Apr-Pc Quest

content-april 05.
qxd 4/2/2005 11:44 AM Page 6
CONTENTS A P R I L 2 0 0 5
Cover Story
84: Prevention is better

than Cure
From the earliest of days, Man has learnt well to defend
his assets. Prevention is better than cure. Enterprises are
realizing that it's better to deploy a system that can detect
as well as prevent intrusions rather than only detect one
in progress and try to alert the responsible personnel.
Perhaps the avenues of attack today are much wider and
numerous compared to those available two years ago.
This in turn has led to an explosion in the different types
of vectors that deepen the intrusion. But what are they
and why should they exist at all? What are the questions
we need to ask ourselves before we go ahead and purchase
and deploy one on our networks and systems? In this
story we've answered these questions and also explored
how to secure your OSs, both windows and Linux.
20: Technology 100: Developer

20 The Next Pentium 4 100 A DataGrid for PHP
22 4G Fibre Channel 102 Run Java Apps from SysTray
24 IT in a Radio Station 104 Persistence Storage with EJB
107 Authenticate with DNS
40: Personal 109 Yahoo Search Web Services
40
44
Demystifying Win XP Errors
Manage Meetings Online 72: Linux
48 Send SMS from Outlook 2003 72 Turn any PC into a NAS
50 Take your File Server Online 73 Ghost for Linux
64 Recover Lost Mail 76 Implementing Adamantix
66 Increase Life of your CDs/DVDs 77 Virtual Machine for Linux
68 Create your Own DVD Menus 78 Maia Mailguard
70 Internet on SmartPhone 81 Off-The-Record Messaging

6 PCQUEST A P R I L 2 0 0 5 A Publication
content-april 05.qxd 4/2/2005 11:44 AM Page 8
CONTENTS JANUARY
Shootout of The Month In Depth

144: Live Rescue CDs Wild Wild Wireless . . . . . .112
'Man is born free, but everywhere he is in
28: Enterprise chains.' Probably Rousseau was clueless of the
power of chain-free wireless when he coined this
28 VPN on SUSE Linux phrase.Indeed,so much has happened in the wire-
32 E-learning with Moodle less world till date,and so much more is happening
34 Create Datatypes for SQL Server that very soon you might be living in a world that's
completely free of wires—No strings attached (lit-
erally!). The two biggest successes of modern day
126: Products Reviewed wireless technologies are Wireless LANs and cell-
phones.Then there is the WiMax technology for the
126 MS Operations Manager 2005 last mile connectivity. The latest upgrade to the
128 Microsoft Windows AntiSpyware (Beta) GPRS and CDMA is 3G, which is being imple-
130 SQL Base 9.0 mented to scale up the bandwidth the other two of-
137 ASUS WL-167G USB2.0 WLAN Adapter fer. Personal connectivity is yet
138 D-Link AirPlus G+ DI-624+ Router another area where wireless
139 Hitachi Ultrastar 300 GB Hard Drive technologies are making a
140 Canon Canoscan 3200F Scanner mark.
141 Book Reviews Some technologies like
wireless electricity and ZigBee,
Hitachi Hard Drive which may take a few years
before becoming a reality.In
the pages to fol-
low, we have
D-Link Router looked at the entire
gamut of wireless tech-
nologies and the applica-
tions they promise to
make possible.
Cover Design : Bendi Vishan
PCQuest Power Pack

Belkin Wireless USB
Print Server
❂ PCQEssential
MS Windows anti spyware (Beta),
SwisSQL-SQLone console1.9.6, etc
148: Extraedge ❂ DVD XTREME

148 PCQ Events Maya 6 PLE,Plan B, Hakin9,Win XP
153 Product Launches 64 Bit Edition,Apache2Traid
156 Troubleshooting
AC editorial-april05.qxd 4/2/2005 11:45 AM Page 12
Editor-in-Chief: Shyam Malhotra

Chief Editor: Hoshie Ghaswalla
LEADING EDGE E D I T O R ’ S P A G E
Editor: Krishna Kumar
Senior Sub Editor: Rinku Tyagi
Sub Editor: Neha Shamshery
CYBERMEDIA LABS
Senior Manager: Anil Chopra
Assistant Manager: Geetaj Channana
Sr Reviewers: Anindya Roy,Anoop Mangla,
Sanjay Majumder, Sujay V Sarma
Reviewers: Ankit Kawatra, Sushil Oswal
Reviews Assistant: Sukhsagar P
A Thousand
Contributors: Shekhar Govindarajan,Vinod Unny, Kunal Dua
DESIGN
Assistant Manager, Design: Bendi Vishan
Miracles a Day KRISHNA KUMAR
Assistant Manager, DTP: Sudhir Kumar Arora
R
PRINT & CIRCULATION SERVICES
ecently, I visited the Re- application must be complex.As the
General Manager: NC George gional Cancer Centre at case records are maintained in paper
Reader Service: Ekta Sharma, Pooja Bharadwaj,
Sarita Shridhar
Tiruvananthapuram. This files, there should be an effective fil-
Pre-Press: T Srirengan, Jose PM, Alok Kumar Sharma government hospital, situated al- ing system too, at the back end. But
Press: Rakesh Kumar Upadhayay most at the southern tip of the coun- what the staff sees is a simple GUI
MARKETING try sees patients not only from other front end,where entering the patient
National Sales Manager: Naveen Chand Singh
Product Manager: Ankur Shinghal states but also from Maldives, I am registration number enables them to
Assistant Product Manager: Pramiti Bhargava, told.About a thousand people visit track the current status of any pa-
Sr Product Executive: Ajay Dhoundiyal
Chief Controller of Finance: VC Gupta
the hospital daily, in search of much tient,carry out new patient registra-
Manager Accounts: ML Sharma needed succor.Like the geographical tion, set up appointments, schedule
Commercial Manager: CP Kalra
spread, the patients too come from surgeries or prepare bills and check
● BANGALORE Bureau Head: Satish Gupta. Marketing:
Mahantesh Godi, Ashish Kumar. 205, 2nd Floor, # 73, Shree all walks of life and all ages.Given the patients out after surgery.
Complex, St.Johns Road. Tel: 51238238, Fax: 51238750
● KOLKATA Assistant Bureau Manager: Pranab Das.
nature of illness, most have to come Of course, they still need to use
203, Sarat Bose Road, 4th Floor, Near lake Road Crossing, back again and again,sometimes for the phone, like when a particular
Mob: 9433027970 ● CHENNAI Assistant Bureau Manager:
Vinodh K. 5B, 6th Floor, Gemini Parsn Apartments, 599 years. With this scale of operations, case record is to be traced or has
Mount Road. Tel: 28221712, Fax: 28222092 ● MUMBAI in a government establishment, you gone to the wrong department.
Regional Manager: MA Jaideep. Marketing: Gopa Kumar VR,
Sachin Mhashilkar. 32/33, Mittal Estate No 1, 1st Floor, can expect the staff to be a much- There would be other problems with
Andheri-Kurla Road (Near Marol Naka), Andheri (East).
Tel:28502661, Fax: 28514877 ● NEW DELHI Regional
harried lot and the quality of health the app.But what matters is that just
Manager: Sudhir Argula. D-74 Panchsheel Enclave. Tel: care to be indifferent, if not poor. by typing in a registration number,
26491320, Fax: 26496765 ● PUNE Marketing: Mihir Singh.
Flat No 2, Rajat Apartments, Koregaon Park. Tel: 6113892, My experience, if anything, was the staff is able to direct thousands
Fax: 6119313 ● SECUNDERABAD Assistant Bureau the opposite. in their quest for succor. What mat-
Manager: Amol Bahuguna. Room No 5 & 6, 1st Floor, Srinath
Commercial Complex, SD Road. Tel: 27841970, Fax: Sure, there are infrastructure ters is that they are not inundated
27898134 ● SINGAPORE Regional Manager: Naveen
Barsainya. 32 Maxwell Road, # 03-14 White House. Tel: +65-
limitations, the guards could be with screen after screen of informa-
91070035 ● Printed and published by Pradeep Gupta on more polite! Still, it is a fairly effi- tion, but just what is required then.
behalf of CyberMedia (India) Ltd, printed at Repro India
Ltd, Plot No 50/2, T.T.C. MIDC, Industrial Area, Mahape, Navi ciently run hospital,with the staff of- I have seen many enterprise apps
Mumbai, India, published from D-74, Panchsheel Enclave, ten going that extra step to help the at work,analyzed many and even de-
New Delhi. ● REGISTERED OFFICE D-74, Panchsheel
Enclave, New Delhi. Tel: 26491320, Fax: 26496765 ● COR- patients. What is it that enables the signed few myself. But this is the
PORATE OFFICE Cyber House, B-35, Sector 32-
Institutional, Gurgaon, Haryana. Tel: 0124 (95124 from
staff to pull it off,day in and day out? most beautiful enterprise app I have
Delhi)-2384816, Fax: 2380694 ● OVERSEAS AGENTS Maybe the fact that they are able to seen; it pulls off a thousand miracles
Advertising/Sales in the US: Worldwide Sales Director: Emily
G Ospensen, CMP Worldwide Media Networks, One Park get information about patients really a day,every day,speeding thousands
Plaza # 700, Irvine, CA 92614. Tel: 949-223-3632, Fax: 949- fast.Helping them do that is a hospi- on their way to care and recovery.
223-3690. eospenso@cmp.com, website: http://cmpworld-
wide.com. Distributors in India: Mirchandani & Co, Mumbai. tal information system developed by It does that using a simple inter-
All rights reserved.No part of this publication may be repro-
duced by any means without prior written permission.
CDAC! Given the complexity and face and by being to the point. And
scale of the hospital's operations,the that’s what most apps miss.
For risk factors refer to the offer document at www.cybermedia.co.in
AC editorial-april05.qxd 4/2/2005 11:45 AM Page 14
TECH-À-TETE W I R E L E S S
The Wireless Tangle

Bluetooth is popular for personal area networks today, but tomorrow,
it could get squeezed between ZigBee and Wireless USB
ANIL CHOPRA
T
here's so much noise connect to the Internet. Another wireless technology, which is inter-
around wireless today, that popular application of Bluetooth is esting, considering that other tech-
it has raised a problem— the headsets for cellphones,which is nologies are moving the other way.
that of choosing the right technol- a better alternative to the 'wired' The reason for this is ZigBee's target
ogy. In the near future, you might hands-free devices.If you look at the market—remote monitoring of
find several wireless technologies official Bluetooth website (blue- lighting, heating, air-conditioning,
contending for the same space. The tooth.com),you'll find a huge listing etc of a home, office building or in-
best example of this was GSM and of products for a variety of applica- dustry.
CDMA. Remember the heated de- tions at home, office, audio/visual, This doesn't require high
bates about which is better? GSM medical, etc. This in effect means throughput as you only have to
was well established when CDMA that Bluetooth is a well-established monitor ZigBee enabled sensors.
came along. Finally, both technolo- technology in the market. Plus, ZigBee consumes less power,
gies ended up coexisting. The same Wireless USB is expected some- making it a perfect fit there. These
is now happening in the short-range time by the end of this year,and also sensors could run on batteries for
wireless technologies. Currently, promises to be ideal for personal years using ZigBee. While ZigBee's
there's only Bluetooth that's avail- area networks. Not only that, but it current target is sensors, it could
able. But two others are likely to promises a whopping throughput of very well enter other markets as
make their way into our lives very 480 Mbps between any two devices. well, such as PDAs, wireless head-
soon.These are ZigBee and Wireless Bluetooth's latest release, v2.0 EDR sets, etc, which are today Blue-
USB. Out of these, Wireless USB is (Enhanced Data Rate) on the other tooth's forte. So in effect, it might
targeting similar applications as hand, only offers up to 3 Mbps, also end up playing in at least some
Bluetooth, while ZigBee has a dif- which is fairly skimpy.Applications of the markets that Bluetooth is al-
ferent market in question, though for Wireless USB overlap those for ready in.
with a bit of overlap.So the question Bluetooth, eg home, office, gamers, In essence, Bluetooth is being
is what's in store for us in the future? and entertainment. In effect, Wire- squeezed by Zigbee from the bot-
Let's look at this in more detail. less USB will target the same devices tom and Wireless USB from the top.
Today, Bluetooth is the technol- that are today using the wired USB Though it's going to be safe in the
ogy of choice for personal area net- standard,which is a lot.Just think of near future, thanks to its huge ex-
works. Most mobile phones, PDAs, its potential if all devices that have a isting market, it could end up in a
and notebooks come with Bluetooth wireless USB connection today were tight spot two years from now. May
built in. So you can connect your to replace it with a wireless USB one. be it should also consider other
notebook to your cellphone or PDA Let's come to ZigBee.This one is markets, which others haven't yet
via Bluetooth, sync them up or even positioning itself as a low data rate considered.
message board april 2005.qxd 4/6/2005 11:01 AM Page 16
MESSAGE BOARD W H A T Y O U H A V E T O S A Y
E-governance With reference to your A K Chakravarti

coverage February 2005 issue, we Advisor,Ministry of Com-
I am in receipt of your highly appreciate the ef- munication & IT
February 2005 issue. forts made by you for the
I congratulate you for the Cover Story on E-gover- Dr Vinay K Dharmad-
coverage of such an im- nance initiatives in the hikari
portant topic focusing on country. Scientist 'G' (e-Gov As-
e-governance. ADDL CHIEF ELECTORAL sessment Division)
In fact,many states in the OFFICER Ministry of Communica-
country are now leap HIMACHAL PRADESH tion & IT
frogging
towards the e-gover- Thank you for sending me S P Sharma, IAS
nance regime. a copy of the February Financial Commissioner
RAVI KANT, IAS 2005 issue of PCQuest. I & Principal Secretary
SPECIAL SECRETARY, DEPT OF have read the magazine Govt of Haryana
IT, WEST BENGAL and found the Cover Story
contains useful informa- Online
Dare to share I thank you for send- tion on effective E-gover- Subscription
Humble thanks for ing me a copy of your nance. Will subscribing to the
appreciating the fo- February issue. I appreci- ANUJ SINHA online version of PCQuest
rum members by an- ate your effort to cover SCIENTIST 'G' & HEAD enable me to participate in
such an important issue as MINISTRY OF SCIENCE AND the contests?
nouncing the top
the Cover Story, Strategic TECHNOLOGY PRADEEPBM
posters every month. Framework for E-Gover-
Let's keep moving nance. It is definitely of Words of encouragement PCQuest: Currently,
forward together.As great use and utility for and appreciation also contests, Buzz, Insight and
G B Shaw said, if you senior government offi- poured in from: other extras are purely of-
have an apple and I cials working in this field. fline. That is, they do not
S K NANDA, IAS Rajiv Bansal, IAS appear in the online ver-
have an apple and we
PRINCIPAL SECRETARY, GOVT Commissioner & Secre- sion of the magazine.
exchange them then OF GUJARAT tary, Govt. of Nagaland If the contest asks for a
both will still have specific printed form to be
one apple each. But if Received your February A B Patki filled up, then that form
you have an idea and 2005 issue.Your magazine Scientist 'G' & HOD (usually from the maga-
I have an idea and we has a good standard and it Ministry of Communica- zine) has to be filled up.
was a pleasure going tion & IT Otherwise, it is open to all.
exchange these ideas,
through it.
then each of us will ALOK MITTAL, IPS Sudhir Kumar Error…is it?
have two ideas. CENTRAL BUREAU OF Resident Commissioner I think the article Your
Null_Bit INVESTIGATION Govt of Karnataka own Forum (page 60,
message board april 2005.qxd 4/6/2005 11:01 AM Page 18
INTERVIEW W H A T Y O U H A V E T O S A Y
found on the PCQLinux cles for the newbies as the

n ERRATA
rs desi g
2005 CD. articles carried were very
Che e d o n 't hear a
ny
Thumbs up!
good for those who already
knew PCQLinux or had
1. Refer to the Product
Launches section,page
son y o u r th e
The rea r criticism fo est The cover design previously installed the 147, March 2005. The
o Qu
praises nd design in PC ful. of the March issue earlier version. I hope price for DRU720A
graphic
sa
e y a r e wonder was very nice.But many more articles for DVD burner is mis-
se t h ure t o
is becau it's human nat re- why change the newbies will follow in your quoted as Rs 6,500.
w ut
You kno mething bad b is color of flag of PC- future issues. The correct price of
so at
criticize p r a is ing wh r. QLinux 2005. In Why did the color and the burner is Rs 5,500.
om ed fo
frain fr ss explicitly ask do- the Contents page, look of PCQLinux 2005 2. Refer to Enterprise
le lly
good, un g heroes are rea sk. you could also CDs look almost similar to WAN Routers (Re-
un de
The uns job at the design have given what's PCQLinux 2004? view), page 141. The
at
ing a gre g! there on which VASU key specs for the
in
Good go JOSHI page number DXMP 2692 router are
A
DINESH for the cover story. PCQuest: We appreci- printed incorrectly in
March You could also have told us ate all the feedback.We the table. The Firewall
2005, PCQuest) has some why the name 'Project hope to cover whatever was row for this router
errors. When you install White Hope'. Install missing in that story in the should read as 'Yes'
the file phpBB-2.0- screenshots were fine.You coming months. Priority while the Processor
11.i386.rpm, it gets in- could also have given min- would be given to things row should read as
stalled into /var/www/ imum specs required for like getting your system up '266 MHz'.
html/. The article goes on PCQLinux 2005,at least for (if there's a problem), fix-
to say that point your some installations and the ing things and other such time I bought PCQuest
browser to http://local- space required for full in- important issues. Then we myself. I find the recent is-
host/phpBB2/install/mod stallation for different would get down to other as- sues more youthful.
_table_inst.php but I types. Playing games op- pects. As for the change in GOKUL
think doing so will make tion during install was the color of the flag, it was
Apache to search in cool, but I would never deliberate and not a mis- PCQuest: Thanks a lot
/usr/local/apache2/ht- want to play games during take. Same goes for the for the appreciation. As for
docs...So we might get the install! List of the main color of the CDs. It is kept our chemistry with red and
error 'phpBB2 not found' packages under various same to render a distinct yellow goes, these are the
while testing the forum on groups could have been identity to the distro CDs. two colors that have
our computer. Is there helpful. adorned the PCQuest logo
some configuration that All the articles in the Add more color ever since its birth.So we do
the article missed out? cover story were good. Somehow PCQuest has have something special at-
RAGHU83 Keep it up and provide an amazing chemistry tached to these colors. Oth-
more such articles. Addi- with red and yellow. You erwise we do bring in other
PCQuest: It seems you tion of CRM,help desk,ph- must get rid of this. The colors as well.
are running Apache com- pBB and Wiki to the distro graphics and design layout
piled from sources or a non- is good too.You could have has come a long way since Note : The questions in this section
have been taken from http://forums.
PCQLinux RPM. The provided some more arti- September 2002, the first pcquest.com
article assumes that you
are setting up phpBB on the
HAVE COMMENTS ON THE MAGAZINE?
Apache Web server in-
Post them at http://forums.pcquest.com
stalled via the httpd RPM
technology.qxd 4/2/2005 11:52 AM Page 20
TECHNOLOGY
E M E R G I N G T E C H N O L O G I E S E X P L A I N E D
The Next Pentium 4

With the new 6xx series, Intel joins the 64-bit-to-the-desktop bandwagon, and also in-
troduces several key features like 2 MB L2 cache, SpeedStep, and XD
T
he heat is on again in the crosoft, RedHat and Suse. One good
Direct Hit!
processor war,and this time thing is that it retains backward
Applies to: Desktop users
it’s not clock speed, but compatibility with Socket 775,
many other factors.After AMD went meaning these processors will work
USP: Understand the four key features
out with its ‘64-bit to the desktop’ on the 915 and 925 chipset-based in the latest line of P4s from Intel
campaign,it’s now Intel’s turn—and boards.Moreover,L2 cache has been
Links: www.intel.com/technology/
the answer seems to be the 6xx series given a boost in the new processors 64bitextensions
of P4 processors. The key features to 2 MB,which is supposed to trans-
built in to these processors include a late into much better performance. mon technique used by security
64-bit extension called EM64T (Ex- SpeedStep is not a new technol- threats.XD creates a separate mem-
tended Memory 64 Technology), ogy,as it’s been around in Intel’s mo- ory area in RAM for program execu-
SpeedStep and XD (eXecute Dis- bile processor versions for tion and the data (data storage area)
able) technologies. There are five notebooks. Now, it’s also been intro- related to it. If some malicious pro-
processors in the series (see table) duced in the desktop P4 processors. gram tries to access and modify data
with the highest end one known as Here,the processor will step down to in this storage area, the processor
the Extreme Edition. a lower clock speed when lying idle, prevents it from executing. This
With EM64T, Intel has also en- thereby reducing the power con- technology will prevent malicious
tered the 64-bit race with AMD. Like sumption. The moment the CPU programs from snooping into un-
AMD’s offering,this one can also run utilization increases, the CPU raises used portions of the memory. You,
32-bit applications on a 64-bit OS. the clock speed back to the maxi- however, would still need an anti-
Plus, it can also run in pure 64-bit mum.This also helps in lowering the virus tool or anti spyware to protect
mode where it will run 64-bit appli- heat generated by the procesor. XD from regular malware.AMD also has
cations on a 64-bit OS.So for all prac- is Intel’s initiative towards building a similar technology in its 64-bit
tical purposes, it’s very similar to security in the hardware to combat processors, known as Enhanced
AMD’s offering in the 64-bit space, the growing security threats like Virus Protection.With the new P4
and is therefore expected to work on virus attacks.This feature helps con- series,Intel has also joined the 64-bit
the 64-bit OS versions from Mi- trol buffer overflows, the most com- race to the desktop with AMD.Add to
P4 64-bit processors’ specs
that Microsoft’s Windows XP 64-bit
edition RC2, which is available for
P4 Processor Front Side Bus (MHz) Frequency (GHz)
Extreme Edition 1066 3.73 download (360 days trial version)
660 800 3.6 and you just might see a shift to 64-
650 800 3.4
640 800 3.2 bit to the desktop sooner than you
630 800 3 can imagine.
Note: all processors have L2 cache and are manufactured with the 90 nm process. Sushil Oswal
technology.qxd 4/2/2005 11:54 AM Page 22
TECHNOLOGY E X P L A I N E D
4G Fibre Channel
1G and 2G storage networks will be replaced by 4G in the near future.We present its
roadmap along with the pros and cons
C
urrent technology used in nology maintains backward com- Direct Hit!
Fibre Channel SANs is the patibility with both the older specs
Applies to: Network and storage
2G technology, which al- (1G and 2G). It also supports the administrators
lows the maximum throughputs of loop architecture common to both
USP: 4G will emerge as a new spec
up to 2 Gbps. However, as demand of them. that will double the speed for faster
for bandwidth-intensive applica- Enterprises can incrementally connectivity
tions such as CAD/CAM, real-time upgrade their systems to 4G. The Links: www.fibrechannel.org
computing, data warehousing and technology will reduce the num-
video streaming grows this speed ber of connections between stor- backups and data recovery can be
will be insufficient and would age systems and computers performed. Scientists and engi-
need to be increased. That’s where besides improving the through- neers who need to access large
4G comes into the picture, which put. amounts of data to solve complex
doubles the maximum throughput problems, with 4G, they will now
to 4 Gbps. Products be able to do so in lesser time.High
The new spec for 4G was ap- 4G products will start coming quality graphics such as animated
proved by FCIA (Fibre Channel In- in towards the end of this year. movies can be produced in lesser
dustry Association) in 2003 and is Cisco has plans to launch the MSD time. 4G technology will also offer
widely supported by most connec- 9000 family products, PMC-Sierra reliable transmission of digital au-
tivity vendors today. Originally, is set to launch switches. Emulex dio/video applications.
the spec sought to deal with inter- has its HBAs and embedded stor-
nal connectivity—connecting age switches already in testing. Adoption
disk drives to the server. Later it Broadcom has launched the BCM At the moment, enterprises are
was decided to extend it for inter- 8421 repeater for 4G switches and not taking full advantage of exist-
connecting the switching Fabric in storage arrays. ing 1 Gbps and 2 Gbps Fibre-Chan-
SANs. This basically includes the nel speed. Fibre Channel is
Fibre Channel switches, which in- Applications expensive to set up for small en-
telligently manage the intercon- Enterprise with high perform- terprises and iSCSI is an alterna-
nectivity amongst various devices ance computing needs will find tive solution, but iSCSI is not as
and nodes in a SAN. The 4G tech- the technology useful. Faster fast as Fibre Channel.
It is expected that vendors will
Fibre-channel speed roadmap
offer 4 Gbps-based products at the
Standard Standard approved Market availability Throughput (Mbps) Line rate (Gbaud)
1G FC 1996 1997 200 1.065 same price levels as current for 2
2G FC 2000 2001 400 2.125 Gbps, which will attract imple-
4G FC 2003 2005 800 4.25
8G FC 2003 2005 1,600 8.5
mentations.
16G FC (2006) * (2008) * 3200 17 The 4G networks will gradually
32G FC (2009) * (2011) * 6400 34 replace 2G in the same manner as
64G FC (2012) * Market demand 12800 68
128G FC (2016) * Market demand 25600 136 2G replaced 1G.
* expected time frame Sushil Oswal
technology.qxd 4/2/2005 12:01 PM Page 24
IT in a Radio Station
Which hardware, software and technologies are used in a modern FM radio station?
And how…?
T
hink of radio, and what sion techniques. However, this is a Direct Hit!
comes to your mind are strict no-no for a media station. Applies to: Everyone
huge transmission towers, They need to have the highest possi-
radio receiver sets and people talk- ble quality,while the size of the file is USP: Runs through the technology
needed to run an FM station
ing or singing into the microphones. immaterial.This means you need to
Well, a modern radio station, espe- have huge storage capacities in the servers and the desktops—Server
cially an FM station, is run almost range of gigabytes or even terabytes. 2003 and XP Professional respec-
completely by computers. In fact, a The radio station we visited had tively.
single person can quite easily run an two dual-processor servers with a The RCS software is rather lar-
entire FM station.PCQuest got an in- shared NAS box.The two servers had gish and runs on atleast two systems
sight into the functioning of one of been arranged as fail-over 'cluster' —one is an administrative console
India's popular FM stations and for each other. Some stations have a and the other is accessible and oper-
here's what we found. different number of these servers able from the RJ booth.The station's
and storage equipment—All India Programs Director generally ad-
The hardware Radio for instance, uses six servers ministers the RCS programming.
There is some hardware that you in a cluster. In the radio station we The RJs then use the features of the
just cannot avoid having around, visited,the NAS box had five 100 GB system from their broadcast center
these include traditional power,am- hard disks in a RAID-5 configura- (the RJ booth) to manage various
plification and transmission equip- tion, giving 400 GB of usable capac- events, such as gather further infor-
ment. In addition, our modern day ity.The external storage box enables mation on what's being played, look
radio station is operationally run out the storage to be completely inde- at and respond to messages from lis-
of a mini data center. For reasons of pendent of the rest of the server sys- teners and callers, and so on. This
quality and sheer speed required, tem.That is,if the server crashes you software is clearly meant for the
these mini data centers are located can always use the NAS box contents non-techies with an intuitive inter-
on the campus, in a room very close from another server. Typically, this face which is easy to learn to operate,
to the RJ-booth (what that is, we'll configuration allows the storage of if you've been around even a graph-
come to know in just a moment).In- around 6,000 hours of high quality ical media player program.
side this data center, we have rack- music.
mounted servers that aren't too The RJ booth
different from the ones running a The software This is a completely sound-proof
corporate network or Web,and other You can choose any OS to run studio, which neither lets sound
servers on the Web. your servers,but just ensure that the from the inside go out nor external
Servers purchased for radio (or OS must be compatible with the sound to seep in. Acoustic padding
even some forms of video) broad- software used in the radio station. and sound-proof glass are used in
casting must have two things in The radio station we visited uses the its construction.Then the booth has
plenty—storage capacity and I/O popular RCS (Radio Computing Ser- the radio mixer controls—a large
speed. When we store music on our vice) software, which is a Windows- electronic pad with sliders, knobs
PCs,we can afford to use VBR or CBR based system. Accordingly, and switches to mix various chan-
encoding, even with lossy compres- Windows is deployed on both the nels,fine-tune the frequencies being
technology.qxd 4/2/2005 12:01 PM Page 25
broadcast and buttons to turn the than play these emergency pro-
transmission ON or OFF.The RJ has gramming. You will be amazed to
atleast three PCs around him. One know that most private radio sta-
screen gives him access to the RCS tions are actually empty of its em-
interface to see and control what’s ployees by 5 pm and everything you
on air.The second monitor displays hear after that till 9 am the next day,
incoming calls and messages from is handled completely by the com-
listeners. All the SMSs and e-mail puter systems in place—now,that's
we send them as feedback appear what we call IT.
here. The third monitor is provided What they do is create these CDs
for convenience for the RJ to look up with emergency programming —
information on the Web or search song bits, jingles and so on—and
other archived material. For exam- this can be inserted into a special
ple, to check for historical informa- slot if something goes wrong.
tion on a particular music and use
that in his talk. Perks
Live transmission is piped
Other systems through the entire station, enabling
A radio station’s systems are not the employees to both enjoy and
just concerned with transmission of monitor what's going over the air.
music.Since it is also a form of busi- Heads of both the programming
ness, the sales teams must keep and sales are required to keep track
track of what people liked, what the of what's being aired and if it's ac-
advertising was and how much they cording to preset scheduling.For the
earned. For all this, traditional ac- purpose of monitoring, they use
counting and spreadsheet software FM-enabled cellular phones (the
are used, although specialist soft- Nokia 6610 seems to be a preferred
ware can be deployed.The RCS itself choice).
has a module (RCSLinker) to sched-
ule and broadcast advertising and You can run one too
interstitials. It's not that you need to employ
a lot of capital to run an FM station.
Failsafe Interesting projects such as the
In case of a failure the RCS auto- 'community radio' exist where
matically play fillers till regular pro- communities of people can use low
gramming can go back live. Most of power transmitters to reach out
the time even a regular listener and communicate with each other.
wouldn't be able to make out the dif- Also it is very cheap to run an In-
ference.This is all pre-programmed ternet radio, using free software
into the system and sometimes even available (check out GNU Radio
sponsored! from http://www.gnu.org/soft-
Backups can exist for power (in ware/gnuradio/). In fact, you have
the form of a UPS or a generator sys- a plethora of software available
tem), and redundant servers for now—Real Media Server, Shout
server hardware. However, if a file Cast, Windows Media Server to
gets corrupted or something in the name a few—some free and some
network backbone breaks down, or costing money. The only limitation
there is a temporary software error, is bandwidth.
little can be done to offset downtime Sujay V Sarma
enterprise.qxd 4/2/2005 12:06 PM Page 28
ENTERPRISE
I M P L E M E N T A T I O N O F S O L U T I O N S
VPN on SUSE Linux

SUSE makes it easy to configure an IPSec VPN server, though the Windows client con-
figuration gets a bit trickier
I
n December 2004 (VPN for work. SUSE Linux uses the open
Direct Hit!
Roaming Clients, page 46), we source FreeS/WAN software for the
looked at configuring a VPN VPN server, which uses the IPSec Applies to: Enterprises
server for roaming clients,using ISA protocol for building secure tunnels USP: Set up a VPN server on Linux
Server 2004. This time we will see through un-trusted networks, such with ease
how to configure a VPN server on as the Internet. However, SUSE pro- Links: http://vpn.ebootis.de,
SUSE Linux Enterprise Server 9. A vides a user-friendly GUI for config- www.freeswan.org
VPN server lets remote users con- uring the VPN server, unlike other On PCQEssential CD: systems\
nect to the company's local network, Linux distributions, which make labs\ipsec
securely, over the insecure Internet. you work with a command line in-
The setup consists of a SUSE Linux terface.So,let's see how to configure tificate, which should be the do-
machine sitting between the Inter- the VPN server. main name of the VPN server, and
net and the company's local net- click on Next. On the next screen
work. The VPN server running on Create a certificate give a password for the certificate
the SUSE machine will accept Open the YaST Control Center, go to and click on Next.And finally click
clients' VPN connection requests Security and Users on the left pane on Create.After the certificate is
and after authentication, will grant and open the CA Management created it will be shown in the Cer-
them secure access to the local net- module. In the CA Management tificates window. Select the certifi-
module, create a cate, click on the Export button and
new CA (Certifica- select Export to File. In the Export
tion Authority) or Format select the last option, give
enter an existing the certificate password, give a file
CA. Now click on name, with a P12 extension, and fi-
the Certificates nally click on OK to create the cer-
button, which will tificate.
take you to the Cer-
tificates window. Import the Server Certifi-
Click on the Add cate to the VPN server
button and select Open the YaST Control Center,go
'Add Server Cer- to Security and Users and open the
tificate'.A new VPN module. Here, enable VPN and
Give the IP address of the interface that will listen window opens; click on Certificates. On the next
for VPN connections and the subnet of the local give a Common window, click on the Import button
network, that will be made available to VPN clients Name for the cer- and select the certificate that you

ENTERPRISE I M P L E M E N T A T I O N
had exported earlier.Give the certifi- Copy this file to your Windows client tificate file and click on Next. Give
cate password and it will be im- machines that have to create the the password for the certificate file,
ported. Click on Next. VPN connection to the server. and click on Next.On the 'Certificate
Store' page,select the Automatic op-
Set up the VPN server con- Create a client certificate tion and click on Next.Then click on
nection for VPN users Finish. This will add the certificate
Click on Connections in the VPN Procedure for this is similar to on the client machine.
module and then on Add. On the that of creating server certificates,as
Connection Type, select 'Server for described above.Copy the client cer- Install IPSec utilities
Road Warriors' and click on Next. tificate file to the Windows client To connect to an IPSec VPN
Then enter the external IP address of machines. server, you need the ipseccmd.exe
the server in the Local IP address and ipsecpol.exe programs on Win
text box. Check the 'Act as Gateway' Import the certificate to XP and 2000, respectively. To install
option, give the network address Windows client machines them,install the support tools,found
which has to be made available to the Open the MMC on the Windows in the support\tools directory of
VPN clients and click on Next. The client machine. Then click on File, your Windows installation CD.Once
network can be specified as, say, Add/Remove Snap-in. A dialog box this is done, the required programs
192.168.3.0/24. On the next screen, opens up, click on Add. On the next will be installed on your system but
accept the default settings and click dialog box select Certificates and these are command line-based tools
on OK. This will set up the VPN click on Add. This will open a con- and not easy to configure. So, you
server to start accepting VPN configuration wizard, select 'Computer will need a more program called
nection requests from the clients. Account' and click on Next. Now se- ipsec.exe, (on this month's PC-
lect 'Local Computer' and click on QEssential CD or can be down-
Export the VPN client con- Add.Next click on Close and then on loaded from http://vpn.ebootis.de
figuration file OK. The certificate snap-in will be /package.zip). Uncompress the file
On the VPN Connection window, added to the MMC.Open the Certifi- into a folder and copy the VPN client
select the VPN connection that we cates directory, right click on Per- configuration file to this folder.Make
just created and click on Expert and sonal and select 'All Tasks' and select sure to rename the file to ipsec.conf.
select Export.Select Windows in the Import.The Certificate Import Wiz- If a file with the same name exists in
dialogo box and give the file name ard opens up; click on Next. On the the folder, delete the existing file.
and path for the configuration file. next page, browse to the client cer-
Establishing the connec-
tion and testing it
Now execute the ipsec.exe file. It
will give you some details about the
VPN connection and the connection
will get established. To check the
connection, ping any machine,
which is on the company's local net-
work. The message, ‘Negotiating IP
Security’, appears once or twice af-
ter which the normal ping response
starts coming. Now you can access
the servers, which are residing in
The ipsec.exe program, after execution, gives the details about the VPN your local network.
connection Anoop Mangla
E-learning with Moodle

Create, configure and maintain your e-learning site with ease using this free e-Learn-
ing software
Moodle is an e- a Win XP as well as Win 2K3 Server
SERIES learning system machines.
Direct Hit!
Moodle Applies to: Educational institutions
and is also re- As far as Moodle's data storage
PART I
ferred to as CMS requirement is concerned, it re- USP: Set up an e-learning site on a
Windows machine using Moodle
(Course Management System).This quires only a single database to
software package is designed to store its data.You can use MySQL or Links: www.moodle.org
help educators create online PostgreSQL since they are easier to
courses. Such e-learning systems use, but there are other databases php_gd2 extension to be enabled in
are sometimes also called LMS too that can be used,such as Oracle, PHP, else it will give an error. To en-
(Learning Management Systems) Access, Interbase and ODBC. Moo- able php_gd2, right click on
or VLE (Virtual Learning Environ- dle supports 50 language packs in- EasyPHP from your system tray
ments). cluding Thai, Turkish and German, and select configuration>Exten-
Moodle is an open-source soft- Arabic. sions PHP. This will show you the
ware, available free for download at Moodle requires PHP and list of extensions available on PHP.
www.moodle.org. Since it’s an MySQL to be installed on your sys- Here, tick the php_gd2 checkbox
open-source project, you can mod- tem. Incase you do not have these and click on OK.
ify and distribute it (under the installed, the easier option is to go You need to increase the mem-
terms of the GNU General Public in for EasyPHP.This all-in-one soft- ory limit of PHP so that Moodle can
License).Moodle can be run on var- ware includes PHP, Apache and be run. To do this, right click on
ious OSs, which include UNIX, MySQL.After installing it you need EasyPHP icon in the system tray
Linux, Windows, Mac OS X, Net- to configure it. (You can download and select PHP.ini. This will show
Ware and any other system that EasyPHP from the link: http://www up a text file depicting the configu-
supports PHP. We tried this out on .easyphp.org/) Moodle requires ration of PHP. Here, search the
Moodle installion happens through a Web browser, and Moodle requires PHP and MySQL to function. In
is wizard driven. Usually the default settings work fine PHP, you have to enable the php_gd2 extension
Installing
Moodle
Installing Mo- odle
isn't very difficult. In
fact not only installing,
but making and main-
taining your e-learn-
ing site also becomes
very easy with Moodle.
Its user-friendly inter-
face makes adding a
forum, changing lan-
moodle’s admin interface is quite user friendly guages, adding topics
and makes it very convenient to add news, and writing news very
menus, courses and change languages convenient. Let’s now
set up Moodle.
memory limit and set it to 16 MB. Once you have downloaded and
Save the file and restart EasyPHP extracted the Moodle folder, then
from the system tray. copy the entire folder to your
apache’s ‘www’ folder. Now you just
Creating Moodle database need to open a Web browser and
Once you have saved this then type-in http://127.0.0.1/moodle
you have to create a database in (127.0.0.1 will be replaced by the IP
MySQL so that Moodle can store the address of your machine).
data in it. For this right click on It will open a configuration in-
EasyPHP icon from the system tray terface. Moodle automatically de-
and select configuration>Php- tects the configura tion, which is
MyAdmin. This will open a Web necessary and will lead you through
browser showing the page for some screens to help you create a
MySQL administration. Here, in the new configuration file called con-
‘create database’text box type-in the fig.php. You don’t have to worry
new database name, 'moodle' and much about the configuration as the
click on Create. Once you have cre- defaults generally work fine and as
ated the database then you have to it is you can come back to the con-
create user for the MySQL database, figuration page later. At the end of
so that Moodle can access the data- the process Moodle will write the
base. file into the right location.
For this,select database 'moodle' Once the basic config.php has
from the database list and click on been correctly created and stored,
'SQL' link from this page.You will see Moodle will take you to the admin-
a text box to write SQL statements. istration page where you can take
Here give the SQL statement as given care of the rest of the configuration
below and click on the Go button. and add the links, pictures, news
and other details. We'll talk about
GRANT how to create an e-learning system
SELECT,INSERT,UPDATE,DELETE,CRE- using Moodle in the next part of this
ATE,DROP,INDEX,ALTER ON moodle.* series.
TO moodleuser@localhost IDENTIFIED Ankit Kawatra and Sanjay
BY 'password'; Majumder
Create datatypes for SQL Server

Integrate the .NET functionality within SQL Server to create custom datatypes
We've been explor- database has no datatype object
SERIES Direct Hit!
ing the usefulness that can store all these fields to-
SQL Server 2005 Applies to: Developers, DBAs
of one of the best gether logically, since the datatypes
PART IV
features of the up-in databases are always primitive USP: Create complex datatypes to
store multiple fields logically
coming version of SQL Server 2005 types like numbers, dates and
codenamed 'Yukon'.We've seen how strings. Links: http://msdn.microsoft.com
you can create UDIs (User Defined To get around this limitation you
Functions), Stored Procedures and can create UDTs (User Defined can even add methods into the class
Aggregates, using your favorite Types). This has always been possi- if you wish.
.NET language within the SQL ble, though, difficult to perform in
Server database engine itself. This SQL Server.With .NET 2.0 now built Imports System
month we conclude this mini-series into the engine, this has now be- Imports System.Data.Sql
with a look at creating and using come almost trivial. Let's see what Imports System.Data.SqlTypes
your own custom data types for SQL you need to do to get this working.
Server 2005 using .NET. Open up VS.NET 2005 and cre- <Serializable()> _
Custom datatypes are useful ate a new SQL Server Project. Now <SqlUserDefinedType(Format.Serial-
when you want to store certain in- right click on the project and select izedDataWithMetadata, MaxByte-
formation as atomic objects instead Add>User-Defined Type. Give the Size:=512)> _
new name as ContactInfo and press
of as individual fields. For instance, Public Class ContactInfo
in an Employee database, the Ad- OK when prompted. VS creates a Implements INullable
new template UDT with the given
dress fields are usually stored as Ad-
dress 1, Address 2, City, State, PIN name and some properties already Private m_isNull As Boolean
and Country. This is because the created for you. However, we will Private m_Address1 As String
add a set of new Private m_Address2 As String
properties to Private m_City As String
store certain Private m_Mobile As String
contact infor- Private m_Email As String
mation such as
Address, City, … [Template Properties and Methods]
Mobile and E- …
mail in it. The
code below Public Property Address1() As
shows the com- String
plete set. This Get
defines a new Return m_Address1
.NET class with End Get
the properties Set(ByVal value As String)
that we want in m_Address1 = value
The new type appears in the Data Type dropdown our datatype. End Set
when adding a new field Remember you End Property

Public Property Address2() As String End Get ID INT NOT NULL,

Get Set(ByVal value As String) sName VARCHAR(75) NOT
Return m_Address2 m_Email = value NULL,
End Get End Set ciContact ContactInfo,
Set(ByVal value As String) End Property sCompany VARCHAR(50)
m_Address2 = value NOT NULL
End Set End Class )
End Property
Now compile the project to get Now insert some values into the
Public Property City() As String the binary .NET DLL. Open up the new table (and especially the field
Get SQL Server 2005 Management Stu- using the new datatype) like this.
Return m_City dio, connect to the server you want
End Get and then open the database into DECLARE @ci ContactInfo
Set(ByVal value As String) which you wish to add the new SET @ci.Address1 = 'MyAddr1'
m_City = value datatype.Open a query window and SET @ci.Address2 = 'MyAddr2'
End Set enter the following. SET @ci.City = 'Gurgaon'
End Property SET @ci.Mobile = '9810098100'
CREATE TYPE ContactInfo EXTERNAL SET @ci.Email = 'vinod@enterprisein-
Public Property Mobile() As String NAME SQLCLR.[SQLCLR.ContactInfo] fotech.com'
Get
Return m_Mobile When you execute the state- You can also query from the
End Get ment, the new datatype gets regis- table and the field like this.
Set(ByVal value As String) tered into the SQL Server database
m_Mobile = value engine.You can now use this type as SELECT
End Set you would any other type. sName,
End Property For instance, let's create a new ciContact.Address1,
table in both graphical and script ciContact.Address2,
Public Property Email() As String mode.In the database you added the ciContact.City,
Get type, open the Tables folder and ciContact.Mobile,
Return m_Email right click to select New Table. In ciContact.Email
this add a new col- FROM
umn and click on Contacts
the Data Type
dropdown. At the As you can see, adding a new
end of the list you datatype that logically groups infor-
will see the mation is quite easy using .NET.
datatype you just Since the type now works within the
added. To add it SQL Server itself, it acts like any or-
using SQL state- dinary type and you can continue to
ments, create a use all the SQL functionality you are
table using the fol- familiar with on this type as well.
lowing. We will cover some new features
and XML integration in SQL Server
CREATE TABLE Con- 2005 in the coming issues.
You can query on the individual properties of the tacts Vinod Unny
type you created in SQL easily ( Enterprise InfoTech
Personal Hands april 04.qxd 4/6/2005 10:58 AM Page 40
PERSONALH A N D S O N P R O D U C T I V I T Y
Demystifying Win XP Errors

Some common problems you face, with their causes and solutions
Y
ou must have come across Corrupted or missing \Win-
many errors/problems 2 dows\System32\config
Direct Hit!
while working in Win XP. Cause: You face this problem Applies to: Windows XP users
While these errors look very critical, when any device driver or a software USP: Troubleshooting common
they are actually not. Let’s see some component gets corrupted. Windows XP problems
of these problems and how you can Solution: Boot the system with Links: http://support.microsoft.com/,
resolve them. the Win XP CD.The XP installer will http://windowsxp.mvps.org/Tips_Page.htm
prompt to repair the OS. Press R for

Missing NTLDR or NTDE- it, and then select Correct Windows mand prompt. Here, issue:
1 TECT.COM not found Installed path. Then, give the ad-
Cause: Occurs if you haven’t ministrator username and pass- C:\> del c:\windows\system32\con-
shutdown the OS properly, and for word as asked. At the command fig\sam
some reason the NTLDR and NTDE- prompt, issue the following: C:\> del c:\windows\system32\con-
TECT files get corrupted. fig\securirty
Solution: If you have a FAT par- C:\> cd \windows\system32\config C:\> del c:\windows\system32\con-
titioned C drive, boot your system C:\> ren software software.bad fig\default
with a Win 98 bootable floppy.Using C:\> copy \windows\repair\software C:\> del c:\windows\system32\con-
a Win XP CD to copy the files, C:\> ren system system.bad fig\software
NTLDR and NTDETECT.COM from C:\> copy \windows\repair\system C:\> del c:\windows\system32\con-
the i386 folder to C:\. If you have an fig\system
NTFS partition on C drive, boot the You get the blue crash screen C:\> copy c:\windows\repair\sam
system with the Win XP CD. From
3 and your system gets re- c:\windows\system32\config
the installer press R to repair,the in- booted. You want to restore the C:\> copy c:\windows\repair\securirty
staller will give a list of all detected machine to the last working state c:\windows\system32\config
Windows on your system. Press the Cause: Happens when Win XP C:\> copy c:\windows\repair\default
number shown in the list correspon- system files gets corrupted due to c:\windows\system32\config
ding to correct installed path. Enter reasons such as corrupted system C:\> copy c:\windows\repair\software
the administrator password when files, virus attack and mis-configu- c:\windows\system32\config
asked. You will get a command ration of device drives. C:\> copy c:\windows\repair\system
prompt and issue: Solution: Boot using the Win XP c:\windows\system32\config
Installation CD and select the option C:\> md tmp
C:\> copy d:\i386\NTLDR c:\ to repair (press R).You will be asked C:\> exit
C:\> copy d:\i386\NTDETECT.COM c:\ to enter the administrative password
(d: will be replaced by the actual CD for the selected Win version.Give the The 'exit' command in the end
drive letter) password and you will get a com- will reboot your machine. This time

PERSONAL H A N D S O N
Win XP should boot properly with dows\system32\ config click on OK.Reboot the machine and
the default settings. Now open ex- you will never receive RPC error
plorer window and from its file Now, boot your machine from again.
menu, select Tools>Folder. It will the hard drive, you will receive all
open a 'Folder option' window.Here, your existing Windows settings. 'C:\WINDOWS\SYSTEM32\
select the View tab and change a few Then from the 5 AUTOEXEC.NT". The sys-
'Advanced Settings'. Under 'Hidden Start>Programs>Accessories>Sys- tem file is not suitable for running
File and Folder' set 'Show hidden tem Tools click on ‘SystemRestote’. MS-DOS and Microsoft Windows
files and folders', then uncheck the This will open a wizard. Click on applications.Choose‘Close’to ter-
'Hidden protected operating system Next and you will get a Calendar minate the application.'
files (Recommended)' check box showing all the restore point dates. Cause:You may get such an error
and click on the OK button. Select the data before your system message when you run any 16-bit
Then open 'Local Drive C:' and had crashed and click on Next and Windows or MS-DOS program.This
you will find a hidden folder called then on Finish. is due to the corruption of 'AU-
'Systems Volume Information'.Right TOEXEC.NT and CONFIG.NT' file.
click on it and select Properties from 'This system is going to shut These files generally get tampered
the context menu. Here select Secu- 4 down, save all information. by trojan infection.
rity tab and then add the 'adminis- This shutdown was initiated by Solution: Run an anti virus on
trator' user. Now from the Windows NT AUTHORITY\SYSTEM ...must your machine and remove all tro-
explorer, open the path 'C:\Sys- restart because the remote proce- jans. Then issue the following com-
temVolumeInformation\_restore dure call (RPC)service termi- mands.
{55706CDF-B36E-40D0BEEC-BE01 nated unexpectedly.'
ED443C11}\RP1\snapshot'(the '_ Cause: This happens due to a C:\> copy c:\windows\repair\au-
restore…' string within the braces virus attack such as blaster or if the toexec.nt c:\windows\system32
might be slightly different for you). RPC service gets terminated due to C:\> copy c:\windows\repair\config.nt
From here,copy the following files to certain reasons. c:\windows\system32
'C:\windows\ temp'. Solution: Run anti-virus soft-
ware on your machine and check for HAL.DLL missing/corrupt
_REGISTRY_MACHINE_SAM any blaster worm. If found, run a 6 Cause: It occurs due to cor-
_REGISTRY_MACHINE_SE- blaster patch, which basically turns ruption of the BOOT.INI file.
CURITY on the Windows firewall. Still if you Solution: Boot your machine
_REGISTRY_MACHINE_SYS- face the same problem,then it might with the Win XP installer.During the
TEM be due to some other programs that set up you will be asked to repair the
_REGISTRY_USER_.DEFAULT are terminating the RPC service. existing Windows installation.Press
_REGISTRY_MACHINE_ You can solve this by setting a R and you will get a list of the in-
SOFTWARE parameter in the RPC service. Go to stalled versions of Windows. Select
the Control Panel>Administrative one that you want to repair. Then is-
Rename these files to Sam,Secu- Tools and click on Services. Now, sue the following commands.
rity,System,default and software re- from the list of services find RPC
spectively. After this, reboot your (Remote Procedure Call). Double C:\> bootcfg /list
machine from the CD and get in to click on this service and you will get C:\> bootcfg /rebuild
the 'Recovery Console' as before. RPC properties sheet. C:\> exit
Then issue the command that fol- In the RPC properties sheet click
lows. on the Recovery tab and set the first, Now, reboot your machine and
second and subsequent failure pa- find your system up and running.
C:\> copy c:\winows\ temp\* c:\win- rameters to 'restart the Service' and Sanjay Majumder
42 PCQUEST A P R I L 2 0 0 5 A
Publication
Manage Meetings Online

With SharePoint and Outlook 2003, you can not only schedule meetings, but also share
meeting documents and other related information online
O
rganizing a meeting over Portal Server and SharePoint Ser-
the phone can be quite vices, where latter is a part of Win-
Direct Hit!
cumbersome. Person not dows Server 2003 and can be Applies to: Workgroups and teams
on the seat,not free on the day of the downloaded from Microsoft's web- USP: Send meeting requests via
Outlook 2003 and share meeting agen-
meeting, or not agreeing with the site.It’s also available with some ver- da, objectives, critical decisions and
agenda are just a few problems you sions of MS Office 2003. We've attendees list on a SharePoint server
may face.Here's a quick way of man- covered the installation procedure Links: http://office.microsoft.com/en-
aging your meetings by using a for SharePoint in our December us/FX011204871033.aspx
SharePoint server and Outlook 2003 2003 (Basic Groupware, page 33) is-
e-mail client for users. SharePoint is sue. Alternately, you can check topstories/smes/103120216.asp.
available in two versions,SharePoint http://www.pcquest.com/content/ Here we explain how to use them.
Open Outlook 2003 calendar and go to the On the new meeting window, select people you
1 date on which you plan to fix a meeting. Right 2 want to invite. Give the subject, location and
click and select 'New Meeting Request' time for the meeting and click on 'Meeting Workspace'
A 'Meeting Workspace' side bar opens up. Select 'Other…' and give the server name or IP
3 Click on the Create button here 4 of the SharePoint server and click on OK
Publication
An authentication dialog box will open up. Give After successful authentication, you will get an
5 your username and password for the Share- 6 option 'Create a New Workspace'. Click on OK
Point server and click on OK to create it. This will take some time
After the creation of workspace the sidebar will The users will get a meeting invitation in their
7 show 'Meeting is linked to workspace' and you’ll 8 inbox, which they can accept, decline, tenta-
get a link to the workspace in the text box. Click on tively agree or propose a new time, using the tool-
the Send button to send meeting invitation to users bar buttons in Outlook 2003
Once you have sent the invitation and the invi- All information regarding the meeting gets au-
9tees have replied back, the invitees' responses 10 tomatically updated on the SharePoint site.
to your meeting invitation come in your inbox as an There you can add more information such as the
e-mail message Objectives, Agenda, and Decisions
Anoop Mangla
Send SMS from Outlook 2003

Managing your SMSs is no more limited to cellphones. Now Outlook can also be
configured to do so
I
t's not only cellphones that reign cellphone to the PC using any of the Direct Hit!
the SMS world. You can now do connectivity options such as in-
Applies to: Outlook 2003 users
so using MS Outlook.You will frared,Bluetooth or a cable.We used
need MS Office 2003 SP1 and MOSA infrared. After the phone has been USP: Use Outlook to send and receive
SMS messages
(MS Outlook SMS Add-in).We have connected,it is required that you in-
given them on this month's CD and stall, on the PC, the modem drivers Links: office.microsoft.com
you can even download them from of your phone. If your phone shows
http://office.microsoft.com. After up under modems, with no yellow drivers are installed properly. Now
that you will need to connect your mark in the device manager,then the install the Office SP1 and MOSA.
Go to MS Outlook SMS Add-in toolbar, click on Open Outlook Contacts and add the mobile
1Options and select your mobile telephone, to be 2 phone numbers of your contacts in their contact
used for sending SMSs information
To send an SMS, click on ‘New SMS Message’ Sent SMSs are saved in a ‘Sent Items>SMS’
3from step 2, and either enter numbers directly or 4 folder. This will help you keep track of all your
from Outlook Contacts and click on OK SMSs
Anoop Mangla
Take your File Server Online

Use Beeweeb to access your file server over the Internet
H
ere is a step-by-step guide client.You can easily install and con-
Direct Hit!
to set up the Beeweeb figure the server component on any
Applies to: System administrators
server on a machine that Window platform (2000/XP). All
you want to share over the Internet. you need is an Internet connection USP: Access your computer over the
An alternative to the traditional (DSL or dial-up). First install Bee- Internet from anywhere
VPN,it consists of two components, Weeb on the file server, and then on Links: http://beeweeb.com
a file server for a workgroup and all clients that will need to access it.
After installing Beeweeb server, start it from Here, tick the two check boxes for enabling change of
1 Start>Program Files >Beeweeb Server>Man-
2 owner and guest passwords.Click OK to save
agement Console. Here click on the Server Proper- the settings and click ‘Configure System Users
ties link and go to the General Tab Options’ on the Management Console
Set 'Existing Local Group' as 'Administrators' Click ‘Add virtual user' from first step to run a
3and 'Existing local users' as any local account 4 wizard, give the username you configured in
on the server. Also set the local user password the previous step and configure shares
Click 'Configure Virtual Users’ from first screen. Choose ‘Configure Default Logging Option’
5Select Existing Local Group and Existing Local 6 from first step and choose the server events
User in that group you want to give access to you want Beeweeb to log for analyzing later
(1)
Now, its time to Configure client on the remote On the Beeweeb client window you will see
7machine, which will map a drive against the 8 an extender button (1). This basically ex-
shares created on Beeweeb server. Install Beeweeb tends the window and shows the properties of the
mapper on the client's machine and run it connected client
Go to Actions>Settings. In the Settings window, Finally, you are ready to access the Beeweeb
9 select the Drives tab and set 'Beeweeb Drive' to 10 server from your remote machine over the In-
the drive letter you want to assign and click OK. This ternet. Fill the username with the IP Address as
will be used to access the share over Beeweeb shown and click on Go
Sanjay Majumder
Recover Lost Mail

Accidentally deleted a mail or lost it to corruption? MailNavigator recovers all for you
Y
ou might have faced it time. What's important when you Direct Hit!
many times that the mail are stuck in such a situation is to be
Applies to: Outlook Express users
you wanted the most got able to retrieve your messages
USP: Recover deleted or corrupt mail
deleted or you accidentally deleted somehow. in Outlook Express mailboxes
a mail folder. Maybe some virus or Here we explain how to recover Links: www.mailnavigator.com
worm corrupted your mailbox! your Outlook Express mail using a
On PCQEssential CD: system\
This can happen to anyone, any- program called MailNavigator. cdrom\enterprise
Even if you’ve deleted any mail or mailbox in Copy deleted mailbox(s) from the Store Folder
1
OE, you’ll find it in the Store Folder so long as 2 to another place. Install MailNavigator and
you don’t reboot. Access it from Tools>Options load the deleted mailbox(s) from the File Menu
Select the mail you want to recover or do a ‘Se- Save it as a Eudora Mailbox and note its loca-
3 lect All’ to recover everything, followed by'Save 4 tion. Run OE and import this Eudora mailbox
As' from the Message Menu as shown there from File>Import>Messages
Anil Chopra
Increase Life of your CDs/DVDs

Create ISO images of the frequently accessed media and use SoftDisk to access them
F
requent access of data on shareware. Once you have installed Direct Hit!
DVDs/CDs reduces their Softdisk,you will need an ISO image
Applies to: Frequently accessed
life.You can increase their life of your DVD. CDs/DVDs
by using available soft-drives that For this you will need a CD/DVD USP: Using virtual CD/DVD drive in
take an ISO image of a CD/DVD and burning software like Nero to create place of physical CD/DVD drive
emulate it as a virtual drive. Here, ISO images of all CDs/DVDs you ac- Links: http://tucows.alaska.net/files3/
we'll do this by using Softdisk 2.5, a cess frequently. scd2_en.exe
After installation, you'll get soft-disk icon in your From the File menu, select Option>Configura-
1 task panel. On double clicking the icon, you'll get
2 tion.You'll get a Config window. Here, in 'Num-
the interface shown in the screen shot ber of Device' select '1 drive' and click on OK
Once, you've configured the virtual drive, you'll Right click on the virtual device and from the
3 see it with a mapped drive letter in the virtual 4 context menu, select 'Mount image file' add
drive window. Activate this virtual CD/DVD drive by give path to your ISO image files
mounting an ISO image
Sanjay Majumder
Publication
Create your Own DVD Menus

Use Ulead Video Workshop to add dynamic DVD menus to your video
M
any DVD authoring load. We chose Ulead DVD Work-
Direct Hit!
tools are available in the shop 2.0 for creating DVD menus.
market. For example, This tool can be used to add dy- Applies to: DVD authors, multimedia
developers
Adobe has its Adobe Encore DVD, namic DVD motion menus to still/
Ulead has Ulead DVD Workshop. moving images.It can also be used to USP: Create menus for your favorite
compilations using an easy GUI tool
Good free DVD authoring tools are capture and encode any video to
hard to find. Trial versions of com- MPEG,create playlists and add mul- Links: www.ulead.com/dws/
mercial tools are available for down- tiple subtitle and audio tracks.
In case you are not capturing a video, then go to Choose either a single clip, which can be
1 Edit tab and click on the add clip button at the
2 then divided into multiple chapters or pick
bottom to choose the video clips whose menus you multiple clips, which can be displayed in the DVD
want to create menu
Now divide the clip into multiple chapters (not if Select the clip for which you have to make the
3 you already have multiple clips). Play the clip, 4 menus and then click on the Menus tab on the
pause it where you want next chapter to start from. top of the interface. The chapters will also appear
Now click on the 'Insert current frame as chapter' under the Menu tab
Now click on the select menu button at the bot-

5
tom of the screen. A number of options to
choose the style of the menu will pop-up in a new
window
Select the kind of menu, type in the text and link

6the chapter or a video with the menu text by
dragging and dropping the chapter from the right col-
umn to the text
Once through with creating menus and linking

7 them, click on the Finish tab on the top and you
will be able to view the final result. Check it and then
click on the Burn DVD button
Ankit Kawatra
Internet on SmartPhone
O2 XPhone II is a professional business phone that runs Windows.You can even con-
nect to the Internet from your notebook with it
Although there are are all built in.The box comes with a
SERIES tons of phones in hands-free cum headphones set, a
Direct Hit!
Smartphone Applies to: Mobile users
the market—most charging cable, a USB-miniUSB ca-
PART I
are too jazzy for ble and software. Once you install USP: Connect the O2 to your note-
professional use and features are al- Microsoft ActiveSync and connect book through Bluetooth and access the
Internet using GPRS
most randomly chosen. The O2 the phone using the supplied USB
XPhone II device runs WM2003SE cable,it syncs with your Outlook and Links: www.myxda.com
(Windows Mobile 2003 Second Edi- gets the contacts and appointments
tion) and has all the features that one automatically into the phone. The look can check your mail over GPRS
needs in a truly professional phone. cable also performs a 'trickle' charge and supports POP3 and IMAP4.
At Rs 23,000, it's a steal ! The that charges up your phone's battery. Pocket IE and Windows Media
XPhone II comes in a small candy The phone already has Pocket Player work very well and even sites
bar form factor reminiscent of Sony Outlook, Pocket Internet Explorer, not built for mobile are rendered
Erricson T610. The screen size is Photo Contacts,J2ME support,Win- nicely on the browser.The player has
large and gives you 65536 colors at a dows Media Player,MSN Messenger MP3, WAV, WMA, WMV, MPG, AVI
176X220 resolution. The phone is and some games built in to the 64 and the supplied headphones give
very light and weighs only a little MB FlashROM of the phone. In case you a nice stereo sound.You can even
more than a 100 gm. you want more space, you can easily add you own music as ringtones.
The usual connectivity op- install a Mini-SD card that goes all Since the phone runs Windows,
tions—BlueTooth, GPRS, Infrared- the way up to 512 MB. Pocket Out- there are tons of software available
Check mail status, mesages, Web browsing on the O2 Check your e-mail on the
1 appointments at one glance 2 XPhone II 3 move
for it—from games to office suites, GPRS connection you just created is But before you can start using it,
to professional tools etc.This version selected in the Internet Connection you must first establish a pairing be-
of Windows also contains the .NET option.To test whether your GPRS is tween the two devices.Select the ap-
Compact Framework and you can working, open up Pocket IE and ei- propriate menu item from the list
easily write programs for it too. ther select one of the Favorite links and enter a new passkey that the de-
Let's see how you can quickly or enter a new URL.If the GPRS set- vice should respond to.In a moment,
connect to the Internet from your tings are correct,you will see a small the device will ask you to enter the
notebook using the XPhone II. For [G] sign near the battery bar on the same passkey. Do so to establish a
this, you must first be subscribed to top of the screen and the browsing pairing.Now you can start browsing
the GPRS service from your mobile will begin. from the phone. Open the Dial-up
provider. Once that is done, in the To connect your notebook with Networking icon for the XPhone II
phone, select Start>Settings>Data the Smartphone, turn on BlueTooth on your notebook.This will first con-
Connections> Internet Connection. in the phone by going to Start>Set- nect to the phone over Bluetooth and
Click on the Menu context key and tings>BlueTooth>BlueTooth>Dis- then display the DUN window.Enter
select Edit Connections.Here,select coverable. Turning it to 'ON' will not the username and password if re-
GPRS Connections and Menu>Add. work. It has to be in discoverable quired and the GPRS phone number
Finally select 'The Internet' in the mode. Now in your BlueTooth en- as *99#. Press Dial to connect. We’ll
'Connect to' option and fill in the de- abled notebook,open My BlueTooth look at some essential software for
tails of the GPRS connection as given Place>View Devices in Range. Windows mobile powered smart-
to you by your provider.Press 'Done' Search for a new device from the phone next month.
till you are back to the Data Connec- menu and follow the prompts to in- Vinod Unny
tions Screen. Make sure that the stall the new device. Enterprise InfoTech
Linux.qxd 4/2/2005 12:46 PM Page 72
LINUX A P P L I C A T I O N S
Turn any PC into a NAS

Use NASLite to configure a dedicated storage server in less than five minutes
A
re you looking for low cost and lightweight net-
Direct Hit!
work storage for your office? NASLite offers a
Applies to: Small office networks
solution.It lets you create a NAS box out of your
old hardware. You can even use a 486 machine, 16 MB USP: Floppy-based NAS OS, which converts a PC into a dedi-
cated network storage box
RAM,floppy drive,one to four IDE hard drives and a net-
work card for it.A floppy-based Linux OS called NASLite, Links: http://www.serverelements.com/naslite.php
can convert any PC into a dedicated file server. It’s avail- On PCQEssential CD: system\labs
able in various flavors,which let you to create a dedicated
SMB server, NFS server, HTTP server or FTP Server. Insert a floppy disk and issue the following com-
Here, we'll show how you can create a NAS with SMB mands to create the NASLite-SMB floppy.
shares.
We’ve given a zipped floppy image of NASLite v1.x # fdformat /dev/fd0u1722
on this month's PCQEssential CD. Connect all the IDE # dd if=NASLite.img of=/dev/fd0u1722
drives on the machine, which you want to transform in
to NAS box, and then connect it to your hub or switch. If you don't have Linux handy then you can use a
To create the NASLite-SMB floppy use a Linux machine simple shareware utility, WinImage, available at Win-
and open a command terminal. Copy the NASLite Image.com, to copy the image to the floppy disk. To
floppy image on to the hard disk. For this, issue the fol- configure it boot the NAS box with the floppy.At the lo-
lowing commands. gin prompt,give the username as 'admin' and password
as 'nas'. From the Options menu, select the fourth op-
# cd /media/recorder tion to configure the disks for NAS and then select the
# cp /linux/ NASLite-SMB.img.gz /root ‘Primary Master’ drive. Read the warning and press 'Y'
# cd /root to continue. Follow this process for all the connected
# gunzip NASLite-SMB.img.gz drives. Now, select the first option and give the IP ad-
dress (mentioned in the box) to the NAS box. Then se-
------------------------------------- lect the second and third options to change the name
NASLite-SMB Administration Utility
OPTION MENU
and workgroup respectively.Press '9' to save the config-
------------------------------------- uration and reboot the NASLite-SMB box.To access this
1 - Change Network Settings
(192.168.1.1-255.255.255.)
network storage, go to any Windows machine and click
2 - Change Name on Start>Run. Type in the IP address of the NASLite-
3 - Change Workgroup
4 - Configure Storage Disks
SMB file server. Windows Explorer will show you 'Net-
5 - Change Password work Storage' with pre-created network share (Disk1,
6 - Change Date and Time
7 - Reboot
Disk2, Disk3 and Disk4). On the security front—re-
8 - Shutdown member you cannot create any users or assign quotas.
9 - Save Configurations
C - Make NASLite Floppy
Anyone on the network can access this storage. It shows
E - Exit server configuration and disk utilization on a Web
-------------------------------------
SELECT >
browser when you type the IP address of the NASLite
box.So, if you want a data dumpyard on a network then
Use the options on this menu to configure the disks go for NASLite-SMB.
and the software for your NAS Sanjay Majumder
Ghost for Linux

Create a ghost image of your Linux machine locally or on FTP Server
Y
ou must have heard about Norton Ghost, which
Direct Hit!
makes a snapshot of a hard disk allowing you to
Applies to: Linux system administrators
restore your system in case of a crash. However,
Norton Ghost is a commercial tool that costs a lot of USP: Creating a ghost image of your Linux machine
money. ‘Ghost for Linux’ is a free and open source Links: http://freshmeat.net/projects/g4l/
equivalent of this tool.It allows you to create your disk
On PCQEssential CD: /linux/ghost for linux/boot.iso
image either on a different hard disk or via FTP on an-
other machine.
This is a mini-distro of Linux and its kernel in- tions on the second hard disk.Now to use this tool,just
cludes support for Parallel ATA and Serial ATA IDE boot your PC or server with the CD you created.At the
drives. In our environment, we were not able to use it login prompt, give the username as 'g4l' and execute
with SCSI drives.It comes with support for most com- the following command.
mon network cards.
# ./g4l
Usage
It runs from a bootable CD and gives you a simple This will give you a blue-colored menu system
menu-based interface to navigate. We have given an showing four options—RAW mode, File mode, Utili-
ISO image of this distro on this month's PCQEssential ties and Show Help.
CD.You may use Nero or other CD burning software to In RAW mode you can create or restore ghost im-
transfer this to a CD. ages locally or through FTP server.
Before booting with it, make sure you have a sec- The File mode lets you create or restore ghost im-
ondary hard disk installed on the machine you want ages based on the partition that you want.
to ghost, with either Windows or Linux partitions. Utilities section offers various tools such as Sys-
The tool creates an image of the active Linux parti- tem Info, HD Parm, zero-tool, dd_rescue and parted.
Here System Info gives
you information about
the connected hard disk,
HD Parm lets you set the
hard drives into 32-bit
UDMA/66, zero-tool cre-
ates free space on parti-
tions, dd_rescue makes a
clone of a damaged hard
drive to another drive,
and parted allows you to
play with your partition
table.
Now let's see how we
can create or restore im-
Here select the source hard disk that you want to make a snapshot of ages from your local hard

disk or via FTP.

A note
With a local hard disk During testing, do not use Win XP's FTP server,
To create the ghost image of a Linux machine on since it seems to have a limit on the size (only up
another drive,just select RAW Mode> Local use>Pick to 2 GB) of the created image file. You can use ei-
Device. Here you need to select the source drive or ther the ones in any of the Windows 2000 Server or
partition (hda, hda1, hda2) that you want to take a Windows Server 2003 if you want to use Windows.
snapshot of. Or use the FTP server available with Linux.
Now from the same menu, select 'File Config' and
give a name for the snapshot image file. If you have a Write, for anonymous users.
large volume of data and want to split the image into On the Linux machine, boot off the 'Ghost for
multiple image files, then select 'Toggle split' and Linux' CD and perform the steps mentioned in the Us-
choose 'splitting on'. age section. Now, select RAW Mode>Network
The RAW disk image can be huge in size, because Use>Pick Device, here choose the network card de-
it's a clone of your entire hard disk. To overcome this tected by Ghost for Linux.From the same menu,select
problem, you can compress the RAW image into gzip 'Config Device' and give a static IP to this machine ac-
or gzip2 formats.For this,select 'Toggle Compression' cording to your subnet. Now select 'Config FTP' and
and choose the compression format that you want. here give the IP address of your FTP server. Next, you
Finally, select 'Backup Drive/Partition to local need to set the image file name that will be created on
drive' and you will be prompted to select the destina- the FTP server.
tion drive that you want to use for storing the image To do so select 'Config File name'. If you want to
file on (hdb, hdb1, hdb2). After setting it up, you will compress the image file, then select 'Toggle Compres-
be shown a summary of configurations you have cho- sion' and set the compression parameter same like we
sen. Select 'Yes' to confirm the selections. Ghost for did while taking snapshot on a local disk. Finally, se-
Linux will then start the imaging process. lect 'Backup Drive/Partition to FTP server' and you
To restore the drive from the created image, just will be prompted to select the source drive that you
choose the source drive from the 'Pick Device' option, want to take a snapshot of. Now, from the list select
where you have stored the image. Set the image file hard drive or partition (hda, hda1, hda2) and it will
name that you want to restore from 'File Config' option start the imaging process.
and choose the compression selected earlier from the To restore from this FTP image, keep all the FTP
'Toggle Compression' option. Sadly, the utility has no settings as it is and select 'Restore Drive/Partition to
way of browsing to and selecting the image file. Thus, FTP server'.
you must know and provide the complete path to it You will be asked to select the drive on which you
yourself. Now select 'Restore Drive/Partition from lo- want to restore the ghost image. Select the drive or
cal Drive' and in a few minutes your drive will be re- partition (hdb, hdb1.hdb2). Now it will show you a
stored as it is. template of the configuration that you have made for
FTP restoration. Next click on OK to start the restora-
Using an FTP server tion process.
As discussed above, Ghost for Linux also allows Ghost for Linux tool would be very helpful for sys-
you to back up and restore the hard drive images on tem administrators, in situations when they have to
an FTP server. While this consumes both time and deploy base Linux server frequently. The administra-
bandwidth, the advantage is that you do not need to tors just need to create an image of a base Linux or
spend for an extra hard disk for storing images. To UNIX server and the same image will then be used to
back up your machine onto an FTP server, first con- deploy multiple Linux servers simultaneously in one
figure an FTP server and create a virtual folder named go via an FTP server.
'img'. Set its permissions on this folder for Read and Sanjay Majumder
Implementing Adamantix
An extra secure Debian-based Linux distribution for firewalls and IDSs
G
ood things never come easy and that stands
Direct Hit!
absolutely true for Adamantix Linux. A
Applies to: Linux administrators
stripped down version of Debian Woody,
specifically designed as a very secure Linux OS, but at USP: Set up this secure distribution and understand its various
components like PaX, RSBAC, Zorp and Shorewall
the same time very difficult to install. Adamantix is
largely used for firewalls and IDS systems but because Links: www.adamantix.org
of its secure nature you can even make it your file server ON PCQEssential CD: system\cdrom\adamantix
or mail proxy. The problem with this distro is its in-
staller.To install the OS,first of all you should know that For this, specify an Adamantix mirror such as
it is completely text-based and doesn't support multi 'http://www.adamantix.org/mirror' and then issue the
booting. Plus, it completely removes all data from all command like this.
your partitions.So be really cautious while installing it.
To install Adamantix you have to boot the machine #apt-get update.
with the Adamantix CD (Adamantix CD ISO is available
on this month's PCQEssential CD). The CD will boot To complete the installation, you also have to give
into a command line-based live Linux environment. the following command.
Here, type the command as follows to run the installa-
tion process. #apt-get distupgrade
# adamantix-install Please remember however,that you need to log in as

root to execute this last command. The Adamantix
This will start up the installer. But at this point, you repository includes about 1000 packages. You can get
might come across a bug that can terminate the in- this list and other details from http://www.adaman-
staller whenever you reach the Partition Manager tix.org/packages.
screen and select any Partition Manager. The tech- The distribution currently uses a modified kernel
nique, which we adapted to work around the problem, 2.4.22 from Debian, which is the normal kernel with
is very simple. We came out of the installer, ran fdisk PaX patch but without the RSBAC functionality. PaX is
and added a Linux ext3 partition. Then we ran the in- a Linux kernel enhancement, which provides protec-
staller again. But in this time we skipped the Partition tion for buffer overflow attacks, primarily the stack or
Manager screen by selecting the 'Continue' option.And heap memory overflow types. For other Linux kernels
the installation went smoothly. such as RedHat and Debian, PaX is available as a sepa-
But we managed to figure out another easy or say, rate kernel patch. However,Adamantix has it out of the
less complicated step to install Adamantix. This inbox.
volves downloading and installing Adamantix directly The RSBAC framework is based on GFAC (General-
from the Internet. For this, you'll need to do a minimal ized Framework for Access Control). All security rele-
install of any version of Debian on the system, such as vant system calls are extended by security enforcement
Sarge or Woody. If you have a copy of the Debian Sarge code. This code calls the central decision component,
distro (we gave it with our December 2004 issue), then which in turn calls all active decision modules and gen-
you can use that. Leave the online updates part of the erates a combined decision. This decision is then en-
installation,and then start the Adamantix installation. forced by the system call extensions. Decisions are
continued on page 83
gadu-gadu, etc messages can be encrypted with just a window. Now scroll to the option, which says 'Off-the-
click. As GAIM for Windows is available, you can use Record Messaging' and select the check box and close
OTR on Windows also. the window. Now whenever you open a chat window,
you will see a new button at the bottom right of the
Installation and usage window that says 'OTR: Not private'. Clicking this will
All you need for using OTR on a Linux Machine is start the OTR protocol and if the other person with
XWindow installed and running a GAIM client.GAIM whom you are chatting also has OTR installed, a new
is available with all standard Linux versions such as private session will start and the button will change to
PCQLinux, Fedora and Debian so you don't have to 'OTR: private'.
hunt for it. Now download libotr-2.0.1-1.rpm and For testing the performance of the software we
gaim-otr-2.0.1-1.i386.rpm from 'http://www.cypher- tested it with a sniffer called ettercap that can capture
punks.ca/ otr/#downloads' and install them by run- IM conversations.We found that the data stream trav-
ning the following commands. eling between both secure clients using yahoo over
GAIM (secured with OTR) was completely scrambled
#rpm -ivh libotr-2.0.1-1.rpm and unreadable by the sniffer. We captured the traffic
#rpm -ivh gaim-otr-2.0.1-1.i386.rpm when both clients were authenticating each other
(when one presses the 'OTR: Not private' button) with
While installing, mind the sequence or you will the hope to capture the key pairs while it transfers
end up with dependency problems. Now that the in- them to the other machine.Fortunately, we found that
stallation is done, your OTR is ready to work. the keys were also encrypted in the process and the
Start your GAIM and go to Tools>Preferences and sniffer was not able to read them!
select the Plug-ins Link at the left-hand side of the Anindya Roy
Continued from page 76 (Implementing Adamantix)
based on the type of access (request type), the access forwarded TCP connections,or SSL with an embedded
target and on the values of attributes attached to the POP3 protocol). FTP, HTTP, finger, whois and SSL pro-
subject calling and to the target to be accessed. Addi- tocols are fully supported with an application-level
tional independent attributes can be used by individ- gateway. Zorp aims for compliance with the Common
ual modules,eg the Privacy Module (PM).All attributes Criteria/Application-level Firewall Protection Profile
are stored in fully protected directories, one on each for Medium Robustness Enviroment.
mounted device. Thus changes to attributes require The Shoreline Firewall, more commonly known as
special system calls provided. But the feature is not 'Shorewall', is a tool for configuring Netfilter. You de-
there by default.You have to once recompile the kernel scribe your firewall/gateway requirements using en-
to make it working.But be careful when integrating RS- tries in a set of configuration files. Shorewall reads
BAC into Adamantix, because if it clashes with any of those configuration files and with the help of the ipta-
the policies you created on PaX, the system could lock bles utility, Shorewall configures Netfilter to match
out even the root user. your requirements. Shorewall can be used on a dedi-
Other elements of Adamantix, which make it so se- cated firewall system,a multi-function gateway/router/
cure, are the Zorp proxy firewall suite and Shorewall server or on a standalone GNU/Linux system. Shore-
firewall. Zorp is the core framework of Adamantix, wall does not use Netfilter's ipchains compatibility
which allows the administrator to fine tune proxy de- mode and can thus take advantage of Netfilter's con-
cisions (with its built-in script language),and fully an- nection state tracking capabilities.
alyzes complex protocols (including SSH with several Anindya Roy
Virtual Machine for Linux

Xen allows you to run several Linux distros from within PCQLinux 2005
V
irtual machines emulate certain environment Direct Hit!
required for applications—so that applications
Applies to: Sysadmins, Developers and Linux enthusiasts
can be run inside them. Some virtual ma-
chines,like those for Java and .NET allow you to run only USP: Run different Linux distros simultaneously
applications whereas some like VMWare,Microsoft Vir- Links: http://www.cl.cam.ac.uk/Research/SRG/netos/xen/
tual PC and Xen let you run entire OSs.We have covered
virtual machines like VMWare and Bochs that run on a should be able to login as root.Note that password,con-
Linux host and run Windows or Linux OSs inside them. figuration and all other settings remain the same as in
This article tells about setting up Xen, which uses the host OS. The only change is that we have booted
Linux as the host and runs various Linux distros inside with a customized Xen kernel. Upon login, create a file
it. Xen package may be a part of Fedora Core 4. We will named guest in /etc/xen directory with:
use PCQLinux 2005 as the host and let you select a Linux
distribution(s) to be the guest OS. kernel = "/boot/vmlinuz-2.6.10-xen0"
memory = 128
Install and configure Xen name = "guestos"
Download the Xen source and binary packages from nics = 1
http://www.cl.cam.ac.uk/Research/SRG/netos/xen/dow ip = "192.168.1.1"
nloads/xen-2.0.5-src.tgz and http://www.cl.cam.ac.uk/ disk = ['file:/dev/hda6,hda6,w']
Research/SRG/netos/xen/downloads/xen-2.0.5-install. root = "/dev/hda6 rw"
tgz. Extract the archives which will produce directories
named xen-2.0 and xen-2.0-install respectively. Change Substitute hda6 with the partition on which you in-
to the directory xen-2.0 and issue: stalled the guest OS.
make install-twisted Launch the guest OS

Open a terminal window in X and issue:
Change to xen-2.0-install and run ./install.sh. Now
append the following to /etc/grub.conf: /etc/init.d/xend start
title Xen 2.0 Then issue the following to launch the guest OS:
kernel /boot/xen.gz dom0_mem=130000
module /boot/vmlinuz-2.6.10-xen0 root=/dev/hdd1 ro xm create -c /etc/xen/guest vm=1
console=tty0
module /boot/initrd-2.6.10-1.741_FC3.img This should start the boot sequence for the guest OS
and let you login to the guest Linux OS. If you issue the
Install another Linux distro (say RHEL, Debian) on ifconfig command on the host OS,you will be able to see
another partition on your machine. a virtual network interface named xen-br0.Through this
To configure Xen,reboot the machine and when the virtual interface the host OS will be able to access the
boot options show up, select ‘Xen 2.0’ and press Enter. guest OS and the services running on it.
This will boot up PCQLinux using the Xen kernel— Shekhar Govindarajan
customized for virtual machine operations. Now you IT4Enterprise
Maia Mailguard
Maia provides a Web-based front end to configure an anti-spam and anti-virus mail
system
L
ast month, we explained how to set up an anti-
Direct Hit!
spam and anti-virus system using amavisd-
Applies to: Linux system administrators
new (Mail Server, page 50, PCQuest, March
2005). To configure amavisd-new we have to tinker USP: Fine-tune amavisd-new with this easy-to-use GUI tool
with a text file,amavisd.conf found in /etc.Fortunately, Links: www.renaissoft.com/projects/maia
there is a better way to fine tune amavisd-new—
namely Maia Mailguard.Once set up,it offers a plethora new-20030616-p10.tar.gz. Extract the archive, which
of options and flexibility. One of them is that each mail will produce a directory named amavisd-new-
user can fine-tune his anti-spam and anti-virus set- 20030616.Copy the file named amavid found in the di-
tings through a Web-based front end. The front end rectory to /usr/sbin—overwriting the existing one.
shows the mail, which are potential spam or ham (not Subsequently, apply the patch by issuing the following.
spam) and gives the user the options to report false
positives. amavisd-new uses a point system to mark a patch -b /usr/sbin/amavisd /root/maia-1.0.0-rc5-
mail as spam. That is, if the number of entities which 2/amavisd-maia.patch
identify the mail as spam contribute to more than a
specified number of points, the mail gets marked as Also copy the file named amavisd.conf found in the
spam. Maia allows this to be configured on a per user amavisd-new-20030616 to /etc directory, overwriting
basis,quite intuitively.What's more,it displays inform- the existing file. You will again need to make the
ative and comparative statistics about the spam, ham changes to the amavisd.conf file as explained in the
and virus-infected mail. Setting up Maia requires a bit section 'Set up anti-spam and anti-virus' in the Mail
of efforts, which we have explained below. Server article in our March 2005 issue.
To start with, download the latest version of Maia
(maia-1.0.0-rc5-2.tar.gz, as of this writing) from Set up MySQL for Maia
http://www.renaissoft.com/projects/maia. Login as Maia stores its data and configuration in a MySQL
root and extract it in the /root directory. This will pro- database.First,set up MySQL on PCQLinux 2005 as per
duce a directory named maia-1.0.0-rc5-2 under /root. the section 'Connect to MySQL' in our article (JDBC
Before proceeding further we assume that you have set Drivers, page 76, March 2005). Start MySQL as:
up the mail server on Linux (as per our last month's ar-
ticle mentioned above). We also assume that you have /etc/init.d/mysql start
set up PHP and MySQL as explained in the articles Your
own Forum (page 60) and JDBC Drivers (page 76) in our Then create a database for Maia as:
last month's issue.
mysqladmin -u root -p create maia
Set up Maia
A Maia patch needs to be applied to amavisd-new. When prompted, supply the password for the
Unfortunately, the patch does not work with the amav- MySQL's root user.
isd-new bundled with PCQLinux 2005.You will need to Open the file amavisd.conf in a text editor and add
download a specific version of amavisd-new from the the following line at the top, after the first line, which
URL: http://www.ijs.si/software/amavisd/amavisd- says 'use strict;'
@lookup_sql_dsn = ( ['DBI:mysql:maia:localhost', 'root', # CONFIGURE THIS: Location of your database.cfg file

'<password>'] ); my $cfg = "/var/amavisd/maia/scripts/database.cfg";
Substitute <password> with the MySQL's root to

password.
Next issue the following to populate the Maia data- # CONFIGURE THIS: Location of your database.cfg file
base with tables and data. my $cfg = "/var/amavis/maia/scripts/database.cfg";
mysql -u root -p maia < /root/maia-1.0.0-rc5-2/maia- We have changed, in the above line, the path to the
mysql.sql database.cfg file—from /var/amavisd/maia/ scripts to
/var/amavis/maia/script.
Some more steps to go Next, open the file named load-sa-rules.pl in a text
Create a directory named maia in /var/amavis.Copy editor and modify the values for the variables $lo-
the directory named scripts, found in /root/maia- cal_cf_dir, $system_rules_dir and my $user_rules_
1.0.0-rc5-2 to this directory. Then issue: dir to, as shown below.
chown -R amavis.amavis /var/amavis/maia my $local_cf_dir = "/etc/mail/spamassassin";

my $system_rules_dir = "/usr/share/spamassassin";
Next, open the file named database.cfg—found in my $user_rules_dir = "/var/amavis/.spamassassin";
/var/amavis/maia/scripts—in a text editor and spec-
ify root for the 'username' and the corresponding Execute this script as:
MySQL password for the 'password'. Next open each of
the .pl files—found in the scripts directory—in a text ./load-sa-rules.pl
editor and modify the line, which says:
Next, create a directory named
maia under /var/www/html. Copy
the contents the directory php in
/root/maia-1.0.0-rc5-2 to /var/
www/html/maia. Copy the tem-
plates directory to /var/www/html/
maia. Open the file named config.
php.dist in a text editor and change
the value of the variable $maia_sql
_dsn, as shown below.
$maia_sql_dsn =
"mysql://root:<password>@tcp(lo-
calhost:3306)/maia";
Substitute <password> with

the MySQL's root user password.
Start it up
Setting up per user anti spam and anti virus preferences had never been You have to issue the following
so easy commands to start the Apache Web

server and amavisd-new. co.in, Maia will create a user account with login as
anoop and mail him an auto-generated password to log
service httpd restart in to the Maia system.
service amavisd restart
Reporting false positives
Subsequently, load the URL http://127.0.0.1/maia/ It may happen that some ham mail get marked
configtest.php in a Web browser (Firefox or Konqueror) spam and vice versa. Maia provides an intuitive inter-
on your Linux machine. Follow the instructions given face to report such mail so that false positives get min-
on this page to install any missing but required mod- imized. Click on 'report spam icon' at the top. Click on
ule. Subsequently, key in the URL http://127.0.0.1/ the link 'suspected ham item' or 'suspected spam item'.
maia/internal-init.php.For the template file path fill in This will present a tabular form in which you can select
/var/www/html/maia/templates. For new users to log the radio buttons corresponding to ham or spam.Once
in, type in http://<ip-address-of-linux-machine> done, clicking on the ‘Confirm Status’ button will make
/maia/internal-init.php.For the e-mail addresses,type the system learn about the false positives.Maia also al-
in root@cybermedia.co.in (in the Mail Server article we lows you to totally blacklist or whitelist an e-mail ad-
used cybermedia.co.in as the domain. Feel free to sub- dress. In the former case, even if a non-spam mail
stitute it with your e-mail domain). Click on the 'Ini- arrives from the blackisted e-mail address, it will be
tialize' button, which will mail a password to the root treated as a ham. In the latter case, even if a spam ar-
account. Retrieve the mail (say, using the mail com- rives from the whitelisted address it will be treated as
mand) and note down the password. ham. You can feed in the whitelist and blacklist ad-
Next key in the URL http://127.0.0.1/maia/ lo- dresses by clicking on the 'W/B List' icon at the top.
gin.php?super=register. Log in as root@cybermedia.
co.in and the password you got through the mail. The quarantined mail
Mail that contain viruses will be quarantined,as we
Configure anti spam and anti virus had set up above. With Maia, you can see all the quar-
Click on the settings button at the top. Click on the antined messages on a simple click.This is useful if the
link 'root@cybermedia.co.in'. Click on 'Enabled' for message in the e-mail is useful but some trojan-at-
virus scanning and spam filtering. Select Yes for 'Add a tached malicious contents to the mail. Click on the
prefix'. For 'Add X-Spam' type in 3 and 'For consider Quarantine icon at the top. Subsequently click on the
mail spam' type in 5. Select Enabled for 'Attachment 'Virus/Malware item' link.This will show you the quar-
Type Filtering' and 'Bad Header Filtering'. Select Quar- antined mail.You can click on them to see the mail con-
antined for Mail with dangerous attachments. Click on tent, as Maia will not execute any attachments. What's
the button 'Update this Addresses' Settings'. Similarly, more, it even blocks images and hyperlinks in the mail
other e-mail users can configure their spam settings for safety.
once their account has been created (refer to the next Maia mailguard is a boon for system administrators
section). dealing with users in a large network where each wants
to treat his e-mail in a different way.For example,some
Add Maia users may subscribe to a newsletter, which will be often
Click on the key icon at the top, and then click on treated as a spam by the anti-spam software.So system
System Configuration. Select Yes for 'Enable auto-cre- wide anti spam rules may not work.With Maia,the user
ation of user accounts'. Click on 'Update Settings' but- who has subscribed to the newsletter, can login to the
ton at the bottom. This will automatically open user Web-based interface and whitelist the newsletter do-
accounts corresponding to your e-mail users as and main. This setting will be effective only for him, while
when mail for them get downloaded. For example, the for others, newsletters will still be treated as spam.
moment Fetchmail (as configured in last month's arti- Shekhar Govindarajan
cle) downloads mails for, say, anoop@cybermedia. IT4Enterprise
Off-The-Record Messaging
Use OTR to have an encrypted chat with others, which is safer than regular encryption
techniques
A
ny secret conversation involves two main
Direct Hit!
components—one, a two-way authenticity
Applies to: IM users
and the other, right of denial. Before dis-
cussing further let's try to understand what the above- USP: Configure OTR software to have an encrypted chat over
Yahoo, MSN or several other IM clients.
mentioned statement actually means.
Consider a scenario when a murderer confesses Links: www.cypherpunks.ca/otr/#downloads
his crime in front of a priest. In normal conditions,
only the priest is supposed to know about the confes- Benefits of OTR
sion and if any one else, say, the cops want to know In general, when we do some kind of encryption,
about the same, then the only option is to take the we use a standard private and public key concept and
words of the priest.But of course in that case,the mur- digital signature. But in this case if someone gets hold
derer has the right to deny that he never said anything of your machine or your private keys then he can de-
to the priest (right of denial) about the crime. While crypt all your old messages and if you don't change the
at the same time, the priest knows very well that the key pairs then the future messages can also be de-
murderer had confessed to him (a simple, two way crypted.And because of digital signatures these mes-
volatile authenticity). sages can be proven as yours, and you won't even be
This scenario points towards the fact that the main able to deny.
property of a secret casual conversation should be a But in case of IMs, which are supposed to be a ca-
volatile authentication that doesn't leave any trace or sual chatting media, the right of denial is also impor-
record behind. So, to provide this kind of an environ- tant alongwith confidentiality. And that's what OTR
ment to the IMs, OTR (Off-The-Record) protocol has does. It generates some short living key pairs, en-
been developed. crypts them with some comparatively longer living
keys and piggybacks them on the
message itself. At the same time it re-
moves the older keys completely from
the memory.It follows this process for
nearly each and every message. This
makes the message truly volatile and
secure at the same time.So if someone
gets hold of your key pairs, he can't do
anything because the key pairs are
changed with each and every mes-
sage.
The other benefit of OTR is that it
is free and works with any IM, which
you can run on GAIM.So from now on
you don't need to install a Jabber
After installing OTR, click on the 'OTR-Not Private' button to start an server on your network for encrypted
encrypted session with the other party chatting. All your Yahoo, MSN, ICQ,

gadu-gadu, etc messages can be encrypted with just a window. Now scroll to the option, which says 'Off-the-
click. As GAIM for Windows is available, you can use Record Messaging' and select the check box and close
OTR on Windows also. the window. Now whenever you open a chat window,
you will see a new button at the bottom right of the
Installation and usage window that says 'OTR: Not private'. Clicking this will
All you need for using OTR on a Linux Machine is start the OTR protocol and if the other person with
XWindow installed and running a GAIM client.GAIM whom you are chatting also has OTR installed, a new
is available with all standard Linux versions such as private session will start and the button will change to
PCQLinux, Fedora and Debian so you don't have to 'OTR: private'.
hunt for it. Now download libotr-2.0.1-1.rpm and For testing the performance of the software we
gaim-otr-2.0.1-1.i386.rpm from 'http://www.cypher- tested it with a sniffer called ettercap that can capture
punks.ca/ otr/#downloads' and install them by run- IM conversations.We found that the data stream trav-
ning the following commands. eling between both secure clients using yahoo over
GAIM (secured with OTR) was completely scrambled
#rpm -ivh libotr-2.0.1-1.rpm and unreadable by the sniffer. We captured the traffic
#rpm -ivh gaim-otr-2.0.1-1.i386.rpm when both clients were authenticating each other
(when one presses the 'OTR: Not private' button) with
While installing, mind the sequence or you will the hope to capture the key pairs while it transfers
end up with dependency problems. Now that the in- them to the other machine.Fortunately, we found that
stallation is done, your OTR is ready to work. the keys were also encrypted in the process and the
Start your GAIM and go to Tools>Preferences and sniffer was not able to read them!
select the Plug-ins Link at the left-hand side of the Anindya Roy
Continued from page 76 (Implementing Adamantix)
based on the type of access (request type), the access forwarded TCP connections,or SSL with an embedded
target and on the values of attributes attached to the POP3 protocol). FTP, HTTP, finger, whois and SSL pro-
subject calling and to the target to be accessed. Addi- tocols are fully supported with an application-level
tional independent attributes can be used by individ- gateway. Zorp aims for compliance with the Common
ual modules,eg the Privacy Module (PM).All attributes Criteria/Application-level Firewall Protection Profile
are stored in fully protected directories, one on each for Medium Robustness Enviroment.
mounted device. Thus changes to attributes require The Shoreline Firewall, more commonly known as
special system calls provided. But the feature is not 'Shorewall', is a tool for configuring Netfilter. You de-
there by default.You have to once recompile the kernel scribe your firewall/gateway requirements using en-
to make it working.But be careful when integrating RS- tries in a set of configuration files. Shorewall reads
BAC into Adamantix, because if it clashes with any of those configuration files and with the help of the ipta-
the policies you created on PaX, the system could lock bles utility, Shorewall configures Netfilter to match
out even the root user. your requirements. Shorewall can be used on a dedi-
Other elements of Adamantix, which make it so se- cated firewall system,a multi-function gateway/router/
cure, are the Zorp proxy firewall suite and Shorewall server or on a standalone GNU/Linux system. Shore-
firewall. Zorp is the core framework of Adamantix, wall does not use Netfilter's ipchains compatibility
which allows the administrator to fine tune proxy de- mode and can thus take advantage of Netfilter's con-
cisions (with its built-in script language),and fully an- nection state tracking capabilities.
alyzes complex protocols (including SSH with several Anindya Roy
cover story-2 april 2005.qxd 4/2/2005 1:04 PM Page 84
COVER STORY E N T E R P R I S E S E C U R I T Y
PREVENTION IS
BETTER THAN
CURE
Securing your infrastructure is not exactly a black art, and if implemented properly,
can let you avoid costly recovery processes and save crores of rupees
ANINDYA ROY, BINESH KUTTY, SUJAY V SARMA
F
rom the earliest of days, simply will not. tems? Let us explore this in our first
Man has learnt well to Taking a lesson from history's article in this story.
defend his assets.Moats pages though, it seems wiser and
used to be built around more efficient to prevent a loss than Why prevention is better
castles and castles had to attempt to recover from an attack. than detection?
high walls with heavily armed sol- Prevention is better than cure. En- Enterprises are rapidly turning
diers standing guard atop them. terprises are realizing quickly that into mobile and metamorphic work-
Sites chosen for such castles were not its better to deploy something that places, with a rapidly increasing
very easy to get to either - if they can detect as well as prevent intru- number of employees acquiring lap-
weren't at the top of a rocky cliff,they sions rather than simply detect one tops to work from. As these execu-
would be on a coast where no ship in progress and try to alert the re- tives travel between departments,
would berth. And if any enemy sponsible personnel. offices and campuses, suitable con-
should be brave enough to attempt Perhaps the avenues of attack to- nectivity must be provided for them
to climb the walls, they would pour day are much wider and numerous to simply do their job. Plugging into
boiling hot coal tar and rain arrows compared to those available even the nearest Ethernet port and Wi-Fi
and rocks on them. two years ago.This has in turn led to are the most often used options.
Okay, how is this history lesson an explosion in the different types of However, these are also the most
going to help you secure your servers vectors that deepen the intrusion. dangerous,since without proper and
and ultimately protect your valuable But what are they and why should strict policies in place, undefended
data? Well, we are going to make they exist at all? What are the ques- or unclean systems could easily plug
them as impregnable as the castles tions we need to ask ourselves before in and infect the entire infrastruc-
of old.Of course,history's castles of- we go ahead and purchase and de- ture in no time. How exactly do you
ten fell to determined enemies,ours ploy one on our networks and sys- force a visiting consultant to install
Photo : India Today

C O V E R S T O RY E N T E R P R I S E S E C U R I T Y
Avenues of intrusion
Video
Cause: Video-page
Network (memory) bug
Cause: No firewalls. Exploit: Gold-bug virus
Exploit: Worms, Spam, that lifts sensitive infor-
DoS attacks mation
Protect: Use a good fire- Protect: Win XP SP2, XD
wall or IPS capable 64-bit CPU
USB
Cause: Wide availabil-
ity and absence of pro-
WiFi & tection mechanisms
Exploit: Unrestricted
Bluetooth data transfer, includ-
Cause: Public avail- ing malware
ability and visibility. Protect: Policies to
Exploit: Everyone can govern what can be
access the system and connected.
upload malware.
Protect: Encrypted
connection, non-
promiscious mode
operations.
Optical Media
Cause: Wide adoption,
Input Devices automatically trusted
Cause: No protection Exploit:‘Autorun’ makes
at all it easy to upload mal-
Exploit: Key loggers ware
and mouse-event Protect:Scan with an-
readers tivirus before running
Protect: Antivirus,
anti-spyware
cate to non-Symbian systems. The

Security Technologies Used
moment an infected cellphone en-
49 ters your Bluetooth zone,the worm
38
Digital Ds 42 would transfer itself to the nearest
36 open Bluetooth device (say a lap-
34 2003
2002
top) and as that device connects to
73
60 2001 other systems over Wi-Fi or even
Intrusion Detection 61 2000 Ethernet, the worm could spread
50
42 1999 to other systems. Of course, the ul-
40 timate aim of the worm would be
35
PCMCIA 39 to reach another Symbian cell-
39 phone and it can now reach one
39
that it previously had no means to
58
50 reach - say all the way across the
Encypted Login 53 globe, through your LAN and then
50
46 through your ISP. What means do
99 you have deployed to detect such a
90
Antivirus & Firewall 98 spread, let alone fight it?
100 An IPS (Intrusion Prevention
98
System) is a software that strikes a
47
44 synergic balance between being an
Reusable Passwords 48 active firewall, a software update
54
61 center, a malware definitions
server and policies enforcer. An
Source: CSI/FBI Computer Crime & Security Survey Report (2003)
69
Encrypted Files
58
64
IPS has policies and rules that it
62 compares network traffic to. If any
61
traffic violates the policies and
11
10 rules, the IPS can be configured to
Biometrics 9 respond by fighting that threat
8
9 rather than simply alerting you to
92 its existence.
82 Typical responses might be to
Access Control 90
92 block all traffic from that IP ad-
93
dress or to block incoming traffic
from that port to proactively pro-
tect just the computer or entire
or use your particular favorite an- bian cellphone to those of the skull network. How effective the IPS is
tivirus? Rather than grapple with and cross-bones. It uses the noto- depends on which of the two meth-
such issues, it is usual practice to rious Cabir worm to spread itself ods it will employ and in what
leave systems open.And that action through Bluetooth. Increasingly combination.
alone endangers more than one sys- laptops, smart devices, printers IPS systems respond to either
tem. and even some brands of PCs are changes in traffic flow and pat-
Consider for example, the rather equipped with Bluetooth.Consider terns or to certain predefined sig-
innocuous cellphone Trojan called this nightmarish scenario, where natures and the responses to those
"Skulls". This vector simply turns someone rewrites a portion of the signatures. Let us see what each of
the application icons on your Sym- Skulls code to let the worm repli- these are.
Traffic flow pattern method

Spreading malware and agents IPS aptitude
on a network cause rapid fluctua-
tions in the network flow. This is Can the IPS identify machines on your network that need IPS
easily noticeable and can be protection?
flagged for action. What would Atleast,it should have agents that you can install on these machines that
typically happen is that if a worm send back information about attacks.
is trying to get in, it will initiate re- Does the IPS offer a mode where it can learn over a period of time?
mote scans and then try to find How effective is this? Can this process be controlled humanly?
particular vulnerabilities. Moni- Learning about attacks and what you did against a particular threat can
toring active network loads and be a big plus where human intervention is difficult. Effectiveness will
comparing them to what it should start low,but improve over time.Humanly control,as providing updated
be like at this time of day will tell databases, teaching what it did wrong or provide alternate actions that
you if it is suspicious. Once you it can take, can only benefit our enterprise.
have decided it is, you can then set What kinds of intrusions (DoS, protocol attacks, vulnerability
about identifying the particular exploits, application attacks) can it handle?
machines that are participating in An ideal IPS should handle all of them.
the scenario and isolate the infec- What kind of actions can it take after identification? What is its alert-
tor. Further action can be initiated ing process like? Can it escalate alerts?
in the form of isolating that ma- Alert escalation is important. If a designated person does not respond
chine from the network and run- within some time, the software should escalate the call to the next per-
ning scans on it to locate the agent son in the hierarchy till a suitable response is registered.
and finally remove it. Can the IPS communicate with other IDS/cleaning software (like fire-
walls, antivirus products, etc)?
Signature and response method Most IPS software vendors also bundle IDS plugins.And such IPS soft-
When a mal-agent tries to infil- ware will more often than not communicate with these programs as well.
trate your infrastructure, it leaves How are the centralized management and reporting features?
behind a trail of what it has done IPS should offer reporting and management using standard Web
and where it has been. This is its browsers. Check the versions of Web browsers supported.
"attack signature". The responses Does it support either SENS or SNMP, or otherwise use the MMC?
it sends out and tries to get other This is good to have although not a 'must', since it can help you central-
systems into giving it are usually ize your monitoring and management efforts.
quite sufficient to tell you what Are there any available tools with it to analyze its logs and learn
you're dealing with and from further from it?
where. An IPS looking for such ac- Some report in 'well known' formats and third party tools can be down-
tivity patterns should necessarily loaded to analyze these logs.This can also help you track down particu-
have an underlying and integrated lar errors or entries that may seem to indicate an 'intrusion'.
IDS system that would help it fine A typical enterprise network would have multiple platforms. How
tune its findings over time and many of these does it support?
eliminate false-positives. Most IPS would readily run on Windows server platforms. If you have
NetWare,Lotus Domino,UNIX or Linux deployed,would your IPS work
How effective is your IPS? with them as well?
An important factor that gov- Can it handle outgoing as well as internal attacks?
erns what an IPS solution can do is Most attacks actually originate or are helped by something inside your
where it sits on your network. For network. It should be able to guard against both.
example, an IPS that sits at the

gateway level is more like a fire-

wall. It can do little to prevent Types of Attack or Misuses in Last 12 Months (%age)
agents infiltrating through flop-
42
pies, CDs, USB drives and so forth. 40
Denial of Service 36
However, some IPS systems do 27
have agents that you can install on 31 2003
2002
machines throughout your net- 59
55 2001
work and these agents can proac- Notebook misuse 64 2000
tively cooperate with a central IPS 60
69 1999
server to detect and fight intru-
45
sions through these means also. 38
Unauthorized access
Maintenance of attack signa- by insider 49
71
tures and removal techniques for 55
various agents is important too. It 82
should further give you the ability 85
Virus 94
to drill down and define what kind 85
90
of policies to apply and what ac-
15
tions to take on positive identifica- 12
Financial fraud
tion of a mal-agent. If the IPS 12
11
solution can maintain a database 14
of attacks over a period of time and 80
use that to further research, it is an Insider abuse of 78
Internet access 91
excellent choice.We have compiled 79
a list of ten questions,in the box,to 97

help you select the right IPS solu- 36
System penetration 40
tion for your enterprise. 40
25
Commonly available enter- 30
prise-class security solutions
21
(from vendors like Trend Micro, Sabotage 8
McAfee, Symantec and eTrust) 18
17
usually combine an IDS, corporate 13
firewalls and antiviral software 21
Theft of proprietory 20
into effective IPS systems. Consult information 26
our November 2004 shootout of 20
25
the same for more details on what
these solutions could specifically
do.
Put together,an IPS provides an ing it is a vigorous and continuous self-evident for an IPS, because
active line of defense and are aptly process. We need to literally teach there is no directly measurable
called 'Self Defending Systems'. the system to differentiate between profit to be derived, just that the
There are a few other things you normal traffic and something sus- system will work securely. Hence,
need to keep in mind. IPS should picious. you need to consider how much the
not try to replace existing tech- company could lose if the product
nologies, but should add to them. ROI on IPS systems or technology were not in place.
Implementing an enterprise-wide From a purely economic stand- How much money would have to be
IPS is not easy, because configur- point, ROI is not something that's spent on rebuilding servers, recov-

standing. Our discussion below

The antidotes aren't working utilizes our findings. We first did a
DOUGLAS BROCKETT,VP WORLDWIDE MARKETING, SONICWALL full installation of both OS, with-
out installing any extra applica-
Early this quarter, the UK government released a research showing tions than what came with it on its
68% of large companies were infected by viruses in 2003,in spite of the installation media. We then ran
fact that 99% of them were using antivirus products. The findings un- Nessus (an open source port scan-
derline the fact that antivirus software on its own does not do enough ner) and InternetPeriscope (from
to protect businesses.This should be a wake-up call to all those involved LokBox Software) to attempt to
in their sale. discover what we could about
Antivirus capability isn't keeping up with the need for speed in de- them.
ploying updates, many vendors are citing gateway antivirus as the way
forward. The trouble is this still isn't comprehensive protection.While Securing Windows Server
these solutions may allow you to distribute network updates from a sin- 2003
gle point, they never give you control over laptops of your travelling Out of the box,Windows Server
workforce. They still rely on client-based antivirus software. Gateway 2003 is a "locked down" OS. That
antivirus is not enough by itself. This is why some form of enforced means anything its publisher (Mi-
client capability needs to be an essential part of any security strategy. crosoft) does not deem absolutely
The most effective solutions are proactive, and continuously up- necessary to run on it is turned off
dated, managed services that stop known and unknown threats at the or not even installed by default.For
Internet level,before they ever reach corporate networks and end users. example, on servers, the Web
The antivirus solution needs to have built-in auto-enforcement at the server application is considered its
client and the gateway levels. You also want to be able to protect net- biggest weakness simply because
work vulnerabilities by stopping worms, Trojans and other attacks be- of its larger visibility to the public
fore they can get into networks using intrusion prevention. The most world. For this reason, IIS is not
effective IPS work at the application layer - Layer 7 - using Deep Packet even installed by default. Even
Inspection.This is important because some offerings portending to be when it does get installed, things
intrusion prevention systems only protect Layer 3 and 4 data. They like CGI, WebDAV, Internet Data
make a big deal of having 1500 signatures for intrusion detection while Connector components remain
keeping quiet about having just 30 for intrusion prevention. 'Prohibited'.
The health of the corporate body is under constant attack. The Remarkably, the ICF (Internet
choice is clear. You can either continue to fight a losing battle by pre- Connection Firewall,now renamed
scribing fresh antidotes every time there's a new infection, or focus to "Windows Firewall") turned out
your efforts on helping networks develop their own immune system.If to be a pretty secure firewall. With
you were the patient what would you prefer? it running, basic networking re-
mains unavailable and reports in-
ering data, the time and resources tive. Now, these are other than dedicated that if the machine is
of dedicating technical personnel ploying firewalls and maintaining indeed turned on and put on the
to clean up after an attack, etc? it in upto date trim by applying network, it is in "stealth" mode.
Security starts with the operat- patches and updates - it is a given Nessus infact refused to scan the
ing system. Unless the OS itself is that you will do those. server,telling us "Scan returned an
configured for maximum security, When we started working on empty report". If you check, you
while still allowing required func- this story, we decided to find out will also find that you cannot
tionality, any number of deployed for ourselves just how secure the browse to the machine from your
intrusion detection or prevention Windows and Linux really are; me- Network Places. InternetPeriscope
systems would simply be ineffec- dia frenzy about them notwith- did manage to report a few open
UDP ports, but these correspond a healthy mix of alphabets, num-

to various networking features OS installation tips bers and symbols to make them
(like ICMP Time stamp) that are that much harder to guess. If set to
Always install your OS
non-critical. enabled,disable the option to store
with the system discon-
Spread your risks. The greater passwords in reversible encryp-
nected from the network and
the number of assets you have tion. This ensures that someone
put it online only once all the
around the more distributed an at- trying to decrypt stored pass-
basic software and security sys-
tack would be. Of course, this words would get junk.
tems are online on the machine.
would result in a larger number of Account lockouts are a healthy
On Windows, use the NTFS
potentially successful attacks, but way to keep undesirable people
option for your partitions,
in a much more diluted form. For out. Would be hackers would at-
since it increases security to
example, if you tend to running tempt multiple logins trying to
your files and data.
single server boxes that have all in- guess your password and setting
Keep your system files and
frastructural services, chances are accounts to lockout automatically
user data on different par-
that a crash in one could seriously after a particular number of in-
titions.Also keep any software
injure your entire network (a crash valid attempts is effective.You can
copies you may want to retain
in the DNS would also render Ac- set them to unlock after an interval
on the same system on different
tive Directory useless, thus bring- or never - in which case,you would
drives or partitions. This allows
ing down user authentication, file have to manually re-enable it from
you to control their visibility
replication and if you have it de- your user-manager console. The
and access better.
ployed, your Exchange mail threshold should be a reasonable
Always set a complex and
server). It is thus much better to figure and must allow for legiti-
unique password for ad-
distribute them among as many mate users mistyping their pass-
ministrator (root on Linux) user
physical machines as possible so words. Set it up from the Account
accounts. It should be a non-dic-
that you can easily troubleshoot Lockout Policy options. First set
tionary word, at least 6 charac-
and bring back a victimized server the threshold to (say) '3', this will
ters long and with a mix of
without affecting other systems.Of enable the other two options. Now
alphanumerical characters.And
course, as a load balanced net- set the duration to (say) '30' min-
should not resemble some com-
work, you probably already have utes and the reset timeout to (say)
mon information like your ad-
that built in! '30' minutes. The lockout and
dress, birthday, or your
timeout duration must be higher
nickname. Guard this password
Policy based control with your life.
than what a typical hacker would
mechanisms Set your first boot-device
wait around for between lockouts.
Group policies are an effective A paper trail is the best way to
priority to your hard disk
way to setup rules and enforce trace a problem.Auditing is meant
and change other options to
them at the OS and server level. To for this. Turn it on for any relevant
'none' and finally put a strong
use this, fire up "gpedit.msc" from events. It would be wise to turn it
system password to your BIOS
the Run box. Under Computer on for the 'Failure' events of all
as well. This will make sure that
Configuration>Windows Set- types and for 'Success' of critical
no one can boot you machine
tings>Security Settings>Pass- events like 'policy change' and
with some other media, say, a
word Policy, first setup a 'privilege use', which would be the
bootable CD or floppy.
'maximum password age' between first target of would-be hackers.
10 and 30 days. This forces your These events would be logged to
users to change their passwords must meet complexity require- the System portion of the Windows
frequently and minimizes unau- ments' to 'enabled'.This option en- Event Log.
thorized use. Also set 'passwords sures that user passwords contain Hackers frequently use default

accounts present in the system to selves as well as access various Rule).

gain access. To prevent this, go to parts of the Windows Registry. Finally, visit the folders inside
the Security Options portion and This is a very bad idea and a seri- the Administrative Templates
use the 'Accounts' set of options to ous security outage. Access the folder and enable or disable the fol-
disable or rename the Administra- 'Software Restriction Policies' lowing: Windows Components>
tor and Guest accounts. It is best to folder, right-click and select 'New Terminal Services>Client/Server
disable the Guest account and re- Software Restriction Policies'. Two Data Redirection - set all options
name the Administrator account to subfolders will appear, along with whose names begin with 'Allow' to
something else (like 'AcmeAd- three keys. Click on the 'Enforce- 'Disabled' and those that start as
min'). If you exclusively use Win- ment' key and change the option 'Do not allow' to 'Enabled'. This
dows 2000/XP clients and from 'All users' to 'All users except turns off all forms of redirection.
2000/2003 servers, you could turn local administrators'. If you have Windows Components>Terminal
on digital signatures to sign all your own custom application type Services>Encryption and Secu-
network communications and use running, go to the 'Designated File rity - Enable 'Always prompt client
only NTLMv2 messages between Types' option and add the new file for password on connection'. Sys-
servers and clients. This would en- extension. Now open the 'Trusted tem - Enable 'Display Shutdown
sure that only 'known' and trusted Publishers' option and select that Event Tracker'. This would cause
systems are allowed to participate only 'Local computer administra- the failure of a remote attempt to
in network activities. All other at- tors' can select whom to trust. If shutdown the server,since you will
tempts would be rejected. Of you're on an Active Directory do- also have to specify the reason.Sys-
course, you would need to corre- main, you can select 'Enterprise tem>Logon - Enable the 'Disable
spondingly change settings on the administrators' instead. Now go legacy run list' option.Most worms
client machines as well. Options to into the Security Levels folder, today use the legacy runlist to
sign are under the 'Domain mem- right-click 'Disallowed' and set it launch themselves.
ber','Microsoft network client' and as the default policy.If you visit the
'Microsoft network server' groups. 'Additional Rules' folder, you will Shares
Set up the server to require be greeted by a set of sensitive Reg- It's a bad idea to leave un-
'Domain controller authentication istry keys.If you do not want one of wanted shared folders and drives
to unlock a workstation' to force a them to be accessible to an appli- around. Only share out what you
client to re-authenticate before un- cation, double-click it and set the need. To find out what's visible on
locking itself. On the network 'Security Level' to 'Disallowed'. network, fire up the File Server
front, disable all of 'anonymous Sometimes, you want to disallow Management console (Adminis-
SID/Name translation', 'anony- the use of a particular file, regard- trative Tools>Manage Your
mous enumeration of SAM ac- less of what it is called or where it Server>File Server) and look at the
counts and shares', 'let everyone is kept. To do this, right-click in a list under the 'Shares' folder. The
permissions apply to anonymous blank area of the 'Additional Rules' shares with a "$" at the end of their
users' ('Everyone' includes both window and select 'New Hash names are automatically shared by
authenticated and unauthenti- Rule'. Select any copy of the the file Windows for various purposes and
cated users, while 'anonymous' in- you want to block using the Browse are called 'administrative shares' -
cludes only unauthenticated button. The file information box is you can't do anything about these,
users). If you have the recovery populated with its attributes. Se- except turn them off, which can
console installed, disallow 'auto- lect it to be 'Disallowed' and click lead to their own problems. The
matic administrative logon' to it. OK to disable it. Similarly, you can only one of these that you can con-
By default, Windows Server create rules to block a zone of Web- figure is the "wwwroot$" share that
2003 allows unlimited access to sites (New Internet Zone Rule) or exists if you have IIS installed.
applications both to install them- an entire directory path (New Path Make sure security is very strong

on this and only the necessary accounts, but from a security specifically right-click on them and
users have "full" or "write" access. standpoint, these accounts are in- enable it for sharing.
If you have "Microsoft Services secure from the word go. Reason? Win XP has the ability to en-
for Network File System" installed Their passwords are blank and all crypt your files and folders using
(provided on this month's CD, see of them are 'administrators' by its EFS (Encrypting File System).
box for deployment instructions), class.This is the last thing you want Once your files are encrypted, it is
the task of managing your net- to have in your enterprise. So the useless to attempt to use it some-
worked file system becomes even first thing to do would be assigning where else, since the decryption
easier. Using this kit, you can en- passwords to all the users espe- process is dependant on digital cer-
able or disable TCP and NFS trans- cially all users assigned adminis- tificates maintained by the OS.Also
ports for file-serving, map trative privileges.More the number encrypt the 'temp' folders to fur-
Windows user names and groups of administrator-class users on a ther secure data left around by your
to UNIX groups and setup locking system, the greater information a applications.
preferences. Once this is installed, hacker can dig up. Consider mov- Either disable the 'Offline Files'
you will see an additional tab ing desktop users into the local feature or encrypt its database. To
called 'NFS Sharing' on the proper- 'Power Users' group rather than as- encrypt it, open the 'Offline Files'
ties box for drives and folders.You signing them Administrator. An- tab for the folder's properties and
can now share these resources with other trick that you might want to check on the 'Encrypt files to se-
a different character-encoding use to complicate hacking into your cure data' option.
(currently only ANSI for English system is to create a local account Disabling the Auto Run feature
and different Japanese systems are with absolutely no privileges and for the CDROM should be a good
supported).You can also setup the renaming it to Administrator with move, considering the fact that one
UID and GID (similar to UNIX sys- a strong password. Also, eliminate could easily install some malicious
tems) for anonymous users and unnecessary and redundant user code using this feature. Do this by
setup the type of access for each accounts like test accounts, shared going to ((Run > GPEDIT.MSC >
folder (read-only, read-write or no accounts, accounts of ex-employ- Computer Configuration > Win-
access). One of the first things you ees. dows Settings > Security Settings
would notice here, is that by de- It is unlikely that a hacker would > Local Policy > Security Options).
fault,all folders will be shared with walk up, put a gun to your head and You can prevent users from con-
'Root access' disabled. This means take control of your system. Unau- necting devices to the USB indis-
that the 'root' or 'administrator' thorized use of systems happens criminately by disabling (as the
user cannot sign on to this folder only when the user is away. For this Administrator) the USB adaptors
and this is a good security feature. reason, never leave your system un- from Device Manager – if you have
Permissions here are set per ma- locked. Always setup a screensaver, already removed the user from the
chine. and protect it with a password to Administrators group, then they
prevent such usage. cannot re-enable it.
Securing Win XP Win XP uses 'Simple File Shar- You may also protect the Blue-
Most of the elements of securing' to share your files. While this tooth and Wireless interfaces.
ing your Win XP can be done using maybe sufficient for a home net- Wireless connections should use
Group policies. In an enterprise, work, it is a poor choice for an en- encrypted communications (WEP
these would be done at the domain terprise and should be disabled. or WPA). Bluetooth devices will be
level and hence we are not sepa- This ensures that your files are not setup to use non-promiscious
rately covering them here - see the available to everyone - you will now mode for operations.
above Server 2003 discussion for need to specifically grant access to
insight on how to do this. your shares. Now if you need to Securing PCQLinux 2005
Win XP lets you create multiple share your files, you will need to Natively Linux is a secure OS.
applications, which you really

Dollar Amount Losses by Type
need. The reason to do this is to
minimize unwanted numbers of
$406,300
Unauth. inside access applications, as the number of ap-
$10,186,400
Financial fraud plications is directly proportional
Telecom fraud $701,500 to number of vulnerabilities. And
Theft of prop. info $70,195,990 in case of normal Linux worksta-

Virus $27,382,340 tion or a desktop installation,
Notebook theft $6,830,500 make sure that the unwanted
Insider Net abuse $11,767,200 server services like DHCP, DNS,
Denial of service $65,643,300 TFTBoot, Apache, telnet, FTP,
Sabotage $5,148,500 Sendmail, SMB are not installed
System penetration $2,754,400
and if installed, then not running.
Eavesdropping
You can stop this application by
$706,000
$705,000
running ntsysv in any Fedora or
Active wiretapping
PCQLinux machine.
3. Another important thing
is to get rid of the .rhosts files, as
Today we have distributions of ways by which a Linux machine they are a favorites of hackers. The
Linux,which are out of the box U.S. can be compromised. And a single .rhosts files contain names of sys-
Common Criteria Evaluation at compromised machine in the net- tems on which you have an ac-
Evaluation Assurance Level 4 Cer- work can create havoc for the count. When you use TELNET to
tified. An example of such a distro whole network. log in to a system, the system
is SuSE Linux.CC-EAL5 is military So in this article we will see checks its .rhosts file and if your
grade and considered the most se- what are the common software and machine name is found, it gives
cure. human flaws which can lead to a you access without the need for a
Some of the common benefits compromised workstation and fi- password.In most of the Linux dis-
that we get while using Linux on nally we will see how you can stop tros this file is created in your
workstations instead of any other them. home directory. You can remove it
OS are that it has less number of by running the following com-
malware. This implies a lesser The Linux Workstation mand
number of attacks. So if you don't 1. Always use a boot-loader
have an anti virus installed in your password and prefer GRUB to #rm -rf ~/.rhosts
machine (which is not at all advis- LILO. This is important because, it
able) still you have more chances of is very easy to bypass the normal You can even append this com-
survival as compared to other OSs. Linux boot process and boot the mand into your .bash_profile file
But here the biggest question is: machine into a single user mode, so that each time your system is
if Linux is natively secure and have which doesn't require a password, boots up this file automatically
very few viruses and other mal- and then change the root's pass- gets deleted.
ware then should a normal user word. 4. There are many anti
should take effort to secure his 2. Never do a 'full install' of viruses available for Linux, which
workstation in a corporate envi- any Linux distribution on a pro- are, free (open sourced) and paid
ronment. And the answer is 'Yes' duction machine. While installing as well. If you are using PCQLinux
Linux is comparatively secure but select the Custom option (Avail- 2005 you will get CLAM out of the
not 100% secure. If proper meas- able in most of the Linux distribu- box, which is one of the best open
ures are not taken, there are lots of tions) and select only those source anti virus available out

there. Do install an anti-virus on password becomes known, then 2004, page: TODO). All these hon-
the Linux system. the complete security for your ma- eypots also silently create logs of
5. Enable the firewall (ipta- chine is gone. what the hacker is trying to and
bles) at the time of installation. In And that's where SELinux this can then be used to not only
a simple test of vulnerability as- comes into existence.With the help trace him out, but also further en-
sessment we found that the num- of SELinux you can create a layer of hance your server security.
ber of threats reduced to 99% by user level access control list with
just enabling the inbuilt firewall in which you can define some rules. 64-bit protection
a full installation of PCQLinux Using these rules even the root Our visual on the first page of
2005. And the 1% which was left user can be restricted for doing this article shows one form of at-
was just because of the reason that some tasks.For example,you could tack being your video memory.
the ICMP time stamping was en- create a rule to set the default level Well,what is this about? What hap-
abled in the machine. You can dis- of authority to that of a normal pens is this – when something is
able it by just denying the ping user if someone tries to login as ‘displayed’ by your computer, the
requests in your firewall. To do so, root from Telnet.But if he logs in to information about it is compiled
run firestarter in PCQLinux and the machine locally, then he will by the graphics engine and then
follow the wizard and when get the usual full rights. sent to the graphics hardware.This
prompted for 'Network Services Installing SELinux is not at all is organised into ‘pages’ and only
Setup' select the first option which difficult. In PCQLinux 2005 one such page is displayed at a
says 'Disable Public access to all SELinux is enabled by default. For time. The CPU then picks up what
network services' and the flaw will a detailed article on configuring should currently be displayed and
be patched. and using SELinux,read our article marks it. This is then automati-
Enhancing Security in Linux (Au- cally sent to the video device. The
The Linux Server gust 2004, page 102). set that was previously used goes
Naturally securing a server is back into the buffer. To protect
much more difficult and important HoneyPots what’s on screen from getting gar-
than securing a normal worksta- Honeypots are another very in- ble, the currently active page is
tion. But to begin with, keep in teresting concept by which you can protected by the CPU.
mind that the security measures protect your servers from hackers Apparently, the pages that are
discussed earlier for the worksta- and worms. For example you can not active are considered not wor-
tion are inherited here as well.And use a honey pot called LaBrea, thy of any protection and viruses
in this article we will go further which creates hundreds of fake IPs (like the Gold Bug) exist that waits
and see what is available to make in your network and diverts all the for such pages to arrive and then
your server as secure as possible. DoS attacks among those fake IPs sift through it for potentially use-
saving your main server (Prevent ful information. There is no form
SELinux DoS attacks, April 2004, page: of antivirus or other protection
One of the biggest security TODO). There are others like Hon- against this.
threats for a Linux server is the eyd as well which can create a de- The new 64-bit CPU from Intel
'root' user. Yes, we are not joking. coy chamber in your server so that (the Intel 6xx family to be precise)
Root is a standard and default user when any hacker tries to hack the takes care of this, by including
in any version/distro of Linux, just server, he gets diverted into that something called the ‘Execute Dis-
as 'Administrator' exists on Win- decoy and feels that he has suc- able’ (XD) bit. OSes now have the
dows.And because of this, the first cessfully hacked into the system option to set this bit in the video
attempt any hacker or a Trojan will and spends his time figuring out memory to indicate it should be
be to try to guess the password for and hunting for important data protected as well. Note however,
this user. And if in any case this (Fool hackers with Honeyd, May that this option can be turned off
priority to CD-ROM. After that he

Should you patch? boots up the machine with a stan-
dard Knoppix CD, mounts your
In the light of our discovery from our tests on OS security, we won- partitions and copies all the im-
dered about the numerous patches that MS keeps posting at regular in- portant data into a USB pen drive
tervals.At the time of writing this, there were 35 such updates that MS and goes away with his chopper.
had deemed as a 'security update'. But are all of these updates and So now what you will do? And
patches necessary? The basic flaw in all three methods of automatically the answer is very simple.After all
patching your system - using the local Automatic Updates service, the effort you have taken for se-
through a centralized Software Update Server,or visiting the Windows curing your machine over the net-
Updates website -is that they all require you to first let the updates work.
server scan your server for required updates from the inside. They all It is also very important to keep
require you to have a client in some form (either an application or an a very tight watch on the physical
ActiveX control on a webpage) to do this. This is valid only when the security of your servers. Well, the
attacker is already inside your system's defenses. concept is quite away from the
Also, the update systems do not seem to be checking if the patch is scope of this article but still you
required at all on your system. For example, one of the updates we should have security guards and
found installed on our Windows server was "Security Update for Win- keys and locks at the door of your
dows Server 2003 (KB873333)". We looked up this KB, and found the server room and don't leave any
following description - "An attacker must have valid logon credentials room at the roof top so that Tom
and be able to log on locally to exploit this vulnerability. The vulnera- Cruise can not climb down from
bility could not be exploited remotely or by anonymous users." And "An there and hack into your server.
attacker who successfully exploited this vulnerability could take com- Having a sound IT policy for
plete control of an affected system. However, user interaction is re- your enterprise goes a long way to
quired to exploit this vulnerability on Windows 2000,Windows XP,and minimizing if not eliminating the
Windows Server 2003." Now,in the light of the fact that,one the attacker risks. Grounding these policies
must have physical and valid access to the server and two, user inter- with a good implementation firms
action is definitely required to make use of this, puts us in little doubt up the confidence that your infra-
that in a typical enterprise deployment, the Administrator of that structure will be safe and your
server would be its sole "attacker" who can use this vulnerability.And data secure for a reasonably long
since the server's ICF was anyway shielding the machine effectively,we time.
see no way for this attack to have ever taken place on the server in ques- After all, it is not necessary to
tion! get a virus attack to lose all your
Well, the updates are to prevent attacks if someone does manage to data… but that is subject enough
gain access these arguments notwithstanding and install something on for a different story. Actually, you
your systems to exploit these vulnerabilities. And that is why you need a little bit of everything—
should apply these patches. some preventive, some cleaners,
some disaster management,a little
to support any legacy application suppose: Tom Cruise of Mission protective storage—in our man-
that might require unprotected Impossible 2 comes inside your agement recipe for an optimistic
pages. server room suspended from the synergy between both technology
roof.Then opens up you machine's and requirements.
In conclusion cabinet and takes out or short the The total cost of survival does
Security starts within. But, to battery in your motherboard and outweigh the cost of ownership or
understand the last level of secu- sets your BIOS password to de- operation. That's the way the
rity (that is physical security) lets fault.And then sets the boot devise cookie crumbles!
Developer.qxd 4/2/2005 1:07 PM Page 100
DEVELOPER W R I T I N G C O D E
A DataGrid for PHP

Prado, an ASP.NET like framework for PHP, lets you get a tabular view of your data from
a database
I
n our article Call it PHP.NET (December 2004, page
Direct Hit!
98), we talked about a project named Prado which
brings ASP.NET functionality-server-side compo- Applies to: ASP.NET and PHP developers
nents, events, validators-to PHP. Prado was the award- USP: With a few lines of code, display and sort database’s
winning project in a coding contest held by Zend, the data, update it and select rows from the tabular display
company behind the PHP engine. Henceforth, Prado is Links: www.php.net, http://www.xisc.com
under constant development and the package is now
hosted at SourceForge—the most popular portal for DirectoryIndex index.php
open-source projects. With Prado, now PHP program-
mers can incorporate a fully functional DataGrid in their Save the file as php.conf in /etc/httpd/conf.d.In case
pages. A DataGrid is a tabular view of data, retrieved you have installed PHP that comes with PCQLinux 2005,
usually from a database.What makes it exciting is, with you will already have a file named php.conf in this di-
a few lines of code, you can display and sort the data- rectory. In this case, open the file and comment the fol-
base's data,update it,set up paging and select rows from lowing line by prefixing a #.
the tabular display. DataGrid became popular with ASP
and ASP.NET technologies from Microsoft. Let’s see a LoadModule php4_module modules/libphp4.so
glimpse of Prado's DataGrid.We assume that you know
the basics of PHP and have worked with ASP.NET. Restart Apache Web server.
Installation /etc/rc.d/init.d/httpd restart

We will install and set up Prado on PCQLinux 2005 .
PCQLinux 2005 ships with PHP version 4 while Prado re- Now download the zipped package of Prado from
quires version 5. Download the latest PHP 5 package http://prdownloads.sourceforge.net/prado/prado-
(5.0.3 as of this writing) from www.php.net.Extract the 2.0rc.zip?download and unzip it.This will produce a di-
archive, and compile and install. rectory named prado. Create a directory named
‘datagriddemo’ under /var/www/html. Copy the direc-
./configure --prefix=/usr --with-mysql --with-zlib -with- tory named ‘framework’ found under the prado direc-
apxs2 tory to /var/www/html/datagridtest.
make
make install Code a DataGrid
To write a Web application using Prado, you have to
Fire up a text editor and type in the following. write a PHP class for each Web page in your application.
For example, for a Web page named datagrid, you need
AddType application/x-httpd-php .php to write a file named datagrid.php containing a class def-

DEVELOPER C O D E
inition as: {
function onLoad($param)
class datagrid extends TPage {
if(!$this->IsPostBack)
The actual content (HTML,datagrid component) for {
the page will be in a file, datagrid.tpl. This class must be $adodb = new TAdodb;
specified in an application.spec file, which can be $adodb->DataSourceName
thought of as similar to a web.config file for ASP.NET.Fol- ="mysql://<user>:<password>@localhost/<database>";
lowing is the application.spec file that we will use. $adodb->SetFetchMode(TAdodb::FETCH_ASSOCIATIVE);
$rs = $adodb->Execute('select * from <table>');
<?xml version="1.0" encoding="UTF-8"?> $this->grid->setDataSource($rs);
<application ID="datagriddemo"> $this->grid->dataBind();
<request default="datagrid" /> }
<alias name="Pages" path="." /> }
<using namespace="System.Web.UI.WebControls" /> }
<using namespace="System.Data" /> ?>
<using namespace="Pages" />
</application> Substitute <user>, <password>, <database> and
<table> with MySQL's user (say root, user's password,
Save the above content in a file named MySQL database and its table that you want to query,re-
application.spec in the datagriddemo directory. spectively).Save the above file as datagrid.php in the di-
rectory datagriddemo.
The DataGrid page
We start with a page containing a minimalistic Data- See it working
Grid as shown below. Now write an index.php file with the following code.
<html> <?php
<body> require_once(dirname(__FILE__).'/framework/prado.php';
<com:TForm> pradoGetApplication('application.spec')->run();
<com:TDataGrid ID="grid" /> ?>
</com:TForm>
</body> Save this file in datagriddemo. Load the following
</html> URL http:// 127.0.0.1/datagriddemo/index. php.
You should see an HTML table with columns corre-
Note that the ID of the DataGrid is grid. We will use sponding to the columns in the database table.You can
this ID subsequently to populate the DataGrid. make the columns sortable by adding the attribute Al-
lowSorting to the Datagrid tag in datagrid.tpl as:
Bind data to the grid
We will retrieve data from a MySQL database and <com:TDataGrid ID="grid" AllowSorting="true" />
bind the data to the datagrid. To set up MySQL on PC-
Qlinux 2005,refer to the our article JDBC Drivers,(March You can also do paging, row selection, data upda-
2005, page 76). The code to bind data with the DataGrid tion and beautifying the rows.Refer to the DataGrid ex-
will go into the datagrid.php file. ample in the prado/examples/datagrid and /prado/
docs for the API documentation.
<?php Shekhar Govindarajan
class datagrid extends TPage IT4Enterprise
101 PCQUEST APRIL 2005 A Publication

DEVELOPER C O D E
Run Java Apps from SysTray

Use Java Desktop Integration Component to integrate Java apps into Windows SysTray
A
Java programmer often misses the ease with Direct Hit!
which a VB or Visual C++ application can in-
Applies to: Java programmers
tegrate with the Windows desktop. This is be-
cause Java, at its core, being platform independent tries USP: Create a demo app that installs itself in the system tray
to provide the most common UI components that are ex- Links: http://java.net, www.java.sun.com
pected to be available across various OSs. Take for in-
stance, a system tray—the bottom right corner of the ● Get a reference (a SystemTray object) to the Windows
Windows taskbar. Such a system tray is also available in System Tray (JDIC specific)
rich desktop environments—GNOME and KDE—on ● Add the TrayIcon to the SystemTray (JDIC specific)
Linux but is missing in FVWM, yet another graphical The code for the process is as follows.
desktop for Linux.
All this is fine, if you deploy a cross platform graph- // step 1
ical application in Java. But what if you need to develop JPopupMenu menu = new JPopupMenu("Menu");
for a specific platform,say,for Windows? Windows users
expect quite an intuitive behavior from the applications. // step 2
Does that mean you can't leverage your expertise in Java JMenuItem menuItem1 = new JMenuItem("Menu
and have to hop to Visual Basic or C++? The answer is 1");
No, for JDIC is here. JDIC is a Java desktop project at menu.add(menuItem1);
www.java.net that focuses on using native and platform-
specific applications and facilities.According to the site, // repeat step 2 to add more menu items to the JPopup-
“JDIC provides Java applications with access to facilities Menu
provided by the native desktop such as the mailer, the
browser and registered document viewing applications. //step 3
Additionally it provides the mechanisms by which Java ImageIcon icon = new ImageIcon("icon.jpg");
applications can integrate into the native desktop such
as registering Java applications as document viewers on // step 4
the desktop and creating installer packages.” Here we TrayIcon trayIcon = new TrayIcon(icon, "Hello
look at how to install a Java application on the Windows System Tray", menu);
system tray.
// step 5
Steps to system tray integration SystemTray tray = SystemTray.getDefaultSystem-
We assume that you are well versed with developing Tray( );
GUI applications with Java Swing.To install a Java appli-
cation on the system tray, all you need to do is: // step 6
● Construct a JPopupMenu (Java Swing) tray.addTrayIcon(trayIcon);
● Construct one or more JMenuItems and add them to
the JPopupMenu (Java Swing) Note that the parameters to the TrayIcon( ) con-
● Create an ImageIcon (Java Swing) structor are the ImageIcon object, tooltip (that will
● Construct a TrayIcon with the JPopupMenu as a pa show when you move the mouse over the tray icon)
rameter (JDIC specific) and the JPopupMenu respectively.

DEVELOPER C O D E
Following is the code for a ready to compile and run public static void main(String[] args){
Java program, which will install on the system tray. try {
import javax.swing.*; javax.swing.UIManager.setLookAndFeel("com.sun.java.swin

import org.jdesktop.jdic.tray.*; g. plaf.windows.WindowsLookAndFeel");
import java.awt.event.*; }
catch(Exception e) {
public class SystemTrayDemo extends JFrame{ System.out.println(e);
}
public SystemTrayDemo(){
new SystemTrayDemo();
JPopupMenu menu = new JPopupMenu("Menu"); }}
JMenuItem menuItem1 = new JMenuItem("Menu1");
menu.add(menuItem1); Save the code as SystemTrayDemo.java in a directory,
systray (say). Create/download any JPEG file in this di-
JMenuItem menuItem2 = new JMenuItem("Menu2"); rectory (to display the tray icon) and call it icon.jpg.
menu.add(menuItem2);
Compile and run
JMenuItem menuItem3 = new JMenuItem("Menu3"); Download the J2SE SDK 5.0 Update 1 for Windows
menu.add(menuItem3); from www.java.sun.com. Go to https:// jdic.dev.java.
net/servlets/ProjectDocumentList and download the
JMenuItem menuItem4 = new JMenuItem("Exit"); JDIC package. Click on jdic-0.8.8 and download the file
menu.add(menuItem4); named jdic-0.8.8-bin-windows.zip. Unzip the archive
and copy files named jdic.dll, tray.dll and jdic.jar to the
menuItem4.addActionListener(new ActionListener() { systray directory. Compile the code and execute it as:
public void actionPerformed(ActionEvent evt) {
System.exit(0); javac -classpath jdic.jar;. SystemTrayDemo.java
}}); java -cp jdic.jar;. SystemTrayDemo
You should be able to see a tray icon on the system

ImageIcon icon = new ImageIcon("icon.jpg"); tray. Right click on it to see the popup menu with menu
TrayIcon trayIcon = new TrayIcon(icon, "Hello System items—Menu1, Menu2, Menu3 and Exit.
Tray", menu); To close or exit, click on Exit to call the System.exit(
) method—specified in the ActionListener for menu-
SystemTray tray = SystemTray.getDefaultSystemTray(); Item4 object.
tray.addTrayIcon(trayIcon); Shekhar Govindarajan
} IT4Enterprise

DEVELOPER C O D E
Persistence Storage with EJB

An EJB entity bean can be used to store data permanently in database either through
the container-managed or bean-managed persistence
In the last part we showed how to de- Direct Hit!
SERIES velop and deploy stateless session bean
JAVA Applies to: Java developers (beginners/intermediate)
using the WebLogic platform. A J2EE
PART IV
application is made up of session and USP: Use BEA WebLogic to develop and deploy Entity Bean
applications
entity beans.This article will demonstrate the container-
managed entity bean.As entity bean stores the informa- On PCQEssential CD: systems\labs\weblogic
tion in persistent storage, our application will use the
PointBase database bundled with the WebLogic plat- client can create the bean (bean class). The interface has
form. an additional method ‘findByPrimaryKey’ as compared
to the session bean.The method helps to retrieve the em-
The application ployee data from the database. It throws two exceptions
An entity bean consists of two interfaces (remote and called finder and remote. Finder exception will be
local),bean class,three deployment descriptor files and thrown if there is an error in retrieving the data from the
database. A client application will store information in database. The interface has optional finder methods for
database and then retrieve it. We will develop an appli- querying the database and fetching the data.
cation for bank employees with three fields: ID, name
and department that will be stored in database. The import javax.ejb.EJBHome;
database will have a three-column table to store infor- .
mation. The application has to be developed according public interface BankHome extends EJBHome {
to J2EE specifications for EJB 2.0.The code for it is given public Bank create(String name,String id,String depart)
on this month's PCQEssential CD. throws CreateException,RemoteException;
public Bank findByPrimaryKey(String primaryKey) throws
The remote interface FinderException, RemoteException;
Our remote interface is called Bank and defines three }
business methods:getName,getId and getDepart.These
methods will return the employee name, employee id The bean
and department.The implementation of these methods The bean class must meet the container managed
is in bean class. persistence syntax requirements.First,the class must be
defined as public and abstract, must implement the
package com.bank; ‘ejbCreate’ method of the home interface, as well as the
. ‘get and set access’ methods must be defined as public
public interface Bank extends EJBObject { and abstract for persistence. The get and set methods
public String getName() throws RemoteException; should be there for every field in the database.Our bank
public String getId() throws RemoteException; application has three fields; hence we have three get and
public String getDepart() throws RemoteException; set access methods.The bean class also has empty meth-
} ods such as ejbPostCreate() and ejbActivate() as re-
quired by the J2EE specifications.
The home interface
The home interface defines a method by which the import javax.ejb.CreateException;

DEVELOPER C O D E
import javax.ejb.DuplicateKeyException; public class Client

abstract public class BankBean implements EntityBean { {
. String [] name = {"sam","ram","gyan","rishi"};
public void setEntityContext(EntityContext entityContext) String [] id = {"100","101","102","103"};
{ String [] dep = {"loan","credit","product","personal"};
. Bank bs = (Bank) PortableRemoteObject.narrow(home.
abstract public String getName(); findByPrima-
abstract public void setName(String name); ryKey("100"), Bank.class);
abstract public String getId(); System.out.println("100 id name is" + bs.getName( ));
abstract public void setId(String id); }
abstract public String getDepart();
abstract public void setDepart(String depart); private Bank createAccount(String name, String id, String
. depart)throws
public String ejbCreate(String name,String id,String depart) CreateException,RemoteException
throws CreateException { {
setName(name); Bank ac = (Bank) PortableRemoteObject.narrow(home.cre-
setId(id); ate(
setDepart(depart); name,id,depart),Bank.class);
} return ac;
. }
} .
public void ejbPostCreate(String name,String id,String de- home = (BankHome)ctx.lookup("bank_april");
part) {} .
public void ejbActivate() {} }
.
} Creating database and data source
The next step is to create a PointBase database and
The client data source associated with it. For this, go to
The client inserts employee data in the database C:\bea\weblogic81\common\bin.Double click on 'start-
through createAccount method. The employee data is PointBase' script icon. PointBase server will be started
defined in three String arrays. We pass an employee ID and a message will be displayed in the command prompt
to the findByPrimaryKey method to retrieve the em- 'server started…'.Double click on the 'startPointBaseC-
ployee name. The JNDI name for our application is onsole' script icon to launch the console. Enter the fol-
bank_april. lowing in the console.
package com.bank; Driver: com.pointbase.jdbc.jdbcUniversalDriver

import javax.rmi.PortableRemoteObject; URL: jdbc:pointbase:server://localhost:9093/server

DEVELOPER C O D E
User:weblogic mand prompt, compile the JAVA files and create the de-
Password:weblogic ployment JAR file using
Select the 'Open specified database option' and click C:\> javac -d . *.java
on OK.On the left hand side select Schemas>WebLogic. C:\> jar -cvf bank.jar com
Right click on Tables>Create Table. Then click on Next
and give 'bank' as the table name. Again click on Next. ● Now you need to create deployment descriptor files
Now three columns: id,name and departmeant are to be using the WebLogic Builder.WebLogic Builder automat-
created. So click on Add. Under Column name enter 'id', ically creates three deployment descriptor files, namely
SQL Type 'VARCHAR', length '20' and check off the 'Al- weblogic-ejb-jar.xml, ejb.jar.xml and weblogic-cmp-
low nulls' option. Click on Add and enter Column name rdbms-jar.xml. These files contain information about
'id', SQL Type 'VARCHAR' and length '20'. Click on Add the application and WebLogic specific environment
and enter Column name 'depart', SQL Type 'VARCHAR' properties. Discussing in detail about the file is beyond
and length '20'.Click on Next three times on the consec- the scope of this article.
utive screens and then on Finish to create the table ● Now open the WebLogic Builder and open this
'bank'. This step involves creation of the database con- bank.jar (bank.jar is created in bank folder) file by click-
nection pool. Start the WebLogic server as discussed in ing on File>Open. When prompted, select Yes to create
the previous part and login in to the console. Click on new descriptors. From the left-side pane, select
Services>Connection Pools on the left-hand side of con- BankBean.Select the General tab on the right-hand side
sole and select 'Configure a new JDBC connection pool'. and give JNDI name as bank_april. Click on the Classes
Select database type 'PointBase',database driver 'Point- tab, select primary key class 'java.lang.String', as the
Base's Driver(Type4) Versions:4.X'. Click on 'Continue home interface has primary key as a String. Select pri-
and note the JDBC connection pool name'. Enter Data- mary key field 'id'. Under Container Managed Persis-
base Name 'server', Host Name 'local host', port '9093', tence,enter Datasource name as 'bankDS' (name of JNDI
username 'weblogic' and password 'weblogic'. Click on data source given above) and Table name as 'bank'.
Continue and then on the 'Test Driver Configuration' Now, from the menu, go to Tools>Validate Descrip-
button. A 'Connection successful' message will be dis- tors.It's fine if you get an 'EJBC Successful' message,oth-
played if everything is ok. Next click on the 'create and erwise you need to rectify the error in JAVA files.Click on
deploy' button to create the connection pool. The next File>Save and close the Weblogic Builder.
step is to create data source for the connection pool.Click ● Now the bank.jar is to be deployed in the WebLogic
on Services>Data sources on the left-hand side of the server. Select Deployments>EJB Modules on left-hand
console and select 'Configure a new JDBC Data source'. side of console.Select 'Deploy a new EJB module',browse
Call data source 'ds' and JNDI as 'bankDS'.Click on Con- to C:\bank and then open the bank.jar file. Select the
tinue. Select the connection pool name as given above 'Target Module' button and then Deploy.
and click on Continue.Now click on Create.A data source
with JNDI name 'bankDS' will be created. Running the client
Copy the Client.java file to the 'bank' folder and run
Compiling and deploying the application
● You need to set the class path as: C:\> javac - d . Client.java
C:\> java com.bank.Client
set classpath =
c:\bea\weblogic81\server\lib\weblogic.jar;c:\bank;%class- You can create similar applications with a number of
path% database fields and insert records. In the next issue we
will delve deeper into entity bean and do database
● Create a folder called 'bank' in C:\ and put our Bank, queries.
BankHome and BankBean JAVA files in it.From the com- Sushil Oswal

DEVELOPER C O D E
Authenticate with DNS

DNS comes into play in almost every networked scenario to locate servers and re-
sources of interest. Let’s see how to use this for authentication
It seems unbelievable that in these Direct Hit!
SERIES days of massive malware attacks and
PROJECT: DNS Applies to: Advanced system programmers
spam, hardly anyone seems to have
PART I
thought of roping in the services of- USP: Using DNS server as a validation mechanism
fered by the ubiquitous DNS for purposes of authentica- Links: http://www.ietf.org/rfc/rfc1035.txt
tion and validation.
In this series, we'll be looking at re-writing infra- add additional ports for increased processing capacity,
structure servers,in parts,for the above purposes.As the and add special ports for encrypted communications.To
first of these, we take the DNS server and we'll see how comply,all we need to do is construct a 'structure' object
and what parts of it can be re-done. Here we've not pro- in our program and transmit that using the networking
vided the project's source code,but we will examine that features our language provides.For example,to transmit
in detail in our next part. Our code is demonstrated in an 'A' record, we do the following.
VB.NET,but this can be easily ported to other languages
such as C# or Perl or C/C++. We are assuming that you Structure DNS_A
have a working knowledge of DNS. Dim RR_Name As String
Dim RR_Type As UInt16
Why re-write the server? Dim RR_Class As String
Why don't we simply write an 'extension' and plug it Dim TTL As Int32
into an existing DNS implementation like BIND, Win- Dim RDLength As UInt32
dows DNS, etc? The trouble is that it wouldn’t be easy to Dim RData As String
tamper with a running DNS. Moreover, each system is
written in a different language, with different seman- Shared Function ToString() As String
tics). It might be easier to just write a mini-DNS system ' code to make a single
that uses the other servers to do its job. ' padded string out of all the values
End Function
Transmission End Structure
DNS systems communicate through TCP and UDP Dim varDNSA As DNS_A
packets, usually on port 53. RFC 1035 states that al- .
though we need not implement both ports, it would be objTCPSocket.Send( _
useful to have them around for redundancy.We can also Encoding.UTF8.GetBytes( _

DEVELOPER C O D E
varDNSA.ToString() _ --- 'A' record of 'mailer01.onlyspam.net' [NOT FOUND]

)_ --- 'CNAME' record of 'mailer01.onlyspam.net' [NOT FOUND]
) REPLY: IS_SPAM
It is as simple as that. Similarly, we would receive an The domain could still be registered and used for
octet stream of bytes, which will need to be examined. spamming, in which case our above test would pass.
Once found what data (or query) it contains,we can split
it into its composite fields, and load them into a similar Network resource authentication
structure for further processing. On any network,even if the IP addresses are assigned
by DHCP, you would know what the valid ranges for any
Signing communications ‘desirable’ system are, that would come onto your net-
Assume that we went ahead and deployed several of work. Your DHCP can be configured to instruct each
our modified DNS servers around our network. How client computer to register itself with the DNS on your
would we ensure that these could communicate special network. What this would do is add an ‘A’ and a corre-
commands or information to each other,without the fear sponding ‘PTR’record on your DNS—of course,you will
of unauthorized programs sending unexpected data to need to first create the appropriate forward and reverse
them? Easy, for some commands or data to be zones for each domain and workgroup you have.
processed—record updates,for example—we could re- Now, when a machine requests access to your LAN’s
quire (PGP) digital signatures to be embedded. Packets resources,you could have its IP address and name looked
arriving without them would face restricted processing up in the DNS against the PTR and A records respec-
or completely discarded. For example, tively. Testing both fields gives protection against IP-
spoofing infiltration attacks.
objTCPSocket.Receive(varIncomingPacket)
If (varIncomingPacket.Length > 256) Then Mail checks and databases
' has PGP key A DNS can also be tapped as a ready-reference mail
TestAndUpdate(varIncomingPacket) address book using the MB record, which gives you a
Else simple listing of e-mail addresses available for a DNS do-
' normal transmission main.You can extend this using TXT records that will al-
TestOnly(varIncomingPacket) low you to append miscellaneous information (like
End If designation, department and extension number) to the
e-mail address. In our case,we combine the two records
Another use would be to help eliminate spam by to create a new resource called the CMB (Corporate Mail
looking at the senders of e-mail.One way spam operates Box),where the first two fields (shown below) come from
is by giving you a 'From' address that does not exist—ei- the MB record and the last one is an alias for the TXT
ther there is no such mailbox,or there is no such mail do- record.
main or both.In our solution,we will simply try to check
if that mail domain exists,although this is not really suf- Structure DNS_CMB
ficient. Writing a plug-in for your mail server for this Dim MailDomain As String
may not be easy,but we can hook it up easier,if it leaned Dim MailBoxName As String
more towards our DNS deployment.We can also imple- Dim AdditionalInfo As String
ment a new DNS query to make this a single step process End Structure
and have our DNS carry out the required validations
black-boxed. Assume you received e-mail from the ad- These are just a few of the many things we could do
dress: 'johndoe@mailer01. onlyspam.net'. We can test with our own implementation. In our next part, we will
the domain string, thus, giving: implement the different classes required to build our
DNS server.
QUERY: SPAMCHECK mailer01.onlyspam.net Sujay V Sarma

DEVELOPER C O D E
Yahoo Search Web Services

This new service allows developers to write code in .NET, Java or PHP that can query
Yahoo's various search channels
Y
ahoo has given in to the long-standing de-
Direct Hit!
mand of many developers and finally
Applies to: Developers
launched its Web services. The Yahoo Search
Web Services allows developers to query Yahoo's USP: Understand how to write code in ASP.NET to query vari-
ous channels in Yahoo's search engine
search engine from different programming lan-
guages. Google has been providing this facility for Links: www.developer.yahoo.net
quite some time now with the Google Web API.The Ya-
hoo Search Web Services, however, differs signifi- low (at the time of writing this article).
cantly from Google's. In addition to the query, you need to specify your
For starters, Google's API is SOAP-based while Ya- application ID (visit http://developer.yahoo.net to get
hoo chose to go with REST.The Google API can be used one free). Then there are certain other parameters that
only for Web search meaning that services such as depend on the service you're using.A list of various pa-
Google News, Google Image Search etc. cannot be ac- rameters that Web search supports/requires is given in
cessed via the API. Yahoo, however, allows developers Table 2.
to search five 'channels' of content—the regular Web One thing to note here with the query parameter is
search, Image search, Local search, News search and that it can include the full search language like 'site:',
Video search.While Google restricts developers to 1000 which makes it quite powerful.Let's take an example to
queries a day,Yahoo offers a generous 5000 queries per make things a bit clearer.
day in each of the channels. Both, however, require you Let's say you want to search for the word ‘technol-
to register for access to the APIs and are free of cost. ogy’ on the site pcquest.com and you want to fetch re-
Let's see how it works. sults number 8 and 9. This is how your request URL
You can access these services at their respective may look like:
URLs and obtain results by specifying your query as a http://api.search.yahoo.com/WebSearchService/V
parameter. The URLs of the various services are as be- 1/webSearch?appid=YahooDemo&query=technol-
ogy+site:pcquest.com&results=2&start=8
Table 1: URLs of various services
Let's see what response do we get to the above re-
Service Request URL
Web http://api.search.yahoo.com/WebSearchService/V1/webSearch quest.
Image http://api.search.yahoo.com/ImageSearchService/V1/imageSearch
Local http://api.local.yahoo.com/LocalSearchService/V1/localSearch
News http://api.search.yahoo.com/NewsSearchService/V1/newsSearch <?xml version="1.0" encoding="UTF-8"?>
Video http://api.search.yahoo.com/VideoSearchService/V1/videoSearch <ResultSet

DEVELOPER C O D E
xmlns:xsi="http://www.w3.org/2001/XMLSchema-in- ogy/103020705.asp</Url>
stance" xmlns="urn:yahoo:srch" <ClickUrl> ... </ClickUrl>
xsi:schemaLocation="urn:yahoo:srch http://api.search.ya- <ModificationDate>1106294400</ModificationDate>
hoo.com/WebSearchService/V1/WebSearchResponse.xsd" <MimeType>text/html</MimeType>
totalResultsAvailable="778" totalResultsReturned="2" <Cache>
firstResultPosition="8"> <Url> ... </Url>
<Result> <Size>32446</Size>
<Title>Technology in 2001</Title> </Cache>
<Summary> ... </Summary> </Result>
<Url>http://www.pcquest.com/content/topsto- </ResultSet>
ries/100120301.asp</Url>
<ClickUrl> ... </ClickUrl> 
<MimeType>text/html</MimeType>
<Cache> (Note: In the above results the actual values of Sum-
<Url> ... </Url> mary, ClickUrl and Url have been replaced by ellipsis
<Size>33788</Size> (… ) due to space constraints.)
</Cache> Let's process these results to come out with a neat
</Result> list of results for use on our website.We'll use ASP.NET
<Result> for this example, but you can do the same just as easily
<Title>PCQuest : Technology : Communicate Better with in any other programming language,especially if it has
ADSL2</Title> libraries/functions that allow for easy processing of
<Summary> ... </Summary> XML.
<Url>http://www.pcquest.com/content/technol-
<%@ Page Language="C#" %>
<%@ import Namespace="System.Xml"
%>
<script runat="server">
// function to process XML

void ProcessXML(XmlNode objNode)
{
XmlNodeType objDocumentN-
odeType = objNode.NodeType;
switch(objNode.NodeType) {
case XmlNodeType.Text:
switch(objNode.Name) {
case 'Title':
output.Text += "<li>" +
objNode.Value.Trim() + " - ";
break;
case 'Url':
output.Text += "<a
Yahoo has a separate site for developers’ , where it provides sample href=\"" + objNode.Value.Trim()
code for accessing its web services +"\"</a></li>";

DEVELOPER C O D E
Table 2: Parameters used by Web search

Parameter Value Description
appid string (required) The application ID. PIMS PCQuest
query string (required) The query to search for. Instant Messaging Service
type all (default), any, or phrase The kind of search to submit: all returns results with all query
terms. any returns results with one or more of the query terms.
phrase returns results containing the query terms as a phrase.
results Integerdefault 10, max 50 The number of results to return.
start Integer: default 1 The starting result position to return (1-based). The finishing Interested in a product reviewed or
position (start + results - 1) cannot exceed 1000. advertised in this issue?
format all (default), html, msword, Specifies the kind of files to search for.
pdf, ppt, rss, txt, xls
adult_ok no value (default), or 1 Specifies whether to allow results with adult content.
similar_ok no value (default), or 1 Specifies whether to allow multiple results with similar content
language string: default en The language the results are written in.
break; XmlDocument object

default: objXml.Load(strXmlFile);
break; // get the root element of our
} Xml file
break; XmlElement objDocumentRoot
= objXml.DocumentElement;
default: //Present the search results Along with the RQS code we now
give you a PIMS code
break; as an unordered list
} output.Text += "<ul>";
// get child nodes of current // Process the file
element, if any ReadXmlFile(objDocument-
XmlNodeList objChildren = ob- Root);
jNode.ChildNodes; output.Text += "</ul>";
}
// loop through the child </script>
node(s), if present <html>
for(int i = 0; i < <head>
objChildren.Count; i++) { </head>
<body>
// call the function to <asp:label id="output" runat="server"
process each child node recursively /> Type in the PIMS code for the
ProcessXML(objChildren[i]); </body> product and SMS it to 9811800601
} </html>
}
void Page_Load() { This code creates an unordered
// location of XML file - the list of the form Title - URL of all re-
request URL goes here sults returned by the query. The
string strXmlFile = same code can be adapted to search
"http://api.search.yahoo.com/Web- Yahoo News or any of the other 130254
SearchService/V1/webSearch?appid=Y channels with minor changes.
ahooDemo&query=technology+site:pc The introduction of Yahoo
quest.com&results=2&start=8"; Search Web Services is really a wel-
// create an instance of Xml- come step for developers and surely
Document object there are going to be many useful
XmlDocument objXml = new applications based on this in the
We will send your request to the
XmlDocument(); near future. vendor the same day. The vendor
// load the XML file in the Kunal Dua will call you on your
cellphone number

in depth april 2005.qxd 4/6/2005 11:00 AM Page 112
IN DEPTH
W I R E L E S S T E C H N O L O G I E S
Wild Wild
Wireless
Wireless technologies are being developed to keep you connected wherever you are
ANIL CHOPRA, ANKIT KAWATRA, ANOOP MANGLA, NEHA SHAMSHERY, RINKU TYAGI,SANJAY MAJUMDER, SUSHIL OSWAL
1985 1989 1990 1997

Spread-spec- FCC (Federal IEEE begins IEEE approves
trum technology Communications work on stan- 802.11 for 'over-
goes commer- Commission) al- dards for wire- the-air interface
cial; declassified lows three radio less connectivity between wireless
and made avail- bands to use the in the unlicensed clients and base
able to public by technology spectrum stations’. FCC
Wireless Time Line
US Navy allows
1942 1958 fourth
A frequency- First computer band to use
hopping radio chip for radio the spread-
encryption tech- communication spectrum
nique (later based on spread- technology
called Spread- spectrum tech-
spectrum technology develo-
nology) ped by US Navy.
patented; do- Technology still
nated to US Navy classified
Source: PC Magazine


R
ousseau said, "Man is born free, but
everywhere he is in chains." Probably
he was clueless of the power of chain-
free wireless when he coined this
phrase. Indeed, so much has happened
in the wireless world till date,and so much more is go-
ing to happen that very soon you might be living in a
world that's completely free of wires—no strings at-
tached (literally!).
Probably the two biggest successes of modern day
wireless technologies are WiFi or wireless LANs and
mobile phones. These have brought wireless tech-
nologies from their niches to the
masses. But thankfully, their
success has led to the development
of many other new technologies, in
just about every facet of life. So whether
you're at home, in office, on the road, in a
restaurant, or in an airplane, rest ensured that
some wireless technology will be there to keep you
connected.
For instance, when a company goes for leased-
line connectivity, one of the biggest hassles is lay-
ing the last mile, because roads have to be dug up
to lay the wires.What if it were to go wireless? The
WiMax technology promises to make this possi-
ble.Not only that,but the technology is also be-
2001 2002 2005

2000 Wireless hot
spots in
WECA becomes
(WFA) WiFi
Wireless charg-
ing pads to be
WECA (Wireless coffee shops. Alliance, begins released by year
Ethernet Com- Shipping of 802.11a certifi- end.Almost 0.5
patibility Al- 802.11a products cation tests.WPA billion 802.11-
1999
liance) launches
WiFi certifica-
and 802.11g de-
vice develop-
rolls out to re-
place WEP. First
2003 based devices to
be sold in this
Intel introduces
tion programme ment begins 802.11a/b prod- year itself
802.11a and b Centrino mobile
for 802.11b- ucts shipped
ratified. 802.11b technology.
compliant prod-
products begin 802.11g products
ucts. MIcrosoft
shipping begin
releases Win-
shipping.
dows 2000 with
First WiFi
WLAN sniffer
zone launched
ability

IN DEPTH W I R E L E S S
ing considered for bringing wireless broadband to

homes. When you're on the road and need to check
your e-mail or browse the Web, GPRS and CDMA
make it possible for you. The latest upgrade to these
A WiMAX network
technologies,called 3G,is being implemented to scale WiMAX
up the bandwidth they offer. This would make broad- Subscriber
band on-the-move possible, resulting in many more Station
useful applications, such as video conferencing, on-
line collaboration, etc.
Phone line
With such top-notch wireless technologies in
place, you will no longer experience dead time and be
able to participate in interactive training while wait- Ethernet
ing for your flight. You will neither be tethered to the
office nor have to make compulsory field trips to fetch
documents.You will be able to get the required infor- Access
mation anywhere, anytime and instantaneously an- Point
swer client-queries, quote prices, update inventory
WiFi
and enter orders.Your efficiency will increase, as you
will have easy access to specifications and database to
work out solutions in time.
Personal connectivity is another area where wire-
less technologies are making a mark. It started off
with the concept of WPANs (Wireless PANs), which
were led by the Bluetooth technology. A new version
of Bluetooth is out now that provides higher through-
Ethernet
Source: pctechguide.com
put at lower power consumption.Another technology

called WUSB (Wireless USB) has bigger plans for the
WPAN, with far greater throughputs.
Imagine shooting a video with your digital cam- Customer Premises(home,business or hot spot)
corder and streaming it directly to your friend's tele-
vision. WUSB would provide the necessary
bandwidth to do so. is happening on most of these technologies to bring
A technology innovation called ZigBee will make out applications so that they really help everyone stay
it possible to remotely monitor various types of sen- connected.
sors—for air-conditioning, lighting, smoke alarms, Some of the technologies are already available,
and many more. while others might be available towards the end of
So just think of it—the weather, temperature and this year or the beginning of the next year. Others
other information is being communicated by tiny might take a few years before becoming a reality.Wire-
sensors based on ZigBee, passing data over radio less electricity, for instance, is still a distant dream.
waves from one to another. At the end of the line, the In the pages to follow, we've looked at the entire
data is picked up by hotspots created by WiMax or gamut of wireless technologies and the applications
WiFi. In effect, most of these wireless technologies they promise to make possible. Moreover, some of the
will not be islands in themselves, but will offer some future technologies we've talked of are already avail-
interconnectivity between each other.All this will just able in some other countries. In those cases, we've
help in creating a perfectly connected environment. given a rough estimate on when they will be available
All these innovations are not a shot in the dark. Work in India.

a great way of getting Internet connectivity, do pose

some problems.A better way could be to have a wire-
less last-mile. That, in essence, is WiMax (Worldwide
Interoperability for Microwave Access).It promises to
Internet offer the same level of functionality as existing wired
solutions, which range from copper based T-1, E-1,
optical T-3 and SONET for the enterprise to standard
Ethernet and DSL for homes and small offices.
WiMAX IEEE
Benefits
A wireless connection has several advantages over
802.16
a wired connection. It gives you ease of set up and re-
Point-to-point quires lesser maintenance, especially when you are in
backhaul an area where laying down wires is not an easy job.
This could be a place like a congested area in a city or
a remote location in a village.Along with that, a wire-
less connection takes lesser time to set up than a
Telco Core or wired connection. So, for areas that do not have ade-
Private(fibre) quate wired network in place, wireless last-mile is a
Point-to- Network good option.
multipoint
Technology
The WiMax standard (IEEE 802.16a) is an exten-
sion of Wireless MAN (Metropolitan Area Network)
Air Interface standard for MAN (802.16). It was de-
veloped to operate in the high frequency band range
of 10 to 66 GHz, while 802.16a will operate in lower
WiMAX Base frequency band range of 2 to 11 GHz band. The no-
Stations ticeable change in 802.16a is the absence of line-of-
sight requirement. WiMax directional antenna can
transmit signal to cellphone tower even if there is no
Wireless Broadband— direct line-of-sight. The signals can propagate
through obstacles such as high-rise buildings, trees.
Last Mile 802.16a will be able to transmit signal up to 50 Km
One of the biggest challenges most ISPs face when distance and offer maximum 70 Mbps data transfer to
providing connectivity to end- users, be they at home hundreds of users. Reliable transmission is achieved
or the enterprise, is the Last Mile. This is the distance through forward error correction technique, and
between the service providers' point-of-presence and Triple-DES encryption is used for secure transmis-
the customers' premises. The challenge comes in the sion.
form of forming the link between the customer's net-
work and the ISP's, which may require digging up of Products
roads for laying down the cables, and the hassles of Many broadband wireless vendors are actively de-
getting permissions from various govt bodies,such as veloping 802.16a compliant based products. Few of
the local municipal corporation and the DoT. Addi- them are Alvarion,Aperto Networks,SR Telecom,Red-
tionally, maintaining these cables after a period of line communications and Intel Huawai. Redline com-
time becomes an issue. So, wires, which are otherwise munications has launched AN-100U, an 802.16a


compliant product which functions as a base and re-

ceiver station. Intel in association with Alvarion has
plans to develop 802.16a chip and start shipping it Global Positioning System
with its Centrino branded laptops.More WiMax prod-
ucts will start coming towards the end of this year.
The cost of WiMax based Internet services are ex-
pected to be higher than wired services because of
W e are among the fortunate lot for we don't have to
chase the pole star or look for other signs of nature
as clues for direction. Neither do we have to fumble with
possible license requirements and the need of WiMax cumbersome compasses and charts to find where we are.
customer equipment. Thankfully, to bail us out we have things like GPS (Global
Positioning System) around! GPS offers a whole lot of ap-
plications on land, at sea and in the air. The airborne ap-
Short-range Wireless plication being navigation; at sea, its used for navigation
Wireless personal area networks have been around by recreational boaters, commercial fishermen, and pro-
for some time now, but they started gaining popular- fessional mariners.Land-based applications are more di-
ity only recently. So nowadays, you would find people verse.The scientific community uses GPS for its precision
synchronizing their PDA to their PC or laptop, an- timing capability and position information.
swering mobile calls through a wireless headset, con- GPS is a satellite-based navigation system,which pro-
necting to their office network through a mobile vides specially coded satellite signals that can be
phone and exchanging business cards through PDAs. processed in a GPS receiver,enabling the receiver to com-
All this communication between various personal pute position, velocity and time. You can plan your trip
digital devices mentioned happens over wireless. from the in-car GPS device itself and hit the road. Some
such devices are Cobra NavOne 3000, Garmin StreetPilot
2620, Magellan RoadMate 300 and TomTom GO. A new
Control electrical
equipment wire-
lessly using ZigBee While you might feel that these are all
restricted applications that would not
be useful for everyone, then you're
probably right, because what's in
store for you in the near future is
far more. A bluetooth
Existing wireless PAN tech- headset con-
nologies like IrDA and Bluetooth 1.2 nects to a mo-
have reached a roadblock and can't go bile phone
beyond what they currently offer. Three
new technologies, namely Bluetooth 2.0, Wireless
USB, and ZigBee, plan to take this communication far
beyond just a bunch of devices to include just about
every personal digital device you can imagine.
Bluetooth is the most widely used of all three. The
2.0 version will operate in the same frequency band
(2.45 GHz) as the previous 1.2 version. An important
change in its specification to note is that a Bluetooth
2 enabled device offers a peak data rate of up to 3
Mbps (2.1 Mbps real throughput) while 1.2 specifica-
tion offered peak rate of just 1 Mbps (723 Kbps). The

camcorder to a TV? Or how about backing up data

from multiple PCs to an external hard drive?
product line has come up resulting in Surely Bluetooth will hit a wall there with the
GPS add-ons for notebooks,PDAs,and bandwidth it has to offer. That's where Wire-
cellular phones. Garmin iQue 3600 is less USB comes into the picture. Being a direct
one such personal digital assistant. In take off from its wired cousin, namely USB
fact the sophisticated ones even offer 2.0, the wireless technology plans to offer up
spoken directions and voice-activated to 480 Mbps throughput. That's even higher
commands for use with multimedia than what existing WLANs offer. This is pos-
notebooks and PDAs. sible because it uses Ultra-Wideband tech-
In India, however, personal GPS nology for transferring data,which uses a very
products is not all that popular—the wide RF spectrum. It can use a band that's 7 GHz
primary reason being the price at which A Palm OS wide, ranging from 3.1 to 10.6 GHz. This technology
they come. Here GPS is most popularly PDA with in- is also receiving strong backing from several indus-
used in tracking and mapping activities. tegrated GPS try giants, including Intel, Philips, and NEC.
In fact a tsunami warning system in the Coming to the last one, ZigBee is the exact oppo-
Indian Ocean and the surrounding seas has been pro- site of Bluetooth and WUSB. It's meant for remote
posed. This will employ GPS by way of comprehensive monitoring applications such as
mapping and zoning of risk prone areas with the help of home, building, and industrial Short range
remote sensing and usage of satellite imageries. automation. It could therefore be with IrDA
The market may just pick up sometime in the future, used largely as sensor devices for
but as of now we can't afford it in a big way. air conditioning, cooling, smoke
alarms, etc. For this, very high
throughputs are not needed. What's
needed is a device that
increased throughput will enable large file requires low power con-
transfer and faster transmission of music and sumption so that it can run longer over
video. Bluetooth 2.0 devices also consume less batteries to the tune of several years.
power, and the maximum distance can go up ZigBee offers just that. Plus, you can use
to 100 metres.Some other notable changes in ZigBee to connect more than 64,000 de-
2.0 are improved quality of vices, which is far higher than the other
service for better audio two technologies.
and video streaming.There As far as availability goes, Bluetooth 2.0
is also support for multicast by is already hear, while the other two are ex-
which one Bluetooth device can si- pected sometime during this year itself.Wireless USB
multaneously transfer data to Apple Power- might take longer to come to India due to the fre-
many Bluetooth devices, eg a CD Book comes quency band it operates in a different frequency band.
player sending music to multiple with Bluetooth
headsets. Version 2.0 is backward 2.0, a first
compatible with 1.X versions. One High-speed Mobile
of the first Bluetooth 2.0+EDR enabled devices is Ap-
ple's latest Powerbook G4 portables line.
Internet Access
While the new Bluetooth does offer many benefits, Nothing is more treasured by mobile executives
its applications are limited only to devices where large than a mobile Internet connection, which can get
file transfers are not required. What if the need is for them connected, no matter where they are. Mobile ex-
passing heavier data over wireless, say from a video ecutives (road warriors), such as sales professionals,

Wireless Gaming
W hen everything else is being touched by wire-
less, how can games stay behind? Wireless
gaming is another area that's picking up.You could-
essentially there are two ways to provide a multi-
player game. One is quasi peer-to-peer, where
you're playing games over Bluetooth, while the
n't have missed the Nokia N-Gage TV ad, where other is via a remote server, which is over your
two boys challenge each other for a game over their service provider's network.For instance Airtel Live
cellphones. Basically most handheld devices, be is a service from Airtel, which lets you to download
they a cellphone or a PDA, are coming with built-in single player games of your choice by just sending
wireless technology. If it's Bluetooth, then two or an SMS. These games are downloaded just like you
more wireless devices can play games against each download ring tones.
other if they're in the vicinity, such as a room or a Other gaming devices are also going wireless.
train.Alternately, multi-player games are also pos- For instance, you can now also play games over a
sible over the wireless service provider's network, wireless LAN. There are enough wireless gaming
wherein the distance between the players is only adapters available that can hook up your
restricted by the coverage of the Playstation or Xbox together over
mobile service provider. WiFi so that you don't end up
Imagine three friends sit- getting tied down by cables.All
ting in three different met- this is possible today, but may
ros and challenging each be in near feature with
other to a death match! So WiMAX, game lovers could even
play games across their apart-
Connect the XBox to a ments or cities. Since the band-
wireless gaming adaptor width will be higher, they
and play games wire- could play much better quality
lessly games.
always feel the need for the ability to access the Inter- from your mobile service provider. But, can I have a
net, wherever they are, be it in a car, a restaurant, or an GSM connection and not a CDMA connection, or vice
office. While a mobile phone can let them be versa? Does my mobile phone support data? What
connected by voice, irrespective of their lo- throughput will I receive? What service do I need to get
cation, a similar solution for data trans- activated from the service provider? All these ques-
fer is also required in today's fast tions are definitely going to crop in everybody's mind.
moving information age. Neverthe- So, let's get to the answers to all these questions.
less,the same mobile phone can now
also be used for fast Internet ac- Present data transfer technologies
cess. All you need is a mobile Users of CDMA (Code Division Multiple Access)
phone capable of transferring services from Reliance and Tata Indicom can enjoy
data, a connection between the high speed (144 kbps) Internet access on their note-
mobile phone and your notebooks by connecting their mobile phones to it.Almost
book, and data service enabled all mobile-phone models, even the low-end sub 4k
models, supplied by these providers support Internet
Your phone will one day provide connectivity. Cables to connect the phone to the note-
you very high-speed Internet book are also readily available.Tariffs are based on the


WiFi Cellphones
Y ou are calling somebody in your office using your
mobile phone; the call goes to the nearest cell
phone tower, from there to the call switching center
is available within your wireless network,the call will
be made through the local wireless network. If the
called party is outside the WiFi network,then the call
and then to the called person's cell phone. All this gets routed through the cellular service provider's
happens just to complete a call made to a person sit- network.All this will happen in a manner that's com-
ting,maybe,next to you.Ever wondered if there could pletely transparent to the users.Isn't this an amazing
be a shorter way of completing this call,by using your application of WiFi? Indeed, it is, but the success of
local WiFi access point instead of the cellular service this kind of an application depends upon a number
provider's network? Even if you haven't, somebody of things. For one, a company must have a VoIP de-
out there has, and the answer is a device that can be ployment. This would mean at least a VoIP gateway,
called a WiFi cellphone.It would have WiFi as well as which would be able to store the VoIP numbers of all
cellphone circuitry built in. Plus, it would also have the WiFi cellphones and be able to route calls between
VoIP embedded.This way,it would act as an IP phone them. Secondly, it would require the organization to
on a WiFi network, and a cellphone when used out- have WiFi on the network.Third and most important
side. is that this sort of a solution would be viable mostly
Coming to the benefits,Voice over IP (VoIP) is al- for organizations with offices in multiple locations,
ready proven to be a cost efficient technology and is which are also interconnected through some
an effective way of making voice calls over an IP net- form of leased circuits. Since the number of
work. The same technology when used over a WiFi VoIP deployments themselves are fairly lim-
network, can provide for local wireless phone calls, ited in India, this sort of a solution still has
the same way a cell phone network enables mobile a long way to go before it becomes popular.
phone calls.This would provide greater flexibility and Products supporting this dual functional-
cost saving,as the calls will be routed through the lo- ity are already available from Motorola,
cal WiFi network and not through the cell phone net- HP and NEC.
work.
Users of such a hybrid device would now have two This looks like a normal cord-
numbers associated with them; a cell number and a less phone, but is actually a
VoIP number.While making a call,if the called party WiFi VoIP phone
number of minutes you are connected to the Internet. between the phone and
For GSM users, Internet access is provided notebook can be done using
through a technology called GPRS (General Packet cable, Infrared or Blue-
Radio Service). All major GSM operators, such as tooth, depending on the model.
Hutch, Airtel, Idea, BSNL, Maximum attainable speed for GPRS is
MTNL, support GPRS and 57.6 kbps. For faster access, Hutch and Airtel are pro-
have varying tariff plans viding EDGE (Enhanced Data Rates for Global Evolu-
ranging from fixed plans to tion) services, which can take the speed up to 230
volume based plans. To use kbps. But, EDGE enabled phones will be more expen-
GPRS, you need a GPRS ca- sive than the GPRS ones.
The EV-DO PC card gives pable mobile phone, which
Internet@2.4 Mbps on your may not fit in the lowest of Future
notebook price bands. Connectivity While the data speeds mentioned above for both

GSM and CDMA, may must have the requisite player

appear to be more installed. There are a num-
than enough for most ber of mobile phones or
practical needs, the smart phones that come
fact is that the thirst preloaded with such play-
for bandwidth never ers. We shall list these
quenches. So, for more phones later in the article.
bandwidth hungry The way streaming is mate-
users, there rialized is that; first the
are some video clip is digitized, com-
new technologies, pressed and captured
which have already The Nokia phone, with its front camera, lets you do from a camera to a PC.
been deployed in a few video conferencing on a 3G network From this PC the com-
other countries and pressed video is trans-
will soon be available in India also. ferred to a streaming server. The mobile phone users
Evolution Data Only (EV-DO) is the name of the can then access this streaming server through the In-
technology that can provide 2.4 Mbps of bandwidth ternet and view these digital video clips.
to mobile users on a CDMA network.GSM users want- Video streaming over the Internet might not be a
ing more bandwidth need not despair, as another very exciting thing to talk about as it has been there
technology named Wideband CDMA (W-CDMA) can for quite some time.But what makes streaming a chal-
provide them also with 1920 Kbps of bandwidth. It lenging task as far as mobile phones are concerned is
may seem that W-CDMA is related to CDMA, but de- that the phones provide very little buffer memory, so
spite the similarity in name W-CDMA has little to do not much content can be buffered.The streaming con-
with CDMA. W-CDMA is meant for GSM networks tent immediately begins to play back after the down-
and not CDMA networks. Such high speeds make loading to the mobile phone is started. Hence, arises
them-EV-DO and W-CDMA-3G technologies and can a need for faster data transfers through the mobile
be used for applications like high speed video trans- networks. Thus there is a need for the 3G network to
mission. However, you will have to upgrade your enable video steaming.
phones to more expensive models to use these The 3G network is being offered in some parts of
technologies. Europe, but it is still not there in India. Some Indian
service providers, such as Hutch are providing video
downloading, over 2.5G networks using EDGE tech-
Video streaming and nology. The difference here is that the video is not
played in real-time. You have to first download the
conferencing video clip and then play it.Here,unlike the 3G network
the playback will not start as soon as you start the
Voice over wireless (mobile phone networks) was downloading.The 3G network uses UMTS technology
not enough, people wanted more. So the technology for achieving higher data transfer rates.
giants came with cellular networks that could carry
data and we could now browse the Internet on the mo- EDGE
bile phone itself. But as always the development was EDGE stands for Enhanced Data rates for Global
not to stop at this. With the advent of 3G networks, Evolution. It is a radio based high-speed mobile data
video streaming or TV on mobile phones has also be- standard that runs over the GSM network (2G or 2.5G).
come a reality. It is capable of achieving a maximum data transmission
A video stream can only be sent to a mobile phone, speed of 230 kbps.EDGE gives GSM operators( that are
which supports streaming. In other words the phone not running on 3G) the opportunity to offer data serv-


Wireless Electricity
T he first bulb was lit using thermal power, then
came hydropower succeeded by solar power
and nuclear power.While technology was evolving,so
mission of electrical power, one could light a bulb
planted in dirt anywhere on the Earth, fathered this
technology. He intended doing this by altering the
was the length and complexity of wired networks and electrical equilibrium of earth and using it in some
cables transmitting power. equipment.He is also told to have had some early suc-
cess in transmitting power wirelessly way back in the
The next big thing 1907. His experiments and the results show convic-
The next innovation to be watched out for could be tion and with further advances the transmission of
Wireless Electricity or Wireless Power, as it is popu- industrial amounts of electrical energy with minimal
larly known. As of today, the applications are far losses was also feasible.
fetched and only a few pioneer OEMs are continuing
their research in making it happen and realizing its Working principle
applications. Splashpower, a UK based organization Different possible techniques are being studied
has already made it public that they will be commer- to reach an optimal solution to generate wireless
cially releasing wireless charging pads for cellphones power. One is to make use of a broad-spectrum ra-
and other gadgets by the end of this year. dio receiver that can absorb energy from all the mi-
Tesla, who once claimed that with wireless trans- crowave and radio transmissions. Another uses a
set of devices placed near each other that suck am-
bient energy to contribute it to a local wireless en-
ergy grid, thus, enabling transmission of energy
using laser beams or local induction. But the
chances are that ZPE (Zero Point Energy) or mag-
netically generated energy are more viable options
that will deliver performance at par with or better
than solar cells. The principle of electromagnetic
induction and inductive coupling is currently being
used to transfer power from one device to another.
Just place the As a result, the charging pads that have been pro-
devices on the pad posed need no cords, connectors or sockets be-
to charge tween them and the device/s.
ices at speeds that are near to those available on UMTS course the phone should be video capable). This serv-
networks. ice is available all across Europe and is nothing but a 24-
hour live video stream of CNBC Europe's weekday
UMTS broadcast.
UMTS is the short for Universal Mobile Tele-com- As mentioned earlier, there are no such examples
munications System.It is a 3G mobile technology that is available in India as the 3G network is yet to be setup
capable of delivering data transfer speeds of up to 1920 here.
kbits/sec. But this speed is under ideal conditions. Some mobile phones that support video streaming
An example of video streaming practically being include the Nokia's 9500, 6220, 6230, 6330 and 3220. It
used in today's scenario: CNBC Europe's weekday also works on Sony Ericsson's P800 and P900 models.
broadcast is available directly on your mobile phone (of


Comparison of wireless technologies

Technology Max throughput Typical range Likely usage
WiMax 70 Mbps up to 50 kms Last-mile broadband connectivity
EV-DO 2.4 Mbps unlimited High speed mobile Internet
WCDMA 1920 Kbps unlimited High speed mobile Internet
Wireless USB 2.0 480 Mbps 10 mtrs Personal area network
Bluetooth 2.0 EDR 3 Mbps 10-100 mtrs Personal area network
WiFi or WLAN 54 Mbps 100-400 mtrs* local and campus area network
EDGE 230 Kbps unlimited High speed mobile Internet
CDMA 144Kbps unlimited Mobile Internet
GPRS 57.6 Kbps unlimited Mobile Internet
FSO 100 Mbps to few Gbps few kms Campus area network
Microwave radio Mbps to Gbps 50 kms+ Metropolitan Area Network
VSAT 20 Mbps unlimited Remote location connectivity
Infrared 16 Mbps 1 meter Personal area network
ZigBee 250 Kbps 10-100 mtrs Remote monitoring and control;
sensory networks
*Can go beyond using special high-gain antennae
Video conferencing name of 3. This service is being provided by Hutchi-

Video conferencing over wires is already possible son and supports video conferencing, provided you
and being used in many places. But video conferenc- have the appropriate mobile phone.
ing over GSM networks (mobile phone network) us- Various multimedia applications including video
ing merely a handset is something that not many conferencing and Voice over IP (VOIP) are also run
people have heard of. With the advent of the 3G net- wirelessly over Wi-fi networks. The only limitation
works, video conferencing is just one of the applica- here is that multimedia applications in a Wi-Fi net-
tions that have become possible.Since these networks work require Quality of Service (QoS),which has a dif-
provide much higher bandwidth of more than 384 ferent meaning in different communication services.
Kbps. In some cases it refers to the throughput rate achieved,
One thing that is necessary for a mobile phone to in some it refers to the reliability or performance of
be able to do video conferencing is that it should have the service.
a camera on the front side (not one on the backside, In the case of WiFi networks, as far a video con-
which is generally the trend among mobile phones). ferencing is concerned QoS refers to the prioritiza-
This way the user can view the screen (which is where tion. Here a Wi-Fi access point has to prioritize traffic
the caller's video feed is displayed) and face the cam- and thereby optimize the way in which shared net-
era at the same time, so that his video feed can also be work resources are allocated among different appli-
sent to the caller. cations. Without QoS, all applications running on
This is still in a very raw stage and will take some different devices have equal rights to transfer data.
time to come up. Some of the handsets that come with This might work well for normal file transfers and web
video conferencing capabilities are Motorola (A1000, browsing, but multimedia applications require prior-
E1000, A925), NEC (e338, e228), and LG (8120, ity over other traffic. As their demand for bandwidth
u8138). UK already has a 3G service running by the is much higher than other applications.

reviews_NEW TEMPLATE.qxd 4/2/2005 2:10 PM Page 126
REVIEWS
P R O D U C T S P U T T O T E S T
MS Operations Manager 2005

MOM does a good job of monitoring and reporting the health of all the servers at dif-
ferent locations
I
f you have multiple Windows 2000 or 2003 Servers Price: Enterprise edition: Rs. 290,000 (10 OMLs); Workgroup edi-
running on your network, then this product could tion: Rs. 23,000 (no OMLs)
be worth considering for managing them. Mi- Meant For: Windows Servers’ Administrators
crosoft Operations Manager, as the name suggests lets
Key Specs: Monitors and manages Windows 2K/2K3, Exchange,
you monitor all your Windows servers, provide their SQL Server, ADS, IIS, and many other servers from a single loca-
uptime status and health information,all from a single tion.
location. It can, among other things detect and report Pros: Gives complete details of errors and even offers possible
server failures,server capacity problems and perform- solutions from an extensive knowledge base.
ance related problems. It's available for both large and Cons: None
medium networks.
Contact: Microsoft India, Gurgaon.
Installing the software, however, requires some Tel: 5158000. E-mail: pankaju@microsoft.com
careful planning, and the prerequisites are also pretty RQS# E50 or SMS 130450 to 9811800601
extensive. This is because it has a number of compo-
nents that need to be installed.For instance,to do a full Plus,you'll also have to enable IIS.Thankfully,the MOM
install of MOM, you'll need Microsoft SQL Server 2000 setup screen has a button that checks whether you have
(SP3 or above), ASP.NET and the .NET framework. the pre-requisites for installing the components you've
selected.
There are a number of functions that MOM is ca-
pable of performing. One of them is a feature that lets
you collect and filter event data from managed servers.
It filters the logs to the filter set by administrator,so that
it shows only the relevant information. MOM also sup-
ports processor health rules that can be set to give you
alerts when specific events or performance conditions
occur. The interesting thing is that MOM has a knowl-
edge base that explains the impact of certain events on
performance conditions and offers advice on different
ways to fix them.
Another powerful feature of MOM is scripting.
When a critical error occurs that might damage the
MOM supports scripting, which means in case of a crit- network,then MOM will not only alert you but also take
ical error not only it will inform you, but will also take automatic corrective action through scripts. This cor-
automatic corrective action. These scripts and rules rective action could be restarting the server or a par-
are available in the form of management packs ticular service.


REVIEWS P R O D U C T S
Setting all those rules and reports on your own is comprehensive knowledge base, which even tries to
quite a time consuming and tedious task. MOM has a provide you multiple solutions to the error. MOM has
solution for this as well called management packs, agents that need to be installed on all the machines you
which have predefined rules and scripts. Thus, there is want to manage. These give you just about every detail
no need to define the rules and scripts manually.These you need for the server.The good thing is that MOM can
management packs are available for most Microsoft automatically detect all your servers and even let's you
business products like MS Exchange, SQL Server, DNS, remotely deploy the agents to them. Plus, it even gives
IIS, clustering services, etc. Some management packs you the option to login through remote desktop to any
come bundled with MOM, while many others come Windows server.
with the server applications you want to manage. Yet THE BOTTOM LINE: Overall,it's a great product if you
more are still under development, including manage- have multiple Windows servers on your network that
ment packs for third party software. you want to manage. It's not the right choice, of course,
MOM can also generate a diagram of your network if you want to manage other servers or hardware such
automatically by detecting all connected machines to as switches and routers.The product is available in two
the MOM server. You can even choose the shape in editions, one is the Enterprise edition, which comes
which you want to view the diagram (such as circular, with 10 OMLs (Operations Management Licenses);
with the server at the center and clients around it) by while the other is Workgroup edition, which doesn't
changing diagram properties. have any OMLs.
Besides showing error messages, MOM also has a Ankit Kawatra and Sanjay Majumder
Microsoft Windows AntiSpyware (Beta)

M icrosoft finally decided to come up with its
own security software, for its OS, to curb the
menace called Spyware. This menace has been suc-
Price: Free (Beta version)
Key Specs: Real-time protection, active programs monitoring,

track eraser
cessful in popping up annoying ads, slowing down
computers, modifying computer configurations and Contact: http://communities.microsoft.com/newsgroups/default.
asp?ICP=spyware
sometimes even invading your privacy by unautho- RQS# E51 or SMS 130451 to 9811800601
rized access of sensitive information.
Microsoft AntiSpyware stands apart from other Sadly,it has been discovered that a very hazardous
software of the same league such as Ad-Aware and trojan called Troj/BankAsh-A has managed to exploit
Spybot S&D, as it has real-time protection and has the MS AntiSpyware by preventing the display of warning
capability to monitor more than 50 check points, messages, disabling the protection and also may
which prevent different Spyware from being installed delete all files in the Programs folder.This should cer-
in the first place.It even displays warning messages for tainly be taken care of before this product is released.
changes that occur on your computer without your THE BOTTOM LINE: Giving it the benefit of doubt
knowledge. For infected computers, this nifty soft- for being in its Beta stage, we would say MS AntiSpy-
ware provides comprehensive scan results displaying ware is a very useful program. Also, it would be great
detected threats and recommends helpful actions. to see this software supporting all versions of Win-
Currently, it works only with Win 2000/XP and Win- dows when it is finally released.
dows Server 2003. Binesh Kutty

SQL Base 9.0

A user-friendly relational database with a single interface for database creation, man-
agement and monitoring
T
his RDBMS from Gupta Technologies is meant
Price: Rs 50,500 for 5 clients (1 yr warranty for software mainte-
for small to mid-sized businesses. The version nance and support)
9.0 is Linux (SUSE and RedHat) compatible and
Meant For: Small businesses
you can move the database between Windows and Linux
by adding the name of databases in sql.ini configuration Key Specs: Fast installation, Linux support, single interface for
database creation, administration and monitoring. Moving the data-
file under Linux installation folder. Linux compatibility base between Windows and Linux is easy.
is the major addition in 9.0.There was one CD for the in-
Pros: Supports variety of database drivers, user-friendly GUI and
stallation for Windows (server and client) that took less easy to use.
than 100 MB of space. Complete installation took less
Cons: The relational database doesn't support E-R and importing
than three minutes. other database.
The console consists of customizable workspace di-
Contact: Sonata Information Technology, Bangalore.
vided into the left and the right pane. The left pane dis- Tel: 26567487. E-mail: mohan.ks@sonata-software.com
plays database administration tools and server-related RQS# E52 or SMS 130452 to 9811800601
properties such as tables, stored procedure and statis-

tics. The right pane displays the details. We created a also possible. The audit feature helps to track user-re-
workspace for our database server 'PCQ' and created ta- lated activities. It can track users who are logged on, ta-
bles and views. The creation was simple and wizard bles being accessed and attempt to violate privileges.
driven.One advantage is that SQL Base lets you commu- The alarm feature provides a safeguard against violation
nicate with COM+ based components—a boost to de- of server conditions such as inactive processes and low
veloping distributed applications. The statistics cache. There is a 'backup and restore' option, but back-
monitors server-related properties such as I/O opera- ups can only be done in the hard disk.You cannot back
tion,locks and total transactions,useful for database ad- up to an external storage device.Additionally, disk par-
ministrators. Graphical representation of the same is titions can be created for database server that can in-
crease the performance.
There are scheduling manager and event manager
tools to automate tasks such as backup and updating the
statistics. There is SQL talk, a GUI that lets you run SQL
queries, connect or disconnect cursors and store and
run procedures.Connectivity administrator lets you edit
the sql.ini database sever and client configuration file.
SQL base 9.0 supports a variety of database drives such
as JDBC type 4, ODBC, OLE DB and .NET. DBError de-
scribes, in detail, the database errors.
THE BOTTOM LINE: Small businesses will find it easy-
to-use,as it’s a single interface for database administra-
tion, monitoring, server and client configuration. The
relational database would be more powerful if E-R dia-
gram and importing other database option were there.
Database server has a GUI that shows real-time stats Sushil Oswal

ASUS WL-167G USB2.0 WLAN Adapter

The adapter provides 64/128-bit WEP, which can also
Price: Rs 2,200 (1 yr warranty)
be set using this utility. The Survey tab of the software
Key Specs: Control Center and Mobile Manager software, scans for all available networks and connects
802.11g support
to the one you select.The utility,Mobile Man-
Contact: ASUSTeK Computer, Mumbai. ager, is a convenient tool to set up and man-
Tel: 56290785. E-mail: info_India@asus.com.tw
RQS# E53 or SMS 130453 to 9811800601 age network location settings. It can be used
to create, edit or activate a configuration.
T his ASUS wireless LAN adapter is good in features

and great on performance. It did not give much
trouble while setting up and worked well thereafter.
We used NetIQ Qcheck in order to meas-
ure the adaptor’s streaming rate,throughput
and response time. We managed to get a
Compatible with IEEE 802.11g,it works with most ver- throughput of 12 Mbps and a satisfactory
sions of Windows. It can work in both infrastructure response time of 3 ms. It did well in the
and ad-hoc modes. A notable feature about this wire- data streaming test and gave a through-
less adapter is the software support it provides. It bun- put of 925 Kbps at the rate of 1000 KB
dles a management software named Control Center for 20 secs.It showed good resistance to
that launches applications and configures network set- interference as well.
tings. Using it, you can check for signal strength and THE BOTTOM LINE: Given the performance, features
link quality, know the status of the wireless network supported and the price, the adapter is a good buy.
and switch between infrastructure and ad-hoc modes. Rupin Vij
Belkin Wireless USB Print Server

A print server comes in handy if you want to share a
printer over the network and manage the prints
taken from it. This device from Belkin can act as a print
Key Specs: Two printers can be attached to the print server at

one time
server for either the wired or wireless users.This means
it can't be used for both simultaneously. On the wireless Contact:Carrypaq Asia Pacific, Mumbai. Tel: 56165660. E-mail:
pushparaj.vasani@carrypaq.com
front, it supports IEEE 802.11g, while it has a 10/100 RQS# E54 or SMS 130454 to 9811800601
Mbps LAN port to connect it to a wired network. The
print server is fairly compact and easy to set up. It has installed on your network. One place where this print
LEDs on the front panel to indicate power, printing sta- server was found lagging was that there is no way by
tus and wireless connection. The server has two USB which you can restrict control to the server, or know as
ports for connecting two printers and comes with a Web- to who on the network has been printing.To test the print
based management interface,making it very easy to con- server's speed, we fired a 16 MB grayscale image print.
figure. The print server offers 64/128-bit WEP, but not We connected the print server to a Canon MF-3110
support other encryption systems such as printer. The total time from the beginning of transfer to
WPA that are more secure. There is the print completion was just 18 secs, which is pretty
also a port monitor utility, good.Simple documents began printing in no time at all.
which is helpful for selecting THE BOTTOM LINE: Except for the provision to con-
the appropriate print server nect two printers at a time, it is a very basic print server.
when more than one of them is Rupin Vij

D-Link AirPlus G+ DI-624+ Router

blocking.We did not see a fully functional URL blocking
Price: Rs 7500 (1 yr warranty) feature in the Belkin router reviewed last month, page
Key Specs: Built-in DHCP server, access restriction 140. This AirPlus doesn't have SPI based firewall unlike
the Belkin.Managing the router is easy since the Web in-
Contact:D-Link India, Mumbai. Tel: 26526696.
E-mail: sales@dlink.co.in terface of the router provides support for tracking the de-
RQS# E55 or SMS 130455 to 9811800601 vice status, system log and outgoing/incoming traffic to
the router.
T his router from D-Link is compatible with 802.11g

standard and is meant for enterprises. It has one
WAN port and four 10/100 Mbps LAN ports.An array of
We tested this router using NetIQ Qcheck for
throughput, response time and streaming rate. It gave a
satisfactory throughput of 13 Mbps and a response time
LEDs is provided to check the status of power,WAN and of 3 ms. The data streaming
WLAN.The router provides the standard 64,128 and 256 test gave a throughput of 950
bit WEP. It can act as an inbound virtual server. Setting Mbps at rate of 1000 Kbps
it up as a virtual server allows remote clients to access lo- for 20 secs. It did well with Blue-
cal clients like Web or FTP. tooth interference as well.
The router provides support for various filters that THE BOTTOM LINE: At a thousand rupees
can be used to deny users of the network from accessing less than the Belkin router reviewed last month, its bet-
the Internet or specific domains and URLs.These filters ter performance and price make it a better buy.
are IP filters, MAC filters, URL blocking and domain Rupin Vij
D-Link AirPlusXtremeG DWL-2100AP

T his access point goes a long way in terms of features
and performance.Meant for enterprise networks,it
is compatible with both 802.11b and g networks. It
Key Specs: Five modes of operation, support for WPA and
SNMP
comes with a detachable antenna that can be replaced or
upgraded. On the security front, apart from 64/128-bit Contact: D-Link India, Mumbai. Tel: 26526696. E-mail: sales@
dlink.co.in
WEP, it offers support for WPA with EAP or Pre-Shared RQS# E56 or SMS 130456 to 9811800601
Key mode to choose from. The access point can act as a
DHCP server and supports association control to al- back-up mode.The load-balancing mode distributes the
low/restrict clients from accessing the network. It does- load when more than one access point are used,whereas
n't, however, support power over Ethernet. Apart from the back-up mode enables the second access point to
the Web interface,there is a utility,Access Point Manager work when one access point fails. We tested this access
,to locate and configure devices on point using NetIQ Qcheck. It gave a satisfactory through-
the network from a central PC.You put of 12.5 Mbps and a good response time of 2 ms.Data
can choose from five modes of op- streaming test gave 980 Kbps throughput at 1000 Kbps
eration—access point mode (de- for 20 secs. It was not very susceptible to interference
fault), AP to AP, repeater, AP client from Bluetooth devices either.
and AP to multi-point bridging. THE BOTTOM LINE: Good features and performance
Within the default mode, you can coupled with its price, makes it a good buy.
choose from load balancing or Rupin Vij

Hitachi Ultrastar 300 GB Hard Drive

tion remains high at 91.8%, but lower than the 94% for
the Cheetah.High-end Business Disk Winmarks topped
Key Specs: Ultra 320 SCSI interface, 8 MB buffer, 10,025 rpm the charts at 22 MB/sec.The raw throughputs of the drive
Contact: Cyberstar Infocom, Delhi. Tel: 26235460. E-mail: anil@ were pretty good, starting at 72.5 MB/sec and tailing off
cyberstarindia.com around 48.6 MB/sec. Our test bed was a typical dual
RQS# E57 or SMS 130457 to 9811800601
processor Xeon server with 512 MB RAM.We used a 64-
bit dual channel Ultra 320 SCSI (Adaptec) card that we
T his hard disk is both statistically and visually very

fast. You can, thus, actually see your files
and programs open faster. Strangely, we
received with the disk to plug it in.
The disk was detected and no additional
drivers were needed for either Windows or
found its Business Disk Winmarks much Linux.This makes it a great disk to purchase
lower than that for the same model of lower for a regular file or database server.
capacity (75 GB) which we tested in our Au- THE BOTTOM LINE: For its price tag, the
gust 2003 hard disk shootout—the older one cost per GB works out at Rs 200 per GB
had given us 11 MB/sec and this disk ran which is lower than the Rs 270 per GB we saw
around at a mere 6.9 MB/sec. Disk access with its earlier model as well as the Rs 464
time was high at 8 ms—higher than the 5.79 per GB for the Cheetah 140 GB. Thus, the
ms we saw with the Seagate Cheetah 140 GB price is well worth the performance.
drive reviewed in March 2005. CPU utiliza- Sujay V Sarma
ATi Radeon X600XT

T his PCI Express X600 graphics card from ATI has
128 MB of DDR memory. Gamers can take full ad-
vantage of its potential for mind-blowing graphics and
Price: Rs 9,000
Key Specs: 128 MB DDR, SmartShader 2.0, SmoothVision and

HyperZ
smooth rendering,to play all the latest games.Being 16x
PCI Express, it sends and receives data simultaneously Contact: Digi Giga Systems, Mumbai. E-mail: sales@digigiga.
co.in
at thrice the speed of the current 8x AGP. The card has RQS# E58 or SMS 130458 to 9811800601
dual video connectors for connecting to the two moni-
tors. Graphics cards always have issues with memory AMD Athlon 64 2.2 GHz, 512 MB DDR and 40 GB hard
bandwidth; to overcome this, the ATi Radeon chip in- disk.We compared its results with an Asus AX 600XT and
cludes the HyperZ technology. This improves memory found minor performance improvements (see table).In
bandwidth efficiency without the added cost of exotic Quake3 Arena and Unreal Tournament, the graphics
embedded or proprietary memory technologies. By showed a small drop in performance, but it showed an
eliminating this key bottleneck,the final barrier to real- improvement in 3D mark 2003 by a few points.
istic, real-time 3D gives full-screen 3D acceleration in THE BOTTOM LINE:The card is a good performer at an
true color.We evaluated its performance on a Gigabyte affordable price tag of Rs 9,000.
(GA-K8NXP-SLI) chipset motherboard,housed with the Anoop Mangla and Sanjay Majumder
Quake III Arena UT 2003 Flyby Unreal Tournamen 2003 Botmatch 3D Mark 2003
1024*768*32 1600*1200*32 1024*768*32 1600*1200*32 1024*768*32 1600*1200*32 1024*768
Asus AX600xt 319 139 191.3 124.31 93.08 80.62 4145
Giagbite GV-RX60X128V 316 143 182.2 130.22 88.6 60.23 4619

Canon Canoscan 3200F Scanner

the scans of images seem to be much better than those
of the text.
Key Specs: High speed, good image quality The scanner comes with a film adaptor to scan 35
Contact:Canon India, Gurgaon. Tel: 5160000. E-mail: Rajeev. mm negatives and has four one-touch buttons on its
Singh@canon.co.in
RQS# E59 or SMS 130459 to 9811800601
control panel to do the functions of Copy, Scan, File
and E-mail.
T his stylish Canon scanner with its black and pur-

ple plastic lid also packs performance the design-
ers would love. This USB 2.0 scanner can scan an A4
The software that come bundled with the scanner
let you assign different functions for these buttons.
The design of this scanner makes it easy to lay even a
image at 300 dpi at a very fast speed. It did this in just thick book completely flat on the glass. Bundled soft-
15 seconds. At 600 dpi, the speed drops to 20 seconds ware include Ulead DVD PictureShow 2,Scansoft Om-
but this is still fast compared to some others in the nipage SE and Arcsoft Photostudio 5.5.The Omnipage
market. software is a standard OCR and it gave real good
Canoscan 3200F has a maximum res- results to the extent that it even identi-
olution of 1200x2400 dpi, with 48- fied errors in the scanned text.
bit color and uses using THE BOTTOM LINE: Overall, the
CCD image sensors. Scan Canon Canoscan 3200F could be a
quality is decent though great choice for color scanning.
there is one drawback that Sukhsagar Prajapati
Canon PIXMA Printers

T his time we reviewed two similar looking PIXMA
printers, the IP1500 and IP2000. Both support a
maximum resolution of 4800 dpi and come with a sin-
Price: IP1500: Rs 4,995 (2 yr warranty); IP2000: Rs 7,495 (1 yr
warranty)
Key Specs: IP 2000 supports direct camera printing and has two
gle USB interface. However, only IP2000 is capable of paper feeders; good quality prints in both
printing photographs directly from a camera using its
Contact:Canon India, Gurgaon. Tel: 5160000. E-mail: Rajeev.
PictBridge interface and has two paper feeders. Both Singh@canon.co.in
printers support different print media, including trans- RQS# E60 or SMS 130460 to 9811800601
parencies. Sadly, there is a single cartridge for color

printing and not different for different 5:44 minutes (high-res) with good quality output. The
colors.So,replacing spent cartridges be- IP1500 took a little more time,with 4:10 minutes and 11
comes slightly expensive as you need to minutes respectively, but the quality was good.Volume-
replace the whole cartridge even if only wise, the IP2000 can do 10 PPM against its rated speed
a single color has been used. of 20 PPM and the IP1500 can print 9 PPM against the
Both printers given 18 PPM—doing only half as much as the rated
gave good results speeds,which is quite common for most inkjet printers.
in full-page color THE BOTTOM LINE: Printing quality and speed are
printing. IP2000 reasonably good but use of two cartridges makes it a
took 2:57 minutes costly affair.
(standard) and Sukhsagar Prajapati

Data Mining Techniques

Authors: Michael J.A. Berry and
Data mining is a term used to explore and analyze Gordon S. Linoff
large quantity of data.The author explains core data min- Price: Rs 379
Pages: 643
ing techniques, collaborative filtering, association rules, Distributor: Wiley-Dreamtech
clustering and survival analysis.A good book for current India, Delhi.
Tel: 23260877.
and future data mining practitioners but not for software E-mail: wdt@vsnl.net
developers who want to know the implementation tech- RQS# E61 or SMS 130461 to
9811800601
niques of data mining algorithms.
Supply Chain Management with APO

This book is for those involved with SAP's software—
Authors: Jorg Thomas Dickersbach
APO (Advance Planner and Optimizer)—for supply Price: Rs 299
chain management.The book discusses its implementa- Pages: 337
Distributor: Wiley-Dreamtech India,
tion.It introduces modeling approaches and explains the Delhi.
structure and interdependencies of systems, modules Tel: 23260877.
E-mail: wdt@vsnl.net
and entities of APO. The book provides project managers RQS# E62 or SMS 130462 to
and team members better understanding of successful 9811800601
implementing of projects.
Supply Chain Management Based on SAP systems

This book covers the principles and methods of intra
Authors: G. Knolmayer, P. Mertens
and inter company SCM with reference to SAP R/3 and and A. Zeier
SAP APO system. The book starts with fundamentals of Price: Rs 299
Pages: 244
SCM and moves on to other topics such as application Distributor: Wiley-Dreamtech India,
systems in the individual business function, recent de- Delhi.
Tel: 23260877.
velopment of SCM based on the SAP system. The later E-mail: wdt@vsnl.net
part of the book discusses some case studies.Internet re- RQS# E63 or SMS 130463 to
9811800601
sources related to SCM are given in the last chapter.
Linux Toys: Cool Projects for Home, Office & Entertainment

Authors: Christopher Negus and
Anyone with little knowledge of Linux, some com- Chuch Wolber
puter spare parts and a PC can use this book to make ex- Price: Rs 329
Pages: 330
citing projects. The book offers 13 projects including Distributor: Wiley-Dreamtech India,
Music Jukebox, Home Video archive, Digital Picture Delhi.
Tel: 23260877.
Frame and Home Broadcast Server. Each project is pro- E-mail: wdt@vsnl.net
vided with complete material list and detailed illustrated RQS# E64 or SMS 130464 to
9811800601
instructions.A CD accompanies the book.
CyberMedia Labs

Data Structures & Software Development,Java Ed

T his book is aimed at strengthening the base of
those who are into software programming and is
also a good reference for the computer science engi-
In addition to Data Structures And
this, there are assign- Software Development - Java
ments at the end of Edition
Authors: Jean-Paul Tremblay and
neering students. each chapter.The sec- Grant A. Cheston
The book is divided in two parts for better under- ond part of the book Price: Rs z495
Pages: 1169
standing.The first part of the book explains Java basics explores software en- Distributor: Pearson Education,
and OOP (Object Ori- gineering concepts Delhi. Tel: 22146067.
ented Programming) such as design E-mail: nikhil.bhargava@pearson-
concepts in short. hrough UML and ed.co.in RQS# E65 or SMS 130465 to
After reading this software testing 9811800601
book you can learn to (white box, black box
create standard data and object oriented).applications which is one of the
structures algorithms hottest application. Two case studies are demon-
using the Object Ori- strated to enable you to relate to the concepts learnt.
ented Programming Visual representations of the concepts helps in better
concepts. There are undersatnding of the same. The book ends with a
several Java examples chapter for getting an idea of external storage devices.
to demonstrate data The chapter then goes on to explain streaming in java
structures. and object serialization.
BEA Weblogic Server Bible

T his book is meant for Java developers who create
Web and enterprise applications using WebLogic
server 6.1. You would require some knowledge about
administration and BEA Weblogic Server Bible
testing and tuning Authors: Joe Zuffoletto
Weblogic applica- Price: Rs 449
Pages: 973
the J2EE platform and database creation and quering tions. Distributor: Wiley-Dreamtech India,
before starting with this book. The book has a Delhi. Tel: 23260877.
The book begins with an introduction to the chapter to upgarde to E-mail: wdt@vsnl.net
WebLogic server and RQS# E66 or SMS 130466 to
Weblogic server 6.1 9811800601
explanation of the from earlier version
MVC architecture. The and also covers all the four protocols required for cre-
following chapters ex- ating Web services applications. A remote procedure
plore J2EE component. call Web service is demonstrated through a stateless
Each chapter in the session bean example.
book explains J2EE Plus, the book has a chapter on securing applica-
components with an tions. Each chapter ends with a summary. The book
example on how to de- also has explainatory visuals that help in deploying
ploy them on a applications in a Weblogic server efficiently.
Weblogic server. There In all, this book is a good reference for developers
are separate chapters working on application servers and the J2EE archi-
for WebLogic server tecture.
CyberMedia Labs

Wireless Web Development with PHP and WAP

T his book is meant for the intermediate and ad-
vanced level users. The author assumes that the
readers are fairly new to the
opment,creating wireless Web content with WML,pro-
gramming using PHP and WMLScript and finally,
building a real live wireless Web application. It also
subject of Wireless Web devel- touches on the basics of using MySQL for the back end.
opment and as you learn how to The book is full of examples and code snippets that get
build websites for wireless your programming
users,you'll understand the dif- hands on expanded Wireless Web Development
ferences between traditional as you go. It also tells with PHP and WAP
Authors: Ray Rischpatter
and wireless websites.The book how to design and op- Price: Rs 399
walks you mainly through four timize the interface to Pages: 510 pages
steps, namely common con- be presentable on to- Delhi
cepts of Web application devel- day’s phone screens. Tel: 23260877.
RQS# E67 or SMS 130467 to
9811800601
Hack Attacks Revealed,IInd Ed Hack Attacks Revealed -

Second Edition
Authors: John Chirillo
Price: Rs 499
S ecurity expert Chirillo takes you through the secu-

rity holes in UNIX, Linux and Windows. Here's a
book for the Network Adminis-
a basic history and
understanding
computer and net-
of
Pages: 914
Delhi.
Tel: 23260877
trators, Network Engineers, Se- working technology. RQS# E67 or SMS 130467 to
curity Consultants, Managers Besides covering the 9811800601
and even SOHO users.If you are protocols used and
an enthusiast wanting to explore the purpose of the various ports used,it also provides in-
the world of 'hacking',it will cer- formation on the scanning and network-discovery tools
tainly enlighten you about lots used by hackers. What sets this book apart from books
of 'how it is done', but be aware of the same league is a crash course in C for compiling
that it assumes too much tech- these tools; the basic approach is how to hack to know
nical background.It begins with how to secure.
CyberMedia Labs
Books Contest APRIL 2005

Answer these questions and win one of these books.There are a total of 30 books to be won.Send
your answers to edit@pcquest.com with the subject 'Books Contest April 2005'.Please include your
full name, mailing address and telephone number in the e-mail. The winners of our previous
months' contests will be announced on forums.pcquest.com under the current issue channel.
Which of the following is the best way of fighting spam Which is the low power, low data-rate wire-
mail ? less technology that promises to be ideal for
❐ Click on the unsubscribe link in the spam remote monitoring?
❐ Regular use of updated anti-spam software ❐ ZigBee ❐ Wireless USB
❐ Send a nasty response to the spammer ❐ Bluetooth ❐ 3G

Shootout - april 05.qxd 4/2/2005 2:25 PM Page 144
SHOOTOUT P R O D U C T S P U T T O T E S T
Live Rescue CDs

We evaluated four live Linux distros, which had tools for data recovery, network moni-
toring, intrusion detection and even anti-virus scanning
BY ANINDYA ROY AND SANJAY MAJUMDER
H
as your hard drive's partition ever crashed websites for usage information. Therefore, we strongly
out,and that too just 15 minutes before de- suggest that you first try them out on a test machine,un-
livering a presentation to a customer? Or derstand how to use and operate them fully, before ac-
perhaps some virus, worm or Trojan crept tually using them on a real system.
into your network and choked the wits out of your band-
width. How about this? A hacker managed to get into How we tested
your machine (remotely or locally) and tampered with While testing these CDs,we had three things in mind.
your corporate information.You know it's happened,but First, whether it could recover deleted partitions or not,
need to give your boss authentic proof of the incident, and if yes,then which partition types,eg,NTFS,ext2 and
which can later be used as evidence for the cyber crime. ext3.The next thing we tested was ease of configuration
While there can be ways of securing your system and usage. Finally, we looked at how many tools it in-
against hackers and worm attacks, what do you do if cluded for monitoring and assessing a network.For test-
you've lost data? That's when you wish you had some- ing the partition-recovery capabilities, we took a
thing to help recover your valuable data. This story is standard P4 machine with 256 MB RAM and a 40 GB
about‘that something’— known as live rescue CDs.This hard disk and installed Linux in to it. Then we used a
is nothing but a customized live CD containing specific standard DOS bootable floppy to run the fdisk command
tools for rescuing partitions, data and even a few net- and delete all partitions. We then booted the machine
work-monitoring tools. The best thing about these CDs with the live CD and tried to recover the partition. We
is that they can run on any machine and most of them then installed Windows XP on the same machine with
can read all standard partition types without doing any the NTFS file system and repeated the same process.We
configuration. We've thoroughly evaluated four live res- also tried to destroy the MBR and then tried to recreate
cue CDs to help you choose the right one for your needs. it using the live CDs.We also tested the forensic tools to
We've even given their ISO images on this month's DVD. check weather they can do data recovery or not. To test
You could burn them on a CD using any CD burning soft- them we created and deleted some documents in both
ware, like Nero. Using them is simple. Just insert them NTFS and ext3 partitions and tried to recover them as
into a drive, reboot the machine, and make sure that the well. At the end of our evaluation,we found the 'Fire' live
BIOS is set to boot from the CD drive. Another word of rescue CD to be the best of the lot.It was a complete res-
caution before we proceed any further. While running cue CD having everything you might need after your ma-
these CDs is pretty easy, using them isn't. You need to chine's been compromised.The name FIRE comes from
have good working knowledge of Linux as well as PC 'Forensic and Incidence Response Environment', which
hardware. None of the live CDs came with any proper gels with the performance we got from the CD.We found
documentation, so you'll have to figure out which tools that this live CD had the maximum software for data re-
are bundled with each and then look up their individual covery, forensics, network assessment and anti virus.

SHOOTOUT L I V E R E S C U E C D s
F.I.R.E: Forensics,data recovery and network monitoring in one neat package

F ire is a full-fledged forensics rescue CD,which has
tools like, TCT, tctutils, graverobber, fatback and
autopsy. These tools recover lost data and other fin-
gerprints of lost data. In addition, it has a virus scan-
ner (f-prot), which can scan for viruses on any Linux
or Windows machine. This anti virus can be updated
either from the Internet or from an update floppy. It
also has a partition-recovery tool (parted) that can re-
cover data from Linux, BeOS and Windows. To recover
the partition table, you can use 'gpart' or TestDisk.
gpart scans your whole hard disk and recovers it,
whereas TestDisk tool can do both partition and data
recovery.
Other than this, it has a few network tools such as
ethereal and dsniff for network analysis.If you want to This is the GUI of Fire. To access the menu right click
audit your network utilization then it has 'argus', an on the interface
open-source project that generates reports of your net-
work utilization.In addition,you can quickly install an nal window to run the advanced tools.In the shootout,
IDS (Intrusion Detection System) on your network us- this had larger number of forensic tools compared to
ing the AIDE (Advance Intrusion Detection Environ- other live rescue CDs.Overall it's a complete tool kit for
ment) tool. To use FIRE rescue Live CD, you need to forensic experts.
boot your machine from this CD and on the boot In our tests, the CD was able to recover both NTFS
prompt type in '3' and it will boot into a graphical and Linux partitions.It was also able to recover deleted
mode,otherwise it will boot under text mode.Once it's files from NTFS and ext3 file systems completely by us-
booted,you will get a GUI interface with four open ter- ing autopsy. The gpart recovery tool, which was also
minal windows. Now, on right-clicking on the GUI available in Linux-BBC, took two and a half hours to
screen you will get a context menu, which includes ba- rescue a 10 GB partition from a 40 GB disk. The other
sic tools for networking and forensic.You can use them partition-recovery tool,testdisk,also took a long time,
according to your needs, otherwise you can use termi- but was faster than gpart.
LNX-BBC : Recover CD with small footprint

L NX-BBC was the tiniest rescue CD in the
shootout. Only of 50 MB, this live CD can recover
your lost Linux ext2, exe3, LVM and Windows parti-
run the following command from the prompt:
# gpart /dev/hdb (/dev/hdb device name could vary

tions. The best part is that, because of its small size, it according to your system)
can be burnt on to a small business card shaped CD.
That's also where it gets its name from—Linux The above command will search your entire hard
Bootable Business Card, short for BBC. Apart from disk and guess your partition table. After scanning
other developer projects, it has rescue and forensic the hard disk, you will get the list of partitions. Now
tools like 'gpart' and 'graverobber'. To recover and re- the next step is to write back the recovered partitions
build a lost Linux partition, simply boot from this CD, on the MBR. However, this tool takes lot of time to
and you will get a login prompt. Log in as root with- scan the lost partition, so you need to have patience.
out a password and you will get a bash prompt.Finally To do this, run this command.


# gpart -W /dev/hdb /dev/hdb
This command will scan your

entire hard disk and give a list of
supposed partitions. And it will
also ask you, whether you want to
write back the partition table to
MBR that has been recovered. Just
type-in the partition number as
shown in the list and you will be
able to recover the lost partition on
your Linux machine.
Unfortunately, scanning takes a
lot of time depending on your hard Choose the resolution to boot in
disk size.
Being a small distro,it has a limited number of res- which was also there with FIRE, so there was no dif-
cue tools. It comes with gpart for partition recovery, ference in its functionality.
Hackin9: Network monitoring and investigation,but no data recovery

W ell this is more of a rescue CD for the network
rather than data. It's a full GUI-based live CD
like Knoppix and has all possible tools for assessing a
attempts, but also assesses your in-house network
vulnerabilities using Nessus and gives nice reports. It
has a good collection of sniffing tools like ethereal, et-
network. If you have doubt that your corporate net- tercap, etherape, dsniff and many others. If you have
work is being attacked, then this is the right CD. Ex- a wi-fi network then you can run Kismet to sniff a
cept for data or partition recovery, it has all network wireless network. It also has wireless drives for the
and forensic tools that a network administrator needs. Centrino chipset. Like Knoppix, you can work on this
You just need any machine connected to your network distro and save the work on a local hard drive or any-
and boot that machine with this CD and you are ready where on the network.You can even use the same dis-
to use it. tro to dial to the Internet using Wvdial.
The live CD not only detects the source of hacking If you want to do a forensic survey on any hard
drive then you can use sluethkit tool
to accomplish the task. Overall it's a
handy tool kit for network adminis-
trators.
This CD doesn't have any parti-
tion or data-recovery tools. So we
were not able to run the recovery
tests on it.We did run the sniffers and
Ntop. The best part is that you don't
have to configure these. They work
fine with the default config. We used
ettercap to sniff data on the network.
The only drawback is that you can't
store the log files generated by any
GUI of Hackin9 from where you can run the basic network assessment sniffer, unless you mount a hard
tools and configure the interface drive and save them there.

Plan-B: With lots of pre-configured scripts,even newbies will find this easy to use
P lan-B is another live rescue CD
based on RedHat Linux and has
a set of forensics data-recovery tools
such as autopsy, foremost sleuthkit
and BCwipe DCLF-DD. However, it
doesn't have gpart as a partition-re-
covery tool like the other two distros
we checked, but it comes with
parted—another partition-manipu-
lating software. But in this case the
partition detection is not fully auto-
matic and you have to know the size
of the deleted partition to do a cal-
culated guess for repairing it.
It also has a few network-security
tools to investigate a network. The Plan-B gives you options to boot in to various processor architectures,
tools are SARA, Ntop and Nessus.But so select the one that syour hardware supports
the best thing about these tools is that
they require zero configuration. You just have to run those who are not very good with Linux configuration
the shell scripts placed in /root/bin to start the serv- files. It contains lots of pre-configured scripts which
ices. You won’t believe that it can start Ntop with de- makes it easy to use even for newbies.
fault configuration, open up the browser and show its While doing the tests we found that parted does
interface just by running a shell script 'sntop'. not automatically search for deleted partitions.That's
One other attractive feature that it has is a BIOS why initially we ended up with an NTFS partition of
password recovery tool, which recovers CMOS pass- the wrong size, which wasn't accessible at all because
words.On the security front, it gives a long list of tools we didn't provide the correct partition size informa-
from creating a firewall to deploying a quick IDS sys- tion. So we recommend keeping a record of your par-
tem around your network. Like Fire and Hacking9, it tition sizes.
has a GUI interface and by right-clicking anywhere on But if you know the exact size of the deleted parti-
the GUI you can access few of the GUI tools. Plan-B is tion then recreating it with ‘parted’ is really easy and
an all-in-one toolkit for security experts, and even for fast. It just takes a couple of minutes to do it.
Features table
Live CD Size (MB) Supported Data recovery Forensic tools Partition table Sniffers/network Administration Anti virus
partition types tools recovery tools monitoring tools interface
Plan-B 657 Fat/NTFS,LVM,ext2, None None parted SARA, Nessus, Ntop, GUI None
ext3, Reiser FS,BeOS, Ettercap, Dsniff
QNX 4
Hackin9 496 None None None None SARA, Nessus, Ntop, GUI None
Ettercap, Dsniff,Kismat
and many more
LNX-BBC 47 Fat/NTFS,LVM,ext2, None None Gpart None Terminal None
ext3, Reiser FS,BeOS,
QNX 4
FIRE 578 Fat/NTFS,LVM,ext2, autopsy TCT, Autopsy, gpart, TestDisk Nessus, Ettercap Mostly Terminal f-prot,
ext3, Reiser FS,BeOS, Sleuthkit chkrootkit
QNX 4


extra edge.qxd 4/6/2005 11:09 AM Page 148
EXTRAEDGE
PRODUCT LAUNCHES, TROUBLESHOOTING, EVENTS
PCQuest Summit
for Developers 2005
PCQuest, in association with Sun Mi- thapuram. The summit focused on Java
crosystems, organized PCQuest Summit and open-source technologies. The
for Developers in February 2005. The speakers included technology evangel-
event was held at three cities—Delhi, ists and experts from Sun, IT consult-
Hyderabad, Mumbai and Tiruvanan- ants and those from PCQuest.
148 PCQUEST A P R I L 2 0 0 5
EXTRAEDGE E V E N T S
PCQuest Summit
for Linux 2005
PCQuest Summit for Linux was co-spon-
sored by Intel, IBM and RedHat. The
event was held across the country at three
places—Bangalore, Delhi and Mumbai. The
event saw speakers from Intel, IBM, Novell,
PCQuest and leading IT Consultancies. Split
in to three tracks for CIOs, System Adminis-
trators and Developers, the event was very
well attended at all the venues.
EXTRAEDGE E V E N T S
EXTRAEDGE P R O D U C T L A U N C H E S
Broadcast solution Current Prices*

P innacle Deko 1000HD is a broadcast quality solution for high defi-
nition (HD) real-time graphics creation and playback.Deko 1000HD
delivers in native 720p and 1080i HD resolutions, internal clip playback,
Microsoft
Win XP Pro
Visio Pro 2003
8,545
17,595
real-time motions and effects found in the standard definition Deko 1000 SBS Premium 2003
model. (5 User) 46,990
It also provides broadcasters with easy SD to HD transition, cost-ef- Office 2003 Pro 15,295
fective HD and sophisticated motion controls for eye-catching on-air SQL Server 2000
graphics and support for Deko options including the ClipDeko internal (10 User) 65,995
clip player and DekoMOS. VS.NET Ent Dev 2003 64,245
Price: Rs 22 lakh (plus 12 percent tax). Contact: Pinnacle, Delhi. Tel: MSDN Universal 7.0 87,995
25889728. E-mail: sgeorge@sungroup.net RQS# E20 or SMS 130420 to ISA Server 2000 53,595
9811800601 Visual Fox Pro 8.0 22,945
Symantec
Norton AV 2005 Desktop 1,425
AV SBS 9.0 Business (10 User) 10,985
AV SBS with Groupware
9.0 (10 User) 16,495
Client Security 2.0 with
Groupware Business (10 User) 19,795
Internet Security 2005 2,385
System Works 2005
Premier 3,295
Ghost 9.0 1,685
Personal Firewall 2005 1,685
Anti Spam 2005 1,445
PC Anywhere 11.0 7,145
Partition Magic 8.0 2,495
Anti-spyware solution Goback 4.0
Macromedia
1,795
S onicWALL has added dynamic spyware detection and elimination

capabilities to its gateway threat-protection product. The technol-
ogy will be delivered within SonicWALL's Gateway Anti-Virus,Anti-Spy-
Flash MX Professional 2004 28,395
Dreamweaver MX 2004 16,295
Studio MX 2004 w/Flash Pro 40,595
ware and Intrusion Prevention subscription service,enabling businesses Director MX 2004 48,695
of all sizes to maintain secure and productive networks. Freehand MX 2004 16,295
This technology uses a deep packet inspection engine that delivers Robohelp Office X5 40,595
virus protection, intrusion prevention and anti-spyware capabilities di- Adobe
rectly on the security gateway. Pagemaker 7.02 26,320
Price: Starting at Rs 10,500 (for TZ 170-10-25 user service) per an- Photoshop CS 8.0 31,495
num; will be unchanged and current subscribers to the Gateway Anti- Indesign CS 3.0 35,255
Virus/Intrusion Prevention service will receive the anti-spyware Acrobat Pro 7.0 21,055
component through an automatic download. Premiere Pro 1.5 40,695
The service is available on the entire range of SonicWALL's latest TZ Illustrator CS 11.0 25,645
and PRO series devices running SonicWALL's SonicOS 3.0 OS RQS# E21 Audition 1.5 16,070
or SMS 130421 to 9811800601


Current Prices* Motherboard series

Creative Suite Premium
McAfee
Virus Scan 2005/9.0
57,520
1,149
T he P5 motherboard series from Asus features driver support for the
64-bit computing architecture. These motherboards are BIOS up-
dated and have Intel EIST (Enhanced Intel SpeedStep technology). With
Internet Security 2005 2,095 the EIST technology,the P5 motherboards are able to automatically adjust
SMB AVD 8.0 (10 User) 13,995 the CPU's core voltage and core frequency according to the system per-
SMB AVSS 8.0 (10 User) 7,990 formance demand. The P5 Series supports both 64-bit and 32-bit opera-
Trend Micro tions, providing system compatibility and upgrade flexibility. The P5
PC-Cillin Internet Series is Intel Extended Memory 64 Technology (Intel EM64T) ready,
Security 2005 1,495 meaning the 600 series CPU of the P5 motherboard is able to run new 64-
NEAT Suite Standard (5 User) 4,750 bit code and access larger amounts of memory. Price: Rs 4,800 onwards
Unistal Contact:ASUSTeK Computer,Mumbai.E-mail: info_India@ asus.com.tw
Crash Proof with Anti Virus 1,399 RQS# E22 or SMS 130422 to 9811800601
Quick Recovery FAT & NTFS 6,188
Quick Recovery LINUX 4,125
Stellar Phoenix
Recovery Suite (FAT,
Hardware network anti virus
NTFS,LINUX,ROM)
Data Safety Win Client
Data Safety Win Server
17,955
2,700
13,500
N etwork VirusWall 2500 builds upon Network VirusWall 1200 by en-
abling IT security administrators to secure multiple network seg-
ments and mission-critical application servers through a single
RedHat appliance.
Enterprise Linux 3.0 11,490 Gigabit Ethernet support provides IT security administrators with
Enterprise Linux ES 3.0 STD 30,950 the flexibility to protect high-bandwidth network infrastructures. Built
Enterprise Linux AS for higher throughput and performance,Network VirusWall 2500 is ideal
(Advanced) 3.0 STD 56,490 for large complex organizations, capable of supporting thousands of
Corel concurrent users.
CorelDraw Graphic Suite 12 17,595 This provides customers with greater flexibility in enforcing network
Jasc Paintshop Pro 9.0 5,445 security policies across global, distributed enterprise environments to
Linux/UNIX help stop the damaging effects of network worms.
Novell Netware 6.5 - 5 User 33,990 Contact: Trend Micro India, New Delhi. Tel: 52699000. E-mail:
Novell Linux Desktop 9.0 3,455 sales.in@trendmicro.com RQS# E23 or SMS 130423 to 9811800601
Suse Linux Enterprise
Server 9.0 14,445
SCO Unix Open Server
Enterprise 5.0.7 (5 user) 59,990
Networked storage solution
Borland
Borland JBuilder 2005
Developer CD 19,990
T he AX100i features 2U Dell/EMC AX100i array with up to two con-
trollers and 12 SATA drives, providing storage capacities ranging
from 480 GB to 3 TB.It has iSCSI network interface module and supports
Borland JBuilder 2005 Windows.
Enterprise CD 139,990 The Dell/EMC AX100i is engineered to support applications such as
Borland C++ Builder 2005 Exchange and SQL for small organizations and workgroups,and extends
Enterprise CD 99,990 the key benefits of AX100 with simplified setup, management, scalabil-
ity and streamlined backups. AX100i offers advanced features for data
*These prices are for Delhi security as well as advanced functionality software for automated
failover and snapshots. RQS# E24 or SMS 130224 to 9811800601

More Launches
D-Link range of broadband products includes DSL-502G external
ADSL router, DSL-504G, DSL-514 - ADSL Router and DSL-G604T-Wire-
less ADSL Router. Price: DSL-502G: Rs 4,500; DSL-504G: Rs 6,500; DSL-
514: Rs 4,800; DSL-G604T: Rs 8,500. E-mail: sales@digigiga.co.in
RQS# E26 or SMS 130426 to 9811800601
Pureview PV17C monitor offers 90O Zip Shrink base and has in-
built speakers. It is self-wall mountable. Rs 17,900. E-mail:
sudipto@pureviewindia.com RQS# E27 or SMS 130427 to 9811800601
HP Compaq business notebooks: 8200, 6200, 6100 and 4200 series

come with an array of security options and incorporate Intel Centrino
mobile technology based on mobile Intel 915 Express. 6100 series: Rs
49,990; 6230 series: Rs 99,990; 4200 series: 1.25 lakh; 8200 series: Rs 1.5
lakh. Tel: (080) 521 6121 RQS# E28 or SMS 130428 to 9811800601
Dax T6 Pro Classic routing switch offers convergence of any protocol

on any card in any slot of any Advanced TCA (Telecon Computing Archi-
tecture). T6 Pro comes with multi-layering, multi-service facilities. Rs
11,66,609. E-mail: sujit@daxnetworks.com RQS# E29 or SMS 130429 to
9811800601
Iomega CD-RW/DVD-Rom plus 7-in-1 Card Reader and Iomega

USB-powered Mini Hard drive. Iomega Mini Hard Drive: Rs 11,250; CD-
RW/DVD Rom plus 7-in-1 card Reader: Rs 6,950. E-mail: sales@neo-
teric.co.in RQS# E30 or SMS 130430 to 9811800601
Philips 30-inch 300WN5 LCD monitor is network-controlled for re-

mote management with the facility to automatically adjust brightness
and generate an alert when the monitor overheats. Rs 2,25,000. Tel: (044)
22353313. RQS# E31 or SMS 130431 to 9811800601
Mobile printer
T he RW 420 is a compact and rugged mobile printer that offers increased
accuracy, speed and cash flow to companies who deliver direct to the
stores.Designed for use with a terminal or PDA, the RW 420 printer's mod-
ular design allows you to choose among wireless options, card readers and
integral accessories such as vehicle mounts for simplified route printing.
The printer features 203 dpi print resolution, 4 MB flash memory and
EMV-certified smart card and magnetic stripe reader.
Price: Rs 48,000. Contact: Bar Code India, Delhi. Tel: 26816687.
E-mail: praveen@barcodeindia. com RQS# E25 or SMS 130425 to
9811800601

EXTRAEDGE H E L P
Troubleshooting
Mail server tems in Hyderabad. As a software C#(C#.NET), ASP(ASP.NET) and
We have a campus network. I programmer, I have been develop- Microsoft(Microsoft.NET). Can
want to use the network for sending ing a project for which I have to put you tell me what does the .NET be-
and receiving mail, considering a tray icon of the project. Can you ing linked to these languages
that there is no Internet connec- give me your sample code so that I mean?
tion. There are more than 100 PCs can get some idea of how to work And is C#, C#.NET ,C#.NET for
connected to each other. with JDIC package? Web development,one or more dif-
VISHWANATH RANGAPPANAVAR Also can you help me by giving ferent languages?
the slides or the documents so that I am confused with so many
PCQuest: You may set up a mail I can get a detailed view of this versions of programming lan-
server easily with PCQLinux, a package. guages. I want to learn a new lan-
Linux distribution given out by PC- HIMA KIRAN A. guage but am unable to decide
Quest. Refer to our article Mail which will be the best, or give best
Server (page 50, March 2005) that PCQuest: We have mailed you results or which is in demand these
tells how to set up a mail server with the Netbeans project directory for days. And are these languages in
PCQLinux 2005 given out in the the system tray demo (presented at one way or the other, linked with
same issue. the PCQuest summit for Develop- each other?
If you don't want the people to ers). The entire presentation is I know C++.Are the languages
send or receive mail to outside (say hosted at http://forums.pcquest. I just mentioned, superior to C++,
hotmail.com or yahoo.com), then Some additional URLs to refer that is, do the programs made on
don't specify 'Optional transport for to are www.netbeans.org and these languages respond better
unknown recipients', as mentioned https://jdic.dev.java.net/ with better results or are more effi-
in the article. cient? Or is it that the kinds of pro-
Making a Swing class grams that can be made on these
CHM file format executable languages are more than those on
Could you please tell me how to I have written a drag-and-drop C++?
make use of the PHP tutorial avail- Swing program to upload the im- Shall I need more than one soft-
able at www.php.net in CHM file ages. For this, I also imported one ware to make programs in these
format.I am not able to get the link JAR file.Everything is working fine languages and then run them or
from the Web. , but now I want to make that pro- only one would do?
REENA MITRA gram executable even though the What are the benefits of learn-
machine doesn't have Java. ing such languages? Also tell me
PCQuest: You can also down- JAYASIMHA REDDY where can I get a general know-
load the extended HTML help from how on .NET?
this Web link http://www.php.net PCQuest: Please refer to the art- ASHISH SONI
/download-docs.php cle at this link http://www.role-
maker.dk/nonRoleMaker/javalaun PCQuest: The .NET is a plat-
Java and SysTray cher/marner_java_launcher.htm form. Originally it was intended to
integration be 'cross platform' and a directly
I attended your seminar on .NET know-how competing platform to Java. How-
JDIC supported by Sun Microsys- I have seen .NET linked with ever,with a completely implemented


EXTRAEDGE H E L P
system only for Windows presently used widely. It is only that the new Trouble loading PCQuest
(that too only the newest versions projects are being undertaken in the Linux 2005
like Win 2000, XP and 2003 support new platforms where possible. Sim- Let me congratulate you for
it) and the Linux port (Mono) is at ilarly, if you want to go the Linux bringing out such a nice version of
best half done and works in patches, way, you would use PHP, Perl or Linux in the form of PCQLinux
cross-platform ability is still a far Python or something that allows 2005. But I am facing problems
away dream. you to do KDE/Gnome/X related during first reboot after installa-
As a platform,.NET is supported programming. tion.
by several languages. Notably, Vi- Also, different languages are I have two separate hard disks
sual Basic.NET,C#,VC++.NET and suited for different purposes and en- for Windows (hda) and Linux
VJ# are among them. However, if vironments. Yes, .NET is currently (hdb). And I was running RedHat
you have something called a VSIP 'big' among developers and so is Linux 9.0 with LILO without any
agreement with Microsoft, they will Java. Learn both if you can. problem,with boot loader installed
give you the SDK needed to develop What kind of ‘linking’are you re- in the MBR of /dev/hda. But when
your own .NET language. ferring to? Anyway,the answer is no, I installed grub boot loader as pro-
So far, languages such as since learning one language does vided with PCQ Linux, my system
COBOL, Python and Fortran have not require you to know another. Of did not boot and the screen showed
been ported. Efforts are being made course,in some cases learning some- a warning—Minimum BASH like
to port PHP to .NET. thing (say C#) becomes easier if you support etc...... grub.
C# does not come with a .NET know another language (like C++) Now do I have to format Win-
extension. Neither does VJ#. These because of similarities in syntax or dows? I tried to load grub loader
two languages are unique to the coding logic. But you can still learn using the following Linux rescue
.NET family and have no prior exis- one without knowing anything option but of no avail.
tence.Since VB and VC++ have ver- about the other.
sions before .NET (like VB 6.0), we Each language has its own spe- sh#chroot /mnt/sysimage (??)
suffix '.NET' for them to indicate cial IDE that extracts maximum :sh#grub-install /dev/hda
their version. performance or results from the en-
One of the advantages of using a tire subsystem. For example, for any VINOD KUMAR
.NET language for development is of the .NET's Microsoft languages,
that your code remains almost ex- VS.NET would be a de facto choice PCQuest: To recover your win-
actly the same regardless of whether as an IDE. For say Java, it would be dows,boot from a Windows bootable
you're developing for the Web or for Eclipse or something else. CD or floppy and issue:
a desktop deployment. Of course, Nowadays, low-end versions of
there would be limitations—like, editors are also becoming available fdisk /mbr
you cannot put up a message box or for quick development. For VS.NET,
access the system registry in a Web you get something called ASP.NET Memory leak
app. Web Matrix, which you can use if Please suggest some good ways
‘Most in demand’ is a subjective you simply want to develop only to detect memory leak in apps and
phrase and depends very much on ASP.NET apps. OS components for Win XP SP2.
what you want to concentrate on. And once you know all these lan- Also how to prevent them?
For example, if you're talking about guages, you can work as a program- NULL_BIT
Windows development, although mer.
Microsoft promoters would have For .NET,we recommend you PCQuest:You can refer to the fol-
you believe that .NET is the only visit one of the appropriate devel- lowing link for this.
thing being used,the languages such oper centers at http://msdn.mi- http://labmice.techtarget.com/trou-
as VC++ 6.0, VB 6.0 are still being crosoft.com/developercenters/ bleshooting/memoryleaks.htm

Apr-Pc Quest

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Apr-Pc Quest

Uploaded by

Copyright:

Available Formats

content-april 05.

qxd 4/2/2005 11:44 AM Page 6

84: Prevention is better

20: Technology 100: Developer

Shootout of The Month In Depth

Cover Design : Bendi Vishan

PCQuest Power Pack

148: Extraedge ❂ DVD XTREME

Editor-in-Chief: Shyam Malhotra

Assistant Manager, DTP: Sudhir Kumar Arora

For risk factors refer to the offer document at www.cybermedia.co.in

The Wireless Tangle

E-governance With reference to your A K Chakravarti

found on the PCQLinux cles for the newbies as the

For risk factors refer to the offer document at www.cybermedia.co.in

The Next Pentium 4

For risk factors refer to the offer document at www.cybermedia.co.in

VPN on SUSE Linux

For risk factors refer to the offer document at www.cybermedia.co.in

E-learning with Moodle

Create datatypes for SQL Server

Public Property Address2() As String End Get ID INT NOT NULL,

For risk factors refer to the offer document at www.cybermedia.co.in

Demystifying Win XP Errors

prompt to repair the OS. Press R for

Manage Meetings Online

For risk factors refer to the offer document at www.cybermedia.co.in

Send SMS from Outlook 2003

Take your File Server Online

For risk factors refer to the offer document at www.cybermedia.co.in

Recover Lost Mail

Increase Life of your CDs/DVDs

For risk factors refer to the offer document at www.cybermedia.co.in

Create your Own DVD Menus

Now click on the select menu button at the bot-

Select the kind of menu, type in the text and link

Once through with creating menus and linking

Turn any PC into a NAS

For risk factors refer to the offer document at www.cybermedia.co.in

Ghost for Linux

disk or via FTP.

# adamantix-install Please remember however,that you need to log in as

For risk factors refer to the offer document at www.cybermedia.co.in

Continued from page 76 (Implementing Adamantix)

For risk factors refer to the offer document at www.cybermedia.co.in

Virtual Machine for Linux

make install-twisted Launch the guest OS

@lookup_sql_dsn = ( ['DBI:mysql:maia:localhost', 'root', # CONFIGURE THIS: Location of your database.cfg file

Substitute <password> with the MySQL's root to

chown -R amavis.amavis /var/amavis/maia my $local_cf_dir = "/etc/mail/spamassassin";

Substitute <password> with

For risk factors refer to the offer document at www.cybermedia.co.in

For risk factors refer to the offer document at www.cybermedia.co.in

Continued from page 76 (Implementing Adamantix)

For risk factors refer to the offer document at www.cybermedia.co.in

Photo : India Today

cate to non-Symbian systems. The

Traffic flow pattern method

gateway level is more like a fire-

Source: CSI/FBI Computer Crime & Security Survey Report (2003)

For risk factors refer to the offer document at www.cybermedia.co.in

standing. Our discussion below