Tuesday, March 25, 2008
==> Start->control Panel->Administrative Tools->Computer management++disk management++ then right click the partition++select "change drive letter and paths"
2.Turn off welcome screen
==> open control panel--> user account ==> change the way user logon and logoff.
3.Unlock WinXP setupp.ini
==> Find your setupp.ini file in the i386 directory on your WinXP CD. Open it up, it'll look something like this:
The Pid value is what we're interested in. What's there now looks like a standard default. There are special numbers that determine if it's a retail, oem, or volume license edition. First, we break down that number into two parts. The first five digits determines how the CD will behave, ie is it a retail cd that lets you clean install or upgrade, or an oem cd that only lets you perform a clean install? The last three digits determines what CD key it will accept. You are able to mix and match these values. For example you could make a WinXP cd that acted like a retail cd, yet accepted OEM keys.
Now, for the actual values. Remember the first and last values are interchangable, but usually you'd keep them as a pair:
Retail = 51882335
Volume License = 51883 270
OEM = 82503 OEM
So if you wanted a retail CD that took retail keys, the last line of your setupp.ini file would read:
And if you wanted a retail CD that took OEM keys, you'd use:
4.Password Recovery Disk
==> Take preventive measures against losing user-level passwords.
create a password recovery disk the minute you create your user account.
How to launch the Forgotten Password Wizard:
Single-click Start menu, Control Panel, and User Accounts.
Click your user account name.
Under Related Tasks on the left, click "Prevent forgotten password" to launch the wizard.
Now that you've launched the wizard, let it walk you through creating the recovery disk. Make sure the disk you use is formatted and in the drive.
If you happen to forget your password, all you need to do is click your user icon at the logon screen. Even though you don't have your password, go ahead and click the green arrow just like you would to finish logging on to your computer. This will launch a little yellow dialog box directing you to use your password recovery disk.
Sunday, March 16, 2008
command mode and escape mode
Press "i" to enter in insert mode
Delete one character
Save and exit
Quit without saving
writes and quits at the same time
reads in the file name at the cursor point
copy and paste (yy and p) Yank
yanks into a temp buffer
paste the yanked file
searches for the pattern in the file
carry search in the same direction
carry search in opposite direction
undo the last action
repeats the last command
rpm -Va | lessS file Size differs
==> very helpful to check every file on your computer,you will now which files are modified
.......T c /etc/inittab
..5....T c /etc/pki/nssdb/secmod.db
.......T c /etc/audit/auditd.conf
....L... c /etc/pam.d/system-auth
S.5....T c /etc/sysconfig/system-config-securitylevel
.......T c /etc/mail/sendmail.cf
S.5....T c /var/log/mail/statistics
.M...... c /etc/cups/classes.conf
M Mode differs (includes permissions and file type)
5 MD5 sum differs
L readLink path mis-match
very nice utility to know what is running on your system
Check the processes
who logged into the system in Past
Add, Group Policy Object Editor,
Add, Close, Ok.
Go to :-Local Computer Policy, User Configuration, Administrative Templates, System
Click on Systems
Double Click on "Don't Run Specified Windows Applications".
Select Enable and then click on Show, then Add
Add any applications you want to restrict. Blaster and Sobig.F are
Click OK and close out of the MMC.
These will help to stop the above two Trojan / worms.
rpm -qa | grep ntp
If not then load the package by YUM
yum install ntp
date (make sure it matches up with the date your timezone is set to)
hwclock (Verify the bios clock matches the system clock)
hwclock --systohc (Set the bios clock to match the system clock)
Then you can go about setting up /etc/ntp.conf and starting and running the time daemon ..
hwclock --set --date="10/05/10 14:19:05"
if you have ntp running
ntpdate "server DNS name or IP address"
To keep your time accurate you can create a cron job that executes:(the -w option is the same as --systohc)
ntpdate "server name" && hwclock -w
Synchronizing your system clock to an accurate time server is important so that you can prove your log files are accurately time stamped. Create a file in /etc/cron.hourly that contains the following:
/usr/sbin/ntpdate -bu -t 3 your-local-gateway