Apr-Pc Quest
Apr-Pc Quest
Apr-Pc Quest
CONTENTS A P R I L 2 0 0 5
Cover Story
40
44
Demystifying Win XP Errors
Manage Meetings Online 72: Linux
48 Send SMS from Outlook 2003 72 Turn any PC into a NAS
50 Take your File Server Online 73 Ghost for Linux
64 Recover Lost Mail 76 Implementing Adamantix
66 Increase Life of your CDs/DVDs 77 Virtual Machine for Linux
68 Create your Own DVD Menus 78 Maia Mailguard
70 Internet on SmartPhone 81 Off-The-Record Messaging
6 PCQUEST A P R I L 2 0 0 5 A Publication
content-april 05.qxd 4/2/2005 11:44 AM Page 8
CONTENTS JANUARY
156 Troubleshooting
8 PCQUEST A P R I L 2 0 0 5 A Publication
AC editorial-april05.qxd 4/2/2005 11:45 AM Page 12
R
PRINT & CIRCULATION SERVICES
ecently, I visited the Re- application must be complex.As the
General Manager: NC George gional Cancer Centre at case records are maintained in paper
Reader Service: Ekta Sharma, Pooja Bharadwaj,
Sarita Shridhar
Tiruvananthapuram. This files, there should be an effective fil-
Pre-Press: T Srirengan, Jose PM, Alok Kumar Sharma government hospital, situated al- ing system too, at the back end. But
Press: Rakesh Kumar Upadhayay most at the southern tip of the coun- what the staff sees is a simple GUI
MARKETING try sees patients not only from other front end,where entering the patient
National Sales Manager: Naveen Chand Singh
Product Manager: Ankur Shinghal states but also from Maldives, I am registration number enables them to
Assistant Product Manager: Pramiti Bhargava, told.About a thousand people visit track the current status of any pa-
Sr Product Executive: Ajay Dhoundiyal
Chief Controller of Finance: VC Gupta
the hospital daily, in search of much tient,carry out new patient registra-
Manager Accounts: ML Sharma needed succor.Like the geographical tion, set up appointments, schedule
Commercial Manager: CP Kalra
spread, the patients too come from surgeries or prepare bills and check
● BANGALORE Bureau Head: Satish Gupta. Marketing:
Mahantesh Godi, Ashish Kumar. 205, 2nd Floor, # 73, Shree all walks of life and all ages.Given the patients out after surgery.
Complex, St.Johns Road. Tel: 51238238, Fax: 51238750
● KOLKATA Assistant Bureau Manager: Pranab Das.
nature of illness, most have to come Of course, they still need to use
203, Sarat Bose Road, 4th Floor, Near lake Road Crossing, back again and again,sometimes for the phone, like when a particular
Mob: 9433027970 ● CHENNAI Assistant Bureau Manager:
Vinodh K. 5B, 6th Floor, Gemini Parsn Apartments, 599 years. With this scale of operations, case record is to be traced or has
Mount Road. Tel: 28221712, Fax: 28222092 ● MUMBAI in a government establishment, you gone to the wrong department.
Regional Manager: MA Jaideep. Marketing: Gopa Kumar VR,
Sachin Mhashilkar. 32/33, Mittal Estate No 1, 1st Floor, can expect the staff to be a much- There would be other problems with
Andheri-Kurla Road (Near Marol Naka), Andheri (East).
Tel:28502661, Fax: 28514877 ● NEW DELHI Regional
harried lot and the quality of health the app.But what matters is that just
Manager: Sudhir Argula. D-74 Panchsheel Enclave. Tel: care to be indifferent, if not poor. by typing in a registration number,
26491320, Fax: 26496765 ● PUNE Marketing: Mihir Singh.
Flat No 2, Rajat Apartments, Koregaon Park. Tel: 6113892, My experience, if anything, was the staff is able to direct thousands
Fax: 6119313 ● SECUNDERABAD Assistant Bureau the opposite. in their quest for succor. What mat-
Manager: Amol Bahuguna. Room No 5 & 6, 1st Floor, Srinath
Commercial Complex, SD Road. Tel: 27841970, Fax: Sure, there are infrastructure ters is that they are not inundated
27898134 ● SINGAPORE Regional Manager: Naveen
Barsainya. 32 Maxwell Road, # 03-14 White House. Tel: +65-
limitations, the guards could be with screen after screen of informa-
91070035 ● Printed and published by Pradeep Gupta on more polite! Still, it is a fairly effi- tion, but just what is required then.
behalf of CyberMedia (India) Ltd, printed at Repro India
Ltd, Plot No 50/2, T.T.C. MIDC, Industrial Area, Mahape, Navi ciently run hospital,with the staff of- I have seen many enterprise apps
Mumbai, India, published from D-74, Panchsheel Enclave, ten going that extra step to help the at work,analyzed many and even de-
New Delhi. ● REGISTERED OFFICE D-74, Panchsheel
Enclave, New Delhi. Tel: 26491320, Fax: 26496765 ● COR- patients. What is it that enables the signed few myself. But this is the
PORATE OFFICE Cyber House, B-35, Sector 32-
Institutional, Gurgaon, Haryana. Tel: 0124 (95124 from
staff to pull it off,day in and day out? most beautiful enterprise app I have
Delhi)-2384816, Fax: 2380694 ● OVERSEAS AGENTS Maybe the fact that they are able to seen; it pulls off a thousand miracles
Advertising/Sales in the US: Worldwide Sales Director: Emily
G Ospensen, CMP Worldwide Media Networks, One Park get information about patients really a day,every day,speeding thousands
Plaza # 700, Irvine, CA 92614. Tel: 949-223-3632, Fax: 949- fast.Helping them do that is a hospi- on their way to care and recovery.
223-3690. eospenso@cmp.com, website: http://cmpworld-
wide.com. Distributors in India: Mirchandani & Co, Mumbai. tal information system developed by It does that using a simple inter-
All rights reserved.No part of this publication may be repro-
duced by any means without prior written permission.
CDAC! Given the complexity and face and by being to the point. And
scale of the hospital's operations,the that’s what most apps miss.
12 PCQUEST A P R I L 2 0 0 5 A Publication
AC editorial-april05.qxd 4/2/2005 11:45 AM Page 14
TECH-À-TETE W I R E L E S S
T
here's so much noise connect to the Internet. Another wireless technology, which is inter-
around wireless today, that popular application of Bluetooth is esting, considering that other tech-
it has raised a problem— the headsets for cellphones,which is nologies are moving the other way.
that of choosing the right technol- a better alternative to the 'wired' The reason for this is ZigBee's target
ogy. In the near future, you might hands-free devices.If you look at the market—remote monitoring of
find several wireless technologies official Bluetooth website (blue- lighting, heating, air-conditioning,
contending for the same space. The tooth.com),you'll find a huge listing etc of a home, office building or in-
best example of this was GSM and of products for a variety of applica- dustry.
CDMA. Remember the heated de- tions at home, office, audio/visual, This doesn't require high
bates about which is better? GSM medical, etc. This in effect means throughput as you only have to
was well established when CDMA that Bluetooth is a well-established monitor ZigBee enabled sensors.
came along. Finally, both technolo- technology in the market. Plus, ZigBee consumes less power,
gies ended up coexisting. The same Wireless USB is expected some- making it a perfect fit there. These
is now happening in the short-range time by the end of this year,and also sensors could run on batteries for
wireless technologies. Currently, promises to be ideal for personal years using ZigBee. While ZigBee's
there's only Bluetooth that's avail- area networks. Not only that, but it current target is sensors, it could
able. But two others are likely to promises a whopping throughput of very well enter other markets as
make their way into our lives very 480 Mbps between any two devices. well, such as PDAs, wireless head-
soon.These are ZigBee and Wireless Bluetooth's latest release, v2.0 EDR sets, etc, which are today Blue-
USB. Out of these, Wireless USB is (Enhanced Data Rate) on the other tooth's forte. So in effect, it might
targeting similar applications as hand, only offers up to 3 Mbps, also end up playing in at least some
Bluetooth, while ZigBee has a dif- which is fairly skimpy.Applications of the markets that Bluetooth is al-
ferent market in question, though for Wireless USB overlap those for ready in.
with a bit of overlap.So the question Bluetooth, eg home, office, gamers, In essence, Bluetooth is being
is what's in store for us in the future? and entertainment. In effect, Wire- squeezed by Zigbee from the bot-
Let's look at this in more detail. less USB will target the same devices tom and Wireless USB from the top.
Today, Bluetooth is the technol- that are today using the wired USB Though it's going to be safe in the
ogy of choice for personal area net- standard,which is a lot.Just think of near future, thanks to its huge ex-
works. Most mobile phones, PDAs, its potential if all devices that have a isting market, it could end up in a
and notebooks come with Bluetooth wireless USB connection today were tight spot two years from now. May
built in. So you can connect your to replace it with a wireless USB one. be it should also consider other
notebook to your cellphone or PDA Let's come to ZigBee.This one is markets, which others haven't yet
via Bluetooth, sync them up or even positioning itself as a low data rate considered.
14 PCQUEST A P R I L 2 0 0 5 A Publication
message board april 2005.qxd 4/6/2005 11:01 AM Page 16
MESSAGE BOARD W H A T Y O U H A V E T O S A Y
16 PCQUEST A P R I L 2 0 0 5 A Publication
message board april 2005.qxd 4/6/2005 11:01 AM Page 18
INTERVIEW W H A T Y O U H A V E T O S A Y
18 PCQUEST A P R I L 2 0 0 5 A Publication
technology.qxd 4/2/2005 11:52 AM Page 20
TECHNOLOGY
E M E R G I N G T E C H N O L O G I E S E X P L A I N E D
T
he heat is on again in the crosoft, RedHat and Suse. One good
Direct Hit!
processor war,and this time thing is that it retains backward
Applies to: Desktop users
it’s not clock speed, but compatibility with Socket 775,
many other factors.After AMD went meaning these processors will work
USP: Understand the four key features
out with its ‘64-bit to the desktop’ on the 915 and 925 chipset-based in the latest line of P4s from Intel
campaign,it’s now Intel’s turn—and boards.Moreover,L2 cache has been
Links: www.intel.com/technology/
the answer seems to be the 6xx series given a boost in the new processors 64bitextensions
of P4 processors. The key features to 2 MB,which is supposed to trans-
built in to these processors include a late into much better performance. mon technique used by security
64-bit extension called EM64T (Ex- SpeedStep is not a new technol- threats.XD creates a separate mem-
tended Memory 64 Technology), ogy,as it’s been around in Intel’s mo- ory area in RAM for program execu-
SpeedStep and XD (eXecute Dis- bile processor versions for tion and the data (data storage area)
able) technologies. There are five notebooks. Now, it’s also been intro- related to it. If some malicious pro-
processors in the series (see table) duced in the desktop P4 processors. gram tries to access and modify data
with the highest end one known as Here,the processor will step down to in this storage area, the processor
the Extreme Edition. a lower clock speed when lying idle, prevents it from executing. This
With EM64T, Intel has also en- thereby reducing the power con- technology will prevent malicious
tered the 64-bit race with AMD. Like sumption. The moment the CPU programs from snooping into un-
AMD’s offering,this one can also run utilization increases, the CPU raises used portions of the memory. You,
32-bit applications on a 64-bit OS. the clock speed back to the maxi- however, would still need an anti-
Plus, it can also run in pure 64-bit mum.This also helps in lowering the virus tool or anti spyware to protect
mode where it will run 64-bit appli- heat generated by the procesor. XD from regular malware.AMD also has
cations on a 64-bit OS.So for all prac- is Intel’s initiative towards building a similar technology in its 64-bit
tical purposes, it’s very similar to security in the hardware to combat processors, known as Enhanced
AMD’s offering in the 64-bit space, the growing security threats like Virus Protection.With the new P4
and is therefore expected to work on virus attacks.This feature helps con- series,Intel has also joined the 64-bit
the 64-bit OS versions from Mi- trol buffer overflows, the most com- race to the desktop with AMD.Add to
P4 64-bit processors’ specs
that Microsoft’s Windows XP 64-bit
edition RC2, which is available for
P4 Processor Front Side Bus (MHz) Frequency (GHz)
Extreme Edition 1066 3.73 download (360 days trial version)
660 800 3.6 and you just might see a shift to 64-
650 800 3.4
640 800 3.2 bit to the desktop sooner than you
630 800 3 can imagine.
Note: all processors have L2 cache and are manufactured with the 90 nm process. Sushil Oswal
20 PCQUEST A P R I L 2 0 0 5 A Publication
technology.qxd 4/2/2005 11:54 AM Page 22
TECHNOLOGY E X P L A I N E D
4G Fibre Channel
1G and 2G storage networks will be replaced by 4G in the near future.We present its
roadmap along with the pros and cons
C
urrent technology used in nology maintains backward com- Direct Hit!
Fibre Channel SANs is the patibility with both the older specs
Applies to: Network and storage
2G technology, which al- (1G and 2G). It also supports the administrators
lows the maximum throughputs of loop architecture common to both
USP: 4G will emerge as a new spec
up to 2 Gbps. However, as demand of them. that will double the speed for faster
for bandwidth-intensive applica- Enterprises can incrementally connectivity
tions such as CAD/CAM, real-time upgrade their systems to 4G. The Links: www.fibrechannel.org
computing, data warehousing and technology will reduce the num-
video streaming grows this speed ber of connections between stor- backups and data recovery can be
will be insufficient and would age systems and computers performed. Scientists and engi-
need to be increased. That’s where besides improving the through- neers who need to access large
4G comes into the picture, which put. amounts of data to solve complex
doubles the maximum throughput problems, with 4G, they will now
to 4 Gbps. Products be able to do so in lesser time.High
The new spec for 4G was ap- 4G products will start coming quality graphics such as animated
proved by FCIA (Fibre Channel In- in towards the end of this year. movies can be produced in lesser
dustry Association) in 2003 and is Cisco has plans to launch the MSD time. 4G technology will also offer
widely supported by most connec- 9000 family products, PMC-Sierra reliable transmission of digital au-
tivity vendors today. Originally, is set to launch switches. Emulex dio/video applications.
the spec sought to deal with inter- has its HBAs and embedded stor-
nal connectivity—connecting age switches already in testing. Adoption
disk drives to the server. Later it Broadcom has launched the BCM At the moment, enterprises are
was decided to extend it for inter- 8421 repeater for 4G switches and not taking full advantage of exist-
connecting the switching Fabric in storage arrays. ing 1 Gbps and 2 Gbps Fibre-Chan-
SANs. This basically includes the nel speed. Fibre Channel is
Fibre Channel switches, which in- Applications expensive to set up for small en-
telligently manage the intercon- Enterprise with high perform- terprises and iSCSI is an alterna-
nectivity amongst various devices ance computing needs will find tive solution, but iSCSI is not as
and nodes in a SAN. The 4G tech- the technology useful. Faster fast as Fibre Channel.
It is expected that vendors will
Fibre-channel speed roadmap
offer 4 Gbps-based products at the
Standard Standard approved Market availability Throughput (Mbps) Line rate (Gbaud)
1G FC 1996 1997 200 1.065 same price levels as current for 2
2G FC 2000 2001 400 2.125 Gbps, which will attract imple-
4G FC 2003 2005 800 4.25
8G FC 2003 2005 1,600 8.5
mentations.
16G FC (2006) * (2008) * 3200 17 The 4G networks will gradually
32G FC (2009) * (2011) * 6400 34 replace 2G in the same manner as
64G FC (2012) * Market demand 12800 68
128G FC (2016) * Market demand 25600 136 2G replaced 1G.
* expected time frame Sushil Oswal
22 PCQUEST A P R I L 2 0 0 5 A Publication
technology.qxd 4/2/2005 12:01 PM Page 24
TECHNOLOGY E X P L A I N E D
IT in a Radio Station
Which hardware, software and technologies are used in a modern FM radio station?
And how…?
T
hink of radio, and what sion techniques. However, this is a Direct Hit!
comes to your mind are strict no-no for a media station. Applies to: Everyone
huge transmission towers, They need to have the highest possi-
radio receiver sets and people talk- ble quality,while the size of the file is USP: Runs through the technology
needed to run an FM station
ing or singing into the microphones. immaterial.This means you need to
Well, a modern radio station, espe- have huge storage capacities in the servers and the desktops—Server
cially an FM station, is run almost range of gigabytes or even terabytes. 2003 and XP Professional respec-
completely by computers. In fact, a The radio station we visited had tively.
single person can quite easily run an two dual-processor servers with a The RCS software is rather lar-
entire FM station.PCQuest got an in- shared NAS box.The two servers had gish and runs on atleast two systems
sight into the functioning of one of been arranged as fail-over 'cluster' —one is an administrative console
India's popular FM stations and for each other. Some stations have a and the other is accessible and oper-
here's what we found. different number of these servers able from the RJ booth.The station's
and storage equipment—All India Programs Director generally ad-
The hardware Radio for instance, uses six servers ministers the RCS programming.
There is some hardware that you in a cluster. In the radio station we The RJs then use the features of the
just cannot avoid having around, visited,the NAS box had five 100 GB system from their broadcast center
these include traditional power,am- hard disks in a RAID-5 configura- (the RJ booth) to manage various
plification and transmission equip- tion, giving 400 GB of usable capac- events, such as gather further infor-
ment. In addition, our modern day ity.The external storage box enables mation on what's being played, look
radio station is operationally run out the storage to be completely inde- at and respond to messages from lis-
of a mini data center. For reasons of pendent of the rest of the server sys- teners and callers, and so on. This
quality and sheer speed required, tem.That is,if the server crashes you software is clearly meant for the
these mini data centers are located can always use the NAS box contents non-techies with an intuitive inter-
on the campus, in a room very close from another server. Typically, this face which is easy to learn to operate,
to the RJ-booth (what that is, we'll configuration allows the storage of if you've been around even a graph-
come to know in just a moment).In- around 6,000 hours of high quality ical media player program.
side this data center, we have rack- music.
mounted servers that aren't too The RJ booth
different from the ones running a The software This is a completely sound-proof
corporate network or Web,and other You can choose any OS to run studio, which neither lets sound
servers on the Web. your servers,but just ensure that the from the inside go out nor external
Servers purchased for radio (or OS must be compatible with the sound to seep in. Acoustic padding
even some forms of video) broad- software used in the radio station. and sound-proof glass are used in
casting must have two things in The radio station we visited uses the its construction.Then the booth has
plenty—storage capacity and I/O popular RCS (Radio Computing Ser- the radio mixer controls—a large
speed. When we store music on our vice) software, which is a Windows- electronic pad with sliders, knobs
PCs,we can afford to use VBR or CBR based system. Accordingly, and switches to mix various chan-
encoding, even with lossy compres- Windows is deployed on both the nels,fine-tune the frequencies being
24 PCQUEST A P R I L 2 0 0 5 A Publication
technology.qxd 4/2/2005 12:01 PM Page 25
TECHNOLOGY E X P L A I N E D
broadcast and buttons to turn the than play these emergency pro-
transmission ON or OFF.The RJ has gramming. You will be amazed to
atleast three PCs around him. One know that most private radio sta-
screen gives him access to the RCS tions are actually empty of its em-
interface to see and control what’s ployees by 5 pm and everything you
on air.The second monitor displays hear after that till 9 am the next day,
incoming calls and messages from is handled completely by the com-
listeners. All the SMSs and e-mail puter systems in place—now,that's
we send them as feedback appear what we call IT.
here. The third monitor is provided What they do is create these CDs
for convenience for the RJ to look up with emergency programming —
information on the Web or search song bits, jingles and so on—and
other archived material. For exam- this can be inserted into a special
ple, to check for historical informa- slot if something goes wrong.
tion on a particular music and use
that in his talk. Perks
Live transmission is piped
Other systems through the entire station, enabling
A radio station’s systems are not the employees to both enjoy and
just concerned with transmission of monitor what's going over the air.
music.Since it is also a form of busi- Heads of both the programming
ness, the sales teams must keep and sales are required to keep track
track of what people liked, what the of what's being aired and if it's ac-
advertising was and how much they cording to preset scheduling.For the
earned. For all this, traditional ac- purpose of monitoring, they use
counting and spreadsheet software FM-enabled cellular phones (the
are used, although specialist soft- Nokia 6610 seems to be a preferred
ware can be deployed.The RCS itself choice).
has a module (RCSLinker) to sched-
ule and broadcast advertising and You can run one too
interstitials. It's not that you need to employ
a lot of capital to run an FM station.
Failsafe Interesting projects such as the
In case of a failure the RCS auto- 'community radio' exist where
matically play fillers till regular pro- communities of people can use low
gramming can go back live. Most of power transmitters to reach out
the time even a regular listener and communicate with each other.
wouldn't be able to make out the dif- Also it is very cheap to run an In-
ference.This is all pre-programmed ternet radio, using free software
into the system and sometimes even available (check out GNU Radio
sponsored! from http://www.gnu.org/soft-
Backups can exist for power (in ware/gnuradio/). In fact, you have
the form of a UPS or a generator sys- a plethora of software available
tem), and redundant servers for now—Real Media Server, Shout
server hardware. However, if a file Cast, Windows Media Server to
gets corrupted or something in the name a few—some free and some
network backbone breaks down, or costing money. The only limitation
there is a temporary software error, is bandwidth.
little can be done to offset downtime Sujay V Sarma
25 PCQUEST A P R I L 2 0 0 5 A Publication
enterprise.qxd 4/2/2005 12:06 PM Page 28
ENTERPRISE
I M P L E M E N T A T I O N O F S O L U T I O N S
I
n December 2004 (VPN for work. SUSE Linux uses the open
Direct Hit!
Roaming Clients, page 46), we source FreeS/WAN software for the
looked at configuring a VPN VPN server, which uses the IPSec Applies to: Enterprises
server for roaming clients,using ISA protocol for building secure tunnels USP: Set up a VPN server on Linux
Server 2004. This time we will see through un-trusted networks, such with ease
how to configure a VPN server on as the Internet. However, SUSE pro- Links: http://vpn.ebootis.de,
SUSE Linux Enterprise Server 9. A vides a user-friendly GUI for config- www.freeswan.org
VPN server lets remote users con- uring the VPN server, unlike other On PCQEssential CD: systems\
nect to the company's local network, Linux distributions, which make labs\ipsec
securely, over the insecure Internet. you work with a command line in-
The setup consists of a SUSE Linux terface.So,let's see how to configure tificate, which should be the do-
machine sitting between the Inter- the VPN server. main name of the VPN server, and
net and the company's local net- click on Next. On the next screen
work. The VPN server running on Create a certificate give a password for the certificate
the SUSE machine will accept Open the YaST Control Center, go to and click on Next.And finally click
clients' VPN connection requests Security and Users on the left pane on Create.After the certificate is
and after authentication, will grant and open the CA Management created it will be shown in the Cer-
them secure access to the local net- module. In the CA Management tificates window. Select the certifi-
module, create a cate, click on the Export button and
new CA (Certifica- select Export to File. In the Export
tion Authority) or Format select the last option, give
enter an existing the certificate password, give a file
CA. Now click on name, with a P12 extension, and fi-
the Certificates nally click on OK to create the cer-
button, which will tificate.
take you to the Cer-
tificates window. Import the Server Certifi-
Click on the Add cate to the VPN server
button and select Open the YaST Control Center,go
'Add Server Cer- to Security and Users and open the
tificate'.A new VPN module. Here, enable VPN and
Give the IP address of the interface that will listen window opens; click on Certificates. On the next
for VPN connections and the subnet of the local give a Common window, click on the Import button
network, that will be made available to VPN clients Name for the cer- and select the certificate that you
28 PCQUEST A P R I L 2 0 0 5 A Publication
enterprise.qxd 4/2/2005 12:06 PM Page 30
ENTERPRISE I M P L E M E N T A T I O N
had exported earlier.Give the certifi- Copy this file to your Windows client tificate file and click on Next. Give
cate password and it will be im- machines that have to create the the password for the certificate file,
ported. Click on Next. VPN connection to the server. and click on Next.On the 'Certificate
Store' page,select the Automatic op-
Set up the VPN server con- Create a client certificate tion and click on Next.Then click on
nection for VPN users Finish. This will add the certificate
Click on Connections in the VPN Procedure for this is similar to on the client machine.
module and then on Add. On the that of creating server certificates,as
Connection Type, select 'Server for described above.Copy the client cer- Install IPSec utilities
Road Warriors' and click on Next. tificate file to the Windows client To connect to an IPSec VPN
Then enter the external IP address of machines. server, you need the ipseccmd.exe
the server in the Local IP address and ipsecpol.exe programs on Win
text box. Check the 'Act as Gateway' Import the certificate to XP and 2000, respectively. To install
option, give the network address Windows client machines them,install the support tools,found
which has to be made available to the Open the MMC on the Windows in the support\tools directory of
VPN clients and click on Next. The client machine. Then click on File, your Windows installation CD.Once
network can be specified as, say, Add/Remove Snap-in. A dialog box this is done, the required programs
192.168.3.0/24. On the next screen, opens up, click on Add. On the next will be installed on your system but
accept the default settings and click dialog box select Certificates and these are command line-based tools
on OK. This will set up the VPN click on Add. This will open a con- and not easy to configure. So, you
server to start accepting VPN con- figuration wizard, select 'Computer will need a more program called
nection requests from the clients. Account' and click on Next. Now se- ipsec.exe, (on this month's PC-
lect 'Local Computer' and click on QEssential CD or can be down-
Export the VPN client con- Add.Next click on Close and then on loaded from http://vpn.ebootis.de
figuration file OK. The certificate snap-in will be /package.zip). Uncompress the file
On the VPN Connection window, added to the MMC.Open the Certifi- into a folder and copy the VPN client
select the VPN connection that we cates directory, right click on Per- configuration file to this folder.Make
just created and click on Expert and sonal and select 'All Tasks' and select sure to rename the file to ipsec.conf.
select Export.Select Windows in the Import.The Certificate Import Wiz- If a file with the same name exists in
dialogo box and give the file name ard opens up; click on Next. On the the folder, delete the existing file.
and path for the configuration file. next page, browse to the client cer-
Establishing the connec-
tion and testing it
Now execute the ipsec.exe file. It
will give you some details about the
VPN connection and the connection
will get established. To check the
connection, ping any machine,
which is on the company's local net-
work. The message, ‘Negotiating IP
Security’, appears once or twice af-
ter which the normal ping response
starts coming. Now you can access
the servers, which are residing in
The ipsec.exe program, after execution, gives the details about the VPN your local network.
connection Anoop Mangla
30 PCQUEST A P R I L 2 0 0 5 A Publication
enterprise.qxd 4/2/2005 12:08 PM Page 32
ENTERPRISE I M P L E M E N T A T I O N
Moodle installion happens through a Web browser, and Moodle requires PHP and MySQL to function. In
is wizard driven. Usually the default settings work fine PHP, you have to enable the php_gd2 extension
32 PCQUEST A P R I L 2 0 0 5 A Publication
enterprise.qxd 4/2/2005 12:08 PM Page 33
ENTERPRISE I M P L E M E N T A T I O N
Installing
Moodle
Installing Mo- odle
isn't very difficult. In
fact not only installing,
but making and main-
taining your e-learn-
ing site also becomes
very easy with Moodle.
Its user-friendly inter-
face makes adding a
forum, changing lan-
moodle’s admin interface is quite user friendly guages, adding topics
and makes it very convenient to add news, and writing news very
menus, courses and change languages convenient. Let’s now
set up Moodle.
memory limit and set it to 16 MB. Once you have downloaded and
Save the file and restart EasyPHP extracted the Moodle folder, then
from the system tray. copy the entire folder to your
apache’s ‘www’ folder. Now you just
Creating Moodle database need to open a Web browser and
Once you have saved this then type-in http://127.0.0.1/moodle
you have to create a database in (127.0.0.1 will be replaced by the IP
MySQL so that Moodle can store the address of your machine).
data in it. For this right click on It will open a configuration in-
EasyPHP icon from the system tray terface. Moodle automatically de-
and select configuration>Php- tects the configura tion, which is
MyAdmin. This will open a Web necessary and will lead you through
browser showing the page for some screens to help you create a
MySQL administration. Here, in the new configuration file called con-
‘create database’text box type-in the fig.php. You don’t have to worry
new database name, 'moodle' and much about the configuration as the
click on Create. Once you have cre- defaults generally work fine and as
ated the database then you have to it is you can come back to the con-
create user for the MySQL database, figuration page later. At the end of
so that Moodle can access the data- the process Moodle will write the
base. file into the right location.
For this,select database 'moodle' Once the basic config.php has
from the database list and click on been correctly created and stored,
'SQL' link from this page.You will see Moodle will take you to the admin-
a text box to write SQL statements. istration page where you can take
Here give the SQL statement as given care of the rest of the configuration
below and click on the Go button. and add the links, pictures, news
and other details. We'll talk about
GRANT how to create an e-learning system
SELECT,INSERT,UPDATE,DELETE,CRE- using Moodle in the next part of this
ATE,DROP,INDEX,ALTER ON moodle.* series.
TO moodleuser@localhost IDENTIFIED Ankit Kawatra and Sanjay
BY 'password'; Majumder
33 PCQUEST A P R I L 2 0 0 5 A Publication
enterprise.qxd 4/2/2005 12:42 PM Page 34
ENTERPRISE I M P L E M E N T A T I O N
34 PCQUEST A P R I L 2 0 0 5 A Publication
enterprise.qxd 4/2/2005 12:42 PM Page 39
ENTERPRISE I M P L E M E N T A T I O N
39 PCQUEST A P R I L 2 0 0 5 A Publication
Personal Hands april 04.qxd 4/6/2005 10:58 AM Page 40
PERSONALH A N D S O N P R O D U C T I V I T Y
Y
ou must have come across Corrupted or missing \Win-
many errors/problems 2 dows\System32\config
Direct Hit!
while working in Win XP. Cause: You face this problem Applies to: Windows XP users
While these errors look very critical, when any device driver or a software USP: Troubleshooting common
they are actually not. Let’s see some component gets corrupted. Windows XP problems
of these problems and how you can Solution: Boot the system with Links: http://support.microsoft.com/,
resolve them. the Win XP CD.The XP installer will http://windowsxp.mvps.org/Tips_Page.htm
40 PCQUEST A P R I L 2 0 0 5 A Publication
Personal Hands april 04.qxd 4/6/2005 10:58 AM Page 42
PERSONAL H A N D S O N
Win XP should boot properly with dows\system32\ config click on OK.Reboot the machine and
the default settings. Now open ex- you will never receive RPC error
plorer window and from its file Now, boot your machine from again.
menu, select Tools>Folder. It will the hard drive, you will receive all
open a 'Folder option' window.Here, your existing Windows settings. 'C:\WINDOWS\SYSTEM32\
select the View tab and change a few Then from the 5 AUTOEXEC.NT". The sys-
'Advanced Settings'. Under 'Hidden Start>Programs>Accessories>Sys- tem file is not suitable for running
File and Folder' set 'Show hidden tem Tools click on ‘SystemRestote’. MS-DOS and Microsoft Windows
files and folders', then uncheck the This will open a wizard. Click on applications.Choose‘Close’to ter-
'Hidden protected operating system Next and you will get a Calendar minate the application.'
files (Recommended)' check box showing all the restore point dates. Cause:You may get such an error
and click on the OK button. Select the data before your system message when you run any 16-bit
Then open 'Local Drive C:' and had crashed and click on Next and Windows or MS-DOS program.This
you will find a hidden folder called then on Finish. is due to the corruption of 'AU-
'Systems Volume Information'.Right TOEXEC.NT and CONFIG.NT' file.
click on it and select Properties from 'This system is going to shut These files generally get tampered
the context menu. Here select Secu- 4 down, save all information. by trojan infection.
rity tab and then add the 'adminis- This shutdown was initiated by Solution: Run an anti virus on
trator' user. Now from the Windows NT AUTHORITY\SYSTEM ...must your machine and remove all tro-
explorer, open the path 'C:\Sys- restart because the remote proce- jans. Then issue the following com-
temVolumeInformation\_restore dure call (RPC)service termi- mands.
{55706CDF-B36E-40D0BEEC-BE01 nated unexpectedly.'
ED443C11}\RP1\snapshot'(the '_ Cause: This happens due to a C:\> copy c:\windows\repair\au-
restore…' string within the braces virus attack such as blaster or if the toexec.nt c:\windows\system32
might be slightly different for you). RPC service gets terminated due to C:\> copy c:\windows\repair\config.nt
From here,copy the following files to certain reasons. c:\windows\system32
'C:\windows\ temp'. Solution: Run anti-virus soft-
ware on your machine and check for HAL.DLL missing/corrupt
_REGISTRY_MACHINE_SAM any blaster worm. If found, run a 6 Cause: It occurs due to cor-
_REGISTRY_MACHINE_SE- blaster patch, which basically turns ruption of the BOOT.INI file.
CURITY on the Windows firewall. Still if you Solution: Boot your machine
_REGISTRY_MACHINE_SYS- face the same problem,then it might with the Win XP installer.During the
TEM be due to some other programs that set up you will be asked to repair the
_REGISTRY_USER_.DEFAULT are terminating the RPC service. existing Windows installation.Press
_REGISTRY_MACHINE_ You can solve this by setting a R and you will get a list of the in-
SOFTWARE parameter in the RPC service. Go to stalled versions of Windows. Select
the Control Panel>Administrative one that you want to repair. Then is-
Rename these files to Sam,Secu- Tools and click on Services. Now, sue the following commands.
rity,System,default and software re- from the list of services find RPC
spectively. After this, reboot your (Remote Procedure Call). Double C:\> bootcfg /list
machine from the CD and get in to click on this service and you will get C:\> bootcfg /rebuild
the 'Recovery Console' as before. RPC properties sheet. C:\> exit
Then issue the command that fol- In the RPC properties sheet click
lows. on the Recovery tab and set the first, Now, reboot your machine and
second and subsequent failure pa- find your system up and running.
C:\> copy c:\winows\ temp\* c:\win- rameters to 'restart the Service' and Sanjay Majumder
42 PCQUEST A P R I L 2 0 0 5 A
Publication
Personal Hands april 04.qxd 4/6/2005 10:58 AM Page 44
PERSONAL H A N D S O N
O
rganizing a meeting over Portal Server and SharePoint Ser-
the phone can be quite vices, where latter is a part of Win-
Direct Hit!
cumbersome. Person not dows Server 2003 and can be Applies to: Workgroups and teams
on the seat,not free on the day of the downloaded from Microsoft's web- USP: Send meeting requests via
Outlook 2003 and share meeting agen-
meeting, or not agreeing with the site.It’s also available with some ver- da, objectives, critical decisions and
agenda are just a few problems you sions of MS Office 2003. We've attendees list on a SharePoint server
may face.Here's a quick way of man- covered the installation procedure Links: http://office.microsoft.com/en-
aging your meetings by using a for SharePoint in our December us/FX011204871033.aspx
SharePoint server and Outlook 2003 2003 (Basic Groupware, page 33) is-
e-mail client for users. SharePoint is sue. Alternately, you can check topstories/smes/103120216.asp.
available in two versions,SharePoint http://www.pcquest.com/content/ Here we explain how to use them.
Open Outlook 2003 calendar and go to the On the new meeting window, select people you
1 date on which you plan to fix a meeting. Right 2 want to invite. Give the subject, location and
click and select 'New Meeting Request' time for the meeting and click on 'Meeting Workspace'
A 'Meeting Workspace' side bar opens up. Select 'Other…' and give the server name or IP
3 Click on the Create button here 4 of the SharePoint server and click on OK
44 PCQUEST A P R I L 2 0 0 5 A
Publication
Personal Hands april 04.qxd 4/6/2005 10:58 AM Page 46
PERSONAL H A N D S O N
An authentication dialog box will open up. Give After successful authentication, you will get an
5 your username and password for the Share- 6 option 'Create a New Workspace'. Click on OK
Point server and click on OK to create it. This will take some time
After the creation of workspace the sidebar will The users will get a meeting invitation in their
7 show 'Meeting is linked to workspace' and you’ll 8 inbox, which they can accept, decline, tenta-
get a link to the workspace in the text box. Click on tively agree or propose a new time, using the tool-
the Send button to send meeting invitation to users bar buttons in Outlook 2003
Once you have sent the invitation and the invi- All information regarding the meeting gets au-
9tees have replied back, the invitees' responses 10 tomatically updated on the SharePoint site.
to your meeting invitation come in your inbox as an There you can add more information such as the
e-mail message Objectives, Agenda, and Decisions
Anoop Mangla
46 PCQUEST A P R I L 2 0 0 5 A Publication
Personal Hands april 04.qxd 4/6/2005 10:58 AM Page 48
PERSONAL H A N D S O N
I
t's not only cellphones that reign cellphone to the PC using any of the Direct Hit!
the SMS world. You can now do connectivity options such as in-
Applies to: Outlook 2003 users
so using MS Outlook.You will frared,Bluetooth or a cable.We used
need MS Office 2003 SP1 and MOSA infrared. After the phone has been USP: Use Outlook to send and receive
SMS messages
(MS Outlook SMS Add-in).We have connected,it is required that you in-
given them on this month's CD and stall, on the PC, the modem drivers Links: office.microsoft.com
you can even download them from of your phone. If your phone shows
http://office.microsoft.com. After up under modems, with no yellow drivers are installed properly. Now
that you will need to connect your mark in the device manager,then the install the Office SP1 and MOSA.
Go to MS Outlook SMS Add-in toolbar, click on Open Outlook Contacts and add the mobile
1Options and select your mobile telephone, to be 2 phone numbers of your contacts in their contact
used for sending SMSs information
To send an SMS, click on ‘New SMS Message’ Sent SMSs are saved in a ‘Sent Items>SMS’
3from step 2, and either enter numbers directly or 4 folder. This will help you keep track of all your
from Outlook Contacts and click on OK SMSs
Anoop Mangla
48 PCQUEST A P R I L 2 0 0 5 A Publication
Personal Hands april 04.qxd 4/6/2005 10:58 AM Page 50
PERSONAL H A N D S O N
H
ere is a step-by-step guide client.You can easily install and con-
Direct Hit!
to set up the Beeweeb figure the server component on any
Applies to: System administrators
server on a machine that Window platform (2000/XP). All
you want to share over the Internet. you need is an Internet connection USP: Access your computer over the
An alternative to the traditional (DSL or dial-up). First install Bee- Internet from anywhere
VPN,it consists of two components, Weeb on the file server, and then on Links: http://beeweeb.com
a file server for a workgroup and all clients that will need to access it.
After installing Beeweeb server, start it from Here, tick the two check boxes for enabling change of
1 Start>Program Files >Beeweeb Server>Man-
2 owner and guest passwords.Click OK to save
agement Console. Here click on the Server Proper- the settings and click ‘Configure System Users
ties link and go to the General Tab Options’ on the Management Console
Set 'Existing Local Group' as 'Administrators' Click ‘Add virtual user' from first step to run a
3and 'Existing local users' as any local account 4 wizard, give the username you configured in
on the server. Also set the local user password the previous step and configure shares
50 PCQUEST A P R I L 2 0 0 5 A Publication
Personal Hands april 04.qxd 4/6/2005 10:58 AM Page 63
PERSONAL H A N D S O N
Click 'Configure Virtual Users’ from first screen. Choose ‘Configure Default Logging Option’
5Select Existing Local Group and Existing Local 6 from first step and choose the server events
User in that group you want to give access to you want Beeweeb to log for analyzing later
(1)
Now, its time to Configure client on the remote On the Beeweeb client window you will see
7machine, which will map a drive against the 8 an extender button (1). This basically ex-
shares created on Beeweeb server. Install Beeweeb tends the window and shows the properties of the
mapper on the client's machine and run it connected client
Go to Actions>Settings. In the Settings window, Finally, you are ready to access the Beeweeb
9 select the Drives tab and set 'Beeweeb Drive' to 10 server from your remote machine over the In-
the drive letter you want to assign and click OK. This ternet. Fill the username with the IP Address as
will be used to access the share over Beeweeb shown and click on Go
Sanjay Majumder
63 PCQUEST A P R I L 2 0 0 5 A Publication
Personal Hands april 04.qxd 4/6/2005 10:58 AM Page 64
PERSONAL H A N D S O N
Y
ou might have faced it time. What's important when you Direct Hit!
many times that the mail are stuck in such a situation is to be
Applies to: Outlook Express users
you wanted the most got able to retrieve your messages
USP: Recover deleted or corrupt mail
deleted or you accidentally deleted somehow. in Outlook Express mailboxes
a mail folder. Maybe some virus or Here we explain how to recover Links: www.mailnavigator.com
worm corrupted your mailbox! your Outlook Express mail using a
On PCQEssential CD: system\
This can happen to anyone, any- program called MailNavigator. cdrom\enterprise
Even if you’ve deleted any mail or mailbox in Copy deleted mailbox(s) from the Store Folder
1
OE, you’ll find it in the Store Folder so long as 2 to another place. Install MailNavigator and
you don’t reboot. Access it from Tools>Options load the deleted mailbox(s) from the File Menu
Select the mail you want to recover or do a ‘Se- Save it as a Eudora Mailbox and note its loca-
3 lect All’ to recover everything, followed by'Save 4 tion. Run OE and import this Eudora mailbox
As' from the Message Menu as shown there from File>Import>Messages
Anil Chopra
64 PCQUEST A P R I L 2 0 0 5 A Publication
Personal Hands april 04.qxd 4/6/2005 10:58 AM Page 66
PERSONAL H A N D S O N
F
requent access of data on shareware. Once you have installed Direct Hit!
DVDs/CDs reduces their Softdisk,you will need an ISO image
Applies to: Frequently accessed
life.You can increase their life of your DVD. CDs/DVDs
by using available soft-drives that For this you will need a CD/DVD USP: Using virtual CD/DVD drive in
take an ISO image of a CD/DVD and burning software like Nero to create place of physical CD/DVD drive
emulate it as a virtual drive. Here, ISO images of all CDs/DVDs you ac- Links: http://tucows.alaska.net/files3/
we'll do this by using Softdisk 2.5, a cess frequently. scd2_en.exe
After installation, you'll get soft-disk icon in your From the File menu, select Option>Configura-
1 task panel. On double clicking the icon, you'll get
2 tion.You'll get a Config window. Here, in 'Num-
the interface shown in the screen shot ber of Device' select '1 drive' and click on OK
Once, you've configured the virtual drive, you'll Right click on the virtual device and from the
3 see it with a mapped drive letter in the virtual 4 context menu, select 'Mount image file' add
drive window. Activate this virtual CD/DVD drive by give path to your ISO image files
mounting an ISO image
Sanjay Majumder
66 PCQUEST A P R I L 2 0 0 5 A
Publication
Personal Hands april 04.qxd 4/6/2005 10:58 AM Page 68
PERSONAL H A N D S O N
M
any DVD authoring load. We chose Ulead DVD Work-
Direct Hit!
tools are available in the shop 2.0 for creating DVD menus.
market. For example, This tool can be used to add dy- Applies to: DVD authors, multimedia
developers
Adobe has its Adobe Encore DVD, namic DVD motion menus to still/
Ulead has Ulead DVD Workshop. moving images.It can also be used to USP: Create menus for your favorite
compilations using an easy GUI tool
Good free DVD authoring tools are capture and encode any video to
hard to find. Trial versions of com- MPEG,create playlists and add mul- Links: www.ulead.com/dws/
mercial tools are available for down- tiple subtitle and audio tracks.
In case you are not capturing a video, then go to Choose either a single clip, which can be
1 Edit tab and click on the add clip button at the
2 then divided into multiple chapters or pick
bottom to choose the video clips whose menus you multiple clips, which can be displayed in the DVD
want to create menu
Now divide the clip into multiple chapters (not if Select the clip for which you have to make the
3 you already have multiple clips). Play the clip, 4 menus and then click on the Menus tab on the
pause it where you want next chapter to start from. top of the interface. The chapters will also appear
Now click on the 'Insert current frame as chapter' under the Menu tab
68 PCQUEST A P R I L 2 0 0 5 A Publication
Personal Hands april 04.qxd 4/6/2005 10:58 AM Page 69
PERSONAL H A N D S O N
Ankit Kawatra
69 PCQUEST A P R I L 2 0 0 5 A Publication
Personal Hands april 04.qxd 4/6/2005 10:58 AM Page 70
PERSONAL H A N D S O N
Internet on SmartPhone
O2 XPhone II is a professional business phone that runs Windows.You can even con-
nect to the Internet from your notebook with it
Although there are are all built in.The box comes with a
SERIES tons of phones in hands-free cum headphones set, a
Direct Hit!
Smartphone Applies to: Mobile users
the market—most charging cable, a USB-miniUSB ca-
PART I
are too jazzy for ble and software. Once you install USP: Connect the O2 to your note-
professional use and features are al- Microsoft ActiveSync and connect book through Bluetooth and access the
Internet using GPRS
most randomly chosen. The O2 the phone using the supplied USB
XPhone II device runs WM2003SE cable,it syncs with your Outlook and Links: www.myxda.com
(Windows Mobile 2003 Second Edi- gets the contacts and appointments
tion) and has all the features that one automatically into the phone. The look can check your mail over GPRS
needs in a truly professional phone. cable also performs a 'trickle' charge and supports POP3 and IMAP4.
At Rs 23,000, it's a steal ! The that charges up your phone's battery. Pocket IE and Windows Media
XPhone II comes in a small candy The phone already has Pocket Player work very well and even sites
bar form factor reminiscent of Sony Outlook, Pocket Internet Explorer, not built for mobile are rendered
Erricson T610. The screen size is Photo Contacts,J2ME support,Win- nicely on the browser.The player has
large and gives you 65536 colors at a dows Media Player,MSN Messenger MP3, WAV, WMA, WMV, MPG, AVI
176X220 resolution. The phone is and some games built in to the 64 and the supplied headphones give
very light and weighs only a little MB FlashROM of the phone. In case you a nice stereo sound.You can even
more than a 100 gm. you want more space, you can easily add you own music as ringtones.
The usual connectivity op- install a Mini-SD card that goes all Since the phone runs Windows,
tions—BlueTooth, GPRS, Infrared- the way up to 512 MB. Pocket Out- there are tons of software available
Check mail status, mesages, Web browsing on the O2 Check your e-mail on the
1 appointments at one glance 2 XPhone II 3 move
70 PCQUEST A P R I L 2 0 0 5 A Publication
Personal Hands april 04.qxd 4/6/2005 10:58 AM Page 71
PERSONAL H A N D S O N
for it—from games to office suites, GPRS connection you just created is But before you can start using it,
to professional tools etc.This version selected in the Internet Connection you must first establish a pairing be-
of Windows also contains the .NET option.To test whether your GPRS is tween the two devices.Select the ap-
Compact Framework and you can working, open up Pocket IE and ei- propriate menu item from the list
easily write programs for it too. ther select one of the Favorite links and enter a new passkey that the de-
Let's see how you can quickly or enter a new URL.If the GPRS set- vice should respond to.In a moment,
connect to the Internet from your tings are correct,you will see a small the device will ask you to enter the
notebook using the XPhone II. For [G] sign near the battery bar on the same passkey. Do so to establish a
this, you must first be subscribed to top of the screen and the browsing pairing.Now you can start browsing
the GPRS service from your mobile will begin. from the phone. Open the Dial-up
provider. Once that is done, in the To connect your notebook with Networking icon for the XPhone II
phone, select Start>Settings>Data the Smartphone, turn on BlueTooth on your notebook.This will first con-
Connections> Internet Connection. in the phone by going to Start>Set- nect to the phone over Bluetooth and
Click on the Menu context key and tings>BlueTooth>BlueTooth>Dis- then display the DUN window.Enter
select Edit Connections.Here,select coverable. Turning it to 'ON' will not the username and password if re-
GPRS Connections and Menu>Add. work. It has to be in discoverable quired and the GPRS phone number
Finally select 'The Internet' in the mode. Now in your BlueTooth en- as *99#. Press Dial to connect. We’ll
'Connect to' option and fill in the de- abled notebook,open My BlueTooth look at some essential software for
tails of the GPRS connection as given Place>View Devices in Range. Windows mobile powered smart-
to you by your provider.Press 'Done' Search for a new device from the phone next month.
till you are back to the Data Connec- menu and follow the prompts to in- Vinod Unny
tions Screen. Make sure that the stall the new device. Enterprise InfoTech
71 PCQUEST A P R I L 2 0 0 5 A Publication
Linux.qxd 4/2/2005 12:46 PM Page 72
LINUX A P P L I C A T I O N S
A
re you looking for low cost and lightweight net-
Direct Hit!
work storage for your office? NASLite offers a
Applies to: Small office networks
solution.It lets you create a NAS box out of your
old hardware. You can even use a 486 machine, 16 MB USP: Floppy-based NAS OS, which converts a PC into a dedi-
cated network storage box
RAM,floppy drive,one to four IDE hard drives and a net-
work card for it.A floppy-based Linux OS called NASLite, Links: http://www.serverelements.com/naslite.php
can convert any PC into a dedicated file server. It’s avail- On PCQEssential CD: system\labs
able in various flavors,which let you to create a dedicated
SMB server, NFS server, HTTP server or FTP Server. Insert a floppy disk and issue the following com-
Here, we'll show how you can create a NAS with SMB mands to create the NASLite-SMB floppy.
shares.
We’ve given a zipped floppy image of NASLite v1.x # fdformat /dev/fd0u1722
on this month's PCQEssential CD. Connect all the IDE # dd if=NASLite.img of=/dev/fd0u1722
drives on the machine, which you want to transform in
to NAS box, and then connect it to your hub or switch. If you don't have Linux handy then you can use a
To create the NASLite-SMB floppy use a Linux machine simple shareware utility, WinImage, available at Win-
and open a command terminal. Copy the NASLite Image.com, to copy the image to the floppy disk. To
floppy image on to the hard disk. For this, issue the fol- configure it boot the NAS box with the floppy.At the lo-
lowing commands. gin prompt,give the username as 'admin' and password
as 'nas'. From the Options menu, select the fourth op-
# cd /media/recorder tion to configure the disks for NAS and then select the
# cp /linux/ NASLite-SMB.img.gz /root ‘Primary Master’ drive. Read the warning and press 'Y'
# cd /root to continue. Follow this process for all the connected
# gunzip NASLite-SMB.img.gz drives. Now, select the first option and give the IP ad-
dress (mentioned in the box) to the NAS box. Then se-
------------------------------------- lect the second and third options to change the name
NASLite-SMB Administration Utility
OPTION MENU
and workgroup respectively.Press '9' to save the config-
------------------------------------- uration and reboot the NASLite-SMB box.To access this
1 - Change Network Settings
(192.168.1.1-255.255.255.)
network storage, go to any Windows machine and click
2 - Change Name on Start>Run. Type in the IP address of the NASLite-
3 - Change Workgroup
4 - Configure Storage Disks
SMB file server. Windows Explorer will show you 'Net-
5 - Change Password work Storage' with pre-created network share (Disk1,
6 - Change Date and Time
7 - Reboot
Disk2, Disk3 and Disk4). On the security front—re-
8 - Shutdown member you cannot create any users or assign quotas.
9 - Save Configurations
C - Make NASLite Floppy
Anyone on the network can access this storage. It shows
E - Exit server configuration and disk utilization on a Web
-------------------------------------
SELECT >
browser when you type the IP address of the NASLite
box.So, if you want a data dumpyard on a network then
Use the options on this menu to configure the disks go for NASLite-SMB.
and the software for your NAS Sanjay Majumder
72 PCQUEST A P R I L 2 0 0 5 A Publication
Linux.qxd 4/2/2005 12:50 PM Page 73
LINUX A P P L I C A T I O N S
Y
ou must have heard about Norton Ghost, which
Direct Hit!
makes a snapshot of a hard disk allowing you to
Applies to: Linux system administrators
restore your system in case of a crash. However,
Norton Ghost is a commercial tool that costs a lot of USP: Creating a ghost image of your Linux machine
money. ‘Ghost for Linux’ is a free and open source Links: http://freshmeat.net/projects/g4l/
equivalent of this tool.It allows you to create your disk
On PCQEssential CD: /linux/ghost for linux/boot.iso
image either on a different hard disk or via FTP on an-
other machine.
This is a mini-distro of Linux and its kernel in- tions on the second hard disk.Now to use this tool,just
cludes support for Parallel ATA and Serial ATA IDE boot your PC or server with the CD you created.At the
drives. In our environment, we were not able to use it login prompt, give the username as 'g4l' and execute
with SCSI drives.It comes with support for most com- the following command.
mon network cards.
# ./g4l
Usage
It runs from a bootable CD and gives you a simple This will give you a blue-colored menu system
menu-based interface to navigate. We have given an showing four options—RAW mode, File mode, Utili-
ISO image of this distro on this month's PCQEssential ties and Show Help.
CD.You may use Nero or other CD burning software to In RAW mode you can create or restore ghost im-
transfer this to a CD. ages locally or through FTP server.
Before booting with it, make sure you have a sec- The File mode lets you create or restore ghost im-
ondary hard disk installed on the machine you want ages based on the partition that you want.
to ghost, with either Windows or Linux partitions. Utilities section offers various tools such as Sys-
The tool creates an image of the active Linux parti- tem Info, HD Parm, zero-tool, dd_rescue and parted.
Here System Info gives
you information about
the connected hard disk,
HD Parm lets you set the
hard drives into 32-bit
UDMA/66, zero-tool cre-
ates free space on parti-
tions, dd_rescue makes a
clone of a damaged hard
drive to another drive,
and parted allows you to
play with your partition
table.
Now let's see how we
can create or restore im-
Here select the source hard disk that you want to make a snapshot of ages from your local hard
73 PCQUEST A P R I L 2 0 0 5 A Publication
Linux.qxd 4/2/2005 12:50 PM Page 75
LINUX A P P L I C A T I O N S
75 PCQUEST A P R I L 2 0 0 5 A Publication
Linux.qxd 4/2/2005 12:53 PM Page 76
LINUX A P P L I C A T I O N S
Implementing Adamantix
An extra secure Debian-based Linux distribution for firewalls and IDSs
G
ood things never come easy and that stands
Direct Hit!
absolutely true for Adamantix Linux. A
Applies to: Linux administrators
stripped down version of Debian Woody,
specifically designed as a very secure Linux OS, but at USP: Set up this secure distribution and understand its various
components like PaX, RSBAC, Zorp and Shorewall
the same time very difficult to install. Adamantix is
largely used for firewalls and IDS systems but because Links: www.adamantix.org
of its secure nature you can even make it your file server ON PCQEssential CD: system\cdrom\adamantix
or mail proxy. The problem with this distro is its in-
staller.To install the OS,first of all you should know that For this, specify an Adamantix mirror such as
it is completely text-based and doesn't support multi 'http://www.adamantix.org/mirror' and then issue the
booting. Plus, it completely removes all data from all command like this.
your partitions.So be really cautious while installing it.
To install Adamantix you have to boot the machine #apt-get update.
with the Adamantix CD (Adamantix CD ISO is available
on this month's PCQEssential CD). The CD will boot To complete the installation, you also have to give
into a command line-based live Linux environment. the following command.
Here, type the command as follows to run the installa-
tion process. #apt-get distupgrade
76 PCQUEST A P R I L 2 0 0 5 A Publication
Linux.qxd 4/2/2005 12:53 PM Page 83
LINUX A P P L I C A T I O N S
gadu-gadu, etc messages can be encrypted with just a window. Now scroll to the option, which says 'Off-the-
click. As GAIM for Windows is available, you can use Record Messaging' and select the check box and close
OTR on Windows also. the window. Now whenever you open a chat window,
you will see a new button at the bottom right of the
Installation and usage window that says 'OTR: Not private'. Clicking this will
All you need for using OTR on a Linux Machine is start the OTR protocol and if the other person with
XWindow installed and running a GAIM client.GAIM whom you are chatting also has OTR installed, a new
is available with all standard Linux versions such as private session will start and the button will change to
PCQLinux, Fedora and Debian so you don't have to 'OTR: private'.
hunt for it. Now download libotr-2.0.1-1.rpm and For testing the performance of the software we
gaim-otr-2.0.1-1.i386.rpm from 'http://www.cypher- tested it with a sniffer called ettercap that can capture
punks.ca/ otr/#downloads' and install them by run- IM conversations.We found that the data stream trav-
ning the following commands. eling between both secure clients using yahoo over
GAIM (secured with OTR) was completely scrambled
#rpm -ivh libotr-2.0.1-1.rpm and unreadable by the sniffer. We captured the traffic
#rpm -ivh gaim-otr-2.0.1-1.i386.rpm when both clients were authenticating each other
(when one presses the 'OTR: Not private' button) with
While installing, mind the sequence or you will the hope to capture the key pairs while it transfers
end up with dependency problems. Now that the in- them to the other machine.Fortunately, we found that
stallation is done, your OTR is ready to work. the keys were also encrypted in the process and the
Start your GAIM and go to Tools>Preferences and sniffer was not able to read them!
select the Plug-ins Link at the left-hand side of the Anindya Roy
based on the type of access (request type), the access forwarded TCP connections,or SSL with an embedded
target and on the values of attributes attached to the POP3 protocol). FTP, HTTP, finger, whois and SSL pro-
subject calling and to the target to be accessed. Addi- tocols are fully supported with an application-level
tional independent attributes can be used by individ- gateway. Zorp aims for compliance with the Common
ual modules,eg the Privacy Module (PM).All attributes Criteria/Application-level Firewall Protection Profile
are stored in fully protected directories, one on each for Medium Robustness Enviroment.
mounted device. Thus changes to attributes require The Shoreline Firewall, more commonly known as
special system calls provided. But the feature is not 'Shorewall', is a tool for configuring Netfilter. You de-
there by default.You have to once recompile the kernel scribe your firewall/gateway requirements using en-
to make it working.But be careful when integrating RS- tries in a set of configuration files. Shorewall reads
BAC into Adamantix, because if it clashes with any of those configuration files and with the help of the ipta-
the policies you created on PaX, the system could lock bles utility, Shorewall configures Netfilter to match
out even the root user. your requirements. Shorewall can be used on a dedi-
Other elements of Adamantix, which make it so se- cated firewall system,a multi-function gateway/router/
cure, are the Zorp proxy firewall suite and Shorewall server or on a standalone GNU/Linux system. Shore-
firewall. Zorp is the core framework of Adamantix, wall does not use Netfilter's ipchains compatibility
which allows the administrator to fine tune proxy de- mode and can thus take advantage of Netfilter's con-
cisions (with its built-in script language),and fully an- nection state tracking capabilities.
alyzes complex protocols (including SSH with several Anindya Roy
83 PCQUEST A P R I L 2 0 0 5 A Publication
Linux.qxd 4/2/2005 12:57 PM Page 77
LINUX A P P L I C A T I O N S
V
irtual machines emulate certain environment Direct Hit!
required for applications—so that applications
Applies to: Sysadmins, Developers and Linux enthusiasts
can be run inside them. Some virtual ma-
chines,like those for Java and .NET allow you to run only USP: Run different Linux distros simultaneously
applications whereas some like VMWare,Microsoft Vir- Links: http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
tual PC and Xen let you run entire OSs.We have covered
virtual machines like VMWare and Bochs that run on a should be able to login as root.Note that password,con-
Linux host and run Windows or Linux OSs inside them. figuration and all other settings remain the same as in
This article tells about setting up Xen, which uses the host OS. The only change is that we have booted
Linux as the host and runs various Linux distros inside with a customized Xen kernel. Upon login, create a file
it. Xen package may be a part of Fedora Core 4. We will named guest in /etc/xen directory with:
use PCQLinux 2005 as the host and let you select a Linux
distribution(s) to be the guest OS. kernel = "/boot/vmlinuz-2.6.10-xen0"
memory = 128
Install and configure Xen name = "guestos"
Download the Xen source and binary packages from nics = 1
http://www.cl.cam.ac.uk/Research/SRG/netos/xen/dow ip = "192.168.1.1"
nloads/xen-2.0.5-src.tgz and http://www.cl.cam.ac.uk/ disk = ['file:/dev/hda6,hda6,w']
Research/SRG/netos/xen/downloads/xen-2.0.5-install. root = "/dev/hda6 rw"
tgz. Extract the archives which will produce directories
named xen-2.0 and xen-2.0-install respectively. Change Substitute hda6 with the partition on which you in-
to the directory xen-2.0 and issue: stalled the guest OS.
title Xen 2.0 Then issue the following to launch the guest OS:
kernel /boot/xen.gz dom0_mem=130000
module /boot/vmlinuz-2.6.10-xen0 root=/dev/hdd1 ro xm create -c /etc/xen/guest vm=1
console=tty0
module /boot/initrd-2.6.10-1.741_FC3.img This should start the boot sequence for the guest OS
and let you login to the guest Linux OS. If you issue the
Install another Linux distro (say RHEL, Debian) on ifconfig command on the host OS,you will be able to see
another partition on your machine. a virtual network interface named xen-br0.Through this
To configure Xen,reboot the machine and when the virtual interface the host OS will be able to access the
boot options show up, select ‘Xen 2.0’ and press Enter. guest OS and the services running on it.
This will boot up PCQLinux using the Xen kernel— Shekhar Govindarajan
customized for virtual machine operations. Now you IT4Enterprise
77 PCQUEST A P R I L 2 0 0 5 A Publication
Linux.qxd 4/2/2005 12:59 PM Page 78
LINUX A P P L I C A T I O N S
Maia Mailguard
Maia provides a Web-based front end to configure an anti-spam and anti-virus mail
system
L
ast month, we explained how to set up an anti-
Direct Hit!
spam and anti-virus system using amavisd-
Applies to: Linux system administrators
new (Mail Server, page 50, PCQuest, March
2005). To configure amavisd-new we have to tinker USP: Fine-tune amavisd-new with this easy-to-use GUI tool
with a text file,amavisd.conf found in /etc.Fortunately, Links: www.renaissoft.com/projects/maia
there is a better way to fine tune amavisd-new—
namely Maia Mailguard.Once set up,it offers a plethora new-20030616-p10.tar.gz. Extract the archive, which
of options and flexibility. One of them is that each mail will produce a directory named amavisd-new-
user can fine-tune his anti-spam and anti-virus set- 20030616.Copy the file named amavid found in the di-
tings through a Web-based front end. The front end rectory to /usr/sbin—overwriting the existing one.
shows the mail, which are potential spam or ham (not Subsequently, apply the patch by issuing the following.
spam) and gives the user the options to report false
positives. amavisd-new uses a point system to mark a patch -b /usr/sbin/amavisd /root/maia-1.0.0-rc5-
mail as spam. That is, if the number of entities which 2/amavisd-maia.patch
identify the mail as spam contribute to more than a
specified number of points, the mail gets marked as Also copy the file named amavisd.conf found in the
spam. Maia allows this to be configured on a per user amavisd-new-20030616 to /etc directory, overwriting
basis,quite intuitively.What's more,it displays inform- the existing file. You will again need to make the
ative and comparative statistics about the spam, ham changes to the amavisd.conf file as explained in the
and virus-infected mail. Setting up Maia requires a bit section 'Set up anti-spam and anti-virus' in the Mail
of efforts, which we have explained below. Server article in our March 2005 issue.
To start with, download the latest version of Maia
(maia-1.0.0-rc5-2.tar.gz, as of this writing) from Set up MySQL for Maia
http://www.renaissoft.com/projects/maia. Login as Maia stores its data and configuration in a MySQL
root and extract it in the /root directory. This will pro- database.First,set up MySQL on PCQLinux 2005 as per
duce a directory named maia-1.0.0-rc5-2 under /root. the section 'Connect to MySQL' in our article (JDBC
Before proceeding further we assume that you have set Drivers, page 76, March 2005). Start MySQL as:
up the mail server on Linux (as per our last month's ar-
ticle mentioned above). We also assume that you have /etc/init.d/mysql start
set up PHP and MySQL as explained in the articles Your
own Forum (page 60) and JDBC Drivers (page 76) in our Then create a database for Maia as:
last month's issue.
mysqladmin -u root -p create maia
Set up Maia
A Maia patch needs to be applied to amavisd-new. When prompted, supply the password for the
Unfortunately, the patch does not work with the amav- MySQL's root user.
isd-new bundled with PCQLinux 2005.You will need to Open the file amavisd.conf in a text editor and add
download a specific version of amavisd-new from the the following line at the top, after the first line, which
URL: http://www.ijs.si/software/amavisd/amavisd- says 'use strict;'
78 PCQUEST A P R I L 2 0 0 5 A Publication
Linux.qxd 4/2/2005 12:59 PM Page 79
LINUX A P P L I C A T I O N S
mysql -u root -p maia < /root/maia-1.0.0-rc5-2/maia- We have changed, in the above line, the path to the
mysql.sql database.cfg file—from /var/amavisd/maia/ scripts to
/var/amavis/maia/script.
Some more steps to go Next, open the file named load-sa-rules.pl in a text
Create a directory named maia in /var/amavis.Copy editor and modify the values for the variables $lo-
the directory named scripts, found in /root/maia- cal_cf_dir, $system_rules_dir and my $user_rules_
1.0.0-rc5-2 to this directory. Then issue: dir to, as shown below.
$maia_sql_dsn =
"mysql://root:<password>@tcp(lo-
calhost:3306)/maia";
Start it up
Setting up per user anti spam and anti virus preferences had never been You have to issue the following
so easy commands to start the Apache Web
79 PCQUEST A P R I L 2 0 0 5 A Publication
Linux.qxd 4/2/2005 12:59 PM Page 80
LINUX A P P L I C A T I O N S
server and amavisd-new. co.in, Maia will create a user account with login as
anoop and mail him an auto-generated password to log
service httpd restart in to the Maia system.
service amavisd restart
Reporting false positives
Subsequently, load the URL http://127.0.0.1/maia/ It may happen that some ham mail get marked
configtest.php in a Web browser (Firefox or Konqueror) spam and vice versa. Maia provides an intuitive inter-
on your Linux machine. Follow the instructions given face to report such mail so that false positives get min-
on this page to install any missing but required mod- imized. Click on 'report spam icon' at the top. Click on
ule. Subsequently, key in the URL http://127.0.0.1/ the link 'suspected ham item' or 'suspected spam item'.
maia/internal-init.php.For the template file path fill in This will present a tabular form in which you can select
/var/www/html/maia/templates. For new users to log the radio buttons corresponding to ham or spam.Once
in, type in http://<ip-address-of-linux-machine> done, clicking on the ‘Confirm Status’ button will make
/maia/internal-init.php.For the e-mail addresses,type the system learn about the false positives.Maia also al-
in root@cybermedia.co.in (in the Mail Server article we lows you to totally blacklist or whitelist an e-mail ad-
used cybermedia.co.in as the domain. Feel free to sub- dress. In the former case, even if a non-spam mail
stitute it with your e-mail domain). Click on the 'Ini- arrives from the blackisted e-mail address, it will be
tialize' button, which will mail a password to the root treated as a ham. In the latter case, even if a spam ar-
account. Retrieve the mail (say, using the mail com- rives from the whitelisted address it will be treated as
mand) and note down the password. ham. You can feed in the whitelist and blacklist ad-
Next key in the URL http://127.0.0.1/maia/ lo- dresses by clicking on the 'W/B List' icon at the top.
gin.php?super=register. Log in as root@cybermedia.
co.in and the password you got through the mail. The quarantined mail
Mail that contain viruses will be quarantined,as we
Configure anti spam and anti virus had set up above. With Maia, you can see all the quar-
Click on the settings button at the top. Click on the antined messages on a simple click.This is useful if the
link 'root@cybermedia.co.in'. Click on 'Enabled' for message in the e-mail is useful but some trojan-at-
virus scanning and spam filtering. Select Yes for 'Add a tached malicious contents to the mail. Click on the
prefix'. For 'Add X-Spam' type in 3 and 'For consider Quarantine icon at the top. Subsequently click on the
mail spam' type in 5. Select Enabled for 'Attachment 'Virus/Malware item' link.This will show you the quar-
Type Filtering' and 'Bad Header Filtering'. Select Quar- antined mail.You can click on them to see the mail con-
antined for Mail with dangerous attachments. Click on tent, as Maia will not execute any attachments. What's
the button 'Update this Addresses' Settings'. Similarly, more, it even blocks images and hyperlinks in the mail
other e-mail users can configure their spam settings for safety.
once their account has been created (refer to the next Maia mailguard is a boon for system administrators
section). dealing with users in a large network where each wants
to treat his e-mail in a different way.For example,some
Add Maia users may subscribe to a newsletter, which will be often
Click on the key icon at the top, and then click on treated as a spam by the anti-spam software.So system
System Configuration. Select Yes for 'Enable auto-cre- wide anti spam rules may not work.With Maia,the user
ation of user accounts'. Click on 'Update Settings' but- who has subscribed to the newsletter, can login to the
ton at the bottom. This will automatically open user Web-based interface and whitelist the newsletter do-
accounts corresponding to your e-mail users as and main. This setting will be effective only for him, while
when mail for them get downloaded. For example, the for others, newsletters will still be treated as spam.
moment Fetchmail (as configured in last month's arti- Shekhar Govindarajan
cle) downloads mails for, say, anoop@cybermedia. IT4Enterprise
80 PCQUEST A P R I L 2 0 0 5 A Publication
Linux.qxd 4/2/2005 1:00 PM Page 81
LINUX A P P L I C A T I O N S
Off-The-Record Messaging
Use OTR to have an encrypted chat with others, which is safer than regular encryption
techniques
A
ny secret conversation involves two main
Direct Hit!
components—one, a two-way authenticity
Applies to: IM users
and the other, right of denial. Before dis-
cussing further let's try to understand what the above- USP: Configure OTR software to have an encrypted chat over
Yahoo, MSN or several other IM clients.
mentioned statement actually means.
Consider a scenario when a murderer confesses Links: www.cypherpunks.ca/otr/#downloads
his crime in front of a priest. In normal conditions,
only the priest is supposed to know about the confes- Benefits of OTR
sion and if any one else, say, the cops want to know In general, when we do some kind of encryption,
about the same, then the only option is to take the we use a standard private and public key concept and
words of the priest.But of course in that case,the mur- digital signature. But in this case if someone gets hold
derer has the right to deny that he never said anything of your machine or your private keys then he can de-
to the priest (right of denial) about the crime. While crypt all your old messages and if you don't change the
at the same time, the priest knows very well that the key pairs then the future messages can also be de-
murderer had confessed to him (a simple, two way crypted.And because of digital signatures these mes-
volatile authenticity). sages can be proven as yours, and you won't even be
This scenario points towards the fact that the main able to deny.
property of a secret casual conversation should be a But in case of IMs, which are supposed to be a ca-
volatile authentication that doesn't leave any trace or sual chatting media, the right of denial is also impor-
record behind. So, to provide this kind of an environ- tant alongwith confidentiality. And that's what OTR
ment to the IMs, OTR (Off-The-Record) protocol has does. It generates some short living key pairs, en-
been developed. crypts them with some comparatively longer living
keys and piggybacks them on the
message itself. At the same time it re-
moves the older keys completely from
the memory.It follows this process for
nearly each and every message. This
makes the message truly volatile and
secure at the same time.So if someone
gets hold of your key pairs, he can't do
anything because the key pairs are
changed with each and every mes-
sage.
The other benefit of OTR is that it
is free and works with any IM, which
you can run on GAIM.So from now on
you don't need to install a Jabber
After installing OTR, click on the 'OTR-Not Private' button to start an server on your network for encrypted
encrypted session with the other party chatting. All your Yahoo, MSN, ICQ,
81 PCQUEST A P R I L 2 0 0 5 A Publication
Linux.qxd 4/2/2005 1:00 PM Page 83
LINUX A P P L I C A T I O N S
gadu-gadu, etc messages can be encrypted with just a window. Now scroll to the option, which says 'Off-the-
click. As GAIM for Windows is available, you can use Record Messaging' and select the check box and close
OTR on Windows also. the window. Now whenever you open a chat window,
you will see a new button at the bottom right of the
Installation and usage window that says 'OTR: Not private'. Clicking this will
All you need for using OTR on a Linux Machine is start the OTR protocol and if the other person with
XWindow installed and running a GAIM client.GAIM whom you are chatting also has OTR installed, a new
is available with all standard Linux versions such as private session will start and the button will change to
PCQLinux, Fedora and Debian so you don't have to 'OTR: private'.
hunt for it. Now download libotr-2.0.1-1.rpm and For testing the performance of the software we
gaim-otr-2.0.1-1.i386.rpm from 'http://www.cypher- tested it with a sniffer called ettercap that can capture
punks.ca/ otr/#downloads' and install them by run- IM conversations.We found that the data stream trav-
ning the following commands. eling between both secure clients using yahoo over
GAIM (secured with OTR) was completely scrambled
#rpm -ivh libotr-2.0.1-1.rpm and unreadable by the sniffer. We captured the traffic
#rpm -ivh gaim-otr-2.0.1-1.i386.rpm when both clients were authenticating each other
(when one presses the 'OTR: Not private' button) with
While installing, mind the sequence or you will the hope to capture the key pairs while it transfers
end up with dependency problems. Now that the in- them to the other machine.Fortunately, we found that
stallation is done, your OTR is ready to work. the keys were also encrypted in the process and the
Start your GAIM and go to Tools>Preferences and sniffer was not able to read them!
select the Plug-ins Link at the left-hand side of the Anindya Roy
based on the type of access (request type), the access forwarded TCP connections,or SSL with an embedded
target and on the values of attributes attached to the POP3 protocol). FTP, HTTP, finger, whois and SSL pro-
subject calling and to the target to be accessed. Addi- tocols are fully supported with an application-level
tional independent attributes can be used by individ- gateway. Zorp aims for compliance with the Common
ual modules,eg the Privacy Module (PM).All attributes Criteria/Application-level Firewall Protection Profile
are stored in fully protected directories, one on each for Medium Robustness Enviroment.
mounted device. Thus changes to attributes require The Shoreline Firewall, more commonly known as
special system calls provided. But the feature is not 'Shorewall', is a tool for configuring Netfilter. You de-
there by default.You have to once recompile the kernel scribe your firewall/gateway requirements using en-
to make it working.But be careful when integrating RS- tries in a set of configuration files. Shorewall reads
BAC into Adamantix, because if it clashes with any of those configuration files and with the help of the ipta-
the policies you created on PaX, the system could lock bles utility, Shorewall configures Netfilter to match
out even the root user. your requirements. Shorewall can be used on a dedi-
Other elements of Adamantix, which make it so se- cated firewall system,a multi-function gateway/router/
cure, are the Zorp proxy firewall suite and Shorewall server or on a standalone GNU/Linux system. Shore-
firewall. Zorp is the core framework of Adamantix, wall does not use Netfilter's ipchains compatibility
which allows the administrator to fine tune proxy de- mode and can thus take advantage of Netfilter's con-
cisions (with its built-in script language),and fully an- nection state tracking capabilities.
alyzes complex protocols (including SSH with several Anindya Roy
83 PCQUEST A P R I L 2 0 0 5 A Publication
cover story-2 april 2005.qxd 4/2/2005 1:04 PM Page 84
COVER STORY E N T E R P R I S E S E C U R I T Y
PREVENTION IS
BETTER THAN
CURE
Securing your infrastructure is not exactly a black art, and if implemented properly,
can let you avoid costly recovery processes and save crores of rupees
ANINDYA ROY, BINESH KUTTY, SUJAY V SARMA
F
rom the earliest of days, simply will not. tems? Let us explore this in our first
Man has learnt well to Taking a lesson from history's article in this story.
defend his assets.Moats pages though, it seems wiser and
used to be built around more efficient to prevent a loss than Why prevention is better
castles and castles had to attempt to recover from an attack. than detection?
high walls with heavily armed sol- Prevention is better than cure. En- Enterprises are rapidly turning
diers standing guard atop them. terprises are realizing quickly that into mobile and metamorphic work-
Sites chosen for such castles were not its better to deploy something that places, with a rapidly increasing
very easy to get to either - if they can detect as well as prevent intru- number of employees acquiring lap-
weren't at the top of a rocky cliff,they sions rather than simply detect one tops to work from. As these execu-
would be on a coast where no ship in progress and try to alert the re- tives travel between departments,
would berth. And if any enemy sponsible personnel. offices and campuses, suitable con-
should be brave enough to attempt Perhaps the avenues of attack to- nectivity must be provided for them
to climb the walls, they would pour day are much wider and numerous to simply do their job. Plugging into
boiling hot coal tar and rain arrows compared to those available even the nearest Ethernet port and Wi-Fi
and rocks on them. two years ago.This has in turn led to are the most often used options.
Okay, how is this history lesson an explosion in the different types of However, these are also the most
going to help you secure your servers vectors that deepen the intrusion. dangerous,since without proper and
and ultimately protect your valuable But what are they and why should strict policies in place, undefended
data? Well, we are going to make they exist at all? What are the ques- or unclean systems could easily plug
them as impregnable as the castles tions we need to ask ourselves before in and infect the entire infrastruc-
of old.Of course,history's castles of- we go ahead and purchase and de- ture in no time. How exactly do you
ten fell to determined enemies,ours ploy one on our networks and sys- force a visiting consultant to install
84 PCQUEST A P R I L 2 0 0 5 A Publication
C O V E R S T O RY E N T E R P R I S E S E C U R I T Y
Avenues of intrusion
Video
Cause: Video-page
Network (memory) bug
Cause: No firewalls. Exploit: Gold-bug virus
Exploit: Worms, Spam, that lifts sensitive infor-
DoS attacks mation
Protect: Use a good fire- Protect: Win XP SP2, XD
wall or IPS capable 64-bit CPU
USB
Cause: Wide availabil-
ity and absence of pro-
WiFi & tection mechanisms
Exploit: Unrestricted
Bluetooth data transfer, includ-
Cause: Public avail- ing malware
ability and visibility. Protect: Policies to
Exploit: Everyone can govern what can be
access the system and connected.
upload malware.
Protect: Encrypted
connection, non-
promiscious mode
operations.
Optical Media
Cause: Wide adoption,
Input Devices automatically trusted
Cause: No protection Exploit:‘Autorun’ makes
at all it easy to upload mal-
Exploit: Key loggers ware
and mouse-event Protect:Scan with an-
readers tivirus before running
Protect: Antivirus,
anti-spyware
cover story-2 april 2005.qxd 4/2/2005 1:04 PM Page 86
C O V E R S T O RY E N T E R P R I S E S E C U R I T Y
69
Encrypted Files
58
64
IPS has policies and rules that it
62 compares network traffic to. If any
61
traffic violates the policies and
11
10 rules, the IPS can be configured to
Biometrics 9 respond by fighting that threat
8
9 rather than simply alerting you to
92 its existence.
82 Typical responses might be to
Access Control 90
92 block all traffic from that IP ad-
93
dress or to block incoming traffic
from that port to proactively pro-
tect just the computer or entire
or use your particular favorite an- bian cellphone to those of the skull network. How effective the IPS is
tivirus? Rather than grapple with and cross-bones. It uses the noto- depends on which of the two meth-
such issues, it is usual practice to rious Cabir worm to spread itself ods it will employ and in what
leave systems open.And that action through Bluetooth. Increasingly combination.
alone endangers more than one sys- laptops, smart devices, printers IPS systems respond to either
tem. and even some brands of PCs are changes in traffic flow and pat-
Consider for example, the rather equipped with Bluetooth.Consider terns or to certain predefined sig-
innocuous cellphone Trojan called this nightmarish scenario, where natures and the responses to those
"Skulls". This vector simply turns someone rewrites a portion of the signatures. Let us see what each of
the application icons on your Sym- Skulls code to let the worm repli- these are.
86 PCQUEST A P R I L 2 0 0 5 A Publication
cover story-2 april 2005.qxd 4/2/2005 1:04 PM Page 88
C O V E R S T O RY E N T E R P R I S E S E C U R I T Y
88 PCQUEST A P R I L 2 0 0 5 A Publication
cover story-2 april 2005.qxd 4/2/2005 1:04 PM Page 89
C O V E R S T O RY E N T E R P R I S E S E C U R I T Y
89 PCQUEST A P R I L 2 0 0 5 A Publication
cover story-2 april 2005.qxd 4/2/2005 1:04 PM Page 90
C O V E R S T O RY E N T E R P R I S E S E C U R I T Y
90 PCQUEST A P R I L 2 0 0 5 A Publication
cover story-2 april 2005.qxd 4/2/2005 1:04 PM Page 91
C O V E R S T O RY E N T E R P R I S E S E C U R I T Y
91 PCQUEST A P R I L 2 0 0 5 A Publication
cover story-2 april 2005.qxd 4/2/2005 1:04 PM Page 94
C O V E R S T O RY E N T E R P R I S E S E C U R I T Y
94 PCQUEST A P R I L 2 0 0 5 A Publication
cover story-2 april 2005.qxd 4/2/2005 1:04 PM Page 96
C O V E R S T O RY E N T E R P R I S E S E C U R I T Y
on this and only the necessary accounts, but from a security specifically right-click on them and
users have "full" or "write" access. standpoint, these accounts are in- enable it for sharing.
If you have "Microsoft Services secure from the word go. Reason? Win XP has the ability to en-
for Network File System" installed Their passwords are blank and all crypt your files and folders using
(provided on this month's CD, see of them are 'administrators' by its EFS (Encrypting File System).
box for deployment instructions), class.This is the last thing you want Once your files are encrypted, it is
the task of managing your net- to have in your enterprise. So the useless to attempt to use it some-
worked file system becomes even first thing to do would be assigning where else, since the decryption
easier. Using this kit, you can en- passwords to all the users espe- process is dependant on digital cer-
able or disable TCP and NFS trans- cially all users assigned adminis- tificates maintained by the OS.Also
ports for file-serving, map trative privileges.More the number encrypt the 'temp' folders to fur-
Windows user names and groups of administrator-class users on a ther secure data left around by your
to UNIX groups and setup locking system, the greater information a applications.
preferences. Once this is installed, hacker can dig up. Consider mov- Either disable the 'Offline Files'
you will see an additional tab ing desktop users into the local feature or encrypt its database. To
called 'NFS Sharing' on the proper- 'Power Users' group rather than as- encrypt it, open the 'Offline Files'
ties box for drives and folders.You signing them Administrator. An- tab for the folder's properties and
can now share these resources with other trick that you might want to check on the 'Encrypt files to se-
a different character-encoding use to complicate hacking into your cure data' option.
(currently only ANSI for English system is to create a local account Disabling the Auto Run feature
and different Japanese systems are with absolutely no privileges and for the CDROM should be a good
supported).You can also setup the renaming it to Administrator with move, considering the fact that one
UID and GID (similar to UNIX sys- a strong password. Also, eliminate could easily install some malicious
tems) for anonymous users and unnecessary and redundant user code using this feature. Do this by
setup the type of access for each accounts like test accounts, shared going to ((Run > GPEDIT.MSC >
folder (read-only, read-write or no accounts, accounts of ex-employ- Computer Configuration > Win-
access). One of the first things you ees. dows Settings > Security Settings
would notice here, is that by de- It is unlikely that a hacker would > Local Policy > Security Options).
fault,all folders will be shared with walk up, put a gun to your head and You can prevent users from con-
'Root access' disabled. This means take control of your system. Unau- necting devices to the USB indis-
that the 'root' or 'administrator' thorized use of systems happens criminately by disabling (as the
user cannot sign on to this folder only when the user is away. For this Administrator) the USB adaptors
and this is a good security feature. reason, never leave your system un- from Device Manager – if you have
Permissions here are set per ma- locked. Always setup a screensaver, already removed the user from the
chine. and protect it with a password to Administrators group, then they
prevent such usage. cannot re-enable it.
Securing Win XP Win XP uses 'Simple File Shar- You may also protect the Blue-
Most of the elements of secur- ing' to share your files. While this tooth and Wireless interfaces.
ing your Win XP can be done using maybe sufficient for a home net- Wireless connections should use
Group policies. In an enterprise, work, it is a poor choice for an en- encrypted communications (WEP
these would be done at the domain terprise and should be disabled. or WPA). Bluetooth devices will be
level and hence we are not sepa- This ensures that your files are not setup to use non-promiscious
rately covering them here - see the available to everyone - you will now mode for operations.
above Server 2003 discussion for need to specifically grant access to
insight on how to do this. your shares. Now if you need to Securing PCQLinux 2005
Win XP lets you create multiple share your files, you will need to Natively Linux is a secure OS.
96 PCQUEST A P R I L 2 0 0 5 A Publication
cover story-2 april 2005.qxd 4/2/2005 1:04 PM Page 97
C O V E R S T O RY E N T E R P R I S E S E C U R I T Y
97 PCQUEST A P R I L 2 0 0 5 A Publication
cover story-2 april 2005.qxd 4/2/2005 1:04 PM Page 98
C O V E R S T O RY E N T E R P R I S E S E C U R I T Y
there. Do install an anti-virus on password becomes known, then 2004, page: TODO). All these hon-
the Linux system. the complete security for your ma- eypots also silently create logs of
5. Enable the firewall (ipta- chine is gone. what the hacker is trying to and
bles) at the time of installation. In And that's where SELinux this can then be used to not only
a simple test of vulnerability as- comes into existence.With the help trace him out, but also further en-
sessment we found that the num- of SELinux you can create a layer of hance your server security.
ber of threats reduced to 99% by user level access control list with
just enabling the inbuilt firewall in which you can define some rules. 64-bit protection
a full installation of PCQLinux Using these rules even the root Our visual on the first page of
2005. And the 1% which was left user can be restricted for doing this article shows one form of at-
was just because of the reason that some tasks.For example,you could tack being your video memory.
the ICMP time stamping was en- create a rule to set the default level Well,what is this about? What hap-
abled in the machine. You can dis- of authority to that of a normal pens is this – when something is
able it by just denying the ping user if someone tries to login as ‘displayed’ by your computer, the
requests in your firewall. To do so, root from Telnet.But if he logs in to information about it is compiled
run firestarter in PCQLinux and the machine locally, then he will by the graphics engine and then
follow the wizard and when get the usual full rights. sent to the graphics hardware.This
prompted for 'Network Services Installing SELinux is not at all is organised into ‘pages’ and only
Setup' select the first option which difficult. In PCQLinux 2005 one such page is displayed at a
says 'Disable Public access to all SELinux is enabled by default. For time. The CPU then picks up what
network services' and the flaw will a detailed article on configuring should currently be displayed and
be patched. and using SELinux,read our article marks it. This is then automati-
Enhancing Security in Linux (Au- cally sent to the video device. The
The Linux Server gust 2004, page 102). set that was previously used goes
Naturally securing a server is back into the buffer. To protect
much more difficult and important HoneyPots what’s on screen from getting gar-
than securing a normal worksta- Honeypots are another very in- ble, the currently active page is
tion. But to begin with, keep in teresting concept by which you can protected by the CPU.
mind that the security measures protect your servers from hackers Apparently, the pages that are
discussed earlier for the worksta- and worms. For example you can not active are considered not wor-
tion are inherited here as well.And use a honey pot called LaBrea, thy of any protection and viruses
in this article we will go further which creates hundreds of fake IPs (like the Gold Bug) exist that waits
and see what is available to make in your network and diverts all the for such pages to arrive and then
your server as secure as possible. DoS attacks among those fake IPs sift through it for potentially use-
saving your main server (Prevent ful information. There is no form
SELinux DoS attacks, April 2004, page: of antivirus or other protection
One of the biggest security TODO). There are others like Hon- against this.
threats for a Linux server is the eyd as well which can create a de- The new 64-bit CPU from Intel
'root' user. Yes, we are not joking. coy chamber in your server so that (the Intel 6xx family to be precise)
Root is a standard and default user when any hacker tries to hack the takes care of this, by including
in any version/distro of Linux, just server, he gets diverted into that something called the ‘Execute Dis-
as 'Administrator' exists on Win- decoy and feels that he has suc- able’ (XD) bit. OSes now have the
dows.And because of this, the first cessfully hacked into the system option to set this bit in the video
attempt any hacker or a Trojan will and spends his time figuring out memory to indicate it should be
be to try to guess the password for and hunting for important data protected as well. Note however,
this user. And if in any case this (Fool hackers with Honeyd, May that this option can be turned off
98 PCQUEST A P R I L 2 0 0 5 A Publication
cover story-2 april 2005.qxd 4/2/2005 1:04 PM Page 99
C O V E R S T O RY E N T E R P R I S E S E C U R I T Y
99 PCQUEST A P R I L 2 0 0 5 A Publication
Developer.qxd 4/2/2005 1:07 PM Page 100
DEVELOPER W R I T I N G C O D E
I
n our article Call it PHP.NET (December 2004, page
Direct Hit!
98), we talked about a project named Prado which
brings ASP.NET functionality-server-side compo- Applies to: ASP.NET and PHP developers
nents, events, validators-to PHP. Prado was the award- USP: With a few lines of code, display and sort database’s
winning project in a coding contest held by Zend, the data, update it and select rows from the tabular display
company behind the PHP engine. Henceforth, Prado is Links: www.php.net, http://www.xisc.com
under constant development and the package is now
hosted at SourceForge—the most popular portal for DirectoryIndex index.php
open-source projects. With Prado, now PHP program-
mers can incorporate a fully functional DataGrid in their Save the file as php.conf in /etc/httpd/conf.d.In case
pages. A DataGrid is a tabular view of data, retrieved you have installed PHP that comes with PCQLinux 2005,
usually from a database.What makes it exciting is, with you will already have a file named php.conf in this di-
a few lines of code, you can display and sort the data- rectory. In this case, open the file and comment the fol-
base's data,update it,set up paging and select rows from lowing line by prefixing a #.
the tabular display. DataGrid became popular with ASP
and ASP.NET technologies from Microsoft. Let’s see a LoadModule php4_module modules/libphp4.so
glimpse of Prado's DataGrid.We assume that you know
the basics of PHP and have worked with ASP.NET. Restart Apache Web server.
DEVELOPER C O D E
inition as: {
function onLoad($param)
class datagrid extends TPage {
if(!$this->IsPostBack)
The actual content (HTML,datagrid component) for {
the page will be in a file, datagrid.tpl. This class must be $adodb = new TAdodb;
specified in an application.spec file, which can be $adodb->DataSourceName
thought of as similar to a web.config file for ASP.NET.Fol- ="mysql://<user>:<password>@localhost/<database>";
lowing is the application.spec file that we will use. $adodb->SetFetchMode(TAdodb::FETCH_ASSOCIATIVE);
$rs = $adodb->Execute('select * from <table>');
<?xml version="1.0" encoding="UTF-8"?> $this->grid->setDataSource($rs);
<application ID="datagriddemo"> $this->grid->dataBind();
<request default="datagrid" /> }
<alias name="Pages" path="." /> }
<using namespace="System.Web.UI.WebControls" /> }
<using namespace="System.Data" /> ?>
<using namespace="Pages" />
</application> Substitute <user>, <password>, <database> and
<table> with MySQL's user (say root, user's password,
Save the above content in a file named MySQL database and its table that you want to query,re-
application.spec in the datagriddemo directory. spectively).Save the above file as datagrid.php in the di-
rectory datagriddemo.
The DataGrid page
We start with a page containing a minimalistic Data- See it working
Grid as shown below. Now write an index.php file with the following code.
<html> <?php
<body> require_once(dirname(__FILE__).'/framework/prado.php';
<com:TForm> pradoGetApplication('application.spec')->run();
<com:TDataGrid ID="grid" /> ?>
</com:TForm>
</body> Save this file in datagriddemo. Load the following
</html> URL http:// 127.0.0.1/datagriddemo/index. php.
You should see an HTML table with columns corre-
Note that the ID of the DataGrid is grid. We will use sponding to the columns in the database table.You can
this ID subsequently to populate the DataGrid. make the columns sortable by adding the attribute Al-
lowSorting to the Datagrid tag in datagrid.tpl as:
Bind data to the grid
We will retrieve data from a MySQL database and <com:TDataGrid ID="grid" AllowSorting="true" />
bind the data to the datagrid. To set up MySQL on PC-
Qlinux 2005,refer to the our article JDBC Drivers,(March You can also do paging, row selection, data upda-
2005, page 76). The code to bind data with the DataGrid tion and beautifying the rows.Refer to the DataGrid ex-
will go into the datagrid.php file. ample in the prado/examples/datagrid and /prado/
docs for the API documentation.
<?php Shekhar Govindarajan
class datagrid extends TPage IT4Enterprise
DEVELOPER C O D E
A
Java programmer often misses the ease with Direct Hit!
which a VB or Visual C++ application can in-
Applies to: Java programmers
tegrate with the Windows desktop. This is be-
cause Java, at its core, being platform independent tries USP: Create a demo app that installs itself in the system tray
to provide the most common UI components that are ex- Links: http://java.net, www.java.sun.com
pected to be available across various OSs. Take for in-
stance, a system tray—the bottom right corner of the ● Get a reference (a SystemTray object) to the Windows
Windows taskbar. Such a system tray is also available in System Tray (JDIC specific)
rich desktop environments—GNOME and KDE—on ● Add the TrayIcon to the SystemTray (JDIC specific)
Linux but is missing in FVWM, yet another graphical The code for the process is as follows.
desktop for Linux.
All this is fine, if you deploy a cross platform graph- // step 1
ical application in Java. But what if you need to develop JPopupMenu menu = new JPopupMenu("Menu");
for a specific platform,say,for Windows? Windows users
expect quite an intuitive behavior from the applications. // step 2
Does that mean you can't leverage your expertise in Java JMenuItem menuItem1 = new JMenuItem("Menu
and have to hop to Visual Basic or C++? The answer is 1");
No, for JDIC is here. JDIC is a Java desktop project at menu.add(menuItem1);
www.java.net that focuses on using native and platform-
specific applications and facilities.According to the site, // repeat step 2 to add more menu items to the JPopup-
“JDIC provides Java applications with access to facilities Menu
provided by the native desktop such as the mailer, the
browser and registered document viewing applications. //step 3
Additionally it provides the mechanisms by which Java ImageIcon icon = new ImageIcon("icon.jpg");
applications can integrate into the native desktop such
as registering Java applications as document viewers on // step 4
the desktop and creating installer packages.” Here we TrayIcon trayIcon = new TrayIcon(icon, "Hello
look at how to install a Java application on the Windows System Tray", menu);
system tray.
// step 5
Steps to system tray integration SystemTray tray = SystemTray.getDefaultSystem-
We assume that you are well versed with developing Tray( );
GUI applications with Java Swing.To install a Java appli-
cation on the system tray, all you need to do is: // step 6
● Construct a JPopupMenu (Java Swing) tray.addTrayIcon(trayIcon);
● Construct one or more JMenuItems and add them to
the JPopupMenu (Java Swing) Note that the parameters to the TrayIcon( ) con-
● Create an ImageIcon (Java Swing) structor are the ImageIcon object, tooltip (that will
● Construct a TrayIcon with the JPopupMenu as a pa show when you move the mouse over the tray icon)
rameter (JDIC specific) and the JPopupMenu respectively.
DEVELOPER C O D E
Following is the code for a ready to compile and run public static void main(String[] args){
Java program, which will install on the system tray. try {
DEVELOPER C O D E
DEVELOPER C O D E
105 PCQUEST APRIL 2005 A Publication
Developer.qxd 4/2/2005 1:11 PM Page 106
DEVELOPER C O D E
User:weblogic mand prompt, compile the JAVA files and create the de-
Password:weblogic ployment JAR file using
Select the 'Open specified database option' and click C:\> javac -d . *.java
on OK.On the left hand side select Schemas>WebLogic. C:\> jar -cvf bank.jar com
Right click on Tables>Create Table. Then click on Next
and give 'bank' as the table name. Again click on Next. ● Now you need to create deployment descriptor files
Now three columns: id,name and departmeant are to be using the WebLogic Builder.WebLogic Builder automat-
created. So click on Add. Under Column name enter 'id', ically creates three deployment descriptor files, namely
SQL Type 'VARCHAR', length '20' and check off the 'Al- weblogic-ejb-jar.xml, ejb.jar.xml and weblogic-cmp-
low nulls' option. Click on Add and enter Column name rdbms-jar.xml. These files contain information about
'id', SQL Type 'VARCHAR' and length '20'. Click on Add the application and WebLogic specific environment
and enter Column name 'depart', SQL Type 'VARCHAR' properties. Discussing in detail about the file is beyond
and length '20'.Click on Next three times on the consec- the scope of this article.
utive screens and then on Finish to create the table ● Now open the WebLogic Builder and open this
'bank'. This step involves creation of the database con- bank.jar (bank.jar is created in bank folder) file by click-
nection pool. Start the WebLogic server as discussed in ing on File>Open. When prompted, select Yes to create
the previous part and login in to the console. Click on new descriptors. From the left-side pane, select
Services>Connection Pools on the left-hand side of con- BankBean.Select the General tab on the right-hand side
sole and select 'Configure a new JDBC connection pool'. and give JNDI name as bank_april. Click on the Classes
Select database type 'PointBase',database driver 'Point- tab, select primary key class 'java.lang.String', as the
Base's Driver(Type4) Versions:4.X'. Click on 'Continue home interface has primary key as a String. Select pri-
and note the JDBC connection pool name'. Enter Data- mary key field 'id'. Under Container Managed Persis-
base Name 'server', Host Name 'local host', port '9093', tence,enter Datasource name as 'bankDS' (name of JNDI
username 'weblogic' and password 'weblogic'. Click on data source given above) and Table name as 'bank'.
Continue and then on the 'Test Driver Configuration' Now, from the menu, go to Tools>Validate Descrip-
button. A 'Connection successful' message will be dis- tors.It's fine if you get an 'EJBC Successful' message,oth-
played if everything is ok. Next click on the 'create and erwise you need to rectify the error in JAVA files.Click on
deploy' button to create the connection pool. The next File>Save and close the Weblogic Builder.
step is to create data source for the connection pool.Click ● Now the bank.jar is to be deployed in the WebLogic
on Services>Data sources on the left-hand side of the server. Select Deployments>EJB Modules on left-hand
console and select 'Configure a new JDBC Data source'. side of console.Select 'Deploy a new EJB module',browse
Call data source 'ds' and JNDI as 'bankDS'.Click on Con- to C:\bank and then open the bank.jar file. Select the
tinue. Select the connection pool name as given above 'Target Module' button and then Deploy.
and click on Continue.Now click on Create.A data source
with JNDI name 'bankDS' will be created. Running the client
Copy the Client.java file to the 'bank' folder and run
Compiling and deploying the application
● You need to set the class path as: C:\> javac - d . Client.java
C:\> java com.bank.Client
set classpath =
c:\bea\weblogic81\server\lib\weblogic.jar;c:\bank;%class- You can create similar applications with a number of
path% database fields and insert records. In the next issue we
will delve deeper into entity bean and do database
● Create a folder called 'bank' in C:\ and put our Bank, queries.
BankHome and BankBean JAVA files in it.From the com- Sushil Oswal
DEVELOPER C O D E
107 PCQUEST APRIL 2005 A Publication
Developer.qxd 4/2/2005 2:05 PM Page 108
DEVELOPER C O D E
DEVELOPER C O D E
Y
ahoo has given in to the long-standing de-
Direct Hit!
mand of many developers and finally
Applies to: Developers
launched its Web services. The Yahoo Search
Web Services allows developers to query Yahoo's USP: Understand how to write code in ASP.NET to query vari-
ous channels in Yahoo's search engine
search engine from different programming lan-
guages. Google has been providing this facility for Links: www.developer.yahoo.net
quite some time now with the Google Web API.The Ya-
hoo Search Web Services, however, differs signifi- low (at the time of writing this article).
cantly from Google's. In addition to the query, you need to specify your
For starters, Google's API is SOAP-based while Ya- application ID (visit http://developer.yahoo.net to get
hoo chose to go with REST.The Google API can be used one free). Then there are certain other parameters that
only for Web search meaning that services such as depend on the service you're using.A list of various pa-
Google News, Google Image Search etc. cannot be ac- rameters that Web search supports/requires is given in
cessed via the API. Yahoo, however, allows developers Table 2.
to search five 'channels' of content—the regular Web One thing to note here with the query parameter is
search, Image search, Local search, News search and that it can include the full search language like 'site:',
Video search.While Google restricts developers to 1000 which makes it quite powerful.Let's take an example to
queries a day,Yahoo offers a generous 5000 queries per make things a bit clearer.
day in each of the channels. Both, however, require you Let's say you want to search for the word ‘technol-
to register for access to the APIs and are free of cost. ogy’ on the site pcquest.com and you want to fetch re-
Let's see how it works. sults number 8 and 9. This is how your request URL
You can access these services at their respective may look like:
URLs and obtain results by specifying your query as a http://api.search.yahoo.com/WebSearchService/V
parameter. The URLs of the various services are as be- 1/webSearch?appid=YahooDemo&query=technol-
ogy+site:pcquest.com&results=2&start=8
Table 1: URLs of various services
Let's see what response do we get to the above re-
Service Request URL
Web http://api.search.yahoo.com/WebSearchService/V1/webSearch quest.
Image http://api.search.yahoo.com/ImageSearchService/V1/imageSearch
Local http://api.local.yahoo.com/LocalSearchService/V1/localSearch
News http://api.search.yahoo.com/NewsSearchService/V1/newsSearch <?xml version="1.0" encoding="UTF-8"?>
Video http://api.search.yahoo.com/VideoSearchService/V1/videoSearch <ResultSet
109 PCQUEST APRIL 2005 A Publication
Developer.qxd 4/2/2005 2:06 PM Page 110
DEVELOPER C O D E
xmlns:xsi="http://www.w3.org/2001/XMLSchema-in- ogy/103020705.asp</Url>
stance" xmlns="urn:yahoo:srch" <ClickUrl> ... </ClickUrl>
xsi:schemaLocation="urn:yahoo:srch http://api.search.ya- <ModificationDate>1106294400</ModificationDate>
hoo.com/WebSearchService/V1/WebSearchResponse.xsd" <MimeType>text/html</MimeType>
totalResultsAvailable="778" totalResultsReturned="2" <Cache>
firstResultPosition="8"> <Url> ... </Url>
<Result> <Size>32446</Size>
<Title>Technology in 2001</Title> </Cache>
<Summary> ... </Summary> </Result>
<Url>http://www.pcquest.com/content/topsto- </ResultSet>
ries/100120301.asp</Url>
<ClickUrl> ... </ClickUrl> <!-- ws01.search.scd.yahoo.com uncompressed/chunked
<ModificationDate>1106294400</ModificationDate> Sun Mar 13 13:30:35 PST 2005 -->
<MimeType>text/html</MimeType>
<Cache> (Note: In the above results the actual values of Sum-
<Url> ... </Url> mary, ClickUrl and Url have been replaced by ellipsis
<Size>33788</Size> (… ) due to space constraints.)
</Cache> Let's process these results to come out with a neat
</Result> list of results for use on our website.We'll use ASP.NET
<Result> for this example, but you can do the same just as easily
<Title>PCQuest : Technology : Communicate Better with in any other programming language,especially if it has
ADSL2</Title> libraries/functions that allow for easy processing of
<Summary> ... </Summary> XML.
<Url>http://www.pcquest.com/content/technol-
<%@ Page Language="C#" %>
<%@ import Namespace="System.Xml"
%>
<script runat="server">
case XmlNodeType.Text:
switch(objNode.Name) {
case 'Title':
output.Text += "<li>" +
objNode.Value.Trim() + " - ";
break;
case 'Url':
output.Text += "<a
Yahoo has a separate site for developers’ , where it provides sample href=\"" + objNode.Value.Trim()
code for accessing its web services +"\"</a></li>";
DEVELOPER C O D E
IN DEPTH
W I R E L E S S T E C H N O L O G I E S
Wild Wild
Wireless
Wireless technologies are being developed to keep you connected wherever you are
ANIL CHOPRA, ANKIT KAWATRA, ANOOP MANGLA, NEHA SHAMSHERY, RINKU TYAGI,SANJAY MAJUMDER, SUSHIL OSWAL
US Navy allows
1942 1958 fourth
A frequency- First computer band to use
hopping radio chip for radio the spread-
encryption tech- communication spectrum
nique (later based on spread- technology
called Spread- spectrum tech-
spectrum tech- nology develo-
nology) ped by US Navy.
patented; do- Technology still
nated to US Navy classified
Source: PC Magazine
R
ousseau said, "Man is born free, but
everywhere he is in chains." Probably
he was clueless of the power of chain-
free wireless when he coined this
phrase. Indeed, so much has happened
in the wireless world till date,and so much more is go-
ing to happen that very soon you might be living in a
world that's completely free of wires—no strings at-
tached (literally!).
Probably the two biggest successes of modern day
wireless technologies are WiFi or wireless LANs and
mobile phones. These have brought wireless tech-
nologies from their niches to the
masses. But thankfully, their
success has led to the development
of many other new technologies, in
just about every facet of life. So whether
you're at home, in office, on the road, in a
restaurant, or in an airplane, rest ensured that
some wireless technology will be there to keep you
connected.
For instance, when a company goes for leased-
line connectivity, one of the biggest hassles is lay-
ing the last mile, because roads have to be dug up
to lay the wires.What if it were to go wireless? The
WiMax technology promises to make this possi-
ble.Not only that,but the technology is also be-
1999
liance) launches
WiFi certifica-
and 802.11g de-
vice develop-
rolls out to re-
place WEP. First
2003 based devices to
be sold in this
Intel introduces
tion programme ment begins 802.11a/b prod- year itself
802.11a and b Centrino mobile
for 802.11b- ucts shipped
ratified. 802.11b technology.
compliant prod-
products begin 802.11g products
ucts. MIcrosoft
shipping begin
releases Win-
shipping.
dows 2000 with
First WiFi
WLAN sniffer
zone launched
ability
IN DEPTH W I R E L E S S
IN DEPTH W I R E L E S S
WiMAX IEEE
Benefits
A wireless connection has several advantages over
802.16
a wired connection. It gives you ease of set up and re-
Point-to-point quires lesser maintenance, especially when you are in
backhaul an area where laying down wires is not an easy job.
This could be a place like a congested area in a city or
a remote location in a village.Along with that, a wire-
less connection takes lesser time to set up than a
Telco Core or wired connection. So, for areas that do not have ade-
Private(fibre) quate wired network in place, wireless last-mile is a
Point-to- Network good option.
multipoint
Technology
The WiMax standard (IEEE 802.16a) is an exten-
sion of Wireless MAN (Metropolitan Area Network)
Air Interface standard for MAN (802.16). It was de-
veloped to operate in the high frequency band range
of 10 to 66 GHz, while 802.16a will operate in lower
WiMAX Base frequency band range of 2 to 11 GHz band. The no-
Stations ticeable change in 802.16a is the absence of line-of-
sight requirement. WiMax directional antenna can
transmit signal to cellphone tower even if there is no
Wireless Broadband— direct line-of-sight. The signals can propagate
through obstacles such as high-rise buildings, trees.
Last Mile 802.16a will be able to transmit signal up to 50 Km
One of the biggest challenges most ISPs face when distance and offer maximum 70 Mbps data transfer to
providing connectivity to end- users, be they at home hundreds of users. Reliable transmission is achieved
or the enterprise, is the Last Mile. This is the distance through forward error correction technique, and
between the service providers' point-of-presence and Triple-DES encryption is used for secure transmis-
the customers' premises. The challenge comes in the sion.
form of forming the link between the customer's net-
work and the ISP's, which may require digging up of Products
roads for laying down the cables, and the hassles of Many broadband wireless vendors are actively de-
getting permissions from various govt bodies,such as veloping 802.16a compliant based products. Few of
the local municipal corporation and the DoT. Addi- them are Alvarion,Aperto Networks,SR Telecom,Red-
tionally, maintaining these cables after a period of line communications and Intel Huawai. Redline com-
time becomes an issue. So, wires, which are otherwise munications has launched AN-100U, an 802.16a
IN DEPTH W I R E L E S S
IN DEPTH W I R E L E S S
IN DEPTH W I R E L E S S
Wireless Gaming
W hen everything else is being touched by wire-
less, how can games stay behind? Wireless
gaming is another area that's picking up.You could-
essentially there are two ways to provide a multi-
player game. One is quasi peer-to-peer, where
you're playing games over Bluetooth, while the
n't have missed the Nokia N-Gage TV ad, where other is via a remote server, which is over your
two boys challenge each other for a game over their service provider's network.For instance Airtel Live
cellphones. Basically most handheld devices, be is a service from Airtel, which lets you to download
they a cellphone or a PDA, are coming with built-in single player games of your choice by just sending
wireless technology. If it's Bluetooth, then two or an SMS. These games are downloaded just like you
more wireless devices can play games against each download ring tones.
other if they're in the vicinity, such as a room or a Other gaming devices are also going wireless.
train.Alternately, multi-player games are also pos- For instance, you can now also play games over a
sible over the wireless service provider's network, wireless LAN. There are enough wireless gaming
wherein the distance between the players is only adapters available that can hook up your
restricted by the coverage of the Playstation or Xbox together over
mobile service provider. WiFi so that you don't end up
Imagine three friends sit- getting tied down by cables.All
ting in three different met- this is possible today, but may
ros and challenging each be in near feature with
other to a death match! So WiMAX, game lovers could even
play games across their apart-
Connect the XBox to a ments or cities. Since the band-
wireless gaming adaptor width will be higher, they
and play games wire- could play much better quality
lessly games.
always feel the need for the ability to access the Inter- from your mobile service provider. But, can I have a
net, wherever they are, be it in a car, a restaurant, or an GSM connection and not a CDMA connection, or vice
office. While a mobile phone can let them be versa? Does my mobile phone support data? What
connected by voice, irrespective of their lo- throughput will I receive? What service do I need to get
cation, a similar solution for data trans- activated from the service provider? All these ques-
fer is also required in today's fast tions are definitely going to crop in everybody's mind.
moving information age. Neverthe- So, let's get to the answers to all these questions.
less,the same mobile phone can now
also be used for fast Internet ac- Present data transfer technologies
cess. All you need is a mobile Users of CDMA (Code Division Multiple Access)
phone capable of transferring services from Reliance and Tata Indicom can enjoy
data, a connection between the high speed (144 kbps) Internet access on their note-
mobile phone and your note- books by connecting their mobile phones to it.Almost
book, and data service enabled all mobile-phone models, even the low-end sub 4k
models, supplied by these providers support Internet
Your phone will one day provide connectivity. Cables to connect the phone to the note-
you very high-speed Internet book are also readily available.Tariffs are based on the
IN DEPTH W I R E L E S S
WiFi Cellphones
Y ou are calling somebody in your office using your
mobile phone; the call goes to the nearest cell
phone tower, from there to the call switching center
is available within your wireless network,the call will
be made through the local wireless network. If the
called party is outside the WiFi network,then the call
and then to the called person's cell phone. All this gets routed through the cellular service provider's
happens just to complete a call made to a person sit- network.All this will happen in a manner that's com-
ting,maybe,next to you.Ever wondered if there could pletely transparent to the users.Isn't this an amazing
be a shorter way of completing this call,by using your application of WiFi? Indeed, it is, but the success of
local WiFi access point instead of the cellular service this kind of an application depends upon a number
provider's network? Even if you haven't, somebody of things. For one, a company must have a VoIP de-
out there has, and the answer is a device that can be ployment. This would mean at least a VoIP gateway,
called a WiFi cellphone.It would have WiFi as well as which would be able to store the VoIP numbers of all
cellphone circuitry built in. Plus, it would also have the WiFi cellphones and be able to route calls between
VoIP embedded.This way,it would act as an IP phone them. Secondly, it would require the organization to
on a WiFi network, and a cellphone when used out- have WiFi on the network.Third and most important
side. is that this sort of a solution would be viable mostly
Coming to the benefits,Voice over IP (VoIP) is al- for organizations with offices in multiple locations,
ready proven to be a cost efficient technology and is which are also interconnected through some
an effective way of making voice calls over an IP net- form of leased circuits. Since the number of
work. The same technology when used over a WiFi VoIP deployments themselves are fairly lim-
network, can provide for local wireless phone calls, ited in India, this sort of a solution still has
the same way a cell phone network enables mobile a long way to go before it becomes popular.
phone calls.This would provide greater flexibility and Products supporting this dual functional-
cost saving,as the calls will be routed through the lo- ity are already available from Motorola,
cal WiFi network and not through the cell phone net- HP and NEC.
work.
Users of such a hybrid device would now have two This looks like a normal cord-
numbers associated with them; a cell number and a less phone, but is actually a
VoIP number.While making a call,if the called party WiFi VoIP phone
number of minutes you are connected to the Internet. between the phone and
For GSM users, Internet access is provided notebook can be done using
through a technology called GPRS (General Packet cable, Infrared or Blue-
Radio Service). All major GSM operators, such as tooth, depending on the model.
Hutch, Airtel, Idea, BSNL, Maximum attainable speed for GPRS is
MTNL, support GPRS and 57.6 kbps. For faster access, Hutch and Airtel are pro-
have varying tariff plans viding EDGE (Enhanced Data Rates for Global Evolu-
ranging from fixed plans to tion) services, which can take the speed up to 230
volume based plans. To use kbps. But, EDGE enabled phones will be more expen-
GPRS, you need a GPRS ca- sive than the GPRS ones.
The EV-DO PC card gives pable mobile phone, which
Internet@2.4 Mbps on your may not fit in the lowest of Future
notebook price bands. Connectivity While the data speeds mentioned above for both
IN DEPTH W I R E L E S S
IN DEPTH W I R E L E S S
Wireless Electricity
T he first bulb was lit using thermal power, then
came hydropower succeeded by solar power
and nuclear power.While technology was evolving,so
mission of electrical power, one could light a bulb
planted in dirt anywhere on the Earth, fathered this
technology. He intended doing this by altering the
was the length and complexity of wired networks and electrical equilibrium of earth and using it in some
cables transmitting power. equipment.He is also told to have had some early suc-
cess in transmitting power wirelessly way back in the
The next big thing 1907. His experiments and the results show convic-
The next innovation to be watched out for could be tion and with further advances the transmission of
Wireless Electricity or Wireless Power, as it is popu- industrial amounts of electrical energy with minimal
larly known. As of today, the applications are far losses was also feasible.
fetched and only a few pioneer OEMs are continuing
their research in making it happen and realizing its Working principle
applications. Splashpower, a UK based organization Different possible techniques are being studied
has already made it public that they will be commer- to reach an optimal solution to generate wireless
cially releasing wireless charging pads for cellphones power. One is to make use of a broad-spectrum ra-
and other gadgets by the end of this year. dio receiver that can absorb energy from all the mi-
Tesla, who once claimed that with wireless trans- crowave and radio transmissions. Another uses a
set of devices placed near each other that suck am-
bient energy to contribute it to a local wireless en-
ergy grid, thus, enabling transmission of energy
using laser beams or local induction. But the
chances are that ZPE (Zero Point Energy) or mag-
netically generated energy are more viable options
that will deliver performance at par with or better
than solar cells. The principle of electromagnetic
induction and inductive coupling is currently being
used to transfer power from one device to another.
Just place the As a result, the charging pads that have been pro-
devices on the pad posed need no cords, connectors or sockets be-
to charge tween them and the device/s.
ices at speeds that are near to those available on UMTS course the phone should be video capable). This serv-
networks. ice is available all across Europe and is nothing but a 24-
hour live video stream of CNBC Europe's weekday
UMTS broadcast.
UMTS is the short for Universal Mobile Tele-com- As mentioned earlier, there are no such examples
munications System.It is a 3G mobile technology that is available in India as the 3G network is yet to be setup
capable of delivering data transfer speeds of up to 1920 here.
kbits/sec. But this speed is under ideal conditions. Some mobile phones that support video streaming
An example of video streaming practically being include the Nokia's 9500, 6220, 6230, 6330 and 3220. It
used in today's scenario: CNBC Europe's weekday also works on Sony Ericsson's P800 and P900 models.
broadcast is available directly on your mobile phone (of
IN DEPTH W I R E L E S S
REVIEWS
P R O D U C T S P U T T O T E S T
I
f you have multiple Windows 2000 or 2003 Servers Price: Enterprise edition: Rs. 290,000 (10 OMLs); Workgroup edi-
running on your network, then this product could tion: Rs. 23,000 (no OMLs)
be worth considering for managing them. Mi- Meant For: Windows Servers’ Administrators
crosoft Operations Manager, as the name suggests lets
Key Specs: Monitors and manages Windows 2K/2K3, Exchange,
you monitor all your Windows servers, provide their SQL Server, ADS, IIS, and many other servers from a single loca-
uptime status and health information,all from a single tion.
location. It can, among other things detect and report Pros: Gives complete details of errors and even offers possible
server failures,server capacity problems and perform- solutions from an extensive knowledge base.
ance related problems. It's available for both large and Cons: None
medium networks.
Contact: Microsoft India, Gurgaon.
Installing the software, however, requires some Tel: 5158000. E-mail: pankaju@microsoft.com
careful planning, and the prerequisites are also pretty RQS# E50 or SMS 130450 to 9811800601
extensive. This is because it has a number of compo-
nents that need to be installed.For instance,to do a full Plus,you'll also have to enable IIS.Thankfully,the MOM
install of MOM, you'll need Microsoft SQL Server 2000 setup screen has a button that checks whether you have
(SP3 or above), ASP.NET and the .NET framework. the pre-requisites for installing the components you've
selected.
There are a number of functions that MOM is ca-
pable of performing. One of them is a feature that lets
you collect and filter event data from managed servers.
It filters the logs to the filter set by administrator,so that
it shows only the relevant information. MOM also sup-
ports processor health rules that can be set to give you
alerts when specific events or performance conditions
occur. The interesting thing is that MOM has a knowl-
edge base that explains the impact of certain events on
performance conditions and offers advice on different
ways to fix them.
Another powerful feature of MOM is scripting.
When a critical error occurs that might damage the
MOM supports scripting, which means in case of a crit- network,then MOM will not only alert you but also take
ical error not only it will inform you, but will also take automatic corrective action through scripts. This cor-
automatic corrective action. These scripts and rules rective action could be restarting the server or a par-
are available in the form of management packs ticular service.
REVIEWS P R O D U C T S
Setting all those rules and reports on your own is comprehensive knowledge base, which even tries to
quite a time consuming and tedious task. MOM has a provide you multiple solutions to the error. MOM has
solution for this as well called management packs, agents that need to be installed on all the machines you
which have predefined rules and scripts. Thus, there is want to manage. These give you just about every detail
no need to define the rules and scripts manually.These you need for the server.The good thing is that MOM can
management packs are available for most Microsoft automatically detect all your servers and even let's you
business products like MS Exchange, SQL Server, DNS, remotely deploy the agents to them. Plus, it even gives
IIS, clustering services, etc. Some management packs you the option to login through remote desktop to any
come bundled with MOM, while many others come Windows server.
with the server applications you want to manage. Yet THE BOTTOM LINE: Overall,it's a great product if you
more are still under development, including manage- have multiple Windows servers on your network that
ment packs for third party software. you want to manage. It's not the right choice, of course,
MOM can also generate a diagram of your network if you want to manage other servers or hardware such
automatically by detecting all connected machines to as switches and routers.The product is available in two
the MOM server. You can even choose the shape in editions, one is the Enterprise edition, which comes
which you want to view the diagram (such as circular, with 10 OMLs (Operations Management Licenses);
with the server at the center and clients around it) by while the other is Workgroup edition, which doesn't
changing diagram properties. have any OMLs.
Besides showing error messages, MOM also has a Ankit Kawatra and Sanjay Majumder
REVIEWS P R O D U C T S
T
his RDBMS from Gupta Technologies is meant
Price: Rs 50,500 for 5 clients (1 yr warranty for software mainte-
for small to mid-sized businesses. The version nance and support)
9.0 is Linux (SUSE and RedHat) compatible and
Meant For: Small businesses
you can move the database between Windows and Linux
by adding the name of databases in sql.ini configuration Key Specs: Fast installation, Linux support, single interface for
database creation, administration and monitoring. Moving the data-
file under Linux installation folder. Linux compatibility base between Windows and Linux is easy.
is the major addition in 9.0.There was one CD for the in-
Pros: Supports variety of database drivers, user-friendly GUI and
stallation for Windows (server and client) that took less easy to use.
than 100 MB of space. Complete installation took less
Cons: The relational database doesn't support E-R and importing
than three minutes. other database.
The console consists of customizable workspace di-
Contact: Sonata Information Technology, Bangalore.
vided into the left and the right pane. The left pane dis- Tel: 26567487. E-mail: mohan.ks@sonata-software.com
plays database administration tools and server-related RQS# E52 or SMS 130452 to 9811800601
REVIEWS P R O D U C T S
REVIEWS P R O D U C T S
REVIEWS P R O D U C T S
REVIEWS P R O D U C T S
Key Specs: IP 2000 supports direct camera printing and has two
gle USB interface. However, only IP2000 is capable of paper feeders; good quality prints in both
printing photographs directly from a camera using its
Contact:Canon India, Gurgaon. Tel: 5160000. E-mail: Rajeev.
PictBridge interface and has two paper feeders. Both Singh@canon.co.in
printers support different print media, including trans- RQS# E60 or SMS 130460 to 9811800601
REVIEWS P R O D U C T S
REVIEWS P R O D U C T S
REVIEWS P R O D U C T S
Which of the following is the best way of fighting spam Which is the low power, low data-rate wire-
mail ? less technology that promises to be ideal for
❐ Click on the unsubscribe link in the spam remote monitoring?
❐ Regular use of updated anti-spam software ❐ ZigBee ❐ Wireless USB
❐ Send a nasty response to the spammer ❐ Bluetooth ❐ 3G
SHOOTOUT P R O D U C T S P U T T O T E S T
H
as your hard drive's partition ever crashed websites for usage information. Therefore, we strongly
out,and that too just 15 minutes before de- suggest that you first try them out on a test machine,un-
livering a presentation to a customer? Or derstand how to use and operate them fully, before ac-
perhaps some virus, worm or Trojan crept tually using them on a real system.
into your network and choked the wits out of your band-
width. How about this? A hacker managed to get into How we tested
your machine (remotely or locally) and tampered with While testing these CDs,we had three things in mind.
your corporate information.You know it's happened,but First, whether it could recover deleted partitions or not,
need to give your boss authentic proof of the incident, and if yes,then which partition types,eg,NTFS,ext2 and
which can later be used as evidence for the cyber crime. ext3.The next thing we tested was ease of configuration
While there can be ways of securing your system and usage. Finally, we looked at how many tools it in-
against hackers and worm attacks, what do you do if cluded for monitoring and assessing a network.For test-
you've lost data? That's when you wish you had some- ing the partition-recovery capabilities, we took a
thing to help recover your valuable data. This story is standard P4 machine with 256 MB RAM and a 40 GB
about‘that something’— known as live rescue CDs.This hard disk and installed Linux in to it. Then we used a
is nothing but a customized live CD containing specific standard DOS bootable floppy to run the fdisk command
tools for rescuing partitions, data and even a few net- and delete all partitions. We then booted the machine
work-monitoring tools. The best thing about these CDs with the live CD and tried to recover the partition. We
is that they can run on any machine and most of them then installed Windows XP on the same machine with
can read all standard partition types without doing any the NTFS file system and repeated the same process.We
configuration. We've thoroughly evaluated four live res- also tried to destroy the MBR and then tried to recreate
cue CDs to help you choose the right one for your needs. it using the live CDs.We also tested the forensic tools to
We've even given their ISO images on this month's DVD. check weather they can do data recovery or not. To test
You could burn them on a CD using any CD burning soft- them we created and deleted some documents in both
ware, like Nero. Using them is simple. Just insert them NTFS and ext3 partitions and tried to recover them as
into a drive, reboot the machine, and make sure that the well. At the end of our evaluation,we found the 'Fire' live
BIOS is set to boot from the CD drive. Another word of rescue CD to be the best of the lot.It was a complete res-
caution before we proceed any further. While running cue CD having everything you might need after your ma-
these CDs is pretty easy, using them isn't. You need to chine's been compromised.The name FIRE comes from
have good working knowledge of Linux as well as PC 'Forensic and Incidence Response Environment', which
hardware. None of the live CDs came with any proper gels with the performance we got from the CD.We found
documentation, so you'll have to figure out which tools that this live CD had the maximum software for data re-
are bundled with each and then look up their individual covery, forensics, network assessment and anti virus.
SHOOTOUT L I V E R E S C U E C D s
SHOOTOUT L I V E R E S C U E C D s
SHOOTOUT L I V E R E S C U E C D s
Plan-B: With lots of pre-configured scripts,even newbies will find this easy to use
P lan-B is another live rescue CD
based on RedHat Linux and has
a set of forensics data-recovery tools
such as autopsy, foremost sleuthkit
and BCwipe DCLF-DD. However, it
doesn't have gpart as a partition-re-
covery tool like the other two distros
we checked, but it comes with
parted—another partition-manipu-
lating software. But in this case the
partition detection is not fully auto-
matic and you have to know the size
of the deleted partition to do a cal-
culated guess for repairing it.
It also has a few network-security
tools to investigate a network. The Plan-B gives you options to boot in to various processor architectures,
tools are SARA, Ntop and Nessus.But so select the one that syour hardware supports
the best thing about these tools is that
they require zero configuration. You just have to run those who are not very good with Linux configuration
the shell scripts placed in /root/bin to start the serv- files. It contains lots of pre-configured scripts which
ices. You won’t believe that it can start Ntop with de- makes it easy to use even for newbies.
fault configuration, open up the browser and show its While doing the tests we found that parted does
interface just by running a shell script 'sntop'. not automatically search for deleted partitions.That's
One other attractive feature that it has is a BIOS why initially we ended up with an NTFS partition of
password recovery tool, which recovers CMOS pass- the wrong size, which wasn't accessible at all because
words.On the security front, it gives a long list of tools we didn't provide the correct partition size informa-
from creating a firewall to deploying a quick IDS sys- tion. So we recommend keeping a record of your par-
tem around your network. Like Fire and Hacking9, it tition sizes.
has a GUI interface and by right-clicking anywhere on But if you know the exact size of the deleted parti-
the GUI you can access few of the GUI tools. Plan-B is tion then recreating it with ‘parted’ is really easy and
an all-in-one toolkit for security experts, and even for fast. It just takes a couple of minutes to do it.
Features table
Live CD Size (MB) Supported Data recovery Forensic tools Partition table Sniffers/network Administration Anti virus
partition types tools recovery tools monitoring tools interface
Plan-B 657 Fat/NTFS,LVM,ext2, None None parted SARA, Nessus, Ntop, GUI None
ext3, Reiser FS,BeOS, Ettercap, Dsniff
QNX 4
Hackin9 496 None None None None SARA, Nessus, Ntop, GUI None
Ettercap, Dsniff,Kismat
and many more
LNX-BBC 47 Fat/NTFS,LVM,ext2, None None Gpart None Terminal None
ext3, Reiser FS,BeOS,
QNX 4
FIRE 578 Fat/NTFS,LVM,ext2, autopsy TCT, Autopsy, gpart, TestDisk Nessus, Ettercap Mostly Terminal f-prot,
ext3, Reiser FS,BeOS, Sleuthkit chkrootkit
QNX 4
EXTRAEDGE
PRODUCT LAUNCHES, TROUBLESHOOTING, EVENTS
PCQuest Summit
for Developers 2005
PCQuest, in association with Sun Mi- thapuram. The summit focused on Java
crosystems, organized PCQuest Summit and open-source technologies. The
for Developers in February 2005. The speakers included technology evangel-
event was held at three cities—Delhi, ists and experts from Sun, IT consult-
Hyderabad, Mumbai and Tiruvanan- ants and those from PCQuest.
148 PCQUEST A P R I L 2 0 0 5
extra edge.qxd 4/6/2005 11:09 AM Page 149
149 PCQUEST A P R I L 2 0 0 5
extra edge.qxd 4/6/2005 11:09 AM Page 150
EXTRAEDGE E V E N T S
PCQuest Summit
for Linux 2005
PCQuest Summit for Linux was co-spon-
sored by Intel, IBM and RedHat. The
event was held across the country at three
places—Bangalore, Delhi and Mumbai. The
event saw speakers from Intel, IBM, Novell,
PCQuest and leading IT Consultancies. Split
in to three tracks for CIOs, System Adminis-
trators and Developers, the event was very
well attended at all the venues.
150 PCQUEST A P R I L 2 0 0 5
extra edge.qxd 4/6/2005 11:09 AM Page 151
151 PCQUEST A P R I L 2 0 0 5
extra edge.qxd 4/6/2005 11:09 AM Page 152
EXTRAEDGE E V E N T S
152 PCQUEST A P R I L 2 0 0 5
extra edge.qxd 4/6/2005 11:09 AM Page 153
EXTRAEDGE P R O D U C T L A U N C H E S
EXTRAEDGE P R O D U C T L A U N C H E S
1,149
T he P5 motherboard series from Asus features driver support for the
64-bit computing architecture. These motherboards are BIOS up-
dated and have Intel EIST (Enhanced Intel SpeedStep technology). With
Internet Security 2005 2,095 the EIST technology,the P5 motherboards are able to automatically adjust
SMB AVD 8.0 (10 User) 13,995 the CPU's core voltage and core frequency according to the system per-
SMB AVSS 8.0 (10 User) 7,990 formance demand. The P5 Series supports both 64-bit and 32-bit opera-
Trend Micro tions, providing system compatibility and upgrade flexibility. The P5
PC-Cillin Internet Series is Intel Extended Memory 64 Technology (Intel EM64T) ready,
Security 2005 1,495 meaning the 600 series CPU of the P5 motherboard is able to run new 64-
NEAT Suite Standard (5 User) 4,750 bit code and access larger amounts of memory. Price: Rs 4,800 onwards
Unistal Contact:ASUSTeK Computer,Mumbai.E-mail: info_India@ asus.com.tw
Crash Proof with Anti Virus 1,399 RQS# E22 or SMS 130422 to 9811800601
Quick Recovery FAT & NTFS 6,188
Quick Recovery LINUX 4,125
Stellar Phoenix
Recovery Suite (FAT,
Hardware network anti virus
NTFS,LINUX,ROM)
Data Safety Win Client
Data Safety Win Server
17,955
2,700
13,500
N etwork VirusWall 2500 builds upon Network VirusWall 1200 by en-
abling IT security administrators to secure multiple network seg-
ments and mission-critical application servers through a single
RedHat appliance.
Enterprise Linux 3.0 11,490 Gigabit Ethernet support provides IT security administrators with
Enterprise Linux ES 3.0 STD 30,950 the flexibility to protect high-bandwidth network infrastructures. Built
Enterprise Linux AS for higher throughput and performance,Network VirusWall 2500 is ideal
(Advanced) 3.0 STD 56,490 for large complex organizations, capable of supporting thousands of
Corel concurrent users.
CorelDraw Graphic Suite 12 17,595 This provides customers with greater flexibility in enforcing network
Jasc Paintshop Pro 9.0 5,445 security policies across global, distributed enterprise environments to
Linux/UNIX help stop the damaging effects of network worms.
Novell Netware 6.5 - 5 User 33,990 Contact: Trend Micro India, New Delhi. Tel: 52699000. E-mail:
Novell Linux Desktop 9.0 3,455 sales.in@trendmicro.com RQS# E23 or SMS 130423 to 9811800601
Suse Linux Enterprise
Server 9.0 14,445
SCO Unix Open Server
Enterprise 5.0.7 (5 user) 59,990
Networked storage solution
Borland
Borland JBuilder 2005
Developer CD 19,990
T he AX100i features 2U Dell/EMC AX100i array with up to two con-
trollers and 12 SATA drives, providing storage capacities ranging
from 480 GB to 3 TB.It has iSCSI network interface module and supports
Borland JBuilder 2005 Windows.
Enterprise CD 139,990 The Dell/EMC AX100i is engineered to support applications such as
Borland C++ Builder 2005 Exchange and SQL for small organizations and workgroups,and extends
Enterprise CD 99,990 the key benefits of AX100 with simplified setup, management, scalabil-
ity and streamlined backups. AX100i offers advanced features for data
*These prices are for Delhi security as well as advanced functionality software for automated
failover and snapshots. RQS# E24 or SMS 130224 to 9811800601
EXTRAEDGE P R O D U C T L A U N C H E S
More Launches
D-Link range of broadband products includes DSL-502G external
ADSL router, DSL-504G, DSL-514 - ADSL Router and DSL-G604T-Wire-
less ADSL Router. Price: DSL-502G: Rs 4,500; DSL-504G: Rs 6,500; DSL-
514: Rs 4,800; DSL-G604T: Rs 8,500. E-mail: sales@digigiga.co.in
RQS# E26 or SMS 130426 to 9811800601
Pureview PV17C monitor offers 90O Zip Shrink base and has in-
built speakers. It is self-wall mountable. Rs 17,900. E-mail:
sudipto@pureviewindia.com RQS# E27 or SMS 130427 to 9811800601
Mobile printer
T he RW 420 is a compact and rugged mobile printer that offers increased
accuracy, speed and cash flow to companies who deliver direct to the
stores.Designed for use with a terminal or PDA, the RW 420 printer's mod-
ular design allows you to choose among wireless options, card readers and
integral accessories such as vehicle mounts for simplified route printing.
The printer features 203 dpi print resolution, 4 MB flash memory and
EMV-certified smart card and magnetic stripe reader.
Price: Rs 48,000. Contact: Bar Code India, Delhi. Tel: 26816687.
E-mail: praveen@barcodeindia. com RQS# E25 or SMS 130425 to
9811800601
155 PCQUEST A P R I L 2 0 0 5 A Publication
extra edge.qxd 4/6/2005 11:09 AM Page 156
EXTRAEDGE H E L P
Troubleshooting
Mail server tems in Hyderabad. As a software C#(C#.NET), ASP(ASP.NET) and
We have a campus network. I programmer, I have been develop- Microsoft(Microsoft.NET). Can
want to use the network for sending ing a project for which I have to put you tell me what does the .NET be-
and receiving mail, considering a tray icon of the project. Can you ing linked to these languages
that there is no Internet connec- give me your sample code so that I mean?
tion. There are more than 100 PCs can get some idea of how to work And is C#, C#.NET ,C#.NET for
connected to each other. with JDIC package? Web development,one or more dif-
VISHWANATH RANGAPPANAVAR Also can you help me by giving ferent languages?
the slides or the documents so that I am confused with so many
PCQuest: You may set up a mail I can get a detailed view of this versions of programming lan-
server easily with PCQLinux, a package. guages. I want to learn a new lan-
Linux distribution given out by PC- HIMA KIRAN A. guage but am unable to decide
Quest. Refer to our article Mail which will be the best, or give best
Server (page 50, March 2005) that PCQuest: We have mailed you results or which is in demand these
tells how to set up a mail server with the Netbeans project directory for days. And are these languages in
PCQLinux 2005 given out in the the system tray demo (presented at one way or the other, linked with
same issue. the PCQuest summit for Develop- each other?
If you don't want the people to ers). The entire presentation is I know C++.Are the languages
send or receive mail to outside (say hosted at http://forums.pcquest. I just mentioned, superior to C++,
hotmail.com or yahoo.com), then Some additional URLs to refer that is, do the programs made on
don't specify 'Optional transport for to are www.netbeans.org and these languages respond better
unknown recipients', as mentioned https://jdic.dev.java.net/ with better results or are more effi-
in the article. cient? Or is it that the kinds of pro-
Making a Swing class grams that can be made on these
CHM file format executable languages are more than those on
Could you please tell me how to I have written a drag-and-drop C++?
make use of the PHP tutorial avail- Swing program to upload the im- Shall I need more than one soft-
able at www.php.net in CHM file ages. For this, I also imported one ware to make programs in these
format.I am not able to get the link JAR file.Everything is working fine languages and then run them or
from the Web. , but now I want to make that pro- only one would do?
REENA MITRA gram executable even though the What are the benefits of learn-
machine doesn't have Java. ing such languages? Also tell me
PCQuest: You can also down- JAYASIMHA REDDY where can I get a general know-
load the extended HTML help from how on .NET?
this Web link http://www.php.net PCQuest: Please refer to the art- ASHISH SONI
/download-docs.php cle at this link http://www.role-
maker.dk/nonRoleMaker/javalaun PCQuest: The .NET is a plat-
Java and SysTray cher/marner_java_launcher.htm form. Originally it was intended to
integration be 'cross platform' and a directly
I attended your seminar on .NET know-how competing platform to Java. How-
JDIC supported by Sun Microsys- I have seen .NET linked with ever,with a completely implemented
EXTRAEDGE H E L P
system only for Windows presently used widely. It is only that the new Trouble loading PCQuest
(that too only the newest versions projects are being undertaken in the Linux 2005
like Win 2000, XP and 2003 support new platforms where possible. Sim- Let me congratulate you for
it) and the Linux port (Mono) is at ilarly, if you want to go the Linux bringing out such a nice version of
best half done and works in patches, way, you would use PHP, Perl or Linux in the form of PCQLinux
cross-platform ability is still a far Python or something that allows 2005. But I am facing problems
away dream. you to do KDE/Gnome/X related during first reboot after installa-
As a platform,.NET is supported programming. tion.
by several languages. Notably, Vi- Also, different languages are I have two separate hard disks
sual Basic.NET,C#,VC++.NET and suited for different purposes and en- for Windows (hda) and Linux
VJ# are among them. However, if vironments. Yes, .NET is currently (hdb). And I was running RedHat
you have something called a VSIP 'big' among developers and so is Linux 9.0 with LILO without any
agreement with Microsoft, they will Java. Learn both if you can. problem,with boot loader installed
give you the SDK needed to develop What kind of ‘linking’are you re- in the MBR of /dev/hda. But when
your own .NET language. ferring to? Anyway,the answer is no, I installed grub boot loader as pro-
So far, languages such as since learning one language does vided with PCQ Linux, my system
COBOL, Python and Fortran have not require you to know another. Of did not boot and the screen showed
been ported. Efforts are being made course,in some cases learning some- a warning—Minimum BASH like
to port PHP to .NET. thing (say C#) becomes easier if you support etc...... grub.
C# does not come with a .NET know another language (like C++) Now do I have to format Win-
extension. Neither does VJ#. These because of similarities in syntax or dows? I tried to load grub loader
two languages are unique to the coding logic. But you can still learn using the following Linux rescue
.NET family and have no prior exis- one without knowing anything option but of no avail.
tence.Since VB and VC++ have ver- about the other.
sions before .NET (like VB 6.0), we Each language has its own spe- sh#chroot /mnt/sysimage (??)
suffix '.NET' for them to indicate cial IDE that extracts maximum :sh#grub-install /dev/hda
their version. performance or results from the en-
One of the advantages of using a tire subsystem. For example, for any VINOD KUMAR
.NET language for development is of the .NET's Microsoft languages,
that your code remains almost ex- VS.NET would be a de facto choice PCQuest: To recover your win-
actly the same regardless of whether as an IDE. For say Java, it would be dows,boot from a Windows bootable
you're developing for the Web or for Eclipse or something else. CD or floppy and issue:
a desktop deployment. Of course, Nowadays, low-end versions of
there would be limitations—like, editors are also becoming available fdisk /mbr
you cannot put up a message box or for quick development. For VS.NET,
access the system registry in a Web you get something called ASP.NET Memory leak
app. Web Matrix, which you can use if Please suggest some good ways
‘Most in demand’ is a subjective you simply want to develop only to detect memory leak in apps and
phrase and depends very much on ASP.NET apps. OS components for Win XP SP2.
what you want to concentrate on. And once you know all these lan- Also how to prevent them?
For example, if you're talking about guages, you can work as a program- NULL_BIT
Windows development, although mer.
Microsoft promoters would have For .NET,we recommend you PCQuest:You can refer to the fol-
you believe that .NET is the only visit one of the appropriate devel- lowing link for this.
thing being used,the languages such oper centers at http://msdn.mi- http://labmice.techtarget.com/trou-
as VC++ 6.0, VB 6.0 are still being crosoft.com/developercenters/ bleshooting/memoryleaks.htm