Threats, Attacks, Hackers & Crackers
Introduction
Every time a home PC or small home/office network goes online, it connects to thousands of unknown networks and millions of their users. Connecting to Internet provides the opportunities to communicate and share information with others. But it also gives opportunities to Internet users that are involved in malicious activities. Its often believed by many that they don't possess anything that would be of any interest to intruders. But in most of the computer attacks, these computers are used as launching pads to spread viruses, worms and other attacks. They just serve as one link in a chain of multiple compromised systems.
Security concerns of a home network or SOHO are similar to those of big corporate networks. Faster Internet connections are becoming popular and as they are "always on"; the computer networks are becoming more vulnerable to attacks. Possible attacks on SOHO and home networks include a Denial of Service (DOS) attack, a Distributed Denial of Service (DDOS) attack using SOHO networks, accessing and destroying confidential information on the system, etc. The only way to secure a computer from online intruders is to turn it off or by disconnecting it from the Internet. According to the experts, use of firewalls is the best way of securing a computer network from online intrusion. Firewalls are the first line of defense in protecting computers. A firewall filters the network traffic on the basis of certain pre set rules, hence protecting one network from another. However, there are other tools that can be used to protect the networks like antivirus software, anti hacker tools, etc. Protecting personal computers using PC monitoring tools, file protection tools and password security tools further enhances the security mechanism of the small networks.
After reading the last chapter, you might have gone and updated your computer with the appropriate patches and hotfixes.�You might of even given encryption a try on some of your most sensitive materials.� You are even careful to keep your computer locked up, away from those who mean you harm.� There is, however, so much more to securing your computer.�In this chapter, we will look at Internet security.�
There are several issues that arise when talking about Internet security.� In the last chapter, we talked a lot about patches and hotfixes, but in this chapter, I will focus mainly on protecting your computer from hackers.�
Hackers have been around since the dawn of the Internet.� Some hackers are benign, they actually work for computer security companies to find holes in software and provide better ways to protect computers and their owners.� On the other side of this are the hackers who have malicious intents, to steal your hard work, your personal and credit information for their own gain. Hackers are generally a smart crowd, and if you put enough obstacles in their way, they will move on to an easier target.���
Before we get on to that, there is a little background information you should know.� For those of you out there with dial-up, a hacker can only break into your computer while you are dialed in.� That may seem obvious enough, but it is also a way to keep the computer safe. There is only a limited amount of time per day or week, depending on your personal Internet use habits, that a hacker can get into your computer.� A computer with DSL or a broadband connection is always connected to the Internet, so a hacker can come in at any time to steal your information.� Don't get me wrong, it is not that those of you with dial-up need not worry about things such as firewalls, but I want to emphasize how important these steps are, especially to those of you with DSL or broadband Internet connections.
A hacker breaks into a computer by finding out that computer's IP address.� The hacker sends out probes over the Internet looking for live IP addresses, if they find your computer, they look at what kind of security system you have.�� This is another advantage of the dial-up connection.� Every time you leave and come back, your IP address changes, making it harder for the hacker to track you down.� For DSL and cable users, the IP address is always the same, making it very easy for a hacker to spot you and keep an eye on you.� In any case, people often run their computers with multiple applications, like e-mail, web browsers, and maybe a word processing program running on the same IP address.� Each of these applications will have a port that identifies them on the computer.� Hackers get into your computer by finding a port that has been left open due to poor security and using that port to access the rest of your computer.�
People who use dial-up may be thinking that they are bullet proof, that no hacker can get to them, but this is not true.� A hacker can use a "backdoor" or a "Trojan Horse" to find the computer again.� The hacker can install these programs, and, if they are not given enough time to find what they are looking for on your computer, the Trojan Horse will signal back to the hacker so the hacker knows where to look without having to probe IP addresses hoping to find specifically you again.�
Needed Computer Layers of Protection
As you may have already guessed, when it comes to Internet security, it is best to have more than one system of protection in place.� In the wintertime, people layer their clothing to provide better protection against the elements.� In much the same fashion, it is important to have several layers of protection against software.� This is important because computers are only software, man-made mechanisms that are sometime fallible.� Having several layers of protection allows you to safeguard against any holes in any security software.� What follows are a list of layers that any computer should have.� Some of these you will already have, some of them you might have not yet thought of.
- Internet Service Provider.� Make sure to choose an ISP that offers anti-virus and Spam filters for your email.
- Firewall. This is especially important if you have a cable or DSL modem.� A firewall inspects every packet of information, either trying to go out or trying to come in, to see if that information should pass through.�
- Sever the connection.� There are several products, hardware, that will sever your Internet connection automatically when you stop surfing.� This allows the DSL and cable users the same protection that dial-up users get with the convenience and speed of cable and DSL.
- Consider switching browsers and e-mail providers. Many security and privacy attacks are aimed at Windows and Microsoft product users.� Switching to Linux or Macintosh can help protect you from attacks.� Most people won't do this, but if you were considering it anyway, think of this as another reason to make the switch.�
- Disable printer sharing on your computer.� The connection here may not seem apparent.� This option was intended for local, secure area networks (LAN's).� This option allows others to gain full access to the computer's hard drive.
- Never give out passwords via email.� This may seem obvious, but never ever give out a password via e-mail. E-mail can be read too, and, perhaps more dangerously, hackers can send you e-mail from a boss's computer.� If your boss or an IT person needs your password, give them a call or walk down to their office to tell them.�
Hacking and Cracking
In the early years of computers, hacking had a positive connotation in the computing field. Computer wizards and geniuses from MIT and Stanford proudly claimed the hacker title. 'To hack' was to figure out something that a normal programmer could not think. However, the meanings of this term have changed in recent times. Today, hacking is associated with individuals who maliciously invade computer systems without authorization. It can be to get someone's credit card number or to get into somebody's bank accounts or just for the fun of doing so. Crackers and script-kiddies are two other more commonly used terms describing those involved in the break in or disruption of an online service.
Data communication is based on a set of handshakes to ensure the smooth and reliable flow of information. A hacker who is between a client and a server and is able to spoof (illegally duplicate) the IP address and sequence numbers can attack either machine in several ways. The hacker can disable one of the machines and take the identity of the other, or the hacker can mimic either machine and carry on conversations impersonating the other. A hacker could also attach additional information to a client request and strip the corresponding additional response from the packet before forwarding the remaining response to the client's original request. All this is done while having access to information that is assumed to be going back and forth between two 'trusted' systems. All electronic transmissions such as emails, Internet, intranet, etc can theoretically be monitored. Since most computers are part of network(s), spying on data transmissions is a major concern.
Hackers can include both outsiders and insiders and security problems can occur in any networked environment. Many of the problems are related to the exploitation of the original design of the TCP/IP suite of internetworking protocols, but the majority of them are due to configuration or operator errors. Although current losses due to hacker attacks are significantly smaller than losses due to insider theft and sabotage, the hacker problem is widespread and serious. Industrial espionage often involves the use of hacking techniques and can be perpetrated either by companies seeking to improve their competitive advantage or by governments seeking to aid their domestic industries. Foreign industrial espionage carried out by a government is often referred to as economic espionage.
Recent years have seen a rapid growth of the Internet and online transactions. It is estimated that online transactions would reach well over a trillion dollars in the coming years. With such high stakes, it makes sense for all parties involved to secure the Internet. Haphazard handling of financial and personal information can lead to the Internet being constantly associated with fraud and privacy abuses instead of being a viable commerce medium.
Threats and Attacks Defined
Modern computer systems, linked by national and global networks, face a variety of threats and attacks that can result in significant financial and information losses. These threats vary considerably, from threats to data integrity resulting from accidental, unintentional errors and omissions to threats from malicious hackers attempting to crash a system.
Threats can be seen as potential violations of security and exist because of vulnerabilities, i.e. weaknesses, in a system. Computer systems are vulnerable to many threats, which can inflict various types of damage resulting in significant losses. There are two basic types of threats: accidental threats that result in either an exposure of confidential information or cause an illegal system state to occur and attacks that are intentional threats.
Accidental Threats
Accidental threats to security can be generated by system malfunctions, bugs in software or operational mistakes. Users, data entry clerks, system operators, and programmers frequently make unintentional errors, which contribute to security problems, directly and indirectly. Sometimes the error (such as a data entry error or a programming error) results in a system to crash while in other cases, the errors create vulnerabilities. These exposures can emerge from both hardware and software failures as well as from user and operational mistakes, and result in a violation of the confidentiality of the information or resource. For e.g., a threat to security could occur if a confidential or important mail reaches a wrong person unintentionally.
Threats by the ways of errors can occur in all phases of the system life cycle. Programming and development errors, often called bugs, range in severity from benign to catastrophic. Installation and maintenance errors can also cause security problems. These errors and omissions are important threats to data integrity. In the past decade, software quality has improved reducing this threat, yet there are instances when even the most sophisticated programs and software have failed.
Another instance of accidental loss can be the loss of supporting infrastructure that includes power failures, loss of communications, water outages and leaks, sewer problems, fire, flood, civil unrest, strikes, and so forth. These losses include events such as World Trade Center attacks and the Chicago tunnel flood along with other common events such as a broken water pipe. A loss of infrastructure often results in system downtime and loss of information and resources.
Attacks
An attack is an intentional threat and is an action performed by an entity with the intention to violate security. Examples of attacks are destruction, modification, fabrication, interruption or interception of data. An attack is a violation of data integrity and often results in disclosure of information, a violation of the confidentiality of the information, or in modification of the data. An attacker can gain access to sensitive information by attacking in several steps, where each step involves an illegal access to the system. An intentional threat can be caused by an insider or outsider, can be a spy, hacker, corporate raider, or a disgruntled employee.
Any attack on the security of a system can be a direct and indirect attack. A direct attack aims directly at the desired part of the data or resources. Several components in a system may be attacked before the intended (final) information can be accessed. In an indirect attack, information is received from or about the desired data/resource without directly attacking that resource. Indirect attacks are often troublesome in database systems where it is possible to derive confidential information by posing indirect questions to the database. Such an indirect attack is often called inference.
Passive Attacks
Passive attacks are made by monitoring a system performing its tasks and collecting information. In general, it is very hard to detect passive attacks since they do not interact or disturb normal system functions. Monitoring network traffic, CPU and disk usage, etc are examples of passive attacks. Encryption of network traffic can only partly solve the problem since even the presence of traffic on a network may reveal some information. Traffic analysis such as measuring the length, time and frequency of transmissions can be very valuable to detect unusual activities.
Active Attack
An active attack changes the system behavior in some way. Examples of an active attack can be to insert new data, to modify, duplicate or delete existing data in a database, to deliberately abuse system software causing it to fail and to steal magnetic tapes, etc. A simple operation such as the modification of a negative acknowledgment (NACK) from a database server into a positive acknowledgment (ACK) could result in great confusion and/or damage. Active attacks are easier to detect if proper precautions are taken.
Covert Channels
A Covert channel is a simple and an effective mechanism for sending and receiving information data between machines without alerting any firewalls and IDS's on the network. It is an unprotected channel that can be used to send confidential information to unauthorized entities and thereby violate security. In general, it is very hard to identify covert channels in a system since they can be of many different types:
- Message length variations during transmissions
- Time and length of transmissions
- Presence and size of files
- Creation time for objects
- Modulation of disk usage
- CPU time usage, etc.
This technique derives its stealthy nature from the fact that it sends traffic through ports that most firewalls permit through. In addition, it can bypass an IDS by appearing to be an innocuous packet carrying ordinary information (when in fact it is concealing its actual data in one of the several control fields in the TCP and IP headers). Mandatory encryption of communication does not prevent the use of a covert channel by any entity to send information to another entity. Covert channels can further be classified as timing channels and storage channels. Timing channels are those covert channels that modulate a resource in time, while storage channels are those channels where actions like creation of objects reveal information to other entities.
It is very hard to completely eliminate covert channels in a system. A covert channel with a high bandwidth constitutes a higher threat than a covert channel with a low bandwidth; so most security mechanisms try to reduce the bandwidth of these channels as much as possible. Even a covert channel with a bandwidth as low as 100 baud is in some environments considered to be dangerous. However, actions to limit covert channel bandwidths always limit system performance. For example, in order to avoid the length of messages from being used as an information carrier, all messages can be forced to be of equal length. The problem with this method is that it reduces the available bandwidth of the network as well.
Dealing with Attacks
To deal with any sort of threat or attack on the security of computers, there must be proper security mechanisms in place. Security mechanisms are method, tool, or procedure used to implement the rules stated in the security policy. By specifying "secure" and "non-secure" actions in the security policies, these security mechanisms can help in preventing, detecting and recovering from any attack. The strategies may be used together or separately. Security mechanisms can be classified as: prevention, detection and recovery mechanisms. Within each group, there are many security mechanisms available, where each mechanism focuses on a specific kind of threat and deals with a specific form and aspect of security.
A security prevention mechanism is one that enforces security during the operation of a system by preventing a security violation from occurring. For example restricting physical access to servers, machines or the use of access control mechanisms based on encryption to prevent unauthorized users from accessing objects, etc. Usually prevention involves implementation of mechanisms that users cannot override and that are trusted to be implemented in a correct, unalterable way, so that the attacker cannot defeat the mechanism by changing it. Preventative mechanisms are often very cumbersome and interfere with system use to the point that they hinder normal use of the system. However, some simple prevention mechanisms, such as passwords (to prevent unauthorized users from accessing the system), have become widely accepted.
A detection mechanism is used to detect both attempts to violate security and successful security violations, when or after they have occurred in a system. The goal of the detection mechanism is to determine that an attack is underway, or has occurred, and report it. Alarms can be used to detect unauthorized physical accesses and audit trails can be used to detect unusual system activities after they have occurred. Typical detection mechanisms monitor various aspects of the system, looking for actions or information indicating an attack. A good example of such a mechanism is one that gives a warning when a user enters an incorrect password three times. The login may continue, but an error messages in a system log reports the unusually high number of mistyped passwords. The resources protected by the detection mechanism must be monitored continuously or periodically.
A recovery mechanism is for restoring the system to a pre-security violation state and is normally used after a security violation has been detected. For example if the attacker deletes a file, a recovery mechanism could be to restore the file from backup tapes. Practically, recovery is far more complex due to the unique nature of each attack. Moreover, the attacker may return, so recovery involves identification and fixing of the vulnerabilities used by the attacker to enter the system. In some cases, retaliation (by attacking the attacker's system or taking legal action) is part of recovery.
It is also possible to make mechanisms that belong to several of these categories. A program registering all unusual system activities and thus working as a detection mechanism, may also prevent security breaches from occurring simply because it exists. In a system with a total lack of vulnerabilities and where the security prevention mechanisms fully implement all rules stated in the security policy, there would be no need for detection and recovery mechanisms.
Below are few techniques or tools that will help in implementing these security mechanisms.
Physical Access Security
The first line of defense locally to protect network equipment such as servers, switches, and routers is to keep them in a locked, climate controlled, and fire protected environment. If equipment is not physically accessible to unauthorized personnel, there is less chance of accidental or intentional tampering. It is important that access to critical system components such as the server is restricted to a small number of individuals (usually the administrator and his backup). The server should be located in a locked room to which access is restricted. Other considerations should include protection of equipment against theft, fire, and electrical hazards.
Login / Password Security
One of the main computer security elements is login names and passwords. Every system uses some form of password authentication and therefore must store a representation of the password in order to check whether a logon attempt is valid. Login and password security policy require that any user accessing a workstation or server have a valid login ID and password. Windows NT, Windows 2000, Windows XP, Novell Netware, and UNIX all have specific requirements for creating and changing passwords. The system administrator can also require that passwords be changed periodically. Setting screen savers that time out and activate the workstation lock are additional measures that enhance login security. If hardware manufactures supports, one can also set a NetBios password. This password is hardware dependent, less trivial to bypass than other passwords and comes up before an interloper has access to anything.
It has been common knowledge for quite some time that login names and password authentication schemes are inherently weak. Users usually choose bad passwords (i.e., ones that can easily be guessed), write passwords down, and mail passwords to co-workers or share passwords freely by telephone. For this reason, high security environments do not rely on password authentication alone, but combine password security with smart cards or biometrical authentication systems (finger, voice or eye iris scan).
Anti-Virus Software
In last few years, with the extensive use of the Internet, networks, and email, computers have become more vulnerable to virus attacks and threats. A virus can spread any time files are shared on a local system or the Internet and can do tremendous damage to individual PCs and network servers. Therefore, an early detection and prevention mechanism is very important for the security of the computer. Using antivirus software is a good way to detect viruses and it is advisable to use antivirus software on network operating systems and workstations for adequate protection.
Antivirus software is a program that searches the computer systems for any known or potential viruses. Antivirus programs are intended to prevent and detect viruses. Antivirus software may work differently and ranges from large security packages to small programs designed to handle a specific virus. While some software are designed to scan hard disks and floppy disks for infected programs, others check for any changes in files and alert the user if there are changes, which might indicate an infection. Antiviruses are very helpful in detecting viruses that are already in a system or that are attempting to enter a system and alerting the user to take action. Anti-viral software can be set up to run automatically each time a computer boots or run an executable. And antivirus software can be executed manually in case of a virus attack or threat.
Remote Access Security
Remote access means using any of the resources of a network (file server, printers, workstations) from a remote location-that is, a location not directly attached to the network. Remote access presents particular security risks of unauthorized system access. In remote access, the remote computer takes over a computer connected to the network and operates that computer remotely. Actual data traffic remains on the network between the PC that is being controlled and the rest of the network. Only screen images, keystrokes, and mouse motion are sent across the remote link. In a remote access, as the remote user is invisible, any formal or informal security measures operating at the workplace is not effective. The remote user has access not only to network resources, but also to local resources on the controlled workstation.
Simple password protection is not at all reliable for remote access systems. Over the modem all users are equally unknown. And also remote access typically occurs during off hours when the intruder has plenty of time to experiment, try multiple passwords and avenues of access, all unnoticed. Some systems erect extensive barriers to penetration, including modem access to a limited set of programs and files. A system with external access is, however, never fully secure against smart intruders. External access can be restricted by means of automatic callback systems. With such systems users must provide the system with pre-authorized telephone numbers from which they can call the system. Under this mechanism when a user calls and identifies him to the system, the system calls him back at one of the pre-authorized numbers before the access is allowed.
Internet Firewalls
Firewalls are an excellent tool for securing a network. A firewall is system designed to prevent unauthorized access to or from a private network and basically limits access to a network from another network. Firewall that can be implemented in hardware or software, or a combination of both either denies or allows outgoing traffic known as egress filtering or incoming traffic known as ingress filtering.
In an organizational setup, firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria. A firewall should be the first line of defense in protecting the availability, integrity, and confidentiality of data in the computing environment. While a company may use packet-filtering routers for perimeter defense and host-based firewalls as an additional line of defense, in the home environment, the personal firewall plays a key role by defending the network and individual host perimeters.
Encryption
Physical access to a computer or network can allow access to sensitive data to unauthorized persons. To protect certain data from being released inappropriately, it should be encrypted before transmission. Encryption means translating the data into a secret code reversible only by an authorized user with the required key (or password). This process of recovering the encrypted data is known as decryption. Unencrypted data is called plain text and encrypted data is referred to as cipher text. However it should be noted that data encryption is a compute intensive process and should be used only when necessary.
Encryption can limit disclosure of sensitive information, but distribution of encryption keys can be a burden and the data may be compromised if key distribution is not handled appropriately. An encryption or decryption key may be distributed via a user authentication system. When a program provides inadequate security or extra protection is needed for some data or documents, an encryption/decryption program may be a useful tool.
Data Backups
Backup is the act of copying files to a second medium such as a diskette, zip drive or tape, as a precaution in case the first medium (hard disk) fails. A copy of files maintained on a second medium (a disk or tape) as a precaution in case the first medium fails. Data backup provides ways to protect data in case of a physical problem with the computer system such as a hard disk failure or power failure. It is vitally important to back up of software and key files since even the most reliable computer is apt to break down eventually. There are many techniques for backing up files depending up on the type of data, convenience of the recovery process, etc. The basic types of backups that can be performed are:
Normal or Full backups: All files that have been selected are backed up, regardless of the setting of the archive attribute. When a file is backed up, the archive attribute is cleared. If the file is later modified, this attribute is set, which indicates that the file needs to be backed up. In this type of back up, it's easy to find files when required. Since full backups include all data on the hard drive, one doesn't have to search through several disks or tapes to find the files to restore. But there is a drawback with the full backups that they are redundant backups. Since most of the files on the system rarely change, each backup following the first is mostly a copy of what has already been backed up. Also full backups take longer to perform and can be very time consuming.
Differential backups: Designed to create backup copies of files that have changed since the last normal backup. The presence of the archive attribute indicates that the file has been modified and only files with this attribute are backed up. However, the archive attribute on files isn't modified. This allows the user to perform other types of backups on the files at a later date. In comparison to the full backups, the differential backups take lesser time. Hence, it provides more efficient restores. However, differential backups are also redundant backups. Each day's backup would store much of the same information plus the latest information added or created since the last Full Backup.
Daily backups: Daily backup is designed to back up files using the modification date on the file itself. If a file has been modified on the same day as the backup, the file will be backed up. This technique doesn't change the archive attributes of files.
Disaster Recovery Plan
In today's interconnected economy, organizations are more vulnerable than ever to the possibility of technical difficulties disrupting business. Disaster recovery has taken on a new sense of urgency in recent years. Emerging issues like terrorism, hackers, computer viruses, an increased reliance on computers, and the increasing occurrence of emergencies and disasters have all led to an increased need to prepare for disasters that can affect the availability, integrity, and confidentiality of critical business resources. Disaster recovery planning is the technological aspect of business continuity planning. Disaster Recovery can be defined as the ability to respond to an interruption in services by implementing a disaster recovery plan to restore an organization's critical business functions. It incorporates not only planning for any imaginable type of disaster that may hinder the operations of a business, but also putting measures in place to avoid such disaster altogether. Disaster might be something huge like an earthquake or the terrorist attacks on the World Trade Center (that affected everything from telephones to the New York Stock Exchange) or something comparatively small like system/software failure caused by a computer virus. Disaster recovery strategies can include the use of alternate sites, redundant data centers, disaster insurance, business impact analyses and legal liabilities.
Audits
Security audits should be performed by larger organizations periodically to ensure that the organization and its users are following the security policy and preparing adequately for disaster recovery. A security audit also determines the issues such as risk to a business, breach in information security, etc. Security audit checks whether the computer/network is vulnerable to the intruders (both insider and outsiders) or not; through in-depth series of interviews and configuration checks. If audit identifies any weaknesses in company's security status, then it recommends pragmatic ways of implementing a security policy that would help in protecting personnel and vital data.
Tips for Securing Wireless Networks
- Enable the highest level of WEP that your hardware provides. WEP provides some security and is effective in deterring casual attempts by outsiders to infiltrate your network. Most 802.11b certified products can use basic 64-bit WEP encryption. By default, however, 64-bit WEP encryption may be disabled.
- Change the default Service Set Identifier (SSID) and passwords for your network devices. Access points/wireless routers ship from the manufacturer with default SSID and passwords which is the same on all devices made by that manufacturer. Leaving these at default makes it easy for a malicious outsider to gain access.
- Do not change the SSID or password to reflect your name, address, or anything that would be easy to guess. Use upper and lower case letters, numerals and symbols for the password, if the hardware supports this.
- As you survey your home for access point deployment, think about locating the access point toward the center of your home instead of near the windows. Plan your coverage to radiate out to the windows, but not beyond. If the access points are located near the windows, a stronger signal will be radiated outside your home making it easier for those outside the building to locate your network.
- Take a notebook computer that is equipped with a wireless network adapter, and go outside your home and survey what range you get in moving around your property or neighborhood. If you can connect from three or four houses away, so can someone else.
- Some access points allow you to control access based on the media access control address of the network adapter trying to associate with it. If the media access control address of your adapter is not in the table of the access point, you will not associate with it. If your access point has this feature, enable it and add the media access control addresses of the network adapters you use.
- If your access point is also a wireless router, think about assigning static IP addresses for your wireless adapters and turn off DHCP. By not automatically assigning IP addresses to clients who access the network, it makes it a little more difficult for an outsider to gain access. Also consider changing the IP subnet to a different subnet that does not route on the Internet. Many wireless routers default to the 192.168.1.0 network and use 192.168.1.1 as the default router.
- Purchase access points and network adapters that support 128-bit WEP. Some products only support 64-bit (40 bit key) WEP, and are not as secure. Note that some adapters may only require a driver upgrade to attain 128-bit WEP capability.
- Purchase an access point that has a flashable firmware. There are a number of security enhancements that are being developed, and you want to make sure that you can upgrade your access point as these become available.
- Some products support additional security features that are either not defined by the 802.11b standard, or not mandated by the standard. Products that use a propriety security method will only work with products from the same manufacturer, but can enhance the security of your network.
Change the default location of installing programs.
AS you know XP uses the C:\Program Files directory as the default base directory into which new programs are installed. However, you can change the default installation drive and/or directory by using a Registry hack. Run the Registry Editor and go to:
Start
Run
Type regedit and press enter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion.
Look for the value named ProgramFilesDir.
By default, the value will be C:\Program Files.
Edit the value to any valid drive or folder;
Now XP will use that new location as the default installation directory for new programs.This registry hack can be very useful when your c drive is full and you automatically want to change the installing directory.
Start
Run
Type regedit and press enter
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion.
Look for the value named ProgramFilesDir.
By default, the value will be C:\Program Files.
Edit the value to any valid drive or folder;
Now XP will use that new location as the default installation directory for new programs.This registry hack can be very useful when your c drive is full and you automatically want to change the installing directory.
10 things users do that can mess up their computers
Users find plenty of ways to run into trouble, from gunking up their system with shareware to leaving it exposed to attackers to forgetting about using surge protectors. Share this list with your own users so they can sidestep preventable problems like these.
We all do dumb things now and then, and computer users are no exception. Inadvertently pressing the wrong key combination or innocently clicking OK in the wrong dialog box can change important settings that alter a computer's behavior or even crash the system.
Nervous newbies are often fearful that one wrong move might break the computer forever. Luckily, short of taking a sledge hammer to the box, the consequences aren't usually quite that dire. Even so, users often do create problems for their computers and for your network. Here's a description of common missteps you can share with your users to help them steer clear of preventable problems.
#1: Plug into the wall without surge protection
Here's one that actually can physically destroy your computer equipment, as well as the data it holds. You may think your systems are in danger only during an electrical storm, but anything that interrupts the electrical circuit and then starts the current back again can fry your components. Something as simple as someone turning on an appliance that's plugged into the same circuit (especially a high voltage one such as a hair dryer, electric heater, or air conditioner) can cause a surge, or a surge may be caused by a tree limb touching a power line. If you have a power outage, you may experience a surge when the electricity comes back on.
You can protect your systems against damage from power surges by always using a surge protector, but it's important to be aware that most cheap surge protectors will survive only a single surge and need to be replaced afterward. An Uninterruptible Power Supply (UPS) is better than a surge protector; it has a battery that keeps power flowing smoothly even when there's an outage, to give you time to gracefully shut down.
#2: Surf the Internet without a firewall
Many home users plug their computers right into their spiffy new cable or DSL modems and hop onto the Internet without realizing that they're putting themselves at risk from viruses and attackers. Every Internet-connected computer should be protected by a firewall; this can be a firewall built into the broadband modem or router, a separate firewall appliance that sits between the modem/router and the computer, a server at the network's edge running firewall software, or personal firewall software installed on the computer (such as ICF/Windows Firewall built into Windows XP or a third-party firewall program like Kerio or ZoneAlarm).
One advantage of personal firewalls on laptop computers is that they're still with you when you take the computer on the road and plug into a hotel's DSL or cable port or connect to a wireless hotspot. Just having a firewall isn't enough, though. You must also be sure it's turned on and configured properly to protect you.
#3: Neglect to run or update antivirus and anti-spyware programs
Let's face it: Antivirus programs can be a royal pain. They're always blocking some application you want to use, you often have to disable them to install new software, and they have to be updated on a regular basis to do any good. Seems like the subscription is always expiring and prompting you to renew it--for a fee, in many cases. But in today's environment, you can't afford to go without virus protection. The malicious programs that AV software detects--viruses, Trojans, worms, etc.--can not only wreak havoc on your system but can spread via your computer to the rest of the network. In extreme cases, they can bring down the whole network.
Spyware is another growing threat; these are programs that install themselves on your computer (usually without your knowledge) and collect information from your system that is then sent back to the spyware program's author or vendor. Antivirus programs often don't address spyware so it's important to run a dedicated spyware detection and removal program.
#4: Install and uninstall lots of programs, especially betas
You like to be on the cutting edge, so you often install and try out new software. Beta programs are usually free and give you a chance to sample neat new features before most people. There are also many freeware and shareware programs made available as Internet downloads by their authors. We know you'd never do it, but some users even install pirated software or "warez."
The more programs you install, the more likely you are to run across ones that either include malicious code or that are poorly written and cause your system to behave improperly or crash. The risk is greater with pirated programs.
Even if you install only licensed, final-release commercial software, too many installations and uninstallations can gunk up the registry. Not all uninstall routines completely remove program remnants and at the least, this practice can cause your system to slow down over time.
You should install only the programs that you really need, stick with legitimate software, and try to minimize the number you install and uninstall.
#5: Keep disks full and fragmented
One of the results of installing and uninstalling lots of programs (or adding and deleting data of any kind) is that it fragments your disk. Disk fragmentation occurs because of the way information is stored on the disk: On a new, clean disk, when you save a file it's stored in contiguous sections called clusters. If you delete a file that takes up, for example, five clusters, and then save a new file that takes eight clusters, the first five clusters' worth of data will be saved in the empty space left by the deletion and the remaining three will be saved in the next empty spaces. That makes the file fragmented, or divided. To access that file, then, the disk's read heads won't find all the parts of the file together but must go to different locations on the disk to retrieve it all. That makes it slower to access. If the file is part of a program, the program will run more slowly. A badly fragmented disk will slow down to a crawl.
You can use the disk defragmenter built into Windows (Programs | Accessories | System Tools) or a third-party defrag program to rearrange these pieces of files so that they're placed contiguously on the disk.
Another common cause of performance problems and application misbehavior is a disk that's too full. Many programs create temporary files and need extra free space on the disk to operate. You can use Windows XP's Disk Cleanup Tool or a third-party program to find and delete rarely used files, or you can manually delete files to clear space on your disk.
#6: Open all attachments
Some folks just can't help themselves: Getting an e-mail message with an attachment is like getting an unexpected gift. You just have to peek inside to see what it is. But just as that package left on your doorstep could contain a bomb, that file attached to your mail message could contain code that will delete your documents or system folder or send viruses to everyone in your address book.
The most blatantly dangerous attachments are executable files--those that run code--with extensions like .exe, .cmd, and many others
for a list of file extensions for different types of executables). Files that aren't themselves executables, such as Word .doc files and Excel .xls files, can contain embedded macros. Scripts (Visual Basic, JavaScript, Flash, etc.) aren't directly executed by the computer but are run by other programs.
It used to be that you could assume plain text (.txt) or graphics (.gif, .jpg, .bmp) files were safe, but not anymore. File extensions can be spoofed; attackers take advantage of the Windows default setting that doesn't display common file extensions to name executables something like greatfile.jpg.exe. With the real extension hidden, it shows up as greatfile.jpg. So the recipient thinks it's a graphic, but it's actually a malicious program.
You should open attachments only when they're from trusted sources and only when you're expecting them. Even if the mail with the attachment appears to come from someone you trust, it's possible that someone spoofed their address or that their computer is infected with a virus that sent the attachment to you without their knowledge.
#7: Click on everything
Opening attachments isn't the only type of mouse click that can get you in trouble. Clicking on hyperlinks in e-mail messages or on Web pages can take you to Web sites that have embedded ActiveX controls or scripts that can perform all sorts of malicious activities, from wiping your hard disk to installing a backdoor program on your computer that a hacker can use to get in and take control of it.
Clicking the wrong link can also take you to inappropriate Web sites that feature pornography, pirated music or software, or other content that can get you in trouble if you're using a computer on the job or even get you in trouble with the law.
Don't give in to "click mania." Think before you click a link. Links can also be disguised in phishing messages or on Web sites to appear to take you to a different site from the ones they really point to.
#8: Share and share alike
Your mother taught you that it's nice to share, but when you're on a network, sharing can expose you to dangers. If you have file and printer sharing enabled, others can remotely connect to your computer and access your data. Even if you haven't created any shared folders, by default Windows systems have hidden "administrative" shares for the root of each drive. A savvy hacker may be able to use these shares to get in. One way to prevent that is to turn off file and printer sharing--if you don't need to make any of the files on your computer accessible across the network. This is especially a good idea if you're connecting your laptop to a public wireless hotspot.
If you do need to make shared folders accessible, it's important that they be protected by both share-level permissions and file-level (NTFS) permissions. Also ensure that your account and the local administrative account have strong passwords.
#9: Pick the wrong passwords
That brings us to another common mistake that can expose you to attacks: picking the wrong password. Even if you don't belong to a network where the administrator forces you to select strong passwords and change them regularly, you should do so. Don't pick passwords that are easy to guess, such as your birthdate, loved one's name, social security number, etc. Longer passwords are harder to crack, so make your password at least eight characters long; 14 is even better. Popular password-cracking methods use "dictionary" attacks, so don't use words that are in the dictionary. Passwords should contain a combination of alpha, numeric, and symbol characters for best security.
A long string of nonsense characters may create a password that's tough to crack, but if you can't remember it, you'll defeat the purpose by writing it down (where an intruder may be able to find it). Instead, create a phrase you can remember easily and use the first letters of each word, along with logical numbers and symbols. For example: "My cat ate a mouse on the 5th day of June" becomes "Mc8amot5doJ."
#10: Ignore the need for a backup and recovery plan
Even if you follow all these suggestions, an attacker may crash your system or your data may be corrupted or get wiped out by a hardware problem. That's why it's essential that you always back up your important information and have a plan for recovering from a system failure.
Most computer users know they should back up, but many never get around to it. Or they make an initial backup but don't update it regularly. Use the built-in Windows backup program (Ntbackup.exe in Windows NT, 2000, and XP) or a third-party backup program and schedule backups to occur automatically. Store backed up data on a network server or removable drive in a location away from the computer itself, in case of a natural disaster like flood, fire, or tornado.
Remember that the data is the most important thing on your computer. The operating system can be reinstalled and so can applications, but it may be difficult or impossible to recreate your original data. (See "10 ways to protect your data" for additional suggestions.)
Nonetheless, you can save time and frustration by backing up your system information too. You can create mirror images of your disks using popular ghost or clone programs. This will allow you to restore the system quickly instead of going through the tedious installation process.
Users find plenty of ways to run into trouble, from gunking up their system with shareware to leaving it exposed to attackers to forgetting about using surge protectors. Share this list with your own users so they can sidestep preventable problems like these.
We all do dumb things now and then, and computer users are no exception. Inadvertently pressing the wrong key combination or innocently clicking OK in the wrong dialog box can change important settings that alter a computer's behavior or even crash the system.
Nervous newbies are often fearful that one wrong move might break the computer forever. Luckily, short of taking a sledge hammer to the box, the consequences aren't usually quite that dire. Even so, users often do create problems for their computers and for your network. Here's a description of common missteps you can share with your users to help them steer clear of preventable problems.
#1: Plug into the wall without surge protection
Here's one that actually can physically destroy your computer equipment, as well as the data it holds. You may think your systems are in danger only during an electrical storm, but anything that interrupts the electrical circuit and then starts the current back again can fry your components. Something as simple as someone turning on an appliance that's plugged into the same circuit (especially a high voltage one such as a hair dryer, electric heater, or air conditioner) can cause a surge, or a surge may be caused by a tree limb touching a power line. If you have a power outage, you may experience a surge when the electricity comes back on.
You can protect your systems against damage from power surges by always using a surge protector, but it's important to be aware that most cheap surge protectors will survive only a single surge and need to be replaced afterward. An Uninterruptible Power Supply (UPS) is better than a surge protector; it has a battery that keeps power flowing smoothly even when there's an outage, to give you time to gracefully shut down.
#2: Surf the Internet without a firewall
Many home users plug their computers right into their spiffy new cable or DSL modems and hop onto the Internet without realizing that they're putting themselves at risk from viruses and attackers. Every Internet-connected computer should be protected by a firewall; this can be a firewall built into the broadband modem or router, a separate firewall appliance that sits between the modem/router and the computer, a server at the network's edge running firewall software, or personal firewall software installed on the computer (such as ICF/Windows Firewall built into Windows XP or a third-party firewall program like Kerio or ZoneAlarm).
One advantage of personal firewalls on laptop computers is that they're still with you when you take the computer on the road and plug into a hotel's DSL or cable port or connect to a wireless hotspot. Just having a firewall isn't enough, though. You must also be sure it's turned on and configured properly to protect you.
#3: Neglect to run or update antivirus and anti-spyware programs
Let's face it: Antivirus programs can be a royal pain. They're always blocking some application you want to use, you often have to disable them to install new software, and they have to be updated on a regular basis to do any good. Seems like the subscription is always expiring and prompting you to renew it--for a fee, in many cases. But in today's environment, you can't afford to go without virus protection. The malicious programs that AV software detects--viruses, Trojans, worms, etc.--can not only wreak havoc on your system but can spread via your computer to the rest of the network. In extreme cases, they can bring down the whole network.
Spyware is another growing threat; these are programs that install themselves on your computer (usually without your knowledge) and collect information from your system that is then sent back to the spyware program's author or vendor. Antivirus programs often don't address spyware so it's important to run a dedicated spyware detection and removal program.
#4: Install and uninstall lots of programs, especially betas
You like to be on the cutting edge, so you often install and try out new software. Beta programs are usually free and give you a chance to sample neat new features before most people. There are also many freeware and shareware programs made available as Internet downloads by their authors. We know you'd never do it, but some users even install pirated software or "warez."
The more programs you install, the more likely you are to run across ones that either include malicious code or that are poorly written and cause your system to behave improperly or crash. The risk is greater with pirated programs.
Even if you install only licensed, final-release commercial software, too many installations and uninstallations can gunk up the registry. Not all uninstall routines completely remove program remnants and at the least, this practice can cause your system to slow down over time.
You should install only the programs that you really need, stick with legitimate software, and try to minimize the number you install and uninstall.
#5: Keep disks full and fragmented
One of the results of installing and uninstalling lots of programs (or adding and deleting data of any kind) is that it fragments your disk. Disk fragmentation occurs because of the way information is stored on the disk: On a new, clean disk, when you save a file it's stored in contiguous sections called clusters. If you delete a file that takes up, for example, five clusters, and then save a new file that takes eight clusters, the first five clusters' worth of data will be saved in the empty space left by the deletion and the remaining three will be saved in the next empty spaces. That makes the file fragmented, or divided. To access that file, then, the disk's read heads won't find all the parts of the file together but must go to different locations on the disk to retrieve it all. That makes it slower to access. If the file is part of a program, the program will run more slowly. A badly fragmented disk will slow down to a crawl.
You can use the disk defragmenter built into Windows (Programs | Accessories | System Tools) or a third-party defrag program to rearrange these pieces of files so that they're placed contiguously on the disk.
Another common cause of performance problems and application misbehavior is a disk that's too full. Many programs create temporary files and need extra free space on the disk to operate. You can use Windows XP's Disk Cleanup Tool or a third-party program to find and delete rarely used files, or you can manually delete files to clear space on your disk.
#6: Open all attachments
Some folks just can't help themselves: Getting an e-mail message with an attachment is like getting an unexpected gift. You just have to peek inside to see what it is. But just as that package left on your doorstep could contain a bomb, that file attached to your mail message could contain code that will delete your documents or system folder or send viruses to everyone in your address book.
The most blatantly dangerous attachments are executable files--those that run code--with extensions like .exe, .cmd, and many others
for a list of file extensions for different types of executables). Files that aren't themselves executables, such as Word .doc files and Excel .xls files, can contain embedded macros. Scripts (Visual Basic, JavaScript, Flash, etc.) aren't directly executed by the computer but are run by other programs.
It used to be that you could assume plain text (.txt) or graphics (.gif, .jpg, .bmp) files were safe, but not anymore. File extensions can be spoofed; attackers take advantage of the Windows default setting that doesn't display common file extensions to name executables something like greatfile.jpg.exe. With the real extension hidden, it shows up as greatfile.jpg. So the recipient thinks it's a graphic, but it's actually a malicious program.
You should open attachments only when they're from trusted sources and only when you're expecting them. Even if the mail with the attachment appears to come from someone you trust, it's possible that someone spoofed their address or that their computer is infected with a virus that sent the attachment to you without their knowledge.
#7: Click on everything
Opening attachments isn't the only type of mouse click that can get you in trouble. Clicking on hyperlinks in e-mail messages or on Web pages can take you to Web sites that have embedded ActiveX controls or scripts that can perform all sorts of malicious activities, from wiping your hard disk to installing a backdoor program on your computer that a hacker can use to get in and take control of it.
Clicking the wrong link can also take you to inappropriate Web sites that feature pornography, pirated music or software, or other content that can get you in trouble if you're using a computer on the job or even get you in trouble with the law.
Don't give in to "click mania." Think before you click a link. Links can also be disguised in phishing messages or on Web sites to appear to take you to a different site from the ones they really point to.
#8: Share and share alike
Your mother taught you that it's nice to share, but when you're on a network, sharing can expose you to dangers. If you have file and printer sharing enabled, others can remotely connect to your computer and access your data. Even if you haven't created any shared folders, by default Windows systems have hidden "administrative" shares for the root of each drive. A savvy hacker may be able to use these shares to get in. One way to prevent that is to turn off file and printer sharing--if you don't need to make any of the files on your computer accessible across the network. This is especially a good idea if you're connecting your laptop to a public wireless hotspot.
If you do need to make shared folders accessible, it's important that they be protected by both share-level permissions and file-level (NTFS) permissions. Also ensure that your account and the local administrative account have strong passwords.
#9: Pick the wrong passwords
That brings us to another common mistake that can expose you to attacks: picking the wrong password. Even if you don't belong to a network where the administrator forces you to select strong passwords and change them regularly, you should do so. Don't pick passwords that are easy to guess, such as your birthdate, loved one's name, social security number, etc. Longer passwords are harder to crack, so make your password at least eight characters long; 14 is even better. Popular password-cracking methods use "dictionary" attacks, so don't use words that are in the dictionary. Passwords should contain a combination of alpha, numeric, and symbol characters for best security.
A long string of nonsense characters may create a password that's tough to crack, but if you can't remember it, you'll defeat the purpose by writing it down (where an intruder may be able to find it). Instead, create a phrase you can remember easily and use the first letters of each word, along with logical numbers and symbols. For example: "My cat ate a mouse on the 5th day of June" becomes "Mc8amot5doJ."
#10: Ignore the need for a backup and recovery plan
Even if you follow all these suggestions, an attacker may crash your system or your data may be corrupted or get wiped out by a hardware problem. That's why it's essential that you always back up your important information and have a plan for recovering from a system failure.
Most computer users know they should back up, but many never get around to it. Or they make an initial backup but don't update it regularly. Use the built-in Windows backup program (Ntbackup.exe in Windows NT, 2000, and XP) or a third-party backup program and schedule backups to occur automatically. Store backed up data on a network server or removable drive in a location away from the computer itself, in case of a natural disaster like flood, fire, or tornado.
Remember that the data is the most important thing on your computer. The operating system can be reinstalled and so can applications, but it may be difficult or impossible to recreate your original data. (See "10 ways to protect your data" for additional suggestions.)
Nonetheless, you can save time and frustration by backing up your system information too. You can create mirror images of your disks using popular ghost or clone programs. This will allow you to restore the system quickly instead of going through the tedious installation process.
Speed up your connection
1. Make sure you're logged on as actually "Administrator". Do not log on with any account that just has administrator privileges.
2. Start > Run > type gpedit.msc (not available in home version).
3. Expand the Local Computer Policy branch.
4.Expand the Administrative Templates branch.
5.Expand the Network branch.
6.Highlight the "QoS Packet Scheduler" in left window.
7.In right window double click the "limit reservable bandwidth" setting.
8.On setting tab check the ENABLED item.
9.Where it says "Bandwidth limit %" change it to read 0 (ZERO).
10.Close gpedit.msc.
Effect is immediate on some systems, some need to re-boot.
2. Start > Run > type gpedit.msc (not available in home version).
3. Expand the Local Computer Policy branch.
4.Expand the Administrative Templates branch.
5.Expand the Network branch.
6.Highlight the "QoS Packet Scheduler" in left window.
7.In right window double click the "limit reservable bandwidth" setting.
8.On setting tab check the ENABLED item.
9.Where it says "Bandwidth limit %" change it to read 0 (ZERO).
10.Close gpedit.msc.
Effect is immediate on some systems, some need to re-boot.
Boost your ram performance To increase system performance
Right click my computer. Click properties.
Click advanced.
Click settings (under performance).
Click Adjust for best performance.
Scroll to the bottom and check the last one “use visual styles on windows and buttons”.
How to disable XP's -crud- built in CD Burner
Click the start button.
Select Run.
Type services.msc and click ok.
Go to IMAPI CD-Burning Com Services open it and click on start up type, change to "Disabled".
These Settings will fine tune your systems memory
You need at least 256MB of ram to do this:
Go to start\run\regedit -and then to the following key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Session Manager\Memory Management
1.DisablePagingExecutive -double click it and in the decimal put a 1 - this allows XP to keep data in memory now instead of paging sections of ram to harddrive yeilds faster performance.
2.LargeSystemCache- double click it and change the decimal to 1 -this allows XP Kernal to Run in memory and improves system performance a lot.
3.Create a new dword and name it IOPageLockLimit - double click it and set the value in hex - 4000 if you have 128MB of ram or set it to 10000 if you have 256MB set it to 40000 if you have more than 512MB of ram -this tweak will speed up your disckcache.
Reboot
Unable to delete from Avi files from HD
XP holds files in it's memory even after you have closed the application using them making it impossible to delete them from your harddrive. To fix this:
Start -> Run -> Regedit
Find the HKEY_CLASSES_ROOT\SystemFileAssociations\.avi\shel lex\PropertyHandler\ directory and delete the "DEFAULT" key.
Tweak The Swap File
For Users with 256 MB RAM or more this tweak will boost their Windows- and Game-Performance.
What it does: It tells Windows not to use any Swap File until there is really no more free RAM left.
Open the System Configuration Utility by typing msconfig.exe in the RUN command. There in your System.ini you have to add "ConservativeSwapfileUsage=1" under the 386enh section.
Restart your Windows and enjoy better Game performance
Disable Services
XP Pro runs a lot of services by default that are pointless if your not on a corporate network, the following services are ones that I safely disable thereby freeing up memory but check what each one does first to make sure your not using it for something:
Go to Run and type services.msc, right click on each service, properties and choose disable.
Alerter
Application Layer Gateway Service,
Application Management
Automatic Updates
Background Intelligent Transfer
Clipbook
Distributed Link Tracking Client
Distributed Transaction Coordinater
Error Reporting Service
Fast User Switching Compatibility
IMAPI CD-Burning
Indexing Service
IPSEC Services
Messenger
Net Logon
Net Meeting
Remote Desktop Sharing
Network DDE
Network DDE DSDM
Portable Media Serial Number
Remote Desktop Help Session Manager
Remote Registry
Secondary Logon
Smartcard
SSDP Discovery Service
Telnet Themes
Uninterruptible Power Supply
Universal Plug and Play Device Host
Upload Manager
Webclient
Wireless Zero Configuration
WMI Performance Adaptor
Speed Up The File System
NTFS is a great file system, but its feature-set comes at a slight cost in performance. You can negate this a little with the following tips:
* By default NTFS will automatically update timestamps whenever a directory is traversed. This isn't a necessary feature, and it slows down large volumes. Disable it by going to Run and type regedit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\FileSystem and set 'DisableNTFSLastAccessUpdate' to 1.
* NTFS uses disparate master file control tables to store filesystem information about your drives. Over time these core MFT files grow and become fragmented, slowing down all accesses to the drive. By setting aside a little space, MFT's can grow without becoming fragmented.
In the same key where you disabled the last access feature creat a new DWORD value called 'NtfsMftZoneReservation' and set it to 2.
Disable DLL Caching
Windows Explorer caches DLLs (Dynamic-Link Libraries) in memory for a period of time after the application using them has been closed. This can be an inefficient use of memory.
1. Find the key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer].
2. Create a new DWORD sub-key named 'AlwaysUnloadDLL' and set the default value to equal '1' to disable Windows caching the DLL in memory.
3. Restart Windows for the change to take effect.
Tweak The Prefetch
1. Run "Regedit"
2. Goto [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Session Manager\Memory Management\PrefetchParameters\EnablePrefetcher]
3. Set the value to either 0-Disable, 1-App launch prefetch, 2-Boot Prefetch, 3-Both ("3" is recommended).
4. Reboot.
It will decrease the boot time but double and increase the performance of your XP.
SpeedUp Your Connection By 20% (Cable Users Only)
1.Log on as "Administrator".
2. Run - gpedit.msc
3. Expand the "Local Computer Policy" branch.
4. Then expand the "Administrative Templates" branch.
5. Expand the "Network" branch.
6. Highlight the "QoS Packet Scheduler" in left pane.
7. In the right window pane double-click the "Limit Reservable Bandwidth" setting.
8. On the settings tab check the "Enabled" item.
9. Change "Bandwidth limit %" to read 0.
10. Then go to your Network connections Start=>Control Panel>Network & Internet connections>Network Connections and right-click on your connection. Then under the General or the Networking tab, (where it lists your protocols) make sure QoS packet scheduler is enabled.
It may take effect immediately on some systems. To be sure, just re-boot.
Right click my computer. Click properties.
Click advanced.
Click settings (under performance).
Click Adjust for best performance.
Scroll to the bottom and check the last one “use visual styles on windows and buttons”.
How to disable XP's -crud- built in CD Burner
Click the start button.
Select Run.
Type services.msc and click ok.
Go to IMAPI CD-Burning Com Services open it and click on start up type, change to "Disabled".
These Settings will fine tune your systems memory
You need at least 256MB of ram to do this:
Go to start\run\regedit -and then to the following key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Session Manager\Memory Management
1.DisablePagingExecutive -double click it and in the decimal put a 1 - this allows XP to keep data in memory now instead of paging sections of ram to harddrive yeilds faster performance.
2.LargeSystemCache- double click it and change the decimal to 1 -this allows XP Kernal to Run in memory and improves system performance a lot.
3.Create a new dword and name it IOPageLockLimit - double click it and set the value in hex - 4000 if you have 128MB of ram or set it to 10000 if you have 256MB set it to 40000 if you have more than 512MB of ram -this tweak will speed up your disckcache.
Reboot
Unable to delete from Avi files from HD
XP holds files in it's memory even after you have closed the application using them making it impossible to delete them from your harddrive. To fix this:
Start -> Run -> Regedit
Find the HKEY_CLASSES_ROOT\SystemFileAssociations\.avi\shel lex\PropertyHandler\ directory and delete the "DEFAULT" key.
Tweak The Swap File
For Users with 256 MB RAM or more this tweak will boost their Windows- and Game-Performance.
What it does: It tells Windows not to use any Swap File until there is really no more free RAM left.
Open the System Configuration Utility by typing msconfig.exe in the RUN command. There in your System.ini you have to add "ConservativeSwapfileUsage=1" under the 386enh section.
Restart your Windows and enjoy better Game performance
Disable Services
XP Pro runs a lot of services by default that are pointless if your not on a corporate network, the following services are ones that I safely disable thereby freeing up memory but check what each one does first to make sure your not using it for something:
Go to Run and type services.msc, right click on each service, properties and choose disable.
Alerter
Application Layer Gateway Service,
Application Management
Automatic Updates
Background Intelligent Transfer
Clipbook
Distributed Link Tracking Client
Distributed Transaction Coordinater
Error Reporting Service
Fast User Switching Compatibility
IMAPI CD-Burning
Indexing Service
IPSEC Services
Messenger
Net Logon
Net Meeting
Remote Desktop Sharing
Network DDE
Network DDE DSDM
Portable Media Serial Number
Remote Desktop Help Session Manager
Remote Registry
Secondary Logon
Smartcard
SSDP Discovery Service
Telnet Themes
Uninterruptible Power Supply
Universal Plug and Play Device Host
Upload Manager
Webclient
Wireless Zero Configuration
WMI Performance Adaptor
Speed Up The File System
NTFS is a great file system, but its feature-set comes at a slight cost in performance. You can negate this a little with the following tips:
* By default NTFS will automatically update timestamps whenever a directory is traversed. This isn't a necessary feature, and it slows down large volumes. Disable it by going to Run and type regedit:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\FileSystem and set 'DisableNTFSLastAccessUpdate' to 1.
* NTFS uses disparate master file control tables to store filesystem information about your drives. Over time these core MFT files grow and become fragmented, slowing down all accesses to the drive. By setting aside a little space, MFT's can grow without becoming fragmented.
In the same key where you disabled the last access feature creat a new DWORD value called 'NtfsMftZoneReservation' and set it to 2.
Disable DLL Caching
Windows Explorer caches DLLs (Dynamic-Link Libraries) in memory for a period of time after the application using them has been closed. This can be an inefficient use of memory.
1. Find the key [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Explorer].
2. Create a new DWORD sub-key named 'AlwaysUnloadDLL' and set the default value to equal '1' to disable Windows caching the DLL in memory.
3. Restart Windows for the change to take effect.
Tweak The Prefetch
1. Run "Regedit"
2. Goto [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Session Manager\Memory Management\PrefetchParameters\EnablePrefetcher]
3. Set the value to either 0-Disable, 1-App launch prefetch, 2-Boot Prefetch, 3-Both ("3" is recommended).
4. Reboot.
It will decrease the boot time but double and increase the performance of your XP.
SpeedUp Your Connection By 20% (Cable Users Only)
1.Log on as "Administrator".
2. Run - gpedit.msc
3. Expand the "Local Computer Policy" branch.
4. Then expand the "Administrative Templates" branch.
5. Expand the "Network" branch.
6. Highlight the "QoS Packet Scheduler" in left pane.
7. In the right window pane double-click the "Limit Reservable Bandwidth" setting.
8. On the settings tab check the "Enabled" item.
9. Change "Bandwidth limit %" to read 0.
10. Then go to your Network connections Start=>Control Panel>Network & Internet connections>Network Connections and right-click on your connection. Then under the General or the Networking tab, (where it lists your protocols) make sure QoS packet scheduler is enabled.
It may take effect immediately on some systems. To be sure, just re-boot.
How to create concrete textures in photoshop
1. create a new document
2. set the foreground color to light yellow i.e. #ffffcc
3. background color to grey i.e. 92908e
4. filter>render>clouds
5. filter>textures>craquelure>87, 3, 9>ok
6. ctrl+j to duplicate the layer
7. go to blending option
8. pattern overlay>blend mode=overlay, opacity=43, choose third pattern of artist surfaces pattern, 100%>ok
learn some graphics skill through this forum. You feel like you have magic in your hands
2. set the foreground color to light yellow i.e. #ffffcc
3. background color to grey i.e. 92908e
4. filter>render>clouds
5. filter>textures>craquelure>87, 3, 9>ok
6. ctrl+j to duplicate the layer
7. go to blending option
8. pattern overlay>blend mode=overlay, opacity=43, choose third pattern of artist surfaces pattern, 100%>ok
learn some graphics skill through this forum. You feel like you have magic in your hands