Saturday, August 1, 2009



To find eBook in FTP Search, visit one of this website

e.g. if you want to search " Sams Teach Yourself " just type Teach Yourself, you will have some eBooks in some FTP servers.

also can be found with specific format (e.g. PDF & CHM)

Running A Board forum From Your Own Pc

Running A Board forum From Your Own Pc

If you wish to install php and mysql to run a phpBB installation on your computer, first you will need installers. Most of you have windows, so I recommend FoxServ. This is a great program that installs php, mysql, and more on your windows machine in under a minute, excluding download time.

Download foxserv 3.0 from

Run the foxserv install program, it is pretty self explanatory, just do what it says.

After you get everything installed, run the foxserv control panel and click the install buttons for everything.

Open winmysql ADMIN. Create a new username and pass at start-up, and then create a new database, the one you will be using for your phpBB installation.

Now download phpBB 2.0.x from, or download phpBBplus from

Unzip the phpBB2 folder into C:\Foxserv\www\

After you have done such, visit http://localhost/phpBB2/ to view your install page. enter the correct information.
database name: the name of the database you created.
database username: username you created
database password: password you created

then enter your email information and everything else as it should be. Now delete the install and contrib directories from the phpBB2 folder on your computer.

Voila! All set up. If you want to have other people view your site, then you need a forwarding service. I have a dynamic IP, so I use Register an account there and follow all of their instructions if you have a dynamic IP. Now you should visit to make sure everything worked.

Also, windows xp users BE SURE TO INSTALL SERVICE PACK 1. SP1 fixes critical incompatibility issues with the apache 2.x server that prevents it from using php correctly. If you do not have service pack one, php pages will load incorrectly or not at all on your webserver.

I posted this because I was fed up with trying to find a host that supports php and mysql and doesnt have any ads on it.

NOTE: You wont get any HOST that will allows you WAREZ, then you can use your own pc as your own HOST

another program that works well is phpdev5 i have used it for a long time. and another site to register a dns name is it gives you better names, for example mine is http://shag.kicks-*

Securing your WINDOWS XP computer

Do you work in a corporate environment where you don't appreciate your co-workers or boss having access to your comp and private files when you are not around?

You can provide added level of security to your WINDOWS XP System. This is called securing your Windows XP accounts database. You can store all information related to your accounts in a encrypted form on a floppy disk. What this would do is that if You do not have access to your floppy disk, You can not access the system. I am not sure You realized what I just said ! Even if You know your userid/password, You will not be able to access the system unless and until You have this startup disk.

The process of generating this secure startup floppy disk is simple. Go to START-RUN and type syskey. You will see a window come up. Click on Upgrade command button. You would see another window popping up which will give You the option of storing the encrypted accounts database either locally or on your floppy disk. Choose floppy disk and click OK and let the process complete. You are done.

Next time You reboot the computer and get to the logon prompt, make sure that You have the floppy disk available in A: drive else You can not log on.

Regedit.exe & Regedt32.exe, Whats the difference

Have you ever noticed that there are two versions of the Registry Editor on your computer? Ever wondered why? Well let me just give you a little insight!

It all depends on your Operating System. If you have Windows 2000 :


Regedit.exe is included with Windows NT 4.0 and Windows 2000 primarily for its search capability. You can use Regedit.exe to make changes in the Windows NT 4.0 and Windows 2000 registry, but you cannot use it to view or edit all functions or data types on Windows NT 4.0 and Windows 2000.

The following limitations exist in the Regedit.exe version that is included with Windows NT 4.0 and Windows 2000:

You cannot set the security for registry keys.
You cannot view, edit, or search the value data types <>REG_EXPAND_SZ and <>REG_MULTI_SZ. If you try to view a <>REG_EXPAND_SZ value, Regedit.exe displays it as a binary data type. If you try to edit either of these data types, Regedit.exe saves it as <>REG_SZ, and the data type no longer performs its intended function.
You cannot save or restore keys as hive files.
Microsoft recommends that you use Regedit.exe only for its search capabilities on a Windows NT 4.0-based or Windows 2000-based computer.


Regedt32.exe is the configuration editor for Windows NT 4.0 and Windows 2000. Regedt32.exe is used tomodify the Windows NT configuration database, or the Windows NTregistry. This editor allows you to view or modify the Windows NT registry.The editor provides views of windows that represent sections of theregistry, named hives. Each window displays two sections. On the leftside, there are folders that represent registry keys. On the right side,there are the values associated with the selected registry key. Regedt32 isa powerful tool, and you must use it with extreme caution when you changeregistry values. Missing or incorrect values in the registry can make theWindows installation unusable.

Note: Unlike Regedit.exe, Regedt32.exe does not support importing and exporting registration entries (.reg) files.

Or..Windows XP and Windows Server 2003


Regedit.exe is the configuration editor for Windows XP and Windows Server 2003. Regedit.exe is used tomodify the Windows NT configuration database, or the Windows NTregistry. This editor allows you to view or modify the Windows NT registry. It supports setting security on registry keys, viewing and editing <>REG_EXPAND_SZ and <>REG_MULTI_SZ, and saving and restoring hive files.On the leftside, there are folders that represent registry keys. On the right side,there are the values associated with the selected registry key. Regedit isa powerful tool. You must use extreme caution when you use it to changeregistry values. Missing or incorrect values in the registry can make theWindows installation unusable.


In Windows XP and Windows Server 2003, Regedt32.exe is a small program that just runs Regedit.exe.



Overclocking takes on 3 forms:
First, is the casual overclocking, easy, and anyone can do it.
Second, is the right way to overclock, taking into account, everything.
Third, if you want serious power, your gonna need to be savy to what does what.

The casual overclocker gains about 5% increase, and really doesn't see any benefit from this, whilst it makes you feel good, no serious damage can be made, by upping the FSB a little, or changing your multiplier, only thing is, you want more.

The correct way to overclock, is to start looking at your system, check the motherboard specs, PSU, amount of harddrives, CD ROMS etc. (high end systems, including the lastest graphic cards will need serious power).

Lets take a base system like my old system setup:

AMD XP1700+ ( Thoroughbred JIUHB DLT3C )
Core Voltage = 1.50v
Maximum Die Temp = 90c
FSB = 266Mhz
(factory unlocked)

Jetway K266B KT266 chipset
DDR + SDR RAM (not together)
No onboard RAID

DDR RAM = Dane Elec PC2700 DDR (333Mhz)
Not registered

2 Hard drvies
1 CD Writer & 1 DVD ROM drive

2 LAN cards

1 PCI soundcard
(onboard sound turned off).

Now, lets look at what they can do:
The Thoroughbred is still the top processor for overclocking, Thunderbirds are just not upto it, even though they are capable of some really decent speeds, same as the Palamino, not to mention the Barton's (these are not what they have been made up to be).
(for the purpose of space, I'll not go into unlocking your CPU)

As you can see, my Thoroughbred has a core voltage of 1.5v, and as my motherboard is capable of giving my processor anything upto 1.85v, there is score for more there.
The FSB on my motherboard is capable of a max of 200Mhz (this is the magic number).
Die temps to a max of 90c is good (never been near it, yet!).

Now, to work out your Mhz on your system, or to check your multiplier or FSB, there is a little calculation you'll need to remember, and it's easy:

Your Mhz is worked out by your multiplier timed your FSB.

133x10 = 1.33Ghz

Of course you can devide your Mhz with your known FSB to give you your multiplier etc.

Now for easy, I have the results of my previous unlocking tests handy, so I'll use them, and not the current speeds etc.

Standard Multiplier = 11.0
Overclocked Multiplier = 12.0

Standard Voltage = 1.50v
Overclocked Voltage = 1.52v

Standard FSB = 133Mhz
Overclocked FSB = 136Mhz

Standard Speed = 1467Mhz
Overclocked Speed = 1630Mhz

Standard Temps = CPU = 37c SYSTEM = 32c (idle) CPU = 44c SYSTEM = 36c (under load)
Overclocked Temps = CPU = 34c SYSTEM = 29c (idle) CPU 40c SYSTEM 34c (under load)

As you can see, the system is cooler when overclocked, this is due to having the correct cooling setup, and temps for it when it was standard, was standard cooling setup.

Basically, all I have done, is raised the FSB by 3mhz, the voltage by 0.02v and the multiplier by 1.0, this has given me a 163Mhz increase without over strssing my system, but, here is where it gets teadious:

To achieve this, it took me about a week, and this is how I did it:
I started by lowering the multiplier to 5.0, from there I raised the FSB to its max (at the time, have latest BIOS update for mobo, allowing 200Mhz FSB), 166Mhz, this is the correct way of overclocking.
From there, I started to raise the multiplier one by one, getting it back upto the standard multiplier or higher, checking the stability of the system each time.
(currently I am way passed the 136Mhz FSB, as I am running PC2700 DDR).

One thing to look at though, overclocking using the FSB WILL (unless your system allows you to specify it) mess with your PCI & RAM speeds.
Even raising it by 3Mhz can make your PCI cards to not work, and your RAM to get confused and crash your system.

Now your thinking to yourself 'I can do that' and yes you can, anyone can, but.......
It takes TIME, I can't stress that enough, if your going to try this, then you'll need to run your system for at least 6 hours between changing your multiplier, and as you can imagine, this can take a long time to do.

For your information, I used Hot CPU Tester, SETI & played Vietcong for testing purposes.

Now, for the hard part:

As most experienced overclockers will tell you, heat is your enemy, killing heat is your number 1 aim, don't worry about your speed at first, a 50Mhz increasde isn't gonna make your 3D Mark scream through the roof, actually, you'll probably not even get any better than what you did before.

There are several ways of dispersing heat, and they are:
Pro's: Cheap, effective at lower speeds.
Con's: Noisey, dust collectors, need maintanance.

Pro's: Can lower your CPU by about 10c easily.
Con's: It has water in it, expensive, hard for some to understand.

Pro's: With watercooling, it's the daddy
Con's: ONLY EXPERIENCED PEOPLE NEED TO APPLY, very complicated, power hungry, NOT for the faint hearted. Stupidly expensive.

Upgrading your CPU fan is the first step, there are several companies that offer aftermarket fans, which are better than the OEM fans are 2 a penny in todays world, but it's NOT just about your CPU fan, your system needs to breath, you need to get rid of 'hot spots' within your system.

Its easier than most make out, its a good thing, kit prices can be got from about £120 ($200 US), just make sure they are upgradable, as you might want to add, a Northbridge water block & a GPU water block.
Modern day kits & parts are idiot proof, and will not leak, unless you act like Noah.

Pelter cooling is DANGEROUS, minly for your system, fitting it incorrectly, and you could end up with not only a baked CPU but a system that will end up as a very expensive paperweight.
Ask your local overclocking expert for more info.

Basically, if you can get hold of a decent Thoroughbred cored XP, your in luck (just like me), if its unlocked, then your in business, obviously, its not just down to your CPU, your motherboard and RAM will denote whether you can overclock big style or not.
I'd advise ANYONE thinking of overclocking, to research into it more, weigh up the odds on what they want or need, if your on a buget, DON'T attempt it, things can and do go wrong.
Most of the time, its not about 'mines faster than yours' or massive speed increases, its done by most, cause it can be. 90% of the time, you'd be better off buying a new CPU (as prices are so low), but if you get the urge, then a new world awaits you

great tutorial. this should help the OC noobs. If I can add something like you said know your specs of the mobo....and if you are serious about OC'ing dont go and get some generic NO-NAME ram and some ghetto mobo. to get the best stability go with ASUS and ABIT for the mobo and Crucial, Kingston, mushkin for the ram. A great forum for OC'ing is

Indeed, if you are serious about your overclocking, its advised you only use serious brand names.
Generic parts are always a lower spec, and can easily destroy themselves with even a little stress aimed towards them.

Memory advice, use the folloing:

Kingston (added because of reviews, personally, I'm not sure about them).
Crucial (for Dual Channel DDR ONLY)
PNY (for EEC rated)
Geil (my choice, when I can afford it)

Motherbord advice, use the following:

Asus A7N8X Deluxe nForce2
Asus A7N8X-VM nForce2
Asus A7N8X-X nForce2
Abit KD7-S KT400
Abit KV7 KT600
Abit NF7 v2.0 nForce2
Abit NF7-S v2.0 nForce2
MSI K7N2 Delta-L Nforce2
MSI KT6 Delta-LSR KT600
Epox 8RDA+ nForce2
Epox 8RGA+ nForce2

Any nForce2 motherboard would be best, they allow more score for overclocking your system.

Packet Attacks - Version 1.1, { Packet_Attack_Exlained}


Let me start by saying the internet is full of wonderful tools and papers like this one. Alot of these things can help you
increase your knowledge, perhaps your job or more. But just as easily as you can learn from them, people read into them to
much and decide to harm other peoples work for no apparent reason. Let it be known that is in no way the purpose of this
paper. A true hacker is one who strives to attain the answers for themselves through curiosity. Its the path we take to
those answers that makes us hackers, not destruction of other peoples work. So with that said, please enjoy my work, as I
have enjoyed writing it.

The flow of data has always captured my interest. Just how does it work, how can we dissect it and use it to our advantage.
Well I have spent a long time studying all of this, and that is why I wrote this paper. It's a collection of run on s
entences on different packet attacks and how they work. Now we all know you can learn all you ever wanted to know about the
specifications of a protocol by reading its 30 page RFC document. But that is the protocol according to design, in the wild
its a different story all together. 'Packet Attacks' covers everything from basic DOS attacks to TCP/IP hijacking. Hence the
name "Packet Attacks". This paper also focuses not just on attacks but practical ways to prevent such attacks and ideas on
new methods to help us stop them and secure our networks.

TCP/IP Packet Switching Networks

---Chapter 1.---
Section a.
Introduction to DDOS/DOS & Packet Attacks
Section b.
How attacks are crafted

---Chapter 2.---
Section a. (attacks)
Special Bot / Trojans
Worm DOS
Unicode ping flood (new!)
Section b.
Section c. (hacks)
TCP hijacking
Information gathering / Footprinting
Section d.
Defense against these attacks
Attack Detection
Intrusion Detection
Section e.
NAT as a means of security

---Chapter 3.---
Section a.
The future of TCP/IP as a means of using IPv6

---Chapter 4. ---
Section a.
New security application / protocol


Well I assume most of you reading this paper already have a good understanding of TCP/IP and how it works so I wont get to
much into detail on that, but I will scrape the surface on the parts we NEED to discuss. The internet is a MASSIVE web of
machines all connected to one another through a series of hardware devices known as routers, switches, hubs, bridges and
lots more. All of these devices (although some are smarter then others) push along packets. Our operating systems and
applications craft these packets in order to send data to one another over the wire. Each packet, although varying in size,
carries a small bit of data to and from one host to another. Each packet must also carry its own personal information such
as where it came from and where its headed. Of course there is a lot more to a packet then just this information. But as far
as attacks go this is the crucial information we need to look at. Now there are many many different types of protocols that
craft many different types of packets. And they are all read differently when they are received at the other end. Where as
an ARP packet may tell a host who has this MAC address on this subnet, a TCP packet might transfer the last few bits in that
MP3 your downloading. Regardless the data, all of these packets use the same wire to move to and from locations. I couldn't
possibly discuss every protocol and packet structure in this one paper. The average end user takes for granted all of this
running in the background while they surf the net. Most people dont understand the complexity of this internet we are all so
familiar with, the chat rooms etc. But there are people who do, and there are people who take advantage of that. Reverse
engineering has led to the creation of attacks using the basic fundamentals these protocols rely on. And since TCP/IP is so
embedded in our infrastructure we must adapt and learn to defend each new attack.


Open Systems Interconnection model, is a seven layered networking design. Its an industry standard that defines exactly how
data is transffered between protocol to protocol. Not every protocol follows the OSI model exactly and some do. TCP the
internets main mode of data transport does not follow it exactly. Let me take you through a brief over view of the OSI model.

Layer Seven : Application Layer
This layer is obviously application specific, it provides everything from authentication to email to ftp and telnet, the
list goes on. Its specifically for end user processes, what we input into our applications we can see on our screens.

Layer Six : Presentation Layer
This layer changes and possibly encrypts the data so that the application layer can understand it. (you will understand what
this means in a few minutes)

Layer Five : Session Layer
Think of this layer as Establishment, Control and Termination of the sessions formed by the
application(client) to a remote host(server).

Layer Four : Transport Layer
This layer is responsible for the invisible transfer of data between host to host. It is there to ensure all data transfer
goes accordingly. The protocols used are, UDP and TCP.

Layer Three : Network Layer
This layer is for error correction, packet sequencing, and for transmitting data from node to node. Addressing is also
another function of this layer in inter-networking.

Layer Two : Data Link Layer
This layer decodes and encodes packets into bits so they are ready for the physical layer. It also handles error correction
in the physical layer. This layer is also divided into two different sub-layers. The LLC (logical link control) and MAC
(media access control) sub layers. The LLC sub layer provides control for frame synchronization and error checking. The MAC
sub layer controls how a computer on your network has access to data.

Layer One : Physical Layer
This layer is the actual movement of the data. Using electrical impulse or some other form of data movement is pushes the
bit stream towards the other host. This layer is the hardware level, the ethernet card, the wire etc. There are many
protocols within this layer.

You may ask yourself why I listed these from 7 to 1. Well I did to show you how the OSI model really works. Layer Seven
really comes first, the end user types something into his instant messenger (for example) and the data flows down through
the OSI model being encapsulated and changed at every level it has to be changed or corrected at. The data travels the wire
and at the other end it moves back up the OSI model all the way back up to layer seven where the other host can read it in
the original form it was sent. So theres a VERY basic understanding of the OSI model and how it works to transmit data from
host to host. There is alot more protocols and parts to the OSI model but this basic representation should provide a firm

To understand all of this more in depth please get your hands on a few RFC (request for comment) documents and start reading.
Because it will take you a very long time to understand exactly how TCP/IP works. If your very knowledgeable in the way
TCP/IP works then this paper should make alot of sense to you, perhaps even bore you! :( On the other hand if you dont
understand TCP/IP as well as you would like to, you still might get something out of this. I try and explain all of the
technical writing as easily as I can. Feel free to email me if you have a question or comment. Thanks :)

Chapter 1.

Section a.

The most common attack on the internet today is a denial of service attack. There are many programs on the internet today
that will assist anyone in crafting one of these attacks. The sad part is for as easy as they are to make their power can be
destructive when used properly. No matter what kind of packet attack it may be most are based on the same principal, volume.
Thousand and thousands of spoofed packets will eat up network resources within minutes, choking and essentially 'killing'
any network. There are many types of packet attacks. Some are more sophisticated then others. I will also talk about TCP/IP
hijacking and your typical port and vulnerability scans among other things.

Why do people launch these attacks? How are they launched? How do they exactly (technically speaking) 'choke a network'?!
Hold tight im getting to that. The lower end of these attacks are usually launched by what the hacker community calls a
script kiddie. You see a hacker isnt a mindless web defacing juvenile (please see the mentors manifesto). A hacker is a
person of true intellect and would never craft such an attack for no reason. But these lower end attacks are usually
launched at peoples individual machines. Their IP address's may come from an IRC chat room, yahoo messenger, AOL, ICQ, or
whatever other messenger you might use. Although not as sophisticated, these 'lower end' attacks can still knock an
individual machine offline in minutes. The slightly more advanced attacks may be aimed at a business competitor in order to
slow their sales or disrupt their outgoing internet connection. Whatever the reason may be they are usually launched for a
reason. Attacking a box for no reason is typically useless and will only take up your own bandwidth.

The more sophisticated attacks are aimed at government and root points of the internet. Such as the attacks on the root DNS
servers in October of 2002. These attacks were sophisticated in the way they were crafted. The attacks lasted for over an
hour and successfully took out a few of the servers. If the attack had lasted just a few more minutes who knows the damage
it could have caused. The possibility of the authorities solving these attacks and apprehending the offenders is slim to
none because they are created and launched by skilled malicious individuals. They were also distributed denial of service
attacks. Which means the 'zombie' machines that attacked the servers were spread out all over the world. We will touch more
on that later though.

Section b.

You will learn more about how these individual attacks are crafted and how they work later in this paper but this is
small introduction so you can get a vague idea. Creating spoofed packets requires an open socket. This socket binds to an
IP and a port and allows you to inject a packet onto the wire or accept any incoming packets to that IP and port. *NIX
openly supports open socket programming (many tutorials on this type of programming). Which means you can code programs that
create packets and then inject them into the network with ease. An example of this would be a program called "SENDIP" which
allows you to create custom packets, and it supports many protocols (another good program is nemesis). I have written a few
tutorials using SENDIP, I think its a great program for both advanced and new network engineers to use. It will help you
learn about packet structure and the different protocols it supports. Microsoft is not an open source company, which pretty
much makes it even harder to find help in creating these sorts of programs for Windows. But it is possible to craft these
attacks from within a Windows environment. Its referred to 'Winsock' programming. Infact most of these DDOS attacks are
because of vulnerable Windows boxes out on the net. They are sitting ducks for trojan horses and other programs that craft
these attacks on servers when commanded from a client program to do so. Most end users do not understand security and how
easy it is to break into someones home computer, so they lack firewalls and virus scanners. This leads to many zombie
machines available to hackers disposal on the net. All one has to do is scan a class C subnet for open trojan ports and
hack their way into those trojans and use them as a backdoor, another zombie is created for attacking remote targets. Almost
every program that interacts with TCP/IP generates packets to and from places, this is valid traffic. As you read you will
distinguish the difference between valid and non valid, as it easy pretty easy to understand what I am explaining when I say
"attack". When creating an open socket and crafting spoofed packets these programs tell the kernel they are going to
construct their own IP headers. Usually this information is put on by the kernel before exiting the machine. But in this
instance we are telling the kernel we want to specify our own information. Not all operating systems will allow this. And
no I dont have a detailed list of which do and which dont. Most of the experiments I have conducted on my network used
different versions of RedHat Linux, Mandrake Linux, and Windows XP.

Chapter 2.

Section a.

There are several different types of packet attacks. Theres the simple brute flood of ICMP packets which floods a network
and eats up all the available bandwidth. And then there are more sophisticated attacks like the Smurf or SYN/ACK attack.
All of these attacks target different things. While the SMURF attack may target the general network its attacking, the
SYN/ACK attack targets a specific host or service running on a host. We also must take into consideration when a target is
attacked it may not be the only machine affected. There are many routers and other boxes transfering the data between point
A and point B. Other peoples legitimate data is flowing between them, and may be disrupted by the packet flood. Even a top
of the line router can only handle so much data. And unfortunately it is very easy to attain soure code for these attacks
all over the web. Lets take a more detailed look at each attack.

ICMP brute flood attack.

ICMP works on top of TCP. The ICMP protocol is simple yet very effective. Its used for error correcting and testing network
connectivity. Your average PING program uses ICMP packets to test network connectivity. By sending a small amount of
arbitrary data in an ECHO_REQUEST packet it waits for a reply from the target host, simple right? A typical ICMP packet is
called an ECHO_REQUEST. You send 4 or 5 of these at a target machine and when it arrives there it requests an ECHO_REPLY.
Thats when everything is done according to design. If you want more info on an ICMP packet and how it works then read my
tutorial on that!

In this attack the source IP address is spoofed. So now hundreds, thousands of ECHO_REQUEST packets rush towards their
destination. They reach point B, request an ECHO_REPLY for every ECHO_REQUEST sent. Point B says OK, reads the source IP.
The source IP ends up being unreachable. But point B is waiting a small amount of time (milliseconds) to determine that for
every packet thats hitting it. It will be a few more moments before the process relinquishes this small bit of memory back
to the system. This adds up to a great deal of packets and memory allocation building up. Now if these packets are coming
from multiple source zombies (DDOS) then this means there each coming from different routes. So even if one ISP stops one
attack, there are still many more zombie machines attacking the victim. All of this is eating up time and bandwidth, because
with every millisecond that passes more and more bandwidth is being taken up. Eventually point B can no longer keep up with
the ECHO_REQUESTS and his connection is completely flooded and of no use. On an unprotected system or router this attack
can be very consuming. This attack is also sometimes referred to a bandwidth attack. Even if the target is running an
advanced firewall it cannot protect the wire it connected to from being flooded with packets. There have been changes in
this attack as well. On the net there are what we call amplifiers. On every network there are the network and subnet
addresses. In many default configurations when you ping either one of these addresses they multiply the echo requests by 4
or more. So a zombie would attack a vulnerable network (.0) or subnet address (.255) with a spoofed source IP, being the
victims real IP. So even tho the traffic becomes valid as far as IP addresses go. The victim gets bombarded with massive
ECHO_REPLY packets. You will see more of this description in other attacks, as it works for some of those to.

[zombie machine] -->ICMP ECHO_REQUEST (source IP = -->-->--> [target]
[??????????????] ICMP ECHO_REPLY (destination ?)<-- [target]

Hopefully that simple drawing shows you exactly how this attack works. Its very very simple, massive ICMP packets with
spoofed address's taking up network resources. The simplest of attacks.

Smurf attack.

(first part is repeat from ICMP attack) There have been changes in the ICMP attack. On the net there are what we call
amplifiers. On every network there are the network and subnet addresses. In many default configurations when you ping either
one of these addresses they multiply the echo requests by 4 or more. So a zombie would attack a vulnerable network (.0) or
subnet address (.255) with a spoofed source IP, being the victims real IP. So even tho the traffic becomes valid as far as
IP addresses go. The victim gets bombarded with massive ECHO_REPLY packets. You will see more of this description in other
attacks, as it works for those to.

You can try this attack on your home network by simply opening a packet sniffer on each machine that is on. Pick a machine,
any machine and ping your broadcast address. Mine is Immediately you see each machine receiving a broadcast
packet. Now imagine its several hundred and each one has a spoofed source IP address. Its a brute ICMP attack on a massive
scale, this possibilities to this attack are endless. You could easily implement this attack in anyway you chose. You could
spoof the victims real IP as your source IP and create massive volumes of legit ECHO_REPLY packets. Even though its valid
traffic, its 4x or more times the normal load of valid traffic. This consumes the connection and valid traffic cant pass,
or passes so slowly it makes no difference to the end user.

[zombie machine] --> ICMP ECHO_REQUEST source ip = --> to: broadcast router (router multiplies the
ECHO_REPLY packets by 4x! --> --> --> --> [victim]

SYN/ACK attack.

The SYN/ACK attack is a very powerful attack. SYN/ACK packets are also used in TCP hijacking, and the TCP/IP three way
handshake. When an application wants to connect with a server somewhere over the net via a TCP connection (connection vs
connectionless data transfer (UDP)) it first sends a SYN packet. The SYN packet tells the target machine he wants to make
a connection on a certain specified port, and then send data. When the target machine read the SYN packet it replies to
the original host with a SYN packet of his own and an ACK (acknowledgement) packet with sequence and ack numbers. These SEQ
and ACK numbers are used to synchronize the data transfer, incase one or two packets gets lost or slowed down along its
route, it can be assembled again in the correct order. The orignal machine replies again with another SYN ACK packet
combination acknowledging the sequencing numbers and then it starts to send data. When it creates this connection a tiny
piece of memory is allocated to hold the connection while the packets are in route. Now a SYN/ACK attack would consist of
spoofing the source IP address on the original SYN packet. The target receives the request for a connection, reads the
spoofed source IP and tries to send its own SYN and ACK packet to a destination that does not exist. Most operating systems
will continue to send SYN/ACK packets if they dont receive a reply as a method of error correction and guaranteed data
delivery. Just like in the ICMP attack the machine has to wait a few milliseconds before abandoning all hope of reaching
the machine. So these tiny allocated spaces of memory are building up with every spoofed packet that arrives at the target.
This attack is very powerful and can disable a service running on the target machine in a matter of minutes. Not to mention
all the available bandwidth is eaten with thousands and thousands of spoofed packets. So there is the SYN/ACK attack in a
brief description.

[zombie machine] --> SYN packet (source IP, port = 23 telnet) (seq = 100) --> [target]
[??????????????] <-- SYN/ACK packets sent (seq = 300) (ack = 101) <-- [target]

As you can see from the simple drawing above the target machine has no idea who is sending the SYN packets and the telnet
server he is running on port 23 would most likely crash. At best the telnet daemon would not allow any other legitimate
traffic through, as it could not gather enough resources (memory, bandwidth) to make the connection due to all the spoofed

Another use of this attack is to disconnect a user from their current TCP session. By spoofing SYN/ACK packets to a server
a client is currently using. An attacker would place a "FIN" flag in the packets, this tells the server the client is done
sending data. Client uses his connection and attacker walks away undetected, because it only took one packet to accomplish

UDP attack

UDP is a protocol that is used to transfer data. Short for USER DATAGRAM PROTOCOL. UDP offers very little error correction
and is used as an alternative means for data transfer. It doesn't require the 3 way handshake such as the SYN/ACK method,
so its initial attack may not take down a remote daemon as quickly. UDP is generally used to broadcast messages over a
network. A UDP attack would consist of spoofing the source IP addresses and specifying a port number like in the SYN attack
above. UDP packets are generally large because they are usually used on closed 100mb subnets (LANS). So an attack would set
flags in the packets and fragment them (break them up and flag where in the packet they broke, so they can be reassembled
on the receiving end). For example in Windows 2000 there was a remote UDP DOS exploit that used the IKE service running on
port 500. All an attacker had to do was connect to port 500 on a random machine with that port open. Start sending massive
UDP packets (above 500 bytes) to that service and the CPU usage would hit 99% and the machine would lock up. The typical
ports that accept UDP packets are 7, 13, 19 and 37 on a Windows box.

DNS attack

The DNS attack is a special one. Not as easily crafted as the others, there arent that many tools readily available to the
average script kiddie to construct such an attack. The DNS protocol is used for name resolution, =,
simple as that? Well not really. A DNS attack is based on the fact that a DNS query takes very little data and bandwidth to
create, but a DNS response is much bigger. So this is how a DNS attack would look like. = victims IP

[dns query packet (who is] --> source IP is --> [dns server]
[dns server] --> --> --> [dns response] [dns response] [dns response] --> [victim]

As you can see the attack is sort of relayed from a legitimate DNS server. Although the DNS response packets are 'legit'
there is a massive flood of them because the DNS server that is sending them is a very good machine on a very good
connection. The end user, most likely a home pc, gets flooded with these huge DNS response packets it never asked for.

ARP attack

The arp attack is a special one, it can be used to 'hijack' a tcp connection currently in session or it can be used to
sniff the legitimate traffic on a wire other then your own. Which is a very dangerous thing in the information world we
live in today. There are a few methods of this attack. Lets say person1, attacker, and server are all on the same subnet.
Person1 and server currently have an FTP session open. Attacker sends both server and person1 an ARP packet containing an
invalid MAC address. Now both of their arp tables are messed up for atleast 30 seconds. Server and person1 cant find that
invalid MAC address so they send their data to the IP its associated with, the attacker. So in this case the attacker has a
sniffer setup and hes collecting a ton of data. Now the attacker (an advanced one at that) can issue commands as person1 to
the server. This attack takes timing and skill to pull off on the internet, but on a LAN its very easy. It only allows for
maybe 30 or so seconds of sniffing, until their arp table is constructed properly again.

DRDOS attack

A DRDOS attack uses a little of other attacks to inflict damage. This attack spoofs the source IP address of SYN packets
to the IP of the victim. It requires a third party. This is the part of the attack that makes it so easy. All it needs is
some ftp, webserver, telnet.. ANY service that will reply with an ACK packet, anywhere on the internet. Could be angelfires
free ftp servers, could be your neighbors web server running off his 233mhz compaq with IIS 4.0. It doesn't matter! The SYN
packets are sent to that services IP address and they of course reply with a steady stream of SYN/ACK packets to the victim.
Most likely directed towards an open port on the victims machine, crashing that service and the system. These attacks are
near impossible to track down. This attack is quite possibly the strongest DOS attack in my opinion. For every SYN packet
you send the middle man, it sends out up to 4 SYN/ACK combinations to the victim. And each time the victim doesn't respond
the middle man sends even more (error correction). This allows the attacker to contruct a massive attack from just one
machine with a broadband connection. There are more dangers to this attack as well, there are hundreds of thousands of FTP,
webservers and many more services running on the net today that will deflect these SYN/ACK packets at the victim. So in
theory this attack could use any number of 'middle man' servers to bombard your network with packets.

Quick Shutdown for XP, How to create a shutdown shortcut.

Ever want a quicker way to shutdown XP without navigating through the start menu, or using a third party shutdown utility Here is a script that will do just that.

Right click the desktop and choose New Shortcut. Copy and paste this script or type it in.

%windir%System32shutdown.exe -s -t 0

Choose Next and name it whatever you like. I name mine OFF. Click Finished. Right click and choose properties and pick a Icon for it if you'd like. I use a wall light switch Icon. I drag mine into my QuickLaunch toolbar for one click shutdown.


Performance Increase Through My Computer

Performance Increase Through My Computer

1: Start > Right Click on My Computer and select properties.
2: Click on the "Advanced" tab
3: See the "Perfomance" section? Click "Settings"
4: Disable all or some of the following:

Fade or slide menus into view
Fade or slide ToolTips into view
Fade out menu items after clicking
Show Shadows under menus
Slide open combo boxes
Slide taskbar buttons
Use a background image for each folder type
Use common tasks in folders

There, now Windows will still look nice and perform faster

Quick Msc

Start > Run >

Certificates - certmgr.msc

Indexing Service - ciadv.msc

Computer Management - compmgmt.msc

Device Manager - devmgmt.msc

Disk Defragmenter - dfrg.msc

Disk Management - diskmgmt.msc

Event Viewer - eventvwr.msc

Shared Folders - fsmgmt.msc

Local Users and Groups - lusrmgr.msc

Removable Storage - ntmsmgr.msc

Removable Store Operator Requests - ntmsoprq.msc

Performance - perfmon.msc

Services - services.msc

Windows Management Infrastructure (WMI) - wmimgmt.msc

Remote Shutdown

XP PRO has a lot of fun utilities. One of the most useful ones I have found to date is the ability to remotely reboot a PC. There are 2 ways of doing this. You will need to have admin access to the PC to preform these actions. That being said, here is the first way to do it:

Right click my computer, choose manage.
Highlight the Computer Management (Local) then click on Action, choose connect to another computer.
In the window that opens fill in the machine name of the PC you want to connect to and click ok.
Once connected right click on Computer Management (Remote machine name) and choose properties.
Go to the "Advanced" tab and click the Settings button under Start up and recovery.
Click on the Shutdown button.
Under action choose what you want to do (you can log off current user, shut down, restart, or power down. you can also choose if you want to force all applications to close, close hung apps, or wait for all apps to close by themselves).

The second way... Remember dos... that good old thing. Open up a command prompt and enter in the following:

%windir%\System32\shutdown.exe -r -m \\Machinename. The command prompt has more switches and options. I highly suggest using shutdown.exe /? to see all the posibilities.

Outsmarting System File Protection

Outsmarting System File Protection
Tested in Windows 2000 sp2, Windows 2000 sp3 with and without IE6 sp1. Should work fine in XP and XPsp1


A lot of people are having troubles with System File Protection (SFP for short). This can be a major pain in the butt unless you know the tricks to it. Having only tweaked Windows 2000 Service Pack 3 I figured out a few things about SFP and replacing files:

1) TaskManger is your best friend when replacing files in 2k/XP.
When you open task manager you can do just about as much as you can do with Explorer just by going File>NewTask(Run..). From here you can either use the Run Dialog to launch programs one at a time, or select 'Browse' and explore. Using right click menu commands to do the bulk of your work (Copy, Paste, Rename). Problem is often times you can't replace items do to the fact that your browse is making calls to things you want to delete.

2) CommandLine or Cmd.exe is like that other friend you have that likes to help out.
One plus this has over TaskMan is you don't use the file you are trying to replace. A minus is that it can be a pain if you aren't an experienced DOS user.

3) Backups are your ace in the hole.
Always back your files up prior to doing anything (sometimes I don't bother and wish I did.). Keep It Simple Stupid applies here. Save yourself a few keystrokes and place your backups in something like C:\back\

4) SafeMode is the rest of the hand.
Windows2000 and XP (I believe) can both be booted into SafeMode. When your computer is first booting up, after your bios screen but before the Windows is Starting screen (I could be slightly wrong here seeing how I don't know the timing for sure.) you hit F4 or F8 to get the SafeMode menu. Select 'SafeMode with CommandPrompt'. Welcome to "DOS" on 2k/XP. Anything that can't be replaced while Windows is running can be replaced here. (url.dll) Syntax would be Copy c:\url.dll "c:\Program Files\Internet Explorer\" quotations allow you to put spaces in the path (I didn't know this)


Here we go. System File Protection, of Sytem File Checker is a neato feature of Windows meant to protect Joe Computeruser's PC from being ruined. When a needed System file is being replaced your File Checker says "Wait a minute this isn't mine." While this can be great in the long run, it's not a positive thing in Windows Hacking. The trick is to replace the files it uses to replace files.


1) First up you need to find the file you want to hack and then replace. Start>Search>Files and Folders>dllname. It's good to actually search for the file so you can find out all of the locations of all copies. Let the search finish just in case. If you have installed any service packs you will have probably have copies of the file in:

\winnt\servicepackfiles\i386\ (Win2k)
\windows\servicepackfiles\i386\ (XP)

As well as:

\winnt\system32\dllcache\ (hidden folder in Win2k)
\WINDOWS\system32\dllcache\ (hidden folder in XP)
\winnt\system32\ (win2k)
\windows\system32\ (XP)

2) Now that you have all of the locations, write them down on paper or your forehead just to be safe (backwards so it shows up in the mirror).

3) Make a backup (remember K.I.S.S.)

4) Hack your file and save it c:\ for simplicity.

5) Open TaskManger (Right click on your taskbar and select TaskManger)

6) Go to the 'Processes' Tab and find 'Explorer.exe' highlight it and push the 'End Process' button. Say Yeah to the popup.

7) Go to the first tab in TaskManger and select 'File>NewTask>Run>Browse' from this Window navigate to c:\ and higlight your hacked file. Right clic on it and select 'Copy' (don't Cut it.)

8) Nagivate to your Windows directory, open the \servicepackfiles\i386\ folder. Paste your hacked file and replace the copy that is in that folder.

9) Navigate to your respective dllcache folder, paste the file there too.

10) Replace the normail copy in system32 finally (or wherever it might be).

11) Reboot. Don't LogOff , Reboot.

Now chances are this won't go that smoothly. Either the file you want to replace is in use, or your pal and mine SFP will pop-up. It can mess with you in odd ways. I've replaced the servicepackfiles version and the dllcache files, then had SFP grab the normal and replace the other two with it. This can be frustrating. Or maybe the file is in use. This is where the Command Prompt comes into play. If you already replaced the files and rebooted to no change, launch TaskMan again, kill explorer.exe, then go 'File>NewTask>Run>Cmd.exe' Use the DOS commands to try to replace all of the copies of the file in that order using your hacked version in C:\

This is usually where you get the message from SFP telling you it's alive and kicking. You will get a rather urgent looking pop-up telling you that a file that Windows needs is being replaced by a different file. It will then ask you if you want keep the modified files. Say 'yes'. Next it will prompt you to insert your Windows cd to retrieve a copy of the file it needs. Click 'Cancel'. As a good rule of thumb, when you get this message replace what you need then reboot!

If your file still isn't changing, boot into SafeMode with CommandLine. Wait for Windows to take it's sweet time loading. Then just type copy c:\file.dll c:\winnt\servicepackfiles\i386\. Rinse and Repeat. Then reboot. This has worked for me 100% of the time, if followed it will work for you as well.

Play On A Bnet Emulator, and f off cd key check =)

Hi all.
So I am proud to post this tut it might not be in the right section, coz it's mac//windows compatible, but i just have windows fact i couldnt find out wich one was appropriate.
So here you are:

Play Warcraft3 Battle on bnet emulator:
1/ Make sure you have the lastest patch

2/ download gateway manager here:

3/ download warcraft loader and nocd pach here:

4/ Open gateway manager and add gateway.
5/ Run game using w3l.exe -classic
6/ Choose to connect on stanz gateway.

Play Warcraft3 Frozen Throne on bnet emulator:
1/ make sure you have last patch, if not get it here:

2/ download gateway manager here:

3/ download warcraft loader and nocd pach here:

4/ Open gateway manager and add gateway.
5/ Run game using w3l.exe
6/ Choose to connect on stanz gateway.

Play Starcraft with/without expansion:
1/ Make sure you have the lastest patch :

2/ download gateway manager here:

3/ Launch game, and select gateway.
MAYBE YOU NEED A LOADER WE DIDNT TEST. if you do it's a simple bnet loader
I found out you could even play war2 bnet edition but not diablo 2. The Diablo 1 game should work properly.

Happy gaming. I think i left *.nfo so credits are there anyway thanks to stanz for hosting this server.


Remote Desktop Through Company Firewall

Remote Desktop Through Company Firewall

Dont wanna take any credit for this as i got this from another forum thought of it as quite informative so pastin it here

Note this tutorial is collection of tips I gathered from searching the internet and some credit is due to the original authors. None of which I know.

A lot of people I know love using the Windows Remote Desktop feature at work, however are prevented from connecting to their home computer because of the company firewall. This is because most corporate firewalls block port 3389 which Remote Desktop uses. Most just switch to VNC, however most find it slower than Remote Desktop.

This quick tutorial shows how (from a fire walled network that blocks port 3389) you can access your home computer using MS Remote Desktop.

*This tutorial assumes you have or know how to setup and dynamic DNS client if you need one

*Assumes you know how to setup port forwarding if you need to.

Because Remote Desktop is using port 3389 by default, it is not possible to go through a firewall. So you can use port 443. Because this port is always open on your companies firewall to allow https. (One would assume )

At your home PC:

1) Configure Your pc to allow Remote Connections in your System Properties (windows - Break) tab Remote. Check 'Allow users to connect remote to this computer.

2) (add users if needed)

3) According to

In the registry change
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\TerminalServer\WinStations\RDP-Tcp\PortNumber to 443 (click Decimal radio button first)

*Configure your firewall to allow traffic through port 443 (If you need to)

*Configure your route to forward port 443 to your computer (If you need to)

If you have IIS running you have to change the port number of https. because it is already listening on this port.
C:\WINDOWS\system32\cscript.exe c:\inetpub\adminscripts\adsutil.vbs SET w3svc/1/
SecureBindings ":444:"

Or just disable IIS Service

For your PC at work:

According to

you can just type the port after the IP-Address of your home PC.

*Or if you have a Dynamic DNS Client such as No-IP or DynDNS you can type in that address.

You can add the following to the rdp file. (which you can get to click on Save As on the tab General of Remote Desktop Connection)
server port:i:443

Extra tip: to have access to your clients hard disk on your remote desktop, check Disk Drives on the tab Local Resources of Remote Desktop Connection

Play Games On PS2 Without ModChip

Play Games On PS2 Without ModChip

In this guide, you will learn the very easy method of making copies of your PS2 and normal Playstaion games so that they are playable on the PS2. This guide will provide you with all the information you need to burn PS2 games.
You will need the following things to burn PS2 games:
a computer with a cd burner
a blank cd-r (don't use the re-recordable type a.k.a. cd-rw)
CDRWIN – The version in this guide is 3.8D
FireBurner –
PS2 patcher –
GameShark 2 for PS2 - the GameShark 2 is available at most stores that sell video games, a few examples would be Best Buy, Circuit City, or Target. You want version 1.0 of the GameShark 2. I have heard that all other versions work, but I have only tested version 1.0. GameShark2 costs about 29.95. Believe me, its worth it!!!
and a PS2 to play the games.
Burning the PS2

The process of burning ps2 games is easy. It is really only a 3 step process.(read the game, patch the game, and burn the game.)

1) insert game into cd drive.

2) Open up CDRWIN and click on the extract disk/tracks/sectors button.

3) Your settings should be as follows:

For “extract mode” select disk image/ cue sheet
For “read options” select “raw”
For “error recovery” select “abort”
For “jitter correction” select “auto”
For “subcode analysis” select “auto”
Data Speed and Audio Speed should be the same
For “read retry count” type 0
For “subcode threshold” type 300
Make sure you selected the drive that your PS2 game is in

Make sure you typed in the file name (just type the name of the game) and Check the directory that you're putting your file in.

Then just press “start”

If you get an error in the middle of reading the disk that says something like “can't read sections xxxx-xxxxx of disk”, it is becase the disk is scratched and CDRWIN can't read it. Try to clean the disk, if that doesn't work you just have to use a different game (a different copy of the same game)

4) Once CDRWIN is done, click ok and then exit CDRWIN. Open up the PS2 patcher, select the game file you just created and patch it (make sure you select the “RAW” option.

5) Close the PS2 patcher, next open up Fireburner. Click on the visual cue burner button. When you created your .bin file (the game file) in CDRWIN, a .cue file should have automaticly been created. In that case, drag and drop the .cue file into the Fireburner window. If the .cue file was not created, just drag and drop the .bin file into the Fireburner window. After you have done that, right click (click with the right side button on your mouse) on your file in the Fireburner window, and select “Burn/Test burn”.

6) In the options window that appears, select your cdwriter, select your write speed(doesn't really matter), and make sure you select “Track at once (TOA) for the recording method. As for the options on the right side of the options window, make sure only the following are checked: “eject cd” and “close session”.

When you have selected the options, click ok and your PS2 game will burn. That's all you have to do to burn a game.
Burning a Playstion (PSone) game

1) If you want, you can spend 5 minutes using the same method as above to burn your playstation game, but its not necessary. For a playstation game (not PS2) all you need to do is use a program that lets you make an “exact copy” or a “backup disk (CDRWIN)” You don't need any selected options, you just need to start the game on the PS2 the same way you would a PS2 game.
Starting the game on your PS2

1) Now for the fun part (and challenging part the first couple of times) This may sound a little complicated at first, but after you do it 3 or 4 times, it's super easy. First things first, you must remove the front of your game drive on your PS2(not a big deal, it can snap on and off).

2) Now insert your gameshark 2 cd(make sure the gameshark memory card is in one of the 2 slots, doesn't matter which one.)

3) In the gameshark options, choose “start game”, then “without”. Your screen should read “Please insert game disk then press X to continue.”

4) Now this part can be trickey for beginners, so I will provide pictures

-the main purpose of this starting method is to open up the PS2 and swap the gameshark disk with your burned game without the PS2 knowing you did it. DO NOT press the eject button on the PS2!!!

-with the PS2 cd tray cover removed, you will be able to look in and see a while tab inside the PS2. With a credit card (or something like it) gently slide the white tab all the way over to the right, if you did it correctly, this should allow you to manually pull open the PS2 cd tray.

5) Next, take the gameshark disk out of the PS2 and put in your burned game.

6) Gently push the PS2 cd tray fully back into the PS2 (Don't press the eject button).

7) Now you need to slide that white tab all the way back to the left (its origional position). To do this you get a strong papper clip(needs to be a strong one) stick it into the PS2 on the right side of the white tab and push the tab back to the left.

If you pushed the tab all the way back to the left and did every thing else right, you are ready to play your game. Just press X on your PS2 controler and watch as your burned game loads. ( It may load slower than an original game, depending on the cd-r you are using, I use Verbatim cd-r's and have no problems.)

Download Programs Mentioned:

Recover a Quick erased CD RW

Procedure used to recover data from a quick-erased CD-RW disc

1. Make a file of exactly the size of the cdrw disc's capacity (650MB in my case).
(this step may not be needed)

2. With Nero I created a new project and added the file to it so that I have the disc filled. I gues you can also fill up the disc with other files.
The reason why I fill the disc is because I want Nero to make a session that uses the entire disc. Like I wrote earlier in this thread I experienced that my CD-Drive refuses to read off the disc beyond the session's boundaries. When you quick-erase a disc there is no session anymore so the drive will not read at all. Burning a new session will overwrite the data and burning only a small session will NOT make the drive read the other data that is still on the disc.
The reason why I used the one big file is so that I could later on recognize which part of the disc was overwritten by this file because this file contained all zeros (0x00).

3. I pressed burn and selected disc-at-once. Then while Nero was burning the leadin I pressed cancel. My CD-Drive finished writing the lead-in and Nero reported an error.
This is what was accomplished however: Now the disc contains a session that says that the used disc size is the complete disc. Nero did not get to writing file because I cancelled it. Good thing because I don't want Nero to write any files because my old data will get overwritten!
I gues it works the same with different writing software. Another method that I used during a test was simply press the reset button of the computer when the burning software was done with writing the lead-in and started with the files.

4. I had to restart the computer after cancelling burning.
With the cdrw disc inserted I saw in "my computer" that windows recognized that the disc was 650MB, clicking on it gave an error. Good so far!

Now with IsoBuster you can extract the sectors from a disc to a file. This is what I did.
I gues that if you have data-recovery software at this point it will be usefull because now (if all went well;)) the CD-Drive WILL read data from the entire disc. Anyway, I used ISO-Buster because the files that I needed to recover where a bit odd for nowadays (.XM, .S3M, .MP3):
In IsoBuster I had to do several steps:

Step 1: Find out from and to which sector the drive will read
By choosing "Sector View" you can look at any given sector.
Here I found out what the first and the last sectors where that are readable. (Hint I used the method for the old game: "Gues a number below 100, I'll tell if it is higher or lower than what you gues")
Step 2: Extract the actual sectors
By choosing "Extract From-To" you can extract any given range of sectors to a file. My disc was a data-disc so I choose the first extraction type "User data, 2048 bytes/block...".

In the end I got a .tao file which was about 650MB. I ran several programs on it to look for files inside a file by searching for file-header-paterns:
1. Multi Ripper 2.80 (for DOS, for the .XM files. It does many other file formats as well (jpg,png, bmp,wav,etc,etc +100). Try google with this query: Multi Ripper 2.80. I still had the file from good old days but I saw several good search results)

2. Winamp for mp3.
Winamp will scan any file when you give it the extension .mp3 and play it as one big song (so I renamed the .tao file to .mp3). I used the discwriter to get a .wav and the Adobe Audition to manually cut and save my songs. I looked at the MP3 file format and it is hard to find an mp3 file in a big file because it has no clear header just a bunch of mpeg-frames in most cases for me . A lot of my files had no ID3v2 or ID3v1 tags... But after a couple of hours I recovered everything.

Finally a list of used stuff:

- IsoBuster v1.5
- Nero
- Multi Ripper 2.80
- WinAmp v5.02
- Windows XP Pro NL (patched up)

- NEC DVDRW ND1300A 1.06

- some old 4 speed cdrw

Part 3 Ftp


Now time to slap on an FTP client and mix it with An IRC client and season it with the List Reader

You may already have Mirc from the 1st 2 parts if not get it from
then please get this great FTP client from
and finally the Invaluable List Reader from
<-= install carefully, you may need the .net framework as well, available through windows update or the link posted on that website.

If you don't know what FTP is or how to use it, egh... LOOK INTO IT!!
Moving along, you need to obtain an FTP site to connect to. this is where the magical LIST comes in.

To get the list go into mirc, and type in the status window /server then type /join #warez to join the channel warez. Once inside type "!list" without the quotation marks, and a you will get offered a file called list.txt, accept gracefully, and remember to stay in the channel for a few minues. If you close mirc down as soon as you get the file, you will be banned from that channel for good, for being a tight a**.

Once you have the file it will be located in your MircInstallDir\downloads folder. Start up List Reader and open up the file.

Wow you say, look at all these sites. Yep, all good.
Before you can connect to them, in the options (look around, you have eyes after all) select your default client to be flashfxp and point to it (its probably in program files\flashfxp)

Once that is done, start up Flashfxp and double click on a site that you like, you can either scroll down the list in different categories or search. Please note that the descriptions are often brief and a site may have ALOT more good stuf on it. Once you double click on a site, you will notice that flashfxp is connecting for you. As with most things, you will find that it will either connect quickly and u will be presented with alot of files/and or folders that look like something you see in an explorer window. The site could be busy and you may have to wait and hope that it eventually connects, or the site may have died and you are momentarilly out of luck.

This sounds like alot of work old man, is it worth the time ?

Yes it is, because sometimes you will hit a goldmine, and maybe down 4 gigs of excellent stuff in one hit its too easy, all u do is drag the stuff you want from the right window into the bottom left window, and once u have queued up, right click on one of the files in the bottom left window and do transfer, to watch them all download one by one.

But But I like bitttorents and XDCC
Good then only use them. However i use it ALL

Thanks to OLI who wrote these guides.

Part 2 Irc (mirc)


Now that I have got you excited about bittorrents and you have downloaded everything on the internet, including your uncles famous cabbidge stew I would like to introduce you to the magic of XDCC transfer over IRC

Ladies and Gents please download mirc, the most popular IRC client from

and to make the entire process as easy as watering a cactus please get this great xdcc downloading script for mirc from

How do I install this scrip you ask ? use your eyes, and follow the instructions on the website *duh*

Moving along now, i will paste a whole heap of sites that allow you to search for XDCC packets.

CODE <-= THE BEST [<-= submitted by PcGuru] [<-= submitted by LanoX] (a good IRC & Bittorent Search Engine

1st fire up MIRC, I assume u have filled in a nick and all that info go to the
and type in what you are searching for. Once you get hits, click on a link and a window will popup asking you to connect to a new server. ACCEPT and you will find yourself inside a channel full of people and robots. Now hit CTRL + V this will paste /msg robot xdcc send 1 (where one denotes the number of the file that they are serving, so it could be 15 and bot is the name of the bot, the bots USUALLY have a + in front of their name and are all the way near the top of the list) and smack enter. This will make a request to the bot.

Now 3 things could happen. 1 your download will start immidately and u will get this warning window asking you if you want to accept a download (all this can be turned off and I recommend that you do that in the mirc options along with ignoring of certain file types, I also recommend turning on auto accept for your convenience, if you download a virus, then it should be obvious, and don't click on anything you did not download intentionally and all will be rosy!!). 2. you will be placed in a queue and you download will start when you reach the top of the queue or 3. the bot is not there, or has change its packets and the packet you just requested is not the one that you expected.

Very EASY!!

Now you ask, well if thats all I do, what was the point of that script, its just confusing me with all these extra windows?


The point of the script is that some channels provide so much great content and have lots of bots, that u just want to idle in that channel, and *know* what every bot is offering and be able to get it with a mouse click.

Welcome to the point of the SCRIPT!!

Thats exactly what those 2 windows are, one lists all the available packets, and the other one displays the status of the files that you want to get (please have auto accept ON)

simply right click on the file you want and select "get packet"

So what are some of these great channels and servers you talk about OLD man ?

Alright, theres a couple I like, simply cause they serve loads of *NEW* METAL releases and this sort of stuff gets me as excited as milk and cookies.

start up mirc, close that popup connect window. and in the status windows type:


then type: /join #metalmetal and

then type: /join #metalheadz

What other good servers and channels are there ?

Find them yourself though ircspy and other searchers. Once you find something you want, stay around in the channel for a little while and see what else they serve, and if its good, then remember the server and channel. Simple!!

Now the final trick for all you leechers is invaluable. What if I want to be on 5 different servers at once?
Well you can load up 5 different mircs, OR load up 5 different servers inside of one mirc. How ? right click on the first icon from your left, that looks like 2 yellow stick, and select open new server window.
Whooa man now I have 2 status windows!!

Thats right, and if u click on the 2nd status windows and type in /server you can get on the other server and the script will conveniently open up 2 new windows for this server

Also if you are using a search engine such as ircspy, u can open a new status windows and click on it, so that when u hit a new link, it will ask u to connect using this new status window, and not disconnect you from the server you are already on!!

The only BAD thing about the script is, that if you close mirc, your download queue will be LOST.

OK have fun kids, and be good to your parents!

PS. you downloaded all this, but got no idea where it is ? well its in c:\mirc\downloads or wherever you installed mirc (DUH!!)

Thanks to OLI who wrote these guides.

Part 1 Bittorrents

lets get into bittorents, cause its the easiest thing to setup.

All you do is install the bittorent client (see link above). go to
and click on a torrent you like. I recommend that you right click and save the torrent. and then click on the saved torrent to start a download. this way if your download fails, u can resume it from the torrent you saved rather then having to go to the website. Confusing? it may be, thats why I recommend you go here for more helpful info.

The next thing that you need to note is, thats if you are using firewalls etc... you will need to free up some TCP ports. That is from 6881 to 6999. Otherwise the program will show you a yellow dot and your downloads will be slow.!!!

Now for all of you with limited connections, even though the faster you share the file you are downloading the faster you will download it at, IS TRUE. If you saturate your uplink, aside form making your internet connection crawl slower then a constipated snail, you will also slow down your bittorrent download as your pc will not be able to acknowledge the packets which you receive fast enough, since you are using all your uplink to share. In this case the *WISE* thing to do is to click on the torrent window and select Settings for [Dial up/ISDN] and move the arrow on the right of this all the way down to 3k for uploads.

I would also like to point out that with bittorrents, unlike other p2p sharing programs, you only share the file which you are downloading and NO other files on your pc. Torrents work by downloading bits of the file like a puzzle from various people. So if you have a part of the puzzle that someone else wants, you swap and so on.

(IMPORTANT often a torrent may appear to be completed on your hard disk (take up 500 megs as u expected) but it won't really be because torrents often reserve space and then this space gets filled up with the missing bits of the puzzle. PLEASE remember that a torrent is not finished downloading until it says "Download Finished"

It is also generally considered polite to leave the torrent open even after you have finished your download so that other people can download for you. If you don't wanna, then at least do it at times when there are 0 hosts and a few peers, that way you keep the torrent alive. (a host is a person or persons who have posted the torrent or left their finished file for sharing and peers are people who are downloading the file i.e. the host has the entire file and peers are ppl who don't and are downloading it)

FINALLY you should be able to find lots of handy stuff on suprnova but before you click to download a file, check that it has AT LEAST 1 SEED or if it has 0 seeds that it has quiet a few peers. The reason being that it is possible that all those people combined among themselves will not have enough data to put together the entier thing you are downloading (you will know that this is the case if after a while you still have a blue dot) Sometimes i have left these files going for a day or 2 and someone has kindly come in and shared their file again, and I managed to finish these downloads, so don't give up on these files straight away.

I know i have written a fair bit here, but you can probably ignore most of it heheh

Happy Torrennting!!

PS. if you have not found all the stuff you need on
(you may notice they don't serve porn) then you may wanna give one of these links a go

PPS. down? try one of the mirrors (google is your friend " mirrors" and finally sometimes the mirror works but the torrent does not, in this case try to modify the link to the torrent to point to another one of suprnova's mirrors. for example if the link says
CODE try altering it to



[<-= submitted by LanoX] (a good IRC & Bittorent Search Engine

Thanks to OLI who wrote these guides.

Part 0 Dc++

With my post I would like to share with all of you, my resources when it comes to downloading USEFUL things from the internet. Some of these things are useful to chuck on cds/dvds and others are useful to use he he he

Most of your know about P2P using programs such as kazaa, edonkey and what not. This is what everyone uses. (EVEN ME WHEN THE BELOW 3 FAIL or I want old and obscure stuff that only some weirdo in Kazakhistan may have). If you are going to use Kazaa, use kazaalite as it has no spyware

Before you download any files i recommend that you get the K-Lite Coded Pack that contains in a single file all the codecs for most media file types that you are likely to download and use. The address to the site is
. The site also contains alternatives to Apple Quicktime and Real Player which run more efficiently and are less annoying, especially Real player and the forcefull advertising.

People that are serious about downloading useful quality stuff usually don't use those sort of programs.

Your 3 best friends are FTP, IRC & Bittorrents and as of lately DC++!!!!!!!!!!!!!!!!!!!!

The tools which you will need are:

An IRC client:

An FTP client:

and a bittorent client:


I highly recommend DC++?? which you can download from
its basically like kazaa and similar.

In Aussie Land this is the program that you MUST have if you want to leech at big LANs. everyone shares using this program and you search, browse users shared folders and download. Very Handy.

Even more handy is that fact that you can also use it on the internet to connect to various networks (HUBS) and get stuff from ppl that share 300+ gigs of stuff. yeh AMAZING.

I have played around with this program and highly recommend it now. The amount of content you can get from it is astonishing. The only setting up that you need is to allow a certain port to be open with both (tcp (used for file transfers) and udp (used for searching) allowed. You can specify this in your firewall if you have one, otherwise don't worry (note: winxp has a firewall enabled by default). I also recommend that you share, as many HUBs wil not allow you to connect to them otherwise. When you open up a port you run in Active mode ( others connect to you) you can also run in passive mode (you connect to other people). So why not run in passive mode all the time ? because if 2 people are in passive mode, you will not be able to connect to one another.

When you connect to a hub you and do a search, tick display results with open slots only. and thats it. You can also browse peoples share folders, if you right click on one of their results and select "get file list"

For Help, please refer to About, Help / Newbie Help

Please read this file as it is short, and nicely summarises all the options and available commands. Also just click around (right clicking is good) and see what you can do.

typing /fav in the chat window will add the current hub to your favourites (very usefull)

What I do not like about this program is that, you are not able to download the same file from a number of people, or resume the same file from another person like you can in other programs. In the latest version you are unable to limit your upload rate, and can in this way, slow your connection down to a crawl. Lastly you are only able to get one file (or directory) at a time from a single person, without the ability to queue a number of files (or directories).

So if that person has a lot of things that you may want, it could be very annoying to get them from them. However I do like the fact that you can connect to a number of hubs at the same time, and easily search all of them or only one of them (you can select) with a single search.

PS. this program is made for people on broadband only, in fact i don't think any hubs will even let you connect on a dial-up connection. Bad luck to all you turtles.

Thanks to OLI who wrote these guides.

Optimize Emule Connection

Just start out on Emule and still a beginner.

The speed is really killing me, even configured ports 4662 & 4672. I got high ID but the quene is round up to hundreds before I capable to get any files.

I always keep my upload speed @ 20kbs, but d/l speed still suck. The speed only pick-up after 40minutes but not over 30kbs even there are 300 resource of sharing files.

Gone thru a lot of searches hope to get stuff from emule faster.

And here is one way to optimize the bandwidth for emule, which not on the manual.

With Windows 2000/XP:

Open "regedit.exe" and do the following:

Set as: "GlobalMaxTcpWindowSize"=dword:00007fff

Internet Settings
Set as: "MaxConnectionsPerServer"=dword:00000020

Internet Settings
Set as: "MaxConnectionsPerServer"=dword:00000020

I heard someone mention earlier that BT engine can speed up emule but don't know it's true.

Thursday, July 30, 2009

Optimize Broadband & Dsl Connections

These settings allow you to boost the speed of your broadband Internet connection when using a Cable Modem or DSL Router with Windows 2000 and Windows XP.

Open your registry and find the key below.

Create the following DWORD values, as most of these values will not already exist you will need to create them by clicking on 'Edit -> New -> DWORD Value' and then set the value as shown below.

DefaultTTL = "80" hex (or 128 decimal)
Specifies the default time to live (TTL) for TCP/IP packets. The default is 32.

EnablePMTUBHDetect = "0"
Specifies whether the stack will attempt to detect Maximum Transmission Unit (MTU) routers that do not send back ICMP fragmentation-needed messages. The default is 0.

EnablePMTUDiscovery = "1"
Specifies whether the TCP/IP stack will attempt to perform path MTU discovery as specified in RFC 1191. The default is 1.

GlobalMaxTcpWindowSize = "7FFF" hex (or 32767 decimal)
Specifies the system maximum receive window size advertised by the TCP/IP stack.

TcpMaxDupAcks = "2"
Determines the number of duplicate ACKs that must be received for the same sequence number of sent data before "fast retransmit" is triggered.

SackOpts = "1"
Enables support for selective acknowledgements as documented by Request for Comment (RFC) 2018. Default is 0.

Tcp1323Opts = "1"
Controls RFC 1323 time stamps and window scaling options. Possible values are: "0" = disable RFC 1323 options, "1" = window scale enabled only, "2" = time stamps enabled only and "3" = both options enabled.

TcpWindowSize = "7FFF" hex (or 32767 decimal)
Specifies the receive window size advertised by the TCP/IP stack. If you have a latent network you can try increasing the value to 93440, 186880, or 372300.

Exit your registry and restart Windows for the changes to take effect.

If you don’t want to edit the registry, here's a little TCP utility that is ideal...

Open Windows Explorer To A Different Default Direc

Open Windows Explorer to a Different Default Directory

When you open Windows Explorer (by choosing the Window key and "E" simultaneously or by choosing Start, all Programs, Accessories, Windows Explorer), you can change the directory that appears by default. If you choose Start, all Programs, Accessories, and then right-click on Windows Explorer and choose Properties, you can modify the "Target" directory. To go to your C: drive, type simply C:\ in the Target box and choose OK. You can also enter a shortcut key on this screen, telling Windows the character or combination of characters you want to type to automatically open Windows Explorer. You can even change the icon or specify that you always want Explorer to open up in full-screen mode.

Outpost Rules, Outpost rules for system & app

Outpost Rules, Outpost rules for system & app

Here you can find how to set up your Outpost firewall. Most of this rules I found on the internet, but some of them are mine. I think that you should be safer.
I used the online tests to test my firewall setings. The links to the this testers are:



Allow DNS Resolving
Protocol: UDP
Remote Port(s): DNS (53)
Action: Allow It

Allow Outgoing DHCP
Protocol: UDP
Remote Port(s): bootps (67),
bootp (68), dhcpv6-client (546),
dhcpv6-server (547)
Action: Allow It

Allow Inbound Identification
Protocol: TCP
Direction: Inbound
Local Port(s): AUTH (113)
Action: Allow It

Allow Loopback
Protocol: TCP
Remote Host: localhost
Action: Allow It

Allow GRE Protocol
Protocol: IP and the type is GRE
(IP protocol 47)
Action: Allow It
Allow PPTP control connection
Protocol: TCP
Remote Port(s): PPTP
Local Port(s): 1024-65535
Action: Allow It

Block Remote Procedure Call
Protocol: TCP
Direction: Inbound
Local Port(s): DCOM(135)
Action: Reject It

Block Remote Procedure Call
Protocol: UDP
Direction: Inbound
Local Port(s): 135
Action: Reject It

Block Server Message Block
Protocol (TCP)
Protocol: TCP
Direction: Inbound
Local Port(s): Microsoft DS (445)
Action: Reject It

Block Server Message Block
Protocol (UDP)
Protocol: UDP
Direction: Inbound
Local Port(s): Microsoft DS (445)
Action: Reject It



Allowing DHCP
Protocol: UDP
LocalPort: 68
RemotePort: 67
Direction: Inbound

Allowing DNS
Protocol: UDP
LocalPort: 53

Time Synchronizer
Protocol: UDP
RemotePort: 123

Allowing HTTP
Protocol: TCP
RemotePort: 80

Allowing HTTPS
Protocol: TCP
RemotePort: 443

Blocking "SSDP
Discovery Service"
and "UPnP device
Host" services
Protocol: UDP
RemotePort: 1900
Direction: Inbound
Reject It

Blocking "SSDP
Discovery Service"
and "UPnP device
Host" services
Protocol: TCP
RemotePort: 5000
Direction: Inbound
Reject It

Blocking "SSDP
Discovery Service"
and "UPnP device
Host" services
Protocol: UDP
RemotePort: 5000
Direction: Inbound
Reject It

Blocking "Remote
Procedure Call"
Protocol: TCP
Local port: 135
Reject It

Web browsers:

Protocol: TCP
Direction: Outbound
Remote Port(s): HTTP(80), 81-83
Action: Allow It

Protocol: TCP
Direction: Outbound
Remote Port(s): HTTPS(443)
Action: Allow It

Protocol: TCP
Direction: Outbound
Remote Port(s):SOCKS (1080)
Action: Allow It

Protocol: TCP
Direction: Outbound
Remote Port(s): 3128,8080, 8088
Action: Allow It

Protocol: TCP
Direction: Outbound
Remote Port(s): FTP(21)
Action: Allow It

Protocol: TCP
Direction: Inbound
Remote Port(s): FTP DATA (20)
Action: Allow It

Protocol: TCP
Direction: Inbound
Local Port(s): 1024- 65535
Remote Port(s): 1024- 65535
Action: Allow It

Protocol: TCP
Direction: Inbound
Remote Port(s): 1375
Action: Allow It

Protocol: UDP
Direction: Inbound
Remote Port(s): 1040-1050
Action: Allow It

E-Mail clients:

Protocol: TCP
Direction: Outbound
Remote Port(s): SMTP (25)
Action: Allow It

Protocol: TCP
Direction: Outbound
Remote Port(s): NNTP (119)
Action: Allow It

Protocol: TCP
Direction: Outbound
Remote Port(s): POP3 (110)
Action: Allow It

Protocol: TCP
Direction: Outbound
Remote Port(s): IMAP (143)
Action: Allow It

Protocol: TCP
Direction: Outbound
Remote Port(s): HTTP (80), 81-
83, HTTPS (443), SOCKS (1080),
3128, 8080, 8088, 11523
Action: Allow It

Antivirus updaters:

Protocol: TCP
Direction: Outbound
Remote Port(s): HTTP (80), 81-
83, HTTPS (443), SOCKS (1080),
3128, 8080, 8088, 11523
Action: Allow It
Symantec LiveUpdate HTTP
KAV Updater HTTP connection
McAfee Update
Update NOD32 virus definitions

Protocol: TCP
Direction: Outbound
Remote Port(s): FTP (21)
Action: Allow It
Symantec LiveUpdate FTP
KAV Updater FTP connection

Protocol: TCP
Direction: Inbound
Remote Port(s): FTP DATA (20)
Action: Allow It
Symantec LiveUpdate FTP DATA
KAV Updater FTP DATA connection

Protocol: TCP
Direction: Outbound
Remote Port(s): POP3 (110)
Action: Allow It
Scan incoming mail for viruses


Protocol: TCP
Direction: Outbound
Remote Port(s): 80(HTTP), 81-
443(HTTPS), 1080(SOCKS),
3128, 8080, 8088, 11523
Action: Allow It
FlashGet, GerRight, Go!Zilla, ReGet

Protocol: TCP
Direction: Outbound
Remote Port(s): FTP (21)
Action: Allow It
FlashGet, GerRight, Go!Zilla, ReGet

Protocol: TCP
Direction: Inbound
Remote Port(s): FTP DATA (20)
Action: Allow It
FlashGet, GerRight, Go!Zilla, ReGet

Protocol: TCP
Direction: Outbound
Remote Port(s): 1024-65535
Action: Allow It
ReGet PASV FTP connection

Protocol: TCP
Direction: Inbound
Remote Port(s): 1024-65535
Action: Allow It
ReGet PASV FTP connection

Protocol: TCP
Direction: Outbound
Remote Port(s): 80, 3128, 8080,
1080, 11523
Action: Allow It
ReGet Update


Trillian Pro Login
Where the protocol is: TCP
and Where the direction is: Outbound
and Where the remote host is:
and Where the remote port is: HTTP
Action: Allow It

Trillian Pro AOL/ICQ Connection
Where the protocol is: TCP
and Where the direction is: Outbound
and Where the remote port is: 443, 5190
Action: Allow It

Trillian mIRC AUTH Connection
Where the protocol is: TCP
and Where the direction is: Inbound
and Where the local port is: 113
Action: Allow It

Trillian mIRC Connection
Where the protocol is: TCP
and Where the direction is: Outbound
and Where the remote port is: 6667
Action: Allow It

Trillian MSN Connection
Where the protocol is: TCP
and Where the direction is: Outbound
and Where the remote port is: 1863
Action: Allow It

Trillian Yahoo Connection
Where the protocol is: TCP
and Where the direction is: Outbound
and Where the remote port is: 5050
Action: Allow It

Bit Torrent:

Bit Torrent HTTP Connection Rule
Where the protocol is: TCP
and Where the direction is: Outbound
and Where the remote port is: HTTP
Action: Allow It

Bit Torrent HTTPS Connection Rule
Where the protocol is: TCP
and Where the direction is: Outbound
and Where the remote port is: 443
Action: Allow It

Bit Torrent Network TCP Outbound Connection Rule
Where the protocol is: TCP
and Where the direction is: Outbound
and Where the remote port is: 1024 - 65535
Action: Allow It

Bit Torrent Network TCP Inbound Connection Rule
Where the protocol is: TCP
and Where the direction is: Inbound
and Where the local port is: 6881-6999
Action: Allow It

TCP Inbound Coverage Rule
Where the protocol is: TCP
and Where the direction is: Inbound
Action: Reject It

TCP Outbound Coverage Rule
Where the protocol is: TCP
and Where the direction is: Outbound
Action: Reject It

UDP Coverage Rule
Where the protocol is: UDP
Action: Reject It

* If you do not wish to share your files with others on the network you will need set this to Block It or leave it unchecked.

Official Unattended Xp Cd Guide Xp Sp2 @

Have you ever wanted a Windows XP CD that would install Windows XP by automatically putting in your name, product key, timezone and regional settings? Followed by silently installing all your favourite applications along with DirectX 9, .Net Framework and then all the Pre-SP2 hotfixes, updated drivers, registry tweaks, and a readily patched UXTheme.dll without any user interaction whatsoever? Then this guide will show you how you can do just that!

What's New:

Changes in Windows XP SP2 Unattended

This page details the changes you may want to add to your Unattended XP CD if you have your copy of XPSP2 Final from WindowsBeta. The guide will be updated globally to SP2 status once XP SP2 is officially released to the public on Microsoft's download servers in the next coming days.

View: MSFN's Official Unattended XP CD Guide

Ntfs Cluster Size, better harddrive performance

Cluster is an allocation unit. If you create file lets say 1 byte in size, at least one cluster should be allocated on FAT file system. On NTFS if file is small enough, it can be stored in MFT record itself without using additional clusters. When file grows beyond the cluster boundary, another cluster is allocated. It means that the bigger the cluster size, the more disk space is wasted, however, the performance is better.

So if you have a large hard drive & dont mind wasteing some space, format it with a larger cluster size to gain added performance.

The following table shows the default values that Windows NT/2000/XP uses for NTFS formatting:

Drive size
(logical volume) Cluster size Sectors
512 MB or less 512 bytes 1
513 MB - 1,024 MB (1 GB) 1,024 bytes (1 KB) 2
1,025 MB - 2,048 MB (2 GB) 2,048 bytes (2 KB) 4
2,049 MB and larger 4,096 bytes (4 KB) 8
However, when you format the partition manually, you can specify cluster size 512 bytes, 1 KB, 2 KB, 4 KB, 8 KB, 16 KB, 32 KB, 64 KB in the format dialog box or as a parameter to the command line FORMAT utility.

The performance comes thew the bursts from the hard drive. by having a larger cluster size you affectivly have a larger chunk of data sent to ram rather than having to read multiple smaller chunks of the same data.

Crazy Discount All Item

Blog Archive