Adversity leads to prosperity.

July,2008: Gates leaves and I come

2008-07-21T02:25:00.000-07:00

Gates, the leader of windows, the godfather of desktop, will retire from MS-microsoft at July, 2008.

Aaron, a fresh graduate，a fool bird coder, will join in MS-myspace.cn at July, 2008.

The two events look like far away from relations today. However after 10 years, microsoft and myspace will be the symbols of two periods. Gates and Aaron, they are the lords of their periods.

Cheers!

Keeping in touch with blog

2007-06-21T19:47:00.001-07:00

After Visiting some friends' blog on QQ, I find blog a really effective way to keep in touch. The host write their daily life ,adventure or emotions. Then the guest can know what's going on with he/she, which made friends acknowledge you and made you to be acknowledged. As everyone has an IM, such as MSN or QQ, it's more effective when your blog update is shown on IM. When others see it ,they'll know there are sth new for you, then click.

As I know this, I can't waiting longer to publish this blog to my friends with an impulse. However, English is less familiar to most Chinese. What is worse, my pool English maybe raubbish and poison to others.

Many friends' experiences move me much, and many friends get stranger. Communication is necessary.

So, just wait when my Engilsh is ready.

Technorati : Chitchart

Firefox plugin

2007-06-21T01:52:00.000-07:00

Firefox plug-in flash-player is installed when visit website with flash. But There are some mistakes that collapse Firefox when view flash.
So, I just want to remove or uninstall flash-player plug-in. Unusual, there isn't a plug-in manager in firefox.
I need to remove it by my self.
1.Enter $HOME/.mozille, ls, firefox, plugin ...
2.rm the so in plugin
3.edit plugin_reg in firefox

Iptables setup

2007-06-21T01:30:00.000-07:00

After setup XDMCP protocol in Linux, It's necessary to Activate XDMCP port(default 177) under iptables.
There are three system chain in configure, INPUT, OUTPUT and FORWARD. And input and forward are refer to RH-...-INPUT(short as RH) which is define by redhat users.
And all rules are based on RH. "-A RH -p udp -m udp --dports 0:1023 -j REJECT"(1) means If packet with udp protocol to 0:1023 port is reject(option Drop is similar to REJECT but without Answer).
As these, I add "-A RH -p udp -m udp --dports 177 -j ACCEPT"(2) at the bottom, means to actives 177 udp port. But it doesn't work!
Try again and again, I find the correct way is to add (2) before (1).
Nice try

Updating bash_profile

2007-06-20T03:08:00.000-07:00

You can reboot or login again to active bash_profile when it is updated. But there is a easy method.
source bash_profile
Then it active

Recover gnome task-panel

2007-06-20T02:53:00.000-07:00

The default menu-panel in gnome is really large and ugly.Then many diyers remove it and build a new.But where is the task-panel. Active tasks can't be choose by mouse. This also troubles me much. Tough try much even to modify profiles, it still can't work.

Finally, I find it really stupid. As you click right button on the panel you built, you can add some items to the panel. Maybe you never find task-panel, but there is an utility named window-list. It is really the menu-panel we known.

Cheers.

Macro in C/C++, updateing

2007-06-17T20:10:00.000-07:00

>define()
This is used in #if, #elif #endif preprocess sentence, and #if define(x) is equle to #ifdef x, #if !define(x) is equle to #ifndef x.
but define() is more powerful while check mutiply Macro, as it can be join with ||, &&, and !.eg:
#if defined(__STDC__) || defined(__cplusplus)
...
#endif

> __STDC__, __cplusplus
These macros are not forced by standards, but a complete implement always surports to indicate ISO C or C++ surport.

Install rpms

2007-06-12T00:00:00.000-07:00

Rpms in redhat linux are software packets.Base on rpm datebase, It help install and uninstall tools.
Here list most used commands:
>install:
rpm -ivh [rpmname]
swith -i means install; -v means verbose;-h means hash bar, which provide process updates via hash (#) marks printed on the console as the package is installed.
>uninstall:
rpm -e [packname]
swith -e means erase.
>quiry:
rpm -qa|grep [name] used to display installed packets pattern name

Useing XDMCP to Login Linux

2007-06-10T18:35:00.000-07:00

XDMCP is a protocol for logining xwindow system.
There are some config modified.
1.Active XDMCP
>/etc/X11/gdm/gdm.conf
find lable [xdmcp], edit Enable=0 as Enable=1.
make sure port=177 is avalide.
2.Get X authority
>/etc/X11/xdm/Xaccess
find #* # any host can get a login window, remove the first # to accept all users.
>/etc/X11/xdm/
Comfirm Xservers's authority is 444, Xsetup_0's is 755
3.Modify initialization
>/etc/inittab
make sure id:5:initdefault: init level is 5(xwindow)
add x:5:respawn:/usr/bin/gdm at the bottom to startup gdm at initilization.
4.Startup port 177
>/etc/iptables
There are methods to edit iptables config, but I haven't manege. I just close iptables.

Finaly, restart your Linux, then open xmanger, it works.

SSH-Keygen

2007-06-07T02:57:00.000-07:00

I waste just half a day but still can't deel it.
Use Key to Login ssh-server may be more safer, but I just want to Auto Login without password in shell script.
If you want to login B from A:
On A, $HOME/.ssh/, use ssh-keygen -t dsa to get publish key file, this generate id_dsa and id_dsa.pub, then scp id_dsa.pub to B:$HOME/.ssh/ as authorized_keys or >> to authorized_keys when it exsit.

It really work on my compute and stations in company, but failed on mission.

I'll find out tomorrow.

Surprise History

2007-06-06T02:59:00.000-07:00

I really be scared when i find all pages i have visited have been recorded in "Google Web History".
I have already remove all history, and stop the service. But may be it just be hiden?
Could google just asked whether i'm willing?

Ten Tough Sentences

2007-06-05T02:02:00.001-07:00

1. Just wait and see. I won't let you get away with that.

2. You'll be sorry.

3. You're gonna get what's coming to you.

4. If you're looking for a fight, you don't have to look far.

5. Watch your mouth. Do you know who you're talking to?

6. I'll get even with you sooner or later.

7. Listen, you've picked the wrong person to quarrel with.

8. You'd better take that back.

9. You want to take it outside? Anytime!

10.Don't mess with me! / Don't get fresh with me!

Zoundry, pass firewall finally

2007-06-05T01:55:00.000-07:00

Since our company fobiden 80 port, I use proxy to browse web. Complaint but just work.

But How Could Zoundry without Supporting of Proxy???

This made hardly inconvenient!

Now, I try to be a Hacker, to control the switch then unlock 80 port, or control a server than let it be new gateway.

That's my opinion, I'm ready to be the root.

Just wait and see.

DNS Issues

2007-06-05T01:38:00.000-07:00

Like Whois, Dns Server may also be helpful to hackers.

nslookup www.example.net

give out the name server and it's address.

But host command is more useful. '-t' option can get all types of info on dns about a domain name, and '-l' followed dnserver get more.

To forbiden compute except dnserver transfer dns infomation is useful to defend

Technorati Tags: Hacking Linux Exposed, DNS Issues

Ping Sweeps

2007-06-05T00:31:00.000-07:00

Ping Sweeps means ping all address in a Intranet.Then Hackers can get Which compute is working.

Ping 10.10.0.1

telnet 10.10.0.1 echo //port 7

are two measure to just wether a host is alive.But there are Other tools to advance.

fping is used to ping a mount of ip specied by a list

fping -a < machinelist

nmap contains ping command by -sP option

nmap -sP 192.168.10.0/24

nmap -sP 192.168.10.0-255

nmap -sP 192.168.10.*

is avalide, it also can be followed by multiple address.

nmap is not only ping, when ping service is forbiden, it send TCP_ACK packet, when recv RST, the dest machine can be known as working.

Technorati Tags: Hacking Linux Exposed, Ping Sweeps

Whois DateBase

2007-06-04T22:41:00.001-07:00

Whois DateBase is also useful for Hackers collecting informations. You can

try "whois baidu.com" on a linux with network. Then, the result contains Server,

Owner and even Contack measure return.This also can be found at http://www.who.is, which is the interface of Whois DateBase.

<Hacking Linux Exposed-3Mapping Your Machine and Network>

Technorati Tags: Hacking Linux Exposed, Whois DateBase

Online Searches

2007-06-04T20:37:00.001-07:00

Nowadays, it's easy to get infomation from Internet by search-engine.And it's

useful to hackers.They should collect enougth infomation before they

invade.Exposing always taken by Maillist.For example, sb quired a network

question in Maillist with offical Mailbox, this question may contain infomations

of the structure of it's company which is great useful to hacker. Then the

Maillist is stored online, and can esay be searched by the suffix of the Mailbox

of the company.

As we see, Hackers are very smart, they are talented to take advantage of

details.So, the process you learn hacking may lead you smarter.

Technorati Tags: Hacking Linux Exposed, Online Searches

just open blog

2007-06-04T00:01:00.000-07:00

Great day!

From now on, I shall write down my experences and ideas here.

It's not a suddently thought but a determine for a long time, as recording my life trace.

This may help me a lot,I think, to review history, get experence, look forward and action with clear goal.

It may be a long process, slow and hard.

But, life lust like this.

Cheers!