wildweaselmi

Unassigned IANA Registered

Unassigned IANA Registered

Compression Process IANA Registered

Compression Process IANA Registered

Management Utility IANA Registered

Management Utility IANA Registered

IANA Registered TCP Port Service Multiplexer Protocol / Name: tcpmux

IANA Registered TCP Port Service Multiplexer Protocol / Name: tcpmux

With the ever changing technology and computers creating a high turnover rate on computers we own we have to worry about the data that was stored on the machine you are replacing. Here are some instructions on how to securly erase your harddrive so you can have some peace of mind knowing your data is no longer accessible/recoverable. Now truthfully it can always be recovered but would take months and months of time and 99% of the populations wouldn't want to waste there time. The only way to ensure no one gets your data is to do a high pass secure erase and then destroy your harddrive with a hammer and make sure there are alot of pieces of the actual drive. Believe it or not if the drive isn't in tiny pieces it is possible to put the drive together and recover data. Here is instructions on how to do a secure erase. First download the Ultimate Boot CD which is free (i personally prefer to download the .iso and then burn that to a CD using one of the many default CD burning programs you have on your machine). Insert the Ultimate Boot CD into your drive and turn your computer on. (Note: these instructions are based of version 4.11 of the Ultimate Boot CD) First screen you will be presented with is similar to the own shown here. Just press Enter to get to the menu. Please note if you wait to long it may try to boot to the menu on its own and it doesn't always work and requires you to reboot your machine again to get to this menu. Since you pressed enter at the screen shown above, you should now be displayed a screen like the own shown below. Go ahead and use your arrow keys to move down to the menu option "Hard Disk Tools" and press enter. You should now have a screen that looks like the one shown below which is the menu of Hard Disk Tools. Use your arrow keys to move down to the menu option "Wiping Tools" and press enter. Once pressing enter, you should have a screen like the one shown below which lists all the Hard disk wiping tools. One of the easiest and my preferred is the HDDErase v3.1. So if you follow my preference then use your arrow keys on your keyboard to move down to the menu option HDDErase v3.1 as shown below and press enter. Now things are going to move pretty fast because this selection has the majority of the menu's on an autotimer but don't worry, the program will prompt you at the end before it does anything. Since you pressed enter at the previous screen you should of seen several screens be displayed including these... If you want a HIGH secure erase you have to move fast and move down to number 6 when you see this menu. It defaults to #1 selection after a few seconds and begins running through some options. Again, you have just a few seconds to read this, but typically I just let it go and let the program work its magic. This is your last chance to stop the secure erase. Once you type "Y" and press enter, your data will start getting erased. Please note, the higher the secure erase you choose above the longer the secure erase will take. Hopefully this was helpful and is meant as a guide to be helpful and in noway do we take responsibility for the actions of these tools.

With the ever changing technology and computers creating a high turnover rate on computers we own we have to worry about the data that was stored on the machine you are replacing. Here are some instructions on how to securly erase your harddrive so you can have some peace of mind knowing your data is no longer accessible/recoverable. Now truthfully it can always be recovered but would take months and months of time and 99% of the populations wouldn't want to waste there time. The only way to ensure no one gets your data is to do a high pass secure erase and then destroy your harddrive with a hammer and make sure there are alot of pieces of the actual drive. Believe it or not if the drive isn't in tiny pieces it is possible to put the drive together and recover data. Here is instructions on how to do a secure erase. First download the Ultimate Boot CD which is free (i personally prefer to download the .iso and then burn that to a CD using one of the many default CD burning programs you have on your machine). Insert the Ultimate Boot CD into your drive and turn your computer on. (Note: these instructions are based of version 4.11 of the Ultimate Boot CD) First screen you will be presented with is similar to the own shown here. Just press Enter to get to the menu. Please note if you wait to long it may try to boot to the menu on its own and it doesn't always work and requires you to reboot your machine again to get to this menu. Since you pressed enter at the screen shown above, you should now be displayed a screen like the own shown below. Go ahead and use your arrow keys to move down to the menu option "Hard Disk Tools" and press enter. You should now have a screen that looks like the one shown below which is the menu of Hard Disk Tools. Use your arrow keys to move down to the menu option "Wiping Tools" and press enter. Once pressing enter, you should have a screen like the one shown below which lists all the Hard disk wiping tools. One of the easiest and my preferred is the HDDErase v3.1. So if you follow my preference then use your arrow keys on your keyboard to move down to the menu option HDDErase v3.1 as shown below and press enter. Now things are going to move pretty fast because this selection has the majority of the menu's on an autotimer but don't worry, the program will prompt you at the end before it does anything. Since you pressed enter at the previous screen you should of seen several screens be displayed including these... If you want a HIGH secure erase you have to move fast and move down to number 6 when you see this menu. It defaults to #1 selection after a few seconds and begins running through some options. Again, you have just a few seconds to read this, but typically I just let it go and let the program work its magic. This is your last chance to stop the secure erase. Once you type "Y" and press enter, your data will start getting erased. Please note, the higher the secure erase you choose above the longer the secure erase will take. Hopefully this was helpful and is meant as a guide to be helpful and in noway do we take responsibility for the actions of these tools.

The Cisco® Power Calculator enables you to calculate the power supply requirements for a specific Power over Ethernet (PoE) configuration. The results will show output current, output power, and system heat dissipation. The Cisco Power Calculator supports the following Cisco product switching platforms : Cisco Catalyst® 6500 Series, Catalyst 4500 Series, Catalyst 3750-E/3750, Catalyst 3560-E/3560 Series, Catalyst Express 500 Series, and the Cisco 7600 Series Router. The calculator is an educational resource and a starting point in planning your power requirements; it does not provide a final power recommendation from Cisco. To use the Cisco Power Calculator you will need to have a id and password on Cisco.com but once you do just click on this link to get sent to the Power Calculator.

The Cisco® Power Calculator enables you to calculate the power supply requirements for a specific Power over Ethernet (PoE) configuration. The results will show output current, output power, and system heat dissipation. The Cisco Power Calculator supports the following Cisco product switching platforms : Cisco Catalyst® 6500 Series, Catalyst 4500 Series, Catalyst 3750-E/3750, Catalyst 3560-E/3560 Series, Catalyst Express 500 Series, and the Cisco 7600 Series Router. The calculator is an educational resource and a starting point in planning your power requirements; it does not provide a final power recommendation from Cisco. To use the Cisco Power Calculator you will need to have a id and password on Cisco.com but once you do just click on this link to get sent to the Power Calculator.

The OSI, or Open System Interconnection, model defines a networking framework for implementing protocols in seven layers. Control is passed from one layer to the next, starting at the application layer in one station, proceeding to the bottom layer, over the channel to the next station and back up the hierarchy.

The OSI, or Open System Interconnection, model defines a networking framework for implementing protocols in seven layers. Control is passed from one layer to the next, starting at the application layer in one station, proceeding to the bottom layer, over the channel to the next station and back up the hierarchy.

Sometimes I am in the need of figuring out how many amps a certain item will draw but all I am given is the Voltage and Wattage. This link there is a calculator you can use to figure out two from two. It's really as easy as: Voltage (E) = Current (I) * Resistance ® Power (watts) = Current Squared (I^2) * Resistance ® Power = I*E = E^2 / R

Sometimes I am in the need of figuring out how many amps a certain item will draw but all I am given is the Voltage and Wattage. This link there is a calculator you can use to figure out two from two. It's really as easy as: Voltage (E) = Current (I) * Resistance ® Power (watts) = Current Squared (I^2) * Resistance ® Power = I*E = E^2 / R

In searching the internet I haven't really found an article that will help people setup a network in your home. In most cases you have one of three solutions coming into your home for Internet access. DSL (Providers of DSL internet service include Verizon, ATT, ) Cable (Providers of Cable internet service include Comcast, Charter, Wow, etc.) FIOS (Providers of Fiber internet service include ATT and Verizon) No matter what service you have, they provided you a modem to connect there service from a cable they bring into your home. With DSL they may just of used your existing phone line, with cable they may have just used your existing coax cable but with FIOS they had to bring in some new cable to a modem. On the Internet Service provided modem they have there connection and your connection at minimum. Your connection looks like an oversized phone plug and is referred to in the network world as an Ethernet RJ45 port and may possible be labeled as LAN (Local Area Network). Here are some photos of the front and back of a typical DSL modem. Please note that it may not look identical to what your DSL modem is but more then likely has the same ports. Pictures coming soon Here are some photos of the front and back of a typical Cable modem. Please not that it may not look identical to what your Cable modem is but more then likely has the same ports. Pictures coming soon Now about 90% of the world plugs there computer into the service providers modem to gain internet access. Well this means only one computer has access to the internet at one time. This poses an issue for families that each member has there own computer or what about the Nintendo Wii system or your Tivo System. How are they suppose to connect to the internet? The answer is connect the internet service provider modem to a Wireless router and share that one connection to multiple devices through a Wireless connection. Let's first talk about what you need from the store.... (1) Wireless Router (Linksys is the easiest to use and setup and is owned by the world's largest network hardware business, Cisco. I highly recommend the Linksys WRT160N which goes for about $80) (1) Ethernet cable (most Wireless Routers will come with one ethernet cable, check the box to make sure it states it has one. Also make sure its long enough to connect from where you have the internet service providers modem and where you plan on putting this new Wireless Router) (1) UPS or Battery Backup (you can use a power strip but this will keep your internet up during a power outage which is handy for us VoIP (or Vonage) users and they aren't that expensive) Once you get your Wireless Router home and unbox it, most of the time they have this annoying sticker over all the ports you need to use stating to Run CD First. This is strictly for Windows users and not intended for any other operating system. Seeing how the world consists of people using more then just Windows this tutorial is focused on non-Windows platforms. So Remove and discard sticker to reveal the ports we will be using. Looking at this picture the yellow port on the far left (labeled Internet) is where the included cable will plug into and the other end of that cable will plug into your service providers modem (DSL, Cable, FIOS). Any of the blue ports numbered 1, 2, 3 or 4 can be used for any hardware that you have that is not wireless capable but has network capability. Using one of these blue ports, take another ethernet/network cable and plug into one of the blue ports and plug the other end of that cable into the network card on your computer. (Note: this does not need to be permanent but is required to setup the router initially. After the router is setup you can disconnect the cable and utilize a wireless connection if you choose to do so). If you purchased a Battery Backup System (UPS), plug your Battery Backup System into the wall giving it power and also go ahead and unplug your service providers modem from the wall outlet and plug into the Battery Backup System. Then plug in the Power Adapter into the Wireless Router and into your UPS/Battery Backup System. (Note: the more items you plug into the Battery Backup System the quicker the battery will drain on a power outage. I recommend only what is necessary to maintain your internet connection & phone) Now that you should have power to your Battery Backup System, Service Providers Modem and your Wireless Router we are now ready to configure the Wireless Router. By default, most wireless routers are not providing you with an IP address yet so your computer doesn't know how to talk to the router yet so we need to assign it an IP address manually. All Linksys Routers all come pre-configured with a private address of 192.168.1.1 which means you need to assign your machine an IP address 192.168.1.2 - 254 are your choices. For simplicity sake, let's go with: IP Address: 192.168.1.5 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.1.1 Of course you may not know how to set this information manually in your system. Windows XP: Start - Control Panel - Network Settings - Local Area Connection (if you have more then one, look for the one that says Connected under the column Status) - Properties - Internet Protocol (TPC/IP) Properties Mac OS X: Finder - Applications - System Preferences - Network - Ethernet (if more then one, look for the one that says connected) - Next to Configure change from DHCP to Manually Now you have manually set your IP address, open up your Internet Browser (Firefox, Safari, Internet Explorer) and you should be able to access the internet. Of course we aren't done because we must setup some security. So in your browser type: http://192.168.1.1 You should get prompted to login with a username and password. With linksys there are no usernames so leave that blank but type admin (all lowercase letters) in the password box and click Ok to login. First change the password to access this settings page. Everyone knows its no username and admin as a password so change it to something else that you won't forget. So click on the Administration Tab and enter your new password where it says Router Password Next step is to setup your Wireless so only people you authorize can use your network/internet. Click on the Wireless Tab. Change the Wireless Network Name (SSID) to be something that identifies this network. When someone is looking for a wireless network on there computer, this name will be advertised. Next, click on Wireless Security. I suggest using WPA2 Personal which allows you to assign a password which is used to log into your network/internet. Here if someone found my Wireless network called MyWiseGuys.com(1) and clicked on it to join, they would be prompted for a password which they would have to enter mysupersecretpassword to gain access. If you click on the Setup Tab there is a couple of things to check. You need to know is your Internet Connection Type. By default, your Router is setup for Automatic Configuration - DHCP which is typical of most cable internet service providers. If you have DSL then your option is more likely PPPoE which will prompt you for your username and password used to connect to the internet. Make sure DHCP Server is Enabled. Now from your computer you should now be able to obtain an IP address automatically. You should also be able to setup your other wireless network devices like your Ninetendo Wii and Tivo to connect to your Wireless Router so they may gain network access as well. Here is a YouTube video that will show you how to install a linksys wireless router I hope you liked this document if so your feedback is most appreciated.

In searching the internet I haven't really found an article that will help people setup a network in your home. In most cases you have one of three solutions coming into your home for Internet access. DSL (Providers of DSL internet service include Verizon, ATT, ) Cable (Providers of Cable internet service include Comcast, Charter, Wow, etc.) FIOS (Providers of Fiber internet service include ATT and Verizon) No matter what service you have, they provided you a modem to connect there service from a cable they bring into your home. With DSL they may just of used your existing phone line, with cable they may have just used your existing coax cable but with FIOS they had to bring in some new cable to a modem. On the Internet Service provided modem they have there connection and your connection at minimum. Your connection looks like an oversized phone plug and is referred to in the network world as an Ethernet RJ45 port and may possible be labeled as LAN (Local Area Network). Here are some photos of the front and back of a typical DSL modem. Please note that it may not look identical to what your DSL modem is but more then likely has the same ports. Pictures coming soon Here are some photos of the front and back of a typical Cable modem. Please not that it may not look identical to what your Cable modem is but more then likely has the same ports. Pictures coming soon Now about 90% of the world plugs there computer into the service providers modem to gain internet access. Well this means only one computer has access to the internet at one time. This poses an issue for families that each member has there own computer or what about the Nintendo Wii system or your Tivo System. How are they suppose to connect to the internet? The answer is connect the internet service provider modem to a Wireless router and share that one connection to multiple devices through a Wireless connection. Let's first talk about what you need from the store.... (1) Wireless Router (Linksys is the easiest to use and setup and is owned by the world's largest network hardware business, Cisco. I highly recommend the Linksys WRT160N which goes for about $80) (1) Ethernet cable (most Wireless Routers will come with one ethernet cable, check the box to make sure it states it has one. Also make sure its long enough to connect from where you have the internet service providers modem and where you plan on putting this new Wireless Router) (1) UPS or Battery Backup (you can use a power strip but this will keep your internet up during a power outage which is handy for us VoIP (or Vonage) users and they aren't that expensive) Once you get your Wireless Router home and unbox it, most of the time they have this annoying sticker over all the ports you need to use stating to Run CD First. This is strictly for Windows users and not intended for any other operating system. Seeing how the world consists of people using more then just Windows this tutorial is focused on non-Windows platforms. So Remove and discard sticker to reveal the ports we will be using. Looking at this picture the yellow port on the far left (labeled Internet) is where the included cable will plug into and the other end of that cable will plug into your service providers modem (DSL, Cable, FIOS). Any of the blue ports numbered 1, 2, 3 or 4 can be used for any hardware that you have that is not wireless capable but has network capability. Using one of these blue ports, take another ethernet/network cable and plug into one of the blue ports and plug the other end of that cable into the network card on your computer. (Note: this does not need to be permanent but is required to setup the router initially. After the router is setup you can disconnect the cable and utilize a wireless connection if you choose to do so). If you purchased a Battery Backup System (UPS), plug your Battery Backup System into the wall giving it power and also go ahead and unplug your service providers modem from the wall outlet and plug into the Battery Backup System. Then plug in the Power Adapter into the Wireless Router and into your UPS/Battery Backup System. (Note: the more items you plug into the Battery Backup System the quicker the battery will drain on a power outage. I recommend only what is necessary to maintain your internet connection & phone) Now that you should have power to your Battery Backup System, Service Providers Modem and your Wireless Router we are now ready to configure the Wireless Router. By default, most wireless routers are not providing you with an IP address yet so your computer doesn't know how to talk to the router yet so we need to assign it an IP address manually. All Linksys Routers all come pre-configured with a private address of 192.168.1.1 which means you need to assign your machine an IP address 192.168.1.2 - 254 are your choices. For simplicity sake, let's go with: IP Address: 192.168.1.5 Subnet Mask: 255.255.255.0 Default Gateway: 192.168.1.1 Of course you may not know how to set this information manually in your system. Windows XP: Start - Control Panel - Network Settings - Local Area Connection (if you have more then one, look for the one that says Connected under the column Status) - Properties - Internet Protocol (TPC/IP) Properties Mac OS X: Finder - Applications - System Preferences - Network - Ethernet (if more then one, look for the one that says connected) - Next to Configure change from DHCP to Manually Now you have manually set your IP address, open up your Internet Browser (Firefox, Safari, Internet Explorer) and you should be able to access the internet. Of course we aren't done because we must setup some security. So in your browser type: http://192.168.1.1 You should get prompted to login with a username and password. With linksys there are no usernames so leave that blank but type admin (all lowercase letters) in the password box and click Ok to login. First change the password to access this settings page. Everyone knows its no username and admin as a password so change it to something else that you won't forget. So click on the Administration Tab and enter your new password where it says Router Password Next step is to setup your Wireless so only people you authorize can use your network/internet. Click on the Wireless Tab. Change the Wireless Network Name (SSID) to be something that identifies this network. When someone is looking for a wireless network on there computer, this name will be advertised. Next, click on Wireless Security. I suggest using WPA2 Personal which allows you to assign a password which is used to log into your network/internet. Here if someone found my Wireless network called MyWiseGuys.com(1) and clicked on it to join, they would be prompted for a password which they would have to enter mysupersecretpassword to gain access. If you click on the Setup Tab there is a couple of things to check. You need to know is your Internet Connection Type. By default, your Router is setup for Automatic Configuration - DHCP which is typical of most cable internet service providers. If you have DSL then your option is more likely PPPoE which will prompt you for your username and password used to connect to the internet. Make sure DHCP Server is Enabled. Now from your computer you should now be able to obtain an IP address automatically. You should also be able to setup your other wireless network devices like your Ninetendo Wii and Tivo to connect to your Wireless Router so they may gain network access as well. Here is a YouTube video that will show you how to install a linksys wireless router I hope you liked this document if so your feedback is most appreciated.

Introduction One of the most commonly seen questions when dealing with firewalls and other Internet connectivity issues is the difference between active and passive FTP and how best to support either or both of them. Hopefully the following text will help to clear up some of the confusion over how to support FTP in a firewalled environment. Basics FTP is a TCP based service exclusively. There is no UDP component to FTP. FTP is an unusual service in that it utilizes two ports, a 'data' port and a 'command' port (also known as the control port). Traditionally these are port 21 for the command port and port 20 for the data port. The confusion begins however, when we find that depending on the mode, the data port is not always on port 20. Active FTP In active mode FTP the client connects from a random unprivileged port (N > 1023) to the FTP server's command port, port 21. Then, the client starts listening to port N+1 and sends the FTP command PORT N+1 to the FTP server. The server will then connect back to the client's specified data port from its local data port, which is port 20. From the server-side firewall's standpoint, to support active mode FTP the following communication channels need to be opened: FTP server's port 21 from anywhere (Client initiates connection) FTP server's port 21 to ports > 1023 (Server responds to client's control port) FTP server's port 20 to ports > 1023 (Server initiates data connection to client's data port) FTP server's port 20 from ports > 1023 (Client sends ACKs to server's data port) When drawn out, the connection appears as follows: In step 1, the client's command port contacts the server's command port and sends the command PORT 1027. The server then sends an ACK back to the client's command port in step 2. In step 3 the server initiates a connection on its local data port to the data port the client specified earlier. Finally, the client sends an ACK back as shown in step 4. The main problem with active mode FTP actually falls on the client side. The FTP client doesn't make the actual connection to the data port of the server--it simply tells the server what port it is listening on and the server connects back to the specified port on the client. From the client side firewall this appears to be an outside system initiating a connection to an internal client--something that is usually blocked. Active FTP example Below is an actual example of an active FTP session. The only things that have been changed are the server names, IP addresses, and user names. In this example an FTP session is initiated from testbox1.sitename.com (192.168.101.15), a linux box running the standard FTP command line client, to testbox2.sitename.com (192.168.150.90), a linux box running ProFTPd 1.2.2RC2. The debugging (-d) flag is used with the FTP client to show what is going on behind the scenes. Everything in red is the debugging output which shows the actual FTP commands being sent to the server and the responses generated from those commands. Normal server output is shown in black, and user input is in bold. There are a few interesting things to consider about this dialog. Notice that when the PORT command is issued, it specifies a port on the client (192.168.101.15) system, rather than the server. We will see the opposite behavior when we use passive FTP. While we are on the subject, a quick note about the format of the PORT command. As you can see in the example below it is formatted as a series of six numbers separated by commas. The first four octets are the IP address while the last two octets comprise the port that will be used for the data connection. To find the actual port multiply the fifth octet by 256 and then add the sixth octet to the total. Thus in the example below the port number is ( (14*256) + 178), or 3762. A quick check with netstat should confirm this information. Passive FTP In order to resolve the issue of the server initiating the connection to the client a different method for FTP connections was developed. This was known as passive mode, or PASV, after the command used by the client to tell the server it is in passive mode. In passive mode FTP the client initiates both connections to the server, solving the problem of firewalls filtering the incoming data port connection to the client from the server. When opening an FTP connection, the client opens two random unprivileged ports locally (N > 1023 and N+1). The first port contacts the server on port 21, but instead of then issuing a PORT command and allowing the server to connect back to its data port, the client will issue the PASV command. The result of this is that the server then opens a random unprivileged port (P > 1023) and sends the PORT P command back to the client. The client then initiates the connection from port N+1 to port P on the server to transfer data. From the server-side firewall's standpoint, to support passive mode FTP the following communication channels need to be opened: FTP server's port 21 from anywhere (Client initiates connection) FTP server's port 21 to ports > 1023 (Server responds to client's control port) FTP server's ports > 1023 from anywhere (Client initiates data connection to random port specified by server) FTP server's ports > 1023 to remote ports > 1023 (Server sends ACKs (and data) to client's data port) When drawn, a passive mode FTP connection looks like this: In step 1, the client contacts the server on the command port and issues the PASV command. The server then replies in step 2 with PORT 2024, telling the client which port it is listening to for the data connection. In step 3 the client then initiates the data connection from its data port to the specified server data port. Finally, the server sends back an ACK in step 4 to the client's data port. While passive mode FTP solves many of the problems from the client side, it opens up a whole range of problems on the server side. The biggest issue is the need to allow any remote connection to high numbered ports on the server. Fortunately, many FTP daemons, including the popular WU-FTPD allow the administrator to specify a range of ports which the FTP server will use. See Appendix 1 for more information. The second issue involves supporting and troubleshooting clients which do (or do not) support passive mode. As an example, the command line FTP utility provided with Solaris does not support passive mode, necessitating a third-party FTP client, such as ncftp. With the massive popularity of the World Wide Web, many people prefer to use their web browser as an FTP client. Most browsers only support passive mode when accessing ftp:// URLs. This can either be good or bad depending on what the servers and firewalls are configured to support. Passive FTP Example Below is an actual example of a passive FTP session. The only things that have been changed are the server names, IP addresses, and user names. In this example an FTP session is initiated from testbox1.sitename.com (192.168.101.15), a linux box running the standard FTP command line client, to testbox2.sitename.com (192.168.101.25), a linux box running ProFTPd 1.2.2RC2. The debugging (-d) flag is used with the FTP client to show what is going on behind the scenes. Everything in red is the debugging output which shows the actual FTP commands being sent to the server and the responses generated from those commands. Normal server output is shown in black, and user input is in bold. Notice the difference in the PORT command in this example as opposed to the active FTP example. Here, we see a port being opened on the server (192.168.101.25) system, rather than the client. See the discussion about the format of the PORT command above, in the Active FTP Example section. Active FTP will not function when used in conjunction with a client-side NAT (Network Address Translation) device which is not smart enough to alter the IP address info in FTP packets. Summary The following chart should help admins remember how each FTP mode works: Active FTP : command : client >1023 -> server 21 data : client >1023 Passive FTP : command : client >1023 -> server 21 data : client >1023 -> server >1023 A quick summary of the pros and cons of active vs. passive FTP is also in order: Active FTP is beneficial to the FTP server admin, but detrimental to the client side admin. The FTP server attempts to make connections to random high ports on the client, which would almost certainly be blocked by a firewall on the client side. Passive FTP is beneficial to the client, but detrimental to the FTP server admin. The client will make both connections to the server, but one of them will be to a random high port, which would almost certainly be blocked by a firewall on the server side. Luckily, there is somewhat of a compromise. Since admins running FTP servers will need to make their servers accessible to the greatest number of clients, they will almost certainly need to support passive FTP. The exposure of high level ports on the server can be minimized by specifying a limited port range for the FTP server to use. Thus, everything except for this range of ports can be firewalled on the server side. While this doesn't eliminate all risk to the server, it decreases it tremendously.

Introduction One of the most commonly seen questions when dealing with firewalls and other Internet connectivity issues is the difference between active and passive FTP and how best to support either or both of them. Hopefully the following text will help to clear up some of the confusion over how to support FTP in a firewalled environment. Basics FTP is a TCP based service exclusively. There is no UDP component to FTP. FTP is an unusual service in that it utilizes two ports, a 'data' port and a 'command' port (also known as the control port). Traditionally these are port 21 for the command port and port 20 for the data port. The confusion begins however, when we find that depending on the mode, the data port is not always on port 20. Active FTP In active mode FTP the client connects from a random unprivileged port (N > 1023) to the FTP server's command port, port 21. Then, the client starts listening to port N+1 and sends the FTP command PORT N+1 to the FTP server. The server will then connect back to the client's specified data port from its local data port, which is port 20. From the server-side firewall's standpoint, to support active mode FTP the following communication channels need to be opened: FTP server's port 21 from anywhere (Client initiates connection) FTP server's port 21 to ports > 1023 (Server responds to client's control port) FTP server's port 20 to ports > 1023 (Server initiates data connection to client's data port) FTP server's port 20 from ports > 1023 (Client sends ACKs to server's data port) When drawn out, the connection appears as follows: In step 1, the client's command port contacts the server's command port and sends the command PORT 1027. The server then sends an ACK back to the client's command port in step 2. In step 3 the server initiates a connection on its local data port to the data port the client specified earlier. Finally, the client sends an ACK back as shown in step 4. The main problem with active mode FTP actually falls on the client side. The FTP client doesn't make the actual connection to the data port of the server--it simply tells the server what port it is listening on and the server connects back to the specified port on the client. From the client side firewall this appears to be an outside system initiating a connection to an internal client--something that is usually blocked. Active FTP example Below is an actual example of an active FTP session. The only things that have been changed are the server names, IP addresses, and user names. In this example an FTP session is initiated from testbox1.sitename.com (192.168.101.15), a linux box running the standard FTP command line client, to testbox2.sitename.com (192.168.150.90), a linux box running ProFTPd 1.2.2RC2. The debugging (-d) flag is used with the FTP client to show what is going on behind the scenes. Everything in red is the debugging output which shows the actual FTP commands being sent to the server and the responses generated from those commands. Normal server output is shown in black, and user input is in bold. There are a few interesting things to consider about this dialog. Notice that when the PORT command is issued, it specifies a port on the client (192.168.101.15) system, rather than the server. We will see the opposite behavior when we use passive FTP. While we are on the subject, a quick note about the format of the PORT command. As you can see in the example below it is formatted as a series of six numbers separated by commas. The first four octets are the IP address while the last two octets comprise the port that will be used for the data connection. To find the actual port multiply the fifth octet by 256 and then add the sixth octet to the total. Thus in the example below the port number is ( (14*256) + 178), or 3762. A quick check with netstat should confirm this information. Passive FTP In order to resolve the issue of the server initiating the connection to the client a different method for FTP connections was developed. This was known as passive mode, or PASV, after the command used by the client to tell the server it is in passive mode. In passive mode FTP the client initiates both connections to the server, solving the problem of firewalls filtering the incoming data port connection to the client from the server. When opening an FTP connection, the client opens two random unprivileged ports locally (N > 1023 and N+1). The first port contacts the server on port 21, but instead of then issuing a PORT command and allowing the server to connect back to its data port, the client will issue the PASV command. The result of this is that the server then opens a random unprivileged port (P > 1023) and sends the PORT P command back to the client. The client then initiates the connection from port N+1 to port P on the server to transfer data. From the server-side firewall's standpoint, to support passive mode FTP the following communication channels need to be opened: FTP server's port 21 from anywhere (Client initiates connection) FTP server's port 21 to ports > 1023 (Server responds to client's control port) FTP server's ports > 1023 from anywhere (Client initiates data connection to random port specified by server) FTP server's ports > 1023 to remote ports > 1023 (Server sends ACKs (and data) to client's data port) When drawn, a passive mode FTP connection looks like this: In step 1, the client contacts the server on the command port and issues the PASV command. The server then replies in step 2 with PORT 2024, telling the client which port it is listening to for the data connection. In step 3 the client then initiates the data connection from its data port to the specified server data port. Finally, the server sends back an ACK in step 4 to the client's data port. While passive mode FTP solves many of the problems from the client side, it opens up a whole range of problems on the server side. The biggest issue is the need to allow any remote connection to high numbered ports on the server. Fortunately, many FTP daemons, including the popular WU-FTPD allow the administrator to specify a range of ports which the FTP server will use. See Appendix 1 for more information. The second issue involves supporting and troubleshooting clients which do (or do not) support passive mode. As an example, the command line FTP utility provided with Solaris does not support passive mode, necessitating a third-party FTP client, such as ncftp. With the massive popularity of the World Wide Web, many people prefer to use their web browser as an FTP client. Most browsers only support passive mode when accessing ftp:// URLs. This can either be good or bad depending on what the servers and firewalls are configured to support. Passive FTP Example Below is an actual example of a passive FTP session. The only things that have been changed are the server names, IP addresses, and user names. In this example an FTP session is initiated from testbox1.sitename.com (192.168.101.15), a linux box running the standard FTP command line client, to testbox2.sitename.com (192.168.101.25), a linux box running ProFTPd 1.2.2RC2. The debugging (-d) flag is used with the FTP client to show what is going on behind the scenes. Everything in red is the debugging output which shows the actual FTP commands being sent to the server and the responses generated from those commands. Normal server output is shown in black, and user input is in bold. Notice the difference in the PORT command in this example as opposed to the active FTP example. Here, we see a port being opened on the server (192.168.101.25) system, rather than the client. See the discussion about the format of the PORT command above, in the Active FTP Example section. Active FTP will not function when used in conjunction with a client-side NAT (Network Address Translation) device which is not smart enough to alter the IP address info in FTP packets. Summary The following chart should help admins remember how each FTP mode works: Active FTP : command : client >1023 -> server 21 data : client >1023 Passive FTP : command : client >1023 -> server 21 data : client >1023 -> server >1023 A quick summary of the pros and cons of active vs. passive FTP is also in order: Active FTP is beneficial to the FTP server admin, but detrimental to the client side admin. The FTP server attempts to make connections to random high ports on the client, which would almost certainly be blocked by a firewall on the client side. Passive FTP is beneficial to the client, but detrimental to the FTP server admin. The client will make both connections to the server, but one of them will be to a random high port, which would almost certainly be blocked by a firewall on the server side. Luckily, there is somewhat of a compromise. Since admins running FTP servers will need to make their servers accessible to the greatest number of clients, they will almost certainly need to support passive FTP. The exposure of high level ports on the server can be minimized by specifying a limited port range for the FTP server to use. Thus, everything except for this range of ports can be firewalled on the server side. While this doesn't eliminate all risk to the server, it decreases it tremendously.

“Stay connected to the Internet wherever you go by using your BlackBerry Curve (8300) as a Bluetooth modem for your OS-X-powered Macintosh…” This tutorial guides you through the process of connecting wirelessly to the Internet using your BlackBerry Curve (8300) as a Bluetooth modem for your Macintosh (running OS X) via native Bluetooth functionality. The benefits of such wireless connectivity are numerous, enabling greater productivity and maximized Internet access. The procedure is straightforward, and the tutorial assumes no prior knowledge of either Bluetooth or BlackBerry. Knowing your way around a Mac will help, but is not required. Note that using your BlackBerry as a wireless modem for your Mac (or any computer) is classified as tethering, and may or may not be covered by your wireless plan. Requirements: Macintosh running OS X with Bluetooth BlackBerry Curve (8300) with Internet access Custom Research In Motion modem script All set? Let’s get started… Install the BlackBerry Modem Script Extract the custom Research In Motion modem script then copy the folder (BlackBerry.ccl) to the “Modem Scripts” directory on your Mac: Finder ? Hard Disk ? Library ? Modem Scripts Pair the BlackBerry Curve with your Mac Okay, now to pair the BlackBerry and Mac via Bluetooth. Crack open your BlackBerry, go to “Manage Connections”, and enable Bluetooth via checkmark (the icon should then show a yellow minus icon). 1) Turn on bluetooth on your phone and make it discoverable 2) Open bluetooth preferences on your computer and make it search for devices 3) Once its found your device start the pairing and put in the passkey. Configure the Bluetooth Connection So far so good. We are almost finished! Now it is time to configure the Bluetooth connection. You will then see an option that says "access the internet with your phone's data connection" make sure this is check marked then click continue The next screen will prompt you for the following information phone vendor: Research in Motion phone model: it should give 3 options 8100, 8800, 8700 (I tested it using the 8800 settings for my bold and curve both worked) Username: Password: Phone number: For the username, pass, and number find your carrier under here (don’t have at&t someone please post it) Data Connection Settings Rogers Username: wapuser1 Password: wap Phone number: internet.com Cingular Username: [email protected] Password: CINGULAR1 Phone Number: wap.cingular Or Username: [email protected] Password: CINGULAR1 Phone Number: ISP.CINGULAR T-Mobile Username: guest Password: guest Phone Number: wap.voicestream.com And finally, select “Show Modem status in the menu bar” and then click “Continue” and on the next screen quit then quit Connect using your Blackberry In your menu bar, you should see a phone, click on the phone then click on Connect Bluetooth (You should see status Connecting, Authenticating, then once you see numbers (which is your connect time) you should be able to browse the internet.)

“Stay connected to the Internet wherever you go by using your BlackBerry Curve (8300) as a Bluetooth modem for your OS-X-powered Macintosh…” This tutorial guides you through the process of connecting wirelessly to the Internet using your BlackBerry Curve (8300) as a Bluetooth modem for your Macintosh (running OS X) via native Bluetooth functionality. The benefits of such wireless connectivity are numerous, enabling greater productivity and maximized Internet access. The procedure is straightforward, and the tutorial assumes no prior knowledge of either Bluetooth or BlackBerry. Knowing your way around a Mac will help, but is not required. Note that using your BlackBerry as a wireless modem for your Mac (or any computer) is classified as tethering, and may or may not be covered by your wireless plan. Requirements: Macintosh running OS X with Bluetooth BlackBerry Curve (8300) with Internet access Custom Research In Motion modem script All set? Let’s get started… Install the BlackBerry Modem Script Extract the custom Research In Motion modem script then copy the folder (BlackBerry.ccl) to the “Modem Scripts” directory on your Mac: Finder ? Hard Disk ? Library ? Modem Scripts Pair the BlackBerry Curve with your Mac Okay, now to pair the BlackBerry and Mac via Bluetooth. Crack open your BlackBerry, go to “Manage Connections”, and enable Bluetooth via checkmark (the icon should then show a yellow minus icon). 1) Turn on bluetooth on your phone and make it discoverable 2) Open bluetooth preferences on your computer and make it search for devices 3) Once its found your device start the pairing and put in the passkey. Configure the Bluetooth Connection So far so good. We are almost finished! Now it is time to configure the Bluetooth connection. You will then see an option that says "access the internet with your phone's data connection" make sure this is check marked then click continue The next screen will prompt you for the following information phone vendor: Research in Motion phone model: it should give 3 options 8100, 8800, 8700 (I tested it using the 8800 settings for my bold and curve both worked) Username: Password: Phone number: For the username, pass, and number find your carrier under here (don’t have at&t someone please post it) Data Connection Settings Rogers Username: wapuser1 Password: wap Phone number: internet.com Cingular Username: [email protected] Password: CINGULAR1 Phone Number: wap.cingular Or Username: [email protected] Password: CINGULAR1 Phone Number: ISP.CINGULAR T-Mobile Username: guest Password: guest Phone Number: wap.voicestream.com And finally, select “Show Modem status in the menu bar” and then click “Continue” and on the next screen quit then quit Connect using your Blackberry In your menu bar, you should see a phone, click on the phone then click on Connect Bluetooth (You should see status Connecting, Authenticating, then once you see numbers (which is your connect time) you should be able to browse the internet.)

First, make sure Bluetooth on your Q is activated by going to Start>Bluetooth>Bluetooth manager>Settings In the settings make sure Bluetooth is ON, and click the Allow other Bluetooth devices to see the phone -Now link your Q to your Powerbook by going to System Preferences>Bluetooth on your Mac Click on the Devices tab, and then click Set Up New Device Select Mobile Phone and the on screen instructions should walk you through. For now it will only list Address Book as a check item You will also have to input a passcode from your Mac to the Q during this process After linking the Q, go to the Bluetooth menu (main menu bar) and select Browse Device Select the Q and a browse window should open Download the Resco Explorer 2005 .CAB file here: Resco Explorer 2005 for Smartphone: Downloads Download the Resco Registry module here: Dedicated free file hosting upload storage space - 1_Registry_s.ARM.CAB Download the hacked reg file here at Howards Forums. Drag the three files you just downloaded over to the Q (note, unzip the hacked registry file first) On the Q, go to File Manager>My Documents You should see all three files you just transferred there Start by clicking on the Resco Explorer.CAB file. That should install the Explorer app Next click on the Registry_s.ARM.Cab file. That should install the second part. Ignore any warnings that say these apps aren't designed for your OS Next attempt to click on the q-bt-hack.reg file. It may auto add to the registry, probably not. If it didn't auto add, go back to the Q’s home screen, hit start, and find and open the Resco Explorer application Navigate to your My Documents using the Explorer app Now click again on the q-bt-hack.reg file It should now ask if you want to add this to your registry file....say yes Turn the phone off and remove battery for more than 30 secs Restart phone Type ##342587 and then hit send Change the option menu to 'enabled' and then exit. Head back to System Preferences on your Mac, and go to Bluetooth again Click on your Q device in the list and hit Configure A new option to 'connect to internet' should now be available to check Hit continue and it will ask for the settings username is your cell phone number [email protected] Password is vzw Number to dial is #777 I use the Verizon 1x EVDO modem script (PM user Bill Alexander for script if you want it) Others use the stock OS X Verizon Support PC 5200 script with success Leave the 'show modem in menu' box checked. That should do it. Go to the modem icon in the menu bar and select connect. You should now be connected to the net.

First, make sure Bluetooth on your Q is activated by going to Start>Bluetooth>Bluetooth manager>Settings In the settings make sure Bluetooth is ON, and click the Allow other Bluetooth devices to see the phone -Now link your Q to your Powerbook by going to System Preferences>Bluetooth on your Mac Click on the Devices tab, and then click Set Up New Device Select Mobile Phone and the on screen instructions should walk you through. For now it will only list Address Book as a check item You will also have to input a passcode from your Mac to the Q during this process After linking the Q, go to the Bluetooth menu (main menu bar) and select Browse Device Select the Q and a browse window should open Download the Resco Explorer 2005 .CAB file here: Resco Explorer 2005 for Smartphone: Downloads Download the Resco Registry module here: Dedicated free file hosting upload storage space - 1_Registry_s.ARM.CAB Download the hacked reg file here at Howards Forums. Drag the three files you just downloaded over to the Q (note, unzip the hacked registry file first) On the Q, go to File Manager>My Documents You should see all three files you just transferred there Start by clicking on the Resco Explorer.CAB file. That should install the Explorer app Next click on the Registry_s.ARM.Cab file. That should install the second part. Ignore any warnings that say these apps aren't designed for your OS Next attempt to click on the q-bt-hack.reg file. It may auto add to the registry, probably not. If it didn't auto add, go back to the Q’s home screen, hit start, and find and open the Resco Explorer application Navigate to your My Documents using the Explorer app Now click again on the q-bt-hack.reg file It should now ask if you want to add this to your registry file....say yes Turn the phone off and remove battery for more than 30 secs Restart phone Type ##342587 and then hit send Change the option menu to 'enabled' and then exit. Head back to System Preferences on your Mac, and go to Bluetooth again Click on your Q device in the list and hit Configure A new option to 'connect to internet' should now be available to check Hit continue and it will ask for the settings username is your cell phone number [email protected] Password is vzw Number to dial is #777 I use the Verizon 1x EVDO modem script (PM user Bill Alexander for script if you want it) Others use the stock OS X Verizon Support PC 5200 script with success Leave the 'show modem in menu' box checked. That should do it. Go to the modem icon in the menu bar and select connect. You should now be connected to the net.

Overview: - Setup modem script on Mac - Setup modem function on phone - Setup Network Connection on Mac - Test Connection Setup modem script on Mac: - Download the modem script file - Uncompress the file with Stuffit Expander - Find the file “Generic 3G CID1? and copy to “/Library/Modem Scripts” Setup modem function on phone: - Go to “Home > Start > Settings > Connections > USB” - Choose “USB connection setting: Modem” - Choose “Done” - Connect phone to mac via USB cable Setup Network Connection on Mac: - Go to “Apple > System Preferences… > Network” - When modem recognized as “SAMSUNG CDMA Technologies” choose “OK” - Choose “Show: SAMSUNG CDMA Technologies” - Enter “Account Name: [email protected]” - Enter “Password: CINGULAR1? - Enter “Telephone Number: isp.cingular” - Go to “Modem” Tab - Choose “Modem: Generic 3G CID1? - Check “Show modem status in menu bar” - Choose “Apply Now” - Go to icon of phone in menu bar - Choose “Connect” Test Connection: - Quit all browsers - Disconnect any other internet connections (i.e. ethernet or wifi) - Open Firefox - Do a Speed Test Whew! That wasn’t so bad now was it? It took me awhile to find the right settings. I was following HowardForums but to no avail. Then, someone on the Cingular Forums got it to work. I just tested my speed and am getting 604 kbps down and 329 kbps up which is comparable to DSL broadband. Now I can get broadband access anywhere I get 3G signal. When there is no 3G service, there is usually EDGE service available which will drop the speed down to dial up speeds. A few caveats. Using your phone as a USB modem will severely drain the phone’s battery because when it is in modem mode it won’t get charged over the USB. It charges over USB when it is in not in modem mode however. The phone comes with an extra battery and a separate charger which is a workaround. If we could get bluetooth DUN working instead, then we could charge the phone over USB and use the phone as a bluetooth modem at the same time. That would be way more convenient, however, speeds over bluetooth would be slower than a wired USB connection. I hope this tutorial helps. I love my new BlackJack!