Monday, August 10, 2009

Boot Block Recovery For Free

Boot Block Recovery For Free

You don't need to pay a measly sum of dollars just to recover from a boot block mode. Here it is folks:

AWARD Bootblock recovery:

That shorting trick should work if the boot block code is not corrupted, and it should not be if /sb switch is used when flashing the bios (instead of /wb switch).

The 2 pins to short to force a checksum error varies from chip to chip. But these are usually the highest-numbered address pins (A10 and above).

These are the pins used by the system to read the System BIOS (original.bin for award v6), calculate the ROM checksum and see if it's valid before decompressing it into memory, and subsequently allow Bootblock POST to pass control over to the System BIOS.

You just have to fool the system into believing that the System BIOS is corrupt. This you do by giving your system a hard time reading the System BIOS by shorting the 2 high address pins. And when it could not read the System BIOS properly, ROM Checksum Error is detected "so to speak" and Bootblock recovery is activated.

Sometimes, any combination of the high address pins won't work to force a checksum error in some chips, like my Winbond W49F002U. But shorting the #WE pin with the highest-numbered address pin (A17) worked for this chip. You just have to be experimentative if you're not comfortable with "hot flashing" or "replacement BIOS".

But to avoid further damage to your chip if you're not sure which are the correct pins to short, measure the potential between the 2 pins by a voltmeter while the system is on. If the voltage reading is zero (or no potential at all), it is safe to short these pins.

But do not short the pins while the system is on. Instead, power down then do the short, then power up while still shorting. And as soon as you hear 3 beeps (1 long, 2 short), remove the short at once so that automatic reflashing from Drive A can proceed without errors (assuming you had autoexec.bat in it).

About how to do the shorting, the tip of a screwdriver would do. But with such minute pins on the PLCC chip, I'm pretty comfortable doing it with the tip of my multi-tester or voltmeter probe. Short the pins at the point where they come out of the chip.



AMIBIOS Recovery bootblock:
1. Copy a known working BIOS image for your board to a floppy and rename it to AMIBOOT.ROM.
2. Insert the floppy in your system's floppydrive.
3. Power on the system while holding CTRL+Home keys. Release the keys when you hear a beep and/or see the floppy light coming on.
4 . Just wait until you hear 4 beeps. When 4 beeps are heard the reprogramming of the System Block BIOS went succesfull, so then you may restart your system.

Some alternative keys that can be used to force BIOS update (only the System Block will be updated so it's quite safe):
CTRL+Home= restore missing code into system block and clear CMOS when programming went ok.
CTRL+Page Up= restore missing code into system block and clear CMOS or DMI when programming went ok.
CTRL+Page Down= restore missing code into system block and do not clear CMOS and DMI area when programming went ok
Btw: the alternative keys work only with AMIBIOS 7 or higher (so for example an AMI 6.26 BIOS can be only recovered by using CTRL+Home keys).
Boot Block Recovery for FREE

************************************************
BLACKOUT Flashing
*************************************************

Recovering a Corrupt AMI BIOS chip
With motherboards that use BOOT BLOCK BIOS it is possible to recover a corrupted BIOS because the BOOT BLOCK section of the BIOS, which is responsible for booting the computer remains unmodified. When an AMI BIOS becomes corrupt the system will appear to start, but nothing will appear on the screen, the floppy drive light will come on and the system will access the floppy drive repeatedly. If your motherboard has an ISA slot and you have an old ISA video card lying around, put the ISA video card in your system and connect the monitor. The BOOT BLOCK section of the BIOS only supports ISA video cards, so if you do not have an ISA video card or your motherboard does not have ISA slots, you will have to restore your BIOS blind, with no monitor to show you what’s going on.

AMI has integrated a recovery routine into the BOOT BLOCK of the BIOS, which in the event the BIOS becomes corrupt can be used to restore the BIOS to a working state. The routine is called when the SYSTEM BLOCK of the BIOS is empty. The restore routine will access the floppy drive looking for a BIOS file names AMIBOOT.ROM, this is why the floppy drive light comes on and the drive spins. If the file is found it is loaded into the SYSTEM BLOCK of the BIOS to replace the missing information. To restore your BIOS simply copy a working BIOS file to a floppy diskette and rename it AMIBOOT.ROM, then insert it into the computer while the power is on. The diskette does not need to be bootable or contain a flash utility. After about four minutes the system will beep four times. Remove the floppy diskette from the drive and reboot the computer. The BIOS should now be restored.

Recovering a Corrupt AWARD BIOS
With AWARD BIOS the process is similar but still a bit different. To recover an AWARD BIOS you will need to create a floppy diskette with a working BIOS file in .BIN format, an AWARD flash utility and an AUTOEXEC.BAT file. AWARD BIOS will not automatically restore the BIOS information to the SYSTEM BLOCK for this reason you will need to add the commands necessary to flash the BIOS in the AUTOEXEC.BAT file. The system will run the AUTOEXE.BAT file, which will in turn flash the BIOS. This is fairly easy. Here are the steps you need to take.

· Create a bootable floppy diskette
· Copy the BIOS file and flash utility to the diskette
· Create an text file with any standard text editor and add the following lines

@ECHO OFF
FLASH763 BIOSFILE.BIN /py

In the above example I am assuming that you are using the FLASH763.EXE flash utility. You will need to replace the FLASH763 with the name of whatever flash utility you are using, and replace the BIOSFILE.BIN with the name of the BIOS file you are using. You will also need to change the ‘/py’ to whatever the command is for your flash utility to automatically program the BIOS without user intervention. If you do not know the command to automatically flash your BIOS type the name of the flash utility with a space and then /? to display the utility’s help screen. The help screen should pecify the command switch to automatically flash your BIOS. If you are using the FLASH763.EXE utility then the switch to automatically flash your BIOS is ‘/py’.

Bell Hell Volume #2

/CONTENTS/
In vol. I we discussed some of the minor aspects of bell hell. Now we shall
enter the realm of serious bell hell, including how to crush AT&T's firm grip
on the wired industry and Ma's underground passages.

/MA'S CODES ETC./
In order to make things easier for her employees, Ma has given us not only
free access to almost all her treasures but guides next to them to help us
along the way. One of the more common boxes found are the ones located either
at the end of your street, in an adjacent field or on telephone poles. Any of
these boxes contains all the lines for the surrounding neighbourhood. Ma
usually supplys a code for the wires inside on the side of the door to one of
these boxes, if not the code usually goes like this:

Red (ring-) = Ring line, allows others to call you
Green (tip+) = Calling out line, for you to call others

Ma has conveniently located these, the red on the right and the green on the
left. If you run into one of these boxes and it's locked then you'll need to
purchase is either a 1/2" crowbar or an 7/16" hex driver, prefferably the
latter. In order to use the 7/16, simply give a 1/8" turn counter clockwise,
presto you are in. The crowbar is self explanatory I believe.

The other, and less likely to be found of the bell underground network is just
that, the underground network. To find one of these simply look for a manhole
cover with a bell in the middle instead of an S or what-ever you sanitary
dept. might use. The aspects and entry of these will be discussed later in
this article, now to the boxes.

Now that you are in one of these boxes there is a rather interesting list of
prospects you can do, connect a linesmans handset, connect a box, or eavesdrop
to name a few, here's some of the ways to do the following.

Hell #1:

/LINESMANS HANDSET/
In order to make a linesmans handset (if not included within the newly found
box) you'll need a few things:

1 a phone (prefferably a GTE flip fone or a slimline)
2 a spliceing knife (any knife will do, the sharper the better)
3 a set of alligator clamps (if not already within the box)

Now take your knife and cut off all the wires and the modular jack (if one)
saving the red (ring-) and green (tip+) wires. Now attach the alligator clips,
one to the red and one to the green, and your set. All you need do is attach
the alligator clips to the designated colors on the box (red - red/green -
green) and you have essentially become an extension of that line.

Hell #2:

/THE BLACK/BLUE BOX/
Finally a place where you can use that box of yours with minimal worries of
being caught (the only way would be to get caught red-handed). Ah yes, bell
hell at one of its finer points. Commonly it takes Ma about a month or so to
figure out the trip on this one.

If you are unfamilar with boxes, the black box allows others to call you free
where-as the blue box allows you to use operator lines and even become one of
the bitches (become an operator). For more info I would suggest consulting
black/blue box plans.

Use the normal plans for a black/blue box and make the following
modifications:

Equipment:
(1) SPST SWITCH (found at your local Trash Shack)
(1) 10K OHM 1/2 WATT 10% RESISTOR (same as above)
SOME EXTRA WIRE (same as above above)

Now disconnect the green wire in the box and connect it to one of the two
poles on the SPST switch. Take a piece of your extra wire connect one end to
the other pole on your SPST switch and the other end to the terminal. Now
place the 10k ohm resistor between the terminal and the terminal.
Connect it (the 10k ohm resistor) via wire to the two. The terminal
should have a green wire going to it and the terminal should have a white
and blue wire connected to it. Your finished product should look something
like this:

--/-/--
:S P S T:
-------
:: ::
-----GREEN WIRE--:: ::----
!
10K OHM
!
!
-----WHITE WIRE-----------\\
------BLUE WIRE-----------------

This is simply the basic wiring, if you decide to become one with advancement
you might try hooking up lights to go on when your online or perhaps a
recorder, what-ever you wish.

Hell #3

/EAVES-DROPPING/
There are many various ways to accomplish this, seeing how I like to stick to
basics I will describe what I feel is the easiest by far. First you need to
make a linesmans handset as mentioned above if you already haven't. Now simply
disconnect the sending end (the end you talk through) and listen in. From here
you can accomplish several various tasks. If you are into blackmail you can
hook up a tape recorder (if you want to do this you can leave me a msg. or
wait for another file later, its rather a long task) or you may simply hold
the recorder to the listening end of the phone. To find out about the line
etc. You can do a couple of things, first you can dial your ANI (automatic
number identification) and find out the line you are on, after this call, you
are a local CN/A (described below) and run a check on who's line it is etc.
This can bring all kinds of hell for those not-so-trustworthy wifes/husbands.

More Hell:

/OTHER TRICKS/
You can set up a conference call simply by dialing your conference operator
(0-700-456-1000) and setting it up, just do what she says. I suggest this
operator for her lines are superior to those of the bitchy PBX ones. Oh,
you'll also need to know that lines person, address etc. Just pull an ANI and
then an CN/A on it.

If you have an urge to get back at someone simply attach your linesmans
handset to the persons line (fine their line as mentioned many times before)
and leave it off the hook. You can imagine just how long it could take Ma's
loyal employees to discover the problem. Possibly weeks if not a month.

Using the persons line to call computer systems that trace. This also goes
under the heading 'getting back at people' for the hassles you'll cause them
when the line is traced to them is numerous, bitchy Ma employees tend to be
irrational, spoiled children when it comes to busting people.

Bugging the operator - self explanatory.

RAISE HELL

/Insider/ - The rest of this doc is mainly explanations, a little hell and a
few other things I decided to throw in instead of making another Vol.. It's
true purpose is to coincide with Vol. I, as well as take up space, the rest is
unknown.

-----------
800 EXTENDERS
-----------

Basically, 800 extenders are much like Save-Net or Am-Net going 800 instead of
local access numbers. With this one you can call anywhere in the U.S. for
free, of course you need the X digit code, but this is easily found. You use
these just like you would if you were using Save-Net, i.e. you would dial
1-800-XXX-XXXX, then enter in your X digit code and then the area code + the
number you wish to reach, i.e. 1800521167429125036358443, as you can see there
is an 800 number followed by a 4 digit code followed by a number wished to be
reached. Here's a few 800 extenders, theres many many more:

1-800- 1-800-
------- -------
245-4890 4 DIGITS 327-6713 4 DIGITS
243-7650 6 DIGITS 328-7112 4 DIGITS
654-8494 6 DIGITS 327-9895 7 DIGITS
327-9136 4 DIGITS 227-3414 4 DIGITS
682-4000 6 DIGITS 343-1844 4 DIGITS
858-9000 3 DIGITS 521-1674 4 DIGITS
537-3511 8 DIGITS 843-0698 9 dIGITS

=-=-=-=-=-=-=------------------------->
LOOP NUMBERS EXPLORED

Loop numbers simply connect two people together using two different numbers.
Thus these numbers always come in pairs, one being the higher one while the
other being the lower one. So if you were to use one, you would call one of
the pair and the other one would call the other one (you take the high road
I'll take the low road). Loop numbers are equal in quality as calling direct,
thus it would be the same quality as you would get calling your neighbour. If
you would happen to call a loop number and no one was on the other end one of
two things would happen, if you called the higher of the two you would here
silence, if you dialed the lower you would get a 1000 hertz tone. Heres a list
of some loop numbers:

Area Code 212
XXX-9979 (HIGH)
XXX-9977 (LOW)

XXX= 690,534,569,432,868,255,228,677,982,466,926,220,586,524,283

XXX-9906 (HIGH)
XXX-9900 (LOW)

XXX= 529,352,439,388

Where you see XXX you enter the prefix desired, thus if you wanted area code
212, you could choose a prefix say 690, so one person would dial 690-9906 and
the other 690-9900.

In order to scan for loop numbers you'll need a friend to help. Loop numbers
run in pairs, the combination is 00XX and XX99. So what you need is for one
person to scan one end while the other scans the upper (using the same
prefix). The hang side has no tone while the other gives off a 1000hz tone.

To use a loop number in order to start a conference call simply have one
person get on the hangside while another calls the conferenceing operator (PBX
operator will do). The person calling the operator (hopefully from a fortress
phone) should charge the call to the upper loop number (the one the other
person isn't on), when the operator calls to verify she'll get your freind,
who of course will accept all charges gladly.

=-=-=-=-=-=-=------------------------->
Customer name and address
(CN/A)

A CN/A operator is disagnated for the use of AT&T employees who need some
information on a certain person. Ex- A Bell cop got a persons name from a nark
or whatever, he needs more info about the person so he calls up the CN/A
operator and asks her for the persons where abouts. Ma has been nice enough to
grant these operators the knowledge of a few more things (Ma's slip up), such
as their phone number. Thus we can call up one of these operators, say,'Hi, my
names Joe Rodrequiz and I'm from the Lake Oswego Bell customer service
department, I need the following info on a 'Jack Suchos'.' Then you become
really nice and ask if you can have that persons phone number so you don't
have to go over there. Since these operators are human, and are easily conned
and are very informed they'll give you just about whatever you need to know.
However you must be polite and business like. Following is a list of CN/A's,
to use it, find your area code and the CN/A operators number will follow:

DUTCHMAN DIRECTORY
AREA CODE PHONE NUMBER
---------- ---------------
201 201-676-7070
202 301-384-9820
203 203-789-6815
204 204-949-0900
205 205-988-7000
206 206-382-8000
207 617-787-2750
208 303-399-4200
209 415-546-1341
212 518-471-8111
213 213-501-4144
214 214-948-5731
215 412-633-5600
216 614-464-2345
217 217-525-7000
218 402-345-0600
219 317-265-4834
301 301-534-1168
302 412-633-5600
303 303-399-4200
304 304-344-8041
305 912-784-9111
306 NONE....NONE
307 303-399-4200
308 402-345-0600
309 217-525-7000
312 312-796-9600
313 313-223-8690
314 314-726-7142
315 518-471-8111
316 816-275-2782
317 317-265-4834
318 318-227-1551
319 402-345-0600
401 617-787-2760
402 402-345-0600
403 403-425-2652
404 912-784-9111
405 405-236-6121
406 303-399-4200
408 415-546-1132
412 412-633-5600
413 617=787-2760
414 608-252-6932
415 415-546-1132
416 416-922-6686
417 314-726-7142
418 514-861-2635
419 614-464-2345
501 405-236-6121
502 502-583-2861
503 203-784-6815
504 504-245-5330
505 303-399-4200
506 506-657-3855
507 402-345-0600
509 206=382-8000
512 512-828-2501
513 714-464-2345
514 514-861-2635
515 402-345-0600
516 518-471-8111
517 313-223-8690
518 518-471-8000
519 416-922-6686
601 601-961-0877
602 303-399-4200
603 617-787-2750
604 604-432-2996
605 402-345-0600
606 502-583-2681
607 518-471-8111
608 608-252-6932
609 201-676-7070
612 402-345-0600
613 416-922-6686
614 614-464-2345
615 615-373-5791
616 313-223-8690
617 617-787-2750
618 217-525-7000
701 402-345-0600
702 415-546-1341
703 804-747-1411
704 912-784-9111
705 416-922-6686
707 415-546-1132
709 NONE....NONE
712 402-345-0600
713 713-820-4112
714 213-501-4144
715 608-252-6932
716 518-471-8111
717 412-633-5600
801 303-399-4200
802 617-787-2750
803 912-784-9111
804 804-747-1411
805 415-546-1341
806 512-828-2501
807 416-922-6686
808 212-334-4336
809 LIST BELOW
812 317-265-4834
813 813-223-9678
814 412-633-5600
815 217-525-7000
816 816-275-2782
817 214-948-5731
819 514-861-2635
901 615-373-5791
902 902-421-4110
903 NONE....NONE
904 912-784-9111
906 313-223-8690
907 NONE....NONE
912 912-784-9111
913 816-275-2782
914 518-471-8111
915 512-828-2501
916 415-546-1341
918 405-236-6121
919 912-784-9111

900+(DIAL-IT) NUMBERS: 212-334-3611

FOR BAHAMAS, BERMUDA, DOMINICAN REP, JAMAICA AND PUERTO RICO: 212-334-4336

Downloaded From P-80 Systems 304-744-2253

Bell Hell Volume #1

PREFACE: In this issue will discuss the different types of operators, area
codes and special numbers. This edition is made to give you a basic
understanding of the wicked ways of MA. I hope it'll give you a good enough
back ground to do well. Look for Bell Hell vol. 2 for more info on hacking.



=-=-=-=-=
OPERATORS:
=-=-=-=-=

Here we'll go over in detail some of the most common operators.

TSPS OPERATOR:

Trafic (us) Service Position System Operator is the bitch you commonly here
whenever you use a pay phone etc. To say the least she's a meat head. Her
responsibilities are as follows:

[1] Getting all billing information for Calling Cards and 3rd number calls.

[2] Making sure you get the right person on person-to-person calls.

[3] Making sure the fool on the other end will pay for your collect call (why
call collect?)

[4] Identifying calling numbers, or basically asking you,
'what number are you calling, please.' when the system fucks up.

Even though these operators are commonly ding-bats, you shouldn't screw with
them, for they are known to be quick with the tracer. She can even tell if you
are calling from a fortress phone. She has a portable all time ready tracer.
Beware of these deadly bitches.

INWARD OPERATORS:

This wench is basically an apprentice to the bitch above (TSPS) or commonly
the '0' operator. She will never question you as long as you are within her
dimension (service) area. She can only be reached by a mighty Blue Box
(discussed in up and coming tutorial) or another operator.

DIRECTORY ASSISTANCE OPERATORS:
(DOA?DAO?)

This is the operator you get when you call directory assistance (555-1212).
All she can do is either tell you a listed number or tell you if a number is
unlisted. Waste of time.

DEAF D.A.O.'S

This neat little operator is set up to help with directory assistance for deaf
people (who would they want to talk to?). She's reachable by dialing
800-855-1155. She talks to the deaf via Teletypewriters (terminals). If your
modem can transfer baudot (Oh those sweet Apple Cats can) then you can talk to
her. You might find her alot more friendly, more talkitive, and alot easier to
manipulate a number out of. However, she does use abbreviations like GA for go
ahead (pretty tricky huh).

CN/A OPERATORS

Oh the sweet CN/A, god bless its soul. These operators instead of giving you
information on a persons phone number, they give you information on a phone
numbers person (the person at 503-229-7600). However, if manipulated these
beauties can give you the number for an unlisted phone number (the number),
they have all kinds of access. This topic is discussed later in this tutorial.

INTERCEPT OPERATOR:

All places have their share of low lifes, well this is the scum, bottom of the
barrel of operators. She's the one you get when all the recordings are busy
(lower than a recording). Infact these dames can cause you more pains then a
recording. They only know a handful of english (around two sentences) and can
barely even say those. Even though they have no clue to what a trace is,
unless you know their native tongue, and then doubtfully, their just a pain in
the butt to deal with.

OTHER OPERATORS:

Well we have - marine verify, mobile, route and rate, ship to shore,
conference and a few other specific ones. No real help to us now.

*NOTES: Most operators have their own little Directory Assistance. If any
operator is giving you probs ask to speak with his/her/its supervisor. This
will freak them out. In rare loveable cases you might find a nice operator
with a number like (503-123-4567). Whenever you find a 0 or 1 in the 4th
number slot then you know need a Blue Box. It'll give you special access to
those hard to get wenches.




=-=-=-=-=-=-=-=
AREA CODES ETC.
=-=-=-=-=-=-=-=

HOW PHONE NUMBERS WORK:

Basiclly MA made our phone numbers quite simple. Here's how they work:

[A] The area code is what the call a three digit number plan area or NPA. This
means that an area code is just that, the code for an area.

[B] The rest of our number (ie. 666-7209) is divided into two segments. The
first being the Central Office number (666 would be N. Portland) and the
ending (7209) is the station number, or basically your assigned home number.

This complete combination (503-666-7209) is known as the destination code.
Here's how MA has developed the combo's:

[NPA] [TELEPHONE NUMBER]

X*Y XYY-YYYY

X = a number from 2-9
y = a number from 0-9
* = either 0 or 1

Normally an area code may never cross a states boundry, thus an area code
(NPA) may not be used for both New York and for Pennsylvania. However, as for
all other rules there is an exception. Here they are.

SPECIAL AREA CODES:
(SACS)

510 - TWX (USA)
610 - TWX (CANADA)
700 - NEW SERVICE
710 - TWX (USA)
800 - WATTS LINES
810 - TWX (USA)
900 - DIAL-IT SERVICES
910 - TWX (USA)

The explanations of these are as follows:

TWX:

Telex II, as you can see above there are 5 TWX machines. They are all owned by
Western Union. Normally these babes may only be accessed by other TWX
machines, however, if you do not wish to go and purchase one you can access
them by use of the Easylink, by Western Union. For more on this I would
suggest reading The Bioc Agents, and Tucs article on 'Hacking Western Union's
Easylink.'

700:

This is a new service for employees of AT&T in which someone (one of the
special employees) can call his own 700 number (say 700-292-9876), enters
his/her code, and where he is staying and then hangs up. If there is any new
info on the case he is working on, the computer will call him back and tell
him all the latest updates.

800:

There are basically two types of Watts Lines, Inward Watts and Outward watts.
These are probably some of the nicest of the special area codes since they
allow you to call for free. Here's an explanation of the two:

INWARD WATTS:

Inward Wide Area Telecommunications Service is probably the one your most
familiar with. MA has developed it so there are 6 different levels of Inwatts.
Level 6 being the whole U.S. (all 50 states) level 5 being all 48 contienental
states etc. all the way down to 1, only one state. Usually a company will get
a level 6 and then a level 1 because all though level 6 allows you to call
from anywhere in the U.S. it excludes the state where the call is terminated
at, so the company usually buys a level 1 for that state.

Interstate Inwatts are less common but still exist. These are the ones you can
only call from say one state. You can tell one quite easily for they all have
a 2 for the last central office number, or the 6th number (ie. 800-XY2-XXXX).

All companies that have an 800# must have at least two lines. This is because
if you call the first number (ie. 800-666-0190) and it rings busy the 800#
number will always go to another port to see if its busy. Inwatts customers
are billed by the hour instead of month like us.

OUTWARD WATTS:

Outwatts are just that, there for making outward calls only. Large companies
commonly use Outwatts since they recieve bulk discounts. Outwatt 800's are in
the form of:

800-*XX-XXXX

* may only be a 0 or 1 and can only be reached by way of box. The whole set,
*XX is the areas that are accessable by that comany.

900:

This is a nation number used for taking polls and the like (How do you think
they know what shows on the tube are k00l). The number for this service is,
900-555-1212. This will tell whats up on the system. Beware, this MA trick
will cost you 50 cents a minute, and 35 cents there after (ever heard of MA
being cheap?).

=-=-=-=-=
CO CODES
=-=-=-=-=

These are the way the switching office knows where to route the call. The
following codes are reserved nationwide:

555 - directory assistance
950 - future use
958 - plant test
959 - plant test
976 - dial-it services (weather etc.)

950:

This includes all special service. Heres a list of a few:

1000 - SPC
1022 - MCI Execunet
1033 - US Telephone
1044 - Allnet
1088 - SBS Skyline

*NOTE: These beauts are free from fortresses.

958,959:

These consist of ANI, Ringback and some other MA tests.

976:

Check this one out. Simply dial 976-1000. Alot of BBSs around will probably
have a more complete listing of these services.

=-=-=-=-=
N11 CODES:
=-=-=-=-=

I'm not sure which one of these are still in service. Basically MA wants to
dump these services, but alot are still in use, it'll vary with your area.

011 - international dialing prefix
211 - coin refund operator
411 - directory assistance
611 - repair service
811 - business office
911 - EMERGENCY

Downloaded From P-80 Systems 304-744-2253

Beep Codes Error Codes

After repeated requests for beep codes i have decided to post them here maybe they could be pinned

Standard Original IBM POST Error Codes
Code Description

1 short beep System is OK
2 short beeps POST Error - error code shown on screen No beep Power supply or system board problem Continuous beep Power supply, system board, or keyboard problem Repeating short beeps Power supply or system board problem
1 long, 1 short beep System board problem
1 long, 2 short beeps Display adapter problem (MDA, CGA)
1 long, 3 short beeps Display adapter problem (EGA)
3 long beeps 3270 keyboard card
IBM POST Diagnostic Code Descriptions
Code Description
100 - 199 System Board
200 - 299 Memory
300 - 399 Keyboard
400 - 499 Monochrome Display
500 - 599 Colour/Graphics Display
600 - 699 Floppy-disk drive and/or Adapter
700 - 799 Math Coprocessor
900 - 999 Parallel Printer Port
1000 - 1099 Alternate Printer Adapter
1100 - 1299 Asynchronous Communication Device, Adapter, or Port
1300 - 1399 Game Port
1400 - 1499 Colour/Graphics Printer
1500 - 1599 Synchronous Communication Device, Adapter, or Port
1700 - 1799 Hard Drive and/or Adapter
1800 - 1899 Expansion Unit (XT)
2000 - 2199 Bisynchronous Communication Adapter
2400 - 2599 EGA system-board Video (MCA)
3000 - 3199 LAN Adapter
4800 - 4999 Internal Modem
7000 - 7099 Phoenix BIOS Chips
7300 - 7399 3.5" Disk Drive
8900 - 8999 MIDI Adapter
11200 - 11299 SCSI Adapter
21000 - 21099 SCSI Fixed Disk and Controller
21500 - 21599 SCSI CD-ROM System

AMI BIOS Beep Codes
Code Description

1 Short Beep System OK
2 Short Beeps Parity error in the first 64 KB of memory
3 Short Beeps Memory failure in the first 64 KB
4 Short Beeps Memory failure in the first 64 KB Operational of memory
or Timer 1 on the motherboard is not functioning
5 Short Beeps The CPU on the motherboard generated an error
6 Short Beeps The keyboard controller may be bad. The BIOS cannot switch to protected mode
7 Short Beeps The CPU generated an exception interrupt
8 Short Beeps The system video adapter is either missing, or its memory is faulty
9 Short Beeps The ROM checksum value does not match the value encoded in the BIOS
10 Short Beeps The shutdown register for CMOS RAM failed
11 Short Beeps The external cache is faulty
1 Long, 3 Short Beeps Memory Problems
1 Long, 8 Short Beeps Video Card Problems

Phoenix BIOS Beep Codes
Note - Phoenix BIOS emits three sets of beeps, separated by a brief pause.

Code Description
1-1-3 CMOS read/write failure
1-1-4 ROM BIOS checksum error
1-2-1 Programmable interval timer failure
1-2-2 DMA initialisation failure
1-2-3 DMA page register read/write failure
1-3-1 RAM refresh verification failure
1-3-3 First 64k RAM chip or data line failure
1-3-4 First 64k RAM odd/even logic failure
1-4-1 Address line failure first 64k RAM
1-4-2 Parity failure first 64k RAM
2-_-_ Faulty Memory
3-1-_ Faulty Motherboard
3-2-4 Keyboard controller Test failure
3-3-4 Screen initialisation failure
3-4-1 Screen retrace test failure
3-4-2 Search for video ROM in progress
4-2-1 Timer tick interrupt in progress or failure
4-2-2 Shutdown test in progress or failure
4-2-3 Gate A20 failure
4-2-4 Unexpected interrupt in protected mode
4-3-1 RAM test in progress or failure>ffffh
4-3-2 Faulty Motherboard
4-3-3 Interval timer channel 2 test or failure
4-3-4 Time of Day clock test failure
4-4-1 Serial port test or failure
4-4-2 Parallel port test or failure
4-4-3 Math coprocessor test or failure
Low 1-1-2 System Board select failure
Low 1-1-3 Extended CMOS RAM failure

Anonymity

Anonymity

I can see you hiding in the shadows over there and so can the logs of all the web sites, FTP servers and other nooks and crannies you visit on the web. The sort of information gathered by these logs and which is available to the webmasters of the sites you visit include the address of the previous site you visited, your IP address, your computer's ID name, your physical location and the name of your ISP along with less personal details such as the operating system you're using and your screen resolution. If someone was snooping through your dustbin to gather information on consumer trends or tracking your every move to see where it is you go everyday you wouldn't be too chuffed would you. Well the web is no different, it's still an invasion of privacy and a threat to security and you don't have to put up with it.

Proxy servers:
Every time you visit a web site, detailed information about your system is automatically provided to the webmaster. This information can be used by hackers to exploit your computer or can be forwarded to the market research departments of consumer corporations who by tracking your activities on the internet are better equipped to direct more relevant spam at you. Your best defence against this is to use what is known as a proxy server, which will hide revealing information from the web sites you visit, allowing you to surf the web anonymously. These work by altering the way in which your browser retrieves web pages or connects to remote servers. With a proxy server set up, whenever you 'ask' IE or Netscape to look at a web page, the request is first sent through an external server which is completely independent of your ISP's servers. This third party server then does the requesting on your behalf so that it appears that the request came from them rather than you and your real IP address is never disclosed to the sites you visit. There is nothing to download and the whole process takes less than a minute.

There are two different ways to use proxy servers and both have their advantages and disadvantages. The first method is to use a web based service. What this involves is visiting the proxy's home page each time you want to browse a web site anonymously. The core component of such a system is the dialog box where you enter the address of the web site you want to visit. Each time you enter the URL of the site you want to browse via the proxy into this box, your personal information, IP address and so on is first encrypted before being sent to the site allowing you to maintain your anonymity. Two of the best examples of this type of web based proxy service are Code:
hxxp://www.rewebber.com/
and hxxp://www.anonymizer.com/.

Obviously one disadvantage of using a web based service like Rewebber or Anonymizer, however, is that you have to visit the proxies home page each time you want to surf anonymously. You could choose to select this page as your default home page, but it's still quite awkward if you're forever site hopping at the speed of light. The second main 'con' is that you often have to put up with extra adverts on the pages you visit. These are automatically inserted into the pages by the proxy - they have to pay for service somehow. More sophisticated and convenient solutions are also on offer yet they come with a price tag.

The second method you can use to protect your privacy via a proxy server involves adjusting the settings of your web browser so that you can surf anonymously without having to visit the home page of your proxy each time. To do this you will first need to know the name of your proxy server and the port number it uses. This information can be gleaned from either a public proxy server list or the FAQ referring to a private subscription based service. Once you have the name of the proxy server you wish to use, select 'Internet Options' from the 'Tools' menu of your browser. Now select 'Connections' followed by 'Settings' and tick the 'use a proxy server' check box. To finish the job all you have to do now is enter the name of the server in the 'address' box, the port which it uses in the 'port' box and go forth and surf anonymously.

Free, manual proxy servers as advertised on anonymity sites, if you can find one at all, are likely to be highly oversubscribed, and as a result the speed at which they retrieve web pages can deteriorate. In which case you can go in pursuit of a public proxy server list and select an alternative from it, which can then be set up manually. To locate such a list you can investigate sites such as Code:
hxxp://www.proxys4all.com/

however, this method isn't problem free either, so before you get too carried away and go jumping on the anonymity bandwagon there are a few things you should be aware of. It's very easy to use proxies to protect your privacy, but often the disadvantages of using them far out weigh the benefits. You see, the problem is that, like the proxy servers provided Rewebber et al, free, public proxies are nearly all over subscribed and so they can slow down web browsing considerably. Digging out fast reliable proxy servers is an art form in itself and is a skill which takes considerable practice. You could find a list of public proxy servers and then experiment with each one until you find one that runs at a reasonable speed, but this can be very time consuming and frustrating. Instead, your search would be much more efficient if you got a dedicated program to carry out this task for you. There are literally dozens of proxy seeking programs around which can do just that, and many of them are available as freeware. What these do is scan the internet for public proxy servers. These servers are then tested for speed and anonymity (not all of them are truly anonymous, even if they claim to be!) and once you find one which suits your requirements you can select it as your default proxy with the click of a button.

One of the most significant advantages of using an automated tool to locate proxy servers is that you do not have to keep editing your proxy settings manually each time you wish to try out a new one. Instead, what you do is enter 'localhost' or '127.0.0.1' into the 'address' box and '8088' into the 'port' box of your browser's proxy settings menu and then forget about it. All future proxy switching is then orchestrated from within your proxy seeking software, which subsequently relays the information to your browser or whatever type of application you are attempting to make anonymous. For those of you who are curious 'localhost' and the IP address '127.0.0.1' are the names by which every computer on the internet refers to itself.
Here's a good selection of links, which should help you to get started - Code:
hxxp://www.a4proxy.com/ Anonymity 4 Proxy
hxxp://www.helgasoft.com/hiproxy/ Hi Proxy
hxxp://www.proxy-verifier.com/ Proxy Verifier
hxxp://www.photono-software.de/ Stealther.

You may find that even when using these programs you have difficulty finding good proxy servers. It is for this reason that many people choose only to use proxy servers temporarily whilst doing something which may land them in trouble with their ISP, or in a worst case scenario with the law. The most obvious example of a situation in which you would want to cover your tracks is when scanning for public FTP servers and subsequently uploading to them. Most other net activities are unlikely to incur serious consequences so under these circumstances you can safely surf the web without a proxy. If you're really serious about protecting your privacy, however, your best bet is probably to invest in a dedicated, stable proxy such as the ones offered by Code:
hxxp://www.ultimate-anonymity.com/ Ultimate Anonymity


These aren't free, but may be worth the expense if you aren't keen on continuously switching proxy servers.

Before splashing out though it may be worth checking if your current ISP has a proxy server of its own which you can use. These aren't there to help you to commit cyber crimes and get away with it, they actually have a legitimate purpose as well - otherwise they wouldn't exist. You see, proxy servers were originally designed to help speed up web page loading times. Proxy servers contain a cache of all the web pages which have been requested via the browsers of the people using the proxy. When someone surfs the web using a proxy, the proxy first checks to see if it already has a copy of the web page stored in its cache. If this version of the page is bang up to date, it is sent to your computer and appears in your browser. If the page found in the cache of the proxy server is older than the one stored on the server hosting the page, a new request to the web server is made and the page is updated in the cache of the proxy before being sent to you. Because these servers use very fast internet connections they can retrieve web pages at much greater speeds than you can via your modest home setup. If these servers are located physically nearer to your home than the web host servers you wish to retrieve web pages from, the speed at which you browse the web will be accelerated.


Anonymity - Cookies
One last important point you need to be aware of before jumping in with both feet is that different programs have to be setup in different ways before being able to make external connections via a proxy server. For example, you can surf the web anonymously by modifying the settings in Internet Explorer or Netscape Navigator as explained earlier in this tutorial, but this will only affect your browser. If you then used Flash FXP to copy a batch of 0-day releases from one FTP server to another, this isn't going to protect you in the slightest. What you have to do is enter the name of the proxy server into each application you wish to make anonymous before making any external connections. This can usually be done by browsing through the preferences of your program to see if there is a 'use proxy server' option available. If there is, make sure you use it!


Cookies:
You have little to fear from the edible variety, but the digital ones can be a major threat to your security and privacy. A cookie is a tiny text file (usually less than 1kb in size), which is created and stored on your hard drive whenever you visit a dynamic (or an interactive if you like) web site. These are used to log your personal details so that you can access members only areas of web sites without having to type in a password every time, or to retain your customised settings so that they are available the next time you visit. If you're using a shared computer, anyone who visits the same site that you have previously logged in to can access your accounts. This is particularly worrying if you have entered your credit card details into a form on an e-commerce site. If your browser is set to automatically fill in these details whenever you
return to a previously visited site, this information could be clearly visible - you don't need me to explain the problems this could entail.

The solution to this problem is to delete any cookies which contain sensitive data once you have completed your transactions. Your cookies will be stored in a different place depending on which operating system you are using so you will have to use your detective skills to find them. As an example, in Windows XP they are located in your 'c:\Documents and Settings\Kylie Minogue\Cookies' directory (that is if your name is Kylie Minogue. Mine isn't in case you're wondering!). If you look in this directory, in some cases it is easy to identify which cookie is associated with which web site, but in other cases it's not so obvious. The cookie which was created when you visited Yahoo.com to check your email may be called kylie minogue@yahoo.txt for example. Unfortunately some cookies refer to the IP address of the site you visited and so look more like kylie minogue@145.147.25.21. These cookies can be selectively deleted one at a time if it's obvious which ones are causing a threat to your security, or you can just wipe out the whole lot in one fell swoop and have them recreated as and when they are required. However, if
you're really struggling to find your cookie jar, you could delete your cookies via your browser's tool bar instead. In Internet Explorer this can be done through the 'Tools' > 'Internet Options' menu items.

If all this sounds like too much hassle, you can always find a labour saving program which will be happy to take the job off your hands. These 'cookie crunching' programs allow you to be more selective when editing, viewing and deleting cookies from your system, and some of them will even prevent cookies from being created in the first place. Yes, I know you're hungry for links so I won't deprive you. Have a look here - Code:
hxxp://www.rbaworld.com/Programs/CookieCruncher/ Cookie
Cruncher
hxxp://www.thelimitsoft.com/ Cookie Crusher
hxxp://www.angove.com/ Cookie Killer
hxxp://www.kburra.com/ Cookie Pal
and
hxxp://www.cookiecentral.com/ Cookie Web Kit.

Advanced Shellcoding Techniques

***********************************************
* *
* Advanced Shellcoding Techniques - by Darawk *
* *
***********************************************

Introduction

This paper assumes a working knowledge of basic shellcoding techniques, and x86 assembly, I will not rehash these in this paper. I hope to teach you some of the lesser known shellcoding techniques that I have picked up, which will allow you to write smaller and better shellcodes. I do not claim to have invented any of these techniques, except for the one that uses the div instruction.



The multiplicity of mul

This technique was originally developed by Sorbo of darkircop.net. The mul instruction may, on the surface, seem mundane, and it's purpose obvious. However, when faced with the difficult challenge of shrinking your shellcode, it proves to be quite useful. First some background information on the mul instruction itself.

mul performs an unsigned multiply of two integers. It takes only one operand, the other is implicitly specified by the %eax register. So, a common mul instruction might look something like this:

movl $0x0a,%eax
mul $0x0a

This would multiply the value stored in %eax by the operand of mul, which in this case would be 10*10. The result is then implicitly stored in EDX:EAX. The result is stored over a span of two registers because it has the potential to be considerably larger than the previous value, possibly exceeding the capacity of a single register(this is also how floating points are stored in some cases, as an interesting sidenote).

So, now comes the ever-important question. How can we use these attributes to our advantage when writing shellcode? Well, let's think for a second, the instruction takes only one operand, therefore, since it is a very common instruction, it will generate only two bytes in our final shellcode. It multiplies whatever is passed to it by the value stored in %eax, and stores the value in both %edx and %eax, completely overwriting the contents of both registers, regardless of whether it is necessary to do so, in order to store the result of the multiplication. Let's put on our mathematician hats for a second, and consider this, what is the only possible result of a multiplication by 0? The answer, as you may have guessed, is 0. I think it's about time for some example code, so here it is:

xorl %ecx,%ecx
mul %ecx

What is this shellcode doing? Well, it 0's out the %ecx register using the xor instruction, so we now know that %ecx is 0. Then it does a mul %ecx, which as we just learned, multiplies it's operand by the value in %eax, and then proceeds to store the result of this multiplication in EDX:EAX. So, regardless of %eax's previous contents, %eax must now be 0. However that's not all, %edx is 0'd now too, because, even though no overflow occurs, it still overwrites the %edx register with the sign bit(left-most bit) of %eax. Using this technique we can zero out three registers in only three bytes, whereas by any other method(that I know of) it would have taken at least six.


The div instruction

Div is very similar to mul, in that it takes only one operand and implicitly divides the operand by the value in %eax. Also like, mul it stores the result of the divide in %eax. Again, we will require the mathematical side of our brains to figure out how we can take advantage of this instruction. But first, let's think about what is normally stored in the %eax register. The %eax register holds the return value of functions and/or syscalls. Most syscalls that are used in shellcoding will return -1(on failure) or a positive value of some kind, only rarely will they return 0(though it does occur). So, if we know that after a syscall is performed, %eax will have a non-zero value, and that the instruction divl %eax will divide %eax by itself, and then store the result in %eax, we can say that executing the divl %eax instruction after a syscall will put the value 1 into %eax. So...how is this applicable to shellcoding? Well, their is another important thing that %eax is used for, and that is to pass the specific syscall that you would like to call to int $0x80. It just so happens that the syscall that corresponds to the value 1 is exit(). Now for an example:


xorl %ebx,%ebx
mul %ebx
push %edx
pushl $0x3268732f
pushl $0x6e69622f
mov %esp, %ebx
push %edx
push %ebx
mov %esp,%ecx
movb $0xb, %al #execve() syscall, doesn't return at all unless it fails, in which case it returns -1
int $0x80

divl %eax # -1 / -1 = 1
int $0x80

Now, we have a 3 byte exit function, where as before it was 5 bytes. However, there is a catch, what if a syscall does return 0? Well in the odd situation in which that could happen, you could do many different things, like inc %eax, dec %eax, not %eax anything that will make %eax non-zero. Some people say that exit's are not important in shellcode, because your code gets executed regardless of whether or not it exits cleanly. They are right too, if you really need to save 3 bytes to fit your shellcode in somewhere, the exit() isn't worth keeping. However, when your code does finish, it will try to execute whatever was after your last instruction, which will most likely produce a SIG ILL(illegal instruction) which is a rather odd error, and will be logged by the system. So, an exit() simply adds an extra layer of stealth to your exploit, so that even if it fails or you can't wipe all the logs, at least this part of your presence will be clear.



Unlocking the power of leal

The leal instruction is an often neglected instruction in shellcode, even though it is quite useful. Consider this short piece of shellcode.

xorl %ecx,%ecx
leal 0x10(%ecx),%eax

This will load the value 17 into eax, and clear all of the extraneous bits of eax. This occurs because the leal instruction loads a variable of the type long into it's desitination operand. In it's normal usage, this would load the address of a variable into a register, thus creating a pointer of sorts. However, since ecx is 0'd and 0+17=17, we load the value 17 into eax instead of any kind of actual address. In a normal shellcode we would do something like this, to accomplish the same thing:

xorl %eax,%eax
movb $0x10,%eax

I can hear you saying, but that shellcode is a byte shorter than the leal one, and you're quite right. However, in a real shellcode you may already have to 0 out a register like ecx(or any other register), so the xorl instruction in the leal shellcode isn't counted. Here's an example:

xorl %eax,%eax
xorl %ebx,%ebx
movb $0x17,%al
int $0x80

xorl %ebx,%ebx
leal 0x17(%ebx),%al
int $0x80

Both of these shellcodes call setuid(0), but one does it in 7 bytes while the other does it in 8. Again, I hear you saying but that's only one byte it doesn't make that much of a difference, and you're right, here it doesn't make much of a difference(except for in shellcode-size pissing contests =p), but when applied to much larger shellcodes, which have many function calls and need to do things like this frequently, it can save quite a bit of space.



Conclusion

I hope you all learned something, and will go out and apply your knowledge to create smaller and better shellcodes. If you know who invented the leal technique, please tell me and I will credit him/her.

A Novice's Guide To Hacking

This file is an addendum to "A Novice's Guide To Hacking" written by "The
Mentor". The word "hacking" is here used the way the non-hacking public
thinks it is used, to mean breaking into somebody else's computer. Its
purpose is to expand and clarify the information about the TOPS-20 operating
system, which runs on DECsystem-20 mainframes. The Mentor basically lumped
this system in with TOPS-10 and didn't note important differences between the
two. I will here reproduce in full what The Mentor had to say about TOPS-10
and about VMS, which are the parent and the offspring of TOPS-20.

VMS- The VAX computer is made by Digital Equipment Corporation (DEC),
and runs the VMS (Virtual Memory System) operating system.
VMS is characterized by the 'Username:' prompt. It will not tell
you if you've entered a valid username or not, and will disconnect
you after three bad login attempts. It also keeps track of all
failed login attempts and informs the owner of the account next time
s/he logs in how many bad login attempts were made on the account.
It is one of the most secure operating systems around from the
outside, but once you're in there are many things that you can do
to circumvent system security. The VAX also has the best set of
help files in the world. Just type HELP and read to your heart's
content.
Common Accounts/Defaults: [username: password [[,password]] ]
SYSTEM: OPERATOR or MANAGER or SYSTEM or SYSLIB
OPERATOR: OPERATOR
SYSTEST: UETP
SYSMAINT: SYSMAINT or SERVICE or DIGITAL
FIELD: FIELD or SERVICE
GUEST: GUEST or unpassworded
DEMO: DEMO or unpassworded
DECNET: DECNET


DEC-10- An earlier line of DEC computer equipment, running the TOPS-10
operating system. These machines are recognized by their
'.' prompt. The DEC-10/20 series are remarkably hacker-friendly,
allowing you to enter several important commands without ever
logging into the system. Accounts are in the format [xxx,yyy] where
xxx and yyy are integers. You can get a listing of the accounts and
the process names of everyone on the system before logging in with
the command .systat (for SYstem STATus). If you seen an account
that reads [234,1001] BOB JONES, it might be wise to try BOB or
JONES or both for a password on this account. To login, you type
.login xxx,yyy and then type the password when prompted for it.
The system will allow you unlimited tries at an account, and does
not keep records of bad login attempts. It will also inform you
if the UIC you're trying (UIC = User Identification Code, 1,2 for
example) is bad.
Common Accounts/Defaults:
1,2: SYSLIB or OPERATOR or MANAGER
2,7: MAINTAIN
5,30: GAMES

**** note: I'm remembering this stuff from several years ago, and in some
cases my memory may be foggy or stuff may be outdated.

TOPS-20, once you are inside, resembles VMS much more than it resembles
TOPS-10, as far as I know (I'm not really familiar with VMS). From the
outside, it's more like TOPS-10, except that the prompt is a @ instead of a
period. You can enter many commands without logging in, including SYSTAT and
probably FINGER. (Sometimes you can even use the mail program without
logging in.) It is very helpful. Not only does the command HELP lead to
lots of useful information, but anywhere in typing a command you can press ?
and it will tell you what the format of the command expects. For instance,
if you type ? by itself, it will tell you all the words that a command can
begin with. If you type S?, it will tell you all the commands that start
with the letter S. If you type SYSTAT ?, it will tell you the options
available on the systat command. You can use this at any point in any
command. Furthermore, if there is only one possibility (you have typed a
unique abbreviation), you can press Escape and it will finish the word for
you. I'm not sure, but I think TOPS-20 was the system that first introduced
filename completion as well --turning a uniquely abbreviated filename into a
complete name when you press escape, beeping if the abbreviation is not
unique. With command keywords you can leave the abbreviation un-expanded,
with filenames you have to expand it (or type it all in) for it to work.

Use the "Login" command to log in, followed by a username. It will prompt
for a password. Note that a password can be something like 39 characters
long, as can the username itself. TOPS-20 does NOT use numbers like 317,043
for user IDs. (Note that these numbers in TOPS-10 are octal, not decimal.)
Furthermore, the password can contain spaces. So, if somebody wants to make
his password difficult to guess, he can easily do so.

(But sometimes they might get overconfident. I remember a story from
Stanford... Someone asked the large cheese if he would let him know what the
operator password was, and he said "The operator password is currently
unavailable." So the guy tried "currently unavailable" as a password, and
got in. (Which reminds me of the time they got a real bug in the system
there... a head crash caused by an ant on the disk platter.))

In general, TOPS-20 does not limit the number of login attempts, nor does it
keep a record of bad tries. However, it is not difficult for the local
management to add such measures, or others such as a delay of several seconds
after each attempt. And unlike Unix, it is difficult to evade these even
once you're in. Without heavy in-depth knowledge, you can't test a username-
password combination except through a system call, which will enforce delays
and limited failures and such against password-trying programs.

So, TOPS-20 is easy to defend against the "database hack", in which you try
many different common passwords with many different usernames. (Unix is
much more vulnerable to this.) But any particular system, especially a lax
one like a college machine (DEC is always popular in academia), might have
little defense here. But you might not know how much defense until too late.

Do try the GUEST username.

But TOPS-20 can be very vulnerable to trojan horses. See, there's this thing
called the Wheel bit. A username that has the Wheel property can do anything
the system operator can do, such as ignore file protection masks, edit the
disks at the track/sector level, change any area of memory... On Unix, only
one user, the superuser, can read and write protected files. On TOPS-20, any
user can do these things from any terminal, if the Wheel attribute is set in
his user data. Some campus computers tend to accumulate excess trusted users
with wheel bits, and have to periodically prune away the unnecessary ones.

The thing is that a wheel can do these things without knowing that he has
done them. Normally the privileged commands are deactivated. But a program
run by a wheel can activate the privileges, do anything it wants, cover its
tracks, and deactivate them without the user ever being the wiser. So if you
can get any wheel user to run any program you wrote, such as a game or small
utility... there's no limit to what you can do. In particular, you can
create a new username, and make it a wheel. Or you can simply ask the system
outright for someone's password, if I'm not mistaken. (All this requires
access to TOPS-20 programming manuals, but some of the necessary material
should be available on line.) You cannot actually conceal this creation, as
far as I know... but maybe with sophisticated enough knowledge you could
make it not immediately apparent... Anyway, once you get that far in, you can
probably keep one step ahead of them for a while... If they erase your new
accounts, you can use the passwords to old ones... They can change all of
the wheel passwords, but a lot of the regular users won't change for some
time... You could even lock the operators out of their own system by
changing all their passwords for them, if you were crazy enough, perhaps
forcing them to shut the machine down to regain control of it. They might
even have to restore stuff from tape backup.

Even if you don't wedge your way into secret stuff, a TOPS-20 system can be
fun to explore. It's much more novice-friendly than most systems, and much
more hacker-friendly as well. I think the ascendency of Unix as the least-
common-denominator OS that everybody can agree on is a definite loss,
compared to TOPS-20.

250+ Tech books online

1
10 minute guide to lotus notes mail 4.5
http://www.parsian.net/set1252/pages/books.htm

2
10 minute guide to Microsoft exchange 5.0
http://www.parsian.net/set1252/pages/books.htm

3
10 minute guide to outlook 97
http://www.parsian.net/set1252/pages/books.htm

4
10 minute guide to schedule+ for windows 95
http://www.parsian.net/set1252/pages/books.htm

5
ActiveX programming unleashed
http://www.parsian.net/set1252/pages/books.htm

6
ActiveX programming unleashed
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

7
Advanced perl programming
http://www.hk8.org/old_web/

8
Advanced PL/SQL programming with packages
http://www.hk8.org/old_web/

9
Adventure in Prolog/AMZI
www.oopweb.com

10
Algorithms CMSC251/Mount, David
www.oopweb.com

11
Alison Balter's Mastering Access 95 development, premier ed.
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

12
Apache : The definitive guide, 3rd.ed.
http://www.hk8.org/old_web/

13
Beej's guide to network programming/Hall, Brain
www.oopweb.com

14
Beyond Linux from Scratch/BLFS Development Team
http://book.onairweb.net/computer/os/linux/Administration/Beyond_Linux_From_Scratch/

15
Borland C++ builder unleashed
http://www.parsian.net/set1252/pages/books.htm

16
Building an intranet with windows NT 4
http://www.parsian.net/set1252/pages/books.htm

17
Building an Intranet with Windows NT 4
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

18
Building expert systems in prolog/AMZI
www.oopweb.com

19
C programming language
http://book.onairweb.net/computer/pl/C/The_C_Programming_Language_by_K&R/

20
C Programming/Holmes, Steven
www.oopweb.com

21
C++ Annotations
www.oopweb.com

22
CGI developer's guide
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

23
CGI manual of style
http://www.parsian.net/set1252/pages/books.htm

24
CGI manual of style online
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

25
CGI programming
http://www.hk8.org/old_web/

26
CGI programming unleashed
http://www.parsian.net/set1252/pages/books.htm

27
CGI programming with Perl, 2nd.ed.
http://www.hk8.org/old_web/

28
Charlie Calvert's Borland C++ builder unleashed
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

29
Client/server computing, 2nd.ed.
http://www.parsian.net/set1252/pages/books.htm

30
Client-server computing, 2nd.ed.
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

31
Common LISP, the language/Steele, Guy
www.oopweb.com

32
Compilers and compiler generators : an introduction with C++/Terry, P.D.
www.oopweb.com

33
Complete idiot's guide to creating HTML webpage
http://www.parsian.net/set1252/pages/books.htm

34
Computer graphics CMSC 427/Mount, David
www.oopweb.com

35
Configuring and troubleshooting the windows NT/95 registry
http://www.parsian.net/set1252/pages/books.htm

36
Creating commercial websites
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

37
Creating web applets with Java
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

38
Crystal Reports.NET
http://www.crystalreportsbook.com/Chapters.asp

39
Curious about the internet
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

40
Curious about the internet?
http://www.parsian.net/set1252/pages/books.htm

41
Dan appleman's developing activeX components with Visual Basic 5
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

42
Dan appleman's developing activex components with Visual Basic 5.0
http://www.parsian.net/set1252/pages/books.htm

43
Data structures CMSC420/Mount, David
www.oopweb.com

44
Database developer's guide with visual basic 4, 2nd.ed.
http://www.parsian.net/set1252/pages/books.htm

45
Database developer's guide with Visual Basic 4, 2nd.ed.
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

46
Database developer's guide with Visual C++ 4, 2nd.ed.
http://www.parsian.net/set1252/pages/books.htm

47
Database developer's guide with Visual C++ 4, 2nd.ed.
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

48
Design and analysis of computer algorithms CMSC451/Mount, David
www.oopweb.com

49
Designing implementing Microsoft internet information server
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

50
Designing implementing Microsoft proxy server
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

51
Developing for netscape one
http://www.parsian.net/set1252/pages/books.htm

52
Developing intranet applications with java
http://www.parsian.net/set1252/pages/books.htm

53
Developing personal oracle 7 for windows 95 applications
http://www.parsian.net/set1252/pages/books.htm

54
Developing personal Oracle 7 for windows 95 applications
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

55
Developing professional java applets
http://www.parsian.net/set1252/pages/books.htm

56
Developing professional java applets
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

57
DNS and BIND
http://www.hk8.org/old_web/

58
Doing objects with VB.NET and C#
http://vbwire.com/nl?6814

59
EAI/BPM Evaluation Series: IBM WebSphere MQ Workflow v3.3.2 & EAI Suite by
> Middleware Technology Evaluation Series, Phong Tran & Jeffrey Gosper
http://www.cmis.csiro.au/mte/reports/BPM_IBMwebsphereMQ332.htm

60
Effective AWK programming
http://book.onairweb.net/computer/os/shell/Effective_AWK_Programming/

61
Enterprise javabeans, 2nd.ed.
http://www.hk8.org/old_web/

62
Exploring java
http://www.hk8.org/old_web/

63
GNOME/Sheets, John
www.oopweb.com

64
Graph theory/Prof. Even
www.oopweb.com

65
Hacking java
http://www.parsian.net/set1252/pages/books.htm

66
How intranets work
http://www.parsian.net/set1252/pages/books.htm

67
How intranets work
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

68
How to program visual basic 5.0
http://www.parsian.net/set1252/pages/books.htm

69
How to use HTML 3.2
http://www.parsian.net/set1252/pages/books.htm

70
Html : The definitive guide
http://www.hk8.org/old_web/

71
HTML 3.2 & CGI unleashed
http://www.parsian.net/set1252/pages/books.htm

72
HTML 3.2 and CGI professional reference edition unleashed
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

73
HTML by example
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

74
Internet firewall
http://www.hk8.org/old_web/

75
Intranets unleashed
http://www.parsian.net/set1252/pages/books.htm

76
Introduction to object-oriented programming using C++/Muller, Peter
www.oopweb.com

77
Introduction to programming using Java/Eck, David
www.oopweb.com

78
Introduction to socket programming
http://book.onairweb.net/computer/network/An_Introduction_to_Socket_Programming/

79
Java 1.1 unleashed
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

80
Java 1.1 unleashed, 2nd.ed.
http://www.parsian.net/set1252/pages/books.htm

81
Java 1.1 unleashed, 3rd.ed.
http://www.parsian.net/set1252/pages/books.htm

82
Java 114 documentation
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

83
Java AWT reference
http://www.hk8.org/old_web/

84
Java by example
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

85
Java developer's guide
http://www.parsian.net/set1252/pages/books.htm

86
Java developer's guide
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

87
Java developer's reference
http://www.parsian.net/set1252/pages/books.htm

88
Java developer's reference
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

89
Java Distributed computing
http://www.hk8.org/old_web/

90
Java enterprise
http://www.hk8.org/old_web/

91
Java enterprise in a nutshell
http://www.hk8.org/old_web/

92
Java foundation classes in a nutshell
http://www.hk8.org/old_web/

93
Java fundamental classes reference
http://www.hk8.org/old_web/

94
Java in a nutshell
http://www.hk8.org/old_web/

95
Java in a nutshell, 3rd.ed.
http://www.hk8.org/old_web/

96
Java language reference
http://www.hk8.org/old_web/

97
Java security
http://www.hk8.org/old_web/

98
Java servlet programming
http://www.hk8.org/old_web/

99
Java unleashed
http://www.parsian.net/set1252/pages/books.htm

100
Java unleashed
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

101
Java, 2nd.ed.
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

102
_JavaScript : the definitive guide
http://www.hk8.org/old_web/

103
_Javascript manual of style
http://www.parsian.net/set1252/pages/books.htm

104
_Javascript manual of style
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

105
Josh's GNU Linux Guide/Joshua
http://book.onairweb.net/computer/os/linux/Administration/Josh's_GNU_Linux_Guide/

106
Late night activex
http://www.parsian.net/set1252/pages/books.htm

107
Late night activeX
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

108
Laura lemay's 3D graphics in and VRML 2
http://www.parsian.net/set1252/pages/books.htm

109
Laura lemay's activex and _VBScript
http://www.parsian.net/set1252/pages/books.htm

110
Laura lemay's graphics and web page design
http://www.parsian.net/set1252/pages/books.htm

111
Laura lemay's guide to sizzling websites design
http://www.parsian.net/set1252/pages/books.htm

112
Laura lemay's _javascript 1.1
http://www.parsian.net/set1252/pages/books.htm

113
Laura lemay's web workshop activex and _VBScript
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

114
Laura lemay's web workshop Graphics web page design
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

115
Laura lemay's web workshop _javascript
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

116
Learning perl
http://www.hk8.org/old_web/

117
Learning perl on win32
http://www.hk8.org/old_web/

118
Learning the kornshell
http://www.hk8.org/old_web/

119
Learning unix
http://www.hk8.org/old_web/

120
Learning vi
http://www.hk8.org/old_web/

121
Linux from Scratch/Beekmans, Gerard
http://book.onairweb.net/computer/os/linux/Administration/Linux_From_Scratch/

122
Linux in a nutshell, 3rd.ed.
http://www.hk8.org/old_web/

123
Linux kernel/Rusling, David
www.oopweb.com

124
Linux network administrator's guide/Dawson, Terry
www.oopweb.com

125
Linux system administrator's survival guide
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

126
MAPI, SAPI and TAPI developer's guide
http://www.parsian.net/set1252/pages/books.htm

127
Mastering access 95 development
http://www.parsian.net/set1252/pages/books.htm

128
Microsoft access 97 quick reference
http://www.parsian.net/set1252/pages/books.htm

129
Microsoft access 97 quick reference
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

130
Microsoft backoffice 2 unleashed
http://www.parsian.net/set1252/pages/books.htm

131
Microsoft excel 97 quick reference
http://www.parsian.net/set1252/pages/books.htm

132
Microsoft excel 97 quick reference
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

133
Microsoft exchange server survival guide
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

134
Microsoft frontpage unleashed
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

135
Microsoft word 97 quick reference
http://www.parsian.net/set1252/pages/books.htm

136
Microsoft word 97 quick reference
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

137
Microsoft works 4.5 6-In-1
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

138
More than 100 full-text e-books
http://www.allfreetech.com/EBookCategory.asp

139
Ms backoffice administrator's survival guide
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

140
Ms backoffice unleashed
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

141
Mysql and msql
http://www.hk8.org/old_web/

142
Netscape plug-ins developer's kit
http://www.parsian.net/set1252/pages/books.htm

143
Official gamelan java directory
http://www.parsian.net/set1252/pages/books.htm

144
Oracle built-in packages
http://www.hk8.org/old_web/

145
Oracle PL/SQL built-in pocket reference
http://www.hk8.org/old_web/

146
Oracle PL/SQL language pocket reference
http://www.hk8.org/old_web/

147
Oracle PL/SQL programming guide to Oracle 8 features
http://www.hk8.org/old_web/

148
Oracle PL/SQL programming, 2nd.ed.
http://www.hk8.org/old_web/

149
Oracle unleashed
http://www.parsian.net/set1252/pages/books.htm

150
Oracle unleashed
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

151
Oracle web applications PL/SQL developer's introduction
http://www.hk8.org/old_web/

152
Patterns of enterprise application architecture/Fowler, Martin
http://www.awprofessional.com/catalog/product.asp?product_id={574D77DF-6ED2-BC5-A6A8-02E59CA7482D}

153
PC week : the intranet advantage
http://www.parsian.net/set1252/pages/books.htm

154
Perl 5 by example
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

155
Perl 5 quick reference
http://www.parsian.net/set1252/pages/books.htm

156
Perl 5 unleashed
http://www.parsian.net/set1252/pages/books.htm

157
Perl 5.0 CGI web pages
http://www.parsian.net/set1252/pages/books.htm

158
Perl cookbook
http://www.hk8.org/old_web/

159
Perl for system administration
http://www.hk8.org/old_web/

160
Perl in a nutshell
http://www.hk8.org/old_web/

161
Perl quick reference
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

162
Peter norton's complete guide to windows NT 4 workstations
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

163
Presenting activex
http://www.parsian.net/set1252/pages/books.htm

164
Presenting activex
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

165
Presenting javabeans
http://www.parsian.net/set1252/pages/books.htm

166
Presenting javabeans
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

167
Programming perl
http://www.hk8.org/old_web/

168
Programming perl, 3rd.ed.
http://www.hk8.org/old_web/

169
Programming the Perl DBI
http://www.hk8.org/old_web/

170
Red hat linux unleashed
http://www.parsian.net/set1252/pages/books.htm

171
Running a perfect intranet
http://www.parsian.net/set1252/pages/books.htm

172
Running Linux, 3rd.ed.
http://www.hk8.org/old_web/

173
Sams teach yourself java 1.1 in 24 hours/
http://book.onairweb.net/computer/sams/Sams_Teach_Yourself_Java_1.1_Programming_in_24_Hours

174
Sams Teach yourself java in 21 days/Lemay, Laura
http://book.onairweb.net/computer/sams/Sams_Teach_Yourself_Java_in_21_Days/

175
Sams teach yourself linux in 24 hours/Ball, Bill
http://book.onairweb.net/computer/sams/Sams_Teach_Yourself_Linux_in_24%20Hours/

176
Sams teach yourself shell programming in 24 hours
http://book.onairweb.net/computer/sams/Sams_Teach_Yourself_Shell_Programming_in_24_Hours/

177
Sams teach yourself TCP/IP in 14 days
http://book.onairweb.net/computer/sams/Sams_Teach_Yourself_TCP-IP_in_14_Days(SE)/

178
Sed and awk
http://www.hk8.org/old_web/

179
Sendmail
http://www.hk8.org/old_web/

180
Sendmail desktop reference
http://www.hk8.org/old_web/

181
Slackware linux unleashed
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

182
Special edition using java, 2nd.ed.
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

183
Special edition using _javascript
http://www.parsian.net/set1252/pages/books.htm

184
Special edition using _javascript
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

185
Special edition using _Jscript
http://www.parsian.net/set1252/pages/books.htm

186
Special edition using lotus notes and domino 4.5
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

187
Special edition using Microsoft SQL server 6.5, 2nd.ed.
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

188
Special edition using Microsoft visual Interdev
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

189
Special edition using perl 5 for web programming
http://www.parsian.net/set1252/pages/books.htm

190
Special edition using perl for web programming
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

191
Special edition using Visual Basic 4
http://www.parsian.net/set1252/pages/books.htm

192
TCP/IP
http://www.hk8.org/old_web/

193
Teach yourself activex programming in 21 days
http://www.parsian.net/set1252/pages/books.htm

194
Teach yourself C++ in 21 days
http://www.parsian.net/set1252/pages/books.htm

195
Teach yourself C++ in 21 days
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

196
Teach yourself CGI programming with Perl 5 in a week
http://www.parsian.net/set1252/pages/books.htm

197
Teach yourself database programming with VB5 in 21 days, 2nd.ed.
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

198
Teach yourself database programming with visual basic 5 in 21 days
http://www.parsian.net/set1252/pages/books.htm

199
Teach yourself HTML 3.2 in 24 hours
http://www.parsian.net/set1252/pages/books.htm

200
Teach yourself HTML 3.2 in 24 hours
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

201
Teach yourself internet game programming with java in 21 days
http://www.parsian.net/set1252/pages/books.htm

202
Teach yourself java 1.1 programming in 24 hours
http://www.parsian.net/set1252/pages/books.htm

203
Teach yourself jave in café in 21 days
http://www.parsian.net/set1252/pages/books.tm

204
Teach yourself Microsoft visual Interdev in 21 days
http://www.parsian.net/set1252/pages/books.htm

205
Teach yourself Microsoft visual Interdev in 21 days
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

206
Teach yourself oracle 8 in 21 days
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

207
Teach yourself perl 5 in 21 days
http://www.parsian.net/set1252/pages/books.htm

208
Teach yourself perl 5 in 21 days, 2nd.ed.
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

209
Teach yourself SQL in 21 days
http://www.parsian.net/set1252/pages/books.htm

210
Teach yourself SQL in 21 days, 2nd.ed.
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

211
Teach yourself TCP/IP in 14 days
http://www.parsian.net/set1252/pages/books.htm

212
Teach yourself TCP/IP in 14 days, 2nd.ed.
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

213
Teach yourself the Internet in 24 hours
http://www.parsian.net/set1252/pages/books.htm

214
Teach yourself the internet in 24 hours
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

215
Teach yourself _VBScript in 21 days
http://www.parsian.net/set1252/pages/books.htm

216
Teach yourself _VBScript in 21 days
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

217
Teach yourself visual basic 5 in 24 hours
http://www.parsian.net/set1252/pages/books.htm

218
Teach yourself Visual Basic 5 in 24 hours
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

219
Teach yourself Visual J++ in 21 days
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

220
Teach yourself web publishing with HTML 3.2 in 14 days
http://www.parsian.net/set1252/pages/books.htm

221
Teach yourself web publishing with HTML in 14 days
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

222
Thinking in C++
http://www.mindview.net/Books

223
Thinking in C++/Eckel, Bruce - Vol.I, 2nd.ed.
www.oopweb.com

224
Thinking in C++/Eckel, Bruce - Vol.II, 2nd.ed.
www.oopweb.com

225
Thinking in Enterprise Java
http://www.mindview.net/Books

226
Thinking in Java, 2nd.ed.
www.oopweb.com

227
Thinking in Java, 3rd.ed. (pdf)
http://www.mindview.net/Books

228
Tricks of the internet gurus
http://www.parsian.net/set1252/pages/books.htm

229
Tricks of the java programming gurus
http://www.parsian.net/set1252/pages/books.htm

230
Unix and internet security
http://www.hk8.org/old_web/

231
Unix hints and hacks/Waingrow, Kirk
http://book.onairweb.net/computer/os/unix/Administration/UNIX_Hints_&_Hacks/19270001..htm

232
Unix in a nutshell
http://www.hk8.org/old_web/

233
Unix kornshell quick reference
http://book.onairweb.net/computer/os/shell/Unix_KornShell_Quick_Reference/kornShell.html

234
Unix power tools
http://www.hk8.org/old_web/

235
Unix shell guide
http://book.onairweb.net/computer/os/shell/The_UNIX_Shell_Guide/

236
Unix unleashed
http://www.parsian.net/set1252/pages/books.htm

237
Unix unleashed
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

238
Unix unleashed Internet Ed./Burk, Robin
http://book.onairweb.net/computer/os/unix/Administration/UNIX_Unleashed(Internet_Edition)/fm.htm

239
Unix unleashed, System administrator's Edition
http://book.onairweb.net/computer/os/unix/Administration/UNIX_Unleashed_System_Administrator's_Edition/toc.htm

240
Unix Unleashed/Sams Publication
http://book.onairweb.net/computer/os/unix/Administration/UNIX_Unleashed/

241
Upgrading PCs illustrated
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

242
Using windows NT workstation 4.0
http://www.parsian.net/set1252/pages/books.htm

243
_VBScript unleashed
http://www.parsian.net/set1252/pages/books.htm

244
_Vbscript unleashed
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

245
Visual basic 4 in 12 easy lessons
http://www.parsian.net/set1252/pages/books.htm

246
Visual basic 4 unleashed
http://www.parsian.net/set1252/pages/books.htm

247
Visual Basic 5 night school
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

248
Visual basic programming in 12 easy lessons
http://www.parsian.net/set1252/pages/books.htm

249
Visual Basic programming in 12 easy lessons
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

250
Visual C++ 4 unleashed
http://www.parsian.net/set1252/pages/books.htm

251
Visual C++ programming in 12 easy lessons
http://www.parsian.net/set1252/pages/books.htm

252
Web database developer's guide with visual basic 5
http://www.parsian.net/set1252/pages/books.htm

253
Web database developer's guide with visual basic 5
http://www.emu.edu.tr/english/facilitiesservices/computercenter/bookslib/

254
Web programming desktop reference 6-in-1
http://www.parsian.net/set1252/pages/books.htm

20 Great Google Secrets

20 Great Google Secrets



http://www.pcmag.com/article2/0,4149,1306756,00.asp

excl.gif No Active Links, Read the Rules - Edit by Ninja excl.gif



Google is clearly the best general-purpose search engine on the Web (see

www.pcmag.com/searchengines

But most people don't use it to its best advantage. Do you just plug in a keyword or two and hope for the best? That may be the quickest way to search, but with more than 3 billion pages in Google's index, it's still a struggle to pare results to a manageable number.

But Google is an remarkably powerful tool that can ease and enhance your Internet exploration. Google's search options go beyond simple keywords, the Web, and even its own programmers. Let's look at some of Google's lesser-known options.

Syntax Search Tricks

Using a special syntax is a way to tell Google that you want to restrict your searches to certain elements or characteristics of Web pages. Google has a fairly complete list of its syntax elements at

www.google.com/help/operators.html

. Here are some advanced operators that can help narrow down your search results.

Intitle: at the beginning of a query word or phrase (intitle:"Three Blind Mice") restricts your search results to just the titles of Web pages.

Intext: does the opposite of intitle:, searching only the body text, ignoring titles, links, and so forth. Intext: is perfect when what you're searching for might commonly appear in URLs. If you're looking for the term HTML, for example, and you don't want to get results such as

www.mysite.com/index.html

, you can enter intext:html.

Link: lets you see which pages are linking to your Web page or to another page you're interested in. For example, try typing in

link:http://www.pcmag.com


Try using site: (which restricts results to top-level domains) with intitle: to find certain types of pages. For example, get scholarly pages about Mark Twain by searching for intitle:"Mark Twain"site:edu. Experiment with mixing various elements; you'll develop several strategies for finding the stuff you want more effectively. The site: command is very helpful as an alternative to the mediocre search engines built into many sites.

Swiss Army Google

Google has a number of services that can help you accomplish tasks you may never have thought to use Google for. For example, the new calculator feature

(www.google.com/help/features.html#calculator)

lets you do both math and a variety of conversions from the search box. For extra fun, try the query "Answer to life the universe and everything."

Let Google help you figure out whether you've got the right spelling—and the right word—for your search. Enter a misspelled word or phrase into the query box (try "thre blund mise") and Google may suggest a proper spelling. This doesn't always succeed; it works best when the word you're searching for can be found in a dictionary. Once you search for a properly spelled word, look at the results page, which repeats your query. (If you're searching for "three blind mice," underneath the search window will appear a statement such as Searched the web for "three blind mice.") You'll discover that you can click on each word in your search phrase and get a definition from a dictionary.

Suppose you want to contact someone and don't have his phone number handy. Google can help you with that, too. Just enter a name, city, and state. (The city is optional, but you must enter a state.) If a phone number matches the listing, you'll see it at the top of the search results along with a map link to the address. If you'd rather restrict your results, use rphonebook: for residential listings or bphonebook: for business listings. If you'd rather use a search form for business phone listings, try Yellow Search

(www.buzztoolbox.com/google/yellowsearch.shtml).




Extended Googling

Google offers several services that give you a head start in focusing your search. Google Groups

(http://groups.google.com)

indexes literally millions of messages from decades of discussion on Usenet. Google even helps you with your shopping via two tools: Froogle
CODE
(http://froogle.google.com),

which indexes products from online stores, and Google Catalogs
CODE
(http://catalogs.google.com),

which features products from more 6,000 paper catalogs in a searchable index. And this only scratches the surface. You can get a complete list of Google's tools and services at

www.google.com/options/index.html

You're probably used to using Google in your browser. But have you ever thought of using Google outside your browser?

Google Alert

(www.googlealert.com)

monitors your search terms and e-mails you information about new additions to Google's Web index. (Google Alert is not affiliated with Google; it uses Google's Web services API to perform its searches.) If you're more interested in news stories than general Web content, check out the beta version of Google News Alerts

(www.google.com/newsalerts).

This service (which is affiliated with Google) will monitor up to 50 news queries per e-mail address and send you information about news stories that match your query. (Hint: Use the intitle: and source: syntax elements with Google News to limit the number of alerts you get.)

Google on the telephone? Yup. This service is brought to you by the folks at Google Labs

(http://labs.google.com),

a place for experimental Google ideas and features (which may come and go, so what's there at this writing might not be there when you decide to check it out). With Google Voice Search

(http://labs1.google.com/gvs.html),

you dial the Voice Search phone number, speak your keywords, and then click on the indicated link. Every time you say a new search term, the results page will refresh with your new query (you must have JavaScript enabled for this to work). Remember, this service is still in an experimental phase, so don't expect 100 percent success.

In 2002, Google released the Google API (application programming interface), a way for programmers to access Google's search engine results without violating the Google Terms of Service. A lot of people have created useful (and occasionally not-so-useful but interesting) applications not available from Google itself, such as Google Alert. For many applications, you'll need an API key, which is available free from
CODE
www.google.com/apis

. See the figures for two more examples, and visit

www.pcmag.com/solutions

for more.

Thanks to its many different search properties, Google goes far beyond a regular search engine. Give the tricks in this article a try. You'll be amazed at how many different ways Google can improve your Internet searching.


Online Extra: More Google Tips


Here are a few more clever ways to tweak your Google searches.

Search Within a Timeframe

Daterange: (start date–end date). You can restrict your searches to pages that were indexed within a certain time period. Daterange: searches by when Google indexed a page, not when the page itself was created. This operator can help you ensure that results will have fresh content (by using recent dates), or you can use it to avoid a topic's current-news blizzard and concentrate only on older results. Daterange: is actually more useful if you go elsewhere to take advantage of it, because daterange: requires Julian dates, not standard Gregorian dates. You can find converters on the Web (such as

CODE
http://aa.usno.navy.mil/data/docs/JulianDate.html

excl.gif No Active Links, Read the Rules - Edit by Ninja excl.gif


), but an easier way is to do a Google daterange: search by filling in a form at

www.researchbuzz.com/toolbox/goofresh.shtml or www.faganfinder.com/engines/google.shtml

. If one special syntax element is good, two must be better, right? Sometimes. Though some operators can't be mixed (you can't use the link: operator with anything else) many can be, quickly narrowing your results to a less overwhelming number.

More Google API Applications

Staggernation.com offers three tools based on the Google API. The Google API Web Search by Host (GAWSH) lists the Web hosts of the results for a given query

(www.staggernation.com/gawsh/).

When you click on the triangle next to each host, you get a list of results for that host. The Google API Relation Browsing Outliner (GARBO) is a little more complicated: You enter a URL and choose whether you want pages that related to the URL or linked to the URL

(www.staggernation.com/garbo/).

Click on the triangle next to an URL to get a list of pages linked or related to that particular URL. CapeMail is an e-mail search application that allows you to send an e-mail to google@capeclear.com with the text of your query in the subject line and get the first ten results for that query back. Maybe it's not something you'd do every day, but if your cell phone does e-mail and doesn't do Web browsing, this is a very handy address to know.