10 reasons why PCs crash U must Know
Fatal error: the system has become unstable or is busy," it says. "Enter to return to Windows or press Control-Alt-Delete to restart your computer. If you do this you will lose any unsaved information in all open applications."
You have just been struck by the Blue Screen of Death. Anyone who uses Mcft Windows will be familiar with this. What can you do? More importantly, how can you prevent it happening?
1 Hardware conflict
The number one reason why Windows crashes is hardware conflict. Each hardware device communicates to other devices through an interrupt request channel (IRQ). These are supposed to be unique for each device.
For example, a printer usually connects internally on IRQ 7. The keyboard usually uses IRQ 1 and the floppy disk drive IRQ 6. Each device will try to hog a single IRQ for itself.
If there are a lot of devices, or if they are not installed properly, two of them may end up sharing the same IRQ number. When the user tries to use both devices at the same time, a crash can happen. The way to check if your computer has a hardware conflict is through the following route:
* Start-Settings-Control Panel-System-Device Manager.
Often if a device has a problem a yellow '!' appears next to its description in the Device Manager. Highlight Computer (in the Device Manager) and press Properties to see the IRQ numbers used by your computer. If the IRQ number appears twice, two devices may be using it.
Sometimes a device might share an IRQ with something described as 'IRQ holder for PCI steering'. This can be ignored. The best way to fix this problem is to remove the problem device and reinstall it.
Sometimes you may have to find more recent drivers on the internet to make the device function properly. A good resource is www.driverguide.com. If the device is a soundcard, or a modem, it can often be fixed by moving it to a different slot on the motherboard (be careful about opening your computer, as you may void the warranty).
When working inside a computer you should switch it off, unplug the mains lead and touch an unpainted metal surface to discharge any static electricity.
To be fair to Mcft, the problem with IRQ numbers is not of its making. It is a legacy problem going back to the first PC designs using the IBM 8086 chip. Initially there were only eight IRQs. Today there are 16 IRQs in a PC. It is easy to run out of them. There are plans to increase the number of IRQs in future designs.
2 Bad Ram
Ram (random-access memory) problems might bring on the blue screen of death with a message saying Fatal Exception Error. A fatal error indicates a serious hardware problem. Sometimes it may mean a part is damaged and will need replacing.
But a fatal error caused by Ram might be caused by a mismatch of chips. For example, mixing 70-nanosecond (70ns) Ram with 60ns Ram will usually force the computer to run all the Ram at the slower speed. This will often crash the machine if the Ram is overworked.
One way around this problem is to enter the BIOS settings and increase the wait state of the Ram. This can make it more stable. Another way to troubleshoot a suspected Ram problem is to rearrange the Ram chips on the motherboard, or take some of them out. Then try to repeat the circumstances that caused the crash. When handling Ram try not to touch the gold connections, as they can be easily damaged.
Parity error messages also refer to Ram. Modern Ram chips are either parity (ECC) or non parity (non-ECC). It is best not to mix the two types, as this can be a cause of trouble.
EMM386 error messages refer to memory problems but may not be connected to bad Ram. This may be due to free memory problems often linked to old Dos-based programmes.
3 BIOS settings
Every motherboard is supplied with a range of chipset settings that are decided in the factory. A common way to access these settings is to press the F2 or delete button during the first few seconds of a boot-up.
Once inside the BIOS, great care should be taken. It is a good idea to write down on a piece of paper all the settings that appear on the screen. That way, if you change something and the computer becomes more unstable, you will know what settings to revert to.
A common BIOS error concerns the CAS latency. This refers to the Ram. Older EDO (extended data out) Ram has a CAS latency of 3. Newer SDRam has a CAS latency of 2. Setting the wrong figure can cause the Ram to lock up and freeze the computer's display.
Mcft Windows is better at allocating IRQ numbers than any BIOS. If possible set the IRQ numbers to Auto in the BIOS. This will allow Windows to allocate the IRQ numbers (make sure the BIOS setting for Plug and Play OS is switched to 'yes' to allow Windows to do this.).
4 Hard disk drives
After a few weeks, the information on a hard disk drive starts to become piecemeal or fragmented. It is a good idea to defragment the hard disk every week or so, to prevent the disk from causing a screen freeze. Go to
* Start-Programs-Accessories-System Tools-Disk Defragmenter
This will start the procedure. You will be unable to write data to the hard drive (to save it) while the disk is defragmenting, so it is a good idea to schedule the procedure for a period of inactivity using the Task Scheduler.
The Task Scheduler should be one of the small icons on the bottom right of the Windows opening page (the desktop).
Some lockups and screen freezes caused by hard disk problems can be solved by reducing the read-ahead optimisation. This can be adjusted by going to
* Start-Settings-Control Panel-System Icon-Performance-File System-Hard Disk.
Hard disks will slow down and crash if they are too full. Do some housekeeping on your hard drive every few months and free some space on it. Open the Windows folder on the C drive and find the Temporary Internet Files folder. Deleting the contents (not the folder) can free a lot of space.
Empty the Recycle Bin every week to free more space. Hard disk drives should be scanned every week for errors or bad sectors. Go to
* Start-Programs-Accessories-System Tools-ScanDisk
Otherwise assign the Task Scheduler to perform this operation at night when the computer is not in use.
5 Fatal OE exceptions and VXD errors
Fatal OE exception errors and VXD errors are often caused by video card problems.
These can often be resolved easily by reducing the resolution of the video display. Go to
* Start-Settings-Control Panel-Display-Settings
Here you should slide the screen area bar to the left. Take a look at the colour settings on the left of that window. For most desktops, high colour 16-bit depth is adequate.
If the screen freezes or you experience system lockups it might be due to the video card. Make sure it does not have a hardware conflict. Go to
* Start-Settings-Control Panel-System-Device Manager
Here, select the + beside Display Adapter. A line of text describing your video card should appear. Select it (make it blue) and press properties. Then select Resources and select each line in the window. Look for a message that says No Conflicts.
If you have video card hardware conflict, you will see it here. Be careful at this point and make a note of everything you do in case you make things worse.
The way to resolve a hardware conflict is to uncheck the Use Automatic Settings box and hit the Change Settings button. You are searching for a setting that will display a No Conflicts message.
Another useful way to resolve video problems is to go to
* Start-Settings-Control Panel-System-Performance-Graphics
Here you should move the Hardware Acceleration slider to the left. As ever, the most common cause of problems relating to graphics cards is old or faulty drivers (a driver is a small piece of software used by a computer to communicate with a device).
Look up your video card's manufacturer on the internet and search for the most recent drivers for it.
6 Viruses
Often the first sign of a virus infection is instability. Some viruses erase the boot sector of a hard drive, making it impossible to start. This is why it is a good idea to create a Windows start-up disk. Go to
* Start-Settings-Control Panel-Add/Remove Programs
Here, look for the Start Up Disk tab. Virus protection requires constant vigilance.
A virus scanner requires a list of virus signatures in order to be able to identify viruses. These signatures are stored in a DAT file. DAT files should be updated weekly from the website of your antivirus software manufacturer.
An excellent antivirus programme is McAfee VirusScan by Network Associates ( www.nai.com). Another is Norton AntiVirus 2000, made by Symantec ( www.symantec.com).
7 Printers
The action of sending a document to print creates a bigger file, often called a postscript file.
Printers have only a small amount of memory, called a buffer. This can be easily overloaded. Printing a document also uses a considerable amount of CPU power. This will also slow down the computer's performance.
If the printer is trying to print unusual characters, these might not be recognised, and can crash the computer. Sometimes printers will not recover from a crash because of confusion in the buffer. A good way to clear the buffer is to unplug the printer for ten seconds. Booting up from a powerless state, also called a cold boot, will restore the printer's default settings and you may be able to carry on.
8 Software
A common cause of computer crash is faulty or badly-installed software. Often the problem can be cured by uninstalling the software and then reinstalling it. Use Norton Uninstall or Uninstall Shield to remove an application from your system properly. This will also remove references to the programme in the System Registry and leaves the way clear for a completely fresh copy.
The System Registry can be corrupted by old references to obsolete software that you thought was uninstalled. Use Reg Cleaner by Jouni Vuorio to clean up the System Registry and remove obsolete entries. It works on Windows 95, Windows 98, Windows 98 SE (Second Edition), Windows Millennium Edition (ME), NT4 and Windows 2000.
Read the instructions and use it carefully so you don't do permanent damage to the Registry. If the Registry is damaged you will have to reinstall your operating system. Reg Cleaner can be obtained from www.jv16.org
Often a Windows problem can be resolved by entering Safe Mode. This can be done during start-up. When you see the message "Starting Windows" press F4. This should take you into Safe Mode.
Safe Mode loads a minimum of drivers. It allows you to find and fix problems that prevent Windows from loading properly.
Sometimes installing Windows is difficult because of unsuitable BIOS settings. If you keep getting SUWIN error messages (Windows setup) during the Windows installation, then try entering the BIOS and disabling the CPU internal cache. Try to disable the Level 2 (L2) cache if that doesn't work.
Remember to restore all the BIOS settings back to their former settings following installation.
9 Overheating
Central processing units (CPUs) are usually equipped with fans to keep them cool. If the fan fails or if the CPU gets old it may start to overheat and generate a particular kind of error called a kernel error. This is a common problem in chips that have been overclocked to operate at higher speeds than they are supposed to.
One remedy is to get a bigger better fan and install it on top of the CPU. Specialist cooling fans/heatsinks are available from www.computernerd.com or www.coolit.com
CPU problems can often be fixed by disabling the CPU internal cache in the BIOS. This will make the machine run more slowly, but it should also be more stable.
10 Power supply problems
With all the new construction going on around the country the steady supply of electricity has become disrupted. A power surge or spike can crash a computer as easily as a power cut.
If this has become a nuisance for you then consider buying a uninterrupted power supply (UPS). This will give you a clean power supply when there is electricity, and it will give you a few minutes to perform a controlled shutdown in case of a power cut.
It is a good investment if your data are critical, because a power cut will cause any unsaved data to be lost.
Senin, 29 Desember 2008
Kamis, 18 Desember 2008
Download Free Music Legall
| Are you scared that the RIAA is about to track you down for illegally downloading songs. Well, here is a method of obtaining many songs absolutely free that is virtually untrackable By modern technology. This has to do with capturing streaming audio, which in many cases, believe it or not Are plain old mp3s just waiting for you to "download." I have found most of the current top-40 as well as many others you may like, so keep searching. The music is waiting for you to find it. Step 1: First of all, you need to find a good site that hosts streaming audio. My favorite that has brought me many songs to date is hxxp://WWW.windowsmedia.Com . Some others are just as good, but this is the site that I will be referencing (plus, I know you guys love to steal from Microsoft). Step 2: All right, go up to the left hand corner where there is an empty text box. This is the search box, just fill it with a songname or artist just like you would in kazaa and click search. This will bring up a page with links to many websites hosting a stream by that artist. The ones with music notes are just that...music, this is what you want. In many cases, this is all you need. Just right click on one of the links and click "save as" to save the song. This works if the file extension is .mp3 or .wma or .asf or well-other known formats. If this worked, you are finished, otherwise continue reading. Step 3: However, if you encounter a .asx file, there are a few more steps you will have to endure. First of all, do exactly like the above example and save the file locally. After the file is downloaded, check to see how large the file is. If it is a large file in the megabyte range, then you should be able to play it in your favorite music program. However, if it is less than 1 kilobyte, open it as a textfile. You will then see many script commands that communicate to windows media player. Don't worry about these, just look for some URLs which will most likely be pointing to a .asf file. It will have at least one if not more. Open the new found URL in your browser and save it like in step 2 and you should be good to go. (I use Mozilla, because Internet Explorer likes to open things rather than save them as I tell it) NOTE: If any of the URLs are preceded with "mms://" instead of "http://" find another URL, because this technique will not work. This technique is especially useful to avoid prosecution because streaming audio, and downloading it appear the same to a web server, therefore you are seen as just another "legal" listener, so "download" away my friend and don't blame me if this soon becomes illegal (if it isn't already). Step 4: If you are picky then search for a program that will convert these file types to mp3s. I assure you there are many sites out there. If this technique does not work for some reason, there is another technique which is manually recording streaming audio, with an audio capture program. I use the one that came with my soundcard (Audigy 2ZS, great soundcard), but I would recommend it only as a last resort such as with "mms://" files. There is a degredation in quality compared to the other formats and it records every sound your PC makes while it is recording so don't chat on AIM while recording (lol I can hear random doors slamming now). | ||
| |
Rabu, 17 Desember 2008
BIN & .CUE simple tutorial.
| BIN & .CUE simple tutorial. There always seems to be the question "what do I do with a .bin and .cue file" in these forums so I figured I would write a quick and simple tutorial. Please feel free to add more. So you have downloaded two files, one with a .bin extension and one with a .cue extension. "What do I do with these?" you ask. There are a number of options. BURN TO CD You will need either NERO, CDRWIN or FIREBURNER to burn the file. To burn with NERO: Start NERO, choose FILE, choose BURN IMAGE, locate the .cue file you have and double click it. A dialog box will come up, for anything other than music make sure you choose DISC-AT-ONCE (DAO). You can also turn off the simulation burn if you so choose. Then burn away. To burn with CDRWin: Start CDRWin, choose the button on the top left, choose LOAD CUESHEET, press START RECORDING. To burn with Fireburner: Start Fireburner, click on the button on the bottom left corner "VISUAL CUE BURNER/BINCHUNKER", press the right mouse button and choose LOAD TRACKS FROM .CUE and choose the correct .CUE file, press the right mouse button again and chooseselect "Burn/Test Burn", choose DISK AT ONCE (DAO), disable TEST BURN and MULTISESSION, press OK. .CUE ERRORS The most common error you will get with a .cue file is when it points to an incorrect path. This is easily fixed. Find the .bin file, copy the exact title including the .bin extension. Now find the .cue file, open the .cue file using notepad. It should look similar to this: FILE "name of file.bin" BINARY TRACK 01 MODE2/2352 INDEX 01 00:00:00 TRACK 02 MODE2/2352 INDEX 00 00:04:00 INDEX 01 00:06:00 Delete everything in the quotes, in this case we would Delete name of file.bin. Now place the title you copied In between the quotes. Save the changes and close out. That's it, your .cue file should work now. OTHER WAYS TO USE .BIN & .CUE FILES VCDGear: This program will allow you to extract MPEG streams from CD images, convert VCD files to MPEG, correct MPEG errors, and more. Daemon Tools: This program creates a virtual drive on your PC which will allow you to "mount" the .cue file and use whatever is in the .bin file without having to burn it to a cd. ISOBuster: This program will allow you to "bust" open the .bin file and extract the files within the .bin. | ||
| |
Senin, 15 Desember 2008
Best Keyboard Shortcut
| Getting used to using your keyboard exclusively and leaving your mouse behind will make you much more efficient at performing any task on any Windows system. I use the following keyboard shortcuts every day: Windows key + R = Run menu This is usually followed by: Cmd = Command Prompt Iexplore + "web address" = Internet Explorer Compmgmt.msc = Computer Management Dhcpmgmt.msc = DHCP Management Dnsmgmt.msc = DNS Management Services.msc = Services Eventvwr = Event Viewer Dsa.msc = Active Directory Users and Computers Dssite.msc = Active Directory Sites and Services Windows key + E = Explorer ALT + Tab = Switch between windows ALT, Space, X = Maximize window CTRL + Shift + Esc = Task Manager Windows key + Break = System properties Windows key + F = Search Windows key + D = Hide/Display all windows CTRL + C = copy CTRL + X = cut CTRL + V = paste Also don't forget about the "Right-click" key next to the right Windows key on your keyboard. Using the arrows and that key can get just about anything done once you've opened up any program. Keyboard Shortcuts [Alt] and [Esc] Switch between running applications [Alt] and letter Select menu item by underlined letter [Ctrl] and [Esc] Open Program Menu [Ctrl] and [F4] Close active document or group windows (does not work with some applications) [Alt] and [F4] Quit active application or close current window [Alt] and [-] Open Control menu for active document Ctrl] Lft., Rt. Arrow Move cursor forward or back one word Ctrl] Up, Down arrow Move cursor forward or back one paragraph [F1] Open Help for active application Windows+M Minimize all open windows Shift+Windows+M Undo minimize all open windows Windows+F1 Open Windows Help Windows+Tab Cycle through the Taskbar buttons Windows+Break Open the System Properties dialog box Acessability shortcuts Right SHIFT for eight seconds........ Switch FilterKeys on and off. Left ALT +left SHIFT +PRINT SCREEN....... Switch High Contrast on and off. Left ALT +left SHIFT +NUM LOCK....... Switch MouseKeys on and off. SHIFT....... Five times Switch StickyKeys on and off. NUM LOCK...... For five seconds Switch ToggleKeys on and off. Explorer shortcuts END....... Display the bottom of the active window. HOME....... Display the top of the active window. NUM LOCK+ASTERISK....... On numeric keypad (*) Display all subfolders under the selected folder. NUM LOCK+PLUS SIGN....... On numeric keypad (+) Display the contents of the selected folder. NUM LOCK+MINUS SIGN....... On numeric keypad (-) Collapse the selected folder. LEFT ARROW...... Collapse current selection if it's expanded, or select parent folder. RIGHT ARROW....... Display current selection if it's collapsed, or select first subfolder. Type the following commands in your Run Box (Windows Key + R) or Start Run Devmgmt.msc = Device Manager Msinfo32 = System Information Cleanmgr = Disk Cleanup Ntbackup = Backup or Restore Wizard (Windows Backup Utility) Mmc = Microsoft Management Console Excel = Microsoft Excel (If Installed) Msaccess = Microsoft Access (If Installed) Powerpnt = Microsoft PowerPoint (If Installed) Winword = Microsoft Word (If Installed) Frontpg = Microsoft FrontPage (If Installed) Notepad = Notepad Wordpad = WordPad Calc = Calculator Msmsgs = Windows Messenger Mspaint = Microsoft Paint Wmplayer = Windows Media Player Rstrui = System Restore Netscp6 = Netscape 6.x Netscp = Netscape 7.x Netscape = Netscape 4.x Waol = America Online Control = Opens the Control Panel Control printers = Opens the Printers Dialog Internetbrowser Type in u're address "google", then press [Right CTRL] and [Enter] Add www. And .Com to word and go to it For Windows XP: Copy. CTRL+C Cut. CTRL+X Paste. CTRL+V Undo. CTRL+Z Delete. DELETE Delete selected item permanently without placing the item in the Recycle Bin. SHIFT+DELETE Copy selected item. CTRL while dragging an item Create shortcut to selected item. CTRL+SHIFT while dragging an item Rename selected item. F2 Move the insertion point to the beginning of the next word. CTRL+RIGHT ARROW Move the insertion point to the beginning of the previous word. CTRL+LEFT ARROW Move the insertion point to the beginning of the next paragraph. CTRL+DOWN ARROW Move the insertion point to the beginning of the previous paragraph. CTRL+UP ARROW Highlight a block of text. CTRL+SHIFT with any of the arrow keys Select more than one item in a window or on the desktop, or select text within a document. SHIFT with any of the arrow keys Select all. CTRL+A Search for a file or folder. F3 View properties for the selected item. ALT+ENTER Close the active item, or quit the active program. ALT+F4 Opens the shortcut menu for the active window. ALT+SPACEBAR Close the active document in programs that allow you to have multiple documents open simultaneously. CTRL+F4 Switch between open items. ALT+TAB Cycle through items in the order they were opened. ALT+ESC Cycle through screen elements in a window or on the desktop. F6 Display the Address bar list in My Computer or Windows Explorer. F4 Display the shortcut menu for the selected item. SHIFT+F10 Display the System menu for the active window. ALT+SPACEBAR Display the Start menu. CTRL+ESC Display the corresponding menu. ALT+Underlined letter in a menu name Carry out the corresponding command. Underlined letter in a command name on an open menu Activate the menu bar in the active program. F10 Open the next menu to the right, or open a submenu. RIGHT ARROW Open the next menu to the left, or close a submenu. LEFT ARROW Refresh the active window. F5 View the folder one level up in My Computer or Windows Explorer. BACKSPACE Cancel the current task. ESC SHIFT when you insert a CD into the CD-ROM drive Prevent the CD from automatically playing. Use these keyboard shortcuts for dialog boxes: To Press Move forward through tabs. CTRL+TAB Move backward through tabs. CTRL+SHIFT+TAB Move forward through options. TAB Move backward through options. SHIFT+TAB Carry out the corresponding command or select the corresponding option. ALT+Underlined letter Carry out the command for the active option or button. ENTER Select or clear the check box if the active option is a check box. SPACEBAR Select a button if the active option is a group of option buttons. Arrow keys Display Help. F1 Display the items in the active list. F4 Open a folder one level up if a folder is selected in the Save As or Open dialog box. BACKSPACE If you have a Microsoft Natural Keyboard, or any other compatible keyboard that includes the Windows logo key and the Application key , you can use these keyboard shortcuts: Display or hide the Start menu. WIN Key Display the System Properties dialog box. WIN Key+BREAK Show the desktop. WIN Key+D Minimize all windows. WIN Key+M Restores minimized windows. WIN Key+Shift+M Open My Computer. WIN Key+E Search for a file or folder. WIN Key+F Search for computers. CTRL+WIN Key+F Display Windows Help. WIN Key+F1 Lock your computer if you are connected to a network domain, or switch users if you are not connected to a network domain. WIN Key+ L Open the Run dialog box. WIN Key+R Open Utility Manager. WIN Key+U accessibility keyboard shortcuts: Switch FilterKeys on and off. Right SHIFT for eight seconds Switch High Contrast on and off. Left ALT+left SHIFT+PRINT SCREEN Switch MouseKeys on and off. Left ALT +left SHIFT +NUM LOCK Switch StickyKeys on and off. SHIFT five times Switch ToggleKeys on and off. NUM LOCK for five seconds Open Utility Manager. WIN Key+U shortcuts you can use with Windows Explorer: Display the bottom of the active window. END Display the top of the active window. HOME Display all subfolders under the selected folder. NUM LOCK+ASTERISK on numeric keypad (*) Display the contents of the selected folder. NUM LOCK+PLUS SIGN on numeric keypad (+) Collapse the selected folder. NUM LOCK+MINUS SIGN on numeric keypad (-) Collapse current selection if it's expanded, or select parent folder. LEFT ARROW Display current selection if it's collapsed, or select first subfolder. RIGHT ARROW | ||
| |
Explanation about bandwidth
| This is well written explanation about bandwidth, very useful info. BandWidth Explained Most hosting companies offer a variety of bandwidth options in their plans. So exactly what is bandwidth as it relates to web hosting? Put simply, bandwidth is the amount of traffic that is allowed to occur between your web site and the rest of the Internet. The amount of bandwidth a hosting company can provide is determined by their network connections, both internal to their data center and external to the public Internet. Network Connectivity The Internet, in the most simplest of terms, is a group of millions of computers connected by networks. These connections within the Internet can be large or small depending upon the cabling and equipment that is used at a particular Internet location. It is the size of each network connection that determines how much bandwidth is available. For example, if you use a DSL connection to connect to the Internet, you have 1.54 Mega bits (Mb) of bandwidth. Bandwidth therefore is measured in bits (a single 0 or 1). Bits are grouped in bytes which form words, text, and other information that is transferred between your computer and the Internet. If you have a DSL connection to the Internet, you have dedicated bandwidth between your computer and your Internet provider. But your Internet provider may have thousands of DSL connections to their location. All of these connection aggregate at your Internet provider who then has their own dedicated connection to the Internet (or multiple connections) which is much larger than your single connection. They must have enough bandwidth to serve your computing needs as well as all of their other customers. So while you have a 1.54Mb connection to your Internet provider, your Internet provider may have a 255Mb connection to the Internet so it can accommodate your needs and up to 166 other users (255/1.54). Traffic A very simple analogy to use to understand bandwidth and traffic is to think of highways and cars. Bandwidth is the number of lanes on the highway and traffic is the number of cars on the highway. If you are the only car on a highway, you can travel very quickly. If you are stuck in the middle of rush hour, you may travel very slowly since all of the lanes are being used up. Traffic is simply the number of bits that are transferred on network connections. It is easiest to understand traffic using examples. One Gigabyte is 2 to the 30th power (1,073,741,824) bytes. One gigabyte is equal to 1,024 megabytes. To put this in perspective, it takes one byte to store one character. Imagine 100 file cabinets in a building, each of these cabinets holds 1000 folders. Each folder has 100 papers. Each paper contains 100 characters - A GB is all the characters in the building. An MP3 song is about 4MB, the same song in wav format is about 40MB, a full length movie can be 800MB to 1000MB (1000MB = 1GB). If you were to transfer this MP3 song from a web site to your computer, you would create 4MB of traffic between the web site you are downloading from and your computer. Depending upon the network connection between the web site and the Internet, the transfer may occur very quickly, or it could take time if other people are also downloading files at the same time. If, for example, the web site you download from has a 10MB connection to the Internet, and you are the only person accessing that web site to download your MP3, your 4MB file will be the only traffic on that web site. However, if three people are all downloading that same MP at the same time, 12MB (3 x 4MB) of traffic has been created. Because in this example, the host only has 10MB of bandwidth, someone will have to wait. The network equipment at the hosting company will cycle through each person downloading the file and transfer a small portion at a time so each person's file transfer can take place, but the transfer for everyone downloading the file will be slower. If 100 people all came to the site and downloaded the MP3 at the same time, the transfers would be extremely slow. If the host wanted to decrease the time it took to download files simultaneously, it could increase the bandwidth of their Internet connection (at a cost due to upgrading equipment). Hosting Bandwidth In the example above, we discussed traffic in terms of downloading an MP3 file. However, each time you visit a web site, you are creating traffic, because in order to view that web page on your computer, the web page is first downloaded to your computer (between the web site and you) which is then displayed using your browser software (Internet Explorer, Netscape, etc.) . The page itself is simply a file that creates traffic just like the MP3 file in the example above (however, a web page is usually much smaller than a music file). A web page may be very small or large depending upon the amount of text and the number and quality of images integrated within the web page. For example, the home page for CNN.com is about 200KB (200 Kilobytes = 200,000 bytes = 1,600,000 bits). This is typically large for a web page. In comparison, Yahoo's home page is about 70KB. How Much Bandwidth Is Enough? It depends (don't you hate that answer). But in truth, it does. Since bandwidth is a significant determinant of hosting plan prices, you should take time to determine just how much is right for you. Almost all hosting plans have bandwidth requirements measured in months, so you need to estimate the amount of bandwidth that will be required by your site on a monthly basis If you do not intend to provide file download capability from your site, the formula for calculating bandwidth is fairly straightforward: Average Daily Visitors x Average Page Views x Average Page Size x 31 x Fudge Factor If you intend to allow people to download files from your site, your bandwidth calculation should be: [(Average Daily Visitors x Average Page Views x Average Page Size) + (Average Daily File Downloads x Average File Size)] x 31 x Fudge Factor Let us examine each item in the formula: Average Daily Visitors - The number of people you expect to visit your site, on average, each day. Depending upon how you market your site, this number could be from 1 to 1,000,000. Average Page Views - On average, the number of web pages you expect a person to view. If you have 50 web pages in your web site, an average person may only view 5 of those pages each time they visit. Average Page Size - The average size of your web pages, in Kilobytes (KB). If you have already designed your site, you can calculate this directly. Average Daily File Downloads - The number of downloads you expect to occur on your site. This is a function of the numbers of visitors and how many times a visitor downloads a file, on average, each day. Average File Size - Average file size of files that are downloadable from your site. Similar to your web pages, if you already know which files can be downloaded, you can calculate this directly. Fudge Factor - A number greater than 1. Using 1.5 would be safe, which assumes that your estimate is off by 50%. However, if you were very unsure, you could use 2 or 3 to ensure that your bandwidth requirements are more than met. Usually, hosting plans offer bandwidth in terms of Gigabytes (GB) per month. This is why our formula takes daily averages and multiplies them by 31. Summary Most personal or small business sites will not need more than 1GB of bandwidth per month. If you have a web site that is composed of static web pages and you expect little traffic to your site on a daily basis, go with a low bandwidth plan. If you go over the amount of bandwidth allocated in your plan, your hosting company could charge you over usage fees, so if you think the traffic to your site will be significant, you may want to go through the calculations above to estimate the amount of bandwidth required in a hosting plan. | ||
| |
Selasa, 09 Desember 2008
How Too Linux Boots
How Linux boots
As it turns out, there isn't much to the boot process:
1. A boot loader finds the kernel image on the disk, loads it into memory, and starts it.
2. The kernel initializes the devices and its drivers.
3. The kernel mounts the root filesystem.
4. The kernel starts a program called init.
5. init sets the rest of the processes in motion.
6. The last processes that init starts as part of the boot sequence allow you to log in.
Identifying each stage of the boot process is invaluable in fixing boot problems and understanding the system as a whole. To start, zero in on the boot loader, which is the initial screen or prompt you get after the computer does its power-on self-test, asking which operating system to run. After you make a choice, the boot loader runs the Linux kernel, handing control of the system to the kernel.
There is a detailed discussion of the kernel elsewhere in this book from which this article is excerpted. This article covers the kernel initialization stage, the stage when the kernel prints a bunch of messages about the hardware present on the system. The kernel starts init just after it displays a message proclaiming that the kernel has mounted the root filesystem:
VFS: Mounted root (ext2 filesystem) readonly.
Soon after, you will see a message about init starting, followed by system service startup messages, and finally you get a login prompt of some sort.
NOTE On Red Hat Linux, the init note is especially obvious, because it "welcomes" you to "Red Hat Linux." All messages thereafter show success or failure in brackets at the right-hand side of the screen.
Most of this chapter deals with init, because it is the part of the boot sequence where you have the most control.
init
There is nothing special about init. It is a program just like any other on the Linux system, and you'll find it in /sbin along with other system binaries. The main purpose of init is to start and stop other programs in a particular sequence. All you have to know is how this sequence works.
There are a few different variations, but most Linux distributions use the System V style discussed here. Some distributions use a simpler version that resembles the BSD init, but you are unlikely to encounter this.
Runlevels
At any given time on a Linux system, a certain base set of processes is running. This state of the machine is called its runlevel, and it is denoted with a number from 0 through 6. The system spends most of its time in a single runlevel. However, when you shut the machine down, init switches to a different runlevel in order to terminate the system services in an orderly fashion and to tell the kernel to stop. Yet another runlevel is for single-user mode, discussed later.
The easiest way to get a handle on runlevels is to examine the init configuration file, /etc/inittab. Look for a line like the following:
id:5:initdefault:
This line means that the default runlevel on the system is 5. All lines in the inittab file take this form, with four fields separated by colons occurring in the following order:
# A unique identifier (a short string, such as id in the preceding example)
# The applicable runlevel number(s)
# The action that init should take (in the preceding example, the action is to set the default runlevel to 5)
# A command to execute (optional)
There is no command to execute in the preceding initdefault example because a command doesn't make sense in the context of setting the default runlevel. Look a little further down in inittab, until you see a line like this:
l5:5:wait:/etc/rc.d/rc 5
This line triggers most of the system configuration and services through the rc*.d and init.d directories. You can see that init is set to execute a command called /etc/rc.d/rc 5 when in runlevel 5. The wait action tells when and how init runs the command: run rc 5 once when entering runlevel 5, and then wait for this command to finish before doing anything else.
There are several different actions in addition to initdefault and wait, especially pertaining to power management, and the inittab(5) manual page tells you all about them. The ones that you're most likely to encounter are explained in the following sections.
respawn
The respawn action causes init to run the command that follows, and if the command finishes executing, to run it again. You're likely to see something similar to this line in your inittab file:
1:2345:respawn:/sbin/mingetty tty1
The getty programs provide login prompts. The preceding line is for the first virtual console (/dev/tty1), the one you see when you press ALT-F1 or CONTROL-ALT-F1. The respawn action brings the login prompt back after you log out.
ctrlaltdel
The ctrlaltdel action controls what the system does when you press CONTROL-ALT-DELETE on a virtual console. On most systems, this is some sort of reboot command using the shutdown command.
sysinit
The sysinit action is the very first thing that init should run when it starts up, before entering any runlevels.
How processes in runlevels start
You are now ready to learn how init starts the system services, just before it lets you log in. Recall this inittab line from earlier:
l5:5:wait:/etc/rc.d/rc 5
This small line triggers many other programs. rc stands for run commands, and you will hear people refer to the commands as scripts, programs, or services. So, where are these commands, anyway?
For runlevel 5, in this example, the commands are probably either in /etc/rc.d/rc5.d or /etc/rc5.d. Runlevel 1 uses rc1.d, runlevel 2 uses rc2.d, and so on. You might find the following items in the rc5.d directory:
S10sysklogd S20ppp S99gpm
S12kerneld S25netstd_nfs S99httpd
S15netstd_init S30netstd_misc S99rmnologin
S18netbase S45pcmcia S99sshd
S20acct S89atd
S20logoutd S89cron
The rc 5 command starts programs in this runlevel directory by running the following commands:
S10sysklogd start
S12kerneld start
S15netstd_init start
S18netbase start
...
S99sshd start
Notice the start argument in each command. The S in a command name means that the command should run in start mode, and the number (00 through 99) determines where in the sequence rc starts the command.
The rc*.d commands are usually shell scripts that start programs in /sbin or /usr/sbin. Normally, you can figure out what one of the commands actually does by looking at the script with less or another pager program.
You can start one of these services by hand. For example, if you want to start the httpd Web server program manually, run S99httpd start. Similarly, if you ever need to kill one of the services when the machine is on, you can run the command in the rc*.d directory with the stop argument (S99httpd stop, for instance).
Some rc*.d directories contain commands that start with K (for "kill," or stop mode). In this case, rc runs the command with the stop argument instead of start. You are most likely to encounter K commands in runlevels that shut the system down.
Adding and removing services
If you want to add, delete, or modify services in the rc*.d directories, you need to take a closer look at the files inside. A long listing reveals a structure like this:
lrwxrwxrwx . . . S10sysklogd -> ../init.d/sysklogd
lrwxrwxrwx . . . S12kerneld -> ../init.d/kerneld
lrwxrwxrwx . . . S15netstd_init -> ../init.d/netstd_init
lrwxrwxrwx . . . S18netbase -> ../init.d/netbase
...
The commands in an rc*.d directory are actually symbolic links to files in an init.d directory, usually in /etc or /etc/rc.d. Linux distributions contain these links so that they can use the same startup scripts for all runlevels. This convention is by no means a requirement, but it often makes organization a little easier.
To prevent one of the commands in the init.d directory from running in a particular runlevel, you might think of removing the symbolic link in the appropriate rc*.d directory. This does work, but if you make a mistake and ever need to put the link back in place, you might have trouble remembering the exact name of the link. Therefore, you shouldn't remove links in the rc*.d directories, but rather, add an underscore (_) to the beginning of the link name like this:
mv S99httpd _S99httpd
At boot time, rc ignores _S99httpd because it doesn't start with S or K. Furthermore, the original name is still obvious, and you have quick access to the command if you're in a pinch and need to start it by hand.
To add a service, you must create a script like the others in the init.d directory and then make a symbolic link in the correct rc*.d directory. The easiest way to write a script is to examine the scripts already in init.d, make a copy of one that you understand, and modify the copy.
When adding a service, make sure that you choose an appropriate place in the boot sequence to start the service. If the service starts too soon, it may not work, due to a dependency on some other service. For non-essential services, most systems administrators prefer numbers in the 90s, after most of the services that came with the system.
Linux distributions usually come with a command to enable and disable services in the rc*.d directories. For example, in Debian, the command is update-rc.d, and in Red Hat Linux, the command is chkconfig. Graphical user interfaces are also available. Using these programs helps keep the startup directories consistent and helps with upgrades.
HINT: One of the most common Linux installation problems is an improperly configured XFree86 server that flicks on and off, making the system unusable on console. To stop this behavior, boot into single-user mode and alter your runlevel or runlevel services. Look for something containing xdm, gdm, or kdm in your rc*.d directories, or your /etc/inittab.
Controlling init
Occasionally, you need to give init a little kick to tell it to switch runlevels, to re-read the inittab file, or just to shut down the system. Because init is always the first process on a system, its process ID is always 1.
You can control init with telinit. For example, if you want to switch to runlevel 3, use this command:
telinit 3
When switching runlevels, init tries to kill off any processes that aren't in the inittab file for the new runlevel. Therefore, you should be careful about changing runlevels.
When you need to add or remove respawning jobs or make any other change to the inittab file, you must tell init about the change and cause it to re-read the file. Some people use kill -HUP 1 to tell init to do this. This traditional method works on most versions of Unix, as long as you type it correctly. However, you can also run this telinit command:
telinit q
You can also use telinit s to switch to single-user mode.
Shutting down
init also controls how the system shuts down and reboots. The proper way to shut down a Linux machine is to use the shutdown command.
There are two basic ways to use shutdown. If you halt the system, it shuts the machine down and keeps it down. To make the machine halt immediately, use this command:
shutdown -h now
On most modern machines with reasonably recent versions of Linux, a halt cuts the power to the machine. You can also reboot the machine. For a reboot, use -r instead of -h.
The shutdown process takes several seconds. You should never reset or power off a machine during this stage.
In the preceding example, now is the time to shut down. This argument is mandatory, but there are many ways of specifying it. If you want the machine to go down sometime in the future, one way is to use +n, where n is the number of minutes shutdown should wait before doing its work. For other options, look at the shutdown(8) manual page.
To make the system reboot in 10 minutes, run this command:
shutdown -r +10
On Linux, shutdown notifies anyone logged on that the machine is going down, but it does little real work. If you specify a time other than now, shutdown creates a file called /etc/nologin. When this file is present, the system prohibits logins by anyone except the superuser.
When system shutdown time finally arrives, shutdown tells init to switch to runlevel 0 for a halt and runlevel 6 for a reboot. When init enters runlevel 0 or 6, all of the following takes place, which you can verify by looking at the scripts inside rc0.d and rc6.d:
1. init kills every process that it can (as it would when switching to any other runlevel).
# The initial rc0.d/rc6.d commands run, locking system files into place and making other preparations for shutdown.
# The next rc0.d/rc6.d commands unmount all filesystems other than the root.
# Further rc0.d/rc6.d commands remount the root filesystem read-only.
# Still more rc0.d/rc6.d commands write all buffered data out to the filesystem with the sync program.
# The final rc0.d/rc6.d commands tell the kernel to reboot or stop with the reboot, halt, or poweroff program.
The reboot and halt programs behave differently for each runlevel, potentially causing confusion. By default, these programs call shutdown with the -r or -h options, but if the system is already at the halt or reboot runlevel, the programs tell the kernel to shut itself off immediately. If you really want to shut your machine down in a hurry (disregarding any possible damage from a disorderly shutdown), use the -f option.
As it turns out, there isn't much to the boot process:
1. A boot loader finds the kernel image on the disk, loads it into memory, and starts it.
2. The kernel initializes the devices and its drivers.
3. The kernel mounts the root filesystem.
4. The kernel starts a program called init.
5. init sets the rest of the processes in motion.
6. The last processes that init starts as part of the boot sequence allow you to log in.
Identifying each stage of the boot process is invaluable in fixing boot problems and understanding the system as a whole. To start, zero in on the boot loader, which is the initial screen or prompt you get after the computer does its power-on self-test, asking which operating system to run. After you make a choice, the boot loader runs the Linux kernel, handing control of the system to the kernel.
There is a detailed discussion of the kernel elsewhere in this book from which this article is excerpted. This article covers the kernel initialization stage, the stage when the kernel prints a bunch of messages about the hardware present on the system. The kernel starts init just after it displays a message proclaiming that the kernel has mounted the root filesystem:
VFS: Mounted root (ext2 filesystem) readonly.
Soon after, you will see a message about init starting, followed by system service startup messages, and finally you get a login prompt of some sort.
NOTE On Red Hat Linux, the init note is especially obvious, because it "welcomes" you to "Red Hat Linux." All messages thereafter show success or failure in brackets at the right-hand side of the screen.
Most of this chapter deals with init, because it is the part of the boot sequence where you have the most control.
init
There is nothing special about init. It is a program just like any other on the Linux system, and you'll find it in /sbin along with other system binaries. The main purpose of init is to start and stop other programs in a particular sequence. All you have to know is how this sequence works.
There are a few different variations, but most Linux distributions use the System V style discussed here. Some distributions use a simpler version that resembles the BSD init, but you are unlikely to encounter this.
Runlevels
At any given time on a Linux system, a certain base set of processes is running. This state of the machine is called its runlevel, and it is denoted with a number from 0 through 6. The system spends most of its time in a single runlevel. However, when you shut the machine down, init switches to a different runlevel in order to terminate the system services in an orderly fashion and to tell the kernel to stop. Yet another runlevel is for single-user mode, discussed later.
The easiest way to get a handle on runlevels is to examine the init configuration file, /etc/inittab. Look for a line like the following:
id:5:initdefault:
This line means that the default runlevel on the system is 5. All lines in the inittab file take this form, with four fields separated by colons occurring in the following order:
# A unique identifier (a short string, such as id in the preceding example)
# The applicable runlevel number(s)
# The action that init should take (in the preceding example, the action is to set the default runlevel to 5)
# A command to execute (optional)
There is no command to execute in the preceding initdefault example because a command doesn't make sense in the context of setting the default runlevel. Look a little further down in inittab, until you see a line like this:
l5:5:wait:/etc/rc.d/rc 5
This line triggers most of the system configuration and services through the rc*.d and init.d directories. You can see that init is set to execute a command called /etc/rc.d/rc 5 when in runlevel 5. The wait action tells when and how init runs the command: run rc 5 once when entering runlevel 5, and then wait for this command to finish before doing anything else.
There are several different actions in addition to initdefault and wait, especially pertaining to power management, and the inittab(5) manual page tells you all about them. The ones that you're most likely to encounter are explained in the following sections.
respawn
The respawn action causes init to run the command that follows, and if the command finishes executing, to run it again. You're likely to see something similar to this line in your inittab file:
1:2345:respawn:/sbin/mingetty tty1
The getty programs provide login prompts. The preceding line is for the first virtual console (/dev/tty1), the one you see when you press ALT-F1 or CONTROL-ALT-F1. The respawn action brings the login prompt back after you log out.
ctrlaltdel
The ctrlaltdel action controls what the system does when you press CONTROL-ALT-DELETE on a virtual console. On most systems, this is some sort of reboot command using the shutdown command.
sysinit
The sysinit action is the very first thing that init should run when it starts up, before entering any runlevels.
How processes in runlevels start
You are now ready to learn how init starts the system services, just before it lets you log in. Recall this inittab line from earlier:
l5:5:wait:/etc/rc.d/rc 5
This small line triggers many other programs. rc stands for run commands, and you will hear people refer to the commands as scripts, programs, or services. So, where are these commands, anyway?
For runlevel 5, in this example, the commands are probably either in /etc/rc.d/rc5.d or /etc/rc5.d. Runlevel 1 uses rc1.d, runlevel 2 uses rc2.d, and so on. You might find the following items in the rc5.d directory:
S10sysklogd S20ppp S99gpm
S12kerneld S25netstd_nfs S99httpd
S15netstd_init S30netstd_misc S99rmnologin
S18netbase S45pcmcia S99sshd
S20acct S89atd
S20logoutd S89cron
The rc 5 command starts programs in this runlevel directory by running the following commands:
S10sysklogd start
S12kerneld start
S15netstd_init start
S18netbase start
...
S99sshd start
Notice the start argument in each command. The S in a command name means that the command should run in start mode, and the number (00 through 99) determines where in the sequence rc starts the command.
The rc*.d commands are usually shell scripts that start programs in /sbin or /usr/sbin. Normally, you can figure out what one of the commands actually does by looking at the script with less or another pager program.
You can start one of these services by hand. For example, if you want to start the httpd Web server program manually, run S99httpd start. Similarly, if you ever need to kill one of the services when the machine is on, you can run the command in the rc*.d directory with the stop argument (S99httpd stop, for instance).
Some rc*.d directories contain commands that start with K (for "kill," or stop mode). In this case, rc runs the command with the stop argument instead of start. You are most likely to encounter K commands in runlevels that shut the system down.
Adding and removing services
If you want to add, delete, or modify services in the rc*.d directories, you need to take a closer look at the files inside. A long listing reveals a structure like this:
lrwxrwxrwx . . . S10sysklogd -> ../init.d/sysklogd
lrwxrwxrwx . . . S12kerneld -> ../init.d/kerneld
lrwxrwxrwx . . . S15netstd_init -> ../init.d/netstd_init
lrwxrwxrwx . . . S18netbase -> ../init.d/netbase
...
The commands in an rc*.d directory are actually symbolic links to files in an init.d directory, usually in /etc or /etc/rc.d. Linux distributions contain these links so that they can use the same startup scripts for all runlevels. This convention is by no means a requirement, but it often makes organization a little easier.
To prevent one of the commands in the init.d directory from running in a particular runlevel, you might think of removing the symbolic link in the appropriate rc*.d directory. This does work, but if you make a mistake and ever need to put the link back in place, you might have trouble remembering the exact name of the link. Therefore, you shouldn't remove links in the rc*.d directories, but rather, add an underscore (_) to the beginning of the link name like this:
mv S99httpd _S99httpd
At boot time, rc ignores _S99httpd because it doesn't start with S or K. Furthermore, the original name is still obvious, and you have quick access to the command if you're in a pinch and need to start it by hand.
To add a service, you must create a script like the others in the init.d directory and then make a symbolic link in the correct rc*.d directory. The easiest way to write a script is to examine the scripts already in init.d, make a copy of one that you understand, and modify the copy.
When adding a service, make sure that you choose an appropriate place in the boot sequence to start the service. If the service starts too soon, it may not work, due to a dependency on some other service. For non-essential services, most systems administrators prefer numbers in the 90s, after most of the services that came with the system.
Linux distributions usually come with a command to enable and disable services in the rc*.d directories. For example, in Debian, the command is update-rc.d, and in Red Hat Linux, the command is chkconfig. Graphical user interfaces are also available. Using these programs helps keep the startup directories consistent and helps with upgrades.
HINT: One of the most common Linux installation problems is an improperly configured XFree86 server that flicks on and off, making the system unusable on console. To stop this behavior, boot into single-user mode and alter your runlevel or runlevel services. Look for something containing xdm, gdm, or kdm in your rc*.d directories, or your /etc/inittab.
Controlling init
Occasionally, you need to give init a little kick to tell it to switch runlevels, to re-read the inittab file, or just to shut down the system. Because init is always the first process on a system, its process ID is always 1.
You can control init with telinit. For example, if you want to switch to runlevel 3, use this command:
telinit 3
When switching runlevels, init tries to kill off any processes that aren't in the inittab file for the new runlevel. Therefore, you should be careful about changing runlevels.
When you need to add or remove respawning jobs or make any other change to the inittab file, you must tell init about the change and cause it to re-read the file. Some people use kill -HUP 1 to tell init to do this. This traditional method works on most versions of Unix, as long as you type it correctly. However, you can also run this telinit command:
telinit q
You can also use telinit s to switch to single-user mode.
Shutting down
init also controls how the system shuts down and reboots. The proper way to shut down a Linux machine is to use the shutdown command.
There are two basic ways to use shutdown. If you halt the system, it shuts the machine down and keeps it down. To make the machine halt immediately, use this command:
shutdown -h now
On most modern machines with reasonably recent versions of Linux, a halt cuts the power to the machine. You can also reboot the machine. For a reboot, use -r instead of -h.
The shutdown process takes several seconds. You should never reset or power off a machine during this stage.
In the preceding example, now is the time to shut down. This argument is mandatory, but there are many ways of specifying it. If you want the machine to go down sometime in the future, one way is to use +n, where n is the number of minutes shutdown should wait before doing its work. For other options, look at the shutdown(8) manual page.
To make the system reboot in 10 minutes, run this command:
shutdown -r +10
On Linux, shutdown notifies anyone logged on that the machine is going down, but it does little real work. If you specify a time other than now, shutdown creates a file called /etc/nologin. When this file is present, the system prohibits logins by anyone except the superuser.
When system shutdown time finally arrives, shutdown tells init to switch to runlevel 0 for a halt and runlevel 6 for a reboot. When init enters runlevel 0 or 6, all of the following takes place, which you can verify by looking at the scripts inside rc0.d and rc6.d:
1. init kills every process that it can (as it would when switching to any other runlevel).
# The initial rc0.d/rc6.d commands run, locking system files into place and making other preparations for shutdown.
# The next rc0.d/rc6.d commands unmount all filesystems other than the root.
# Further rc0.d/rc6.d commands remount the root filesystem read-only.
# Still more rc0.d/rc6.d commands write all buffered data out to the filesystem with the sync program.
# The final rc0.d/rc6.d commands tell the kernel to reboot or stop with the reboot, halt, or poweroff program.
The reboot and halt programs behave differently for each runlevel, potentially causing confusion. By default, these programs call shutdown with the -r or -h options, but if the system is already at the halt or reboot runlevel, the programs tell the kernel to shut itself off immediately. If you really want to shut your machine down in a hurry (disregarding any possible damage from a disorderly shutdown), use the -f option.
Kamis, 27 November 2008
Setting Up A Ftp
Setting Up A Ftp:
Well, since many of us have always wondered this, here it is. Long and drawn out. Also, before attempting this, realize one thing; You will have to give up your time, effort, bandwidth, and security to have a quality ftp server.
That being said, here it goes. First of all, find out if your IP (Internet Protocol) is static (not changing) or dynamic (changes everytime you log on). To do this, first consider the fact if you have a dial up modem. If you do, chances are about 999 999 out of 1 000 000 that your IP is dynamic. To make it static, just go to a place like h*tp://www.myftp.org/ to register for a static ip address.
You'll then need to get your IP. This can be done by doing this:
Going to Start -> Run -> winipcfg or www.ask.com and asking 'What is my IP?'
After doing so, you'll need to download an FTP server client. Personally, I'd recommend G6 FTP Server, Serv-U FTPor Bullitproof v2.15 all three of which are extremely reliable, and the norm of the ftp world.
You can download them on this site: h*tp://www.liaokai.com/softw_en/d_index.htm
First, you'll have to set up your ftp. For this guide, I will use step-by-step instructions for G6. First, you'll have to go into 'Setup -> General'. From here, type in your port # (default is 21). I recommend something unique, or something a bit larger (ex: 3069). If you want to, check the number of max users (this sets the amount of simultaneous maximum users on your server at once performing actions - The more on at once, the slower the connection and vice versa).
The below options are then chooseable:
-Launch with windows
-Activate FTP Server on Start-up
-Put into tray on startup
-Allow multiple instances
-Show "Loading..." status at startup
-Scan drive(s) at startup
-Confirm exit
You can do what you want with these, as they are pretty self explanatory. The scan drive feature is nice, as is the 2nd and the last option. From here, click the 'options' text on the left column.
To protect your server, you should check 'login check' and 'password check', 'Show relative path (a must!)', and any other options you feel you'll need. After doing so, click the 'advanced' text in the left column. You should then leave the buffer size on the default (unless of course you know what you're doing ), and then allow the type of ftp you want.
Uploading and downloading is usually good, but it's up to you if you want to allow uploads and/or downloads. For the server priority, that will determine how much conventional memory will be used and how much 'effort' will go into making your server run smoothly.
Anti-hammering is also good, as it prevents people from slowing down your speed. From here, click 'Log Options' from the left column. If you would like to see and record every single command and clutter up your screen, leave the defaults.
But, if you would like to see what is going on with the lowest possible space taken, click 'Screen' in the top column. You should then check off 'Log successful logins', and all of the options in the client directry, except 'Log directory changes'. After doing so, click 'Ok' in the bottom left corner.
You will then have to go into 'Setup -> User Accounts' (or ctrl & u). From here, you should click on the right most column, and right click. Choose 'Add', and choose the username(s) you would like people to have access to.
After giving a name (ex: themoonlanding), you will have to give them a set password in the bottom column (ex: wasfaked). For the 'Home IP' directory, (if you registered with a static server, check 'All IP Homes'. If your IP is static by default, choose your IP from the list. You will then have to right click in the very center column, and choose 'Add'.
From here, you will have to set the directory you want the people to have access to. After choosing the directory, I suggest you choose the options 'Read', 'List', and 'Subdirs', unless of course you know what you're doing . After doing so, make an 'upload' folder in the directory, and choose to 'add' this folder seperately to the center column. Choose 'write', 'append', 'make', 'list', and 'subdirs'. This will allow them to upload only to specific folders (your upload folder).
Now click on 'Miscellaneous' from the left column. Choose 'enable account', your time-out (how long it takes for people to remain idle before you automatically kick them off), the maximum number of users for this name, the maximum number of connections allowed simultaneously for one ip address, show relative path (a must!), and any other things at the bottom you'd like to have. Now click 'Ok'.
**Requested**
From this main menu, click the little boxing glove icon in the top corner, and right click and unchoose the hit-o-meter for both uploads and downloads (with this you can monitor IP activity). Now click the lightning bolt, and your server is now up and running.
Post your ftp info, like this:
213.10.93.141 (or something else, such as: 'f*p://example.getmyip.com')
User: *** (The username of the client)
Pass: *** (The password)
Port: *** (The port number you chose)
So make a FTP and join the FTP section
Listing The Contents Of A Ftp:
Listing the content of a FTP is very simple.
You will need FTP Content Maker, which can be downloaded from here:
ht*p://www.etplanet.com/download/application/FTP%20Content%20Maker%201.02.zip
1. Put in the IP of the server. Do not put "ftp://" or a "/" because it will not work if you do so.
2. Put in the port. If the port is the default number, 21, you do not have to enter it.
3. Put in the username and password in the appropriate fields. If the login is anonymous, you do not have to enter it.
4. If you want to list a specific directory of the FTP, place it in the directory field. Otherwise, do not enter anything in the directory field.
5. Click "Take the List!"
6. After the list has been taken, click the UBB output tab, and copy and paste to wherever you want it.
If FTP Content Maker is not working, it is probably because the server does not utilize Serv-U Software.
If you get this error message:
StatusCode = 550
LastResponse was : 'Unable to open local file test-ftp'
Error = 550 (Unable to open local file test-ftp)
Error = Unable to open local file test-ftp = 550
Close and restart FTP Content Maker, then try again.
error messages:
110 Restart marker reply. In this case, the text is exact and not left to the particular implementation; it must read: MARK yyyy = mmmm Where yyyy is User-process data stream marker, and mmmm server's equivalent marker (note the spaces between markers and "=").
120 Service ready in nnn minutes.
125 Data connection already open; transfer starting.
150 File status okay; about to open data connection.
200 Command okay.
202 Command not implemented, superfluous at this site.
211 System status, or system help reply.
212 Directory status.
213 File status.
214 Help message. On how to use the server or the meaning of a particular non-standard command. This reply is useful only to the human user.
215 NAME system type. Where NAME is an official system name from the list in the Assigned Numbers document.
220 Service ready for new user.
221 Service closing control connection. Logged out if appropriate.
225 Data connection open; no transfer in progress.
226 Closing data connection. Requested file action successful (for example, file transfer or file abort).
227 Entering Passive Mode (h1,h2,h3,h4,p1,p2).
230 User logged in, proceed.
250 Requested file action okay, completed.
257 "PATHNAME" created.
331 User name okay, need password.
332 Need account for login.
350 Requested file action pending further information.
421 Too many users logged to the same account
425 Can't open data connection.
426 Connection closed; transfer aborted.
450 Requested file action not taken. File unavailable (e.g., file busy).
451 Requested action aborted: local error in processing.
452 Requested action not taken. Insufficient storage space in system.
500 Syntax error, command unrecognized. This may include errors such as command line too long.
501 Syntax error in parameters or arguments.
502 Command not implemented.
503 Bad sequence of commands.
504 Command not implemented for that parameter.
530 Not logged in.
532 Need account for storing files.
550 Requested action not taken. File unavailable (e.g., file not found, no access).
551 Requested action aborted: page type unknown.
552 Requested file action aborted. Exceeded storage allocation (for current directory or dataset).
553 Requested action not taken. File name not allowed.
Active FTP vs. Passive FTP, a Definitive Explanation
Introduction
One of the most commonly seen questions when dealing with firewalls and other Internet connectivity issues is the difference between active and passive FTP and how best to support either or both of them. Hopefully the following text will help to clear up some of the confusion over how to support FTP in a firewalled environment.
This may not be the definitive explanation, as the title claims, however, I've heard enough good feedback and seen this document linked in enough places to know that quite a few people have found it to be useful. I am always looking for ways to improve things though, and if you find something that is not quite clear or needs more explanation, please let me know! Recent additions to this document include the examples of both active and passive command line FTP sessions. These session examples should help make things a bit clearer. They also provide a nice picture into what goes on behind the scenes during an FTP session. Now, on to the information...
The Basics
FTP is a TCP based service exclusively. There is no UDP component to FTP. FTP is an unusual service in that it utilizes two ports, a 'data' port and a 'command' port (also known as the control port). Traditionally these are port 21 for the command port and port 20 for the data port. The confusion begins however, when we find that depending on the mode, the data port is not always on port 20.
Active FTP
In active mode FTP the client connects from a random unprivileged port (N > 1024) to the FTP server's command port, port 21. Then, the client starts listening to port N+1 and sends the FTP command PORT N+1 to the FTP server. The server will then connect back to the client's specified data port from its local data port, which is port 20.
From the server-side firewall's standpoint, to support active mode FTP the following communication channels need to be opened:
FTP server's port 21 from anywhere (Client initiates connection)
FTP server's port 21 to ports > 1024 (Server responds to client's control port)
FTP server's port 20 to ports > 1024 (Server initiates data connection to client's data port)
FTP server's port 20 from ports > 1024 (Client sends ACKs to server's data port)
In step 1, the client's command port contacts the server's command port and sends the command PORT 1027. The server then sends an ACK back to the client's command port in step 2. In step 3 the server initiates a connection on its local data port to the data port the client specified earlier. Finally, the client sends an ACK back as shown in step 4.
The main problem with active mode FTP actually falls on the client side. The FTP client doesn't make the actual connection to the data port of the server--it simply tells the server what port it is listening on and the server connects back to the specified port on the client. From the client side firewall this appears to be an outside system initiating a connection to an internal client--something that is usually blocked.
Active FTP Example
Below is an actual example of an active FTP session. The only things that have been changed are the server names, IP addresses, and user names. In this example an FTP session is initiated from testbox1.slacksite.com (192.168.150.80), a linux box running the standard FTP command line client, to testbox2.slacksite.com (192.168.150.90), a linux box running ProFTPd 1.2.2RC2. The debugging (-d) flag is used with the FTP client to show what is going on behind the scenes. Everything in red is the debugging output which shows the actual FTP commands being sent to the server and the responses generated from those commands. Normal server output is shown in black, and user input is in bold.
There are a few interesting things to consider about this dialog. Notice that when the PORT command is issued, it specifies a port on the client (192.168.150.80) system, rather than the server. We will see the opposite behavior when we use passive FTP. While we are on the subject, a quick note about the format of the PORT command. As you can see in the example below it is formatted as a series of six numbers separated by commas. The first four octets are the IP address while the second two octets comprise the port that will be used for the data connection. To find the actual port multiply the fifth octet by 256 and then add the sixth octet to the total. Thus in the example below the port number is ( (14*256) + 178), or 3762. A quick check with netstat should confirm this information.
testbox1: {/home/p-t/slacker/public_html} % ftp -d testbox2
Connected to testbox2.slacksite.com.
220 testbox2.slacksite.com FTP server ready.
Name (testbox2:slacker): slacker
---> USER slacker
331 Password required for slacker.
Password: TmpPass
---> PASS XXXX
230 User slacker logged in.
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
ftp: setsockopt (ignored): Permission denied
---> PORT 192,168,150,80,14,178
200 PORT command successful.
---> LIST
150 Opening ASCII mode data connection for file list.
drwx------ 3 slacker users 104 Jul 27 01:45 public_html
226 Transfer complete.
ftp> quit
---> QUIT
221 Goodbye.
Passive FTP
In order to resolve the issue of the server initiating the connection to the client a different method for FTP connections was developed. This was known as passive mode, or PASV, after the command used by the client to tell the server it is in passive mode.
In passive mode FTP the client initiates both connections to the server, solving the problem of firewalls filtering the incoming data port connection to the client from the server. When opening an FTP connection, the client opens two random unprivileged ports locally (N > 1024 and N+1). The first port contacts the server on port 21, but instead of then issuing a PORT command and allowing the server to connect back to its data port, the client will issue the PASV command. The result of this is that the server then opens a random unprivileged port (P > 1024) and sends the PORT P command back to the client. The client then initiates the connection from port N+1 to port P on the server to transfer data.
From the server-side firewall's standpoint, to support passive mode FTP the following communication channels need to be opened:
FTP server's port 21 from anywhere (Client initiates connection)
FTP server's port 21 to ports > 1024 (Server responds to client's control port)
FTP server's ports > 1024 from anywhere (Client initiates data connection to random port specified by server)
FTP server's ports > 1024 to remote ports > 1024 (Server sends ACKs (and data) to client's data port)
In step 1, the client contacts the server on the command port and issues the PASV command. The server then replies in step 2 with PORT 2024, telling the client which port it is listening to for the data connection. In step 3 the client then initiates the data connection from its data port to the specified server data port. Finally, the server sends back an ACK in step 4 to the client's data port.
While passive mode FTP solves many of the problems from the client side, it opens up a whole range of problems on the server side. The biggest issue is the need to allow any remote connection to high numbered ports on the server. Fortunately, many FTP daemons, including the popular WU-FTPD allow the administrator to specify a range of ports which the FTP server will use. See Appendix 1 for more information.
The second issue involves supporting and troubleshooting clients which do (or do not) support passive mode. As an example, the command line FTP utility provided with Solaris does not support passive mode, necessitating a third-party FTP client, such as ncftp.
With the massive popularity of the World Wide Web, many people prefer to use their web browser as an FTP client. Most browsers only support passive mode when accessing ftp:// URLs. This can either be good or bad depending on what the servers and firewalls are configured to support.
Passive FTP Example
Below is an actual example of a passive FTP session. The only things that have been changed are the server names, IP addresses, and user names. In this example an FTP session is initiated from testbox1.slacksite.com (192.168.150.80), a linux box running the standard FTP command line client, to testbox2.slacksite.com (192.168.150.90), a linux box running ProFTPd 1.2.2RC2. The debugging (-d) flag is used with the FTP client to show what is going on behind the scenes. Everything in red is the debugging output which shows the actual FTP commands being sent to the server and the responses generated from those commands. Normal server output is shown in black, and user input is in bold.
Notice the difference in the PORT command in this example as opposed to the active FTP example. Here, we see a port being opened on the server (192.168.150.90) system, rather than the client. See the discussion about the format of the PORT command above, in the Active FTP Example section.
testbox1: {/home/p-t/slacker/public_html} % ftp -d testbox2
Connected to testbox2.slacksite.com.
220 testbox2.slacksite.com FTP server ready.
Name (testbox2:slacker): slacker
---> USER slacker
331 Password required for slacker.
Password: TmpPass
---> PASS XXXX
230 User slacker logged in.
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> passive
Passive mode on.
ftp> ls
ftp: setsockopt (ignored): Permission denied
---> PASV
227 Entering Passive Mode (192,168,150,90,195,149).
---> LIST
150 Opening ASCII mode data connection for file list
drwx------ 3 slacker users 104 Jul 27 01:45 public_html
226 Transfer complete.
ftp> quit
---> QUIT
221 Goodbye.
Summary
The following chart should help admins remember how each FTP mode works:
Active FTP :
command : client >1024 -> server 21
data : client >1024 <- server 20
Passive FTP :
command : client >1024 -> server 21
data : client >1024 -> server >1024
A quick summary of the pros and cons of active vs. passive FTP is also in order:
Active FTP is beneficial to the FTP server admin, but detrimental to the client side admin. The FTP server attempts to make connections to random high ports on the client, which would almost certainly be blocked by a firewall on the client side. Passive FTP is beneficial to the client, but detrimental to the FTP server admin. The client will make both connections to the server, but one of them will be to a random high port, which would almost certainly be blocked by a firewall on the server side.
Luckily, there is somewhat of a compromise. Since admins running FTP servers will need to make their servers accessible to the greatest number of clients, they will almost certainly need to support passive FTP. The exposure of high level ports on the server can be minimized by specifying a limited port range for the FTP server to use. Thus, everything except for this range of ports can be firewalled on the server side. While this doesn't eliminate all risk to the server, it decreases it tremendously.
Well, since many of us have always wondered this, here it is. Long and drawn out. Also, before attempting this, realize one thing; You will have to give up your time, effort, bandwidth, and security to have a quality ftp server.
That being said, here it goes. First of all, find out if your IP (Internet Protocol) is static (not changing) or dynamic (changes everytime you log on). To do this, first consider the fact if you have a dial up modem. If you do, chances are about 999 999 out of 1 000 000 that your IP is dynamic. To make it static, just go to a place like h*tp://www.myftp.org/ to register for a static ip address.
You'll then need to get your IP. This can be done by doing this:
Going to Start -> Run -> winipcfg or www.ask.com and asking 'What is my IP?'
After doing so, you'll need to download an FTP server client. Personally, I'd recommend G6 FTP Server, Serv-U FTPor Bullitproof v2.15 all three of which are extremely reliable, and the norm of the ftp world.
You can download them on this site: h*tp://www.liaokai.com/softw_en/d_index.htm
First, you'll have to set up your ftp. For this guide, I will use step-by-step instructions for G6. First, you'll have to go into 'Setup -> General'. From here, type in your port # (default is 21). I recommend something unique, or something a bit larger (ex: 3069). If you want to, check the number of max users (this sets the amount of simultaneous maximum users on your server at once performing actions - The more on at once, the slower the connection and vice versa).
The below options are then chooseable:
-Launch with windows
-Activate FTP Server on Start-up
-Put into tray on startup
-Allow multiple instances
-Show "Loading..." status at startup
-Scan drive(s) at startup
-Confirm exit
You can do what you want with these, as they are pretty self explanatory. The scan drive feature is nice, as is the 2nd and the last option. From here, click the 'options' text on the left column.
To protect your server, you should check 'login check' and 'password check', 'Show relative path (a must!)', and any other options you feel you'll need. After doing so, click the 'advanced' text in the left column. You should then leave the buffer size on the default (unless of course you know what you're doing ), and then allow the type of ftp you want.
Uploading and downloading is usually good, but it's up to you if you want to allow uploads and/or downloads. For the server priority, that will determine how much conventional memory will be used and how much 'effort' will go into making your server run smoothly.
Anti-hammering is also good, as it prevents people from slowing down your speed. From here, click 'Log Options' from the left column. If you would like to see and record every single command and clutter up your screen, leave the defaults.
But, if you would like to see what is going on with the lowest possible space taken, click 'Screen' in the top column. You should then check off 'Log successful logins', and all of the options in the client directry, except 'Log directory changes'. After doing so, click 'Ok' in the bottom left corner.
You will then have to go into 'Setup -> User Accounts' (or ctrl & u). From here, you should click on the right most column, and right click. Choose 'Add', and choose the username(s) you would like people to have access to.
After giving a name (ex: themoonlanding), you will have to give them a set password in the bottom column (ex: wasfaked). For the 'Home IP' directory, (if you registered with a static server, check 'All IP Homes'. If your IP is static by default, choose your IP from the list. You will then have to right click in the very center column, and choose 'Add'.
From here, you will have to set the directory you want the people to have access to. After choosing the directory, I suggest you choose the options 'Read', 'List', and 'Subdirs', unless of course you know what you're doing . After doing so, make an 'upload' folder in the directory, and choose to 'add' this folder seperately to the center column. Choose 'write', 'append', 'make', 'list', and 'subdirs'. This will allow them to upload only to specific folders (your upload folder).
Now click on 'Miscellaneous' from the left column. Choose 'enable account', your time-out (how long it takes for people to remain idle before you automatically kick them off), the maximum number of users for this name, the maximum number of connections allowed simultaneously for one ip address, show relative path (a must!), and any other things at the bottom you'd like to have. Now click 'Ok'.
**Requested**
From this main menu, click the little boxing glove icon in the top corner, and right click and unchoose the hit-o-meter for both uploads and downloads (with this you can monitor IP activity). Now click the lightning bolt, and your server is now up and running.
Post your ftp info, like this:
213.10.93.141 (or something else, such as: 'f*p://example.getmyip.com')
User: *** (The username of the client)
Pass: *** (The password)
Port: *** (The port number you chose)
So make a FTP and join the FTP section
Listing The Contents Of A Ftp:
Listing the content of a FTP is very simple.
You will need FTP Content Maker, which can be downloaded from here:
ht*p://www.etplanet.com/download/application/FTP%20Content%20Maker%201.02.zip
1. Put in the IP of the server. Do not put "ftp://" or a "/" because it will not work if you do so.
2. Put in the port. If the port is the default number, 21, you do not have to enter it.
3. Put in the username and password in the appropriate fields. If the login is anonymous, you do not have to enter it.
4. If you want to list a specific directory of the FTP, place it in the directory field. Otherwise, do not enter anything in the directory field.
5. Click "Take the List!"
6. After the list has been taken, click the UBB output tab, and copy and paste to wherever you want it.
If FTP Content Maker is not working, it is probably because the server does not utilize Serv-U Software.
If you get this error message:
StatusCode = 550
LastResponse was : 'Unable to open local file test-ftp'
Error = 550 (Unable to open local file test-ftp)
Error = Unable to open local file test-ftp = 550
Close and restart FTP Content Maker, then try again.
error messages:
110 Restart marker reply. In this case, the text is exact and not left to the particular implementation; it must read: MARK yyyy = mmmm Where yyyy is User-process data stream marker, and mmmm server's equivalent marker (note the spaces between markers and "=").
120 Service ready in nnn minutes.
125 Data connection already open; transfer starting.
150 File status okay; about to open data connection.
200 Command okay.
202 Command not implemented, superfluous at this site.
211 System status, or system help reply.
212 Directory status.
213 File status.
214 Help message. On how to use the server or the meaning of a particular non-standard command. This reply is useful only to the human user.
215 NAME system type. Where NAME is an official system name from the list in the Assigned Numbers document.
220 Service ready for new user.
221 Service closing control connection. Logged out if appropriate.
225 Data connection open; no transfer in progress.
226 Closing data connection. Requested file action successful (for example, file transfer or file abort).
227 Entering Passive Mode (h1,h2,h3,h4,p1,p2).
230 User logged in, proceed.
250 Requested file action okay, completed.
257 "PATHNAME" created.
331 User name okay, need password.
332 Need account for login.
350 Requested file action pending further information.
421 Too many users logged to the same account
425 Can't open data connection.
426 Connection closed; transfer aborted.
450 Requested file action not taken. File unavailable (e.g., file busy).
451 Requested action aborted: local error in processing.
452 Requested action not taken. Insufficient storage space in system.
500 Syntax error, command unrecognized. This may include errors such as command line too long.
501 Syntax error in parameters or arguments.
502 Command not implemented.
503 Bad sequence of commands.
504 Command not implemented for that parameter.
530 Not logged in.
532 Need account for storing files.
550 Requested action not taken. File unavailable (e.g., file not found, no access).
551 Requested action aborted: page type unknown.
552 Requested file action aborted. Exceeded storage allocation (for current directory or dataset).
553 Requested action not taken. File name not allowed.
Active FTP vs. Passive FTP, a Definitive Explanation
Introduction
One of the most commonly seen questions when dealing with firewalls and other Internet connectivity issues is the difference between active and passive FTP and how best to support either or both of them. Hopefully the following text will help to clear up some of the confusion over how to support FTP in a firewalled environment.
This may not be the definitive explanation, as the title claims, however, I've heard enough good feedback and seen this document linked in enough places to know that quite a few people have found it to be useful. I am always looking for ways to improve things though, and if you find something that is not quite clear or needs more explanation, please let me know! Recent additions to this document include the examples of both active and passive command line FTP sessions. These session examples should help make things a bit clearer. They also provide a nice picture into what goes on behind the scenes during an FTP session. Now, on to the information...
The Basics
FTP is a TCP based service exclusively. There is no UDP component to FTP. FTP is an unusual service in that it utilizes two ports, a 'data' port and a 'command' port (also known as the control port). Traditionally these are port 21 for the command port and port 20 for the data port. The confusion begins however, when we find that depending on the mode, the data port is not always on port 20.
Active FTP
In active mode FTP the client connects from a random unprivileged port (N > 1024) to the FTP server's command port, port 21. Then, the client starts listening to port N+1 and sends the FTP command PORT N+1 to the FTP server. The server will then connect back to the client's specified data port from its local data port, which is port 20.
From the server-side firewall's standpoint, to support active mode FTP the following communication channels need to be opened:
FTP server's port 21 from anywhere (Client initiates connection)
FTP server's port 21 to ports > 1024 (Server responds to client's control port)
FTP server's port 20 to ports > 1024 (Server initiates data connection to client's data port)
FTP server's port 20 from ports > 1024 (Client sends ACKs to server's data port)
In step 1, the client's command port contacts the server's command port and sends the command PORT 1027. The server then sends an ACK back to the client's command port in step 2. In step 3 the server initiates a connection on its local data port to the data port the client specified earlier. Finally, the client sends an ACK back as shown in step 4.
The main problem with active mode FTP actually falls on the client side. The FTP client doesn't make the actual connection to the data port of the server--it simply tells the server what port it is listening on and the server connects back to the specified port on the client. From the client side firewall this appears to be an outside system initiating a connection to an internal client--something that is usually blocked.
Active FTP Example
Below is an actual example of an active FTP session. The only things that have been changed are the server names, IP addresses, and user names. In this example an FTP session is initiated from testbox1.slacksite.com (192.168.150.80), a linux box running the standard FTP command line client, to testbox2.slacksite.com (192.168.150.90), a linux box running ProFTPd 1.2.2RC2. The debugging (-d) flag is used with the FTP client to show what is going on behind the scenes. Everything in red is the debugging output which shows the actual FTP commands being sent to the server and the responses generated from those commands. Normal server output is shown in black, and user input is in bold.
There are a few interesting things to consider about this dialog. Notice that when the PORT command is issued, it specifies a port on the client (192.168.150.80) system, rather than the server. We will see the opposite behavior when we use passive FTP. While we are on the subject, a quick note about the format of the PORT command. As you can see in the example below it is formatted as a series of six numbers separated by commas. The first four octets are the IP address while the second two octets comprise the port that will be used for the data connection. To find the actual port multiply the fifth octet by 256 and then add the sixth octet to the total. Thus in the example below the port number is ( (14*256) + 178), or 3762. A quick check with netstat should confirm this information.
testbox1: {/home/p-t/slacker/public_html} % ftp -d testbox2
Connected to testbox2.slacksite.com.
220 testbox2.slacksite.com FTP server ready.
Name (testbox2:slacker): slacker
---> USER slacker
331 Password required for slacker.
Password: TmpPass
---> PASS XXXX
230 User slacker logged in.
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
ftp: setsockopt (ignored): Permission denied
---> PORT 192,168,150,80,14,178
200 PORT command successful.
---> LIST
150 Opening ASCII mode data connection for file list.
drwx------ 3 slacker users 104 Jul 27 01:45 public_html
226 Transfer complete.
ftp> quit
---> QUIT
221 Goodbye.
Passive FTP
In order to resolve the issue of the server initiating the connection to the client a different method for FTP connections was developed. This was known as passive mode, or PASV, after the command used by the client to tell the server it is in passive mode.
In passive mode FTP the client initiates both connections to the server, solving the problem of firewalls filtering the incoming data port connection to the client from the server. When opening an FTP connection, the client opens two random unprivileged ports locally (N > 1024 and N+1). The first port contacts the server on port 21, but instead of then issuing a PORT command and allowing the server to connect back to its data port, the client will issue the PASV command. The result of this is that the server then opens a random unprivileged port (P > 1024) and sends the PORT P command back to the client. The client then initiates the connection from port N+1 to port P on the server to transfer data.
From the server-side firewall's standpoint, to support passive mode FTP the following communication channels need to be opened:
FTP server's port 21 from anywhere (Client initiates connection)
FTP server's port 21 to ports > 1024 (Server responds to client's control port)
FTP server's ports > 1024 from anywhere (Client initiates data connection to random port specified by server)
FTP server's ports > 1024 to remote ports > 1024 (Server sends ACKs (and data) to client's data port)
In step 1, the client contacts the server on the command port and issues the PASV command. The server then replies in step 2 with PORT 2024, telling the client which port it is listening to for the data connection. In step 3 the client then initiates the data connection from its data port to the specified server data port. Finally, the server sends back an ACK in step 4 to the client's data port.
While passive mode FTP solves many of the problems from the client side, it opens up a whole range of problems on the server side. The biggest issue is the need to allow any remote connection to high numbered ports on the server. Fortunately, many FTP daemons, including the popular WU-FTPD allow the administrator to specify a range of ports which the FTP server will use. See Appendix 1 for more information.
The second issue involves supporting and troubleshooting clients which do (or do not) support passive mode. As an example, the command line FTP utility provided with Solaris does not support passive mode, necessitating a third-party FTP client, such as ncftp.
With the massive popularity of the World Wide Web, many people prefer to use their web browser as an FTP client. Most browsers only support passive mode when accessing ftp:// URLs. This can either be good or bad depending on what the servers and firewalls are configured to support.
Passive FTP Example
Below is an actual example of a passive FTP session. The only things that have been changed are the server names, IP addresses, and user names. In this example an FTP session is initiated from testbox1.slacksite.com (192.168.150.80), a linux box running the standard FTP command line client, to testbox2.slacksite.com (192.168.150.90), a linux box running ProFTPd 1.2.2RC2. The debugging (-d) flag is used with the FTP client to show what is going on behind the scenes. Everything in red is the debugging output which shows the actual FTP commands being sent to the server and the responses generated from those commands. Normal server output is shown in black, and user input is in bold.
Notice the difference in the PORT command in this example as opposed to the active FTP example. Here, we see a port being opened on the server (192.168.150.90) system, rather than the client. See the discussion about the format of the PORT command above, in the Active FTP Example section.
testbox1: {/home/p-t/slacker/public_html} % ftp -d testbox2
Connected to testbox2.slacksite.com.
220 testbox2.slacksite.com FTP server ready.
Name (testbox2:slacker): slacker
---> USER slacker
331 Password required for slacker.
Password: TmpPass
---> PASS XXXX
230 User slacker logged in.
---> SYST
215 UNIX Type: L8
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> passive
Passive mode on.
ftp> ls
ftp: setsockopt (ignored): Permission denied
---> PASV
227 Entering Passive Mode (192,168,150,90,195,149).
---> LIST
150 Opening ASCII mode data connection for file list
drwx------ 3 slacker users 104 Jul 27 01:45 public_html
226 Transfer complete.
ftp> quit
---> QUIT
221 Goodbye.
Summary
The following chart should help admins remember how each FTP mode works:
Active FTP :
command : client >1024 -> server 21
data : client >1024 <- server 20
Passive FTP :
command : client >1024 -> server 21
data : client >1024 -> server >1024
A quick summary of the pros and cons of active vs. passive FTP is also in order:
Active FTP is beneficial to the FTP server admin, but detrimental to the client side admin. The FTP server attempts to make connections to random high ports on the client, which would almost certainly be blocked by a firewall on the client side. Passive FTP is beneficial to the client, but detrimental to the FTP server admin. The client will make both connections to the server, but one of them will be to a random high port, which would almost certainly be blocked by a firewall on the server side.
Luckily, there is somewhat of a compromise. Since admins running FTP servers will need to make their servers accessible to the greatest number of clients, they will almost certainly need to support passive FTP. The exposure of high level ports on the server can be minimized by specifying a limited port range for the FTP server to use. Thus, everything except for this range of ports can be firewalled on the server side. While this doesn't eliminate all risk to the server, it decreases it tremendously.
Senin, 24 November 2008
Hide Drives and Partitions
Hide Drives and Partitions
Do you have data on a partition or hard drive that you don't want tampered with or easily accessible to other users? Well, you can hide any drive/partition in Windows XP, NT, and 2000. That means that they won't show up in Explorer or My Computer.
If you want access to that drive from your user account you should create a desktop shortcut before proceeding. Once hidden, you can still access by typing the drive letter and a colon in Start/Run—for example, "D:" will bring up a folder of the contents on your D drive.
The easiest way with Win XP is to use the TweakUI power toy from Mcft. Go to Start/Run and type in "tweakui" (without the quotes).
Go to My Computer/Drives and uncheck the drive/partition(s) you want hidden. Click "Apply" or "OK" when finished.
If you have XP but not Tweak UI you can download it here...
http://www.Mcft.com/windowsxp/downloads/powertoys/xppowertoys.mspx
For Win NT, 2000, and XP you can use the following Registry edit:
*Be sure to back up the Registry before proceeding
http://www.worldstart.com/tips/tips.php/401
Open the Registry Editor by going to Start/Run and typing in "regedit" (without the quotes). Find your way to...
HKEY_CURRENT_USER\Software\Mcft\Windows\CurrentVersion\Policies
Click on "Explorer".
Double-click the "NoDrives" key in the right column. If you don't find a "NoDrives" registry key, just right-click in the right pane and choose "New/DWORD Value" then name the key "NoDrives".
You'll see a value like "0000 00 00 00 00". This is where the fun starts. The four sets of double zeros (after the "0000") are where you'll enter the values for the drive/partitions. Now, stay with me on this—it's not as complicated as it sounds:
The first column is for drives A-H, the second for I-P, the third for Q-X, and the fourth for Y-Z.
The values for each drive are as follows:
1 - A I Q Y
2 - B J R Z
4 - C K S
8 - D L T
16 - E M U
32 - F N V
64 - G O W
80 - H P X
So, let's say you want to hide drive D. In the first column you would put "08". For drive K you would put "04" in the second column.
But what if you want to hide more than one drive in a column? Simply add the values together: D+E = 8+16 = 24. So in the first column you would put "24".
Still baffled? If you have XP then go get TweakUI and save yourself the math.
Whichever method you use, you can rest easy knowing that the files on that drive or partition are less accessible to other users.
Do you have data on a partition or hard drive that you don't want tampered with or easily accessible to other users? Well, you can hide any drive/partition in Windows XP, NT, and 2000. That means that they won't show up in Explorer or My Computer.
If you want access to that drive from your user account you should create a desktop shortcut before proceeding. Once hidden, you can still access by typing the drive letter and a colon in Start/Run—for example, "D:" will bring up a folder of the contents on your D drive.
The easiest way with Win XP is to use the TweakUI power toy from Mcft. Go to Start/Run and type in "tweakui" (without the quotes).
Go to My Computer/Drives and uncheck the drive/partition(s) you want hidden. Click "Apply" or "OK" when finished.
If you have XP but not Tweak UI you can download it here...
http://www.Mcft.com/windowsxp/downloads/powertoys/xppowertoys.mspx
For Win NT, 2000, and XP you can use the following Registry edit:
*Be sure to back up the Registry before proceeding
http://www.worldstart.com/tips/tips.php/401
Open the Registry Editor by going to Start/Run and typing in "regedit" (without the quotes). Find your way to...
HKEY_CURRENT_USER\Software\Mcft\Windows\CurrentVersion\Policies
Click on "Explorer".
Double-click the "NoDrives" key in the right column. If you don't find a "NoDrives" registry key, just right-click in the right pane and choose "New/DWORD Value" then name the key "NoDrives".
You'll see a value like "0000 00 00 00 00". This is where the fun starts. The four sets of double zeros (after the "0000") are where you'll enter the values for the drive/partitions. Now, stay with me on this—it's not as complicated as it sounds:
The first column is for drives A-H, the second for I-P, the third for Q-X, and the fourth for Y-Z.
The values for each drive are as follows:
1 - A I Q Y
2 - B J R Z
4 - C K S
8 - D L T
16 - E M U
32 - F N V
64 - G O W
80 - H P X
So, let's say you want to hide drive D. In the first column you would put "08". For drive K you would put "04" in the second column.
But what if you want to hide more than one drive in a column? Simply add the values together: D+E = 8+16 = 24. So in the first column you would put "24".
Still baffled? If you have XP then go get TweakUI and save yourself the math.
Whichever method you use, you can rest easy knowing that the files on that drive or partition are less accessible to other users.
Minggu, 23 November 2008
How to Rename File Extensions
| A lot of people here may ask how to rename a file extension in windows; well it's very simple and takes little of your time. There are two ways to rename a file extension 'without' a stupid program. Number 1, Folder Options: Go into your Control Panel, in my case I use Windows XP so I would press [Start then Control Panel]. Now that you figured out how to get in Control Panel open "Folder Options" and click the view tab and make sure 'Hide file extensions for know files' is not selected, then press Ok. Now go into a folder and notice you can see your files extensions, rename them to whatever you'd like, for instance: Code: Dildos.exe to Dildos.Anonymous / Etc,Etc,Etc Number 2, MS-DOS: The difference between renaming files in DOS is that you can rename multiple files rather then one at a time, therefore making time gracious. Here I'll provide you a few examples. Go to your start menu and open run, then type "cmd" without parenthesis. Ok you're in MS-DOS right? Geesh common man I know a 5 year old that can do it. Ok good your in? Excellent… Ok now find out which directory has your files and type: Example Cd C:\Files\ In your case "C:\Files\" may not exist, so type in the directory that your have you files in. If everything goes will dos will look kinda like this: Code: Microsoft Windows XP [Version 5.1.2600] (C) Copyright 1985-2001 Microsoft Corp. C:\Documents and Settings\User>cd C:\Files\ If all fails, you perhaps didn't type in the correct folder/name and it will look like this: Code: C:\Documents and Settings\User> >cd C:\Filse\ The system cannot find the path specified. Did you get in the directory yet????? If not I recommend you stick with the first step and hang yourself. Oh your in? OK COOL, type: dir and you will be provided with what files are in your folder, including their extensions. In my case: Code: C:\Files>dir Volume in drive C has no dildo. Volume Serial Number is CXXX-XXXX Directory of C:\Files 02/01/2005 07:22 PM <DIR> . 02/01/2005 07:22 PM <DIR> .. 01/31/2005 06:40 PM 14,336 stf.bmp 01/31/2005 06:40 PM 14,336 stf02.bmp 2 File(S) 28,672 bytes 2 Dir(S) 39,024,766,976 bytes free C:\Files> Did you notice how I had two files named stf. Since both of these files have the same extension, *.bmp they can be renamed all together. If there are other files in there witht he same extension and you don't want to rename them, move them to another folder and / or directory. Last but not least, after listening to my horrific grammar type: Code: C:\Files>ren *.bmp *.rar And your results are: Code: C:\Files>dir Volume in drive C has no penis. Volume Serial Number is CXXX-XXXX Directory of C:\Files 02/01/2005 07:37 PM <DIR> . 02/01/2005 07:37 PM <DIR> .. 01/31/2005 06:40 PM 14,336 stf.rar 01/31/2005 06:40 PM 14,336 stf02.rar 2 File(S) 28,672 bytes 2 Dir(S) 39,024,676,864 bytes free C:\Files>] | ||
| |
HOW TO GET ANY WINDOWS PASSWORD
| Ok..... Here are the full details..... This works whether its windows 2000 or windows xp or windows xp SP1 or SP2 or windows server 2003.... This works even if syskey encryption is employed... If it is FAT filesystem... Just copy the Sam file like stated in the first post to an empty floppy disk and take it home. I'll tell U what to do with it later... DON'T DELETE THE ORIGINAL SAM FILE. Just remove its attributes. The Sam file is a file called SAM with no extension. YOU MUST ALSO GET.... A file called SYSTEM which is in the same folder as SAM. Both files have no extensions... If it is NTFS.... U have to download a program called NTFSPro.... It allows U to read from ntfs drives... The demo version allows read only. The full version is read-write.... You use the program to create an unbootable disk (so U will still need another bootable disk and an empty disk) that has the required files to access NTFS. Use the boot disk to get into dos, then use the disks created with ntfspro to be able to access the filesystem, then copy the SAM and SYSTEM files to another empty disk to take home.... AT HOME: U have to get a program called SAMInside. It doesn't matter if it is demo version. SAMInside will open the SAM file and extract all the user account information and their passwords, including administrator. SAMInside will ask for the SYSTEM file too if the computer you took the SAM file from has syskey enabled. Syskey encrypts the SAM file. SAMInside uses SYSTEM file to decrypt the SAM file. After SAMInside finishes, U still see user accounts and hashes beside them. The hashes are the encoded passwords. Use SAMInside to export the accounts and their hashes as a pwdump file into another program, called LophtCrack. It is currently in version 5, it is named LC5. The previous version, LC4 is just as good. U need the full or cracked version of the program. LC5 uses a brute force method by trying all possible combinations of letters numbers, and unprintable characters to find the correct password from the hashes in the pwdump file imported into it from SAMInside. This process of trying all passwords might take 5 minutes if the password is easy, up to a year if the password is long and hard (really really hard). LC5 howver, unlike LC4, is almost 100 times faster. Both can be configured to try dictionary and common words before using all possible combinations of everything. Once the correct password is found, it will display the passwords in clear beside each account, including administrator. I use this method so many times. I've compromised the whole school computer infrastructure. LC4 usually took between 1 second and 10 minutes to find the passwords because they were common words found in any English dictionary. I haven't used LC5 yet. If there is anything unclear, anything I overlooked, plz tell me so that I can turn this into a very easy to follow tutorial to help anybody crack any windowz pass. Programs needed: SAMInside (doesn't matter which version or if demo) LC4 or LC5 (lophtcrack)( must be full version) NTFSPro (doesn't matter if demo) Any bootdisk maker Cracked or full version software can be found on any warez site. If U don"t know what that is or where to get the programs, post a message and I'll tell U or give them to U. P.S: I might not keep track of this forum, because I'm going to create a new topic and post tutorial there. If U want to post, plz post there. | ||
| |
Rabu, 19 November 2008
Pecinta sepertiga malam
| Pecinta sepertiga malam Surat Cinta Dari Manusia-Manusia Yang Malamnya Penuh Cinta Wahai orang-orang yang terpejam matanya, perkenankanlah kami Manusia-manusia malam menuliskan sebuah surat cinta kepadamu. Seperti Halnya cinta kami pada waktu malam-malam yang kami rajut di sepertiga Terakhir. Atau seperti cinta kami pada keagungan Dan rahasiaNya yang Penuh pesona. Kami tahu dirimu bersusah payah lepas tengah Hari Berharap intan Dan mutiara dunia. Namun kami tak perlu bersusah payah. Sebab malam-malam kami berhiaskan intan Dan mutiara dari surga. Wahai orang-orang yang terlelap, sungguh nikmat malam-malammu, Gelapnya yang pekat membuat matamu tak mampu melihat energi cahaya Yang tersembunyi di baliknya. Sunyi senyapnya membuat dirimu hanyut Tak menghiraukan seruan cinta. Dinginnya yang merasuk semakin membuat Dirimu terlena, menikmati tidurmu diatas pembaringan yang empuk, Bermesraan dengan bantal Dan gulingmu, bergeliat manja di balik Selimutmu yang demikian hangatnya. Wahai orang-orang yang terlena, ketahuilah, kami tidak seperti dirimu! Yang setiap malam terpejam matanya, yang terlelap pulas tak terkira. Atau yang terlena oleh suasananya yang begitu menggoda. Kami tidak Sepeti dirimu!! Kami adalah para perindu kamar di surga. Tak pernahkah Kau dengar Sang Insan Kamil, Rasulullah SAW bersabda: "sesungguhnya di Surga itu Ada kamar yang sisi luarnya terlihat dari dalam Dan sisi Dalamnya terlihat dari luar. Disediakan untuk mereka yang memberi Makan orang-orang yang memerlukan, menyebarkan salam serta mendirikan Sholat pada saat manusia terlelap dalam tidur malam." itulah sebuah Kamar yang menakjubkan bagi kami Dan orang-orang yang mendirikan Sholat pada saat manusia-manusia yang lain tertutup Mata Dan hatinya. Wahai orang-orang yang keluarganya hampa cinta, kau pasti pernah Mendengar namaku disebut. Aku Abu Khurairah , Periwayat Hadits. Kerinduanku akan sepertiga malam adalah hal yang tidak terperi. Penghujung malam adalah kenikmatanku terbesar. Tapi tahukah kau? Kenikmatan itu tidak serat merta kukecap sendiri, Ku bagi Malam-malamku yang penuh syahdu itu menjadi tiga. Satu untukku, satu Untuk istriku tercinta Dan satu lagi untuk pelayan yang aku kasihi. Jika salah satu dari kami telah selesai mendirikan sholat, maka kami Bersegera membangunkan yang lain untuk menikmati bagiannya. Subhanallah, tak tergerakkah dirimu? Pedulikah kau pada keluargamu? Adakah kebaikan yang kau inginkan dari mereka? Sekedar untuk Membangunkan orang-orang yang paling dekat denganmu, keluargamu? Lain lagi dengan aku, Nuruddin Mahmud Zanki. Sejarah mencatatku Sebagai sang Penakluk Kesombongan pasukan salib, suatu kali seorang Ulama tersohor Ibnu Katsir mengomentari diriku, katanya, "Nuruddin itu Kecanduan sholat malam, banyak berpuasa Dan berjihad dengan akidah Yang benar. "Kemenangan demi kemenangan aku raih bersama pasukanku. Bahkan pasukan musuh itu terlibat dalam sebuah perbincangan seru. Kata Mereka, "Nuruddin Mahmud Zanki menang bukan karena pasukannya yang Banyak. Tetapi lebih karena dia mempunyai rahasia bersama Tuhan". Aku Tersenyum, mereka memang benar, kemenangan yang kuraih adalah karena Do'a Dan sholat-sholat malamku yang penuh kekhusyu'an. Tahukah kau Dengan orang yang selalu setia mendampingiku? Dialah Istriku tercinta, Khotum binti Atabik. Dia adalah istri sholehah di mataku, terlebih di Mata Allah, malam-malam kami adalah malam penuh kemesraan dalam Bingkai Tuhan. Gemersikan dedaunan Dan desahan angin seakan menjadi pernak-pernik Kami saat mendung di Mata kami jatuh berderai dalam sujud kami yang Panjang. Kuceritakan padamu suatu Hari Ada kejadian yang membuat Belahan jiwaku itu tampak murung. Kutanyakan padanya apa gerangan yang Membuatnya resah. Ya Allah, ternyata dia tertidur, tidak bangun pada Malam itu, sehingga kehilangan kesempatan untuk beribadah. Astaghfirullah, aku menyesal telah membuat dia kecewa. Segera setelah Peristiwa itu kubayar saja penyesalanku dengan mengangkat seorang Pegawai khusus untuknya, pegawai yang kuperintahkan untuk menabuh Genderang agar kami terbangun di sepertiga malamnya. Wahai orang-orang yang terbuai, kau pasti mengenalku dalam kisah Pembebasan Al-Aqso, rumah Allah yang diberkati. Akulah pengukir tinta Emas itu, seorang Panglima Perang, sholahuddin Al-Ayyubi, orang-orang Yang hidup di zamanku mengenalku tak lebih dari seorang panglima yang Selalu menjaga sholat berjamaah. Kesenanganku adalah mendengarkan Bacaan Al-Quran yang indah Dan syahdu. Malam-malamku adalah saat yang Paling kutunggu. Saat-saat dimana aku bercengkerama dengan Tuhanku, Sedangkan siang hariku adalah perjuangan-perjuang an nyata. Wahai orang-orang yang masih terlelap, Pernahkah kau mendengar Penaklukan Konstantinopel? Akulah orang di balik penaklukan itu, Sultan Muhammad Al Fatih. Aku sangat lihai dalam memimpin bala Tentaraku, namun tahukah kau bahwa sehari sebelum penaklukan itu, aku Telah memerintahkan kepada para pasukanku untuk berpuasa pada siang Hari Dan pada saat malam tiba kami melaksanakan sholat malam Dan Munajat penuh pertolongan padaNya, jika Allah memberikan kematian Kepada kami pada siang Hari di saat kami berjuang, maka kesyahidan, Itulah harapan kami terbesar. Biarlah siang Hari kami berada di ujung Kematian, namun sebelum itu di ujung malamnya Allah temukan kami Berada dalam kehidupan, kehidupan dengan menghidupkan malam kami. Wahai orang-orang yang tergoda, begitu kuatkah syetan mengikat tengkuk Lehermu saat kau tidur? Ya sangat kuat, tiga ikatan kuat di tengkuk lehermu, dia lalu menepuk setiap ikatan sambil berkata "Hai manusia sadarlah, engkau masih punya malam panjang, maka tidurlah!!" "Hei sadarlah, sadarlah jangan kau dengarkan dia, itu tipu muslihatnya, syetan itu berbohong kepadamu, maka bangunlah! bangkitlah kerahkan kekutaanmu untuk menangkal godaannya. Sebutlah nama Allah, maka akan lepas ikatan yang pertama, kemudian berwudhulah maka akan lepas ikatan yang kedua, dan terakhir sholatlah, sholat seperti kami maka akan lepaslah semua ikatan-ikatan itu. Wahai orang-orang yang masih terlena, masihkah kau menikmati malam-malammu dengan kepulasan? masihkah? adakah tergerak hatimu untuk bangkit, bersegera mendekat kepadaNya, memohon ampunanNya walaupun hanya dengan dua rakaat? tidakkah kau tahu, bahwa Dia berkata. "Akulah Raja, Akulah Raja, siapa yang memohon kepada-Ku akan Kukabulkan, siapa yang memohon ampun kepada-Ku akan Ku ampuni," Dia terus berkata demikian hingga fajar merekah. Wahai orang-orang yang terbujuk rayu dunia, bagi kami manusia-manusia malam, dunia ini sungguh tak ada artinya. Malamlah yang memberi kami kehidupan sesungguhnya, sebab malam bagi kami adalah malam-malam yang penuh cinta, sarat makna. Masihkah kau terlelap? Apakah kau menginginkan kehidupan sesungguhnya? maka ikutilah jejak kami, manusia-manusia malam, kelak kau akan temukan cahaya di sana, di waktu sepertiga malam. Namun jika kau masih ingin terlelap, nikmatilah tidurmu diatas pembaringan yang empuk, bermesraan dengan bantal gulingmu, bergeliat manja di balik selimutmu yang demikian hangatnya, maka surat cinta kami ini sungguh tak berarti apa-apa bagimu. Semoga Allah mempertemukan kita di sana, di surgaNya, mendapati dirimu dan diri kami dalam kamar-kamar yang sisi luarnya terlihat dari dalam dan sisi dalamnya terlihat dari luar. Amin........ . | ||
| |
Langganan:
Postingan (Atom)