Hello,

ImageMagick is a software used  to create, edit, and compose bitmap images. Using ImageMagick we can read, convert and write images in a variety of formats including DPX, EXR, GIF, JPEG, JPEG-2000, PDF, PhotoCD, PNG, Postscript, SVG, and TIFF. ImageMagick is used to translate, flip, mirror, rotate, scale, shear and transform images, adjust image colors, apply various special effects, or draw text, lines, polygons, ellipses and Bézier curves.

ImageMagick is typically utilized from the command line or you can use the features from programs written in your favorite programming language. Choose from these interfaces: G2F (Ada), MagickCore (C), MagickWand (C)

How to install ImageMagick On Linux server:

wget ftp://ftp.imagemagick.org/pub/ImageMagick/ImageMagick.tar.gz

tar -zxvf ImageMagick*.tar.gz
cd ImageMagick*

./configure

make

make install

You can verify the installation with command :

which convert

Regards,

Tuks

Note: Please don’t disable the Windows Firewall unless and until you have the other appropriate firewall software installed on your system

There are mainly three methods for disabling the Windows Firewall. The first method is for any user with administrative privileges on an individual machine not remotely or collectively managed in any way. The other two methods are for use windows Administrators on fully managed systems or windows servers.

1) Using the Control Panel

This method is for any user with administrative access to unmanaged systems

1. From the Start menu, select Control Panel, then select Windows Firewall.
2. Select Off, then click Ok.

2) Using Local Policy

This method is for administrators with administrative access to unmanaged systems or locally managed systems where the machine is not part of a Windows 2000 or higher domain.

Go to Start menu >> select Run, here enter gpedit.msc.
Expand the Computer Configuration folder, then the Administrative Templates folder.
Expand the Network folder, then the Network Connections folder, then the Windows Firewall folder.
Select the Standard Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Select the Domain Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Close the Group Policy dialog box.

3) Using Group Policy

This method is for administrators with administrative access to managed machines that are part of a Windows 2000 or 2003 Active Directory domain.

Create a new Group Policy object, and give the object a descriptive name (for example, ITS-Turn off Windows Firewall).
Select the newly created group policy.
Right-click on the newly created policy and select Edit.
Expand the Computer Configuration folder, then the Administrative Templates folder.
Expand the Network folder, then the Network Connections folder, then the Windows Firewall folder.
Select the Standard Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Select the Domain Profile folder.
Double-click the Windows Firewall: Protect all network connections option.
Select Disabled, then click OK.
Close the Group Policy dialog box.
In the Security Filter section, click Add.
Search for the objects that this group policy will be applied to, then click OK.
Close the Group Policy editor.

Hello,

The process of booting a Linux system consists of a number of stages as follows

1) BIOS

2) Master Boot Record (MBR)

3) LILO or GRUB

4) Kernel

5) init

6) Run Levels

The process of booting a Linux system consists of a number of stages

1)BIOS: Basic Input/Output System is the lowest level interface between the computer and peripherals which load boot sector from one of following devices

Floppy
CDROM
Hard drive

The boot order can be changed from within the BIOS. BIOS setup can be entered by pressing a del ,F1 , F2, or F10 key during bootup.

2)MBR:
The first sector of the hard disk is reserved master boot record (MBR).

When we the Operating booting from a hard disk, the PC system BIOS loads and executes the boot loader code in the MBR. Here MBR needs to know which partitions on the disk have boot loader code specific to their operating systems in their boot sectors and then attempts to boot one of them.

Fedora Linux is supplied with the GRUB boot loader which is fairly sophisticated and therefore cannot entirely fit in the 512 bytes of the MBR.
The GRUB MBR boot loader merely searches for a special boot partition and loads a second stage boot loader.

This then reads the data in the /boot/grub/grub.conf configuration file, which lists all the available operating systems and their booting parameters. When this is complete, the second stage boot loader then displays the familiar Fedora branded splash screen that lists all the configured operating system kernels for your choice.

3)Boot loader (GRUB or LILO)

Lilo and Grub are installed or at the MBR (Master Boot Record), or at the first sector of the active partition.

Boot loader will ask for the OS label which will identify which kernel to run and where it is located (hard drive and partition specified). The installation process requires to creation/identification of partitions and where to install the OS. GRUB/LILO are also configured during this process. The boot loader then loads the Linux operating system.

LILO: (Linux Loader)
In case of a multi-boot config, LiLo permits the user two choose an operating system from the menu. The LiLo settings are stored at /etc/lilo.conf
-LILO does not understand filesystems
- code and kernel image to be loaded is stored as raw disk offsets
-uses the BIOS routines to load

Grub (GNU Grub Unified Boot Loader)
- Understands file systems
- config lives in /boot/grub/menu.lst or /boot/boot/menu.lst

4)Kernel
-The kernel verifies hardware configuration and initialise devices.
(optionally loads initrd, )
-The kernel tries to mount the file system and the system filesmounts root filesystem specified by lilo or loadin with root= parameter

The file system type is automatically detected. The most used file systems on Linux are ext2 and ext3. If the mount fails, a so-called kernel panic will occur, and the system will “freeze”.
System files are usually mounted in read-only mode, to permit a verification of them during the mount. This verification isn’t indicated if the files were mounted in read-write mode.

-kernel prints: VFS: Mounted root (ext2 filesystem) readonly.
* runs /sbin/init which is process number 1 (PID=1)
- init prints: INIT: version 2.76 booting
- can be changed with boot= parameter to lilo, eg boot=/bin/sh can be useful to rescue a system which is having trouble booting.

After these steps, the kernel will start init, which will become process number 1, and will start the rest of the system.

5) init process
The init process is the last step in the boot procedure and parent of all the other processes. This process is the first running process on any Linux/UNIX system, and is started directly by the kernel. It is what loads the rest of the system, and always has a PID of 1.

Init is responsible for starting system processes as defined in the /etc/inittab file.

The init process is never shut down. It is a user process and not a kernel system process although it does run as root.

Run Levels

0 halt
1 single user
2 Not used (user-definable)

3 Full multi-user mode (no GUI interface)

4 Not used (user-definable)
5 X11 Full multiuser mode (with GUI interface)
6 Reboot

Based on the selected runlevel, the init process then executes startup scripts located in subdirectories of the /etc/rc.d directory. Scripts used for runlevels 0 to 6 are located in subdirectories /etc/rc.d/rc0.d through /etc/rc.d/rc6.d, respectively.

Default is defined in /etc/inittab, eg:
o id:3:initdefault:
The current runlevel can be changed by running /sbin/telinit # where # is the new runlevel, eg typing telinit 6 will reboot.

CGI Scripts :
An acronym for Common Gateway Interface, CGI is an interface that enables you to run external programs on your server for performing specific functions.
CGI is executed in real-time, it output dynamic information instantly so CGI can be considered as a way of interfacing your custom programs with HTTP or WWW servers, so that a server can offer interactive sites instead of just static text and images. CGI programs can be written in Perl, Java, Visual Basic and C.

How it works :
The Common Gateway Interface (CGI) allows information to pass between a Web site’s server and a program usually written in Perl or Java that lives in the “CGI bin” on that server. You send information from your browser to the server; the server passes the information through the CGI gateway to the Perl/Java program; the Perl/Java program does its thing to the information (perhaps conducting a query of a database and creating an HTML page that lists the results), then sends the information back through the CGI gateway to the server, and the server returns the information to your browser.

Uploading CGI scripts :
All CGI programs must be uploaded to your cgi-bin directory. You should be sure to use ASCII mode when uploading Perl scripts.

Calling CGI scripts :
In your HTML documents, reference your CGI script using following path: http://www[DOT]yourdomain[DOT]com/cgi-bin/script.

Precautions to be taken while developing customized CGI scripts :
You should take atmost care while using CGI scripts as they area more vulnerable to attacks, a buggy CGI script can leak sufficient system information to compromise the host.
Quite a number of widely distributed CGI scripts contain known security holes. Many of the ones that are identified here have since been caught and fixed, but if you are running an older version of the script you may still be vulnerable. Get rid of it and obtain the latest version. If there is no fix for a script, just get rid of it.

While you are developing custom CGI scripts avoid
*) Giving out too much information about your site and server host. ( eg : For example, the “finger” command often prints out the physical path to the fingered user’s home directory and scripts that invoke finger leak this information )
*) If you’re coding using some compiled language like C, avoid making assumptions about the size of user input.
(While coding if you made the assumption that user input provided by a POST request will never exceed the size of the static input buffer then a wily hacker can break this type of program by providing input many times that size. The buffer overflows and crashes the program; in some circumstances the crash can be exploited by the hacker to execute commands remotely.

Sometimes you face the problem of bandwidth leakage, even you don’t see much traffic for your site your controlpanel shows heavy bandwidth usage. So you must check what is going wrong with your bandwidth.
There can be many reasons for this but first of all you should check for your images/video and take care for not being compromised or hotlinked. Some blackhat webmaster tries to save their bandwidth by hotlinking files at other sites.

What is Hotlink :
When you link to an image/video on someone else’s server instead of saving that image to your computer and uploading it to your blog/site. When you do this you are stealing bandwidth of the other linking site.
When your visitor loads the page with those images, they are actually loading image/video from the other site eating up the bandwidth of that site.

Some webmaster do such unethical practices as to save their bandwidth, as they have limited amount of bandwidth allowed each month and if it get exceeded then their host may suspend their account so they play such tricks. As a webmaster we should be aware of such illegal practices and should protect us.

How to Detect The Bandwidth Thieves :
Most effective way to check who are the culprits is through checking your web server logs for referrals to the images on your website. Trace the referrers in the logs to the actual referring website and check the offending web page. If you find your graphics displayed on their page, check the HTML source for that page and find out where the graphic files are hosted. If the IMG tag points to your website, it means they are using your bandwidth for their website.

How to protect yourself :
Using .htaccess, you can disallow hot linking on your server, so those attempting to link to your images are either blocked (failed request, such as a broken image) or served with different content may be with some funny image.
Note that mod_rewrite needs to be enabled on your server in order for this aspect of .htaccess to work. If you are using Wordpress, there is a hotlink protection plugin that you can install which fights bandwidth theft.

To block a particular website on your computer follow the following steps:

Step 1:

Go to

C:\WINDOWS\system32\drivers\etc

Step 2:

Open a “host” file in notepad. At the bottom of the line, you can see as follows
127.0.0.1 localhost

Add the following line at the end

Ex: 127.0.0.1 www.abcxyz.com localhost

The above code is written to block www.abcxyz.com website on my pc.

First let me explain to the best of my knowledge what does mod_security means ?

Mod_Security is an open source intruction detection and prevention engine for web applications, you can also say is a web application firewall. Operating as an Apache Web server module. The current stable version of it is 1.9.4.The purpose of ModSecurity is to increase web application security, protecting web applications from unknown attacks.

Now, lets go for the installation.

1. Login to the server with root password.

2. Downlaod of the latest version of mod_security

wget www.modsecurity.org/download/mod_security-1.7.4.tar.gz

3 Untar the file.

tar zxvf mod_security-1.7.4.tar.gz

4. Now, cd mod_security-1.7.4/

5. Now check for apache version is installed on the server

APACHE 1.3.x users
cd apache1/
APACHE 2.x users
cd apache2/

6. Compliling the module

/usr/local/apache/bin/apxs -cia mod_security.c

7. Edit the apache config file now, just take the backup of the file if needed for precaution.

vi /usr/local/apache/conf/httpd.conf

Now, make or check the following things there

# Turn the filtering engine On or Off
SecFilterEngine On

# Change Server: string
SecServerSignature ” ”

# Make sure that URL encoding is valid
SecFilterCheckURLEncoding On

# This setting should be set to On only if the Web site is
# using the Unicode encoding. Otherwise it may interfere with
# the normal Web site operation.
SecFilterCheckUnicodeEncoding Off

# Only allow bytes from this range
SecFilterForceByteRange 1 255

# The audit engine works independently and
# can be turned On of Off on the per-server or
# on the per-directory basis. “On” will log everything,
# “DynamicOrRelevant” will log dynamic requests or violations,
# and “RelevantOnly” will only log policy violations
SecAuditEngine RelevantOnly

# The name of the audit log file
SecAuditLog /var/log/httpd/audit_log

# Should mod_security inspect POST payloads
SecFilterScanPOST On

# Action to take by default
SecFilterDefaultAction “deny,log,status:500″

# Require HTTP_USER_AGENT and HTTP_HOST in all requests
SecFilterSelective “HTTP_USER_AGENT|HTTP_HOST” “^$”

# Prevent path traversal (..) attacks
SecFilter “../”

# Weaker XSS protection but allows common HTML tags
SecFilter “”

# Very crude filters to prevent SQL injection attacks
SecFilter “delete[[:space:]]+from”
SecFilter “insert[[:space:]]+into”
SecFilter “select.+from”

# Protecting from XSS attacks through the PHP session cookie
SecFilterSelective ARG_PHPSESSID “!^[0-9a-z]*$”
SecFilterSelective COOKIE_PHPSESSID “!^[0-9a-z]*$”

8. Last but not the least — Restart Apache.

You have done with the installation’s

Hacker the first inpression comes to our mind is the computer criminal sitting at some unkknown location and fetching or destrying our important data. Most people straightway start associating the term Hackers with computer criminals or people who cause harm to systems, release viruses and so on. In reality, that is not true at all!

Hackers are actually good, pleasant and extremely intelligent people, who by using their knowledge in a constructive manner help organizations to secure documents and company secrets, help the government to protect national documents of strategic importance and even sometimes help justice to meet its ends by ferreting out electronic evidence. Rather, these are the people who help to keep computer criminals on the run.

On the other hand, crackers are the real bad guys or the criminals who indulge in cyber crime, deface websites, release viruses, steal credit card numbers and create havoc on the Internet.

If everybody who uses the Internet understood its risks, if everybody who uses the Internet understood how the computer criminals work, if everybody who uses the Internet understood the tools and techniques already known to the bad guys, then the Internet would be a much safer place to be in. Wouldn’t Internet users be able to better protect their data and systems if they were more aware of how computer criminals work? If we are able to learn and understand how someone can break into our system, then wouldn’t we fix the loopholes even before the cracker strikes? All I want to say is that instead of being resentful and afraid of fire, it would be much better if we learn to live with fire. Let us fight fire with fire itself! We manufacture knives every single day. A knife in the hands of a murderer can take lives, but the same knife in the hands of a surgeon can save lives! So just because there is a risk of a knife being misused by murderers, that does not mean that we should stop manufacturing knives.

Thats why learn how to hack but do not missuse your talent.

If you are searching for any article on how to disable USB drive then here is the solution for it. Below mentioned method explains how to disable ONLY USB storage devices (flash/Jump/external HD’s) completely without disabling keyboards, mice, etc.

The first thing you will do is that you will disable it from the BIOS setting but it may not be possible to secure the BIOS setting from other users to set by setting the password for it cause if you are going to do that on too many computer then you will have to remember the BIOS password for all the computer. If it is for few computer then your best option is to disable the USB ports in BIOS settings. Then, set a BIOS password. Finish up with case locks or other security hardware so that users cannot open the case, and then reset the CMOS memory.

What you will do if that may not be possible for you to remember the BIOS password for all of them and you do not want it to be disable from the BIOS.

If you want to do some tweaks in windows and if you are a real technician then you will read this sol
First thing to do is this solution.

I. Go to start >> run >> regedit and navigate to HKLM\system\currentcontrolset\services\USBstor.

II. Change the value of the REG_DWORD “Start” from Value Data 3 to 4. If the dword “Start” doesnt exist, create it. This will prevent a previously installed USB device from loading when the device is plugged into the machine. ((As most of you know this a Microsoft suggestion, which does work perfectly at disabling previously installed devices, however, this alone will not disable USB storage completely. If a user plugs a new USB storage device into the machine the device will install and the dword value will be reset to 3. Now if you incorporate adding this into a script it alone will disable USB drives, but only after a user plugs a device in, removes it without uninstalling it, logs off then logs back on, thereby running the script. This means that there is a window of opportunity for users to have access to new devices, this may be acceptable for some, but not for others.))

II. The next thing to do is to change the permisions on the USBSTOR key. You need to DENY full control on the “system” group.

What this does is denies everyone the ability to access the USBStor key, effectively killing the ability for any user (including admins) to install USB storage devices. Now the reason you deny the “system” group is because windows will use this account if no one is logged onto the machine yet. What I mean by this is if say you want to deny a group of users called “staff”, you would need to deny them using GP or a logon script. This will work great, but, if a “staff” group user plugs a USB drive in before logging in to Windows the device will be installed using in the backgroud using the “system” group, then when the user logs in the “staff” group policy is applied dening the user access to the USBstor key, but by this point it makes no difference because the devices is already installed and accessible and once a device is installed the usbstor key is no longer used.))

III. So now that these two steps are are done, *NO ONE* will be able to install USB drives.

If a user tries to use a previously installed drive the device will be blocked and nothing will happen, no prompts, nothing. This is accomplished through step 1, the dword value.

What happens if a user plugs in a “New” device that was not previously installed, the hardware wizard will run, asking for the location of drivers. Regardless of whether a user selects the “automatically” search and install or if they attempt to manually install 3rd party drivers, the HW wizard will prompt the user that “access is denied” once the drivers are selected. This is the result of step 2, denying “system”.

Now that we know how to disable USB storage devices we need to find an efficient way to do this without driving through the registry on each and every machine.

` killing USB drives quickly and easily.

Create 2 batch files, 1 batch to disable and another for administrators that will re-enable USB drives if the need arises.

1: First thing is to get a copy of the tool “subinacl.exe”. This tool is included with MS Server 2003 RK.

(What subinacl allows you to due is set specific permissions on the exact group or user, etc.. that you need to, this includes permissions on registry Keys which is what we will be doing.)

2: Once you have a copy of “subinacl.exe” set up a folder for your batch files. In my particular case I wanted these batch files available on the network so I created a shared folder named “DisableUSB” on a server. Next I created a subfolder within “DisableUSB” called “subinacl”. Put a copy of “subinacl.exe” in this folder.

3. Next thing to do is create 2 “reg” files in the subfolder “subinacl”. I named the 2 files “dword3.reg” and “dword4.reg”. These files are going to be used to change the value of the dword “start” in the registry key Usbstor.

I assume most probably know how do create reg files, this is what should be in the files:

For “dword3.reg”
******
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Servic es\USBSTOR]
“Start”=dword:00000003

*change the 3 to a 4 for “dword4.reg”*

4. Now put these 2 files in the “subinacl” folder if they weren’t created there.

All the pieces should now be in place. For this example we have a shared folder (on no particular server) called “disableUSB”. Within this folder is a subfolder “subinacl” that has subinacl.exe, dword3.reg, and dword4.reg within it.

5 . Now to create the 2 batch files. I created these 2 files under the main share folder (disableUSB). One is called “disableUSBdrives.bat” which, you guessed it, disables drives, and the other for re-enabling drives, “enableUSBdrives.bat”.

This is how disableUSBdrives.bat is set up:

@echo off
cls
regedit /s \\servername\disableUSB\Subinacl\dword4.reg
\\servername\DisableUSB\Subinacl\subinacl.exe /keyreg \system\currentcontrolset\services\usbstor /deny=system
pause
cls
echo.
echo **USB drives disabled**
echo.
Pause

*the path will differ of course. \\servername is just an example.

for “enableUSBdrives.bat” simply change change “dword4.reg” to “dword3.reg” AND “deny=system” to “grant=system”

Notice that the only real meat to these batch’s is running regedit and running subinacl. Everything else (cls,pause,echo) is optional, for my particular situation it was needed.

6. Go the machines that you want to disable USB drives on and run the disableUSBdrives batch from the network share.

And that’s it.
USB drives gone.

Now of course running a batch from each machine is still time consuming, but In my particular situation it had to be done this way, and is obviously much faster than driving through the registry.

The most efficient way to incorporate this would be with logon scripting. Unlike with just using the dword start=4 trick, after this script is run, there is no way for joe blow user to use any of his nifty little Jumpdrives or his hot new hard drives.

Also note that folder names and locations can be set up in any way and anywhere as long as the batch files point to the right place.

If your os keeps on giving you the alert that ur xp is not genuine, you know that it is not but how will you avoid it.

Just try this patch
Lauch Windows Task Manager.
End wgatray.exe process in Task Manager.
Restart Windows XP in Safe Mode.
Delete WgaTray.exe from c:\Windows\System32.

Delete WgaTray.exe from c:\Windows\System32\dllcache.

Lauch RegEdit.