword:0000000a
MOUSE POINTERS.
It seems that even without pointer precision disabled, the mouse under XP is still influenced by an acceleration curve. This is especially noticeable in games. To completely remove mouse acceleration from XP, you will need to go into the registry and adjust the SmoothmouseXYCurve values. Here is how its done.
1. Click Start button
2. Select Run
3. Type 'regedit' in the open textbox
4. Open the tree 'HKEY_CURRENT_USER', select control panel, then select mouse
5. Right clicking, modify the SmoothMouseXCurve and SmoothMouseYCurve hexidecimal values to the following:
SmoothMouseXCurve:
00,00,00,00,00,00,00,00
00,a0,00,00,00,00,00,00
00,40,01,00,00,00,00,00
00,80,02,00,00,00,00,00
00,00,05,00,00,00,00,00
SmoothMouseYCurve:
00,00,00,00,00,00,00,00
66,a6,02,00,00,00,00,00
cd,4c,05,00,00,00,00,00
a0,99,0a,00,00,00,00,00
38,33,15,00,00,00,00,00
If done correctly, you will notice you are holding a markedly more responsive mouse.
KILL THE SEARCH DOG.
copy this to note pad and save as dog.INF then right click, install
;********COPY THIS******
[Version] Signature= "$Windows NT$" LayoutFile=layout.inf [DefaultInstall] AddReg = Reg.TestSection.Add DelReg = Reg.TestSection.Del [Reg.TestSection.Add] [Reg.TestSection.Del] HKCR,"CLSID{2AD1B782-53A4-4CDA-8A81-CD4DC6D716D4}" HKCR,"CLSID{47C6C527-6204-4F91-849D-66E234DEE015}" HKCR,"CLSID{68F2D3FC-8366-4A46-8224-58EFA2749425}" HKCR,"CLSID{AC1B0D5D-DD59-4FF0-93F8-A84373821606}" HKCR,"CLSID{FFAC7A18-EDF9-40DE-BA3F-49FC2269855E}" HKCR,"TypeLib{ECA4E801-17AE-4863-9F5C-AF4047AABEE0}" HKLM,"SOFTWAREClassesCLSID{47C6C527-6204-4F91-849D-66E234DEE015}" HKLM,"SOFTWAREClassesCLSID{68F2D3FC-8366-4A46-8224-58EFA2749425}" HKLM,"SOFTWAREClassesCLSID{AC1B0D5D-DD59-4FF0-93F8-A84373821606}" HKLM,"SOFTWAREClassesCLSID{B791A095-A4AC-4312-8894-5B7E8FF5B3CD}" HKLM,"SOFTWAREClassesCLSID{FFAC7A18-EDF9-40DE-BA3F-49FC2269855E}" HKLM,"SOFTWAREClassesTypeLib{ECA4E801-17AE-4863-9F5C-AF4047AABEE0}" ;HKU,"S-1-5-21-725345543-113007714-839522115-500SoftwareMicrosoftSearch Assistant"
;*****END COPY*****
CLICKING * .AVI FILES ON EXPLORER CAUSING 100% CPU USAGE.
Well windows seem to have a REALLY big problem when it comes to reading AVI files. It seems that when you click on an AVI file in explorer, it'll try to read the entire AVI file to determine the width,height, etc. of the AVI file (this is displayed in the Properties window). Now the problem with Windows is that if you have a broken/not fully downloaded AVI file that doesnt contain this info, Windows will scan the entire AVI file trying to figure out all these properties which in the process will probably cause 100% CPU usage and heavy memory usage.
To solve this problem all you have to do is the following:
1. Open up regedit
2. Goto HKEY_CLASSES_ROOTSystemFileAssociations.avishellexPropertyHandler
3. Delete the "Default" value which should be "{87D62D94-71B3-4b9a-9489-5FE6850DC73E}"
Voila! Please not that this will no longer provide you with the windows properties displaying the AVI file information such as width, height, bitrate etc. But its a small price to pay for saving you resources.
Trimis: Dum Oct 16, 2005 5:54 pm Titlul subiectului:
bllizzard_wizard te rog imi explici si mie chestia aia cu update ca nu inteleg stiu ca trebuie dezactivata dar ceea ce nu inteleg este alea care trebuie updatate ai enumerat tu niste "programe" cred la alea cum le dau update daca nu sunt updatate si chiar imi merge mai fain calculatoru cu "porcariile" alea faine am mai vazut eu filmulete cu nu stiu ce sa cresti viteza la internet sau sa nu mai dai voie la sher etc.Multumesc tuturor care au postat aici chiar miau fost de ajutor alea
Data înscrierii: 31 Mai 2005 Mesaje: 477 Locație: Uita-te in spatele tau!
Trimis: Sâm Noi 04, 2006 12:24 am Titlul subiectului:
Un link util pentru cei care nu stiu sa instaleze windows, mai mult de atat nici ca se poate )
http://www.theeldergeek.com/xp_home_install_-_graphic.htm _________________ If the answer is Micro$oft, u probably ask the wrong question.
Data înscrierii: 08 Iun 2005 Mesaje: 1744 Locație: IS
Trimis: Vin Dec 01, 2006 12:24 am Titlul subiectului:
Am o intrebare
As dori sa dezinstalez ultima versiune a Movie Maker 9, cea venita si instalata cu SP2.In esentza as fi interesat sa revin la versiunea precedenta a Movie Maker. Idealul ar fi bineinteles sa am ambele versiuni dar nu stiu daca se poate.
Imi poate da cineva un sfat?
Multzam fain _________________ Toti ne nastem egali.... unii se nasc insa, mai egali decat altii...
Data înscrierii: 13 Mai 2007 Mesaje: 341 Locație: 23August
Trimis: Mar Iul 10, 2007 4:19 pm Titlul subiectului:
hacks, hacks, hacks
va ofer niste carti care va ajuta sa faceti trikuri ca hodini
exemple din carti:
Hack 71 Rename the Administrator and Guest Accounts
Renaming the default administrator and guest accounts is a simple but effective step to help secure your machines.
To enhance system security on your Windows server-based network, you should rename the administrator account. You should choose a name that does not identify it as an administrator account, to make it difficult for any unauthorized user to break into the computer or network. One of the account settings in Windows 2000/2003 allows you to enter an account name to rename the administrator and guest accounts automatically using Local Security Policy (for standalone machines in a workgroup) or Group Policy (in an Active Directory environment).
To access local policy settings, click StartRun, type mmc, and press Enter. Select FileAdd/Remove Snap-in. Click the Add button, scroll through the list until you see Group Policy (in Windows 2000) or Group Policy Object Editor (in Windows Server 2003). Click add, then finish (the default is to manage Local Computer). Expand Local Computer Policy, Computer Configuration, Windows Settings, Security Settings, Local Policies, and Security Options. If you like, you can save this console with a familiar name to have this MMC snap-in available for future use. Once you've selected Security Options, you should see a screen similar to Figure 8-1 (if you're running Windows Server 2003 or Windows XP).
Figure 8-1. Policy settings for the default administrator and guest accounts in Windows Server 2003 and Windows XP
In the pane on the right, you can see that the first five options detail policies for Accounts. The last two options in the Accounts section are used to rename the administrator account and rename the guest account. Clicking on "Accounts: Rename administrator account" brings up the screen shown in Figure 8-2. You will see a similar screen if you select the Guest option. Simply type whatever name you want to use and click OK. This automatically renames the administrator or guest accounts.
Figure 8-2. Renaming the default Administrator account
Some Considerations
Note that if your machine belongs to a domain, the local policy settings you configure using the previous method might be overwritten by any Group Policy settings defined at the domain, organizational unit (OU), or site level.
Windows 2000 provides only the first two Accounts policy settings and they're named differently than the settings shown in Figure 8-2. The Windows Server 2003 setting named "Accounts: Rename administrator account" is simply named "Rename administrator account" in Windows 2000, and likewise with the Guest account policy setting. Windows XP, however, is identical to Windows Server 2003 in this regard.
Finally, as a further security precaution, after you rename the accounts, you might want to add another administrator and guest account (through the User Accounts option). Once you create these accounts, give them a secure password, but give the accounts no rights to anything. Even if the administrator and guest accounts are compromised, the potential intruder will have no rights to do anything to the computer.
—John Gormly _________________ www.clanah.net
CONTACT ME IF YOU WANA JOIN THE CLAN!!!
Data înscrierii: 13 Mai 2007 Mesaje: 341 Locație: 23August
Trimis: Mar Iul 10, 2007 4:26 pm Titlul subiectului:
Hack 72 Get a List of Local Administrators
Local administrators can do anything on their machines. Here's a quick way to determine who has this power.
When an intruder penetrates a network's defenses, the intruder generally tries to elevate the privileges of his account to that of local administrator on the machine. Once the intruder has achieved this, he can do anything he wants to do on the machine.
So, if you think your network defenses have been penetrated, it's a good idea during the triage stage to check which accounts are local administrators on your machines. Using the GUI, this can be done using the Local Users and Groups node in Computer Management, but that is tedious.
A faster way to identify individuals who have local computer administrator rights is to use the following VBScript, which you can customize further as desired.
The Code
Just open a text editor such as Notepad (make sure you have Word Wrap disabled), type the following code, and save it with a .vbs extension as GetAdmins.vbs:
set group = getobject("WinNT://" & computername & "/administrators,group")
s = ""
for each account in group.members
s = s & account.name & vbcrlf
next
msgbox s
Running the Hack
Running the hack is simple. Just create a shortcut to it and double-click on the shortcut. A dialog box will display which user accounts are local administrators on the machine, as shown in Figure 8-3. From this list, you can easily detect any unauthorized administrator-level accounts, such as backd00r, that might indicate that the system has been compromised by a malicious hacker.
Figure 8-3. A list of local administrators on a member server
Make sure you have the latest scripting engines on the workstation from which you run this script. Download the latest scripting engines from the Microsoft Scripting home page (http://msdn.microsoft.com/library/default.asp?url=/nhp/default.asp?contentid=28001169). Note also that, when working with the Active Directory Services Interface (ADSI) you must have the same applicable rights you need to use the built-in administrative tools.
Hacking the Hack
The script gets the contents of the local administrators group, but you can easily alter the group information in the script to retrieve the information from any local computer group if you desire. For example, to display members of the Users group just change this line:
Cod:
set group = getobject("WinNT://" & computername & "/administrators,group")
to this:
Cod:
set group = getobject("WinNT://" & computername & "/users,group")
Data înscrierii: 13 Mai 2007 Mesaje: 341 Locație: 23August
Trimis: Mar Iul 10, 2007 4:30 pm Titlul subiectului:
Hack 73 Find All Computers that Are Running a Service
Use this script to find rogue web servers, misconfigured clients, and other potentially insecure systems on your network.
Querying the status of a service across multiple computers can be an extremely useful tool. You can check for the SMS client service, antivirus services, or even viruses/Trojans that run as a service. Under most interfaces, such as WMI or ADSI, you need to check the status of services with an account that has administrator rights on the machine you are targeting. It turns out that in many organizations there are quite a few PCs on the network that have done a phenomenal job of removing most of the IT department's administrator rights. These unmanaged PCs can be a real risk at times.
One day, I noticed that when you query a remote box with the Windows 2000 services snap-in for the MMC, you do not need administrator rights to check on the services that reside on remote boxes. You simply need an account in a trusted domain with simple user-level rights. On further investigation, it was revealed that what in fact was going on was a direct query to the Service Control Manager (SCM), as opposed to some API call through WMI or ADSI. One of the best free third-party tools that also queries the SCM is Psservice from Sysinternals (http://www.sysinternals.com). Although this is strictly a command-line utility, we can tweak it with some parameters and do some fancy parsing to make efficient use of it in a script.
First, the script will search IP addresses by subnet, using a ping response, and find the Windows-based machines by parsing out a NetBIOS call. Then, it will determine if the machine is running a particular service, by querying it with Psservice, and log the results in tab-delimited format. This will retrieve the following data in the log file: IP address, computer name, currently logged-on user, domain or workgroup to which the machine is joined, and the status of the service. The IP address is included even if the node is not pingable and can be treated as a key in most cases. The computer name is resolved with a DNS lookup on the IP address and then, if a NetBIOS name is found, it is switched to that name. Note that this could be blank if both methods fail. The currently logged-on user field should display data if the machine is NetBIOS-compatible and someone is currently logged on. However, if no one is logged on, it will be blank. Note that this logon name could be a domain account or a local account; there is no way to tell. The domain (or workgroup) to which the machine is joined is the domain (or workgroup) associated with the computer account, not the user account.
The status of the service can be any of seven possible values, as shown in Table 8-2.
Table 8-2. Possible values for server status Status
Description
UnPingable
The IP address does not respond
RUNNING
Service is running
STOPPED
Service is stopped
PENDING
Service is starting or stopping
Blank
Service does not exist
Access is Denied
Your account does not have minimal user-level rights to the box
The RPC server is unavailable
Computer is running Win9x,Win 3.x, or is a Samba box
There are several items you will need before the script will run. First, you need the Psservice utility that comes with the Pstools suite from Sysinternals. Place the psservice.exe utility in the same directory as the script itself. You also need to register the free System Scripting Runtime COM object from Netal (http://www.netal.com/ssr.htm). To register the COM object, copy the DLL to your system32 directory and use regsvr32 to register it. You'll need to do this for every box you run the script from, but this does not need to be done on the remote machines. By the way, I highly suggest reading through the documentation on both of these valuable pieces of software.
The Code
Type the following script into Notepad (with Word Wrap disabled) and save as FindNTService.vbs. Alternatively, since this is a long one, you're probably better off downloading the source from http://www.oreilly.com/catalog/winsvrhks/.
Service = Trim(Right(CurLine,InStr(CurLine," ")-1))
End If
If InStr(CurLine,"RPC") <> 0 Then
Service = CurLine
End If
If InStr(CurLine,"Access") <> 0 Then
Service = CurLine
End If
If InStr(CurLine,"function") <> 0 Then
Service = CurLine
End If
If InStr(CurLine,"Unable") <> 0 Then
Service = CurLine
End If
Loop
If InStr(Service,vbcr) <> 0 Then
Service = Left(Service,InStr(Service,vbcr)-1)
End If
End If
End Function
Function WriteToLog(IP,CompName,User,Domain,Service)
If IP <> "" Then
LogFile.Write IP
End If
LogFile.Write vbtab
If CompName <> "" Then
LogFile.Write CompName
End If
LogFile.Write vbtab
If User <> "" Then
LogFile.Write User
End If
LogFile.Write vbtab
If Domain <> "" Then
LogFile.Write Domain
End If
LogFile.Write vbtab
If Service <> "" Then
LogFile.Write Service
End If
LogFile.WriteLine
End Function
Running the Hack
First, create a text file that contains the subnets you wish to query. Each subnet should end with .0 and be on its own line in the file. You can name the file subnets.txt and save it in the same directory as the script. Now, simply run the script by double-clicking on it; it will prompt you for input. The first input is just an introduction to the script. Clicking No will exit the script altogether.
The next input is the name of the service; this is not the same as the display name, so be careful here. Table 8-3 shows some examples of services for which the display name differs greatly from the service name. This information can help you detect rogue web servers running secretly on your network, client machines whose antivirus software has been disabled, or machines with SMS client software disabled, making them difficult to keep updated with security patches and service packs.
Table 8-3. Display names and corresponding service names Display name
Service name
World Wide Web Publishing Service
w3svc
Norton Antivirus Client
Norton Antivirus Server
SMS Client Service
clisvc
The next prompt is the full path to the text file that contains the subnets. At this point, you can enter a different text file if you wish. Lastly, you have the opportunity to modify the subnets file before you begin. The scan will begin either after you click No or after you close Notepad. You will be notified when the script is finished with a pointer to the log file; there is no progress indicator as the script runs. If you need to cancel the script, go into Task Manager and kill the wscript.exe process.
I have used this script to find machines on which the SMS Client Service has been disabled. I have also found numerous IIS web servers and their owners. Lastly, this utility does a great job of finding the FLC service, which is better known as the FunLove virus. I get a big kick out of sending directors a list of developer machines that have FunLove on their box, have also disabled SMS, and are not running antivirus software.
Always deploy this script in a lab environment first and do your own benchmarking before pinging those 32,000 nodes.
Data înscrierii: 13 Mai 2007 Mesaje: 341 Locație: 23August
Trimis: Mar Iul 10, 2007 4:32 pm Titlul subiectului:
Hack 73 Find All Computers that Are Running a Service
Use this script to find rogue web servers, misconfigured clients, and other potentially insecure systems on your network.
Querying the status of a service across multiple computers can be an extremely useful tool. You can check for the SMS client service, antivirus services, or even viruses/Trojans that run as a service. Under most interfaces, such as WMI or ADSI, you need to check the status of services with an account that has administrator rights on the machine you are targeting. It turns out that in many organizations there are quite a few PCs on the network that have done a phenomenal job of removing most of the IT department's administrator rights. These unmanaged PCs can be a real risk at times.
One day, I noticed that when you query a remote box with the Windows 2000 services snap-in for the MMC, you do not need administrator rights to check on the services that reside on remote boxes. You simply need an account in a trusted domain with simple user-level rights. On further investigation, it was revealed that what in fact was going on was a direct query to the Service Control Manager (SCM), as opposed to some API call through WMI or ADSI. One of the best free third-party tools that also queries the SCM is Psservice from Sysinternals (http://www.sysinternals.com). Although this is strictly a command-line utility, we can tweak it with some parameters and do some fancy parsing to make efficient use of it in a script.
First, the script will search IP addresses by subnet, using a ping response, and find the Windows-based machines by parsing out a NetBIOS call. Then, it will determine if the machine is running a particular service, by querying it with Psservice, and log the results in tab-delimited format. This will retrieve the following data in the log file: IP address, computer name, currently logged-on user, domain or workgroup to which the machine is joined, and the status of the service. The IP address is included even if the node is not pingable and can be treated as a key in most cases. The computer name is resolved with a DNS lookup on the IP address and then, if a NetBIOS name is found, it is switched to that name. Note that this could be blank if both methods fail. The currently logged-on user field should display data if the machine is NetBIOS-compatible and someone is currently logged on. However, if no one is logged on, it will be blank. Note that this logon name could be a domain account or a local account; there is no way to tell. The domain (or workgroup) to which the machine is joined is the domain (or workgroup) associated with the computer account, not the user account.
The status of the service can be any of seven possible values, as shown in Table 8-2.
Table 8-2. Possible values for server status Status
Description
UnPingable
The IP address does not respond
RUNNING
Service is running
STOPPED
Service is stopped
PENDING
Service is starting or stopping
Blank
Service does not exist
Access is Denied
Your account does not have minimal user-level rights to the box
The RPC server is unavailable
Computer is running Win9x,Win 3.x, or is a Samba box
There are several items you will need before the script will run. First, you need the Psservice utility that comes with the Pstools suite from Sysinternals. Place the psservice.exe utility in the same directory as the script itself. You also need to register the free System Scripting Runtime COM object from Netal (http://www.netal.com/ssr.htm). To register the COM object, copy the DLL to your system32 directory and use regsvr32 to register it. You'll need to do this for every box you run the script from, but this does not need to be done on the remote machines. By the way, I highly suggest reading through the documentation on both of these valuable pieces of software.
The Code
Type the following script into Notepad (with Word Wrap disabled) and save as FindNTService.vbs. Alternatively, since this is a long one, you're probably better off downloading the source from http://www.oreilly.com/catalog/winsvrhks/.
Service = Trim(Right(CurLine,InStr(CurLine," ")-1))
End If
If InStr(CurLine,"RPC") <> 0 Then
Service = CurLine
End If
If InStr(CurLine,"Access") <> 0 Then
Service = CurLine
End If
If InStr(CurLine,"function") <> 0 Then
Service = CurLine
End If
If InStr(CurLine,"Unable") <> 0 Then
Service = CurLine
End If
Loop
If InStr(Service,vbcr) <> 0 Then
Service = Left(Service,InStr(Service,vbcr)-1)
End If
End If
End Function
Function WriteToLog(IP,CompName,User,Domain,Service)
If IP <> "" Then
LogFile.Write IP
End If
LogFile.Write vbtab
If CompName <> "" Then
LogFile.Write CompName
End If
LogFile.Write vbtab
If User <> "" Then
LogFile.Write User
End If
LogFile.Write vbtab
If Domain <> "" Then
LogFile.Write Domain
End If
LogFile.Write vbtab
If Service <> "" Then
LogFile.Write Service
End If
LogFile.WriteLine
End Function
Running the Hack
First, create a text file that contains the subnets you wish to query. Each subnet should end with .0 and be on its own line in the file. You can name the file subnets.txt and save it in the same directory as the script. Now, simply run the script by double-clicking on it; it will prompt you for input. The first input is just an introduction to the script. Clicking No will exit the script altogether.
The next input is the name of the service; this is not the same as the display name, so be careful here. Table 8-3 shows some examples of services for which the display name differs greatly from the service name. This information can help you detect rogue web servers running secretly on your network, client machines whose antivirus software has been disabled, or machines with SMS client software disabled, making them difficult to keep updated with security patches and service packs.
Table 8-3. Display names and corresponding service names Display name
Service name
World Wide Web Publishing Service
w3svc
Norton Antivirus Client
Norton Antivirus Server
SMS Client Service
clisvc
The next prompt is the full path to the text file that contains the subnets. At this point, you can enter a different text file if you wish. Lastly, you have the opportunity to modify the subnets file before you begin. The scan will begin either after you click No or after you close Notepad. You will be notified when the script is finished with a pointer to the log file; there is no progress indicator as the script runs. If you need to cancel the script, go into Task Manager and kill the wscript.exe process.
I have used this script to find machines on which the SMS Client Service has been disabled. I have also found numerous IIS web servers and their owners. Lastly, this utility does a great job of finding the FLC service, which is better known as the FunLove virus. I get a big kick out of sending directors a list of developer machines that have FunLove on their box, have also disabled SMS, and are not running antivirus software.
Always deploy this script in a lab environment first and do your own benchmarking before pinging those 32,000 nodes.
Data este GMT + 2 Ore Du-te la pagina 1, 2, 3Următoare
Pagina 1 din 3
Nu puteți crea un subiect nou în acest forum Nu puteți răspunde în subiectele acestui forum Nu puteți modifica mesajele proprii din acest forum Nu puteți șterge mesajele proprii din acest forum Nu puteți vota în chestionarele din acest forum