Nytro

MySQL 5.5: Storage Engine Performance Benchmark for MyISAM and InnoDB Incepand cu MySQL v5.5, InnoDB e databse engine-ul implicit. S-a lucrat mult la el si a fost imbunatatit foarte mult. Un lucru important e ca InnoDB respecta proprietatile ACID (atomicity, consistency, isolation, durability) - ceea ce asigura ca tranzactiile sunt procesate asa cum trebuie, de exemplu exista crash recovery. De asemenea s-a lucrat la "partea de Windows", adica au fost facute optimizari pentru Windows, se folosesc functii native Windows, de exemplu pentru alocari de memorie sau altceva, ceea ce inseamna viteza sportia. Setarile de configurare InnoDB iti permit sa selectezi cate thread-uri sa fie folosite, cate pentru citire si cate pentru scriere, sa folosesti alocatori de memorie specifici sistemului de operare... Diferente ar mai fi: InnoDB are suport pentru Foreign Key (important) si lock la nivel de celula, nu la nivel de tabel, dar MyISAM suporta full text search indexes. Practic InnoDB e mai rapid.

Linux Kernel Moves to 3.0 For No Reason Numbers are Just Numbers and in the Linux Kernel they Mean Nothing By Stephen Spector on Wed, 06/01/11 - 3:18pm. This past Monday Linus Torvalds released the first release candidate (-rc) of the next kernel series, which was expected to be 2.6.40, but instead renamed it to Linux 3.0 kernel. From Linus’ commit statement (http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commitdiff;h=55922c9d1b84b89cb946c777fddccb3247e7df2c): .. except there are various scripts that really know that there are three numbers, so it calls itself "3.0.0-rc1". Hopefully by the time the final 3.0 is out, we'll have that extra zero all figured out. So, what does this mean? Are there significant new features in 3.0 that justify a numbering switch from2.6.40 to 3.0? To find out more, we can read Linus’ mail to the kernel mailing list (https://lkml.org/lkml/2011/5/29/204): I decided to just bite the bullet, and call the next version 3.0. It will get released close enough to the 20-year mark, which is excuse enough for me, although honestly, the real reason is just that I can no longer comfortably count as high as 40. The whole renumbering was discussed at last years Kernel Summit, and there was a plan to take it up this year too. But let's face it - what's the point of being in charge if you can't pick the bike shed color without holding a referendum on it? So I'm just going all alpha-male, and just renumbering it. You'll like it. Now, my alpha-maleness sadly does not actually extend to all the scripts and Makefile rules, so the kernel is fighting back, and is calling itself 3.0.0-rc1. We'll have the usual 6-7 weeks to wrestle it into submission, and get scripts etc cleaned up, and the final release should be just "3.0". The -stable team can use the third number for their versioning. In fact, Linus goes on to say the number change is not based on anything from a feature standpoint; it’s just a number change. This type of change is most interesting as it goes against standard practices with software numbering conventions and once again shows Linus as a leader in the software space with his willingness to defy conventional wisdom. I find this change interesting but am not really sure how it impacts anyone. The kernel used in most distributions is always listed but I believe that most users look for the latest version of any distro and will go with whatever kernel they use, regardless of numbering scheme. However, with a numbering scheme not based on any standard, could we see companies in the future release version 22.0 as an initial product causing people not aware that this is the 22nd iteration and therefore better than version 1.0? I’m sure a marketing person somewhere is contemplating this. What do you think? Is Linus simply changing the number for no reason as he states? Is there a grand conspiracy behind this change that no one knows about? Perhaps Microsoft is behind this change and is now controlling Linus’ mind. Sursa: Open Source Exposed: Linux Kernel Moves to 3.0 For No Reason

The Anatomy of COM Server-Based Binary Planting Exploits Tuesday, May 24, 2011 Last week at the Hack In The Box conference in Amsterdam we presented some techniques for advanced exploitation of binary planting bugs. The stage was set by our previous blog post where we described how unsafely registered COM server DLLs, as well as safely registered COM server DLLs that make unsafe binary loading calls, could be abused for mounting binary planting attacks. This post reveals our work to the rest of the world. The Magic Of Special Folders One of the elements we used in our exploits were Windows special folders. Special folders are folders that can be shown by Windows Explorer but don't always behave like ordinary folders, which simply contain files and other folders. Some examples of special folders are Control Panel, My Computer, My Documents, Administrative Tools and Printers. Every one of these special folders is implemented as an in-process COM server with a specific class identifier (CLSID). For instance, the CLSID of My Computer is {20D04FE0-3AEA-1069-A2D8-08002B30309D}. Let's begin with a small magic trick (works on XP, Vista and Windows 7): Create a new empty folder anywhere on your file system and rename it to folder.{20D04FE0-3AEA-1069-A2D8-08002B30309D}. (Note that the CLSID must be the extension of the folder name, i.e., must come after the final dot.) Immediately after renaming, the folder's icon will be changed to the icon of My Computer and, moreover, opening the folder will actually show the My Computer content. Apart from having an obvious entertaining value, this trick also plays an important role in our exploits. Many applications, when processing files from special folders, or display the content of special folders, trigger the instantiation of such folders' COM servers based on the CLSIDs in their extensions. Which brings us to the first exploit. Double-Click Attack 1: Wordpad on Windows XP As already mentioned in our stage-setting blog post, all Windows XP installations have a registered COM server called "Display Panning CPL Extension" with CLSID {42071714-76d4-11d1-8b24-00a0c9068ff3}, implemented by a non-existing deskpan.dll. Consequently, if some application decided to instantiate such COM server, this would result in loading deskpan.dll from the current working directory. As you might have guessed, the special folders magic can make an application instantiate just any registered COM server. Let's do this with Wordpad. The video below shows the following procedure: create a "malicious" deskpan.dll; create a new folder and rename it to files.{42071714-76d4-11d1-8b24-00a0c9068ff3} - note that Windows XP hide the folder extension, and that this special folder still behaves like an ordinary folder; copy the malicious deskpan.dll to the new folder; open the folder; create a new rich text document in the folder; double-click the rich-text document. http://www.youtube.com/watch?feature=player_embedded&v=SzW8xCsHOuY After double-clicking the rich text document, Wordpad gets launched and its current working directory gets set to the special folder (which is the expected behavior). However, for reasons unknown to us, Wordpad then triggers a call to the COM server-instantiating function CoCreateInstance with the CLSID of our special folder. This causes a registry lookup for the COM server DLL (deskpan.dll), and then an attempt to load this DLL using a LoadLibrary call. Failing to find this DLL in Wordpad home directory as well as in all Windows system folders, the "malicious" deskpan.dll is finally loaded from our special folder and executed. Double-Click Attack 2: Applications on Windows 7 In contrast to Windows XP, a fresh installation of Windows 7 has no unsafely registered in-process COM servers. It does, however, have several safely registered COM servers whose DLLs make unsafe library loading calls. (XP and Vista have such DLLs too.) One such case on Windows 7 is the COM server called "AnalogCable Class", registered with CLSID {2E095DD0-AF56-47E4-A099-EAC038DECC24} and having C:\Windows\System32\PsisDecd.dll as its DLL. When an application instantiates this COM server, the PsisDecd.dll is loaded from the System32 folder (which is okay), but this DLL quickly makes a call to LoadLibrary("ehTrace.dll"). Now it's not that ehTrace.dll doesn't exist on Windows 7: it does exist in folder C:\Windows\ehome - but applications launched outside this folder are unable to find it. This means that applications from folder C:\Windows\ehome, for instance ehshell.exe, can safely and successfully instantiate the said COM server, while other applications automatically become vulnerable if they try to do the same. The video shows the following procedure: create a "malicious" ehTrace.dll; create a new Microsoft Word 2010 document; create a new Microsoft PowerPoint 2010 document; create a new text document; create a new PDF document; create a new folder and rename it to files.{2E095DD0-AF56-47E4-A099-EAC038DECC24} - note that Windows 7 also hide the folder extension, and that this special folder still behaves like an ordinary folder; copy all four data files and the "malicious" DLL to the new folder; open the folder; double-click the Word document; (causing Word 2010 to execute the "malicious" ehTrace.dll) double-click the PowerPoint document; (causing PowerPoint 2010 to execute the "malicious" ehTrace.dll) double-click the PDF document; (causing Nitro PDF Reader to execute the "malicious" ehTrace.dll) double-click the text document; (launching Notepad but not immediately executing the "malicious" DLL) selecting "File -> Save As" from the menu in Notepad. (causing Notepad to execute the "malicious" ehTrace.dll) http://www.youtube.com/watch?feature=player_embedded&v=H82gaZizl-0 Similarly to the Wordpad exploit on Windows XP, the above exploits are based on the curious and heavily undocumented nature of special folders, which makes otherwise innocent applications instantiate chosen COM servers. Thus Word, PowerPoint and Nitro PDF Reader (and many other applications) all try to instantiate the "AnalogCable Class" COM server while having their current working directory set to our special folder. This results in a search for ehTrace.dll, and in the loading of "malicious" ehTrace.dll from our special folder. The final target, Notepad, does not get hacked simply by opening a file - but does execute the "malicious" DLL when the "Save As" dialog is opened. Apparently Notepad does not automatically trigger the COM server instantiation when a document is loaded, but opening the "Save As" dialog causes the code behind this dialog to interact with the special folder, thus instantiating the appropriate COM server. Leveraging COM Server Exploits Through Web Browsers Skeptics among you may say that, okay, this opens up new attack vectors for various binary planting vulnerabilities, but the user would still have to double-click a document on a remote share. And users wouldn't do that, would they? (Of course they would but let's pretend they wouldn't.) So in order to satisfy the most demanding among you, we leveraged the above exploits through web browsers, resulting in some pretty user-friendly scenarios, in a manner of speaking. Let's start with Windows XP and Internet Explorer 8. Web Attack 1: Internet Explorer 8 on Windows XP The following video shows how a user would experience the attack. Visiting a malicious web site, clicking once on one link, and again on another, is enough to get a remote binary executed on his computer. http://www.youtube.com/watch?v=uU3KVsO8Ca4&feature=player_embedded Two tricks are employed in the background of this attack. The first is aimed at launching applications without double-clicking. One of the methods we found for this makes use of the default Windows XP Task View, i.e., the task list shown in Windows Explorer on the left of each folder view. When a printable document is selected in the folder, this task list includes the "Print this file" link which, when (single-) clicked upon, launches the application associated with the file type of the selected file and instructs it to initiate the printing process. The procedure is thus: 1) click the file in a remote special folder to select it, and 2) click "Print to file" to launch the application which then loads a malicious DLL. The second trick is clickjacking. This old trick is simply used for hiding the actual attack inside a 1x1 iframe such that wherever the user clicks on the web page the first time (anywhere on the page, not only on links), he actually clicks inside this tiny iframe - precisely on the Wordpad document shown in a remote shared folder, thereby selecting this document. The iframe then repositions its remote content such that when the user clicks again, he actually clicks on the "Print this file" link in the same remote shared folder as before, thereby launching Wordpad and executing the malicious DLL inside it. Now, since most attackers want to hide their attacks as much as possible, we made the demo such that when the user clicks inside the tiny iframe, we detect that and simulate the click on the underlying web page as well, which is why the links apparently clicked on actually respond to the clicks. For those of you preferring the schematic diagrams, here's how it works in the language of objects, arrows and annotations (taken from our Hack In The Box slides). Web Attack 2: Internet Explorer 9 on Windows 7 With Protected Mode We've already seen that applications can be made vulnerable through unsafe COM servers on Windows 7 just like on Windows XP. But there are two additional challenges here. First, Windows 7 don't have the task view like Windows XP do, so another way to avoid double-clicking had to be found. And second, you can't just launch any application from IE when in protected mode without popping up the yellow security warning. For the first challenge we chose to reveal a "right-click, send to compressed (zipped) folder" trick. IE allows the user to right-click a folder inside a remote shared folder (without a warning), and then select "send to" and "compressed (zipped) folder" from the context menu. This triggers a process of compression, which sets the current working directory of IE to the remote shared folder - and completes the first part of the attack. The second challenge was overcome with the help of verclsid.exe. This curious little executable, mostly unknown to users, gets frequently launched in the background and quickly terminates without any visible effect. Verclsid.exe is, ironically, a security measure introduced by a Windows security update associated with bulletin MS06-015, but to us it is interesting because it is "whitelisted" for the IE protected mode: when IE launches a new verclsid.exe process, the user doesn't have to okay a security warning. Furthermore, verclsid.exe instantiates the COM server associated with the extension of a chosen special folder, providing just the binary planting opportunity we need. In our attack, we trigger the launching of verclsid.exe by loading a number of different special folders in an additional 1x1 iframe while IE has its current working directory set to our remote shared folder. Since verclsid.exe is launched by IE, it also inherits IE's current working directory (which hosts our "malicious" DLL) and eventually loads our DLL. The attack is again hidden with clickjacking. Let's see how the user experiences this attack. Visiting a malicious web site, right-clicking anywhere on the page and selecting "send to" and "compressed (zipped) folder" from the context menu is enough to get a remote binary executed on his computer. http://www.youtube.com/watch?v=dydN_KhQnhs&feature=player_embedded Again, the schematic diagram of the attack: Lessons Learned The main takeaway from our presentation was that binary planting, as a conceptual problem with loading binaries on Windows, is not at all a trivial problem if you really understand the numerous details and hidden processes that affect and enable it. By shedding light on a few previously unknown attack vectors we only revealed a small portion of our advanced binary planting research, which is aimed at improving the exploitation of various binary planting vulnerabilities. If we want to convince developers to fix security defects, we need to show them that they're easy to exploit, and we hope to see some proactive effort as a result of our work. And this is by no means aimed towards Microsoft alone; it was simply easiest for us to use the components that come with Windows, but we found a large number of other vendors' product to be exploitable in the ways described above. How To Protect Yourself? Apart from our generic recommendations for administrators, a couple of additional temporary measures will protect you from the attacks described in this post (but unfortunately not from numerous similar attacks): On Windows XP, delete the {42071714-76d4-11d1-8b24-00a0c9068ff3} registry key under HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID. On Windows 7, copy ehTrace.dll from C:\Windows\ehome to the System32 folder. What's next? We'll continue to raise awareness of this vulnerability class we call binary planting. There's a lot of misunderstanding about it among developers as well as security researchers, and we'll do our best to change that. Our first humble milestone is to stop seeing new product versions making unsafe LoadLibrary calls. Unfortunately, we don't seem to be anywhere close to that. (Again, most of the above research has been done by Luka Treiber, security researcher at ACROS Security.) COM Server-Based Binary Planting Proof Of Concept Released For educational purposes we decided to publish a proof of concept (PoC) for the COM Server-Based Binary Planting attacks described in our previous post. We prepared both online and offline versions for 32-bit Windows XP running Internet Explorer 8. Visit XP 2-click Binary Planting PoC and follow instructions. You must have WebDAV communication with the Internet enabled and must not have the CWDIllegalInDllSearch hotfix installed. Offline Proof of Concept Download a ZIP archive of the PoC here, extract it and follow the instructions in readme.txt. You can test the PoC either from a local network share or locally on a single Windows XP machine. Note that this is a proof of concept only, not a weaponized exploit. The reliability thus depends on a few factors: You have to be running Internet Explorer 8 on 32-bit Windows XP (although it probably works on IE 7 too). A weaponized exploit could automatically detect user's Windows and IE version and provide an exploit for 32-bit and 64-bit XP, Vista or Windows 7 accordingly. You have to have "Show common tasks in folders" selected under the "Folder options" in Windows Explorer. (This is the default setting.) A weaponized exploit could use various attack vectors for different user configurations. The automatic COM Server launching process in relation with special folders is largely undocumented and can be unpredictable. A weaponized exploit could initiate various special folders-related activities for further improving the reliability. The SMB-to-WebDAV fallback takes a while (usually 10-15 seconds in our tests) and our PoC requires you to wait. A weaponized exploit could initiate this communication in the background while the user was reading an interesting text from the web page. Poc: http://www.binaryplanting.com/demo/XP_2-click/XP_2-click.zip Surse: ACROS Security Blog: The Anatomy of COM Server-Based Binary Planting Exploits COM Server-Based Binary Planting Proof Of Concept Released | HITBSecNews

Previewing "Windows 8" Article by Julie Larson-Green, corporate vice president, Windows Experience. REDMOND, Wash. – June 1, 2011 – Today, at the D9 Conference, we demonstrated the next generation of Windows, internally code-named “Windows 8,” for the first time. Windows 8 is a reimagining of Windows, from the chip to the interface. A Windows 8-based PC is really a new kind of device, one that scales from touch-only small screens through to large screens, with or without a keyboard and mouse. The demo showed some of the ways we’ve reimagined the interface for a new generation of touch-centric hardware. Fast, fluid and dynamic, the experience has been transformed while keeping the power, flexibility and connectivity of Windows intact. Here are a few aspects of the new interface we showed today: Fast launching of apps from a tile-based Start screen, which replaces the Windows Start menu with a customizable, scalable full-screen view of apps. Live tiles with notifications, showing always up-to-date information from your apps. Fluid, natural switching between running apps. Convenient ability to snap and resize an app to the side of the screen, so you can really multitask using the capabilities of Windows. Web-connected and Web-powered apps built using HTML5 and JavaScript that have access to the full power of the PC. Fully touch-optimized browsing, with all the power of hardware-accelerated Internet Explorer 10. We also showed effortless movement between existing Windows programs and new Windows 8 apps. The full capabilities of Windows continue to be available to you, including the Windows Explorer and Desktop, as does compatibility with all Windows 7 logo PCs, software and peripherals. Although the new user interface is designed and optimized for touch, it works equally well with a mouse and keyboard. Our approach means no compromises — you get to use whatever kind of device you prefer, with peripherals you choose, to run the apps you love. This is sure to inspire a new generation of hardware and software development, improving the experience for PC users around the world. Today, we also talked a bit about how developers will build apps for the new system. Windows 8 apps use the power of HTML5, tapping into the native capabilities of Windows using standard JavaScript and HTML to deliver new kinds of experiences. These new Windows 8 apps are full-screen and touch-optimized, and they easily integrate with the capabilities of the new Windows user interface. There’s much more to the platform, capabilities and tools than we showed today. We are excited to bring an innovative new platform and tools to developers and see how their creativity jumpstarts a new generation of apps. Windows 8 apps can use a broad set of new libraries and controls, designed for fluid interaction and seamless connectivity. Apps can add new capabilities to Windows and to other apps, connecting with one another through the new interface. For example, we showed today how a developer can extend the file picker control to enable picking from their own app content or from within another Windows 8 app, in addition to the local file system and the network. We’re just getting started. And this isn’t just about touch PCs. The new Windows experience will ultimately be powered by application and device developers around the world — one experience across a tremendous variety of PCs. The user interface and new apps will work with or without a keyboard and mouse on a broad range of screen sizes and pixel densities, from small slates to laptops, desktops, all-in-ones, and even classroom-sized displays. Hundreds of millions of PCs will run the new Windows 8 user interface. This breadth of hardware choice is unique to Windows and central to how we see Windows evolving. The video below introduces a few of the basic elements of the new user interface. Although we have much more to reveal at our developer event, BUILD (Sept. 13 - 16 in Anaheim, Calif.), we’re excited to share our progress with you. Today’s demonstration followed our announcements earlier this year about Windows 8 running on System on a Chip (SoC) processors, and our browser engine innovations and significantly increased standards support in Internet Explorer 10. Windows 8 extends these innovations and reimagines every level of the Windows architecture — the kernel, networking, storage, devices, user interface — all building on the broadest and richest ecosystem of software, peripherals and devices. We have so much more on the way! We’re working very hard to get the product ready for early testing, and we plan to kick off our engineering dialogue through our team blog, just as we did for Windows 7. So please stay tuned — we have a lot of cool innovation coming in the months ahead. By Julie Larson-Green Corporate Vice President, Windows Experience Video: Download video: http://media.ch9.ms/ch9/cda16b03-c463-47e7-b604-9ef5011c5b25/Demo.mp4 Sursa: http://www.microsoft.com/presspass/features/2011/jun11/06-01corporatenews.aspx

Sniff and intercept web session profiles on Android 02 June 2011. FaceNiff is an Android app that allows you to sniff and intercept web session profiles over the Wi-Fi that your mobile is connected to. It is possible to hijack sessions only when Wi-Fi is not using EAP, but it should work over any private networks (Open/WEP/WPA-PSK/WPA2-PSK). It's kind of like Firesheep for Android and it works on WPA2. A rooted phone is required and keep in mind that if the user uses SSL this application won't work. Supported services: FaceBook Twitter Youtube Amazon Nasza-Klasa. Here's a video of FaceNiff for Android in action on LG Swift 2X: Confirmed to work on: HTC Desire CM7 Original Droid/Milestone CM7 SE Xperia X10 Samsung Galaxy S Nexus 1 CM7 HTC HD2 LG Swift 2X LG Optimus Black - original rom LG Optimus 3D - original rom Samsung Infuse. Download: http://faceniff.ponury.net/ Sursa: Sniff and intercept web session profiles on Android

Difference between InnoDB and MyISAM in MySQL Posted by Sachin Khosla, on November 15, 2010 MyISAM and InnoDB are two most commonly used storage engines of MySQL database. However, MyISAM is the default storage engine chosen by MySQL database, when creating a new table. The major differences between these two storage engines are : InnoDB supports transactions which is not supported by tables which use MyISAM storage engine. InnoDB has row-level locking, relational integrity i.e. supports foreign keys, which is not possible in MyISAM. InnoDB ‘s performance for high volume data cannot be beaten by any other storage engines available. Tables created in MyISAM are known to have higher speed compared to tables in InnoDB. But since InnoDB supports volume, transactions, integrity it’s always a better option which you are dealing with a larger database. It is worth mentioning that a single database can have tables of different storage engines. File structure MyISAM stores each table on disk with three files whose names begin with same as table name. These files have different extensions to differentiate their purpose. A .frm files stores the table format, and a .MYD (MYData) file stores the data of the table. If the table has indexes then these are stored in the .MYI (MYIndex) files. On the other hand, InnoDB tables and their indexes are stored in the tablespace, which consists of several files. That is why InnoDB tables can be very large and can store large volume of data. The InnoDB storage engine maintains its own buffer pool for caching data and indexes in main memory. Check the engines being used for existing tables So these are the main differences between these two engines. You can specify in the query that which engine is to be used while creating the table. CREATE TABLE test name varchar(30) ENGINE = InnoDB; Since MyISAM is the default engine assigned when creating a table, so you need not to specify it, if you are planning to use MyISAM. This rule holds good, if you have not changed anything in the configuration. To check the engines of already existing tables, use the following query. It will list all the existing tables which are present in the current database, with their engines specified. show table status; If you want to view the status of a particular table, then use the following query, show table status where Name = ‘tablename’; Hope that helps. Stay Digified !! Sachin Khosla Sursa: DigiMantra » Difference between InnoDB and MyISAM in MySQL

NoVirusThanks Anti-Rootkit Free NoVirusThanks Anti-Rootkit is a sophisticated low-level system analysis tool whose main goal is to detect the presence of malware and rootkits. Hidden processes, hidden drivers, stealth DLL modules, code hooks etc. are just a few of the objects which can be detected in user space and system memory. Quick Report Scan (Easy Mode) Detect SSDT & Shadow SDT Hooks Detect Interrupt Descriptor Table (IDT) Hooks Detect SYSENTER Handler Hooks Detect Stealth IRP Hooks Analyze Master Boot Record (MBR) Detect Kernel Callbacks Detect Kernel-Mode & User-Mode Hooks Detect Hidden Drivers + Hardcore Scan Detect Hidden Processes Processes Behavioral Analysis Detect Windows Message Hooks Hosts File Manager Browser Helper Objects Manager AppInit_DLLs Manager NoVirusThanks Anti-Rootkit is a must-have for anyone seeking true 32-bit Windows NT kernel security and system threat analysis. The vast detection range of industry standard rootkits is truly amazing especially without compromising system stability even in the most hostile, malware-plagued environments. It is recommended to use this software by experienced users. We offer a 1 license multi-user solution meaning all you need is 1 license per PC and all users may access the software. NoVirusThanks Anti-Rootkit can be purchased for only $19.99 USD. The 1 PC license is lifetime, you do not need to renew the license each year for the version of the product you have bought, we provide free updates for minor revisions. We offer also a free edition of our product, with some limitations in the features (view the comparison table above), that can be downloaded at the bottom of this page, the license is free for personal use only, and is not for business or commercial use. NoVirusThanks Anti-Rootkit is compatible with the following 32-bit Microsoft Windows Operating Systems (OS): Windows XP, Windows Server 2003, Windows Vista and Windows 7 Preview: NoVirusThanks Anti-Rootkit (Preview) - Anti Rootkit and Anti Malware – Security Software and Services - NoVirusThanks Video: Multiple Rootkit Infection Test Download: http://downloads.novirusthanks.org/files/NVTArk_Free_Setup.exe Sursa: NoVirusThanks Anti-Rootkit Free - Anti Rootkit and Anti Malware – Security Software and Services - NoVirusThanks

Ubuntu 11.10 Alpha 1 Has GNOME 3, Firefox 5, Linux Kernel 2.6.39 We are proud to announce today, June 2nd, that the first Alpha version of the upcoming Ubuntu 11.10 (Oneiric Ocelot) operating system is now available for download. As usual, we've grabbed a copy of it in order to keep you up-to-date with the latest changes in the Ubuntu 11.10 development. While all Ubuntu are still discovering and enjoy the brand-new Ubuntu 11.04 (Natty Narwhal) operating system, somewhere deep in the Ubuntu headquarters, the Canonical developers are working on the next major update for their popular Linux distribution. What's new in Ubuntu 11.10 Alpha 1? Well, the big news is that the GNOME 3 desktop environment has been finally implemented in the Ubuntu operating system, so users can grab a copy of it and test it deeply. Just remember that it's a development release and not all things work as expected! Also new in Ubuntu 11.10 (Oneiric Ocelot) is Linux kernel 2.6.39, which brings lots of new drivers and support for the latest hardware components. As you can see from the screenshot below, if you don't have 3D video drivers, Ubuntu 11.10 will fallback to Unity 2D The following packages are featured in Ubuntu 11.10: Mozilla Firefox 5 Beta, Transmission 2.13, NetworkManager 0.9, GNOME Orca 3.0, Nautilus 3.0.2, GTK3, GCC 4.6, and gsettings instead of gconf. Ubuntu Server 11.10 Alpha 1 contains updated Orchestra elements and Openstack components. Also, the the delta with Debian was reduced in many areas. What's new in Kubuntu 11.10 Alpha 1? Well, the first Alpha version of Kubuntu 11.10 is build on top of KDE Software Compilation 4.6.3. The Muon Software Center is now used by default for package management. KDE PIM 4.4.11 is also included in this release. What's new in Xubuntu 11.10 Alpha 1? Well, the first Alpha version of Xubuntu 11.10 features the beautiful Xfce 4.8 desktop environment. There are no significant changes in this release. On October 13th, 2011, Ubuntu 11.10 (Oneiric Ocelot) will become the fifthteenth release of the Ubuntu operating system. See you again in three months (June 30th), for the second Alpha version of the upcoming Ubuntu 11.10 (Oneiric Ocelot). The Oneiric Ocelot Release Schedule: June 2nd, 2011 - Alpha 1 release June 30th, 2011 - Alpha 2 release August 4th, 2011 - Alpha 3 release September 1st, 2011 - Beta 1 release September 22nd, 2011 - Beta 2 release October 13th, 2011 - Final release of Ubuntu 11.10 Download Ubuntu 11.10 Alpha 1 (Oneiric Ocelot) right now from Softpedia. Download Ubuntu Server 11.10 Alpha 1 (Oneiric Ocelot) right now from Softpedia. Download Ubuntu Enterprise Cloud 11.10 Alpha 1 (Oneiric Ocelot) right now from Softpedia. Download Kubuntu 11.10 Alpha 1 (Oneiric Ocelot) right now from Softpedia. Download Xubuntu 11.10 Alpha 1 (Oneiric Ocelot) right now from Softpedia. Download Edubuntu 11.10 Alpha 1 (Oneiric Ocelot) right now from Softpedia. Remember that this is an alpha release and it should NOT be installed on production machines. It is intended to be used for testing purposes only. Please report bugs to the Ubuntu Bug Tracker. Sursa: Ubuntu 11.10 Alpha 1 Has GNOME 3, Firefox 5, Linux Kernel 2.6.39 - Softpedia

Panda Global Protection 2012 – 90 de zile licenta GRATUITA Panda a lansat gama de produse de securitate 2012 si are o oferta speciala: 90 de zile licenta GRATUITA. Iata ce aduce nou Panda Global Protection 2012: IMPROVED! Protection technologies to detect Viruses and others threats. IMPROVED! Detection based on behavioral analysis. IMPROVED! Firewall. Blocks intruders and hackers. IMPROVED! Panda USB Vaccine. Protects your PC and USB drives from infection. IMPROVED! Increased spam detection rates. IMPROVED! Parental Control, your children will be safer on the Internet. IMPROVED! Panda SafeCD, clean all types of malware from your computer if you cannot start Windows. IMPROVED! Improved Web browsing. IMPROVED! Improved interface for all types of users, from basic to technical. IMPROVED! Very easy activation process completed in two clicks. IMPROVED! All modules and features available at a single glance. NEW! New Web navigation report, see blocked sites. Pentru a obtine licenta GRATUITA 90 de zile pentru Panda Global Protection 2012 accesati link-ul: http://acs.pandasoftware.com/marketing/promo/PANDAGP12PROMO3M.exe Sursa: Panda Global Protection 2012 – 90 de zile licenta GRATUITA

Vezi ca se poate? Dar incearca sa injuri numai pe la Offtopic.

Dupa cum vedeti categoriile: - Pranks - Cele mai penale posturi Au devenit sub-categorii la Offtopic. Iar XSS (Cross Site Scripting) a devenit subcategorie la Club ShowOff. Nu e cine stie ce schimbare, dar parca e mai ordonat asa.

Inchidem topicurile de tot rahatul.

Advanced Malware Cleaning About This Video Learn from Mark how to use the Sysinternals tools to identify malware infestations, from standard spyware to kernel-mode rootkits, and clean them off your systems. Presented By: Mark Russinovich Length: 1h 12 minutes 49 seconds Download: http://download.microsoft.com/download/1/1/D/11D73CAA-1D51-461C-A74E-97EBA4324F99/HDI-ITPro-TechNet-winvideo-Advanced_Malware_Cleaning(1).wmv http://download.microsoft.com/download/1/1/D/11D73CAA-1D51-461C-A74E-97EBA4324F99/HDI-ITPro-TechNet-mp4video-Advanced_Malware_Cleaning(4).m4v Online: http://technet.microsoft.com/en-us/sysinternals/Video/gg618529 L-am vazut si eu astazi, la inceput pare plictisitor, dar veti descoperi lucruri interesante si utile.

Pe tine inca nu te cunoastem, nu stim prea multe despre tine. Nu ma intereseaza acele confliente, asa si cu tromfil am avut un mic conflict ieri, si uite, acum e VIP. Posteaza, nu conteaza unde, astfel ne vom da seama de modul in care gabdesti. Apoi mai conteaza si cunostintele, mi-ai dat un program facut de tine, poate ai mai multe, poate ai scris articole, posteaza-le si vom vedea ce stii, altfel nu avem de unde. Promovarea la VIP nu se face asa, fortat. Te vei trezi intr-o zi ca esti VIP, nu stam sa discutam daca vei fi sau nu. Momentan cred ca lista ramane aceasta, insa membri noi pot adera in fiecare zi.

Ideea e simpla: ca sa ne ocupam de RST ne trebuie timp. Nu mai avem cat timp aveam in trecut, am crescut si odata cu varsta ne-au crescut si responsabilitatile, ca sa zic asa. Avem si noi treburile si problemele noastre in viata reala, treburi si probleme mai importante decat statul pe RST. Noua incepe sa ne treaca vreme, incepem sa ne angajam si sa inaintam in viata. RST are nevoie de tineri, de tineri pasionati de tehnica, de persoane care au mult timp pe care sa si-l dedice, atat pentru a invata ei, cat si pentru a-i ajuta pe altii. Si o foarte buna metoda de a fi bun intr-un anumit domeniu e de a-i invata pe altii. Incercati sa scrieti un tutorial, fie si despre ceva la care nu prea va pricepeti. Din nevoia de a scrie un articol bun, veti cauta multe resurse si va veti documenta foarte bine. Singurele lucruri de care aveti nevoie sunt timpul si placerea de a invata lucruri noi. Eu fac pe cat posibil sa intru mai des si sa mai fac cate ceva pe aici. Am sesiune, ce-i drept nu ma omor cu invatatul, azi am luat un 5, dar si asta imi mananca din timp. La vara am planuri, nu stiu cat timp voi avea nici la vara de RST, dar ma straduiesc sa imi rezerv cat mai mult timp pentru ca RST face parte din mine. Si nu o sa cada! Cum ii spuneam cuiva, prefer sa imi donez un rinichi decat sa dispara RST. Lucrurile se vor schimba spre bine, incetul cu incepul. Aveti rabdare, dar incercati si voi sa faceti acest lucru sa se intample. Suntem o comunitate, nu e vorba de o singura persoana, sau doua sau trei. Toti trebuie sa contribuim. Daca vreti ca RST sa fie un mediu tehnic placut, atunci contribuiti si voi pe cat posibil, nu asteptati sa pice totul din cer.

Mi le-as posta singur dar imi e lene. Si nu e nimic interesant in ele. Ma asteptam la una ca asta. Edit: Le am doar pe ultimele 3: Da, noi suntem mai porci. Suntem tineri, vorbim urat in viata reala si nu putem vorbi urat pe un forum? E absurd. Amandoi ati inceput sa vorbiti urat. Eh, pe aici se intampla des sa se vorbeasca urat, incearca sa te obisnuiesti. Si nu pune la suflet. Da, inseamna ca asta nu e tocmai un loc potrivit pentru femei. Adica in general barbatii sunt interesati de calculatoare, e greu sa rezisti printre ei... Nu stiu ce sa zic.

Am inceput sa facem putina ordine pe aici. Unul din lucrurile importante a fost sa alegem niste membri mai importanti si sa ii promovam la rangul de V.I.P. Am ales in functie de posturile fiecaruia, de ce impresie ne-au creat acesti membri. Nu sunt neaparat membri cu 1000 de post-uri, nu e important numarul de posturi, dar aceste persoane, cel putin momentan ne-au demonstrat ca sunt mai speciale si ca merita ceva in plus. Desigur, cunoastem cat de cat aceste persoane, am discutat cu ele si stim de ce sunt capabile. Aceste persoane sunt: - Andrei - Andrewboy - unu_1234567 - tex - tromfil - Synthesis - Birkoff - tdxev - Cheater - denjacker (daemien) Runda 2, noi membri VIP: - 3348399 - Zatarra - ZeroCold Runda 3: - Xander - wildchild Asteptam si de la restul posturi de calitate si va puteti trezi ca si ei, mai curand sau mai tarziu ca sunteti VIP. Pe langa accesul la "VIP Area", zona privata unde au acces doar membri VIP, vor mai avea sprijinul nostru si al persoanelor care stiu ce e respectul in orice probleme ar intampina. Desigur, rangul este si un titlu onorific.

Da, nu se va ajunge niciunde cu aceasta discutie, tocmai de aceea imi place. Este la offtopic, va las sa va faceti de cap, pentru ca nu o sa va mai puteti face de cap mult timp.

A Gentle Introduction to Python by Michael J. Fromberger <http://www.dartmouth.edu/~sting/> Version 1.2 This talk was prepared for Computer Science 118, taught by William McKeeman at Dartmouth College, Hanover New Hampshire, in the Spring term of 2004. Original lecture date: May 6, 2004. Revised April 26, 2005 to add some new examples. Revised September 10, 2005 to add material about generators. Download: http://spinning-yarns.org/michael/misc/python-intro.pdf

Nici chiar asa, fiecare cu parerea lui dar nu incepeti sa va injurati pe aici.

empathy, doar o curiozitate, cati ani ai? Imi poti spune pe PM daca vrei sa nu vada toata lumea, eu nu o sa postez mesajele private pe forum, am bun simt.

Gabycs94 Cine vine cu aceaste opinii, cel pentru care "Cola sau Pepsi?" e o problema existentiala... Cine vorbeste de vechiul RST: Join Date: 01-15-2011 Da, au plecat multi membri, membri buni. Dar au plecat pentru ca au vietile lor si in special au plecat pentru ca s-au angajat. Si s-au angajat in domeniul IT, nu ca spalatori de vase cum vor deveni o mare parte dintre membrii din prezent. Daca vrei sa inveti, ai ce, gasesti aici o gramada de resurse, nu vad cine te opreste sa inveti. Nu iti place offtopic-ul, nu treci pe la categoria aia, care e problema? S-a discutat de multe ori aceasta problema. Si cu ideea au venit tot persoane ca tine, care nu au contribuit extrem de mult la forum. Ai doar doua topicuri la "Stuff tools", in rest... Offtopic-ul nu se va inchide. Acolo se poate discuta orice, pentru asta e facut. Acolo nu ma intereseaza ce faceti, va puteti injura, puteti face ce vreti, nu imi pasa de acea categorie. Insa cate injuraturi vezi la tutoriale/programare? Da, ce-i drept nu prea se posteaza acolo, dar nu vad ce s-ar putea posta. Acum, fiecare cu problemele lui, eu nu mai am timpul pe care il aveam inainte, si e posibil sa nu il mai am nici pe cel care il am acum. Nu cred ca ai prins vremurile cand dadeam warn-uri cu gramada, am dat peste 600, probabil peste 200 de banuri... Acum nu mai am timp sa urmaresc toate topicurile. adi123456789 Nu va fi niciodata chestionar pentru a putea intra aici. Exista pe aceasta planeta si oameni mai putin invatati ca tine, dar dornici sa invete lucruri noi. Probabil tu le sti pe toate, si ai trece usor acel test, insa nu toti sunt la fel de experimentati. Insa si cei mai slabi ar merita o sansa. Si cei mai slabi merita un punct de plecare, cateva sfaturi, sa stie ce drum sa aleaga... gigi23: Am vrut eu de mult sa fac asa ceva, dar nu am avut timp. Ar fi interesant, insa trebuie facute modificari la scriptul forumului. Daca dupa sesiune voi avea mai mult timp, cred ca voi face cateva lucruri noi pe aici. Dar am si alte treburi de rezolvat... SilentPH: Da, se face prea mult offtopic, pentru ca e mult mai usor sa discuti despre un subiect de la offtopic decat despre cum sa gasesti un Local Root Privilege Escalation Exploit. Toata lumea: Nu mai veniti cu astfel de sugestii. Daca vreti sa se schimbe ceva la forum, incepeti prin a va schimba voi. Incepeti sa postati voi lucruri utile, apoi aveti dreptul moral de a va plange ca se face prea mult offtopic. In plus, uitati categoria offtopic. Daca chiar vreti sa invatati ceva faceti abstractie de ea si va vedeti de treburile voastre. Cat despre faptul ca "sunt bland", se va schimba in curand si se va schimba drastic. Am mai spus ca vreau sa dau niste banuri, dar vreau sa vad cui si de ce. Si dureaza sa ma uit peste posturile unei persoane.

Partial da, le consider inferioare pe femei, "Dumnezeu" e de vina. Dar am descris in detaliu in postul meu in ce sens. Cat despre "Noi facem copii" e o aberatie. Nu faceti singure copii. Probabil e dureroasa nasterea, nu contest asta, dar nu e cine stie ce vitejie.

E discutabila treaba. Oricum, nu e nimeni care sa urasca femeile. Desi prin definitie misogin e un barbat care uraste femeile, cuvantul in practica nu e atat de dur. Se rezuma totul la "razboiul" dintre femei si barbati. Si sunt foarte multe de spus. Sa fiu scurt. Poate o sa fiu considerat misogin, dar, foarte general: "Un barbat e mai apt (sa zicem) ca o femeie". Din moment ce femeile si barbatii sunt fiinte, putem face distinctii generale in functie de: 1) fizic 2) psihic Primul punct nu cred ca are rost sa il dezvolt, e clar ca un barbat are mai multa forta si rezistenta fizica. Legat de punctul doi, din cate stiu eu, psihicul uman este dat de doua emisfere ale creierului: emisfera stanga si emisfera dreapta. Una dintre ele se ocupa cu ratiunea, cu gandirea logica, iar cealalta cu partea afectiva, emotionala. Nu mai stiu care dintre ele. Dupa cum ar trebui sa va dati seama, barbatii au dezvoltata mai mult partea rationala, iar femeile mai mult partea afectiva. De aceea "barbatii sunt mai buni ca femeile la orice". De aceea putem spune: "Cel mai bun pilot e barbat", "Cel mai mare inventator e barbat", chiar si pe partea artistica: "Cel mai mare pictor/scriitor... e barbat", chiar si cei mai buni bucatari tot barbati sunt. Desigur, femeile o baga pe aia cu: "Dar exista si femei pilot", "Dar exista si femei inventatori - una care a inventat sutienul" sau mai stiu eu ce rahaturi de exeptii cu care se asteapta sa se aduca pe picior de egalitate cu ratiunea barbateasca. Sunt penibile cand fac asta. Dar si femeile au atuurile lor. Pe langa faptul ca arata bine (pentru cine arata bine?) si fac tot posibilul sa ne satisfaca pe noi, pe barbati, au si puncte forte cu afectivitatea lor. Unul dintre ele ar fi relatiile sociale, de exemplu una e sa pui o femeie sa aiba grija de un copil, alta e sa i-l dai unui barbat care sa ii zica: "Taci in mm ca iti bag berea pe gat". In fine, exagerez, dar cred ca ati prins ideea. Ca sa ma lungesc, ca tot nu am ce face, vreau sa va spun parerea mea despre cum a inceput diferentierea intre femei si barbati. Inainte de toate, ne intoarcem in trecut. Omul pentru a supravietui muncea campul, vana animale... Femeia, dat fiind faptul ca nu poseda forta fizica a barbatului nu putea sa vaneze sau sa munceasca, decat lucruri mai usoare, de facut pe acasa. Astfel batbatul facea toata treaba, si avea tot dreptul sa faca pe seful. Venea si el rupt de oboseala acasa si nevasta incepea sa urle la el, cum sa nu ii futa doua in barba? De aici si violenta domestica de astazi, mentalitatea a ramas la fel, dar nu as spune ca e numai vina barbatului. De exemplu vine barbatul acasa beat. Femeia, in loc sa taca sa il lase in voia lui, incepe sa urle la el si sa il loveasca, sa ii dea palme sau sa arunce cu cine stie ce in el. Pai cum sa nu ii rupi botul? Cu alte cuvinte, majoritatea femeilor care iau bataie de la barbati si-o merita. A, sa nu ma intelegeti gresit, nu sunt deloc de acord ca un barbat sa loveasca o femeie. Bun, un alt factor important dar la care nu se gandeste multa lume cand e vorba de aceasta epica batalie este... religia. Da, stiu ca poate initial credeti ca e ciudat dar religia a jucat un rol extrem de important in denigrarea femeilor si a drepturilor acestora. Sa incepem cu Geneza. Chiar de la inceput femeia a fost creata din barbat, pentru ca barbatul sa nu fie singur. Apoi, femeia a facut prima pacatul stramosesc si a muscat din mar (PS: sunt ateu). Si de aici a pornit totul. Oare de ce femeile nu au dreptul la ranguri inalte in Biserica, nici macar preoti? Oare de ce nici macar in ziua de azi femeile nu au voie in altar? Oare de ce o gramada de femei au fost arse pe rug? Sunt extrem de multe lucruri pentru care Biserica (atat insitutia cat si prostiile lor) este de vina. Femeia a capatat dreptul de vot abia prin 1918. De aici a inceput drumul femeii spre egalitatea cu barbatul. Am putut si inca putem spune ca femeile nu sunt la egalitate cu barbatii, indiferent ce intelegem prin aceasta egalitate. De ce? E simplu: nu vor fi niciodata. E clar in multe domenii ca se prefera un barbat, in general pentru orice, in locul unei femei, pentru ca ar face o treaba mai buna. Puneti un barbat si o femeie sa faca un lucru pe care niciunul dintre ei nu l-a mai facut niciodata sa vedeti care se descurca mai bine. Ca sa nu mai spun de sutpidul si penibilul concept de feminism. Ati auzit vreodata de barbatism? Nu. Femeile si ideile lor stupide, vor sa aibe aceleasi drepturi ca barbatii cand de fapt le au de mult timp, dar nu sunt in stare sa le foloseasca, sa faca nimic cu ele. In fine, sunt foarte multe de spus, nu m-am legat deloc de trasaturile morale ale femeilor, de cat de mult se pot uri una pe alta, de cate marsavii pot face pentru a ajunge la ceea ce isi doresc, de cate multe pretentii au si de cat de putin ofera... Nu vreau sa ma intelegeti gresit, nu urasc femeile si nu sunt misogin. Le respect in limita bunului simt, de cele mai multe ori nu vorbesc urat in prezenta lor... Ar mai fi rpobabil multe de spus, eu doar am enuntat cateva idei, astept sa aduceti si voi argumente. Imi pare rau ca nu prea sunt fete pe aici, as vrea sa vad ce argumente pot sa aduca. Ah, stai, nu au ce argumente sa aduca. Am purtat astfel de discutii cu multe fete, de la fete stupide care: "Vai, ce, esti misogin" si nu aduceau niciun argument, la fete care mi-au spus direct: "Da, femeile nu sunt atat de bune ca barbatii".

Nu o luati si voi asa... Nu e tocmai un DOS-er stralucit, dar puteti face cate ceva cu el. De exemplu puteti face multe request-uri care o pagina de cautare, care cautand ceva in baza de date, consuma resursele serverului (daca nu e cine stie ce) si pot sa apara probleme. Abtineti-va de la comentarii stupide. E un simplu program.