Do not use, republish, in whole or in part, without the consent of the Author. TheTAZZone policy is that Authors retain the rights to the work they submit and/or post…we do not sell, publish, transmit, or have the right to give permission for such…TheTAZZone merely retains the right to use, retain, and publish submitted work within it’s Network

Code: Select all

This is the original work of Valhallen, whom has allowed The TAZ to host his work on our site.
Please find the original here:
http://www.antionline.com/showthread.php?s=&threadid=246123

OK this is tutorial is written by me but has been adapted from script taken from ActionScript for Flash MX (book) by Friends of ED

Ok basically what I am going to show you is a way of creating a dragable movieclip in Flash MX that in conjuction with flash’s ability to record collisions can be used to create a help function type tooltip

Now yes I know it could be done using the on(Rollover) function as well but this is just to show a different way and also to give some people a taste of dragable movieclips (mc) and detecting collisions….

Ok first of all lets set up the movie

Open a new flash document and create 2 layers named Graphics & Actions

Ok the graphics layer is going to hold your dragable movieclip and the buttons and the top layer is going to be just for your actions.

Now your going to need two mc’s in your graphics area one will be your Hit area and the other your dragable mc

give your hitarea the instance name hitarea
and your dragable mc the instance name Ques01

The hit area mc can contain whatever you want – in the example .fla is just text but you can place a button anything in it

The Ques01 must have a dynamic text field in it to display your tooltip

ok now lets add your code to the top layer

tooltip = function () {
this.onPress = function() {
this.startDrag(”");
this.onMouseMove = function() {
updateAfterEvent();
};
};
this.onRelease = function() {
this.stopDrag();
this.onMouseMove = undefined;
[color=green]};
this.onReleaseOutside = function() {
this.stopDrag(); };
this.onEnterFrame = function() {
this.coll = “”;
if (this.hitTest(”_root.hitarea”)) {
this.coll = “links”;[/color]
}
};
};
tooltip.apply(ques01);

ok the blue part of the code defines a new function called tooltip
the red sets up the dragable mc
the Green tells it to display the text links whenever a collision is detected over the hitarea
& the purple area of the code tells it to apply the rules set out in the function tooltip to the mc called Ques01

test your movie when you click and drag the mc Ques01 over the hit area it should display the text links

ok I know I aint gone into it into too much depth but it should be enough to get you started if you want to add multiple hit areas then you need to alter your code slightly

Code: Select all

if (this.hitTest("_root.hitarea")) {
this.coll = "links";
}

just alter this code and place it after the original for example if we had 3 hit areas labeled hitarea, hitarea2 & hitarea3 then our code would be…..

Code: Select all

if (this.hitTest("_root.hitarea")) {
this.coll = "links";
}
if (this.hitTest("_root.hitarea2")) {
this.coll = "links 2";
}
if (this.hitTest("_root.hitarea3")) {
this.coll = "links 3";
}

the _root tells flash that the mc it is looking for is on the main time line – if your movie clip was inside another which was on the main timeline the code would look something like _root.firstclip.yourclip

thanks

v_Ln

Do not use, republish, in whole or in part, without the consent of the Author. TheTAZZone policy is that Authors retain the rights to the work they submit and/or post…we do not sell, publish, transmit, or have the right to give permission for such…TheTAZZone merely retains the right to use, retain, and publish submitted work within it’s Network

Code: Select all

With kind permission from Valhallen we are glad to be able to host this tutorial of his on The TAZ.


Ok this tut will use the old Flash 5 way of coding (may work in earlier versions to tho not sure) simply for the fact I taught myself in Flash 5 and have still not completly transfered to Flash MX coding

Ok basically what this will allow you to do is have a cross hair follow the mouse around the screen – in the example I have used it to find locations on a map but really is just to show you a little of how to use flash’s ability to move movieclips (mc) depending on mouse postion.

In the example you can see there are 5 main elements

Crosshair

Vertical bar

Horiz bar

Map

I know I said 5 and there are only 4 there but the crosshair is actiualy made of tewo parts the inner circle and the lines.

ok lets set up our movie -
your gonna need 8 layers :::

Map

Border

Horiz bar

Vert bar

circle

lines

Buttons

actions

ok the first 2 are self explanitary as is the two bars (just make sure they are long enough) also as we will be applying actionscript to the bars please make sure they are movieclips

the circle and lines mc’s will contain the animation for when you mouse over an active area

the first frame in each mc should be when it is at rest make sure to also add a

Code: Select all

stop();

function on the first frame
now animate it when you rollover and rollout making sure to add another stop at the end of the rollover animation (not following me – take a look at the .fla while reading this tutorial for a better idea)

ok once you have your mc made add them to the main timeline on the correct layers (by giving everything its own labeled layer and mc now it makes editing one element at a later time alot easier and is good practice for when you try more advanced flash projects)

right now we got to add our buttons – i drew roughly round the different areas on the map but if you want (and are better at geography than me) you could add lil dots for actual places etc

once you have your buttons made set their alpha to 0 (unless you want them to be seen)

ok time to add our code :::

click once on the horiz bar mc and add this code

Code: Select all

onClipEvent (enterFrame) {
_y += (_parent._ymouse-_y);
}

This tells flash to move the mc along with the mouse along the Y axis

ok now the vert bar :::

Code: Select all

onClipEvent (enterFrame) {
_x += (_parent._xmouse-_x);

}

exactly same thing but now is getting postion along X axis

ok adding the code to our circle and lines mc is just the same except we need it to get both the X & Y postions – the code for both movies is the same

Code: Select all

onClipEvent (enterFrame) {
_x += (_parent._xmouse-_x);
_y += (_parent._ymouse-_y);
}

dont forget to give your mc’s instance names (i just used circle & lines) as we will be refering to them in our code a little later

now we have got to tell the flash movie what to do when you move over one of our buttons

the code is the same for all the buttons :::

Code: Select all

on(rollover){
_root.circle.gotoAndPlay(2);
_root.lines.gotoAndPlay(2);
}
on(rollout){
_root.circle.gotoAndPlay(6);
_root.lines.gotoAndPlay(8);
}

now the frame numbers are just waht i used in my .fla and these will need to be changed depending upon the set up og your own mc’s

a quick break down of the code :::

on(rollout){ – tells flash to perform the following function when the mouse is placed over the button

_root.circle.gotoAndPlay(6); – this means that flash is to look for the mc (instance) name circle and go to the 6 frame and play

simple

***Flash Mx only***
I’m not sure as I have not tested but if you wanted to code it in flash MX i think instead of placing the rollover & rollout code on each button you could use

Code: Select all

display = function () {

and then define the function before using

Code: Select all

display.apply(button);

to attach the function to each button?

****End of Flash MX only****

Ok if you test it now you should see that the horiz line, vert line and both mc’s follow the cursor but lets get rid of the cursour as well

in your actions layer place the following code

Code: Select all

Mouse.hide();
stop();

so there you go thats it now there are other things that could be done with this – add a mc at the bottom to display different flags depending what country you are over etc – it could even be used as the basis of a lash shooting game!!

v_Ln

Do not use, republish, in whole or in part, without the consent of the Author. TheTAZZone policy is that Authors retain the rights to the work they submit and/or post…we do not sell, publish, transmit, or have the right to give permission for such…TheTAZZone merely retains the right to use, retain, and publish submitted work within it’s Network

[code]Valhallen had very kindly allowed us to host his tutorial on The TAZ.

Enjoy!
[/code]

Ok now this is not the easiest way of doing this in Flash Mx but it does use the new switch function so thought would let everyone see it
original tut is at -> [url]http://www.actionscript.org/tutoria…ime/index.shtml[/url]

thought I would rewrite it to make it a bit easier to understand and also add some extra functionality to it……

ok so lets start your new movie ::::

first create a new movieclip called date_mc – this will hold your actual display so in it create a dynamic text box called date_txt

set the proporties (text font/color etc) and then name it as date_txt – this is done in the proporties menu were it says var

ok now still in your date_mc create a new keyframe on frame 2 – change the date_txt’s name in this frame (not first one) to date_txt2

ok now drag an instance of this movieclip onto the main timeline – give it an instance name of date_mc

ok almost done now just to make our button – create a new layer above the one holding date_mc and use the fill rectangle tool to draw a large rectangle covering your date_mc – set line to off and pick any color you wish – doesn’t matter wont be seen.

Now select the rectangle and convert it to a button (press F8 in windows) called date_btn – now set its instance name to the same (date_btn) and then change its alpha (in proporties menu) to 0% so is invisible

ok now for the code ::::

in the date_mc movieclip insert a stop action on frame 1 like so

[code]stop(); [/code]

and then on your main timeline create a new layer called actions and insert this code :::

code:——————————————————————————–[code]function howlong(arg) {
if (length(arg)==1) {
arg = "0" + arg;
return arg;
}
else {
arg = arg;
return arg;
}
}
myDate = new Date();

hr = howlong(String(myDate.getHours()));
mnt = howlong(String(myDate.getMinutes()));

daytext = myDate.getDay();
dd = myDate.getDate();
mm = myDate.getMonth();
yyyy = myDate.getFullYear();

switch (daytext) {
case 0: daytext = "Sunday";
break;
case 1: daytext = "Monday";
break;
case 2: daytext = "Tuesday";
break;
case 3: daytext = "Wednesday";
break;
case 4: daytext = "Thursday";
break
case 5: daytext = "Friday";
break;
case 6: daytext = "Saturday";
break
}

switch (mm) {
case 0: mm = "January";
break;
case 1: mm = "February";
break;
case 2: mm = "March";
break;
case 3: mm = "April";
break;
case 4: mm = "May";
break
case 5: mm = "June";
break;
case 6: mm = "July";
break
case 7: mm = "August";
break
case 8: mm = "September";
break
case 9: mm = "October";
break
case 10: mm = "November";
break
case 11: mm = "December";
break
}

_root.date_mc.date_txt = (hr + ":" + mnt)
_root.date_mc.date_txt2 = (daytext + "," + dd + " " + mm + " " + yyyy)

date_btn.onRollOver = function(){
_root.date_mc.gotoAndStop(2);
}
date_btn.onRollOut = function(){
_root.date_mc.gotoAndStop(1);
}
[/code]

ok the code is pretty much self explanitary – and is explained here -> [url]http://www.actionscript.org/tutoria…ime/index.shtml[/url]

but i will go over the changes i made ::: the last part

[code]_root.date_mc.date_txt = (hr + ":" + mnt)
_root.date_mc.date_txt2 = (daytext + "," + dd + " " + mm + " " + yyyy)

date_btn.onRollOver = function(){
_root.date_mc.gotoAndStop(2);
}
date_btn.onRollOut = function(){
_root.date_mc.gotoAndStop(1);
}
[/code]

as you can see the original tut just had a static display showing date/time – now i have altered it so that time is displayed until you mouseover and then it switches to date – this is easily done

the first 2 lines assign the values to the 2 different txt fields
then the button actions tell it which frame in date_mc to look at – now because the different txt fields are on different frames only one is visible either date/time

could also have been done using visible = false;

eg ::::

code:——————————————————————————–[code]date_btn.onRollOver = function(){
date_txt._visible = false;
date_txt2._visible = true;
}
[/code]

but i like to keep everything neatly in its own movieclips

v_Ln

Do not use, republish, in whole or in part, without the consent of the Author. TheTAZZone policy is that Authors retain the rights to the work they submit and/or post…we do not sell, publish, transmit, or have the right to give permission for such…TheTAZZone merely retains the right to use, retain, and publish submitted work within it’s Network

Code: Select all

This tutorial is written by Valhallen who has kindly allowed us to host it on the TAZ in the hope it may benifit members of our community!


I haven’t written anything for a while so I thought i’d do YET ANOTHER Flash Tutorial
In this tutorial I’ll describe how to make an old movie style effect like the one seen here in my web-site intro…am afraid however that due to a hosting problem the rest of the site is down atm but I hope to get it back up very soon
Anyways on with the tutorial

Create your flash movie

Insert a new layer above the rest used in your movie

Create a new movie clip and name it speckles

Create another new movie clip and call it dots

Ok now in the speckles movie clip draw well your speckles obviously – not too many as you don’t want your movie to look too crowded…..

Do the same for the dots movieclip

Now place both movieclips in your new layer outside of the movie….

Click on speckles and give it an instance name – I’ll just call it speckles again

Open the actions panel and insert this actionscript….

Code: Select all

onClipEvent(load){
if (this._name<>"speckles"){
this._x=random(600);
this._y=random(400);
deedee=random(100);
this._xscale=deedee;
this._yscale=deedee;
}
}

don’t forget to change the instance name in bold to whatever you have called it and the numbers in blue to the dimensions of your movie clip

now you need to create another new movieclip name it actions
this movieclip does not need anythign inside it as it will simply control our speckles action.

Place a copy of actions in the layer outside of the movie same as you have done for speckles and open the actions panel
insert this actionscript

code:——————————————————————————–

Code: Select all

onClipEvent(enterFrame){
for (l=0; l<=2; l++)
{
_root.speckles.duplicateMovieClip( "speckles"+l, l+1);
}
if (l=2){
l=0;
}
}


remember once again to change the name in bold

Now just do the same for the dots movie clip

You will need a new action movieclip as well tho

!! Remember to change the instance letter in the actionscript !!

the instance letter is in blue and needs to be different for each movieclip!

Also by changing the number in green you can alter the number of copies of the movieclip that appear on screen at any one time.

well hope somebody found this of use =^_^=

v_Ln

Do not use, republish, in whole or in part, without the consent of the Author. TheTAZZone policy is that Authors retain the rights to the work they submit and/or post…we do not sell, publish, transmit, or have the right to give permission for such…TheTAZZone merely retains the right to use, retain, and publish submitted work within it’s Network

I wrote the following tutorial on Google Adwords strategy for a customer (https://home.mods4.net), and decided to cross post it here, as it may be useful for any budding intrepreneurs out there. You can change the figures/keywords shown here to suit your actual project and budjet, but the thoery remains constant…

Introduction

For each site I wish to promote I create 2 adword campaigns – one called whatever_hi and another called whatever_lo.

The _lo campaign contains very specific keywords (eg “Renault Clio Modification”) that are very low in terms of cost per click (CPC) but also have less predicted traffic. The _hi adverts contain more generic keywords (eg “Car Parts”) that have a much higher CPC but are more commonly typed into Google (so more traffic).

_lo Ads

The very specific keywords in the _lo campaigns should always generate an advert to us. They represent the best chance of a sale because the browser is searching for EXACTLY what we provide. To ensure that this is the case I set the budjet for _lo campaigns artificially high, at £100/day, so that we never lose potential sales on these keywords.

However, Google estimates that the _lo campaigns are likley to generate less than £10 of (well qualified) clicks per day, so even if there were 10 times the normal daily rate of searches on these keywords we would still capture all of them.

_hi Ads

The _hi campaigns contain common (fiercly competitive, which increases the CPC) keywords. These keyords generate a lot of traffic, but require a lot more clicks/actual sale. This is because hundreds of people may type just “subaru” into Google before there is one who both owns the car and who is looking to modify it.

That said, we still need to advertise to people who just type “Subaru” into Google, because any of these searches may be from a potential customer, but from a return on investment (ROI) perspective the larger the proportion of our budjet that can be spent on the _lo ads the better.

Budjet Considerations

So we pay for our _lo ads first, and then we buy as many _hi ads as we can afford from whats left of our budjet afterwards. There will therefore be a continual tweaking process (especially to start) to make sure that we are within our budjet.

If we exceed budjet on a given day we can reduce the _hi budjets for the following day as neccecary. When the daily budjet of a _hi ad is reached Google simply stops showing it till the next day.

[The customer] has suggested a £200/day budjet, so I have also set £100 each on each live _hi ad (Home and Subaru). We will ammend this figure as we see how much we are spending on their respective _lo ads.

Do not use, republish, in whole or in part, without the consent of the Author. TheTAZZone policy is that Authors retain the rights to the work they submit and/or post…we do not sell, publish, transmit, or have the right to give permission for such…TheTAZZone merely retains the right to use, retain, and publish submitted work within it’s Network

Do not use, republish, in whole or in part, without the consent of the Author. TheTAZZone policy is that Authors retain the rights to the work they submit and/or post…we do not sell, publish, transmit, or have the right to give permission for such…TheTAZZone merely retains the right to use, retain, and publish submitted work within it’s Network

[code]Soda_Popinsky has very kindly allowed this tutorial of his to be hosted on the TAZ.
[/code]

[u][b]Ad Blocking without Third Party Software[/b][/u]

Summary:

Hardening IE to prevent users from downloading malicious material from untrusted sites, while blocking pop ups and ads as well.

What this will do is configure Internet Internet Explorer to allow scripts and such to run on certain, trusted sites. This benefits the work enviroment to prevent users from visiting and downloading malicious material onto their computers, but allows them to use company web applications that require scripts.

1. Open Internet Explorer -> Tools -> Click the Security Tab

You should see 4 security zones. This is where you will outline the policys regarding certain types of sites. The globe represents the internet, and is where most of the action will happen.

2. Click the globe, press custom level below.

You will see options to enable, disable, or prompt to accept certain types of scripts. These include .net components, activex, downloads, MS virtual machine, Java, and javascripts.

Google definition of active x:

[quote]Set of platform independent technologies developed by Microsoft that enable software components to interact with one another in a networked environment, like the Internet. In addition to adding functionality within the browser (for example, by enabling Microsoft Word to be opened in a browser) Active X components can be exploited by malicious mobile code.[/quote]

Basically, it’s through these scripts that brower hijacks and popups are allowed. With these functions denied, pop ups and hijacks simply don’t work. Looking at the custom options for the internet, It’s your decision what you should allow and not allow. If your office is rampant with spyware, then consider disabling a lot. If you don’t want your users to download anything at all, then you have the option to block that as well. This should help slow things like kazaa from entering your network.

If you were to leave the settings as they are now, then your users wouldn’t be able to access the web applications with scripts to do their jobs. If your company’s site relies on java and flash, then you need to allow that do run their scripts.

1. Click the trusted sites icon (green icon with a check)
2. Click Custom level below

You will be in the same window as before, but these settings won’t change the settings of the other zone. This zone represents sites you trust, the last one represented the rest of the sites on the internet. Change the settings accordingly to allow more functionality to the sites your users need to use for their job. Warez and porn obviously not included. Once this is done-

1. Click the sites button above the custom level button
2. Uncheck the https:// option if necessary, and add the URL’s to the sites you trust.

If you work for Microsoft, then add Microsoft.com. If you do business with Amazon, then add Amazon.com to the list. Be sure to include all the sites your users will need to use. The same process is used for the intranet zone.

The Privacy Tab
In the internet options window, navigate to the privacy tab. This panel will allow you to adjust cookie handling for certain sites. Adjusting the slider will give you information about each setting. You can also click customize, and have it block all cookies. Under this tab, there is an edit sites option. You can allow your trusted sites in here as well, to accept cookies. Unfortunately, you have to add them again manually, as they aren’t imported from your other trusted sites.

Manual Ad Blocking

I don’t think I recommend this for office environments, but on an individual basis, this helps. Open the host file for your Windows OS, found in one of these places:
Win 98 or ME c:\windows
Windows 2K c:\winnt\system32\drivers\etc
Windows XP c:\windows\system32\drivers\etc

You will be editing a system file here, so the obvious warnings apply. Open the “Hosts” file with notepad. Mine looks like this:

[code]# Copyright (c) 1993-1999 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

127.0.0.1 localhost
[/code]

What this file does is associate a word with an IP. When you type http://localhost in your browser, it redirects it to your local address, “127.0.0.1″.
if you added the entry:

[code]63.146.109.212 antionline[/code]

Then by typing http://antionline in your browser would lead you to antionline.com (63.146.109.212).

This file can be used to redirect ads. These entries

[code]127.0.0.1 63.236.18.118
127.0.0.1 mjxads.internet.com[/code]

Will block the ads on Antionline.com. mjxads.internet.com is the home of the flash ads, and the IP is for the gif ads that replace them if scripting is disabled. The Ads are redirected to 127.0.0.1, and never appear in the browser. You can handle ad servers on a case by case basis, adding them to the host file. Some anti-spyware software looks at the host file, so I would be careful when running it, and adding entries to the host file. When you see this file, you might see some entrys that have been added by spyware as well. Remember, this is a system file, so the obvious warnings apply when editing it.

All suggestions, complaints and whatever are welcome.

Do not use, republish, in whole or in part, without the consent of the Author. TheTAZZone policy is that Authors retain the rights to the work they submit and/or post…we do not sell, publish, transmit, or have the right to give permission for such…TheTAZZone merely retains the right to use, retain, and publish submitted work within it’s Network

Code: Select all

Soda_Popinsky has very kindly allowed this tutorial of his to be hosted on the TAZ.

Sources (I used them a lot)
http://www.mjc1.com/mirror/hjt/
http://hjt.wizardsofwebsites.com/

What Hijack This is for, is to search key area’s of your computer that are commonly used to change your browsers settings. It doesn’t scan them, it shows you everything, and it’s your decision what can stay and what can go. Most of the entries Hijack This will come up with are legit, so it can make Hijack This somewhat tricky. You have to determine what stays and what goes.

Download Hijack this

http://209.133.47.200/~merijn/files/HijackThis.exe

If you have used ad-aware, spybot, or any other spyware removal software since your last boot, reboot your computer. Open it, click ”config” in the bottom right of the window.
edit- Because of malware restricting access to the site, merjin moves the download links around.

http://www.spywareinfo.com/~merijn/downloads.html

It should look like this when you run it:

http://www.mjc1.com/mirror/hjt/begin.png

Main settings:
Basic configuration Make sure safe mode and backups are turned on, as well as processes. Safe mode and backups will help you if you screw up.
Ignore list:
Used to help clean up your results. When you scan, you can ignore results you know are legit and they will be moved here.
Backups
When you fix entries in Hijack This, they will appear here as backups, given that you’re setting is turned on.
Misc Tools:
Generate Startup Log – I’ve never used it, but it does what it says. Shows you autoexec.bat and other things that boot up with your pc.
Uninstall
Check for update – I didn’t even know that existed until now…

The process!

Click scan in the bottom left corner, if you don’t see it, click back in the bottom right corner.
Should look like this:

http://www.mjc1.com/mirror/hjt/fix.png

A whole bunch of crazy lookin’ files will appear in the box above. About now, you have to start using common sense. If you see something like:
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

http://www.somekindapornsite.com/

Where the website shown is something you want nothing to do with, then check it. Basically, you just need to look for entries that look funny, google them, and see if they are commonly listed as a hijack or spyware.

Here is a section from http://hjt.wizardsofwebsites.com/

Two Letter Codes
After the running processes, the list of entries found by Hijack This begins. Each entry starts with a 2-letter code to say what it is. According to Hijack This’ Info, heres what each code means:
R – Registry, StartPage/SearchPage changes
R0 – Changed registry value
R1 – Created registry value
R2 – Created registry key
R3 – Created extra registry value where only one should be
F – IniFiles, autoloading entries
F0 – Changed inifile value
F1 – Created inifile value
N – Netscape/Mozilla StartPage/SearchPage changes
N1 – Change in prefs.js of Netscape 4.x
N2 – Change in prefs.js of Netscape 6
N3 – Change in prefs.js of Netscape 7
N4 – Change in prefs.js of Mozilla
O – Other, several sections which represent:
O1 – Hijack of auto.search.msn.com with Hosts file
O2 – Enumeration of existing MSIE BHO’s
O3 – Enumeration of existing MSIE toolbars
O4 – Enumeration of suspicious autoloading Registry entries
O5 – Blocking of loading Internet Options in Control Panel
O6 – Disabling of ‘Internet Options’ Main tab with Policies
O7 – Disabling of Regedit with Policies
O8 – Extra MSIE context menu items
O9 – Extra ‘Tools’ menuitems and buttons
O10 – Breaking of Internet access by New.Net or WebHancer
O11 – Extra options in MSIE ‘Advanced’ settings tab
O12 – MSIE plugins for file extensions or MIME types
O13 – Hijack of default URL prefixes
O14 – Changing of IERESET.INF
O15 – Trusted Zone Autoadd
O16 – Download Program Files item
O17 – Domain hijack
O18 – Enumeration of existing protocols
O19 – User stylesheet hijack

There is no need to memorize all of these, just read through them so you are familiar with what HJT detects.
Legitimacy Check

In the following sections, you will be asked to “check if a url is legitimate”. This means deciding if it is a URL that user would want to visit, or if it is a likely hijacker. URLs that you recognize such as Google, Yahoo!, a news website, or a ISPs website are clearly legitimate items. They do not need to fixed. If you do not recognize an item-go the URL. If the site has unending popup traps, or is in the domain of a known spyware (eg coolwwwsearch.com, gator.com, new.net, etc) is not a legitimate item. Most hijackers are sponsored search engine/portal sites. Usually they are pretty easy to detect. If it is a portal site with tons of links packed into one page, with categories such as gambling, insurance, computers, and adult, you can bet its a browser hijacker that should be fixed. If it is a search engine with the words “Pay Per Click” anywhere fix it. If it is a search engine with several or many entries for it in the R* section of Hijack This, you can also bet that its forcing itself on the user. If your not sure, ask the person if they use that site or not.
R – Registry, StartPage/SearchPage changes
Any entries whos 2 letter code begins with R should be checked to see if the URL is legitimate. Throughout this tutorials I will say “check if its legit”. To do this, use the “Legitimacy Check” rules at the top of this tutorial.
R0-Advanced Info
R1-Advanced Info
R2-Advanced Info
R3-Advanced Info
F – IniFiles, autoloading entries

Basically anything beginning with “F0″ is bad and should be fixed. F1 entries can be good or bad. Google the filename to find out what it is.
F0-Advanced Info
F1-Advanced Info
N – Netscape/Mozilla StartPage/SearchPage changes

Items that start with N are related to Netscape. These are similar to the R entries. Follow the rules for deciding if a URL is legitimate. Netscape homepages are not hijacked as often as IE though.
N1-Advanced Info
N2-Advanced Info
N3-Advanced Info
N4-Advanced Info
O – Other, several sections which represent:

O1 – Hijack of auto.search.msn.com with Hosts file
01 entries are entries in the HOSTS file. HOSTS is a way of redirecting a URL to an IP. It can be used for ad blocking, speeding up internet access, or Hijacking. If multiple URLs point to the same IP address, fix them all (UNLESS THAT IP ADDRESS IS 0.0.0.0 OR 127.0.0.1). This shows up a lot
O1 – Hosts: 216.177.73.139 auto.search.msn.com
O1 – Hosts: 216.177.73.139 search.netscape.com
O1 – Hosts: 216.177.73.139 ieautosearch
They should all be fixed, see how it redirects all searches to 216.177.73.139 (type that IP in your browser for an example of non-legit page).
O1-Advanced Info

O2 – Enumeration of existing MSIE BHO’s
The Browser Helper Object. Can’t browse with em, cant browse without em. These are sort of plugins for the browser. Each has a unique, identifying number and a filename. Use TonyKlein’s BHO list to check if each one is good or bad http://www.spywareinfo.com/bhos/ After a few logs, you will start to recognize which BHOs are safe (such as MSN Radio and NAV Antivirus). Note: any BHO with ClientMan Or Clien~1 in the filename should be fixed. Sometimes spyware tricks you into thinking its legit by using a safe-sounding filename. Check each BHO carefully!
02-Advanced Info

O3 – Enumeration of existing MSIE toolbars
03 entries are toolbars in web browsers. Most are harmless, but many bad hijackers add toolbars to the browser. If it is named “Yahoo Companion” or Google Toolbar, or something of the sort, its probably legit. You can find out what a Toolbar is at TonyKlein’s list
http://www.spywareinfo.com/toolbars/
Any toolbar with a random-seeming filename should be fixed.
O3-Advanced Info

O4- Enumeration of suspicious autoloading Registry entries
Startups from the registry. Despite the name-many legit programs show up here. Ignore entries that you recognize to be from a legit program. Use this website to find out what the rest of the entries are.
http://www.pacs-portal.co.uk/startu…tartup_full.htm
04-Advanced Info

O5 – Blocking of loading Internet Options in Control Panel
There is only one entry here, and it should be fixed. This entry stops the Internet Options from showing in Control Panel. It is used by Hijackers to hide themselves
05-Advanced Info

O6 – Disabling of ‘Internet Options’ Main tab with Policies
Internet Explorer restrictions. Unless you have used a security program to lock your browser settings, fix these. You won’t know if the user has done this or not. You can ask them, but if they have a lot of spyware, its safe to say that they should be fixed.
06-Advanced Info

O7 – Disabling of Regedit with Policies
Restricted registry access using Windows System Policies. Fix this, unless you are using a computer where it may be there on purpose eg. lab/shared/school systems.
07-Advanced Info

O8 – Extra MSIE context menu items
Extra right click options. If you don’t recognize it, search google. “Browser Pal” should always be fixed. Programs such as popup blockers or google toolbar often show up here.
08-Advanced Info

O9 – Extra ‘Tools’ menuitems and buttons
Extra toolbar buttons. If you don’t recognize it as a legit program-search google. A simple search will usually reveal if its spyware.
09-Advanced Info

O10 – Breaking of Internet access by New.Net or WebHancer
Winsock Hijacks. Using old versions of Spyware removers can cause these problems! Spybot can usually fix them, or a specialized tool such as LSPFix.
O10-Advanced Info

O11 – Extra options in MSIE ‘Advanced’ settings tab
Extra Advanced Options group in IE Adds another group of options in the Advanced section of IE’s Internet Options, which are stored in the registry. CommonName does this.
O11-Advanced Info

O12 – MSIE plugins for file extensions or MIME types
Internet Explorer plugins. Usually pretty harmless. Used by programs like Acrobat Reader.
012-Advanced Info

O13 – Hijack of default URL prefixes
Default Prefixes. Eviiil-always fix these. The default prefix (Stored in the registry) adds itself to the beginning of any URL where you did not enter the prefix. Default Prefix should be http://.
O13-Advanced Info

O14 – Changing of IERESET.INF
Reset Web Settings Follow the rules for checking if a URL is legitimate.
O14-Advanced Info

O15 – Trusted Zone Autoadd
Unwanted trusted zone site. This could be bad, but not many hijackers use them. The common one is free.aol.com. This entry can be fixed.
O15-Advanced Info

O16 – Download Program Files item
ActiveX Controls These are downloaded when you play an online game, use iPix, etc. If it is from a known game site such as Yahoo or Pogo, or the Macromedia site, its legit. Other items you can search for to find out. I usually just do a quick check over these items. Always fix them if they seem to be dialers, adult, or casino software.
016-Advanced Info

O17 – Domain hijack
Domain hijacks always include an IP address, do a WHOIS on the IP address. If it comes up with a legitimate owner (like an ISP or college) leave it. Otherwise, fix these entries.
O17-Advanced Info

O18 – Enumeration of existing protocols
Extra Protocols. These don’t show up very often, but Google will tell you what they are. I have seen LOP and CommonName use them.
O18-Advanced Info

O19 – User stylesheet hijack
Style sheet hijack. I have only seen 1 hijacker use this. If the filename is default.css, it can probably be fixed. You may want to tell the person not to fix it if they are using a custom CSS file in their browser (these are often used by colorblind, or vision disabled users).
O19-Advanced Info

Don’t remove things you aren’t sure of. If you need help, post your log in the adware section of AO and some of us can help you decide what to remove.

All done

Do not use, republish, in whole or in part, without the consent of the Author. TheTAZZone policy is that Authors retain the rights to the work they submit and/or post…we do not sell, publish, transmit, or have the right to give permission for such…TheTAZZone merely retains the right to use, retain, and publish submitted work within it’s Network

Welcome to the world of Linux. Correctly referred to as GNU/Linux, it is a full Open Source Operating System with its kernel, and there are many different distributions of it. Each of those distributions (or ‘distros’) are different flavours of Linux – some bring a different GUI desktop environment (so that it looks completely different on-screen – see KDE and Gnome), others have certain applications which others do not (for example: some bring the Instant Messaging application Kopete while others bring Gaim), the choice of package manager varies between them (like APT or Yum), and many other configurations. You can find more information on Linux at Wikipedia.

Today, we shall be using a distro called Mandriva, and its 2006 release. I have chosen it as this tutorial’s distro because it is very easy to use, brings a wide range of applications, and works brilliantly out of the box (or the ISO, in this case!) – all in all, it is highly suitable for those trying Linux for the first time. Click here to download Mandriva-Linux-Free-2006-DVD.i586.iso. This ISO is a DVD image file, and once it has finished downloading, burn it using one of the methods described on LinuxISO.com – although if you do not want to wade through all that information, just download the free BurnAtOnce to burn it to a DVD+R/DVD-R. Each individual step in this tutorial begins with a hyphen -.

-Now we can begin the installation. Go to the machine you would like to install Linux onto; the best thing to do is not to dual boot (have Linux and Windows on the same computer), because that will make the process more complicated and it may be frustrating for a new Linux user. So, backup everything on the target computer, and then insert the DVD into the drive. Restart the computer, and then as the computer starts up, you will see a screen like the one below. You should press the button advised for the “Boot Menu” or to “Change The Boot Order”. In my case, this is the Esc key.

-Then, select CD-ROM/DVD drive from the list that pops up, and after the computer begins reading the disc you should see a screen like the one below.

-Then, select your language and accept the agreement.

-Now the keyboard selection screen will come up. If the one you use does not appear, you can find it by clicking the “More” button and selecting it from the list.

-At the Security screen, simply press “Next” – the default settings are good enough. Then click “Next” on the screen after it, which tells you that accessing Microsoft partitions will only be available to root (the “administrator”).

-To keep things simple, we will choose to either “Use free space” (if you have nothing on your hard drive) or to “Erase entire disk” (to delete everything on your hard drive if there is content there).

-If you are feeling particularly adventurous, you can choose the “Custom disk partitioning” option.
Note: If you would not like to do this, please continue to the next step.
Select “Custom disk partitioning”, click “Next”, and you will be taken to the screen below. First of all, we will set up the Primary partition – this is the one in which we will place our root folder (/). Click on “Journalised FS” to set it up.



Set the size to be almost all of your hard drive, but make sure you leave a bit of space at the end – the rule I use is that the size of the remaining space should be the size of your RAM. So, in my case, I’ll leave 1GB of space. As the “Filesystem type”, select ReiserFS. The advantages of ReiserFS over other formats like ext3 is that, because of its advanced journalling techniques, it is considerably faster. Leave the mount point as root “/” – this is the highest level in the Linux filesystem; you can think of / as the C:\ of Linux.



Then, select the free space on the right of the / partition, and click on the green “Swap” button.



Allow the Swap partition to take up all of the remaining space, and leave the other default setting. Click “Ok” when you have finished.



This will take you back to the partition overview. If you are satisfied with your creation, click “Done”, and then “Ok” to write the changes to disk.

-The installation will format the hard drive, and you will soon be shown the screen below. In my opinion, it is best to tick the “Copy whole CDs” checkbox, because if you need any of the files on the DVD to install more applications in the future you will have to scramble franctically around you room looking for the DVD – not a good idea.

-Choose not to use any supplementary media at the next screen.

-And now, select the groups of packages you would like to install! Feel free to experiment with these, or if you prefer, select packages manually by ticking the “Individual package selection” at the bottom of the screen (although the group installs are perfect for our needs).

-The installation will now begin. This may about 20 minutes, but it all depends on your computer’s specifications – so I recommend you go fetch a coffee and some biscuits.

-Once the package installation has finished, you will be presented with the first “System configuration” screen. This is the root password one. For this, I advise you to choose an alphanumeric password which is impossible to remember and which you must never write down – especially if you’re security-conscious!

-At the next screen, type in your name, username (this will default to your first name), and password for the normal user.

-At the following screen, most if not all the hardware should be properly configured. If it is not it will be in red text – so select “Configure” on the right. From here, select the details as your computer’s specifications dictate. Hang in there, we’re almost done!

-I recommend you update your computer at this point, but this isn’t a necessity – it can be done later on.

-That’s it! Now choose “Reboot” to view the pièce de resistance!

-When the computer boots, the boot loader will come up. Choose “linux”.

-When Mandriva finishes loading, you will be shown the login manager screen (kdm). Enter your details and press the Enter key.

-Presto! There’s Mandriva, running the K Desktop Environment (KDE). Isn’t it beautiful?

Now, on to learn how to use a few applications – please excuse me if this seems slightly patronising!

-We’ll start with our beloved Mozilla Firefox web browser – simply click the Firefox icon on the menu bar, or go to Mandriva (star) -] Internet -] Web Browsers -] Mozilla Firefox. Click on the picture below for an overview of its main features.

-Kontact is an excellent email manager (with KMail integrated into it) – and it is so easy to use that it’s actually quite comforting. To set up an account, go to “Tools -] Configure KMail…”, and just fill in your details. You can click on its icon on the menu bar or go to Mandriva -] Internet -] Mail -] Kontact.

-An application you cannot live without – Kopete allows you to keep in touch with your friends and family through Instant Messaging, and the variety of protocols it supports is outstanding. You must try it! Accessable via the menu bar or Mandriva -] Internet -] Kopete.

-And the most successful Open Source word processor, OpenOffice.org Writer, is also preinstalled! Found in the menu at: Mandriva -] Office -] Wordprocessors -] OpenOffice.org Writer. It is extremely easy to use, and in my opinion the whole suite is more than just a rival to Microsoft Office – it is better than it.

Please play around with the other applications, because there are just so many available for Linux that browsing Sourceforge.net is actually quite good fun, and you will soon discover both the power and easy-of-use of Linux. Enjoy!

Do not use, republish, in whole or in part, without the consent of the Author. TheTAZZone policy is that Authors retain the rights to the work they submit and/or post…we do not sell, publish, transmit, or have the right to give permission for such…TheTAZZone merely retains the right to use, retain, and publish submitted work within it’s Network

Code: Select all

This paper is the work of The Master Jedi Pimpsor AKA thehorse13, who has kindly consented to it being hosted here on the TAZ.

Preface:
============
I had to work on a bunch of Apache on Win32 hosts. Typically, this is against my religion, however, I did it anyway.

While doing it, I went looking for some info on simply redirecting all traffic over HTTPS. I found all the info but some was in different places. I took a base tutorial and made some changes to it so that it had more clarity and also explained how to redirect traffic over HTTPS. Since this is not an original work, all references are cited.

This is tutorial only discusses how to get HTTPS setup with Apache for Win32. It’s nothing more.

Enjoy.

APACHE for Win32 with SSL support v 1.3
_
Original document found at:

http://www.thompsonbd.com/tutorials/apachessl.php

Version 1.2 (Up from 1.1 thanks to Mike Young)
Version 1.3 (TheHorse13)
_
_
1. Assumptions
This tutorial assumes that you already have Apache2 installed and working on a Windows server. I have Apache 2.0.52 installed on Windows Server 2000.
_This guide also assumes that you have a standard SSL cert. If you have a supercert, you’ll need to add additional lines to your virtual host in httpd.conf and ssl.conf to deal with the intermediate cert. For more information on what a SuperCert is, please see SGC SuperCert – 256-bit ssl encryption from thawte
_
TIP: Backup your existing httpd.conf file before you begin. If you run into issues, at least you can revert back to the original.
_
2. Needed Files
These are not necessarily the most up-to-date, but they worked for my install so I have included them here. You will need to download both Apache_2.0.55-Openssl_0.9.8a-Win32.zip and Openssl-0.9.8a-Win32.zip
Unzip both of these files to seperate folders.
_
Links:
======

http://brandleadershipmarketing.com….9.8a-Win32.zip

http://brandleadershipmarketing.com….9.8a-Win32.zip

_
3. Setting Up OpenSSL
Copy the files ssleay32.dll and libeay32.dll from the OpenSSL folder to WINNT\System32. Double check that you make sure you copied the dll’s and not the lib’s. Both of these DLL files will be located in the unzipped Openssl-0.9.8a-Win32 folder.
_
Copy mod_ssl.so from the unzipped Apache 2.0.55-Openssl 0.9.8a-Win32\modules folder into the \modules folder of your production Apache server’s path.
_
You also need to download openssl.cnf into the same folder where you unzipped Openssl-0.9.8a-Win32. Windows will remove the .cnf and will make this file look like a dialup icon. Just ignore it. Just make sure you have the file in the right place.
Download ssl.conf and place it in the Apache2/conf directory.
_
Links:
======

http://www.thompsonbd.com/tutorials/files/openssl.cnf

http://www.thompsonbd.com/tutorials/files/ssl.conf

_
4. Creating a test certificate
Open a command prompt. Navigate to where you unzipped Openssl-0.9.8a-Win32.
_
openssl req -config openssl.cnf -new -out my-server.csr
_
You can replace my-server.csr with whatever you want aslong as the extention is .csr. When asked for “Common Name (eg, your websites domain name)”, give the exact domain name of your web server (e.g.

www.my-server.dom

). The certificate belongs to this server name and browsers complain if the name doesn’t match.
_
openssl rsa -in privkey.pem -out my-server.key
_
This removes the passphrase from the private key. You MUST understand what this means; my-server.key should be only readable by the apache server and the administrator. You should delete the .rnd file because it contains the entropy information for creating the key and could be used for cryptographic attacks against your private key.
_
openssl x509 -in my-server.csr -out my-server.cert -req -signkey my-server.key -days 365
_
This creates a self-signed certificate that you can use until you get a “real” one from a certificate authority. (Which is optional; if you know your users, you can tell them to install the certificate into their browsers.) Note that this certificate expires after one year, you can increase -days 365 if you don’t want this.
_
TIP: Sometimes certs will have the suffix crt or cer. If this is the case, you can either rename the certificate file with the .cert suffix to match the lines in this guide or you can change the conf files to reflect whichever certificate suffix came with the certificate file. For example, if Windows sees the suffix cert, it won’t assign the nifty certificate icon to it. It only sees crt and cer as certificate suffixes and will only assign the icon to these suffixes.
_
Create a directory in the Apache folder name Apache2/conf/ssl and move my-server.key and my-server.cert into it.
_
5. Configuring Apache and mod_ssl
Open the httpd.conf file and locate the LoadModule directives.
Add:
LoadModule ssl_module modules/mod_ssl.so
_
After </IfModule> add
SSLMutex default
SSLRandomSeed startup builtin
SSLSessionCache none
In the VirtualHost directives add
<VirtualHost

www.my-domain.com:443

>
SSLEngine On
SSLCertificateFile conf/ssl/my-server.cert
SSLCertificateKeyFile conf/ssl/my-server.key
</VirtualHost>
_
TIP: To redirect all traffic to the console to the SSL automatically (otherwise, you will get pages served up on both http and https), add these lines beneath </VirtualHost>
RewriteEngine On
RewriteRule (.*) https://%{SERVER_NAME}/ [R]
_
Then be sure to uncomment the following module:
LoadModule rewrite_module modules/mod_rewrite.so

Open the ssl.conf file and set the correct ServerName (

www.my-domain.com

) and DocumentRoot. You will place the location of the secure material in the ” ” after DocumentRoot. So if your secure webpages are on your D: drive, in the folder called secure, the line should look like
DocumentRoot “D:/secure”

Provided that you haven’t made any typos, you should now be able to restart Apache and get SSL pages served up without issue. You can also remove both the zip files and the folders where you extracted Apache_2.0.55-Openssl_0.9.8a-Win32.zip and Openssl_0.9.8a-Win32.zip once you’re sure that everything is working the way you want. However, I recommend keeping the Openssl directory in the event you need to cut certs and such in the future. As for the Apache zip, all we did was pillage the mod_ssl.so file compiled for Win32 so that download is of no use.